last executing test programs:

10.139282507s ago: executing program 3 (id=649):
r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x40, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
io_uring_setup$auto(0x86, 0x0)
socket(0x10, 0x4, 0xffffffc0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948e, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8, 0x0, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010325bd7040ffdbdf250a0000000c0002006e6c383032313100"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810)
write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r5 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="00012cbd7000fedbdf257f0000000600f700050b00000600b10005000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
io_setup$auto(0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000001c0)=""/176, 0xb0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x42, 0x0)
fchown$auto(r0, 0x0, 0x0)

9.131109255s ago: executing program 3 (id=652):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000)
connect$auto(0x3, 0x0, 0x55)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0)
bpf$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

8.936634827s ago: executing program 1 (id=655):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0xc, 0x0)
io_uring_setup$auto(0x4, 0x0)
r0 = open(0x0, 0x4242, 0xe1d2b27bdc14aab8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff)
mmap$auto(0x3, 0x5, 0x2000006, 0xeb1, r1, 0xfd87)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xa02, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
read$auto(r3, 0x0, 0x20)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x3}, 0x3)
ioctl$auto_USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4008550d, 0x0)
pwritev$auto(0xffffffffffffffff, 0x0, 0x5, 0x5, 0x9)
fcntl$auto(r0, 0x400, 0x1)
setrlimit$auto(0x1000000007, 0x0)
socket(0x1d, 0x3, 0x1)
write$auto(0x3, 0x0, 0x7fffffff)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/shm_rmid_forced\x00', 0x42a81, 0x0)
getsockopt$auto_SO_TXREHASH(r4, 0x5, 0x4a, &(0x7f0000000000)='/proc/sys/kernel/shm_rmid_forced\x00', &(0x7f00000000c0)=0xffffff65)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
socket(0x2, 0x1, 0x0)
getsockopt$auto(0x4, 0x200000000, 0x15, 0xfffffffffffffffc, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0)
sendfile$auto(r4, r5, 0x0, 0x1000200)

7.692369161s ago: executing program 2 (id=656):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';')
socket(0xa, 0x1, 0x100)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioprio_set$auto(0x3, 0x0, 0x4b34)
madvise$auto(0x16, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x0, 0x200, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)

7.189120235s ago: executing program 3 (id=657):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7)
mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6"}, 0x6, 0x3, 0xff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0)
msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004)
socket(0x2a, 0x800, 0x2d2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="210b2abd7000fedbdf25670010000800c3000000008045758fc058dcee9878afa51ff9a5"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)
ioperm$auto(0x3, 0x8001, 0x2000000000000149)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4)
close_range$auto(0x2, 0xa, 0x0)

7.02095355s ago: executing program 1 (id=658):
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400004, 0xd, 0x12, 0x2, 0x6cb)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
mknod$auto(0x0, 0x1, 0x4)
lstat$auto(&(0x7f0000000300)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
ioctl$auto(0x3, 0x5420, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$auto(0x3, 0x5404, 0x38)
sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, 0x0, 0x24008804)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x2, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x3, [0x7, 0x0, 0x0, 0x0, 0x0, 0x761, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000]}, 0x1fe, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x13, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040)
open(&(0x7f0000000400)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x591002, 0x4c2)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)="b375c8d8b18ecf29471fff8a485ee0c090f3", 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

5.624118697s ago: executing program 2 (id=659):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/controlC2\x00', 0x400, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r2, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xc00, 0x2c, 0x2c, 0x3, 0x2})
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/flush\x00', 0x1, 0x0)
r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x101000, 0x0)
listen$auto(r5, 0x5)
recvmmsg$auto(r1, &(0x7f0000000500)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0xd1}, 0x10a, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0)
socket(0x2, 0x1, 0x106)
socket(0x2, 0x1, 0x0)
shutdown$auto(0xffffffffffffffff, 0x2)
read$auto_rng_chrdev_ops_core(r1, 0x0, 0x0)
mmap$auto(0xfffffffffffffffc, 0x8, 0x8, 0x7fffffffffffffff, 0xffffffffffffffff, 0xfffffffffffffffd)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0)
mmap$auto(0x0, 0x40009, 0xe1, 0x1de, 0x7, 0x27fff)
setfsgid$auto(0xee00)
listen$auto(0x3, 0x3)

5.614866125s ago: executing program 0 (id=667):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0)
read$auto(r1, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/event-fork\x00', 0x121082, 0x0)
writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
keyctl$auto(0x17, 0x4, 0x7fffffffefff, 0x400, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r0, &(0x7f0000000140)='/d\xfd\xff/audio\x9c\b\xfe\xb2u\xe6+.\x0f\xc3\x00', 0x100000a3d9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000040)={0x8020000, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x3}, 0x58)
prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
io_getevents$auto(0x1, 0x201, 0x2, &(0x7f0000000080)={0xffffffff, 0xc, 0xffffffffffffffff, 0x9}, &(0x7f0000000180)={0x6, 0xffffffffffffffff})

5.503546045s ago: executing program 1 (id=660):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/ip6_vti0/proxy_delay\x00', 0x88542, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';')
r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x0, 0x0)
r2 = dup$auto(r1)
ioctl$auto_ECCGETLAYOUT(r2, 0x81484d11, &(0x7f0000000340)={0x101, [0x101, 0x1, 0x80000000, 0x400003, 0xa, 0x5, 0x1, 0x5, 0x808f, 0xe, 0x5, 0x7, 0x2, 0xf, 0x57, 0x8dbc, 0x8, 0x7, 0xd1, 0x72944006, 0x1, 0xfe54, 0x0, 0xfffff645, 0x9, 0x6, 0x9, 0x80, 0x80000000, 0x8dc, 0x4, 0x9, 0xfffff0bf, 0xa, 0x575e6e2c, 0x101, 0xff, 0x2, 0xffff0000, 0x3, 0x71c7, 0x1, 0x8, 0x90, 0xfffffffb, 0x7, 0x3, 0x5, 0x200, 0x100, 0x3, 0xffff, 0x9, 0x8, 0x8, 0x3, 0x2, 0x81, 0xe, 0x17, 0xe0b, 0x1, 0x0, 0x57a1], 0x6, [{0xff, 0x6e14}, {0x9, 0x8}, {0x4d1, 0xb9bc}, {0xe, 0x8}, {0x4, 0x24}, {0x5, 0x8}, {0x1, 0x1ff}, {0x4ef3, 0x40}]})
r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
unshare$auto(0x40000080)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x4008ae48, 0x38)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp1\x00', 0x101a00, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x2, 0x0)
ioctl$auto_SNDCTL_DSP_SETDUPLEX(r6, 0x5016, 0x0)
ioctl$auto(0x3, 0xc0086202, r3)

4.761951287s ago: executing program 0 (id=661):
r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x40, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
io_uring_setup$auto(0x86, 0x0)
socket(0x10, 0x4, 0xffffffc0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948e, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8, 0x0, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
write$auto(0xffffffffffffffff, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010325bd7040ffdbdf250a0000000c0002006e6c383032313100"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810)
write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r5 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="00012cbd7000fedbdf257f0000000600f700050b00000600b10005000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, &(0x7f00000010c0)=""/4082, 0xff2)
io_setup$auto(0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000001c0)=""/176, 0xb0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x42, 0x0)
fchown$auto(r0, 0x0, 0x0)

4.640783886s ago: executing program 3 (id=662):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x4, 0x0, 0x480, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto(r2, 0x2289, 0xbb1)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
socket(0x27, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000)
madvise$auto(0x0, 0x20200, 0x15)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0)

4.484129356s ago: executing program 2 (id=663):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/cable#1\x00', 0x100, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/99, 0x63)
listmount$auto(&(0x7f0000000040)={0x200, @inferred, 0x7f, 0x81, 0x400}, 0x0, 0xf, 0x5)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6)
read$auto(0x3, 0x0, 0x80)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
write$auto(0x3, 0x0, 0x8100)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x8f, 0x400, 0x2}]})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0)
ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSMAXCID(r3, 0x40047451, 0x0)
r4 = socket(0x2000000000000021, 0x2, 0x10000000000002)
write$auto(r4, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)

4.100563029s ago: executing program 1 (id=664):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0xdb3, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_GTP_CMD_NEWPDP(r3, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00', @ANYRES16=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x4c000}, 0x80)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, 0x0, 0x4000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
socket(0x2, 0xa, 0x0)
unshare$auto(0x40000080)
write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x01\x00\xb6', 0x7f)
arch_prctl$auto_ARCH_SHSTK_UNLOCK(0x5004, 0xc)
socketpair$auto(0x1e, 0x9, 0x8000000000000000, 0x0)
openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x10000, 0x0)
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x9000, 0x0)
ioctl$auto(r5, 0x4008af14, r4)

4.048272378s ago: executing program 2 (id=665):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, 0x0, 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000)
connect$auto(0x3, 0x0, 0x55)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0)
bpf$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_BLKRRPART(r4, 0x125f, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

3.413350605s ago: executing program 0 (id=666):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000)
connect$auto(0x3, 0x0, 0x55)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0)
bpf$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

2.064708151s ago: executing program 3 (id=668):
futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000300)="e3466055fec4a3c2fbc89686e869c201ff78757a77d21f")
ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0))
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
write$auto(r1, 0x0, 0x80000000)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x100, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
unshare$auto(0x40000080)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x80, 0x80000001, 0x4000000000db, 0xeb1, r4, 0x8001)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, r5)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
r6 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000004c0), 0x40400, 0x0)
pread64$auto(r6, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

2.058001707s ago: executing program 0 (id=676):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8000, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xd, 0xb979, 0x8000001f, 0x1000, 0x6d3d, 0xc, 0x2, 0x8]}, 0x0)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$auto(r2, 0x0, 0x5)
select$auto(0x9, &(0x7f00000000c0)={[0xeeca, 0x7, 0xb, 0x9, 0x6, 0x1fc, 0x6, 0x3, 0x2, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0xc, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0)
unshare$auto(0x40000080)
sendmsg$auto_NFC_CMD_GET_DEVICE(r2, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(r0, 0x0, 0x200000c0)
write$auto(0x3, 0x0, 0xfdef)

2.057306436s ago: executing program 1 (id=669):
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\v\xba\x8av\xf0\x85\x9e`\x1fN$\xd4\x1c\xe0\xa6\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x89\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI', 0x100000a3db)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x5, 0x5, 0x2009, 0x0, 0x0)
r1 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
ioctl$auto(r2, 0x8926, r2)
read$auto_proc_sessionid_operations_base(r1, 0x0, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media15\x00', 0x40801, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(0xffffffffffffffff, &(0x7f0000006940)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram4/queue/physical_block_size\x00', 0xa00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000004c0)=""/206, 0xce)
syz_open_procfs$namespace(0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7f1)
modify_ldt$auto(0x40, 0x0, 0x7ff)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/can/rcvlist_sff\x00', 0x400, 0x0)
pread64$auto(r4, 0x0, 0x101fb, 0x8800000005)

2.057189122s ago: executing program 2 (id=670):
creat$auto(0x0, 0xd)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r0, 0x0, 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0xc)
modify_ldt$auto(0x1, 0x0, 0x10)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
socket(0x2, 0x1, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0)
sendfile$auto(r4, r4, 0x0, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
r5 = open(0x0, 0x0, 0x187)
newfstatat$auto(r5, 0x0, 0x0, 0x1000)
r6 = socket(0x2b, 0x1, 0x1)
ioctl$auto(r6, 0x8901, 0x4)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0x8, 0x16)
ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)

957.410675ms ago: executing program 0 (id=671):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x2, 0x88)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000000), 0x117003, 0x0)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex, r1, 0x4, 0x1, r0, @relative_fd=r2, 0xe600}, 0xf)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/sunrpc/parameters/udp_slot_table_entries\x00', 0x80302, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2001)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
r5 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0xb00, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x62080, 0x0)
r6 = inotify_init1$auto(0x71)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="010028bd7000fcdb8b934110df251100000014001e8010002280510046800400f78004001080"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r5, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYRES64=r6, @ANYRES16=r4, @ANYBLOB="04002cbd7000fcdbdf251e000000050002000000000005000f0005000000080030800400e7"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40800)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)
r7 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x60782, 0x0)
write$auto_console_fops_tty_io(r7, &(0x7f0000001240)='\t\x00', 0x2)
r8 = open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x62)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x7fffffff)
bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r8}, 0x40)
mprotect$auto(0x110c230000, 0x85, 0x2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x84182, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)

652.655991ms ago: executing program 0 (id=672):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000000)=0x7)
mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6"}, 0x6, 0x3, 0xff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x1, 0x40009, 0xdf, 0x13, r2, 0x10001)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0)
msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004)
socket(0x2a, 0x800, 0x2d2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="210b2abd7000fedbdf25670010000800c3000000008045758fc058dcee9878afa51ff9a5"], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000)
ioperm$auto(0x3, 0x8001, 0x2000000000000149)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4)
close_range$auto(0x2, 0xa, 0x0)

363.357347ms ago: executing program 3 (id=673):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0)
ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x105d00, 0x0)
socket(0x10, 0x2, 0x0)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0xffffffffffffffff, 0x0, 0x100082)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r2, 0x5408, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty11\x00', 0x4000, 0x0)
ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000080)="b3e4882f932111515dcb2a5cb21bd9e383c3e4bb698cdd616afe736d868699739ed226b9991f5ce84de1e6271017a5ecf8d5c2d5c45d1b1f6acedd5ded0a4a4346926925b8ab77f0d49ed41b76fd83bc32d66eb69f1f7c2c40e8ceb6b2e41bef29ca9bb66e7369da705088729e065ebfab84d2b3dfc20a010390ef9f6f164a92")
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy17/hwsim/dfs_simulate_radar\x00', 0x0, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)

337.504645ms ago: executing program 1 (id=674):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0)
write$auto(r3, 0x0, 0x40000001)
ioctl$auto_SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f0000000040))
ioctl$auto(r1, 0x4020ae76, r2)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000040)="4fc45bcf3d4a101e436ca786d1561075691abc1c9e08e220ab4e", 0x1a)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/pppol2tp\x00', 0x200, 0x0)
r5 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2000a, 0x10000000000e3, 0xef2, 0x401, 0x8000)
setsockopt$auto(r5, 0x10000000084, 0x82, 0x0, 0x9c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_DISCONNECT(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000240)={0x1c, r7, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800)
sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(r2, &(0x7f0000000580)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000540)={&(0x7f0000000900)={0x310, 0x0, 0x4, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0xa2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x5}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x3}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x8000}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_FILS_DISCOVERY={0x288, 0x126, 0x0, 0x1, [@NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x1}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0xf5, 0x3, "71d189b5e4021cdab3d747a5e77189656c5aeff4113405f07e981f73c259a9ed696436d2d8c0f19e37bb8845601aced6ac09641fadc2d06762beb5ef600be636827c014ffe07bc4f3bac4e8b20a1184cd6a355054371fe92f738e26e875e2b8502be43eb4769c0ad0698e633fcf4cfea9ede67fa9eb9ded85f1794d3fbf66f608a82e2449e1938f9d9b41058fe3b3d77c2b60e88c973759ca47d0f8578909487ee6190162e398639d3d8e0f29d24ff4c5a8b248f22f3cb4c4f7eb302f28aed9c4fc0c0d57d3b09bb9c7cf48ebeb03e02f3f3d2a2c6c8bbe7da464731977786f8d3b4f4920e41f9a7f51d4118809301dce9"}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x80}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x2}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0xfe, 0x3, "d2d03d22b5017530fb64d1eed6993af98a510009c597d26eb1a7bdf34e006a379e512f4422b86ddbdf26e90abaab43e7f22fd62bae38c02f7f91c52bdd009a4a9c967eb58951bc7650aabac112f81852003892a5d25c9e301adfabd2e7b0af8dcd23ca16cc22b18df95ee168b74d47f46933e41867b3e3a47f419327cbb0f077bef58586d77b7866e4696de690f7878edd00d95b1f4d714681e0831f44cb0b2efb9998879f87efb6b22c0bbdce4a9ef759078fb683feaccc2f15492bd77f0ab03acaf8938ce80845b87b4e2489b63dc3a68ca2d9ca4dd0a8ea2cbb826452c6d141419f8cb12d1ac528380dbb7317bde654f722d17720b4532f64"}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x9}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0xfffffffe}, @NL80211_FILS_DISCOVERY_ATTR_TMPL={0x4c, 0x3, "6990619258b8f1b056b4223be324a02b3fb790d477cb91dc9755a55a1369c6e85cafc3d361a405e274aa25fca03401d3e94c17c3d11f106809a6cd0165aa7233bc7bc458f1e91f2d"}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8, 0x2, 0x7}, @NL80211_FILS_DISCOVERY_ATTR_INT_MAX={0x8}, @NL80211_FILS_DISCOVERY_ATTR_INT_MIN={0x8, 0x1, 0x22c1}]}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x6}, @NL80211_ATTR_COLOR_CHANGE_ELEMS={0x44, 0x131, 0x0, 0x1, [@NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x1e000}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_BSS_SELECT={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x6}, @NL80211_ATTR_DFS_REGION={0x5}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x3c}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r1}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x8b}]}]}, 0x310}, 0x1, 0x0, 0x0, 0x41}, 0x800)
pread64$auto(r4, &(0x7f0000000180)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\x8d\xa8\xcfM9\\\xd6\xcfUq\x05#\xed\x1c\xd1G\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xbasG\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\xfdz\xab\x91RQ7\xc4qI\xc5c.\xefQ\xfb\xf4!\xe6\xd0Pa\xb8\xb4R\xaah2\x1c\xdfEy?\xac\xc6\x122\xb0z\xdd\'\fq\x80\x1e\f\xaf\n\xad\x9f\xb4E+\x9e\xa6\xef\x03\xc7\xc1u\xa3K\xc3a\x127\xc2s\xae3\x80\x96\xf0\xc1\xff>\xec\x0eBW)\xb5I|\xaa\xb6\x1d\xbd,t\a\xff\x1e\xa67\xc1\xb5\xb5O\xe9aN|F\xb6\xd0\xf6\x19s\xf9\x9e', 0x400, 0x6)
r8 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy3/hwflags\x00', 0x40081, 0x0)
write$auto(r8, 0x0, 0x100000000003)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/flags\x00', 0x1, 0x0)
write$auto(r9, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1)
openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000080), 0x440, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r10, 0x1, 0x1, &(0x7f00000002c0)='.*+%\x00', &(0x7f0000000300)=0xfff)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xfffffffffffffff7, 0x401, 0x8000)

0s ago: executing program 2 (id=675):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0)
fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000)
connect$auto(0x3, 0x0, 0x55)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0)
bpf$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)

kernel console output (not intermixed with test programs):

1][ T5158] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  104.967179][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  104.976517][ T5158] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  105.559353][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  105.724934][ T5839] chnl_net:caif_netlink_parms(): no params data found
[  105.747720][ T5841] chnl_net:caif_netlink_parms(): no params data found
[  105.832183][ T5846] chnl_net:caif_netlink_parms(): no params data found
[  105.898719][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.905990][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.914574][ T5840] bridge_slave_0: entered allmulticast mode
[  105.922574][ T5840] bridge_slave_0: entered promiscuous mode
[  105.960017][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.967208][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.974809][ T5840] bridge_slave_1: entered allmulticast mode
[  105.982243][ T5840] bridge_slave_1: entered promiscuous mode
[  106.074717][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.082315][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.090702][ T5839] bridge_slave_0: entered allmulticast mode
[  106.099033][ T5839] bridge_slave_0: entered promiscuous mode
[  106.156511][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.164419][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.172349][ T5839] bridge_slave_1: entered allmulticast mode
[  106.179877][ T5839] bridge_slave_1: entered promiscuous mode
[  106.190607][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.204101][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.228806][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.236031][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.244034][ T5841] bridge_slave_0: entered allmulticast mode
[  106.251986][ T5841] bridge_slave_0: entered promiscuous mode
[  106.302076][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.309475][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.317347][ T5841] bridge_slave_1: entered allmulticast mode
[  106.326883][ T5841] bridge_slave_1: entered promiscuous mode
[  106.333890][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.341368][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.349072][ T5846] bridge_slave_0: entered allmulticast mode
[  106.356557][ T5846] bridge_slave_0: entered promiscuous mode
[  106.423330][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.430747][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.439542][ T5846] bridge_slave_1: entered allmulticast mode
[  106.446973][ T5846] bridge_slave_1: entered promiscuous mode
[  106.456588][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.472138][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.483699][ T5840] team0: Port device team_slave_0 added
[  106.493191][ T5840] team0: Port device team_slave_1 added
[  106.503075][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.516986][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.621800][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  106.664629][ T5841] team0: Port device team_slave_0 added
[  106.673581][ T5841] team0: Port device team_slave_1 added
[  106.683461][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  106.695281][ T5839] team0: Port device team_slave_0 added
[  106.702460][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.709848][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.736645][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.765568][ T5839] team0: Port device team_slave_1 added
[  106.805562][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  106.813000][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.839765][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  106.905719][ T5846] team0: Port device team_slave_0 added
[  106.913658][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.921187][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.947466][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  106.959850][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[  106.967001][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  106.993026][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.006686][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.012669][ T5158] Bluetooth: hci1: command tx timeout
[  107.013841][ T5848] Bluetooth: hci0: command tx timeout
[  107.019707][ T5158] Bluetooth: hci2: command tx timeout
[  107.025410][ T5850] Bluetooth: hci3: command tx timeout
[  107.036526][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.065593][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.079381][ T5846] team0: Port device team_slave_1 added
[  107.086945][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.094295][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.121078][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.180605][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[  107.188102][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.214718][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  107.228178][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[  107.235192][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  107.261347][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  107.371571][ T5840] hsr_slave_0: entered promiscuous mode
[  107.378943][ T5840] hsr_slave_1: entered promiscuous mode
[  107.395217][ T5839] hsr_slave_0: entered promiscuous mode
[  107.402642][ T5839] hsr_slave_1: entered promiscuous mode
[  107.409044][ T5839] debugfs: 'hsr0' already exists in 'hsr'
[  107.414867][ T5839] Cannot create hsr debugfs directory
[  107.481280][ T5841] hsr_slave_0: entered promiscuous mode
[  107.488499][ T5841] hsr_slave_1: entered promiscuous mode
[  107.494860][ T5841] debugfs: 'hsr0' already exists in 'hsr'
[  107.501343][ T5841] Cannot create hsr debugfs directory
[  107.578756][ T5846] hsr_slave_0: entered promiscuous mode
[  107.585380][ T5846] hsr_slave_1: entered promiscuous mode
[  107.592486][ T5846] debugfs: 'hsr0' already exists in 'hsr'
[  107.598520][ T5846] Cannot create hsr debugfs directory
[  108.084014][ T5839] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  108.101438][ T5839] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  108.113750][ T5839] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  108.136136][ T5839] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  108.204154][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  108.215387][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  108.234782][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  108.274319][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  108.337289][ T5840] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  108.354476][ T5840] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  108.385097][ T5840] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  108.397166][ T5840] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  108.499976][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  108.513444][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  108.548435][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  108.560545][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  108.679375][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.699441][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.768631][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[  108.785162][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[  108.813490][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.820922][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.834879][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.842039][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.865393][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.872667][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.902753][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.909974][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.983445][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.010805][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  109.033436][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.062652][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.069949][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.088444][ T5850] Bluetooth: hci2: command tx timeout
[  109.088461][ T5158] Bluetooth: hci3: command tx timeout
[  109.088503][ T5158] Bluetooth: hci0: command tx timeout
[  109.093907][ T5850] Bluetooth: hci1: command tx timeout
[  109.121312][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.128610][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.175518][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[  109.203272][ T3533] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.210502][ T3533] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.296679][ T3533] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.304066][ T3533] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.756167][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.895535][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.935169][ T5841] veth0_vlan: entered promiscuous mode
[  109.982761][ T5841] veth1_vlan: entered promiscuous mode
[  110.045437][ T5839] veth0_vlan: entered promiscuous mode
[  110.095139][ T5841] veth0_macvtap: entered promiscuous mode
[  110.113340][ T5841] veth1_macvtap: entered promiscuous mode
[  110.124940][ T5839] veth1_vlan: entered promiscuous mode
[  110.159803][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.185417][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.195617][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.224072][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.239110][   T37] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.249340][   T37] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.272185][   T37] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.281278][   T37] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.322894][ T5839] veth0_macvtap: entered promiscuous mode
[  110.345890][ T5839] veth1_macvtap: entered promiscuous mode
[  110.451836][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.484148][ T5846] veth0_vlan: entered promiscuous mode
[  110.502655][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.514878][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.523959][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.550714][ T5846] veth1_vlan: entered promiscuous mode
[  110.586525][ T5840] veth0_vlan: entered promiscuous mode
[  110.594517][ T1144] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.603725][ T1144] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.623174][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.632839][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.640047][ T1161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.661264][ T1161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.682063][ T5840] veth1_vlan: entered promiscuous mode
[  110.766684][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  110.801634][ T5846] veth0_macvtap: entered promiscuous mode
[  110.828223][ T5846] veth1_macvtap: entered promiscuous mode
[  110.934677][ T1144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.961957][ T1144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.986066][ T5840] veth0_macvtap: entered promiscuous mode
[  111.003991][ T5925] FAULT_INJECTION: forcing a failure.
[  111.003991][ T5925] name failslab, interval 1, probability 0, space 0, times 1
[  111.021975][ T5925] CPU: 1 UID: 0 PID: 5925 Comm: syz.3.4 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  111.022013][ T5925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.022033][ T5925] Call Trace:
[  111.022041][ T5925]  <TASK>
[  111.022050][ T5925]  dump_stack_lvl+0x16c/0x1f0
[  111.022087][ T5925]  should_fail_ex+0x512/0x640
[  111.022111][ T5925]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  111.022147][ T5925]  should_failslab+0xc2/0x120
[  111.022183][ T5925]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  111.022214][ T5925]  ? __lock_acquire+0x622/0x1c90
[  111.022245][ T5925]  ? sk_prot_alloc+0x60/0x2a0
[  111.022284][ T5925]  sk_prot_alloc+0x60/0x2a0
[  111.022320][ T5925]  sk_alloc+0x36/0xc20
[  111.022347][ T5925]  __vsock_create.constprop.0+0x3c/0xbb0
[  111.022373][ T5925]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  111.022412][ T5925]  vsock_create+0x139/0x500
[  111.022443][ T5925]  __sock_create+0x335/0x8d0
[  111.022485][ T5925]  __sys_socket+0x14d/0x260
[  111.022506][ T5925]  ? __pfx___sys_socket+0x10/0x10
[  111.022527][ T5925]  ? xfd_validate_state+0x61/0x180
[  111.022560][ T5925]  ? __task_pid_nr_ns+0x17c/0x500
[  111.022604][ T5925]  __x64_sys_socket+0x72/0xb0
[  111.022625][ T5925]  ? lockdep_hardirqs_on+0x7c/0x110
[  111.022653][ T5925]  do_syscall_64+0xcd/0x490
[  111.022685][ T5925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.022709][ T5925] RIP: 0033:0x7fe69798e9a9
[  111.022730][ T5925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.022753][ T5925] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  111.022775][ T5925] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  111.022790][ T5925] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028
[  111.022804][ T5925] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  111.022818][ T5925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.022831][ T5925] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  111.022860][ T5925]  </TASK>
[  111.255540][ T5850] Bluetooth: hci1: command tx timeout
[  111.255564][   T51] Bluetooth: hci0: command tx timeout
[  111.255596][ T5158] Bluetooth: hci2: command tx timeout
[  111.261570][ T5848] Bluetooth: hci3: command tx timeout
[  111.310767][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.334241][ T5840] veth1_macvtap: entered promiscuous mode
[  111.358563][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.366455][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.420998][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.430599][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.467325][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.490810][ T1144] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.502012][ T1144] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.522635][ T1144] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.570986][ T1144] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.595404][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.662577][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.678942][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.761614][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.772784][ T5930] ima: policy update failed
[  111.782641][   T30] audit: type=1802 audit(1753915710.615:2): pid=5930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2" res=0 errno=0
[  111.809458][ T5930] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2'.
[  111.933273][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.960057][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.029158][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.045781][ T5935] random: crng reseeded on system resumption
[  112.067096][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.106106][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.128390][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.222634][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.243823][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.509869][ T5939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'.
[  112.548029][ T5939] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3'.
[  112.934310][ T5944] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.1'.
[  113.328118][ T5848] Bluetooth: hci3: command tx timeout
[  113.333696][ T5850] Bluetooth: hci0: command tx timeout
[  113.339240][ T5848] Bluetooth: hci1: command tx timeout
[  113.344801][ T5850] Bluetooth: hci2: command tx timeout
[  113.369410][ T5949] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.768214][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  114.048724][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.157915][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.177875][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  114.208461][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.458940][ T5962] process 'syz.0.9' launched '/dev/fd/10' with NULL argv: empty string added
[  114.568048][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.672026][ T5957] __vm_enough_memory: pid: 5957, comm: syz.3.8, bytes: 4398046511104 not enough memory for the allocation
[  114.689157][    T0] NOHZ tick-stop error: local softirq work is pending, handler #308!!!
[  114.698857][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  114.709811][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  114.770878][ T5962] FAULT_INJECTION: forcing a failure.
[  114.770878][ T5962] name failslab, interval 1, probability 0, space 0, times 0
[  114.867999][ T5962] CPU: 1 UID: 0 PID: 5962 Comm: syz.0.9 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  114.868046][ T5962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  114.868066][ T5962] Call Trace:
[  114.868077][ T5962]  <TASK>
[  114.868089][ T5962]  dump_stack_lvl+0x16c/0x1f0
[  114.868136][ T5962]  should_fail_ex+0x512/0x640
[  114.868178][ T5962]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  114.868211][ T5962]  should_failslab+0xc2/0x120
[  114.868248][ T5962]  __kmalloc_cache_noprof+0x6a/0x3e0
[  114.868277][ T5962]  ? police_init_net+0x56/0x270
[  114.868302][ T5962]  ? __pfx_police_init_net+0x10/0x10
[  114.868325][ T5962]  police_init_net+0x56/0x270
[  114.868353][ T5962]  ops_init+0x1e2/0x5f0
[  114.868388][ T5962]  setup_net+0x10f/0x380
[  114.868417][ T5962]  ? lockdep_init_map_type+0x5c/0x280
[  114.868451][ T5962]  ? __pfx_setup_net+0x10/0x10
[  114.868483][ T5962]  ? debug_mutex_init+0x37/0x70
[  114.868509][ T5962]  copy_net_ns+0x2a6/0x5f0
[  114.868553][ T5962]  create_new_namespaces+0x3ea/0xa90
[  114.868587][ T5962]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  114.868617][ T5962]  ksys_unshare+0x45b/0xa40
[  114.868650][ T5962]  ? __pfx_ksys_unshare+0x10/0x10
[  114.868684][ T5962]  ? xfd_validate_state+0x61/0x180
[  114.868727][ T5962]  __x64_sys_unshare+0x31/0x40
[  114.868759][ T5962]  do_syscall_64+0xcd/0x490
[  114.868792][ T5962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.868816][ T5962] RIP: 0033:0x7fc4d118e9a9
[  114.868835][ T5962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  114.868858][ T5962] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  114.868880][ T5962] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  114.868895][ T5962] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  114.868909][ T5962] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  114.868923][ T5962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  114.868936][ T5962] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  114.868965][ T5962]  </TASK>
[  114.928039][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  115.810325][ T5968] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  116.015940][ T5976] FAULT_INJECTION: forcing a failure.
[  116.015940][ T5976] name failslab, interval 1, probability 0, space 0, times 0
[  116.039469][ T5976] CPU: 0 UID: 0 PID: 5976 Comm: syz.3.11 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  116.039517][ T5976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  116.039536][ T5976] Call Trace:
[  116.039546][ T5976]  <TASK>
[  116.039559][ T5976]  dump_stack_lvl+0x16c/0x1f0
[  116.039605][ T5976]  should_fail_ex+0x512/0x640
[  116.039640][ T5976]  ? __kmalloc_noprof+0xbf/0x510
[  116.039687][ T5976]  ? devlink_fmsg_put_value+0xaa/0x2d0
[  116.039726][ T5976]  should_failslab+0xc2/0x120
[  116.039776][ T5976]  __kmalloc_noprof+0xd2/0x510
[  116.039832][ T5976]  devlink_fmsg_put_value+0xaa/0x2d0
[  116.039878][ T5976]  devlink_fmsg_u32_put+0xef/0x150
[  116.039921][ T5976]  ? __pfx_devlink_fmsg_u32_put+0x10/0x10
[  116.039970][ T5976]  ? devlink_fmsg_arr_pair_nest_start+0xec/0x130
[  116.040018][ T5976]  nsim_dev_dummy_fmsg_put+0x131/0x1e0
[  116.040058][ T5976]  devlink_health_do_dump+0x240/0x620
[  116.040096][ T5976]  devlink_health_report+0x3c9/0x9c0
[  116.040142][ T5976]  ? __pfx_devlink_health_report+0x10/0x10
[  116.040176][ T5976]  ? _copy_from_user+0x59/0xd0
[  116.040211][ T5976]  nsim_dev_health_break_write+0x166/0x210
[  116.040248][ T5976]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  116.040295][ T5976]  full_proxy_write+0x131/0x1a0
[  116.040331][ T5976]  ? __pfx_full_proxy_write+0x10/0x10
[  116.040364][ T5976]  vfs_write+0x2a0/0x1150
[  116.040401][ T5976]  ? __pfx___mutex_lock+0x10/0x10
[  116.040432][ T5976]  ? __pfx_vfs_write+0x10/0x10
[  116.040470][ T5976]  ? __fget_files+0x20e/0x3c0
[  116.040508][ T5976]  ksys_write+0x12a/0x250
[  116.040538][ T5976]  ? __pfx_ksys_write+0x10/0x10
[  116.040578][ T5976]  do_syscall_64+0xcd/0x490
[  116.040610][ T5976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.040634][ T5976] RIP: 0033:0x7fe69798e9a9
[  116.040653][ T5976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.040676][ T5976] RSP: 002b:00007fe69878e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  116.040698][ T5976] RAX: ffffffffffffffda RBX: 00007fe697bb6160 RCX: 00007fe69798e9a9
[  116.040713][ T5976] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008
[  116.040727][ T5976] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  116.040743][ T5976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  116.040757][ T5976] R13: 0000000000000000 R14: 00007fe697bb6160 R15: 00007ffe9d1397a8
[  116.040786][ T5976]  </TASK>
[  116.531288][ T5970] Zero length message leads to an empty skb
[  116.539816][ T5970] netlink: 330 bytes leftover after parsing attributes in process `syz.2.12'.
[  118.636340][ T6004] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  118.738431][ T6004] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  118.813871][ T6004] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  118.876009][ T6004] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  118.919094][ T6004] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  118.948430][ T6004] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  119.004400][ T6004] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  119.073816][ T6004] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  119.217923][ T6023] syz.0.18 uses obsolete (PF_INET,SOCK_PACKET)
[  119.250567][ T6004] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  119.357460][ T6004] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  119.363748][ T6004] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  119.386826][ T6004] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  119.708896][ T5995] FAULT_INJECTION: forcing a failure.
[  119.708896][ T5995] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  119.722902][ T5995] CPU: 1 UID: 0 PID: 5995 Comm: syz.3.14 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  119.722949][ T5995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  119.722973][ T5995] Call Trace:
[  119.722984][ T5995]  <TASK>
[  119.722996][ T5995]  dump_stack_lvl+0x16c/0x1f0
[  119.723057][ T5995]  should_fail_ex+0x512/0x640
[  119.723099][ T5995]  should_fail_alloc_page+0xe7/0x130
[  119.723154][ T5995]  prepare_alloc_pages+0x3c2/0x610
[  119.723197][ T5995]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  119.723248][ T5995]  ? __pfx_stack_trace_save+0x10/0x10
[  119.723285][ T5995]  ? stack_depot_save_flags+0x28/0xa40
[  119.723325][ T5995]  ? __alloc_frozen_pages_noprof+0x294/0x23f0
[  119.723378][ T5995]  ? kasan_save_stack+0x42/0x60
[  119.723420][ T5995]  ? kasan_save_stack+0x33/0x60
[  119.723462][ T5995]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  119.723507][ T5995]  ? __pmd_alloc+0xbf/0x930
[  119.723536][ T5995]  ? dup_mmap+0xe88/0x21d0
[  119.723570][ T5995]  ? kernel_clone+0xfc/0x930
[  119.723609][ T5995]  ? __do_sys_clone+0xce/0x120
[  119.723648][ T5995]  ? do_syscall_64+0xcd/0x490
[  119.723688][ T5995]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.723743][ T5995]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  119.723807][ T5995]  ? policy_nodemask+0xea/0x4e0
[  119.723862][ T5995]  alloc_pages_mpol+0x1fb/0x550
[  119.723916][ T5995]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  119.723963][ T5995]  ? css_rstat_updated+0x9d/0xd30
[  119.724010][ T5995]  alloc_pages_noprof+0x131/0x390
[  119.724064][ T5995]  pte_alloc_one+0x1c/0x3a0
[  119.724099][ T5995]  __pte_alloc+0x6d/0x3c0
[  119.724150][ T5995]  ? __pfx___pte_alloc+0x10/0x10
[  119.724201][ T5995]  ? _raw_spin_unlock+0x28/0x50
[  119.724235][ T5995]  ? __pmd_alloc+0x3fb/0x930
[  119.724272][ T5995]  copy_page_range+0x3c59/0x5da0
[  119.724360][ T5995]  ? __pfx_copy_page_range+0x10/0x10
[  119.724401][ T5995]  ? mas_store+0x7a9/0x1160
[  119.724450][ T5995]  ? find_held_lock+0x2b/0x80
[  119.724484][ T5995]  ? __pfx_mas_store+0x10/0x10
[  119.724527][ T5995]  ? __vma_enter_locked+0x163/0x3f0
[  119.724591][ T5995]  dup_mmap+0xe88/0x21d0
[  119.724644][ T5995]  ? __pfx_dup_mmap+0x10/0x10
[  119.724709][ T5995]  copy_process+0x4081/0x7690
[  119.724774][ T5995]  ? __pfx___futex_wait+0x10/0x10
[  119.724842][ T5995]  ? __pfx_copy_process+0x10/0x10
[  119.724884][ T5995]  ? futex_private_hash_put+0x176/0x300
[  119.724932][ T5995]  ? futex_private_hash_put+0x18a/0x300
[  119.724979][ T5995]  kernel_clone+0xfc/0x930
[  119.725025][ T5995]  ? __pfx_kernel_clone+0x10/0x10
[  119.725094][ T5995]  __do_sys_clone+0xce/0x120
[  119.725136][ T5995]  ? __pfx___do_sys_clone+0x10/0x10
[  119.725178][ T5995]  ? ksys_unshare+0x687/0xa40
[  119.725239][ T5995]  ? xfd_validate_state+0x61/0x180
[  119.725304][ T5995]  do_syscall_64+0xcd/0x490
[  119.725349][ T5995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.725383][ T5995] RIP: 0033:0x7fe69798e9a9
[  119.725421][ T5995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.725457][ T5995] RSP: 002b:00007fe6987cffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  119.725488][ T5995] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  119.725510][ T5995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[  119.725529][ T5995] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  119.725549][ T5995] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  119.725567][ T5995] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  119.725609][ T5995]  </TASK>
[  120.192068][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout
[  120.927642][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  121.007695][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  121.148783][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  121.407800][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  122.167132][ T6034] __vm_enough_memory: pid: 6034, comm: syz.2.20, bytes: 4398046511104 not enough memory for the allocation
[  122.207681][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  122.787732][ T6055] netlink: 330 bytes leftover after parsing attributes in process `syz.1.24'.
[  122.837678][ T6055] �: renamed from hsr0 (while UP)
[  123.017651][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  123.087956][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  123.487878][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  124.288059][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  124.781025][ T6082] random: crng reseeded on system resumption
[  125.087692][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  125.171021][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  125.567734][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  126.639256][ T5848] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  128.392898][   T30] audit: type=1800 audit(1753915727.225:3): pid=6132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.41" name="dbroot" dev="configfs" ino=8232 res=0 errno=0
[  129.378037][ T6134] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  129.384337][ T6134] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  129.430741][ T6134] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  129.431681][ T6134] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  129.432000][ T6134] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  129.432145][ T6134] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  129.712471][ T6154] FAULT_INJECTION: forcing a failure.
[  129.712471][ T6154] name failslab, interval 1, probability 0, space 0, times 0
[  129.712509][ T6154] CPU: 1 UID: 0 PID: 6154 Comm: syz.0.47 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  129.712543][ T6154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.712557][ T6154] Call Trace:
[  129.712564][ T6154]  <TASK>
[  129.712572][ T6154]  dump_stack_lvl+0x16c/0x1f0
[  129.712605][ T6154]  should_fail_ex+0x512/0x640
[  129.712630][ T6154]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  129.712665][ T6154]  should_failslab+0xc2/0x120
[  129.712702][ T6154]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  129.712734][ T6154]  ? alloc_empty_file+0x55/0x1e0
[  129.712760][ T6154]  alloc_empty_file+0x55/0x1e0
[  129.712783][ T6154]  path_openat+0xda/0x2cb0
[  129.712812][ T6154]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.712846][ T6154]  ? __pfx_path_openat+0x10/0x10
[  129.712878][ T6154]  ? __lock_acquire+0xb8a/0x1c90
[  129.712913][ T6154]  do_filp_open+0x20b/0x470
[  129.712944][ T6154]  ? __pfx_do_filp_open+0x10/0x10
[  129.713004][ T6154]  ? alloc_fd+0x471/0x7d0
[  129.713057][ T6154]  do_sys_openat2+0x11b/0x1d0
[  129.713083][ T6154]  ? __pfx_do_sys_openat2+0x10/0x10
[  129.713108][ T6154]  ? __sys_sendmsg+0x18c/0x220
[  129.713145][ T6154]  __x64_sys_openat+0x174/0x210
[  129.713168][ T6154]  ? __pfx___x64_sys_openat+0x10/0x10
[  129.713204][ T6154]  do_syscall_64+0xcd/0x490
[  129.713243][ T6154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.713266][ T6154] RIP: 0033:0x7fc4d118e9a9
[  129.713285][ T6154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.713307][ T6154] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  129.713328][ T6154] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  129.713343][ T6154] RDX: 0000000000080000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  129.713358][ T6154] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  129.713372][ T6154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  129.713386][ T6154] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  129.713414][ T6154]  </TASK>
[  129.808054][ T5850] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  130.687655][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  131.488316][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  131.488424][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout
[  131.494401][ T5158] Bluetooth: hci2: command 0x0c1a tx timeout
[  132.184335][ T5848] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  132.767802][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.054106][ T6194] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input5
[  133.068843][ T6192] FAULT_INJECTION: forcing a failure.
[  133.068843][ T6192] name failslab, interval 1, probability 0, space 0, times 0
[  133.082314][ T6192] CPU: 0 UID: 0 PID: 6192 Comm: syz.1.54 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  133.082360][ T6192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.082380][ T6192] Call Trace:
[  133.082390][ T6192]  <TASK>
[  133.082402][ T6192]  dump_stack_lvl+0x16c/0x1f0
[  133.082447][ T6192]  should_fail_ex+0x512/0x640
[  133.082481][ T6192]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  133.082533][ T6192]  should_failslab+0xc2/0x120
[  133.082581][ T6192]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  133.082627][ T6192]  ? brnf_init_net+0x42/0x450
[  133.082669][ T6192]  ? __pfx_brnf_init_net+0x10/0x10
[  133.082712][ T6192]  kmemdup_noprof+0x29/0x60
[  133.082755][ T6192]  brnf_init_net+0x42/0x450
[  133.082797][ T6192]  ? __pfx_brnf_init_net+0x10/0x10
[  133.082839][ T6192]  ops_init+0x1e2/0x5f0
[  133.082885][ T6192]  setup_net+0x10f/0x380
[  133.082923][ T6192]  ? lockdep_init_map_type+0x5c/0x280
[  133.082976][ T6192]  ? __pfx_setup_net+0x10/0x10
[  133.083008][ T6192]  ? debug_mutex_init+0x37/0x70
[  133.083034][ T6192]  copy_net_ns+0x2a6/0x5f0
[  133.083071][ T6192]  create_new_namespaces+0x3ea/0xa90
[  133.083105][ T6192]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  133.083134][ T6192]  ksys_unshare+0x45b/0xa40
[  133.083166][ T6192]  ? __pfx_ksys_unshare+0x10/0x10
[  133.083199][ T6192]  ? xfd_validate_state+0x61/0x180
[  133.083243][ T6192]  __x64_sys_unshare+0x31/0x40
[  133.083274][ T6192]  do_syscall_64+0xcd/0x490
[  133.083306][ T6192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.083330][ T6192] RIP: 0033:0x7f9e1a78e9a9
[  133.083349][ T6192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.083371][ T6192] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  133.083393][ T6192] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  133.083408][ T6192] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  133.083422][ T6192] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  133.083436][ T6192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  133.083450][ T6192] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  133.083479][ T6192]  </TASK>
[  133.567742][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  133.932533][ T6207] FAULT_INJECTION: forcing a failure.
[  133.932533][ T6207] name failslab, interval 1, probability 0, space 0, times 0
[  133.973926][ T6207] CPU: 0 UID: 0 PID: 6207 Comm: syz.0.57 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  133.973967][ T6207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  133.973981][ T6207] Call Trace:
[  133.973989][ T6207]  <TASK>
[  133.973997][ T6207]  dump_stack_lvl+0x16c/0x1f0
[  133.974031][ T6207]  should_fail_ex+0x512/0x640
[  133.974055][ T6207]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  133.974091][ T6207]  should_failslab+0xc2/0x120
[  133.974128][ T6207]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  133.974161][ T6207]  ? getname_flags.part.0+0x4c/0x550
[  133.974189][ T6207]  getname_flags.part.0+0x4c/0x550
[  133.974218][ T6207]  getname_flags+0x93/0xf0
[  133.974247][ T6207]  do_sys_openat2+0xb8/0x1d0
[  133.974269][ T6207]  ? __pfx_do_sys_openat2+0x10/0x10
[  133.974294][ T6207]  ? __sys_sendmsg+0x18c/0x220
[  133.974330][ T6207]  __x64_sys_openat+0x174/0x210
[  133.974354][ T6207]  ? __pfx___x64_sys_openat+0x10/0x10
[  133.974389][ T6207]  do_syscall_64+0xcd/0x490
[  133.974421][ T6207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.974444][ T6207] RIP: 0033:0x7fc4d118e9a9
[  133.974463][ T6207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  133.974485][ T6207] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  133.974507][ T6207] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  133.974522][ T6207] RDX: 0000000000080000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  133.974537][ T6207] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  133.974551][ T6207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  133.974564][ T6207] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  133.974599][ T6207]  </TASK>
[  134.810886][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  134.818568][ T5848] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  135.377206][ T6228] FAULT_INJECTION: forcing a failure.
[  135.377206][ T6228] name failslab, interval 1, probability 0, space 0, times 0
[  135.410181][ T6228] CPU: 0 UID: 0 PID: 6228 Comm: syz.1.60 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  135.410226][ T6228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  135.410247][ T6228] Call Trace:
[  135.410257][ T6228]  <TASK>
[  135.410269][ T6228]  dump_stack_lvl+0x16c/0x1f0
[  135.410316][ T6228]  should_fail_ex+0x512/0x640
[  135.410350][ T6228]  ? __kmalloc_noprof+0xbf/0x510
[  135.410397][ T6228]  ? ops_init+0x77/0x5f0
[  135.410452][ T6228]  should_failslab+0xc2/0x120
[  135.410503][ T6228]  __kmalloc_noprof+0xd2/0x510
[  135.410546][ T6228]  ? lockdep_init_map_type+0x5c/0x280
[  135.410603][ T6228]  ops_init+0x77/0x5f0
[  135.410650][ T6228]  setup_net+0x10f/0x380
[  135.410689][ T6228]  ? lockdep_init_map_type+0x5c/0x280
[  135.410732][ T6228]  ? __pfx_setup_net+0x10/0x10
[  135.410778][ T6228]  ? debug_mutex_init+0x37/0x70
[  135.410857][ T6228]  copy_net_ns+0x2a6/0x5f0
[  135.410918][ T6228]  create_new_namespaces+0x3ea/0xa90
[  135.410967][ T6228]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  135.411009][ T6228]  ksys_unshare+0x45b/0xa40
[  135.411059][ T6228]  ? __pfx_ksys_unshare+0x10/0x10
[  135.411106][ T6228]  ? xfd_validate_state+0x61/0x180
[  135.411169][ T6228]  __x64_sys_unshare+0x31/0x40
[  135.411214][ T6228]  do_syscall_64+0xcd/0x490
[  135.411259][ T6228]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.411291][ T6228] RIP: 0033:0x7f9e1a78e9a9
[  135.411315][ T6228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.411353][ T6228] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  135.411384][ T6228] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  135.411406][ T6228] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  135.411426][ T6228] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  135.411454][ T6228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  135.411473][ T6228] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  135.411515][ T6228]  </TASK>
[  136.204243][ T6240] netlink: 28 bytes leftover after parsing attributes in process `syz.3.64'.
[  136.235182][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  136.243508][ T5848] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  136.252954][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  136.253000][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  136.253021][ T5848] Workqueue: hci0 hci_rx_work
[  136.253059][ T5848] Call Trace:
[  136.253070][ T5848]  <TASK>
[  136.253082][ T5848]  dump_stack_lvl+0x16c/0x1f0
[  136.253125][ T5848]  sysfs_warn_dup+0x7f/0xa0
[  136.253171][ T5848]  sysfs_create_dir_ns+0x24b/0x2b0
[  136.253216][ T5848]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  136.253258][ T5848]  ? find_held_lock+0x2b/0x80
[  136.253298][ T5848]  ? do_raw_spin_unlock+0x172/0x230
[  136.253354][ T5848]  kobject_add_internal+0x2c4/0x9b0
[  136.253420][ T5848]  kobject_add+0x16e/0x240
[  136.253467][ T5848]  ? __pfx_kobject_add+0x10/0x10
[  136.253517][ T5848]  ? do_raw_spin_unlock+0x172/0x230
[  136.253571][ T5848]  ? kobject_put+0xab/0x5a0
[  136.253626][ T5848]  device_add+0x288/0x1a70
[  136.253666][ T5848]  ? __pfx_dev_set_name+0x10/0x10
[  136.253710][ T5848]  ? __pfx_device_add+0x10/0x10
[  136.253750][ T5848]  ? mgmt_send_event_skb+0x2fb/0x460
[  136.253795][ T5848]  hci_conn_add_sysfs+0x17e/0x230
[  136.253835][ T5848]  le_conn_complete_evt+0x1075/0x1d70
[  136.253902][ T5848]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  136.253956][ T5848]  ? bt_warn+0xe4/0x120
[  136.254006][ T5848]  ? __pfx_bt_warn+0x10/0x10
[  136.254070][ T5848]  hci_le_conn_complete_evt+0x23c/0x370
[  136.254111][ T5848]  hci_le_meta_evt+0x357/0x5e0
[  136.254147][ T5848]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  136.254211][ T5848]  hci_event_packet+0x682/0x11c0
[  136.254244][ T5848]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  136.254284][ T5848]  ? __pfx_hci_event_packet+0x10/0x10
[  136.254321][ T5848]  ? kcov_remote_start+0x3c9/0x6d0
[  136.254379][ T5848]  ? lockdep_hardirqs_on+0x7c/0x110
[  136.254430][ T5848]  hci_rx_work+0x2c5/0x16b0
[  136.254469][ T5848]  ? rcu_is_watching+0x12/0xc0
[  136.254510][ T5848]  process_one_work+0x9cc/0x1b70
[  136.254579][ T5848]  ? __pfx_process_one_work+0x10/0x10
[  136.254644][ T5848]  ? assign_work+0x1a0/0x250
[  136.254695][ T5848]  worker_thread+0x6c8/0xf10
[  136.254760][ T5848]  ? __kthread_parkme+0x19e/0x250
[  136.254804][ T5848]  ? __pfx_worker_thread+0x10/0x10
[  136.254856][ T5848]  kthread+0x3c5/0x780
[  136.254905][ T5848]  ? __pfx_kthread+0x10/0x10
[  136.254955][ T5848]  ? rcu_is_watching+0x12/0xc0
[  136.254988][ T5848]  ? __pfx_kthread+0x10/0x10
[  136.255038][ T5848]  ret_from_fork+0x5d7/0x6f0
[  136.255086][ T5848]  ? __pfx_kthread+0x10/0x10
[  136.255135][ T5848]  ret_from_fork_asm+0x1a/0x30
[  136.255195][ T5848]  </TASK>
[  136.255233][ T5848] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  136.526667][ T5848] Bluetooth: hci0: failed to register connection device
[  138.488057][ T6266] netlink: 'syz.2.68': attribute type 11 has an invalid length.
[  138.508764][ T6266] netlink: 'syz.2.68': attribute type 11 has an invalid length.
[  138.516493][ T6266] netlink: 'syz.2.68': attribute type 11 has an invalid length.
[  138.771826][ T6271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  138.950379][ T6271] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  138.992377][ T6271] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  139.077704][ T6271] page_type: f5(slab)
[  139.081790][ T6271] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[  139.100512][ T6271] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  139.109385][ T6271] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000
[  139.117769][ T6272] warning: `syz.3.69' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  139.130104][ T6271] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  139.138999][ T6271] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  139.147853][ T6271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  139.156855][ T6271] page dumped because: unmovable page
[  139.162508][ T6271] page_owner tracks the page as allocated
[  139.170580][ T6271] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1144, tgid 1144 (kworker/u8:5), ts 127531234110, free_ts 127350793704
[  139.191850][ T6271]  post_alloc_hook+0x1c0/0x230
[  139.197647][ T6271]  get_page_from_freelist+0x1321/0x3890
[  139.207150][ T6271]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  139.213301][ T6271]  alloc_pages_mpol+0x1fb/0x550
[  139.218278][ T6271]  new_slab+0x247/0x330
[  139.222485][ T6271]  ___slab_alloc+0xd1e/0x1780
[  139.227215][ T6271]  __slab_alloc.constprop.0+0x56/0xb0
[  139.232800][ T6271]  __kmalloc_node_track_caller_noprof+0x2ee/0x510
[  139.239435][ T6271]  kmalloc_reserve+0xef/0x2c0
[  139.247998][ T6271]  __alloc_skb+0x166/0x380
[  139.252479][ T6271]  nsim_dev_trap_report_work+0x2b1/0xcf0
[  139.266863][ T6271]  process_one_work+0x9cc/0x1b70
[  139.277046][ T6271]  worker_thread+0x6c8/0xf10
[  139.287225][ T6271]  kthread+0x3c5/0x780
[  139.297592][ T6271]  ret_from_fork+0x5d7/0x6f0
[  139.302254][ T6271]  ret_from_fork_asm+0x1a/0x30
[  139.317626][ T6271] page last free pid 6115 tgid 6114 stack trace:
[  139.324001][ T6271]  register_dummy_stack+0x89/0xd0
[  139.347813][ T6271]  init_page_owner+0x48/0x7e0
[  139.352566][ T6271]  page_ext_init+0x703/0xb00
[  139.357186][ T6271]  mm_core_init+0x13c/0x220
[  139.989965][ T6286] FAULT_INJECTION: forcing a failure.
[  139.989965][ T6286] name failslab, interval 1, probability 0, space 0, times 0
[  140.002733][ T6286] CPU: 1 UID: 0 PID: 6286 Comm: syz.0.71 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  140.002770][ T6286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.002786][ T6286] Call Trace:
[  140.002795][ T6286]  <TASK>
[  140.002805][ T6286]  dump_stack_lvl+0x16c/0x1f0
[  140.002841][ T6286]  should_fail_ex+0x512/0x640
[  140.002869][ T6286]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  140.002909][ T6286]  should_failslab+0xc2/0x120
[  140.002949][ T6286]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  140.002987][ T6286]  ? getname_flags.part.0+0x4c/0x550
[  140.003018][ T6286]  getname_flags.part.0+0x4c/0x550
[  140.003069][ T6286]  getname_flags+0x93/0xf0
[  140.003101][ T6286]  do_sys_openat2+0xb8/0x1d0
[  140.003128][ T6286]  ? __pfx_do_sys_openat2+0x10/0x10
[  140.003156][ T6286]  ? __sys_sendmsg+0x18c/0x220
[  140.003197][ T6286]  __x64_sys_openat+0x174/0x210
[  140.003227][ T6286]  ? __pfx___x64_sys_openat+0x10/0x10
[  140.003270][ T6286]  do_syscall_64+0xcd/0x490
[  140.003313][ T6286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.003343][ T6286] RIP: 0033:0x7fc4d118e9a9
[  140.003364][ T6286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.003389][ T6286] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  140.003413][ T6286] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  140.003430][ T6286] RDX: 0000000000080000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  140.003447][ T6286] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  140.003463][ T6286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.003478][ T6286] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  140.003510][ T6286]  </TASK>
[  140.470219][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  140.477867][ T5848] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  142.484873][ T6313] __vm_enough_memory: pid: 6313, comm: syz.1.73, bytes: 4398046511104 not enough memory for the allocation
[  143.266318][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  143.275913][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  144.389705][ T6336] svc: failed to register nfsdv3 RPC service (errno 111).
[  144.508944][ T6336] svc: failed to register nfsaclv3 RPC service (errno 512).
[  144.900876][ T6344] FAULT_INJECTION: forcing a failure.
[  144.900876][ T6344] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  144.914302][ T6344] CPU: 1 UID: 0 PID: 6344 Comm: syz.3.80 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  144.914348][ T6344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  144.914368][ T6344] Call Trace:
[  144.914379][ T6344]  <TASK>
[  144.914392][ T6344]  dump_stack_lvl+0x16c/0x1f0
[  144.914439][ T6344]  should_fail_ex+0x512/0x640
[  144.914479][ T6344]  _copy_from_user+0x2e/0xd0
[  144.914522][ T6344]  copy_msghdr_from_user+0x98/0x160
[  144.914564][ T6344]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  144.914627][ T6344]  ___sys_sendmsg+0xfe/0x1d0
[  144.914664][ T6344]  ? futex_private_hash_put+0x176/0x300
[  144.914707][ T6344]  ? __pfx____sys_sendmsg+0x10/0x10
[  144.914745][ T6344]  ? __lock_acquire+0x622/0x1c90
[  144.914840][ T6344]  __sys_sendmsg+0x16d/0x220
[  144.914883][ T6344]  ? __pfx___sys_sendmsg+0x10/0x10
[  144.914932][ T6344]  ? __x64_sys_futex+0x1e0/0x4c0
[  144.915000][ T6344]  do_syscall_64+0xcd/0x490
[  144.915045][ T6344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.915078][ T6344] RIP: 0033:0x7fe69798e9a9
[  144.915104][ T6344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  144.915136][ T6344] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  144.915168][ T6344] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  144.915190][ T6344] RDX: 0000000000000080 RSI: 0000200000003080 RDI: 0000000000000007
[  144.915210][ T6344] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  144.915230][ T6344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  144.915249][ T6344] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  144.915291][ T6344]  </TASK>
[  145.318824][ T5848] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  148.577013][ T6386] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input6
[  148.626882][ T6382] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  149.356222][ T6401] FAULT_INJECTION: forcing a failure.
[  149.356222][ T6401] name fail_futex, interval 1, probability 0, space 0, times 1
[  149.369341][ T6401] CPU: 0 UID: 0 PID: 6401 Comm: syz.1.91 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  149.369375][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.369389][ T6401] Call Trace:
[  149.369397][ T6401]  <TASK>
[  149.369405][ T6401]  dump_stack_lvl+0x16c/0x1f0
[  149.369439][ T6401]  should_fail_ex+0x512/0x640
[  149.369468][ T6401]  get_futex_key+0x1d0/0x1540
[  149.369500][ T6401]  ? __pfx_get_futex_key+0x10/0x10
[  149.369541][ T6401]  futex_wake+0xea/0x530
[  149.369587][ T6401]  ? __pfx_futex_wake+0x10/0x10
[  149.369625][ T6401]  ? errseq_sample+0x53/0x70
[  149.369654][ T6401]  ? file_init_path+0x4fe/0x760
[  149.369696][ T6401]  do_futex+0x1e3/0x350
[  149.369726][ T6401]  ? __pfx_do_futex+0x10/0x10
[  149.369756][ T6401]  ? fd_install+0x225/0x750
[  149.369789][ T6401]  __x64_sys_futex+0x1e0/0x4c0
[  149.369820][ T6401]  ? __sys_socket+0xac/0x260
[  149.369842][ T6401]  ? __pfx___x64_sys_futex+0x10/0x10
[  149.369873][ T6401]  ? xfd_validate_state+0x61/0x180
[  149.369906][ T6401]  ? __pfx_do_writev+0x10/0x10
[  149.369942][ T6401]  do_syscall_64+0xcd/0x490
[  149.369974][ T6401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.369998][ T6401] RIP: 0033:0x7f9e1a78e9a9
[  149.370016][ T6401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.370038][ T6401] RSP: 002b:00007f9e1b69f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  149.370060][ T6401] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa8 RCX: 00007f9e1a78e9a9
[  149.370075][ T6401] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9e1a9b5fac
[  149.370090][ T6401] RBP: 00007f9e1a9b5fa0 R08: 00007f9e1b6a0000 R09: 0000000000000000
[  149.370104][ T6401] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f9e1a9b5fac
[  149.370118][ T6401] R13: 0000000000000000 R14: 00007ffffcdf7f80 R15: 00007ffffcdf8068
[  149.370147][ T6401]  </TASK>
[  149.574171][ T5158] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  149.581954][ T5158] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  149.591474][ T5158] CPU: 0 UID: 0 PID: 5158 Comm: kworker/u9:1 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  149.591520][ T5158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  149.591536][ T5158] Workqueue: hci1 hci_rx_work
[  149.591563][ T5158] Call Trace:
[  149.591573][ T5158]  <TASK>
[  149.591582][ T5158]  dump_stack_lvl+0x16c/0x1f0
[  149.591612][ T5158]  sysfs_warn_dup+0x7f/0xa0
[  149.591643][ T5158]  sysfs_create_dir_ns+0x24b/0x2b0
[  149.591673][ T5158]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  149.591703][ T5158]  ? find_held_lock+0x2b/0x80
[  149.591730][ T5158]  ? do_raw_spin_unlock+0x172/0x230
[  149.591768][ T5158]  kobject_add_internal+0x2c4/0x9b0
[  149.591805][ T5158]  kobject_add+0x16e/0x240
[  149.591835][ T5158]  ? __pfx_kobject_add+0x10/0x10
[  149.591869][ T5158]  ? do_raw_spin_unlock+0x172/0x230
[  149.591905][ T5158]  ? kobject_put+0xab/0x5a0
[  149.591942][ T5158]  device_add+0x288/0x1a70
[  149.591969][ T5158]  ? __pfx_dev_set_name+0x10/0x10
[  149.591999][ T5158]  ? __pfx_device_add+0x10/0x10
[  149.592025][ T5158]  ? mgmt_send_event_skb+0x2fb/0x460
[  149.592056][ T5158]  hci_conn_add_sysfs+0x17e/0x230
[  149.592084][ T5158]  le_conn_complete_evt+0x1075/0x1d70
[  149.592130][ T5158]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  149.592187][ T5158]  ? bt_warn+0xe4/0x120
[  149.592222][ T5158]  ? __pfx_bt_warn+0x10/0x10
[  149.592273][ T5158]  hci_le_conn_complete_evt+0x23c/0x370
[  149.592303][ T5158]  hci_le_meta_evt+0x357/0x5e0
[  149.592328][ T5158]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  149.592373][ T5158]  hci_event_packet+0x682/0x11c0
[  149.592396][ T5158]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  149.592423][ T5158]  ? __pfx_hci_event_packet+0x10/0x10
[  149.592449][ T5158]  ? kcov_remote_start+0x3c9/0x6d0
[  149.592498][ T5158]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.592531][ T5158]  hci_rx_work+0x2c5/0x16b0
[  149.592563][ T5158]  ? rcu_is_watching+0x12/0xc0
[  149.592591][ T5158]  process_one_work+0x9cc/0x1b70
[  149.592639][ T5158]  ? __pfx_process_one_work+0x10/0x10
[  149.592683][ T5158]  ? assign_work+0x1a0/0x250
[  149.592718][ T5158]  worker_thread+0x6c8/0xf10
[  149.592762][ T5158]  ? __kthread_parkme+0x19e/0x250
[  149.592791][ T5158]  ? __pfx_worker_thread+0x10/0x10
[  149.592826][ T5158]  kthread+0x3c5/0x780
[  149.592859][ T5158]  ? __pfx_kthread+0x10/0x10
[  149.592913][ T5158]  ? rcu_is_watching+0x12/0xc0
[  149.592950][ T5158]  ? __pfx_kthread+0x10/0x10
[  149.592984][ T5158]  ret_from_fork+0x5d7/0x6f0
[  149.593018][ T5158]  ? __pfx_kthread+0x10/0x10
[  149.593051][ T5158]  ret_from_fork_asm+0x1a/0x30
[  149.593109][ T5158]  </TASK>
[  149.593139][ T5158] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  149.860189][ T5158] Bluetooth: hci1: failed to register connection device
[  150.255121][ T6406] netlink: 28 bytes leftover after parsing attributes in process `syz.0.92'.
[  155.411550][ T6453] netlink: 342 bytes leftover after parsing attributes in process `syz.0.100'.
[  155.476162][ T6453] netlink: 342 bytes leftover after parsing attributes in process `syz.0.100'.
[  155.486831][ T6453] netlink: 342 bytes leftover after parsing attributes in process `syz.0.100'.
[  155.543613][ T6452] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  155.779641][ T6452] CIFS mount error: No usable UNC path provided in device string!
[  155.779641][ T6452] 
[  155.790431][ T6452] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  155.844571][ T6457] FAULT_INJECTION: forcing a failure.
[  155.844571][ T6457] name failslab, interval 1, probability 0, space 0, times 0
[  155.918788][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.3.102 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  155.918823][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  155.918836][ T6457] Call Trace:
[  155.918843][ T6457]  <TASK>
[  155.918852][ T6457]  dump_stack_lvl+0x16c/0x1f0
[  155.918887][ T6457]  should_fail_ex+0x512/0x640
[  155.918912][ T6457]  ? __kmalloc_noprof+0xbf/0x510
[  155.918947][ T6457]  ? __register_sysctl_table+0xb3/0x1900
[  155.918995][ T6457]  should_failslab+0xc2/0x120
[  155.919035][ T6457]  __kmalloc_noprof+0xd2/0x510
[  155.919074][ T6457]  __register_sysctl_table+0xb3/0x1900
[  155.919113][ T6457]  ? is_module_address+0x5f/0xf0
[  155.919152][ T6457]  ? __pfx___register_sysctl_table+0x10/0x10
[  155.919189][ T6457]  ? is_module_address+0x69/0xf0
[  155.919221][ T6457]  ? register_net_sysctl_sz+0x228/0x3e0
[  155.919255][ T6457]  ? __asan_memcpy+0x3c/0x60
[  155.919284][ T6457]  ? __pfx_unix_net_init+0x10/0x10
[  155.919308][ T6457]  unix_sysctl_register+0x8e/0x170
[  155.919344][ T6457]  unix_net_init+0x54/0x350
[  155.919369][ T6457]  ? __pfx_unix_net_init+0x10/0x10
[  155.919392][ T6457]  ops_init+0x1e2/0x5f0
[  155.919426][ T6457]  setup_net+0x10f/0x380
[  155.919455][ T6457]  ? lockdep_init_map_type+0x5c/0x280
[  155.919488][ T6457]  ? __pfx_setup_net+0x10/0x10
[  155.919520][ T6457]  ? debug_mutex_init+0x37/0x70
[  155.919546][ T6457]  copy_net_ns+0x2a6/0x5f0
[  155.919583][ T6457]  create_new_namespaces+0x3ea/0xa90
[  155.919617][ T6457]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  155.919646][ T6457]  ksys_unshare+0x45b/0xa40
[  155.919679][ T6457]  ? __pfx_ksys_unshare+0x10/0x10
[  155.919711][ T6457]  ? xfd_validate_state+0x61/0x180
[  155.919757][ T6457]  __x64_sys_unshare+0x31/0x40
[  155.919788][ T6457]  do_syscall_64+0xcd/0x490
[  155.919820][ T6457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.919843][ T6457] RIP: 0033:0x7fe69798e9a9
[  155.919862][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.919884][ T6457] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  155.919906][ T6457] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  155.919922][ T6457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  155.919935][ T6457] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  155.919949][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.919963][ T6457] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  155.919997][ T6457]  </TASK>
[  156.556161][ T6467] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input8
[  162.372131][ T6543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.115'.
[  164.939229][ T6564] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  165.077693][ T6586] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input10
[  169.871991][ T6654] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input11
[  170.176669][ T6654] usb usb24: usbfs: process 6654 (syz.3.128) did not claim interface 0 before use
[  173.562205][ T6713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.137'.
[  175.657639][ T6708] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  177.895126][ T6759] netlink: 4 bytes leftover after parsing attributes in process `syz.3.146'.
[  178.067369][ T6754] sysfs_service_op_show: Client not running :-5:
[  180.170543][ T6783] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  182.523967][ T6788] netlink: 28 bytes leftover after parsing attributes in process `syz.0.151'.
[  182.572936][ T6788] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  182.584250][ T6788] batman_adv: batadv0: Removing interface: batadv_slave_0
[  182.615301][ T6788] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  182.647726][ T6788] batman_adv: batadv0: Removing interface: batadv_slave_1
[  182.661118][ T6805] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input13
[  183.225190][ T6812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.156'.
[  183.531602][ T6820] vivid-007: =================  START STATUS  =================
[  183.542642][ T6820] vivid-007: Generate PTS: true
[  183.571915][ T6820] vivid-007: Generate SCR: true
[  183.577140][ T6820] tpg source WxH: 320x240 (Y'CbCr)
[  183.582607][ T6820] tpg field: 1
[  183.586105][ T6820] tpg crop: (0,0)/320x240
[  183.590539][ T6820] tpg compose: (0,0)/320x240
[  183.595215][ T6820] tpg colorspace: 8
[  183.599165][ T6820] tpg transfer function: 0/0
[  183.604100][ T6820] tpg Y'CbCr encoding: 0/0
[  183.610263][ T6820] tpg quantization: 0/0
[  183.614460][ T6820] tpg RGB range: 0/2
[  183.635665][ T6820] vivid-007: ==================  END STATUS  ==================
[  184.702250][ T6828] netlink: 330 bytes leftover after parsing attributes in process `syz.3.158'.
[  184.837894][ T6828] �: renamed from hsr0 (while UP)
[  187.894317][ T6845] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[  187.941794][ T6845] File: /dev/ram7 PID: 6845 Comm: syz.3.162
[  188.702934][ T6865] mmap: syz.1.165 (6865) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  189.440781][ T6869] CIFS: VFS: Unsupported security flags: 0x10
[  189.491480][ T6869] netlink: 28 bytes leftover after parsing attributes in process `syz.2.166'.
[  189.511075][ T6869] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.528574][ T6869] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.623713][ T6869] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.709002][ T6869] batman_adv: batadv0: Removing interface: batadv_slave_1
[  193.797870][ T6920] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input15
[  195.845822][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  195.853337][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.879509][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  195.886284][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.906782][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  195.913463][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  195.941391][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  195.953375][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  197.490691][ T6956] random: crng reseeded on system resumption
[  198.993990][   T30] audit: type=1326 audit(1753915797.815:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6968 comm="syz.2.183" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ae158e9a9 code=0x0
[  199.765295][ T5848] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  199.773768][ T5848] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  199.786228][ T5848] CPU: 1 UID: 0 PID: 5848 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  199.786273][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  199.786297][ T5848] Workqueue: hci2 hci_rx_work
[  199.786335][ T5848] Call Trace:
[  199.786346][ T5848]  <TASK>
[  199.786358][ T5848]  dump_stack_lvl+0x16c/0x1f0
[  199.786404][ T5848]  sysfs_warn_dup+0x7f/0xa0
[  199.786447][ T5848]  sysfs_create_dir_ns+0x24b/0x2b0
[  199.786491][ T5848]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  199.786531][ T5848]  ? find_held_lock+0x2b/0x80
[  199.786571][ T5848]  ? do_raw_spin_unlock+0x172/0x230
[  199.786626][ T5848]  kobject_add_internal+0x2c4/0x9b0
[  199.786679][ T5848]  kobject_add+0x16e/0x240
[  199.786724][ T5848]  ? __pfx_kobject_add+0x10/0x10
[  199.786773][ T5848]  ? do_raw_spin_unlock+0x172/0x230
[  199.786826][ T5848]  ? kobject_put+0xab/0x5a0
[  199.786879][ T5848]  device_add+0x288/0x1a70
[  199.786918][ T5848]  ? __pfx_dev_set_name+0x10/0x10
[  199.786961][ T5848]  ? __pfx_device_add+0x10/0x10
[  199.786999][ T5848]  ? mgmt_send_event_skb+0x2fb/0x460
[  199.787052][ T5848]  hci_conn_add_sysfs+0x17e/0x230
[  199.787092][ T5848]  le_conn_complete_evt+0x1075/0x1d70
[  199.787158][ T5848]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  199.787213][ T5848]  ? bt_warn+0xe4/0x120
[  199.787261][ T5848]  ? __pfx_bt_warn+0x10/0x10
[  199.787322][ T5848]  hci_le_conn_complete_evt+0x23c/0x370
[  199.787366][ T5848]  hci_le_meta_evt+0x357/0x5e0
[  199.787401][ T5848]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  199.787467][ T5848]  hci_event_packet+0x682/0x11c0
[  199.787499][ T5848]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  199.787537][ T5848]  ? __pfx_hci_event_packet+0x10/0x10
[  199.787573][ T5848]  ? kcov_remote_start+0x3c9/0x6d0
[  199.787622][ T5848]  ? lockdep_hardirqs_on+0x7c/0x110
[  199.787670][ T5848]  hci_rx_work+0x2c5/0x16b0
[  199.787708][ T5848]  ? rcu_is_watching+0x12/0xc0
[  199.787748][ T5848]  process_one_work+0x9cc/0x1b70
[  199.787816][ T5848]  ? __pfx_process_one_work+0x10/0x10
[  199.787880][ T5848]  ? assign_work+0x1a0/0x250
[  199.787932][ T5848]  worker_thread+0x6c8/0xf10
[  199.787996][ T5848]  ? __kthread_parkme+0x19e/0x250
[  199.788050][ T5848]  ? __pfx_worker_thread+0x10/0x10
[  199.788103][ T5848]  kthread+0x3c5/0x780
[  199.788151][ T5848]  ? __pfx_kthread+0x10/0x10
[  199.788201][ T5848]  ? rcu_is_watching+0x12/0xc0
[  199.788234][ T5848]  ? __pfx_kthread+0x10/0x10
[  199.788280][ T5848]  ret_from_fork+0x5d7/0x6f0
[  199.788331][ T5848]  ? __pfx_kthread+0x10/0x10
[  199.788379][ T5848]  ret_from_fork_asm+0x1a/0x30
[  199.788441][ T5848]  </TASK>
[  200.041637][ T5848] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  200.055759][ T5848] Bluetooth: hci2: failed to register connection device
[  200.068384][ T6981] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input16
[  200.147655][ T6984] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  201.566968][ T7016] netlink: 354 bytes leftover after parsing attributes in process `syz.0.192'.
[  202.849016][ T7031] random: crng reseeded on system resumption
[  204.692084][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  204.704454][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  204.964666][ T7052] netlink: 28 bytes leftover after parsing attributes in process `syz.0.199'.
[  204.976334][ T7052] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.359281][ T7052] bridge_slave_1 (unregistering): left allmulticast mode
[  205.366485][ T7052] bridge_slave_1 (unregistering): left promiscuous mode
[  205.375161][ T7052] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.649037][ T5158] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  206.656510][ T5158] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  207.550960][ T7066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.201'.
[  208.421537][ T7089] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17
[  211.161807][ T7118] CIFS: VFS: Unsupported security flags: 0x10
[  211.283932][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.0.209'.
[  211.401821][ T7120] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input18
[  213.009050][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  213.016498][ T5848] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  214.260149][ T5848] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  215.979533][   T30] audit: type=1326 audit(1753915814.805:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7187 comm="syz.1.223" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9e1a78e9a9 code=0x0
[  216.028954][ T7189] FAULT_INJECTION: forcing a failure.
[  216.028954][ T7189] name failslab, interval 1, probability 0, space 0, times 0
[  216.067663][ T7189] CPU: 1 UID: 0 PID: 7189 Comm: syz.1.223 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  216.067711][ T7189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.067732][ T7189] Call Trace:
[  216.067740][ T7189]  <TASK>
[  216.067749][ T7189]  dump_stack_lvl+0x16c/0x1f0
[  216.067784][ T7189]  should_fail_ex+0x512/0x640
[  216.067808][ T7189]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  216.067843][ T7189]  should_failslab+0xc2/0x120
[  216.067880][ T7189]  __kmalloc_cache_noprof+0x6a/0x3e0
[  216.067909][ T7189]  ? snd_seq_prioq_new+0x3f/0x110
[  216.067937][ T7189]  snd_seq_prioq_new+0x3f/0x110
[  216.067960][ T7189]  snd_seq_queue_alloc+0x12b/0x550
[  216.068002][ T7189]  snd_seq_ioctl_create_queue+0xa9/0x380
[  216.068033][ T7189]  snd_seq_kernel_client_ctl+0x107/0x1c0
[  216.068069][ T7189]  alloc_seq_queue+0xda/0x180
[  216.068101][ T7189]  ? __pfx_alloc_seq_queue+0x10/0x10
[  216.068149][ T7189]  ? mark_held_locks+0x49/0x80
[  216.068180][ T7189]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.068208][ T7189]  snd_seq_oss_open+0x38c/0xa20
[  216.068249][ T7189]  odev_open+0x6f/0x90
[  216.068276][ T7189]  ? __pfx_odev_open+0x10/0x10
[  216.068304][ T7189]  soundcore_open+0x409/0x580
[  216.068335][ T7189]  ? __pfx_soundcore_open+0x10/0x10
[  216.068364][ T7189]  chrdev_open+0x234/0x6a0
[  216.068397][ T7189]  ? __pfx_apparmor_file_open+0x10/0x10
[  216.068426][ T7189]  ? __pfx_chrdev_open+0x10/0x10
[  216.068462][ T7189]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  216.068498][ T7189]  do_dentry_open+0x744/0x1c10
[  216.068531][ T7189]  ? __pfx_chrdev_open+0x10/0x10
[  216.068570][ T7189]  vfs_open+0x82/0x3f0
[  216.068595][ T7189]  path_openat+0x1de4/0x2cb0
[  216.068641][ T7189]  ? __pfx_path_openat+0x10/0x10
[  216.068675][ T7189]  ? __lock_acquire+0xb8a/0x1c90
[  216.068709][ T7189]  do_filp_open+0x20b/0x470
[  216.068741][ T7189]  ? __pfx_do_filp_open+0x10/0x10
[  216.068794][ T7189]  ? alloc_fd+0x471/0x7d0
[  216.068831][ T7189]  do_sys_openat2+0x11b/0x1d0
[  216.068854][ T7189]  ? __pfx_do_sys_openat2+0x10/0x10
[  216.068876][ T7189]  ? find_held_lock+0x2b/0x80
[  216.068899][ T7189]  ? handle_mm_fault+0x2ab/0xd10
[  216.068934][ T7189]  __x64_sys_openat+0x174/0x210
[  216.068959][ T7189]  ? __pfx___x64_sys_openat+0x10/0x10
[  216.068995][ T7189]  do_syscall_64+0xcd/0x490
[  216.069027][ T7189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.069051][ T7189] RIP: 0033:0x7f9e1a78e9a9
[  216.069070][ T7189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.069093][ T7189] RSP: 002b:00007f9e1b67e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  216.069115][ T7189] RAX: ffffffffffffffda RBX: 00007f9e1a9b6080 RCX: 00007f9e1a78e9a9
[  216.069130][ T7189] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  216.069145][ T7189] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  216.069159][ T7189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  216.069172][ T7189] R13: 0000000000000000 R14: 00007f9e1a9b6080 R15: 00007ffffcdf8068
[  216.069202][ T7189]  </TASK>
[  216.418687][ T7190] bond0: option all_slaves_active: invalid value (
)
[  217.440497][ T5848] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  217.449020][ T5848] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  218.962690][ T7214] zswap: compressor  not available
[  220.030104][ T7248] zswap: compressor  not available
[  221.308517][ T7267] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  222.184987][ T7271] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  223.737832][ T7297] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input21
[  225.737056][ T7314] : Can't lookup blockdev
[  226.248951][ T7335] FAULT_INJECTION: forcing a failure.
[  226.248951][ T7335] name failslab, interval 1, probability 0, space 0, times 0
[  226.261705][ T7335] CPU: 0 UID: 0 PID: 7335 Comm: syz.1.249 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  226.261748][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  226.261762][ T7335] Call Trace:
[  226.261771][ T7335]  <TASK>
[  226.261780][ T7335]  dump_stack_lvl+0x16c/0x1f0
[  226.261815][ T7335]  should_fail_ex+0x512/0x640
[  226.261840][ T7335]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  226.261877][ T7335]  should_failslab+0xc2/0x120
[  226.261913][ T7335]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  226.261946][ T7335]  ? lockdep_init_map_type+0x5c/0x280
[  226.261979][ T7335]  ? __d_alloc+0x32/0xae0
[  226.262015][ T7335]  __d_alloc+0x32/0xae0
[  226.262050][ T7335]  d_alloc_pseudo+0x1c/0xc0
[  226.262072][ T7335]  alloc_file_pseudo+0xcf/0x230
[  226.262096][ T7335]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  226.262127][ T7335]  ? alloc_fd+0x471/0x7d0
[  226.262160][ T7335]  sock_alloc_file+0x50/0x210
[  226.262193][ T7335]  __sys_socket+0x1c0/0x260
[  226.262215][ T7335]  ? __pfx___sys_socket+0x10/0x10
[  226.262236][ T7335]  ? xfd_validate_state+0x61/0x180
[  226.262269][ T7335]  ? __pfx___do_sys_prctl+0x10/0x10
[  226.262314][ T7335]  __x64_sys_socket+0x72/0xb0
[  226.262334][ T7335]  ? lockdep_hardirqs_on+0x7c/0x110
[  226.262362][ T7335]  do_syscall_64+0xcd/0x490
[  226.262394][ T7335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.262418][ T7335] RIP: 0033:0x7f9e1a78e9a9
[  226.262436][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.262459][ T7335] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  226.262481][ T7335] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  226.262497][ T7335] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  226.262510][ T7335] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  226.262524][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.262538][ T7335] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  226.262567][ T7335]  </TASK>
[  226.726565][ T5158] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  226.777777][ T5158] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  231.300156][ T7404] random: crng reseeded on system resumption
[  231.430692][ T7406] openvswitch: netlink: IPv4 tunnel dst address is zero
[  231.712911][ T7409] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  232.748770][ T7411] syz.3.262 (7411) used greatest stack depth: 18696 bytes left
[  232.979480][ T7419] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  233.254199][ T7419] svc: failed to register nfsdv3 RPC service (errno 111).
[  233.309435][ T7419] svc: failed to register nfsaclv3 RPC service (errno 111).
[  234.189562][ T7442] openvswitch: netlink: IPv4 tunnel dst address is zero
[  234.448280][ T7446] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  235.234372][ T7449] sd 0:0:1:0: PR command failed: 1026
[  235.440316][ T7449] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  235.447143][ T7449] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  237.937182][ T7482] random: crng reseeded on system resumption
[  239.286187][ T7488] __vm_enough_memory: pid: 7488, comm: syz.2.276, bytes: 4398046511104 not enough memory for the allocation
[  239.928125][ T7509] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input22
[  242.938122][ T7547] netlink: 8 bytes leftover after parsing attributes in process `syz.2.286'.
[  243.385357][ T7561] netlink: 28 bytes leftover after parsing attributes in process `syz.1.287'.
[  243.446528][ T7561] ipvlan0: entered allmulticast mode
[  243.471921][ T7561] veth0_vlan: entered allmulticast mode
[  244.294132][ T7570] ptp ptp0: new virtual clock ptp1
[  244.434489][ T7570] ptp ptp0: new virtual clock ptp2
[  244.452903][ T7570] ptp ptp0: new virtual clock ptp3
[  244.471168][ T7570] ptp ptp0: guarantee physical clock free running
[  244.720329][ T7582] FAULT_INJECTION: forcing a failure.
[  244.720329][ T7582] name failslab, interval 1, probability 0, space 0, times 0
[  244.757810][ T7582] CPU: 0 UID: 0 PID: 7582 Comm: syz.1.291 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  244.757856][ T7582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.757877][ T7582] Call Trace:
[  244.757887][ T7582]  <TASK>
[  244.757900][ T7582]  dump_stack_lvl+0x16c/0x1f0
[  244.757948][ T7582]  should_fail_ex+0x512/0x640
[  244.757982][ T7582]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  244.758029][ T7582]  should_failslab+0xc2/0x120
[  244.758081][ T7582]  __kmalloc_cache_noprof+0x6a/0x3e0
[  244.758123][ T7582]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  244.758175][ T7582]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  244.758237][ T7582]  devlink_fmsg_u8_pair_put+0x270/0x2f0
[  244.758285][ T7582]  ? __pfx_devlink_fmsg_u8_pair_put+0x10/0x10
[  244.758333][ T7582]  ? __kasan_kmalloc+0x20/0xb0
[  244.758377][ T7582]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  244.758429][ T7582]  nsim_dev_dummy_fmsg_put+0xf8/0x1e0
[  244.758484][ T7582]  devlink_health_do_dump+0x240/0x620
[  244.758538][ T7582]  devlink_health_report+0x3c9/0x9c0
[  244.758594][ T7582]  ? __pfx_devlink_health_report+0x10/0x10
[  244.758643][ T7582]  ? _copy_from_user+0x59/0xd0
[  244.758689][ T7582]  nsim_dev_health_break_write+0x166/0x210
[  244.758741][ T7582]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  244.758808][ T7582]  full_proxy_write+0x131/0x1a0
[  244.758860][ T7582]  ? __pfx_full_proxy_write+0x10/0x10
[  244.758907][ T7582]  vfs_write+0x2a0/0x1150
[  244.758958][ T7582]  ? __pfx___mutex_lock+0x10/0x10
[  244.759002][ T7582]  ? __pfx_vfs_write+0x10/0x10
[  244.759057][ T7582]  ? __fget_files+0x20e/0x3c0
[  244.759119][ T7582]  ksys_write+0x12a/0x250
[  244.759161][ T7582]  ? __pfx_ksys_write+0x10/0x10
[  244.759223][ T7582]  do_syscall_64+0xcd/0x490
[  244.759268][ T7582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.759302][ T7582] RIP: 0033:0x7f9e1a78e9a9
[  244.759329][ T7582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.759361][ T7582] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  244.759391][ T7582] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  244.759413][ T7582] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000006
[  244.759432][ T7582] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  244.759451][ T7582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  244.759470][ T7582] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  244.759514][ T7582]  </TASK>
[  246.956116][ T7613] FAULT_INJECTION: forcing a failure.
[  246.956116][ T7613] name failslab, interval 1, probability 0, space 0, times 0
[  247.037674][ T7613] CPU: 0 UID: 0 PID: 7613 Comm: syz.0.298 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  247.037722][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  247.037741][ T7613] Call Trace:
[  247.037752][ T7613]  <TASK>
[  247.037764][ T7613]  dump_stack_lvl+0x16c/0x1f0
[  247.037811][ T7613]  should_fail_ex+0x512/0x640
[  247.037846][ T7613]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  247.037898][ T7613]  should_failslab+0xc2/0x120
[  247.037947][ T7613]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  247.038017][ T7613]  ? lockdep_init_map_type+0x5c/0x280
[  247.038062][ T7613]  ? __d_alloc+0x32/0xae0
[  247.038114][ T7613]  __d_alloc+0x32/0xae0
[  247.038164][ T7613]  d_alloc_pseudo+0x1c/0xc0
[  247.038197][ T7613]  alloc_file_pseudo+0xcf/0x230
[  247.038230][ T7613]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  247.038263][ T7613]  ? alloc_fd+0x471/0x7d0
[  247.038309][ T7613]  sock_alloc_file+0x50/0x210
[  247.038357][ T7613]  __sys_socket+0x1c0/0x260
[  247.038388][ T7613]  ? __pfx___sys_socket+0x10/0x10
[  247.038418][ T7613]  ? xfd_validate_state+0x61/0x180
[  247.038464][ T7613]  ? __pfx___do_sys_prctl+0x10/0x10
[  247.038522][ T7613]  __x64_sys_socket+0x72/0xb0
[  247.038549][ T7613]  ? lockdep_hardirqs_on+0x7c/0x110
[  247.038588][ T7613]  do_syscall_64+0xcd/0x490
[  247.038631][ T7613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.038665][ T7613] RIP: 0033:0x7fc4d118e9a9
[  247.038691][ T7613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.038723][ T7613] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  247.038755][ T7613] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  247.038777][ T7613] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  247.038797][ T7613] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  247.038818][ T7613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  247.038838][ T7613] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  247.038880][ T7613]  </TASK>
[  247.058183][ T7614] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  247.375388][ T5158] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  247.383290][ T5158] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  247.568235][ T7611] ubi0: attaching mtd0
[  247.626036][ T7611] ubi0: scanning is finished
[  247.630949][ T7611] ubi0: empty MTD device detected
[  247.636155][ T7611] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  247.806587][ T7611] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  249.623951][ T7648] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  249.696408][ T7648] svc: failed to register nfsdv3 RPC service (errno 111).
[  249.705333][ T7648] svc: failed to register nfsaclv3 RPC service (errno 111).
[  253.337424][ T7691] netlink: 28 bytes leftover after parsing attributes in process `syz.0.312'.
[  253.896521][ T7696] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input23
[  258.314552][ T7754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.323'.
[  259.075589][ T7766] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input24
[  260.045295][ T7788] random: crng reseeded on system resumption
[  263.406496][ T7832] random: crng reseeded on system resumption
[  265.216863][ T7854] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input25
[  266.130718][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  266.137195][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  266.985041][ T7885] FAULT_INJECTION: forcing a failure.
[  266.985041][ T7885] name failslab, interval 1, probability 0, space 0, times 0
[  267.049218][ T7885] CPU: 0 UID: 0 PID: 7885 Comm: syz.0.347 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  267.049263][ T7885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  267.049283][ T7885] Call Trace:
[  267.049293][ T7885]  <TASK>
[  267.049313][ T7885]  dump_stack_lvl+0x16c/0x1f0
[  267.049360][ T7885]  should_fail_ex+0x512/0x640
[  267.049395][ T7885]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  267.049449][ T7885]  should_failslab+0xc2/0x120
[  267.049502][ T7885]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  267.049550][ T7885]  ? lockdep_init_map_type+0x5c/0x280
[  267.049597][ T7885]  ? __d_alloc+0x32/0xae0
[  267.049650][ T7885]  __d_alloc+0x32/0xae0
[  267.049702][ T7885]  d_alloc_pseudo+0x1c/0xc0
[  267.049735][ T7885]  alloc_file_pseudo+0xcf/0x230
[  267.049770][ T7885]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  267.049804][ T7885]  ? alloc_fd+0x471/0x7d0
[  267.049851][ T7885]  sock_alloc_file+0x50/0x210
[  267.049898][ T7885]  __sys_socket+0x1c0/0x260
[  267.049930][ T7885]  ? __pfx___sys_socket+0x10/0x10
[  267.049960][ T7885]  ? xfd_validate_state+0x61/0x180
[  267.050008][ T7885]  ? __pfx___do_sys_prctl+0x10/0x10
[  267.050070][ T7885]  __x64_sys_socket+0x72/0xb0
[  267.050099][ T7885]  ? lockdep_hardirqs_on+0x7c/0x110
[  267.050140][ T7885]  do_syscall_64+0xcd/0x490
[  267.050185][ T7885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.050220][ T7885] RIP: 0033:0x7fc4d118e9a9
[  267.050246][ T7885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.050279][ T7885] RSP: 002b:00007fc4d206d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  267.050318][ T7885] RAX: ffffffffffffffda RBX: 00007fc4d13b5fa0 RCX: 00007fc4d118e9a9
[  267.050340][ T7885] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  267.050361][ T7885] RBP: 00007fc4d1210d69 R08: 0000000000000000 R09: 0000000000000000
[  267.050381][ T7885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  267.050401][ T7885] R13: 0000000000000000 R14: 00007fc4d13b5fa0 R15: 00007ffd0171c808
[  267.050444][ T7885]  </TASK>
[  267.559649][ T5848] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  267.567160][ T5848] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  269.713951][ T7918] FAULT_INJECTION: forcing a failure.
[  269.713951][ T7918] name failslab, interval 1, probability 0, space 0, times 0
[  269.742549][ T7918] CPU: 1 UID: 0 PID: 7918 Comm: syz.1.353 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  269.742596][ T7918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  269.742617][ T7918] Call Trace:
[  269.742627][ T7918]  <TASK>
[  269.742640][ T7918]  dump_stack_lvl+0x16c/0x1f0
[  269.742688][ T7918]  should_fail_ex+0x512/0x640
[  269.742723][ T7918]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  269.742779][ T7918]  should_failslab+0xc2/0x120
[  269.742832][ T7918]  __kmalloc_cache_noprof+0x6a/0x3e0
[  269.742874][ T7918]  ? seg6_net_init+0x49/0x1c0
[  269.742926][ T7918]  ? __pfx_seg6_net_init+0x10/0x10
[  269.742976][ T7918]  seg6_net_init+0x49/0x1c0
[  269.743043][ T7918]  ops_init+0x1e2/0x5f0
[  269.743092][ T7918]  setup_net+0x10f/0x380
[  269.743131][ T7918]  ? lockdep_init_map_type+0x5c/0x280
[  269.743180][ T7918]  ? __pfx_setup_net+0x10/0x10
[  269.743226][ T7918]  ? debug_mutex_init+0x37/0x70
[  269.743263][ T7918]  copy_net_ns+0x2a6/0x5f0
[  269.743322][ T7918]  create_new_namespaces+0x3ea/0xa90
[  269.743371][ T7918]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  269.743413][ T7918]  ksys_unshare+0x45b/0xa40
[  269.743459][ T7918]  ? __pfx_ksys_unshare+0x10/0x10
[  269.743511][ T7918]  ? xfd_validate_state+0x61/0x180
[  269.743572][ T7918]  __x64_sys_unshare+0x31/0x40
[  269.743618][ T7918]  do_syscall_64+0xcd/0x490
[  269.743665][ T7918]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.743699][ T7918] RIP: 0033:0x7f9e1a78e9a9
[  269.743726][ T7918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.743759][ T7918] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  269.743790][ T7918] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  269.743812][ T7918] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  269.743833][ T7918] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  269.743852][ T7918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  269.743872][ T7918] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  269.743915][ T7918]  </TASK>
[  270.002823][ T7916] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  270.051475][ T7916] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  270.063180][ T7916] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  270.069847][ T7916] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  270.075964][ T7916] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  270.085807][ T7916] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  270.092461][ T7916] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  270.099331][ T7916] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  270.108710][ T7916] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  270.115182][ T7916] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  270.122047][ T7916] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  270.906103][ T7933] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input26
[  271.402418][ T7935] Unable to find swap-space signature
[  271.568568][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout
[  272.138221][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout
[  272.144330][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout
[  272.150557][ T5158] Bluetooth: hci2: command 0x0c1a tx timeout
[  273.339991][ T5158] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  273.649554][ T5158] Bluetooth: hci0: command 0x0c1a tx timeout
[  274.207659][ T5158] Bluetooth: hci1: command 0x0c1a tx timeout
[  274.213786][ T5158] Bluetooth: hci3: command 0x0c1a tx timeout
[  274.220207][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout
[  275.755340][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout
[  276.288889][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout
[  276.288932][ T5158] Bluetooth: hci1: command 0x0c1a tx timeout
[  280.103718][ T8027] random: crng reseeded on system resumption
[  281.475226][ T8057] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  281.870352][ T8057] svc: failed to register nfsdv3 RPC service (errno 111).
[  282.107757][ T8057] svc: failed to register nfsaclv3 RPC service (errno 111).
[  283.715043][ T8088] netlink: 16 bytes leftover after parsing attributes in process `syz.2.379'.
[  284.122267][ T8101] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5)
[  286.355467][ T8122] sysfs_service_op_show: Client not running :-5:
[  286.894722][ T8134] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81640379 (__mcheck_cpu_init_clear_banks+0x109/0x1f0)
[  286.910385][ T8134] Call Trace:
[  286.913712][ T8134]  <TASK>
[  286.916687][ T8134]  mce_cpu_restart+0x98/0xb0
[  286.921353][ T8134]  ? __pfx_mce_cpu_restart+0x10/0x10
[  286.926720][ T8134]  smp_call_function_many_cond+0x1227/0x1600
[  286.932759][ T8134]  ? __pfx_mce_cpu_restart+0x10/0x10
[  286.938106][ T8134]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  286.943967][ T8134]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  286.950337][ T8134]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  286.956362][ T8134]  ? __pfx_mce_cpu_restart+0x10/0x10
[  286.961705][ T8134]  on_each_cpu_cond_mask+0x40/0x90
[  286.966848][ T8134]  set_bank+0x240/0x3a0
[  286.971051][ T8134]  ? __pfx_set_bank+0x10/0x10
[  286.975790][ T8134]  ? find_held_lock+0x2b/0x80
[  286.980509][ T8134]  ? __pfx_set_bank+0x10/0x10
[  286.985223][ T8134]  dev_attr_store+0x58/0x80
[  286.989755][ T8134]  ? __pfx_dev_attr_store+0x10/0x10
[  286.994986][ T8134]  sysfs_kf_write+0xef/0x150
[  286.999617][ T8134]  kernfs_fop_write_iter+0x354/0x510
[  287.004931][ T8134]  ? __pfx_sysfs_kf_write+0x10/0x10
[  287.010187][ T8134]  vfs_write+0x6c4/0x1150
[  287.014572][ T8134]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  287.020414][ T8134]  ? __pfx___mutex_lock+0x10/0x10
[  287.025488][ T8134]  ? __pfx_vfs_write+0x10/0x10
[  287.030330][ T8134]  ksys_write+0x12a/0x250
[  287.034720][ T8134]  ? __pfx_ksys_write+0x10/0x10
[  287.039621][ T8134]  do_syscall_64+0xcd/0x490
[  287.044168][ T8134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.050089][ T8134] RIP: 0033:0x7f9e1a78e9a9
[  287.054530][ T8134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.074188][ T8134] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  287.082632][ T8134] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  287.090672][ T8134] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  287.098686][ T8134] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  287.106676][ T8134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  287.114678][ T8134] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  287.122700][ T8134]  </TASK>
[  287.274511][ T8134] program syz.1.386 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  287.339501][ T8138] ICMPv6: process `syz.2.388' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[  287.638838][ T8148] Unable to find swap-space signature
[  287.652508][ T8134] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  287.783083][ T8134] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  287.789789][ T8134] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  287.795970][ T8134] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  287.975777][ T8134] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  289.567655][ T5158] Bluetooth: hci0: command 0x0c1a tx timeout
[  289.807725][ T5158] Bluetooth: hci1: command 0x0c1a tx timeout
[  289.813822][ T5158] Bluetooth: hci2: command 0x0c1a tx timeout
[  290.047596][ T5158] Bluetooth: hci3: command 0x0c1a tx timeout
[  290.268387][ T5158] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  291.023824][ T8194] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input27
[  291.601052][ T8206] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5)
[  291.800847][ T8204] Invalid ELF header magic: != ELF
[  291.887848][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout
[  292.713833][ T8215] Unable to find swap-space signature
[  292.766540][ T8219] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input28
[  297.595643][ T8264] sysfs_service_op_show: Client not running :-5:
[  298.067510][ T8261] netlink: 330 bytes leftover after parsing attributes in process `syz.0.410'.
[  298.732559][ T8287] Unable to find swap-space signature
[  304.388080][ T8363] zram: Added device: zram1
[  304.607665][ T8369] ICMPv6: process `syz.1.433' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[  307.363621][ T8408] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  309.978476][ T8451] bridge0: port 3(team0) entered blocking state
[  309.985339][ T8451] bridge0: port 3(team0) entered disabled state
[  309.995771][ T8451] team0: entered allmulticast mode
[  310.017737][ T8451] team_slave_0: entered allmulticast mode
[  310.034689][ T8451] team_slave_1: entered allmulticast mode
[  310.072520][ T8451] team0: entered promiscuous mode
[  310.097578][ T8451] team_slave_0: entered promiscuous mode
[  310.110562][ T8451] team_slave_1: entered promiscuous mode
[  310.117380][ T8451] bridge0: port 3(team0) entered blocking state
[  310.123891][ T8451] bridge0: port 3(team0) entered forwarding state
[  310.561691][ T8455] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  310.561691][ T8455] The task syz.0.446 (8455) triggered the difference, watch for misbehavior.
[  310.617382][ T5158] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  314.026296][ T8512] netlink: 252 bytes leftover after parsing attributes in process `syz.3.459'.
[  314.072673][ T8512] netlink: 252 bytes leftover after parsing attributes in process `syz.3.459'.
[  315.266794][ T8537] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[  315.266794][ T8537]    program syz.3.463 not setting count and/or reply_len properly
[  318.985754][ T8563] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  319.587070][ T8579] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input29
[  320.752991][ T5158] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  321.243218][ T8607] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  323.077667][ T8639] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input30
[  324.768337][ T8663] bridge0: port 3(team0) entered blocking state
[  324.774878][ T8663] bridge0: port 3(team0) entered disabled state
[  324.845676][ T8663] team0: entered allmulticast mode
[  324.850986][ T8663] team_slave_0: entered allmulticast mode
[  324.856815][ T8663] team_slave_1: entered allmulticast mode
[  324.865660][ T8663] team0: entered promiscuous mode
[  324.927949][ T8663] team_slave_0: entered promiscuous mode
[  324.989505][ T8663] team_slave_1: entered promiscuous mode
[  325.008331][ T8663] bridge0: port 3(team0) entered blocking state
[  325.014864][ T8663] bridge0: port 3(team0) entered forwarding state
[  325.227664][ T5158] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  325.235687][ T5158] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  325.247748][ T5158] CPU: 1 UID: 0 PID: 5158 Comm: kworker/u9:1 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  325.247793][ T5158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  325.247815][ T5158] Workqueue: hci3 hci_rx_work
[  325.247856][ T5158] Call Trace:
[  325.247867][ T5158]  <TASK>
[  325.247879][ T5158]  dump_stack_lvl+0x16c/0x1f0
[  325.247923][ T5158]  sysfs_warn_dup+0x7f/0xa0
[  325.247969][ T5158]  sysfs_create_dir_ns+0x24b/0x2b0
[  325.248013][ T5158]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  325.248055][ T5158]  ? find_held_lock+0x2b/0x80
[  325.248096][ T5158]  ? do_raw_spin_unlock+0x172/0x230
[  325.248151][ T5158]  kobject_add_internal+0x2c4/0x9b0
[  325.248206][ T5158]  kobject_add+0x16e/0x240
[  325.248255][ T5158]  ? __pfx_kobject_add+0x10/0x10
[  325.248305][ T5158]  ? do_raw_spin_unlock+0x172/0x230
[  325.248358][ T5158]  ? kobject_put+0xab/0x5a0
[  325.248413][ T5158]  device_add+0x288/0x1a70
[  325.248462][ T5158]  ? __pfx_dev_set_name+0x10/0x10
[  325.248506][ T5158]  ? __pfx_device_add+0x10/0x10
[  325.248544][ T5158]  ? mgmt_send_event_skb+0x2fb/0x460
[  325.248589][ T5158]  hci_conn_add_sysfs+0x17e/0x230
[  325.248630][ T5158]  le_conn_complete_evt+0x1075/0x1d70
[  325.248696][ T5158]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  325.248751][ T5158]  ? bt_warn+0xe4/0x120
[  325.248800][ T5158]  ? __pfx_bt_warn+0x10/0x10
[  325.248860][ T5158]  hci_le_conn_complete_evt+0x23c/0x370
[  325.248902][ T5158]  hci_le_meta_evt+0x357/0x5e0
[  325.248937][ T5158]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  325.248997][ T5158]  hci_event_packet+0x682/0x11c0
[  325.249030][ T5158]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  325.249069][ T5158]  ? __pfx_hci_event_packet+0x10/0x10
[  325.249105][ T5158]  ? kcov_remote_start+0x3c9/0x6d0
[  325.249155][ T5158]  ? lockdep_hardirqs_on+0x7c/0x110
[  325.249203][ T5158]  hci_rx_work+0x2c5/0x16b0
[  325.249241][ T5158]  ? rcu_is_watching+0x12/0xc0
[  325.249274][ T5158]  process_one_work+0x9cc/0x1b70
[  325.249324][ T5158]  ? __pfx_process_one_work+0x10/0x10
[  325.249369][ T5158]  ? assign_work+0x1a0/0x250
[  325.249406][ T5158]  worker_thread+0x6c8/0xf10
[  325.249458][ T5158]  ? __kthread_parkme+0x19e/0x250
[  325.249489][ T5158]  ? __pfx_worker_thread+0x10/0x10
[  325.249526][ T5158]  kthread+0x3c5/0x780
[  325.249561][ T5158]  ? __pfx_kthread+0x10/0x10
[  325.249597][ T5158]  ? rcu_is_watching+0x12/0xc0
[  325.249621][ T5158]  ? __pfx_kthread+0x10/0x10
[  325.249656][ T5158]  ret_from_fork+0x5d7/0x6f0
[  325.249691][ T5158]  ? __pfx_kthread+0x10/0x10
[  325.249727][ T5158]  ret_from_fork_asm+0x1a/0x30
[  325.249769][ T5158]  </TASK>
[  325.249875][ T5158] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  325.521831][ T5158] Bluetooth: hci3: failed to register connection device
[  327.570950][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  327.667505][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  329.897033][ T8733] bridge0: port 3(team0) entered blocking state
[  330.008336][ T8733] bridge0: port 3(team0) entered disabled state
[  330.051874][ T8733] team0: entered allmulticast mode
[  330.057081][ T8733] team_slave_0: entered allmulticast mode
[  330.113025][ T8733] team_slave_1: entered allmulticast mode
[  330.123329][ T8733] team0: entered promiscuous mode
[  330.151379][ T8725] [U] 
[  330.154556][ T8725] [U] 
[  330.158886][ T8725] [U] 
[  330.161631][ T8725] [U] 
[  330.183788][ T8733] team_slave_0: entered promiscuous mode
[  330.191398][ T8733] team_slave_1: entered promiscuous mode
[  330.197994][ T8733] bridge0: port 3(team0) entered blocking state
[  330.204383][ T8733] bridge0: port 3(team0) entered forwarding state
[  330.211391][ T8725] [U] 
[  330.214122][ T8725] [U] 
[  330.216835][ T8725] [U] 
[  330.219591][ T8725] [U] 
[  330.360964][ T8725] [U] 
[  330.363766][ T8725] [U] 
[  330.366613][ T8725] [U] 
[  330.369380][ T8725] [U] 
[  330.636006][ T8725] [U] 
[  330.638810][ T8725] [U] 
[  330.641573][ T8725] [U] 
[  330.644338][ T8725] [U] 
[  330.720327][ T8725] [U] 
[  332.085611][ T8760] FAULT_INJECTION: forcing a failure.
[  332.085611][ T8760] name failslab, interval 1, probability 0, space 0, times 0
[  332.139783][ T8760] CPU: 1 UID: 0 PID: 8760 Comm: syz.3.506 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  332.139830][ T8760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  332.139850][ T8760] Call Trace:
[  332.139861][ T8760]  <TASK>
[  332.139875][ T8760]  dump_stack_lvl+0x16c/0x1f0
[  332.139924][ T8760]  should_fail_ex+0x512/0x640
[  332.139957][ T8760]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  332.140018][ T8760]  should_failslab+0xc2/0x120
[  332.140070][ T8760]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  332.140122][ T8760]  ? lockdep_init_map_type+0x5c/0x280
[  332.140179][ T8760]  ? __d_alloc+0x32/0xae0
[  332.140230][ T8760]  __d_alloc+0x32/0xae0
[  332.140282][ T8760]  d_alloc_pseudo+0x1c/0xc0
[  332.140323][ T8760]  alloc_file_pseudo+0xcf/0x230
[  332.140358][ T8760]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  332.140392][ T8760]  ? alloc_fd+0x471/0x7d0
[  332.140439][ T8760]  sock_alloc_file+0x50/0x210
[  332.140485][ T8760]  __sys_socket+0x1c0/0x260
[  332.140514][ T8760]  ? __pfx___sys_socket+0x10/0x10
[  332.140543][ T8760]  ? xfd_validate_state+0x61/0x180
[  332.140587][ T8760]  ? __pfx___do_sys_prctl+0x10/0x10
[  332.140656][ T8760]  __x64_sys_socket+0x72/0xb0
[  332.140683][ T8760]  ? lockdep_hardirqs_on+0x7c/0x110
[  332.140720][ T8760]  do_syscall_64+0xcd/0x490
[  332.140762][ T8760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.140793][ T8760] RIP: 0033:0x7fe69798e9a9
[  332.140819][ T8760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.140860][ T8760] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  332.140891][ T8760] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  332.140912][ T8760] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  332.140931][ T8760] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  332.140951][ T8760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  332.140969][ T8760] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  332.141009][ T8760]  </TASK>
[  332.521140][ T5158] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  332.542426][ T8766] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input31
[  332.891579][ T8773] sp0: Synchronizing with TNC
[  333.928555][ T8797] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  334.195208][ T8799] svc: failed to register nfsdv3 RPC service (errno 111).
[  334.229676][ T8799] svc: failed to register nfsaclv3 RPC service (errno 111).
[  334.667725][ T8809] FAULT_INJECTION: forcing a failure.
[  334.667725][ T8809] name failslab, interval 1, probability 0, space 0, times 0
[  334.695606][ T8809] CPU: 0 UID: 0 PID: 8809 Comm: syz.3.514 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  334.695655][ T8809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  334.695684][ T8809] Call Trace:
[  334.695696][ T8809]  <TASK>
[  334.695710][ T8809]  dump_stack_lvl+0x16c/0x1f0
[  334.695768][ T8809]  should_fail_ex+0x512/0x640
[  334.695824][ T8809]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  334.695894][ T8809]  should_failslab+0xc2/0x120
[  334.695951][ T8809]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  334.696005][ T8809]  ? rhashtable_init_noprof+0x4ed/0x7e0
[  334.696047][ T8809]  ? rhashtable_init_noprof+0x55e/0x7e0
[  334.696084][ T8809]  ? ipv4_frags_init_net+0x14d/0x3d0
[  334.696137][ T8809]  kmemdup_noprof+0x29/0x60
[  334.696188][ T8809]  ipv4_frags_init_net+0x14d/0x3d0
[  334.696235][ T8809]  ? __pfx_ipv4_frags_init_net+0x10/0x10
[  334.696278][ T8809]  ops_init+0x1e2/0x5f0
[  334.696332][ T8809]  setup_net+0x10f/0x380
[  334.696378][ T8809]  ? lockdep_init_map_type+0x5c/0x280
[  334.696432][ T8809]  ? __pfx_setup_net+0x10/0x10
[  334.696484][ T8809]  ? debug_mutex_init+0x37/0x70
[  334.696526][ T8809]  copy_net_ns+0x2a6/0x5f0
[  334.696585][ T8809]  create_new_namespaces+0x3ea/0xa90
[  334.696640][ T8809]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  334.696688][ T8809]  ksys_unshare+0x45b/0xa40
[  334.696740][ T8809]  ? __pfx_ksys_unshare+0x10/0x10
[  334.696793][ T8809]  ? xfd_validate_state+0x61/0x180
[  334.696873][ T8809]  __x64_sys_unshare+0x31/0x40
[  334.696924][ T8809]  do_syscall_64+0xcd/0x490
[  334.696975][ T8809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.697013][ T8809] RIP: 0033:0x7fe69798e9a9
[  334.697042][ T8809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.697077][ T8809] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  334.697112][ T8809] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  334.697137][ T8809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  334.697159][ T8809] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  334.697180][ T8809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.697202][ T8809] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  334.697257][ T8809]  </TASK>
[  335.501533][ T8824] FAULT_INJECTION: forcing a failure.
[  335.501533][ T8824] name failslab, interval 1, probability 0, space 0, times 0
[  335.515078][ T8824] CPU: 1 UID: 0 PID: 8824 Comm: syz.3.518 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  335.515111][ T8824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  335.515125][ T8824] Call Trace:
[  335.515132][ T8824]  <TASK>
[  335.515140][ T8824]  dump_stack_lvl+0x16c/0x1f0
[  335.515173][ T8824]  should_fail_ex+0x512/0x640
[  335.515197][ T8824]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  335.515234][ T8824]  should_failslab+0xc2/0x120
[  335.515271][ T8824]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  335.515302][ T8824]  ? __lock_acquire+0xb8a/0x1c90
[  335.515334][ T8824]  ? __d_alloc+0x32/0xae0
[  335.515371][ T8824]  __d_alloc+0x32/0xae0
[  335.515401][ T8824]  ? do_raw_spin_lock+0x12c/0x2b0
[  335.515441][ T8824]  d_alloc+0x4a/0x1e0
[  335.515475][ T8824]  d_alloc_name+0x83/0xb0
[  335.515507][ T8824]  ? __pfx_d_alloc_name+0x10/0x10
[  335.515541][ T8824]  ? __d_add+0x403/0xa50
[  335.515581][ T8824]  simple_fill_super+0x2eb/0x720
[  335.515615][ T8824]  ? __pfx_nfsd_fill_super+0x10/0x10
[  335.515642][ T8824]  nfsd_fill_super+0x90/0x530
[  335.515665][ T8824]  ? __pfx_set_anon_super_fc+0x10/0x10
[  335.515693][ T8824]  ? __pfx_nfsd_fill_super+0x10/0x10
[  335.515718][ T8824]  get_tree_keyed+0x10e/0x1d0
[  335.515749][ T8824]  vfs_get_tree+0x8b/0x340
[  335.515781][ T8824]  path_mount+0x1482/0x1fd0
[  335.515821][ T8824]  ? __pfx_path_mount+0x10/0x10
[  335.515856][ T8824]  ? kmem_cache_free+0x2d1/0x4d0
[  335.515886][ T8824]  ? putname+0x154/0x1a0
[  335.515926][ T8824]  ? putname+0x154/0x1a0
[  335.515964][ T8824]  ? __x64_sys_mount+0x28d/0x310
[  335.515996][ T8824]  __x64_sys_mount+0x28d/0x310
[  335.516030][ T8824]  ? __pfx___x64_sys_mount+0x10/0x10
[  335.516072][ T8824]  do_syscall_64+0xcd/0x490
[  335.516104][ T8824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.516128][ T8824] RIP: 0033:0x7fe69798e9a9
[  335.516147][ T8824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.516169][ T8824] RSP: 002b:00007fe6987af038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  335.516191][ T8824] RAX: ffffffffffffffda RBX: 00007fe697bb6080 RCX: 00007fe69798e9a9
[  335.516206][ T8824] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000
[  335.516221][ T8824] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  335.516235][ T8824] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000
[  335.516248][ T8824] R13: 0000000000000000 R14: 00007fe697bb6080 R15: 00007ffe9d1397a8
[  335.516277][ T8824]  </TASK>
[  337.070111][ T8848] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[  337.070111][ T8848]    program syz.2.521 not setting count and/or reply_len properly
[  338.499542][ T8865] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  338.703983][ T8865] svc: failed to register nfsdv3 RPC service (errno 111).
[  338.966396][ T8865] svc: failed to register nfsaclv3 RPC service (errno 111).
[  341.475270][ T8896] random: crng reseeded on system resumption
[  344.034977][ T8923] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input32
[  345.010046][ T8939] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  345.153079][ T8941] svc: failed to register nfsdv3 RPC service (errno 111).
[  345.185601][ T8941] svc: failed to register nfsaclv3 RPC service (errno 111).
[  345.649958][ T8943] sysfs_service_op_show: Client not running :-5:
[  346.599624][ T8958] sysfs_service_op_show: Client not running :-5:
[  348.867811][ T8971] ptrace attach of "./syz-executor exec"[5840] was attempted by "./syz-executor exec"[8971]
[  349.569329][ T8992] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input33
[  350.675237][ T9005] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input34
[  352.536781][ T9022] sysfs_service_op_show: Client not running :-5:
[  353.614494][ T9040] netlink: 4 bytes leftover after parsing attributes in process `syz.1.558'.
[  354.193566][ T9054] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input35
[  354.764205][ T9059] ICMPv6: process `syz.2.561' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  356.389897][ T9097] syz.0.567 (9097): /proc/9096/oom_adj is deprecated, please use /proc/9096/oom_score_adj instead.
[  357.813004][ T9117] sysfs_service_op_show: Client not running :-5:
[  359.087620][ T9139] ICMPv6: process `syz.3.573' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  360.809631][ T9179] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  362.834801][ T8783] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  362.842671][ T8783] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  364.126506][ T9224] ICMPv6: process `syz.0.584' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  364.667628][ T9238] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input36
[  367.163595][ T9278] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input37
[  368.095871][ T9289] FAULT_INJECTION: forcing a failure.
[  368.095871][ T9289] name failslab, interval 1, probability 0, space 0, times 0
[  368.175706][ T9289] CPU: 0 UID: 0 PID: 9289 Comm: syz.2.596 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  368.175754][ T9289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  368.175786][ T9289] Call Trace:
[  368.175798][ T9289]  <TASK>
[  368.175810][ T9289]  dump_stack_lvl+0x16c/0x1f0
[  368.175856][ T9289]  should_fail_ex+0x512/0x640
[  368.175894][ T9289]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  368.175947][ T9289]  should_failslab+0xc2/0x120
[  368.176000][ T9289]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  368.176058][ T9289]  ? lockdep_init_map_type+0x5c/0x280
[  368.176105][ T9289]  ? __d_alloc+0x32/0xae0
[  368.176158][ T9289]  __d_alloc+0x32/0xae0
[  368.176209][ T9289]  d_alloc_pseudo+0x1c/0xc0
[  368.176241][ T9289]  alloc_file_pseudo+0xcf/0x230
[  368.176276][ T9289]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  368.176309][ T9289]  ? alloc_fd+0x471/0x7d0
[  368.176357][ T9289]  sock_alloc_file+0x50/0x210
[  368.176404][ T9289]  __sys_socket+0x1c0/0x260
[  368.176435][ T9289]  ? __pfx___sys_socket+0x10/0x10
[  368.176465][ T9289]  ? xfd_validate_state+0x61/0x180
[  368.176513][ T9289]  ? __pfx___do_sys_prctl+0x10/0x10
[  368.176587][ T9289]  __x64_sys_socket+0x72/0xb0
[  368.176616][ T9289]  ? lockdep_hardirqs_on+0x7c/0x110
[  368.176656][ T9289]  do_syscall_64+0xcd/0x490
[  368.176702][ T9289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.176736][ T9289] RIP: 0033:0x7f5ae158e9a9
[  368.176763][ T9289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.176796][ T9289] RSP: 002b:00007f5adf3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  368.176827][ T9289] RAX: ffffffffffffffda RBX: 00007f5ae17b5fa0 RCX: 00007f5ae158e9a9
[  368.176849][ T9289] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  368.176869][ T9289] RBP: 00007f5ae1610d69 R08: 0000000000000000 R09: 0000000000000000
[  368.176889][ T9289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.176909][ T9289] R13: 0000000000000000 R14: 00007f5ae17b5fa0 R15: 00007ffd0e26fc18
[  368.176951][ T9289]  </TASK>
[  368.534930][ T8777] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  368.547175][ T8777] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  368.847174][ T9290] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  369.306366][ T9303] __vm_enough_memory: pid: 9303, comm: syz.0.603, bytes: 4398046511104 not enough memory for the allocation
[  370.834615][ T9318] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input39
[  371.207246][ T9322] ptp ptp0: delete virtual clock ptp3
[  371.286941][ T9322] ptp ptp0: delete virtual clock ptp2
[  371.346715][ T9322] ptp ptp0: delete virtual clock ptp1
[  371.423856][ T9322] ptp ptp0: only physical clock in use now
[  374.320378][ T9368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'.
[  374.337120][ T9376] sysfs_service_op_show: Client not running :-5:
[  375.568486][ T9384] netlink: 28 bytes leftover after parsing attributes in process `syz.3.612'.
[  375.636906][ T9384] veth0_macvtap: left promiscuous mode
[  375.689693][ T9385] __vm_enough_memory: pid: 9385, comm: syz.1.610, bytes: 4398046511104 not enough memory for the allocation
[  378.391231][ T9429] sysfs_service_op_show: Client not running :-5:
[  380.332555][ T9447] kexec: Could not allocate control_code_buffer
[  380.862629][ T9464] Process accounting resumed
[  380.875964][ T9461] __vm_enough_memory: pid: 9461, comm: syz.2.625, bytes: 4398046511104 not enough memory for the allocation
[  381.967878][   T30] audit: type=1804 audit(6048883274.795:6): pid=9476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.628" name="/newroot/158/file0" dev="tmpfs" ino=840 res=1 errno=0
[  382.125239][ T9475] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  383.618781][ T9509] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  384.565144][ T9524] FAULT_INJECTION: forcing a failure.
[  384.565144][ T9524] name failslab, interval 1, probability 0, space 0, times 0
[  384.594198][ T9524] CPU: 0 UID: 0 PID: 9524 Comm: syz.2.637 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  384.594246][ T9524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  384.594266][ T9524] Call Trace:
[  384.594276][ T9524]  <TASK>
[  384.594287][ T9524]  dump_stack_lvl+0x16c/0x1f0
[  384.594332][ T9524]  should_fail_ex+0x512/0x640
[  384.594366][ T9524]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  384.594414][ T9524]  should_failslab+0xc2/0x120
[  384.594463][ T9524]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  384.594505][ T9524]  ? d_instantiate+0x77/0x90
[  384.594549][ T9524]  ? alloc_empty_file+0x55/0x1e0
[  384.594583][ T9524]  alloc_empty_file+0x55/0x1e0
[  384.594615][ T9524]  alloc_file_pseudo+0x13a/0x230
[  384.594647][ T9524]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  384.594690][ T9524]  ? alloc_fd+0x471/0x7d0
[  384.594736][ T9524]  sock_alloc_file+0x50/0x210
[  384.594780][ T9524]  __sys_socket+0x1c0/0x260
[  384.594812][ T9524]  ? __pfx___sys_socket+0x10/0x10
[  384.594843][ T9524]  ? xfd_validate_state+0x61/0x180
[  384.594890][ T9524]  ? __pfx___do_sys_prctl+0x10/0x10
[  384.594952][ T9524]  __x64_sys_socket+0x72/0xb0
[  384.594979][ T9524]  ? lockdep_hardirqs_on+0x7c/0x110
[  384.595018][ T9524]  do_syscall_64+0xcd/0x490
[  384.595061][ T9524]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.595094][ T9524] RIP: 0033:0x7f5ae158e9a9
[  384.595119][ T9524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.595154][ T9524] RSP: 002b:00007f5adf3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  384.595185][ T9524] RAX: ffffffffffffffda RBX: 00007f5ae17b5fa0 RCX: 00007f5ae158e9a9
[  384.595206][ T9524] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  384.595226][ T9524] RBP: 00007f5ae1610d69 R08: 0000000000000000 R09: 0000000000000000
[  384.595246][ T9524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  384.595265][ T9524] R13: 0000000000000000 R14: 00007f5ae17b5fa0 R15: 00007ffd0e26fc18
[  384.595306][ T9524]  </TASK>
[  384.909082][ T8783] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  384.916521][ T8783] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  385.800056][ T9528] sysfs_service_op_show: Client not running :-5:
[  387.268690][ T9560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.643'.
[  387.294400][ T9565] netlink: 4 bytes leftover after parsing attributes in process `syz.1.644'.
[  388.614325][ T9575] sysfs_service_op_show: Client not running :-5:
[  389.012995][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  389.023259][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  389.448934][ T9593] sysfs_service_op_show: Client not running :-5:
[  389.598614][ T9592] sysfs_service_op_show: Client not running :-5:
[  392.403860][ T9654] netlink: 28 bytes leftover after parsing attributes in process `syz.1.658'.
[  393.888521][ T9671] netlink: 4 bytes leftover after parsing attributes in process `syz.2.659'.
[  395.037623][ T9692] sysfs_service_op_show: Client not running :-5:
[  395.267250][ T9698] FAULT_INJECTION: forcing a failure.
[  395.267250][ T9698] name failslab, interval 1, probability 0, space 0, times 0
[  395.329918][ T9698] CPU: 0 UID: 0 PID: 9698 Comm: syz.1.664 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  395.329966][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  395.329987][ T9698] Call Trace:
[  395.329997][ T9698]  <TASK>
[  395.330010][ T9698]  dump_stack_lvl+0x16c/0x1f0
[  395.330060][ T9698]  should_fail_ex+0x512/0x640
[  395.330094][ T9698]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  395.330144][ T9698]  should_failslab+0xc2/0x120
[  395.330197][ T9698]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  395.330241][ T9698]  ? d_instantiate+0x77/0x90
[  395.330288][ T9698]  ? alloc_empty_file+0x55/0x1e0
[  395.330325][ T9698]  alloc_empty_file+0x55/0x1e0
[  395.330357][ T9698]  alloc_file_pseudo+0x13a/0x230
[  395.330392][ T9698]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  395.330426][ T9698]  ? alloc_fd+0x471/0x7d0
[  395.330484][ T9698]  sock_alloc_file+0x50/0x210
[  395.330530][ T9698]  __sys_socket+0x1c0/0x260
[  395.330562][ T9698]  ? __pfx___sys_socket+0x10/0x10
[  395.330593][ T9698]  ? xfd_validate_state+0x61/0x180
[  395.330640][ T9698]  ? __pfx___do_sys_prctl+0x10/0x10
[  395.330700][ T9698]  __x64_sys_socket+0x72/0xb0
[  395.330728][ T9698]  ? lockdep_hardirqs_on+0x7c/0x110
[  395.330767][ T9698]  do_syscall_64+0xcd/0x490
[  395.330809][ T9698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.330842][ T9698] RIP: 0033:0x7f9e1a78e9a9
[  395.330867][ T9698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.330899][ T9698] RSP: 002b:00007f9e1b69f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  395.330929][ T9698] RAX: ffffffffffffffda RBX: 00007f9e1a9b5fa0 RCX: 00007f9e1a78e9a9
[  395.330952][ T9698] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  395.330971][ T9698] RBP: 00007f9e1a810d69 R08: 0000000000000000 R09: 0000000000000000
[  395.330992][ T9698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  395.331010][ T9698] R13: 0000000000000000 R14: 00007f9e1a9b5fa0 R15: 00007ffffcdf8068
[  395.331051][ T9698]  </TASK>
[  395.617358][ T8777] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  395.624921][ T8777] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  397.586031][ T9737] __vm_enough_memory: pid: 9737, comm: syz.3.668, bytes: 4398046511104 not enough memory for the allocation
[  399.473644][ T9751] 
[  399.476026][ T9751] ======================================================
[  399.483340][ T9751] WARNING: possible circular locking dependency detected
[  399.490636][ T9751] 6.16.0-syzkaller-06699-ge8d780dcd957 #0 Not tainted
[  399.497416][ T9751] ------------------------------------------------------
[  399.504567][ T9751] syz.3.673/9751 is trying to acquire lock:
[  399.510476][ T9751] ffffffff8e75f680 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x162/0x610
[  399.519667][ T9751] 
[  399.519667][ T9751] but task is already holding lock:
[  399.527102][ T9751] ffffffff8e72b1a8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470
[  399.536892][ T9751] 
[  399.536892][ T9751] which lock already depends on the new lock.
[  399.536892][ T9751] 
[  399.547327][ T9751] 
[  399.547327][ T9751] the existing dependency chain (in reverse order) is:
[  399.547344][ T9751] 
[  399.547344][ T9751] -> #3 (pcpu_alloc_mutex){+.+.}-{4:4}:
[  399.547391][ T9751]        __mutex_lock+0x191/0x1070
[  399.547435][ T9751]        pcpu_alloc_noprof+0xb4c/0x1470
[  399.547474][ T9751]        sbitmap_init_node+0x2fd/0x770
[  399.547516][ T9751]        sbitmap_queue_init_node+0x41/0x560
[  399.547558][ T9751]        blk_mq_init_tags+0x12d/0x2b0
[  399.547588][ T9751]        blk_mq_alloc_map_and_rqs+0x237/0xf60
[  399.547638][ T9751]        blk_mq_init_sched+0x30c/0x610
[  399.547680][ T9751]        elevator_switch+0x1e1/0x7f0
[  399.547720][ T9751]        elevator_change+0x2ac/0x400
[  399.547759][ T9751]        elevator_set_default+0x2c4/0x360
[  399.547803][ T9751]        blk_register_queue+0x393/0x4f0
[  399.547838][ T9751]        __add_disk+0x74a/0xf00
[  399.547865][ T9751]        add_disk_fwnode+0x13f/0x5d0
[  399.547894][ T9751]        nbd_dev_add+0x783/0xbb0
[  399.547919][ T9751]        nbd_init+0x181/0x320
[  399.547947][ T9751]        do_one_initcall+0x120/0x6e0
[  399.547985][ T9751]        kernel_init_freeable+0x5c2/0x900
[  399.548017][ T9751]        kernel_init+0x1c/0x2b0
[  399.548063][ T9751]        ret_from_fork+0x5d7/0x6f0
[  399.548107][ T9751]        ret_from_fork_asm+0x1a/0x30
[  399.548156][ T9751] 
[  399.548156][ T9751] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  399.548205][ T9751]        __mutex_lock+0x191/0x1070
[  399.548247][ T9751]        elevator_change+0x103/0x400
[  399.548276][ T9751]        elv_iosched_store+0x2eb/0x3a0
[  399.548306][ T9751]        queue_attr_store+0x268/0x310
[  399.548329][ T9751]        sysfs_kf_write+0xef/0x150
[  399.548355][ T9751]        kernfs_fop_write_iter+0x354/0x510
[  399.548378][ T9751]        vfs_write+0x6c4/0x1150
[  399.548408][ T9751]        ksys_write+0x12a/0x250
[  399.548436][ T9751]        do_syscall_64+0xcd/0x490
[  399.548463][ T9751]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.548486][ T9751] 
[  399.548486][ T9751] -> #1 (&q->q_usage_counter(io)#18){++++}-{0:0}:
[  399.548525][ T9751]        blk_alloc_queue+0x619/0x760
[  399.548555][ T9751]        blk_mq_alloc_queue+0x172/0x280
[  399.548575][ T9751]        __blk_mq_alloc_disk+0x29/0x120
[  399.548596][ T9751]        loop_add+0x490/0xb70
[  399.548622][ T9751]        loop_init+0x164/0x270
[  399.548643][ T9751]        do_one_initcall+0x120/0x6e0
[  399.548668][ T9751]        kernel_init_freeable+0x5c2/0x900
[  399.548690][ T9751]        kernel_init+0x1c/0x2b0
[  399.548723][ T9751]        ret_from_fork+0x5d7/0x6f0
[  399.548756][ T9751]        ret_from_fork_asm+0x1a/0x30
[  399.548782][ T9751] 
[  399.548782][ T9751] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  399.548813][ T9751]        __lock_acquire+0x126f/0x1c90
[  399.548842][ T9751]        lock_acquire+0x179/0x350
[  399.548871][ T9751]        fs_reclaim_acquire+0x102/0x150
[  399.548893][ T9751]        prepare_alloc_pages+0x162/0x610
[  399.548916][ T9751]        __alloc_frozen_pages_noprof+0x18b/0x23f0
[  399.548948][ T9751]        __alloc_pages_noprof+0xb/0x1b0
[  399.548977][ T9751]        pcpu_populate_chunk+0x110/0xb00
[  399.549004][ T9751]        pcpu_alloc_noprof+0x86a/0x1470
[  399.549031][ T9751]        bpf_map_alloc_percpu+0x9a/0x4b0
[  399.549066][ T9751]        htab_map_alloc+0x10ca/0x1570
[  399.549100][ T9751]        map_create+0x58f/0x1db0
[  399.549157][ T9751]        __sys_bpf+0x44d2/0x4de0
[  399.549182][ T9751]        __x64_sys_bpf+0x78/0xc0
[  399.549204][ T9751]        do_syscall_64+0xcd/0x490
[  399.549232][ T9751]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.549255][ T9751] 
[  399.549255][ T9751] other info that might help us debug this:
[  399.549255][ T9751] 
[  399.549263][ T9751] Chain exists of:
[  399.549263][ T9751]   fs_reclaim --> &q->elevator_lock --> pcpu_alloc_mutex
[  399.549263][ T9751] 
[  399.549301][ T9751]  Possible unsafe locking scenario:
[  399.549301][ T9751] 
[  399.549307][ T9751]        CPU0                    CPU1
[  399.549314][ T9751]        ----                    ----
[  399.549320][ T9751]   lock(pcpu_alloc_mutex);
[  399.549336][ T9751]                                lock(&q->elevator_lock);
[  399.549353][ T9751]                                lock(pcpu_alloc_mutex);
[  399.549370][ T9751]   lock(fs_reclaim);
[  399.549385][ T9751] 
[  399.549385][ T9751]  *** DEADLOCK ***
[  399.549385][ T9751] 
[  399.549391][ T9751] 1 lock held by syz.3.673/9751:
[  399.549406][ T9751]  #0: ffffffff8e72b1a8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470
[  399.549468][ T9751] 
[  399.549468][ T9751] stack backtrace:
[  399.549480][ T9751] CPU: 1 UID: 0 PID: 9751 Comm: syz.3.673 Not tainted 6.16.0-syzkaller-06699-ge8d780dcd957 #0 PREEMPT(full) 
[  399.549509][ T9751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  399.549524][ T9751] Call Trace:
[  399.549531][ T9751]  <TASK>
[  399.549540][ T9751]  dump_stack_lvl+0x116/0x1f0
[  399.549568][ T9751]  print_circular_bug+0x275/0x350
[  399.549599][ T9751]  check_noncircular+0x14c/0x170
[  399.549631][ T9751]  __lock_acquire+0x126f/0x1c90
[  399.549666][ T9751]  lock_acquire+0x179/0x350
[  399.549696][ T9751]  ? prepare_alloc_pages+0x162/0x610
[  399.549724][ T9751]  fs_reclaim_acquire+0x102/0x150
[  399.549746][ T9751]  ? prepare_alloc_pages+0x162/0x610
[  399.549770][ T9751]  prepare_alloc_pages+0x162/0x610
[  399.549792][ T9751]  ? __pick_eevdf+0x30a/0x670
[  399.549821][ T9751]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  399.549856][ T9751]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  399.549895][ T9751]  ? find_held_lock+0x2b/0x80
[  399.549917][ T9751]  ? try_to_wake_up+0xa25/0x1680
[  399.549937][ T9751]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  399.549970][ T9751]  ? do_raw_spin_unlock+0x172/0x230
[  399.550006][ T9751]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  399.550032][ T9751]  ? try_to_wake_up+0x157/0x1680
[  399.550054][ T9751]  ? __pfx_try_to_wake_up+0x10/0x10
[  399.550077][ T9751]  ? find_held_lock+0x2b/0x80
[  399.550097][ T9751]  ? find_held_lock+0x2b/0x80
[  399.550123][ T9751]  __alloc_pages_noprof+0xb/0x1b0
[  399.550162][ T9751]  pcpu_populate_chunk+0x110/0xb00
[  399.550193][ T9751]  ? mark_held_locks+0x49/0x80
[  399.550235][ T9751]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  399.550274][ T9751]  pcpu_alloc_noprof+0x86a/0x1470
[  399.550313][ T9751]  bpf_map_alloc_percpu+0x9a/0x4b0
[  399.550351][ T9751]  htab_map_alloc+0x10ca/0x1570
[  399.550379][ T9751]  ? ns_capable+0xd7/0x110
[  399.550406][ T9751]  map_create+0x58f/0x1db0
[  399.550446][ T9751]  ? __pfx_map_create+0x10/0x10
[  399.550480][ T9751]  ? __might_fault+0xe3/0x190
[  399.550511][ T9751]  ? __might_fault+0xe3/0x190
[  399.550540][ T9751]  ? __might_fault+0x13b/0x190
[  399.550582][ T9751]  __sys_bpf+0x44d2/0x4de0
[  399.550606][ T9751]  ? __pfx___sys_bpf+0x10/0x10
[  399.550628][ T9751]  ? do_writev+0x218/0x340
[  399.550658][ T9751]  ? do_futex+0x122/0x350
[  399.550687][ T9751]  ? __pfx_do_futex+0x10/0x10
[  399.550722][ T9751]  ? fput+0x70/0xf0
[  399.550757][ T9751]  ? xfd_validate_state+0x61/0x180
[  399.550790][ T9751]  ? __pfx_do_writev+0x10/0x10
[  399.550820][ T9751]  __x64_sys_bpf+0x78/0xc0
[  399.550842][ T9751]  ? lockdep_hardirqs_on+0x7c/0x110
[  399.550869][ T9751]  do_syscall_64+0xcd/0x490
[  399.550899][ T9751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.550922][ T9751] RIP: 0033:0x7fe69798e9a9
[  399.550940][ T9751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.550965][ T9751] RSP: 002b:00007fe6987d0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  399.550986][ T9751] RAX: ffffffffffffffda RBX: 00007fe697bb5fa0 RCX: 00007fe69798e9a9
[  399.551002][ T9751] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000
[  399.551016][ T9751] RBP: 00007fe697a10d69 R08: 0000000000000000 R09: 0000000000000000
[  399.551030][ T9751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  399.551044][ T9751] R13: 0000000000000000 R14: 00007fe697bb5fa0 R15: 00007ffe9d1397a8
[  399.551066][ T9751]  </TASK>
[  401.042897][ T9754] tty tty11: ldisc open failed (-12), clearing slot 10