last executing test programs:

24.736555556s ago: executing program 0 (id=1835):
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x11, 0x80003, 0x300)
bpf$auto(0x9, &(0x7f00000002c0)=@raw_tracepoint={0xfffffffffffffff7, r0, 0x0, 0xc}, 0x2f9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa801, 0x0)
write$auto(0x3, 0x0, 0x7ffffffa)
write$auto(0x3, 0x0, 0x5c8)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000000)={'tunl0\x00'})
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5Y\a\xc1\xe9(\x85R\x96\xe4\x86\\\x13\xa9\x1a&\x19\x8a9\x82\xf0\x83\f\xf7\xeb\x00\x00\x00\x00\x00\x00\x00\x00v\x92<e\x8b?#a\xa3 \xaa\x19\xde}\x10\xa4\x95\x02\x12\xbb\x13\xeb<\xc8x\x86\xc6\x12w2u\xe5\xb0\x8f\xda\x88R\xf4 @\xdc\x8e\xaa\xf0{\xa8,\xa3\xc7\x01\\\x03(\xc0\xb3\xf3\xf80eqo\x1a\xe0\xc6\xd9\xcf\xab\xf4_\xf2', 0x100000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x200)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/mnt\x00')
setns(r2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r3, 0x0)
umount2$auto(&(0x7f0000000080)='.\x00', 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r4)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
sendmsg$auto_SMC_PNETID_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r5, 0xd3bed26fbb0d8463, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x300}, [@SMC_PNETID_ETHNAME={0xc, 0x2, 'syz_tun\x00'}, @SMC_PNETID_NAME={0xc, 0x1, 'ethtool\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)

24.556728165s ago: executing program 0 (id=1837):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="dc010000", @ANYRES16=r0, @ANYBLOB="000229bd7000ffdbdf250c00000008002201020000000400a680070002005b2b00000600b300000800000500890005000000c0004801ca2cbc4bf9ee68c815eac89c75cdb97003258fa95c73d2fb7ef95db2a53f43ed9390766ae664beff025403216720ea0537719275e86bbe1042dc9fc9dbb894636795ada9037def3d6fc134841b09fb88665cc280c46ec37271b3485d60d213c2fb86df24ebb2cc4cb985920cf9c6e2c78941c314a02f9c806c5d8b3193ad0b0442ce88ed13ecc825d51997765eea625ea30509d0beda6d44b22683072b4b0cc0c4add9ddca11b19bb3b6b503d65663d0d698efd1f9e1c18eea32e9d20500f6009300000006004301dc0000000500590001000000cc00fd0007ebb09e9ea3f3630cda1a4ad78c17778b26977232b508251262c3eaa52e3b840e0235a75dacbc45dff679907b98753ee3cb84395fcbc77958316261e6cfc29636bc28b24a996ca3d56ec2c2a06e1c922d40903ca23c5fa28c5f87cb40bb355650ddfefc204111707d0dd881fe7272718f2bf16d6ea114755bf4252ba91711d7f87aa88121bf3ab903a95a38d2456fcf2e19a546db3874f026ba0d40006aeadba16021007189c3ab6cec30b3d1d779191a6c6e873f37491205f545abd768b971e33e7237d3922321"], 0x1dc}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vlan1\x00'})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cgroup\x00', 0x181100, 0x0)
read$auto_proc_single_file_operations_base(r2, &(0x7f0000000080)=""/112, 0x70)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000600)='/dev/ttye1\x00', 0x101001, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb1, 0xd, 0x300000000000)
bpf$auto(0x5, 0x0, 0x4a)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000)
mmap$auto(0x0, 0x8000000004020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x200000000004)
close_range$auto(0x2, 0x8, 0x0)
semget$auto(0x8, 0x3, 0xfffffffe)
mmap$auto(0x0, 0x400008, 0x200000df, 0x9b72, 0x2, 0x8000)
socket(0x15, 0x5, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
io_uring_setup$auto(0x6, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x3, 0x100)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0)
r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, r3)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r4, 0x4, 0x8000040006)

24.172851533s ago: executing program 0 (id=1841):
msgctl$auto_IPC_INFO(0xfffffff7, 0x3, &(0x7f0000000600)={{0x81, 0x0, 0x0, 0x8215, 0xae5, 0x3ff, 0x16}, 0x0, &(0x7f00000005c0)=0xd9, 0x2, 0x3, 0x9, 0x7, 0x101, 0x3, 0xe, 0x8, @raw=0x2, @raw=0x2})
open(0x0, 0x161342, 0x100)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x500, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_ROUTER={0xa, 0x1d, @random="03b0809145d4"}, @BATADV_ATTR_VERSION={0x6, 0x1, '*('}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0)
writev$auto(r0, &(0x7f0000000100)={&(0x7f0000000080), 0x2}, 0x6)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xa, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x6c8, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x10000002, 0x3, 0x5, 0x7, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
r2 = socket(0xa, 0x80003, 0x73)
sendto$auto(r2, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2c483400200ff803636166b00"}, 0x1c)
setsockopt$auto_SO_PASSSEC(r2, 0xfffffff9, 0x22, &(0x7f0000000000)='batadv\x00', 0xef14)

7.627492605s ago: executing program 2 (id=1891):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bpq3/statistics/tx_fifo_errors\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b)
ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(r0, 0x4004550a, &(0x7f0000000080)=0x4)
ioctl$auto_SOUND_PCM_WRITE_FILTER(r0, 0xc0045007, &(0x7f0000000140)="ea32c5d044e519d4c67f14c98699d2b79162327580ddada135b99170d4319bc7a319505ea5907e3df8e200ee74b606d7ab3ee9da3dd8a7e959509af124f74c596f3d350f171083210eded330355ccfb22e4dbe5a61e4dd3f1407c8a2b8696b4fc377049d2a749ee1cb1a7411d81b57db1513238e3df33bd9d6af8c3b8eb45070ba458d94c50245e2cac74448dca049ebce829d446e3f0fd0263719d8")
bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000200)=@query={@target_fd=r0, 0x7, 0x0, 0x3, 0xa, @prog_cnt=0x8, 0x0, 0x961, 0x7fffffff, 0x80000000, 0x4}, 0x1000)
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000340), 0x2000, 0x0)
mmap$auto(0xfffffffffffffffd, 0x20008, 0x4000000000df, 0xfffffffffffffffe, 0x401, 0x40000008000)
io_uring_setup$auto(0x6, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x4242, 0xe1d2b27bdc14aad4)
r1 = open(0x0, 0x0, 0x40)
flock$auto(r1, 0x2)
flock$auto(r1, 0x2)
r2 = socket(0x15, 0x5, 0x0)
bind$auto(r2, &(0x7f0000000000)=@in={0x2, 0x1, @dev={0xac, 0x14, 0x14, 0x34}}, 0x62)
read$auto(r0, 0x0, 0x1)
write$auto(0x3, 0x0, 0x1ff58)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x0, 0x0)
epoll_create1$auto(0x0)
pread64$auto(r3, 0x0, 0x1080000001fc, 0x8800000000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:03/wakeup/wakeup2/wakeup_count\x00', 0x4c6080, 0x0)
write$auto(r4, 0x0, 0x7ff)

6.486014834s ago: executing program 2 (id=1897):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
r1 = socket(0x1e, 0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, r3, 0x800008000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
ustat$auto(0x801, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x4}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x8044)
read$auto(r4, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)

5.648658216s ago: executing program 0 (id=1841):
msgctl$auto_IPC_INFO(0xfffffff7, 0x3, &(0x7f0000000600)={{0x81, 0x0, 0x0, 0x8215, 0xae5, 0x3ff, 0x16}, 0x0, &(0x7f00000005c0)=0xd9, 0x2, 0x3, 0x9, 0x7, 0x101, 0x3, 0xe, 0x8, @raw=0x2, @raw=0x2})
open(0x0, 0x161342, 0x100)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, 0x0, 0x500, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_ROUTER={0xa, 0x1d, @random="03b0809145d4"}, @BATADV_ATTR_VERSION={0x6, 0x1, '*('}, @BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0)
writev$auto(r0, &(0x7f0000000100)={&(0x7f0000000080), 0x2}, 0x6)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xa, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x6c8, 0x5, 0x20000000003, 0x5, 0xb0, 0x7, 0x10000002, 0x3, 0x5, 0x7, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
r2 = socket(0xa, 0x80003, 0x73)
sendto$auto(r2, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2c483400200ff803636166b00"}, 0x1c)
setsockopt$auto_SO_PASSSEC(r2, 0xfffffff9, 0x22, &(0x7f0000000000)='batadv\x00', 0xef14)

3.355616451s ago: executing program 2 (id=1910):
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
r0 = memfd_create$auto(0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyc2\x00', 0x800, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="5148438c50ebd4d5687ebee17688aaad3bfeea19800261f093fa3deebb539a3eed5605d9decf9ea2e999fa46793666f4ec7a1ff7eede510e0f93872f11d122801d77767aaf2b6f7c061af7c0b43c3e6b13278a4d34e6864581403b966e1b265b425be89f184d363cfcb063c04ccf8ba7629417d29c360542c73cf448a0bc7bfbf1f3d05adca9c4ceedc90b14a213f17006d287bfd64659b0f4f3ffb722a04c3728bb4affd75e64f87a55bccf1524c5ffe3c761bff6c430e40d43880826e6bf5b80e93cfeebb6ed2f48b0e7465024f910ded26d2ddd27170f16df47aa7a0b4102ce1050dfb730f040f4c891457cb2db2eee4d", 0xf2)
r1 = socket(0xa, 0x3, 0x3a)
statx$auto(r0, 0x0, 0x1000, 0xbdfc, 0x0)
setsockopt$auto(r1, 0x29, 0x14, 0x0, 0x56b)
setsockopt$auto(r1, 0x29, 0x15, 0x0, 0x52b)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_GET(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000001300)={0x14, r3, 0x9d0da3446261172d, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0xa6ffffffffffffff, 0x0, 0x24000000}, 0x20008080)
r4 = getpgid$auto(0x0)
sendmsg$auto_TIPC_NL_NODE_GET(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa4, r3, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_PUBL={0x8f, 0x3, 0x0, 0x1, [@typed={0x8, 0x89, 0x0, 0x0, @pid=r4}, @nested={0x4, 0xb4}, @generic="c3421107210e665e6b9c2d1b7821943c4cdbd52dd389189a5444dd6e", @generic="5590c29178a9a94f2db5d133ac63c9b4473690a4f1d52bbcb8220d6ae0887f7d03b9130a803ea04fa8fee9068893a45a687406b9cc909bdcc413dd1fd93e8a39492f0179b298d896ebf662bcf08b5dcf64ac073f983a931aa10767271794987f1c638e"]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000050}, 0x800)

3.341026002s ago: executing program 0 (id=1911):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000040)=@bpf_attr_7={@btf_id=0x400, 0x10001}, 0xc)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r1, 0xd3bed26fbb0d8463, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x300}, [@SMC_PNETID_ETHNAME={0xc, 0x2, 'syz_tun\x00'}, @SMC_PNETID_NAME={0xc, 0x1, 'ethtool\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)

2.863273465s ago: executing program 2 (id=1913):
r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r0, 0x0, 0xe)

2.740125113s ago: executing program 3 (id=1914):
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)

2.707969654s ago: executing program 0 (id=1916):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000001640), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(r0, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000001680)={0x14, r1, 0x2a027614b719b9cb, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0xc4)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x600000, 0x0)
mmap$auto(0x1000000000, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dvmrp0\x00', <r3=>0x0})
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
personality$auto(0xfffff032)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="00000000a24ba0ca4341ad6cbdae8ef917cf9a6c865719d5f4af795b1111ee5a3a57ccef952aff27f72593f131d89d42a04b462bd89be11f7f33cb81dc25e559698bc6c3447e6ec161a4ad424db7", @ANYRES16=r2, @ANYBLOB="000305000000fbdbdf2501000000090001002c4d5b260000000008000900", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x880}, 0x24000004)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0xf92c, 0x4000000000df, 0xeb1, 0x401, 0x2000000000004000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x800006, 0x7)
gettimeofday$auto(0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
epoll_create$auto(0x6)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/kexec_crash_size\x00', 0x102, 0x0)
pread64$auto(r4, 0x0, 0x3ff, 0x9)
ioctl$auto_FITHAW(0xffffffffffffffff, 0xc0045878, 0xffffffffffff8001)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x100, 0x0)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)

2.638737311s ago: executing program 2 (id=1917):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop12/queue/wbt_lat_usec\x00', 0x102, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)

2.490316307s ago: executing program 3 (id=1918):
r0 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
read$auto_check_wx_fops_(r0, &(0x7f0000000080)=""/228, 0xe4)

2.455806005s ago: executing program 2 (id=1919):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
r1 = socket(0x1e, 0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0)
r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, r3, 0x800008000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
ustat$auto(0x801, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
read$auto(0x3, 0x0, 0x80)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, 0x0, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x4}, @ETHTOOL_A_PAUSE_AUTONEG={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4040000)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x8044)
read$auto(r4, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x70)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)

1.275128572s ago: executing program 1 (id=1920):
statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000028, 0xe863, 0x2}, 0x0, 0x208, 0x0) (async)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80240, 0x0)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000000)={0x60, 0x2, 0x100000, 0x7fffffffeffb, 0x100000000000002, 0x0, 0x0, 0x50b301a, 0x87, 0x2c, 0x4, 0x3})

1.0479959s ago: executing program 1 (id=1921):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff)
sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x0, @broadcast}, 0x6b)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

878.271605ms ago: executing program 3 (id=1922):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff)
sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x0, @broadcast}, 0x6b)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (fail_nth: 1)

827.320216ms ago: executing program 1 (id=1923):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/veth1/mcast_resolicit\x00', 0x280, 0x0)
socket(0x2, 0x1, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/config.gz\x00', 0xb0400, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/10, 0xa)
sysfs$auto(0x2, 0x0, 0x0)
epoll_create$auto(0x4)
r1 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
getsockopt$auto(r1, 0x84, 0x16, 0x0, 0x0)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000140)='/dev/etherd/err\x00', 0x2, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
sendfile$auto(r2, r2, 0x0, 0xef0)
io_uring_setup$auto(0x4, 0x0)
r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec26\x00', 0x1a9602, 0x0)
ioctl$auto_CEC_DQEVENT(r3, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(r3, 0xc0506107, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20082, 0x0)
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x80001, 0x0)

464.960247ms ago: executing program 3 (id=1924):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000040)=@bpf_attr_7={@btf_id=0x400, 0x10001}, 0xc)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r1, 0xd3bed26fbb0d8463, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x300}, [@SMC_PNETID_ETHNAME={0xc, 0x2, 'syz_tun\x00'}, @SMC_PNETID_NAME={0xc, 0x1, 'ethtool\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)

345.770357ms ago: executing program 1 (id=1925):
r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r0, 0x0, 0xe)

282.779103ms ago: executing program 3 (id=1926):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r0 = open(0x0, 0x14927f, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x40086602, 0x0)
socket(0xa, 0x1, 0x84)
socket(0x2, 0x2, 0x0)
socket(0x28, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c2b42, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0x7fff, 0x1, 0x948b, 0x2, 0x8, 0x400000006, 0x100000000003, 0x8, 0x9, 0x5, 0x6d3c, 0x400005, 0x5]}, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r1, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
lstat$auto(0x0, 0x0)

247.089728ms ago: executing program 1 (id=1927):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="638429bd7000fedbdf25020000030c00020073797a5f756e000c000100657468746f6f6c00"], 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)

27.173701ms ago: executing program 1 (id=1928):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r1, 0xd3bed26fbb0d8463, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x300}, [@SMC_PNETID_ETHNAME={0xc, 0x2, 'syz_tun\x00'}, @SMC_PNETID_NAME={0xc, 0x1, 'ethtool\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054) (fail_nth: 8)

0s ago: executing program 3 (id=1929):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0xa, 0x5, 0x84)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r1 = io_uring_setup$auto(0x3ff, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x12480, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = socket(0xa, 0x1, 0x84)
r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000000c0), r0)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r4, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@BATADV_ATTR_MCAST_FLAGS={0x8, 0x26, 0xfff}, @BATADV_ATTR_DAT_CACHE_HWADDRESS={0xa, 0x24, @broadcast}, @BATADV_ATTR_DAT_CACHE_HWADDRESS={0xa, 0x24, @remote}, @BATADV_ATTR_DAT_CACHE_IP4ADDRESS={0x8, 0x23, @remote}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x11)
setsockopt$auto(r3, 0x0, 0x40, 0x0, 0x10000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket(0xa, 0x3, 0x4)
getsockopt$auto(r5, 0xff, 0xb, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
r7 = ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ttyz1\x00', 0x101240, 0x0)
ioctl$auto(r8, 0xae47, r0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x3}, 0x3)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
fcntl$auto_F_UNLCK(r9, 0x8, 0x2)
sendmsg$auto_NFSD_CMD_THREADS_SET(r9, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r10, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xb}]}, 0x24}}, 0x4000)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r7)
r12 = getpid()
process_vm_readv$auto(r12, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000001200)={0x1f00, r11, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x3c5, 0x7f, "a58a9b9d8b7e57ce38da58c51ca990ca8e0e18e0eeb4215ec037d0d685f3db0b0f5a0b793d950b7ee7d5b5070812a54bb8fa7b349eb6bd136a21d106e1ec9fa7b4eef76041b7b8253a5c0a92d6ddc06f2160b768fc7f4fa501051126a57a349b7cb1b1966be10b302b1311eaea70d5c57b6811b9306cde99cef755f66fd4a945b1c0e9db90923d7f6b8e7673a9f7ebdc8c00ab00f19e3296e97743de42a4c27ce58a33aa3a32084cbd385990c4f54fc7a6927c63ca310f090db7ac1bf1f00b1e3bb66b3077de4036a570e0dce87becf2a359fb82f3a2f75e61314cee814225cbce71989a392afd90828e15848c1923232d377cef19435cab933c0fd054d589b28086479ed63edc74a4bb2fc9ef950a4d204ccb93942009383cd62f3cb374bb3827741901d008f702d9984e2c08b32595a17be64c168e8fe5d63cb611225a0c0b249313743f8ebf21896bb371d40bfadf23b959adb43b16efc8bda887e914ddf7fb031a70782159a6127e9849b7165c891aa3e589285512aa8d3ed0a9559e55e96484127c210f82770df877e13736cb1e905d34dfc84e46dfdc7a52773c2f3a26dec341a0f77e34709b0f89a21523110c087bb16247ee36cd56d7d8766466e5d9cf16e46a8c31fb04a1278089fe05ed355a066d2a862b23a0ce609d4814b1b4f58b789722686316821a4c3830910f6d35c714cc0f9f8ceac97687f663d8480efe490f53b3ef97964e107e7ac6bea61e9ef5158c744cd16af80924f9fd9f0a401d5fb0d8cde29711799e01e95a63ece7f5ee258b9807387020394830e4a1149d39a54a9d61b29cf62ead7f86237fb3092095c58be9ec4cf187e21ee50cac97369f69be56e52c0b0a4fca2082c4307adf6c0614e4082499801adee3541e3d92216ce4261c221e33d3f9804246d8bcfbea0de3e0b8b132df23ed99dfff58cdd6dd800d87bd76968074813ce60d2955fc9f5b86962b3e2047243676ad362f1d49bf8dbdba121d44531e61e167c1c3e73a2c6141e0cf15d66acac9fcf71def5da84b9ef544e2febdc3aa8f2e44d3473f008e41f5377989c19bf900f95e2a7ad4548c52c0fabf0642a8d9a801cf18ba592710b591c6731ee5fea0a405bc9a6bb7c9c55a54604503528c080f69e901e1788bfce4775b32cb70daf572aaeaf06b9d89b8b66787bfc4c204c9f3af4fccbdfec437cb71213ab6a50f47896abc4fdbf808658aa7dd636127c8c1964311e7d5a2b7e557eb3552eb0535434625fa5d3639ecb307e02016b5111b9c59b22c105dd16228c2e7ca7232b1ae19a93536536833c8070ea1f754f740f200ac584d50d463c8b50039663571b1ad703d3ee46df73e32f49b5f"}, @NL80211_ATTR_SAR_SPEC={0x100, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0xfc, 0x2, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x921b}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x2}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x3ff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8001}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x33b7}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x795}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xf}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}]}]}]}, @NL80211_ATTR_IE_PROBE_RESP={0x501, 0x7f, "b7014cc5626e454f7eede68bcd124c4a07709e0590d047467cb7c2cba62b03a9d463baa0b92bc185e06d16aa100c16d5ae033076f8b82c2c834246b21e895d731d4fe18fa15a12da5898419d2db74d9f42c09b8b076a1aaaff39e876a441bd43f56443c04990d9055b1b424e7216216e76bfd6983f372987556ee95defd5075d7f798a3ad9082b55cf0f93610ccc16c255474ee2ba27eedf6315a2513ad84771fcbce536a43d3ba12ab4bc1e8711dcc84ca03a90730f78895acc387af24bdbd74928ec317b22b775ec256ea00f76a83a0def483cd13417304883799852dc82c7907a378d080805c8bcf4b214fcb451f15354127b5197c0022234bbf8e28a24257f1bc5f8bb47da3946f82a660096a82bcd82747f761087ef85b4404ebe961a5bebffc4954682d1f49fca07962f6ee103e23a982b51679bfec4c5db0ee84300b1344f0bd5d672a564e1933934f8975d38a3c0921b01f757be7a0aa959ff6adbde84971e8cb0604cf26d72113d9ccd08993f1f87ed0d4d33600fdcd652c4ec3d8e73ae9847a03543be97d86f2afbd5369c2cf1d7912e517e5bd5aa5510824acdf68ecb774d329b2b30abe95b3bc2dfd867d1bf47b1651b6a111131e7d2b2b49265255c1ed5bff96b89483de6b9f5fd0a5aa27dc04c8228f0f6f092d813a61c392815d2c4718a0d916f382d06871a6984dd67c3cce7c09ac9cf83f90338f4e08997f9185747fe6746a14a318a7d1b026dc652ebd3e3e63d84b0db2809dcd76f33763853ae994e1ded4e19420e146afb7fb72f17e004da77fbb4bfdd240502c9d600c27386faa80e63d55c866e797f06e2fb6077f93613b606717eebc16eb4607d153af085f58a4747d5ab6095766c4bb4e34e229dae5df7a6c9a92f3eb7699f77dcfdf9bf4119ced314ce2687e75edbc1eb92a42491ffcd61c601dd8a8db3594854eb0d8079eb412cd6f3164783c8d0ea10b729577fb74c462a69945f007c8022cdcb157f91413f20c52c537f59e8d3220825fbf45d0ce981c1f8319ad58ffd5a8ad42db89954ae7dc00684f3e4e0bcdf8f6f63b57f9978ecf584db7e405f62da809a4dfa7125fb3bf3843f178b4ad0a8d63833a8ca5676f0a06e82ac7cc9f6dab7ef3f1c4e069db370d649c819527fa94165808f80cd654e35d192da61f0ecc3103266a5e80ddf40b8a971f220ba54bb2a54d4eed7916910850a187e5004a42c62162670b47eedf04c69a951c1055d8b4b97ae6ffb051237cc8aecaf540c86a6a0e212b8e3312eec4593b1c56e264aa35a17952511a8b4cd98d9a9346f2b5e8cf63a9d79fa03a43143593a1182251191eb147e2981704300a6e09c6f47eda3ae6ea8d5b607df043fb39d7ad2fbce841a62ed53038ddf75a030a203a64446256296b6bd42959250a7189a675c95abc599877babbee7ebd209526a5b95762faeb26d5be7b0e71ac4a898dfe017411f38c9ac3fe2ff608c8f0d4c246b12ca3fdc35cd32560968c4c2ff38de543ca279d3517d34af8b9f77f794a402ae5d6e368ca8bf132af2198d5fd58763d819f4cb74ca2ad4fe4e6582d7afc3b1adaae60043ebb442ab1cec3fd70b5ab794969a53716a7e4dea0a56f2039ecb757386293138d3c49e4647be19f360500e9901194f8c3dd5b8c217925b2de3ab23b7b6c837fc4a65cd9d90ce1f0c89291e4823b3760d5aed6e33d48db10a15b02e1ba9c6e3a326ccdb9a73b3c9b819ac077613dc93a286fd90458413ff85cee8e2dc323b9b4561175cac951c5cb28a6e5629ea041f0810f53bda4e4162f417a9f624f510ef"}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x3}, @NL80211_ATTR_REG_RULES={0x1014, 0x22, 0x0, 0x1, [@nested={0x1010, 0x124, 0x0, 0x1, [@typed={0x8, 0x13e, 0x0, 0x0, @pid=r12}, @generic="fe510499eff08b3b489b42929e353a3451d68ecd5b292b31218d602e32601f795fe38f462b8f3c04c75498072479b2b3f6b63588e874c7d34001dd8300e247ebd15fa30fd4ba56af8a3643dca75a8276bea882548e2ed9792be7afad0ab3938e723b78ddae138f16bfb72258e8f6dbcf9383bee960949707245309fbf4f60562b5ca950228885fa682658ddb87727014a1fb39f58b959f03146690eebb7089d7facfc8cee7e00729ca887230091aa5a5152f6cd7c57a5ed160231d325b96c2cfb9dcae3c5b73f725bc4d3dda3efbbfc4351fb428b4656c13ce4ad38e7ea17b7afd41e1aa3942e64049814d8df12e0a245c68c82f3b6a784c96fcb1a18815af0ec409ebad6e13cf638810198f11fcd616ec2a3a236a970777ee206bf230105d4082fd769eca9cfcff7371581f06e2d726820e9030b800d04a1f49372c440b615aa89367a2d06713bc1386be680a91040ddbee97441e492fc2c44aefc733d9cf54c69e1d164633cd860d3264e6342f99ea715cf994be61beab5a1a23af859ef717160af771f6c352e3fa48856795da3c1b0dc039760250be20bcfb16cd9b886d1047a7198077c00d6777dc91d176ad8fc54f1bd8900bc2d7c2b19b0316cf4a88f052356596bf9b9d2335e7386cbdecd964047b88b4738b290268d1180041082fce05ab55a368c7d89a1d66fe412a29e575e09ef035844a56ddaa5418fd7b42b6f96e2b3224c03ea3641880bdc9b8f2bd4dc22eb9ed04295dd496b60aa12dd8ab89e7266bb3c2e3eddb59c6c68ede59e207f87a2f08da0a773555e788516662719cf4d1d65115fdc6c4d7f69c986e6630f2d8ba47178fcae25546a599c7055734035fe0878634aa85785d06dc8efc6e0d212a546c79407265ef146e61964654a9f9ce00a32423fa6686fff32247283751edce4b92dfe6bd9692e4d7cb854adcc60e7ab0d00e3159ff495700d8be281efe2cb8cafba8af503a394e27899c84093c0201c8f887a49bd9977ad4f3ec0daa1a1b73111ec62b56a2c2773fe22d63c24e8e2e9a7eb03dd332ab67f6ad9f72b11cd0c93fa1e13808cbed01ad55bab2b301df45a86dd8158c7421651c85211821e7cc28da02f89f1f10048735b3195f7ac17629716a1560fc4e1921d391499ded9de0a99c4f1f182ff7bc262c54442f5ad4df48da24694bc14ac1b7a37479807186cd04bc0012bb8d4a5cc1889724ad1e74f5fcc467b62b5e2e6a655f34aac3dc6e202d9904f21d3c227398c8f90d9e5aae901ea1f337153c71d9606c8d67781e7a2c085f315b25f44585cf371f66538a92fa8035ee6347f97aaa18a33fd6174eeaa1fc11f4ef57611bc39347c70c97f872c5cbd6e142dc7dd7476cb20dbecc1ef4ad5ffa5cb7e8624633b19d83788b04c230266a8315897d3a9d0bfca678079fdd5c4f68118101fcf4eea77ec44928e0c26478e3bf18a1466f43c9937fcb68417950fa1e39799bed4e25bc6833546ca0113a018e70c1943d4245ecc0a2700539dec5f2b226dea08afeb7eb39d3d251ccbca28cff40b7e7f1ca1422246e7f6e15d0b47e390fa9b4a19ef415cfa0f0bc376af4f937e1c1515ff262dc7e5150176b6b3723b6b16bdf8833c421700161836e665646984dc6d60b187b395e57d8668061a70b4ea9ce418d72c7c0e8bef4c9e9ba6efddfb04659ebb91c7b6bcf8dcc847d6ab4c84c7d2d294fc04fb26a452e4b51498284972999dcd978ca6fd5c47aa5199d1a374f21b4426cebb5cd4954127618c3ae021f80b14fe84627d3e5acb0dcf1917bb94a69d2200f1f75d682f055cdae570c1f7642da00454bef7f3cec67260c7b2e748c6f69dc7fbd6b522f04d5a4447a18f3a5dd157484c8faaf5540ff86bc854b20559c183600b984ceed063354c70d5f706263b2d33566ad98d846846e9d86e22de078bfb3deccc277df20336ff4155dec12243528c303119bf0b811a30393cffb3081e161637a989098b1cad8e195a88ecb11682da25498b3b99e4e204f0ff296b866f6cdc73ea88da386323b60aa8230b7f4908c4e2a6a34623e6550b7bf2afef16cd4a3487aa513907dac4179792e1b7e78dc5c94b420835d2e219c6b7ee28676b565bb507141c47c731e2935383e0e6f655e261bcd584335c2728ca22023e05e4575f7d5b87e4639383742d772c66a1c91634cca28c2b5ad9a3e3f6faa68010fcea3f6c4d892b68bd4e4daecd7520fb769ed4023ec707810fc22ca52a47575aa8e405ba835657e28e044c2b6e2f0cf35de1952d40bb62b47f4a510b1167670f2635fa7c2dde471e1002647d31569a14682bf2ff7a85f41434762acbfef339766ad11844e7f6c44f05d5923de05223fbdc4be23a74f3b3a009eeaa99ed347cf6c6c9c66e48d8d6b860b6b0bc3db0f324ea057c1e1e963160d119c02f0dfe391d96b962e8064f90a241e75cf45b0f70cc042cbc60625f9f663a7e817789d2fe0875d010f21b62521e5e09d87f2b217304d4cc07d3689d0989ce3f480d04187e8ddb0f3d0eddbb61637ffac2dfaa0ffd326b8312f1450234ed406bdb4ad8b3a13e84abbb20d1adb2dfadbe59088f12f002aa8ab7c6e8f48677a0679fe77060fa2316cab592cd9b9bacd23723a8e00a695f65cdd29a1cf094a2bd9bd3653329b3a3808ff297149e1391b9cc25468bd36edb3cd64a5f2b15d215e492732c2028af611b05e3fec62fb8f4519eca627d8e3d9747b21964c482fc285efe315a82a2677dcd6fbbfdd2b1e284034f3b2b7fe44aa321f3fd1cc922566b10a7a0991a509efab0d54368ea4614236408191184dcbf5b60f93593292ffeac336c2796314ac278da1a32e419eb591a82e80caad212bfbf2ef8ba364b969dec03400ed97e548d096441a87bcde17741fce1f552a52713edc6d3c41fa570f18559d4f63ed259ff13ffa5c79a9b964b4cb8047372ddca7b88bc4a64f672d9d385c1c77510e6b78a5b59064fbeeaf53c5db992faf37b5147e088f92c627841def7c3faf145bb1e105da6b54b2e11f164283621c94a81a9db7cc9c54c95234ff8fd35adb31ffd1be45bb56c3287d8567e9f6432313091511415ffef1822b5ddb0c8b68e43e4a9d4e8e67b4d6c9cbb2c758a2cab29af798f95b56f528cfca9457651de645a4c82d6f360d92c601afb1030767d7524d1ffb474f716b3c4cdfede5a58a98ec40804be432a2c893e1d99fd6ef481c59a07e855469ec4cc54a7e7cd8b63093d81e9ef4f098688e567030f124efea2c3fc4c8a6189771ee05fc711ff42485bbd00f340ee44baa729cbda5f4623437cb6d9514e5315f330bc1629fa3b0c85bb498c0d45dbc2e168dd4c8068c4f8318f9a46a03269bc5f2760e9a85be48efa9cf19fff1be9df22efb607fa1dd9b55ee296da9b55a8507bd0b9a6803056dea494016c91fe32d8501874e61e32d62f96ab9ea64232ed1e9ee67d331b8c6ede2ef70429a1a19b743ad0a581d5ce518a82ffea2723ff13244eb44dd7899d5fdf231600006cc92d33163551f9a19acce7202e03aad61ff1a22037237b9b30cd361508e0a144fa9f159ffd0aa29aeda7d2abe763f1419642559adc45ee02a08615cdf2b3101caa4fc3040e70ba3769da519ea2345901de29e23b8a85f23025658d6fa6435d069d296c4a4c52493a0d3612a64074ce85d00039b5b3dcccf4fa5df256bfa44d0a9c10dbf01d73a0300543558f7db7f45e20059ae1ea13038816f6b0fb719e73c4f4cf7320a0cfeca799c3367bec824435263fd7a5f6b3d5bd7b1f6f0f23e8d5acf544cc5021a85442167b9396b917744a6c69bb94aa8d7b58f8166be16e10af9cf9cd3877a5262c1e10b8bc87c1e1f79502f97bfd33fd080a179d495e8de13fe2320f70db03ff7bf98af1780544df4a921694a9fceb81f71cf183ba1ccde12397f2045d679c79bb53f1bf5c9a574a2142a61ea5058f052d5878ae60992a2b489b268f28c0e848e2a92f160042691c5289ac300522668b6d637ce03c2002fc70ebe8d19acb67faa0fd5055ebfae4cb154cbb121072fe11204818578ecc35148cd344232a663ef1fa56f26942741c49bc356fd2bf90cc622b87fd90a65ebd0fa1d39d398c13c7511612aa65f553bf7ddafe267e3682010096fe96ec1b9238fd7595236afa7edfc28e25039e62ebb60d3a14001b37fd0c47c24e7d13014ee03514ca162f5b1471e71dd42de057fb8ba4b0d1f6b62c6fd88ede7802afb3498951e1138ee21c5bb33bf725d3ccfc3be5588c859a827b5184ba8fac4059a61c16a17148c4eef4c271c1a039f3212a55ab7423568500a333d4cf8537b2cfde439e70fbd2de1a4985ab10dafbb9f3316073514f37be4acded1ebfc27ff8fe49264279892bb6df564a74503d082064005a23adc290dd8b01d1eee385d1ba867af4eb86101fdbc0a21d8d90bc1deffb03663026661325a9be06bc2cf4aaed182735372c66568522e6be01869995624f3f58831601800d8f651699c9814b8837d5ab970c84782782c882e45a3a9424b9926c06f78355955d20ae5b9cc7887305e512800307c634dc0b5570ac77d781c2a27f06d48344cfb1114537757f24dadeebd989ff79b5a179d6cd3fb536784b391bafdbcd9707435698131f88f9723542dc1014bb0571ca56e2acf9d8fc9627d3f05f239aebdda280839f5fed2a98405f1288765b011d23bd88486a00eda5f06f47a0359605fecc4a177d82b31af288f341bf41b34381372f25d1dc9aa94d7171038df59d0b9fb060dc31cc7b6d3e8bea70de3b5745c4952af29e4b9a3777810720c23f1cc8b62e80d62122baf934bc50843d9178c18c925e6aa64f9ed613c0fd5a905189b602969a554d497eea16759e7f3244f3f1ea51985acd014ab6d1916422ba76ac493f8a3805b6a4049252fba385c77083dad778bfc35f9055f3b9e1c57a015c3c3867a8e46cd7b7ac34756838115f7eb8b8207e5bc4d8964d98299ac0229b4764fd9033e7fbe7cdc6b3dd5466db449d5152ba723dc567d59dbdfd00982e822d4edf058d0253eee4cc1779b93922d0944855020d0d94f5866dc14888a84aae3d372d07c3402d60d74878e045a3b8c0f216a994e0e8a5dab989d8fecf853f3717de38de13b280aa8c5c36f9a7278d2a3f76d5d08ea5234e037ca5505fb6302c425eadcac5486ed76dd0c1ea476f5abf432aefa6d0780681320da6a337edb1079ee0b07fd7603b8956121ecf120a13ad09eaa57ce1fcd4d99d76771a7a85e8a2e01784df75537a39a0871c61681c691e4086bc25002c5593576012825dff19b5edd6a6f07136b68f8c94f0d0c218fab13dc292cd9a9f926e5e513196c49780a4758048b5bfe3626e9227892051707bb9a7cbdd1522fc6ae032085ae886e6c2d24c10a6f81792ec21049d1630f2f5babe95251503d19857c48b5c93a94c5ba839b5278d24b31e42dc7af5929c176471d49da6ecde71aa1d5d160db0c4296153849e992deceb78fbb553a2fc1e419ba543e21d400324f65f7a8388f26ecda776a0b52b4488511244833b2e14f5bf723eb677437bd1885d90d8d84b86c2599f0f80554929bbe0f7f599345cf03fa689ad02bad271f7aefd3218140f6f90402598193a157a65ddbe3ea1450ab502f4fb5423fa35dc29fa67f1c5d3e80ead7888ee982b194ceaa5e65d784e5094dee2e23cbb3ebf53494edbdd062e52b8b1de2ca95c3ae3d53957ffdcdbed4877b72533d9d5a8676aaa5e0ab063a958f92a84842ae265f10b575d38b31ef4d46b569c1cae335626e82fa7eaf28c76f85707f67cf706fadd9cbde83", @nested={0x4, 0xc5}]}]}, @NL80211_ATTR_IE_PROBE_RESP={0x405, 0x7f, "d6c39ffb9399b4710c67d81db13d9eb052af4b5e0d5f143902ab0d0d15311a00cb6602dc282b122cd0588e54436ab02bba7e0881af91a2d4185f617cae0fc769d9e0a107beda45b3f11a5be6811512bdc76125001a6feee0a9496c2bf131d5bcfb4d5b0b4d0f3b085ba2f97ce745af906b7cd4fc7801fe6091b010c321dea6b14b935279672a7f0a172694f5f96a5d2460cc34821c31ab02d62bc679f75e4f3cccc93e9cb9bff3f2aa98a6533184d21cacbe1c9a336e060b7262cc97a525462f23d0de6b9ed3d36dffdd84460fac5ba6146ed927b7922261b83a2dc0a7f1756b945a5c29c19fd2769666e6a8f1167d91910f12e24d98d9b375d7aacce70a2469693620220a73b3307eed2f688f0b33370ade7f3a78506b07a0d316dc3e37eb271ebedc702018ce96b3306d1e57e7942a2f2612ec2f7a7c4f4656d5d60a0ca444f07502a4d32763ee05fd8c292c073988df20fdeae22ca82cce93ef2d475c215553dc996fe9ac4ebc983804c16620f3b9d6b5a29a2d220f6e58c19aa2b4776b9c6be3e7e04e2d498372b5f94376022d01a86f7ebaee9ee7988ff0332179b2d683bd51c539d7aecc691155845abec6624aa4669a6a4ae0de6ee27eb92794277dd61e0540b03b8b1564e7554de1e75076757ed9121e0efc9573147ef9e1848f96332ea3585cd84c60ccbf1d11b1a5b03e6399b8250f15b7d366645436498d1ca29a735ba4d6918aeb6f3272a568a16e8696bca7d37aa9811d591029f46afd1f9edc804d8ca59a8806e0db2b04052984ec54e8e9a212d28f9ac9146358348edc571492ff97819908465ad32c58cce2072c625acc2771cba8a71af6846b1eca5efa0f4c7f1c9084979eb494a6b0a16ae50c74049f3aa7cffde65067a64619f28020be1fd991cac53f4fe0c6e615de0c64a2261b73649671f00262e2d331a7523d6c07e149773c943452d9b3ebd7b4368c6f9de4e351dfa9c58f75b37d80768c93835d980072e87985e93a11dbfaa16c44b8e953f301b9b13aeba715f7196fc08d02c208d1527a498e06ad9aa874f34be1b4f7006326748d834e36f886970810f5ed0b2dd855dfce08aa7eff0aa768cd60394f5990f6d74598955ed2fe094a8ee79da9679b12724d7dee1d36956f031659c6b24b5a744437bce9be1b08ecabf69fef81af441364b2a405302ffb0b4a4b0b6ee823a5e2e41973bbbb327ef93fd7067096997bee32e47fd8260825ecfb29fd9604edcbb994e0ef9f3f87aa82eed8560c2b33e10f5bbf9d949981d5c49d0087ab50e532c5c045428f95369bbd1feab1a8929b1d1738bed5de085f6ffc5eae8bc54b27de3459693d61206da2181e1058e1c2797e533a8bf78227adb73fe6977f4c59133a9a9f0b88f342fbab7eae18d8e023cc3bd350e6fabe5e5c0e3a8f71ed8faa31878b41193026969dcdcaeda521647248"}, @NL80211_ATTR_EHT_CAPABILITY={0xf1, 0x136, "5f8c7de056cf72409272c8429fbfad768cfcb8313c8f4a375854994032625bfc7db41fe0f19b055d1c827ab9206fe3f0039c3076f393ad8cf556a3b74c909888a9dc2dba925c35028839d554281b860b698466449866eea6e144c77c736e05e2ee2dd8e79aad5d9d2d3d6df697b301d8e94ffc8fea1ac7d916517a71531de6d07a6b8bafac73c4abf414d6f4e2ea5a66a8fdd9095279589b3d4f7db35ec98b9d63c28f679f271714035ec28ee3e066f0d58cca8dc7bca99b12ca436fb8f007f1f5c71d4483041dcde661b42522387248eacdf3d13267b83e6c32a50560de5a69b92911898a13bafefb9631d244"}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x2}]}, 0x1f00}, 0x1, 0x0, 0x0, 0x40010}, 0x1)

kernel console output (not intermixed with test programs):

hange_params_locked+0x6f4/0x3a30
[  456.533432][T12666]  ? snd_pcm_oss_make_ready+0xe6/0x1b0
[  456.533448][T12666]  ? snd_pcm_oss_sync+0x1de/0x840
[  456.533471][T12666]  ? snd_interval_refine+0x2fa/0x580
[  456.533487][T12666]  snd_pcm_hw_refine+0x7de/0xad0
[  456.533508][T12666]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  456.533534][T12666]  ? snd_interval_refine+0x2fa/0x580
[  456.533550][T12666]  snd_pcm_oss_change_params_locked+0x208e/0x3a30
[  456.533570][T12666]  ? rcu_watching_snap_stopped_since+0xd7/0x110
[  456.533592][T12666]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  456.533612][T12666]  ? __pfx___mutex_lock+0x10/0x10
[  456.533649][T12666]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  456.533669][T12666]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  456.533687][T12666]  snd_pcm_oss_sync+0x1de/0x840
[  456.533707][T12666]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  456.533725][T12666]  snd_pcm_oss_release+0x28b/0x310
[  456.533743][T12666]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  456.533760][T12666]  __fput+0x402/0xb70
[  456.533780][T12666]  task_work_run+0x150/0x240
[  456.533802][T12666]  ? __pfx_task_work_run+0x10/0x10
[  456.533821][T12666]  ? __pfx___do_sys_close_range+0x10/0x10
[  456.533840][T12666]  exit_to_user_mode_loop+0xeb/0x110
[  456.533861][T12666]  do_syscall_64+0x3f6/0x490
[  456.533877][T12666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.533891][T12666] RIP: 0033:0x7f90b298e9a9
[  456.533903][T12666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.533917][T12666] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  456.533931][T12666] RAX: 0000000000000000 RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  456.533940][T12666] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  456.533948][T12666] RBP: 00007f90b2a10d69 R08: 0000000000000000 R09: 0000000000000000
[  456.533957][T12666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  456.533965][T12666] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  456.533983][T12666]  </TASK>
[  457.307568][T12666] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  457.316473][T12666] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  457.330799][T12666] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  457.353476][T12666] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  457.376968][T12666] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  457.543676][T12678] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input81
[  458.217990][T12691] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82
[  458.899552][T12705] random: crng reseeded on system resumption
[  459.028584][T11901] Bluetooth: hci0: command 0x0c1a tx timeout
[  459.135751][T12711] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83
[  459.347511][T11901] Bluetooth: hci3: command 0x0c1a tx timeout
[  459.353559][T11901] Bluetooth: hci2: command 0x0c1a tx timeout
[  459.360076][T11901] Bluetooth: hci1: command 0x0c1a tx timeout
[  460.074028][T12723] FAULT_INJECTION: forcing a failure.
[  460.074028][T12723] name failslab, interval 1, probability 0, space 0, times 0
[  460.182343][T12723] CPU: 0 UID: 0 PID: 12723 Comm: syz.0.1418 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  460.182369][T12723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  460.182378][T12723] Call Trace:
[  460.182384][T12723]  <TASK>
[  460.182391][T12723]  dump_stack_lvl+0x16c/0x1f0
[  460.182411][T12723]  should_fail_ex+0x512/0x640
[  460.182426][T12723]  ? __kmalloc_noprof+0xbf/0x510
[  460.182443][T12723]  ? constrain_params_by_rules+0x175/0xca0
[  460.182461][T12723]  should_failslab+0xc2/0x120
[  460.182477][T12723]  __kmalloc_noprof+0xd2/0x510
[  460.182491][T12723]  ? unwind_get_return_address+0x59/0xa0
[  460.182515][T12723]  constrain_params_by_rules+0x175/0xca0
[  460.182537][T12723]  ? stack_trace_save+0x8e/0xc0
[  460.182555][T12723]  ? stack_depot_save_flags+0x28/0xa40
[  460.182571][T12723]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  460.182593][T12723]  ? __kasan_kmalloc+0xaa/0xb0
[  460.182604][T12723]  ? snd_pcm_oss_change_params_locked+0x6f4/0x3a30
[  460.182622][T12723]  ? snd_pcm_oss_make_ready+0xe6/0x1b0
[  460.182638][T12723]  ? snd_pcm_oss_sync+0x1de/0x840
[  460.182661][T12723]  ? snd_interval_refine+0x2fa/0x580
[  460.182677][T12723]  snd_pcm_hw_refine+0x7de/0xad0
[  460.182698][T12723]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  460.182724][T12723]  ? snd_interval_refine+0x2fa/0x580
[  460.182739][T12723]  snd_pcm_oss_change_params_locked+0x208e/0x3a30
[  460.182760][T12723]  ? rcu_watching_snap_stopped_since+0xd7/0x110
[  460.182781][T12723]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  460.182800][T12723]  ? __pfx___mutex_lock+0x10/0x10
[  460.182827][T12723]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  460.182845][T12723]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  460.182861][T12723]  snd_pcm_oss_sync+0x1de/0x840
[  460.182881][T12723]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  460.182898][T12723]  snd_pcm_oss_release+0x28b/0x310
[  460.182916][T12723]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  460.182933][T12723]  __fput+0x402/0xb70
[  460.182954][T12723]  task_work_run+0x150/0x240
[  460.182975][T12723]  ? __pfx_task_work_run+0x10/0x10
[  460.182995][T12723]  ? __pfx___do_sys_close_range+0x10/0x10
[  460.183013][T12723]  exit_to_user_mode_loop+0xeb/0x110
[  460.183034][T12723]  do_syscall_64+0x3f6/0x490
[  460.183050][T12723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.183064][T12723] RIP: 0033:0x7f62c3d8e9a9
[  460.183076][T12723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  460.183090][T12723] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  460.183104][T12723] RAX: 0000000000000000 RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  460.183113][T12723] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  460.183121][T12723] RBP: 00007f62c3e10d69 R08: 0000000000000000 R09: 0000000000000000
[  460.183130][T12723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  460.183138][T12723] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  460.183157][T12723]  </TASK>
[  460.830255][T12732] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  460.851425][T12732] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  460.889201][T12732] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  460.895256][T12732] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  461.001651][T12737] FAULT_INJECTION: forcing a failure.
[  461.001651][T12737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  461.087807][T12737] CPU: 0 UID: 0 PID: 12737 Comm: syz.1.1423 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  461.087847][T12737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  461.087863][T12737] Call Trace:
[  461.087871][T12737]  <TASK>
[  461.087881][T12737]  dump_stack_lvl+0x16c/0x1f0
[  461.087911][T12737]  should_fail_ex+0x512/0x640
[  461.087943][T12737]  _copy_to_user+0x32/0xd0
[  461.087972][T12737]  simple_read_from_buffer+0xcb/0x170
[  461.088010][T12737]  proc_fail_nth_read+0x197/0x270
[  461.088046][T12737]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.088084][T12737]  ? rw_verify_area+0xcf/0x680
[  461.088117][T12737]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  461.088145][T12737]  vfs_read+0x1e4/0xc60
[  461.088175][T12737]  ? __pfx___mutex_lock+0x10/0x10
[  461.088202][T12737]  ? __pfx_vfs_read+0x10/0x10
[  461.088237][T12737]  ? __fget_files+0x20e/0x3c0
[  461.088285][T12737]  ksys_read+0x12a/0x250
[  461.088308][T12737]  ? __pfx_ksys_read+0x10/0x10
[  461.088343][T12737]  do_syscall_64+0xcd/0x490
[  461.088383][T12737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.088411][T12737] RIP: 0033:0x7f774858d3bc
[  461.088432][T12737] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  461.088457][T12737] RSP: 002b:00007f77463f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  461.088481][T12737] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858d3bc
[  461.088499][T12737] RDX: 000000000000000f RSI: 00007f77463f60a0 RDI: 0000000000000004
[  461.088515][T12737] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  461.088531][T12737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  461.088547][T12737] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  461.088582][T12737]  </TASK>
[  462.610812][T11910] Bluetooth: hci0: command 0x0c1a tx timeout
[  462.848391][T11910] Bluetooth: hci1: command 0x0c1a tx timeout
[  462.938392][T11910] Bluetooth: hci3: command 0x0c1a tx timeout
[  462.944468][T11910] Bluetooth: hci2: command 0x0c1a tx timeout
[  463.040413][T12754] FAULT_INJECTION: forcing a failure.
[  463.040413][T12754] name fail_futex, interval 1, probability 0, space 0, times 0
[  463.062845][T12754] CPU: 1 UID: 0 PID: 12754 Comm: syz.1.1427 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  463.062889][T12754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  463.062906][T12754] Call Trace:
[  463.062916][T12754]  <TASK>
[  463.062926][T12754]  dump_stack_lvl+0x16c/0x1f0
[  463.062968][T12754]  should_fail_ex+0x512/0x640
[  463.063001][T12754]  get_futex_key+0x1d0/0x1540
[  463.063039][T12754]  ? __pfx_get_futex_key+0x10/0x10
[  463.063084][T12754]  futex_wake+0xe7/0x4e0
[  463.063124][T12754]  ? __pfx_futex_wake+0x10/0x10
[  463.063161][T12754]  ? rcu_is_watching+0x12/0xc0
[  463.063204][T12754]  do_futex+0x1e3/0x350
[  463.063237][T12754]  ? __pfx_do_futex+0x10/0x10
[  463.063271][T12754]  ? __pfx___might_resched+0x10/0x10
[  463.063305][T12754]  __x64_sys_futex+0x1e0/0x4c0
[  463.063339][T12754]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  463.063381][T12754]  ? __pfx___x64_sys_futex+0x10/0x10
[  463.063413][T12754]  ? xfd_validate_state+0x61/0x180
[  463.063446][T12754]  ? __pfx___do_sys_close_range+0x10/0x10
[  463.063487][T12754]  do_syscall_64+0xcd/0x490
[  463.063517][T12754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.063544][T12754] RIP: 0033:0x7f774858e9a9
[  463.063566][T12754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.063592][T12754] RSP: 002b:00007f77463f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  463.063618][T12754] RAX: ffffffffffffffda RBX: 00007f77487b5fa8 RCX: 00007f774858e9a9
[  463.063637][T12754] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f77487b5fac
[  463.063654][T12754] RBP: 00007f77487b5fa0 R08: 00007f77492fc000 R09: 0000000000000000
[  463.063674][T12754] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f77487b5fac
[  463.063691][T12754] R13: 0000000000000000 R14: 00007ffc0b834b30 R15: 00007ffc0b834c18
[  463.063726][T12754]  </TASK>
[  463.331618][T12763] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84
[  466.462416][T12806] FAULT_INJECTION: forcing a failure.
[  466.462416][T12806] name fail_futex, interval 1, probability 0, space 0, times 0
[  466.522329][T12806] CPU: 0 UID: 0 PID: 12806 Comm: syz.2.1441 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  466.522372][T12806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  466.522390][T12806] Call Trace:
[  466.522399][T12806]  <TASK>
[  466.522410][T12806]  dump_stack_lvl+0x16c/0x1f0
[  466.522445][T12806]  should_fail_ex+0x512/0x640
[  466.522480][T12806]  get_futex_key+0x1d0/0x1540
[  466.522525][T12806]  ? __pfx_get_futex_key+0x10/0x10
[  466.522572][T12806]  futex_wake+0xe7/0x4e0
[  466.522614][T12806]  ? __pfx_futex_wake+0x10/0x10
[  466.522653][T12806]  ? rcu_is_watching+0x12/0xc0
[  466.522697][T12806]  do_futex+0x1e3/0x350
[  466.522731][T12806]  ? __pfx_do_futex+0x10/0x10
[  466.522767][T12806]  ? __pfx___might_resched+0x10/0x10
[  466.522801][T12806]  __x64_sys_futex+0x1e0/0x4c0
[  466.522836][T12806]  ? __pfx_blkcg_maybe_throttle_current+0x10/0x10
[  466.522876][T12806]  ? __pfx___x64_sys_futex+0x10/0x10
[  466.522910][T12806]  ? xfd_validate_state+0x61/0x180
[  466.522944][T12806]  ? __pfx___do_sys_close_range+0x10/0x10
[  466.522984][T12806]  do_syscall_64+0xcd/0x490
[  466.523015][T12806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  466.523043][T12806] RIP: 0033:0x7f90b298e9a9
[  466.523066][T12806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  466.523092][T12806] RSP: 002b:00007f90b38a90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  466.523117][T12806] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa8 RCX: 00007f90b298e9a9
[  466.523135][T12806] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f90b2bb5fac
[  466.523153][T12806] RBP: 00007f90b2bb5fa0 R08: 00007f90b38aa000 R09: 0000000000000000
[  466.523170][T12806] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f90b2bb5fac
[  466.523187][T12806] R13: 0000000000000000 R14: 00007ffef26c0d60 R15: 00007ffef26c0e48
[  466.523224][T12806]  </TASK>
[  468.620521][T12848] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85
[  468.712664][T12850] i2c i2c-0: Failed to register i2c client card: at 0x01 (-16)
[  468.861469][T12853] netlink: 85 bytes leftover after parsing attributes in process `syz.3.1453'.
[  471.090453][T12890] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  471.539445][T12891] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1474'.
[  471.960784][T12899] random: crng reseeded on system resumption
[  472.449043][T12905] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86
[  474.529456][T12941] FAULT_INJECTION: forcing a failure.
[  474.529456][T12941] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.555183][T12941] CPU: 0 UID: 0 PID: 12941 Comm: syz.0.1483 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  474.555222][T12941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  474.555238][T12941] Call Trace:
[  474.555247][T12941]  <TASK>
[  474.555257][T12941]  dump_stack_lvl+0x16c/0x1f0
[  474.555288][T12941]  should_fail_ex+0x512/0x640
[  474.555320][T12941]  _copy_to_user+0x32/0xd0
[  474.555351][T12941]  simple_read_from_buffer+0xcb/0x170
[  474.555388][T12941]  proc_fail_nth_read+0x197/0x270
[  474.555421][T12941]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  474.555458][T12941]  ? rw_verify_area+0xcf/0x680
[  474.555493][T12941]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  474.555528][T12941]  vfs_read+0x1e4/0xc60
[  474.555557][T12941]  ? __pfx___mutex_lock+0x10/0x10
[  474.555584][T12941]  ? __pfx_vfs_read+0x10/0x10
[  474.555618][T12941]  ? __fget_files+0x20e/0x3c0
[  474.555664][T12941]  ksys_read+0x12a/0x250
[  474.555687][T12941]  ? __pfx_ksys_read+0x10/0x10
[  474.555722][T12941]  do_syscall_64+0xcd/0x490
[  474.555751][T12941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.555784][T12941] RIP: 0033:0x7f62c3d8d3bc
[  474.555805][T12941] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  474.555829][T12941] RSP: 002b:00007f62c4c88030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  474.555853][T12941] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8d3bc
[  474.555871][T12941] RDX: 000000000000000f RSI: 00007f62c4c880a0 RDI: 0000000000000004
[  474.555886][T12941] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  474.555902][T12941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.555917][T12941] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  474.555953][T12941]  </TASK>
[  475.874206][T12965] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87
[  476.339595][T12982] ptrace attach of "./syz-executor exec"[5846] was attempted by "‡ú2ÒbKf÷ÁkŒÁ„K»¥†väº�7œ¥d³Ro±Ä[z]ƒÕXˆMìåì¹÷\x0cÎÙõ”\x0a«4?êË[ϦA¨N¸Ç~�T¯\x07†êÕÛQ–GwZ\x0aÂHœ)�T©ŽãéÓߦR_µ…'”µ„Gâ|L+ǧ•sÒC³“QvŒÍƒÅßKè]=¾Ü�””ºŽóz…@G±Æ�Q\x0bÚ.þ¡Oº'¥Žo)†Ÿ_»CÏ{\x0bÚ^Äè`î#:Ñ׺‰óf\x0d+fè´g*=µ¤›{qžzÌQV  CJÂÕ�]ÆÆ åϨ'è°\x0a
9Zj(¥X_6xÚ\x0d×2ø7¯¹5r¡~Q†ÁjòB\x09ðjÔÊR¹pªß$A]ªŠ¥þO‰í‡Î`ÕXð�cÖC´êqQC”ÜJðîƲœ¾f!\x1bèf¼�—p»MÄ12:\x5c=൩“Jm©§Š§ú©Ëú†ÉVï9k¯Åú”¾FÛXIkÔh\x0a9q�Ì�ÃËh梈#xT\x09½¡¡þßñ·~“Š6²¬º×¡¼Eim3JOQY·ò¯–1ÂK0}Ž¹4õš¤Í'þ\x0bVÅhI!üλs¡Á ÙYÁ?¡‹ 9æ<»¸ÌýOB,Ë É\x1bŒ£Å†Õ�¯ øâN\x0d&
oô] «“™*¢E„ÚRa“ªq°¯Z$HJ]ª¾p…8©H@?ÆžÜÏj…n˜Ì›\x07Ýêñø_Ûô�Eu“ˆD Â®äIu:£2r&¦^v\x09‡øê`àq«~Æ®Ær^ú„î«$ÔÉæÖVÑí_ÉÔL\x22Šçž(ôÌût—ˆ6tyƒ‘ñÇ7WªÙ›¨�Š\x07\x097B¹(%¹�6·ÂTø6‹µ–«x½7¦?þ`,ºý­ÊŸt­™äN U<+å�)•1Å Þ\x0câÑÈ•IegVâo5¹×ýL{(
ð(èvà¿jâöE¨ù¦‡¶Š”ÅÍ6‹Á\x09³FÙ7ƒSÖ_|ß÷Ú`PàÔ&ÅÍ®èþöj•Ü†ˆeX´c\x1b�£¦bF˜…ÿ/õvq?b\x1bŒƒ²Oðá™
C—ÑókIœ¸¨v´ùû÷ßp_¶v6í\x0cÆ n}©6’2dz¤Bå–÷1ÑýôòÓ½<X$ú\x1b\x5c ¿ANAqQÚæ\x07-ëïéàAã\x0d£²
[  478.373721][T13016] ima: policy update failed
[  478.491760][   T30] audit: type=1802 audit(6048413426.002:17): pid=13016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1503" res=0 errno=0
[  478.835426][T13029] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89
[  480.391282][T13072] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input90
[  482.622497][T13107] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91
[  484.774515][T13148] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92
[  484.948789][T13152] FAULT_INJECTION: forcing a failure.
[  484.948789][T13152] name failslab, interval 1, probability 0, space 0, times 0
[  484.983347][T13152] CPU: 0 UID: 0 PID: 13152 Comm: syz.0.1551 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  484.983385][T13152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  484.983401][T13152] Call Trace:
[  484.983409][T13152]  <TASK>
[  484.983419][T13152]  dump_stack_lvl+0x16c/0x1f0
[  484.983452][T13152]  should_fail_ex+0x512/0x640
[  484.983478][T13152]  ? __kvmalloc_node_noprof+0x124/0x620
[  484.983521][T13152]  should_failslab+0xc2/0x120
[  484.983550][T13152]  __kvmalloc_node_noprof+0x137/0x620
[  484.983591][T13152]  ? seq_read_iter+0x826/0x12c0
[  484.983624][T13152]  ? __lock_acquire+0xb8a/0x1c90
[  484.983661][T13152]  ? seq_read_iter+0x826/0x12c0
[  484.983693][T13152]  seq_read_iter+0x826/0x12c0
[  484.983731][T13152]  ? __mutex_trylock_common+0xe9/0x250
[  484.983777][T13152]  kernfs_fop_read_iter+0x40f/0x5a0
[  484.983809][T13152]  ? rw_verify_area+0xcf/0x680
[  484.983849][T13152]  vfs_read+0x8bc/0xc60
[  484.983878][T13152]  ? __pfx___mutex_lock+0x10/0x10
[  484.983916][T13152]  ? __pfx_vfs_read+0x10/0x10
[  484.983966][T13152]  ksys_read+0x12a/0x250
[  484.983989][T13152]  ? __pfx_ksys_read+0x10/0x10
[  484.984025][T13152]  do_syscall_64+0xcd/0x490
[  484.984055][T13152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.984081][T13152] RIP: 0033:0x7f62c3d8e9a9
[  484.984103][T13152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.984127][T13152] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  484.984152][T13152] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  484.984169][T13152] RDX: 0000000000000004 RSI: 0000200000000380 RDI: 0000000000000003
[  484.984184][T13152] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  484.984200][T13152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.984215][T13152] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  484.984251][T13152]  </TASK>
[  485.440304][T13155] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93
[  486.462609][T13178] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94
[  487.077854][T13191] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input95
[  487.286899][T13187] ima: policy update failed
[  487.317131][   T30] audit: type=1802 audit(6048413434.858:18): pid=13187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1561" res=0 errno=0
[  490.976459][T13238] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input96
[  491.175351][T13241] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97
[  494.133969][T13312] FAULT_INJECTION: forcing a failure.
[  494.133969][T13312] name failslab, interval 1, probability 0, space 0, times 0
[  494.169327][T13312] CPU: 1 UID: 0 PID: 13312 Comm: syz.0.1599 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  494.169364][T13312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  494.169379][T13312] Call Trace:
[  494.169388][T13312]  <TASK>
[  494.169398][T13312]  dump_stack_lvl+0x16c/0x1f0
[  494.169430][T13312]  should_fail_ex+0x512/0x640
[  494.169456][T13312]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  494.169487][T13312]  should_failslab+0xc2/0x120
[  494.169516][T13312]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  494.169544][T13312]  ? vm_area_dup+0x27/0x8d0
[  494.169586][T13312]  vm_area_dup+0x27/0x8d0
[  494.169626][T13312]  __split_vma+0x18e/0x1070
[  494.169656][T13312]  ? __pfx___split_vma+0x10/0x10
[  494.169690][T13312]  ? find_held_lock+0x2b/0x80
[  494.169732][T13312]  vma_modify+0xee1/0x2030
[  494.169764][T13312]  ? unwind_get_return_address+0x59/0xa0
[  494.169803][T13312]  ? __pfx_vma_modify+0x10/0x10
[  494.169839][T13312]  vma_modify_flags_name+0x228/0x330
[  494.169868][T13312]  ? __pfx_vma_modify_flags_name+0x10/0x10
[  494.169922][T13312]  madvise_update_vma+0x14b/0xae0
[  494.169958][T13312]  ? __pfx_madvise_update_vma+0x10/0x10
[  494.170012][T13312]  madvise_vma_anon_name+0x9e/0xf0
[  494.170046][T13312]  ? __pfx_madvise_vma_anon_name+0x10/0x10
[  494.170076][T13312]  madvise_walk_vmas+0x1ce/0x2c0
[  494.170109][T13312]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  494.170140][T13312]  ? down_write+0x14d/0x200
[  494.170168][T13312]  ? __pfx_down_write+0x10/0x10
[  494.170203][T13312]  madvise_set_anon_name+0xaf/0x110
[  494.170239][T13312]  __do_sys_prctl+0x1620/0x24c0
[  494.170280][T13312]  ? __pfx___do_sys_prctl+0x10/0x10
[  494.170329][T13312]  do_syscall_64+0xcd/0x490
[  494.170359][T13312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.170385][T13312] RIP: 0033:0x7f62c3d8e9a9
[  494.170406][T13312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.170430][T13312] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  494.170454][T13312] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  494.170472][T13312] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000053564d41
[  494.170487][T13312] RBP: 00007f62c4c88090 R08: 0000000000000002 R09: 0000000000000000
[  494.170503][T13312] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001
[  494.170518][T13312] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  494.170554][T13312]  </TASK>
[  496.415499][T13337] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99
[  496.876352][T13347] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1611'.
[  498.076974][T13368] FAULT_INJECTION: forcing a failure.
[  498.076974][T13368] name failslab, interval 1, probability 0, space 0, times 0
[  498.100103][T13368] CPU: 0 UID: 0 PID: 13368 Comm: syz.0.1618 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  498.100142][T13368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  498.100158][T13368] Call Trace:
[  498.100166][T13368]  <TASK>
[  498.100176][T13368]  dump_stack_lvl+0x16c/0x1f0
[  498.100207][T13368]  should_fail_ex+0x512/0x640
[  498.100229][T13368]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  498.100258][T13368]  should_failslab+0xc2/0x120
[  498.100286][T13368]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  498.100311][T13368]  ? mas_alloc_nodes+0x18b/0x8b0
[  498.100352][T13368]  mas_alloc_nodes+0x18b/0x8b0
[  498.100405][T13368]  mas_node_count_gfp+0x105/0x130
[  498.100444][T13368]  mas_preallocate+0x7e0/0xde0
[  498.100480][T13368]  ? __pfx_mas_preallocate+0x10/0x10
[  498.100521][T13368]  ? anon_vma_name+0x75/0x100
[  498.100558][T13368]  __split_vma+0x34a/0x1070
[  498.100588][T13368]  ? __pfx___split_vma+0x10/0x10
[  498.100623][T13368]  ? find_held_lock+0x2b/0x80
[  498.100655][T13368]  vma_modify+0xee1/0x2030
[  498.100686][T13368]  ? unwind_get_return_address+0x59/0xa0
[  498.100726][T13368]  ? __pfx_vma_modify+0x10/0x10
[  498.100760][T13368]  vma_modify_flags_name+0x228/0x330
[  498.100789][T13368]  ? __pfx_vma_modify_flags_name+0x10/0x10
[  498.100841][T13368]  madvise_update_vma+0x14b/0xae0
[  498.100877][T13368]  ? __pfx_madvise_update_vma+0x10/0x10
[  498.100930][T13368]  madvise_vma_anon_name+0x9e/0xf0
[  498.100965][T13368]  ? __pfx_madvise_vma_anon_name+0x10/0x10
[  498.100995][T13368]  madvise_walk_vmas+0x1ce/0x2c0
[  498.101027][T13368]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  498.101058][T13368]  ? down_write+0x14d/0x200
[  498.101085][T13368]  ? __pfx_down_write+0x10/0x10
[  498.101116][T13368]  madvise_set_anon_name+0xaf/0x110
[  498.101151][T13368]  __do_sys_prctl+0x1620/0x24c0
[  498.101192][T13368]  ? __pfx___do_sys_prctl+0x10/0x10
[  498.101241][T13368]  do_syscall_64+0xcd/0x490
[  498.101270][T13368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.101296][T13368] RIP: 0033:0x7f62c3d8e9a9
[  498.101316][T13368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.101340][T13368] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  498.101364][T13368] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  498.101381][T13368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000053564d41
[  498.101419][T13368] RBP: 00007f62c4c88090 R08: 0000000000000002 R09: 0000000000000000
[  498.101435][T13368] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000002
[  498.101450][T13368] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  498.101485][T13368]  </TASK>
[  498.508224][T13372] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100
[  499.947787][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  499.954157][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  499.957639][T13406] FAULT_INJECTION: forcing a failure.
[  499.957639][T13406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.025602][T13406] CPU: 0 UID: 0 PID: 13406 Comm: syz.1.1631 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  500.025641][T13406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  500.025657][T13406] Call Trace:
[  500.025665][T13406]  <TASK>
[  500.025675][T13406]  dump_stack_lvl+0x16c/0x1f0
[  500.025706][T13406]  should_fail_ex+0x512/0x640
[  500.025738][T13406]  _copy_from_user+0x2e/0xd0
[  500.025768][T13406]  copy_msghdr_from_user+0x98/0x160
[  500.025797][T13406]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  500.025831][T13406]  ? kfree+0x24f/0x4d0
[  500.025865][T13406]  ? __lock_acquire+0x622/0x1c90
[  500.025905][T13406]  ___sys_recvmsg+0xdb/0x1a0
[  500.025933][T13406]  ? __pfx____sys_recvmsg+0x10/0x10
[  500.025980][T13406]  ? __pfx___might_resched+0x10/0x10
[  500.026017][T13406]  do_recvmmsg+0x2fe/0x750
[  500.026049][T13406]  ? __pfx_do_recvmmsg+0x10/0x10
[  500.026085][T13406]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  500.026125][T13406]  ? __fget_files+0x20e/0x3c0
[  500.026172][T13406]  __x64_sys_recvmmsg+0x22a/0x280
[  500.026203][T13406]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  500.026244][T13406]  do_syscall_64+0xcd/0x490
[  500.026274][T13406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.026300][T13406] RIP: 0033:0x7f774858e9a9
[  500.026322][T13406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  500.026346][T13406] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  500.026370][T13406] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  500.026387][T13406] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  500.026401][T13406] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  500.026415][T13406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.026434][T13406] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  500.026466][T13406]  </TASK>
[  501.882112][T13457] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102
[  502.197846][T13467] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [2147479552].
[  502.477495][T13471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78800
[  502.479790][T13478] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103
[  502.498127][T13471] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  502.505894][T13471] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  502.516331][T13471] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  502.526410][T13471] page dumped because: unmovable page
[  502.540381][T13471] page_owner tracks the page as allocated
[  502.549997][T13471] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5836, tgid 5836 (syz-executor), ts 85112582607, free_ts 85102233811
[  502.574683][T13471]  post_alloc_hook+0x1c0/0x230
[  502.580692][T13471]  get_page_from_freelist+0x1321/0x3890
[  502.586683][T13471]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  502.594152][T13471]  alloc_pages_mpol+0x1fb/0x550
[  502.599239][T13471]  alloc_pages_noprof+0x131/0x390
[  502.605352][T13471]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  502.611399][T13471]  __vmalloc_node_noprof+0xad/0xf0
[  502.617450][T13471]  copy_process+0x2c70/0x7650
[  502.622478][T13471]  kernel_clone+0xfc/0x960
[  502.627033][T13471]  __do_sys_clone3+0x212/0x290
[  502.633294][T13471]  do_syscall_64+0xcd/0x490
[  502.637960][T13471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  502.647186][T13471] page last free pid 5836 tgid 5836 stack trace:
[  502.654277][T13471]  __free_frozen_pages+0x7fe/0x1180
[  502.659679][T13471]  tlb_finish_mmu+0x237/0x7c0
[  502.664783][T13471]  vms_clear_ptes+0x55e/0x770
[  502.669608][T13471]  vms_complete_munmap_vmas+0x1ca/0x970
[  502.676194][T13471]  do_vmi_align_munmap+0x43b/0x7d0
[  502.681981][T13471]  do_vmi_munmap+0x204/0x3e0
[  502.686731][T13471]  __vm_munmap+0x19a/0x390
[  502.692038][T13471]  __x64_sys_munmap+0x59/0x80
[  502.699077][T13471]  do_syscall_64+0xcd/0x490
[  502.703786][T13471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  503.404548][   T30] audit: type=1800 audit(6048413451.041:19): pid=13496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1659" name="trace_pipe" dev="tracefs" ino=1070 res=0 errno=0
[  503.749648][T13501] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105
[  504.422885][T13508] FAULT_INJECTION: forcing a failure.
[  504.422885][T13508] name failslab, interval 1, probability 0, space 0, times 0
[  504.501805][T13508] CPU: 1 UID: 0 PID: 13508 Comm: syz.2.1662 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  504.501843][T13508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  504.501858][T13508] Call Trace:
[  504.501866][T13508]  <TASK>
[  504.501876][T13508]  dump_stack_lvl+0x16c/0x1f0
[  504.501920][T13508]  should_fail_ex+0x512/0x640
[  504.501947][T13508]  ? __kmalloc_noprof+0xbf/0x510
[  504.501977][T13508]  ? __register_sysctl_table+0xb3/0x1900
[  504.502005][T13508]  should_failslab+0xc2/0x120
[  504.502035][T13508]  __kmalloc_noprof+0xd2/0x510
[  504.502073][T13508]  __register_sysctl_table+0xb3/0x1900
[  504.502099][T13508]  ? is_module_address+0x5f/0xf0
[  504.502141][T13508]  ? __pfx___register_sysctl_table+0x10/0x10
[  504.502168][T13508]  ? is_module_address+0x69/0xf0
[  504.502201][T13508]  ? register_net_sysctl_sz+0x228/0x3e0
[  504.502235][T13508]  ? __asan_memcpy+0x3c/0x60
[  504.502278][T13508]  mptcp_net_init+0x499/0x620
[  504.502320][T13508]  ? __pfx_mptcp_net_init+0x10/0x10
[  504.502354][T13508]  ops_init+0x1df/0x5f0
[  504.502388][T13508]  setup_net+0x1ff/0x510
[  504.502414][T13508]  ? lockdep_init_map_type+0x5c/0x280
[  504.502450][T13508]  ? __pfx_setup_net+0x10/0x10
[  504.502484][T13508]  ? debug_mutex_init+0x37/0x70
[  504.502516][T13508]  copy_net_ns+0x2a6/0x5f0
[  504.502552][T13508]  create_new_namespaces+0x3ea/0xa90
[  504.502590][T13508]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  504.502624][T13508]  ksys_unshare+0x45b/0xa40
[  504.502658][T13508]  ? __pfx_ksys_unshare+0x10/0x10
[  504.502695][T13508]  ? xfd_validate_state+0x61/0x180
[  504.502740][T13508]  __x64_sys_unshare+0x31/0x40
[  504.502775][T13508]  do_syscall_64+0xcd/0x490
[  504.502804][T13508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.502836][T13508] RIP: 0033:0x7f90b298e9a9
[  504.502858][T13508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.502882][T13508] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  504.502915][T13508] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  504.502936][T13508] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  504.502953][T13508] RBP: 00007f90b2a10d69 R08: 0000000000000000 R09: 0000000000000000
[  504.502970][T13508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  504.502986][T13508] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  504.503022][T13508]  </TASK>
[  504.753843][    C1] vkms_vblank_simulate: vblank timer overrun
[  504.835309][T13514] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106
[  507.208255][T13556] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107
[  507.483311][T13561] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108
[  507.725152][T13568] FAULT_INJECTION: forcing a failure.
[  507.725152][T13568] name failslab, interval 1, probability 0, space 0, times 0
[  507.747629][T13568] CPU: 0 UID: 0 PID: 13568 Comm: syz.0.1677 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  507.747666][T13568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  507.747682][T13568] Call Trace:
[  507.747689][T13568]  <TASK>
[  507.747699][T13568]  dump_stack_lvl+0x16c/0x1f0
[  507.747731][T13568]  should_fail_ex+0x512/0x640
[  507.747755][T13568]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  507.747787][T13568]  should_failslab+0xc2/0x120
[  507.747814][T13568]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  507.747840][T13568]  ? __alloc_skb+0x2b2/0x380
[  507.747870][T13568]  __alloc_skb+0x2b2/0x380
[  507.747893][T13568]  ? __pfx___alloc_skb+0x10/0x10
[  507.747923][T13568]  ? __lock_acquire+0xb8a/0x1c90
[  507.747961][T13568]  netlink_alloc_large_skb+0x69/0x130
[  507.747994][T13568]  netlink_sendmsg+0x6a1/0xdd0
[  507.748028][T13568]  ? __pfx_netlink_sendmsg+0x10/0x10
[  507.748072][T13568]  ____sys_sendmsg+0xa95/0xc70
[  507.748106][T13568]  ? copy_msghdr_from_user+0x10a/0x160
[  507.748133][T13568]  ? __pfx_____sys_sendmsg+0x10/0x10
[  507.748182][T13568]  ___sys_sendmsg+0x134/0x1d0
[  507.748210][T13568]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.748234][T13568]  ? __lock_acquire+0x622/0x1c90
[  507.748311][T13568]  __sys_sendmsg+0x16d/0x220
[  507.748338][T13568]  ? __pfx___sys_sendmsg+0x10/0x10
[  507.748396][T13568]  do_syscall_64+0xcd/0x490
[  507.748426][T13568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.748451][T13568] RIP: 0033:0x7f62c3d8e9a9
[  507.748471][T13568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.748494][T13568] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  507.748519][T13568] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  507.748536][T13568] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  507.748551][T13568] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  507.748567][T13568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.748582][T13568] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  507.748615][T13568]  </TASK>
[  508.109591][T13572] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109
[  509.091064][T13593] FAULT_INJECTION: forcing a failure.
[  509.091064][T13593] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  509.126799][T13593] CPU: 1 UID: 0 PID: 13593 Comm: syz.0.1684 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  509.126841][T13593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  509.126857][T13593] Call Trace:
[  509.126866][T13593]  <TASK>
[  509.126877][T13593]  dump_stack_lvl+0x16c/0x1f0
[  509.126912][T13593]  should_fail_ex+0x512/0x640
[  509.126948][T13593]  should_fail_alloc_page+0xe7/0x130
[  509.126984][T13593]  prepare_alloc_pages+0x3c2/0x610
[  509.127029][T13593]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  509.127060][T13593]  ? kasan_save_stack+0x42/0x60
[  509.127085][T13593]  ? kasan_save_stack+0x33/0x60
[  509.127109][T13593]  ? kasan_save_track+0x14/0x30
[  509.127134][T13593]  ? __kasan_slab_alloc+0x89/0x90
[  509.127160][T13593]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  509.127187][T13593]  ? __pmd_alloc+0xbf/0x930
[  509.127217][T13593]  ? __handle_mm_fault+0xaac/0x5490
[  509.127252][T13593]  ? handle_mm_fault+0x589/0xd10
[  509.127287][T13593]  ? do_user_addr_fault+0x7a6/0x1370
[  509.127323][T13593]  ? exc_page_fault+0x5c/0xb0
[  509.127360][T13593]  ? asm_exc_page_fault+0x26/0x30
[  509.127385][T13593]  ? __get_user_4+0x14/0x20
[  509.127418][T13593]  ? snd_pcm_oss_ioctl+0x2ebe/0x37a0
[  509.127453][T13593]  ? __x64_sys_ioctl+0x18e/0x210
[  509.127493][T13593]  ? do_syscall_64+0xcd/0x490
[  509.127518][T13593]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.127546][T13593]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  509.127594][T13593]  ? __lock_acquire+0xb8a/0x1c90
[  509.127626][T13593]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  509.127663][T13593]  ? policy_nodemask+0xea/0x4e0
[  509.127697][T13593]  alloc_pages_mpol+0x1fb/0x550
[  509.127728][T13593]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  509.127761][T13593]  ? __thp_vma_allowable_orders+0x1c5/0xb10
[  509.127799][T13593]  alloc_pages_noprof+0x131/0x390
[  509.127828][T13593]  pte_alloc_one+0x1c/0x3a0
[  509.127851][T13593]  __handle_mm_fault+0x3a68/0x5490
[  509.127896][T13593]  ? __pfx___handle_mm_fault+0x10/0x10
[  509.127930][T13593]  ? __pfx_mt_find+0x10/0x10
[  509.127975][T13593]  ? find_vma+0xbf/0x140
[  509.128004][T13593]  ? __pfx_find_vma+0x10/0x10
[  509.128036][T13593]  handle_mm_fault+0x589/0xd10
[  509.128073][T13593]  ? __pkru_allows_pkey+0x51/0xb0
[  509.128108][T13593]  do_user_addr_fault+0x7a6/0x1370
[  509.128144][T13593]  ? rcu_is_watching+0x12/0xc0
[  509.128174][T13593]  exc_page_fault+0x5c/0xb0
[  509.128211][T13593]  asm_exc_page_fault+0x26/0x30
[  509.128234][T13593] RIP: 0010:__get_user_4+0x14/0x20
[  509.128268][T13593] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 00 0a 04 00 90 90 90 90 90 90 90 90 90 90
[  509.128291][T13593] RSP: 0018:ffffc90003adfdd8 EFLAGS: 00050287
[  509.128311][T13593] RAX: 0000000000000000 RBX: ffff88806d412900 RCX: ffffc9000bcc9000
[  509.128328][T13593] RDX: 00007ffffffff000 RSI: ffffffff89210ea6 RDI: ffffffff8c155e60
[  509.128344][T13593] RBP: 0000000000000000 R08: 856fcac407a10a04 R09: 0000000000000000
[  509.128359][T13593] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff9200075bfc3
[  509.128375][T13593] R13: 00000000c0045005 R14: ffff88807dcfe8c0 R15: 0000000000000050
[  509.128401][T13593]  ? snd_pcm_oss_ioctl+0x2eb6/0x37a0
[  509.128439][T13593]  snd_pcm_oss_ioctl+0x2ebe/0x37a0
[  509.128479][T13593]  ? find_held_lock+0x2b/0x80
[  509.128504][T13593]  ? hook_file_ioctl_common+0x145/0x410
[  509.128539][T13593]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  509.128576][T13593]  ? __fget_files+0x20e/0x3c0
[  509.128619][T13593]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  509.128653][T13593]  __x64_sys_ioctl+0x18e/0x210
[  509.128687][T13593]  do_syscall_64+0xcd/0x490
[  509.128714][T13593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.128738][T13593] RIP: 0033:0x7f62c3d8e9a9
[  509.128757][T13593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.128779][T13593] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  509.128801][T13593] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  509.128817][T13593] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000004
[  509.128832][T13593] RBP: 00007f62c3e10d69 R08: 0000000000000000 R09: 0000000000000000
[  509.128847][T13593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  509.128861][T13593] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  509.128894][T13593]  </TASK>
[  509.562680][    C1] vkms_vblank_simulate: vblank timer overrun
[  509.664016][T13582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78800
[  509.795782][T13582] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  509.847545][T13582] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  509.856410][T13582] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  509.865252][T13582] page dumped because: unmovable page
[  509.870637][T13582] page_owner tracks the page as allocated
[  509.876383][T13582] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5836, tgid 5836 (syz-executor), ts 85112582607, free_ts 85102233811
[  509.895561][    C1] vkms_vblank_simulate: vblank timer overrun
[  509.901731][T13582]  post_alloc_hook+0x1c0/0x230
[  509.906555][T13582]  get_page_from_freelist+0x1321/0x3890
[  509.912120][T13582]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  509.918068][T13582]  alloc_pages_mpol+0x1fb/0x550
[  509.922932][T13582]  alloc_pages_noprof+0x131/0x390
[  509.929684][T13582]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  509.935667][T13582]  __vmalloc_node_noprof+0xad/0xf0
[  509.940784][T13582]  copy_process+0x2c70/0x7650
[  509.945607][T13582]  kernel_clone+0xfc/0x960
[  509.950039][T13582]  __do_sys_clone3+0x212/0x290
[  509.954850][T13582]  do_syscall_64+0xcd/0x490
[  509.959345][T13582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.965293][T13582] page last free pid 5836 tgid 5836 stack trace:
[  509.971606][T13582]  __free_frozen_pages+0x7fe/0x1180
[  509.977069][T13582]  tlb_finish_mmu+0x237/0x7c0
[  509.981768][T13582]  vms_clear_ptes+0x55e/0x770
[  509.986529][T13582]  vms_complete_munmap_vmas+0x1ca/0x970
[  509.992072][T13582]  do_vmi_align_munmap+0x43b/0x7d0
[  509.997228][T13582]  do_vmi_munmap+0x204/0x3e0
[  510.001806][T13582]  __vm_munmap+0x19a/0x390
[  510.006264][T13582]  __x64_sys_munmap+0x59/0x80
[  510.010978][T13582]  do_syscall_64+0xcd/0x490
[  510.015551][T13582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.235720][T13601] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input110
[  510.465255][T13604] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111
[  511.446591][   T30] audit: type=1800 audit(6048413459.103:20): pid=13615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1691" name="trace_pipe" dev="tracefs" ino=1070 res=0 errno=0
[  511.989981][T13623] FAULT_INJECTION: forcing a failure.
[  511.989981][T13623] name failslab, interval 1, probability 0, space 0, times 0
[  512.022829][T13623] CPU: 0 UID: 0 PID: 13623 Comm: syz.3.1693 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  512.022868][T13623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  512.022882][T13623] Call Trace:
[  512.022891][T13623]  <TASK>
[  512.022901][T13623]  dump_stack_lvl+0x16c/0x1f0
[  512.022940][T13623]  should_fail_ex+0x512/0x640
[  512.022966][T13623]  ? __kmalloc_noprof+0xbf/0x510
[  512.022994][T13623]  ? copy_splice_read+0x1a8/0xba0
[  512.023026][T13623]  should_failslab+0xc2/0x120
[  512.023056][T13623]  __kmalloc_noprof+0xd2/0x510
[  512.023091][T13623]  copy_splice_read+0x1a8/0xba0
[  512.023135][T13623]  ? __pfx_copy_splice_read+0x10/0x10
[  512.023172][T13623]  ? look_up_lock_class+0x59/0x150
[  512.023203][T13623]  ? lockdep_init_map_type+0x5c/0x280
[  512.023240][T13623]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  512.023268][T13623]  ? __pfx_copy_splice_read+0x10/0x10
[  512.023302][T13623]  do_splice_read+0x285/0x370
[  512.023340][T13623]  splice_direct_to_actor+0x2a1/0xa30
[  512.023379][T13623]  ? __pfx_direct_splice_actor+0x10/0x10
[  512.023422][T13623]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  512.023457][T13623]  ? get_pid_task+0xfc/0x250
[  512.023500][T13623]  do_splice_direct+0x174/0x240
[  512.023537][T13623]  ? __pfx_do_splice_direct+0x10/0x10
[  512.023573][T13623]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  512.023615][T13623]  ? rw_verify_area+0xcf/0x680
[  512.023654][T13623]  do_sendfile+0xb06/0xe50
[  512.023697][T13623]  ? __pfx_do_sendfile+0x10/0x10
[  512.023734][T13623]  ? __fget_files+0x20e/0x3c0
[  512.023781][T13623]  __x64_sys_sendfile64+0x1d8/0x220
[  512.023808][T13623]  ? ksys_write+0x1ac/0x250
[  512.023832][T13623]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  512.023874][T13623]  do_syscall_64+0xcd/0x490
[  512.023903][T13623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.023935][T13623] RIP: 0033:0x7fc326f8e9a9
[  512.023956][T13623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  512.023980][T13623] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  512.024005][T13623] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  512.024023][T13623] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  512.024037][T13623] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  512.024053][T13623] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[  512.024069][T13623] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  512.024104][T13623]  </TASK>
[  513.041637][T13630] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78800
[  513.050620][T13630] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  513.062451][T13643] openvswitch: netlink: Flow key attribute not present in set flow.
[  513.070869][T13630] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  513.081622][T13630] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  513.091335][T13630] page dumped because: unmovable page
[  513.096836][T13630] page_owner tracks the page as allocated
[  513.102777][T13630] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 5836, tgid 5836 (syz-executor), ts 85112582607, free_ts 85102233811
[  513.122252][T13630]  post_alloc_hook+0x1c0/0x230
[  513.127228][T13630]  get_page_from_freelist+0x1321/0x3890
[  513.132914][T13630]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  513.139388][T13630]  alloc_pages_mpol+0x1fb/0x550
[  513.144640][T13630]  alloc_pages_noprof+0x131/0x390
[  513.149781][T13630]  __vmalloc_node_range_noprof+0x72f/0x14b0
[  513.155760][T13630]  __vmalloc_node_noprof+0xad/0xf0
[  513.161877][T13630]  copy_process+0x2c70/0x7650
[  513.167543][T13630]  kernel_clone+0xfc/0x960
[  513.173299][T13630]  __do_sys_clone3+0x212/0x290
[  513.178666][T13630]  do_syscall_64+0xcd/0x490
[  513.183229][T13630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.190507][T13630] page last free pid 5836 tgid 5836 stack trace:
[  513.197289][T13630]  __free_frozen_pages+0x7fe/0x1180
[  513.202566][T13630]  tlb_finish_mmu+0x237/0x7c0
[  513.207353][T13630]  vms_clear_ptes+0x55e/0x770
[  513.212597][T13630]  vms_complete_munmap_vmas+0x1ca/0x970
[  513.218266][T13630]  do_vmi_align_munmap+0x43b/0x7d0
[  513.223429][T13630]  do_vmi_munmap+0x204/0x3e0
[  513.256688][T13630]  __vm_munmap+0x19a/0x390
[  513.261202][T13630]  __x64_sys_munmap+0x59/0x80
[  513.265941][T13630]  do_syscall_64+0xcd/0x490
[  513.271236][T13630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.271820][T13673] FAULT_INJECTION: forcing a failure.
[  514.271820][T13673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  514.294095][T13673] CPU: 0 UID: 0 PID: 13673 Comm: syz.0.1710 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  514.294135][T13673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  514.294150][T13673] Call Trace:
[  514.294159][T13673]  <TASK>
[  514.294170][T13673]  dump_stack_lvl+0x16c/0x1f0
[  514.294202][T13673]  should_fail_ex+0x512/0x640
[  514.294233][T13673]  _copy_from_user+0x2e/0xd0
[  514.294264][T13673]  move_addr_to_kernel+0x65/0x170
[  514.294302][T13673]  __sys_connect+0xb1/0x160
[  514.294338][T13673]  ? __pfx___sys_connect+0x10/0x10
[  514.294388][T13673]  ? __pfx_ksys_write+0x10/0x10
[  514.294422][T13673]  __x64_sys_connect+0x72/0xb0
[  514.294458][T13673]  ? lockdep_hardirqs_on+0x7c/0x110
[  514.294482][T13673]  do_syscall_64+0xcd/0x490
[  514.294511][T13673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.294539][T13673] RIP: 0033:0x7f62c3d8e9a9
[  514.294559][T13673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.294584][T13673] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  514.294609][T13673] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  514.294626][T13673] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  514.294642][T13673] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  514.294659][T13673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  514.294674][T13673] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  514.294707][T13673]  </TASK>
[  515.616480][T13698] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113
[  516.561950][T13711] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114
[  518.713000][T13752] FAULT_INJECTION: forcing a failure.
[  518.713000][T13752] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  518.808303][T13752] CPU: 1 UID: 0 PID: 13752 Comm: syz.3.1733 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  518.808341][T13752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  518.808357][T13752] Call Trace:
[  518.808365][T13752]  <TASK>
[  518.808375][T13752]  dump_stack_lvl+0x16c/0x1f0
[  518.808407][T13752]  should_fail_ex+0x512/0x640
[  518.808438][T13752]  _copy_from_iter+0x29f/0x16f0
[  518.808472][T13752]  ? __alloc_skb+0x200/0x380
[  518.808498][T13752]  ? __pfx__copy_from_iter+0x10/0x10
[  518.808538][T13752]  ? __lock_acquire+0xb8a/0x1c90
[  518.808580][T13752]  netlink_sendmsg+0x829/0xdd0
[  518.808618][T13752]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.808663][T13752]  ____sys_sendmsg+0xa95/0xc70
[  518.808698][T13752]  ? copy_msghdr_from_user+0x10a/0x160
[  518.808725][T13752]  ? __pfx_____sys_sendmsg+0x10/0x10
[  518.808775][T13752]  ___sys_sendmsg+0x134/0x1d0
[  518.808804][T13752]  ? __pfx____sys_sendmsg+0x10/0x10
[  518.808829][T13752]  ? __lock_acquire+0x622/0x1c90
[  518.808906][T13752]  __sys_sendmsg+0x16d/0x220
[  518.808935][T13752]  ? __pfx___sys_sendmsg+0x10/0x10
[  518.808986][T13752]  do_syscall_64+0xcd/0x490
[  518.809016][T13752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.809042][T13752] RIP: 0033:0x7fc326f8e9a9
[  518.809064][T13752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.809087][T13752] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  518.809112][T13752] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  518.809129][T13752] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  518.809145][T13752] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  518.809161][T13752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  518.809176][T13752] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  518.809212][T13752]  </TASK>
[  519.009985][    C1] vkms_vblank_simulate: vblank timer overrun
[  520.192110][T13782] FAULT_INJECTION: forcing a failure.
[  520.192110][T13782] name failslab, interval 1, probability 0, space 0, times 0
[  520.243788][T13782] CPU: 0 UID: 0 PID: 13782 Comm: syz.2.1744 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  520.243827][T13782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  520.243843][T13782] Call Trace:
[  520.243851][T13782]  <TASK>
[  520.243862][T13782]  dump_stack_lvl+0x16c/0x1f0
[  520.243894][T13782]  should_fail_ex+0x512/0x640
[  520.243920][T13782]  ? __kmalloc_noprof+0xbf/0x510
[  520.243949][T13782]  ? xfrm_hash_alloc+0xd1/0x100
[  520.243983][T13782]  should_failslab+0xc2/0x120
[  520.244013][T13782]  __kmalloc_noprof+0xd2/0x510
[  520.244039][T13782]  ? xfrm_nat_keepalive_net_init+0x121/0x140
[  520.244075][T13782]  xfrm_hash_alloc+0xd1/0x100
[  520.244111][T13782]  xfrm_state_init+0x11e/0x630
[  520.244153][T13782]  ? __pfx_xfrm_net_init+0x10/0x10
[  520.244176][T13782]  xfrm_net_init+0x210/0xcc0
[  520.244207][T13782]  ? __pfx_xfrm_net_init+0x10/0x10
[  520.244231][T13782]  ops_init+0x1df/0x5f0
[  520.244264][T13782]  setup_net+0x1ff/0x510
[  520.244298][T13782]  ? lockdep_init_map_type+0x5c/0x280
[  520.244333][T13782]  ? __pfx_setup_net+0x10/0x10
[  520.244365][T13782]  ? debug_mutex_init+0x37/0x70
[  520.244395][T13782]  copy_net_ns+0x2a6/0x5f0
[  520.244431][T13782]  create_new_namespaces+0x3ea/0xa90
[  520.244469][T13782]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  520.244503][T13782]  ksys_unshare+0x45b/0xa40
[  520.244538][T13782]  ? __pfx_ksys_unshare+0x10/0x10
[  520.244572][T13782]  ? xfd_validate_state+0x61/0x180
[  520.244616][T13782]  __x64_sys_unshare+0x31/0x40
[  520.244653][T13782]  do_syscall_64+0xcd/0x490
[  520.244683][T13782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  520.244709][T13782] RIP: 0033:0x7f90b298e9a9
[  520.244730][T13782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  520.244754][T13782] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  520.244778][T13782] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  520.244796][T13782] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  520.244812][T13782] RBP: 00007f90b2a10d69 R08: 0000000000000000 R09: 0000000000000000
[  520.244828][T13782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  520.244842][T13782] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  520.244876][T13782]  </TASK>
[  521.118907][T13795] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115
[  521.897819][T13808] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117
[  522.306236][T13815] FAULT_INJECTION: forcing a failure.
[  522.306236][T13815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.396258][T13815] CPU: 1 UID: 0 PID: 13815 Comm: syz.2.1753 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  522.396293][T13815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.396308][T13815] Call Trace:
[  522.396315][T13815]  <TASK>
[  522.396324][T13815]  dump_stack_lvl+0x16c/0x1f0
[  522.396354][T13815]  should_fail_ex+0x512/0x640
[  522.396381][T13815]  _copy_from_user+0x2e/0xd0
[  522.396409][T13815]  copy_msghdr_from_user+0x98/0x160
[  522.396434][T13815]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  522.396464][T13815]  ? kfree+0x24f/0x4d0
[  522.396490][T13815]  ? __lock_acquire+0x622/0x1c90
[  522.396520][T13815]  ___sys_recvmsg+0xdb/0x1a0
[  522.396542][T13815]  ? __pfx____sys_recvmsg+0x10/0x10
[  522.396582][T13815]  ? __pfx___might_resched+0x10/0x10
[  522.396609][T13815]  do_recvmmsg+0x2fe/0x750
[  522.396637][T13815]  ? __pfx_do_recvmmsg+0x10/0x10
[  522.396672][T13815]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  522.396710][T13815]  ? __fget_files+0x20e/0x3c0
[  522.396752][T13815]  __x64_sys_recvmmsg+0x22a/0x280
[  522.396776][T13815]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  522.396813][T13815]  do_syscall_64+0xcd/0x490
[  522.396842][T13815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.396868][T13815] RIP: 0033:0x7f90b298e9a9
[  522.396888][T13815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.396911][T13815] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  522.396935][T13815] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  522.396952][T13815] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  522.396967][T13815] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  522.396983][T13815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.396998][T13815] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  522.397031][T13815]  </TASK>
[  522.425588][T13817] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118
[  522.487513][T13821] FAULT_INJECTION: forcing a failure.
[  522.487513][T13821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  522.488763][T13821] CPU: 1 UID: 0 PID: 13821 Comm: syz.1.1751 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  522.488801][T13821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  522.488816][T13821] Call Trace:
[  522.488824][T13821]  <TASK>
[  522.488835][T13821]  dump_stack_lvl+0x16c/0x1f0
[  522.488866][T13821]  should_fail_ex+0x512/0x640
[  522.488893][T13821]  _copy_from_iter+0x29f/0x16f0
[  522.488929][T13821]  ? __pfx__copy_from_iter+0x10/0x10
[  522.488960][T13821]  ? rcu_is_watching+0x12/0xc0
[  522.488988][T13821]  ? trace_kmalloc+0x2b/0xd0
[  522.489017][T13821]  ? __kmalloc_noprof+0x242/0x510
[  522.489053][T13821]  kernfs_fop_write_iter+0x19a/0x510
[  522.489091][T13821]  vfs_write+0x6c4/0x1150
[  522.489116][T13821]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  522.489157][T13821]  ? __pfx___mutex_lock+0x10/0x10
[  522.489183][T13821]  ? __pfx_vfs_write+0x10/0x10
[  522.489234][T13821]  ksys_write+0x12a/0x250
[  522.489258][T13821]  ? __pfx_ksys_write+0x10/0x10
[  522.489294][T13821]  do_syscall_64+0xcd/0x490
[  522.489324][T13821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.489350][T13821] RIP: 0033:0x7f774858e9a9
[  522.489371][T13821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.489395][T13821] RSP: 002b:00007f77463d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  522.489420][T13821] RAX: ffffffffffffffda RBX: 00007f77487b6080 RCX: 00007f774858e9a9
[  522.489437][T13821] RDX: 00000000000007ff RSI: 0000000000000000 RDI: 0000000000000002
[  522.489452][T13821] RBP: 00007f77463d5090 R08: 0000000000000000 R09: 0000000000000000
[  522.489468][T13821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.489483][T13821] R13: 0000000000000000 R14: 00007f77487b6080 R15: 00007ffc0b834c18
[  522.489519][T13821]  </TASK>
[  523.928454][T13848] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1762'.
[  524.002461][T13848] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  524.190290][T13852] FAULT_INJECTION: forcing a failure.
[  524.190290][T13852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.227150][T13852] CPU: 1 UID: 0 PID: 13852 Comm: syz.1.1763 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  524.227187][T13852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  524.227203][T13852] Call Trace:
[  524.227211][T13852]  <TASK>
[  524.227221][T13852]  dump_stack_lvl+0x16c/0x1f0
[  524.227253][T13852]  should_fail_ex+0x512/0x640
[  524.227285][T13852]  _copy_from_user+0x2e/0xd0
[  524.227314][T13852]  copy_msghdr_from_user+0x98/0x160
[  524.227342][T13852]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  524.227376][T13852]  ? __pfx__kstrtoull+0x10/0x10
[  524.227417][T13852]  ___sys_sendmsg+0xfe/0x1d0
[  524.227446][T13852]  ? __pfx____sys_sendmsg+0x10/0x10
[  524.227488][T13852]  ? find_held_lock+0x2b/0x80
[  524.227538][T13852]  __sys_sendmmsg+0x200/0x420
[  524.227570][T13852]  ? __pfx___sys_sendmmsg+0x10/0x10
[  524.227609][T13852]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  524.227650][T13852]  ? fput+0x70/0xf0
[  524.227680][T13852]  ? ksys_write+0x1ac/0x250
[  524.227714][T13852]  ? __pfx_ksys_write+0x10/0x10
[  524.227745][T13852]  __x64_sys_sendmmsg+0x9c/0x100
[  524.227772][T13852]  ? lockdep_hardirqs_on+0x7c/0x110
[  524.227797][T13852]  do_syscall_64+0xcd/0x490
[  524.227826][T13852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.227852][T13852] RIP: 0033:0x7f774858e9a9
[  524.227873][T13852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.227898][T13852] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  524.227923][T13852] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  524.227942][T13852] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003
[  524.227956][T13852] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  524.227972][T13852] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  524.227987][T13852] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  524.228023][T13852]  </TASK>
[  527.268228][T13900] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120
[  527.980996][T13903] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121
[  531.023879][T13953] FAULT_INJECTION: forcing a failure.
[  531.023879][T13953] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.085336][T13953] CPU: 0 UID: 0 PID: 13953 Comm: syz.2.1789 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  531.085375][T13953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  531.085391][T13953] Call Trace:
[  531.085399][T13953]  <TASK>
[  531.085409][T13953]  dump_stack_lvl+0x16c/0x1f0
[  531.085441][T13953]  should_fail_ex+0x512/0x640
[  531.085473][T13953]  _copy_from_user+0x2e/0xd0
[  531.085504][T13953]  copy_msghdr_from_user+0x98/0x160
[  531.085532][T13953]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  531.085566][T13953]  ? kfree+0x24f/0x4d0
[  531.085599][T13953]  ? __lock_acquire+0x622/0x1c90
[  531.085640][T13953]  ___sys_recvmsg+0xdb/0x1a0
[  531.085668][T13953]  ? __pfx____sys_recvmsg+0x10/0x10
[  531.085716][T13953]  ? __pfx___might_resched+0x10/0x10
[  531.085753][T13953]  do_recvmmsg+0x2fe/0x750
[  531.085786][T13953]  ? __pfx_do_recvmmsg+0x10/0x10
[  531.085823][T13953]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  531.085862][T13953]  ? __fget_files+0x20e/0x3c0
[  531.085908][T13953]  __x64_sys_recvmmsg+0x22a/0x280
[  531.085938][T13953]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  531.085977][T13953]  do_syscall_64+0xcd/0x490
[  531.086005][T13953]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.086032][T13953] RIP: 0033:0x7f90b298e9a9
[  531.086053][T13953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.086077][T13953] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  531.086102][T13953] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  531.086119][T13953] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  531.086135][T13953] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  531.086150][T13953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  531.086166][T13953] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  531.086201][T13953]  </TASK>
[  531.286873][    C0] vkms_vblank_simulate: vblank timer overrun
[  532.305431][T13965] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1790'.
[  532.474331][T13950] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  532.704019][T13975] FAULT_INJECTION: forcing a failure.
[  532.704019][T13975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.730102][T13975] CPU: 1 UID: 0 PID: 13975 Comm: syz.2.1794 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  532.730140][T13975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  532.730156][T13975] Call Trace:
[  532.730164][T13975]  <TASK>
[  532.730174][T13975]  dump_stack_lvl+0x16c/0x1f0
[  532.730206][T13975]  should_fail_ex+0x512/0x640
[  532.730238][T13975]  _copy_from_user+0x2e/0xd0
[  532.730268][T13975]  move_addr_to_kernel+0x65/0x170
[  532.730305][T13975]  __copy_msghdr+0x386/0x470
[  532.730332][T13975]  copy_msghdr_from_user+0xc1/0x160
[  532.730359][T13975]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  532.730394][T13975]  ? __pfx__kstrtoull+0x10/0x10
[  532.730435][T13975]  ___sys_sendmsg+0xfe/0x1d0
[  532.730460][T13975]  ? __pfx____sys_sendmsg+0x10/0x10
[  532.730498][T13975]  ? find_held_lock+0x2b/0x80
[  532.730538][T13975]  __sys_sendmmsg+0x200/0x420
[  532.730563][T13975]  ? __pfx___sys_sendmmsg+0x10/0x10
[  532.730595][T13975]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  532.730649][T13975]  ? fput+0x70/0xf0
[  532.730673][T13975]  ? ksys_write+0x1ac/0x250
[  532.730692][T13975]  ? __pfx_ksys_write+0x10/0x10
[  532.730717][T13975]  __x64_sys_sendmmsg+0x9c/0x100
[  532.730738][T13975]  ? lockdep_hardirqs_on+0x7c/0x110
[  532.730758][T13975]  do_syscall_64+0xcd/0x490
[  532.730782][T13975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.730804][T13975] RIP: 0033:0x7f90b298e9a9
[  532.730821][T13975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.730841][T13975] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  532.730862][T13975] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  532.730876][T13975] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003
[  532.730888][T13975] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  532.730901][T13975] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  532.730914][T13975] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  532.730942][T13975]  </TASK>
[  532.947647][T11910] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  532.947685][T11910] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  532.965258][T11910] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  532.965328][T11910] Bluetooth: hci0: adv larger than maximum supported
[  532.972668][T11910] Bluetooth: hci0: Unknown advertising packet type: 0x53
[  532.979774][T11910] Bluetooth: hci0: adv larger than maximum supported
[  532.988736][T11910] Bluetooth: hci0: Malformed LE Event: 0x0d
[  533.563665][T13990] FAULT_INJECTION: forcing a failure.
[  533.563665][T13990] name failslab, interval 1, probability 0, space 0, times 0
[  533.580569][T13990] CPU: 1 UID: 0 PID: 13990 Comm: syz.2.1798 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  533.580592][T13990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  533.580601][T13990] Call Trace:
[  533.580606][T13990]  <TASK>
[  533.580612][T13990]  dump_stack_lvl+0x16c/0x1f0
[  533.580632][T13990]  should_fail_ex+0x512/0x640
[  533.580647][T13990]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  533.580669][T13990]  should_failslab+0xc2/0x120
[  533.580685][T13990]  __kmalloc_cache_noprof+0x6a/0x3e0
[  533.580735][T13990]  ? __genradix_ptr_alloc+0x340/0x5f0
[  533.580751][T13990]  ? sctp_auth_shkey_create+0x9e/0x210
[  533.580771][T13990]  sctp_auth_shkey_create+0x9e/0x210
[  533.580788][T13990]  sctp_auth_asoc_copy_shkeys+0x1f2/0x360
[  533.580807][T13990]  sctp_association_new+0x19ad/0x2a00
[  533.580831][T13990]  sctp_connect_new_asoc+0x1b6/0x790
[  533.580852][T13990]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  533.580871][T13990]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  533.580893][T13990]  __sctp_connect+0x3f3/0xc60
[  533.580914][T13990]  ? do_raw_spin_lock+0x12c/0x2b0
[  533.580936][T13990]  ? __pfx___sctp_connect+0x10/0x10
[  533.580955][T13990]  ? __pfx_sctp_inet_connect+0x10/0x10
[  533.580974][T13990]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  533.580996][T13990]  ? __pfx_sctp_inet_connect+0x10/0x10
[  533.581013][T13990]  sctp_inet_connect+0x15f/0x200
[  533.581032][T13990]  __sys_connect_file+0x13e/0x1a0
[  533.581055][T13990]  __sys_connect+0x13b/0x160
[  533.581074][T13990]  ? __pfx___sys_connect+0x10/0x10
[  533.581100][T13990]  ? __pfx_ksys_write+0x10/0x10
[  533.581118][T13990]  __x64_sys_connect+0x72/0xb0
[  533.581136][T13990]  ? lockdep_hardirqs_on+0x7c/0x110
[  533.581149][T13990]  do_syscall_64+0xcd/0x490
[  533.581164][T13990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.581178][T13990] RIP: 0033:0x7f90b298e9a9
[  533.581191][T13990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.581204][T13990] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  533.581217][T13990] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  533.581227][T13990] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  533.581235][T13990] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  533.581243][T13990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  533.581251][T13990] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  533.581269][T13990]  </TASK>
[  534.163059][T13997] FAULT_INJECTION: forcing a failure.
[  534.163059][T13997] name failslab, interval 1, probability 0, space 0, times 0
[  534.207438][T13997] CPU: 1 UID: 0 PID: 13997 Comm: syz.0.1802 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  534.207475][T13997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.207490][T13997] Call Trace:
[  534.207499][T13997]  <TASK>
[  534.207508][T13997]  dump_stack_lvl+0x16c/0x1f0
[  534.207537][T13997]  should_fail_ex+0x512/0x640
[  534.207560][T13997]  ? __kmalloc_noprof+0xbf/0x510
[  534.207591][T13997]  ? iter_file_splice_write+0x1cc/0x1150
[  534.207626][T13997]  should_failslab+0xc2/0x120
[  534.207656][T13997]  __kmalloc_noprof+0xd2/0x510
[  534.207689][T13997]  iter_file_splice_write+0x1cc/0x1150
[  534.207731][T13997]  ? kfree+0x2b4/0x4d0
[  534.207763][T13997]  ? copy_splice_read+0x897/0xba0
[  534.207806][T13997]  ? __pfx_iter_file_splice_write+0x10/0x10
[  534.207846][T13997]  ? __lock_acquire+0xb8a/0x1c90
[  534.207882][T13997]  ? __pfx_copy_splice_read+0x10/0x10
[  534.207945][T13997]  ? __pfx_iter_file_splice_write+0x10/0x10
[  534.207986][T13997]  direct_splice_actor+0x18f/0x6c0
[  534.208027][T13997]  splice_direct_to_actor+0x342/0xa30
[  534.208065][T13997]  ? __pfx_direct_splice_actor+0x10/0x10
[  534.208108][T13997]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  534.208142][T13997]  ? get_pid_task+0xfc/0x250
[  534.208185][T13997]  do_splice_direct+0x174/0x240
[  534.208226][T13997]  ? __pfx_do_splice_direct+0x10/0x10
[  534.208263][T13997]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  534.208305][T13997]  ? rw_verify_area+0xcf/0x680
[  534.208345][T13997]  do_sendfile+0xb06/0xe50
[  534.208389][T13997]  ? __pfx_do_sendfile+0x10/0x10
[  534.208426][T13997]  ? __fget_files+0x20e/0x3c0
[  534.208474][T13997]  __x64_sys_sendfile64+0x1d8/0x220
[  534.208501][T13997]  ? ksys_write+0x1ac/0x250
[  534.208524][T13997]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  534.208565][T13997]  do_syscall_64+0xcd/0x490
[  534.208594][T13997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.208620][T13997] RIP: 0033:0x7f62c3d8e9a9
[  534.208641][T13997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.208665][T13997] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  534.208689][T13997] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  534.208707][T13997] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  534.208722][T13997] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  534.208737][T13997] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[  534.208752][T13997] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  534.208786][T13997]  </TASK>
[  534.761358][T14007] ptrace attach of "./syz-executor exec"[14011] was attempted by "./syz-executor exec"[14007]
[  535.665628][T14020] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  535.672214][T14020] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  535.678473][T14020] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  535.688905][T14020] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  535.849482][T14035] FAULT_INJECTION: forcing a failure.
[  535.849482][T14035] name failslab, interval 1, probability 0, space 0, times 0
[  535.874551][T14035] CPU: 0 UID: 0 PID: 14035 Comm: syz.2.1812 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  535.874588][T14035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  535.874604][T14035] Call Trace:
[  535.874613][T14035]  <TASK>
[  535.874622][T14035]  dump_stack_lvl+0x16c/0x1f0
[  535.874654][T14035]  should_fail_ex+0x512/0x640
[  535.874680][T14035]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  535.874721][T14035]  should_failslab+0xc2/0x120
[  535.874750][T14035]  __kmalloc_cache_noprof+0x6a/0x3e0
[  535.874797][T14035]  ? smc_pnet_add+0x479/0x1780
[  535.874840][T14035]  smc_pnet_add+0x479/0x1780
[  535.874885][T14035]  ? __pfx_smc_pnet_add+0x10/0x10
[  535.874927][T14035]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  535.874965][T14035]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  535.875010][T14035]  genl_family_rcv_msg_doit+0x209/0x2f0
[  535.875048][T14035]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  535.875082][T14035]  ? rcu_is_watching+0x12/0xc0
[  535.875122][T14035]  ? bpf_lsm_capable+0x9/0x10
[  535.875156][T14035]  ? security_capable+0x7e/0x260
[  535.875194][T14035]  genl_rcv_msg+0x55c/0x800
[  535.875233][T14035]  ? __pfx_genl_rcv_msg+0x10/0x10
[  535.875268][T14035]  ? __pfx_smc_pnet_add+0x10/0x10
[  535.875319][T14035]  netlink_rcv_skb+0x158/0x420
[  535.875350][T14035]  ? __pfx_genl_rcv_msg+0x10/0x10
[  535.875386][T14035]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  535.875433][T14035]  ? netlink_deliver_tap+0x1ae/0xd30
[  535.875469][T14035]  genl_rcv+0x28/0x40
[  535.875499][T14035]  netlink_unicast+0x58a/0x850
[  535.875535][T14035]  ? __pfx_netlink_unicast+0x10/0x10
[  535.875577][T14035]  netlink_sendmsg+0x8d1/0xdd0
[  535.875614][T14035]  ? __pfx_netlink_sendmsg+0x10/0x10
[  535.875661][T14035]  ____sys_sendmsg+0xa95/0xc70
[  535.875696][T14035]  ? copy_msghdr_from_user+0x10a/0x160
[  535.875724][T14035]  ? __pfx_____sys_sendmsg+0x10/0x10
[  535.875781][T14035]  ___sys_sendmsg+0x134/0x1d0
[  535.875811][T14035]  ? __pfx____sys_sendmsg+0x10/0x10
[  535.875835][T14035]  ? __lock_acquire+0x622/0x1c90
[  535.875916][T14035]  __sys_sendmsg+0x16d/0x220
[  535.875944][T14035]  ? __pfx___sys_sendmsg+0x10/0x10
[  535.875997][T14035]  do_syscall_64+0xcd/0x490
[  535.876028][T14035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.876054][T14035] RIP: 0033:0x7f90b298e9a9
[  535.876076][T14035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.876099][T14035] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  535.876124][T14035] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  535.876142][T14035] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  535.876158][T14035] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  535.876173][T14035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  535.876188][T14035] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  535.876223][T14035]  </TASK>
[  536.171937][    C0] vkms_vblank_simulate: vblank timer overrun
[  536.263750][T14044] openvswitch: netlink: IPv4 tunnel dst address is zero
[  536.274828][T14042] FAULT_INJECTION: forcing a failure.
[  536.274828][T14042] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  536.289892][T14042] CPU: 1 UID: 0 PID: 14042 Comm: syz.1.1815 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  536.289929][T14042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  536.289944][T14042] Call Trace:
[  536.289953][T14042]  <TASK>
[  536.289963][T14042]  dump_stack_lvl+0x16c/0x1f0
[  536.289995][T14042]  should_fail_ex+0x512/0x640
[  536.290027][T14042]  _copy_from_user+0x2e/0xd0
[  536.290057][T14042]  copy_msghdr_from_user+0x98/0x160
[  536.290085][T14042]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  536.290119][T14042]  ? kfree+0x24f/0x4d0
[  536.290153][T14042]  ? __lock_acquire+0x622/0x1c90
[  536.290193][T14042]  ___sys_recvmsg+0xdb/0x1a0
[  536.290221][T14042]  ? __pfx____sys_recvmsg+0x10/0x10
[  536.290284][T14042]  ? __pfx___might_resched+0x10/0x10
[  536.290319][T14042]  do_recvmmsg+0x2fe/0x750
[  536.290352][T14042]  ? __pfx_do_recvmmsg+0x10/0x10
[  536.290388][T14042]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  536.290426][T14042]  ? __fget_files+0x20e/0x3c0
[  536.290477][T14042]  __x64_sys_recvmmsg+0x22a/0x280
[  536.290507][T14042]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  536.290547][T14042]  do_syscall_64+0xcd/0x490
[  536.290577][T14042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  536.290604][T14042] RIP: 0033:0x7f774858e9a9
[  536.290624][T14042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  536.290648][T14042] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  536.290673][T14042] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  536.290699][T14042] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  536.290715][T14042] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  536.290730][T14042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  536.290745][T14042] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  536.290780][T14042]  </TASK>
[  536.783000][T14056] random: crng reseeded on system resumption
[  537.032574][T11910] Bluetooth: hci0: command 0x0c1a tx timeout
[  537.263041][T14068] FAULT_INJECTION: forcing a failure.
[  537.263041][T14068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  537.288158][T14068] CPU: 0 UID: 0 PID: 14068 Comm: syz.0.1823 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  537.288195][T14068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  537.288211][T14068] Call Trace:
[  537.288218][T14068]  <TASK>
[  537.288228][T14068]  dump_stack_lvl+0x16c/0x1f0
[  537.288259][T14068]  should_fail_ex+0x512/0x640
[  537.288289][T14068]  _copy_from_user+0x2e/0xd0
[  537.288318][T14068]  ____sys_sendmsg+0x607/0xc70
[  537.288366][T14068]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.288405][T14068]  ? __pfx__kstrtoull+0x10/0x10
[  537.288446][T14068]  ___sys_sendmsg+0x134/0x1d0
[  537.288476][T14068]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.288517][T14068]  ? find_held_lock+0x2b/0x80
[  537.288567][T14068]  __sys_sendmmsg+0x200/0x420
[  537.288597][T14068]  ? __pfx___sys_sendmmsg+0x10/0x10
[  537.288636][T14068]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  537.288679][T14068]  ? fput+0x70/0xf0
[  537.288706][T14068]  ? ksys_write+0x1ac/0x250
[  537.288730][T14068]  ? __pfx_ksys_write+0x10/0x10
[  537.288760][T14068]  __x64_sys_sendmmsg+0x9c/0x100
[  537.288787][T14068]  ? lockdep_hardirqs_on+0x7c/0x110
[  537.288811][T14068]  do_syscall_64+0xcd/0x490
[  537.288840][T14068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.288866][T14068] RIP: 0033:0x7f62c3d8e9a9
[  537.288886][T14068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.288910][T14068] RSP: 002b:00007f62c4c88038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  537.288934][T14068] RAX: ffffffffffffffda RBX: 00007f62c3fb5fa0 RCX: 00007f62c3d8e9a9
[  537.288951][T14068] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003
[  537.288966][T14068] RBP: 00007f62c4c88090 R08: 0000000000000000 R09: 0000000000000000
[  537.288982][T14068] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  537.288997][T14068] R13: 0000000000000000 R14: 00007f62c3fb5fa0 R15: 00007ffe1a196288
[  537.289030][T14068]  </TASK>
[  537.697118][T14074] can: request_module (can-proto-0) failed.
[  537.761579][T11910] Bluetooth: hci3: command 0x0c1a tx timeout
[  537.767696][T12717] Bluetooth: hci2: command 0x0c1a tx timeout
[  537.777307][T11910] Bluetooth: hci1: command 0x0c1a tx timeout
[  538.302254][T14092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123
[  538.318926][T14093] netlink: 'syz.0.1831': attribute type 10 has an invalid length.
[  538.336817][T14093] netlink: 230 bytes leftover after parsing attributes in process `syz.0.1831'.
[  538.352668][T14095] FAULT_INJECTION: forcing a failure.
[  538.352668][T14095] name failslab, interval 1, probability 0, space 0, times 0
[  538.367914][T14095] CPU: 0 UID: 0 PID: 14095 Comm: syz.1.1833 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  538.367949][T14095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.367963][T14095] Call Trace:
[  538.367972][T14095]  <TASK>
[  538.367981][T14095]  dump_stack_lvl+0x16c/0x1f0
[  538.368009][T14095]  should_fail_ex+0x512/0x640
[  538.368035][T14095]  ? __kmalloc_noprof+0xbf/0x510
[  538.368063][T14095]  ? copy_splice_read+0x1a8/0xba0
[  538.368094][T14095]  should_failslab+0xc2/0x120
[  538.368123][T14095]  __kmalloc_noprof+0xd2/0x510
[  538.368153][T14095]  copy_splice_read+0x1a8/0xba0
[  538.368181][T14095]  ? __pfx_iter_file_splice_write+0x10/0x10
[  538.368222][T14095]  ? __pfx_copy_splice_read+0x10/0x10
[  538.368265][T14095]  ? find_held_lock+0x2b/0x80
[  538.368297][T14095]  ? __pfx_copy_splice_read+0x10/0x10
[  538.368331][T14095]  do_splice_read+0x285/0x370
[  538.368369][T14095]  splice_direct_to_actor+0x2a1/0xa30
[  538.368407][T14095]  ? __pfx_direct_splice_actor+0x10/0x10
[  538.368448][T14095]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  538.368479][T14095]  ? get_pid_task+0xfc/0x250
[  538.368520][T14095]  do_splice_direct+0x174/0x240
[  538.368555][T14095]  ? __pfx_do_splice_direct+0x10/0x10
[  538.368591][T14095]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  538.368630][T14095]  ? rw_verify_area+0xcf/0x680
[  538.368669][T14095]  do_sendfile+0xb06/0xe50
[  538.368711][T14095]  ? __pfx_do_sendfile+0x10/0x10
[  538.368747][T14095]  ? __fget_files+0x20e/0x3c0
[  538.368787][T14095]  __x64_sys_sendfile64+0x1d8/0x220
[  538.368813][T14095]  ? ksys_write+0x1ac/0x250
[  538.368835][T14095]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  538.368870][T14095]  do_syscall_64+0xcd/0x490
[  538.368896][T14095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.368921][T14095] RIP: 0033:0x7f774858e9a9
[  538.368940][T14095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.368962][T14095] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  538.368983][T14095] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  538.369000][T14095] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  538.369015][T14095] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  538.369030][T14095] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[  538.369045][T14095] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  538.369076][T14095]  </TASK>
[  538.663560][T14093] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  539.243492][ T5850] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  539.645557][T11956] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.833976][T11956] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.953664][T11956] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.989994][T14132] FAULT_INJECTION: forcing a failure.
[  539.989994][T14132] name failslab, interval 1, probability 0, space 0, times 0
[  540.003129][T14132] CPU: 1 UID: 0 PID: 14132 Comm: syz.3.1843 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  540.003163][T14132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.003178][T14132] Call Trace:
[  540.003186][T14132]  <TASK>
[  540.003196][T14132]  dump_stack_lvl+0x16c/0x1f0
[  540.003228][T14132]  should_fail_ex+0x512/0x640
[  540.003253][T14132]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  540.003284][T14132]  should_failslab+0xc2/0x120
[  540.003320][T14132]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  540.003347][T14132]  ? __alloc_skb+0x2b2/0x380
[  540.003379][T14132]  __alloc_skb+0x2b2/0x380
[  540.003403][T14132]  ? __pfx___alloc_skb+0x10/0x10
[  540.003429][T14132]  ? genl_rcv_msg+0x4bb/0x800
[  540.003474][T14132]  netlink_ack+0x15d/0xb80
[  540.003517][T14132]  netlink_rcv_skb+0x332/0x420
[  540.003547][T14132]  ? __pfx_genl_rcv_msg+0x10/0x10
[  540.003581][T14132]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  540.003621][T14132]  ? netlink_deliver_tap+0x1ae/0xd30
[  540.003653][T14132]  genl_rcv+0x28/0x40
[  540.003681][T14132]  netlink_unicast+0x58a/0x850
[  540.003716][T14132]  ? __pfx_netlink_unicast+0x10/0x10
[  540.003757][T14132]  netlink_sendmsg+0x8d1/0xdd0
[  540.003794][T14132]  ? __pfx_netlink_sendmsg+0x10/0x10
[  540.003837][T14132]  ____sys_sendmsg+0xa95/0xc70
[  540.003872][T14132]  ? copy_msghdr_from_user+0x10a/0x160
[  540.003898][T14132]  ? __pfx_____sys_sendmsg+0x10/0x10
[  540.003949][T14132]  ___sys_sendmsg+0x134/0x1d0
[  540.003978][T14132]  ? __pfx____sys_sendmsg+0x10/0x10
[  540.004003][T14132]  ? __lock_acquire+0x622/0x1c90
[  540.004080][T14132]  __sys_sendmsg+0x16d/0x220
[  540.004110][T14132]  ? __pfx___sys_sendmsg+0x10/0x10
[  540.004163][T14132]  do_syscall_64+0xcd/0x490
[  540.004192][T14132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.004218][T14132] RIP: 0033:0x7fc326f8e9a9
[  540.004239][T14132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.004262][T14132] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  540.004287][T14132] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  540.004311][T14132] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  540.004327][T14132] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  540.004342][T14132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.004355][T14132] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  540.004388][T14132]  </TASK>
[  540.421790][T14133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1842'.
[  540.534129][T11956] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.609242][T14139] FAULT_INJECTION: forcing a failure.
[  540.609242][T14139] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  540.622558][T14139] CPU: 1 UID: 0 PID: 14139 Comm: syz.3.1845 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  540.622588][T14139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.622602][T14139] Call Trace:
[  540.622609][T14139]  <TASK>
[  540.622618][T14139]  dump_stack_lvl+0x16c/0x1f0
[  540.622648][T14139]  should_fail_ex+0x512/0x640
[  540.622679][T14139]  _copy_from_iter+0x29f/0x16f0
[  540.622708][T14139]  ? __alloc_skb+0x200/0x380
[  540.622732][T14139]  ? __pfx__copy_from_iter+0x10/0x10
[  540.622764][T14139]  ? __lock_acquire+0xb8a/0x1c90
[  540.622801][T14139]  netlink_sendmsg+0x829/0xdd0
[  540.622837][T14139]  ? __pfx_netlink_sendmsg+0x10/0x10
[  540.622880][T14139]  ____sys_sendmsg+0xa95/0xc70
[  540.622910][T14139]  ? copy_msghdr_from_user+0x10a/0x160
[  540.622936][T14139]  ? __pfx_____sys_sendmsg+0x10/0x10
[  540.622981][T14139]  ___sys_sendmsg+0x134/0x1d0
[  540.623009][T14139]  ? __pfx____sys_sendmsg+0x10/0x10
[  540.623032][T14139]  ? __lock_acquire+0x622/0x1c90
[  540.623113][T14139]  __sys_sendmsg+0x16d/0x220
[  540.623141][T14139]  ? __pfx___sys_sendmsg+0x10/0x10
[  540.623190][T14139]  do_syscall_64+0xcd/0x490
[  540.623223][T14139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.623257][T14139] RIP: 0033:0x7fc326f8e9a9
[  540.623276][T14139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.623299][T14139] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  540.623322][T14139] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  540.623339][T14139] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  540.623355][T14139] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  540.623371][T14139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.623386][T14139] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  540.623417][T14139]  </TASK>
[  540.948449][T11901] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  540.966073][T11901] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  540.977593][T11901] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  540.987959][T11901] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  541.003916][T11901] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  541.751663][T11956] team0: left allmulticast mode
[  541.763744][T11956] team_slave_0: left allmulticast mode
[  541.779216][T11956] team_slave_1: left allmulticast mode
[  541.789249][T11956] team0: left promiscuous mode
[  541.817781][T11956] team_slave_0: left promiscuous mode
[  541.838356][T11956] team_slave_1: left promiscuous mode
[  541.848311][T11956] bridge0: port 2(team0) entered disabled state
[  541.931662][T11956] bridge_slave_0: left allmulticast mode
[  541.939661][T11956] bridge_slave_0: left promiscuous mode
[  541.945560][T11956] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.273324][T14162] FAULT_INJECTION: forcing a failure.
[  542.273324][T14162] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  542.303968][T14162] CPU: 1 UID: 0 PID: 14162 Comm: syz.2.1851 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  542.304006][T14162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  542.304022][T14162] Call Trace:
[  542.304031][T14162]  <TASK>
[  542.304040][T14162]  dump_stack_lvl+0x16c/0x1f0
[  542.304072][T14162]  should_fail_ex+0x512/0x640
[  542.304110][T14162]  _copy_from_user+0x2e/0xd0
[  542.304139][T14162]  copy_msghdr_from_user+0x98/0x160
[  542.304164][T14162]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  542.304193][T14162]  ? kfree+0x24f/0x4d0
[  542.304222][T14162]  ? __lock_acquire+0x622/0x1c90
[  542.304258][T14162]  ___sys_recvmsg+0xdb/0x1a0
[  542.304284][T14162]  ? __pfx____sys_recvmsg+0x10/0x10
[  542.304325][T14162]  ? __pfx___might_resched+0x10/0x10
[  542.304360][T14162]  do_recvmmsg+0x2fe/0x750
[  542.304393][T14162]  ? __pfx_do_recvmmsg+0x10/0x10
[  542.304428][T14162]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  542.304467][T14162]  ? __fget_files+0x20e/0x3c0
[  542.304513][T14162]  __x64_sys_recvmmsg+0x22a/0x280
[  542.304544][T14162]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  542.304584][T14162]  do_syscall_64+0xcd/0x490
[  542.304611][T14162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.304637][T14162] RIP: 0033:0x7f90b298e9a9
[  542.304658][T14162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.304682][T14162] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  542.304707][T14162] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  542.304724][T14162] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  542.304738][T14162] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  542.304752][T14162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  542.304767][T14162] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  542.304802][T14162]  </TASK>
[  542.498198][    C1] vkms_vblank_simulate: vblank timer overrun
[  542.757088][T14169] netlink: 'syz.1.1854': attribute type 11 has an invalid length.
[  542.767959][T14169] netlink: 'syz.1.1854': attribute type 11 has an invalid length.
[  542.776489][T14169] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1854'.
[  542.808309][T14169] netlink: 67 bytes leftover after parsing attributes in process `syz.1.1854'.
[  542.817615][T14169] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1854'.
[  542.852380][T14169] netlink: 200 bytes leftover after parsing attributes in process `syz.1.1854'.
[  542.966874][T11956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  542.979527][T11956] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  542.991853][T11956] bond0 (unregistering): Released all slaves
[  543.081426][T11901] Bluetooth: hci2: command tx timeout
[  543.177487][T14174] FAULT_INJECTION: forcing a failure.
[  543.177487][T14174] name failslab, interval 1, probability 0, space 0, times 0
[  543.203597][T11956] HfR: left promiscuous mode
[  543.203848][T14174] CPU: 1 UID: 0 PID: 14174 Comm: syz.2.1855 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  543.203878][T14174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  543.203892][T14174] Call Trace:
[  543.203900][T14174]  <TASK>
[  543.203909][T14174]  dump_stack_lvl+0x16c/0x1f0
[  543.203941][T14174]  should_fail_ex+0x512/0x640
[  543.203964][T14174]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  543.204004][T14174]  should_failslab+0xc2/0x120
[  543.204041][T14174]  __kmalloc_cache_noprof+0x6a/0x3e0
[  543.204076][T14174]  ? trace_cap_capable+0x18d/0x200
[  543.204105][T14174]  ? sctp_association_new+0xbb/0x2a00
[  543.204142][T14174]  sctp_association_new+0xbb/0x2a00
[  543.204178][T14174]  ? sctp_v4_scope+0x183/0x1a0
[  543.204204][T14174]  sctp_connect_new_asoc+0x1b6/0x790
[  543.204241][T14174]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  543.204277][T14174]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  543.204312][T14174]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  543.204348][T14174]  sctp_sendmsg+0x15f9/0x1ee0
[  543.204380][T14174]  ? __lock_acquire+0x622/0x1c90
[  543.204422][T14174]  ? __pfx_sctp_sendmsg+0x10/0x10
[  543.204459][T14174]  ? __pfx___might_resched+0x10/0x10
[  543.204501][T14174]  ? __pfx_aa_sk_perm+0x10/0x10
[  543.204540][T14174]  ? __pfx_sctp_sendmsg+0x10/0x10
[  543.204574][T14174]  inet_sendmsg+0x11c/0x140
[  543.204611][T14174]  ____sys_sendmsg+0x973/0xc70
[  543.204648][T14174]  ? __pfx_____sys_sendmsg+0x10/0x10
[  543.204687][T14174]  ? __pfx__kstrtoull+0x10/0x10
[  543.204727][T14174]  ___sys_sendmsg+0x134/0x1d0
[  543.204755][T14174]  ? __pfx____sys_sendmsg+0x10/0x10
[  543.204798][T14174]  ? find_held_lock+0x2b/0x80
[  543.204847][T14174]  __sys_sendmmsg+0x200/0x420
[  543.204878][T14174]  ? __pfx___sys_sendmmsg+0x10/0x10
[  543.204917][T14174]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  543.204959][T14174]  ? fput+0x70/0xf0
[  543.204987][T14174]  ? ksys_write+0x1ac/0x250
[  543.205015][T14174]  ? __pfx_ksys_write+0x10/0x10
[  543.205045][T14174]  __x64_sys_sendmmsg+0x9c/0x100
[  543.205071][T14174]  ? lockdep_hardirqs_on+0x7c/0x110
[  543.205094][T14174]  do_syscall_64+0xcd/0x490
[  543.205122][T14174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.205148][T14174] RIP: 0033:0x7f90b298e9a9
[  543.205168][T14174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.205190][T14174] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  543.205213][T14174] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  543.205230][T14174] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003
[  543.205245][T14174] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  543.205261][T14174] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  543.205276][T14174] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  543.205310][T14174]  </TASK>
[  543.614729][T14181] FAULT_INJECTION: forcing a failure.
[  543.614729][T14181] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  543.640003][T14140] chnl_net:caif_netlink_parms(): no params data found
[  543.648717][T14181] CPU: 1 UID: 0 PID: 14181 Comm: syz.2.1858 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  543.648754][T14181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  543.648769][T14181] Call Trace:
[  543.648777][T14181]  <TASK>
[  543.648788][T14181]  dump_stack_lvl+0x16c/0x1f0
[  543.648820][T14181]  should_fail_ex+0x512/0x640
[  543.648852][T14181]  should_fail_alloc_page+0xe7/0x130
[  543.648888][T14181]  prepare_alloc_pages+0x3c2/0x610
[  543.648929][T14181]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  543.648968][T14181]  ? copy_splice_read+0x1a8/0xba0
[  543.649002][T14181]  ? stack_trace_save+0x8e/0xc0
[  543.649028][T14181]  ? __pfx_stack_trace_save+0x10/0x10
[  543.649057][T14181]  ? stack_depot_save_flags+0x28/0xa40
[  543.649093][T14181]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  543.649120][T14181]  ? kasan_save_stack+0x33/0x60
[  543.649145][T14181]  ? __kasan_kmalloc+0xaa/0xb0
[  543.649168][T14181]  ? copy_splice_read+0x1a8/0xba0
[  543.649201][T14181]  ? do_splice_read+0x285/0x370
[  543.649233][T14181]  ? splice_direct_to_actor+0x2a1/0xa30
[  543.649267][T14181]  ? do_splice_direct+0x174/0x240
[  543.649300][T14181]  ? do_sendfile+0xb06/0xe50
[  543.649335][T14181]  ? __x64_sys_sendfile64+0x1d8/0x220
[  543.649363][T14181]  ? do_syscall_64+0xcd/0x490
[  543.649416][T14181]  alloc_pages_bulk_noprof+0x71c/0x1410
[  543.649456][T14181]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  543.649491][T14181]  ? trace_kmalloc+0x2b/0xd0
[  543.649535][T14181]  ? __kmalloc_noprof+0x242/0x510
[  543.649570][T14181]  copy_splice_read+0x1e1/0xba0
[  543.649614][T14181]  ? __pfx_copy_splice_read+0x10/0x10
[  543.649661][T14181]  ? find_held_lock+0x2b/0x80
[  543.649694][T14181]  ? __pfx_copy_splice_read+0x10/0x10
[  543.649729][T14181]  do_splice_read+0x285/0x370
[  543.649767][T14181]  splice_direct_to_actor+0x2a1/0xa30
[  543.649804][T14181]  ? __pfx_direct_splice_actor+0x10/0x10
[  543.649847][T14181]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  543.649881][T14181]  ? get_pid_task+0xfc/0x250
[  543.649922][T14181]  do_splice_direct+0x174/0x240
[  543.649964][T14181]  ? __pfx_do_splice_direct+0x10/0x10
[  543.650000][T14181]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  543.650043][T14181]  ? rw_verify_area+0xcf/0x680
[  543.650081][T14181]  do_sendfile+0xb06/0xe50
[  543.650124][T14181]  ? __pfx_do_sendfile+0x10/0x10
[  543.650163][T14181]  ? __fget_files+0x20e/0x3c0
[  543.650209][T14181]  __x64_sys_sendfile64+0x1d8/0x220
[  543.650237][T14181]  ? ksys_write+0x1ac/0x250
[  543.650261][T14181]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  543.650302][T14181]  do_syscall_64+0xcd/0x490
[  543.650330][T14181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.650355][T14181] RIP: 0033:0x7f90b298e9a9
[  543.650376][T14181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.650399][T14181] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  543.650422][T14181] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  543.650437][T14181] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  543.650455][T14181] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  543.650471][T14181] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[  543.650487][T14181] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  543.650518][T14181]  </TASK>
[  543.986915][    C1] vkms_vblank_simulate: vblank timer overrun
[  544.582780][T14140] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.599941][T14140] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.608363][T14140] bridge_slave_0: entered allmulticast mode
[  544.622427][T14140] bridge_slave_0: entered promiscuous mode
[  544.642700][T14140] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.650202][T14140] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.658416][T14140] bridge_slave_1: entered allmulticast mode
[  544.668806][T14140] bridge_slave_1: entered promiscuous mode
[  545.085667][T14140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  545.150555][T11901] Bluetooth: hci2: command tx timeout
[  545.204396][T14140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  545.647187][T14140] team0: Port device team_slave_0 added
[  545.676784][T14140] team0: Port device team_slave_1 added
[  545.792055][T14225] FAULT_INJECTION: forcing a failure.
[  545.792055][T14225] name failslab, interval 1, probability 0, space 0, times 0
[  545.819025][T14225] CPU: 0 UID: 0 PID: 14225 Comm: syz.2.1865 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  545.819064][T14225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  545.819080][T14225] Call Trace:
[  545.819089][T14225]  <TASK>
[  545.819099][T14225]  dump_stack_lvl+0x16c/0x1f0
[  545.819132][T14225]  should_fail_ex+0x512/0x640
[  545.819164][T14225]  should_failslab+0xc2/0x120
[  545.819194][T14225]  __kmalloc_cache_noprof+0x6a/0x3e0
[  545.819232][T14225]  ? sctp_add_bind_addr+0xae/0x3f0
[  545.819264][T14225]  sctp_add_bind_addr+0xae/0x3f0
[  545.819294][T14225]  sctp_copy_local_addr_list+0x39d/0x5a0
[  545.819332][T14225]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  545.819368][T14225]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  545.819407][T14225]  ? sctp_bind_addr_copy+0xe0/0x530
[  545.819432][T14225]  sctp_bind_addr_copy+0xe0/0x530
[  545.819467][T14225]  sctp_connect_new_asoc+0x1d7/0x790
[  545.819505][T14225]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  545.819542][T14225]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  545.819586][T14225]  __sctp_connect+0x3f3/0xc60
[  545.819625][T14225]  ? do_raw_spin_lock+0x12c/0x2b0
[  545.819665][T14225]  ? __pfx___sctp_connect+0x10/0x10
[  545.819702][T14225]  ? __pfx_sctp_inet_connect+0x10/0x10
[  545.819738][T14225]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  545.819784][T14225]  ? __pfx_sctp_inet_connect+0x10/0x10
[  545.819817][T14225]  sctp_inet_connect+0x15f/0x200
[  545.819854][T14225]  __sys_connect_file+0x13e/0x1a0
[  545.819897][T14225]  __sys_connect+0x13b/0x160
[  545.819933][T14225]  ? __pfx___sys_connect+0x10/0x10
[  545.819985][T14225]  ? __pfx_ksys_write+0x10/0x10
[  545.820019][T14225]  __x64_sys_connect+0x72/0xb0
[  545.820055][T14225]  ? lockdep_hardirqs_on+0x7c/0x110
[  545.820080][T14225]  do_syscall_64+0xcd/0x490
[  545.820109][T14225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.820136][T14225] RIP: 0033:0x7f90b298e9a9
[  545.820153][T14225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.820172][T14225] RSP: 002b:00007f90b38a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  545.820195][T14225] RAX: ffffffffffffffda RBX: 00007f90b2bb5fa0 RCX: 00007f90b298e9a9
[  545.820211][T14225] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  545.820225][T14225] RBP: 00007f90b38a9090 R08: 0000000000000000 R09: 0000000000000000
[  545.820239][T14225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  545.820253][T14225] R13: 0000000000000000 R14: 00007f90b2bb5fa0 R15: 00007ffef26c0e48
[  545.820288][T14225]  </TASK>
[  546.313327][T14140] batman_adv: batadv0: Adding interface: batadv_slave_0
[  546.344175][T14140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  546.375747][T14140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  546.409606][T14140] batman_adv: batadv0: Adding interface: batadv_slave_1
[  546.426113][T14140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  546.454335][T14140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  546.574054][T14237] FAULT_INJECTION: forcing a failure.
[  546.574054][T14237] name failslab, interval 1, probability 0, space 0, times 0
[  546.602886][T14237] CPU: 1 UID: 0 PID: 14237 Comm: syz.3.1868 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  546.602924][T14237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.602939][T14237] Call Trace:
[  546.602948][T14237]  <TASK>
[  546.602958][T14237]  dump_stack_lvl+0x16c/0x1f0
[  546.602989][T14237]  should_fail_ex+0x512/0x640
[  546.603019][T14237]  should_failslab+0xc2/0x120
[  546.603048][T14237]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  546.603076][T14237]  ? skb_clone+0x190/0x3f0
[  546.603107][T14237]  skb_clone+0x190/0x3f0
[  546.603135][T14237]  netlink_deliver_tap+0xabd/0xd30
[  546.603169][T14237]  netlink_unicast+0x62f/0x850
[  546.603203][T14237]  ? __pfx_netlink_unicast+0x10/0x10
[  546.603239][T14237]  netlink_sendmsg+0x8d1/0xdd0
[  546.603275][T14237]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.603318][T14237]  ____sys_sendmsg+0xa95/0xc70
[  546.603351][T14237]  ? copy_msghdr_from_user+0x10a/0x160
[  546.603376][T14237]  ? __pfx_____sys_sendmsg+0x10/0x10
[  546.603439][T14237]  ___sys_sendmsg+0x134/0x1d0
[  546.603466][T14237]  ? __pfx____sys_sendmsg+0x10/0x10
[  546.603489][T14237]  ? __lock_acquire+0x622/0x1c90
[  546.603570][T14237]  __sys_sendmsg+0x16d/0x220
[  546.603598][T14237]  ? __pfx___sys_sendmsg+0x10/0x10
[  546.603651][T14237]  do_syscall_64+0xcd/0x490
[  546.603679][T14237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.603706][T14237] RIP: 0033:0x7fc326f8e9a9
[  546.603728][T14237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.603752][T14237] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  546.603778][T14237] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  546.603795][T14237] RDX: 000000000001c054 RSI: 0000200000000200 RDI: 0000000000000003
[  546.603810][T14237] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  546.603826][T14237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.603841][T14237] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  546.603876][T14237]  </TASK>
[  547.209612][T11901] Bluetooth: hci2: command tx timeout
[  547.889034][T14140] hsr_slave_0: entered promiscuous mode
[  547.917776][T14140] hsr_slave_1: entered promiscuous mode
[  547.936354][T14140] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  547.975866][T14140] Cannot create hsr debugfs directory
[  548.025759][T14262] FAULT_INJECTION: forcing a failure.
[  548.025759][T14262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.105246][T14262] CPU: 1 UID: 0 PID: 14262 Comm: syz.3.1875 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  548.105292][T14262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  548.105307][T14262] Call Trace:
[  548.105316][T14262]  <TASK>
[  548.105325][T14262]  dump_stack_lvl+0x16c/0x1f0
[  548.105356][T14262]  should_fail_ex+0x512/0x640
[  548.105388][T14262]  _copy_from_user+0x2e/0xd0
[  548.105417][T14262]  copy_msghdr_from_user+0x98/0x160
[  548.105446][T14262]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  548.105479][T14262]  ? kfree+0x24f/0x4d0
[  548.105512][T14262]  ? __lock_acquire+0x622/0x1c90
[  548.105551][T14262]  ___sys_recvmsg+0xdb/0x1a0
[  548.105579][T14262]  ? __pfx____sys_recvmsg+0x10/0x10
[  548.105625][T14262]  ? __pfx___might_resched+0x10/0x10
[  548.105662][T14262]  do_recvmmsg+0x2fe/0x750
[  548.105693][T14262]  ? __pfx_do_recvmmsg+0x10/0x10
[  548.105728][T14262]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  548.105767][T14262]  ? __fget_files+0x20e/0x3c0
[  548.105812][T14262]  __x64_sys_recvmmsg+0x22a/0x280
[  548.105842][T14262]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  548.105881][T14262]  do_syscall_64+0xcd/0x490
[  548.105910][T14262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.105936][T14262] RIP: 0033:0x7fc326f8e9a9
[  548.105956][T14262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.105979][T14262] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  548.106003][T14262] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  548.106021][T14262] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  548.106035][T14262] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  548.106050][T14262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  548.106065][T14262] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  548.106101][T14262]  </TASK>
[  548.308258][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.471584][T11956] hsr_slave_0: left promiscuous mode
[  548.485521][T11956] hsr_slave_1: left promiscuous mode
[  548.604606][T11956] veth1_macvtap: left promiscuous mode
[  548.615372][T11956] veth0_macvtap: left promiscuous mode
[  548.638790][T11956] veth1_vlan: left promiscuous mode
[  548.711245][T11956] veth0_vlan: left promiscuous mode
[  548.746403][T14241] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  549.327290][T11901] Bluetooth: hci2: command tx timeout
[  550.693271][T11956] team0 (unregistering): Port device team_slave_1 removed
[  550.880599][T11956] team0 (unregistering): Port device team_slave_0 removed
[  552.880492][T14294] netlink: 'syz.1.1888': attribute type 1 has an invalid length.
[  553.177858][T14295] netlink: 'syz.2.1880': attribute type 11 has an invalid length.
[  553.244122][T14295] netlink: 'syz.2.1880': attribute type 11 has an invalid length.
[  553.288403][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1880'.
[  553.318856][T14295] netlink: 67 bytes leftover after parsing attributes in process `syz.2.1880'.
[  553.328909][T14295] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1880'.
[  553.362361][T14295] netlink: 200 bytes leftover after parsing attributes in process `syz.2.1880'.
[  554.012271][T14140] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  554.058900][T14140] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  554.128563][T14140] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  554.167830][T14140] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  554.504275][T14140] 8021q: adding VLAN 0 to HW filter on device bond0
[  554.560209][T14140] 8021q: adding VLAN 0 to HW filter on device team0
[  554.575182][T12759] bridge0: port 1(bridge_slave_0) entered blocking state
[  554.582369][T12759] bridge0: port 1(bridge_slave_0) entered forwarding state
[  554.755114][T11912] bridge0: port 2(bridge_slave_1) entered blocking state
[  554.762346][T11912] bridge0: port 2(bridge_slave_1) entered forwarding state
[  555.441363][T14140] 8021q: adding VLAN 0 to HW filter on device batadv0
[  555.458622][T14354] binder: 14353:14354 ioctl c0046209 0 returned -22
[  555.576752][T14140] veth0_vlan: entered promiscuous mode
[  555.610077][T14140] veth1_vlan: entered promiscuous mode
[  555.684470][T14349] Invalid ELF header magic: != ELF
[  555.904760][T14140] veth0_macvtap: entered promiscuous mode
[  556.042920][T14140] veth1_macvtap: entered promiscuous mode
[  556.229426][T14140] batman_adv: batadv0: Interface activated: batadv_slave_0
[  556.281466][T14140] batman_adv: batadv0: Interface activated: batadv_slave_1
[  556.328261][T14140] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  556.344814][T14140] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  556.366792][T14140] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  556.378317][T14379] FAULT_INJECTION: forcing a failure.
[  556.378317][T14379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.401856][T14140] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  556.413845][T14379] CPU: 1 UID: 0 PID: 14379 Comm: syz.3.1892 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  556.413885][T14379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  556.413898][T14379] Call Trace:
[  556.413905][T14379]  <TASK>
[  556.413914][T14379]  dump_stack_lvl+0x16c/0x1f0
[  556.413944][T14379]  should_fail_ex+0x512/0x640
[  556.413973][T14379]  _copy_to_user+0x32/0xd0
[  556.414003][T14379]  simple_read_from_buffer+0xcb/0x170
[  556.414042][T14379]  proc_fail_nth_read+0x197/0x270
[  556.414078][T14379]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  556.414114][T14379]  ? rw_verify_area+0xcf/0x680
[  556.414149][T14379]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  556.414184][T14379]  vfs_read+0x1e4/0xc60
[  556.414212][T14379]  ? __pfx___mutex_lock+0x10/0x10
[  556.414239][T14379]  ? __pfx_vfs_read+0x10/0x10
[  556.414274][T14379]  ? __fget_files+0x20e/0x3c0
[  556.414323][T14379]  ksys_read+0x12a/0x250
[  556.414346][T14379]  ? __pfx_ksys_read+0x10/0x10
[  556.414381][T14379]  do_syscall_64+0xcd/0x490
[  556.414410][T14379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.414435][T14379] RIP: 0033:0x7fc326f8d3bc
[  556.414462][T14379] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  556.414486][T14379] RSP: 002b:00007fc327e8d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  556.414507][T14379] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8d3bc
[  556.414523][T14379] RDX: 000000000000000f RSI: 00007fc327e8d0a0 RDI: 0000000000000004
[  556.414536][T14379] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  556.414550][T14379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  556.414565][T14379] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  556.414597][T14379]  </TASK>
[  557.066501][T11912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  557.104575][T11912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  557.231744][T12173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  557.279225][T12173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  557.305032][T14395] FAULT_INJECTION: forcing a failure.
[  557.305032][T14395] name failslab, interval 1, probability 0, space 0, times 0
[  557.366787][T14395] CPU: 1 UID: 0 PID: 14395 Comm: syz.1.1898 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  557.366823][T14395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.366836][T14395] Call Trace:
[  557.366844][T14395]  <TASK>
[  557.366853][T14395]  dump_stack_lvl+0x16c/0x1f0
[  557.366884][T14395]  should_fail_ex+0x512/0x640
[  557.366907][T14395]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  557.366945][T14395]  should_failslab+0xc2/0x120
[  557.366975][T14395]  __kmalloc_cache_noprof+0x6a/0x3e0
[  557.367013][T14395]  ? alloc_pipe_info+0x10e/0x590
[  557.367046][T14395]  alloc_pipe_info+0x10e/0x590
[  557.367078][T14395]  splice_direct_to_actor+0x77d/0xa30
[  557.367117][T14395]  ? __pfx_direct_splice_actor+0x10/0x10
[  557.367158][T14395]  ? __pfx_aa_file_perm+0x10/0x10
[  557.367184][T14395]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  557.367219][T14395]  ? get_pid_task+0xfc/0x250
[  557.367263][T14395]  do_splice_direct+0x174/0x240
[  557.367301][T14395]  ? __pfx_do_splice_direct+0x10/0x10
[  557.367337][T14395]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  557.367380][T14395]  ? rw_verify_area+0xcf/0x680
[  557.367418][T14395]  do_sendfile+0xb06/0xe50
[  557.367466][T14395]  ? __pfx_do_sendfile+0x10/0x10
[  557.367504][T14395]  ? __fget_files+0x20e/0x3c0
[  557.367550][T14395]  __x64_sys_sendfile64+0x1d8/0x220
[  557.367586][T14395]  ? ksys_write+0x1ac/0x250
[  557.367609][T14395]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  557.367651][T14395]  do_syscall_64+0xcd/0x490
[  557.367679][T14395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.367705][T14395] RIP: 0033:0x7f774858e9a9
[  557.367726][T14395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.367751][T14395] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  557.367776][T14395] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  557.367793][T14395] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  557.367809][T14395] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  557.367825][T14395] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  557.367839][T14395] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  557.367875][T14395]  </TASK>
[  558.191865][T14408] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1841'.
[  558.391580][T14417] netlink: 'syz.3.1901': attribute type 1 has an invalid length.
[  558.806107][T14426] can: request_module (can-proto-0) failed.
[  559.128734][T14442] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  559.577910][T14449] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126
[  559.809930][T14430] kexec: Could not allocate control_code_buffer
[  560.236694][T14462] FAULT_INJECTION: forcing a failure.
[  560.236694][T14462] name failslab, interval 1, probability 0, space 0, times 0
[  560.270920][T14462] CPU: 0 UID: 0 PID: 14462 Comm: syz.1.1908 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  560.270953][T14462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  560.270969][T14462] Call Trace:
[  560.270976][T14462]  <TASK>
[  560.270985][T14462]  dump_stack_lvl+0x16c/0x1f0
[  560.271013][T14462]  should_fail_ex+0x512/0x640
[  560.271035][T14462]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  560.271073][T14462]  should_failslab+0xc2/0x120
[  560.271100][T14462]  __kmalloc_cache_noprof+0x6a/0x3e0
[  560.271134][T14462]  ? sctp_add_bind_addr+0xae/0x3f0
[  560.271163][T14462]  sctp_add_bind_addr+0xae/0x3f0
[  560.271190][T14462]  sctp_copy_one_addr.part.0+0xd6/0x120
[  560.271220][T14462]  sctp_bind_addr_copy+0x1b4/0x530
[  560.271254][T14462]  sctp_connect_new_asoc+0x1d7/0x790
[  560.271301][T14462]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  560.271337][T14462]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  560.271373][T14462]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  560.271410][T14462]  sctp_sendmsg+0x15f9/0x1ee0
[  560.271441][T14462]  ? __lock_acquire+0x622/0x1c90
[  560.271483][T14462]  ? __pfx_sctp_sendmsg+0x10/0x10
[  560.271520][T14462]  ? __pfx___might_resched+0x10/0x10
[  560.271566][T14462]  ? __pfx_aa_sk_perm+0x10/0x10
[  560.271603][T14462]  ? __pfx_sctp_sendmsg+0x10/0x10
[  560.271640][T14462]  inet_sendmsg+0x11c/0x140
[  560.271675][T14462]  ____sys_sendmsg+0x973/0xc70
[  560.271713][T14462]  ? __pfx_____sys_sendmsg+0x10/0x10
[  560.271749][T14462]  ? __pfx__kstrtoull+0x10/0x10
[  560.271791][T14462]  ___sys_sendmsg+0x134/0x1d0
[  560.271818][T14462]  ? __pfx____sys_sendmsg+0x10/0x10
[  560.271864][T14462]  ? find_held_lock+0x2b/0x80
[  560.271907][T14462]  __sys_sendmmsg+0x200/0x420
[  560.271936][T14462]  ? __pfx___sys_sendmmsg+0x10/0x10
[  560.271977][T14462]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  560.272019][T14462]  ? fput+0x70/0xf0
[  560.272048][T14462]  ? ksys_write+0x1ac/0x250
[  560.272070][T14462]  ? __pfx_ksys_write+0x10/0x10
[  560.272102][T14462]  __x64_sys_sendmmsg+0x9c/0x100
[  560.272128][T14462]  ? lockdep_hardirqs_on+0x7c/0x110
[  560.272153][T14462]  do_syscall_64+0xcd/0x490
[  560.272198][T14462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.272224][T14462] RIP: 0033:0x7f774858e9a9
[  560.272246][T14462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.272276][T14462] RSP: 002b:00007f77463f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  560.272301][T14462] RAX: ffffffffffffffda RBX: 00007f77487b5fa0 RCX: 00007f774858e9a9
[  560.272317][T14462] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003
[  560.272330][T14462] RBP: 00007f77463f6090 R08: 0000000000000000 R09: 0000000000000000
[  560.272348][T14462] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  560.272363][T14462] R13: 0000000000000000 R14: 00007f77487b5fa0 R15: 00007ffc0b834c18
[  560.272399][T14462]  </TASK>
[  561.064480][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  561.072486][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  561.097471][T14486] openvswitch: netlink: Flow key attribute not present in set flow.
[  562.518095][T14490] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  562.841970][T14517] FAULT_INJECTION: forcing a failure.
[  562.841970][T14517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  562.855498][T14517] CPU: 0 UID: 0 PID: 14517 Comm: syz.3.1922 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  562.855517][T14517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  562.855526][T14517] Call Trace:
[  562.855531][T14517]  <TASK>
[  562.855536][T14517]  dump_stack_lvl+0x16c/0x1f0
[  562.855555][T14517]  should_fail_ex+0x512/0x640
[  562.855572][T14517]  _copy_from_user+0x2e/0xd0
[  562.855587][T14517]  move_addr_to_kernel+0x65/0x170
[  562.855608][T14517]  __sys_connect+0xb1/0x160
[  562.855627][T14517]  ? __pfx___sys_connect+0x10/0x10
[  562.855654][T14517]  ? __pfx_ksys_write+0x10/0x10
[  562.855671][T14517]  __x64_sys_connect+0x72/0xb0
[  562.855690][T14517]  ? lockdep_hardirqs_on+0x7c/0x110
[  562.855703][T14517]  do_syscall_64+0xcd/0x490
[  562.855718][T14517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.855733][T14517] RIP: 0033:0x7fc326f8e9a9
[  562.855745][T14517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.855758][T14517] RSP: 002b:00007fc327e8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  562.855771][T14517] RAX: ffffffffffffffda RBX: 00007fc3271b5fa0 RCX: 00007fc326f8e9a9
[  562.855780][T14517] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  562.855795][T14517] RBP: 00007fc327e8d090 R08: 0000000000000000 R09: 0000000000000000
[  562.855804][T14517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  562.855812][T14517] R13: 0000000000000000 R14: 00007fc3271b5fa0 R15: 00007ffee50f4f38
[  562.855829][T14517]  </TASK>
[  563.455468][T14528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1927'.
[  563.604673][T11901] ==================================================================
[  563.612790][T11901] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240
[  563.620640][T11901] Read of size 140 at addr ffffc90004c33000 by task kworker/u11:0/11901
[  563.628959][T11901] 
[  563.631285][T11901] CPU: 0 UID: 0 PID: 11901 Comm: kworker/u11:0 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  563.631304][T11901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  563.631315][T11901] Workqueue: hci0 hci_devcd_timeout
[  563.631341][T11901] Call Trace:
[  563.631348][T11901]  <TASK>
[  563.631354][T11901]  dump_stack_lvl+0x116/0x1f0
[  563.631370][T11901]  print_report+0xcd/0x610
[  563.631386][T11901]  ? __virt_addr_valid+0x81/0x610
[  563.631403][T11901]  ? hci_devcd_dump+0x142/0x240
[  563.631420][T11901]  kasan_report+0xe0/0x110
[  563.631435][T11901]  ? hci_devcd_dump+0x142/0x240
[  563.631455][T11901]  kasan_check_range+0x100/0x1b0
[  563.631473][T11901]  __asan_memcpy+0x23/0x60
[  563.631493][T11901]  hci_devcd_dump+0x142/0x240
[  563.631512][T11901]  hci_devcd_timeout+0xb5/0x2e0
[  563.631531][T11901]  ? rcu_is_watching+0x12/0xc0
[  563.631547][T11901]  process_one_work+0x9cf/0x1b70
[  563.631571][T11901]  ? __pfx_process_one_work+0x10/0x10
[  563.631593][T11901]  ? assign_work+0x1a0/0x250
[  563.631612][T11901]  worker_thread+0x6c8/0xf10
[  563.631645][T11901]  ? __pfx_worker_thread+0x10/0x10
[  563.631665][T11901]  kthread+0x3c2/0x780
[  563.631683][T11901]  ? __pfx_kthread+0x10/0x10
[  563.631701][T11901]  ? rcu_is_watching+0x12/0xc0
[  563.631714][T11901]  ? __pfx_kthread+0x10/0x10
[  563.631732][T11901]  ret_from_fork+0x5d4/0x6f0
[  563.631750][T11901]  ? __pfx_kthread+0x10/0x10
[  563.631768][T11901]  ret_from_fork_asm+0x1a/0x30
[  563.631787][T11901]  </TASK>
[  563.631792][T11901] 
[  563.779107][T11901] The buggy address ffffc90004c33000 belongs to a vmalloc virtual mapping
[  563.787647][T11901] Memory state around the buggy address:
[  563.793275][T11901]  ffffc90004c32f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  563.801338][T11901]  ffffc90004c32f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  563.809389][T11901] >ffffc90004c33000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  563.817455][T11901]                    ^
[  563.821543][T11901]  ffffc90004c33080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  563.829613][T11901]  ffffc90004c33100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  563.837669][T11901] ==================================================================
[  563.858551][T11901] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  563.865803][T11901] CPU: 0 UID: 0 PID: 11901 Comm: kworker/u11:0 Not tainted 6.16.0-rc7-syzkaller-00093-g94ce1ac2c9b4 #0 PREEMPT(full) 
[  563.878164][T11901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  563.888252][T11901] Workqueue: hci0 hci_devcd_timeout
[  563.893490][T11901] Call Trace:
[  563.896770][T11901]  <TASK>
[  563.899703][T11901]  dump_stack_lvl+0x3d/0x1f0
[  563.904304][T11901]  panic+0x71c/0x800
[  563.908216][T11901]  ? __pfx_panic+0x10/0x10
[  563.912675][T11901]  ? mark_held_locks+0x49/0x80
[  563.917466][T11901]  ? preempt_schedule_thunk+0x16/0x30
[  563.922855][T11901]  ? hci_devcd_dump+0x142/0x240
[  563.927733][T11901]  ? preempt_schedule_common+0x44/0xc0
[  563.933213][T11901]  ? check_panic_on_warn+0x1f/0xb0
[  563.938348][T11901]  ? hci_devcd_dump+0x142/0x240
[  563.943214][T11901]  check_panic_on_warn+0xab/0xb0
[  563.948168][T11901]  end_report+0x107/0x170
[  563.952527][T11901]  kasan_report+0xee/0x110
[  563.956951][T11901]  ? hci_devcd_dump+0x142/0x240
[  563.961821][T11901]  kasan_check_range+0x100/0x1b0
[  563.966774][T11901]  __asan_memcpy+0x23/0x60
[  563.971207][T11901]  hci_devcd_dump+0x142/0x240
[  563.975901][T11901]  hci_devcd_timeout+0xb5/0x2e0
[  563.981025][T11901]  ? rcu_is_watching+0x12/0xc0
[  563.985802][T11901]  process_one_work+0x9cf/0x1b70
[  563.990762][T11901]  ? __pfx_process_one_work+0x10/0x10
[  563.996154][T11901]  ? assign_work+0x1a0/0x250
[  564.000760][T11901]  worker_thread+0x6c8/0xf10
[  564.005382][T11901]  ? __pfx_worker_thread+0x10/0x10
[  564.010514][T11901]  kthread+0x3c2/0x780
[  564.014598][T11901]  ? __pfx_kthread+0x10/0x10
[  564.019209][T11901]  ? rcu_is_watching+0x12/0xc0
[  564.023983][T11901]  ? __pfx_kthread+0x10/0x10
[  564.028587][T11901]  ret_from_fork+0x5d4/0x6f0
[  564.033193][T11901]  ? __pfx_kthread+0x10/0x10
[  564.037801][T11901]  ret_from_fork_asm+0x1a/0x30
[  564.042581][T11901]  </TASK>
[  564.045855][T11901] Kernel Offset: disabled
[  564.050173][T11901] Rebooting in 86400 seconds..