last executing test programs:

4m24.288148766s ago: executing program 1 (id=4784):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4m24.121576753s ago: executing program 1 (id=4786):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r1, 0x0, 0x39b8)
r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/uts\x00')
ioctl$auto(0x3, 0xc0383e04, r2)

4m23.914900921s ago: executing program 1 (id=4788):
setreuid$auto(0x9, 0x1)
getpriority$auto(0x2, 0x9)
socket(0x1, 0x1, 0x1)
socket(0x2c, 0x80003, 0x0)
mmap$auto(0x8, 0x8f, 0x7, 0x12, 0x5, 0x22000008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x490606, 0x0)
read$auto(r0, 0x0, 0x9)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD2(0xffffffffffffffff, 0xc1004110, 0x0)

4m23.730532407s ago: executing program 1 (id=4790):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

4m23.414695618s ago: executing program 1 (id=4792):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6)
fstatfs$auto(0x3, 0x0)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0)

4m21.92785131s ago: executing program 1 (id=4804):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf2502000008dad6c34dd139"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4m21.705180312s ago: executing program 32 (id=4804):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf2502000008dad6c34dd139"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m41.290597555s ago: executing program 0 (id=5666):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x3, 0x6)
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m40.997157593s ago: executing program 0 (id=5667):
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
r0 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00\x00', 0x62, 0xfffc, 0x0)
mq_timedreceive$auto(r0, 0x0, 0x4dc9, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
listen$auto(0x3, 0x81)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x22b40, 0x0)
set_tid_address$auto(0x0)

2m40.724062147s ago: executing program 0 (id=5669):
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24044010}, 0xc0)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m40.566183829s ago: executing program 0 (id=5671):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x5b1, 0x400, 0x7}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
setresuid$auto(0x2, 0x7, 0x8080)
faccessat2$auto(0x1, &(0x7f0000000000)='\x00', 0x2, 0x1000)

2m40.248570444s ago: executing program 0 (id=5675):
r0 = socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x801, 0x106)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
setsockopt$auto(r1, 0x0, 0x8, 0x0, 0x4)
getsockopt$auto(r0, 0x0, 0x9, 0x0, 0x0)

2m39.960078196s ago: executing program 0 (id=5678):
syz_open_procfs$namespace(0x0, &(0x7f0000000040))
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x2)
r0 = socket(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010)
fstat$auto(r0, &(0x7f0000000340)={0x8, 0xfffffffffffffff2, 0x1, 0x6c, 0xffffffffffffffff, 0xee00, 0x0, 0x4, 0x8, 0x3, 0x0, 0x31, 0x100000000, 0x86, 0x3, 0x0, 0x1})

2m28.468616184s ago: executing program 2 (id=5718):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_options\x00', 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000100), 0xa2400, 0x0)
r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2)
open_by_handle_at$auto(r1, &(0x7f0000000280)={0x8, 0x2, '\r\x00\x00\x00\x00\x00\x00\x00'}, 0x2)
unshare$auto(0x40000080)
read$auto_tracing_iter_fops_trace(r0, &(0x7f00000001c0)=""/215, 0xd7)

2m27.046967808s ago: executing program 2 (id=5728):
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8008000)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14abfd)
prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff)
setreuid$auto(0x0, 0x5)
fcntl$auto(r0, 0x400, 0x1)
setresuid$auto(0x2, 0xee01, 0x8080)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x163)
close_range$auto(0x2, 0x8, 0x0)
write$auto(0xca, 0x0, 0x10)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

2m26.731375048s ago: executing program 2 (id=5731):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27)
setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x2000000000000000)
setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8)

2m26.559206668s ago: executing program 2 (id=5733):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
socket(0x1e, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
r1 = socket(0x10, 0x2, 0x4)
write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb)
read$auto(0x3, 0x0, 0x7f)

2m26.156963454s ago: executing program 2 (id=5735):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2b, 0x1, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x59f, 0x0, 0x20}, 0x5b3}, 0x40, 0x100)
socket(0xa, 0x5, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x20)

2m24.75761176s ago: executing program 33 (id=5678):
syz_open_procfs$namespace(0x0, &(0x7f0000000040))
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x21, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x2)
r0 = socket(0x1d, 0x2, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010)
fstat$auto(r0, &(0x7f0000000340)={0x8, 0xfffffffffffffff2, 0x1, 0x6c, 0xffffffffffffffff, 0xee00, 0x0, 0x4, 0x8, 0x3, 0x0, 0x31, 0x100000000, 0x86, 0x3, 0x0, 0x1})

2m24.739517626s ago: executing program 2 (id=5739):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x0, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x3, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd)
r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bind$auto(r1, &(0x7f0000000000)=@qipcrtr={0x2a, 0x3}, 0x4)

2m9.039906656s ago: executing program 34 (id=5739):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x0, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x3, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84}, 0x9, 0xd)
r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
bind$auto(r1, &(0x7f0000000000)=@qipcrtr={0x2a, 0x3}, 0x4)

1m9.457609524s ago: executing program 4 (id=6135):
mmap$auto(0x0, 0x7, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x80805, 0x0)
shmget$auto(0xffffffffffffffff, 0xb0d, 0xa7db6ba)
unshare$auto(0x8000400)
memfd_secret$auto(0x0)
fchownat$auto(0x2, 0x0, 0x4, 0x8001, 0x1000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000040)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c091}, 0x40000)

1m8.859908134s ago: executing program 4 (id=6140):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xf, 0x3, 0x2)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0000fbdbdf35020000000800fbffffffffff0737010005"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="8b0500000000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1m7.980165528s ago: executing program 4 (id=6144):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x54)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44010}, 0x0)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8810}, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0xffffffff, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)

1m7.511423259s ago: executing program 4 (id=6147):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, 0x38)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r0, 0x8004ae98, 0x1000000)

1m6.951193728s ago: executing program 4 (id=6149):
select$auto(0xc, &(0x7f00000000c0)={[0x3, 0xcc, 0xfffffffffffffff8, 0x7, 0x239d6b57, 0x0, 0x3, 0x5, 0x3, 0x0, 0x1, 0x5, 0x3, 0x1, 0x1, 0x8a]}, 0x0, 0x0, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20a02, 0x0)
epoll_create$auto(0x3e)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r0 = socket(0x1d, 0x2, 0x7)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r2=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r3=>0x0})
connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r3}, 0x18)

1m5.947657604s ago: executing program 4 (id=6158):
madvise$auto(0x110c230000, 0x1, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae88, 0x0)
r0 = socket(0x1e, 0x1, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0)
ioctl$auto(r1, 0xc0045627, r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)

50.713298182s ago: executing program 35 (id=6158):
madvise$auto(0x110c230000, 0x1, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xc008ae88, 0x0)
r0 = socket(0x1e, 0x1, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0)
ioctl$auto(r1, 0xc0045627, r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)

11.093645399s ago: executing program 5 (id=6427):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

9.320509493s ago: executing program 5 (id=6422):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(r0, 0x2, 0x9)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(r1, 0x400c4d04, r1)

8.692649314s ago: executing program 5 (id=6425):
openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xc208ae62, 0x38)
madvise$auto(0x0, 0x800000000000008, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80805, 0x0)
socket(0x18, 0x3, 0x2)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
connect$auto(0x3, &(0x7f00000000c0)=@hci={0x1f, 0x2}, 0x55)

7.529411098s ago: executing program 5 (id=6432):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = open(0x0, 0x261c2, 0x84)
ioctl$auto_SNAPSHOT_UNFREEZE(r0, 0x3302, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
memfd_create$auto(0x0, 0x12)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty12\x00', 0x800, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x541c, r2)

7.408931641s ago: executing program 7 (id=6433):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

6.350506654s ago: executing program 5 (id=6437):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
clone$auto(0x400000000000007, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)

5.064834427s ago: executing program 6 (id=6441):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0x3, 0x8905, 0xfffffffffffff4e0)
io_uring_setup$auto(0x6, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x9)
fstatfs$auto(0xffffffffffffffff, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r0, 0x4, 0x8)

3.887239577s ago: executing program 7 (id=6442):
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bdi/43:192/wb_stats\x00', 0x40, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
prctl$auto(0x43, 0x80000000000000, 0x0, 0x2, 0x0)
r0 = socket(0x18, 0x2, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/pcmC1D0p\x00', 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)={0x14, r1, 0x300, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x48c3}, 0x200c0085)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0)

3.887125242s ago: executing program 6 (id=6443):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
r0 = inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(0x4, 0x0, 0xe6e)
read$auto_evdev_fops_evdev(r0, &(0x7f0000000180)=""/4096, 0x1000)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0)

3.216791766s ago: executing program 7 (id=6446):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
sendmmsg$auto(r0, 0x0, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_virt_wifi\x00'})
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, 0x0, 0x0)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto_mousedev_fops_mousedev(r2, &(0x7f00000000c0)="13", 0x1)

2.876501905s ago: executing program 7 (id=6448):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
io_setup$auto(0x80002, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x500, 0x0)
mmap$auto(0x0, 0x400008, 0x5f, 0x1b5e, 0x2, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)

2.87553037s ago: executing program 6 (id=6456):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, 0x0, 0x6b)
ioctl$auto(0xffffffffffffffff, 0xc0045401, 0x3)
pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a)

2.847992528s ago: executing program 3 (id=6449):
r0 = gettid()
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
tkill$auto(r0, 0x7)
socket(0x2, 0x3, 0x6)
socket(0xa, 0x5, 0x0)
open(0x0, 0x8643, 0x15e)
socket(0x22, 0x800, 0xfffffffc)

2.60122334s ago: executing program 3 (id=6450):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
lsm_list_modules$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x6, 0x0, 0x0)

1.808837843s ago: executing program 6 (id=6451):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
mmap$auto(0x0, 0x2, 0xdb, 0x9b72, 0x6, 0x100000000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x4040, 0x75)
socket(0xa, 0x2, 0x3a)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000280), 0xffffffffffffffff)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdfffff500"}, 0x55)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

1.569204161s ago: executing program 3 (id=6452):
mmap$auto(0x0, 0x2020009, 0x3, 0x20000000eb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
socket(0x1d, 0x3, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
bpf$auto(0x0, 0x0, 0x10)
bpf$auto(0x1, 0x0, 0x7)
ioctl$auto(0x3, 0x4020aea5, r1)

1.305395925s ago: executing program 6 (id=6453):
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x1, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
recvmmsg$auto(r0, 0x0, 0xfffffe0c, 0x8e0, 0x0)

863.787789ms ago: executing program 5 (id=6454):
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
open(0x0, 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mmap$auto(0x0, 0x580f, 0x4000000000000, 0x11, 0x3, 0x0)

613.179781ms ago: executing program 3 (id=6455):
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/025/001\x00', 0x2080, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x2, 0x3, 0x6)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
memfd_create$auto(0x0, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)

283.946506ms ago: executing program 3 (id=6457):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
sendmmsg$auto(r0, 0x0, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_virt_wifi\x00'})
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, 0x0, 0x0)
r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto_mousedev_fops_mousedev(r2, &(0x7f00000000c0)="13", 0x1)

275.552914ms ago: executing program 7 (id=6465):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
io_uring_setup$auto(0x6, 0x0)
socket(0x15, 0x5, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r0 = socket(0x10, 0x2, 0x4)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a)
mq_open$auto(&(0x7f0000000000)='P\x02\xb9\xd5\x02r\xbc\xd0\t^\xc0!\x7f\xc0\xdd8\xb0\x80\xfa;\x97\x05n\xf4~Z\x05\xf1\xef\xd1\xf1\b\xd9J\x9bp\xdf\xe7\xcd\x1f\x84-\xbb\x05\xa5\xb8\xfc\xf7v<)\xddR\x02\xd8\r_\x03\xe7\x8eWta\xfa\xbd\xaf\x06kG\xf7\xaa6\x1ch\vmD\xfc|v\xd4Q', 0x7e, 0x9, 0x0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x14, 0x0, 0x221, 0x70bd2c, 0x25dfdbeb}, 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)

244.191855ms ago: executing program 6 (id=6458):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
recvfrom$auto(0x3, 0x0, 0x80000000002, 0x6, 0x0, 0x0)

114.595349ms ago: executing program 7 (id=6459):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
r0 = socket(0x2, 0x801, 0x106)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(r0, 0x11c, 0x1, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)

0s ago: executing program 3 (id=6460):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fff)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c06, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$auto(r2, 0x0, 0xa3d9)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
munmap$auto(0x200000008000, 0xffffffff)

kernel console output (not intermixed with test programs):

_alloc+0x3b/0x2b0
[  669.166953][T20331]  ? sk_prot_alloc+0x60/0x2a0
[  669.166973][T20331]  sk_prot_alloc+0x60/0x2a0
[  669.166991][T20331]  sk_alloc+0x36/0xc20
[  669.167005][T20331]  smc_create+0x114/0x2a0
[  669.167022][T20331]  __sock_create+0x335/0x8d0
[  669.167043][T20331]  __sys_socket+0x14d/0x260
[  669.167063][T20331]  ? __pfx___sys_socket+0x10/0x10
[  669.167084][T20331]  ? rcu_is_watching+0x12/0xc0
[  669.167100][T20331]  __x64_sys_socket+0x72/0xb0
[  669.167117][T20331]  ? lockdep_hardirqs_on+0x7c/0x110
[  669.167134][T20331]  do_syscall_64+0xcd/0x230
[  669.167153][T20331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  669.167167][T20331] RIP: 0033:0x7f26ee58e969
[  669.167178][T20331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  669.167191][T20331] RSP: 002b:00007f26ef432038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  669.167204][T20331] RAX: ffffffffffffffda RBX: 00007f26ee7b5fa0 RCX: 00007f26ee58e969
[  669.167213][T20331] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b
[  669.167220][T20331] RBP: 00007f26ee610ab1 R08: 0000000000000000 R09: 0000000000000000
[  669.167228][T20331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  669.167235][T20331] R13: 0000000000000000 R14: 00007f26ee7b5fa0 R15: 00007ffd84e03388
[  669.167251][T20331]  </TASK>
[  669.370615][    C1] vkms_vblank_simulate: vblank timer overrun
[  670.669603][T20344] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  671.327655][ T9152] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  671.338364][ T9152] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  671.347657][ T9152] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  671.356697][ T9152] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  671.365881][ T9152] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  671.928517][T20361] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  671.968516][T20354] chnl_net:caif_netlink_parms(): no params data found
[  672.081685][T20361] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  672.495293][T20354] bridge0: port 1(bridge_slave_0) entered blocking state
[  672.514349][T20354] bridge0: port 1(bridge_slave_0) entered disabled state
[  672.559470][T20354] bridge_slave_0: entered allmulticast mode
[  672.590777][T20354] bridge_slave_0: entered promiscuous mode
[  672.620956][T20354] bridge0: port 2(bridge_slave_1) entered blocking state
[  672.654411][T20354] bridge0: port 2(bridge_slave_1) entered disabled state
[  672.682046][T20354] bridge_slave_1: entered allmulticast mode
[  672.700839][T20354] bridge_slave_1: entered promiscuous mode
[  672.803347][T20354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  672.850750][T20354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  672.981259][T20354] team0: Port device team_slave_0 added
[  673.016682][T20354] team0: Port device team_slave_1 added
[  673.169269][T20354] batman_adv: batadv0: Adding interface: batadv_slave_0
[  673.189216][T20354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  673.215162][    C1] vkms_vblank_simulate: vblank timer overrun
[  673.285709][T20354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  673.327221][T20354] batman_adv: batadv0: Adding interface: batadv_slave_1
[  673.367031][T20354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  673.417656][ T9152] Bluetooth: hci0: command tx timeout
[  673.480693][T20354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  673.665980][T20354] hsr_slave_0: entered promiscuous mode
[  673.687369][T20354] hsr_slave_1: entered promiscuous mode
[  673.722756][T20354] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  673.774832][T20354] Cannot create hsr debugfs directory
[  674.292995][T20354] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  674.359436][T20354] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  674.432401][T20354] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  674.488252][T20354] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  674.791798][T20354] 8021q: adding VLAN 0 to HW filter on device bond0
[  674.846162][T20354] 8021q: adding VLAN 0 to HW filter on device team0
[  674.918994][ T2945] bridge0: port 1(bridge_slave_0) entered blocking state
[  674.926146][ T2945] bridge0: port 1(bridge_slave_0) entered forwarding state
[  674.987545][ T2945] bridge0: port 2(bridge_slave_1) entered blocking state
[  674.994752][ T2945] bridge0: port 2(bridge_slave_1) entered forwarding state
[  675.361632][T20354] 8021q: adding VLAN 0 to HW filter on device batadv0
[  675.496539][ T9152] Bluetooth: hci0: command tx timeout
[  675.702529][T20414] netlink: 206 bytes leftover after parsing attributes in process `syz.3.5756'.
[  675.765146][T20354] veth0_vlan: entered promiscuous mode
[  675.793771][T20354] veth1_vlan: entered promiscuous mode
[  675.859335][T20354] veth0_macvtap: entered promiscuous mode
[  675.891305][T20354] veth1_macvtap: entered promiscuous mode
[  675.987797][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  676.031202][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.053710][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  676.088081][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.124117][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  676.166469][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.209736][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  676.245750][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.290543][T20354] batman_adv: batadv0: Interface activated: batadv_slave_0
[  676.345221][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  676.391242][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.436915][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  676.477317][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.515247][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  676.564483][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.606212][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  676.651006][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.695114][T20354] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  676.733371][T20354] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  676.777750][T20354] batman_adv: batadv0: Interface activated: batadv_slave_1
[  676.823980][T20354] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  676.872223][T20354] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  676.905144][T20354] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  676.934965][T20354] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  676.953360][T20424] FAULT_INJECTION: forcing a failure.
[  676.953360][T20424] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  677.106101][T20424] CPU: 1 UID: 0 PID: 20424 Comm: syz.3.5760 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  677.106130][T20424] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  677.106137][T20424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  677.106145][T20424] Call Trace:
[  677.106151][T20424]  <TASK>
[  677.106158][T20424]  dump_stack_lvl+0x16c/0x1f0
[  677.106181][T20424]  should_fail_ex+0x512/0x640
[  677.106204][T20424]  should_fail_alloc_page+0xe7/0x130
[  677.106223][T20424]  prepare_alloc_pages+0x3c2/0x610
[  677.106243][T20424]  ? rcu_is_watching+0x12/0xc0
[  677.106258][T20424]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  677.106279][T20424]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  677.106297][T20424]  ? __lock_acquire+0xaa4/0x1ba0
[  677.106317][T20424]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  677.106337][T20424]  ? lock_acquire+0x179/0x350
[  677.106357][T20424]  ? find_next_iomem_res+0x1c6/0x4f0
[  677.106377][T20424]  ? do_raw_read_unlock+0x44/0xe0
[  677.106398][T20424]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  677.106417][T20424]  ? policy_nodemask+0xea/0x4e0
[  677.106434][T20424]  alloc_pages_mpol+0x1fb/0x550
[  677.106450][T20424]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  677.106467][T20424]  ? __pti_set_user_pgtbl+0xf1/0x190
[  677.106486][T20424]  ? __pfx___pti_set_user_pgtbl+0x10/0x10
[  677.106507][T20424]  alloc_pages_noprof+0x131/0x390
[  677.106524][T20424]  get_zeroed_page_noprof+0x14/0x50
[  677.106541][T20424]  machine_kexec_prepare+0xc15/0xf90
[  677.106564][T20424]  ? __pfx_machine_kexec_prepare+0x10/0x10
[  677.106584][T20424]  ? __pfx_alloc_pgt_page+0x10/0x10
[  677.106609][T20424]  do_kexec_load+0x664/0x8d0
[  677.106629][T20424]  ? __pfx_do_kexec_load+0x10/0x10
[  677.106649][T20424]  ? _copy_from_user+0x59/0xd0
[  677.106671][T20424]  __x64_sys_kexec_load+0x1bf/0x230
[  677.106691][T20424]  do_syscall_64+0xcd/0x230
[  677.106711][T20424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.106734][T20424] RIP: 0033:0x7f91f978e969
[  677.106746][T20424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.106760][T20424] RSP: 002b:00007f91fa5a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  677.106774][T20424] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  677.106784][T20424] RDX: 0000200000000080 RSI: 0000000000000002 RDI: 00000000000000ff
[  677.106792][T20424] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  677.106801][T20424] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  677.106809][T20424] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  677.106826][T20424]  </TASK>
[  677.578601][ T9152] Bluetooth: hci0: command tx timeout
[  677.797333][ T2945] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.805175][ T2945] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.887842][ T2945] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.896147][ T2945] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  678.643974][T20439] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5764'.
[  678.665839][T20439] : renamed from bond_slave_1 (while UP)
[  679.203608][T20449] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5769'.
[  679.231728][T20449] netlink: 17 bytes leftover after parsing attributes in process `syz.4.5769'.
[  679.419049][T20455] sp0: Synchronizing with TNC
[  679.484103][T20455] sp0: Found TNC
[  679.658844][ T9152] Bluetooth: hci0: command tx timeout
[  681.197093][T20486] QAT: failed to copy from user.
[  681.866945][T20497] netlink: 306 bytes leftover after parsing attributes in process `syz.5.5784'.
[  681.887365][T20497] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5784'.
[  681.919388][T20497] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5784'.
[  682.299822][T20509] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5789'.
[  683.488164][   T30] audit: type=1806 audit(4294967301.479:19): xattr="0" res=-22
[  683.590514][T20539] [U] 
[  683.593333][T20539] [U] 
[  683.596010][T20539] [U] 
[  683.598682][T20539] [U] 
[  683.653672][T20539] [U] 
[  683.656411][T20539] [U] 
[  683.659104][T20539] [U] 
[  683.661777][T20539] [U] 
[  683.693640][T20539] [U] 
[  683.696367][T20539] [U] 
[  683.699038][T20539] [U] 
[  683.701709][T20539] [U] 
[  683.749675][T20539] [U] 
[  683.752403][T20539] [U] 
[  683.755084][T20539] [U] 
[  683.757756][T20539] [U] 
[  683.771980][T20545] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5801'.
[  683.809701][T20539] [U] 
[  683.812424][T20539] [U] 
[  683.815127][T20539] [U] 
[  683.817802][T20539] [U] 
[  683.879840][T20539] [U] 
[  683.882566][T20539] [U] 
[  683.885242][T20539] [U] 
[  683.887912][T20539] [U] 
[  683.923205][T20539] [U] 
[  683.925924][T20539] [U] 
[  683.928601][T20539] [U] 
[  683.931293][T20539] [U] 
[  683.981590][T20539] [U] 
[  683.984319][T20539] [U] 
[  683.986995][T20539] [U] 
[  684.086654][T20538] [U] 
[  684.737213][T20568] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  684.925884][T20571] netlink: 158 bytes leftover after parsing attributes in process `syz.4.5812'.
[  685.396080][T20581] FAULT_INJECTION: forcing a failure.
[  685.396080][T20581] name failslab, interval 1, probability 0, space 0, times 0
[  685.466058][T20581] CPU: 1 UID: 0 PID: 20581 Comm: syz.3.5816 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  685.466087][T20581] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  685.466093][T20581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  685.466102][T20581] Call Trace:
[  685.466108][T20581]  <TASK>
[  685.466116][T20581]  dump_stack_lvl+0x16c/0x1f0
[  685.466140][T20581]  should_fail_ex+0x512/0x640
[  685.466159][T20581]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  685.466177][T20581]  should_failslab+0xc2/0x120
[  685.466194][T20581]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  685.466209][T20581]  ? __pmd_alloc+0xc3/0x870
[  685.466231][T20581]  __pmd_alloc+0xc3/0x870
[  685.466251][T20581]  copy_page_range+0x420e/0x5fe0
[  685.466290][T20581]  ? __pfx_copy_page_range+0x10/0x10
[  685.466310][T20581]  ? mas_store+0x93a/0x10c0
[  685.466329][T20581]  ? __pfx___might_resched+0x10/0x10
[  685.466347][T20581]  ? __pfx_mas_store+0x10/0x10
[  685.466365][T20581]  ? __vma_enter_locked+0x163/0x3f0
[  685.466380][T20581]  ? down_write+0x14d/0x200
[  685.466408][T20581]  copy_process+0x862b/0x91a0
[  685.466438][T20581]  ? __pfx_copy_process+0x10/0x10
[  685.466456][T20581]  ? try_to_wake_up+0xa2f/0x1680
[  685.466472][T20581]  ? plist_check_head+0xa3/0x150
[  685.466485][T20581]  ? find_held_lock+0x2b/0x80
[  685.466501][T20581]  ? wake_up_q+0xb0/0x160
[  685.466511][T20581]  ? do_raw_spin_unlock+0x172/0x230
[  685.466533][T20581]  kernel_clone+0xfc/0x960
[  685.466549][T20581]  ? __pfx_futex_wake+0x10/0x10
[  685.466566][T20581]  ? __pfx_kernel_clone+0x10/0x10
[  685.466593][T20581]  __do_sys_clone+0xce/0x120
[  685.466610][T20581]  ? __pfx___do_sys_clone+0x10/0x10
[  685.466626][T20581]  ? ksys_unshare+0x687/0xa40
[  685.466651][T20581]  ? rcu_is_watching+0x12/0xc0
[  685.466669][T20581]  do_syscall_64+0xcd/0x230
[  685.466689][T20581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  685.466704][T20581] RIP: 0033:0x7f91f978e969
[  685.466716][T20581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  685.466729][T20581] RSP: 002b:00007f91fa5a0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  685.466742][T20581] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  685.466751][T20581] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411
[  685.466759][T20581] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  685.466767][T20581] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  685.466775][T20581] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  685.466794][T20581]  </TASK>
[  686.138062][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  686.144676][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  686.403358][T20587] netlink: 18 bytes leftover after parsing attributes in process `syz.5.5820'.
[  686.778092][T20591] FAULT_INJECTION: forcing a failure.
[  686.778092][T20591] name failslab, interval 1, probability 0, space 0, times 0
[  686.845151][T20591] CPU: 1 UID: 0 PID: 20591 Comm: syz.5.5821 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  686.845180][T20591] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  686.845186][T20591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  686.845194][T20591] Call Trace:
[  686.845200][T20591]  <TASK>
[  686.845206][T20591]  dump_stack_lvl+0x16c/0x1f0
[  686.845231][T20591]  should_fail_ex+0x512/0x640
[  686.845251][T20591]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  686.845270][T20591]  should_failslab+0xc2/0x120
[  686.845287][T20591]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  686.845302][T20591]  ? mas_alloc_nodes+0x18b/0x8b0
[  686.845321][T20591]  mas_alloc_nodes+0x18b/0x8b0
[  686.845342][T20591]  mas_node_count_gfp+0x105/0x130
[  686.845359][T20591]  mas_preallocate+0x53e/0xcd0
[  686.845382][T20591]  ? __pfx_mas_preallocate+0x10/0x10
[  686.845408][T20591]  ? anon_vma_name+0x75/0x100
[  686.845428][T20591]  __split_vma+0x33b/0x1030
[  686.845445][T20591]  ? __pfx___split_vma+0x10/0x10
[  686.845468][T20591]  vms_gather_munmap_vmas+0x392/0x1310
[  686.845486][T20591]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  686.845502][T20591]  ? mas_walk+0x6a6/0x910
[  686.845524][T20591]  __mmap_region+0x314/0x27c0
[  686.845539][T20591]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  686.845555][T20591]  ? __pfx___mmap_region+0x10/0x10
[  686.845569][T20591]  ? kernel_text_address+0x8d/0x100
[  686.845600][T20591]  ? stack_trace_save+0x8e/0xc0
[  686.845614][T20591]  ? __pfx_stack_trace_save+0x10/0x10
[  686.845627][T20591]  ? stack_depot_save_flags+0x28/0xa50
[  686.845667][T20591]  ? rcu_is_watching+0x12/0xc0
[  686.845685][T20591]  mmap_region+0x32b/0x3f0
[  686.845704][T20591]  do_mmap+0xd8e/0x11b0
[  686.845727][T20591]  ? __pfx_do_mmap+0x10/0x10
[  686.845745][T20591]  ? __pfx_down_write_killable+0x10/0x10
[  686.845768][T20591]  vm_mmap_pgoff+0x281/0x450
[  686.845791][T20591]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  686.845808][T20591]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  686.845827][T20591]  ? hugetlbfs_get_inode+0x31f/0x730
[  686.845848][T20591]  ksys_mmap_pgoff+0x1c8/0x5c0
[  686.845867][T20591]  ? rcu_is_watching+0x12/0xc0
[  686.845894][T20591]  __x64_sys_mmap+0x125/0x190
[  686.845912][T20591]  do_syscall_64+0xcd/0x230
[  686.845934][T20591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.845948][T20591] RIP: 0033:0x7fc62298e969
[  686.845961][T20591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.845973][T20591] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  686.845987][T20591] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  686.845996][T20591] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000c00000
[  686.846005][T20591] RBP: 00007fc622a10ab1 R08: 0000000000000602 R09: 0000300000000000
[  686.846013][T20591] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  686.846022][T20591] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  686.846040][T20591]  </TASK>
[  687.394201][T20603] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  687.403790][T20603] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  687.476846][T17920] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  687.521731][T17920] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  687.562471][T17920] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  687.620283][T17920] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  687.640166][T17920] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  688.095849][T20611] could not allocate digest TFM handle 
[  688.257072][T20595] chnl_net:caif_netlink_parms(): no params data found
[  688.651382][T20595] bridge0: port 1(bridge_slave_0) entered blocking state
[  688.696425][T20595] bridge0: port 1(bridge_slave_0) entered disabled state
[  688.732121][T20595] bridge_slave_0: entered allmulticast mode
[  688.771785][T20595] bridge_slave_0: entered promiscuous mode
[  688.814937][T20595] bridge0: port 2(bridge_slave_1) entered blocking state
[  688.859694][T20595] bridge0: port 2(bridge_slave_1) entered disabled state
[  688.927566][T20595] bridge_slave_1: entered allmulticast mode
[  688.958561][T20595] bridge_slave_1: entered promiscuous mode
[  689.170230][T20595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  689.324394][T20595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  689.466243][T20595] team0: Port device team_slave_0 added
[  689.539403][T20595] team0: Port device team_slave_1 added
[  689.685091][T20595] batman_adv: batadv0: Adding interface: batadv_slave_0
[  689.738812][T17920] Bluetooth: hci4: command tx timeout
[  689.748500][T20595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  689.884637][T20649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5838'.
[  689.904611][T20595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  689.986845][T20595] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.031592][T20595] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.185015][T20595] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  690.444062][T20595] hsr_slave_0: entered promiscuous mode
[  690.474936][T20595] hsr_slave_1: entered promiscuous mode
[  690.496149][T20595] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  690.535290][T20595] Cannot create hsr debugfs directory
[  691.419559][T20595] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  691.494010][T20595] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  691.631569][T20595] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  691.702099][T20595] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  691.818306][T17920] Bluetooth: hci4: command tx timeout
[  692.041194][T20595] 8021q: adding VLAN 0 to HW filter on device bond0
[  692.123465][T20595] 8021q: adding VLAN 0 to HW filter on device team0
[  692.184463][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  692.192262][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  692.303562][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  692.310770][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  692.685103][T20681] mkiss: ax0: crc mode is auto.
[  692.907991][T20595] 8021q: adding VLAN 0 to HW filter on device batadv0
[  693.508461][T20595] veth0_vlan: entered promiscuous mode
[  693.552119][T20595] veth1_vlan: entered promiscuous mode
[  693.623055][T20595] veth0_macvtap: entered promiscuous mode
[  693.696293][T20595] veth1_macvtap: entered promiscuous mode
[  693.775781][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  693.821952][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  693.860973][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  693.896055][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  693.912296][T17920] Bluetooth: hci4: command tx timeout
[  693.945276][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  693.983367][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.007373][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.035570][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.060778][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  694.088889][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.114917][T20595] batman_adv: batadv0: Interface activated: batadv_slave_0
[  694.155293][T20700] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  694.176048][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.207631][T20700] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  694.254878][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.296923][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.330311][T20704] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  694.345426][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.372733][T20704] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  694.389835][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.425304][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.471056][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.529372][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.618302][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.703791][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.736557][T20595] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  694.787041][T20595] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  694.842968][T20595] batman_adv: batadv0: Interface activated: batadv_slave_1
[  694.886387][T20712] netlink: 346 bytes leftover after parsing attributes in process `syz.4.5857'.
[  694.927892][T20595] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  694.987892][T20595] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  694.996634][T20595] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.077994][T20716] random: crng reseeded on system resumption
[  695.112413][T20595] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  695.417450][    C1] vcan0: j1939_tp_rxtimer: 0xffff888024c91c00: rx timeout, send abort
[  695.867201][ T1528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  695.888369][ T1528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  695.926792][    C1] vcan0: j1939_tp_rxtimer: 0xffff888024c91c00: abort rx timeout. Force session deactivation
[  695.978424][T17920] Bluetooth: hci4: command tx timeout
[  696.072125][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.113534][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.563029][T20738] FAULT_INJECTION: forcing a failure.
[  696.563029][T20738] name failslab, interval 1, probability 0, space 0, times 0
[  696.613664][T20738] CPU: 1 UID: 0 PID: 20738 Comm: syz.4.5870 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  696.613694][T20738] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  696.613700][T20738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  696.613709][T20738] Call Trace:
[  696.613714][T20738]  <TASK>
[  696.613721][T20738]  dump_stack_lvl+0x16c/0x1f0
[  696.613744][T20738]  should_fail_ex+0x512/0x640
[  696.613764][T20738]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  696.613789][T20738]  should_failslab+0xc2/0x120
[  696.613806][T20738]  __kmalloc_cache_noprof+0x6a/0x3e0
[  696.613826][T20738]  ? ktime_get_coarse_real_ts64_mg+0x26c/0x320
[  696.613843][T20738]  ? ktime_get_coarse_real_ts64_mg+0x200/0x320
[  696.613858][T20738]  ? hugetlb_vma_lock_alloc+0xbc/0x1f0
[  696.613881][T20738]  hugetlb_vma_lock_alloc+0xbc/0x1f0
[  696.613896][T20738]  hugetlb_reserve_pages+0x149/0xd90
[  696.613919][T20738]  ? __pfx_hugetlb_reserve_pages+0x10/0x10
[  696.613940][T20738]  ? atime_needs_update+0x8b/0x710
[  696.613964][T20738]  hugetlbfs_file_mmap+0x4a1/0x730
[  696.613983][T20738]  __mmap_region+0x1485/0x27c0
[  696.614001][T20738]  ? __pfx___mmap_region+0x10/0x10
[  696.614015][T20738]  ? kernel_text_address+0x8d/0x100
[  696.614049][T20738]  ? stack_depot_save_flags+0x28/0xa50
[  696.614089][T20738]  ? rcu_is_watching+0x12/0xc0
[  696.614107][T20738]  mmap_region+0x32b/0x3f0
[  696.614125][T20738]  do_mmap+0xd8e/0x11b0
[  696.614148][T20738]  ? __pfx_do_mmap+0x10/0x10
[  696.614167][T20738]  ? __pfx_down_write_killable+0x10/0x10
[  696.614191][T20738]  vm_mmap_pgoff+0x281/0x450
[  696.614214][T20738]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  696.614231][T20738]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  696.614249][T20738]  ? hugetlbfs_get_inode+0x31f/0x730
[  696.614270][T20738]  ksys_mmap_pgoff+0x1c8/0x5c0
[  696.614288][T20738]  ? rcu_is_watching+0x12/0xc0
[  696.614302][T20738]  __x64_sys_mmap+0x125/0x190
[  696.614318][T20738]  do_syscall_64+0xcd/0x230
[  696.614338][T20738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.614352][T20738] RIP: 0033:0x7f26ee58e969
[  696.614364][T20738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  696.614377][T20738] RSP: 002b:00007f26ef432038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  696.614390][T20738] RAX: ffffffffffffffda RBX: 00007f26ee7b5fa0 RCX: 00007f26ee58e969
[  696.614400][T20738] RDX: 0000000000000002 RSI: 0000000000a00006 RDI: 0000000000c00000
[  696.614407][T20738] RBP: 00007f26ee610ab1 R08: 0000000000000602 R09: 0000300000000000
[  696.614416][T20738] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
[  696.614424][T20738] R13: 0000000000000000 R14: 00007f26ee7b5fa0 R15: 00007ffd84e03388
[  696.614442][T20738]  </TASK>
[  696.614448][T20738] HugeTLB: unable to allocate vma specific lock
[  696.932141][T20745] netlink: 330 bytes leftover after parsing attributes in process `syz.3.5872'.
[  696.952398][T20745] vcan0: left promiscuous mode
[  696.986426][T20745] Process accounting paused
[  697.750525][T20766] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5881'.
[  697.852323][T20766] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5881'.
[  697.900675][T20766] netlink: 290 bytes leftover after parsing attributes in process `syz.5.5881'.
[  698.008203][T20773] [U] 
[  698.011021][T20773] [U] 
[  698.013699][T20773] [U] 
[  698.016378][T20773] [U] 
[  698.060275][T20776] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5882'.
[  698.110450][T20773] [U] 
[  698.113190][T20773] [U] 
[  698.115891][T20773] [U] 
[  698.118583][T20773] [U] 
[  698.239529][T20782] netlink: 266 bytes leftover after parsing attributes in process `syz.5.5885'.
[  698.271728][T20773] [U] 
[  698.274457][T20773] [U] 
[  698.277134][T20773] [U] 
[  698.279814][T20773] [U] 
[  698.332511][T20782] IPv6: NLM_F_CREATE should be specified when creating new route
[  698.344090][T20771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5882'.
[  698.476510][T20773] [U] 
[  698.479240][T20773] [U] 
[  698.481918][T20773] [U] 
[  698.484590][T20773] [U] 
[  698.681771][T20783] [U] 
[  699.330557][T20812] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  700.591020][T17920] Bluetooth: hci1: Malformed LE Event: 0x1d
[  700.819889][T20841] netlink: 'syz.6.5898': attribute type 29 has an invalid length.
[  701.143960][T20847] mkiss: ax0: crc mode is auto.
[  701.689997][T20863] netlink: 334 bytes leftover after parsing attributes in process `syz.3.5904'.
[  702.598569][T20882] netlink: 25 bytes leftover after parsing attributes in process `syz.5.5912'.
[  703.333801][T17920] Bluetooth: hci3: unexpected event 0x09 length: 11 > 3
[  704.415770][T20913] netlink: 'syz.5.5923': attribute type 4 has an invalid length.
[  704.461835][T20913] netlink: 314 bytes leftover after parsing attributes in process `syz.5.5923'.
[  704.516706][T20913] IPv6: NLM_F_CREATE should be specified when creating new route
[  704.567008][T20913] IPv6: NLM_F_REPLACE set, but no existing node found!
[  705.637539][T17920] Bluetooth: hci4: Unable to find connection for big 0xd2
[  707.061664][T20949] syz.5.5936 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  707.153381][T20949] FAULT_INJECTION: forcing a failure.
[  707.153381][T20949] name failslab, interval 1, probability 0, space 0, times 0
[  707.229071][T20949] CPU: 1 UID: 0 PID: 20949 Comm: syz.5.5936 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  707.229100][T20949] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  707.229106][T20949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  707.229116][T20949] Call Trace:
[  707.229121][T20949]  <TASK>
[  707.229128][T20949]  dump_stack_lvl+0x16c/0x1f0
[  707.229153][T20949]  should_fail_ex+0x512/0x640
[  707.229171][T20949]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  707.229197][T20949]  should_failslab+0xc2/0x120
[  707.229214][T20949]  __kmalloc_cache_noprof+0x6a/0x3e0
[  707.229235][T20949]  ? do_kimage_alloc_init+0x40/0x350
[  707.229256][T20949]  do_kimage_alloc_init+0x40/0x350
[  707.229274][T20949]  do_kexec_load+0x1fd/0x8d0
[  707.229294][T20949]  ? __pfx_do_kexec_load+0x10/0x10
[  707.229315][T20949]  ? _copy_from_user+0x59/0xd0
[  707.229336][T20949]  __x64_sys_kexec_load+0x1bf/0x230
[  707.229356][T20949]  do_syscall_64+0xcd/0x230
[  707.229376][T20949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.229390][T20949] RIP: 0033:0x7fc62298e969
[  707.229402][T20949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.229415][T20949] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  707.229428][T20949] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  707.229437][T20949] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005
[  707.229445][T20949] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  707.229453][T20949] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  707.229461][T20949] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  707.229478][T20949]  </TASK>
[  707.910218][T20954] netlink: 'syz.3.5938': attribute type 4 has an invalid length.
[  707.917977][T20954] netlink: 314 bytes leftover after parsing attributes in process `syz.3.5938'.
[  708.581404][T20960] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5941'.
[  708.706657][T20963] netlink: 338 bytes leftover after parsing attributes in process `syz.4.5941'.
[  709.991972][T20991] FAULT_INJECTION: forcing a failure.
[  709.991972][T20991] name failslab, interval 1, probability 0, space 0, times 0
[  710.144611][T20991] CPU: 1 UID: 0 PID: 20991 Comm: syz.3.5952 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  710.144641][T20991] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  710.144652][T20991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  710.144661][T20991] Call Trace:
[  710.144666][T20991]  <TASK>
[  710.144672][T20991]  dump_stack_lvl+0x16c/0x1f0
[  710.144699][T20991]  should_fail_ex+0x512/0x640
[  710.144720][T20991]  ? __kmalloc_noprof+0xbf/0x510
[  710.144737][T20991]  ? __register_sysctl_table+0xb3/0x1900
[  710.144753][T20991]  should_failslab+0xc2/0x120
[  710.144769][T20991]  __kmalloc_noprof+0xd2/0x510
[  710.144787][T20991]  __register_sysctl_table+0xb3/0x1900
[  710.144803][T20991]  ? is_module_address+0x5f/0xf0
[  710.144823][T20991]  ? __pfx___register_sysctl_table+0x10/0x10
[  710.144837][T20991]  ? is_module_address+0x69/0xf0
[  710.144853][T20991]  ? register_net_sysctl_sz+0x228/0x3e0
[  710.144875][T20991]  ? __asan_memcpy+0x3c/0x60
[  710.144888][T20991]  xfrm4_net_init+0xf0/0x1c0
[  710.144907][T20991]  ? __pfx_xfrm4_net_init+0x10/0x10
[  710.144924][T20991]  ops_init+0x1df/0x5f0
[  710.144943][T20991]  setup_net+0x21e/0x850
[  710.144960][T20991]  ? __pfx_setup_net+0x10/0x10
[  710.144974][T20991]  ? lockdep_init_map_type+0x5c/0x280
[  710.144992][T20991]  ? __pfx_down_read_killable+0x10/0x10
[  710.145014][T20991]  ? debug_mutex_init+0x37/0x70
[  710.145028][T20991]  copy_net_ns+0x2a6/0x5f0
[  710.145047][T20991]  create_new_namespaces+0x3ea/0xad0
[  710.145066][T20991]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  710.145083][T20991]  ksys_unshare+0x45b/0xa40
[  710.145101][T20991]  ? __pfx_ksys_unshare+0x10/0x10
[  710.145117][T20991]  ? xfd_validate_state+0x5d/0x180
[  710.145138][T20991]  ? rcu_is_watching+0x12/0xc0
[  710.145155][T20991]  __x64_sys_unshare+0x31/0x40
[  710.145172][T20991]  do_syscall_64+0xcd/0x230
[  710.145192][T20991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.145206][T20991] RIP: 0033:0x7f91f978e969
[  710.145219][T20991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  710.145232][T20991] RSP: 002b:00007f91fa5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  710.145245][T20991] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  710.145255][T20991] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  710.145263][T20991] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  710.145271][T20991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  710.145278][T20991] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  710.145296][T20991]  </TASK>
[  712.817594][T21021] FAULT_INJECTION: forcing a failure.
[  712.817594][T21021] name failslab, interval 1, probability 0, space 0, times 0
[  712.979153][T21021] CPU: 1 UID: 0 PID: 21021 Comm: syz.4.5962 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  712.979183][T21021] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  712.979189][T21021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  712.979199][T21021] Call Trace:
[  712.979204][T21021]  <TASK>
[  712.979210][T21021]  dump_stack_lvl+0x16c/0x1f0
[  712.979235][T21021]  should_fail_ex+0x512/0x640
[  712.979255][T21021]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  712.979280][T21021]  should_failslab+0xc2/0x120
[  712.979297][T21021]  __kmalloc_cache_noprof+0x6a/0x3e0
[  712.979319][T21021]  ? trace_kmalloc+0x2b/0xd0
[  712.979336][T21021]  ? snd_virmidi_output_open+0xc4/0x670
[  712.979358][T21021]  snd_virmidi_output_open+0xc4/0x670
[  712.979378][T21021]  open_substream+0x478/0x9b0
[  712.979399][T21021]  rawmidi_open_priv+0x543/0x6e0
[  712.979422][T21021]  snd_rawmidi_open+0x4cc/0xbf0
[  712.979438][T21021]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  712.979452][T21021]  ? __pfx_default_wake_function+0x10/0x10
[  712.979469][T21021]  ? kobject_get_unless_zero+0x156/0x1e0
[  712.979490][T21021]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  712.979503][T21021]  snd_open+0x1fe/0x450
[  712.979519][T21021]  ? __pfx_snd_open+0x10/0x10
[  712.979535][T21021]  chrdev_open+0x231/0x6a0
[  712.979549][T21021]  ? __pfx_apparmor_file_open+0x10/0x10
[  712.979566][T21021]  ? __pfx_chrdev_open+0x10/0x10
[  712.979582][T21021]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  712.979604][T21021]  do_dentry_open+0x741/0x1c10
[  712.979618][T21021]  ? __pfx_chrdev_open+0x10/0x10
[  712.979636][T21021]  vfs_open+0x82/0x3f0
[  712.979655][T21021]  path_openat+0x1e5e/0x2d40
[  712.979684][T21021]  ? __pfx_path_openat+0x10/0x10
[  712.979703][T21021]  do_filp_open+0x20b/0x470
[  712.979718][T21021]  ? __pfx_do_filp_open+0x10/0x10
[  712.979745][T21021]  ? alloc_fd+0x471/0x7d0
[  712.979772][T21021]  do_sys_openat2+0x11b/0x1d0
[  712.979790][T21021]  ? __pfx_do_sys_openat2+0x10/0x10
[  712.979817][T21021]  __x64_sys_openat+0x174/0x210
[  712.979835][T21021]  ? __pfx___x64_sys_openat+0x10/0x10
[  712.979853][T21021]  ? rcu_is_watching+0x12/0xc0
[  712.979871][T21021]  do_syscall_64+0xcd/0x230
[  712.979890][T21021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.979905][T21021] RIP: 0033:0x7f26ee58e969
[  712.979918][T21021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  712.979931][T21021] RSP: 002b:00007f26ef411038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  712.979945][T21021] RAX: ffffffffffffffda RBX: 00007f26ee7b6080 RCX: 00007f26ee58e969
[  712.979954][T21021] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  712.979962][T21021] RBP: 00007f26ee610ab1 R08: 0000000000000000 R09: 0000000000000000
[  712.979970][T21021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  712.979977][T21021] R13: 0000000000000000 R14: 00007f26ee7b6080 R15: 00007ffd84e03388
[  712.979995][T21021]  </TASK>
[  714.297252][T21041] netlink: 338 bytes leftover after parsing attributes in process `syz.6.5968'.
[  714.341230][T21041] netlink: 338 bytes leftover after parsing attributes in process `syz.6.5968'.
[  714.371755][T21041] netlink: 210 bytes leftover after parsing attributes in process `syz.6.5968'.
[  714.994398][T21052] netlink: 186 bytes leftover after parsing attributes in process `syz.6.5973'.
[  716.664374][T21077] netlink: 342 bytes leftover after parsing attributes in process `syz.6.5982'.
[  717.063255][T21083] ERROR: Out of memory at tomoyo_memory_ok.
[  718.144358][T21108] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5995'.
[  718.488097][T21111] FAULT_INJECTION: forcing a failure.
[  718.488097][T21111] name failslab, interval 1, probability 0, space 0, times 0
[  718.552172][T21115] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5998'.
[  718.609030][T21111] CPU: 1 UID: 0 PID: 21111 Comm: syz.4.5996 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  718.609060][T21111] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  718.609066][T21111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  718.609075][T21111] Call Trace:
[  718.609081][T21111]  <TASK>
[  718.609088][T21111]  dump_stack_lvl+0x16c/0x1f0
[  718.609112][T21111]  should_fail_ex+0x512/0x640
[  718.609133][T21111]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  718.609151][T21111]  should_failslab+0xc2/0x120
[  718.609168][T21111]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  718.609182][T21111]  ? __proc_create+0xc3/0x8c0
[  718.609197][T21111]  ? __proc_create+0x2ce/0x8c0
[  718.609214][T21111]  __proc_create+0x2ce/0x8c0
[  718.609228][T21111]  ? __pfx___proc_create+0x10/0x10
[  718.609250][T21111]  proc_mkdir+0x81/0x170
[  718.609264][T21111]  ? __pfx_proc_mkdir+0x10/0x10
[  718.609279][T21111]  ? cache_register_net+0x137/0x5e0
[  718.609297][T21111]  cache_register_net+0x18f/0x5e0
[  718.609312][T21111]  nfsd_idmap_init+0x16e/0x250
[  718.609327][T21111]  ? __pfx_nfsd_net_init+0x10/0x10
[  718.609347][T21111]  nfsd_net_init+0x69/0x3d0
[  718.609367][T21111]  ? __pfx_nfsd_net_init+0x10/0x10
[  718.609387][T21111]  ops_init+0x1df/0x5f0
[  718.609406][T21111]  setup_net+0x21e/0x850
[  718.609423][T21111]  ? __pfx_setup_net+0x10/0x10
[  718.609437][T21111]  ? lockdep_init_map_type+0x5c/0x280
[  718.609457][T21111]  ? __pfx_down_read_killable+0x10/0x10
[  718.609479][T21111]  ? debug_mutex_init+0x37/0x70
[  718.609493][T21111]  copy_net_ns+0x2a6/0x5f0
[  718.609512][T21111]  create_new_namespaces+0x3ea/0xad0
[  718.609533][T21111]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  718.609549][T21111]  ksys_unshare+0x45b/0xa40
[  718.609568][T21111]  ? __pfx_ksys_unshare+0x10/0x10
[  718.609584][T21111]  ? xfd_validate_state+0x5d/0x180
[  718.609606][T21111]  ? rcu_is_watching+0x12/0xc0
[  718.609623][T21111]  __x64_sys_unshare+0x31/0x40
[  718.609639][T21111]  do_syscall_64+0xcd/0x230
[  718.609659][T21111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.609673][T21111] RIP: 0033:0x7f26ee58e969
[  718.609685][T21111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  718.609699][T21111] RSP: 002b:00007f26ef432038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  718.609713][T21111] RAX: ffffffffffffffda RBX: 00007f26ee7b5fa0 RCX: 00007f26ee58e969
[  718.609722][T21111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  718.609730][T21111] RBP: 00007f26ee610ab1 R08: 0000000000000000 R09: 0000000000000000
[  718.609738][T21111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  718.609746][T21111] R13: 0000000000000000 R14: 00007f26ee7b5fa0 R15: 00007ffd84e03388
[  718.609763][T21111]  </TASK>
[  721.233771][T21135] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6005'.
[  721.318607][T21135] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  721.390951][T21140] netlink: 342 bytes leftover after parsing attributes in process `syz.3.6005'.
[  721.716211][T21158] netlink: 'syz.5.6017': attribute type 4 has an invalid length.
[  721.723982][T21158] netlink: 314 bytes leftover after parsing attributes in process `syz.5.6017'.
[  721.830004][T21158] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  721.837320][T21158] IPv6: NLM_F_CREATE should be set when creating new route
[  722.262343][T21169] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6022'.
[  722.560430][T21174] netlink: 'syz.5.6025': attribute type 4 has an invalid length.
[  722.615004][T21174] netlink: 314 bytes leftover after parsing attributes in process `syz.5.6025'.
[  722.954024][T21183] netlink: 'syz.4.6028': attribute type 15 has an invalid length.
[  722.991737][T21183] netlink: 'syz.4.6028': attribute type 16 has an invalid length.
[  723.013684][T21186] FAULT_INJECTION: forcing a failure.
[  723.013684][T21186] name failslab, interval 1, probability 0, space 0, times 0
[  723.041145][T21183] netlink: 'syz.4.6028': attribute type 17 has an invalid length.
[  723.074534][T21183] netlink: 'syz.4.6028': attribute type 19 has an invalid length.
[  723.120899][T21183] netlink: 238 bytes leftover after parsing attributes in process `syz.4.6028'.
[  723.146947][T21186] CPU: 1 UID: 0 PID: 21186 Comm: syz.5.6029 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  723.146978][T21186] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  723.146984][T21186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  723.146993][T21186] Call Trace:
[  723.146999][T21186]  <TASK>
[  723.147006][T21186]  dump_stack_lvl+0x16c/0x1f0
[  723.147030][T21186]  should_fail_ex+0x512/0x640
[  723.147052][T21186]  ? fs_reclaim_acquire+0xae/0x150
[  723.147075][T21186]  ? tomoyo_init_log+0x1385/0x2140
[  723.147092][T21186]  should_failslab+0xc2/0x120
[  723.147110][T21186]  __kmalloc_noprof+0xd2/0x510
[  723.147129][T21186]  tomoyo_init_log+0x1385/0x2140
[  723.147156][T21186]  ? __pfx_tomoyo_init_log+0x10/0x10
[  723.147178][T21186]  tomoyo_write_log2+0x2f7/0xc10
[  723.147199][T21186]  tomoyo_supervisor+0x15e/0x13b0
[  723.147223][T21186]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  723.147250][T21186]  ? lockdep_hardirqs_on+0x7c/0x110
[  723.147270][T21186]  ? tomoyo_check_path_acl+0xad/0x210
[  723.147286][T21186]  ? tomoyo_check_acl+0x1f7/0x410
[  723.147302][T21186]  tomoyo_path_permission+0x270/0x3b0
[  723.147319][T21186]  tomoyo_check_open_permission+0x37b/0x3c0
[  723.147336][T21186]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  723.147370][T21186]  ? do_raw_spin_lock+0x12c/0x2b0
[  723.147394][T21186]  tomoyo_file_open+0x6b/0x90
[  723.147415][T21186]  security_file_open+0x84/0x1e0
[  723.147433][T21186]  do_dentry_open+0x596/0x1c10
[  723.147452][T21186]  vfs_open+0x82/0x3f0
[  723.147471][T21186]  path_openat+0x1e5e/0x2d40
[  723.147492][T21186]  ? __pfx_path_openat+0x10/0x10
[  723.147510][T21186]  do_filp_open+0x20b/0x470
[  723.147524][T21186]  ? __pfx_do_filp_open+0x10/0x10
[  723.147550][T21186]  ? alloc_fd+0x471/0x7d0
[  723.147574][T21186]  do_sys_openat2+0x11b/0x1d0
[  723.147591][T21186]  ? __pfx_do_sys_openat2+0x10/0x10
[  723.147609][T21186]  ? do_fcntl+0x1eb/0x1590
[  723.147629][T21186]  __x64_sys_openat+0x174/0x210
[  723.147647][T21186]  ? __pfx___x64_sys_openat+0x10/0x10
[  723.147665][T21186]  ? rcu_is_watching+0x12/0xc0
[  723.147683][T21186]  do_syscall_64+0xcd/0x230
[  723.147702][T21186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.147717][T21186] RIP: 0033:0x7fc62298e969
[  723.147736][T21186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  723.147750][T21186] RSP: 002b:00007fc6207d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  723.147764][T21186] RAX: ffffffffffffffda RBX: 00007fc622bb6080 RCX: 00007fc62298e969
[  723.147774][T21186] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  723.147783][T21186] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  723.147792][T21186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  723.147799][T21186] R13: 0000000000000000 R14: 00007fc622bb6080 R15: 00007ffcb6daa2c8
[  723.147818][T21186]  </TASK>
[  723.440939][    C1] vkms_vblank_simulate: vblank timer overrun
[  723.764278][T21179] FAULT_INJECTION: forcing a failure.
[  723.764278][T21179] name failslab, interval 1, probability 0, space 0, times 0
[  723.848340][T21179] CPU: 1 UID: 0 PID: 21179 Comm: syz.6.6027 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  723.848369][T21179] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  723.848375][T21179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  723.848383][T21179] Call Trace:
[  723.848389][T21179]  <TASK>
[  723.848402][T21179]  dump_stack_lvl+0x16c/0x1f0
[  723.848428][T21179]  should_fail_ex+0x512/0x640
[  723.848447][T21179]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  723.848471][T21179]  should_failslab+0xc2/0x120
[  723.848488][T21179]  __kmalloc_cache_noprof+0x6a/0x3e0
[  723.848509][T21179]  ? nci_allocate_device+0x105/0x430
[  723.848528][T21179]  nci_allocate_device+0x105/0x430
[  723.848544][T21179]  virtual_ncidev_open+0x6f/0x220
[  723.848564][T21179]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  723.848582][T21179]  misc_open+0x35a/0x420
[  723.848603][T21179]  ? __pfx_misc_open+0x10/0x10
[  723.848622][T21179]  chrdev_open+0x231/0x6a0
[  723.848637][T21179]  ? __pfx_apparmor_file_open+0x10/0x10
[  723.848654][T21179]  ? __pfx_chrdev_open+0x10/0x10
[  723.848669][T21179]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  723.848692][T21179]  do_dentry_open+0x741/0x1c10
[  723.848707][T21179]  ? __pfx_chrdev_open+0x10/0x10
[  723.848725][T21179]  vfs_open+0x82/0x3f0
[  723.848744][T21179]  path_openat+0x1e5e/0x2d40
[  723.848764][T21179]  ? __pfx_path_openat+0x10/0x10
[  723.848782][T21179]  do_filp_open+0x20b/0x470
[  723.848795][T21179]  ? __pfx_do_filp_open+0x10/0x10
[  723.848821][T21179]  ? alloc_fd+0x471/0x7d0
[  723.848846][T21179]  do_sys_openat2+0x11b/0x1d0
[  723.848863][T21179]  ? __pfx_do_sys_openat2+0x10/0x10
[  723.848887][T21179]  __x64_sys_openat+0x174/0x210
[  723.848904][T21179]  ? __pfx___x64_sys_openat+0x10/0x10
[  723.848922][T21179]  ? rcu_is_watching+0x12/0xc0
[  723.848940][T21179]  do_syscall_64+0xcd/0x230
[  723.848960][T21179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.848975][T21179] RIP: 0033:0x7f0e1758e969
[  723.848986][T21179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  723.848999][T21179] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  723.849012][T21179] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  723.849021][T21179] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  723.849029][T21179] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  723.849037][T21179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  723.849045][T21179] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  723.849062][T21179]  </TASK>
[  724.116147][    C1] vkms_vblank_simulate: vblank timer overrun
[  725.955890][T21202] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  727.091560][T21228] netlink: 334 bytes leftover after parsing attributes in process `syz.5.6045'.
[  727.153766][T21227] FAULT_INJECTION: forcing a failure.
[  727.153766][T21227] name failslab, interval 1, probability 0, space 0, times 0
[  727.316288][T21227] CPU: 1 UID: 0 PID: 21227 Comm: syz.6.6044 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  727.316316][T21227] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  727.316322][T21227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  727.316330][T21227] Call Trace:
[  727.316336][T21227]  <TASK>
[  727.316342][T21227]  dump_stack_lvl+0x16c/0x1f0
[  727.316366][T21227]  should_fail_ex+0x512/0x640
[  727.316387][T21227]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  727.316411][T21227]  should_failslab+0xc2/0x120
[  727.316428][T21227]  __kmalloc_cache_noprof+0x6a/0x3e0
[  727.316449][T21227]  ? do_signalfd4+0x172/0x420
[  727.316471][T21227]  do_signalfd4+0x172/0x420
[  727.316492][T21227]  __x64_sys_signalfd+0x120/0x1a0
[  727.316512][T21227]  ? __pfx___x64_sys_signalfd+0x10/0x10
[  727.316531][T21227]  ? rcu_is_watching+0x12/0xc0
[  727.316549][T21227]  do_syscall_64+0xcd/0x230
[  727.316568][T21227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.316582][T21227] RIP: 0033:0x7f0e1758e969
[  727.316594][T21227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.316607][T21227] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011a
[  727.316620][T21227] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  727.316629][T21227] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 00000000ffffffff
[  727.316637][T21227] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  727.316646][T21227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.316653][T21227] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  727.316670][T21227]  </TASK>
[  727.620730][T21210] Process accounting resumed
[  728.107302][T21244] size and base must be multiples of 4 kiB
[  728.130411][T21244] CPU: 1 UID: 0 PID: 21244 Comm: syz.3.6051 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  728.130441][T21244] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  728.130448][T21244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  728.130456][T21244] Call Trace:
[  728.130462][T21244]  <TASK>
[  728.130468][T21244]  dump_stack_lvl+0x16c/0x1f0
[  728.130492][T21244]  mtrr_del+0xd1/0x110
[  728.130512][T21244]  mtrr_ioctl+0x922/0xcf0
[  728.130532][T21244]  ? __pfx_mtrr_ioctl+0x10/0x10
[  728.130554][T21244]  ? find_held_lock+0x2b/0x80
[  728.130573][T21244]  ? __fget_files+0x20e/0x3c0
[  728.130594][T21244]  ? __pfx_mtrr_ioctl+0x10/0x10
[  728.130612][T21244]  proc_reg_unlocked_ioctl+0x226/0x320
[  728.130626][T21244]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  728.130641][T21244]  __x64_sys_ioctl+0x190/0x200
[  728.130660][T21244]  do_syscall_64+0xcd/0x230
[  728.130680][T21244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.130694][T21244] RIP: 0033:0x7f91f978e969
[  728.130706][T21244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.130718][T21244] RSP: 002b:00007f91fa5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  728.130731][T21244] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  728.130740][T21244] RDX: 0000000000000009 RSI: 00000000400c4d04 RDI: 0000000000000009
[  728.130748][T21244] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  728.130756][T21244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  728.130764][T21244] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  728.130782][T21244]  </TASK>
[  728.680431][T21248] netlink: 'syz.5.6053': attribute type 64 has an invalid length.
[  728.714388][T21248] netlink: 74 bytes leftover after parsing attributes in process `syz.5.6053'.
[  729.775905][T21253] Falling back ldisc for ptm0.
[  730.139664][T21266] FAULT_INJECTION: forcing a failure.
[  730.139664][T21266] name failslab, interval 1, probability 0, space 0, times 0
[  730.212326][T21266] CPU: 1 UID: 0 PID: 21266 Comm: syz.5.6059 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  730.212356][T21266] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  730.212362][T21266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  730.212371][T21266] Call Trace:
[  730.212377][T21266]  <TASK>
[  730.212383][T21266]  dump_stack_lvl+0x16c/0x1f0
[  730.212408][T21266]  should_fail_ex+0x512/0x640
[  730.212427][T21266]  ? __kmalloc_noprof+0xbf/0x510
[  730.212444][T21266]  ? lsm_blob_alloc+0x68/0x90
[  730.212463][T21266]  should_failslab+0xc2/0x120
[  730.212480][T21266]  __kmalloc_noprof+0xd2/0x510
[  730.212499][T21266]  lsm_blob_alloc+0x68/0x90
[  730.212518][T21266]  security_sk_alloc+0x30/0x270
[  730.212533][T21266]  sk_prot_alloc+0xfb/0x2a0
[  730.212554][T21266]  sk_alloc+0x36/0xc20
[  730.212568][T21266]  inet6_create+0x381/0x1300
[  730.212584][T21266]  ? inet6_create+0x7f/0x1300
[  730.212599][T21266]  __sock_create+0x335/0x8d0
[  730.212621][T21266]  smc_create_clcsk+0x37/0xd0
[  730.212638][T21266]  ? __pfx_smc_inet_init_sock+0x10/0x10
[  730.212657][T21266]  inet6_create+0xb2d/0x1300
[  730.212671][T21266]  ? inet6_create+0x7f/0x1300
[  730.212686][T21266]  __sock_create+0x335/0x8d0
[  730.212708][T21266]  __sys_socket+0x14d/0x260
[  730.212726][T21266]  ? __pfx___sys_socket+0x10/0x10
[  730.212746][T21266]  ? rcu_is_watching+0x12/0xc0
[  730.212768][T21266]  __x64_sys_socket+0x72/0xb0
[  730.212788][T21266]  ? lockdep_hardirqs_on+0x7c/0x110
[  730.212806][T21266]  do_syscall_64+0xcd/0x230
[  730.212827][T21266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.212841][T21266] RIP: 0033:0x7fc62298e969
[  730.212853][T21266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.212866][T21266] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  730.212880][T21266] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  730.212890][T21266] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[  730.212898][T21266] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  730.212906][T21266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.212913][T21266] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  730.212930][T21266]  </TASK>
[  731.407090][T21284] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  731.953881][T21289] page: refcount:3 mapcount:0 mapping:ffff88805f0ab158 index:0xd8 pfn:0x7ff90
[  732.158666][T21289] memcg:ffff888060724000
[  732.253785][T21290] could not allocate digest TFM handle 
[  732.274265][T21289] aops:shmem_aops ino:fb0 dentry name(?):"dev/zero"
[  732.384907][T21289] flags: 0xfff0000002011d(locked|referenced|uptodate|dirty|active|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  732.641694][T21289] raw: 00fff0000002011d ffffea0002050e08 ffffea0001b2b848 ffff88805f0ab158
[  732.951167][T21289] raw: 00000000000000d8 0000000000000000 00000003ffffffff ffff888060724000
[  733.042484][T21289] page dumped because: unmovable page
[  733.047954][T21289] page_owner tracks the page as allocated
[  733.202220][T21289] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 21279, tgid 21278 (syz.4.6062), ts 732047970822, free_ts 733190273845
[  733.395495][T21289]  post_alloc_hook+0x181/0x1b0
[  733.400327][T21289]  get_page_from_freelist+0x135c/0x3920
[  733.528807][T21289]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  733.572864][T21289]  alloc_pages_mpol+0x1fb/0x550
[  733.614241][T21289]  folio_alloc_mpol_noprof+0x36/0x2f0
[  733.680807][T21289]  shmem_alloc_folio+0x135/0x160
[  733.716817][T21289]  shmem_alloc_and_add_folio+0x499/0xc20
[  733.757019][T21289]  shmem_get_folio_gfp+0x687/0x1530
[  733.797437][T21289]  shmem_write_begin+0x160/0x300
[  733.837860][T21289]  generic_perform_write+0x3cd/0x930
[  733.869031][T21289]  shmem_file_write_iter+0x10e/0x140
[  733.892114][T21289]  __kernel_write_iter+0x317/0xa90
[  733.897265][T21289]  dump_user_range+0x418/0xb30
[  733.931807][T21289]  elf_core_dump+0x288a/0x3a90
[  733.951759][T21289]  do_coredump+0x3183/0x4480
[  733.969969][T21289]  get_signal+0x22e3/0x26d0
[  733.984752][T21289] page last free pid 21295 tgid 21278 stack trace:
[  734.011830][T21289]  free_unref_folios+0x999/0x1630
[  734.042307][T21289]  shrink_folio_list+0x3255/0x40e0
[  734.064914][T21289]  reclaim_folio_list+0xd7/0x5d0
[  734.069887][T21289]  reclaim_pages+0x47b/0x650
[  734.093714][T21289]  madvise_cold_or_pageout_pte_range+0x13a9/0x20f0
[  734.127014][T21289]  walk_pgd_range+0xba7/0x1a90
[  734.142335][T21289]  __walk_page_range+0x163/0x820
[  734.165516][T21289]  walk_page_range_mm+0x54d/0x8a0
[  734.190927][T21289]  walk_page_range+0x63/0x90
[  734.201039][T21289]  madvise_pageout+0x316/0x800
[  734.220913][T21289]  madvise_vma_behavior+0x416/0x1d50
[  734.247186][T21289]  madvise_walk_vmas+0x1ce/0x2c0
[  734.268505][T21289]  madvise_do_behavior+0x12b/0x3b0
[  734.284252][T21289]  do_madvise+0x10b/0x170
[  734.301010][T21289]  __x64_sys_madvise+0xa9/0x110
[  734.329047][T21289]  do_syscall_64+0xcd/0x230
[  734.576615][T21317] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  735.679659][T21340] smc: net device syz_tun applied user defined pnetid ETHTOOL
[  740.314477][T21420] sctp: [Deprecated]: syz.5.6108 (pid 21420) Use of int in maxseg socket option.
[  740.314477][T21420] Use struct sctp_assoc_value instead
[  740.341240][T21421] netlink: 218 bytes leftover after parsing attributes in process `syz.6.6109'.
[  740.406514][T21421] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  743.358604][T21453] netlink: 306 bytes leftover after parsing attributes in process `syz.6.6119'.
[  744.410645][T21477] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  744.980188][T21485] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6128'.
[  746.915406][T21523] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  746.981175][T21519] netlink: 314 bytes leftover after parsing attributes in process `syz.4.6140'.
[  747.446702][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  747.458883][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  749.730756][T21575] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6157'.
[  750.424143][T21584] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6163'.
[  750.478217][T21591] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6163'.
[  750.896296][T21595] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6167'.
[  751.304493][T21600] input: isc as /devices/virtual/input/input10
[  751.338539][T21600] FAULT_INJECTION: forcing a failure.
[  751.338539][T21600] name failslab, interval 1, probability 0, space 0, times 0
[  751.410910][T21600] CPU: 1 UID: 0 PID: 21600 Comm: syz.6.6169 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  751.410939][T21600] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  751.410945][T21600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  751.410954][T21600] Call Trace:
[  751.410960][T21600]  <TASK>
[  751.410966][T21600]  dump_stack_lvl+0x16c/0x1f0
[  751.410992][T21600]  should_fail_ex+0x512/0x640
[  751.411012][T21600]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  751.411036][T21600]  should_failslab+0xc2/0x120
[  751.411053][T21600]  __kmalloc_cache_noprof+0x6a/0x3e0
[  751.411074][T21600]  ? evdev_connect+0x82/0x4c0
[  751.411094][T21600]  evdev_connect+0x82/0x4c0
[  751.411112][T21600]  input_attach_handler.isra.0+0x181/0x260
[  751.411131][T21600]  input_register_device+0xa84/0x1130
[  751.411150][T21600]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  751.411175][T21600]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  751.411199][T21600]  ? find_held_lock+0x2b/0x80
[  751.411222][T21600]  ? __pfx_uinput_ioctl+0x10/0x10
[  751.411241][T21600]  __x64_sys_ioctl+0x190/0x200
[  751.411261][T21600]  do_syscall_64+0xcd/0x230
[  751.411281][T21600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.411295][T21600] RIP: 0033:0x7f0e1758e969
[  751.411306][T21600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.411319][T21600] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  751.411332][T21600] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  751.411341][T21600] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005
[  751.411349][T21600] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  751.411357][T21600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  751.411365][T21600] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  751.411382][T21600]  </TASK>
[  751.411391][T21600] input: failed to attach handler evdev to device input10, error: -12
[  751.948097][T21607] netlink: 194 bytes leftover after parsing attributes in process `syz.5.6172'.
[  756.016437][T17920] Bluetooth: hci0: unexpected event 0x04 length: 442 > 10
[  756.016464][T17920] Bluetooth: unknown link type 178
[  756.031513][T17920] Bluetooth: hci0: connection err: -111
[  756.381425][T21674] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6196'.
[  756.648034][T21682] sg_write: data in/out 32732/16086 bytes for SCSI command 0x0-- guessing data in;
[  756.648034][T21682]    program syz.6.6198 not setting count and/or reply_len properly
[  757.466211][T21694] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6203'.
[  757.727902][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807b38fc00: rx timeout, send abort
[  758.236406][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807b38fc00: abort rx timeout. Force session deactivation
[  758.479322][T17920] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6
[  760.048815][T21697] Process accounting paused
[  761.107208][T21729] can: request_module (can-proto-0) failed.
[  761.120532][T21738] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6215'.
[  761.172564][T21738] netlink: 274 bytes leftover after parsing attributes in process `syz.6.6215'.
[  762.602346][T21753] netlink: 338 bytes leftover after parsing attributes in process `syz.5.6222'.
[  763.612679][T21772] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6229'.
[  763.835400][T21771] netlink: 274 bytes leftover after parsing attributes in process `syz.6.6229'.
[  765.297929][T21803] netlink: 338 bytes leftover after parsing attributes in process `syz.6.6243'.
[  765.319363][ T9152] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  765.340016][ T9152] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  765.349778][ T9152] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  765.358741][ T9152] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  765.367198][ T9152] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  765.437635][T21807] netlink: 338 bytes leftover after parsing attributes in process `syz.6.6243'.
[  765.482274][T21803] netlink: 290 bytes leftover after parsing attributes in process `syz.6.6243'.
[  765.508288][T21808] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6242'.
[  765.718500][T21805] netlink: 274 bytes leftover after parsing attributes in process `syz.5.6242'.
[  766.082334][T21804] chnl_net:caif_netlink_parms(): no params data found
[  766.101155][T21820] FAULT_INJECTION: forcing a failure.
[  766.101155][T21820] name failslab, interval 1, probability 0, space 0, times 0
[  766.186434][T21820] CPU: 1 UID: 0 PID: 21820 Comm: syz.5.6247 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  766.186463][T21820] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  766.186469][T21820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  766.186478][T21820] Call Trace:
[  766.186484][T21820]  <TASK>
[  766.186491][T21820]  dump_stack_lvl+0x16c/0x1f0
[  766.186515][T21820]  should_fail_ex+0x512/0x640
[  766.186533][T21820]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  766.186552][T21820]  should_failslab+0xc2/0x120
[  766.186572][T21820]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  766.186586][T21820]  ? delete_node+0x207/0x8d0
[  766.186600][T21820]  ? blk_alloc_queue+0x31/0x760
[  766.186619][T21820]  blk_alloc_queue+0x31/0x760
[  766.186636][T21820]  __blk_alloc_disk+0xa5/0x170
[  766.186655][T21820]  ? __pfx___blk_alloc_disk+0x10/0x10
[  766.186685][T21820]  ? lockdep_init_map_type+0x5c/0x280
[  766.186704][T21820]  ? __raw_spin_lock_init+0x3a/0x110
[  766.186724][T21820]  ? __pfx_hot_add_show+0x10/0x10
[  766.186743][T21820]  zram_add+0x16e/0x6c0
[  766.186760][T21820]  ? __pfx_zram_add+0x10/0x10
[  766.186789][T21820]  ? find_held_lock+0x2b/0x80
[  766.186805][T21820]  ? __pfx_hot_add_show+0x10/0x10
[  766.186821][T21820]  ? __pfx_class_attr_show+0x10/0x10
[  766.186837][T21820]  hot_add_show+0x21/0x80
[  766.186854][T21820]  class_attr_show+0x6f/0xa0
[  766.186871][T21820]  sysfs_kf_seq_show+0x213/0x3e0
[  766.186895][T21820]  seq_read_iter+0x506/0x12c0
[  766.186923][T21820]  kernfs_fop_read_iter+0x40f/0x5a0
[  766.186939][T21820]  ? rw_verify_area+0xcf/0x680
[  766.186960][T21820]  vfs_read+0x8c8/0xc70
[  766.186975][T21820]  ? __pfx___mutex_lock+0x10/0x10
[  766.186993][T21820]  ? __pfx_vfs_read+0x10/0x10
[  766.187019][T21820]  ksys_read+0x12a/0x240
[  766.187031][T21820]  ? __pfx_ksys_read+0x10/0x10
[  766.187042][T21820]  ? rcu_is_watching+0x12/0xc0
[  766.187061][T21820]  do_syscall_64+0xcd/0x230
[  766.187080][T21820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.187095][T21820] RIP: 0033:0x7fc62298e969
[  766.187107][T21820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  766.187121][T21820] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  766.187135][T21820] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  766.187145][T21820] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005
[  766.187154][T21820] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  766.187162][T21820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  766.187171][T21820] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  766.187190][T21820]  </TASK>
[  766.187197][T21820] zram: Error allocating disk structure for device 1
[  767.026203][T21804] bridge0: port 1(bridge_slave_0) entered blocking state
[  767.042794][T21804] bridge0: port 1(bridge_slave_0) entered disabled state
[  767.069772][T21804] bridge_slave_0: entered allmulticast mode
[  767.105048][T21804] bridge_slave_0: entered promiscuous mode
[  767.176072][T21804] bridge0: port 2(bridge_slave_1) entered blocking state
[  767.198196][T21804] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.222490][T21804] bridge_slave_1: entered allmulticast mode
[  767.237356][T21804] bridge_slave_1: entered promiscuous mode
[  767.337525][T21804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  767.432038][T21804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.453008][T17920] Bluetooth: hci5: command tx timeout
[  767.484174][T21825] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  767.507139][T21825] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  767.536480][T21825] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  767.553452][T21825] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  767.584515][T21825] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  767.667797][T21825] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  767.676553][T21804] team0: Port device team_slave_0 added
[  767.731140][T21804] team0: Port device team_slave_1 added
[  767.775395][T21825] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  767.806228][T21825] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  767.854366][T21825] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  767.894235][T21841] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6251'.
[  767.905095][T21825] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  767.918608][T21804] batman_adv: batadv0: Adding interface: batadv_slave_0
[  767.945212][T21825] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  767.957646][T21804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  768.038340][T21825] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  768.069793][T21845] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6251'.
[  768.083111][T21825] CPU0 is offline.
[  768.123694][T21804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  768.242032][T21804] batman_adv: batadv0: Adding interface: batadv_slave_1
[  768.272347][T21804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  768.417284][T21804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  768.450941][T21850] sp0: Synchronizing with TNC
[  768.625703][T21804] hsr_slave_0: entered promiscuous mode
[  768.665148][T21804] hsr_slave_1: entered promiscuous mode
[  768.694052][T21804] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  768.723320][T21804] Cannot create hsr debugfs directory
[  768.889253][T21857] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6255'.
[  768.969892][T17920] Bluetooth: hci1: command 0x0c1a tx timeout
[  769.405054][T21866] [U] 
[  769.405099][T21866] [U] 
[  769.405121][T21866] [U] 
[  769.405143][T21866] [U] 
[  769.405233][T21866] [U] 
[  769.405254][T21866] [U] 
[  769.405273][T21866] [U] 
[  769.405293][T21866] [U] 
[  769.405485][T21866] [U] 
[  769.405509][T21866] [U] 
[  769.405530][T21866] [U] 
[  769.405551][T21866] [U] 
[  769.405641][T21866] [U] 
[  769.405661][T21866] [U] 
[  769.405681][T21866] [U] 
[  769.405701][T21866] [U] 
[  769.405894][T21866] [U] 
[  769.405917][T21866] [U] 
[  769.405938][T21866] [U] 
[  769.405960][T21866] [U] 
[  769.406047][T21866] [U] 
[  769.406067][T21866] [U] 
[  769.406087][T21866] [U] 
[  769.406107][T21866] [U] 
[  769.406242][T21866] [U] 
[  769.406264][T21866] [U] 
[  769.406284][T21866] [U] 
[  769.406305][T21866] [U] 
[  769.406392][T21866] [U] 
[  769.406412][T21866] [U] 
[  769.406432][T21866] [U] 
[  769.406452][T21866] [U] 
[  769.406590][T21866] [U] 
[  769.406613][T21866] [U] 
[  769.406634][T21866] [U] 
[  769.406654][T21866] [U] 
[  769.406741][T21866] [U] 
[  769.406761][T21866] [U] 
[  769.406781][T21866] [U] 
[  769.406800][T21866] [U] 
[  769.406925][T21866] [U] 
[  769.406945][T21866] [U] 
[  769.406965][T21866] [U] 
[  769.406985][T21866] [U] 
[  769.407072][T21866] [U] 
[  769.407092][T21866] [U] 
[  769.407112][T21866] [U] 
[  769.407132][T21866] [U] 
[  769.407310][T21866] [U] 
[  769.407332][T21866] [U] 
[  769.407354][T21866] [U] 
[  769.407375][T21866] [U] 
[  769.407471][T21866] [U] 
[  769.407493][T21866] [U] 
[  769.407515][T21866] [U] 
[  769.407535][T21866] [U] 
[  769.407666][T21866] [U] 
[  769.407688][T21866] [U] 
[  769.407709][T21866] [U] 
[  769.407730][T21866] [U] 
[  769.407816][T21866] [U] 
[  769.407836][T21866] [U] 
[  769.407856][T21866] [U] 
[  769.407876][T21866] [U] 
[  769.408002][T21866] [U] 
[  769.408023][T21866] [U] 
[  769.408043][T21866] [U] 
[  769.408062][T21866] [U] 
[  769.408150][T21866] [U] 
[  769.408169][T21866] [U] 
[  769.408189][T21866] [U] 
[  769.408209][T21866] [U] 
[  769.408337][T21866] [U] 
[  769.408358][T21866] [U] 
[  769.408380][T21866] [U] 
[  769.408402][T21866] [U] 
[  769.408497][T21866] [U] 
[  769.408519][T21866] [U] 
[  769.408540][T21866] [U] 
[  769.408561][T21866] [U] 
[  769.408692][T21866] [U] 
[  769.408714][T21866] [U] 
[  769.408735][T21866] [U] 
[  769.408756][T21866] [U] 
[  769.408843][T21866] [U] 
[  769.408864][T21866] [U] 
[  769.408884][T21866] [U] 
[  769.408904][T21866] [U] 
[  769.409032][T21866] [U] 
[  769.409053][T21866] [U] 
[  769.409072][T21866] [U] 
[  769.409092][T21866] [U] 
[  769.409180][T21866] [U] 
[  769.409199][T21866] [U] 
[  769.409219][T21866] [U] 
[  769.409239][T21866] [U] 
[  769.409369][T21866] [U] 
[  769.409390][T21866] [U] 
[  769.409411][T21866] [U] 
[  769.409433][T21866] [U] 
[  769.409530][T21866] [U] 
[  769.409552][T21866] [U] 
[  769.409573][T21866] [U] 
[  769.409594][T21866] [U] 
[  769.435369][T21866] [U] 
[  769.435397][T21866] [U] 
[  769.435419][T21866] [U] 
[  769.435440][T21866] [U] 
[  769.435542][T21866] [U] 
[  769.435564][T21866] [U] 
[  769.435585][T21866] [U] 
[  769.435607][T21866] [U] 
[  769.435776][T21866] [U] 
[  769.435798][T21866] [U] 
[  769.435818][T21866] [U] 
[  769.435839][T21866] [U] 
[  769.435930][T21866] [U] 
[  769.435951][T21866] [U] 
[  769.435972][T21866] [U] 
[  769.435992][T21866] [U] 
[  769.436127][T21866] [U] 
[  769.436149][T21866] [U] 
[  769.436169][T21866] [U] 
[  769.436190][T21866] [U] 
[  769.436264][T21866] [U] 
[  769.436285][T21866] [U] 
[  769.436306][T21866] [U] 
[  769.451559][T21804] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  769.466928][T21804] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  769.506309][T21804] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  769.511507][T21804] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  769.531285][T17920] Bluetooth: hci2: command 0x0c1a tx timeout
[  769.613342][T17920] Bluetooth: hci0: command 0x0c1a tx timeout
[  769.613398][T17920] Bluetooth: hci3: command 0x0c1a tx timeout
[  769.669657][T21867] [U] 
[  769.763311][T21804] 8021q: adding VLAN 0 to HW filter on device bond0
[  769.814543][T21804] 8021q: adding VLAN 0 to HW filter on device team0
[  769.825571][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  769.825672][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  769.843827][   T80] bridge0: port 2(bridge_slave_1) entered blocking state
[  769.843902][   T80] bridge0: port 2(bridge_slave_1) entered forwarding state
[  769.853073][ T9152] Bluetooth: hci4: command 0x0c1a tx timeout
[  769.930354][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  769.937368][T21804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  770.457204][T21804] 8021q: adding VLAN 0 to HW filter on device batadv0
[  770.989150][T21804] veth0_vlan: entered promiscuous mode
[  771.009759][T21804] veth1_vlan: entered promiscuous mode
[  771.094277][T21804] veth0_macvtap: entered promiscuous mode
[  771.125847][T21804] veth1_macvtap: entered promiscuous mode
[  771.153354][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153373][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.153381][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153391][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.153400][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153409][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.153417][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153426][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.153434][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153444][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.153451][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  771.153461][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.154329][T21804] batman_adv: batadv0: Interface activated: batadv_slave_0
[  771.168125][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168143][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168151][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168160][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168167][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168177][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168185][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168194][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168202][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168211][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168219][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168228][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.168235][T21804] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  771.168245][T21804] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  771.169035][T21804] batman_adv: batadv0: Interface activated: batadv_slave_1
[  771.192330][T21804] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  771.192400][T21804] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  771.192420][T21804] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  771.192439][T21804] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  771.410233][ T1528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.410286][ T1528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.494054][ T1528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.494074][ T1528] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.692825][ T9152] Bluetooth: hci0: command 0x0c1a tx timeout
[  771.931765][ T9152] Bluetooth: hci4: command 0x0c1a tx timeout
[  772.014007][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  772.185723][T21895] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6262'.
[  772.186993][T21895] netlink: 274 bytes leftover after parsing attributes in process `syz.7.6262'.
[  773.775856][ T9152] Bluetooth: hci0: command 0x0c1a tx timeout
[  773.898944][T21909] netlink: 294 bytes leftover after parsing attributes in process `syz.6.6278'.
[  774.013087][ T9152] Bluetooth: hci4: command 0x0c1a tx timeout
[  774.094204][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  774.292481][T21913] netlink: 16 bytes leftover after parsing attributes in process `syz.7.6267'.
[  776.175063][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  777.320404][T21963] netlink: 350 bytes leftover after parsing attributes in process `syz.3.6290'.
[  778.189681][T21976] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6295'.
[  778.256122][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  778.665081][ T9152] Bluetooth: hci4: Unable to find connection for big 0xd2
[  779.192522][T21994] FAULT_INJECTION: forcing a failure.
[  779.192522][T21994] name failslab, interval 1, probability 0, space 0, times 0
[  779.283142][T21994] CPU: 1 UID: 0 PID: 21994 Comm: syz.6.6302 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  779.283171][T21994] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  779.283177][T21994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  779.283185][T21994] Call Trace:
[  779.283191][T21994]  <TASK>
[  779.283198][T21994]  dump_stack_lvl+0x16c/0x1f0
[  779.283230][T21994]  should_fail_ex+0x512/0x640
[  779.283250][T21994]  ? __kmalloc_noprof+0xbf/0x510
[  779.283267][T21994]  ? __register_sysctl_table+0xb3/0x1900
[  779.283283][T21994]  should_failslab+0xc2/0x120
[  779.283300][T21994]  __kmalloc_noprof+0xd2/0x510
[  779.283319][T21994]  __register_sysctl_table+0xb3/0x1900
[  779.283335][T21994]  ? is_module_address+0x5f/0xf0
[  779.283355][T21994]  ? __pfx___register_sysctl_table+0x10/0x10
[  779.283369][T21994]  ? is_module_address+0x69/0xf0
[  779.283386][T21994]  ? register_net_sysctl_sz+0x228/0x3e0
[  779.283408][T21994]  ? __asan_memcpy+0x3c/0x60
[  779.283423][T21994]  xfrm4_net_init+0xf0/0x1c0
[  779.283442][T21994]  ? __pfx_xfrm4_net_init+0x10/0x10
[  779.283458][T21994]  ops_init+0x1df/0x5f0
[  779.283477][T21994]  setup_net+0x21e/0x850
[  779.283494][T21994]  ? __pfx_setup_net+0x10/0x10
[  779.283508][T21994]  ? lockdep_init_map_type+0x5c/0x280
[  779.283527][T21994]  ? __pfx_down_read_killable+0x10/0x10
[  779.283548][T21994]  ? debug_mutex_init+0x37/0x70
[  779.283563][T21994]  copy_net_ns+0x2a6/0x5f0
[  779.283581][T21994]  create_new_namespaces+0x3ea/0xad0
[  779.283601][T21994]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  779.283617][T21994]  ksys_unshare+0x45b/0xa40
[  779.283635][T21994]  ? __pfx_ksys_unshare+0x10/0x10
[  779.283651][T21994]  ? xfd_validate_state+0x5d/0x180
[  779.283673][T21994]  ? rcu_is_watching+0x12/0xc0
[  779.283690][T21994]  __x64_sys_unshare+0x31/0x40
[  779.283706][T21994]  do_syscall_64+0xcd/0x230
[  779.283725][T21994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.283739][T21994] RIP: 0033:0x7f0e1758e969
[  779.283752][T21994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.283765][T21994] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  779.283778][T21994] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  779.283788][T21994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  779.283796][T21994] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  779.283805][T21994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  779.283813][T21994] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  779.283831][T21994]  </TASK>
[  782.190411][T22036] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  782.208767][T22036] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  782.234912][T22036] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  782.262936][T22036] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  782.288154][T22036] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  782.315759][T22036] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  782.345573][T22036] CPU0 is offline.
[  783.259547][T22067] FAULT_INJECTION: forcing a failure.
[  783.259547][T22067] name failslab, interval 1, probability 0, space 0, times 0
[  783.374664][T22067] CPU: 1 UID: 0 PID: 22067 Comm: syz.6.6325 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  783.374694][T22067] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  783.374700][T22067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  783.374708][T22067] Call Trace:
[  783.374714][T22067]  <TASK>
[  783.374721][T22067]  dump_stack_lvl+0x16c/0x1f0
[  783.374744][T22067]  should_fail_ex+0x512/0x640
[  783.374764][T22067]  ? __kvmalloc_node_noprof+0x122/0x600
[  783.374780][T22067]  should_failslab+0xc2/0x120
[  783.374798][T22067]  __kvmalloc_node_noprof+0x135/0x600
[  783.374812][T22067]  ? lockdep_init_map_type+0x5c/0x280
[  783.374830][T22067]  ? open_substream+0x30c/0x9b0
[  783.374853][T22067]  ? open_substream+0x30c/0x9b0
[  783.374869][T22067]  ? open_substream+0x19a/0x9b0
[  783.374893][T22067]  open_substream+0x30c/0x9b0
[  783.374913][T22067]  ? lockdep_hardirqs_on+0x7c/0x110
[  783.374933][T22067]  rawmidi_open_priv+0x543/0x6e0
[  783.374956][T22067]  snd_rawmidi_open+0x4cc/0xbf0
[  783.374973][T22067]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  783.374987][T22067]  ? __pfx_default_wake_function+0x10/0x10
[  783.375003][T22067]  ? kobject_get_unless_zero+0x156/0x1e0
[  783.375024][T22067]  ? __pfx_snd_rawmidi_open+0x10/0x10
[  783.375036][T22067]  snd_open+0x1fe/0x450
[  783.375053][T22067]  ? __pfx_snd_open+0x10/0x10
[  783.375069][T22067]  chrdev_open+0x231/0x6a0
[  783.375083][T22067]  ? __pfx_apparmor_file_open+0x10/0x10
[  783.375100][T22067]  ? __pfx_chrdev_open+0x10/0x10
[  783.375115][T22067]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  783.375138][T22067]  do_dentry_open+0x741/0x1c10
[  783.375152][T22067]  ? __pfx_chrdev_open+0x10/0x10
[  783.375170][T22067]  vfs_open+0x82/0x3f0
[  783.375189][T22067]  path_openat+0x1e5e/0x2d40
[  783.375209][T22067]  ? __pfx_path_openat+0x10/0x10
[  783.375227][T22067]  do_filp_open+0x20b/0x470
[  783.375240][T22067]  ? __pfx_do_filp_open+0x10/0x10
[  783.375266][T22067]  ? alloc_fd+0x471/0x7d0
[  783.375291][T22067]  do_sys_openat2+0x11b/0x1d0
[  783.375308][T22067]  ? __pfx_do_sys_openat2+0x10/0x10
[  783.375332][T22067]  __x64_sys_openat+0x174/0x210
[  783.375349][T22067]  ? __pfx___x64_sys_openat+0x10/0x10
[  783.375367][T22067]  ? rcu_is_watching+0x12/0xc0
[  783.375385][T22067]  do_syscall_64+0xcd/0x230
[  783.375404][T22067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.375418][T22067] RIP: 0033:0x7f0e1758e969
[  783.375430][T22067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.375443][T22067] RSP: 002b:00007f0e183c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  783.375456][T22067] RAX: ffffffffffffffda RBX: 00007f0e177b6080 RCX: 00007f0e1758e969
[  783.375465][T22067] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  783.375474][T22067] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  783.375483][T22067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  783.375491][T22067] R13: 0000000000000000 R14: 00007f0e177b6080 R15: 00007ffe0b200938
[  783.375509][T22067]  </TASK>
[  784.143586][ T9152] Bluetooth: hci1: command 0x0c1a tx timeout
[  784.360551][ T9152] Bluetooth: hci3: command 0x0c1a tx timeout
[  784.366672][ T9152] Bluetooth: hci2: command 0x0c1a tx timeout
[  784.376827][ T9152] Bluetooth: hci5: command 0x040f tx timeout
[  784.384617][ T9152] Bluetooth: hci4: command 0x0c1a tx timeout
[  784.395130][ T9152] Bluetooth: hci0: command 0x0c1a tx timeout
[  785.462152][T22098] FAULT_INJECTION: forcing a failure.
[  785.462152][T22098] name failslab, interval 1, probability 0, space 0, times 0
[  785.535244][T22098] CPU: 1 UID: 0 PID: 22098 Comm: syz.3.6336 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  785.535272][T22098] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  785.535278][T22098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  785.535286][T22098] Call Trace:
[  785.535292][T22098]  <TASK>
[  785.535298][T22098]  dump_stack_lvl+0x16c/0x1f0
[  785.535322][T22098]  should_fail_ex+0x512/0x640
[  785.535341][T22098]  ? fs_reclaim_acquire+0xae/0x150
[  785.535362][T22098]  ? tomoyo_init_log+0x1385/0x2140
[  785.535380][T22098]  should_failslab+0xc2/0x120
[  785.535396][T22098]  __kmalloc_noprof+0xd2/0x510
[  785.535415][T22098]  tomoyo_init_log+0x1385/0x2140
[  785.535442][T22098]  ? __pfx_tomoyo_init_log+0x10/0x10
[  785.535465][T22098]  tomoyo_write_log2+0x2f7/0xc10
[  785.535486][T22098]  tomoyo_supervisor+0x15e/0x13b0
[  785.535509][T22098]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  785.535537][T22098]  ? lockdep_hardirqs_on+0x7c/0x110
[  785.535557][T22098]  ? tomoyo_check_path_acl+0xad/0x210
[  785.535572][T22098]  ? tomoyo_check_acl+0x1f7/0x410
[  785.535588][T22098]  tomoyo_path_permission+0x270/0x3b0
[  785.535606][T22098]  tomoyo_check_open_permission+0x37b/0x3c0
[  785.535622][T22098]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  785.535665][T22098]  ? do_raw_spin_lock+0x12c/0x2b0
[  785.535691][T22098]  tomoyo_file_open+0x6b/0x90
[  785.535713][T22098]  security_file_open+0x84/0x1e0
[  785.535730][T22098]  do_dentry_open+0x596/0x1c10
[  785.535749][T22098]  vfs_open+0x82/0x3f0
[  785.535769][T22098]  path_openat+0x1e5e/0x2d40
[  785.535789][T22098]  ? __pfx_path_openat+0x10/0x10
[  785.535807][T22098]  do_filp_open+0x20b/0x470
[  785.535820][T22098]  ? __pfx_do_filp_open+0x10/0x10
[  785.535846][T22098]  ? alloc_fd+0x471/0x7d0
[  785.535871][T22098]  do_sys_openat2+0x11b/0x1d0
[  785.535887][T22098]  ? __pfx_do_sys_openat2+0x10/0x10
[  785.535911][T22098]  __x64_sys_openat+0x174/0x210
[  785.535928][T22098]  ? __pfx___x64_sys_openat+0x10/0x10
[  785.535947][T22098]  ? rcu_is_watching+0x12/0xc0
[  785.535965][T22098]  do_syscall_64+0xcd/0x230
[  785.535985][T22098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.535999][T22098] RIP: 0033:0x7f91f978e969
[  785.536011][T22098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  785.536024][T22098] RSP: 002b:00007f91fa5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  785.536037][T22098] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  785.536046][T22098] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  785.536054][T22098] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  785.536062][T22098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  785.536071][T22098] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  785.536089][T22098]  </TASK>
[  787.190294][T22109] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6339'.
[  787.228853][T22109] IPv6: NLM_F_CREATE should be specified when creating new route
[  787.272661][T22109] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  787.280101][T22109] IPv6: NLM_F_CREATE should be set when creating new route
[  787.287313][T22109] IPv6: NLM_F_CREATE should be set when creating new route
[  787.371786][T22112] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6339'.
[  787.897967][T22119] netlink: 'syz.3.6344': attribute type 4 has an invalid length.
[  787.923858][T22119] netlink: 314 bytes leftover after parsing attributes in process `syz.3.6344'.
[  787.961114][T22119] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  787.968374][T22119] IPv6: NLM_F_CREATE should be set when creating new route
[  788.533222][T22128] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6347'.
[  788.620462][T22130] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6347'.
[  788.769324][T22132] netlink: 'syz.7.6348': attribute type 27 has an invalid length.
[  788.963575][T22132] netlink: 146 bytes leftover after parsing attributes in process `syz.7.6348'.
[  788.995753][T22140] FAULT_INJECTION: forcing a failure.
[  788.995753][T22140] name failslab, interval 1, probability 0, space 0, times 0
[  789.073847][T22140] CPU: 1 UID: 0 PID: 22140 Comm: syz.6.6351 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  789.073876][T22140] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  789.073883][T22140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  789.073892][T22140] Call Trace:
[  789.073898][T22140]  <TASK>
[  789.073903][T22140]  dump_stack_lvl+0x16c/0x1f0
[  789.073929][T22140]  should_fail_ex+0x512/0x640
[  789.073949][T22140]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  789.073968][T22140]  should_failslab+0xc2/0x120
[  789.073985][T22140]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  789.074000][T22140]  ? delete_node+0x207/0x8d0
[  789.074014][T22140]  ? blk_alloc_queue+0x31/0x760
[  789.074033][T22140]  blk_alloc_queue+0x31/0x760
[  789.074051][T22140]  __blk_alloc_disk+0xa5/0x170
[  789.074069][T22140]  ? __pfx___blk_alloc_disk+0x10/0x10
[  789.074099][T22140]  ? lockdep_init_map_type+0x5c/0x280
[  789.074118][T22140]  ? __raw_spin_lock_init+0x3a/0x110
[  789.074139][T22140]  ? __pfx_hot_add_show+0x10/0x10
[  789.074157][T22140]  zram_add+0x16e/0x6c0
[  789.074174][T22140]  ? __pfx_zram_add+0x10/0x10
[  789.074203][T22140]  ? find_held_lock+0x2b/0x80
[  789.074219][T22140]  ? __pfx_hot_add_show+0x10/0x10
[  789.074235][T22140]  ? __pfx_class_attr_show+0x10/0x10
[  789.074251][T22140]  hot_add_show+0x21/0x80
[  789.074268][T22140]  class_attr_show+0x6f/0xa0
[  789.074292][T22140]  sysfs_kf_seq_show+0x213/0x3e0
[  789.074316][T22140]  seq_read_iter+0x506/0x12c0
[  789.074346][T22140]  kernfs_fop_read_iter+0x40f/0x5a0
[  789.074362][T22140]  ? rw_verify_area+0xcf/0x680
[  789.074383][T22140]  vfs_read+0x8c8/0xc70
[  789.074402][T22140]  ? __pfx___mutex_lock+0x10/0x10
[  789.074420][T22140]  ? __pfx_vfs_read+0x10/0x10
[  789.074445][T22140]  ksys_read+0x12a/0x240
[  789.074458][T22140]  ? __pfx_ksys_read+0x10/0x10
[  789.074469][T22140]  ? rcu_is_watching+0x12/0xc0
[  789.074487][T22140]  do_syscall_64+0xcd/0x230
[  789.074507][T22140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.074521][T22140] RIP: 0033:0x7f0e1758e969
[  789.074533][T22140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.074545][T22140] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  789.074558][T22140] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  789.074567][T22140] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000005
[  789.074575][T22140] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  789.074582][T22140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  789.074590][T22140] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  789.074609][T22140]  </TASK>
[  789.074616][T22140] zram: Error allocating disk structure for device 1
[  790.037465][T22150] netlink: 334 bytes leftover after parsing attributes in process `syz.3.6354'.
[  790.123491][T22152] input: isc as /devices/virtual/input/input11
[  790.223877][T22152] FAULT_INJECTION: forcing a failure.
[  790.223877][T22152] name failslab, interval 1, probability 0, space 0, times 0
[  790.319806][T22152] CPU: 1 UID: 0 PID: 22152 Comm: syz.5.6363 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  790.319836][T22152] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  790.319842][T22152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  790.319851][T22152] Call Trace:
[  790.319856][T22152]  <TASK>
[  790.319863][T22152]  dump_stack_lvl+0x16c/0x1f0
[  790.319888][T22152]  should_fail_ex+0x512/0x640
[  790.319909][T22152]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  790.319930][T22152]  should_failslab+0xc2/0x120
[  790.319947][T22152]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  790.319964][T22152]  ? kstrdup_const+0x63/0x80
[  790.319983][T22152]  kstrdup+0x53/0x100
[  790.320000][T22152]  kstrdup_const+0x63/0x80
[  790.320016][T22152]  __kernfs_new_node+0x9b/0x8a0
[  790.320038][T22152]  ? __pfx___kernfs_new_node+0x10/0x10
[  790.320063][T22152]  ? find_held_lock+0x2b/0x80
[  790.320077][T22152]  ? kernfs_root+0xee/0x2a0
[  790.320092][T22152]  kernfs_new_node+0x13c/0x1e0
[  790.320110][T22152]  kernfs_create_link+0xcc/0x240
[  790.320129][T22152]  sysfs_do_create_link_sd+0x90/0x140
[  790.320154][T22152]  sysfs_create_link+0x61/0xc0
[  790.320191][T22152]  device_add+0x62c/0x1a70
[  790.320218][T22152]  ? __pfx_device_add+0x10/0x10
[  790.320236][T22152]  ? __pfx_exact_lock+0x10/0x10
[  790.320254][T22152]  ? kobject_get+0xbb/0x150
[  790.320276][T22152]  cdev_device_add+0xc2/0x1e0
[  790.320292][T22152]  evdev_connect+0x3a4/0x4c0
[  790.320311][T22152]  input_attach_handler.isra.0+0x181/0x260
[  790.320330][T22152]  input_register_device+0xa84/0x1130
[  790.320348][T22152]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  790.320371][T22152]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  790.320396][T22152]  ? find_held_lock+0x2b/0x80
[  790.320417][T22152]  ? __pfx_uinput_ioctl+0x10/0x10
[  790.320437][T22152]  __x64_sys_ioctl+0x190/0x200
[  790.320456][T22152]  do_syscall_64+0xcd/0x230
[  790.320477][T22152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.320491][T22152] RIP: 0033:0x7fc62298e969
[  790.320504][T22152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.320518][T22152] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  790.320532][T22152] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  790.320541][T22152] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000005
[  790.320550][T22152] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  790.320558][T22152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  790.320566][T22152] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  790.320584][T22152]  </TASK>
[  790.585850][    C1] vkms_vblank_simulate: vblank timer overrun
[  790.907061][T22153] Process accounting resumed
[  791.344853][T22170] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6360'.
[  791.390189][T22170] IPv6: NLM_F_CREATE should be specified when creating new route
[  791.439374][T22170] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  791.446753][T22170] IPv6: NLM_F_CREATE should be set when creating new route
[  791.453983][T22170] IPv6: NLM_F_CREATE should be set when creating new route
[  791.495508][T22171] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6360'.
[  791.567344][T22173] FAULT_INJECTION: forcing a failure.
[  791.567344][T22173] name failslab, interval 1, probability 0, space 0, times 0
[  791.613252][T22173] CPU: 1 UID: 0 PID: 22173 Comm: syz.6.6361 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  791.613282][T22173] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  791.613288][T22173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  791.613297][T22173] Call Trace:
[  791.613302][T22173]  <TASK>
[  791.613308][T22173]  dump_stack_lvl+0x16c/0x1f0
[  791.613332][T22173]  should_fail_ex+0x512/0x640
[  791.613353][T22173]  ? fs_reclaim_acquire+0xae/0x150
[  791.613376][T22173]  ? tomoyo_init_log+0x1385/0x2140
[  791.613393][T22173]  should_failslab+0xc2/0x120
[  791.613410][T22173]  __kmalloc_noprof+0xd2/0x510
[  791.613429][T22173]  tomoyo_init_log+0x1385/0x2140
[  791.613456][T22173]  ? __pfx_tomoyo_init_log+0x10/0x10
[  791.613479][T22173]  tomoyo_write_log2+0x2f7/0xc10
[  791.613499][T22173]  tomoyo_supervisor+0x15e/0x13b0
[  791.613523][T22173]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  791.613550][T22173]  ? lockdep_hardirqs_on+0x7c/0x110
[  791.613570][T22173]  ? tomoyo_check_path_acl+0xad/0x210
[  791.613586][T22173]  ? tomoyo_check_acl+0x1f7/0x410
[  791.613602][T22173]  tomoyo_path_permission+0x270/0x3b0
[  791.613620][T22173]  tomoyo_check_open_permission+0x37b/0x3c0
[  791.613636][T22173]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  791.613670][T22173]  ? do_raw_spin_lock+0x12c/0x2b0
[  791.613694][T22173]  tomoyo_file_open+0x6b/0x90
[  791.613714][T22173]  security_file_open+0x84/0x1e0
[  791.613732][T22173]  do_dentry_open+0x596/0x1c10
[  791.613751][T22173]  vfs_open+0x82/0x3f0
[  791.613771][T22173]  path_openat+0x1e5e/0x2d40
[  791.613791][T22173]  ? __pfx_path_openat+0x10/0x10
[  791.613809][T22173]  do_filp_open+0x20b/0x470
[  791.613822][T22173]  ? __pfx_do_filp_open+0x10/0x10
[  791.613848][T22173]  ? alloc_fd+0x471/0x7d0
[  791.613873][T22173]  do_sys_openat2+0x11b/0x1d0
[  791.613890][T22173]  ? __pfx_do_sys_openat2+0x10/0x10
[  791.613914][T22173]  __x64_sys_openat+0x174/0x210
[  791.613931][T22173]  ? __pfx___x64_sys_openat+0x10/0x10
[  791.613949][T22173]  ? rcu_is_watching+0x12/0xc0
[  791.613967][T22173]  do_syscall_64+0xcd/0x230
[  791.613986][T22173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  791.614001][T22173] RIP: 0033:0x7f0e1758e969
[  791.614013][T22173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  791.614026][T22173] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  791.614039][T22173] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  791.614048][T22173] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  791.614057][T22173] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  791.614065][T22173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  791.614074][T22173] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  791.614099][T22173]  </TASK>
[  791.900626][    C1] vkms_vblank_simulate: vblank timer overrun
[  792.749932][T22152] input: failed to attach handler evdev to device input11, error: -12
[  793.918370][T22206] netlink: 244 bytes leftover after parsing attributes in process `syz.7.6376'.
[  794.081266][T22204] netlink: 50 bytes leftover after parsing attributes in process `syz.3.6375'.
[  794.120018][T22211] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6377'.
[  794.308240][T22211] netlink: 274 bytes leftover after parsing attributes in process `syz.6.6377'.
[  794.391438][T22219] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  795.001094][T22230] FAULT_INJECTION: forcing a failure.
[  795.001094][T22230] name failslab, interval 1, probability 0, space 0, times 0
[  795.107924][T22230] CPU: 1 UID: 0 PID: 22230 Comm: syz.6.6381 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  795.107953][T22230] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  795.107959][T22230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  795.107968][T22230] Call Trace:
[  795.107974][T22230]  <TASK>
[  795.107980][T22230]  dump_stack_lvl+0x16c/0x1f0
[  795.108005][T22230]  should_fail_ex+0x512/0x640
[  795.108024][T22230]  ? __kmalloc_noprof+0xbf/0x510
[  795.108041][T22230]  ? lsm_blob_alloc+0x68/0x90
[  795.108061][T22230]  should_failslab+0xc2/0x120
[  795.108078][T22230]  __kmalloc_noprof+0xd2/0x510
[  795.108097][T22230]  lsm_blob_alloc+0x68/0x90
[  795.108116][T22230]  security_sk_alloc+0x30/0x270
[  795.108131][T22230]  sk_prot_alloc+0xfb/0x2a0
[  795.108151][T22230]  sk_alloc+0x36/0xc20
[  795.108165][T22230]  inet6_create+0x381/0x1300
[  795.108182][T22230]  ? inet6_create+0x7f/0x1300
[  795.108197][T22230]  __sock_create+0x335/0x8d0
[  795.108219][T22230]  smc_create_clcsk+0x37/0xd0
[  795.108235][T22230]  ? __pfx_smc_inet_init_sock+0x10/0x10
[  795.108254][T22230]  inet6_create+0xb2d/0x1300
[  795.108269][T22230]  ? inet6_create+0x7f/0x1300
[  795.108283][T22230]  __sock_create+0x335/0x8d0
[  795.108305][T22230]  __sys_socket+0x14d/0x260
[  795.108323][T22230]  ? __pfx___sys_socket+0x10/0x10
[  795.108342][T22230]  ? rcu_is_watching+0x12/0xc0
[  795.108359][T22230]  __x64_sys_socket+0x72/0xb0
[  795.108376][T22230]  ? lockdep_hardirqs_on+0x7c/0x110
[  795.108393][T22230]  do_syscall_64+0xcd/0x230
[  795.108412][T22230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.108426][T22230] RIP: 0033:0x7f0e1758e969
[  795.108438][T22230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.108451][T22230] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  795.108464][T22230] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  795.108473][T22230] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[  795.108481][T22230] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  795.108489][T22230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  795.108497][T22230] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  795.108514][T22230]  </TASK>
[  796.145003][T22243] FAULT_INJECTION: forcing a failure.
[  796.145003][T22243] name failslab, interval 1, probability 0, space 0, times 0
[  796.268967][T22243] CPU: 1 UID: 0 PID: 22243 Comm: syz.6.6395 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  796.268997][T22243] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  796.269004][T22243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  796.269013][T22243] Call Trace:
[  796.269019][T22243]  <TASK>
[  796.269025][T22243]  dump_stack_lvl+0x16c/0x1f0
[  796.269049][T22243]  should_fail_ex+0x512/0x640
[  796.269071][T22243]  ? fs_reclaim_acquire+0xae/0x150
[  796.269093][T22243]  ? tomoyo_init_log+0x1385/0x2140
[  796.269110][T22243]  should_failslab+0xc2/0x120
[  796.269128][T22243]  __kmalloc_noprof+0xd2/0x510
[  796.269146][T22243]  tomoyo_init_log+0x1385/0x2140
[  796.269173][T22243]  ? __pfx_tomoyo_init_log+0x10/0x10
[  796.269195][T22243]  tomoyo_write_log2+0x2f7/0xc10
[  796.269215][T22243]  tomoyo_supervisor+0x15e/0x13b0
[  796.269239][T22243]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  796.269266][T22243]  ? lockdep_hardirqs_on+0x7c/0x110
[  796.269286][T22243]  ? tomoyo_check_path_acl+0xad/0x210
[  796.269302][T22243]  ? tomoyo_check_acl+0x1f7/0x410
[  796.269318][T22243]  tomoyo_path_permission+0x270/0x3b0
[  796.269335][T22243]  tomoyo_check_open_permission+0x37b/0x3c0
[  796.269351][T22243]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  796.269385][T22243]  ? do_raw_spin_lock+0x12c/0x2b0
[  796.269410][T22243]  tomoyo_file_open+0x6b/0x90
[  796.269430][T22243]  security_file_open+0x84/0x1e0
[  796.269448][T22243]  do_dentry_open+0x596/0x1c10
[  796.269468][T22243]  vfs_open+0x82/0x3f0
[  796.269487][T22243]  path_openat+0x1e5e/0x2d40
[  796.269506][T22243]  ? __pfx_path_openat+0x10/0x10
[  796.269525][T22243]  do_filp_open+0x20b/0x470
[  796.269538][T22243]  ? __pfx_do_filp_open+0x10/0x10
[  796.269563][T22243]  ? alloc_fd+0x471/0x7d0
[  796.269588][T22243]  do_sys_openat2+0x11b/0x1d0
[  796.269605][T22243]  ? __pfx_do_sys_openat2+0x10/0x10
[  796.269623][T22243]  ? do_fcntl+0x1eb/0x1590
[  796.269642][T22243]  __x64_sys_openat+0x174/0x210
[  796.269660][T22243]  ? __pfx___x64_sys_openat+0x10/0x10
[  796.269678][T22243]  ? rcu_is_watching+0x12/0xc0
[  796.269703][T22243]  do_syscall_64+0xcd/0x230
[  796.269724][T22243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.269740][T22243] RIP: 0033:0x7f0e1758e969
[  796.269752][T22243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  796.269765][T22243] RSP: 002b:00007f0e183c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  796.269779][T22243] RAX: ffffffffffffffda RBX: 00007f0e177b6080 RCX: 00007f0e1758e969
[  796.269788][T22243] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  796.269797][T22243] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  796.269806][T22243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  796.269814][T22243] R13: 0000000000000000 R14: 00007f0e177b6080 R15: 00007ffe0b200938
[  796.269832][T22243]  </TASK>
[  797.429112][T22251] netlink: 342 bytes leftover after parsing attributes in process `syz.7.6390'.
[  797.507637][T22250] FAULT_INJECTION: forcing a failure.
[  797.507637][T22250] name failslab, interval 1, probability 0, space 0, times 0
[  797.567857][T22250] CPU: 1 UID: 0 PID: 22250 Comm: syz.6.6399 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  797.567884][T22250] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  797.567890][T22250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  797.567900][T22250] Call Trace:
[  797.567905][T22250]  <TASK>
[  797.567911][T22250]  dump_stack_lvl+0x16c/0x1f0
[  797.567937][T22250]  should_fail_ex+0x512/0x640
[  797.567957][T22250]  ? fs_reclaim_acquire+0xae/0x150
[  797.567979][T22250]  ? tomoyo_init_log+0x1385/0x2140
[  797.567996][T22250]  should_failslab+0xc2/0x120
[  797.568014][T22250]  __kmalloc_noprof+0xd2/0x510
[  797.568032][T22250]  tomoyo_init_log+0x1385/0x2140
[  797.568059][T22250]  ? __pfx_tomoyo_init_log+0x10/0x10
[  797.568081][T22250]  tomoyo_write_log2+0x2f7/0xc10
[  797.568098][T22250]  ? tomoyo_domain_quota_is_ok+0x280/0x5a0
[  797.568116][T22250]  tomoyo_supervisor+0x15e/0x13b0
[  797.568139][T22250]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  797.568166][T22250]  ? lockdep_hardirqs_on+0x7c/0x110
[  797.568186][T22250]  ? tomoyo_check_path_acl+0xad/0x210
[  797.568202][T22250]  ? tomoyo_check_acl+0x1f7/0x410
[  797.568218][T22250]  tomoyo_path_permission+0x270/0x3b0
[  797.568235][T22250]  tomoyo_check_open_permission+0x349/0x3c0
[  797.568252][T22250]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  797.568285][T22250]  ? do_raw_spin_lock+0x12c/0x2b0
[  797.568310][T22250]  tomoyo_file_open+0x6b/0x90
[  797.568331][T22250]  security_file_open+0x84/0x1e0
[  797.568348][T22250]  do_dentry_open+0x596/0x1c10
[  797.568368][T22250]  vfs_open+0x82/0x3f0
[  797.568387][T22250]  path_openat+0x1e5e/0x2d40
[  797.568408][T22250]  ? __pfx_path_openat+0x10/0x10
[  797.568425][T22250]  do_filp_open+0x20b/0x470
[  797.568438][T22250]  ? __pfx_do_filp_open+0x10/0x10
[  797.568464][T22250]  ? alloc_fd+0x471/0x7d0
[  797.568489][T22250]  do_sys_openat2+0x11b/0x1d0
[  797.568515][T22250]  ? __pfx_do_sys_openat2+0x10/0x10
[  797.568535][T22250]  ? ksys_semctl.constprop.0+0x152/0x2f0
[  797.568557][T22250]  __x64_sys_openat+0x174/0x210
[  797.568575][T22250]  ? __pfx___x64_sys_openat+0x10/0x10
[  797.568595][T22250]  ? rcu_is_watching+0x12/0xc0
[  797.568614][T22250]  do_syscall_64+0xcd/0x230
[  797.568633][T22250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.568647][T22250] RIP: 0033:0x7f0e1758e969
[  797.568659][T22250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.568673][T22250] RSP: 002b:00007f0e183e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  797.568686][T22250] RAX: ffffffffffffffda RBX: 00007f0e177b5fa0 RCX: 00007f0e1758e969
[  797.568695][T22250] RDX: 0000000000080382 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  797.568703][T22250] RBP: 00007f0e17610ab1 R08: 0000000000000000 R09: 0000000000000000
[  797.568711][T22250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  797.568720][T22250] R13: 0000000000000000 R14: 00007f0e177b5fa0 R15: 00007ffe0b200938
[  797.568738][T22250]  </TASK>
[  798.642635][T22251] netlink: 274 bytes leftover after parsing attributes in process `syz.7.6390'.
[  798.771307][T22255] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6387'.
[  798.794062][T22255] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  798.801396][T22255] IPv6: NLM_F_CREATE should be set when creating new route
[  798.808618][T22255] IPv6: NLM_F_CREATE should be set when creating new route
[  798.952633][T22246] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6387'.
[  799.365607][T22279] FAULT_INJECTION: forcing a failure.
[  799.365607][T22279] name failslab, interval 1, probability 0, space 0, times 0
[  799.441142][T22279] CPU: 1 UID: 0 PID: 22279 Comm: syz.3.6396 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  799.441171][T22279] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  799.441177][T22279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  799.441186][T22279] Call Trace:
[  799.441192][T22279]  <TASK>
[  799.441198][T22279]  dump_stack_lvl+0x16c/0x1f0
[  799.441222][T22279]  should_fail_ex+0x512/0x640
[  799.441241][T22279]  ? __kmalloc_noprof+0xbf/0x510
[  799.441262][T22279]  ? lsm_blob_alloc+0x68/0x90
[  799.441283][T22279]  should_failslab+0xc2/0x120
[  799.441300][T22279]  __kmalloc_noprof+0xd2/0x510
[  799.441319][T22279]  lsm_blob_alloc+0x68/0x90
[  799.441340][T22279]  security_sk_alloc+0x30/0x270
[  799.441364][T22279]  sk_prot_alloc+0xfb/0x2a0
[  799.441385][T22279]  sk_alloc+0x36/0xc20
[  799.441401][T22279]  inet6_create+0x381/0x1300
[  799.441417][T22279]  ? inet6_create+0x7f/0x1300
[  799.441432][T22279]  __sock_create+0x335/0x8d0
[  799.441453][T22279]  smc_create_clcsk+0x37/0xd0
[  799.441471][T22279]  ? __pfx_smc_inet_init_sock+0x10/0x10
[  799.441489][T22279]  inet6_create+0xb2d/0x1300
[  799.441504][T22279]  ? inet6_create+0x7f/0x1300
[  799.441519][T22279]  __sock_create+0x335/0x8d0
[  799.441539][T22279]  __sys_socket+0x14d/0x260
[  799.441558][T22279]  ? __pfx___sys_socket+0x10/0x10
[  799.441577][T22279]  ? rcu_is_watching+0x12/0xc0
[  799.441593][T22279]  __x64_sys_socket+0x72/0xb0
[  799.441610][T22279]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.441628][T22279]  do_syscall_64+0xcd/0x230
[  799.441647][T22279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.441661][T22279] RIP: 0033:0x7f91f978e969
[  799.441673][T22279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.441686][T22279] RSP: 002b:00007f91fa5a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  799.441699][T22279] RAX: ffffffffffffffda RBX: 00007f91f99b5fa0 RCX: 00007f91f978e969
[  799.441708][T22279] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 000000000000000a
[  799.441716][T22279] RBP: 00007f91f9810ab1 R08: 0000000000000000 R09: 0000000000000000
[  799.441724][T22279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  799.441731][T22279] R13: 0000000000000000 R14: 00007f91f99b5fa0 R15: 00007ffd4260f3d8
[  799.441749][T22279]  </TASK>
[  800.610057][T22291] smc: net device syz_tun applied user defined pnetid ETHTOOL
[  801.734520][T22312] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6400'.
[  801.805749][T22312] netlink: 338 bytes leftover after parsing attributes in process `syz.3.6400'.
[  802.127778][T22316] netlink: 210 bytes leftover after parsing attributes in process `syz.3.6400'.
[  802.536707][T22324] bridge0: port 3(team0) entered blocking state
[  802.568326][T22324] bridge0: port 3(team0) entered disabled state
[  802.605589][T22324] team0: entered allmulticast mode
[  802.654835][T22324] team_slave_0: entered allmulticast mode
[  802.707696][T22324] team_slave_1: entered allmulticast mode
[  802.729072][T22324] team0: entered promiscuous mode
[  802.789649][T22324] team_slave_0: entered promiscuous mode
[  802.839666][T22324] team_slave_1: entered promiscuous mode
[  802.870483][T22324] bridge0: port 3(team0) entered blocking state
[  802.876875][T22324] bridge0: port 3(team0) entered listening state
[  803.748496][T22348] netlink: 'syz.3.6415': attribute type 64 has an invalid length.
[  803.795937][T22348] netlink: 74 bytes leftover after parsing attributes in process `syz.3.6415'.
[  804.396828][T22357] netlink: 'syz.6.6416': attribute type 32 has an invalid length.
[  806.129140][T22378] size and base must be multiples of 4 kiB
[  806.168951][T22378] CPU: 1 UID: 0 PID: 22378 Comm: syz.5.6422 Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  806.168980][T22378] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  806.168986][T22378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  806.168996][T22378] Call Trace:
[  806.169001][T22378]  <TASK>
[  806.169008][T22378]  dump_stack_lvl+0x16c/0x1f0
[  806.169033][T22378]  mtrr_del+0xd1/0x110
[  806.169053][T22378]  mtrr_ioctl+0x922/0xcf0
[  806.169072][T22378]  ? __pfx_mtrr_ioctl+0x10/0x10
[  806.169094][T22378]  ? find_held_lock+0x2b/0x80
[  806.169113][T22378]  ? __fget_files+0x20e/0x3c0
[  806.169135][T22378]  ? __pfx_mtrr_ioctl+0x10/0x10
[  806.169154][T22378]  proc_reg_unlocked_ioctl+0x226/0x320
[  806.169167][T22378]  ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10
[  806.169183][T22378]  __x64_sys_ioctl+0x190/0x200
[  806.169202][T22378]  do_syscall_64+0xcd/0x230
[  806.169221][T22378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.169235][T22378] RIP: 0033:0x7fc62298e969
[  806.169247][T22378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.169260][T22378] RSP: 002b:00007fc6207f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  806.169273][T22378] RAX: ffffffffffffffda RBX: 00007fc622bb5fa0 RCX: 00007fc62298e969
[  806.169282][T22378] RDX: 0000000000000009 RSI: 00000000400c4d04 RDI: 0000000000000009
[  806.169290][T22378] RBP: 00007fc622a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  806.169298][T22378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  806.169305][T22378] R13: 0000000000000000 R14: 00007fc622bb5fa0 R15: 00007ffcb6daa2c8
[  806.169322][T22378]  </TASK>
[  807.875476][T22395] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  808.916792][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  808.923538][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  810.729195][T22438] netlink: 282 bytes leftover after parsing attributes in process `syz.3.6440'.
[  810.794830][T22438] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  811.597818][T22459] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22
[  812.598865][T22476] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078c01c00 pfn:0x78c00
[  812.672222][T22476] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  812.680791][T22476] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  812.825736][T22476] page_type: f5(slab)
[  812.890264][T22476] raw: 00fff00000000240 ffff88801b441c80 ffffea00021bad10 ffffea0001929f10
[  812.966596][T22476] raw: ffff888078c01c00 0000000000100001 00000000f5000000 0000000000000000
[  813.016448][T22481] could not allocate digest TFM handle 
[  813.092294][T22476] head: 00fff00000000240 ffff88801b441c80 ffffea00021bad10 ffffea0001929f10
[  813.164544][T22476] head: ffff888078c01c00 0000000000100001 00000000f5000000 0000000000000000
[  813.235239][T22476] head: 00fff00000000002 ffffea0001e30001 00000000ffffffff 00000000ffffffff
[  813.310921][T22476] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  813.427059][T22476] page dumped because: unmovable page
[  813.508454][T22476] page_owner tracks the page as allocated
[  813.596393][T22476] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 779589307573, free_ts 779583633619
[  813.816428][T22476]  post_alloc_hook+0x181/0x1b0
[  813.821220][T22476]  get_page_from_freelist+0x135c/0x3920
[  813.869008][T22476]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  813.910092][T22476]  alloc_pages_mpol+0x1fb/0x550
[  813.950179][T22476]  new_slab+0x244/0x340
[  813.970440][T22476]  ___slab_alloc+0xd9c/0x1940
[  814.003590][T22476]  __slab_alloc.constprop.0+0x56/0xb0
[  814.009016][T22476]  __kmalloc_noprof+0x2f2/0x510
[  814.062317][T22476]  tomoyo_init_log+0x1385/0x2140
[  814.092541][T22476]  tomoyo_write_log2+0x2f7/0xc10
[  814.097528][T22476]  tomoyo_supervisor+0x15e/0x13b0
[  814.135171][T22476]  tomoyo_path_permission+0x270/0x3b0
[  814.161766][T22476]  tomoyo_check_open_permission+0x37b/0x3c0
[  814.178158][T22476]  tomoyo_file_open+0x6b/0x90
[  814.198389][T22476]  security_file_open+0x84/0x1e0
[  814.221119][T22476]  do_dentry_open+0x596/0x1c10
[  814.240635][T22476] page last free pid 20363 tgid 20363 stack trace:
[  814.271624][T22476]  __free_frozen_pages+0x69d/0xff0
[  814.291441][T22476]  qlist_free_all+0x4e/0x120
[  814.308075][T22476]  kasan_quarantine_reduce+0x195/0x1e0
[  814.328457][T22476]  __kasan_slab_alloc+0x69/0x90
[  814.348714][T22476]  __kmalloc_cache_noprof+0x1f1/0x3e0
[  814.370805][T22476]  tomoyo_init_log+0x197/0x2140
[  814.395290][T22476]  tomoyo_write_log2+0x2f7/0xc10
[  814.414858][T22476]  tomoyo_supervisor+0x15e/0x13b0
[  814.419930][T22476]  tomoyo_path_permission+0x270/0x3b0
[  814.459702][T22476]  tomoyo_path_perm+0x362/0x460
[  814.477993][T22476]  security_inode_getattr+0x116/0x290
[  814.505324][T22476]  vfs_fstat+0x4b/0xd0
[  814.514540][T22476]  vfs_fstatat+0xbc/0xf0
[  814.532739][T22476]  __do_sys_newfstatat+0xa1/0x130
[  814.537803][T22476]  do_syscall_64+0xcd/0x230
[  814.571498][T22476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.313048][   T31] INFO: task syz.2.5739:20344 blocked for more than 143 seconds.
[  815.337286][   T31]       Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  815.382727][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  815.448996][   T31] task:syz.2.5739      state:D stack:27144 pid:20344 tgid:20342 ppid:5828   task_flags:0x400140 flags:0x00000004
[  815.526623][   T31] Call Trace:
[  815.529940][   T31]  <TASK>
[  815.566196][   T31]  __schedule+0x116f/0x5de0
[  815.593027][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  815.628302][   T31]  ? __pfx___schedule+0x10/0x10
[  815.666343][   T31]  ? find_held_lock+0x2b/0x80
[  815.704891][   T31]  ? schedule+0x2d7/0x3a0
[  815.747639][   T31]  schedule+0xe7/0x3a0
[  815.751758][   T31]  schedule_preempt_disabled+0x13/0x30
[  815.811744][   T31]  __mutex_lock+0x6c7/0xb90
[  815.862703][   T31]  ? nfsd_nl_rpc_status_get_dumpit+0xb0/0x11a0
[  815.897900][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  815.932754][   T31]  ? kasan_save_stack+0x42/0x60
[  816.023132][   T31]  ? kasan_save_stack+0x33/0x60
[  816.073187][   T31]  ? __kmalloc_node_track_caller_noprof+0x221/0x510
[  816.079818][   T31]  ? kmalloc_reserve+0xef/0x2c0
[  816.154804][   T31]  ? netlink_rcv_skb+0x16a/0x440
[  816.159789][   T31]  ? genl_rcv+0x28/0x40
[  816.203193][   T31]  ? netlink_unicast+0x53a/0x7f0
[  816.208178][   T31]  ? netlink_sendmsg+0x8d1/0xdd0
[  816.261041][   T31]  ? ____sys_sendmsg+0xa95/0xc70
[  816.303349][   T31]  ? ___sys_sendmsg+0x134/0x1d0
[  816.308241][   T31]  ? __sys_sendmsg+0x16d/0x220
[  816.344333][   T31]  ? do_syscall_64+0xcd/0x230
[  816.358934][   T31]  ? nfsd_nl_rpc_status_get_dumpit+0xb0/0x11a0
[  816.393515][   T31]  nfsd_nl_rpc_status_get_dumpit+0xb0/0x11a0
[  816.400204][   T31]  ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10
[  816.431016][   T31]  ? rcu_is_watching+0x12/0xc0
[  816.447752][   T31]  ? trace_kmalloc+0x2b/0xd0
[  816.466297][   T31]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  816.472930][   T31]  ? __alloc_skb+0x166/0x380
[  816.487218][   T31]  ? __asan_memset+0x23/0x50
[  816.491858][   T31]  ? __build_skb_around+0x278/0x3b0
[  816.502542][   T31]  ? __alloc_skb+0x200/0x380
[  816.510345][   T31]  ? __pfx___alloc_skb+0x10/0x10
[  816.516979][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.527575][   T31]  genl_dumpit+0x122/0x230
[  816.532066][   T31]  netlink_dump+0x53b/0xd00
[  816.537191][   T31]  ? __pfx_netlink_dump+0x10/0x10
[  816.542233][   T31]  ? __asan_memset+0x23/0x50
[  816.550217][   T31]  ? genl_start+0x67f/0x980
[  816.556626][   T31]  __netlink_dump_start+0x6d6/0x990
[  816.561851][   T31]  genl_family_rcv_msg_dumpit+0x1e2/0x2e0
[  816.571839][   T31]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  816.578380][   T31]  ? kfree_skbmem+0x1a4/0x1f0
[  816.583070][   T31]  ? __pfx_genl_get_cmd+0x10/0x10
[  816.591315][   T31]  ? __pfx_genl_start+0x10/0x10
[  816.598307][   T31]  ? __pfx_genl_dumpit+0x10/0x10
[  816.607529][   T31]  ? __pfx_genl_done+0x10/0x10
[  816.612326][   T31]  ? __local_bh_enable_ip+0xa4/0x120
[  816.618090][   T31]  ? __dev_queue_xmit+0x896/0x43e0
[  816.629544][   T31]  ? __radix_tree_lookup+0x21f/0x2c0
[  816.636106][   T31]  genl_rcv_msg+0x46e/0x800
[  816.640635][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  816.649249][   T31]  ? __pfx___dev_queue_xmit+0x10/0x10
[  816.655454][   T31]  ? __pfx_nfsd_nl_rpc_status_get_dumpit+0x10/0x10
[  816.661974][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  816.671156][   T31]  netlink_rcv_skb+0x16a/0x440
[  816.678029][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  816.683073][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  816.691626][   T31]  ? __pfx_down_read+0x10/0x10
[  816.696679][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[  816.702602][   T31]  genl_rcv+0x28/0x40
[  816.712076][   T31]  netlink_unicast+0x53a/0x7f0
[  816.717188][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  816.723210][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[  816.732231][   T31]  netlink_sendmsg+0x8d1/0xdd0
[  816.738763][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  816.747338][   T31]  ____sys_sendmsg+0xa95/0xc70
[  816.752126][   T31]  ? copy_msghdr_from_user+0x10a/0x160
[  816.758971][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  816.767532][   T31]  ? try_to_wake_up+0xa2f/0x1680
[  816.772544][   T31]  ___sys_sendmsg+0x134/0x1d0
[  816.778790][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  816.788316][   T31]  __sys_sendmsg+0x16d/0x220
[  816.792941][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  816.798432][   T31]  ? __x64_sys_futex+0x1e0/0x4c0
[  816.807717][   T31]  ? rcu_is_watching+0x12/0xc0
[  816.813111][   T31]  do_syscall_64+0xcd/0x230
[  816.819081][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.828836][   T31] RIP: 0033:0x7f6f7898e969
[  816.833259][   T31] RSP: 002b:00007f6f79744038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  816.842823][   T31] RAX: ffffffffffffffda RBX: 00007f6f78bb5fa0 RCX: 00007f6f7898e969
[  816.855260][   T31] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  816.865648][   T31] RBP: 00007f6f78a10ab1 R08: 0000000000000000 R09: 0000000000000000
[  816.875789][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  816.886259][   T31] R13: 0000000000000000 R14: 00007f6f78bb5fa0 R15: 00007ffcaab195e8
[  816.897983][   T31]  </TASK>
[  816.967787][   T31] 
[  816.967787][   T31] Showing all locks held in the system:
[  817.027740][   T31] 1 lock held by khungtaskd/31:
[  817.066659][   T31]  #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  817.123708][   T31] 2 locks held by kworker/u9:0/55:
[  817.128866][   T31]  #0: ffff88802635d148 ((wq_completion)nbd3-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  817.196548][   T31]  #1: ffffc9000100fd18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  817.223658][   T31] 4 locks held by kworker/u8:4/80:
[  817.228809][   T31]  #0: ffff88801c2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  817.313900][   T31]  #1: ffffc900015afd18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  817.353771][   T31]  #2: ffffffff90110750 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[  817.363124][   T31]  #3: ffffffff901265e8 (rtnl_mutex){+.+.}-{4:4}, at: cleanup_net+0x50d/0xb30
[  817.423487][   T31] 2 locks held by kworker/u9:1/5140:
[  817.438420][   T31]  #0: ffff888026261948 ((wq_completion)nbd2-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  817.466515][   T31]  #1: ffffc9000ffbfd18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  817.480818][   T31] 2 locks held by kworker/u9:2/5823:
[  817.487346][   T31]  #0: ffff88802624b148 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  817.503154][   T31]  #1: ffffc90003fd7d18 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  817.517578][   T31] 3 locks held by kworker/1:3/5826:
[  817.523413][   T31]  #0: ffff88801b480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  817.537721][   T31]  #1: ffffc900041b7d18 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  817.551905][   T31]  #2: ffffffff8e3ca978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  817.565222][   T31] 2 locks held by getty/17989:
[  817.569995][   T31]  #0: ffff888035dba0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  817.582131][   T31]  #1: ffffc900048b32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  817.595727][   T31] 2 locks held by syz.0.5678/20179:
[  817.600930][   T31]  #0: ffffffff901c8690 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  817.613206][   T31]  #1: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[  817.627097][   T31] 3 locks held by syz.2.5739/20344:
[  817.632885][   T31]  #0: ffffffff901c8690 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  817.643122][   T31]  #1: ffff88807a4846d0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0x150/0x990
[  817.661344][   T31]  #2: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_rpc_status_get_dumpit+0xb0/0x11a0
[  817.672165][   T31] 1 lock held by syz-executor/20354:
[  817.681216][   T31]  #0: ffffffff901265e8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  817.690450][   T31] 3 locks held by syz.4.6158/21570:
[  817.698835][   T31]  #0: ffffffff901c8690 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  817.707500][   T31]  #1: ffff8880286326d0 (nlk_cb_mutex-GENERIC){+.+.}-{4:4}, at: __netlink_dump_start+0x150/0x990
[  817.724352][   T31]  #2: ffffffff8e7cc128 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_rpc_status_get_dumpit+0xb0/0x11a0
[  817.738992][   T31] 1 lock held by syz.6.6451/22495:
[  817.745118][   T31]  #0: ffffffff901265e8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  817.757845][   T31] 1 lock held by syz.7.6459/22511:
[  817.762972][   T31]  #0: ffffffff901265e8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  817.777601][   T31] 2 locks held by syz.3.6460/22515:
[  817.783484][   T31]  #0: ffffffff90110750 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0
[  817.793651][   T31]  #1: ffffffff901265e8 (rtnl_mutex){+.+.}-{4:4}, at: setup_net+0x3f9/0x850
[  817.858692][   T31] 
[  817.861056][   T31] =============================================
[  817.861056][   T31] 
[  817.900878][   T31] NMI backtrace for cpu 1
[  817.900897][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  817.900920][   T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  817.900925][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  817.900934][   T31] Call Trace:
[  817.900939][   T31]  <TASK>
[  817.900944][   T31]  dump_stack_lvl+0x116/0x1f0
[  817.900968][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  817.900982][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  817.901000][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  817.901021][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  817.901038][   T31]  watchdog+0xf70/0x12c0
[  817.901059][   T31]  ? __pfx_watchdog+0x10/0x10
[  817.901074][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  817.901093][   T31]  ? __kthread_parkme+0x19e/0x250
[  817.901110][   T31]  ? __pfx_watchdog+0x10/0x10
[  817.901127][   T31]  kthread+0x3c2/0x780
[  817.901145][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901162][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901179][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901196][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901213][   T31]  ? rcu_is_watching+0x12/0xc0
[  817.901226][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901244][   T31]  ret_from_fork+0x45/0x80
[  817.901263][   T31]  ? __pfx_kthread+0x10/0x10
[  817.901281][   T31]  ret_from_fork_asm+0x1a/0x30
[  817.901307][   T31]  </TASK>
[  817.901319][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  818.046988][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U    I         6.15.0-rc5-syzkaller-00022-g01f95500a162 #0 PREEMPT(full) 
[  818.060432][   T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND
[  818.066391][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[  818.076440][   T31] Call Trace:
[  818.079708][   T31]  <TASK>
[  818.082629][   T31]  dump_stack_lvl+0x3d/0x1f0
[  818.087216][   T31]  panic+0x71c/0x800
[  818.091106][   T31]  ? __pfx_panic+0x10/0x10
[  818.095524][   T31]  ? ret_from_fork_asm+0x1a/0x30
[  818.100466][   T31]  ? nmi_backtrace_stall_check+0x6e/0x540
[  818.106177][   T31]  ? irq_work_queue+0xce/0x100
[  818.110935][   T31]  ? watchdog+0xdda/0x12c0
[  818.115366][   T31]  ? watchdog+0xdcd/0x12c0
[  818.119776][   T31]  watchdog+0xdeb/0x12c0
[  818.124013][   T31]  ? __pfx_watchdog+0x10/0x10
[  818.128695][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  818.133887][   T31]  ? __kthread_parkme+0x19e/0x250
[  818.138905][   T31]  ? __pfx_watchdog+0x10/0x10
[  818.143572][   T31]  kthread+0x3c2/0x780
[  818.147636][   T31]  ? __pfx_kthread+0x10/0x10
[  818.152214][   T31]  ? __pfx_kthread+0x10/0x10
[  818.156795][   T31]  ? __pfx_kthread+0x10/0x10
[  818.161374][   T31]  ? __pfx_kthread+0x10/0x10
[  818.165952][   T31]  ? rcu_is_watching+0x12/0xc0
[  818.170699][   T31]  ? __pfx_kthread+0x10/0x10
[  818.175279][   T31]  ret_from_fork+0x45/0x80
[  818.179692][   T31]  ? __pfx_kthread+0x10/0x10
[  818.184273][   T31]  ret_from_fork_asm+0x1a/0x30
[  818.189038][   T31]  </TASK>
[  818.192107][   T31] Kernel Offset: disabled
[  818.196424][   T31] Rebooting in 86400 seconds..