last executing test programs:

8m47.773352484s ago: executing program 3 (id=969):
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008)
r0 = socket(0x1f, 0x3, 0x400001)
r1 = socket(0xf, 0x5, 0xf)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x110c230000, 0x1, 0x9)
r4 = timerfd_create$auto(0x6, 0x2)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000000)={0x90000000000000, 0x0, <r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/178, 0xb2)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000700)={0x6, 0x5, 0xff, 0x6, 0x0, 0x4a, 0x7f, 0x1, 0x6, 0x401, 0xf, 0x5, 0x6, 0x0, 0x3, 0x3, 0x9, 0x401, "ca43a58b24b7199ea5fb9a7aa82302e7644dfc6421eef00dbd972516e6072461459c5ff4"})
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
r8 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r8)
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r5, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x474, r7, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x458, 0x6e, 0x0, 0x1, [@typed={0x8, 0xd7, 0x0, 0x0, @fd=r1}, @nested={0x43f, 0x134, 0x0, 0x1, [@generic="d2e3adb9e3a7e0ce791555674551245d7db0e11c40c27a6739369b4dd2bc252932649dc61868d12ff9e654270cfe145ddb584c47501433a8860bce21de5b2383a959ac160c3e2014f6664abb8c1614cfd8977136027f96d2b2d06d2146b55515df732c1f42c4258f06dd2da7fb867578fc57bb439790c5237b7e95e65eb1e718747334784e4f59fc289917f60c7d60d05758252dffe7a6bfe4f1ff6c3d6df9750df41c59b6ede0ae91b509a090ffada2e5174e85349e73461cb63a99b3f53d958860ac7721bb70f3e93c70c54eb18b31380bbc34d1ac", @generic="e6ffecc8bcb39a2f6500318b86ea6bca6fbb286456d12fc1d9201738f2f1d78dbcfabc7b455b61537d1120a5bdf1036a591a6b3caf8fa4fffcc1a99d434ad065d219c6b8580e8d0940650964dcfa5eb2e28ce45240e90b460c4b194f72ddeb307d276eefb3bf7433aa393240a71ed6f70419cb", @typed={0x8, 0x11e, 0x0, 0x0, @fd=r2}, @generic="9f9b6e3ebeacb7c759d51d4624124556b7f9034ea2616b39920a955c8f1032dff87e44fe46ad849e68548d94c837971139535362186358c41d204a7c29f89a31f7897f853290939b570680faf94fdce733605dec25222aee3c3b89b86b24660669d5dfea17775cb3a4f1ea7064fce27dcce04c9abcf3f3bf83a6cadb714e0f7e61a9ea38fdc01961038065ef56b5771632be316a4de6f834dc60a8f37b46b5b4215c3f11c516f8902f2d2558225c6f27e76c75942d95e38c199364c6f3d5cc4a841cb1af5f5c0f8d69e05f0b035c42426ae3cad2104f08e8", @generic="f1d0ac4a595aa30d2871e8d06bf222ee3174529e3d2a1f20c96e5406d14a6e3dbb9d433a7c9142eea36102f0edeb8912a46b109fe156507c8a7e81271f018f706b19e1386f881b97ca660a329a32785fbd688d248fba51ca8b4e5be02c257423ae73235a1bba93ff696f57836cbb846a0509400c6a0a8ffbb587b226654e2874a141aea5f2c6a68d7c2fea47baf41a6931b4f19ade02c0912281a73d802e2386d1ce16e3faf24015c5e80b4defe71dbdc1e8eeaedfd6bace1838e566d946f57fd22cc4afec2426da8a213ac7", @nested={0x4, 0x20}, @generic="46638a3face568bf0c189904b04719ecb6e906d77556032914a561fe8290d9e6800c91580150e04bd3c00fdd71d0e3fb5e973974b2d799f456267e7a1a33c3246163daa7f8af1daaadbaaeff91a831416f2b460a3ca488a9f84cd3de7b8d039740a44dc153bda3d85dc41e2cea97b686ef5a7b86d2e41c55be5aca44b59566b019d9e71dcaaf9fcdad1b4d99c2648afccbf579b7242a8eee6518e1b95ca4115a798ec9f729f8a929808d19ac0578cdba623f7a7f3b6c6f98b486045ceccaf52fdd9a23d9", @generic="f841e6d1925c47bfd8cf0646a6d4bcb74f0866271d4e45a32d2940d06a0f319ae7b98320a669553f01a8cc80bddfc6f0782209abe24d8212ffac4b2803e24f4ad56dea815d2d7922c23ba2162f319756ccbbee9666e4fde2d5e0a9a88a7d403174782324c2a86dc9d6a6996d95d8664036014bd7419b", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @typed={0x4, 0x9}, @typed={0x8, 0xc8, 0x0, 0x0, @u32=0xff}]}]}, 0x474}, 0x1, 0x0, 0x0, 0x8080}, 0x40080)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
statmount$auto(0x0, 0x0, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

8m45.813943387s ago: executing program 3 (id=975):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x8000, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80840, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)

8m44.709085503s ago: executing program 3 (id=981):
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fsconfig$auto_FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000040)='\x00', &(0x7f0000000100)="24463d791d99d61dce5d7011515f661d110832ee3a41c937249983cbda7710", 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x60002, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xf, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r0, 0x8000)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
io_uring_setup$auto(0x7ff, &(0x7f0000000080)={0x7efffffc, 0x8, 0x3002, 0x7, 0x7, 0x4006, 0xffffffffffffffff, [0x0, 0x20000, 0x4000000], {0x20000006, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x69cb, 0x6, 0x3}, {0x5, 0x8001, 0x2052, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000003}})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, r2, 0x3fc4)
socket$nl_generic(0x10, 0x3, 0x10)

8m43.724468559s ago: executing program 3 (id=984):
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008)
r0 = socket(0x1f, 0x3, 0x400001)
r1 = socket(0xf, 0x5, 0xf)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x110c230000, 0x1, 0x9)
r4 = timerfd_create$auto(0x6, 0x2)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000000)={0x90000000000000, 0x0, <r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/178, 0xb2)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000700)={0x6, 0x5, 0xff, 0x6, 0x0, 0x4a, 0x7f, 0x1, 0x6, 0x401, 0xf, 0x5, 0x6, 0x0, 0x3, 0x3, 0x9, 0x401, "ca43a58b24b7199ea5fb9a7aa82302e7644dfc6421eef00dbd972516e6072461459c5ff4"})
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
r8 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r8)
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r5, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x474, r7, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x458, 0x6e, 0x0, 0x1, [@typed={0x8, 0xd7, 0x0, 0x0, @fd=r1}, @nested={0x43f, 0x134, 0x0, 0x1, [@generic="d2e3adb9e3a7e0ce791555674551245d7db0e11c40c27a6739369b4dd2bc252932649dc61868d12ff9e654270cfe145ddb584c47501433a8860bce21de5b2383a959ac160c3e2014f6664abb8c1614cfd8977136027f96d2b2d06d2146b55515df732c1f42c4258f06dd2da7fb867578fc57bb439790c5237b7e95e65eb1e718747334784e4f59fc289917f60c7d60d05758252dffe7a6bfe4f1ff6c3d6df9750df41c59b6ede0ae91b509a090ffada2e5174e85349e73461cb63a99b3f53d958860ac7721bb70f3e93c70c54eb18b31380bbc34d1ac", @generic="e6ffecc8bcb39a2f6500318b86ea6bca6fbb286456d12fc1d9201738f2f1d78dbcfabc7b455b61537d1120a5bdf1036a591a6b3caf8fa4fffcc1a99d434ad065d219c6b8580e8d0940650964dcfa5eb2e28ce45240e90b460c4b194f72ddeb307d276eefb3bf7433aa393240a71ed6f70419cb", @typed={0x8, 0x11e, 0x0, 0x0, @fd=r2}, @generic="9f9b6e3ebeacb7c759d51d4624124556b7f9034ea2616b39920a955c8f1032dff87e44fe46ad849e68548d94c837971139535362186358c41d204a7c29f89a31f7897f853290939b570680faf94fdce733605dec25222aee3c3b89b86b24660669d5dfea17775cb3a4f1ea7064fce27dcce04c9abcf3f3bf83a6cadb714e0f7e61a9ea38fdc01961038065ef56b5771632be316a4de6f834dc60a8f37b46b5b4215c3f11c516f8902f2d2558225c6f27e76c75942d95e38c199364c6f3d5cc4a841cb1af5f5c0f8d69e05f0b035c42426ae3cad2104f08e8", @generic="f1d0ac4a595aa30d2871e8d06bf222ee3174529e3d2a1f20c96e5406d14a6e3dbb9d433a7c9142eea36102f0edeb8912a46b109fe156507c8a7e81271f018f706b19e1386f881b97ca660a329a32785fbd688d248fba51ca8b4e5be02c257423ae73235a1bba93ff696f57836cbb846a0509400c6a0a8ffbb587b226654e2874a141aea5f2c6a68d7c2fea47baf41a6931b4f19ade02c0912281a73d802e2386d1ce16e3faf24015c5e80b4defe71dbdc1e8eeaedfd6bace1838e566d946f57fd22cc4afec2426da8a213ac7", @nested={0x4, 0x20}, @generic="46638a3face568bf0c189904b04719ecb6e906d77556032914a561fe8290d9e6800c91580150e04bd3c00fdd71d0e3fb5e973974b2d799f456267e7a1a33c3246163daa7f8af1daaadbaaeff91a831416f2b460a3ca488a9f84cd3de7b8d039740a44dc153bda3d85dc41e2cea97b686ef5a7b86d2e41c55be5aca44b59566b019d9e71dcaaf9fcdad1b4d99c2648afccbf579b7242a8eee6518e1b95ca4115a798ec9f729f8a929808d19ac0578cdba623f7a7f3b6c6f98b486045ceccaf52fdd9a23d9", @generic="f841e6d1925c47bfd8cf0646a6d4bcb74f0866271d4e45a32d2940d06a0f319ae7b98320a669553f01a8cc80bddfc6f0782209abe24d8212ffac4b2803e24f4ad56dea815d2d7922c23ba2162f319756ccbbee9666e4fde2d5e0a9a88a7d403174782324c2a86dc9d6a6996d95d8664036014bd7419b", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @typed={0x4, 0x9}, @typed={0x8, 0xc8, 0x0, 0x0, @u32=0xff}]}]}, 0x474}, 0x1, 0x0, 0x0, 0x8080}, 0x40080)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
statmount$auto(0x0, 0x0, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

8m42.143172216s ago: executing program 3 (id=990):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80840, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)

8m41.282097849s ago: executing program 3 (id=994):
mmap$auto(0x0, 0x8, 0x4000000000e2, 0x14, 0x401, 0x2)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x3, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mincore$auto(0x1000, 0x8001, 0x0)
r2 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
pread64$auto(r2, 0x0, 0x401, 0xeab)

8m25.668582799s ago: executing program 32 (id=994):
mmap$auto(0x0, 0x8, 0x4000000000e2, 0x14, 0x401, 0x2)
socket(0xa, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
modify_ldt$auto(0x3, 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
process_mrelease$auto(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
mincore$auto(0x1000, 0x8001, 0x0)
r2 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
pread64$auto(r2, 0x0, 0x401, 0xeab)

1m45.941085291s ago: executing program 0 (id=2215):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)

1m44.773156374s ago: executing program 0 (id=2219):
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008)
r0 = socket(0x1f, 0x3, 0x400001)
r1 = socket(0xf, 0x5, 0xf)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x110c230000, 0x1, 0x9)
r4 = timerfd_create$auto(0x6, 0x2)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000000)={0x90000000000000, 0x0, <r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/178, 0xb2)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000700)={0x6, 0x5, 0xff, 0x6, 0x0, 0x4a, 0x7f, 0x1, 0x6, 0x401, 0xf, 0x5, 0x6, 0x0, 0x3, 0x3, 0x9, 0x401, "ca43a58b24b7199ea5fb9a7aa82302e7644dfc6421eef00dbd972516e6072461459c5ff4"})
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
r8 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r8)
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r5, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x46c, r7, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x450, 0x6e, 0x0, 0x1, [@typed={0x8, 0xd7, 0x0, 0x0, @fd=r1}, @nested={0x43f, 0x134, 0x0, 0x1, [@generic="d2e3adb9e3a7e0ce791555674551245d7db0e11c40c27a6739369b4dd2bc252932649dc61868d12ff9e654270cfe145ddb584c47501433a8860bce21de5b2383a959ac160c3e2014f6664abb8c1614cfd8977136027f96d2b2d06d2146b55515df732c1f42c4258f06dd2da7fb867578fc57bb439790c5237b7e95e65eb1e718747334784e4f59fc289917f60c7d60d05758252dffe7a6bfe4f1ff6c3d6df9750df41c59b6ede0ae91b509a090ffada2e5174e85349e73461cb63a99b3f53d958860ac7721bb70f3e93c70c54eb18b31380bbc34d1ac", @generic="e6ffecc8bcb39a2f6500318b86ea6bca6fbb286456d12fc1d9201738f2f1d78dbcfabc7b455b61537d1120a5bdf1036a591a6b3caf8fa4fffcc1a99d434ad065d219c6b8580e8d0940650964dcfa5eb2e28ce45240e90b460c4b194f72ddeb307d276eefb3bf7433aa393240a71ed6f70419cb", @typed={0x8, 0x11e, 0x0, 0x0, @fd=r2}, @generic="9f9b6e3ebeacb7c759d51d4624124556b7f9034ea2616b39920a955c8f1032dff87e44fe46ad849e68548d94c837971139535362186358c41d204a7c29f89a31f7897f853290939b570680faf94fdce733605dec25222aee3c3b89b86b24660669d5dfea17775cb3a4f1ea7064fce27dcce04c9abcf3f3bf83a6cadb714e0f7e61a9ea38fdc01961038065ef56b5771632be316a4de6f834dc60a8f37b46b5b4215c3f11c516f8902f2d2558225c6f27e76c75942d95e38c199364c6f3d5cc4a841cb1af5f5c0f8d69e05f0b035c42426ae3cad2104f08e8", @generic="f1d0ac4a595aa30d2871e8d06bf222ee3174529e3d2a1f20c96e5406d14a6e3dbb9d433a7c9142eea36102f0edeb8912a46b109fe156507c8a7e81271f018f706b19e1386f881b97ca660a329a32785fbd688d248fba51ca8b4e5be02c257423ae73235a1bba93ff696f57836cbb846a0509400c6a0a8ffbb587b226654e2874a141aea5f2c6a68d7c2fea47baf41a6931b4f19ade02c0912281a73d802e2386d1ce16e3faf24015c5e80b4defe71dbdc1e8eeaedfd6bace1838e566d946f57fd22cc4afec2426da8a213ac7", @nested={0x4, 0x20}, @generic="46638a3face568bf0c189904b04719ecb6e906d77556032914a561fe8290d9e6800c91580150e04bd3c00fdd71d0e3fb5e973974b2d799f456267e7a1a33c3246163daa7f8af1daaadbaaeff91a831416f2b460a3ca488a9f84cd3de7b8d039740a44dc153bda3d85dc41e2cea97b686ef5a7b86d2e41c55be5aca44b59566b019d9e71dcaaf9fcdad1b4d99c2648afccbf579b7242a8eee6518e1b95ca4115a798ec9f729f8a929808d19ac0578cdba623f7a7f3b6c6f98b486045ceccaf52fdd9a23d9", @generic="f841e6d1925c47bfd8cf0646a6d4bcb74f0866271d4e45a32d2940d06a0f319ae7b98320a669553f01a8cc80bddfc6f0782209abe24d8212ffac4b2803e24f4ad56dea815d2d7922c23ba2162f319756ccbbee9666e4fde2d5e0a9a88a7d403174782324c2a86dc9d6a6996d95d8664036014bd7419b", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @typed={0x4, 0x9}]}]}, 0x46c}, 0x1, 0x0, 0x0, 0x8080}, 0x40080)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
statmount$auto(0x0, 0x0, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

1m43.74849356s ago: executing program 0 (id=2222):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
open(&(0x7f0000000100)='.\x00', 0x591082, 0x408)
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r0, 0x0, 0x400018)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c00, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/fail_page_alloc/times\x00', 0x2, 0x0)
mknod$auto(0x0, 0x1081, 0x3)
creat$auto(0x0, 0x1000)
creat$auto(0x0, 0x8d00)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)

1m42.823781139s ago: executing program 0 (id=2227):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
io_uring_setup$auto(0xc, 0x0)
r1 = socket(0x2, 0x1, 0x0)
r2 = getsockopt$auto(r1, 0x0, 0x61, 0x0, &(0x7f00000000c0)=0x28)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1e, 0x1, 0x0)
socket(0x28, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x1)
r4 = pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r8=>0x0})
sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r6, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x804}, 0x4080)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r9=>0x0})
msgctl$auto_MSG_INFO(0x10, 0xc, &(0x7f00000001c0)={{0x10, <r10=>0xee00, 0xee01, 0x3ff, 0x4, 0x9, 0x3}, &(0x7f0000000140)=0xf2, &(0x7f0000000180)=0x41, 0xfffffffffffffffc, 0x1, 0x2, 0x0, 0x4, 0x8, 0x7, 0x8, @raw=0x5, @raw=0x3})
r11 = socket(0xa, 0x2, 0x808000)
r12 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r11)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="000429bd70660500fddbdf25050000000f0002002f70726f632f000000000000000002000d000000d55a363a459d3b9462f15fd8ae6b689586fe99c5a8c7a960d52e8c5ad684f3e3"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000)
sendmsg$auto_NFC_CMD_SE_IO(r2, &(0x7f00000019c0)={&(0x7f00000018c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001980)={&(0x7f0000001900)={0x5c, r12, 0x300, 0x70bd2c, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_NAME={0x40, 0x2, '/sys/devices/virtual/block/nbd14/power/autosuspend_delay_ms\x00'}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x2f}]}, 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x800)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000001880)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001840)={&(0x7f0000000240)={0x15d4, r0, 0x200, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_FEATURES_WANTED={0x1358, 0x3, 0x0, 0x1, [@nested={0x17c, 0x4f, 0x0, 0x1, [@nested={0x4, 0x8a}, @typed={0xe, 0x124, 0x0, 0x0, @str='/dev/sda1\x00'}, @generic="4334eb7e1ed951be877667b397b4162cc26b2e9bcfb3728fb071887c7e1c1bd31020fee7cee4617151f1bcf494276aeca7c7a850db1f80e7971910fff32121a903ae14d8cf910c129cb0c07f42dca458", @generic="5636d2e1a3b017d84618ee41", @nested={0x4, 0xd3}, @typed={0xe, 0x14, 0x0, 0x0, @str='/dev/sda1\x00'}, @typed={0xf4, 0xbb, 0x0, 0x0, @binary="65529c0520ff74b1b808239c480ddfac0aca79ba2c8f10dc559a60afe54e2f0cb3478d10e94b4ed3c29f6ee7ffcdc14ab520134d9d0cb3a02d00a801fb9c6d8ccf1cb5e47c71c1aad5eb22139915e168770de43a7b290a31f96f46f2a64d4745db33b14c23046d14c52546597da22e6c66f004c7b13ce92c46cdba8f1c71547f5e303e082753a94a49aa01a2ed5c96f4b27b49740fe2bb32b84521f652340a639677951af3f577d7766edef7df16223d85e7d0dbf8445b10e1bf32b10a0e6a6660e813482f1e8f5ecb3d47c3e219cc1933161d75f294f68477ae02a3573c84a32db1c6c34b7a724212901cd1c384a7ea"}]}, @generic="1402424bbdbfb1e82edfcb0bd7904dc8db6efabf852f74a33218cc491e8760ee5ab5fe50264ed54875fe88d51e607195", @generic="403e2462099160c7f1054cb4397ec71f59df01ba563c78b9a3e9b1c9186cc5382b705b826d0d6ba44637d286eb41957a7dd1774a72e9ac52420a0bb7b2c2f026b6058a4cf877479c66b107af85df6994da5dbfab721d5772ee4bc77dde07ea5d9883abd7581a8b4cd7a42aa25f7f7a48b2d8f09864d8aec4140a9edabbfaab97a5c5854e9d5e1e8a653e1a9379a39013e0ab10347202c1571d3f5a658c6f481ef45af9be053284a79abd420ebb", @generic="f8ce98ebf385d5a5eb5a478d398ddac50f86d85457a0417734d4f7f15e2d632cf1c16c76cfa1fce4f5edda7e779a01aa0af30d9bd0691676e41cd7846fe98472a9d45dff05af44b47d0a9dc93d93b3faef5d7c85a82a19afa0ae65785fd6beff167eb475093af1df09dbfd7c0a7619df1ae496cd22887fbfc892a34423d3c9695f6961c0d509138ca4bbe88a8e0ededd875d7e8115eca3d8e153e661511272d674e6123e94868831e8b584c94ff3c668619ca775cc856af47ea2ebf47e8608e5fa05107af30efe07be984e008d8292145d934167a5491329ed1e3b984902ec51e5ed0b60814faa418fd253e0b8bffc0eb60f17772477c97293076ca03247fe649048d958ef433babfa44088bb9bca97ce78fc24a673cf9e487a68dffd35b842dfa1ae96eccecba346cacab6d5f3c25424313fff15d9f7df42951fdbc3daa4c0bb9745a6d83e3b14595747ba2c2b7ad678b75ed911523253749738e14783f370a367300aa376fed642a13f077097ba78284be69f4009c3e21c5f22b2d910db9649cd9957ffc02548b9758e06b1f92ce88ee8fdd04f2edd65cab2b1cd7e4440d2f03d632c7f6147579f742c47bfaf9c0b21598491bcff54d7a363469bd47161320486357feb2453f0dde306c046043be335555887d885eb2453e901f394222fc10e6d4deb450519c5533f9d6ee5b3a28a357703a04d8c9ec11f29682d9bf2154d76b76bb8a947ce9b8bd5a844aa71ca496e73b2032727b90124f25e6680a33055c54d727272315000def268148fa7ef229f37f6886cdea761f73873f2411f05006ee534872f41ff69a3483b78a2b86c94066b3335fa0078a4b03d78236aa5141a6352461e016eac810929100c7a2530546910ec8574a78e6213921044fa56ca89843f1343896fc81340e9f70a3c893b8c358aa7465e8137938a86edd4f55a404785d4c8ee3b337a2536748f5596b973efc8c805bdaf110c415285cbb2452b8f8d630ca0e5356c1d4565634b1743461f62e04de317987310407a081748fd82aac1e9db6155d879ceb5601271aae482000846d6456f3a0f42a7ea81a5a2801cd119c8a69aecf8a61fad4c6775fd1cd8689b67413ec870fff71685aa94f02d0b0019f9cf7b6134071834eab9d2674ea9d4863ef963fcd71363fee2c2abfca4be7d0d817ffe0ead6772b05f2c667f7e40efe071605ca6ce9bd9189a1a024e9d22aea5989400b23a3dbb385900c633bf353cd2935f86ec81d0fce50b71f91d4222681ff617b7d944305ad52cde48f638bcbafecac42e392d813f1aa860c5bae4d149e7138b218f74899590ead23119f06020b90ee4adda306d86eebc7f55d6d99a2a274708d2a9349df75ee2819d4c4a0f93a7d949abf0fef95e2994981614382eec59307995d2d7bdbbd9b6080ed9422a7b29aad7abb084b5df996811dfefff2554f035aa02c4d08166e22c06d965421c17f2735d4857ec4d7dc31093035a7e7e1a6d21acb129ecc4f0c4f98c7adb0468fe457f424753f72f2b6c1decad76897e7ad2e38ce4b901f0d8c73e702191a05738b27485203b9b3c2891e9c75a0271839e56a7dd18f5fe8d2754fe426ebcc0577c1d295a9727e9e33ee03aa77746d6ff8af22015d1f92de1d1dbd7638678b521550747fc9014a7fba2520d90c09a054dcd19d3ff4b4d7b1ceae252e3d978734165405246c11b9ffd3e55ce62f59bbf148a840b44f2bf38ecfe9007dc7bd00c19ee9348339e4750b2f01ae0f2d687a3048917e6ec8d2550b70caf139b92529d63ab21e3d7bfe4540f414650a3ecf4238261f10e73b5e6e40edb160df77776a963052db83b67a1d5dcc2b967f7c91e80d1a97b0f14427dc3f992d3265bba56908de0faab04b4499cfd156acd10c5786daf2ae810e0a82fcdb5d48b7e9f8781f88976b1a928ec2ec854a8b358e412a1ae717101591f6218d1bae964f95fc476dada2ef597d69599f5e5a3ad0f93429bc7c07165dca4cbcb2ef218199a0d0ec5f0bb75b9fb8402b90c91e0b49e83503b27222ed68735fb3d8c2aac017e74104edae52e3e7a30a619e9543584fc6532669b21f70de45308fb495b3587569496b4d0fbe71dd39231849025d20a0200e9ce026429e4aaf00cd287ab982ce929f90f445e0343ec1525baa69fd1b50fd9568723e75acead0557347df9903c1881bded64543b60d5bc4df6547afd978553ce5100d39a5c269ae49c4fdd2ba54af534031e248972b4bb1531771223276b4c7fe2758ce7116430e79c0758c6db72dbfa0792d8d8d5bfcc913cd5ad4f4cad5e8f76b75d89bc5babedbca02f36c4ca224964cdb673e46ea1675e665f7e0a080caa32f4e53740a25900726ee6ba9d397a6e46f4c605f0a823f8b2ea4a6e35f6478398346b8e5936e04d14a9e5691f24c014f0926fe4a35ba7719679a4bc95d8d87681c2794bd61b8326a49710a933d75b11f2ce173f10587b7ae2ee783b603edddb7db45bfe0723b58b5f666201b96d98799eef577b71d14b14b4ce39fd95cdb9b3fe5d0167e743276290c7917234a8e951c9c89937ad057e20f731bc4f6e9f1e2d7cf1eed846b5d86b76d3530b05640133da6aff66d28fc4d2355f4fe80ca8118cd717a74c706f41d075f883b136c30d9f1d5620aecae924254bab58af277f5fd01d9a04c9d75975a3853bb0c34d3414c528e9bc7b41f7c35dc38972d89ebc8340da4667218308a11f3b47f922a465b2534ab0d5efd25566a2ad7f745187be0ee2dbf62fae26d15043c678cec5ecc58dd97c11bb2d3782130f056952a8b1f34771c37203614db2cdc043416309b5f59d4f515bf17ee3bcb12d2c9a4abdb8c719f6d9c34f7d1bb5244699e50691d57d4d93dc292a15f99b366e97e14726903ccdd3a0c11e3df2b7cc8890df7a4b7c19ee089ee37b4fe217f9314be50d167e99db5ffcfbbfa71bf00e696a426743a5f325d2fe68d90cbbd8e75d0baca55d1d065dcf364e94d411c29ca769d0e77cd126a120c1251aeb2885850c8705ca38c1101984c2f4a0ff5bc0406893353b84c7a93d3d3471c565af83976c07f0295858a10265d5fc8418a1dcdc5fad90a5282393f0965efedfd9e63e1de2964d6b209de0d5a4d8d797e744133cf2a9f6464fc453a81685a4df056de3728d2973c80b633b550480d9ab6778e37fdfbf24902772e44cbc3f79f5f7dfef2a1c36a2cf6d11b2afc034369332113cbd338c1344d7f7233560fb9fd930253fbde730d4433c881cf0d5c837b7835cd9d85b088d4a665b6051ce6600a5c199aa296302359c101444806fdb082f516b754e9dd85c9e30fdd9bbce1e042ad00f976af157e28dc77273dea3875a56d030616436c36dae6ebab57ffcbe9dba06b56cd74175a3ce7d3a8aeaaf7dd29cf23e5ff825c418880ee1aa61e35d6c2c5df4c9e137aa4f74aa13d5d6aa2f235a1c1b87ff1e4f5b0b3ecc69d4dcd0d56356a876af01aefd88b1c03510d7adf64b4049381e83eb19fea1e3ab8ff2fb097662c07838889e02a56dcf2423c5a08a7ea65ed386f7c8ea47053f88007dfe4d54ed6f3c414359220d3ed40625170296ab8900710e55642fc563c2c405ea810a16758777df5aa2f064dc95f61601572b4df0118583845fffaa200215e67cf78354ef157fd8edb46b260c59a2e225407971e374577a7ca4654f4205a193d1cbcc77130e1c926b28131a46f807c095916d81368523de04d65e845334c017aaccb170407b76c00c281a944e9b888920cddccbbcbe81e56820efef4a9718837982f9127f1a2781340ad13ef6a8bcfa6edf0d03484e03335b8a01931aad49a8d502f83015f502e4fabaf4a828351a290b1b65b98529351e18e2966a59e87165e1fcc8e163d5ce349599a552bfb20d3042e7abf8d22310e0dbbdd9876d16fc51683775f02e39f64f8ef7f2429fb641fde67a725606ba3b9beee40e4a20d2d49c8415d27081c72e6394a2df506354a868eeb228f16a88c47a8950f94039303e0c9bb62620abd38402bcf817fb1d6b571a674692faddd2954f88025482a8f0a66f119f366151d2ae73a11f63d25104a571d8185efe984fbb401e7e7cfb017a2d78bc356aada666430b0ed9198b1c7025a5efe28444cd2a43c1d8897270efbefd46ef31739e5556e7e4e7adcd00038f17885e71b24a7de458c56990a9022cc0548b1872f9ed02dfb8f48b4e07d9159e8bed303f59d860775939a868695362edb516e7a8d56c6ee2008683bcb11394e4c310d3b499cb2fb3cdf408ae21b4346a23e08dbf13f9edac14588b2b32839b32ed96808b81821ba639049eea03211ef99b2edebbddd8fe7d694d4adc6cc01a65e3ac3a7a5122c9c9d5a24eaea181340ee49b63e8388bb1e2b14d088bf6570f5d63f3ad2624dc8f8f6a8bdba73f2d3a956bd508b4ab705a1a13d898ba1f8366af15cd61b83acf71c2d103e7d0e4d7a5251a9002e23ec486002f15f31ee3498107903edfd7835acf2bf9c76b0e83499d2256a29d6347735a3cf3217633bf8eda9291128768b36712bcc154895ced1f15a522f9542af8c5489a76b3fd8caae00a3490fa1c75f4306236adbddad9c26b1dd5a636b9e1afaa43d7475561b30cb7feeb66d5d4c474822ae0c778b773abfbaabd784ca3ccc708d54744f1fed9ed285ce15492cf9ab25c37f0df7fd29cbe5d20e4ebc29988bb97871e8b33cf83823b662922a63a346552f2338b722fd136c6a88bcbd5a9036bc4f8880e7b4bf4016133313f27830fd10abed2c38d0ad203536dfbbecc3b1316531685def983dde9ded38c93524f8b1aa23a85b602cca6f440663b3ba9d34438cc86903665a6b721482c4d8df9522bd3995d5a7aa866fc5f1c79cf043be506082f3e533ea6cf730990a4e44ccde9305e2545ff7c8b33dac6587f70f1b2b1cdda0539c1307273fd2f3e13bb26fb01b319811503ea95326a77bc6a37ad5d3f8723aaa6b531bc96e464dedb437b86193e366cc497992feed433fc66fc2256174862d9e902c5bf167473af7ac245d6ce661744fd2e1cbe92a7ec19f8b17c6d05b977c52bf0f56abdea65c3ebacc21bf1f3612c1ed04833ac38e6f5191b401a4f0fa0d434f2ba0f3ed0e4dbab7b9caf8a32ce8b88c67c07296da835cb6721ccd696f9cea6c32b4ea83d65ae965b824f57bca522094f8a6dd386fef8d86eab620e1d54091f93c2f0ef39670ea659d776143466f2966c4275144838655700e8f1d18aa7957c1ea783246d435e79ddb2b15219d297be98df1a4dfea0443610c9557284a0a84f69c81535536e2cf7953e636afc8d4bd80ac5184358c4d4533e5b29dd4077af913429eda415b408b3fa668d24b2e1e2d6907c9ccb1a2df20121e608e960a180a9c7c91f639e631e8f080eb9becaaf7586ba675f0bf39389549dbb99f1b72b6fdf73e20a3b3d87e64e89ab88d2f9f9e9fbd9aec0348045739991d37c0d91adb5036635b9f6a8e0d5d07ff114deb391cbb50c6b7172dacc9f9913b8306c513b93d2ddc87ad10695f5271009e15798e331bf8632fddb568a8683722e2bd813542c30848349f165c255220b14e5967370563cab15f2d225f00f8a722f807980096f8a94d78e7915a97ba696386bf1b29566684f9ba26537b0b15a38a9edc4686cf91d9d8252e837dd83c0c96308d08d36eb3df57c94bc2993c468333f11b793c913dc0e707bdf64a0f121e137ad45a0e9d50a0bdc80d9f3223dc7c8265b833ce2103605473c1fc4aad2e64dffcf394795f78016530cea29f6d29f80bac07788cfd946b72cdb5c3b31b7447b98cd4d1b484073ca0", @typed={0x8, 0x95, 0x0, 0x0, @ipv4=@empty}, @generic="d9635b4a96f10b70517fcba340e724c9c86249e3a9557c202d6085d318d7ade8abb81e5f68a4751deea8696839638c1ef8c5b12cd108ea6937d0faadf5e1f22a4e0f0d8412a6633559e101f393f730c88c82f72d85adb70621553e54757a548f6ba54d3c7019b8b2711a9b3481b8235f69c00fc115b74e2d8531f02eb714c29838e43dfcad6471cec77f1aa798a764897fb65e9d730a5f27c2b71162496567f00f65bce13384a1e3fa953561e965f801e8384c407da08020ad31937fd4665e3a19f00fe1d519c1b8a79786555c490b9051f953ab018d0e3af937253e9ffd551483b98604856fe77ddf415bd04d497e41bdf602"]}, @ETHTOOL_A_FEATURES_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x27c}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}, @ETHTOOL_A_FEATURES_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4a60bce7}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x14f, 0x0, 0x0, @ipv4=@multicast2}]}, @ETHTOOL_A_FEATURES_WANTED={0x1dc, 0x3, 0x0, 0x1, [@nested={0x1d7, 0x8b, 0x0, 0x1, [@typed={0x8, 0x5c, 0x0, 0x0, @ipv4=@loopback}, @typed={0x8, 0x131, 0x0, 0x0, @uid=r10}, @generic="baa5a3df9081f04559bda2cf2eefa260b9346b2a9bb469722335249defb521700c88f8b5b58820cd7bca279528febd6a032132cc2b16c689d61f784408e0f2b595d8195a97c38af6613e0b68fc817c954edb7afd2882ac2154f7095872d72f8e46dd51c75de7bc8cdfc5f59e59d1452943443569019b54a2da7c7859fec89ea539127c03a3c8afec5a91711370578f244fb3a474092d1901cd25f7439f85abbdaa869bc61401626f235cf67aeb9bc76cf0a493cb48e5bada27914bc9786a72f388b8bc6550726300ef9132a50fdcbe811768a7", @nested={0x4, 0x106}, @typed={0x7, 0xa9, 0x0, 0x0, @str=']}\x00'}, @nested={0x4, 0x3b}, @nested={0x4, 0x52}, @generic="4c645eea47221889e4e8d2b46a086469f7044c1f93620fedbbfa1532216c704876909bbb2e6d1a74e3b60dce185bda45357559088de9b823fbeab99fc3666a88f6da71862370398ad824dd3a8ac4de88defe5951240d1ace2532f2269215158b5d67e099c144aeffb294f7550eca70c19ba36152d2819c4f052f82753fef9e3334cfcc94393ab0d45b5fdd7490c5e76b314fc2471bc374157c49157ab9cfaf4797b315f345d5b3bec22b808d5716496c78117d313611e94a32323f0942ff46e30af212e96c54edd0908d2f258524268d34523f22", @nested={0x4, 0x2e}, @nested={0x4, 0x117}]}]}]}, 0x15d4}, 0x1, 0x0, 0x0, 0x24000080}, 0x4001)
r13 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/bcache/register_quiet\x00', 0x401, 0x0)
pwrite64$auto(r13, &(0x7f0000000100)='/dev/sda1\x00', 0x4, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd14/power/autosuspend_delay_ms\x00', 0x140, 0x0)

1m42.17333843s ago: executing program 0 (id=2230):
r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0)
writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000180)="218914000000005a3500000a00000000000000000000c0399c8e25a8f7f7927f5889586569f11e3286ac9396ed1908acced0b98a034ae82c82b7dd5f93586c8baff689b8076209dcbfcf516e5469b94bc1103301cc5288d7f2eecbcb0a91598acfaa5b40cd437299b2e74df775b20d94df9082ede9c8d442034f5bd49d12f7f8d660da25d4ea1a61eebc74604d3f7a6df4f3ae765a72aa10d3ae99be82fb30ddd9c5ed92281b7b91b404d4f54410b9b09c9917b5d46f90aa4e224d692c20080f97f3373dcf7672fc3858c14864f33537228d3bb0324b0415d197ca68dffcc67c2319c3fb4f381dfb8e295414", 0x2}, 0x8)
mmap$auto(0x0, 0x4000d, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
ioctl$auto(r1, 0x4008af13, r1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x7fffffff)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/radio19\x00', 0x687c1, 0x0)
ioctl$auto(r3, 0xc0845658, r3)
r4 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x0, 0x0)
getitimer$auto_ITIMER_PROF(0x2, &(0x7f0000000040)={{0x3, 0x1}, {0x7e19, 0x5}})
r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000280), 0xffffffffffffffff)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001080)=""/98, 0x62)
r6 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x4, 0x0)
sendmsg$auto_CGROUPSTATS_CMD_GET(r4, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x54, r5, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r2}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r6}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x27)
read$auto_debugfs_full_proxy_file_operations_internal(r4, 0x0, 0x0)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sockstat\x00', 0x280, 0x0)
pread64$auto(r7, 0x0, 0x5, 0x8d)
openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)

1m41.392700816s ago: executing program 0 (id=2233):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1)
writev$auto(0xca, 0x0, 0x7e)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c1800, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7000000, 0x0)
r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000140), r0)
sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r1, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x4a3}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0xb13d}]}, 0x28}, 0x1, 0x0, 0x0, 0xaf56e265f3c428e0}, 0x400c0)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x7, &(0x7f00000009c0)='*\'\x00', 0xe388)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
socket(0x28, 0x5, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
write$auto(0x3, 0x0, 0xe)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)
setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x2)
socket(0x10, 0x5, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
getsid$auto(0x0)

1m25.943349529s ago: executing program 33 (id=2233):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1)
writev$auto(0xca, 0x0, 0x7e)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c1800, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x7000000, 0x0)
r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000140), r0)
sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r1, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0x4a3}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0xb13d}]}, 0x28}, 0x1, 0x0, 0x0, 0xaf56e265f3c428e0}, 0x400c0)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x7, &(0x7f00000009c0)='*\'\x00', 0xe388)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
socket(0x28, 0x5, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
write$auto(0x3, 0x0, 0xe)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)
setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x2)
socket(0x10, 0x5, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
getsid$auto(0x0)

1m17.572285148s ago: executing program 2 (id=2284):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1800", @ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)

1m16.062294417s ago: executing program 2 (id=2285):
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008)
r0 = socket(0x1f, 0x3, 0x400001)
r1 = socket(0xf, 0x5, 0xf)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x110c230000, 0x1, 0x9)
r4 = timerfd_create$auto(0x6, 0x2)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000000)={0x90000000000000, 0x0, <r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/178, 0xb2)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000700)={0x6, 0x5, 0xff, 0x6, 0x0, 0x4a, 0x7f, 0x1, 0x6, 0x401, 0xf, 0x5, 0x6, 0x0, 0x3, 0x3, 0x9, 0x401, "ca43a58b24b7199ea5fb9a7aa82302e7644dfc6421eef00dbd972516e6072461459c5ff4"})
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
r8 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r8)
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r5, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x46c, r7, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x450, 0x6e, 0x0, 0x1, [@typed={0x8, 0xd7, 0x0, 0x0, @fd=r1}, @nested={0x438, 0x134, 0x0, 0x1, [@generic="d2e3adb9e3a7e0ce791555674551245d7db0e11c40c27a6739369b4dd2bc252932649dc61868d12ff9e654270cfe145ddb584c47501433a8860bce21de5b2383a959ac160c3e2014f6664abb8c1614cfd8977136027f96d2b2d06d2146b55515df732c1f42c4258f06dd2da7fb867578fc57bb439790c5237b7e95e65eb1e718747334784e4f59fc289917f60c7d60d05758252dffe7a6bfe4f1ff6c3d6df9750df41c59b6ede0ae91b509a090ffada2e5174e85349e73461cb63a99b3f53d958860ac7721bb70f3e93c70c54eb18b31380bbc34d1ac", @generic="e6ffecc8bcb39a2f6500318b86ea6bca6fbb286456d12fc1d9201738f2f1d78dbcfabc7b455b61537d1120a5bdf1036a591a6b3caf8fa4fffcc1a99d434ad065d219c6b8580e8d0940650964dcfa5eb2e28ce45240e90b460c4b194f72ddeb307d276eefb3bf7433aa393240a71ed6f70419cb", @typed={0x8, 0x11e, 0x0, 0x0, @fd=r2}, @generic="9f9b6e3ebeacb7c759d51d4624124556b7f9034ea2616b39920a955c8f1032dff87e44fe46ad849e68548d94c837971139535362186358c41d204a7c29f89a31f7897f853290939b570680faf94fdce733605dec25222aee3c3b89b86b24660669d5dfea17775cb3a4f1ea7064fce27dcce04c9abcf3f3bf83a6cadb714e0f7e61a9ea38fdc01961038065ef56b5771632be316a4de6f834dc60a8f37b46b5b4215c3f11c516f8902f2d2558225c6f27e76c75942d95e38c199364c6f3d5cc4a841cb1af5f5c0f8d69e05f0b035c42426ae3cad2104f08e8", @generic="f1d0ac4a595aa30d2871e8d06bf222ee3174529e3d2a1f20c96e5406d14a6e3dbb9d433a7c9142eea36102f0edeb8912a46b109fe156507c8a7e81271f018f706b19e1386f881b97ca660a329a32785fbd688d248fba51ca8b4e5be02c257423ae73235a1bba93ff696f57836cbb846a0509400c6a0a8ffbb587b226654e2874a141aea5f2c6a68d7c2fea47baf41a6931b4f19ade02c0912281a73d802e2386d1ce16e3faf24015c5e80b4defe71dbdc1e8eeaedfd6bace1838e566d946f57fd22cc4afec2426da8a213ac7", @nested={0x4, 0x20}, @generic="46638a3face568bf0c189904b04719ecb6e906d77556032914a561fe8290d9e6800c91580150e04bd3c00fdd71d0e3fb5e973974b2d799f456267e7a1a33c3246163daa7f8af1daaadbaaeff91a831416f2b460a3ca488a9f84cd3de7b8d039740a44dc153bda3d85dc41e2cea97b686ef5a7b86d2e41c55be5aca44b59566b019d9e71dcaaf9fcdad1b4d99c2648afccbf579b7242a8eee6518e1b95ca4115a798ec9f729f8a929808d19ac0578cdba623f7a7f3b6c6f98b486045ceccaf52fdd9a23d9", @generic="f841e6d1925c47bfd8cf0646a6d4bcb74f0866271d4e45a32d2940d06a0f319ae7b98320a669553f01a8cc80bddfc6f0782209abe24d8212ffac4b2803e24f4ad56dea815d2d7922c23ba2162f319756ccbbee9666e4fde2d5e0a9a88a7d403174782324c2a86dc9d6a6996d95d866", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @typed={0x4, 0x9}, @typed={0x8, 0xc8, 0x0, 0x0, @u32=0xff}]}]}, 0x46c}, 0x1, 0x0, 0x0, 0x8080}, 0x40080)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
statmount$auto(0x0, 0x0, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

1m13.879199409s ago: executing program 2 (id=2289):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), 0xffffffffffffffff)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001900)=ANY=[@ANYBLOB="042b0000", @ANYRES16, @ANYBLOB="000227bd7000fbdbdf250a0000000800100002000000700115806901bc8019535fe2d9b96eca9b3542e751bb7513af45c70eb79549e6621db9d4719a1be79c25d8a5befafcb9da455471a285295c1d48fe8658f957f31839d4f7dc45de7105b8c541accdada32002aba7e2d8e2a79cc88f5fbe0339e2b98002f61b1c93bcc5934cbbd2ebc6ab91944c51e3aceb9a0f4aac244560bfdf5b289225f77f1c154b56e0a4009c2348a2381b30e0c5929de547e132356e56207edc6008912adf6b527a5581afe70ef1dbac0753a0deac37fc4e3e4f5411eca88b3e084fdd36803a1f25337e1db441919c0ca0ed6d78f688ca2b5ad4fa9323428049fab03be0b8f0b2444f3e9aabc7dbf5af8f91f01a213d6da45a0701f50a0cedc857c1e046f817aeb3aaffd0754ff0d930c02f6f00d9ef09ed1389094b31ba09ace7a769b6063c53955a79e447c05ae4a85f35f9ba3edae6e0a666475ca5a3c6215a5c28527cf60ed9d5ac970400128008009000", @ANYRES32, @ANYBLOB="040011800800b20010000000040006800400c58000000028040580af00dc80040056004f51569fdf6032876a3785b1794ce570446bbc540979f9b302debc3d2de2c10c694d41eb5fb432e53daad8608cc6b32de50a266e340ea052675aaba2f1aa4fd70e9424813f9a900dd3da41422675d94abd65c57993bdad7647bc0f6652581bb568112a803ddf4899cdff7dce6050fe5949ee5b08001600", @ANYRES32, @ANYBLOB="0700f4002c280000040033800400978014004f0000000000000000000000ffff6401010108001800", @ANYRES32, @ANYBLOB="00d400f280cc000e001f75e24af5f8cf0dc6c45b31c1cc0052e6d853f47cfe16f0c0a35256fb3cf1ae2a0c57cdcbf6640ca2de0a68c388d29f5f5a9db39e0104df66fdf1ed2edfdfd1a696651aac00f8df6826bbbf10e992c0ae6321024f699d7d9db1a277ec405c7e8ed8e061e4c7e9ce657d2827f3e5ff98b8f12c94fcfea0025ef80922e107b24b683a1c936123c04fa94baf952aa74ce9871171386a435f8d2fdaa5d91d9ce861cf98c205b58f73d3a896cf8329efc477f532ff75831f9f1d2feaa2b247c9234a3e82fc3ad71bfdaa040082800800380002000000080041800400c28037012880517f86a2385b23ae0213e6f24115c850255fc427b76455f48a7a80986ecc06464a0c1adbf3376f702c55b476921b7e8b8f5c1402ac9ab03d507a8a580fcbbbd75a37c45432882507ff45bb447dcbf3039d3d1e59d1f45a6cad95f47f11000400b3803600b0002f7379732f646576696365732f7669727475616c2f626c6f636b2f6c6f6f70312f696e746567726974792f666f726d61740000000400d18008005100040000000800e8", @ANYRES32, @ANYBLOB="04005280246b7a"], 0x2b04}, 0x1, 0x0, 0x0, 0x1051}, 0x44844)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r2, &(0x7f0000001c80)='\x00', &(0x7f0000001cc0)={0x23, 0x3fffffff}, 0x1000)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000001c0)={0x20, r1, 0x301, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x9, 0x2, 0x0, 0x1, [@generic="646bc0214d"]}]}, 0x20}}, 0x20000000)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/038/001\x00', 0x82202, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000000)={0x20, 0xc, 0x4, 0x0, 0x2, 0x8000004, &(0x7f00000000c0)})

1m13.492844841s ago: executing program 2 (id=2290):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e2, 0x91)
ioctl$auto(0x3, 0x89e1, 0x91)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

1m11.925750668s ago: executing program 2 (id=2294):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3)
socket(0x10, 0x4, 0xffffffc0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0)
write$auto(r4, &(0x7f0000000100)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~15\x9dv\xb2H', 0x81)
write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
fchdir$auto(r3)
mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0xffff)
inotify_init1$auto(0x3000000000000)
socket(0x2, 0x801, 0x100)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
socket(0x15, 0x5, 0x0)
rmdir$auto(&(0x7f0000000300)='./cgroup\x00')
close_range$auto(0x2, 0x8, 0x0)
getuid()
socket(0xa, 0x1, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x80883, 0x0)
select$auto(0xf, 0x0, &(0x7f0000002400)={[0x1, 0x400, 0x0, 0x8, 0x200000000000027f, 0xe0d3, 0x4, 0x17c750d60, 0xfffffffffffffac1, 0x106, 0x8000, 0x8000000000000000, 0x0, 0x10001, 0x2, 0x24f]}, &(0x7f0000002480)={[0xf, 0x5, 0x8, 0x4, 0x6, 0xffffffffffffff7a, 0x8, 0x45f6c183, 0xaeb, 0x3, 0x3, 0x8, 0x8000, 0x2, 0x8000000000000001, 0xfffffffffffffffc]}, 0x0)
socket(0x2, 0x1, 0x84)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1m10.848852833s ago: executing program 2 (id=2295):
close_range$auto(0x2, 0x8, 0x0)
shmget$auto(0x400, 0x10563, 0x568c12f2)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae44, 0x10000000000402)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0xbffffffffffffffe, 0x0, 0x8000000000000003, 0xfe, r1, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sda\x00', 0x5cf642, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r2, 0x8000)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129e01, 0x0)
ioctl$auto(r3, 0x9210640c, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40005, 0x4, 0x9b72, r4, 0x28000)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
msgrcv$auto(0x0, 0x0, 0x3, 0x1, 0xf1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/o2hb/failed_regions\x00', 0x218080, 0x0)
r6 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r5, 0x5609, r6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_expire_count\x00', 0x40a00, 0x0)

57.729329279s ago: executing program 5 (id=2318):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000100)='.\x00', 0x591082, 0x408)
r0 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r0, 0x0, 0x400018)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c00, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/fail_page_alloc/times\x00', 0x2, 0x0)
mknod$auto(0x0, 0x1081, 0x3)
creat$auto(0x0, 0x1000)
creat$auto(0x0, 0x8d00)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)

57.236010488s ago: executing program 5 (id=2319):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xd8502, 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x81, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x5, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
write$auto(r0, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
keyctl$auto(0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
madvise$auto(0x6, 0xc, 0x1a)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r1, r1, 0x0, 0x200)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
r2 = socket(0x28, 0x5, 0x0)
r3 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000100)={@_si_pad}, 0x5, &(0x7f0000000180)={{0x967a, 0x7}, {0x1, 0x1}, 0x8, 0x5, 0x8, 0x8, 0xfffffffffffffffb, 0x4f, 0xad0e, 0x1, 0x0, 0x4, 0x7, 0x7, 0x5, 0x9})
r4 = bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000000)=@task_fd_query={r3, r2, 0x3, 0x8, 0xb06, 0x100, r2, 0x800, 0xb}, 0x6)
fallocate$auto(r4, 0x7, 0xbb2e, 0x5)
connect$auto(r2, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56)

53.717935716s ago: executing program 4 (id=2325):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x0, 0x0)
select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0x4, 0x9, 0xe, 0xc, 0x3, 0x3, 0x1ffe000, 0xcb1, 0x1, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x2]}, 0x0, 0x0, 0x0)
ioctl$auto_TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/vicodec.0/modalias\x00', 0x40, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000380)=""/11, 0xb)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0)
sendfile$auto(r1, r3, 0x0, 0x4)

52.415894771s ago: executing program 4 (id=2326):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xd8502, 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x81, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x5, 0x0, 0x2, &(0x7f0000001100), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
write$auto(r0, 0x0, 0x48da548d)
keyctl$auto(0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
madvise$auto(0x6, 0xc, 0x1a)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r1, r1, 0x0, 0x200)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
r2 = socket(0x28, 0x5, 0x0)
r3 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000100)={@_si_pad}, 0x5, &(0x7f0000000180)={{0x967a, 0x7}, {0x1, 0x1}, 0x8, 0x5, 0x8, 0x8, 0xfffffffffffffffb, 0x4f, 0xad0e, 0x1, 0x0, 0x4, 0x7, 0x7, 0x5, 0x9})
r4 = bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000000)=@task_fd_query={r3, r2, 0x3, 0x8, 0xb06, 0x100, r2, 0x800, 0xb}, 0x6)
fallocate$auto(r4, 0x7, 0xbb2e, 0x5)
connect$auto(r2, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56)

50.262365763s ago: executing program 5 (id=2329):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e2, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

49.262960618s ago: executing program 5 (id=2330):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)

49.247538266s ago: executing program 4 (id=2331):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x1000, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0)
r0 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="010326bd7000fedbdf0400048000000070fe2f1ba4b52ea544ae937253365dcac30dd6a06fd8f882ce4b6f9bb26ee2c9a2147ff8130cc97c00959c176c913fd637fea19e939e705730efd8270f55e917c74d98035cb9da4ea37f9048390e779f594719b2be00"], 0x18}, 0x1, 0x0, 0x0, 0x24000874}, 0x8c0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b70, 0x0, 0x0, 0x0, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x2, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x4})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x10000, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r3, 0x5453, r3)
getrandom$auto(0x0, 0x8, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd7\x00', 0x80000, 0x0)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8880)
remap_file_pages$auto(0x6a27, 0xe, 0x758e, 0x3, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf, 0x2, 0x8000, 0x3000}, 0x4)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)

48.859626471s ago: executing program 4 (id=2333):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceProtocol\x00', 0x12bc00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/203, 0xcb)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x10000000000002b, 0x0)
ioperm$auto(0x2, 0x7fffffff, 0x9)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/net/ip_mr_vif\x00', 0xb00, 0x0)
pread64$auto(r1, 0x0, 0x594c, 0x9fffffffd)
fsopen$auto(0x0, 0x1)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r2, 0x6)
flock$auto(0xffffffffffffffff, 0x2)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
flock$auto(r3, 0x1)
ioperm$auto(0x2, 0x6, 0x7)
mbind$auto(0x7, 0x9, 0x2, &(0x7f0000000040)=0x4, 0xb3, 0x4228730d)
close_range$auto(0x2, 0x8, 0x0)

47.8554515s ago: executing program 5 (id=2334):
bind$auto(0xffffffffffffffff, 0x0, 0x7fffffff)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0xecc6, 0x0, 0x7352, 0x2d, 0x200000000045f, 0x6, 0x7, 0x3, 0x2, 0x9, 0x36e, 0x6, 0x2, 0x3000, 0x9, 0x8, 0x10003, 0x8, 0xffffffffffffffff, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x100000001, 0x9d8d, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x9, 0x4, 0x0, 0xffffffffffffff00, 0x0, 0x0, 0x3, 0x3ba0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0xfffffffffffffff3, 0x0, 0x0, 0xffffffffffffffff]}, 0x9, 0x11)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x5f, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
memfd_create$auto(0x0, 0xb)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'ip6tnl0\x00'})
rt_sigqueueinfo$auto(0x0, 0xc74, 0x0)
r2 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r2, 0x0, 0x5, 0x100)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x489, 0x400, 0x9}]})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(r4, 0xffffffffffffffff, 0x9)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000500)={0x1c, r5, 0xb81, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_BEACON_TAIL={0x5, 0xf, "9a"}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0xf000)
sendmsg$auto_NL80211_CMD_START_NAN(r1, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0x4000010}, 0x48004)
clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff)

46.45658964s ago: executing program 4 (id=2336):
mmap$auto(0x0, 0x200006, 0x3, 0x40eb1, 0x602, 0x300000000000)
r0 = socket(0x2, 0x1, 0x0)
setsockopt$auto(r0, 0x6, 0x1f, 0x0, 0x3d) (fail_nth: 6)

46.382171565s ago: executing program 5 (id=2337):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e1, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

45.828248963s ago: executing program 4 (id=2338):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e2, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

31.037230711s ago: executing program 34 (id=2337):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e1, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

30.472185155s ago: executing program 35 (id=2338):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e2, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

18.464961004s ago: executing program 1 (id=2356):
r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x8000, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x280040, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/018/001\x00', 0x200100, 0x0)
ioctl$auto_USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f00000000c0)={0x729, 0x3ff})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x48, r4, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0xb2}, @THERMAL_GENL_ATTR_THRESHOLD_DIRECTION={0x8, 0x1a, 0x6}, @THERMAL_GENL_ATTR_TZ_MODE={0x8, 0x9, 0x85}, @THERMAL_GENL_ATTR_TZ_TRIP_HYST={0x8, 0x8, 0x2}, @THERMAL_GENL_ATTR_CDEV_NAME={0x14, 0x12, 'veth0_vlan\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000280)="7b83b42cf7", 0x5)
ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f00000002c0)="a8c78dc25c766eff6cff09362d0688d9cd2201011918aa0dc08593c93a3bdcf30a6f6c648f48090258c91604cfe002561b50f9a432330a4144e19236ed59a884250613dd3baf63b748a12a22b13f3befe468ba813272d83b00b239b5a91f3e52109681ad4b2235cc47337183b0eb3f43a17a1f5562a45b89d1c624ec6e572e781103b11aa886db3d944c5423e0935a65b61827af1a78cbb082c84cfd81df5fb6e9009f18e963d8c4fd2c32f994172bcc7ab434e98a05b87f4e6841fa636d6dbff3a3878d56301c4fd7c3afa24db76b9627db8a6d5f76302cf185b6030bc2c4ac1fdcc6d7619e126af1fcd8fb79857d")
r5 = seccomp$auto(0x6, 0xfffffff7, &(0x7f00000003c0)="9cbd89a2c5b2bc3a250e7ff8c740d14f2b3ee0dd793b2f8d7ca717fc6723299f02a5176b97ef4cc1a1019a2f06ce4499beaf581b3131979e8741cb7787ac69b06651bb2d327aef270f5c408cebeecb5dde5bdc6fd477c6fb00350e10e69f3e80df569fcaa3ee99683877a501ea28bcd8c80a0c72e08fa7b4542d3fc22e43b2a953c62fb15b869b0ae05fe257c341fe3375652ad8d66d73abeb719892f7787a04929e3150a113404a16e578d99bd7baa9cc043e2c0f63588bc5cc1ef6df05fa61f07827a3547b085b2ce170d6f84f4081f9c8901194c30acc236cc7cfbf069267b051943f7d757773d60683ccdf890336c634f228f1771eb19ac16bca14a2ee48aa20542beeb14af67a40e5116528ff70364547c5de17703b088127a3c1b06a01c72e55f8f324d9f966bed65ab768d7efaba814f63e2c15651c324b8c961cf35ff9c42bdcd05e2850c813a306f43b62ebacd75fd3d72222b6b4d1b8b6faea5aca671589e3f7ae45e8fc024e26bbf360c313a990daa797f909d59d07ee0aec8186eeccdaed7536abf7aef96072cd7088933b89b48959e0aba21dbe9b91ba7a8aa05d97176914c652dc666da40a6a33792d3e4847518ff323d6ccc3309b0e681fed1a4fb42a6c5304d3ab1b2ec25169d7c186dce77ed1cc8c0c0d4789f7b236e38dd51ca9246cf97922f4d3863f9b70885ab3aed2749e345e7713eff0e6a5a4863068c0c90954bdf2d2e5844b718394f0568aa483c198ada5ee7d0796152eb4ffc21fd892fe31743f4bc576e19dd3eea1efb8cb3918bca044b6c03e20756c2159d4c7a6219a73a7b222f26436bf2658b0e785304a8448dde5f669b70d7804c63effa836792586935c47c534ca80f7cc39850847f3031e273bc19014feb64ae49362692b1528c9f3589a0a70cc0ebc4e86403647e80c1e0cd532397a70e71e3620eee4f6b6e6034808bafe5d4a867f85d869fc3906ece1dac15311747e8baaa8b35883de12eb3f295c5c4d71c41bc3cb40e7f827c194ba13075900eade5d0603122a87b58d43056cd66d6cef9e4d39b06958f300f58091dfa564948c657eb816751bf9e5ff7388df7f755c8cc88bbe5f4d5334a7ecd96dad49b79f047a2b777ef6e1cfb247d83da108d1cfeede8e646e35f98bb0e926c13b4163b78c46a1a3665552404c0bb78d33141bbd440b00fe70582009b9cf131192594de45d2f4b6115a15a07d95c383593d360364fc872a103377544effb583cf6cf65c9ecd78b3061cd01b45e3fe728f821a280676fb51e22d33e0a7e225354de5974cd55fc632aafae7f046123b86a475c9e46dc8065238121ccc644ca8e0826ffbc8cb7144570d9503f7e851cfe9a26c3be55609b397e0a6cc70214b8ba82393232f9555fce0845522fb4d31537cb650ab652615dabcd8f964db43b3ee723b10ff42b078058c7c351c6f00a690946e4bb0bd23997cfb13143b46441368e67acb54b388d27d7f3de4d68a3e8d2582c7280f5d3cec7cb944e3f7cbdb63019a4caad161859e690c448fc0b1534d555203a5d35363ecce1112cc1090012c1a9ebecaa270aad2bb0a485a0c1e1d2c323d104653fd230ceb2df526c2bfe8b9bf5e6db815168cc64f727a0c6574ed6ee2ccd7c4294dbaa8aab79d25086cded76fc876daee1e0a0dcdcd778f69be52c1896fb07014bd9041423bbdb9633b04fe56b954f3dc6555355852b6180ca0240695122656ec4f056380c11aa5f598771893a25d6e753d35416e51e126dd6f2173c82aedbd43ca2c6631b1d8e8588769cdf3344a1974430c3497be1ed7e7b446b22422f2b6c0e52768d00dea02c4e00f7f64be40837cd8050c441786589c792762d76b7c40803bdfca8eba334c54690657d8c6b34cb80e0b22bcecea679c7324bf936857b371905b6a61f412ea1ef0b0ab56635c69ff1c19cbc84f88748baef008649886b6107b3d339ea0ff2d9d568cdab31d01bbc05444c5b4531d5333bdd4663d896efac513f465bc9655c99510838fdaf670edffa21214b2e11cf2491d2d8a5032f9b886b26eba1db4d2f99ff54b43f2a285555e6a9085076385c359e0c0d881bff69af73151ec6f68962d7c4bafe99a648f1ca37b1c8e1696ddfab13b7c758b132477968bb43093508f2507854156b91610850a1919f298dcbcb0e8ae99954497aa03fde21b1286cfd03ba44bf0ff92b692ee8f8c666bbfeda2edfabd41cf69171a8c78d2d1c89434ce52c8cdb4a31afafe9f601581dcbb030f5637a19a59c48f276ea1ee23d5df95d65f42e0371321de7956f6320860f6de293f492fa7514fb4bf1d1712b596c6db53b3bacfc258eeef53eb79994dbab2dc85d5a7cbe3b26d7a350108fd40b17f0947152f1f10e5f08a24405c5aa26d620126268af86dd8e1deac5441638ee035d5ad2d825a4938191efdac39319519c4561edf07ad118d8112e8e95271678bb2fc8a4883429a7026ff681ba18407a15ee974fb9259ba82a66228b86a6e23b745b3bbe6578012ec3e01ee1285908981fe0adfe8d36a56cab6699635429a6a6c2e56861febfdacf05ea99b8679432773653ce7dcdbc8529601c90d7f3d94efe72cca83988671c5d571c6858fc9be14402a755b9bb1fa318ccdf8b832698c7bb39e83fb57dd916f8d9e0e989bb1ae12bb93fe6dbe0399925b3624853a3c1d9ae86ed0d0fe1f48af0c0f90483bf52c2ef9ae5d23f03cd23299c46b2fd4174963cc64e618ea3ebe13bc7920c6fd1f04100d9e6960e38843deb44e583da5e0b7c5045184eb45173b93b43c3e389b706b3f472fce4a38dc7252bdc0afc51e27766533cac373ac359477d49a92cea94d97372beec05fce0657a8d80995ea3d2fa5e9c447b4b31a1c15d985892750285a7c82e6a852a604f3851a631f37ca64d4f45aa736c1046fde1ebe597d4bcee49fd31f61cfb429eff0bcc62ea0454492c7db3f86ebfb6a54187ba1ecfa90d5b0fa5a12f67e0ac544d3f2f750f8a63e1c0b7deea790a9aa63210340ea92ee7db25b838f14904b44e4067736b4253812967dccb0998b642a11fa04893511d91304b692894ac611cedbab511808231a1cc10ed6f4b32e6caffcbdf1854d94c30a9ff9a9161edf643c408bc907d84b908f68db42e9ff9364c8a3d3cf56f082b7af23d7f918bbe28ab43474be9ce378fb5b5fbe25f1f622838204f89edb419d249b3ea76521180050992b781946e54ecfa3d7a68e48b62535d57edd274d99523dd64687c2135bc57ddb3e0279eebb54258ba19be95cc8bc5580386f4cbd23721ce403a67a1e2efd55a01c1cffac4f6c56251156076ed26e5a0cad229b3ced2e1860f616cf8c8e7050e70cbdd2fe585f2349302f2e1158aa39e11cd4f6df3562d6b8c3bc94ffecb270827dcd77ddf7543913b04cb5efbd6b266b30d1a367855db0be8be9953025d66330f5da4caa9afe1f5850999689a61559ba455d712689cea8a9e67f13171f388a0861e6ff7e53464d05742c655ca4a2dacc19d1fb56a5d6e43c4116fe0e7dee0112dc4d762a9d2517e1db4162d1878cc378c38d13ca9c83c127408bdd2fa0435683bee73b38afbcccf8a2881b3185fe193ac7d98bd5b00615ccc2dbb68be72f96296dc2abdb8be19fd3c70e4cd664d0b0b2e279a63e2af99cc0fc0cdb208c87068e6cbac1fa8dd3472b0b7a0badd8e26101e5a094c436e22aff72a89d334d92be180304cb733683084580abf093d443236b03128758777faf5ba3bca214b9bb504ee491ef59fe6d2d4b9db8173c36bdc6e0609c8bc14b33131da3936c17bf6185066beda7d217daa2438667192c1c1130c759618c29952bd3d052aabc9d07b0da9e8e4844c21f300cc4b5545dcab7b8d2ed296537da1131b3ff50f7ab79fcffe7bec28118af8bdde98aba0dc79789e208131cd0c6ab3c66382ca87dcabda7994baf1424952bedb6a082361770905e0cf34341a06c88cd62b75ce25bae2a00fa3a69c690e1542150957ea805b5b62f4be849fd2d29ac6e4380c3bbb01708b8ef84e527a10699a72644fc7f220ed15310091b870b860387b26e85d260ab23ae297b8c79fee77a130685f295f0f1535873783cf52a4254d574695edd52bf4c59421e517d7d0142bcacfb40f78d197ac10f4b88be215f12dc1b5130e207c636398c5dd2fd5038cb2d91683473baf23e76097e3228f71a84f0203b985a45f3a7ac7d084d753c6fe488c87513ff70bc15473191e76375278a34f5e8c0715a444a8d384b40ba91332f3e4a45743c16e758e5135b189075e89e0d3c9c75645f3dfd7dfd230dfd697b51a94bce88c64ef770c2f14380fc855b2efa96608701593e8fc8d815553a312ebfcf0a783b7957b852dcdbb6444bb1e7873b159cd68596143394206eb4876347b6c186356c052e81ae858c6858724b7b931d685d95784c41af24a993c7f2b23435b054ab111ded923121c764436605d4a77028c348de5c7ce882fe9cd60fa105ce466558205d2a29242d1a0500cb13ab3c3c596df75dc2bda5f1d79db833701bece623365cbafdb5af189a9e437382146fad5890daed10ee3fd134118136f47a51180875cc445ad9c7facfd80b6ffc84d764282418d0a18565c09780768952df15f76241868888968af84428abed36528e625167f907a82e96ca6a19b7063847f078af8012ec8d8b5a0eaeb48c6f8993108d8d2c113382dbff21ad8fd1d941577a5ef75b15db5f13f648abc53eca621b3ff182f9c92324c1a542b49a88c554517365249046d45d2d9e15ac338b954e1e842d09a2dde9cfec3947d12b7c7d17675959bdfa83bcf8ec9fac17ece5685f4af19877a19d7cbc17a33b5c212ad44769f60815976b5e94029c246b389a03294d7411d72903d07422e213a20f2cb1c1ad52628145dd195c9400b60af314b3c973a39f54b918cd562163c8942718326b0c2776335b36cbee6446b3597106ab79594fc57157431ef3a7330a09114588613f31746f792b95ea1c56751c203e97e865bb214893339e4ebec0175627160c1601801fca85dba3f9e6a49048ac42be20cd4820a447ea68d03527c716ec29b8cf6e1be902912b91ef981330b394f356f0cb8c6047c7cc702fa9a13e93fc7fd00d81498a46f735d00a7db6c8addd3afebde26ea0019a04a6124a9b8b38aa30e510afc7dfeb92791cd130af2a8b622801c83651ffba44fbdcfb78a567c17d1726971f0a0c00b31ae5250ee48ee1a06cdccbce950b94ec2d0162c7a6cc932fbffd5ae01efa47332e326212b87e7bfa71682d64bacab016ce295afbc8aa59c2e5d6f7ff33f84a75c6f66f97432b2cd78d1e17027c50498c299348c6e735502f80a7b1479fb51d91b47d4817c45d1f19ec6933ad7b8ae256d6ee53801e3e02c453aeb3c55bee67a54e2143fdd76aa5999aa81085bed8b0a572ec9239b7e8a1c9d3372871d54096608c4542a82fe7af225c263da6c2341d2b61cd175568bab13a1e463606c2feb1de405506aa91f5573fd9b6328bf39ae24ffeee0ea14820d264e36346be5b1e30248682217c594a4fc519ba78313d44fc0cc5fbf8c0525cba6d3b79593295495ad0205af0e1c1512cf0377931c7108d05d9d64fb6ca51a9297a65b13e3f33c9abebc07a2f00ed53001ec50e1bdf0d28ad252cfe1e9b6a8999f87788df86ce78b533d3b705eaa7d0973f3b4511e997bb99d7e2731e12c2af5c47abd4780d0a81e7b4eacda5e4fb526dea32a9f5255966de216238903a3b765c3bcbbe06861ffcd0cf7023825446292127881d225764a0977072a442a7b66b91bdcc05a44")
write$auto_kernel_debug_fops_orangefs_debugfs(r5, &(0x7f00000013c0)="7715150d8ed1169b8754c80784756a7e98f8fec85a23908f4aabd657f2b31bd38b15be97dda74daffd206bbe1380b81e56c9f13d6b1e81c7d4bffc7b2abb", 0x3e)
r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000001440), r5)
sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000001500)={&(0x7f0000001400)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000014c0)={&(0x7f0000001480)={0x40, r6, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x80000000}, @NFSD_A_SERVER_SCOPE={0x5, 0x4, '\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x10000000}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x4}, @NFSD_A_SERVER_SCOPE={0xc, 0x4, 'thermal\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x100)
r7 = socket(0x1e, 0x4, 0x10001)
pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r0, 0x800, &(0x7f0000001540)={@_si_pad}, 0x2)
ioctl$auto_BLKTRACESETUP32(r5, 0xc0401273, &(0x7f00000015c0)={"140c0139ee8cb2f4b0eafec06fe701c664faf265e76d24b95d2e3432edbe3082", 0x7f, 0x8, 0x0, 0x8, 0x6, <r8=>0xffffffffffffffff})
kcmp$auto_KCMP_FILE(0xffffffffffffffff, r8, 0x0, r7, r1)
syz_clone3(&(0x7f00000018c0)={0x0, &(0x7f0000001640), &(0x7f0000001680), &(0x7f00000016c0), {0x3b}, &(0x7f0000001700)=""/87, 0x57, &(0x7f0000001780)=""/198, &(0x7f0000001880)=[r8, r8, r8, r8, r8, 0xffffffffffffffff, r8, r8, r8], 0x9, {r5}}, 0x58)
socket(0x2a, 0x5, 0x3)
r9 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000001980), r7)
sendmsg$auto_WG_CMD_SET_DEVICE(r7, &(0x7f0000001c00)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000001bc0)={&(0x7f00000019c0)={0x1c4, r9, 0x0, 0x70bd26, 0x25dfdbff, {}, [@WGDEVICE_A_PEERS={0x140, 0x8, 0x0, 0x1, [@nested={0x20, 0xaa, 0x0, 0x1, [@generic="4f50e352f3afef343f012b28ffa592b20bf13aa7c1773946", @nested={0x4, 0x32}]}, @nested={0x29, 0x53, 0x0, 0x1, [@generic="cf4c14bd0dd20b857102374595", @typed={0x14, 0x29, 0x0, 0x0, @ipv6=@mcast1}, @nested={0x4, 0xe3}]}, @generic="f624c65a12049d73d4fe52abb2c85702ca3ce33d571a1b22206bfdb6b03664a17e0803dbc7eb3e4d1172ac56cbc47018b7bee8bb3865b9a877e084ea11e0129e740fa0c828e4b3558f01400412b1eb29426a646cf970c3e1743703925418bf8993e00b3d1566a3c39da3212eacc1d373c25b1f164e3222fa7c92dff860c3a651d1143bfeaa8acf2a14cd9d70b9fe7f307b5293025abbe049a2825a4f66a07c714a675ba1820795434e9b03c5f4c909e5410538796c274f85f66965118c22094b0a6b07d60a23c9a0ef12e797b8e3107ea1ee03faa8aa7fca117d615b54af169b5d3d6f467d21ce3f34168372cdfdea58"]}, @WGDEVICE_A_PRIVATE_KEY={0x6d, 0x3, "a01f120c4ea4cc6d72cce9f1d536d5cdf000be6711ce13244c3b5d709fd3862734f251bbac624b8b51997319fd5efb2bad050a7d2c79b0ac43650c86d7b8f23e06afa3d9ca150c91feabc11ae7b27a6d0ec06d2f41e1e169de389c74fe14d6510ddc504800ed888966"}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4050}, 0x20000000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001c40)='/proc/self/fail-nth\x00', 0x800, 0x0)
r10 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001cc0), r1)
sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r2, &(0x7f0000001d80)={&(0x7f0000001c80)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001d40)={&(0x7f0000001d00)={0x14, r10, 0x800, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x26000040}, 0x40800)
r11 = openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000001dc0), 0x3a1002, 0x0)
sendmmsg$auto(r11, &(0x7f0000002080)={{&(0x7f0000001e00)="4429461326ea3ecc89f68acd8dd24676f91e2797035a40f85bdc1409ac1f6cca78c2c2185037ff21ae7baba20a0c262493e27c3e21e1a200cf4efc760be094d4290d8f396d18a85759d45c62cf111974c5e2dba2f3b3b5df8b31a658e0704bf440912f1dcd18b73c414bdf53df505ff2dcca8ca01f7fc803fff0c4f807b4ddb74df09ff963c4aabdf4d6591dcf2e0100becc4022da4f", 0x3c5, &(0x7f0000001f40)={&(0x7f0000001ec0)="618a016dfcb9bb05c33d3ea38dd20c3c3d8cdef6de0f271fb0b44c9672a557198f3a0b1936962325a606755efdbca14f0d0afd959559e4b5bbd2b9ca441bff1b4c", 0x5}, 0x800, &(0x7f0000001f80)="951e61df03ffa48f9a4bb07da838180a952a0ff9b9629a9cd6171d7086caed32a737333b2eabdfcd4f4b2be48ec8357dc6410b9c89f257095693b81a845029413b0aacd8468b1d35ea791ed7aa95bc76c644a5eecbe2ed4f15cdb83fd1ade0ae84d5e874a007803df593b644fc3655384d66179d88053f3e0678fe4aa3b6dc9cf8fa4b0e5b977dc4faa14ed2b60bd18e66a27fa357b62c11c7afc00aabab8121ec77ba20e1da452d89f5914a5731a6800fdc0e14400f62d8674f083b14e86d5185306178f282459c879255c6c6b3571b8b2630073fe289c5482d2ffc30c594171e168f08edd6c48cf86c", 0x1, 0x4}, 0xecb5}, 0xffffffff, 0x1)
r12 = ioctl$auto_TUNGETDEVNETNS(r5, 0x54e3, 0x0)
r13 = ioctl$auto_TUNSETPERSIST(r12, 0x400454cb, &(0x7f0000002100)=0xd6)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000020c0), r13)
madvise$auto(0x4, 0x7, 0x10)

18.332928262s ago: executing program 1 (id=2357):
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008)
r0 = socket(0x1f, 0x3, 0x400001)
r1 = socket(0xf, 0x5, 0xf)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x42100, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity\x00', 0xe0182, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
madvise$auto(0x110c230000, 0x1, 0x9)
r4 = timerfd_create$auto(0x6, 0x2)
ioctl$auto_SW_SYNC_GET_DEADLINE(r4, 0xc0105702, &(0x7f0000000000)={0x90000000000000, 0x0, <r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/178, 0xb2)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000700)={0x6, 0x5, 0xff, 0x6, 0x0, 0x4a, 0x7f, 0x1, 0x6, 0x401, 0xf, 0x5, 0x6, 0x0, 0x3, 0x3, 0x9, 0x401, "ca43a58b24b7199ea5fb9a7aa82302e7644dfc6421eef00dbd972516e6072461459c5ff4"})
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0)
r8 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r8)
sendmsg$auto_NL80211_CMD_SET_CHANNEL(r5, &(0x7f00000006c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x3b0, r7, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x7}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x394, 0x6e, 0x0, 0x1, [@typed={0x8, 0xd7, 0x0, 0x0, @fd=r1}, @nested={0x37b, 0x134, 0x0, 0x1, [@generic="d2e3adb9e3a7e0ce791555674551245d7db0e11c40c27a6739369b4dd2bc252932649dc61868d12ff9e654270cfe145ddb584c47501433a8860bce21de5b2383a959ac160c3e2014f6664abb8c1614cfd8977136027f96d2b2d06d2146b55515df732c1f42c4258f06dd2da7fb867578fc57bb439790c5237b7e95e65eb1e718747334784e4f59fc289917f60c7d60d05758252dffe7a6bfe4f1ff6c3d6df9750df41c59b6ede0ae91b509a090ffada2e5174e85349e73461cb63a99b3f53d958860ac7721bb70f3e93c70c54eb18b31380bbc34d1ac", @generic="e6ffecc8bcb39a2f6500318b86ea6bca6fbb286456d12fc1d9201738f2f1d78dbcfabc7b455b61537d1120a5bdf1036a591a6b3caf8fa4fffcc1a99d434ad065d219c6b8580e8d0940650964dcfa5eb2e28ce45240e90b460c4b194f72ddeb307d276eefb3bf7433aa393240a71ed6f70419cb", @typed={0x8, 0x11e, 0x0, 0x0, @fd=r2}, @generic="9f9b6e3ebeacb7c759d51d4624124556b7f9034ea2616b39920a955c8f1032dff87e44fe46ad849e68548d94c837971139535362186358c41d204a7c29f89a31f7897f853290939b570680faf94fdce733605dec25222aee3c3b89b86b24660669d5dfea17775cb3a4f1ea7064fce27dcce04c9abcf3f3bf83a6cadb714e0f7e61a9ea38fdc01961038065ef56b5771632be316a4de6f834dc60a8f37b46b5b4215c3f11c516f8902f2d2558225c6f27e76c75942d95e38c199364c6f3d5cc4a841cb1af5f5c0f8d69e05f0b035c42426ae3cad2104f08e8", @generic="f1d0ac4a595aa30d2871e8d06bf222ee3174529e3d2a1f20c96e5406d14a6e3dbb9d433a7c9142eea36102f0edeb8912a46b109fe156507c8a7e81271f018f706b19e1386f881b97ca660a329a32785fbd688d248fba51ca8b4e5be02c257423ae73235a1bba93ff696f57836cbb846a0509400c6a0a8ffbb587b226654e2874a141aea5f2c6a68d7c2fea47baf41a6931b4f19ade02c0912281a73d802e2386d1ce16e3faf24015c5e80b4defe71dbdc1e8eeaedfd6bace1838e566d946f57fd22cc4afec2426da8a213ac7", @nested={0x4, 0x20}, @generic, @generic="f841e6d1925c47bfd8cf0646a6d4bcb74f0866271d4e45a32d2940d06a0f319ae7b98320a669553f01a8cc80bddfc6f0782209abe24d8212ffac4b2803e24f4ad56dea815d2d7922c23ba2162f319756ccbbee9666e4fde2d5e0a9a88a7d403174782324c2a86dc9d6a6996d95d8664036014bd7419b", @typed={0x8, 0x50, 0x0, 0x0, @ipv4=@empty}]}, @typed={0x4, 0x9}, @typed={0x8, 0xc8, 0x0, 0x0, @u32=0xff}]}]}, 0x3b0}, 0x1, 0x0, 0x0, 0x8080}, 0x40080)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
statmount$auto(0x0, 0x0, 0x7, 0x281)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

17.92116485s ago: executing program 1 (id=2358):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3)
socket(0x10, 0x4, 0xffffffc0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0)
write$auto(r4, &(0x7f0000000100)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00y\x113!\x05\xa7\xd6M\xce\xd6\'\xdf@\x9f\xf5 \x8b_hw\x8em\xd0\b\xe7~15\x9dv\xb2H', 0x81)
write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
fchdir$auto(r3)
mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0xffff)
inotify_init1$auto(0x3000000000000)
socket(0x2, 0x801, 0x100)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
socket(0x15, 0x5, 0x0)
rmdir$auto(&(0x7f0000000300)='./cgroup\x00')
close_range$auto(0x2, 0x8, 0x0)
getuid()
socket(0xa, 0x1, 0x0)
select$auto(0xf, 0x0, &(0x7f0000002400)={[0x1, 0x400, 0x0, 0x8, 0x200000000000027f, 0xe0d3, 0x4, 0x17c750d60, 0xfffffffffffffac1, 0x106, 0x8000, 0x8000000000000000, 0x0, 0x10001, 0x2, 0x24f]}, &(0x7f0000002480)={[0xf, 0x5, 0x8, 0x4, 0x6, 0xffffffffffffff7a, 0x8, 0x45f6c183, 0xaeb, 0x3, 0x3, 0x8, 0x8000, 0x2, 0x8000000000000001, 0xfffffffffffffffc]}, 0x0)
socket(0x2, 0x1, 0x84)
listen$auto(0x3, 0x81)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

16.854558024s ago: executing program 1 (id=2359):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xd8502, 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x81, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x5, 0x0, 0x2, &(0x7f0000001100), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
write$auto(r0, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d)
keyctl$auto(0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
madvise$auto(0x6, 0xc, 0x1a)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r1, r1, 0x0, 0x200)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129800, 0x0)
r2 = socket(0x28, 0x5, 0x0)
r3 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000100)={@_si_pad}, 0x5, &(0x7f0000000180)={{0x967a, 0x7}, {0x1, 0x1}, 0x8, 0x5, 0x8, 0x8, 0xfffffffffffffffb, 0x4f, 0xad0e, 0x1, 0x0, 0x4, 0x7, 0x7, 0x5, 0x9})
r4 = bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000000)=@task_fd_query={r3, r2, 0x3, 0x8, 0xb06, 0x100, r2, 0x800, 0xb}, 0x6)
fallocate$auto(r4, 0x7, 0xbb2e, 0x5)
connect$auto(r2, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56)

16.313039326s ago: executing program 1 (id=2360):
r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0)
writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000180)="218914000000005a3500000a00000000000000000000c0399c8e25a8f7f7927f5889586569f11e3286ac9396ed1908acced0b98a034ae82c82b7dd5f93586c8baff689b8076209dcbfcf516e5469b94bc1103301cc5288d7f2eecbcb0a91598acfaa5b40cd437299b2e74df775b20d94df9082ede9c8d442034f5bd49d12f7f8d660da25d4ea1a61eebc74604d3f7a6df4f3ae765a72aa10d3ae99be82fb30ddd9c5ed92281b7b91b404d4f54410b9b09c9917b5d46f90aa4e224d692c20080f97f3373dcf7672fc3858c14864f33537228d3bb0324b0415d197ca68dffcc67c2319c3fb4f381dfb8e295414", 0x2}, 0x8)
mmap$auto(0x0, 0x4000d, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
ioctl$auto(r1, 0x4008af13, r1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000480)='/dev/radio19\x00', 0x687c1, 0x0)
ioctl$auto(r3, 0xc0845658, r3)
r4 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x0, 0x0)
getitimer$auto_ITIMER_PROF(0x2, &(0x7f0000000040)={{0x3, 0x1}, {0x7e19, 0x5}})
r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000280), 0xffffffffffffffff)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_udc.0/gadget.0/function\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000001080)=""/98, 0x62)
r7 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x4, 0x0)
sendmsg$auto_CGROUPSTATS_CMD_GET(r4, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x54, r5, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r2}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r4}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r6}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r7}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000000}, 0x27)
read$auto_debugfs_full_proxy_file_operations_internal(r4, 0x0, 0x0)
r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sockstat\x00', 0x280, 0x0)
pread64$auto(r8, 0x0, 0x5, 0x8d)
openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)

15.967449577s ago: executing program 1 (id=2361):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
ioctl$auto(0x3, 0x89e2, 0x91)
ioctl$auto(0x3, 0x89e1, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

0s ago: executing program 36 (id=2361):
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0x8001, 0x19)
lseek$auto(0x3, 0x7ffffffffffffffd, 0x2)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0xa, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x7}, 0x8)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2deb43, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x2, 0xfffffffd)
read$auto(r2, 0x0, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPP(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYRES16=r4, @ANYBLOB="01e162498e3b3cc16472390537ac0028bd700098cdf2fedbdf256b00000021000d01fd5736a95c80db53e7c4aadb2715ac2f8807a03d1727244eba33fc42fe000000"], 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4000890)
r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r5, 0x0, 0x2)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x2, 0x401, 0x1000, 0x8000000000000011, r0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0xc40, 0x0)
socket(0x29, 0x2, 0x0)
ioctl$auto(0x3, 0x89e2, 0x91)
ioctl$auto(0x3, 0x89e1, 0x91)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff)
r7 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r7, 0x0, 0x1ff)
r8 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioctl$auto_LOOP_CTL_ADD(r8, 0x4c80, 0xfffffffffffffffd)

kernel console output (not intermixed with test programs):

 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.718264][T13822] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  750.718294][T13822] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  750.718314][T13822] RDX: 0000000000000055 RSI: 0000200000000000 RDI: 0000000000000003
[  750.718334][T13822] RBP: 00007fe69ec9f090 R08: 0000000000000000 R09: 0000000000000000
[  750.718354][T13822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.718373][T13822] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  750.718416][T13822]  </TASK>
[  751.594467][T13815] Restarting kernel threads ...
[  751.635974][T13815] Done restarting kernel threads.
[  753.759821][T13859] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[  754.917040][T13865] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  755.261939][   T30] audit: type=1800 audit(4294967332.890:28): pid=13890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1897" name="members" dev="configfs" ino=39189 res=0 errno=0
[  757.923161][T13906] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  757.923432][T13906] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  757.923666][T13906] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  757.923863][T13906] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  757.999103][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  757.999194][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  759.120154][T13918] kexec: Could not allocate control_code_buffer
[  759.177889][T13929] syz_tun: tun_chr_ioctl cmd 1074025673
[  759.289494][   T30] audit: type=1800 audit(4294967336.920:29): pid=13940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1908" name="members" dev="configfs" ino=39293 res=0 errno=0
[  759.409704][T13945] openvswitch: netlink: IPv4 tunnel dst address is zero
[  759.923990][T13946] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  759.992792][T13342] Bluetooth: hci1: command 0x0c1a tx timeout
[  759.998949][T13342] Bluetooth: hci3: command 0x0c1a tx timeout
[  760.005125][ T5165] Bluetooth: hci2: command 0x0c1a tx timeout
[  760.007992][T11082] Bluetooth: hci0: command 0x0c1a tx timeout
[  760.204042][T13957] FAULT_INJECTION: forcing a failure.
[  760.204042][T13957] name failslab, interval 1, probability 0, space 0, times 0
[  760.217572][T13957] CPU: 1 UID: 0 PID: 13957 Comm: syz.0.1913 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  760.217633][T13957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  760.217659][T13957] Call Trace:
[  760.217670][T13957]  <TASK>
[  760.217685][T13957]  dump_stack_lvl+0x16c/0x1f0
[  760.217731][T13957]  should_fail_ex+0x512/0x640
[  760.217785][T13957]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  760.217859][T13957]  should_failslab+0xc2/0x120
[  760.217904][T13957]  __kmalloc_cache_noprof+0x6a/0x3e0
[  760.217964][T13957]  ? ktime_get_coarse_real_ts64_mg+0x240/0x300
[  760.218019][T13957]  ? hugetlb_vma_lock_alloc+0xbc/0x1f0
[  760.218091][T13957]  hugetlb_vma_lock_alloc+0xbc/0x1f0
[  760.218156][T13957]  hugetlb_reserve_pages+0x149/0xe10
[  760.218220][T13957]  ? __pfx_hugetlb_reserve_pages+0x10/0x10
[  760.218277][T13957]  ? atime_needs_update+0x8b/0x710
[  760.218344][T13957]  hugetlbfs_file_mmap+0x4a1/0x730
[  760.218402][T13957]  __mmap_region+0x128e/0x25e0
[  760.218447][T13957]  ? __pfx___mmap_region+0x10/0x10
[  760.218500][T13957]  ? is_bpf_text_address+0x94/0x1a0
[  760.218555][T13957]  ? kernel_text_address+0x8d/0x100
[  760.218618][T13957]  ? __kernel_text_address+0xd/0x40
[  760.218680][T13957]  ? unwind_get_return_address+0x59/0xa0
[  760.218753][T13957]  ? arch_stack_walk+0xa6/0x100
[  760.218819][T13957]  ? __pfx_stack_trace_save+0x10/0x10
[  760.218871][T13957]  ? stack_depot_save_flags+0x28/0xa40
[  760.218966][T13957]  ? trace_cap_capable+0x18d/0x200
[  760.219030][T13957]  mmap_region+0x32b/0x3f0
[  760.219078][T13957]  do_mmap+0xa3e/0x1210
[  760.219140][T13957]  ? __pfx_do_mmap+0x10/0x10
[  760.219205][T13957]  ? __pfx_down_write_killable+0x10/0x10
[  760.219260][T13957]  vm_mmap_pgoff+0x281/0x450
[  760.219320][T13957]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  760.219364][T13957]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  760.219417][T13957]  ? hugetlbfs_get_inode+0x31f/0x730
[  760.219478][T13957]  ksys_mmap_pgoff+0x1c8/0x5c0
[  760.219535][T13957]  __x64_sys_mmap+0x125/0x190
[  760.219594][T13957]  do_syscall_64+0xcd/0x490
[  760.219637][T13957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.219676][T13957] RIP: 0033:0x7f9eec58e9a9
[  760.219705][T13957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.219749][T13957] RSP: 002b:00007f9eed37d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  760.219789][T13957] RAX: ffffffffffffffda RBX: 00007f9eec7b5fa0 RCX: 00007f9eec58e9a9
[  760.219817][T13957] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000
[  760.219844][T13957] RBP: 00007f9eec610d69 R08: 0000000000000602 R09: 0000300000000000
[  760.219871][T13957] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  760.219895][T13957] R13: 0000000000000000 R14: 00007f9eec7b5fa0 R15: 00007ffdd3025d18
[  760.219943][T13957]  </TASK>
[  760.506285][    C1] vkms_vblank_simulate: vblank timer overrun
[  760.584145][T13959] FAULT_INJECTION: forcing a failure.
[  760.584145][T13959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  760.597974][T13959] CPU: 1 UID: 0 PID: 13959 Comm: syz.2.1914 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  760.598026][T13959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  760.598046][T13959] Call Trace:
[  760.598057][T13959]  <TASK>
[  760.598069][T13959]  dump_stack_lvl+0x16c/0x1f0
[  760.598109][T13959]  should_fail_ex+0x512/0x640
[  760.598149][T13959]  _copy_to_user+0x32/0xd0
[  760.598189][T13959]  simple_read_from_buffer+0xcb/0x170
[  760.598243][T13959]  proc_fail_nth_read+0x197/0x270
[  760.598292][T13959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  760.598342][T13959]  ? rw_verify_area+0xcf/0x680
[  760.598392][T13959]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  760.598439][T13959]  vfs_read+0x1e4/0xc60
[  760.598476][T13959]  ? __pfx___mutex_lock+0x10/0x10
[  760.598511][T13959]  ? __pfx_vfs_read+0x10/0x10
[  760.598553][T13959]  ? __fget_files+0x20e/0x3c0
[  760.598617][T13959]  ksys_read+0x12a/0x250
[  760.598647][T13959]  ? __pfx_ksys_read+0x10/0x10
[  760.598691][T13959]  do_syscall_64+0xcd/0x490
[  760.598728][T13959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.598763][T13959] RIP: 0033:0x7fe69dd8d3bc
[  760.598789][T13959] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  760.598821][T13959] RSP: 002b:00007fe69ec9f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  760.598852][T13959] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8d3bc
[  760.598874][T13959] RDX: 000000000000000f RSI: 00007fe69ec9f0a0 RDI: 0000000000000004
[  760.598895][T13959] RBP: 00007fe69ec9f090 R08: 0000000000000000 R09: 0000000000000000
[  760.598914][T13959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.598934][T13959] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  760.598977][T13959]  </TASK>
[  760.785572][    C1] vkms_vblank_simulate: vblank timer overrun
[  762.682788][T13992] random: crng reseeded on system resumption
[  763.063651][T13975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  763.145979][T13975] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  763.158089][T14000] FAULT_INJECTION: forcing a failure.
[  763.158089][T14000] name failslab, interval 1, probability 0, space 0, times 0
[  763.168690][T14002] netlink: 86 bytes leftover after parsing attributes in process `syz.4.1929'.
[  763.191687][T14000] CPU: 0 UID: 0 PID: 14000 Comm: syz.2.1921 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  763.191733][T14000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  763.191751][T14000] Call Trace:
[  763.191761][T14000]  <TASK>
[  763.191773][T14000]  dump_stack_lvl+0x16c/0x1f0
[  763.191811][T14000]  should_fail_ex+0x512/0x640
[  763.191842][T14000]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  763.191896][T14000]  should_failslab+0xc2/0x120
[  763.191934][T14000]  __kmalloc_cache_noprof+0x6a/0x3e0
[  763.191987][T14000]  ? resv_map_alloc+0x7e/0x400
[  763.192031][T14000]  resv_map_alloc+0x7e/0x400
[  763.192069][T14000]  hugetlbfs_get_inode+0x33f/0x730
[  763.192106][T14000]  ? __fget_files+0x20e/0x3c0
[  763.192161][T14000]  hugetlb_file_setup+0x15b/0x620
[  763.192210][T14000]  ksys_mmap_pgoff+0x189/0x5c0
[  763.192261][T14000]  __x64_sys_mmap+0x125/0x190
[  763.192312][T14000]  do_syscall_64+0xcd/0x490
[  763.192350][T14000]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.192381][T14000] RIP: 0033:0x7fe69dd8e9a9
[  763.192406][T14000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  763.192439][T14000] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  763.192480][T14000] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  763.192506][T14000] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000
[  763.192531][T14000] RBP: 00007fe69ec9f090 R08: 0000000000000602 R09: 0000300000000000
[  763.192550][T14000] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000001
[  763.192568][T14000] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  763.192607][T14000]  </TASK>
[  765.652331][T14028] FAULT_INJECTION: forcing a failure.
[  765.652331][T14028] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  765.666430][T14028] CPU: 1 UID: 0 PID: 14028 Comm: syz.0.1927 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  765.666481][T14028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  765.666504][T14028] Call Trace:
[  765.666515][T14028]  <TASK>
[  765.666528][T14028]  dump_stack_lvl+0x16c/0x1f0
[  765.666572][T14028]  should_fail_ex+0x512/0x640
[  765.666616][T14028]  should_fail_alloc_page+0xe7/0x130
[  765.666663][T14028]  prepare_alloc_pages+0x3c2/0x610
[  765.666721][T14028]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  765.666760][T14028]  ? kasan_save_stack+0x42/0x60
[  765.666799][T14028]  ? __lock_acquire+0x622/0x1c90
[  765.666851][T14028]  ? __vmf_anon_prepare+0x11c/0x240
[  765.666895][T14028]  ? __handle_mm_fault+0x27f6/0x5490
[  765.666945][T14028]  ? handle_mm_fault+0x589/0xd10
[  765.666994][T14028]  ? __get_user_pages+0x589/0x3b80
[  765.667037][T14028]  ? populate_vma_page_range+0x278/0x3a0
[  765.667088][T14028]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  765.667128][T14028]  ? __lock_acquire+0x622/0x1c90
[  765.667185][T14028]  ? __lock_acquire+0xb8a/0x1c90
[  765.667239][T14028]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  765.667303][T14028]  ? policy_nodemask+0xea/0x4e0
[  765.667347][T14028]  alloc_pages_mpol+0x1fb/0x550
[  765.667391][T14028]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  765.667435][T14028]  ? __anon_vma_prepare+0x2db/0x5e0
[  765.667474][T14028]  folio_alloc_mpol_noprof+0x36/0x2f0
[  765.667525][T14028]  vma_alloc_folio_noprof+0xed/0x1e0
[  765.667571][T14028]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  765.667617][T14028]  ? __anon_vma_prepare+0x2e2/0x5e0
[  765.667662][T14028]  __handle_mm_fault+0x2f21/0x5490
[  765.667727][T14028]  ? __pfx___handle_mm_fault+0x10/0x10
[  765.667818][T14028]  handle_mm_fault+0x589/0xd10
[  765.667881][T14028]  __get_user_pages+0x589/0x3b80
[  765.667940][T14028]  ? __pfx_mt_find+0x10/0x10
[  765.667996][T14028]  ? __pfx___get_user_pages+0x10/0x10
[  765.668062][T14028]  populate_vma_page_range+0x278/0x3a0
[  765.668117][T14028]  ? __pfx_populate_vma_page_range+0x10/0x10
[  765.668169][T14028]  ? __pfx_find_vma_intersection+0x10/0x10
[  765.668220][T14028]  ? do_mmap+0x69c/0x1210
[  765.668278][T14028]  __mm_populate+0x1d8/0x380
[  765.668333][T14028]  ? __pfx___mm_populate+0x10/0x10
[  765.668388][T14028]  ? up_write+0x1b2/0x520
[  765.668447][T14028]  vm_mmap_pgoff+0x362/0x450
[  765.668497][T14028]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  765.668553][T14028]  ? __x64_sys_futex+0x1e0/0x4c0
[  765.668594][T14028]  ? __x64_sys_futex+0x1e9/0x4c0
[  765.668645][T14028]  ksys_mmap_pgoff+0x7d/0x5c0
[  765.668690][T14028]  ? xfd_validate_state+0x61/0x180
[  765.668736][T14028]  ? __pfx_do_writev+0x10/0x10
[  765.668798][T14028]  __x64_sys_mmap+0x125/0x190
[  765.668856][T14028]  do_syscall_64+0xcd/0x490
[  765.668897][T14028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  765.668933][T14028] RIP: 0033:0x7f9eec58e9a9
[  765.668963][T14028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.668998][T14028] RSP: 002b:00007f9eed37d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  765.669031][T14028] RAX: ffffffffffffffda RBX: 00007f9eec7b5fa0 RCX: 00007f9eec58e9a9
[  765.669055][T14028] RDX: 000000000000000b RSI: 0000000000000003 RDI: 0000000000000000
[  765.669076][T14028] RBP: 00007f9eec610d69 R08: 0000000004008df3 R09: 0000000000000000
[  765.669123][T14028] R10: 0000000000003132 R11: 0000000000000246 R12: 0000000000000000
[  765.669144][T14028] R13: 0000000000000000 R14: 00007f9eec7b5fa0 R15: 00007ffdd3025d18
[  765.669191][T14028]  </TASK>
[  766.018853][    C1] vkms_vblank_simulate: vblank timer overrun
[  768.943433][T14043] kexec: Could not allocate control_code_buffer
[  770.365126][T14087] ubi0: attaching mtd0
[  770.413588][T14087] ubi0: scanning is finished
[  770.455201][T14087] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  770.547918][T14092] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1944'.
[  770.809945][T14099] FAULT_INJECTION: forcing a failure.
[  770.809945][T14099] name failslab, interval 1, probability 0, space 0, times 0
[  770.857815][T14099] CPU: 0 UID: 0 PID: 14099 Comm: syz.1.1945 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  770.857851][T14099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  770.857874][T14099] Call Trace:
[  770.857882][T14099]  <TASK>
[  770.857891][T14099]  dump_stack_lvl+0x16c/0x1f0
[  770.857928][T14099]  should_fail_ex+0x512/0x640
[  770.857952][T14099]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  770.857980][T14099]  should_failslab+0xc2/0x120
[  770.858011][T14099]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  770.858035][T14099]  ? __alloc_skb+0x2b2/0x380
[  770.858063][T14099]  __alloc_skb+0x2b2/0x380
[  770.858085][T14099]  ? __pfx___alloc_skb+0x10/0x10
[  770.858110][T14099]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  770.858145][T14099]  netlink_alloc_large_skb+0x69/0x130
[  770.858177][T14099]  netlink_sendmsg+0x6a1/0xdd0
[  770.858211][T14099]  ? __pfx_netlink_sendmsg+0x10/0x10
[  770.858251][T14099]  ____sys_sendmsg+0xa95/0xc70
[  770.858291][T14099]  ? copy_msghdr_from_user+0x10a/0x160
[  770.858319][T14099]  ? __pfx_____sys_sendmsg+0x10/0x10
[  770.858365][T14099]  ___sys_sendmsg+0x134/0x1d0
[  770.858391][T14099]  ? __pfx____sys_sendmsg+0x10/0x10
[  770.858413][T14099]  ? __lock_acquire+0x622/0x1c90
[  770.858480][T14099]  __sys_sendmsg+0x16d/0x220
[  770.858619][T14099]  ? __pfx___sys_sendmsg+0x10/0x10
[  770.858664][T14099]  do_syscall_64+0xcd/0x490
[  770.858692][T14099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.858717][T14099] RIP: 0033:0x7f681898e9a9
[  770.858736][T14099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.858759][T14099] RSP: 002b:00007f68197cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  770.858781][T14099] RAX: ffffffffffffffda RBX: 00007f6818bb5fa0 RCX: 00007f681898e9a9
[  770.858797][T14099] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000003
[  770.858811][T14099] RBP: 00007f68197cf090 R08: 0000000000000000 R09: 0000000000000000
[  770.858825][T14099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.858840][T14099] R13: 0000000000000000 R14: 00007f6818bb5fa0 R15: 00007fff2d05c238
[  770.858871][T14099]  </TASK>
[  771.104472][T14087] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  771.931232][T14113] nbd: must specify a device to reconfigure
[  773.558884][T14138] vivid-009: =================  START STATUS  =================
[  773.644271][T14138] vivid-009: Enable Output Cropping: true grabbed
[  773.762811][T14138] vivid-009: Enable Output Composing: true grabbed
[  773.774883][T14126] syz_tun: tun_chr_ioctl cmd 1074025673
[  773.837570][T14138] vivid-009: Enable Output Scaler: true grabbed
[  773.947884][T14141] block nbd7: not configured, cannot reconfigure
[  773.982583][T14138] vivid-009: Tx RGB Quantization Range: Automatic grabbed
[  774.102645][T14138] vivid-009: Transmit Mode: HDMI grabbed
[  774.108475][T14138] vivid-009: Hotplug Present: 0x00000000
[  774.146745][T14138] vivid-009: RxSense Present: 0x00000000
[  774.262789][T14138] vivid-009: EDID Present: 0x00000000
[  774.268438][T14138] vivid-009: ==================  END STATUS  ==================
[  774.513768][T14130] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  774.520345][T14130] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  774.535674][T14130] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  774.562340][T14130] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  774.914686][T14152] FAULT_INJECTION: forcing a failure.
[  774.914686][T14152] name failslab, interval 1, probability 0, space 0, times 0
[  774.936226][T14152] CPU: 0 UID: 0 PID: 14152 Comm: syz.2.1957 Not tainted 6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  774.936274][T14152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  774.936294][T14152] Call Trace:
[  774.936305][T14152]  <TASK>
[  774.936317][T14152]  dump_stack_lvl+0x16c/0x1f0
[  774.936359][T14152]  should_fail_ex+0x512/0x640
[  774.936393][T14152]  ? fs_reclaim_acquire+0xae/0x150
[  774.936444][T14152]  ? tomoyo_encode2+0x100/0x3e0
[  774.936473][T14152]  should_failslab+0xc2/0x120
[  774.936513][T14152]  __kmalloc_noprof+0xd2/0x510
[  774.936559][T14152]  ? d_absolute_path+0x136/0x1a0
[  774.936609][T14152]  tomoyo_encode2+0x100/0x3e0
[  774.936647][T14152]  tomoyo_encode+0x29/0x50
[  774.936677][T14152]  tomoyo_realpath_from_path+0x18f/0x6e0
[  774.936724][T14152]  tomoyo_path_number_perm+0x245/0x580
[  774.936773][T14152]  ? tomoyo_path_number_perm+0x237/0x580
[  774.936825][T14152]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  774.936878][T14152]  ? find_held_lock+0x2b/0x80
[  774.936954][T14152]  ? find_held_lock+0x2b/0x80
[  774.936988][T14152]  ? hook_file_ioctl_common+0x145/0x410
[  774.937043][T14152]  ? __fget_files+0x20e/0x3c0
[  774.937106][T14152]  security_file_ioctl+0x9b/0x240
[  774.937159][T14152]  __x64_sys_ioctl+0xb7/0x210
[  774.937210][T14152]  do_syscall_64+0xcd/0x490
[  774.937250][T14152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  774.937284][T14152] RIP: 0033:0x7fe69dd8e9a9
[  774.937310][T14152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  774.937342][T14152] RSP: 002b:00007fe69ec5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  774.937373][T14152] RAX: ffffffffffffffda RBX: 00007fe69dfb6160 RCX: 00007fe69dd8e9a9
[  774.937396][T14152] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 000000000000000a
[  774.937416][T14152] RBP: 00007fe69ec5d090 R08: 0000000000000000 R09: 0000000000000000
[  774.937437][T14152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  774.937456][T14152] R13: 0000000000000000 R14: 00007fe69dfb6160 R15: 00007ffea2d094d8
[  774.937500][T14152]  </TASK>
[  774.937536][T14152] ERROR: Out of memory at tomoyo_realpath_from_path.
[  775.191873][T14152] blktrace: Concurrent blktraces are not allowed on ram7
[  775.581761][T14166] Setting dangerous option i915.mitigations - tainting kernel
[  775.725523][T14169] openvswitch: netlink: IPv4 tunnel dst address is zero
[  775.932141][T14172] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967282 out of range (51000000..2150000000)
[  775.932685][T14173] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  776.552916][T13342] Bluetooth: hci3: command 0x0c1a tx timeout
[  776.552945][T13954] Bluetooth: hci0: command 0x0c1a tx timeout
[  776.565548][T11082] Bluetooth: hci2: command 0x0c1a tx timeout
[  776.632718][T13954] Bluetooth: hci1: command 0x0c1a tx timeout
[  777.575559][T14202] FAULT_INJECTION: forcing a failure.
[  777.575559][T14202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  777.665379][T14202] CPU: 0 UID: 0 PID: 14202 Comm: syz.2.1973 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  777.665424][T14202] Tainted: [U]=USER
[  777.665432][T14202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  777.665447][T14202] Call Trace:
[  777.665456][T14202]  <TASK>
[  777.665465][T14202]  dump_stack_lvl+0x16c/0x1f0
[  777.665497][T14202]  should_fail_ex+0x512/0x640
[  777.665527][T14202]  _copy_to_user+0x32/0xd0
[  777.665556][T14202]  simple_read_from_buffer+0xcb/0x170
[  777.665596][T14202]  proc_fail_nth_read+0x197/0x270
[  777.665632][T14202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  777.665667][T14202]  ? rw_verify_area+0xcf/0x680
[  777.665702][T14202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  777.665736][T14202]  vfs_read+0x1e4/0xc60
[  777.665760][T14202]  ? __pfx___mutex_lock+0x10/0x10
[  777.665786][T14202]  ? __pfx_vfs_read+0x10/0x10
[  777.665815][T14202]  ? __fget_files+0x20e/0x3c0
[  777.665862][T14202]  ksys_read+0x12a/0x250
[  777.665883][T14202]  ? __pfx_ksys_read+0x10/0x10
[  777.665913][T14202]  do_syscall_64+0xcd/0x490
[  777.665940][T14202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.665965][T14202] RIP: 0033:0x7fe69dd8d3bc
[  777.665984][T14202] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  777.666008][T14202] RSP: 002b:00007fe69ec9f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  777.666030][T14202] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8d3bc
[  777.666046][T14202] RDX: 000000000000000f RSI: 00007fe69ec9f0a0 RDI: 0000000000000004
[  777.666060][T14202] RBP: 00007fe69ec9f090 R08: 0000000000000000 R09: 0000000000000000
[  777.666074][T14202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  777.666088][T14202] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  777.666117][T14202]  </TASK>
[  778.253150][T14210] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1976'.
[  779.809557][T14233] syz_tun: tun_chr_ioctl cmd 1074025673
[  784.006073][T14290] syz_tun: tun_chr_ioctl cmd 1074025673
[  784.391861][T14307] netlink: 'syz.1.1996': attribute type 1 has an invalid length.
[  784.449159][T14307] netlink: 54 bytes leftover after parsing attributes in process `syz.1.1996'.
[  784.523847][T14306] ima: policy update failed
[  784.528848][   T30] audit: type=1802 audit(4294967362.160:30): pid=14306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1996" res=0 errno=0
[  784.746633][T14289] syz_tun: tun_chr_ioctl cmd 1074025673
[  785.562186][T14305] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1995'.
[  788.820873][T14372] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2009'.
[  789.279749][T14382] vmstat_refresh: nr_hugetlb -11776
[  790.153449][T14380] ima: policy update failed
[  790.195681][T14396] FAULT_INJECTION: forcing a failure.
[  790.195681][T14396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.209762][T14396] CPU: 0 UID: 0 PID: 14396 Comm: syz.4.2017 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  790.209812][T14396] Tainted: [U]=USER
[  790.209822][T14396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  790.209841][T14396] Call Trace:
[  790.209851][T14396]  <TASK>
[  790.209861][T14396]  dump_stack_lvl+0x16c/0x1f0
[  790.209898][T14396]  should_fail_ex+0x512/0x640
[  790.209938][T14396]  _copy_from_user+0x2e/0xd0
[  790.209974][T14396]  move_addr_to_kernel+0x65/0x170
[  790.210023][T14396]  __copy_msghdr+0x386/0x470
[  790.210054][T14396]  copy_msghdr_from_user+0xc1/0x160
[  790.210085][T14396]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  790.210129][T14396]  ? __pfx__kstrtoull+0x10/0x10
[  790.210190][T14396]  ___sys_sendmsg+0xfe/0x1d0
[  790.210222][T14396]  ? __pfx____sys_sendmsg+0x10/0x10
[  790.210417][T14396]  ? find_held_lock+0x2b/0x80
[  790.210488][T14396]  __sys_sendmmsg+0x200/0x420
[  790.210538][T14396]  ? __pfx___sys_sendmmsg+0x10/0x10
[  790.210602][T14396]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  790.210656][T14396]  ? fput+0x70/0xf0
[  790.210696][T14396]  ? ksys_write+0x1ac/0x250
[  790.210728][T14396]  ? __pfx_ksys_write+0x10/0x10
[  790.210768][T14396]  __x64_sys_sendmmsg+0x9c/0x100
[  790.210807][T14396]  ? lockdep_hardirqs_on+0x7c/0x110
[  790.210840][T14396]  do_syscall_64+0xcd/0x490
[  790.210879][T14396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.210915][T14396] RIP: 0033:0x7f2d1298e9a9
[  790.210944][T14396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.210979][T14396] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  790.211014][T14396] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  790.211049][T14396] RDX: 0000000000000005 RSI: 00002000000000c0 RDI: 0000000000000005
[  790.211072][T14396] RBP: 00007f2d137f5090 R08: 0000000000000000 R09: 0000000000000000
[  790.211093][T14396] R10: 000000001997b23d R11: 0000000000000246 R12: 0000000000000001
[  790.211114][T14396] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  790.211161][T14396]  </TASK>
[  790.211509][   T30] audit: type=1802 audit(4294967367.800:31): pid=14380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2011" res=0 errno=0
[  792.395745][T14429] syz_tun: tun_chr_ioctl cmd 1074025673
[  793.818375][T14465] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2034'.
[  793.848494][T14465] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2034'.
[  794.787138][T14498] Invalid input. Must be >= 4608
[  795.002945][T14498] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input28
[  796.900100][T13954] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  796.908141][T13954] Bluetooth: hci1: Invalid handle: 0x3a4a > 0x0eff
[  797.297522][T14538] Invalid ELF header magic: != ELF
[  799.101944][T14552] random: crng reseeded on system resumption
[  801.318029][T14594] CIFS: VFS: Unsupported security flags: 0x10
[  801.334502][T14594] CIFS: VFS: Unsupported security flags: 0x20
[  803.373386][T14611] FAULT_INJECTION: forcing a failure.
[  803.373386][T14611] name failslab, interval 1, probability 0, space 0, times 0
[  803.459546][T14611] CPU: 0 UID: 0 PID: 14611 Comm: syz.2.2067 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  803.459588][T14611] Tainted: [U]=USER
[  803.459596][T14611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  803.459609][T14611] Call Trace:
[  803.459617][T14611]  <TASK>
[  803.459626][T14611]  dump_stack_lvl+0x16c/0x1f0
[  803.459656][T14611]  should_fail_ex+0x512/0x640
[  803.459681][T14611]  ? fs_reclaim_acquire+0xae/0x150
[  803.459715][T14611]  ? tomoyo_encode2+0x100/0x3e0
[  803.459736][T14611]  should_failslab+0xc2/0x120
[  803.459764][T14611]  __kmalloc_noprof+0xd2/0x510
[  803.459787][T14611]  ? d_absolute_path+0x136/0x1a0
[  803.459821][T14611]  tomoyo_encode2+0x100/0x3e0
[  803.459846][T14611]  tomoyo_encode+0x29/0x50
[  803.459866][T14611]  tomoyo_realpath_from_path+0x18f/0x6e0
[  803.459898][T14611]  tomoyo_path_number_perm+0x245/0x580
[  803.459931][T14611]  ? tomoyo_path_number_perm+0x237/0x580
[  803.459967][T14611]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  803.460003][T14611]  ? find_held_lock+0x2b/0x80
[  803.460054][T14611]  ? find_held_lock+0x2b/0x80
[  803.460082][T14611]  ? hook_file_ioctl_common+0x145/0x410
[  803.460120][T14611]  ? __fget_files+0x20e/0x3c0
[  803.460164][T14611]  security_file_ioctl+0x9b/0x240
[  803.460201][T14611]  __x64_sys_ioctl+0xb7/0x210
[  803.460236][T14611]  do_syscall_64+0xcd/0x490
[  803.460263][T14611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.460288][T14611] RIP: 0033:0x7fe69dd8e9a9
[  803.460306][T14611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  803.460328][T14611] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  803.460351][T14611] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  803.460367][T14611] RDX: ffffffffffffffff RSI: 000000000000560a RDI: 0000000000000003
[  803.460381][T14611] RBP: 00007fe69ec9f090 R08: 0000000000000000 R09: 0000000000000000
[  803.460395][T14611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.460409][T14611] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  803.460438][T14611]  </TASK>
[  803.461172][T14611] ERROR: Out of memory at tomoyo_realpath_from_path.
[  804.228165][T14632] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2071'.
[  804.841641][T14643] blktrace: Concurrent blktraces are not allowed on nbd0
[  804.936531][T14622] syz_tun: tun_chr_ioctl cmd 1074025673
[  807.997976][T11082] Bluetooth: hci0: unexpected event 0x14 length: 16 > 6
[  810.761077][T14717] FAULT_INJECTION: forcing a failure.
[  810.761077][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  810.811397][T14717] CPU: 0 UID: 0 PID: 14717 Comm: syz.2.2089 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  810.811458][T14717] Tainted: [U]=USER
[  810.811468][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  810.811489][T14717] Call Trace:
[  810.811500][T14717]  <TASK>
[  810.811512][T14717]  dump_stack_lvl+0x16c/0x1f0
[  810.811556][T14717]  should_fail_ex+0x512/0x640
[  810.811592][T14717]  ? fs_reclaim_acquire+0xae/0x150
[  810.811646][T14717]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  810.811690][T14717]  should_failslab+0xc2/0x120
[  810.811744][T14717]  __kmalloc_noprof+0xd2/0x510
[  810.811777][T14717]  ? __lock_acquire+0x622/0x1c90
[  810.811834][T14717]  tomoyo_realpath_from_path+0xc2/0x6e0
[  810.811873][T14717]  ? tomoyo_profile+0x47/0x60
[  810.811915][T14717]  tomoyo_path_number_perm+0x245/0x580
[  810.811962][T14717]  ? tomoyo_path_number_perm+0x237/0x580
[  810.812016][T14717]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  810.812103][T14717]  ? d_alloc_parallel+0x979/0x12e0
[  810.812158][T14717]  ? current_check_access_path+0x33c/0x460
[  810.812212][T14717]  ? __pfx_current_check_access_path+0x10/0x10
[  810.812278][T14717]  tomoyo_path_mknod+0x10c/0x190
[  810.812319][T14717]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  810.812362][T14717]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  810.812423][T14717]  security_path_mknod+0x161/0x310
[  810.812474][T14717]  lookup_open.isra.0+0xc17/0x1580
[  810.812536][T14717]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  810.812611][T14717]  ? __pfx_down_write+0x10/0x10
[  810.812650][T14717]  ? mnt_get_write_access+0x20c/0x300
[  810.812711][T14717]  path_openat+0x893/0x2cb0
[  810.812762][T14717]  ? __pfx_path_openat+0x10/0x10
[  810.812809][T14717]  do_filp_open+0x20b/0x470
[  810.812845][T14717]  ? __pfx_do_filp_open+0x10/0x10
[  810.812912][T14717]  ? _raw_spin_unlock+0x28/0x50
[  810.812962][T14717]  ? alloc_fd+0x471/0x7d0
[  810.813030][T14717]  do_sys_openat2+0x11b/0x1d0
[  810.813077][T14717]  ? __pfx_do_sys_openat2+0x10/0x10
[  810.813141][T14717]  __x64_sys_open+0x153/0x1e0
[  810.813187][T14717]  ? __pfx___x64_sys_open+0x10/0x10
[  810.813244][T14717]  ? rcu_is_watching+0x12/0xc0
[  810.813284][T14717]  do_syscall_64+0xcd/0x490
[  810.813322][T14717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  810.813357][T14717] RIP: 0033:0x7fe69dd8e9a9
[  810.813387][T14717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  810.813421][T14717] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  810.813454][T14717] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  810.813477][T14717] RDX: e1d2b27bdc14abfd RSI: 0000000000004242 RDI: 0000200000000000
[  810.813499][T14717] RBP: 00007fe69de10d69 R08: 0000000000000000 R09: 0000000000000000
[  810.813519][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  810.813546][T14717] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  810.813589][T14717]  </TASK>
[  811.173639][T14717] ERROR: Out of memory at tomoyo_realpath_from_path.
[  811.231112][   T30] audit: type=1800 audit(4294967388.800:32): pid=14721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2089" name="version" dev="configfs" ino=41929 res=0 errno=0
[  811.641575][T14730] FAULT_INJECTION: forcing a failure.
[  811.641575][T14730] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  811.702182][T14730] CPU: 1 UID: 0 PID: 14730 Comm: syz.4.2092 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  811.702242][T14730] Tainted: [U]=USER
[  811.702252][T14730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  811.702274][T14730] Call Trace:
[  811.702285][T14730]  <TASK>
[  811.702299][T14730]  dump_stack_lvl+0x16c/0x1f0
[  811.702343][T14730]  should_fail_ex+0x512/0x640
[  811.702385][T14730]  should_fail_alloc_page+0xe7/0x130
[  811.702431][T14730]  prepare_alloc_pages+0x3c2/0x610
[  811.702490][T14730]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  811.702535][T14730]  ? kasan_save_stack+0x42/0x60
[  811.702567][T14730]  ? kasan_save_stack+0x33/0x60
[  811.702598][T14730]  ? kasan_save_track+0x14/0x30
[  811.702637][T14730]  ? __kasan_slab_alloc+0x89/0x90
[  811.702672][T14730]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  811.702705][T14730]  ? __pmd_alloc+0xbf/0x930
[  811.702748][T14730]  ? __handle_mm_fault+0xaac/0x5490
[  811.702799][T14730]  ? handle_mm_fault+0x589/0xd10
[  811.702849][T14730]  ? do_user_addr_fault+0x7a6/0x1370
[  811.702897][T14730]  ? exc_page_fault+0x5c/0xb0
[  811.702925][T14730]  ? asm_exc_page_fault+0x26/0x30
[  811.702958][T14730]  ? rep_movs_alternative+0xf/0x90
[  811.703003][T14730]  ? _copy_from_user+0x98/0xd0
[  811.703037][T14730]  ? ____sys_sendmsg+0x607/0xc70
[  811.703082][T14730]  ? ___sys_sendmsg+0x134/0x1d0
[  811.703114][T14730]  ? __sys_sendmmsg+0x200/0x420
[  811.703148][T14730]  ? __x64_sys_sendmmsg+0x9c/0x100
[  811.703182][T14730]  ? do_syscall_64+0xcd/0x490
[  811.703216][T14730]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.703252][T14730]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  811.703312][T14730]  ? __lock_acquire+0xb8a/0x1c90
[  811.703361][T14730]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  811.703417][T14730]  ? policy_nodemask+0xea/0x4e0
[  811.703459][T14730]  alloc_pages_mpol+0x1fb/0x550
[  811.703503][T14730]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  811.703547][T14730]  ? __thp_vma_allowable_orders+0x1c5/0xb10
[  811.703602][T14730]  alloc_pages_noprof+0x131/0x390
[  811.703650][T14730]  pte_alloc_one+0x1c/0x3a0
[  811.703682][T14730]  __handle_mm_fault+0x3a68/0x5490
[  811.703748][T14730]  ? __pfx___handle_mm_fault+0x10/0x10
[  811.703799][T14730]  ? __pfx_mt_find+0x10/0x10
[  811.703863][T14730]  ? find_vma+0xbf/0x140
[  811.703903][T14730]  ? __pfx_find_vma+0x10/0x10
[  811.703949][T14730]  handle_mm_fault+0x589/0xd10
[  811.704003][T14730]  ? __pkru_allows_pkey+0x51/0xb0
[  811.704049][T14730]  do_user_addr_fault+0x7a6/0x1370
[  811.704102][T14730]  ? rcu_is_watching+0x12/0xc0
[  811.704145][T14730]  exc_page_fault+0x5c/0xb0
[  811.704179][T14730]  asm_exc_page_fault+0x26/0x30
[  811.704212][T14730] RIP: 0010:rep_movs_alternative+0xf/0x90
[  811.704261][T14730] Code: c4 10 e9 84 11 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66
[  811.704295][T14730] RSP: 0018:ffffc90003b779d0 EFLAGS: 00050202
[  811.704323][T14730] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000002
[  811.704344][T14730] RDX: fffff5200076ef4c RSI: 0000000000000000 RDI: ffffc90003b77a58
[  811.704366][T14730] RBP: 0000000000000002 R08: 0000000000000001 R09: fffff5200076ef4b
[  811.704387][T14730] R10: ffffc90003b77a59 R11: 0000000000000001 R12: 0000000000000000
[  811.704408][T14730] R13: ffffc90003b77a58 R14: 1ffff9200076ef45 R15: ffffc90003b77d8c
[  811.704454][T14730]  _copy_from_user+0x98/0xd0
[  811.704495][T14730]  ____sys_sendmsg+0x607/0xc70
[  811.704548][T14730]  ? __pfx_____sys_sendmsg+0x10/0x10
[  811.704604][T14730]  ? __pfx__kstrtoull+0x10/0x10
[  811.704670][T14730]  ___sys_sendmsg+0x134/0x1d0
[  811.704711][T14730]  ? __pfx____sys_sendmsg+0x10/0x10
[  811.704771][T14730]  ? find_held_lock+0x2b/0x80
[  811.704837][T14730]  __sys_sendmmsg+0x200/0x420
[  811.704881][T14730]  ? __pfx___sys_sendmmsg+0x10/0x10
[  811.704934][T14730]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  811.704992][T14730]  ? fput+0x70/0xf0
[  811.705033][T14730]  ? ksys_write+0x1ac/0x250
[  811.705065][T14730]  ? __pfx_ksys_write+0x10/0x10
[  811.705106][T14730]  __x64_sys_sendmmsg+0x9c/0x100
[  811.705169][T14730]  ? lockdep_hardirqs_on+0x7c/0x110
[  811.705202][T14730]  do_syscall_64+0xcd/0x490
[  811.705241][T14730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.705276][T14730] RIP: 0033:0x7f2d1298e9a9
[  811.705303][T14730] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.705334][T14730] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  811.705365][T14730] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  811.705387][T14730] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004
[  811.705407][T14730] RBP: 00007f2d137f5090 R08: 0000000000000000 R09: 0000000000000000
[  811.705428][T14730] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001
[  811.705448][T14730] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  811.705492][T14730]  </TASK>
[  813.959101][T14748] FAULT_INJECTION: forcing a failure.
[  813.959101][T14748] name failslab, interval 1, probability 0, space 0, times 0
[  813.972337][T14748] CPU: 1 UID: 0 PID: 14748 Comm: syz.4.2098 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  813.972379][T14748] Tainted: [U]=USER
[  813.972387][T14748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  813.972404][T14748] Call Trace:
[  813.972421][T14748]  <TASK>
[  813.972431][T14748]  dump_stack_lvl+0x16c/0x1f0
[  813.972474][T14748]  should_fail_ex+0x512/0x640
[  813.972515][T14748]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  813.972574][T14748]  should_failslab+0xc2/0x120
[  813.972605][T14748]  __kmalloc_cache_noprof+0x6a/0x3e0
[  813.972648][T14748]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  813.972689][T14748]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  813.972727][T14748]  devlink_fmsg_u64_pair_put+0x270/0x2f0
[  813.972765][T14748]  ? __pfx_devlink_fmsg_u64_pair_put+0x10/0x10
[  813.972824][T14748]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  813.972884][T14748]  nsim_dev_dummy_fmsg_put+0x61/0x1e0
[  813.972923][T14748]  devlink_health_do_dump+0x240/0x620
[  813.972965][T14748]  devlink_health_report+0x3c9/0x9c0
[  813.973007][T14748]  ? __pfx_devlink_health_report+0x10/0x10
[  813.973045][T14748]  ? _copy_from_user+0x59/0xd0
[  813.973079][T14748]  nsim_dev_health_break_write+0x166/0x210
[  813.973116][T14748]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  813.973166][T14748]  full_proxy_write+0x13c/0x200
[  813.973201][T14748]  ? __pfx_full_proxy_write+0x10/0x10
[  813.973233][T14748]  vfs_write+0x29d/0x1150
[  813.973263][T14748]  ? __pfx___mutex_lock+0x10/0x10
[  813.973290][T14748]  ? __pfx_vfs_write+0x10/0x10
[  813.973323][T14748]  ? __fget_files+0x20e/0x3c0
[  813.973375][T14748]  ksys_write+0x12a/0x250
[  813.973399][T14748]  ? __pfx_ksys_write+0x10/0x10
[  813.973442][T14748]  do_syscall_64+0xcd/0x490
[  813.973473][T14748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.973499][T14748] RIP: 0033:0x7f2d1298e9a9
[  813.973520][T14748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  813.973546][T14748] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  813.973569][T14748] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  813.973586][T14748] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  813.973601][T14748] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[  813.973617][T14748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  813.973632][T14748] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  813.973664][T14748]  </TASK>
[  819.449789][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  819.456767][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  819.795022][T14815] FAULT_INJECTION: forcing a failure.
[  819.795022][T14815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  819.795078][T14815] CPU: 1 UID: 0 PID: 14815 Comm: syz.4.2111 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  819.795128][T14815] Tainted: [U]=USER
[  819.795138][T14815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  819.795158][T14815] Call Trace:
[  819.795168][T14815]  <TASK>
[  819.795194][T14815]  dump_stack_lvl+0x16c/0x1f0
[  819.795234][T14815]  should_fail_ex+0x512/0x640
[  819.795274][T14815]  strncpy_from_user+0x3b/0x2e0
[  819.795332][T14815]  getname_flags.part.0+0x8f/0x550
[  819.795384][T14815]  getname_flags+0x93/0xf0
[  819.795437][T14815]  do_sys_openat2+0xb8/0x1d0
[  819.795481][T14815]  ? __pfx_do_sys_openat2+0x10/0x10
[  819.795526][T14815]  ? __fget_files+0x20e/0x3c0
[  819.795590][T14815]  __x64_sys_creat+0xcc/0x120
[  819.795643][T14815]  ? __pfx___x64_sys_creat+0x10/0x10
[  819.795689][T14815]  ? __pfx_ksys_write+0x10/0x10
[  819.795726][T14815]  ? rcu_is_watching+0x12/0xc0
[  819.795761][T14815]  ? do_syscall_64+0x91/0x490
[  819.795797][T14815]  do_syscall_64+0xcd/0x490
[  819.795834][T14815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  819.795868][T14815] RIP: 0033:0x7f2d1298e9a9
[  819.795893][T14815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  819.795926][T14815] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  819.795957][T14815] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  819.795978][T14815] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000000
[  819.795998][T14815] RBP: 00007f2d137f5090 R08: 0000000000000000 R09: 0000000000000000
[  819.796018][T14815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  819.796037][T14815] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  819.796080][T14815]  </TASK>
[  820.078694][T14803] kexec: Could not allocate control_code_buffer
[  825.148365][T14858] syz_tun: tun_chr_ioctl cmd 1074025673
[  826.691610][T14897] random: crng reseeded on system resumption
[  830.686558][T14921] syz_tun: tun_chr_ioctl cmd 1074025673
[  832.667565][T14965] FAULT_INJECTION: forcing a failure.
[  832.667565][T14965] name failslab, interval 1, probability 0, space 0, times 0
[  832.699926][T14965] CPU: 0 UID: 0 PID: 14965 Comm: syz.1.2141 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  832.699990][T14965] Tainted: [U]=USER
[  832.700000][T14965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  832.700021][T14965] Call Trace:
[  832.700032][T14965]  <TASK>
[  832.700044][T14965]  dump_stack_lvl+0x16c/0x1f0
[  832.700083][T14965]  should_fail_ex+0x512/0x640
[  832.700119][T14965]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  832.700176][T14965]  should_failslab+0xc2/0x120
[  832.700217][T14965]  __kmalloc_cache_noprof+0x6a/0x3e0
[  832.700269][T14965]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  832.700317][T14965]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  832.700367][T14965]  devlink_fmsg_u64_pair_put+0x270/0x2f0
[  832.700415][T14965]  ? __pfx_devlink_fmsg_u64_pair_put+0x10/0x10
[  832.700464][T14965]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  832.700518][T14965]  nsim_dev_dummy_fmsg_put+0x61/0x1e0
[  832.700565][T14965]  devlink_health_do_dump+0x240/0x620
[  832.700617][T14965]  devlink_health_report+0x3c9/0x9c0
[  832.700675][T14965]  ? __pfx_devlink_health_report+0x10/0x10
[  832.700723][T14965]  ? _copy_from_user+0x59/0xd0
[  832.700769][T14965]  nsim_dev_health_break_write+0x166/0x210
[  832.700827][T14965]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  832.700885][T14965]  full_proxy_write+0x13c/0x200
[  832.700933][T14965]  ? __pfx_full_proxy_write+0x10/0x10
[  832.700975][T14965]  vfs_write+0x29d/0x1150
[  832.701015][T14965]  ? __pfx___mutex_lock+0x10/0x10
[  832.701051][T14965]  ? __pfx_vfs_write+0x10/0x10
[  832.701095][T14965]  ? __fget_files+0x20e/0x3c0
[  832.701162][T14965]  ksys_write+0x12a/0x250
[  832.701197][T14965]  ? __pfx_ksys_write+0x10/0x10
[  832.701243][T14965]  do_syscall_64+0xcd/0x490
[  832.701283][T14965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.701318][T14965] RIP: 0033:0x7f681898e9a9
[  832.701346][T14965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.701379][T14965] RSP: 002b:00007f68197cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  832.701410][T14965] RAX: ffffffffffffffda RBX: 00007f6818bb5fa0 RCX: 00007f681898e9a9
[  832.701431][T14965] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  832.701450][T14965] RBP: 00007f6818a10d69 R08: 0000000000000000 R09: 0000000000000000
[  832.701470][T14965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  832.701492][T14965] R13: 0000000000000000 R14: 00007f6818bb5fa0 R15: 00007fff2d05c238
[  832.701536][T14965]  </TASK>
[  846.528931][T15113] syz_tun: tun_chr_ioctl cmd 1074025673
[  847.836075][T15174] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2188'.
[  848.133127][T15181] FAULT_INJECTION: forcing a failure.
[  848.133127][T15181] name failslab, interval 1, probability 0, space 0, times 0
[  848.133210][T15181] CPU: 1 UID: 0 PID: 15181 Comm: syz.1.2191 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  848.133262][T15181] Tainted: [U]=USER
[  848.133273][T15181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  848.133295][T15181] Call Trace:
[  848.133305][T15181]  <TASK>
[  848.133323][T15181]  dump_stack_lvl+0x16c/0x1f0
[  848.133363][T15181]  should_fail_ex+0x512/0x640
[  848.133406][T15181]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  848.133466][T15181]  should_failslab+0xc2/0x120
[  848.133507][T15181]  __kmalloc_cache_noprof+0x6a/0x3e0
[  848.133560][T15181]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  848.133608][T15181]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  848.133654][T15181]  ? devlink_fmsg_u64_pair_put+0x225/0x2f0
[  848.133706][T15181]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  848.133755][T15181]  devlink_fmsg_string_pair_put+0x17a/0x1b0
[  848.133807][T15181]  nsim_dev_dummy_fmsg_put+0x77/0x1e0
[  848.133857][T15181]  devlink_health_do_dump+0x240/0x620
[  848.133912][T15181]  devlink_health_report+0x3c9/0x9c0
[  848.133967][T15181]  ? __pfx_devlink_health_report+0x10/0x10
[  848.134018][T15181]  ? _copy_from_user+0x59/0xd0
[  848.134062][T15181]  nsim_dev_health_break_write+0x166/0x210
[  848.134112][T15181]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  848.134267][T15181]  full_proxy_write+0x13c/0x200
[  848.134320][T15181]  ? __pfx_full_proxy_write+0x10/0x10
[  848.134362][T15181]  vfs_write+0x29d/0x1150
[  848.134404][T15181]  ? __pfx___mutex_lock+0x10/0x10
[  848.134442][T15181]  ? __pfx_vfs_write+0x10/0x10
[  848.134488][T15181]  ? __fget_files+0x20e/0x3c0
[  848.134558][T15181]  ksys_write+0x12a/0x250
[  848.134591][T15181]  ? __pfx_ksys_write+0x10/0x10
[  848.134639][T15181]  do_syscall_64+0xcd/0x490
[  848.134679][T15181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.134714][T15181] RIP: 0033:0x7f681898e9a9
[  848.134743][T15181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.134779][T15181] RSP: 002b:00007f68197cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  848.134813][T15181] RAX: ffffffffffffffda RBX: 00007f6818bb5fa0 RCX: 00007f681898e9a9
[  848.134835][T15181] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  848.134855][T15181] RBP: 00007f6818a10d69 R08: 0000000000000000 R09: 0000000000000000
[  848.134875][T15181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  848.134896][T15181] R13: 0000000000000000 R14: 00007f6818bb5fa0 R15: 00007fff2d05c238
[  848.134942][T15181]  </TASK>
[  848.307384][T15185] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in;
[  848.307384][T15185]    program syz.4.2189 not setting count and/or reply_len properly
[  853.906881][T15277] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd12
[  856.110340][T15307] futex_wake_op: syz.1.2208 tries to shift op by -2048; fix this program
[  856.958155][T15327] FAULT_INJECTION: forcing a failure.
[  856.958155][T15327] name failslab, interval 1, probability 0, space 0, times 0
[  856.983836][T15327] CPU: 1 UID: 0 PID: 15327 Comm: syz.2.2212 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  856.983880][T15327] Tainted: [U]=USER
[  856.983887][T15327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  856.983903][T15327] Call Trace:
[  856.983911][T15327]  <TASK>
[  856.983920][T15327]  dump_stack_lvl+0x16c/0x1f0
[  856.983952][T15327]  should_fail_ex+0x512/0x640
[  856.983978][T15327]  ? __kmalloc_noprof+0xbf/0x510
[  856.984007][T15327]  ? devlink_fmsg_put_name+0xf0/0x3f0
[  856.984037][T15327]  should_failslab+0xc2/0x120
[  856.984066][T15327]  __kmalloc_noprof+0xd2/0x510
[  856.984097][T15327]  devlink_fmsg_put_name+0xf0/0x3f0
[  856.984130][T15327]  devlink_fmsg_u64_pair_put+0xff/0x2f0
[  856.984164][T15327]  ? __pfx_devlink_fmsg_u64_pair_put+0x10/0x10
[  856.984200][T15327]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  856.984238][T15327]  nsim_dev_dummy_fmsg_put+0x61/0x1e0
[  856.984310][T15327]  devlink_health_do_dump+0x240/0x620
[  856.984349][T15327]  devlink_health_report+0x3c9/0x9c0
[  856.984389][T15327]  ? __pfx_devlink_health_report+0x10/0x10
[  856.984425][T15327]  ? _copy_from_user+0x59/0xd0
[  856.984456][T15327]  nsim_dev_health_break_write+0x166/0x210
[  856.984491][T15327]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  856.984539][T15327]  full_proxy_write+0x13c/0x200
[  856.984576][T15327]  ? __pfx_full_proxy_write+0x10/0x10
[  856.984606][T15327]  vfs_write+0x29d/0x1150
[  856.984636][T15327]  ? __pfx___mutex_lock+0x10/0x10
[  856.984662][T15327]  ? __pfx_vfs_write+0x10/0x10
[  856.984693][T15327]  ? __fget_files+0x20e/0x3c0
[  856.984741][T15327]  ksys_write+0x12a/0x250
[  856.984763][T15327]  ? __pfx_ksys_write+0x10/0x10
[  856.984797][T15327]  do_syscall_64+0xcd/0x490
[  856.984825][T15327]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.984851][T15327] RIP: 0033:0x7fe69dd8e9a9
[  856.984870][T15327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.984895][T15327] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  856.984919][T15327] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  856.984936][T15327] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  856.984951][T15327] RBP: 00007fe69de10d69 R08: 0000000000000000 R09: 0000000000000000
[  856.984967][T15327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.984984][T15327] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  856.985015][T15327]  </TASK>
[  857.240659][    C1] vkms_vblank_simulate: vblank timer overrun
[  859.690412][T15361] FAULT_INJECTION: forcing a failure.
[  859.690412][T15361] name failslab, interval 1, probability 0, space 0, times 0
[  859.706717][T15361] CPU: 0 UID: 0 PID: 15361 Comm: syz.2.2221 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  859.706774][T15361] Tainted: [U]=USER
[  859.706785][T15361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  859.706807][T15361] Call Trace:
[  859.706818][T15361]  <TASK>
[  859.706831][T15361]  dump_stack_lvl+0x16c/0x1f0
[  859.706873][T15361]  should_fail_ex+0x512/0x640
[  859.706909][T15361]  ? __kmalloc_noprof+0xbf/0x510
[  859.706947][T15361]  ? devlink_fmsg_put_value+0xaa/0x2d0
[  859.706991][T15361]  should_failslab+0xc2/0x120
[  859.707032][T15361]  __kmalloc_noprof+0xd2/0x510
[  859.707076][T15361]  devlink_fmsg_put_value+0xaa/0x2d0
[  859.707128][T15361]  devlink_fmsg_u64_pair_put+0x19c/0x2f0
[  859.707176][T15361]  ? __pfx_devlink_fmsg_u64_pair_put+0x10/0x10
[  859.707229][T15361]  ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0
[  859.707282][T15361]  nsim_dev_dummy_fmsg_put+0x61/0x1e0
[  859.707333][T15361]  devlink_health_do_dump+0x240/0x620
[  859.707387][T15361]  devlink_health_report+0x3c9/0x9c0
[  859.707472][T15361]  ? __pfx_devlink_health_report+0x10/0x10
[  859.707522][T15361]  ? _copy_from_user+0x59/0xd0
[  859.707567][T15361]  nsim_dev_health_break_write+0x166/0x210
[  859.707616][T15361]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  859.707678][T15361]  full_proxy_write+0x13c/0x200
[  859.707725][T15361]  ? __pfx_full_proxy_write+0x10/0x10
[  859.707765][T15361]  vfs_write+0x29d/0x1150
[  859.707805][T15361]  ? __pfx___mutex_lock+0x10/0x10
[  859.707841][T15361]  ? __pfx_vfs_write+0x10/0x10
[  859.707885][T15361]  ? __fget_files+0x20e/0x3c0
[  859.707954][T15361]  ksys_write+0x12a/0x250
[  859.707986][T15361]  ? __pfx_ksys_write+0x10/0x10
[  859.708032][T15361]  do_syscall_64+0xcd/0x490
[  859.708073][T15361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.708108][T15361] RIP: 0033:0x7fe69dd8e9a9
[  859.708136][T15361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.708171][T15361] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  859.708204][T15361] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  859.708228][T15361] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  859.708249][T15361] RBP: 00007fe69de10d69 R08: 0000000000000000 R09: 0000000000000000
[  859.708271][T15361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  859.708292][T15361] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  859.708338][T15361]  </TASK>
[  860.948073][T15384] bcache: register_bcache() error : failed to open device
[  862.221658][T11082] Bluetooth: hci1: Malformed Event: 0x02
[  869.228180][T15487] FAULT_INJECTION: forcing a failure.
[  869.228180][T15487] name failslab, interval 1, probability 0, space 0, times 0
[  869.245758][T15487] CPU: 0 UID: 0 PID: 15487 Comm: syz.2.2249 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  869.245817][T15487] Tainted: [U]=USER
[  869.245829][T15487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  869.245849][T15487] Call Trace:
[  869.245861][T15487]  <TASK>
[  869.245874][T15487]  dump_stack_lvl+0x16c/0x1f0
[  869.245917][T15487]  should_fail_ex+0x512/0x640
[  869.245952][T15487]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  869.245993][T15487]  should_failslab+0xc2/0x120
[  869.246033][T15487]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  869.246068][T15487]  ? lockdep_init_map_type+0x5c/0x280
[  869.246118][T15487]  ? mempool_init_node+0x320/0x760
[  869.246166][T15487]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  869.246212][T15487]  mempool_init_node+0x320/0x760
[  869.246268][T15487]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  869.246311][T15487]  ? __pfx_mempool_free_slab+0x10/0x10
[  869.246355][T15487]  mempool_init_noprof+0x3a/0x50
[  869.246415][T15487]  bioset_init+0x37a/0x880
[  869.246461][T15487]  ? __pfx_bioset_init+0x10/0x10
[  869.246521][T15487]  __alloc_disk_node+0x83/0x630
[  869.246563][T15487]  __blk_mq_alloc_disk+0x89/0x120
[  869.246600][T15487]  loop_add+0x49e/0xb70
[  869.246648][T15487]  ? do_vfs_ioctl+0x523/0x1a60
[  869.246696][T15487]  ? __pfx_loop_add+0x10/0x10
[  869.246740][T15487]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  869.246816][T15487]  ? find_held_lock+0x2b/0x80
[  869.246857][T15487]  loop_control_ioctl+0x13e/0x630
[  869.246909][T15487]  ? __pfx_loop_control_ioctl+0x10/0x10
[  869.246966][T15487]  ? __pfx_loop_control_ioctl+0x10/0x10
[  869.247018][T15487]  __x64_sys_ioctl+0x18e/0x210
[  869.247069][T15487]  do_syscall_64+0xcd/0x490
[  869.247107][T15487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.247142][T15487] RIP: 0033:0x7fe69dd8e9a9
[  869.247169][T15487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  869.247204][T15487] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  869.247236][T15487] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  869.247259][T15487] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009
[  869.247281][T15487] RBP: 00007fe69de10d69 R08: 0000000000000000 R09: 0000000000000000
[  869.247302][T15487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  869.247323][T15487] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  869.247365][T15487]  </TASK>
[  874.829408][T15536] FAULT_INJECTION: forcing a failure.
[  874.829408][T15536] name failslab, interval 1, probability 0, space 0, times 0
[  874.875382][T15536] CPU: 1 UID: 0 PID: 15536 Comm: syz.4.2259 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  874.875425][T15536] Tainted: [U]=USER
[  874.875434][T15536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  874.875449][T15536] Call Trace:
[  874.875458][T15536]  <TASK>
[  874.875467][T15536]  dump_stack_lvl+0x16c/0x1f0
[  874.875496][T15536]  should_fail_ex+0x512/0x640
[  874.875521][T15536]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  874.875548][T15536]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  874.875580][T15536]  should_failslab+0xc2/0x120
[  874.875608][T15536]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  874.875633][T15536]  ? mempool_init_node+0x320/0x760
[  874.875667][T15536]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  874.875698][T15536]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  874.875729][T15536]  mempool_init_node+0x320/0x760
[  874.875768][T15536]  ? __pfx_mempool_alloc_slab+0x10/0x10
[  874.875798][T15536]  ? __pfx_mempool_free_slab+0x10/0x10
[  874.875829][T15536]  mempool_init_noprof+0x3a/0x50
[  874.875865][T15536]  bioset_init+0x37a/0x880
[  874.875896][T15536]  ? __pfx_bioset_init+0x10/0x10
[  874.875937][T15536]  __alloc_disk_node+0x83/0x630
[  874.875965][T15536]  __blk_mq_alloc_disk+0x89/0x120
[  874.875991][T15536]  loop_add+0x49e/0xb70
[  874.876024][T15536]  ? do_vfs_ioctl+0x523/0x1a60
[  874.876057][T15536]  ? __pfx_loop_add+0x10/0x10
[  874.876089][T15536]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  874.876141][T15536]  ? find_held_lock+0x2b/0x80
[  874.876171][T15536]  loop_control_ioctl+0x13e/0x630
[  874.876216][T15536]  ? __pfx_loop_control_ioctl+0x10/0x10
[  874.876255][T15536]  ? __pfx_loop_control_ioctl+0x10/0x10
[  874.876292][T15536]  __x64_sys_ioctl+0x18e/0x210
[  874.876328][T15536]  do_syscall_64+0xcd/0x490
[  874.876356][T15536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  874.876380][T15536] RIP: 0033:0x7f2d1298e9a9
[  874.876398][T15536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  874.876422][T15536] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  874.876444][T15536] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  874.876460][T15536] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009
[  874.876475][T15536] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[  874.876489][T15536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  874.876502][T15536] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  874.876531][T15536]  </TASK>
[  878.903614][T13954] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  878.915175][T13954] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  878.924347][T13954] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  878.987208][T13954] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  878.997005][T13954] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  880.347858][T15595] __vm_enough_memory: pid: 15595, comm: syz.2.2270, bytes: 4398046511104 not enough memory for the allocation
[  880.355104][T15593] FAULT_INJECTION: forcing a failure.
[  880.355104][T15593] name failslab, interval 1, probability 0, space 0, times 0
[  880.373428][T15593] CPU: 0 UID: 0 PID: 15593 Comm: syz.1.2269 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  880.373485][T15593] Tainted: [U]=USER
[  880.373497][T15593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  880.373518][T15593] Call Trace:
[  880.373529][T15593]  <TASK>
[  880.373542][T15593]  dump_stack_lvl+0x16c/0x1f0
[  880.373584][T15593]  should_fail_ex+0x512/0x640
[  880.373620][T15593]  ? __kvmalloc_node_noprof+0x124/0x620
[  880.373681][T15593]  should_failslab+0xc2/0x120
[  880.373732][T15593]  __kvmalloc_node_noprof+0x137/0x620
[  880.373791][T15593]  ? sbitmap_init_node+0x1ca/0x770
[  880.373844][T15593]  ? sbitmap_init_node+0x1ca/0x770
[  880.373888][T15593]  sbitmap_init_node+0x1ca/0x770
[  880.373942][T15593]  sbitmap_queue_init_node+0x41/0x560
[  880.373997][T15593]  blk_mq_init_tags+0x12d/0x2b0
[  880.374040][T15593]  blk_mq_alloc_map_and_rqs+0x237/0xf60
[  880.374102][T15593]  ? blk_mq_map_queues+0x211/0x410
[  880.374158][T15593]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  880.374198][T15593]  blk_mq_alloc_tag_set+0x778/0x1260
[  880.374247][T15593]  loop_add+0x3b9/0xb70
[  880.374295][T15593]  ? do_vfs_ioctl+0x523/0x1a60
[  880.374343][T15593]  ? __pfx_loop_add+0x10/0x10
[  880.374388][T15593]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  880.374465][T15593]  ? find_held_lock+0x2b/0x80
[  880.374508][T15593]  loop_control_ioctl+0x13e/0x630
[  880.374560][T15593]  ? __pfx_loop_control_ioctl+0x10/0x10
[  880.374617][T15593]  ? __pfx_loop_control_ioctl+0x10/0x10
[  880.374686][T15593]  __x64_sys_ioctl+0x18e/0x210
[  880.374746][T15593]  do_syscall_64+0xcd/0x490
[  880.374787][T15593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.374824][T15593] RIP: 0033:0x7f681898e9a9
[  880.374852][T15593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  880.374888][T15593] RSP: 002b:00007f68197cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  880.374922][T15593] RAX: ffffffffffffffda RBX: 00007f6818bb5fa0 RCX: 00007f681898e9a9
[  880.374946][T15593] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009
[  880.374968][T15593] RBP: 00007f6818a10d69 R08: 0000000000000000 R09: 0000000000000000
[  880.374990][T15593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  880.375012][T15593] R13: 0000000000000000 R14: 00007f6818bb5fa0 R15: 00007fff2d05c238
[  880.375058][T15593]  </TASK>
[  880.375249][T15593] blk-mq: reduced tag depth (128 -> 64)
[  880.735343][T15577] chnl_net:caif_netlink_parms(): no params data found
[  880.879664][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  880.886129][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  881.041790][T13954] Bluetooth: hci4: command tx timeout
[  881.337672][T15577] bridge0: port 1(bridge_slave_0) entered blocking state
[  881.382085][T15577] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.428734][T15577] bridge_slave_0: entered allmulticast mode
[  881.444370][T15577] bridge_slave_0: entered promiscuous mode
[  881.470038][T15577] bridge0: port 2(bridge_slave_1) entered blocking state
[  881.526766][T15577] bridge0: port 2(bridge_slave_1) entered disabled state
[  881.537400][T15577] bridge_slave_1: entered allmulticast mode
[  881.545126][T15577] bridge_slave_1: entered promiscuous mode
[  881.656722][T15577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  881.733542][T15577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  882.029725][T15577] team0: Port device team_slave_0 added
[  882.113031][T15577] team0: Port device team_slave_1 added
[  882.249114][T15577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  882.278838][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.339350][T15577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  882.380557][T15577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  882.389160][T15577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  882.428341][T15577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  882.988696][T15577] hsr_slave_0: entered promiscuous mode
[  883.004515][T15577] hsr_slave_1: entered promiscuous mode
[  883.020241][T15577] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  883.030595][T15577] Cannot create hsr debugfs directory
[  883.134405][T13954] Bluetooth: hci4: command tx timeout
[  884.446536][T15577] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  884.523090][T15577] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  884.650100][T15577] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  884.698375][T15577] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  884.868769][T15649] FAULT_INJECTION: forcing a failure.
[  884.868769][T15649] name failslab, interval 1, probability 0, space 0, times 0
[  884.917578][T15649] CPU: 0 UID: 0 PID: 15649 Comm: syz.4.2280 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  884.917639][T15649] Tainted: [U]=USER
[  884.917651][T15649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  884.917671][T15649] Call Trace:
[  884.917682][T15649]  <TASK>
[  884.917695][T15649]  dump_stack_lvl+0x16c/0x1f0
[  884.917737][T15649]  should_fail_ex+0x512/0x640
[  884.917772][T15649]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  884.917831][T15649]  should_failslab+0xc2/0x120
[  884.917870][T15649]  __kmalloc_cache_noprof+0x6a/0x3e0
[  884.917922][T15649]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  884.917974][T15649]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  884.918023][T15649]  devlink_fmsg_arr_pair_nest_end+0xb4/0x180
[  884.918095][T15649]  nsim_dev_dummy_fmsg_put+0x110/0x1e0
[  884.918148][T15649]  devlink_health_do_dump+0x240/0x620
[  884.918203][T15649]  devlink_health_report+0x3c9/0x9c0
[  884.918273][T15649]  ? __pfx_devlink_health_report+0x10/0x10
[  884.918326][T15649]  ? _copy_from_user+0x59/0xd0
[  884.918371][T15649]  nsim_dev_health_break_write+0x166/0x210
[  884.918422][T15649]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  884.918485][T15649]  full_proxy_write+0x13c/0x200
[  884.918532][T15649]  ? __pfx_full_proxy_write+0x10/0x10
[  884.918574][T15649]  vfs_write+0x29d/0x1150
[  884.918615][T15649]  ? __pfx___mutex_lock+0x10/0x10
[  884.918651][T15649]  ? __pfx_vfs_write+0x10/0x10
[  884.918697][T15649]  ? __fget_files+0x20e/0x3c0
[  884.918765][T15649]  ksys_write+0x12a/0x250
[  884.918797][T15649]  ? __pfx_ksys_write+0x10/0x10
[  884.918865][T15649]  do_syscall_64+0xcd/0x490
[  884.918907][T15649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.918944][T15649] RIP: 0033:0x7f2d1298e9a9
[  884.918974][T15649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  884.919009][T15649] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  884.919043][T15649] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  884.919073][T15649] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  884.919094][T15649] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[  884.919115][T15649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  884.919136][T15649] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  884.919183][T15649]  </TASK>
[  885.073790][T15657] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2281'.
[  885.159483][T15577] 8021q: adding VLAN 0 to HW filter on device bond0
[  885.204639][T13954] Bluetooth: hci4: command tx timeout
[  885.214483][T15577] 8021q: adding VLAN 0 to HW filter on device team0
[  885.228482][ T3004] bridge0: port 1(bridge_slave_0) entered blocking state
[  885.235925][ T3004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  885.259702][T15658] FAULT_INJECTION: forcing a failure.
[  885.259702][T15658] name failslab, interval 1, probability 0, space 0, times 0
[  885.305161][T15658] CPU: 0 UID: 0 PID: 15658 Comm: syz.2.2281 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  885.305233][T15658] Tainted: [U]=USER
[  885.305243][T15658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  885.305264][T15658] Call Trace:
[  885.305275][T15658]  <TASK>
[  885.305288][T15658]  dump_stack_lvl+0x16c/0x1f0
[  885.305327][T15658]  should_fail_ex+0x512/0x640
[  885.305374][T15658]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  885.305414][T15658]  should_failslab+0xc2/0x120
[  885.305454][T15658]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  885.305489][T15658]  ? __alloc_skb+0x2b2/0x380
[  885.305529][T15658]  __alloc_skb+0x2b2/0x380
[  885.305561][T15658]  ? __pfx___alloc_skb+0x10/0x10
[  885.305598][T15658]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  885.305647][T15658]  netlink_alloc_large_skb+0x69/0x130
[  885.305691][T15658]  netlink_sendmsg+0x6a1/0xdd0
[  885.305740][T15658]  ? __pfx_netlink_sendmsg+0x10/0x10
[  885.305799][T15658]  ____sys_sendmsg+0xa95/0xc70
[  885.305846][T15658]  ? copy_msghdr_from_user+0x10a/0x160
[  885.305882][T15658]  ? __pfx_____sys_sendmsg+0x10/0x10
[  885.305936][T15658]  ? __pfx__kstrtoull+0x10/0x10
[  885.305991][T15658]  ___sys_sendmsg+0x134/0x1d0
[  885.306029][T15658]  ? __pfx____sys_sendmsg+0x10/0x10
[  885.306085][T15658]  ? find_held_lock+0x2b/0x80
[  885.306147][T15658]  __sys_sendmmsg+0x200/0x420
[  885.306188][T15658]  ? __pfx___sys_sendmmsg+0x10/0x10
[  885.306246][T15658]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  885.306301][T15658]  ? fput+0x70/0xf0
[  885.306339][T15658]  ? ksys_write+0x1ac/0x250
[  885.306370][T15658]  ? __pfx_ksys_write+0x10/0x10
[  885.306410][T15658]  __x64_sys_sendmmsg+0x9c/0x100
[  885.306445][T15658]  ? lockdep_hardirqs_on+0x7c/0x110
[  885.306477][T15658]  do_syscall_64+0xcd/0x490
[  885.306515][T15658]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.306549][T15658] RIP: 0033:0x7fe69dd8e9a9
[  885.306574][T15658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  885.306606][T15658] RSP: 002b:00007fe69ec7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  885.306635][T15658] RAX: ffffffffffffffda RBX: 00007fe69dfb6080 RCX: 00007fe69dd8e9a9
[  885.306655][T15658] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  885.306675][T15658] RBP: 00007fe69ec7e090 R08: 0000000000000000 R09: 0000000000000000
[  885.306694][T15658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  885.306713][T15658] R13: 0000000000000000 R14: 00007fe69dfb6080 R15: 00007ffea2d094d8
[  885.306754][T15658]  </TASK>
[  885.585948][ T6988] bridge0: port 2(bridge_slave_1) entered blocking state
[  885.593316][ T6988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.273920][T13954] Bluetooth: hci4: command tx timeout
[  888.407620][T15577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  889.630787][T15709] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2289'.
[  890.467097][T15577] veth0_vlan: entered promiscuous mode
[  890.536870][T15718] FAULT_INJECTION: forcing a failure.
[  890.536870][T15718] name failslab, interval 1, probability 0, space 0, times 0
[  890.549854][T15718] CPU: 1 UID: 0 PID: 15718 Comm: syz.2.2290 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  890.549893][T15718] Tainted: [U]=USER
[  890.549901][T15718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  890.549915][T15718] Call Trace:
[  890.549923][T15718]  <TASK>
[  890.549931][T15718]  dump_stack_lvl+0x16c/0x1f0
[  890.549960][T15718]  should_fail_ex+0x512/0x640
[  890.549985][T15718]  ? __kmalloc_noprof+0xbf/0x510
[  890.550011][T15718]  ? devlink_fmsg_put_value+0xaa/0x2d0
[  890.550043][T15718]  should_failslab+0xc2/0x120
[  890.550070][T15718]  __kmalloc_noprof+0xd2/0x510
[  890.550101][T15718]  devlink_fmsg_put_value+0xaa/0x2d0
[  890.550136][T15718]  devlink_fmsg_u32_put+0xef/0x150
[  890.550168][T15718]  ? __pfx_devlink_fmsg_u32_put+0x10/0x10
[  890.550203][T15718]  ? devlink_fmsg_arr_pair_nest_start+0xec/0x130
[  890.550239][T15718]  nsim_dev_dummy_fmsg_put+0x131/0x1e0
[  890.550274][T15718]  devlink_health_do_dump+0x240/0x620
[  890.550312][T15718]  devlink_health_report+0x3c9/0x9c0
[  890.550351][T15718]  ? __pfx_devlink_health_report+0x10/0x10
[  890.550385][T15718]  ? _copy_from_user+0x59/0xd0
[  890.550416][T15718]  nsim_dev_health_break_write+0x166/0x210
[  890.550451][T15718]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  890.550505][T15718]  full_proxy_write+0x13c/0x200
[  890.550539][T15718]  ? __pfx_full_proxy_write+0x10/0x10
[  890.550568][T15718]  vfs_write+0x29d/0x1150
[  890.550613][T15718]  ? __pfx___mutex_lock+0x10/0x10
[  890.550638][T15718]  ? __pfx_vfs_write+0x10/0x10
[  890.550669][T15718]  ? __fget_files+0x20e/0x3c0
[  890.550717][T15718]  ksys_write+0x12a/0x250
[  890.550739][T15718]  ? __pfx_ksys_write+0x10/0x10
[  890.550776][T15718]  do_syscall_64+0xcd/0x490
[  890.550804][T15718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.550829][T15718] RIP: 0033:0x7fe69dd8e9a9
[  890.550849][T15718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  890.550873][T15718] RSP: 002b:00007fe69ec9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  890.550895][T15718] RAX: ffffffffffffffda RBX: 00007fe69dfb5fa0 RCX: 00007fe69dd8e9a9
[  890.550911][T15718] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  890.550925][T15718] RBP: 00007fe69de10d69 R08: 0000000000000000 R09: 0000000000000000
[  890.550939][T15718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  890.550954][T15718] R13: 0000000000000000 R14: 00007fe69dfb5fa0 R15: 00007ffea2d094d8
[  890.550984][T15718]  </TASK>
[  890.868636][T15577] veth1_vlan: entered promiscuous mode
[  891.063872][T15721] FAULT_INJECTION: forcing a failure.
[  891.063872][T15721] name failslab, interval 1, probability 0, space 0, times 0
[  891.102801][T15721] CPU: 1 UID: 0 PID: 15721 Comm: syz.4.2291 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  891.102860][T15721] Tainted: [U]=USER
[  891.102871][T15721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  891.102892][T15721] Call Trace:
[  891.102904][T15721]  <TASK>
[  891.102917][T15721]  dump_stack_lvl+0x16c/0x1f0
[  891.102959][T15721]  should_fail_ex+0x512/0x640
[  891.102992][T15721]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  891.103032][T15721]  should_failslab+0xc2/0x120
[  891.103074][T15721]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  891.103108][T15721]  ? lockdep_init_map_type+0x5c/0x280
[  891.103155][T15721]  ? seq_open+0x55/0x170
[  891.103201][T15721]  seq_open+0x55/0x170
[  891.103243][T15721]  kernfs_fop_open+0x59f/0xda0
[  891.103290][T15721]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  891.103353][T15721]  do_dentry_open+0x744/0x1c10
[  891.103390][T15721]  ? __pfx_kernfs_fop_open+0x10/0x10
[  891.103442][T15721]  vfs_open+0x82/0x3f0
[  891.103511][T15721]  path_openat+0x1de4/0x2cb0
[  891.103561][T15721]  ? __pfx_path_openat+0x10/0x10
[  891.103598][T15721]  ? __lock_acquire+0xb8a/0x1c90
[  891.103651][T15721]  do_filp_open+0x20b/0x470
[  891.103685][T15721]  ? __pfx_do_filp_open+0x10/0x10
[  891.103751][T15721]  ? alloc_fd+0x471/0x7d0
[  891.103815][T15721]  do_sys_openat2+0x11b/0x1d0
[  891.103862][T15721]  ? __pfx_do_sys_openat2+0x10/0x10
[  891.103926][T15721]  __x64_sys_openat+0x174/0x210
[  891.103974][T15721]  ? __pfx___x64_sys_openat+0x10/0x10
[  891.104040][T15721]  do_syscall_64+0xcd/0x490
[  891.104078][T15721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.104114][T15721] RIP: 0033:0x7f2d1298e9a9
[  891.104141][T15721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.104177][T15721] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  891.104210][T15721] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  891.104232][T15721] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  891.104255][T15721] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[  891.104277][T15721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  891.104298][T15721] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  891.104342][T15721]  </TASK>
[  891.382750][T15577] veth0_macvtap: entered promiscuous mode
[  891.395241][T15577] veth1_macvtap: entered promiscuous mode
[  891.435471][T15577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  891.760635][T15577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  891.779507][T15577] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  891.789241][T15577] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  891.802724][T15577] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  891.811757][T15577] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  892.396308][T15220] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  892.410884][T15220] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  892.615413][T15223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  892.675523][T15223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  895.347562][T11082] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  895.372023][T11082] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  895.381092][T11082] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  895.395797][T11082] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  895.405381][T11082] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  897.330285][T15208] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  897.513469][T11082] Bluetooth: hci5: command tx timeout
[  897.809216][T15208] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  898.147317][T15208] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  898.506110][T15208] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  899.494774][T15208] bridge_slave_1: left allmulticast mode
[  899.500544][T15208] bridge_slave_1: left promiscuous mode
[  899.533849][T15799] FAULT_INJECTION: forcing a failure.
[  899.533849][T15799] name failslab, interval 1, probability 0, space 0, times 0
[  899.573108][T15208] bridge0: port 2(bridge_slave_1) entered disabled state
[  899.582864][T15799] CPU: 0 UID: 0 PID: 15799 Comm: syz.4.2306 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  899.582907][T15799] Tainted: [U]=USER
[  899.582915][T15799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  899.582929][T15799] Call Trace:
[  899.582937][T15799]  <TASK>
[  899.582946][T15799]  dump_stack_lvl+0x16c/0x1f0
[  899.582984][T15799]  should_fail_ex+0x512/0x640
[  899.583009][T15799]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  899.583051][T15799]  should_failslab+0xc2/0x120
[  899.583089][T15799]  __kmalloc_cache_noprof+0x6a/0x3e0
[  899.583143][T15799]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  899.583194][T15799]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  899.583230][T15799]  devlink_fmsg_string_pair_put+0x15b/0x1b0
[  899.583267][T15799]  nsim_dev_dummy_fmsg_put+0x77/0x1e0
[  899.583304][T15799]  devlink_health_do_dump+0x240/0x620
[  899.583345][T15799]  devlink_health_report+0x3c9/0x9c0
[  899.583384][T15799]  ? __pfx_devlink_health_report+0x10/0x10
[  899.583419][T15799]  ? _copy_from_user+0x59/0xd0
[  899.583450][T15799]  nsim_dev_health_break_write+0x166/0x210
[  899.583485][T15799]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  899.583529][T15799]  full_proxy_write+0x13c/0x200
[  899.583563][T15799]  ? __pfx_full_proxy_write+0x10/0x10
[  899.583591][T15799]  vfs_write+0x29d/0x1150
[  899.583621][T15799]  ? __pfx___mutex_lock+0x10/0x10
[  899.583658][T15799]  ? __pfx_vfs_write+0x10/0x10
[  899.583698][T15799]  ? __fget_files+0x20e/0x3c0
[  899.583748][T15799]  ksys_write+0x12a/0x250
[  899.583771][T15799]  ? __pfx_ksys_write+0x10/0x10
[  899.583803][T15799]  do_syscall_64+0xcd/0x490
[  899.583830][T15799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  899.583855][T15799] RIP: 0033:0x7f2d1298e9a9
[  899.583874][T15799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  899.583898][T15799] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  899.583920][T15799] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[  899.583936][T15799] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  899.583951][T15799] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[  899.583973][T15799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  899.583987][T15799] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[  899.584018][T15799]  </TASK>
[  899.592477][T11082] Bluetooth: hci5: command tx timeout
[  899.943958][T15208] bridge_slave_0: left allmulticast mode
[  899.949674][T15208] bridge_slave_0: left promiscuous mode
[  899.966646][T15208] bridge0: port 1(bridge_slave_0) entered disabled state
[  901.913713][T11082] Bluetooth: hci5: command tx timeout
[  903.078305][T15208] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  903.194672][T15208] bond_slave_0: left allmulticast mode
[  903.231852][T15208] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  903.291017][T15208] bond_slave_1: left allmulticast mode
[  903.307947][T15208] bond0 (unregistering): Released all slaves
[  903.476468][T15768] chnl_net:caif_netlink_parms(): no params data found
[  903.687564][T15845] syz_tun: tun_chr_ioctl cmd 1074025673
[  903.992877][T11082] Bluetooth: hci5: command tx timeout
[  904.870909][T15870] FAULT_INJECTION: forcing a failure.
[  904.870909][T15870] name failslab, interval 1, probability 0, space 0, times 0
[  904.926675][T15870] CPU: 1 UID: 0 PID: 15870 Comm: syz.5.2316 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  904.926737][T15870] Tainted: [U]=USER
[  904.926749][T15870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  904.926769][T15870] Call Trace:
[  904.926779][T15870]  <TASK>
[  904.926792][T15870]  dump_stack_lvl+0x16c/0x1f0
[  904.926835][T15870]  should_fail_ex+0x512/0x640
[  904.926871][T15870]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  904.926930][T15870]  should_failslab+0xc2/0x120
[  904.926972][T15870]  __kmalloc_cache_noprof+0x6a/0x3e0
[  904.927027][T15870]  ? devlink_fmsg_u8_pair_put+0x225/0x2f0
[  904.927073][T15870]  ? devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  904.927125][T15870]  devlink_fmsg_nest_common.part.0+0x48/0x1e0
[  904.927174][T15870]  devlink_fmsg_obj_nest_end+0xa2/0xc0
[  904.927220][T15870]  nsim_dev_dummy_fmsg_put+0x100/0x1e0
[  904.927271][T15870]  devlink_health_do_dump+0x240/0x620
[  904.927327][T15870]  devlink_health_report+0x3c9/0x9c0
[  904.927394][T15870]  ? __pfx_devlink_health_report+0x10/0x10
[  904.927445][T15870]  ? _copy_from_user+0x59/0xd0
[  904.927491][T15870]  nsim_dev_health_break_write+0x166/0x210
[  904.927541][T15870]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  904.927605][T15870]  full_proxy_write+0x13c/0x200
[  904.927652][T15870]  ? __pfx_full_proxy_write+0x10/0x10
[  904.927693][T15870]  vfs_write+0x29d/0x1150
[  904.927734][T15870]  ? __pfx___mutex_lock+0x10/0x10
[  904.927769][T15870]  ? __pfx_vfs_write+0x10/0x10
[  904.927813][T15870]  ? __fget_files+0x20e/0x3c0
[  904.927879][T15870]  ksys_write+0x12a/0x250
[  904.927912][T15870]  ? __pfx_ksys_write+0x10/0x10
[  904.927958][T15870]  do_syscall_64+0xcd/0x490
[  904.927998][T15870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  904.928033][T15870] RIP: 0033:0x7f6e9558e9a9
[  904.928061][T15870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  904.928094][T15870] RSP: 002b:00007f6e96340038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  904.928127][T15870] RAX: ffffffffffffffda RBX: 00007f6e957b5fa0 RCX: 00007f6e9558e9a9
[  904.928150][T15870] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  904.928171][T15870] RBP: 00007f6e95610d69 R08: 0000000000000000 R09: 0000000000000000
[  904.928193][T15870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  904.928214][T15870] R13: 0000000000000000 R14: 00007f6e957b5fa0 R15: 00007ffca6accc38
[  904.928258][T15870]  </TASK>
[  905.487637][T15768] bridge0: port 1(bridge_slave_0) entered blocking state
[  905.498980][T15768] bridge0: port 1(bridge_slave_0) entered disabled state
[  905.543093][T15768] bridge_slave_0: entered allmulticast mode
[  905.551282][T15768] bridge_slave_0: entered promiscuous mode
[  905.576335][T15768] bridge0: port 2(bridge_slave_1) entered blocking state
[  905.633339][T15768] bridge0: port 2(bridge_slave_1) entered disabled state
[  905.640712][T15768] bridge_slave_1: entered allmulticast mode
[  905.694026][T15768] bridge_slave_1: entered promiscuous mode
[  906.068482][T15768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  906.349651][T15768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  907.096283][T15768] team0: Port device team_slave_0 added
[  907.227767][T15208] hsr_slave_1: left promiscuous mode
[  907.228748][T15208] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  907.228805][T15208] batman_adv: batadv0: Removing interface: batadv_slave_0
[  907.238223][T15208] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  907.238266][T15208] batman_adv: batadv0: Removing interface: batadv_slave_1
[  907.350937][T15208] veth1_vlan: left promiscuous mode
[  907.351143][T15208] veth0_vlan: left promiscuous mode
[  909.440500][T15208] team0 (unregistering): Port device team_slave_1 removed
[  909.683179][T15208] team0 (unregistering): Port device team_slave_0 removed
[  911.534908][T15768] team0: Port device team_slave_1 added
[  911.761878][T15768] batman_adv: batadv0: Adding interface: batadv_slave_0
[  911.775842][T15768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  911.897532][T15768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  912.330365][T15768] batman_adv: batadv0: Adding interface: batadv_slave_1
[  912.602760][T15768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  912.680486][T15768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  913.293929][T15768] hsr_slave_0: entered promiscuous mode
[  913.311921][T15768] hsr_slave_1: entered promiscuous mode
[  913.341332][T15768] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  913.378223][T15768] Cannot create hsr debugfs directory
[  913.623569][T15952] FAULT_INJECTION: forcing a failure.
[  913.623569][T15952] name failslab, interval 1, probability 0, space 0, times 0
[  913.659274][T15952] CPU: 0 UID: 0 PID: 15952 Comm: syz.5.2329 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  913.659332][T15952] Tainted: [U]=USER
[  913.659343][T15952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  913.659363][T15952] Call Trace:
[  913.659374][T15952]  <TASK>
[  913.659387][T15952]  dump_stack_lvl+0x16c/0x1f0
[  913.659428][T15952]  should_fail_ex+0x512/0x640
[  913.659462][T15952]  ? __kmalloc_noprof+0xbf/0x510
[  913.659499][T15952]  ? devlink_fmsg_put_name+0xf0/0x3f0
[  913.659550][T15952]  should_failslab+0xc2/0x120
[  913.659592][T15952]  __kmalloc_noprof+0xd2/0x510
[  913.659636][T15952]  devlink_fmsg_put_name+0xf0/0x3f0
[  913.659685][T15952]  devlink_fmsg_string_pair_put+0xb6/0x1b0
[  913.659736][T15952]  nsim_dev_dummy_fmsg_put+0x77/0x1e0
[  913.659786][T15952]  devlink_health_do_dump+0x240/0x620
[  913.659841][T15952]  devlink_health_report+0x3c9/0x9c0
[  913.659898][T15952]  ? __pfx_devlink_health_report+0x10/0x10
[  913.659949][T15952]  ? _copy_from_user+0x59/0xd0
[  913.659993][T15952]  nsim_dev_health_break_write+0x166/0x210
[  913.660043][T15952]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  913.660107][T15952]  full_proxy_write+0x13c/0x200
[  913.660153][T15952]  ? __pfx_full_proxy_write+0x10/0x10
[  913.660195][T15952]  vfs_write+0x29d/0x1150
[  913.660235][T15952]  ? __pfx___mutex_lock+0x10/0x10
[  913.660271][T15952]  ? __pfx_vfs_write+0x10/0x10
[  913.660316][T15952]  ? __fget_files+0x20e/0x3c0
[  913.660385][T15952]  ksys_write+0x12a/0x250
[  913.660417][T15952]  ? __pfx_ksys_write+0x10/0x10
[  913.660463][T15952]  do_syscall_64+0xcd/0x490
[  913.660503][T15952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.660545][T15952] RIP: 0033:0x7f6e9558e9a9
[  913.660573][T15952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  913.660607][T15952] RSP: 002b:00007f6e96340038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  913.660640][T15952] RAX: ffffffffffffffda RBX: 00007f6e957b5fa0 RCX: 00007f6e9558e9a9
[  913.660663][T15952] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[  913.660684][T15952] RBP: 00007f6e95610d69 R08: 0000000000000000 R09: 0000000000000000
[  913.660705][T15952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  913.660725][T15952] R13: 0000000000000000 R14: 00007f6e957b5fa0 R15: 00007ffca6accc38
[  913.660769][T15952]  </TASK>
[  915.940604][T15989] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2334'.
[  916.485045][T15989] hsr_slave_0 (unregistering): left promiscuous mode
[  925.639481][T15223] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.798517][T15223] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  925.953290][T15223] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  926.275578][T15223] bridge_slave_1: left allmulticast mode
[  926.281355][T15223] bridge_slave_1: left promiscuous mode
[  926.288579][T15223] bridge0: port 2(bridge_slave_1) entered disabled state
[  926.298539][T15223] bridge_slave_0: left allmulticast mode
[  926.305887][T15223] bridge_slave_0: left promiscuous mode
[  926.311838][T15223] bridge0: port 1(bridge_slave_0) entered disabled state
[  926.485907][T15223] ip_vti0 (unregistering): left allmulticast mode
[  926.733228][T15223]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  926.747534][T15223]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  926.758569][T15223]  (unregistering): Released all slaves
[  927.055356][T15223] hsr_slave_1: left promiscuous mode
[  927.061657][T15223] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  927.075957][T15223] batman_adv: batadv0: Removing interface: batadv_slave_0
[  927.090090][T15223] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  927.098018][T15223] batman_adv: batadv0: Removing interface: batadv_slave_1
[  927.136071][T15223] veth1_macvtap: left promiscuous mode
[  927.141751][T15223] veth0_macvtap: left promiscuous mode
[  927.156463][T15223] veth1_vlan: left promiscuous mode
[  927.161922][T15223] veth0_vlan: left promiscuous mode
[  927.769470][T15223] team0 (unregistering): Port device team_slave_1 removed
[  927.819927][T15223] team0 (unregistering): Port device team_slave_0 removed
[  933.098802][T13954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  933.108841][T13954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  933.118912][T13954] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  933.127358][T13954] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  933.137133][T13954] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  933.809733][T16231] chnl_net:caif_netlink_parms(): no params data found
[  933.884815][T11082] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  933.896393][T11082] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  933.905817][T11082] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  933.917387][T11082] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  933.925493][T11082] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  934.169372][T16231] bridge0: port 1(bridge_slave_0) entered blocking state
[  934.176966][T16231] bridge0: port 1(bridge_slave_0) entered disabled state
[  934.184611][T16231] bridge_slave_0: entered allmulticast mode
[  934.193205][T16231] bridge_slave_0: entered promiscuous mode
[  934.222113][T16231] bridge0: port 2(bridge_slave_1) entered blocking state
[  934.230046][T16231] bridge0: port 2(bridge_slave_1) entered disabled state
[  934.238193][T16231] bridge_slave_1: entered allmulticast mode
[  934.246776][T16231] bridge_slave_1: entered promiscuous mode
[  934.393572][T16231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  934.503831][T16231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  934.697957][T16231] team0: Port device team_slave_0 added
[  934.749486][T16231] team0: Port device team_slave_1 added
[  934.825704][T16231] batman_adv: batadv0: Adding interface: batadv_slave_0
[  934.842527][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  934.897981][T16231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  934.934731][T16231] batman_adv: batadv0: Adding interface: batadv_slave_1
[  934.954740][T16231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  935.002475][T16231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  935.029656][T16241] chnl_net:caif_netlink_parms(): no params data found
[  935.192549][T11082] Bluetooth: hci0: command tx timeout
[  935.236933][T16231] hsr_slave_0: entered promiscuous mode
[  935.256552][T16231] hsr_slave_1: entered promiscuous mode
[  935.274832][T16231] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  935.292485][T16231] Cannot create hsr debugfs directory
[  935.457808][T16241] bridge0: port 1(bridge_slave_0) entered blocking state
[  935.471863][T16241] bridge0: port 1(bridge_slave_0) entered disabled state
[  935.491564][T16241] bridge_slave_0: entered allmulticast mode
[  935.505434][T16241] bridge_slave_0: entered promiscuous mode
[  935.549714][T16241] bridge0: port 2(bridge_slave_1) entered blocking state
[  935.559024][T16241] bridge0: port 2(bridge_slave_1) entered disabled state
[  935.566905][T16241] bridge_slave_1: entered allmulticast mode
[  935.589010][T16241] bridge_slave_1: entered promiscuous mode
[  935.694859][T16241] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  935.715933][T16241] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  935.830680][T16241] team0: Port device team_slave_0 added
[  935.876931][T16241] team0: Port device team_slave_1 added
[  935.992817][T11082] Bluetooth: hci3: command tx timeout
[  936.187180][T16241] batman_adv: batadv0: Adding interface: batadv_slave_0
[  936.195974][T16241] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  936.243544][T16241] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  936.280343][T16241] batman_adv: batadv0: Adding interface: batadv_slave_1
[  936.296594][T16241] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  936.323381][T16241] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  936.620752][T16241] hsr_slave_0: entered promiscuous mode
[  936.627988][T16241] hsr_slave_1: entered promiscuous mode
[  936.644229][T16241] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  936.655250][T16241] Cannot create hsr debugfs directory
[  937.016044][T16273] FAULT_INJECTION: forcing a failure.
[  937.016044][T16273] name failslab, interval 1, probability 0, space 0, times 0
[  937.029174][T16273] CPU: 1 UID: 0 PID: 16273 Comm: syz.1.2346 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[  937.029214][T16273] Tainted: [U]=USER
[  937.029221][T16273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  937.029237][T16273] Call Trace:
[  937.029245][T16273]  <TASK>
[  937.029253][T16273]  dump_stack_lvl+0x16c/0x1f0
[  937.029283][T16273]  should_fail_ex+0x512/0x640
[  937.029307][T16273]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  937.029336][T16273]  should_failslab+0xc2/0x120
[  937.029365][T16273]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  937.029390][T16273]  ? acpi_ut_create_thread_state+0x63/0x170
[  937.029435][T16273]  acpi_ut_create_thread_state+0x63/0x170
[  937.029476][T16273]  acpi_ps_parse_aml+0x79/0xcb0
[  937.029506][T16273]  acpi_ps_execute_method+0x55a/0xb30
[  937.029537][T16273]  ? acpi_ut_acquire_mutex+0x125/0x1d0
[  937.029574][T16273]  acpi_ns_evaluate+0x76c/0xca0
[  937.029606][T16273]  ? kasan_save_track+0x14/0x30
[  937.029632][T16273]  acpi_evaluate_object+0x1fa/0xa90
[  937.029675][T16273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.029702][T16273]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  937.029745][T16273]  ? __mutex_trylock_common+0xe9/0x250
[  937.029784][T16273]  acpi_evaluate_integer+0xdd/0x200
[  937.029829][T16273]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  937.029879][T16273]  ? __pfx_status_show+0x10/0x10
[  937.029903][T16273]  status_show+0xa0/0x120
[  937.029927][T16273]  ? __pfx_status_show+0x10/0x10
[  937.029960][T16273]  dev_attr_show+0x53/0xe0
[  937.029992][T16273]  ? __pfx_dev_attr_show+0x10/0x10
[  937.030020][T16273]  sysfs_kf_seq_show+0x216/0x3e0
[  937.030061][T16273]  seq_read_iter+0x506/0x12c0
[  937.030110][T16273]  kernfs_fop_read_iter+0x40f/0x5a0
[  937.030140][T16273]  ? rw_verify_area+0xcf/0x680
[  937.030179][T16273]  vfs_read+0x8bc/0xc60
[  937.030205][T16273]  ? __pfx___mutex_lock+0x10/0x10
[  937.030229][T16273]  ? __pfx_vfs_read+0x10/0x10
[  937.030271][T16273]  ksys_read+0x12a/0x250
[  937.030293][T16273]  ? __pfx_ksys_read+0x10/0x10
[  937.030324][T16273]  do_syscall_64+0xcd/0x490
[  937.030350][T16273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.030375][T16273] RIP: 0033:0x7f681898e9a9
[  937.030394][T16273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  937.030418][T16273] RSP: 002b:00007f68197cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  937.030440][T16273] RAX: ffffffffffffffda RBX: 00007f6818bb5fa0 RCX: 00007f681898e9a9
[  937.030456][T16273] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004
[  937.030470][T16273] RBP: 00007f6818a10d69 R08: 0000000000000000 R09: 0000000000000000
[  937.030485][T16273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  937.030500][T16273] R13: 0000000000000000 R14: 00007f6818bb5fa0 R15: 00007fff2d05c238
[  937.030531][T16273]  </TASK>
[  937.030605][T16273] ACPI Error: 
[  937.273687][T11082] Bluetooth: hci0: command tx timeout
[  937.282968][T16273] ffff888144edd000 walk still has a scope list (20250404/dswstate-694)
[  938.072477][T11082] Bluetooth: hci3: command tx timeout
[  939.352398][T11082] Bluetooth: hci0: command tx timeout
[  940.152492][T11082] Bluetooth: hci3: command tx timeout
[  941.445496][T11082] Bluetooth: hci0: command tx timeout
[  942.232605][T11082] Bluetooth: hci3: command tx timeout
[  942.337265][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  942.344742][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  954.578435][T13954] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  954.588290][T13954] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  954.598643][T13954] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  954.610996][T13954] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  954.620668][T13954] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  954.838033][T16474] chnl_net:caif_netlink_parms(): no params data found
[  954.937057][T16474] bridge0: port 1(bridge_slave_0) entered blocking state
[  954.944412][T16474] bridge0: port 1(bridge_slave_0) entered disabled state
[  954.951851][T16474] bridge_slave_0: entered allmulticast mode
[  954.960984][T16474] bridge_slave_0: entered promiscuous mode
[  954.969924][T16474] bridge0: port 2(bridge_slave_1) entered blocking state
[  954.978629][T16474] bridge0: port 2(bridge_slave_1) entered disabled state
[  954.986303][T16474] bridge_slave_1: entered allmulticast mode
[  954.994667][T16474] bridge_slave_1: entered promiscuous mode
[  955.041884][T16474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  955.056114][T16474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  955.101159][T16474] team0: Port device team_slave_0 added
[  955.111066][T16474] team0: Port device team_slave_1 added
[  955.151117][T16474] batman_adv: batadv0: Adding interface: batadv_slave_0
[  955.158647][T16474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  955.185470][T16474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  955.198661][T16474] batman_adv: batadv0: Adding interface: batadv_slave_1
[  955.205745][T16474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  955.232842][T16474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  955.289556][T16474] hsr_slave_0: entered promiscuous mode
[  955.296343][T16474] hsr_slave_1: entered promiscuous mode
[  955.302802][T16474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  955.311384][T16474] Cannot create hsr debugfs directory
[  956.712565][T13954] Bluetooth: hci6: command tx timeout
[  958.792496][T13954] Bluetooth: hci6: command tx timeout
[  960.873004][T13954] Bluetooth: hci6: command tx timeout
[  962.952543][T13954] Bluetooth: hci6: command tx timeout
[  963.688002][T11082] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  963.699505][T11082] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  963.709160][T11082] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  963.720119][T11082] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  963.729343][T11082] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  963.999574][T16487] chnl_net:caif_netlink_parms(): no params data found
[  964.100888][T16487] bridge0: port 1(bridge_slave_0) entered blocking state
[  964.109012][T16487] bridge0: port 1(bridge_slave_0) entered disabled state
[  964.116850][T16487] bridge_slave_0: entered allmulticast mode
[  964.125316][T16487] bridge_slave_0: entered promiscuous mode
[  964.134411][T16487] bridge0: port 2(bridge_slave_1) entered blocking state
[  964.141657][T16487] bridge0: port 2(bridge_slave_1) entered disabled state
[  964.150268][T16487] bridge_slave_1: entered allmulticast mode
[  964.158321][T16487] bridge_slave_1: entered promiscuous mode
[  964.199963][T16487] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  964.212554][T16487] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  964.261094][T16487] team0: Port device team_slave_0 added
[  964.270148][T16487] team0: Port device team_slave_1 added
[  964.310581][T16487] batman_adv: batadv0: Adding interface: batadv_slave_0
[  964.317716][T16487] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  964.344531][T16487] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  964.358866][T16487] batman_adv: batadv0: Adding interface: batadv_slave_1
[  964.366004][T16487] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  964.392122][T16487] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  964.461851][T16487] hsr_slave_0: entered promiscuous mode
[  964.469307][T16487] hsr_slave_1: entered promiscuous mode
[  964.477317][T16487] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  964.487470][T16487] Cannot create hsr debugfs directory
[  965.832610][T13954] Bluetooth: hci7: command tx timeout
[  967.913735][T13954] Bluetooth: hci7: command tx timeout
[  969.992839][T13954] Bluetooth: hci7: command tx timeout
[  972.072575][T13954] Bluetooth: hci7: command tx timeout
[  992.673613][T11082] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  992.683789][T11082] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  992.694430][T11082] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  992.705178][T11082] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  992.716223][T11082] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  992.948419][T16506] chnl_net:caif_netlink_parms(): no params data found
[  993.048746][T16506] bridge0: port 1(bridge_slave_0) entered blocking state
[  993.056326][T16506] bridge0: port 1(bridge_slave_0) entered disabled state
[  993.065642][T16506] bridge_slave_0: entered allmulticast mode
[  993.074242][T16506] bridge_slave_0: entered promiscuous mode
[  993.084953][T16506] bridge0: port 2(bridge_slave_1) entered blocking state
[  993.092173][T16506] bridge0: port 2(bridge_slave_1) entered disabled state
[  993.099637][T16506] bridge_slave_1: entered allmulticast mode
[  993.108556][T16506] bridge_slave_1: entered promiscuous mode
[  993.153769][T16506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  993.166356][T16506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  993.216045][T16506] team0: Port device team_slave_0 added
[  993.229262][T16506] team0: Port device team_slave_1 added
[  993.271128][T16506] batman_adv: batadv0: Adding interface: batadv_slave_0
[  993.278464][T16506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  993.305475][T16506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  993.332112][T16506] batman_adv: batadv0: Adding interface: batadv_slave_1
[  993.340471][T16506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  993.372618][T16506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  993.480784][T16506] hsr_slave_0: entered promiscuous mode
[  993.487968][T16506] hsr_slave_1: entered promiscuous mode
[  993.495518][T16506] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  993.504165][T16506] Cannot create hsr debugfs directory
[  993.824093][T13954] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  993.836385][T13954] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  993.846209][T13954] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  993.855964][T13954] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  993.864572][T13954] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  994.110560][T16517] chnl_net:caif_netlink_parms(): no params data found
[  994.212109][T16517] bridge0: port 1(bridge_slave_0) entered blocking state
[  994.219538][T16517] bridge0: port 1(bridge_slave_0) entered disabled state
[  994.228324][T16517] bridge_slave_0: entered allmulticast mode
[  994.237521][T16517] bridge_slave_0: entered promiscuous mode
[  994.246924][T16517] bridge0: port 2(bridge_slave_1) entered blocking state
[  994.255015][T16517] bridge0: port 2(bridge_slave_1) entered disabled state
[  994.262420][T16517] bridge_slave_1: entered allmulticast mode
[  994.269934][T16517] bridge_slave_1: entered promiscuous mode
[  994.311477][T16517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  994.327124][T16517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  994.374236][T16517] team0: Port device team_slave_0 added
[  994.384453][T16517] team0: Port device team_slave_1 added
[  994.423215][T16517] batman_adv: batadv0: Adding interface: batadv_slave_0
[  994.430232][T16517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  994.457667][T16517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  994.471092][T16517] batman_adv: batadv0: Adding interface: batadv_slave_1
[  994.479542][T16517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  994.506161][T16517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  994.570042][T16517] hsr_slave_0: entered promiscuous mode
[  994.578339][T16517] hsr_slave_1: entered promiscuous mode
[  994.584994][T16517] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  994.593647][T16517] Cannot create hsr debugfs directory
[  994.793905][T11082] Bluetooth: hci8: command tx timeout
[  995.912611][T13954] Bluetooth: hci9: command tx timeout
[  996.872562][T13954] Bluetooth: hci8: command tx timeout
[  997.992805][T13954] Bluetooth: hci9: command tx timeout
[  998.952471][T13954] Bluetooth: hci8: command tx timeout
[ 1000.072543][T13954] Bluetooth: hci9: command tx timeout
[ 1001.032427][T13954] Bluetooth: hci8: command tx timeout
[ 1002.152456][T13954] Bluetooth: hci9: command tx timeout
[ 1003.766803][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1003.773247][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1005.832639][T11082] Bluetooth: hci4: command 0x0406 tx timeout
[ 1014.707911][T11082] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1014.719550][T11082] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1014.728672][T11082] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1014.739702][T11082] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1014.747993][T11082] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1015.002098][T16531] chnl_net:caif_netlink_parms(): no params data found
[ 1015.109273][T16531] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1015.118250][T16531] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1015.126326][T16531] bridge_slave_0: entered allmulticast mode
[ 1015.134568][T16531] bridge_slave_0: entered promiscuous mode
[ 1015.144161][T16531] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1015.151384][T16531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1015.159691][T16531] bridge_slave_1: entered allmulticast mode
[ 1015.168082][T16531] bridge_slave_1: entered promiscuous mode
[ 1015.211013][T16531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1015.224041][T16531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1015.277167][T16531] team0: Port device team_slave_0 added
[ 1015.289262][T16531] team0: Port device team_slave_1 added
[ 1015.332966][T16531] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1015.340004][T16531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1015.368066][T16531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1015.383953][T16531] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1015.390982][T16531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1015.418034][T16531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1015.481080][T16531] hsr_slave_0: entered promiscuous mode
[ 1015.488500][T16531] hsr_slave_1: entered promiscuous mode
[ 1015.495597][T16531] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1015.503703][T16531] Cannot create hsr debugfs directory
[ 1016.802745][T13954] Bluetooth: hci10: command tx timeout
[ 1018.872435][T13954] Bluetooth: hci10: command tx timeout
[ 1020.952806][T11082] Bluetooth: hci10: command tx timeout
[ 1021.197877][T11082] Bluetooth: hci5: command 0x0406 tx timeout
[ 1023.032522][T13954] Bluetooth: hci10: command tx timeout
[ 1023.714731][T11082] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1023.726731][T11082] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1023.738291][T11082] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1023.750154][T11082] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1023.763124][T11082] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1024.016758][T16547] chnl_net:caif_netlink_parms(): no params data found
[ 1024.121224][T16547] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1024.129335][T16547] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1024.137229][T16547] bridge_slave_0: entered allmulticast mode
[ 1024.145591][T16547] bridge_slave_0: entered promiscuous mode
[ 1024.155653][T16547] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1024.163362][T16547] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1024.170665][T16547] bridge_slave_1: entered allmulticast mode
[ 1024.178571][T16547] bridge_slave_1: entered promiscuous mode
[ 1024.226867][T16547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1024.254989][T16547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1024.303196][T16547] team0: Port device team_slave_0 added
[ 1024.315859][T16547] team0: Port device team_slave_1 added
[ 1024.358935][T16547] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1024.366312][T16547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1024.393091][T16547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1024.406572][T16547] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1024.414517][T16547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1024.440699][T16547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1024.503618][T16547] hsr_slave_0: entered promiscuous mode
[ 1024.510438][T16547] hsr_slave_1: entered promiscuous mode
[ 1024.517698][T16547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1024.526689][T16547] Cannot create hsr debugfs directory
[ 1025.832472][T13954] Bluetooth: hci11: command tx timeout
[ 1027.912615][T13954] Bluetooth: hci11: command tx timeout
[ 1029.993056][T13954] Bluetooth: hci11: command tx timeout
[ 1032.072496][T13954] Bluetooth: hci11: command tx timeout
[ 1052.735353][T11082] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1052.746225][T11082] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1052.755506][T11082] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1052.765310][T11082] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1052.773486][T11082] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1053.023289][T16562] chnl_net:caif_netlink_parms(): no params data found
[ 1053.136914][T16562] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1053.144635][T16562] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1053.152551][T16562] bridge_slave_0: entered allmulticast mode
[ 1053.160108][T16562] bridge_slave_0: entered promiscuous mode
[ 1053.170270][T16562] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.177699][T16562] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1053.185562][T16562] bridge_slave_1: entered allmulticast mode
[ 1053.193546][T16562] bridge_slave_1: entered promiscuous mode
[ 1053.241851][T16562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1053.258010][T16562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1053.306893][T16562] team0: Port device team_slave_0 added
[ 1053.316547][T16562] team0: Port device team_slave_1 added
[ 1053.363037][T16562] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1053.370084][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1053.396883][T16562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1053.415491][T16562] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1053.422658][T16562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1053.449672][T16562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1053.571859][T16562] hsr_slave_0: entered promiscuous mode
[ 1053.592014][T16562] hsr_slave_1: entered promiscuous mode
[ 1053.603829][T16562] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1053.611487][T16562] Cannot create hsr debugfs directory
[ 1053.919200][T13954] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1053.932684][T13954] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1053.941924][T13954] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1053.960303][T13954] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1053.968610][T13954] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1054.237897][T16572] chnl_net:caif_netlink_parms(): no params data found
[ 1054.354231][T16572] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1054.361846][T16572] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1054.369643][T16572] bridge_slave_0: entered allmulticast mode
[ 1054.378096][T16572] bridge_slave_0: entered promiscuous mode
[ 1054.388702][T16572] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1054.396135][T16572] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1054.406184][T16572] bridge_slave_1: entered allmulticast mode
[ 1054.414968][T16572] bridge_slave_1: entered promiscuous mode
[ 1054.462004][T16572] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1054.477496][T16572] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1054.526329][T16572] team0: Port device team_slave_0 added
[ 1054.537128][T16572] team0: Port device team_slave_1 added
[ 1054.582380][T16572] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1054.589498][T16572] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1054.616569][T16572] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1054.630808][T16572] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1054.639091][T16572] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1054.665676][T16572] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1054.738885][T16572] hsr_slave_0: entered promiscuous mode
[ 1054.746836][T16572] hsr_slave_1: entered promiscuous mode
[ 1054.754335][T16572] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1054.761946][T16572] Cannot create hsr debugfs directory
[ 1054.872825][T11082] Bluetooth: hci12: command tx timeout
[ 1055.992641][T13342] Bluetooth: hci13: command tx timeout
[ 1056.953021][T13342] Bluetooth: hci12: command tx timeout
[ 1057.032907][T13342] Bluetooth: hci3: command 0x0406 tx timeout
[ 1057.043233][T13342] Bluetooth: hci0: command 0x0406 tx timeout
[ 1058.072709][T13954] Bluetooth: hci13: command tx timeout
[ 1059.032482][T13954] Bluetooth: hci12: command tx timeout
[ 1060.152603][T13954] Bluetooth: hci13: command tx timeout
[ 1061.122609][T13954] Bluetooth: hci12: command tx timeout
[ 1062.232813][T13954] Bluetooth: hci13: command tx timeout
[ 1065.198058][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1065.204993][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1067.753234][   T31] INFO: task syz-executor:15768 blocked for more than 143 seconds.
[ 1067.761401][   T31]       Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0
[ 1067.771034][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1067.780918][   T31] task:syz-executor    state:D stack:23392 pid:15768 tgid:15768 ppid:1      task_flags:0x480140 flags:0x00004006
[ 1067.793128][   T31] Call Trace:
[ 1067.796475][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1067.799463][   T31]  __schedule+0x116a/0x5dd0
[ 1067.804192][   T31]  ? __pfx___schedule+0x10/0x10
[ 1067.809335][   T31]  ? find_held_lock+0x2b/0x80
[ 1067.816892][   T31]  ? schedule+0x2d7/0x3a0
[ 1067.821841][   T31]  schedule+0xe7/0x3a0
[ 1067.826124][   T31]  schedule_timeout+0x257/0x290
[ 1067.831051][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1067.836776][   T31]  ? mark_held_locks+0x49/0x80
[ 1067.841642][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1067.847188][   T31]  __wait_for_common+0x2ff/0x4e0
[ 1067.862269][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1067.867812][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1067.882364][   T31]  remove_one+0x312/0x420
[ 1067.886858][   T31]  ? find_next_child+0x18f/0x280
[ 1067.891874][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1067.908423][   T31]  simple_recursive_removal+0x21b/0x690
[ 1067.921745][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1067.932182][   T31]  debugfs_remove+0x5d/0x80
[ 1067.936817][   T31]  nsim_dev_health_exit+0x3b/0xe0
[ 1067.941938][   T31]  nsim_dev_reload_destroy+0x144/0x4d0
[ 1067.959281][   T31]  nsim_drv_remove+0x52/0x1d0
[ 1067.964368][   T31]  ? __pfx_nsim_bus_remove+0x10/0x10
[ 1067.969732][   T31]  device_remove+0xcb/0x170
[ 1067.981403][   T31]  device_release_driver_internal+0x44b/0x620
[ 1067.987712][   T31]  bus_remove_device+0x22f/0x420
[ 1068.002483][   T31]  device_del+0x396/0x9f0
[ 1068.006962][   T31]  ? __pfx_device_del+0x10/0x10
[ 1068.011893][   T31]  device_unregister+0x1d/0xc0
[ 1068.029927][   T31]  del_device_store+0x355/0x4a0
[ 1068.035268][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1068.040731][   T31]  ? find_held_lock+0x2b/0x80
[ 1068.045789][   T31]  ? sysfs_file_kobj+0xe4/0x290
[ 1068.050716][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1068.056277][   T31]  bus_attr_store+0x74/0xb0
[ 1068.061669][   T31]  ? __pfx_bus_attr_store+0x10/0x10
[ 1068.067826][   T31]  sysfs_kf_write+0xf2/0x150
[ 1068.082479][   T31]  kernfs_fop_write_iter+0x354/0x510
[ 1068.087908][   T31]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1068.106503][   T31]  vfs_write+0x6c4/0x1150
[ 1068.110969][   T31]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1068.122518][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1068.127404][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1068.143545][   T31]  ? find_held_lock+0x2b/0x80
[ 1068.149152][   T31]  ksys_write+0x12a/0x250
[ 1068.168642][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1068.181488][   T31]  do_syscall_64+0xcd/0x490
[ 1068.188109][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1068.196409][   T31] RIP: 0033:0x7f4feab8d45f
[ 1068.200935][   T31] RSP: 002b:00007ffc166fc3f0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1068.237788][   T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f4feab8d45f
[ 1068.262609][   T31] RDX: 0000000000000001 RSI: 00007ffc166fc440 RDI: 0000000000000005
[ 1068.273577][   T31] RBP: 00007f4feac11fbd R08: 0000000000000000 R09: 00007ffc166fc247
[ 1068.281642][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1068.290787][   T31] R13: 00007ffc166fc440 R14: 00007f4feb8e4620 R15: 0000000000000003
[ 1068.299280][   T31]  </TASK>
[ 1068.305921][   T31] INFO: task syz.5.2337:16005 blocked for more than 143 seconds.
[ 1068.315006][   T31]       Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0
[ 1068.329626][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1068.338644][   T31] task:syz.5.2337      state:D stack:27384 pid:16005 tgid:16004 ppid:15577  task_flags:0x400140 flags:0x00004004
[ 1068.350895][   T31] Call Trace:
[ 1068.354344][   T31]  <TASK>
[ 1068.357345][   T31]  __schedule+0x116a/0x5dd0
[ 1068.361954][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1068.367760][   T31]  ? __pfx___schedule+0x10/0x10
[ 1068.372862][   T31]  ? find_held_lock+0x2b/0x80
[ 1068.377633][   T31]  ? schedule+0x2d7/0x3a0
[ 1068.382371][   T31]  schedule+0xe7/0x3a0
[ 1068.386541][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1068.394984][   T31]  __mutex_lock+0x6c7/0xb90
[ 1068.399639][   T31]  ? netlink_has_listeners+0x219/0x430
[ 1068.405755][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1068.411346][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1068.417050][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1068.423151][   T31]  devlink_health_report+0x3ba/0x9c0
[ 1068.428575][   T31]  ? __pfx_devlink_health_report+0x10/0x10
[ 1068.435125][   T31]  ? _copy_from_user+0x59/0xd0
[ 1068.439991][   T31]  nsim_dev_health_break_write+0x166/0x210
[ 1068.446663][   T31]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 1068.453251][   T31]  full_proxy_write+0x13c/0x200
[ 1068.458205][   T31]  ? __pfx_full_proxy_write+0x10/0x10
[ 1068.463734][   T31]  vfs_write+0x29d/0x1150
[ 1068.468237][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1068.473536][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1068.478403][   T31]  ? __fget_files+0x20e/0x3c0
[ 1068.483444][   T31]  ksys_write+0x12a/0x250
[ 1068.487886][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1068.493833][   T31]  do_syscall_64+0xcd/0x490
[ 1068.498437][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1068.504545][   T31] RIP: 0033:0x7f6e9558e9a9
[ 1068.509027][   T31] RSP: 002b:00007f6e96340038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1068.517603][   T31] RAX: ffffffffffffffda RBX: 00007f6e957b5fa0 RCX: 00007f6e9558e9a9
[ 1068.525751][   T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009
[ 1068.535014][   T31] RBP: 00007f6e95610d69 R08: 0000000000000000 R09: 0000000000000000
[ 1068.543256][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1068.551300][   T31] R13: 0000000000000000 R14: 00007f6e957b5fa0 R15: 00007ffca6accc38
[ 1068.559655][   T31]  </TASK>
[ 1068.562912][   T31] INFO: task syz.4.2338:16010 blocked for more than 144 seconds.
[ 1068.570733][   T31]       Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0
[ 1068.582405][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1068.595987][   T31] task:syz.4.2338      state:D stack:27384 pid:16010 tgid:16009 ppid:9890   task_flags:0x400140 flags:0x00004004
[ 1068.609180][   T31] Call Trace:
[ 1068.613411][   T31]  <TASK>
[ 1068.616423][   T31]  __schedule+0x116a/0x5dd0
[ 1068.621021][   T31]  ? __pfx___schedule+0x10/0x10
[ 1068.626372][   T31]  ? find_held_lock+0x2b/0x80
[ 1068.631166][   T31]  ? schedule+0x2d7/0x3a0
[ 1068.635735][   T31]  schedule+0xe7/0x3a0
[ 1068.639904][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1068.645609][   T31]  rwsem_down_read_slowpath+0x62f/0xb60
[ 1068.651255][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1068.657547][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1068.663004][   T31]  ? find_held_lock+0x2b/0x80
[ 1068.667774][   T31]  down_read+0xef/0x480
[ 1068.672000][   T31]  ? mnt_get_write_access+0x54/0x300
[ 1068.679132][   T31]  ? __pfx_down_read+0x10/0x10
[ 1068.684364][   T31]  ? mnt_get_write_access+0x20c/0x300
[ 1068.689827][   T31]  path_openat+0x818/0x2cb0
[ 1068.694710][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1068.700072][   T31]  ? __lock_acquire+0xb8a/0x1c90
[ 1068.705548][   T31]  do_filp_open+0x20b/0x470
[ 1068.710127][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1068.715845][   T31]  ? alloc_fd+0x471/0x7d0
[ 1068.720273][   T31]  do_sys_openat2+0x11b/0x1d0
[ 1068.725524][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1068.730844][   T31]  __x64_sys_openat+0x174/0x210
[ 1068.736348][   T31]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1068.741832][   T31]  do_syscall_64+0xcd/0x490
[ 1068.747095][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1068.753447][   T31] RIP: 0033:0x7f2d1298e9a9
[ 1068.757944][   T31] RSP: 002b:00007f2d137f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1068.767061][   T31] RAX: ffffffffffffffda RBX: 00007f2d12bb5fa0 RCX: 00007f2d1298e9a9
[ 1068.775515][   T31] RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1068.783956][   T31] RBP: 00007f2d12a10d69 R08: 0000000000000000 R09: 0000000000000000
[ 1068.792020][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1068.801250][   T31] R13: 0000000000000000 R14: 00007f2d12bb5fa0 R15: 00007ffe306b6298
[ 1068.809474][   T31]  </TASK>
[ 1068.812691][   T31] 
[ 1068.812691][   T31] Showing all locks held in the system:
[ 1068.820465][   T31] 1 lock held by khungtaskd/31:
[ 1068.826762][   T31]  #0: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1068.836910][   T31] 2 locks held by kworker/u9:7/5859:
[ 1068.842308][   T31]  #0: ffff88802657f948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1068.853275][   T31]  #1: ffffc900041ffd10 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1068.864664][   T31] 2 locks held by getty/6350:
[ 1068.869408][   T31]  #0: ffff8880362a20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1068.880192][   T31]  #1: ffffc9000b9fd2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1068.890696][   T31] 7 locks held by syz-executor/15768:
[ 1068.896425][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1068.906421][   T31]  #1: ffff88802275b088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1068.916512][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1068.926787][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1068.937440][   T31]  #4: ffff8880294600e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xa4/0x620
[ 1068.948193][   T31]  #5: ffff888029461250 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1d0
[ 1068.958489][   T31]  #6: ffff888059bfa4f0 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_recursive_removal+0x2c5/0x690
[ 1068.970136][   T31] 3 locks held by syz.5.2337/16005:
[ 1068.975557][   T31]  #0: ffff888061aa5cf8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 1068.984832][   T31]  #1: ffff88801febe428 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1068.994053][   T31]  #2: ffff888029461250 (&devlink->lock_key#4){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0
[ 1069.005259][   T31] 2 locks held by syz.4.2338/16010:
[ 1069.010510][   T31]  #0: ffff88801febe428 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0
[ 1069.019988][   T31]  #1: ffff888059bfa4f0 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0
[ 1069.030523][   T31] 4 locks held by syz-executor/16231:
[ 1069.036578][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.045785][   T31]  #1: ffff88805af77488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.055820][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.066086][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.076645][   T31] 4 locks held by syz-executor/16241:
[ 1069.082142][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.091293][   T31]  #1: ffff888145bd2c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.101278][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.111852][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.122348][   T31] 2 locks held by syz.1.2361/16422:
[ 1069.127600][   T31]  #0: ffff88801febe428 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0
[ 1069.137095][   T31]  #1: ffff888059bfa4f0 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0
[ 1069.147670][   T31] 4 locks held by syz-executor/16474:
[ 1069.153220][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.162763][   T31]  #1: ffff888028d8a888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.173098][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.183953][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.194866][   T31] 4 locks held by syz-executor/16487:
[ 1069.200312][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.210550][   T31]  #1: ffff88804f538c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.220571][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.230844][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.241355][   T31] 4 locks held by syz-executor/16506:
[ 1069.246854][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.257202][   T31]  #1: ffff88814db52888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.267214][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.277705][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.289161][   T31] 4 locks held by syz-executor/16517:
[ 1069.294875][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.304174][   T31]  #1: ffff8880769b8488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.314624][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.324846][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.335467][   T31] 4 locks held by syz-executor/16531:
[ 1069.340885][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.350122][   T31]  #1: ffff88808d461488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.360162][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.370348][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.380898][   T31] 4 locks held by syz-executor/16547:
[ 1069.386407][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.396406][   T31]  #1: ffff888090143c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.406411][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.416861][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.427403][   T31] 4 locks held by syz-executor/16562:
[ 1069.433060][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.442236][   T31]  #1: ffff88808d426488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.452462][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.462849][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.473336][   T31] 4 locks held by syz-executor/16572:
[ 1069.478749][   T31]  #0: ffff888036512428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 1069.488000][   T31]  #1: ffff888097249c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1069.498471][   T31]  #2: ffff888142f424b8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1069.508746][   T31]  #3: ffffffff8f8e7e08 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1069.519903][   T31] 
[ 1069.523101][   T31] =============================================
[ 1069.523101][   T31] 
[ 1069.531598][   T31] NMI backtrace for cpu 0
[ 1069.531626][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[ 1069.531675][   T31] Tainted: [U]=USER
[ 1069.531686][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1069.531706][   T31] Call Trace:
[ 1069.531718][   T31]  <TASK>
[ 1069.531731][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1069.531771][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1069.531819][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1069.531866][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1069.531918][   T31]  watchdog+0xf70/0x12c0
[ 1069.531974][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1069.532021][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1069.532055][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1069.532102][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1069.532147][   T31]  kthread+0x3c5/0x780
[ 1069.532200][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.532253][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1069.532288][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.532349][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1069.532425][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.532475][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1069.532532][   T31]  </TASK>
[ 1069.652271][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1069.657583][    C1] NMI backtrace for cpu 1
[ 1069.657609][    C1] CPU: 1 UID: 0 PID: 3004 Comm: kworker/u8:7 Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[ 1069.657652][    C1] Tainted: [U]=USER
[ 1069.657661][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1069.657681][    C1] Workqueue: bat_events batadv_nc_worker
[ 1069.657729][    C1] RIP: 0010:__this_cpu_preempt_check+0x0/0x20
[ 1069.657763][    C1] Code: c6 60 5e 15 8c 48 c7 c7 a0 5e 15 8c e9 f9 fe ff ff 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 89 fe 48 c7 c7 e0 5e 15 8c e9 cd fe ff ff 66 2e 0f
[ 1069.657791][    C1] RSP: 0018:ffffc9000b7f7ad8 EFLAGS: 00000006
[ 1069.657812][    C1] RAX: 0000000000000000 RBX: ffffffff8e5c4c80 RCX: ffffffff8b4ff788
[ 1069.657830][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8df1cacf
[ 1069.657847][    C1] RBP: 0000000000000084 R08: 0000000000000001 R09: 0000000000000000
[ 1069.657863][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8b4ff485
[ 1069.657881][    C1] R13: 0000000000000206 R14: ffff888030aa0000 R15: dffffc0000000000
[ 1069.657900][    C1] FS:  0000000000000000(0000) GS:ffff88812482d000(0000) knlGS:0000000000000000
[ 1069.657926][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1069.657944][    C1] CR2: 000055800ff00fb0 CR3: 000000000e382000 CR4: 00000000003526f0
[ 1069.657962][    C1] Call Trace:
[ 1069.657972][    C1]  <TASK>
[ 1069.657982][    C1]  lock_release+0x9c/0x2f0
[ 1069.658026][    C1]  batadv_nc_worker+0x89a/0x1030
[ 1069.658070][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1069.658118][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1069.658166][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1069.658198][    C1]  process_one_work+0x9cc/0x1b70
[ 1069.658248][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1069.658290][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1069.658346][    C1]  ? assign_work+0x1a0/0x250
[ 1069.658387][    C1]  worker_thread+0x6c8/0xf10
[ 1069.658437][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1069.658471][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1069.658514][    C1]  kthread+0x3c5/0x780
[ 1069.658554][    C1]  ? __pfx_kthread+0x10/0x10
[ 1069.658595][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1069.658623][    C1]  ? __pfx_kthread+0x10/0x10
[ 1069.658671][    C1]  ret_from_fork+0x5d4/0x6f0
[ 1069.658709][    C1]  ? __pfx_kthread+0x10/0x10
[ 1069.658749][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1069.658789][    C1]  </TASK>
[ 1069.674071][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1069.674113][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.16.0-rc7-syzkaller-00120-g5f33ebd2018c #0 PREEMPT(full) 
[ 1069.674183][   T31] Tainted: [U]=USER
[ 1069.674198][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1069.674226][   T31] Call Trace:
[ 1069.674240][   T31]  <TASK>
[ 1069.674257][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1069.674305][   T31]  panic+0x71c/0x800
[ 1069.674361][   T31]  ? __pfx___irq_work_queue_local+0x10/0x10
[ 1069.674426][   T31]  ? __pfx_panic+0x10/0x10
[ 1069.674482][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1069.674541][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1069.674596][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1069.674649][   T31]  ? watchdog+0xdda/0x12c0
[ 1069.674709][   T31]  ? watchdog+0xdcd/0x12c0
[ 1069.674771][   T31]  watchdog+0xdeb/0x12c0
[ 1069.674957][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1069.675022][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1069.675069][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1069.675124][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1069.675178][   T31]  kthread+0x3c5/0x780
[ 1069.675246][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.675306][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1069.675350][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.675408][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1069.675462][   T31]  ? __pfx_kthread+0x10/0x10
[ 1069.675518][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1069.675583][   T31]  </TASK>
[ 1070.040638][   T31] Kernel Offset: disabled
[ 1070.044982][   T31] Rebooting in 86400 seconds..