last executing test programs:

17.502967035s ago: executing program 0 (id=510):
socket(0xa, 0x3, 0xff)
mmap$auto(0x0, 0x8, 0xdb, 0x209b72, 0x2, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/fail-nth\x00', 0x4000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x5, &(0x7f0000000200)={0x0, 0x100000001}, 0x3, 0x0, 0x7, 0x4004}, 0x7}, 0x4005, 0x4)
socket(0x2c, 0x80000, 0x1400b)
connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, 0x54)
prctl$auto(0x7, 0x1, 0x0, 0x1, 0xdb9c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0xc4e2, 0x0)
write$auto(r1, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x4100, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYBLOB='v\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x7ff}, 0x207, 0x4008)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x20401, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0xfffffffd, 0x0)
r3 = gettid()
kill$auto(r3, 0x11)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)

16.373419845s ago: executing program 0 (id=517):
mmap$auto(0x0, 0xaaf, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000001c0)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptya7\x00', 0x169701, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x100)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x40980, 0x0)
pread64$auto(r2, 0x0, 0x1000f42d, 0x100)
sysfs$auto(0x2, 0x23, 0x0)
r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r3, 0x0, 0x4)

12.821308239s ago: executing program 0 (id=533):
mmap$auto(0xfffffffffffffffd, 0x400005, 0x10000, 0x10000009b73, 0xffffffffffffffff, 0x6)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x6, 0xfffffffffffffffe, 0x5, 0x5)
statmount$auto(0x0, &(0x7f0000000180)={0xb896, 0x1, 0x9, 0x3ffffd, 0x22, 0x940, 0x1ffde, 0x0, 0x4, 0x7, 0xa, 0x6, 0xfffffffffffffffe, 0x8000000000000001, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0xfffff7fe, 0x5, 0x2, 0x1000, 0x5, 0x9, 0x20000000, 0x1, 0x4, 0x0, 0xfffffffe, [0x0, 0x219, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x100000001, 0x400000000, 0x0, 0x4, 0x1, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0xfffffffffffffffe, 0x1, 0x4, 0x0, 0x0, 0x7, 0xffffffffff, 0x1, 0x0, 0x3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x9, 0x5757, 0x80000000000000, 0x1, 0x1, 0x8000000000000, 0x53d, 0x0, 0xb4, 0x2]}, 0x7, 0x281)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0)
ioctl$auto_PPPIOCATTACH(r0, 0x4004743d, &(0x7f0000000340)=0x4)
r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto(r1, &(0x7f0000000380)='\x01\x00\xa2a\xe0a\x1cJ4\x00\xaaN\xc8\xf9\x12\xeb\x00\xab`{U\x04\x88\xa8\x03\x00\x00\x00\x11_\x89\x06\x06\xa7Y}`@\x1b\x00\x00\x00\x00\x00\x00\x00\x00\xd22z\x14z\xbf\xf94\x92mP\xa1[\xa4p\x93\xd4\xe3\xe8Vhpy\xf6\xce\xbb\x8c\xb2\xc1>\xd9Y\x8d\xca\x90\xbcu*\xc8\xdc\x0e]\x01\xd1\x9e\x0f\x05_\xfc\xb8\xeb\xd9\xb7\xa4\a\xae\xa5I\f7\x17\x91L}m\xea\r+\xecy\xe1\xe0D\x824\xfc[+\x0f\xe0+\xe8\x83\xc4\"\xcc&z\x8c@p\x02\x00\x00\x00\x00\x00\x00\x00?\x90<nj\x82\xea\xf0\xfa\xe8\xe1\x81Q6\x11\xe4T\xd5\xf0\xb1\xc65tr\x8b\x83^\xa17uX<y\xed\xf2\xdf\xcb\xacd\xec\x8c\x8e\x1c\xe1o\x90\'\xfa:\'\fr\xfc\x81$R{I{+\xa4\xfa\xc8\x9dF\xa9\x84\'\xb5~\xf8l\xdbo\xbc\x80\xc4\x01\x84F\t\x95\xd2\xc30.\xba\xc1\xf3e\xa9\xf6{\x9f\xb1yO\xabP\x84\xf1\x0e!\xec\xef\xb6\xc1\xcd\x16<i\xdf1G;8!m\x9a\nc`\x15\xfd\xea\xcb:\x01j\xcbg\xa5\xe2Ag\x9d\xe1q\xa2\x05\xd59Y`\xd4\xa5\xdef?\x05\\y\x13\xfc\xf4\xdd.\xee5\xa9\xf19\xb0\xb8\xd0\xc20I68\x19TOO&\x9ba\x9aQn\x8c<\xb5\xb1\x12s\x19)\xe2\x8fV\xe3\xf4\xa1\xd8\x06\xe9\x17\x87g\x94\x04\xbb\xa0\x88\xe3~\x9adJM\x89o\x9a\x1dQ+T\x9b|\x9c/\x00;\xa3jN\xf0\xe6=\x90}\xe7\xb5\' (\xba\x17\x8d\xb0f8\xc3\x8a\xddL\x1a\x86\x14v\x00[*i\x14\x17\"\x95\xab\x13\x95\xcc\xf9B\xf2F\x81\x90\tf\x03&-\xccx7\x14\x17\xc2\xb7X\x86Fs[\x00\x0eK\xf4\x84|\xb9\xe5L\xf6\xef\xbd\x01\xeb\xc2\x81\xce\xef^\xf3\xd2J\xe0\xab\f=\"&\xb3}9\x0fhF\xbc\xb3v\xe6e\x13\xfa,\xc0\xd5\xd7\x1ed+\xaf\xc1*\xa2\xe5d\x8f\x7f\x91!p\xa1\x8ep\f\x81', 0x7138)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r2 = socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x3, 0x2, 0x73)
socket(0xa, 0x1, 0x84)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x7, 0x9, 0xabfb, 0xc)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8)
bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x6, 0xffffffffffffffff, @relative_id=0x2, 0x9}, 0xa3)
sendto$auto(r2, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyv8\x00', 0x8040, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xffffffffffffffff, 0x8000)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa\x00', 0x2a801, 0x0)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, &(0x7f00000001c0))
rseq$auto(0x0, 0x8000, 0x0, 0x6)
acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00')
acct$auto(0x0)

9.179096118s ago: executing program 2 (id=551):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0)
r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$auto_SO_PEEK_OFF(r4, 0x4, 0x2a, &(0x7f00000000c0)='(-*\x00', 0x81)
ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
ioctl$auto(r2, 0x89f0, r2)
mmap$auto(0x0, 0xc, 0x5, 0x16, 0xffffffffffffffff, 0x6)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

9.089595318s ago: executing program 1 (id=553):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065f, 0x1ffde, 0x2d4a8168, 0x40000000007f, 0x20000005, 0x9, 0x3, 0x6, 0x400000004, 0x9, 0x4, 0x1, 0x22, 0x1, 0xfff, 0xfffffff7, 0x7, 0x1fff, 0x203, 0x838b, 0x84, 0x2, 0x0, 0x5, 0x0, 0x0, [0x0, 0x0, 0x0, 0x40000000000, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401, 0x0, 0x0, 0x7, 0x0, 0x81, 0x2, 0xfffffffffffffffd, 0x0, 0x0, 0x1, 0x1000000000000000, 0xffffffffffffffff, 0x0, 0x5, 0x251, 0x3, 0x0, 0x0, 0x8, 0x3, 0xfffffffffffff7cc, 0x4, 0x400000000000002, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, 0x2000]}, 0x1fe, 0x8)
personality$auto(0xfffff032)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cec2\x00', 0x7e7183, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac49268d89c5c00", "0000ef001000ebffffff00"]})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
truncate$auto(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x2000000406)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x8)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fddbdf25140000000c00018008000100", @ANYRES32=r4, @ANYBLOB="05000900020000000000000004000000"], 0x30}, 0x1, 0x0, 0x0, 0x44845}, 0x0)
ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
socket(0x1d, 0x80008, 0x7fff)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r6, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
r7 = socket(0x18, 0x5, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty42\x00', 0x10f880, 0x0)
ioctl$auto_TCFLSH2(r8, 0x5403, 0x0)
connect$auto(r7, 0x0, 0x3a)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r7, 0x0, 0x30004850)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)

9.060073848s ago: executing program 0 (id=554):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
open(&(0x7f0000000100)='.\x00', 0x591083, 0x408)
io_uring_register$auto_IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, 0x0, 0x2)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x8)
close_range$auto(0x2, 0x8000, 0x0)

8.065053766s ago: executing program 1 (id=557):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
mmap$auto(0x7, 0x4020008, 0x10001, 0x810000000000cb7, 0xffffffffffffffff, 0x10)
close_range$auto(0x0, 0x5, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)\x00', 0x40140, 0x12d)
rename$auto(&(0x7f0000000380)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
socket(0xa, 0x1, 0x84)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00', <r1=>0x0})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000001c0)='/\x00', &(0x7f0000000280)={0xc, 0x200, "970bde1fcf44aca36348351c"}, 0x0, 0x1001)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf25120000000c00018008000100", @ANYRES32=r1, @ANYBLOB="0800060002000000"], 0x28}, 0x1, 0x100000000000000, 0x0, 0x9dfefc5e47f5c72f}, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/kernel/shm_rmid_forced\x00', 0x141241, 0x0)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0xe00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x200000000000, 0x2020006, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x5, 0x0, 0x0, 0xfffffffa)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x1c1000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.11/usb32/devspec\x00', 0x902, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto(0x3, 0x0, 0xfffffd2b)
write$auto(r3, 0x0, 0xfdef)
read$auto(r3, 0x0, 0x9)
write$auto(0x3, 0x0, 0xffd8)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x40440, 0x40)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd0\x00', 0x200002, 0x0)

8.064421565s ago: executing program 2 (id=558):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/ip6_mr_cache\x00', 0x1900, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/10, 0xa) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)='7', 0x1) (async)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)=';') (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
prctl$auto(0x5a06ed9c, 0x1, 0x0, 0x1, 0x1) (async)
mremap$auto(0x4, 0x4000007, 0x3fd7, 0x0, 0x7fffffffffffffff) (async)
process_vm_readv$auto(0x0, 0x0, 0xda, 0x0, 0xa, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r4, 0x2, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x16, 0x0, 0x1, [@nested={0x8, 0x71, 0x0, 0x1, [@nested={0x4, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828848"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x4000, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
lseek$auto(0x3, 0x8, 0x1)

8.041170927s ago: executing program 0 (id=560):
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r0, 0x410, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x848000000015, 0x5, 0x0)
bind$auto(r1, &(0x7f0000000080)=@in={0x2, 0x4e24, @multicast1}, 0x6b)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
getrandom$auto(0x0, 0x3, 0x80000001)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_cancel$auto(0xb, &(0x7f0000000000)={0x2, 0x101, 0x0, 0x6, 0x1, r2, 0x3dd9, 0x10, 0x2, 0x0, 0x80000000, r3}, 0x0)
r4 = openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/loginuid\x00', 0x400402, 0x0)
close_range$auto(r1, r4, 0x20836)
mmap$auto(0x1, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
msync$auto(0x110c230000, 0x200001, 0x6)

7.78286115s ago: executing program 2 (id=563):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x5f, 0x10000000003, 0xeb1, r1, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
io_uring_register$auto_IORING_UNREGISTER_IOWQ_AFF(0xffffffffffffffff, 0x12, &(0x7f0000000480)="1249f5e3b9b845c918e0bc204e179a2f9c317447b1e2138c1436274942675916243fd3336b7c5a3be8d60b2a42e67e1fc61bc5e85ad3c81d41b3824227ee18f64e33a2ee99ee2c025dd29c9fd550ab6ba114790fb5bf20f793d6a13704fc889beea45c6de7c282405b98a37e6693cecb93d85997beb58fd4b551f7b5a9b88221aff80924dc1b5912608a110eeedf4f81269272f1d49dc12cf052d7c41c4be84b9e278e99bf22898e27099d28ba57a996f23f56d634212801d818aad27950ae3d3e4de141543955b77ab481b9f87dbd7e4caae55a8487fcdb2f9762bbaebcb2462e46bf6ee42187f4e49103", 0x11)
r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="146d849ae90bc1a14ae3af696299eeae7400003eb6d6cfa59fa1d14f0316958b1b490c006a75f0", @ANYRES16=r2, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x24048884)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
socket(0x2, 0x1, 0x106)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0))
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, 0x0)
write$auto(0x3, 0x0, 0x100082)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001fc, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0)

6.896287422s ago: executing program 1 (id=568):
unshare$auto(0x40000080) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
socket(0x2b, 0x1, 0x0) (async, rerun: 32)
listen$auto(0x3, 0x81) (async)
mmap$auto(0x0, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x5, 0x84) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64)
io_uring_setup$auto(0xa, 0x0) (async)
r1 = socket(0x2, 0x5, 0x0) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (rerun: 64)
socket(0x2b, 0x6, 0x4)
socket(0x2, 0x1, 0x84) (async)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
setsockopt$auto(r0, 0x10000000084, 0x23, 0x0, 0x8) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r3, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) (async)
madvise$auto(0x0, 0x200007, 0x19)

5.897110537s ago: executing program 3 (id=570):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ipvs(0x0, r0)
sendmsg$auto_IPVS_CMD_ZERO(r0, &(0x7f0000002900)={0x0, 0x0, &(0x7f00000028c0)={&(0x7f0000002600)={0x14, r1, 0x1, 0x74bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

5.653494049s ago: executing program 2 (id=571):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
connect$auto(r1, &(0x7f00000001c0)=@in={0x2, 0x3}, 0x55)
shutdown$auto(0xffffffffffffffff, 0xc3a)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
sendmmsg$auto(r0, &(0x7f0000000380)={{&(0x7f00000000c0)="bf8d46d17b95385991cb1a1e5426077334d379ffa47baa0864f0d6cde31acee564b80c54874ab3185e28b467e5b62bc01adf573f89b240aed6ecb1589e0367fccc539455d86ef90867157d6c7d3726c6851f2f349725b572431ec7404bcdde6d55e270003b9c8e7a4199166dd6f3c22e1d97a4e3f75328d5dc6cec058e0757e87a756ffd363d70fa737bc843624bb58797118123a5117b2dfd8fa6daa34bbdfbeb63634ee5649b95ffaa537b0abd1ef879b98eb10f386bf53cd79559f5758e694aa7eb6e94da47c4d2ef8887f1d61805f8294cf576802d65d48314b137d65637", 0x7, &(0x7f00000002c0)={&(0x7f0000000200)="cb342637482efa52b7479fe41435b1965a2cf0307133c44137ea9d8217114e74a9894552a33ea5c7014d669a630b7be040f4fe854770e07e0ca24ecb210fe2618c5a0e284640f989dbcff371fec0853d1a476f024cc60b3eaaf40384de8ad4b2f0a6546e2aae6264595303a758d8f8c551cf08ab1e5c6bb8abeae0d3efbfa29d2798a609f770babf06f7e4670e76b7b722c2ac55fb0ea20c7740ecb8ec36fd70a9c1fc3472ff55e98e", 0x8}, 0x0, &(0x7f0000000300)="8160748082c0f2af318630604e9f703dc2344820799cdad62dd129f433e29956056bc710f3c0ba25070a21007df9ded9735ee229d07e59ba18c5ac32272aeb2989591179c96ef39a5d5255db286a5071daa40d74a8823f1267b27e", 0x1, 0x3}, 0x400}, 0x1, 0x4)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
write$auto(r2, &(0x7f00000004c0)='/ ,\x97\xf6E#Y\xee}\x84\x85\x97\xc9\x92\xedo\xa8\xd8h\xb9\xa0\xca\x9eH\aq\xdb\xa3\xe3-\xf4\x8b\xfcz\xd6 `\xbd\xf9i\xd4}$\x01\\\xd1C\x91\xe0d^A\xd9F\xac\x97\x92O\xff\x82C1\xfdJ\xe9!R\xf9\xbf\f\xfadw\xe9F\xe8\xe1\x01\xc5\x8b\xfb\x1d\xe7\xbe\x7f\xd6%^UbJ5\xa5\x13)|\x800\xb9\\C\x83\xff\xbc>\xbe\vL\xe5\xdb\xa7\xb7\x14\n\xfe\x8fyGh\xf8\xd6\xfe.\xa99\xcfK\xf4(\x8f\xbfY\xd75\bQ\xe6a\x12\x86`\xfd\xffo\xab\x16\x05`\xd8j\xc0\x98\x93tuk\x9a\xc4\x11\xdd$L\xe6\xebFpP\x9c\x03s7\x11\x1b\"\xd8,=\x1f6pD6\x1e\x94\xca\xedD\xe6\xbe1 \"\xf0\x04\x90\xbe\xe4\xa2\xac\\\x93^|\\\x9cG\xffbH\xb7I1\x19-', 0x8)
sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x1)
connect$auto(0x3, 0x0, 0x58)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
rseq$auto(0x0, 0xfffffff4, 0x0, 0x5)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setitimer$auto(0x1, 0x0, 0x0)
sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x202000b, 0x4, 0xebf, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x100000000000038, 0x0)
r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r3, &(0x7f0000001000)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbba8c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b3983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee6d6088b541a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee7fa7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf74082108000000bfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25ce5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1368a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4846b4527c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205278c5e60507f5bf17a3c822a6e70e087df68022c1315cf499750e86ea1e060e63ebf63973eebe34ba6e687eda5ef020b61896a187842d219b2b9787be7910fc5180b277f2b00d760629816aa6a7240d7b1984158107fab929d79d6264611d404f2331eda49fe426edc34793dd3252aa54eb44544774d060269913cfcb105f55836eb6702c6034a3fe98bc9678850e54903d32ab924c1308a00e5b4143cce67ab079a73ab926669cc82", 0xdeb)
fsopen$auto(0x0, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
pipe$auto(&(0x7f0000000040)=r3)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000080), r4)
sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x8880)

5.652789665s ago: executing program 3 (id=572):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x280000000000, 0x63, 0x0, 0x0, 0x0, 0x2, 0x4, 0x80000008041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103}) (async)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x280000000000, 0x63, 0x0, 0x0, 0x0, 0x2, 0x4, 0x80000008041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r0 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/queue_id\x00', 0x80, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
adjtimex$auto(0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
r1 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000200), 0x22000, 0x0)
ioctl$auto_FS_IOC_GETFLAGS(r1, 0x80086601, 0x10003)

4.882643255s ago: executing program 1 (id=573):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x1, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0)
sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000)
write$auto(r1, &(0x7f0000000080)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x5)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2120a0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0)
sched_setattr$auto(0x0, 0x0, 0x7b)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0)
write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000100)="0a1b9a3c3e3e006e163bb154d7886d8ea5c2574c58e9867ecec3371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910bb713aca465c9bbc23b5d40a", 0x40)
fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
madvise$auto(0x0, 0x4, 0x15)
r4 = socket(0x2, 0x1, 0x106)
bind$auto(r4, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x3, 0x800005411, 0x38)
io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x9f78, 0x7, 0x8, 0xffffffffffffffff, [], {0x3, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x12, 0x101, 0x876c5, 0xc9, 0x3}})

1.831011377s ago: executing program 1 (id=574):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0x2c, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x801, 0x106)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r0, 0xae41, 0xffffffffffffffff)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x401}, 0x6, 0x0)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000100)={"cd8e455226785ca864021c81255aacee885044e6fea32eea499fded250d4589c", 0x9, 0x80, 0x3, 0x200, 0xb0c, <r2=>0x0})
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, &(0x7f00000001c0)={0x1, 0x0, 0x4e, @inferred=r1, &(0x7f0000000180)={@raw=0x6, 0x8001, 0x7, 0x5, "08bb9d5a8a3019df8d5332180ef3551932b3d0f132bc32de6c821d602c8580725174ec6812efaf04bafa13e6", @inferred=r2}, "e1652ae09d0a839e40910814a456babfcad43f0bc4b7d681dbe8e4ff2ba69c06f8f20880417a70867e2ff81c5b867219539d"})
socket(0xa, 0x2, 0xb)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x8, @old_prog_fd=r3}, 0xa3)
bpf$auto(0x2, &(0x7f0000000040)=@query={@target_ifindex, 0xff, 0x7, 0x9, 0x7f, @count=0xfffffff1, 0x0, 0x80000000, 0xc, 0xb, 0x7}, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x85, 0x0)
r4 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r4, 0x0, 0x483, 0x0, 0x0)

1.78073401s ago: executing program 2 (id=575):
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fanotify_init$auto(0x5, 0x2000000000002) (async)
fanotify_init$auto(0x5, 0x2000000000002)
close_range$auto(0x2, 0x8, 0x10008) (async)
close_range$auto(0x2, 0x8, 0x10008)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x100) (async)
socket(0x2, 0x3, 0x100)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@link_detach, 0x92) (async)
r1 = bpf$auto(0x0, &(0x7f0000000040)=@link_detach, 0x92)
open(0x0, 0x2e0c2, 0x18) (async)
open(0x0, 0x2e0c2, 0x18)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000140), r1)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80002, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_l2tp(0x0, r3) (async)
syz_genetlink_get_family_id$auto_l2tp(0x0, r3)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, 0x0, 0xc800) (async)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, 0x0, 0xc800)
write$auto(r2, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r5 = socket(0x2b, 0x1, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0)
sendfile$auto(r6, r6, 0x0, 0x8080000001) (async)
sendfile$auto(r6, r6, 0x0, 0x8080000001)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000)
io_uring_setup$auto(0x6, 0x0)

1.016403291s ago: executing program 1 (id=576):
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
pwrite64$auto(0xc8, &(0x7f0000000600)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rBBJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x99\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xb3\x9c2\xa2\xacyl\xb8\x00Y\xc8\'\xb6S(\xf2\xc2\xf2\x9dP\b\x88J\xae8\xf9>\xb6\xed\xb5/\xc9\xaa\xd8\xc4\xba\x94\xe6jv\x12Bp+\xb8\x16\x19kw\xbc\xbb5-i\xf0\xb9\xac\x9f&6\x89g\x9bh\x83D\xb3\x9fxe\x13\xd1\xb9\xe4\x7f|a\xf2\xdd\xa0\xfb\xfau-7\x94\x13\xa8\xec\xf6~\xacV\xa2S)\xc2\xce\x9b{+\x9ct2>\x98D\t\xc5HP\xc4\xb7\x84\xda*\x82)\x01\xd1\f\x1e\xd4\x8d0K\xa8\xd6\xa1\xa7\xd8VP\xfd\x19\x1cd\x84\xe7\xc6#\x9c\xdd\x88\xf9\x128\x0e\xe2\n\xd3\xd33\x01\xda\x83]\xd6\xd5U\xb0^\xaf\x12\x91\x85\x86\xfd\x95\'<x\xfc\x19j\xfd\x95\xeaf\x06\x14+\x06:\x803\xae[\xfa\xac\x83\xd2', 0x4f, 0x7)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000003fc0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY2(r4, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000004080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbdce00fddbdf25030000000f683052f7bbc1781082010200bb145f766c616e0000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4000050)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fcdbdf250400"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(r0, 0x8, 0xffffffff)
brk$auto(0xffffffffffffff66)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/transparent_hugepage/hugepages-16kB/stats/anon_fault_alloc\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0x240007, 0x19)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x0, 0x2, 0x1000002)
personality$auto(0xfffff032)
ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, &(0x7f00000002c0)={0x10000}, 0x8)
mprotect$auto(0x110c230000, 0xa588, 0x6)
msgctl$auto_IPC_RMID(0x1, 0x0, 0x0)

732.16881ms ago: executing program 2 (id=577):
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001100)=""/4106, 0x100a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
socket(0x10, 0x2, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
read$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffffff, &(0x7f0000000180)=""/18, 0x12)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000)
r0 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
writev$auto(r1, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3)
process_madvise$auto_MADV_RANDOM(r0, 0x0, 0xfffffffffffffffb, 0x1, 0xfffffffe)
r2 = getpid()
get_robust_list$auto(r2, &(0x7f0000000200)=&(0x7f00000001c0)={{&(0x7f0000000080)={&(0x7f0000000040)}}, 0x8, &(0x7f0000000140)={&(0x7f0000000100)={&(0x7f00000000c0)}}}, &(0x7f0000000240)=0x81)
ioctl$auto(0x3, 0x4020afa4, 0xffffffffffffffff)

274.596243ms ago: executing program 3 (id=578):
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r0 = socket(0xa, 0x1, 0x84) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = socket(0xa, 0x1, 0x84)
r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000080), r2)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, r3, 0xc415f7fc52f34fa0, 0x70bd25, 0x25dfdbff, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x101}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x8}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x3}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x5}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x91}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x401}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x1000}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x3}, @IOAM6_ATTR_NS_ID={0x6, 0x1, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4010}, 0x800) (async)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x1000}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async)
setsockopt$auto(r0, 0x0, 0x60, 0x0, 0x6f7250c4) (async)
getsockopt$auto_SO_BINDTODEVICE(r0, 0x7, 0x19, &(0x7f0000000000)='}(\x00', &(0x7f0000000040)=0x8)

249.077587ms ago: executing program 3 (id=579):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
io_uring_register$auto_IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, 0x0, 0x2)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x8)
close_range$auto(0x2, 0x8000, 0x0)

44.928585ms ago: executing program 3 (id=580):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ipvs(0x0, r0)
sendmsg$auto_IPVS_CMD_ZERO(r0, &(0x7f0000002900)={0x0, 0x0, &(0x7f00000028c0)={&(0x7f0000002600)={0x14, r1, 0x1, 0x74bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

1.730689ms ago: executing program 0 (id=581):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sda1\x00', 0x8800, 0x0)
cachestat$auto(r0, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0)

0s ago: executing program 3 (id=582):
r0 = socket(0x2, 0x1, 0x106)
setsockopt$auto(0xffffffffffffffff, 0x9, 0x1006, &(0x7f0000000280)='\'-+\x00\x10\xa4#\x92X\x00\a\xd4\x0f\xfbUV\xa6v\xbf\xf2a\v', 0xea68)
setsockopt$auto_SO_PEEK_OFF(r0, 0x2400000, 0x2a, &(0x7f0000000040)='\'-+\x00\x10\xa4#\x92`\xdb\xafL\x0f\xfbUV\xa6KH]Cv\xbf\xf2a\v', 0x400)
bind$auto(0x3, &(0x7f0000000140), 0x6c)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x1e, 0x6, 0x40ffff)
bpf$auto(0x0, 0x0, 0x6f6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100253d7000fddbdf2501000000100007800c00018008000180000000000c0002000600000100000000cbef26043e39f37f82e3b98b7443adfc4afb81bdd576bb002ce4e57e446273d1fc95a050ffd559e4e3a0872a100a75cb7a8ff7a92f636483e361ef49f61ec610d92d06cd4b88d996b94a6afe876ee44193a0567ecbe499ce8128033cde1d572962df1962005591fd80950cd9ab92834da6d75b43a6114eb7d0448631a29f153e018e70"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x15, 0x5, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$auto(0x0, 0x0)
io_uring_setup$auto(0x7e1b, 0x0)
socket(0x1a, 0x3, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x2, 0x14)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptya7\x00', 0x101e83, 0x0)
syz_genetlink_get_family_id$auto_netdev(0x0, r3)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.79' (ED25519) to the list of known hosts.
[   80.389564][ T5817] cgroup: Unknown subsys name 'net'
[   80.557596][ T5817] cgroup: Unknown subsys name 'cpuset'
[   80.566161][ T5817] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   82.050617][ T5817] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.797189][ T5150] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.806268][ T5150] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.815356][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.824120][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.825225][ T5150] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.831853][ T5841] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.840307][ T5150] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.845655][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.854511][ T5150] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.867640][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.868879][ T5150] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.875898][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.882907][ T5150] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.889394][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.897587][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.904616][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.910908][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.917485][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.931022][ T5843] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.949992][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   84.307407][ T5837] chnl_net:caif_netlink_parms(): no params data found
[   84.442593][ T5837] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.449850][ T5837] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.457347][ T5837] bridge_slave_0: entered allmulticast mode
[   84.464644][ T5837] bridge_slave_0: entered promiscuous mode
[   84.493861][ T5837] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.501100][ T5837] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.508471][ T5837] bridge_slave_1: entered allmulticast mode
[   84.515525][ T5837] bridge_slave_1: entered promiscuous mode
[   84.612210][ T5837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.628883][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   84.647008][ T5837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.722324][ T5837] team0: Port device team_slave_0 added
[   84.728248][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   84.739866][ T5831] chnl_net:caif_netlink_parms(): no params data found
[   84.761683][ T5837] team0: Port device team_slave_1 added
[   84.842151][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_0
[   84.849204][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   84.875779][ T5837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   84.903109][ T5837] batman_adv: batadv0: Adding interface: batadv_slave_1
[   84.910094][ T5837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   84.936011][ T5837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   84.994652][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.002320][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.009670][ T5829] bridge_slave_0: entered allmulticast mode
[   85.016704][ T5829] bridge_slave_0: entered promiscuous mode
[   85.042450][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.049828][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.057291][ T5829] bridge_slave_1: entered allmulticast mode
[   85.064478][ T5829] bridge_slave_1: entered promiscuous mode
[   85.109366][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.116684][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.123849][ T5831] bridge_slave_0: entered allmulticast mode
[   85.131132][ T5831] bridge_slave_0: entered promiscuous mode
[   85.138286][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.145764][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.152897][ T5828] bridge_slave_0: entered allmulticast mode
[   85.160020][ T5828] bridge_slave_0: entered promiscuous mode
[   85.187643][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.194857][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.201991][ T5831] bridge_slave_1: entered allmulticast mode
[   85.209475][ T5831] bridge_slave_1: entered promiscuous mode
[   85.216401][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.223536][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.231115][ T5828] bridge_slave_1: entered allmulticast mode
[   85.238343][ T5828] bridge_slave_1: entered promiscuous mode
[   85.251596][ T5837] hsr_slave_0: entered promiscuous mode
[   85.258027][ T5837] hsr_slave_1: entered promiscuous mode
[   85.267506][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.300747][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.341924][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.364412][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.385223][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.403388][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.426851][ T5829] team0: Port device team_slave_0 added
[   85.466408][ T5829] team0: Port device team_slave_1 added
[   85.489102][ T5828] team0: Port device team_slave_0 added
[   85.506534][ T5831] team0: Port device team_slave_0 added
[   85.521233][ T5828] team0: Port device team_slave_1 added
[   85.538397][ T5831] team0: Port device team_slave_1 added
[   85.571867][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.578888][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.604964][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.642223][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.649610][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.676125][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.688002][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.695152][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.721370][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.738734][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.745740][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.771859][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.789780][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.796785][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.822994][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.839717][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.846778][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.872968][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.987910][ T5829] hsr_slave_0: entered promiscuous mode
[   85.994724][ T5829] hsr_slave_1: entered promiscuous mode
[   85.995177][ T5843] Bluetooth: hci0: command tx timeout
[   86.000356][ T5832] Bluetooth: hci2: command tx timeout
[   86.006168][ T5843] Bluetooth: hci1: command tx timeout
[   86.011652][ T5832] Bluetooth: hci3: command tx timeout
[   86.019536][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[   86.028583][ T5829] Cannot create hsr debugfs directory
[   86.063776][ T5828] hsr_slave_0: entered promiscuous mode
[   86.070090][ T5828] hsr_slave_1: entered promiscuous mode
[   86.076456][ T5828] debugfs: 'hsr0' already exists in 'hsr'
[   86.082188][ T5828] Cannot create hsr debugfs directory
[   86.096292][ T5831] hsr_slave_0: entered promiscuous mode
[   86.103072][ T5831] hsr_slave_1: entered promiscuous mode
[   86.109359][ T5831] debugfs: 'hsr0' already exists in 'hsr'
[   86.115217][ T5831] Cannot create hsr debugfs directory
[   86.320941][ T5837] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   86.358080][ T5837] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   86.387082][ T5837] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   86.415280][ T5837] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   86.577486][ T5829] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   86.587711][ T5829] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   86.600290][ T5829] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   86.612063][ T5829] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   86.697521][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.716837][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.730135][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.755106][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   86.858658][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   86.889757][ T5837] 8021q: adding VLAN 0 to HW filter on device bond0
[   86.905602][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   86.928262][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   86.943101][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.995511][ T5837] 8021q: adding VLAN 0 to HW filter on device team0
[   87.061249][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.068579][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.107846][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.125052][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.132214][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.225751][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.237294][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   87.266865][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.274082][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.303733][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.310874][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.341015][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   87.366227][ T1136] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.373395][ T1136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.407707][ T1136] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.415183][ T1136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.546328][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.639243][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   87.705988][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.713157][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.796011][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.803172][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.847309][ T5837] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.936332][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   87.990006][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.019783][ T5837] veth0_vlan: entered promiscuous mode
[   88.078034][ T5832] Bluetooth: hci3: command tx timeout
[   88.078921][ T5835] Bluetooth: hci2: command tx timeout
[   88.089397][   T52] Bluetooth: hci0: command tx timeout
[   88.096707][ T5843] Bluetooth: hci1: command tx timeout
[   88.102596][ T5837] veth1_vlan: entered promiscuous mode
[   88.147149][ T5829] veth0_vlan: entered promiscuous mode
[   88.168646][ T5828] veth0_vlan: entered promiscuous mode
[   88.202031][ T5829] veth1_vlan: entered promiscuous mode
[   88.219891][ T5828] veth1_vlan: entered promiscuous mode
[   88.247102][ T5837] veth0_macvtap: entered promiscuous mode
[   88.272603][ T5837] veth1_macvtap: entered promiscuous mode
[   88.303621][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.328673][ T5829] veth0_macvtap: entered promiscuous mode
[   88.346087][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.357843][ T5828] veth0_macvtap: entered promiscuous mode
[   88.373273][ T5829] veth1_macvtap: entered promiscuous mode
[   88.383525][ T5837] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.401351][ T5828] veth1_macvtap: entered promiscuous mode
[   88.425902][  T174] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.440874][  T174] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.450032][  T174] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.465587][  T174] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.489143][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.498070][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.523869][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.542781][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.565264][ T5831] veth0_vlan: entered promiscuous mode
[   88.592749][  T174] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.603870][  T174] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.619683][  T174] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.629767][  T174] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.649160][  T174] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.661170][  T174] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.686152][  T174] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.696139][  T174] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.719565][ T5831] veth1_vlan: entered promiscuous mode
[   88.765642][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.775020][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.848563][  T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.859508][  T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.921747][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.939172][ T5831] veth0_macvtap: entered promiscuous mode
[   88.941744][ T5837] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   88.959572][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.011528][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.026284][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.046840][ T5831] veth1_macvtap: entered promiscuous mode
[   89.095912][  T174] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.104690][  T174] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.173596][ T3624] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.201101][ T3624] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.203232][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.246772][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.261610][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.282934][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.336902][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.359517][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.519760][ T5931] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   89.643268][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.694032][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.816877][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.842264][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.155773][   T52] Bluetooth: hci2: command tx timeout
[   90.155855][ T5832] Bluetooth: hci0: command tx timeout
[   90.162951][ T5835] Bluetooth: hci1: command tx timeout
[   90.173411][ T5843] Bluetooth: hci3: command tx timeout
[   90.206910][ T5942] zswap: compressor  not available
[   90.225649][ T5944] zswap: compressor  not available
[   90.447472][ T5953] netlink: 178 bytes leftover after parsing attributes in process `syz.1.6'.
[   90.484467][ T5953] Zero length message leads to an empty skb
[   90.744373][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   90.855178][ T5963] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   90.877071][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   90.878480][ T5955] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   91.699292][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   91.869451][ T5995] __vm_enough_memory: pid: 5995, comm: syz.2.10, bytes: 4398046511104 not enough memory for the allocation
[   91.964476][  T793] cfg80211: failed to load regulatory.db
[   92.034491][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   92.234807][   T52] Bluetooth: hci2: command tx timeout
[   92.236760][ T5832] Bluetooth: hci0: command tx timeout
[   92.240252][ T5835] Bluetooth: hci1: command tx timeout
[   92.245803][ T5843] Bluetooth: hci3: command tx timeout
[   92.414886][   T30] audit: type=1804 audit(1766488628.713:2): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.12" name="/newroot/4/file0" dev="tmpfs" ino=40 res=1 errno=0
[   92.514088][   T30] audit: type=1804 audit(1766488628.713:3): pid=6004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.12" name="/newroot/4/file0" dev="tmpfs" ino=40 res=1 errno=0
[   92.727743][ T5984] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   92.925435][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   93.154527][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   93.419629][   T30] audit: type=1804 audit(1766488629.733:4): pid=6007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.13" name="/newroot/1/file0" dev="tmpfs" ino=24 res=1 errno=0
[   93.490769][   T30] audit: type=1804 audit(1766488629.803:5): pid=6010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.13" name="/newroot/1/file0" dev="tmpfs" ino=24 res=1 errno=0
[   93.623286][   T30] audit: type=1804 audit(1766488629.933:6): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.15" name="/newroot/5/file0" dev="tmpfs" ino=46 res=1 errno=0
[   93.675051][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   93.755412][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   93.766478][   T30] audit: type=1804 audit(1766488630.013:7): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.15" name="/newroot/5/file0" dev="tmpfs" ino=46 res=1 errno=0
[   93.847068][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   93.874759][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.161485][ T6023] HSR: entered promiscuous mode
[   94.265673][ T6027] sctp: Failed to create the SCTP UDP tunneling v4 sock
[   94.298875][ T6027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.18'.
[   94.969581][ T6032] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.825769][ T6044] __vm_enough_memory: pid: 6044, comm: syz.3.23, bytes: 4398046511104 not enough memory for the allocation
[   96.102516][   T30] audit: type=1804 audit(1766488632.413:8): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.27" name="/newroot/9/file0" dev="tmpfs" ino=64 res=1 errno=0
[   96.296300][   T30] audit: type=1804 audit(1766488632.613:9): pid=6062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.27" name="/newroot/9/file0" dev="tmpfs" ino=64 res=1 errno=0
[   97.279455][ T6100] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[   97.381644][ T6104] capability: warning: `syz.3.35' uses 32-bit capabilities (legacy support in use)
[   97.582570][ T6107] mmap: syz.2.36 (6107) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   97.620675][ T6106] netlink: 146 bytes leftover after parsing attributes in process `syz.1.37'.
[   97.638859][ T6102] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[   98.186509][ T6116] process 'syz.1.39' launched './file0' with NULL argv: empty string added
[   98.246569][ T6119] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   98.263587][ T6119] random: crng reseeded on system resumption
[   99.423324][   T30] audit: type=1804 audit(1766488635.733:10): pid=6139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.42" name="/newroot/13/file0" dev="tmpfs" ino=90 res=1 errno=0
[   99.569765][ T6137] netlink: 62 bytes leftover after parsing attributes in process `syz.0.45'.
[   99.600085][ T6146] block nbd0: Unsupported socket: should be TCP or UNIX.
[   99.630298][ T6137] [U] 
[   99.633270][ T6137] [U] 
[   99.635997][ T6137] [U] 
[   99.638734][ T6137] [U] 
[   99.674789][ T6137] [U] 
[   99.677561][ T6137] [U] 
[   99.680288][ T6137] [U] 
[   99.683018][ T6137] [U] 
[   99.728801][ T6137] [U] 
[   99.731561][ T6137] [U] 
[   99.734282][ T6137] [U] 
[   99.737014][ T6137] [U] 
[   99.768005][ T6137] [U] 
[   99.770764][ T6137] [U] 
[   99.773489][ T6137] [U] 
[   99.776211][ T6137] [U] 
[   99.794829][ T6137] [U] 
[   99.797542][ T6137] [U] 
[   99.800216][ T6137] [U] 
[   99.802897][ T6137] [U] 
[   99.820460][ T6137] [U] 
[   99.823220][ T6137] [U] 
[   99.825945][ T6137] [U] 
[   99.828647][ T6137] [U] 
[   99.911513][ T6137] [U] 
[   99.914235][ T6137] [U] 
[   99.916910][ T6137] [U] 
[   99.919584][ T6137] [U] 
[   99.975124][ T6137] [U] 
[   99.977833][ T6137] [U] 
[   99.980512][ T6137] [U] 
[   99.983185][ T6137] [U] 
[  100.024348][ T6137] [U] 
[  100.027096][ T6137] [U] 
[  100.029800][ T6137] [U] 
[  100.032496][ T6137] [U] 
[  100.045186][ T6137] [U] 
[  100.047945][ T6137] [U] 
[  100.050686][ T6137] [U] 
[  100.053388][ T6137] [U] 
[  100.121532][ T6137] [U] 
[  100.124248][ T6137] [U] 
[  100.126927][ T6137] [U] 
[  100.129598][ T6137] [U] 
[  100.191065][ T6137] [U] 
[  100.821038][ T6180] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[  104.424549][ T6239] futex_wake_op: syz.2.71 tries to shift op by -2048; fix this program
[  104.489055][ T6238] FAULT_INJECTION: forcing a failure.
[  104.489055][ T6238] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  104.550519][ T6238] CPU: 1 UID: 0 PID: 6238 Comm: syz.2.71 Not tainted syzkaller #0 PREEMPT(full) 
[  104.550552][ T6238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  104.550571][ T6238] Call Trace:
[  104.550579][ T6238]  <TASK>
[  104.550588][ T6238]  dump_stack_lvl+0x16c/0x1f0
[  104.550633][ T6238]  should_fail_ex+0x512/0x640
[  104.550665][ T6238]  _copy_from_user+0x2e/0xd0
[  104.550693][ T6238]  get_timespec64+0x8b/0x1b0
[  104.550718][ T6238]  ? __pfx_get_timespec64+0x10/0x10
[  104.550750][ T6238]  __x64_sys_futex+0x288/0x4c0
[  104.550783][ T6238]  ? __pfx___x64_sys_futex+0x10/0x10
[  104.550824][ T6238]  do_syscall_64+0xcd/0xf80
[  104.550862][ T6238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.550887][ T6238] RIP: 0033:0x7f62bfd8f7c9
[  104.550912][ T6238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.550934][ T6238] RSP: 002b:00007fff2acd2998 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  104.550957][ T6238] RAX: ffffffffffffffda RBX: 0000000000019811 RCX: 00007f62bfd8f7c9
[  104.550973][ T6238] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f62bffe5fac
[  104.550987][ T6238] RBP: 0000000000000032 R08: 00007f62bfbf8000 R09: 000000102acd2c8f
[  104.551003][ T6238] R10: 00007fff2acd2a90 R11: 0000000000000246 R12: 00007f62bffe5fac
[  104.551018][ T6238] R13: 00007fff2acd2a90 R14: 0000000000019843 R15: 00007fff2acd2ab0
[  104.551051][ T6238]  </TASK>
[  104.726628][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.2.71'.
[  104.810834][ T6246] netlink: 36 bytes leftover after parsing attributes in process `syz.2.73'.
[  104.886185][   T30] audit: type=1800 audit(1766488641.203:11): pid=6248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.69" name="lu_gp_id" dev="configfs" ino=9770 res=0 errno=0
[  105.026400][ T6251] FAULT_INJECTION: forcing a failure.
[  105.026400][ T6251] name fail_futex, interval 1, probability 0, space 0, times 1
[  105.067769][ T6251] CPU: 1 UID: 0 PID: 6251 Comm: syz.2.74 Not tainted syzkaller #0 PREEMPT(full) 
[  105.067804][ T6251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  105.067819][ T6251] Call Trace:
[  105.067830][ T6251]  <TASK>
[  105.067841][ T6251]  dump_stack_lvl+0x16c/0x1f0
[  105.067885][ T6251]  should_fail_ex+0x512/0x640
[  105.067918][ T6251]  get_futex_key+0x1d0/0x15f0
[  105.067950][ T6251]  ? __pfx_get_futex_key+0x10/0x10
[  105.067989][ T6251]  futex_wait_setup+0x9d/0x570
[  105.068033][ T6251]  __futex_wait+0x193/0x2f0
[  105.068067][ T6251]  ? __pfx___futex_wait+0x10/0x10
[  105.068098][ T6251]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  105.068138][ T6251]  ? __pfx_futex_wake_mark+0x10/0x10
[  105.068174][ T6251]  ? futex_hash+0x2c5/0x380
[  105.068204][ T6251]  ? futex_private_hash_put+0x160/0x1b0
[  105.068233][ T6251]  futex_wait+0xe8/0x380
[  105.068266][ T6251]  ? __pfx_futex_wait+0x10/0x10
[  105.068306][ T6251]  ? __lock_acquire+0x436/0x2890
[  105.068338][ T6251]  do_futex+0x229/0x350
[  105.068367][ T6251]  ? __pfx_do_futex+0x10/0x10
[  105.068393][ T6251]  ? __fget_files+0x204/0x3c0
[  105.068434][ T6251]  __x64_sys_futex+0x1e0/0x4c0
[  105.068468][ T6251]  ? __pfx___x64_sys_futex+0x10/0x10
[  105.068496][ T6251]  ? __sys_setsockopt+0x140/0x1a0
[  105.068536][ T6251]  do_syscall_64+0xcd/0xf80
[  105.068574][ T6251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.068600][ T6251] RIP: 0033:0x7f62bfd8f7c9
[  105.068621][ T6251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.068645][ T6251] RSP: 002b:00007f62bdfee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  105.068670][ T6251] RAX: ffffffffffffffda RBX: 00007f62bffe5fa8 RCX: 00007f62bfd8f7c9
[  105.068688][ T6251] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f62bffe5fa8
[  105.068704][ T6251] RBP: 00007f62bffe5fa0 R08: 0000000000000000 R09: 0000000000000000
[  105.068719][ T6251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  105.068741][ T6251] R13: 00007f62bffe6038 R14: 00007fff2acd2750 R15: 00007fff2acd2838
[  105.068777][ T6251]  </TASK>
[  106.095081][ T6269] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input7
[  106.209951][ T6273] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  106.409848][ T6276] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  108.931134][ T6329] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  109.736974][ T6328] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11
[  110.748079][ T6364] netlink: 342 bytes leftover after parsing attributes in process `syz.3.98'.
[  110.765284][   T30] audit: type=1800 audit(1766488647.083:12): pid=6362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.97" name="lu_gp_id" dev="configfs" ino=10303 res=0 errno=0
[  111.412980][ T6370] FAULT_INJECTION: forcing a failure.
[  111.412980][ T6370] name failslab, interval 1, probability 0, space 0, times 1
[  111.614175][ T6370] CPU: 1 UID: 0 PID: 6370 Comm: syz.1.100 Not tainted syzkaller #0 PREEMPT(full) 
[  111.614198][ T6370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  111.614207][ T6370] Call Trace:
[  111.614213][ T6370]  <TASK>
[  111.614219][ T6370]  dump_stack_lvl+0x16c/0x1f0
[  111.614246][ T6370]  should_fail_ex+0x512/0x640
[  111.614263][ T6370]  ? __kmalloc_cache_noprof+0x5f/0x800
[  111.614282][ T6370]  should_failslab+0xc2/0x120
[  111.614306][ T6370]  __kmalloc_cache_noprof+0x80/0x800
[  111.614323][ T6370]  ? rfkill_fop_open+0x1b6/0x750
[  111.614344][ T6370]  ? rfkill_fop_open+0x1b6/0x750
[  111.614362][ T6370]  rfkill_fop_open+0x1b6/0x750
[  111.614382][ T6370]  ? __pfx_rfkill_fop_open+0x10/0x10
[  111.614401][ T6370]  misc_open+0x26d/0x450
[  111.614418][ T6370]  ? __pfx_misc_open+0x10/0x10
[  111.614434][ T6370]  chrdev_open+0x234/0x6a0
[  111.614456][ T6370]  ? __pfx_apparmor_file_open+0x10/0x10
[  111.614470][ T6370]  ? __pfx_chrdev_open+0x10/0x10
[  111.614503][ T6370]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  111.614547][ T6370]  do_dentry_open+0x748/0x1590
[  111.614579][ T6370]  ? __pfx_chrdev_open+0x10/0x10
[  111.614612][ T6370]  vfs_open+0x82/0x3f0
[  111.614630][ T6370]  path_openat+0x2078/0x3140
[  111.614658][ T6370]  ? __pfx_path_openat+0x10/0x10
[  111.614687][ T6370]  do_filp_open+0x20b/0x470
[  111.614709][ T6370]  ? __pfx_do_filp_open+0x10/0x10
[  111.614747][ T6370]  ? alloc_fd+0x471/0x7d0
[  111.614774][ T6370]  do_sys_openat2+0x121/0x290
[  111.614790][ T6370]  ? __pfx_do_sys_openat2+0x10/0x10
[  111.614813][ T6370]  __x64_sys_openat+0x174/0x210
[  111.614830][ T6370]  ? __pfx___x64_sys_openat+0x10/0x10
[  111.614854][ T6370]  do_syscall_64+0xcd/0xf80
[  111.614877][ T6370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.614892][ T6370] RIP: 0033:0x7f840338f7c9
[  111.614905][ T6370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.614919][ T6370] RSP: 002b:00007f840422d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  111.614933][ T6370] RAX: ffffffffffffffda RBX: 00007f84035e5fa0 RCX: 00007f840338f7c9
[  111.614942][ T6370] RDX: 0000000000000840 RSI: 0000200000000240 RDI: ffffffffffffff9c
[  111.614951][ T6370] RBP: 00007f8403413f91 R08: 0000000000000000 R09: 0000000000000000
[  111.614959][ T6370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.614968][ T6370] R13: 00007f84035e6038 R14: 00007f84035e5fa0 R15: 00007ffe5e67de28
[  111.614994][ T6370]  </TASK>
[  112.130527][ T6371] zswap: compressor  not available
[  112.500358][ T6401] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  112.883779][ T6402] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[  112.920388][ T6405] FAULT_INJECTION: forcing a failure.
[  112.920388][ T6405] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  112.966573][ T6405] CPU: 0 UID: 0 PID: 6405 Comm: syz.1.106 Not tainted syzkaller #0 PREEMPT(full) 
[  112.966617][ T6405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  112.966631][ T6405] Call Trace:
[  112.966640][ T6405]  <TASK>
[  112.966652][ T6405]  dump_stack_lvl+0x16c/0x1f0
[  112.966694][ T6405]  should_fail_ex+0x512/0x640
[  112.966726][ T6405]  should_fail_alloc_page+0xe7/0x130
[  112.966766][ T6405]  prepare_alloc_pages+0x401/0x670
[  112.966811][ T6405]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  112.966853][ T6405]  ? __up_read+0x2d1/0x700
[  112.966885][ T6405]  ? __pfx___up_read+0x10/0x10
[  112.966914][ T6405]  ? __rmap_walk_file+0x575/0x620
[  112.966953][ T6405]  ? vma_interval_tree_iter_next+0x10c/0x250
[  112.966983][ T6405]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  112.967018][ T6405]  ? __rmap_walk_file+0x575/0x620
[  112.967064][ T6405]  ? rmap_walk_file+0x174/0x1f0
[  112.967085][ T6405]  ? queue_folios_pte_range+0x52f/0x11c0
[  112.967126][ T6405]  __folio_alloc_noprof+0x11/0x220
[  112.967156][ T6405]  alloc_migration_target+0x1a0/0x560
[  112.967199][ T6405]  migrate_pages_batch+0x3bc/0x3bb0
[  112.967230][ T6405]  ? __pfx_alloc_migration_target+0x10/0x10
[  112.967284][ T6405]  ? __pfx_migrate_pages_batch+0x10/0x10
[  112.967317][ T6405]  ? __pfx_walk_pgd_range+0x10/0x10
[  112.967353][ T6405]  migrate_pages_sync+0x12d/0x8a0
[  112.967381][ T6405]  ? __pfx_alloc_migration_target+0x10/0x10
[  112.967427][ T6405]  ? queue_pages_test_walk+0x279/0x410
[  112.967452][ T6405]  ? __pfx_migrate_pages_sync+0x10/0x10
[  112.967480][ T6405]  ? walk_page_test+0x9b/0x180
[  112.967513][ T6405]  ? walk_page_range_mm_unsafe+0x235/0xb40
[  112.967553][ T6405]  migrate_pages+0x1b0b/0x2350
[  112.967584][ T6405]  ? __pfx_alloc_migration_target+0x10/0x10
[  112.967644][ T6405]  ? __pfx_migrate_pages+0x10/0x10
[  112.967673][ T6405]  ? queue_pages_range+0x11e/0x180
[  112.967715][ T6405]  ? __pfx___up_read+0x10/0x10
[  112.967744][ T6405]  ? do_migrate_pages+0x45b/0x750
[  112.967787][ T6405]  do_migrate_pages+0x491/0x750
[  112.967833][ T6405]  ? __pfx_do_migrate_pages+0x10/0x10
[  112.967877][ T6405]  ? rcu_is_watching+0x12/0xc0
[  112.967910][ T6405]  ? cap_capable+0x10d/0x3f0
[  112.967930][ T6405]  ? get_task_mm+0xc2/0xf0
[  112.967964][ T6405]  ? security_capable+0x250/0x260
[  112.968005][ T6405]  kernel_migrate_pages+0x55b/0x700
[  112.968044][ T6405]  ? __pfx_kernel_migrate_pages+0x10/0x10
[  112.968083][ T6405]  ? __pfx_do_writev+0x10/0x10
[  112.968122][ T6405]  __x64_sys_migrate_pages+0x96/0x100
[  112.968161][ T6405]  ? lockdep_hardirqs_on+0x7c/0x110
[  112.968198][ T6405]  do_syscall_64+0xcd/0xf80
[  112.968236][ T6405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.968263][ T6405] RIP: 0033:0x7f840338f7c9
[  112.968285][ T6405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.968309][ T6405] RSP: 002b:00007f840422d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100
[  112.968333][ T6405] RAX: ffffffffffffffda RBX: 00007f84035e5fa0 RCX: 00007f840338f7c9
[  112.968351][ T6405] RDX: 0000200000000100 RSI: 000000000000000a RDI: 0000000000000000
[  112.968367][ T6405] RBP: 00007f8403413f91 R08: 0000000000000000 R09: 0000000000000000
[  112.968382][ T6405] R10: 0000200000000140 R11: 0000000000000246 R12: 0000000000000000
[  112.968398][ T6405] R13: 00007f84035e6038 R14: 00007f84035e5fa0 R15: 00007ffe5e67de28
[  112.968434][ T6405]  </TASK>
[  113.559234][ T6413] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[  114.126939][ T6421] could not allocate digest TFM handle 
[  114.352978][ T6440] netlink: 330 bytes leftover after parsing attributes in process `syz.2.112'.
[  114.904234][   T30] audit: type=1804 audit(1766488651.223:13): pid=6452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.116" name="/newroot/27/file0" dev="tmpfs" ino=160 res=1 errno=0
[  114.973183][   T30] audit: type=1804 audit(1766488651.243:14): pid=6453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.116" name="/newroot/27/file0" dev="tmpfs" ino=160 res=1 errno=0
[  116.935774][   T30] audit: type=1804 audit(1766488653.253:15): pid=6496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.124" name="/newroot/29/file0" dev="tmpfs" ino=171 res=1 errno=0
[  116.987606][   T30] audit: type=1804 audit(1766488653.293:16): pid=6499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.124" name="/newroot/29/file0" dev="tmpfs" ino=171 res=1 errno=0
[  118.091960][ T6510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.127'.
[  118.322396][ T6514] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  118.506297][ T6510] team0: Port device team_slave_0 removed
[  118.950841][ T6527] netlink: 330 bytes leftover after parsing attributes in process `syz.3.134'.
[  118.953045][ T6529] FAULT_INJECTION: forcing a failure.
[  118.953045][ T6529] name failslab, interval 1, probability 0, space 0, times 0
[  119.050413][ T6529] CPU: 1 UID: 0 PID: 6529 Comm: syz.0.133 Not tainted syzkaller #0 PREEMPT(full) 
[  119.050449][ T6529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  119.050462][ T6529] Call Trace:
[  119.050471][ T6529]  <TASK>
[  119.050481][ T6529]  dump_stack_lvl+0x16c/0x1f0
[  119.050521][ T6529]  should_fail_ex+0x512/0x640
[  119.050549][ T6529]  ? __kvmalloc_node_noprof+0x129/0xa40
[  119.050585][ T6529]  should_failslab+0xc2/0x120
[  119.050622][ T6529]  __kvmalloc_node_noprof+0x14a/0xa40
[  119.050658][ T6529]  ? seq_read_iter+0x830/0x12d0
[  119.050698][ T6529]  ? seq_read_iter+0x830/0x12d0
[  119.050728][ T6529]  seq_read_iter+0x830/0x12d0
[  119.050767][ T6529]  ? __pfx_aa_file_perm+0x10/0x10
[  119.050799][ T6529]  ? look_up_lock_class+0x59/0x130
[  119.050840][ T6529]  kernfs_fop_read_iter+0x46c/0x610
[  119.050878][ T6529]  ? copy_iovec_from_user+0x131/0x170
[  119.050909][ T6529]  do_iter_readv_writev+0x743/0x9e0
[  119.050954][ T6529]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  119.050997][ T6529]  ? rw_verify_area+0xcf/0x6c0
[  119.051031][ T6529]  vfs_readv+0x4cb/0x8b0
[  119.051063][ T6529]  ? trace_contention_end+0xdd/0x110
[  119.051095][ T6529]  ? __pfx_vfs_readv+0x10/0x10
[  119.051124][ T6529]  ? fdget_pos+0x2a2/0x370
[  119.051180][ T6529]  ? __fget_files+0x20e/0x3c0
[  119.051210][ T6529]  ? __fget_files+0x1e0/0x3c0
[  119.051251][ T6529]  ? do_readv+0x132/0x340
[  119.051278][ T6529]  do_readv+0x132/0x340
[  119.051308][ T6529]  ? __pfx_do_readv+0x10/0x10
[  119.051347][ T6529]  do_syscall_64+0xcd/0xf80
[  119.051386][ T6529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.051410][ T6529] RIP: 0033:0x7f595058f7c9
[  119.051430][ T6529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.051453][ T6529] RSP: 002b:00007f5951485038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  119.051477][ T6529] RAX: ffffffffffffffda RBX: 00007f59507e5fa0 RCX: 00007f595058f7c9
[  119.051494][ T6529] RDX: 0000000000000002 RSI: 0000200000000080 RDI: 0000000000000003
[  119.051510][ T6529] RBP: 00007f5951485090 R08: 0000000000000000 R09: 0000000000000000
[  119.051525][ T6529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.051541][ T6529] R13: 00007f59507e6038 R14: 00007f59507e5fa0 R15: 00007ffd129d2308
[  119.051579][ T6529]  </TASK>
[  119.943623][ T6546] FAULT_INJECTION: forcing a failure.
[  119.943623][ T6546] name failslab, interval 1, probability 0, space 0, times 0
[  119.966216][ T6546] CPU: 1 UID: 0 PID: 6546 Comm: syz.1.138 Not tainted syzkaller #0 PREEMPT(full) 
[  119.966237][ T6546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  119.966245][ T6546] Call Trace:
[  119.966250][ T6546]  <TASK>
[  119.966256][ T6546]  dump_stack_lvl+0x16c/0x1f0
[  119.966282][ T6546]  should_fail_ex+0x512/0x640
[  119.966298][ T6546]  ? __kmalloc_cache_noprof+0x5f/0x800
[  119.966317][ T6546]  should_failslab+0xc2/0x120
[  119.966339][ T6546]  __kmalloc_cache_noprof+0x80/0x800
[  119.966355][ T6546]  ? sctp_association_new+0xbb/0x29d0
[  119.966374][ T6546]  ? sctp_association_new+0xbb/0x29d0
[  119.966387][ T6546]  sctp_association_new+0xbb/0x29d0
[  119.966403][ T6546]  ? sctp_v4_scope+0x183/0x1a0
[  119.966423][ T6546]  sctp_connect_new_asoc+0x1a8/0x770
[  119.966442][ T6546]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  119.966463][ T6546]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[  119.966494][ T6546]  __sctp_connect+0x3f3/0xc80
[  119.966515][ T6546]  ? do_raw_spin_lock+0x12c/0x2b0
[  119.966535][ T6546]  ? __pfx___sctp_connect+0x10/0x10
[  119.966551][ T6546]  ? __pfx_sctp_inet_connect+0x10/0x10
[  119.966567][ T6546]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  119.966591][ T6546]  ? __pfx_sctp_inet_connect+0x10/0x10
[  119.966605][ T6546]  sctp_inet_connect+0x15f/0x230
[  119.966621][ T6546]  __sys_connect_file+0x141/0x1a0
[  119.966642][ T6546]  __sys_connect+0x13b/0x160
[  119.966657][ T6546]  ? __pfx___sys_connect+0x10/0x10
[  119.966681][ T6546]  ? __pfx_ksys_write+0x10/0x10
[  119.966709][ T6546]  __x64_sys_connect+0x72/0xb0
[  119.966723][ T6546]  ? lockdep_hardirqs_on+0x7c/0x110
[  119.966745][ T6546]  do_syscall_64+0xcd/0xf80
[  119.966767][ T6546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.966782][ T6546] RIP: 0033:0x7f840338f7c9
[  119.966794][ T6546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  119.966807][ T6546] RSP: 002b:00007f840422d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  119.966821][ T6546] RAX: ffffffffffffffda RBX: 00007f84035e5fa0 RCX: 00007f840338f7c9
[  119.966830][ T6546] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  119.966839][ T6546] RBP: 00007f840422d090 R08: 0000000000000000 R09: 0000000000000000
[  119.966847][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  119.966855][ T6546] R13: 00007f84035e6038 R14: 00007f84035e5fa0 R15: 00007ffe5e67de28
[  119.966874][ T6546]  </TASK>
[  121.050198][   T30] audit: type=1804 audit(1766488657.363:17): pid=6559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.143" name="/newroot/35/file0" dev="tmpfs" ino=205 res=1 errno=0
[  121.163368][   T30] audit: type=1804 audit(1766488657.473:18): pid=6555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.143" name="/newroot/35/file0" dev="tmpfs" ino=205 res=1 errno=0
[  121.264513][   T30] audit: type=1804 audit(1766488657.533:19): pid=6560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.142" name="/newroot/38/file0" dev="tmpfs" ino=221 res=1 errno=0
[  121.386734][   T30] audit: type=1804 audit(1766488657.693:20): pid=6563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.142" name="/newroot/38/file0" dev="tmpfs" ino=221 res=1 errno=0
[  122.501731][ T6590] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15
[  122.678880][ T6566] tipc: Started in network mode
[  122.693545][ T6566] tipc: Node identity ffffffff, cluster identity 4711
[  122.707654][ T6566] tipc: Node number set to 4294967295
[  123.892894][   T30] audit: type=1804 audit(1766488660.203:21): pid=6620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.158" name="/newroot/41/file0" dev="tmpfs" ino=236 res=1 errno=0
[  123.935903][   T30] audit: type=1804 audit(1766488660.253:22): pid=6616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.158" name="/newroot/41/file0" dev="tmpfs" ino=236 res=1 errno=0
[  124.230961][   T30] audit: type=1804 audit(1766488660.543:23): pid=6611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.154" name="/newroot/30/file0" dev="tmpfs" ino=176 res=1 errno=0
[  124.314482][   T30] audit: type=1804 audit(1766488660.633:24): pid=6613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.154" name="/newroot/30/file0" dev="tmpfs" ino=176 res=1 errno=0
[  124.803309][ T6639] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  126.249447][   T30] audit: type=1804 audit(1766488662.563:25): pid=6654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.168" name="/newroot/49/file0" dev="tmpfs" ino=280 res=1 errno=0
[  126.324155][   T30] audit: type=1804 audit(1766488662.603:26): pid=6654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.168" name="/newroot/49/file0" dev="tmpfs" ino=280 res=1 errno=0
[  126.474800][ T6661] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16
[  127.121921][   T30] audit: type=1804 audit(1766488663.433:27): pid=6672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.171" name="/newroot/46/file0" dev="tmpfs" ino=264 res=1 errno=0
[  127.211324][   T30] audit: type=1804 audit(1766488663.463:28): pid=6673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.171" name="/newroot/46/file0" dev="tmpfs" ino=264 res=1 errno=0
[  127.312155][ T5832] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  127.321643][ T6683] netlink: 342 bytes leftover after parsing attributes in process `syz.3.175'.
[  127.335881][ T5832] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  127.343792][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[  127.353437][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  127.353479][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  127.353497][ T5832] Workqueue: hci3 hci_rx_work
[  127.353533][ T5832] Call Trace:
[  127.353542][ T5832]  <TASK>
[  127.353553][ T5832]  dump_stack_lvl+0x16c/0x1f0
[  127.353594][ T5832]  sysfs_warn_dup+0x7f/0xa0
[  127.353623][ T5832]  sysfs_create_dir_ns+0x24b/0x2b0
[  127.353652][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  127.353678][ T5832]  ? find_held_lock+0x2b/0x80
[  127.353718][ T5832]  ? do_raw_spin_unlock+0x172/0x230
[  127.353750][ T5832]  kobject_add_internal+0x2c4/0x9d0
[  127.353783][ T5832]  kobject_add+0x16e/0x240
[  127.353808][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  127.353840][ T5832]  ? kobject_put+0xaf/0x6f0
[  127.353860][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  127.353905][ T5832]  device_add+0x288/0x1980
[  127.353937][ T5832]  ? __pfx_dev_set_name+0x10/0x10
[  127.353971][ T5832]  ? __pfx_device_add+0x10/0x10
[  127.354002][ T5832]  ? mgmt_send_event_skb+0x2fb/0x460
[  127.354044][ T5832]  hci_conn_add_sysfs+0x1a8/0x260
[  127.354082][ T5832]  le_conn_complete_evt+0x11ed/0x1fa0
[  127.354122][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  127.354151][ T5832]  ? __pfx_bt_warn+0x10/0x10
[  127.354187][ T5832]  hci_le_conn_complete_evt+0x23c/0x3a0
[  127.354228][ T5832]  hci_le_meta_evt+0x357/0x610
[  127.354262][ T5832]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  127.354301][ T5832]  hci_event_packet+0x685/0x1210
[  127.354343][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  127.354381][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  127.354419][ T5832]  ? kcov_remote_start+0x399/0x680
[  127.354454][ T5832]  ? lockdep_hardirqs_on+0x7c/0x110
[  127.354499][ T5832]  hci_rx_work+0x2c9/0x1020
[  127.354538][ T5832]  process_one_work+0x9ba/0x1b20
[  127.354581][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  127.354621][ T5832]  ? assign_work+0x1a0/0x250
[  127.354652][ T5832]  worker_thread+0x6c8/0xf10
[  127.354691][ T5832]  ? __kthread_parkme+0x19e/0x250
[  127.354739][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  127.354767][ T5832]  kthread+0x3c5/0x780
[  127.354795][ T5832]  ? __pfx_kthread+0x10/0x10
[  127.354838][ T5832]  ? rcu_is_watching+0x12/0xc0
[  127.354875][ T5832]  ? __pfx_kthread+0x10/0x10
[  127.354903][ T5832]  ret_from_fork+0x983/0xb10
[  127.354932][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  127.354963][ T5832]  ? __switch_to+0x7af/0x10d0
[  127.354994][ T5832]  ? __pfx_kthread+0x10/0x10
[  127.355022][ T5832]  ret_from_fork_asm+0x1a/0x30
[  127.355073][ T5832]  </TASK>
[  127.414264][ T6683] IPv6: NLM_F_CREATE should be specified when creating new route
[  127.617316][ T5832] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  127.631287][ T5832] Bluetooth: hci3: failed to register connection device
[  127.655344][ T6683] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  127.662850][ T6683] IPv6: NLM_F_CREATE should be set when creating new route
[  127.664636][ T6686] netlink: 342 bytes leftover after parsing attributes in process `syz.3.175'.
[  127.670131][ T6683] IPv6: NLM_F_CREATE should be set when creating new route
[  127.683528][ T6687] netlink: 8 bytes leftover after parsing attributes in process `syz.3.175'.
[  127.697481][ T6686] netlink: 8 bytes leftover after parsing attributes in process `syz.3.175'.
[  129.021167][ T6715] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[  129.060303][ T6715] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  129.111674][ T6715] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[  129.170539][ T6715] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  129.224830][ T6715] page dumped because: unmovable page
[  129.230264][ T6715] page_owner info is not present (never set?)
[  129.701995][ T5835] Bluetooth: hci3: command 0x2016 tx timeout
[  129.908699][ T6740] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  129.915117][ T6740] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  130.006333][ T6740] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  130.026260][ T6740] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  130.032425][ T6740] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  130.041871][ T6740] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  130.048705][ T6740] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  130.055690][ T6740] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  130.063744][ T6740] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  130.078958][ T6737] syz.1.189 uses obsolete (PF_INET,SOCK_PACKET)
[  130.399273][ T5832] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  131.914415][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout
[  132.052646][ T6769] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'.
[  132.075612][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout
[  132.075938][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  132.154065][   T52] Bluetooth: hci3: command 0x2016 tx timeout
[  132.163078][ T6740] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  132.169545][ T6740] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  132.180845][ T6740] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  132.336364][ T6772] random: crng reseeded on system resumption
[  132.818776][ T6787] __vm_enough_memory: pid: 6787, comm: syz.3.203, bytes: 4398046511104 not enough memory for the allocation
[  133.994268][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout
[  134.155736][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout
[  134.164870][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout
[  134.234140][ T5843] Bluetooth: hci3: command 0x2016 tx timeout
[  134.851529][ T6840] netlink: 'syz.1.214': attribute type 11 has an invalid length.
[  135.589775][ T6862] tipc: Enabling of bearer <@):^\/\> rejected, media not registered
[  136.030001][ T6877] bond0: invalid ARP target specified
[  136.084215][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout
[  136.144549][ T5828] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  136.234374][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout
[  136.241286][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout
[  136.314187][ T5843] Bluetooth: hci3: command 0x2016 tx timeout
[  136.321233][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  136.321265][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  136.321279][ T5828] Call Trace:
[  136.321287][ T5828]  <TASK>
[  136.321297][ T5828]  dump_stack_lvl+0x16c/0x1f0
[  136.321338][ T5828]  dump_header+0x101/0x960
[  136.321369][ T5828]  oom_kill_process+0x176/0x910
[  136.321401][ T5828]  out_of_memory+0x350/0x1700
[  136.321428][ T5828]  ? __lock_acquire+0x436/0x2890
[  136.321458][ T5828]  ? __pfx_out_of_memory+0x10/0x10
[  136.321495][ T5828]  mem_cgroup_out_of_memory+0x118/0x130
[  136.321526][ T5828]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  136.321564][ T5828]  ? do_raw_spin_unlock+0x172/0x230
[  136.321597][ T5828]  try_charge_memcg+0x695/0xd30
[  136.321638][ T5828]  ? __pfx_try_charge_memcg+0x10/0x10
[  136.321678][ T5828]  ? find_held_lock+0x2b/0x80
[  136.321706][ T5828]  charge_memcg+0x8a/0x230
[  136.321734][ T5828]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  136.321762][ T5828]  __read_swap_cache_async+0x397/0x500
[  136.321797][ T5828]  ? __pfx___read_swap_cache_async+0x10/0x10
[  136.321824][ T5828]  ? mark_held_locks+0x49/0x80
[  136.321846][ T5828]  ? finish_task_switch.isra.0+0x1a0/0xbd0
[  136.321878][ T5828]  ? finish_task_switch.isra.0+0x2e0/0xbd0
[  136.321914][ T5828]  swap_cluster_readahead+0x432/0x770
[  136.321951][ T5828]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  136.321984][ T5828]  ? __lock_acquire+0x436/0x2890
[  136.322023][ T5828]  ? get_vma_policy+0x242/0x3c0
[  136.322050][ T5828]  swapin_readahead+0x160/0x1220
[  136.322092][ T5828]  ? __pfx_swapin_readahead+0x10/0x10
[  136.322129][ T5828]  ? find_held_lock+0x2b/0x80
[  136.322157][ T5828]  ? swap_cache_get_folio+0x267/0x8e0
[  136.322183][ T5828]  ? swap_cache_get_folio+0x267/0x8e0
[  136.322206][ T5828]  ? swap_cache_get_folio+0x267/0x8e0
[  136.322235][ T5828]  ? swap_cache_get_folio+0x267/0x8e0
[  136.322260][ T5828]  ? swap_cache_get_folio+0x293/0x8e0
[  136.322290][ T5828]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  136.322316][ T5828]  ? __pfx_get_swap_device+0x10/0x10
[  136.322348][ T5828]  ? rcu_read_unlock+0x2d/0xb0
[  136.322383][ T5828]  ? do_swap_page+0x962/0x64a0
[  136.322405][ T5828]  do_swap_page+0x962/0x64a0
[  136.322436][ T5828]  ? __lock_acquire+0x436/0x2890
[  136.322469][ T5828]  ? __pfx_do_swap_page+0x10/0x10
[  136.322498][ T5828]  ? __pfx_default_wake_function+0x10/0x10
[  136.322531][ T5828]  ? do_fault+0x9fb/0x1ad0
[  136.322568][ T5828]  ? rcu_is_watching+0x12/0xc0
[  136.322600][ T5828]  ? ___pte_offset_map+0x175/0x380
[  136.322637][ T5828]  __handle_mm_fault+0x19cb/0x2bb0
[  136.322669][ T5828]  ? reacquire_held_locks+0xcd/0x1f0
[  136.322692][ T5828]  ? __pfx___handle_mm_fault+0x10/0x10
[  136.322723][ T5828]  ? lock_vma_under_rcu+0x176/0x580
[  136.322760][ T5828]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  136.322803][ T5828]  handle_mm_fault+0x3fe/0xad0
[  136.322836][ T5828]  do_user_addr_fault+0x60c/0x1370
[  136.322870][ T5828]  ? rcu_is_watching+0x12/0xc0
[  136.322906][ T5828]  exc_page_fault+0x64/0xc0
[  136.322940][ T5828]  asm_exc_page_fault+0x26/0x30
[  136.322960][ T5828] RIP: 0033:0x7f5950466037
[  136.322978][ T5828] Code: 00 00 48 b8 db 34 b6 d7 82 de 1b 43 48 f7 a4 24 98 00 00 00 48 8b 05 68 f7 ea 00 48 69 8c 24 90 00 00 00 e8 03 00 00 8b 78 08 <48> 8b 44 24 18 48 c1 ea 12 4c 8b 0d 79 f6 ea 00 48 01 d1 39 7c 24
[  136.323003][ T5828] RSP: 002b:00007ffd129d2690 EFLAGS: 00010202
[  136.323024][ T5828] RAX: 0000001b30c24000 RBX: 000000000000009b RCX: 0000000000020f58
[  136.323039][ T5828] RDX: 0000000006a74073 RSI: 00007f5951486010 RDI: 0000000000000012
[  136.323054][ T5828] RBP: 00007ffd129d26cc R08: 0000000000000000 R09: 00007f5951486000
[  136.323069][ T5828] R10: 0000000000000001 R11: 0000000000006256 R12: 0000000000001388
[  136.323083][ T5828] R13: 00000000000927c0 R14: 0000000000021099 R15: 00007ffd129d2720
[  136.323125][ T5828]  </TASK>
[  136.365455][ T5828] memory: usage 3072kB, limit 3072kB, failcnt 4152
[  136.739125][ T5828] memory+swap: usage 3204kB, limit 9007199254740988kB, failcnt 0
[  136.934376][ T5828] kmem: usage 984kB, limit 9007199254740988kB, failcnt 0
[  136.979816][ T5828] Memory cgroup stats for /syz0:
[  136.980102][ T5828] cache 0
[  136.994782][ T5828] rss 2097152
[  137.013354][ T5828] rss_huge 2097152
[  137.018734][ T5828] shmem 0
[  137.022047][ T5828] mapped_file 0
[  137.029074][ T5828] dirty 0
[  137.032036][ T5828] writeback 0
[  137.070122][ T5828] workingset_refault_anon 971
[  137.101736][ T5828] workingset_refault_file 1839
[  137.119298][ T5828] swap 135168
[  137.134608][ T5828] swapcached 32768
[  137.138377][ T5828] pgpgin 56988
[  137.141778][ T5828] pgpgout 57521
[  137.166048][ T5828] pgfault 51244
[  137.169546][ T5828] pgmajfault 303
[  137.173110][ T5828] inactive_anon 32768
[  137.194875][ T5828] active_anon 0
[  137.198377][ T5828] inactive_file 2097152
[  137.202543][ T5828] active_file 0
[  137.228538][ T5828] unevictable 0
[  137.232038][ T5828] hierarchical_memory_limit 3145728
[  137.239860][ T5828] hierarchical_memsw_limit 9223372036854771712
[  137.254001][ T5828] total_cache 0
[  137.257497][ T5828] total_rss 2097152
[  137.261311][ T5828] total_rss_huge 2097152
[  137.283371][ T5828] total_shmem 0
[  137.296296][ T5828] total_mapped_file 0
[  137.300318][ T5828] total_dirty 0
[  137.325612][ T5828] total_writeback 0
[  137.336709][ T5828] total_workingset_refault_anon 971
[  137.347541][ T5828] total_workingset_refault_file 1839
[  137.352846][ T5828] total_swap 135168
[  137.384176][ T5828] total_swapcached 32768
[  137.393276][ T5828] total_pgpgin 56988
[  137.434109][ T5828] total_pgpgout 57521
[  137.438132][ T5828] total_pgfault 51244
[  137.442127][ T5828] total_pgmajfault 303
[  137.498935][ T5828] total_inactive_anon 32768
[  137.503468][ T5828] total_active_anon 0
[  137.516972][ T5828] total_inactive_file 2097152
[  137.521686][ T5828] total_active_file 0
[  137.574151][ T6899] netlink: 16 bytes leftover after parsing attributes in process `syz.3.224'.
[  137.628907][ T5828] total_unevictable 0
[  137.635201][ T5828] anon_cost 0
[  137.644193][ T5828] file_cost 0
[  137.655968][ T5828] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.215,pid=6845,uid=0
[  137.703799][ T5828] Memory cgroup out of memory: Killed process 6845 (syz.0.215) total-vm:131548kB, anon-rss:3224kB, file-rss:21680kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  138.006532][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  138.015414][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  138.283238][ T6912] vivid-007: =================  START STATUS  =================
[  138.291608][ T6912] vivid-007: Generate PTS: true
[  138.297101][ T6912] vivid-007: Generate SCR: true
[  138.301975][ T6912] tpg source WxH: 320x240 (Y'CbCr)
[  138.307203][ T6912] tpg field: 1
[  138.310578][ T6912] tpg crop: (0,0)/320x240
[  138.315105][ T6912] tpg compose: (0,0)/320x240
[  138.319791][ T6912] tpg colorspace: 8
[  138.323628][ T6912] tpg transfer function: 0/0
[  138.332733][ T6912] tpg Y'CbCr encoding: 0/0
[  138.344878][ T6912] tpg quantization: 0/0
[  138.349066][ T6912] tpg RGB range: 0/2
[  138.352966][ T6912] vivid-007: ==================  END STATUS  ==================
[  138.404248][ T5843] Bluetooth: hci3: command 0x2016 tx timeout
[  138.781840][ T6923] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  139.145462][ T6932] netlink: 330 bytes leftover after parsing attributes in process `syz.3.233'.
[  140.474069][ T5843] Bluetooth: hci3: command 0x2016 tx timeout
[  140.981769][ T6950] kafs: addr_prefs: Too many elements in string
[  141.043109][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.237'.
[  141.429032][ T6958] FAULT_INJECTION: forcing a failure.
[  141.429032][ T6958] name failslab, interval 1, probability 0, space 0, times 0
[  141.469975][ T6958] CPU: 0 UID: 0 PID: 6958 Comm: syz.3.239 Not tainted syzkaller #0 PREEMPT(full) 
[  141.470015][ T6958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  141.470031][ T6958] Call Trace:
[  141.470040][ T6958]  <TASK>
[  141.470051][ T6958]  dump_stack_lvl+0x16c/0x1f0
[  141.470104][ T6958]  should_fail_ex+0x512/0x640
[  141.470139][ T6958]  ? fs_reclaim_acquire+0xae/0x150
[  141.470183][ T6958]  should_failslab+0xc2/0x120
[  141.470223][ T6958]  kmem_cache_alloc_noprof+0x83/0x770
[  141.470253][ T6958]  ? __pfx_map_id_range_down+0x10/0x10
[  141.470297][ T6958]  ? security_inode_alloc+0x3b/0x2b0
[  141.470333][ T6958]  ? security_inode_alloc+0x3b/0x2b0
[  141.470359][ T6958]  security_inode_alloc+0x3b/0x2b0
[  141.470395][ T6958]  inode_init_always_gfp+0xced/0x1040
[  141.470442][ T6958]  alloc_inode+0x86/0x240
[  141.470472][ T6958]  iget_locked+0x1d9/0x6d0
[  141.470503][ T6958]  ? __pfx_iget_locked+0x10/0x10
[  141.470538][ T6958]  ? kernfs_root+0xee/0x2a0
[  141.470593][ T6958]  kernfs_get_inode+0x46/0x470
[  141.470624][ T6958]  kernfs_iop_lookup+0x1a7/0x2d0
[  141.470660][ T6958]  __lookup_slow+0x251/0x460
[  141.470691][ T6958]  ? __pfx___lookup_slow+0x10/0x10
[  141.470740][ T6958]  ? __d_lookup+0x266/0x4a0
[  141.470784][ T6958]  lookup_slow+0x50/0x70
[  141.470813][ T6958]  link_path_walk+0x16fd/0x1c70
[  141.470867][ T6958]  path_lookupat+0x74/0xc40
[  141.470909][ T6958]  filename_lookup+0x224/0x5f0
[  141.470954][ T6958]  ? __pfx_filename_lookup+0x10/0x10
[  141.471026][ T6958]  ? getname_flags.part.0+0x1c5/0x550
[  141.471089][ T6958]  user_path_at+0x3a/0x60
[  141.471138][ T6958]  __x64_sys_name_to_handle_at+0x1e7/0x310
[  141.471188][ T6958]  ? __pfx___x64_sys_name_to_handle_at+0x10/0x10
[  141.471251][ T6958]  do_syscall_64+0xcd/0xf80
[  141.471294][ T6958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.471321][ T6958] RIP: 0033:0x7fcc1858f7c9
[  141.471343][ T6958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.471368][ T6958] RSP: 002b:00007fcc193c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  141.471393][ T6958] RAX: ffffffffffffffda RBX: 00007fcc187e6180 RCX: 00007fcc1858f7c9
[  141.471411][ T6958] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  141.471429][ T6958] RBP: 00007fcc18613f91 R08: 0000000000000002 R09: 0000000000000000
[  141.471445][ T6958] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000000
[  141.471461][ T6958] R13: 00007fcc187e6218 R14: 00007fcc187e6180 R15: 00007ffd0285c338
[  141.471501][ T6958]  </TASK>
[  143.401507][ T6978] netlink: 28 bytes leftover after parsing attributes in process `syz.3.242'.
[  149.403228][ T7054] FAULT_INJECTION: forcing a failure.
[  149.403228][ T7054] name failslab, interval 1, probability 0, space 0, times 0
[  149.416351][ T7054] CPU: 1 UID: 0 PID: 7054 Comm: syz.3.259 Not tainted syzkaller #0 PREEMPT(full) 
[  149.416386][ T7054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  149.416400][ T7054] Call Trace:
[  149.416410][ T7054]  <TASK>
[  149.416421][ T7054]  dump_stack_lvl+0x16c/0x1f0
[  149.416462][ T7054]  should_fail_ex+0x512/0x640
[  149.416489][ T7054]  ? fs_reclaim_acquire+0xae/0x150
[  149.416529][ T7054]  should_failslab+0xc2/0x120
[  149.416566][ T7054]  kmem_cache_alloc_noprof+0x83/0x770
[  149.416594][ T7054]  ? __pfx_map_id_range_down+0x10/0x10
[  149.416626][ T7054]  ? security_inode_alloc+0x3b/0x2b0
[  149.416658][ T7054]  ? security_inode_alloc+0x3b/0x2b0
[  149.416682][ T7054]  security_inode_alloc+0x3b/0x2b0
[  149.416708][ T7054]  inode_init_always_gfp+0xced/0x1040
[  149.416750][ T7054]  alloc_inode+0x86/0x240
[  149.416776][ T7054]  new_inode+0x22/0x1c0
[  149.416814][ T7054]  nfsd_fill_super+0x13d/0x5a0
[  149.416857][ T7054]  ? __pfx_nfsd_fill_super+0x10/0x10
[  149.416895][ T7054]  get_tree_keyed+0x10e/0x1d0
[  149.416931][ T7054]  vfs_get_tree+0x8e/0x330
[  149.416960][ T7054]  path_mount+0x7bf/0x23a0
[  149.416983][ T7054]  ? rcu_is_watching+0x12/0xc0
[  149.417020][ T7054]  ? __pfx_path_mount+0x10/0x10
[  149.417042][ T7054]  ? kmem_cache_free+0x2d8/0x770
[  149.417072][ T7054]  ? putname+0xf5/0x1a0
[  149.417099][ T7054]  ? putname+0xf5/0x1a0
[  149.417118][ T7054]  ? putname+0xf5/0x1a0
[  149.417144][ T7054]  ? __x64_sys_mount+0x293/0x310
[  149.417165][ T7054]  __x64_sys_mount+0x293/0x310
[  149.417189][ T7054]  ? __pfx___x64_sys_mount+0x10/0x10
[  149.417225][ T7054]  do_syscall_64+0xcd/0xf80
[  149.417262][ T7054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.417288][ T7054] RIP: 0033:0x7fcc1858f7c9
[  149.417308][ T7054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.417331][ T7054] RSP: 002b:00007fcc19406038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  149.417354][ T7054] RAX: ffffffffffffffda RBX: 00007fcc187e5fa0 RCX: 00007fcc1858f7c9
[  149.417371][ T7054] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000
[  149.417386][ T7054] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  149.417402][ T7054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.417416][ T7054] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  149.417453][ T7054]  </TASK>
[  149.935616][ T7058] program syz.3.260 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.388756][   T30] audit: type=1800 audit(1766488688.693:29): pid=7087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.267" name="dbroot" dev="configfs" ino=13940 res=0 errno=0
[  153.163569][ T7106] aoe: invalid device specification 
[  153.515133][ T7116] binder: 7115:7116 ioctl c018620c 0 returned -1
[  153.549652][ T7116] netlink: 28 bytes leftover after parsing attributes in process `syz.0.273'.
[  153.593782][ T7121] FAULT_INJECTION: forcing a failure.
[  153.593782][ T7121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  153.614219][ T7121] CPU: 0 UID: 0 PID: 7121 Comm: syz.3.276 Not tainted syzkaller #0 PREEMPT(full) 
[  153.614254][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  153.614268][ T7121] Call Trace:
[  153.614276][ T7121]  <TASK>
[  153.614286][ T7121]  dump_stack_lvl+0x16c/0x1f0
[  153.614326][ T7121]  should_fail_ex+0x512/0x640
[  153.614358][ T7121]  _copy_from_user+0x2e/0xd0
[  153.614384][ T7121]  kstrtouint_from_user+0xd6/0x1d0
[  153.614417][ T7121]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  153.614447][ T7121]  ? __lock_acquire+0x436/0x2890
[  153.614477][ T7121]  ? simple_read_from_buffer+0x10d/0x170
[  153.614525][ T7121]  proc_fail_nth_write+0x83/0x220
[  153.614550][ T7121]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  153.614584][ T7121]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  153.614606][ T7121]  vfs_write+0x2a0/0x11d0
[  153.614643][ T7121]  ? __local_bh_enable_ip+0xa4/0x120
[  153.614674][ T7121]  ? lockdep_hardirqs_on+0x7c/0x110
[  153.614710][ T7121]  ? __pfx_vfs_write+0x10/0x10
[  153.614741][ T7121]  ? qrtr_bind+0x1d4/0x250
[  153.614779][ T7121]  ? __sys_bind+0x1c5/0x260
[  153.614805][ T7121]  ? __pfx___sys_bind+0x10/0x10
[  153.614841][ T7121]  ksys_write+0x12a/0x250
[  153.614873][ T7121]  ? __pfx_ksys_write+0x10/0x10
[  153.614916][ T7121]  do_syscall_64+0xcd/0xf80
[  153.614952][ T7121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.614977][ T7121] RIP: 0033:0x7fcc1858e27f
[  153.614998][ T7121] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  153.615021][ T7121] RSP: 002b:00007fcc19406030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  153.615044][ T7121] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcc1858e27f
[  153.615060][ T7121] RDX: 0000000000000001 RSI: 00007fcc194060a0 RDI: 0000000000000004
[  153.615075][ T7121] RBP: 00007fcc19406090 R08: 0000000000000000 R09: 0000000000000000
[  153.615090][ T7121] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  153.615104][ T7121] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  153.615140][ T7121]  </TASK>
[  154.009316][ T7125] netlink: 8 bytes leftover after parsing attributes in process `syz.3.277'.
[  155.131662][ T7149] Invalid ELF header magic: != ELF
[  155.151718][ T7149] netlink: 28 bytes leftover after parsing attributes in process `syz.3.284'.
[  155.255654][   T30] audit: type=1804 audit(1766488691.573:30): pid=7150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.282" name="/newroot/70/file0" dev="tmpfs" ino=393 res=1 errno=0
[  155.395472][   T30] audit: type=1804 audit(1766488691.713:31): pid=7144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.282" name="/newroot/70/file0" dev="tmpfs" ino=393 res=1 errno=0
[  155.455014][ T7152] FAULT_INJECTION: forcing a failure.
[  155.455014][ T7152] name failslab, interval 1, probability 0, space 0, times 0
[  155.471245][ T7152] CPU: 1 UID: 0 PID: 7152 Comm: syz.3.285 Not tainted syzkaller #0 PREEMPT(full) 
[  155.471278][ T7152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  155.471287][ T7152] Call Trace:
[  155.471293][ T7152]  <TASK>
[  155.471301][ T7152]  dump_stack_lvl+0x16c/0x1f0
[  155.471330][ T7152]  should_fail_ex+0x512/0x640
[  155.471351][ T7152]  should_failslab+0xc2/0x120
[  155.471374][ T7152]  __kmalloc_cache_noprof+0x80/0x800
[  155.471392][ T7152]  ? __task_pid_nr_ns+0x1f5/0x500
[  155.471405][ T7152]  ? proc_thread_self_get_link+0x1c6/0x240
[  155.471426][ T7152]  ? proc_thread_self_get_link+0x1c6/0x240
[  155.471443][ T7152]  proc_thread_self_get_link+0x1c6/0x240
[  155.471462][ T7152]  pick_link+0xb09/0x13b0
[  155.471480][ T7152]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[  155.471501][ T7152]  step_into_slowpath+0x6c6/0xf50
[  155.471523][ T7152]  ? __pfx_step_into_slowpath+0x10/0x10
[  155.471544][ T7152]  ? lookup_fast+0x156/0x610
[  155.471560][ T7152]  ? inode_permission+0x37b/0x640
[  155.471578][ T7152]  link_path_walk+0xd26/0x1c70
[  155.471604][ T7152]  path_openat+0x1bd/0x3140
[  155.471624][ T7152]  ? do_syscall_64+0xcd/0xf80
[  155.471645][ T7152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.471666][ T7152]  ? __pfx_path_openat+0x10/0x10
[  155.471694][ T7152]  do_filp_open+0x20b/0x470
[  155.471716][ T7152]  ? __pfx_do_filp_open+0x10/0x10
[  155.471751][ T7152]  ? alloc_fd+0x471/0x7d0
[  155.471777][ T7152]  do_sys_openat2+0x121/0x290
[  155.471793][ T7152]  ? __pfx_do_sys_openat2+0x10/0x10
[  155.471817][ T7152]  __x64_sys_openat+0x174/0x210
[  155.471833][ T7152]  ? __pfx___x64_sys_openat+0x10/0x10
[  155.471849][ T7152]  ? ksys_write+0x1ac/0x250
[  155.471870][ T7152]  ? fdget+0x187/0x210
[  155.471893][ T7152]  do_syscall_64+0xcd/0xf80
[  155.471915][ T7152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.471930][ T7152] RIP: 0033:0x7fcc1858f7c9
[  155.471942][ T7152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.471956][ T7152] RSP: 002b:00007fcc19406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  155.471970][ T7152] RAX: ffffffffffffffda RBX: 00007fcc187e5fa0 RCX: 00007fcc1858f7c9
[  155.471979][ T7152] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  155.471988][ T7152] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  155.471996][ T7152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.472005][ T7152] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  155.472024][ T7152]  </TASK>
[  156.218755][ T7160] vivid-003: =================  START STATUS  =================
[  156.226644][ T7160] vivid-003: Radio HW Seek Mode: Bounded
[  156.232681][ T7160] vivid-003: Radio Programmable HW Seek: false
[  156.240027][ T7160] vivid-003: RDS Rx I/O Mode: Block I/O
[  156.245797][ T7160] vivid-003: Generate RBDS Instead of RDS: false
[  156.252317][ T7160] vivid-003: RDS Reception: true
[  156.257389][ T7160] vivid-003: RDS Program Type: 0 inactive
[  156.263312][ T7160] vivid-003: RDS PS Name:  inactive
[  156.268687][ T7160] vivid-003: RDS Radio Text:  inactive
[  156.274457][ T7160] vivid-003: RDS Traffic Announcement: false inactive
[  156.282136][ T7160] vivid-003: RDS Traffic Program: false inactive
[  156.289792][ T7160] vivid-003: RDS Music: false inactive
[  156.295768][ T7160] vivid-003: ==================  END STATUS  ==================
[  159.262366][ T7226] __vm_enough_memory: pid: 7226, comm: syz.2.298, bytes: 4398046511104 not enough memory for the allocation
[  160.426282][ T7250] zswap: compressor  not available
[  160.527174][   T30] audit: type=1804 audit(1766488696.833:32): pid=7271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.307" name="/newroot/75/file0" dev="tmpfs" ino=422 res=1 errno=0
[  160.583113][   T30] audit: type=1804 audit(1766488696.863:33): pid=7272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.307" name="/newroot/75/file0" dev="tmpfs" ino=422 res=1 errno=0
[  162.090373][ T5843] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  162.729677][ T7329] delete_channel: no stack
[  163.202048][ T7349] vivid-003: =================  START STATUS  =================
[  163.213233][ T7349] vivid-003: Radio HW Seek Mode: Bounded
[  163.239332][ T7349] vivid-003: Radio Programmable HW Seek: false
[  163.260288][ T7349] vivid-003: RDS Rx I/O Mode: Block I/O
[  163.301540][ T7349] vivid-003: Generate RBDS Instead of RDS: false
[  163.344020][ T7349] vivid-003: RDS Reception: true
[  163.357342][ T7349] vivid-003: RDS Program Type: 0 inactive
[  163.383646][ T7349] vivid-003: RDS PS Name:  inactive
[  163.440739][ T7349] vivid-003: RDS Radio Text:  inactive
[  163.456728][ T7349] vivid-003: RDS Traffic Announcement: false inactive
[  163.473799][ T7349] vivid-003: RDS Traffic Program: false inactive
[  163.494750][ T7349] vivid-003: RDS Music: false inactive
[  163.500324][ T7349] vivid-003: ==================  END STATUS  ==================
[  164.295455][ T7358] QAT: Stopping all acceleration devices.
[  164.493611][ T7369] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17
[  164.954387][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.331'.
[  165.513343][ T7395] FAULT_INJECTION: forcing a failure.
[  165.513343][ T7395] name failslab, interval 1, probability 0, space 0, times 0
[  165.529825][ T7395] CPU: 1 UID: 0 PID: 7395 Comm: syz.3.335 Not tainted syzkaller #0 PREEMPT(full) 
[  165.529862][ T7395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  165.529877][ T7395] Call Trace:
[  165.529885][ T7395]  <TASK>
[  165.529896][ T7395]  dump_stack_lvl+0x16c/0x1f0
[  165.529941][ T7395]  should_fail_ex+0x512/0x640
[  165.529970][ T7395]  ? __kmalloc_noprof+0xca/0x910
[  165.530002][ T7395]  should_failslab+0xc2/0x120
[  165.530040][ T7395]  __kmalloc_noprof+0xeb/0x910
[  165.530068][ T7395]  ? ring_buffer_read_start+0x1b9/0x500
[  165.530106][ T7395]  ? ring_buffer_read_start+0x1b9/0x500
[  165.530137][ T7395]  ring_buffer_read_start+0x1b9/0x500
[  165.530172][ T7395]  ? __pfx_ring_buffer_read_start+0x10/0x10
[  165.530204][ T7395]  ? lockdep_init_map_type+0x5c/0x270
[  165.530232][ T7395]  ? ring_buffer_overruns+0x195/0x1f0
[  165.530264][ T7395]  tracing_open+0x93f/0xe10
[  165.530296][ T7395]  do_dentry_open+0x748/0x1590
[  165.530333][ T7395]  ? __pfx_tracing_open+0x10/0x10
[  165.530355][ T7395]  vfs_open+0x82/0x3f0
[  165.530374][ T7395]  path_openat+0x2078/0x3140
[  165.530403][ T7395]  ? __pfx_path_openat+0x10/0x10
[  165.530432][ T7395]  do_filp_open+0x20b/0x470
[  165.530454][ T7395]  ? __pfx_do_filp_open+0x10/0x10
[  165.530489][ T7395]  ? alloc_fd+0x471/0x7d0
[  165.530520][ T7395]  do_sys_openat2+0x121/0x290
[  165.530535][ T7395]  ? __pfx_do_sys_openat2+0x10/0x10
[  165.530559][ T7395]  __x64_sys_openat+0x174/0x210
[  165.530576][ T7395]  ? __pfx___x64_sys_openat+0x10/0x10
[  165.530600][ T7395]  do_syscall_64+0xcd/0xf80
[  165.530624][ T7395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.530639][ T7395] RIP: 0033:0x7fcc1858f7c9
[  165.530652][ T7395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.530667][ T7395] RSP: 002b:00007fcc193e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  165.530681][ T7395] RAX: ffffffffffffffda RBX: 00007fcc187e6090 RCX: 00007fcc1858f7c9
[  165.530690][ T7395] RDX: 1a6b75d638828712 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  165.530699][ T7395] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  165.530707][ T7395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  165.530716][ T7395] R13: 00007fcc187e6128 R14: 00007fcc187e6090 R15: 00007ffd0285c338
[  165.530737][ T7395]  </TASK>
[  165.972050][ T7399] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  166.171792][ T7401] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  167.535652][ T7428] NFSD: Failed to start, no listeners configured.
[  167.809096][ T7438] netlink: 342 bytes leftover after parsing attributes in process `syz.3.341'.
[  167.825337][ T7438] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  169.131706][ T7470] binder: 7469:7470 ioctl 8933 200000001380 returned -22
[  170.092842][ T7484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.351'.
[  170.301897][ T7484] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  170.325216][ T7484] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  170.367612][ T7484] bond0 (unregistering): Released all slaves
[  174.379786][ T7568] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  174.497849][ T7568] CIFS mount error: No usable UNC path provided in device string!
[  174.497849][ T7568] 
[  174.512150][ T7568] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  174.669559][ T7576] FAULT_INJECTION: forcing a failure.
[  174.669559][ T7576] name failslab, interval 1, probability 0, space 0, times 0
[  174.704487][ T7576] CPU: 1 UID: 0 PID: 7576 Comm: syz.3.371 Not tainted syzkaller #0 PREEMPT(full) 
[  174.704525][ T7576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  174.704541][ T7576] Call Trace:
[  174.704550][ T7576]  <TASK>
[  174.704560][ T7576]  dump_stack_lvl+0x16c/0x1f0
[  174.704603][ T7576]  should_fail_ex+0x512/0x640
[  174.704632][ T7576]  ? __kmalloc_noprof+0xca/0x910
[  174.704665][ T7576]  should_failslab+0xc2/0x120
[  174.704702][ T7576]  __kmalloc_noprof+0xeb/0x910
[  174.704732][ T7576]  ? create_ruleset+0x21/0x140
[  174.704763][ T7576]  ? create_ruleset+0x21/0x140
[  174.704787][ T7576]  create_ruleset+0x21/0x140
[  174.704812][ T7576]  landlock_merge_ruleset+0xbb/0x870
[  174.704841][ T7576]  ? prepare_creds+0x5ea/0x940
[  174.704874][ T7576]  __do_sys_landlock_restrict_self+0x2a1/0x910
[  174.704906][ T7576]  do_syscall_64+0xcd/0xf80
[  174.704946][ T7576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.704973][ T7576] RIP: 0033:0x7fcc1858f7c9
[  174.704995][ T7576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.705019][ T7576] RSP: 002b:00007fcc193e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  174.705044][ T7576] RAX: ffffffffffffffda RBX: 00007fcc187e6090 RCX: 00007fcc1858f7c9
[  174.705062][ T7576] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[  174.705077][ T7576] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  174.705092][ T7576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  174.705108][ T7576] R13: 00007fcc187e6128 R14: 00007fcc187e6090 R15: 00007ffd0285c338
[  174.705144][ T7576]  </TASK>
[  175.059075][ T7579] NFSD: Failed to start, no listeners configured.
[  175.299249][   T30] audit: type=1804 audit(1766488711.613:34): pid=7586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.373" name="/newroot/75/file0" dev="tmpfs" ino=419 res=1 errno=0
[  175.375048][   T30] audit: type=1804 audit(1766488711.653:35): pid=7585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.373" name="/newroot/75/file0" dev="tmpfs" ino=419 res=1 errno=0
[  175.388239][ T7565] syz.0.366 (7565) used greatest stack depth: 20216 bytes left
[  175.531258][ T7595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  175.542171][ T7595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  175.558789][ T7596] Invalid ELF header magic: != ELF
[  175.872676][ T7601] openvswitch: netlink: Message has 20 unknown bytes.
[  176.132105][ T7612] netlink: 28 bytes leftover after parsing attributes in process `syz.1.380'.
[  176.148880][ T7612] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.218110][ T7612] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.595424][ T7616] size and base must be multiples of 4 kiB
[  176.601373][ T7616] CPU: 0 UID: 0 PID: 7616 Comm: syz.3.381 Not tainted syzkaller #0 PREEMPT(full) 
[  176.601406][ T7616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  176.601421][ T7616] Call Trace:
[  176.601430][ T7616]  <TASK>
[  176.601440][ T7616]  dump_stack_lvl+0x16c/0x1f0
[  176.601482][ T7616]  mtrr_del+0xd1/0x110
[  176.601521][ T7616]  mtrr_ioctl+0x922/0xcf0
[  176.601547][ T7616]  ? __pfx_mtrr_ioctl+0x10/0x10
[  176.601576][ T7616]  ? find_held_lock+0x2b/0x80
[  176.601616][ T7616]  ? __fget_files+0x20e/0x3c0
[  176.601656][ T7616]  ? __pfx_mtrr_ioctl+0x10/0x10
[  176.601681][ T7616]  proc_reg_unlocked_ioctl+0x229/0x320
[  176.601715][ T7616]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  176.601750][ T7616]  __x64_sys_ioctl+0x18e/0x210
[  176.601783][ T7616]  do_syscall_64+0xcd/0xf80
[  176.601821][ T7616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  176.601847][ T7616] RIP: 0033:0x7fcc1858f7c9
[  176.601869][ T7616] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  176.601895][ T7616] RSP: 002b:00007fcc193e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  176.601920][ T7616] RAX: ffffffffffffffda RBX: 00007fcc187e6090 RCX: 00007fcc1858f7c9
[  176.601938][ T7616] RDX: 0000000000000007 RSI: 0000000040104d04 RDI: 0000000000000007
[  176.601954][ T7616] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  176.601970][ T7616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  176.601986][ T7616] R13: 00007fcc187e6128 R14: 00007fcc187e6090 R15: 00007ffd0285c338
[  176.602021][ T7616]  </TASK>
[  177.150621][ T7622] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  177.205510][ T7624] netlink: 28 bytes leftover after parsing attributes in process `syz.1.390'.
[  177.239657][ T7625] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  177.641404][ T7624] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.667942][ T7624] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.690280][ T7624] bond0 (unregistering): Released all slaves
[  178.034035][ T7634] FAULT_INJECTION: forcing a failure.
[  178.034035][ T7634] name failslab, interval 1, probability 0, space 0, times 0
[  178.090831][ T7634] CPU: 0 UID: 0 PID: 7634 Comm: syz.2.385 Not tainted syzkaller #0 PREEMPT(full) 
[  178.090867][ T7634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  178.090888][ T7634] Call Trace:
[  178.090897][ T7634]  <TASK>
[  178.090908][ T7634]  dump_stack_lvl+0x16c/0x1f0
[  178.090958][ T7634]  should_fail_ex+0x512/0x640
[  178.090994][ T7634]  should_failslab+0xc2/0x120
[  178.091034][ T7634]  __kmalloc_cache_noprof+0x80/0x800
[  178.091064][ T7634]  ? __task_pid_nr_ns+0x1f5/0x500
[  178.091088][ T7634]  ? proc_thread_self_get_link+0x1c6/0x240
[  178.091125][ T7634]  ? proc_thread_self_get_link+0x1c6/0x240
[  178.091156][ T7634]  proc_thread_self_get_link+0x1c6/0x240
[  178.091190][ T7634]  pick_link+0xb09/0x13b0
[  178.091222][ T7634]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[  178.091259][ T7634]  step_into_slowpath+0x6c6/0xf50
[  178.091299][ T7634]  ? __pfx_step_into_slowpath+0x10/0x10
[  178.091340][ T7634]  ? lookup_fast+0x156/0x610
[  178.091368][ T7634]  ? inode_permission+0x37b/0x640
[  178.091402][ T7634]  link_path_walk+0xd26/0x1c70
[  178.091448][ T7634]  path_openat+0x1bd/0x3140
[  178.091482][ T7634]  ? do_syscall_64+0xcd/0xf80
[  178.091517][ T7634]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.091555][ T7634]  ? __pfx_path_openat+0x10/0x10
[  178.091605][ T7634]  do_filp_open+0x20b/0x470
[  178.091644][ T7634]  ? __pfx_do_filp_open+0x10/0x10
[  178.091706][ T7634]  ? alloc_fd+0x471/0x7d0
[  178.091752][ T7634]  do_sys_openat2+0x121/0x290
[  178.091781][ T7634]  ? __pfx_do_sys_openat2+0x10/0x10
[  178.091824][ T7634]  __x64_sys_openat+0x174/0x210
[  178.091853][ T7634]  ? __pfx___x64_sys_openat+0x10/0x10
[  178.091898][ T7634]  do_syscall_64+0xcd/0xf80
[  178.091942][ T7634]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  178.091968][ T7634] RIP: 0033:0x7f62bfd8f7c9
[  178.091990][ T7634] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  178.092015][ T7634] RSP: 002b:00007f62bdfee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  178.092042][ T7634] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f7c9
[  178.092059][ T7634] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  178.092076][ T7634] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000
[  178.092091][ T7634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  178.092107][ T7634] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007fff2acd2838
[  178.092144][ T7634]  </TASK>
[  179.366599][   T30] audit: type=1800 audit(1766488715.683:36): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.389" name="discovery_nqn" dev="configfs" ino=17505 res=0 errno=0
[  179.911652][ T7662] netlink: 28 bytes leftover after parsing attributes in process `syz.3.391'.
[  179.942176][ T7662] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  180.000405][ T7662] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.221366][   T30] audit: type=1804 audit(1766488716.533:37): pid=7664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.399" name="/newroot/79/file0" dev="tmpfs" ino=440 res=1 errno=0
[  180.376868][   T30] audit: type=1804 audit(1766488716.663:38): pid=7677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.399" name="/newroot/79/file0" dev="tmpfs" ino=440 res=1 errno=0
[  180.606044][ T7683] netlink: 342 bytes leftover after parsing attributes in process `syz.3.393'.
[  180.619189][ T5843] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  180.633673][ T7683] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  180.653981][ T7680] netlink: 342 bytes leftover after parsing attributes in process `syz.3.393'.
[  180.665813][ T7680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.393'.
[  180.808998][ T7685] FAULT_INJECTION: forcing a failure.
[  180.808998][ T7685] name fail_futex, interval 1, probability 0, space 0, times 0
[  180.829070][ T7685] CPU: 0 UID: 0 PID: 7685 Comm: syz.3.394 Not tainted syzkaller #0 PREEMPT(full) 
[  180.829105][ T7685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  180.829114][ T7685] Call Trace:
[  180.829119][ T7685]  <TASK>
[  180.829125][ T7685]  dump_stack_lvl+0x16c/0x1f0
[  180.829151][ T7685]  should_fail_ex+0x512/0x640
[  180.829170][ T7685]  get_futex_key+0x1d0/0x15f0
[  180.829187][ T7685]  ? __lock_acquire+0x436/0x2890
[  180.829201][ T7685]  ? __pfx_get_futex_key+0x10/0x10
[  180.829222][ T7685]  futex_wait_setup+0x9d/0x570
[  180.829248][ T7685]  __futex_wait+0x193/0x2f0
[  180.829267][ T7685]  ? __pfx___futex_wait+0x10/0x10
[  180.829290][ T7685]  ? __pfx_futex_wake_mark+0x10/0x10
[  180.829311][ T7685]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  180.829328][ T7685]  ? __hrtimer_setup+0x176/0x280
[  180.829347][ T7685]  ? ktime_add_safe+0x60/0x70
[  180.829374][ T7685]  futex_wait+0xe8/0x380
[  180.829393][ T7685]  ? __pfx_futex_wait+0x10/0x10
[  180.829411][ T7685]  ? __lock_acquire+0x436/0x2890
[  180.829425][ T7685]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  180.829449][ T7685]  do_futex+0x229/0x350
[  180.829465][ T7685]  ? __pfx_do_futex+0x10/0x10
[  180.829480][ T7685]  ? rcu_is_watching+0x12/0xc0
[  180.829498][ T7685]  ? ktime_get+0x200/0x310
[  180.829511][ T7685]  ? lockdep_hardirqs_on+0x7c/0x110
[  180.829533][ T7685]  ? read_tsc+0x9/0x20
[  180.829555][ T7685]  __x64_sys_futex+0x1e0/0x4c0
[  180.829573][ T7685]  ? __pfx___x64_sys_futex+0x10/0x10
[  180.829590][ T7685]  ? xfd_validate_state+0x61/0x180
[  180.829608][ T7685]  do_syscall_64+0xcd/0xf80
[  180.829631][ T7685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.829645][ T7685] RIP: 0033:0x7fcc1858f7c9
[  180.829658][ T7685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  180.829675][ T7685] RSP: 002b:00007ffd0285c498 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  180.829689][ T7685] RAX: ffffffffffffffda RBX: 000000000002c231 RCX: 00007fcc1858f7c9
[  180.829699][ T7685] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcc187e5fac
[  180.829711][ T7685] RBP: 0000000000000032 R08: 00007fcc19407000 R09: 000000070285c78f
[  180.829720][ T7685] R10: 00007ffd0285c590 R11: 0000000000000246 R12: 00007fcc187e5fac
[  180.829728][ T7685] R13: 00007ffd0285c590 R14: 000000000002c263 R15: 00007ffd0285c5b0
[  180.829746][ T7685]  </TASK>
[  181.400823][ T7686] netlink: 4 bytes leftover after parsing attributes in process `syz.3.394'.
[  182.265362][ T7702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  182.436945][ T7700] FAULT_INJECTION: forcing a failure.
[  182.436945][ T7700] name failslab, interval 1, probability 0, space 0, times 0
[  182.501927][ T7700] CPU: 1 UID: 0 PID: 7700 Comm: syz.2.398 Not tainted syzkaller #0 PREEMPT(full) 
[  182.501962][ T7700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  182.501977][ T7700] Call Trace:
[  182.501985][ T7700]  <TASK>
[  182.501995][ T7700]  dump_stack_lvl+0x16c/0x1f0
[  182.502037][ T7700]  should_fail_ex+0x512/0x640
[  182.502065][ T7700]  ? fs_reclaim_acquire+0xae/0x150
[  182.502104][ T7700]  should_failslab+0xc2/0x120
[  182.502140][ T7700]  kmem_cache_alloc_noprof+0x83/0x770
[  182.502168][ T7700]  ? __pfx_map_id_range_down+0x10/0x10
[  182.502202][ T7700]  ? security_inode_alloc+0x3b/0x2b0
[  182.502235][ T7700]  ? security_inode_alloc+0x3b/0x2b0
[  182.502257][ T7700]  security_inode_alloc+0x3b/0x2b0
[  182.502283][ T7700]  inode_init_always_gfp+0xced/0x1040
[  182.502326][ T7700]  alloc_inode+0x86/0x240
[  182.502354][ T7700]  sock_alloc+0x40/0x280
[  182.502388][ T7700]  __sock_create+0xc2/0x8a0
[  182.502417][ T7700]  __sys_socketpair+0x25c/0x5a0
[  182.502450][ T7700]  ? __pfx___sys_socketpair+0x10/0x10
[  182.502481][ T7700]  ? xfd_validate_state+0x61/0x180
[  182.502513][ T7700]  __x64_sys_socketpair+0x96/0x100
[  182.502537][ T7700]  ? lockdep_hardirqs_on+0x7c/0x110
[  182.502572][ T7700]  do_syscall_64+0xcd/0xf80
[  182.502608][ T7700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.502634][ T7700] RIP: 0033:0x7f62bfd8f7c9
[  182.502655][ T7700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.502680][ T7700] RSP: 002b:00007f62bdfee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  182.502705][ T7700] RAX: ffffffffffffffda RBX: 00007f62bffe5fa0 RCX: 00007f62bfd8f7c9
[  182.502723][ T7700] RDX: 8000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[  182.502739][ T7700] RBP: 00007f62bfe13f91 R08: 0000000000000000 R09: 0000000000000000
[  182.502754][ T7700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  182.502768][ T7700] R13: 00007f62bffe6038 R14: 00007f62bffe5fa0 R15: 00007fff2acd2838
[  182.502801][ T7700]  </TASK>
[  182.762346][ T5843] Bluetooth: hci3: command 0x2016 tx timeout
[  182.812988][ T7700] socket: no more sockets
[  183.680960][ T7728] FAULT_INJECTION: forcing a failure.
[  183.680960][ T7728] name failslab, interval 1, probability 0, space 0, times 0
[  183.707451][ T7728] CPU: 1 UID: 0 PID: 7728 Comm: syz.3.404 Not tainted syzkaller #0 PREEMPT(full) 
[  183.707488][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  183.707498][ T7728] Call Trace:
[  183.707503][ T7728]  <TASK>
[  183.707510][ T7728]  dump_stack_lvl+0x16c/0x1f0
[  183.707538][ T7728]  should_fail_ex+0x512/0x640
[  183.707555][ T7728]  ? kmem_cache_alloc_noprof+0x62/0x770
[  183.707577][ T7728]  should_failslab+0xc2/0x120
[  183.707599][ T7728]  kmem_cache_alloc_noprof+0x83/0x770
[  183.707616][ T7728]  ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10
[  183.707635][ T7728]  ? acpi_ps_alloc_op+0x29d/0x360
[  183.707657][ T7728]  ? acpi_ps_alloc_op+0x29d/0x360
[  183.707673][ T7728]  acpi_ps_alloc_op+0x29d/0x360
[  183.707690][ T7728]  ? acpi_ut_status_exit+0x103/0x1c0
[  183.707709][ T7728]  acpi_ps_create_op+0x4bd/0xd30
[  183.707728][ T7728]  ? __pfx_acpi_ps_create_op+0x10/0x10
[  183.707745][ T7728]  ? __pfx_acpi_ut_trace_ptr+0x10/0x10
[  183.707763][ T7728]  ? acpi_ut_value_exit+0xff/0x180
[  183.707785][ T7728]  acpi_ps_parse_loop+0xf06/0x2470
[  183.707804][ T7728]  ? acpi_ns_get_normalized_pathname+0x95/0x250
[  183.707828][ T7728]  ? __pfx_acpi_ps_parse_loop+0x10/0x10
[  183.707844][ T7728]  ? acpi_ut_status_exit+0x103/0x1c0
[  183.707863][ T7728]  ? acpi_ds_call_control_method+0x435/0xab0
[  183.707891][ T7728]  acpi_ps_parse_aml+0x817/0x1170
[  183.707912][ T7728]  acpi_ps_execute_method+0x5c4/0xe90
[  183.707935][ T7728]  acpi_ns_evaluate+0x98c/0x16d0
[  183.707960][ T7728]  acpi_evaluate_object+0x4ca/0xdf0
[  183.707975][ T7728]  ? ksys_read+0x12a/0x250
[  183.707998][ T7728]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  183.708016][ T7728]  ? __pfx___might_resched+0x10/0x10
[  183.708038][ T7728]  acpi_evaluate_integer+0xdd/0x230
[  183.708060][ T7728]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  183.708090][ T7728]  ? __pfx_status_show+0x10/0x10
[  183.708104][ T7728]  status_show+0xa0/0x120
[  183.708119][ T7728]  ? __pfx_status_show+0x10/0x10
[  183.708138][ T7728]  dev_attr_show+0x56/0xe0
[  183.708159][ T7728]  ? __pfx_dev_attr_show+0x10/0x10
[  183.708176][ T7728]  sysfs_kf_seq_show+0x216/0x3e0
[  183.708195][ T7728]  seq_read_iter+0x50e/0x12d0
[  183.708223][ T7728]  kernfs_fop_read_iter+0x46c/0x610
[  183.708245][ T7728]  ? rw_verify_area+0xcf/0x6c0
[  183.708265][ T7728]  vfs_read+0x8bf/0xcf0
[  183.708289][ T7728]  ? __pfx_vfs_read+0x10/0x10
[  183.708330][ T7728]  ksys_read+0x12a/0x250
[  183.708351][ T7728]  ? __pfx_ksys_read+0x10/0x10
[  183.708377][ T7728]  do_syscall_64+0xcd/0xf80
[  183.708402][ T7728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.708417][ T7728] RIP: 0033:0x7fcc1858f7c9
[  183.708430][ T7728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.708444][ T7728] RSP: 002b:00007fcc193e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  183.708458][ T7728] RAX: ffffffffffffffda RBX: 00007fcc187e6090 RCX: 00007fcc1858f7c9
[  183.708468][ T7728] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000008
[  183.708477][ T7728] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  183.708486][ T7728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  183.708495][ T7728] R13: 00007fcc187e6128 R14: 00007fcc187e6090 R15: 00007ffd0285c338
[  183.708516][ T7728]  </TASK>
[  183.708539][ T7728] ACPI Error: Aborting method \_SB.IQST due to previous error (AE_NO_MEMORY) (20250807/psparse-529)
[  184.145626][ T7728] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529)
[  184.794038][   T52] Bluetooth: hci3: command 0x2016 tx timeout
[  185.350284][ T7714] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  186.684122][ T7763] syz.0.408 (7763): /proc/7753/oom_adj is deprecated, please use /proc/7753/oom_score_adj instead.
[  188.009724][ T7785] Invalid ELF header magic: != ELF
[  188.927469][ T7797] FAULT_INJECTION: forcing a failure.
[  188.927469][ T7797] name failslab, interval 1, probability 0, space 0, times 0
[  188.940208][ T7797] CPU: 1 UID: 0 PID: 7797 Comm: syz.3.417 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  188.940250][ T7797] Tainted: [L]=SOFTLOCKUP
[  188.940259][ T7797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  188.940274][ T7797] Call Trace:
[  188.940282][ T7797]  <TASK>
[  188.940293][ T7797]  dump_stack_lvl+0x16c/0x1f0
[  188.940335][ T7797]  should_fail_ex+0x512/0x640
[  188.940369][ T7797]  should_failslab+0xc2/0x120
[  188.940410][ T7797]  __kmalloc_cache_noprof+0x80/0x800
[  188.940438][ T7797]  ? __task_pid_nr_ns+0x1f5/0x500
[  188.940461][ T7797]  ? proc_thread_self_get_link+0x1c6/0x240
[  188.940498][ T7797]  ? proc_thread_self_get_link+0x1c6/0x240
[  188.940526][ T7797]  proc_thread_self_get_link+0x1c6/0x240
[  188.940560][ T7797]  pick_link+0xb09/0x13b0
[  188.940589][ T7797]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[  188.940622][ T7797]  step_into_slowpath+0x6c6/0xf50
[  188.940658][ T7797]  ? __pfx_step_into_slowpath+0x10/0x10
[  188.940692][ T7797]  ? lookup_fast+0x156/0x610
[  188.940718][ T7797]  ? inode_permission+0x37b/0x640
[  188.940751][ T7797]  link_path_walk+0xd26/0x1c70
[  188.940805][ T7797]  path_openat+0x1bd/0x3140
[  188.940839][ T7797]  ? do_syscall_64+0xcd/0xf80
[  188.940875][ T7797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.940906][ T7797]  ? __pfx_path_openat+0x10/0x10
[  188.940952][ T7797]  do_filp_open+0x20b/0x470
[  188.940985][ T7797]  ? __pfx_do_filp_open+0x10/0x10
[  188.941046][ T7797]  ? alloc_fd+0x471/0x7d0
[  188.941090][ T7797]  do_sys_openat2+0x121/0x290
[  188.941117][ T7797]  ? __pfx_do_sys_openat2+0x10/0x10
[  188.941159][ T7797]  __x64_sys_openat+0x174/0x210
[  188.941187][ T7797]  ? __pfx___x64_sys_openat+0x10/0x10
[  188.941212][ T7797]  ? ksys_write+0x1ac/0x250
[  188.941255][ T7797]  do_syscall_64+0xcd/0xf80
[  188.941291][ T7797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.941314][ T7797] RIP: 0033:0x7fcc1858f7c9
[  188.941335][ T7797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.941360][ T7797] RSP: 002b:00007fcc19406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  188.941385][ T7797] RAX: ffffffffffffffda RBX: 00007fcc187e5fa0 RCX: 00007fcc1858f7c9
[  188.941400][ T7797] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  188.941416][ T7797] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  188.941431][ T7797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  188.941446][ T7797] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  188.941484][ T7797]  </TASK>
[  190.276181][   T30] audit: type=1804 audit(1766488726.533:39): pid=7809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.421" name="/newroot/161/file0" dev="tmpfs" ino=871 res=1 errno=0
[  190.344420][   T30] audit: type=1804 audit(1766488726.563:40): pid=7809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.421" name="/newroot/161/file0" dev="tmpfs" ino=871 res=1 errno=0
[  190.630863][ T7820] netlink: 252 bytes leftover after parsing attributes in process `syz.3.423'.
[  190.642242][ T7820] netlink: 252 bytes leftover after parsing attributes in process `syz.3.423'.
[  193.489527][ T7848] Invalid ELF header magic: != ELF
[  193.514616][   T30] audit: type=1800 audit(1766488729.833:41): pid=7846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.428" name="discovery_nqn" dev="configfs" ino=18602 res=0 errno=0
[  194.132012][   T30] audit: type=1804 audit(1766488730.443:42): pid=7867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.434" name="/newroot/89/file0" dev="tmpfs" ino=493 res=1 errno=0
[  194.259145][   T30] audit: type=1804 audit(1766488730.483:43): pid=7868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.434" name="/newroot/89/file0" dev="tmpfs" ino=493 res=1 errno=0
[  195.511341][   T30] audit: type=1804 audit(1766488731.823:44): pid=7864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.432" name="/newroot/70/file0" dev="tmpfs" ino=386 res=1 errno=0
[  195.674687][   T30] audit: type=1804 audit(1766488731.853:45): pid=7869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.432" name="/newroot/70/file0" dev="tmpfs" ino=386 res=1 errno=0
[  195.916189][   T30] audit: type=1804 audit(1766488732.233:46): pid=7874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.435" name="/newroot/90/file0" dev="tmpfs" ino=499 res=1 errno=0
[  196.086923][   T30] audit: type=1804 audit(1766488732.293:47): pid=7875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.435" name="/newroot/90/file0" dev="tmpfs" ino=499 res=1 errno=0
[  196.934159][ T7879] zswap: compressor  not available
[  198.138783][ T7906] futex_wake_op: syz.3.444 tries to shift op by -2048; fix this program
[  198.764801][ T5843] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  198.783532][ T7918] netlink: 342 bytes leftover after parsing attributes in process `syz.2.445'.
[  198.838436][ T7918] IPv6: NLM_F_CREATE should be specified when creating new route
[  198.846978][ T7918] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  198.854317][ T7918] IPv6: NLM_F_CREATE should be set when creating new route
[  198.861589][ T7918] IPv6: NLM_F_CREATE should be set when creating new route
[  198.889510][ T7914] netlink: 342 bytes leftover after parsing attributes in process `syz.2.445'.
[  198.916288][ T7914] netlink: 8 bytes leftover after parsing attributes in process `syz.2.445'.
[  199.445230][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  199.459246][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  199.585108][   T30] audit: type=1804 audit(1766488735.903:48): pid=7933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.450" name="/newroot/175/file0" dev="tmpfs" ino=948 res=1 errno=0
[  199.713143][   T30] audit: type=1804 audit(1766488735.943:49): pid=7933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.450" name="/newroot/175/file0" dev="tmpfs" ino=948 res=1 errno=0
[  200.794957][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout
[  202.875149][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  203.709116][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'.
[  203.735017][ T7981] tc_dump_action: action bad kind
[  204.348487][ T7997] random: crng reseeded on system resumption
[  204.484704][ T7999] Restarting kernel threads ...
[  204.486076][ T7998] hub 1-0:1.0: USB hub found
[  204.504873][ T7999] Done restarting kernel threads.
[  204.511943][ T7998] hub 1-0:1.0: 1 port detected
[  204.807747][   T30] audit: type=1804 audit(1766488741.123:50): pid=8004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.464" name="/newroot/185/file0" dev="tmpfs" ino=1003 res=1 errno=0
[  204.926286][   T30] audit: type=1804 audit(1766488741.243:51): pid=8002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.464" name="/newroot/185/file0" dev="tmpfs" ino=1003 res=1 errno=0
[  205.447589][ T8006] netlink: 'syz.3.465': attribute type 3 has an invalid length.
[  205.466278][ T8006] netlink: 'syz.3.465': attribute type 3 has an invalid length.
[  205.592729][ T8009] netlink: 28 bytes leftover after parsing attributes in process `syz.3.466'.
[  205.725305][ T8011] bridge0: port 3(bond0) entered blocking state
[  205.731673][ T8011] bridge0: port 3(bond0) entered disabled state
[  205.762925][ T8011] bond0: entered allmulticast mode
[  205.782119][ T8011] bond_slave_0: entered allmulticast mode
[  205.804379][ T8011] bond_slave_1: entered allmulticast mode
[  205.812393][ T8011] bond0: entered promiscuous mode
[  205.854024][ T8011] bond_slave_0: entered promiscuous mode
[  205.859969][ T8011] bond_slave_1: entered promiscuous mode
[  205.913171][ T8011] bridge0: port 3(bond0) entered blocking state
[  205.919934][ T8011] bridge0: port 3(bond0) entered forwarding state
[  205.934148][ T8016] nvme_fabrics: missing parameter 'transport=%s'
[  205.941658][ T8016] nvme_fabrics: missing parameter 'nqn=%s'
[  205.954963][ T8013] nvme_fabrics: unknown parameter or missing value '1nst' in ctrl creation request
[  207.564110][   T30] audit: type=1804 audit(1766488743.873:52): pid=8052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.470" name="/newroot/95/file0" dev="tmpfs" ino=527 res=1 errno=0
[  207.670169][   T30] audit: type=1804 audit(1766488743.873:53): pid=8056 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.470" name="/newroot/95/file0" dev="tmpfs" ino=527 res=1 errno=0
[  208.317483][ T8081] bond0: invalid ARP target specified
[  208.343192][ T8081] netlink: 28 bytes leftover after parsing attributes in process `syz.3.481'.
[  208.686789][   T30] audit: type=1804 audit(1766488745.003:54): pid=8093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.483" name="/newroot/196/file0" dev="tmpfs" ino=1060 res=1 errno=0
[  208.799213][   T30] audit: type=1804 audit(1766488745.053:55): pid=8090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.483" name="/newroot/196/file0" dev="tmpfs" ino=1060 res=1 errno=0
[  212.445752][ T8176] netlink: 28 bytes leftover after parsing attributes in process `syz.3.501'.
[  212.900313][ T8199] FAULT_INJECTION: forcing a failure.
[  212.900313][ T8199] name fail_futex, interval 1, probability 0, space 0, times 0
[  212.913206][ T8199] CPU: 1 UID: 0 PID: 8199 Comm: syz.3.505 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  212.913232][ T8199] Tainted: [L]=SOFTLOCKUP
[  212.913237][ T8199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  212.913246][ T8199] Call Trace:
[  212.913253][ T8199]  <TASK>
[  212.913260][ T8199]  dump_stack_lvl+0x16c/0x1f0
[  212.913305][ T8199]  should_fail_ex+0x512/0x640
[  212.913326][ T8199]  get_futex_key+0x1d0/0x15f0
[  212.913345][ T8199]  ? __pfx_get_futex_key+0x10/0x10
[  212.913367][ T8199]  futex_wake+0xea/0x530
[  212.913389][ T8199]  ? __pfx_futex_wake+0x10/0x10
[  212.913411][ T8199]  ? lockdep_init_map_type+0x5c/0x270
[  212.913431][ T8199]  do_futex+0x1e3/0x350
[  212.913448][ T8199]  ? __pfx_do_futex+0x10/0x10
[  212.913469][ T8199]  __x64_sys_futex+0x1e0/0x4c0
[  212.913487][ T8199]  ? fd_install+0x223/0x570
[  212.913507][ T8199]  ? __pfx___x64_sys_futex+0x10/0x10
[  212.913531][ T8199]  do_syscall_64+0xcd/0xf80
[  212.913554][ T8199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.913569][ T8199] RIP: 0033:0x7fcc1858f7c9
[  212.913581][ T8199] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.913595][ T8199] RSP: 002b:00007fcc193e50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  212.913609][ T8199] RAX: ffffffffffffffda RBX: 00007fcc187e6098 RCX: 00007fcc1858f7c9
[  212.913618][ T8199] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcc187e609c
[  212.913626][ T8199] RBP: 00007fcc187e6090 R08: 00007fcc19407000 R09: 0000000000000000
[  212.913635][ T8199] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  212.913644][ T8199] R13: 00007fcc187e6128 R14: 00007ffd0285c250 R15: 00007ffd0285c338
[  212.913663][ T8199]  </TASK>
[  214.787234][ T8243] FAULT_INJECTION: forcing a failure.
[  214.787234][ T8243] name failslab, interval 1, probability 0, space 0, times 0
[  214.824445][ T8243] CPU: 1 UID: 0 PID: 8243 Comm: syz.3.515 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.824493][ T8243] Tainted: [L]=SOFTLOCKUP
[  214.824503][ T8243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  214.824518][ T8243] Call Trace:
[  214.824526][ T8243]  <TASK>
[  214.824537][ T8243]  dump_stack_lvl+0x16c/0x1f0
[  214.824584][ T8243]  should_fail_ex+0x512/0x640
[  214.824613][ T8243]  ? __kmalloc_cache_noprof+0x5f/0x800
[  214.824646][ T8243]  should_failslab+0xc2/0x120
[  214.824684][ T8243]  __kmalloc_cache_noprof+0x80/0x800
[  214.824713][ T8243]  ? do_raw_spin_unlock+0x172/0x230
[  214.824740][ T8243]  ? snd_ctl_open+0x174/0x5f0
[  214.824777][ T8243]  ? snd_ctl_open+0x174/0x5f0
[  214.824809][ T8243]  snd_ctl_open+0x174/0x5f0
[  214.824853][ T8243]  ? __pfx_snd_ctl_open+0x10/0x10
[  214.824885][ T8243]  snd_open+0x22d/0x4c0
[  214.824924][ T8243]  ? __pfx_snd_open+0x10/0x10
[  214.824960][ T8243]  chrdev_open+0x234/0x6a0
[  214.825006][ T8243]  ? __pfx_apparmor_file_open+0x10/0x10
[  214.825033][ T8243]  ? __pfx_chrdev_open+0x10/0x10
[  214.825072][ T8243]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  214.825124][ T8243]  do_dentry_open+0x748/0x1590
[  214.825158][ T8243]  ? __pfx_chrdev_open+0x10/0x10
[  214.825206][ T8243]  vfs_open+0x82/0x3f0
[  214.825238][ T8243]  path_openat+0x2078/0x3140
[  214.825283][ T8243]  ? __pfx_path_openat+0x10/0x10
[  214.825327][ T8243]  do_filp_open+0x20b/0x470
[  214.825364][ T8243]  ? __pfx_do_filp_open+0x10/0x10
[  214.825423][ T8243]  ? alloc_fd+0x471/0x7d0
[  214.825467][ T8243]  do_sys_openat2+0x121/0x290
[  214.825495][ T8243]  ? __pfx_do_sys_openat2+0x10/0x10
[  214.825537][ T8243]  __x64_sys_openat+0x174/0x210
[  214.825566][ T8243]  ? __pfx___x64_sys_openat+0x10/0x10
[  214.825604][ T8243]  do_syscall_64+0xcd/0xf80
[  214.825644][ T8243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.825670][ T8243] RIP: 0033:0x7fcc1858f7c9
[  214.825691][ T8243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.825717][ T8243] RSP: 002b:00007fcc19406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  214.825742][ T8243] RAX: ffffffffffffffda RBX: 00007fcc187e5fa0 RCX: 00007fcc1858f7c9
[  214.825759][ T8243] RDX: 0000000000000802 RSI: 00002000000010c0 RDI: ffffffffffffff9c
[  214.825776][ T8243] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  214.825791][ T8243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.825805][ T8243] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  214.825850][ T8243]  </TASK>
[  215.941371][ T8265] netlink: 28 bytes leftover after parsing attributes in process `syz.2.520'.
[  216.142332][ T8265] team0: Port device team_slave_0 removed
[  217.536896][ T8297] FAULT_INJECTION: forcing a failure.
[  217.536896][ T8297] name failslab, interval 1, probability 0, space 0, times 0
[  217.582621][ T8297] CPU: 1 UID: 0 PID: 8297 Comm: syz.1.526 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  217.582661][ T8297] Tainted: [L]=SOFTLOCKUP
[  217.582670][ T8297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  217.582683][ T8297] Call Trace:
[  217.582692][ T8297]  <TASK>
[  217.582701][ T8297]  dump_stack_lvl+0x16c/0x1f0
[  217.582741][ T8297]  should_fail_ex+0x512/0x640
[  217.582767][ T8297]  ? kmem_cache_alloc_noprof+0x62/0x770
[  217.582800][ T8297]  should_failslab+0xc2/0x120
[  217.582835][ T8297]  kmem_cache_alloc_noprof+0x83/0x770
[  217.582864][ T8297]  ? __proc_create+0x2c8/0x8d0
[  217.582898][ T8297]  ? __proc_create+0x2c8/0x8d0
[  217.582926][ T8297]  __proc_create+0x2c8/0x8d0
[  217.582957][ T8297]  ? __pfx___proc_create+0x10/0x10
[  217.583001][ T8297]  proc_create_reg+0x7d/0x180
[  217.583037][ T8297]  proc_create_net_data+0x8e/0x1c0
[  217.583071][ T8297]  ? __pfx_proc_create_net_data+0x10/0x10
[  217.583104][ T8297]  ? __kasan_kmalloc+0xaa/0xb0
[  217.583141][ T8297]  ip_vs_app_net_init+0xc8/0x110
[  217.583175][ T8297]  __ip_vs_init+0x25b/0x520
[  217.583205][ T8297]  ? __pfx___ip_vs_init+0x10/0x10
[  217.583233][ T8297]  ops_init+0x1e2/0x5f0
[  217.583266][ T8297]  setup_net+0x11d/0x3a0
[  217.583297][ T8297]  ? __pfx_setup_net+0x10/0x10
[  217.583323][ T8297]  ? lockdep_init_map_type+0x5c/0x270
[  217.583349][ T8297]  ? mutex_init_lockep+0x110/0x150
[  217.583378][ T8297]  copy_net_ns+0x351/0x7c0
[  217.583413][ T8297]  create_new_namespaces+0x3ea/0xab0
[  217.583452][ T8297]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  217.583483][ T8297]  ksys_unshare+0x45b/0xa40
[  217.583517][ T8297]  ? __pfx_ksys_unshare+0x10/0x10
[  217.583551][ T8297]  ? xfd_validate_state+0x61/0x180
[  217.583589][ T8297]  __x64_sys_unshare+0x31/0x40
[  217.583612][ T8297]  do_syscall_64+0xcd/0xf80
[  217.583647][ T8297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.583669][ T8297] RIP: 0033:0x7f840338f7c9
[  217.583686][ T8297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.583708][ T8297] RSP: 002b:00007f840420c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  217.583730][ T8297] RAX: ffffffffffffffda RBX: 00007f84035e6090 RCX: 00007f840338f7c9
[  217.583745][ T8297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  217.583758][ T8297] RBP: 00007f8403413f91 R08: 0000000000000000 R09: 0000000000000000
[  217.583771][ T8297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  217.583784][ T8297] R13: 00007f84035e6128 R14: 00007f84035e6090 R15: 00007ffe5e67de28
[  217.583815][ T8297]  </TASK>
[  218.925968][ T8317] input: 00
[  218.925968][ T8317]  as /devices/virtual/input/input25
[  219.665463][ T8330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.536'.
[  220.216609][ T8343] hub 1-0:1.0: USB hub found
[  220.293129][ T8343] hub 1-0:1.0: 1 port detected
[  220.359577][   T30] audit: type=1804 audit(1766488756.673:56): pid=8350 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.539" name="/newroot/127/file0" dev="tmpfs" ino=697 res=1 errno=0
[  220.442679][   T30] audit: type=1804 audit(1766488756.733:57): pid=8346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.539" name="/newroot/127/file0" dev="tmpfs" ino=697 res=1 errno=0
[  220.601723][ T8354] syz.3.541 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  221.455414][ T8373] hub 1-0:1.0: USB hub found
[  221.497921][ T8373] hub 1-0:1.0: 1 port detected
[  221.567636][ T8374] hub 1-0:1.0: USB hub found
[  221.589789][ T8374] hub 1-0:1.0: 1 port detected
[  222.140921][   T10] Process accounting resumed
[  222.599756][ T8404] netlink: 'syz.1.553': attribute type 9 has an invalid length.
[  223.736288][ T8429] FAULT_INJECTION: forcing a failure.
[  223.736288][ T8429] name failslab, interval 1, probability 0, space 0, times 0
[  223.760018][ T8429] CPU: 0 UID: 0 PID: 8429 Comm: syz.3.562 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  223.760061][ T8429] Tainted: [L]=SOFTLOCKUP
[  223.760070][ T8429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  223.760084][ T8429] Call Trace:
[  223.760092][ T8429]  <TASK>
[  223.760102][ T8429]  dump_stack_lvl+0x16c/0x1f0
[  223.760148][ T8429]  should_fail_ex+0x512/0x640
[  223.760176][ T8429]  ? __kmalloc_cache_noprof+0x5f/0x800
[  223.760210][ T8429]  should_failslab+0xc2/0x120
[  223.760247][ T8429]  __kmalloc_cache_noprof+0x80/0x800
[  223.760276][ T8429]  ? do_raw_spin_unlock+0x172/0x230
[  223.760305][ T8429]  ? snd_ctl_open+0x174/0x5f0
[  223.760343][ T8429]  ? snd_ctl_open+0x174/0x5f0
[  223.760374][ T8429]  snd_ctl_open+0x174/0x5f0
[  223.760408][ T8429]  ? __pfx_snd_ctl_open+0x10/0x10
[  223.760440][ T8429]  snd_open+0x22d/0x4c0
[  223.760477][ T8429]  ? __pfx_snd_open+0x10/0x10
[  223.760518][ T8429]  chrdev_open+0x234/0x6a0
[  223.760556][ T8429]  ? __pfx_apparmor_file_open+0x10/0x10
[  223.760584][ T8429]  ? __pfx_chrdev_open+0x10/0x10
[  223.760625][ T8429]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  223.760671][ T8429]  do_dentry_open+0x748/0x1590
[  223.760706][ T8429]  ? __pfx_chrdev_open+0x10/0x10
[  223.760752][ T8429]  vfs_open+0x82/0x3f0
[  223.760783][ T8429]  path_openat+0x2078/0x3140
[  223.760831][ T8429]  ? __pfx_path_openat+0x10/0x10
[  223.760880][ T8429]  do_filp_open+0x20b/0x470
[  223.760925][ T8429]  ? __pfx_do_filp_open+0x10/0x10
[  223.760989][ T8429]  ? alloc_fd+0x471/0x7d0
[  223.761037][ T8429]  do_sys_openat2+0x121/0x290
[  223.761067][ T8429]  ? __pfx_do_sys_openat2+0x10/0x10
[  223.761111][ T8429]  __x64_sys_openat+0x174/0x210
[  223.761140][ T8429]  ? __pfx___x64_sys_openat+0x10/0x10
[  223.761184][ T8429]  do_syscall_64+0xcd/0xf80
[  223.761223][ T8429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.761249][ T8429] RIP: 0033:0x7fcc1858f7c9
[  223.761270][ T8429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.761295][ T8429] RSP: 002b:00007fcc19406038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  223.761318][ T8429] RAX: ffffffffffffffda RBX: 00007fcc187e5fa0 RCX: 00007fcc1858f7c9
[  223.761336][ T8429] RDX: 0000000000000802 RSI: 00002000000010c0 RDI: ffffffffffffff9c
[  223.761353][ T8429] RBP: 00007fcc18613f91 R08: 0000000000000000 R09: 0000000000000000
[  223.761368][ T8429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.761384][ T8429] R13: 00007fcc187e6038 R14: 00007fcc187e5fa0 R15: 00007ffd0285c338
[  223.761420][ T8429]  </TASK>
[  230.804642][ T8498] netlink: 16 bytes leftover after parsing attributes in process `syz.1.576'.
[  230.844935][ T8498] netlink: 12 bytes leftover after parsing attributes in process `syz.1.576'.
[  231.734882][ T5843] block nbd0: Receive control failed (result -107)
[  231.764543][ T8515] nbd0: detected capacity change from 0 to 32768
[  231.782442][ T5819] 
[  231.784818][ T5819] ======================================================
[  231.791852][ T5819] WARNING: possible circular locking dependency detected
[  231.798883][ T5819] syzkaller #0 Tainted: G             L     
[  231.804870][ T5819] ------------------------------------------------------
[  231.811885][ T5819] udevd/5819 is trying to acquire lock:
[  231.817420][ T5819] ffff8880784a7670 (&nsock->tx_lock){+.+.}-{4:4}, at: nbd_queue_rq+0x423/0x12d0
[  231.826476][ T5819] 
[  231.826476][ T5819] but task is already holding lock:
[  231.833842][ T5819] ffff888026610180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0
[  231.842381][ T5819] 
[  231.842381][ T5819] which lock already depends on the new lock.
[  231.842381][ T5819] 
[  231.852772][ T5819] 
[  231.852772][ T5819] the existing dependency chain (in reverse order) is:
[  231.861771][ T5819] 
[  231.861771][ T5819] -> #6 (&cmd->lock){+.+.}-{4:4}:
[  231.868975][ T5819]        __mutex_lock+0x1aa/0x1ca0
[  231.874092][ T5819]        nbd_queue_rq+0xbd/0x12d0
[  231.879112][ T5819]        blk_mq_dispatch_rq_list+0x416/0x1e20
[  231.885178][ T5819]        __blk_mq_sched_dispatch_requests+0xcbd/0x15f0
[  231.892028][ T5819]        blk_mq_sched_dispatch_requests+0xd8/0x1b0
[  231.898524][ T5819]        blk_mq_run_hw_queue+0x239/0x670
[  231.904151][ T5819]        blk_mq_dispatch_list+0x514/0x1300
[  231.909954][ T5819]        blk_mq_flush_plug_list+0x130/0x600
[  231.915842][ T5819]        __blk_flush_plug+0x2c4/0x4b0
[  231.921209][ T5819]        __submit_bio+0x542/0x690
[  231.926239][ T5819]        submit_bio_noacct_nocheck+0x53d/0xbe0
[  231.932392][ T5819]        submit_bio_noacct+0x5bd/0x1f40
[  231.937935][ T5819]        block_read_full_folio+0x4db/0x850
[  231.943740][ T5819]        filemap_read_folio+0xc8/0x2a0
[  231.949198][ T5819]        do_read_cache_folio+0x266/0x5c0
[  231.954829][ T5819]        read_part_sector+0xd4/0x370
[  231.960109][ T5819]        adfspart_check_ICS+0x93/0x940
[  231.965568][ T5819]        bdev_disk_changed+0x723/0x1520
[  231.971122][ T5819]        blkdev_get_whole+0x187/0x290
[  231.976496][ T5819]        bdev_open+0x2c7/0xe40
[  231.981260][ T5819]        blkdev_open+0x34e/0x4f0
[  231.986197][ T5819]        do_dentry_open+0x748/0x1590
[  231.991487][ T5819]        vfs_open+0x82/0x3f0
[  231.996159][ T5819]        path_openat+0x2078/0x3140
[  232.001280][ T5819]        do_filp_open+0x20b/0x470
[  232.006305][ T5819]        do_sys_openat2+0x121/0x290
[  232.011499][ T5819]        __x64_sys_openat+0x174/0x210
[  232.016862][ T5819]        do_syscall_64+0xcd/0xf80
[  232.021890][ T5819]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.028310][ T5819] 
[  232.028310][ T5819] -> #5 (set->srcu){.+.+}-{0:0}:
[  232.035443][ T5819]        __synchronize_srcu+0xa2/0x250
[  232.040906][ T5819]        blk_mq_quiesce_queue+0x149/0x1b0
[  232.046652][ T5819]        elevator_switch+0x17d/0x7f0
[  232.051929][ T5819]        elevator_change+0x38b/0x570
[  232.057283][ T5819]        elevator_set_default+0x2d2/0x390
[  232.063084][ T5819]        blk_register_queue+0x384/0x4e0
[  232.068632][ T5819]        __add_disk+0x74a/0xf00
[  232.073483][ T5819]        add_disk_fwnode+0x13f/0x5d0
[  232.078764][ T5819]        nbd_dev_add+0x783/0xbb0
[  232.083699][ T5819]        nbd_init+0x181/0x320
[  232.088381][ T5819]        do_one_initcall+0x123/0x680
[  232.093670][ T5819]        kernel_init_freeable+0x5c8/0x920
[  232.099383][ T5819]        kernel_init+0x1c/0x2b0
[  232.104232][ T5819]        ret_from_fork+0x983/0xb10
[  232.109343][ T5819]        ret_from_fork_asm+0x1a/0x30
[  232.114634][ T5819] 
[  232.114634][ T5819] -> #4 (&q->elevator_lock){+.+.}-{4:4}:
[  232.122476][ T5819]        __mutex_lock+0x1aa/0x1ca0
[  232.127592][ T5819]        elevator_change+0x1ed/0x570
[  232.132872][ T5819]        elv_iosched_store+0x3e8/0x4a0
[  232.138321][ T5819]        queue_attr_store+0x26b/0x310
[  232.143696][ T5819]        sysfs_kf_write+0xf2/0x150
[  232.148802][ T5819]        kernfs_fop_write_iter+0x3af/0x570
[  232.154611][ T5819]        iter_file_splice_write+0xa24/0x12b0
[  232.160677][ T5819]        direct_splice_actor+0x192/0x6c0
[  232.166310][ T5819]        splice_direct_to_actor+0x345/0xa30
[  232.172203][ T5819]        do_splice_direct+0x174/0x240
[  232.177571][ T5819]        do_sendfile+0xb06/0xe50
[  232.182510][ T5819]        __x64_sys_sendfile64+0x1d8/0x220
[  232.188223][ T5819]        do_syscall_64+0xcd/0xf80
[  232.193259][ T5819]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.199672][ T5819] 
[  232.199672][ T5819] -> #3 (&q->q_usage_counter(io)#66){++++}-{0:0}:
[  232.208279][ T5819]        blk_alloc_queue+0x610/0x750
[  232.213567][ T5819]        blk_mq_alloc_queue+0x172/0x280
[  232.219111][ T5819]        __blk_mq_alloc_disk+0x29/0x120
[  232.224750][ T5819]        null_add_dev+0xf2e/0x1eb0
[  232.229869][ T5819]        null_init+0x2c9/0x610
[  232.234638][ T5819]        do_one_initcall+0x123/0x680
[  232.239975][ T5819]        kernel_init_freeable+0x5c8/0x920
[  232.245701][ T5819]        kernel_init+0x1c/0x2b0
[  232.250552][ T5819]        ret_from_fork+0x983/0xb10
[  232.255654][ T5819]        ret_from_fork_asm+0x1a/0x30
[  232.261026][ T5819] 
[  232.261026][ T5819] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  232.268234][ T5819]        fs_reclaim_acquire+0x102/0x150
[  232.273788][ T5819]        kmem_cache_alloc_node_noprof+0x5e/0x800
[  232.280115][ T5819]        __alloc_skb+0x156/0x410
[  232.285068][ T5819]        tcp_stream_alloc_skb+0x34/0x670
[  232.290696][ T5819]        tcp_sendmsg_locked+0x12de/0x42a0
[  232.296415][ T5819]        tcp_sendmsg+0x2e/0x50
[  232.301184][ T5819]        inet_sendmsg+0xb9/0x140
[  232.306125][ T5819]        sock_write_iter+0x509/0x610
[  232.311418][ T5819]        vfs_write+0x7d3/0x11d0
[  232.316271][ T5819]        ksys_write+0x1f8/0x250
[  232.321120][ T5819]        do_syscall_64+0xcd/0xf80
[  232.326161][ T5819]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.332573][ T5819] 
[  232.332573][ T5819] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  232.340235][ T5819]        lock_sock_nested+0x41/0xf0
[  232.345437][ T5819]        inet_shutdown+0x67/0x440
[  232.350457][ T5819]        nbd_mark_nsock_dead+0xae/0x5d0
[  232.355997][ T5819]        recv_work+0x66b/0xa70
[  232.360889][ T5819]        process_one_work+0x9ba/0x1b20
[  232.366357][ T5819]        worker_thread+0x6c8/0xf10
[  232.371464][ T5819]        kthread+0x3c5/0x780
[  232.376045][ T5819]        ret_from_fork+0x983/0xb10
[  232.381149][ T5819]        ret_from_fork_asm+0x1a/0x30
[  232.386441][ T5819] 
[  232.386441][ T5819] -> #0 (&nsock->tx_lock){+.+.}-{4:4}:
[  232.394126][ T5819]        __lock_acquire+0x1669/0x2890
[  232.399499][ T5819]        lock_acquire+0x179/0x330
[  232.404518][ T5819]        __mutex_lock+0x1aa/0x1ca0
[  232.409650][ T5819]        nbd_queue_rq+0x423/0x12d0
[  232.414762][ T5819]        blk_mq_dispatch_rq_list+0x416/0x1e20
[  232.420838][ T5819]        __blk_mq_sched_dispatch_requests+0xcbd/0x15f0
[  232.427716][ T5819]        blk_mq_sched_dispatch_requests+0xd8/0x1b0
[  232.434226][ T5819]        blk_mq_run_hw_queue+0x239/0x670
[  232.439857][ T5819]        blk_mq_dispatch_list+0x514/0x1300
[  232.445678][ T5819]        blk_mq_flush_plug_list+0x130/0x600
[  232.451573][ T5819]        __blk_flush_plug+0x2c4/0x4b0
[  232.456949][ T5819]        __submit_bio+0x542/0x690
[  232.461972][ T5819]        submit_bio_noacct_nocheck+0x53d/0xbe0
[  232.468123][ T5819]        submit_bio_noacct+0x5bd/0x1f40
[  232.473665][ T5819]        block_read_full_folio+0x4db/0x850
[  232.479476][ T5819]        filemap_read_folio+0xc8/0x2a0
[  232.484931][ T5819]        do_read_cache_folio+0x266/0x5c0
[  232.490594][ T5819]        read_part_sector+0xd4/0x370
[  232.495963][ T5819]        adfspart_check_ICS+0x93/0x940
[  232.501422][ T5819]        bdev_disk_changed+0x723/0x1520
[  232.506969][ T5819]        blkdev_get_whole+0x187/0x290
[  232.512336][ T5819]        bdev_open+0x2c7/0xe40
[  232.517101][ T5819]        blkdev_open+0x34e/0x4f0
[  232.522039][ T5819]        do_dentry_open+0x748/0x1590
[  232.527352][ T5819]        vfs_open+0x82/0x3f0
[  232.531946][ T5819]        path_openat+0x2078/0x3140
[  232.537062][ T5819]        do_filp_open+0x20b/0x470
[  232.542150][ T5819]        do_sys_openat2+0x121/0x290
[  232.547346][ T5819]        __x64_sys_openat+0x174/0x210
[  232.552721][ T5819]        do_syscall_64+0xcd/0xf80
[  232.557755][ T5819]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.564262][ T5819] 
[  232.564262][ T5819] other info that might help us debug this:
[  232.564262][ T5819] 
[  232.574477][ T5819] Chain exists of:
[  232.574477][ T5819]   &nsock->tx_lock --> set->srcu --> &cmd->lock
[  232.574477][ T5819] 
[  232.586558][ T5819]  Possible unsafe locking scenario:
[  232.586558][ T5819] 
[  232.593998][ T5819]        CPU0                    CPU1
[  232.599350][ T5819]        ----                    ----
[  232.604703][ T5819]   lock(&cmd->lock);
[  232.608682][ T5819]                                lock(set->srcu);
[  232.615088][ T5819]                                lock(&cmd->lock);
[  232.621582][ T5819]   lock(&nsock->tx_lock);
[  232.625991][ T5819] 
[  232.625991][ T5819]  *** DEADLOCK ***
[  232.625991][ T5819] 
[  232.634118][ T5819] 3 locks held by udevd/5819:
[  232.638781][ T5819]  #0: ffff88802656e358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  232.648101][ T5819]  #1: ffff88814173c118 (set->srcu){.+.+}-{0:0}, at: blk_mq_run_hw_queue+0x22b/0x670
[  232.657591][ T5819]  #2: ffff888026610180 (&cmd->lock){+.+.}-{4:4}, at: nbd_queue_rq+0xbd/0x12d0
[  232.666563][ T5819] 
[  232.666563][ T5819] stack backtrace:
[  232.672452][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  232.672481][ T5819] Tainted: [L]=SOFTLOCKUP
[  232.672488][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  232.672500][ T5819] Call Trace:
[  232.672508][ T5819]  <TASK>
[  232.672517][ T5819]  dump_stack_lvl+0x116/0x1f0
[  232.672549][ T5819]  print_circular_bug+0x275/0x340
[  232.672581][ T5819]  check_noncircular+0x146/0x160
[  232.672613][ T5819]  __lock_acquire+0x1669/0x2890
[  232.672635][ T5819]  lock_acquire+0x179/0x330
[  232.672653][ T5819]  ? nbd_queue_rq+0x423/0x12d0
[  232.672677][ T5819]  ? __pfx___might_resched+0x10/0x10
[  232.672703][ T5819]  ? preempt_schedule_thunk+0x16/0x30
[  232.672724][ T5819]  __mutex_lock+0x1aa/0x1ca0
[  232.672753][ T5819]  ? nbd_queue_rq+0x423/0x12d0
[  232.672777][ T5819]  ? __kasan_check_byte+0x13/0x50
[  232.672805][ T5819]  ? nbd_queue_rq+0x423/0x12d0
[  232.672828][ T5819]  ? is_bpf_text_address+0x8a/0x1a0
[  232.672854][ T5819]  ? rcu_is_watching+0x12/0xc0
[  232.672922][ T5819]  ? __pfx___mutex_lock+0x10/0x10
[  232.672951][ T5819]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  232.672981][ T5819]  ? is_bpf_text_address+0x94/0x1a0
[  232.673006][ T5819]  ? kernel_text_address+0x8d/0x100
[  232.673028][ T5819]  ? arch_stack_walk+0xa6/0x100
[  232.673053][ T5819]  ? nbd_queue_rq+0x423/0x12d0
[  232.673076][ T5819]  nbd_queue_rq+0x423/0x12d0
[  232.673099][ T5819]  ? stack_trace_save+0x8e/0xc0
[  232.673131][ T5819]  ? __pfx_nbd_queue_rq+0x10/0x10
[  232.673154][ T5819]  ? save_trace+0x4e/0x380
[  232.673179][ T5819]  ? add_lock_to_list+0x9d/0x130
[  232.673206][ T5819]  ? lockdep_unlock+0x64/0xd0
[  232.673228][ T5819]  ? __lock_acquire+0x12c2/0x2890
[  232.673247][ T5819]  blk_mq_dispatch_rq_list+0x416/0x1e20
[  232.673272][ T5819]  ? sbitmap_find_bit+0x4c0/0x6f0
[  232.673303][ T5819]  ? sbitmap_get+0x1e5/0x360
[  232.673328][ T5819]  ? __pfx_blk_mq_dispatch_rq_list+0x10/0x10
[  232.673353][ T5819]  ? __blk_mq_alloc_driver_tag+0x4f7/0x7a0
[  232.673377][ T5819]  __blk_mq_sched_dispatch_requests+0xcbd/0x15f0
[  232.673403][ T5819]  ? __pfx___blk_mq_sched_dispatch_requests+0x10/0x10
[  232.673432][ T5819]  blk_mq_sched_dispatch_requests+0xd8/0x1b0
[  232.673454][ T5819]  blk_mq_run_hw_queue+0x239/0x670
[  232.673473][ T5819]  ? blk_mq_run_hw_queue+0x22b/0x670
[  232.673493][ T5819]  blk_mq_dispatch_list+0x514/0x1300
[  232.673519][ T5819]  ? __pfx_blk_mq_dispatch_list+0x10/0x10
[  232.673542][ T5819]  ? find_held_lock+0x2b/0x80
[  232.673565][ T5819]  ? blk_add_trace_plug+0xf5/0x290
[  232.673589][ T5819]  blk_mq_flush_plug_list+0x130/0x600
[  232.673613][ T5819]  ? trace_block_plug+0x17f/0x1e0
[  232.673639][ T5819]  ? blk_add_rq_to_plug+0x30a/0x540
[  232.673662][ T5819]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[  232.673687][ T5819]  ? blk_mq_submit_bio+0x9e7/0x2c50
[  232.673712][ T5819]  __blk_flush_plug+0x2c4/0x4b0
[  232.673733][ T5819]  ? do_dentry_open+0x748/0x1590
[  232.673762][ T5819]  ? __pfx___blk_flush_plug+0x10/0x10
[  232.673782][ T5819]  ? __lock_acquire+0x436/0x2890
[  232.673802][ T5819]  __submit_bio+0x542/0x690
[  232.673823][ T5819]  ? __pfx___submit_bio+0x10/0x10
[  232.673850][ T5819]  ? submit_bio_noacct_nocheck+0x53d/0xbe0
[  232.673872][ T5819]  submit_bio_noacct_nocheck+0x53d/0xbe0
[  232.673900][ T5819]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[  232.673930][ T5819]  ? __pfx___might_resched+0x10/0x10
[  232.673960][ T5819]  submit_bio_noacct+0x5bd/0x1f40
[  232.673984][ T5819]  block_read_full_folio+0x4db/0x850
[  232.674008][ T5819]  ? __pfx_blkdev_get_block+0x10/0x10
[  232.674036][ T5819]  ? __pfx_blkdev_read_folio+0x10/0x10
[  232.674058][ T5819]  filemap_read_folio+0xc8/0x2a0
[  232.674079][ T5819]  ? __pfx_filemap_read_folio+0x10/0x10
[  232.674102][ T5819]  do_read_cache_folio+0x266/0x5c0
[  232.674124][ T5819]  ? __pfx_blkdev_read_folio+0x10/0x10
[  232.674149][ T5819]  read_part_sector+0xd4/0x370
[  232.674169][ T5819]  adfspart_check_ICS+0x93/0x940
[  232.674189][ T5819]  ? snprintf+0xc7/0x100
[  232.674214][ T5819]  ? __pfx_snprintf+0x10/0x10
[  232.674238][ T5819]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  232.674261][ T5819]  ? __pfx_adfspart_check_ICS+0x10/0x10
[  232.674282][ T5819]  bdev_disk_changed+0x723/0x1520
[  232.674305][ T5819]  ? __pfx_bdev_disk_changed+0x10/0x10
[  232.674327][ T5819]  blkdev_get_whole+0x187/0x290
[  232.674347][ T5819]  bdev_open+0x2c7/0xe40
[  232.674370][ T5819]  blkdev_open+0x34e/0x4f0
[  232.674393][ T5819]  do_dentry_open+0x748/0x1590
[  232.674420][ T5819]  ? __pfx_blkdev_open+0x10/0x10
[  232.674446][ T5819]  vfs_open+0x82/0x3f0
[  232.674467][ T5819]  path_openat+0x2078/0x3140
[  232.674498][ T5819]  ? __pfx_path_openat+0x10/0x10
[  232.674530][ T5819]  do_filp_open+0x20b/0x470
[  232.674558][ T5819]  ? __pfx_do_filp_open+0x10/0x10
[  232.674593][ T5819]  ? alloc_fd+0x471/0x7d0
[  232.674623][ T5819]  do_sys_openat2+0x121/0x290
[  232.674644][ T5819]  ? __pfx_do_sys_openat2+0x10/0x10
[  232.674666][ T5819]  ? __sys_recvmsg+0x189/0x220
[  232.674691][ T5819]  ? __pfx___sys_recvmsg+0x10/0x10
[  232.674716][ T5819]  __x64_sys_openat+0x174/0x210
[  232.674738][ T5819]  ? __pfx___x64_sys_openat+0x10/0x10
[  232.674764][ T5819]  do_syscall_64+0xcd/0xf80
[  232.674792][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.674813][ T5819] RIP: 0033:0x7fccbcca7407
[  232.674829][ T5819] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  232.674849][ T5819] RSP: 002b:00007fffc5a45640 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[  232.674867][ T5819] RAX: ffffffffffffffda RBX: 00007fccbd365880 RCX: 00007fccbcca7407
[  232.674886][ T5819] RDX: 00000000000a0800 RSI: 000055721aa7ea10 RDI: ffffffffffffff9c
[  232.674898][ T5819] RBP: 000055721aa65910 R08: 0000000000000000 R09: 0000000000000000
[  232.674911][ T5819] R10: 0000000000000000 R11: 0000000000000202 R12: 000055721aa7de00
[  232.674923][ T5819] R13: 000055721aa7d410 R14: 0000000000000000 R15: 000055721aa7de00
[  232.674941][ T5819]  </TASK>
[  233.288854][ T5819] block nbd0: Dead connection, failed to find a fallback
[  233.311833][ T5819] block nbd0: shutting down sockets
[  233.328436][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.358771][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.380993][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.456364][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.473524][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.483460][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.491495][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.504292][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.512112][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.525566][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.533431][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.543268][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.551687][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.561475][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.569518][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.579537][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.587592][ T5819] ldm_validate_partition_table(): Disk read failed.
[  233.594510][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.606680][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.616381][ T5819] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  233.628182][ T5819] Buffer I/O error on dev nbd0, logical block 0, async page read
[  233.636330][ T5819] Dev nbd0: unable to read RDB block 0
[  233.642122][ T5819]  nbd0: unable to read partition table
[  233.652875][ T5819] ldm_validate_partition_table(): Disk read failed.
[  233.660236][ T5819] Dev nbd0: unable to read RDB block 0
[  233.667387][ T5819]  nbd0: unable to read partition table
[  235.901425][ T7468] syz.0.342 (7468) used greatest stack depth: 17752 bytes left