last executing test programs:

8.486719316s ago: executing program 3 (id=276):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
userfaultfd$auto(0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x1, 0x1)
timerfd_create$auto(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x3a)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=r0, 0x4, @old_map_fd=r1}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7)

8.241699742s ago: executing program 3 (id=277):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'})
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r1 = socket(0x18, 0x5, 0x1)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x2, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video52\x00', 0x0, 0x0)
ioctl$auto(r2, 0x40085618, r2)

7.690128915s ago: executing program 0 (id=279):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
r1 = socket(0x2b, 0x1, 0x1)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r1, 0x0, 0x20000001)
mmap$auto(0x0, 0x400005, 0xe3, 0x9b72, r1, 0x7)
madvise$auto(0x0, 0xffffffffffff0004, 0x19)
kill$auto(0x0, 0x21)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
socket(0x15, 0x5, 0x0)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
sysfs$auto(0x2, 0x10000000000048, 0x0)

4.51031984s ago: executing program 0 (id=283):
r0 = socket(0x2, 0x80002, 0x73)
socket(0x1d, 0x3, 0x1)
socket(0xa, 0x5, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/v4l-subdev5\x00', 0x20281, 0x0)
socket(0x1d, 0x800, 0x84)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000)
setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90)
pwrite64$auto(r0, 0x0, 0x6, 0x100000003)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, r0, 0x1008000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4)

4.510086547s ago: executing program 2 (id=285):
r0 = socket(0xa, 0x1, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x2c, r2, 0x39, 0x70bd26, 0x25dfdbfc, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, '\x01\x00R\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x640, 0x0)
ioctl$auto_MON_IOCX_GET(r3, 0x40189206, 0x0)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5], 0x1ac}}, 0x40000)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0)
sendfile$auto(r6, r6, 0x0, 0x7fffe000)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff004}})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg1\x00'})
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
getsockopt$auto(r0, 0x84, 0x84, 0x0, &(0x7f0000000000)=0x9b)

4.509199069s ago: executing program 3 (id=291):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x848000000015, 0x805, 0x0)
timerfd_gettime$auto(0x4, 0x0)
io_uring_setup$auto(0x3ff, 0x0)
socket(0x2c, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
flock$auto(r0, 0x6)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
flock$auto(r1, 0x1)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), r3)
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x2000c080)
flock$auto(r2, 0x2)
close_range$auto(0x2, 0x8, 0x0)

4.112271165s ago: executing program 2 (id=286):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
connect$auto(0xffffffffffffffff, 0x0, 0x57)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5aa, &(0x7f0000000100)={0x0, 0x49}, 0x5, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100)
sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x40, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x40, 0x0)
unshare$auto(0x40000080)

3.963932362s ago: executing program 1 (id=287):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, 0x0, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000180)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x40, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x40, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
keyctl$auto(0x8, 0xfffffffffffffffd, 0xffffffffffffffff, 0x5092, 0x2)
unshare$auto(0x40000080)
swapon$auto(&(0x7f0000000040)='K\xe7', 0x8000004)

3.16886169s ago: executing program 3 (id=288):
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(0x3, 0x400, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9)
exit$auto(0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0x1e, 0x1, 0xf, 0x0)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20040014}, 0x2600c880)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000)

2.933870539s ago: executing program 0 (id=289):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000000180)={{0x86, 0xee00, 0xffffffffffffffff, 0x2, 0xc0, 0x1, 0x100}, &(0x7f0000000100)=0x2e, 0x0, 0x0, 0x800, 0x1, 0x5, 0x7, 0x0, 0xfff7, 0x100, @raw=0x5})
sysfs$auto(0x2, 0x10000000000048, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
write$auto(0x3, 0x0, 0x100082)
write$auto(0x3, 0x0, 0x100082)

2.889942075s ago: executing program 1 (id=290):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x5, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
userfaultfd$auto(0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7)

2.767053745s ago: executing program 0 (id=292):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
r2 = socket(0xa, 0x1, 0x0)
recvmmsg$auto(r2, &(0x7f0000000280)={{0x0, 0x1ff, &(0x7f0000000040)={0x0, 0xd}, 0x9, 0x0, 0x80000001, 0x2}, 0x1}, 0x80000000, 0x7956, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r3)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, r4, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20004041}, 0x4004040)
read$auto(r0, 0x0, 0x1)
openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0x40, 0x0)
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
swapon$auto(0x0, 0x5259)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
r5 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r5, 0x3, 0x20000023, 0x0, &(0x7f0000000100)=0x3b)

2.732478775s ago: executing program 1 (id=293):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x303080, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r0 = prctl$auto_PR_SET_SPECULATION_CTRL(0x35, 0xaaa2, 0xffffffffffffffff, 0x101, 0x5)
r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$auto(r1, 0x6f2d, r1)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x30, 0x0, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'macvlan1\x00'}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x7}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x2, 0x80002, 0x73)
madvise$auto(0x0, 0xffffffffffff0005, 0x66)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_SURVEY(r2, 0x0, 0x48004)
socket(0xa, 0x1, 0x84)
openat$auto_mon_fops_stat_usb_mon(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/16s\x00', 0x40000, 0x0)

2.705310924s ago: executing program 2 (id=294):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x4, 0xf8, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x31}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r0, 0x0, 0x80)
syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x48000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x24040000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
getpeername$auto(0x3, 0x0, 0x0)

2.45298959s ago: executing program 2 (id=295):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x800000f000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0)
r0 = pidfd_open$auto(0x1, 0x0)
waitid$auto_P_PID(0x1, r0, 0x0, 0x1, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f00000000c0)="36120a277763df30f8b8b75f48b78816d1179ecc19bb660c2e14a1eafe9eeac3fdd129daf42a160d647c7376e791061119608238a25a42d5e6d48c0cbe17200615c8641f53292dfb034df52fbac472d298c689bdc13a11feda")
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x6, 0x0)
epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd)
epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd)
epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000440)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x63, 0x80000001, 0x4, 0x6d3f, 0x10001, 0x2, 0xfffffffffffffffd]}, 0x0)

1.756966031s ago: executing program 1 (id=296):
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x2cbd5d)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1)
settimeofday$auto(&(0x7f0000000100)={0x401, 0x200}, &(0x7f0000000140)={0x6, 0xe9})
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs\x00', 0xa0582, 0x0)
write$auto(r0, 0x0, 0x2b6)
write$auto(r0, 0x0, 0x7f)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x1efa40, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x3b72, 0x0)
unshare$auto(0x40000080)
sysinfo$auto(0x0)
unshare$auto(0x1)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, 0x0, 0x6a)
openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1.756845478s ago: executing program 3 (id=297):
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008011}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x4, 0x8000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7ffff000)
ioctl$auto(r0, 0x89f0, 0x24)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

1.75618547s ago: executing program 0 (id=304):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clone$auto(0x20003b4b, 0x8000000000000000, 0x0, 0x0, 0x1b0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0xae841, 0x1fb)
socket(0x840000000002, 0x3, 0xff)
connect$auto(0x3, &(0x7f0000000000), 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x73)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
socket(0x28, 0x80000, 0x0)
write$auto(0x3, 0x0, 0x100082)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0)

1.493917511s ago: executing program 2 (id=298):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
epoll_create$auto(0x4)
mq_open$auto(&(0x7f0000000000)='/dev/sequencer2\x00', 0x5, 0x3, &(0x7f0000000040)={0xe7a2, 0x0, 0x1, 0xa})
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
connect$auto(0x3, 0x0, 0x54)
sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c)
sched_get_priority_min$auto(0x40)
openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)

1.249479207s ago: executing program 1 (id=299):
mmap$auto(0x2, 0x8, 0xe91, 0x800000019, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
mq_notify$auto(r0, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid})
mmap$auto(0x0, 0x2020009, 0x81, 0xeb1, r1, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/mtd-0/min_bytes\x00', 0xc0002, 0x0)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, 0x0, 0x80)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x2, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x3, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcb2, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x2]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)

756.193832ms ago: executing program 1 (id=300):
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/025/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x0, 0x3, 0x1, 0x10, 0x1, 0x4, &(0x7f00000001c0)})
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000001040)={0x80, 0x1, 0x7f, 0x1, 0x0, 0xfffffffc, 0x0})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0)

504.479707ms ago: executing program 2 (id=301):
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r0, 0x550c, 0x5f)
rt_sigaction$auto(0x7, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r1 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
ioperm$auto(0x4000000000080, 0xfffffffffffffffb, 0x5)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000)
connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xa00c0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4)
eventfd$auto(0x5d5d)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0)

80.133515ms ago: executing program 0 (id=302):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0xb8b42, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x2, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x440, 0x0)
mmap$auto(0x0, 0x4020009, 0x8, 0xeb0, 0x401, 0x9)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xfffffffffffffebc, 0x0, 0x1, 0x0, 0x0, 0x4048004}, 0x44040)
io_uring_setup$auto(0x6, 0x0)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, 0x0, 0x50000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mmap$auto(0x1, 0x400048, 0xdf, 0x1000009b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r0, 0x0, 0x39b8)

0s ago: executing program 3 (id=303):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000001900), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_GET_TXSC(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000001940)={0x14, r2, 0x186f202170196f7b, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000cc0), 0x60080, 0x0)
ioctl$auto_I2C_FUNCS(r3, 0x705, 0x0)
ioctl$auto(r0, 0x4b3a, 0x1)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd9/queue/scheduler\x00', 0x12aa02, 0x0)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyy7\x00', 0x2, 0x0)
ioctl$auto_TIOCSWINSZ(r5, 0x5414, &(0x7f00000000c0)="05")
r6 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000002f80)='/sys/kernel/debug/ieee80211/phy0/aql_enable\x00', 0x802, 0x0)
write$auto(r6, 0x0, 0x0)
ioctl$auto_VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000000)={0x7, r4})
r7 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/block/loop8/state\x00', 0x161100, 0x0)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
read$auto(r7, 0x0, 0x6)
sendfile$auto(r4, r4, 0x0, 0x7ff)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.75' (ED25519) to the list of known hosts.
[   69.904625][ T5826] cgroup: Unknown subsys name 'net'
[   70.058039][ T5826] cgroup: Unknown subsys name 'cpuset'
[   70.065995][ T5826] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   71.616863][ T5826] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   73.510046][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   73.524441][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   73.534413][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   73.542894][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   73.556226][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   73.579855][ T5149] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   73.589765][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   73.598666][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   73.625292][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   73.644772][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   73.652649][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   73.662466][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   73.670873][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   73.678777][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   73.687427][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   73.747078][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   73.755444][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   73.764792][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   73.774752][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   73.783034][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   73.860126][ T5835] chnl_net:caif_netlink_parms(): no params data found
[   73.967807][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.975965][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.983579][ T5835] bridge_slave_0: entered allmulticast mode
[   73.990796][ T5835] bridge_slave_0: entered promiscuous mode
[   74.026011][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.033352][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.041178][ T5835] bridge_slave_1: entered allmulticast mode
[   74.049342][ T5835] bridge_slave_1: entered promiscuous mode
[   74.077142][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.092120][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.119562][ T5841] chnl_net:caif_netlink_parms(): no params data found
[   74.149119][ T5835] team0: Port device team_slave_0 added
[   74.174884][ T5835] team0: Port device team_slave_1 added
[   74.225123][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.232149][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.260166][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.287348][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.294502][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.321596][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.335764][ T5839] chnl_net:caif_netlink_parms(): no params data found
[   74.380390][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.387749][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.395649][ T5841] bridge_slave_0: entered allmulticast mode
[   74.402299][ T5841] bridge_slave_0: entered promiscuous mode
[   74.420131][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.427437][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.435210][ T5841] bridge_slave_1: entered allmulticast mode
[   74.442446][ T5841] bridge_slave_1: entered promiscuous mode
[   74.472477][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   74.505529][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.517845][ T5835] hsr_slave_0: entered promiscuous mode
[   74.524071][ T5835] hsr_slave_1: entered promiscuous mode
[   74.551222][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.574659][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.581844][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.589403][ T5839] bridge_slave_0: entered allmulticast mode
[   74.596777][ T5839] bridge_slave_0: entered promiscuous mode
[   74.605537][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.612648][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.620656][ T5839] bridge_slave_1: entered allmulticast mode
[   74.627465][ T5839] bridge_slave_1: entered promiscuous mode
[   74.688130][ T5841] team0: Port device team_slave_0 added
[   74.696996][ T5841] team0: Port device team_slave_1 added
[   74.721878][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   74.752198][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.772021][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0
[   74.780695][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.807571][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   74.827378][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   74.835069][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.842286][ T5849] bridge_slave_0: entered allmulticast mode
[   74.849227][ T5849] bridge_slave_0: entered promiscuous mode
[   74.866736][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1
[   74.873810][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   74.900419][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.920989][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   74.928576][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.935943][ T5849] bridge_slave_1: entered allmulticast mode
[   74.942531][ T5849] bridge_slave_1: entered promiscuous mode
[   74.951558][ T5839] team0: Port device team_slave_0 added
[   74.979270][ T5839] team0: Port device team_slave_1 added
[   75.005766][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.025126][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.032215][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.058962][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.083024][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.113144][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.121180][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.148575][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.172923][ T5841] hsr_slave_0: entered promiscuous mode
[   75.179230][ T5841] hsr_slave_1: entered promiscuous mode
[   75.186561][ T5841] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.194495][ T5841] Cannot create hsr debugfs directory
[   75.210761][ T5849] team0: Port device team_slave_0 added
[   75.219952][ T5849] team0: Port device team_slave_1 added
[   75.259882][ T5839] hsr_slave_0: entered promiscuous mode
[   75.266447][ T5839] hsr_slave_1: entered promiscuous mode
[   75.272679][ T5839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.280750][ T5839] Cannot create hsr debugfs directory
[   75.316268][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   75.323361][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.349796][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   75.374100][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   75.381317][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   75.408032][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   75.499338][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   75.511480][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   75.526228][ T5849] hsr_slave_0: entered promiscuous mode
[   75.532416][ T5849] hsr_slave_1: entered promiscuous mode
[   75.539508][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   75.547406][ T5849] Cannot create hsr debugfs directory
[   75.562983][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   75.583379][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   75.624991][ T5842] Bluetooth: hci0: command tx timeout
[   75.704267][ T5842] Bluetooth: hci1: command tx timeout
[   75.733092][ T5839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   75.750216][ T5839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   75.768138][ T5839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   75.785097][ T5842] Bluetooth: hci2: command tx timeout
[   75.789190][ T5839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   75.836064][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   75.856604][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   75.875538][ T5842] Bluetooth: hci3: command tx timeout
[   75.876390][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   75.897807][ T5849] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   75.908215][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   75.922650][ T5849] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   75.932980][ T5849] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   75.951626][ T5849] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   76.039569][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.084074][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[   76.108982][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.116301][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.129999][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.155783][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.162902][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.214594][ T5839] 8021q: adding VLAN 0 to HW filter on device team0
[   76.231359][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.253284][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.260544][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.280776][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   76.296947][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   76.307015][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.314118][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.328295][ T3551] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.335533][ T3551] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.349292][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.356457][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.428163][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   76.467699][ T3551] bridge0: port 1(bridge_slave_0) entered blocking state
[   76.475001][ T3551] bridge0: port 1(bridge_slave_0) entered forwarding state
[   76.490687][ T3551] bridge0: port 2(bridge_slave_1) entered blocking state
[   76.498094][ T3551] bridge0: port 2(bridge_slave_1) entered forwarding state
[   76.583229][ T5849] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   76.595829][ T5849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   76.648874][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.703965][ T5835] veth0_vlan: entered promiscuous mode
[   76.742080][ T5835] veth1_vlan: entered promiscuous mode
[   76.806981][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0
[   76.823973][ T5835] veth0_macvtap: entered promiscuous mode
[   76.832922][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[   76.840506][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[   76.862199][ T5835] veth1_macvtap: entered promiscuous mode
[   76.891603][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.908815][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.929236][ T5835] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.939725][ T5835] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.949159][ T5835] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.958382][ T5835] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.025967][ T5839] veth0_vlan: entered promiscuous mode
[   77.053090][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.079557][ T5839] veth1_vlan: entered promiscuous mode
[   77.101360][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.109505][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   77.125821][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.156926][ T3551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.165561][ T3551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.180213][ T5839] veth0_macvtap: entered promiscuous mode
[   77.201883][ T5841] veth0_vlan: entered promiscuous mode
[   77.210917][ T5839] veth1_macvtap: entered promiscuous mode
[   77.246006][ T5841] veth1_vlan: entered promiscuous mode
[   77.281380][ T5849] veth0_vlan: entered promiscuous mode
[   77.302541][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   77.323483][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.335500][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.346880][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.373300][ T5839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.386343][ T5839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.398223][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.409049][ T5841] veth0_macvtap: entered promiscuous mode
[   77.418661][ T5849] veth1_vlan: entered promiscuous mode
[   77.441355][ T5839] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.469618][ T5839] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.481081][ T5839] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.493666][ T5839] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.496341][ T5896] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'.
[   77.508826][ T5841] veth1_macvtap: entered promiscuous mode
[   77.560009][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.572410][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.582793][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.594069][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.605968][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.650929][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.666798][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.679849][ T5841] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.692075][ T5841] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.703348][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.711627][ T5842] Bluetooth: hci0: command tx timeout
[   77.713029][ T5849] veth0_macvtap: entered promiscuous mode
[   77.731838][ T5849] veth1_macvtap: entered promiscuous mode
[   77.757448][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.767298][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.776755][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.786211][ T5842] Bluetooth: hci1: command tx timeout
[   77.791818][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.811151][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.821406][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.839812][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.850733][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.862785][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.874265][ T5842] Bluetooth: hci2: command tx timeout
[   77.874333][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.889943][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.921076][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.932728][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.944399][ T5842] Bluetooth: hci3: command tx timeout
[   77.972228][ T5902] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.990640][ T1901] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.991708][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.999732][ T1901] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.023396][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.039964][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.061683][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.071655][ T5849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   78.082543][ T5849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   78.097598][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   78.147896][ T5849] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   78.159769][ T5849] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   78.185111][ T5849] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   78.193908][ T5849] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   78.366334][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.381292][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.483882][ T1084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.506274][ T1084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.532976][ T3551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.549523][ T3551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.579950][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.592317][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.644943][ T5913] FAULT_INJECTION: forcing a failure.
[   78.644943][ T5913] name failslab, interval 1, probability 0, space 0, times 1
[   78.725919][ T5913] CPU: 0 UID: 0 PID: 5913 Comm: syz.1.7 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   78.725959][ T5913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   78.725974][ T5913] Call Trace:
[   78.725982][ T5913]  <TASK>
[   78.725993][ T5913]  dump_stack_lvl+0x16c/0x1f0
[   78.726035][ T5913]  should_fail_ex+0x512/0x640
[   78.726068][ T5913]  ? __kmalloc_cache_noprof+0x57/0x3e0
[   78.726104][ T5913]  should_failslab+0xc2/0x120
[   78.726147][ T5913]  __kmalloc_cache_noprof+0x6a/0x3e0
[   78.726182][ T5913]  ? io_uring_setup+0x24f/0x2080
[   78.726219][ T5913]  io_uring_setup+0x24f/0x2080
[   78.726254][ T5913]  ? __pfx_io_uring_setup+0x10/0x10
[   78.726286][ T5913]  ? do_futex+0x122/0x350
[   78.726315][ T5913]  ? __pfx_do_futex+0x10/0x10
[   78.726343][ T5913]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   78.726387][ T5913]  ? rcu_is_watching+0x12/0xc0
[   78.726417][ T5913]  __x64_sys_io_uring_setup+0xc2/0x170
[   78.726451][ T5913]  do_syscall_64+0xcd/0x260
[   78.726478][ T5913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.726502][ T5913] RIP: 0033:0x7fec8058d169
[   78.726524][ T5913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.726548][ T5913] RSP: 002b:00007fec81466038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[   78.726573][ T5913] RAX: ffffffffffffffda RBX: 00007fec807a6240 RCX: 00007fec8058d169
[   78.726590][ T5913] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[   78.726604][ T5913] RBP: 00007fec8060e2a0 R08: 0000000000000000 R09: 0000000000000000
[   78.726620][ T5913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   78.726634][ T5913] R13: 0000000000000000 R14: 00007fec807a6240 R15: 00007ffd79039218
[   78.726662][ T5913]  </TASK>
[   79.784721][ T5842] Bluetooth: hci0: command tx timeout
[   79.864511][ T5842] Bluetooth: hci1: command tx timeout
[   79.944651][ T5842] Bluetooth: hci2: command tx timeout
[   80.024736][ T5842] Bluetooth: hci3: command tx timeout
[   80.580232][ T5930] process 'syz.3.10' launched './file0' with NULL argv: empty string added
[   81.866989][ T5842] Bluetooth: hci0: command tx timeout
[   81.929846][ T5957] Zero length message leads to an empty skb
[   81.945235][ T5842] Bluetooth: hci1: command tx timeout
[   82.033251][ T5842] Bluetooth: hci2: command tx timeout
[   82.064442][ T5968] mmap: syz.2.18 (5968) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   82.095616][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   82.105486][ T5842] Bluetooth: hci3: command tx timeout
[   82.185009][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   82.193337][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   82.276305][ T5968] syz.2.18 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   83.046535][ T5948] kexec: Could not allocate control_code_buffer
[   83.945105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   84.136951][ T5990] netlink: 50 bytes leftover after parsing attributes in process `syz.3.24'.
[   84.945890][ T6009] capability: warning: `syz.0.25' uses 32-bit capabilities (legacy support in use)
[   85.008925][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   85.484442][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.505701][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.514584][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   87.903357][ T6049] netlink: 28 bytes leftover after parsing attributes in process `syz.3.38'.
[   88.048904][ T6049] team0: Port device team_slave_1 removed
[   89.498304][ T6067] FAULT_INJECTION: forcing a failure.
[   89.498304][ T6067] name failslab, interval 1, probability 0, space 0, times 0
[   89.577091][ T6067] CPU: 0 UID: 0 PID: 6067 Comm: syz.0.44 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   89.577142][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   89.577158][ T6067] Call Trace:
[   89.577167][ T6067]  <TASK>
[   89.577178][ T6067]  dump_stack_lvl+0x16c/0x1f0
[   89.577211][ T6067]  should_fail_ex+0x512/0x640
[   89.577246][ T6067]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[   89.577294][ T6067]  should_failslab+0xc2/0x120
[   89.577338][ T6067]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[   89.577381][ T6067]  ? kfree+0x252/0x4d0
[   89.577413][ T6067]  ? snd_pcm_hw_rule_add+0x414/0x5a0
[   89.577459][ T6067]  krealloc_noprof+0x157/0x380
[   89.577499][ T6067]  ? krealloc_noprof+0x1b1/0x380
[   89.577541][ T6067]  snd_pcm_hw_rule_add+0x414/0x5a0
[   89.577582][ T6067]  ? __pfx_snd_pcm_hw_rule_muldivk+0x10/0x10
[   89.577625][ T6067]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[   89.577666][ T6067]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[   89.577711][ T6067]  ? lockdep_init_map_type+0x5c/0x280
[   89.577752][ T6067]  ? debug_mutex_init+0x37/0x70
[   89.577779][ T6067]  ? snd_pcm_attach_substream+0x89d/0xd60
[   89.577819][ T6067]  snd_pcm_open_substream+0x92c/0x17f0
[   89.577856][ T6067]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[   89.577887][ T6067]  ? lockdep_init_map_type+0x5c/0x280
[   89.577928][ T6067]  ? lockdep_init_map_type+0x5c/0x280
[   89.577970][ T6067]  snd_pcm_oss_open+0x735/0x13e0
[   89.578006][ T6067]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[   89.578034][ T6067]  ? __lock_acquire+0xaa4/0x1ba0
[   89.578078][ T6067]  ? __pfx_default_wake_function+0x10/0x10
[   89.578109][ T6067]  ? __lock_acquire+0xaa4/0x1ba0
[   89.578159][ T6067]  ? do_raw_spin_lock+0x12c/0x2b0
[   89.578204][ T6067]  ? soundcore_open+0x35a/0x580
[   89.578244][ T6067]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[   89.578273][ T6067]  soundcore_open+0x409/0x580
[   89.578314][ T6067]  ? __pfx_soundcore_open+0x10/0x10
[   89.578354][ T6067]  chrdev_open+0x231/0x6a0
[   89.578397][ T6067]  ? __pfx_chrdev_open+0x10/0x10
[   89.578441][ T6067]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[   89.578486][ T6067]  do_dentry_open+0x741/0x1c10
[   89.578526][ T6067]  ? __pfx_chrdev_open+0x10/0x10
[   89.578567][ T6067]  ? inode_permission+0xdd/0x5f0
[   89.578595][ T6067]  vfs_open+0x82/0x3f0
[   89.578617][ T6067]  ? may_open+0x1f2/0x400
[   89.578646][ T6067]  path_openat+0x1e5e/0x2d40
[   89.578714][ T6067]  ? __pfx_path_openat+0x10/0x10
[   89.578762][ T6067]  do_filp_open+0x20b/0x470
[   89.578803][ T6067]  ? __pfx_do_filp_open+0x10/0x10
[   89.578843][ T6067]  ? find_held_lock+0x2b/0x80
[   89.578888][ T6067]  ? alloc_fd+0x420/0x760
[   89.578932][ T6067]  do_sys_openat2+0x11b/0x1d0
[   89.578956][ T6067]  ? __pfx_do_sys_openat2+0x10/0x10
[   89.578983][ T6067]  ? __pfx___might_resched+0x10/0x10
[   89.579020][ T6067]  __x64_sys_openat+0x174/0x210
[   89.579048][ T6067]  ? __pfx___x64_sys_openat+0x10/0x10
[   89.579074][ T6067]  ? rcu_is_watching+0x12/0xc0
[   89.579103][ T6067]  do_syscall_64+0xcd/0x260
[   89.579137][ T6067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.579158][ T6067] RIP: 0033:0x7fa1b478d169
[   89.579177][ T6067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.579203][ T6067] RSP: 002b:00007fa1b5531038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   89.579227][ T6067] RAX: ffffffffffffffda RBX: 00007fa1b49a6080 RCX: 00007fa1b478d169
[   89.579244][ T6067] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[   89.579261][ T6067] RBP: 00007fa1b480e2a0 R08: 0000000000000000 R09: 0000000000000000
[   89.579275][ T6067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   89.579290][ T6067] R13: 0000000000000000 R14: 00007fa1b49a6080 R15: 00007ffd2c3d4f08
[   89.579318][ T6067]  </TASK>
[   92.178773][ T6115] vivid-003: =================  START STATUS  =================
[   92.198251][ T6115] vivid-003: Radio HW Seek Mode: Bounded
[   92.215158][ T6115] vivid-003: Radio Programmable HW Seek: false
[   92.216087][    T9] cfg80211: failed to load regulatory.db
[   92.221380][ T6115] vivid-003: RDS Rx I/O Mode: Block I/O
[   92.269388][ T6115] vivid-003: Generate RBDS Instead of RDS: false
[   92.325414][ T6115] vivid-003: RDS Reception: true
[   92.330567][ T6115] vivid-003: RDS Program Type: 0 inactive
[   92.377566][ T6115] vivid-003: RDS PS Name:  inactive
[   92.385305][ T6115] vivid-003: RDS Radio Text:  inactive
[   92.390969][ T6115] vivid-003: RDS Traffic Announcement: false inactive
[   92.504520][ T6115] vivid-003: RDS Traffic Program: false inactive
[   92.511134][ T6115] vivid-003: RDS Music: false inactive
[   92.864285][ T6115] vivid-003: ==================  END STATUS  ==================
[   93.948793][ T6133] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[   94.697673][   T30] audit: type=1800 audit(1743087030.524:2): pid=6140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.62" name="file0" dev="tmpfs" ino=111 res=0 errno=0
[   96.946536][ T6160] netlink: 4 bytes leftover after parsing attributes in process `syz.0.68'.
[   96.978706][ T6160] netlink: 354 bytes leftover after parsing attributes in process `syz.0.68'.
[   97.484529][ T6172] FAULT_INJECTION: forcing a failure.
[   97.484529][ T6172] name failslab, interval 1, probability 0, space 0, times 0
[   97.484634][ T6172] CPU: 0 UID: 0 PID: 6172 Comm: syz.2.72 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   97.484666][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   97.484682][ T6172] Call Trace:
[   97.484690][ T6172]  <TASK>
[   97.484700][ T6172]  dump_stack_lvl+0x16c/0x1f0
[   97.484733][ T6172]  should_fail_ex+0x512/0x640
[   97.484765][ T6172]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[   97.484807][ T6172]  should_failslab+0xc2/0x120
[   97.484849][ T6172]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[   97.484905][ T6172]  ? shmem_alloc_inode+0x25/0x50
[   97.484944][ T6172]  ? __pfx_shmem_alloc_inode+0x10/0x10
[   97.484976][ T6172]  shmem_alloc_inode+0x25/0x50
[   97.485009][ T6172]  alloc_inode+0x61/0x240
[   97.485037][ T6172]  new_inode+0x22/0x1c0
[   97.485062][ T6172]  ? trace_cap_capable+0x18d/0x200
[   97.485094][ T6172]  shmem_get_inode+0x19a/0xfb0
[   97.485133][ T6172]  ? __vm_enough_memory+0x184/0x3f0
[   97.485169][ T6172]  __shmem_file_setup+0x16f/0x300
[   97.485210][ T6172]  shmem_zero_setup+0x93/0x1b0
[   97.485240][ T6172]  __mmap_region+0x204f/0x27c0
[   97.485280][ T6172]  ? __switch_to+0x749/0x1170
[   97.485312][ T6172]  ? __pfx___mmap_region+0x10/0x10
[   97.485371][ T6172]  ? __pfx___schedule+0x10/0x10
[   97.485439][ T6172]  ? trace_cap_capable+0x18d/0x200
[   97.485471][ T6172]  ? cap_capable+0xb3/0x250
[   97.485506][ T6172]  mmap_region+0x1ab/0x3f0
[   97.485551][ T6172]  do_mmap+0xd8e/0x11b0
[   97.485589][ T6172]  ? __pfx_do_mmap+0x10/0x10
[   97.485622][ T6172]  ? __pfx_down_write_killable+0x10/0x10
[   97.485657][ T6172]  vm_mmap_pgoff+0x281/0x450
[   97.485697][ T6172]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[   97.485740][ T6172]  ? __x64_sys_futex+0x1e0/0x4c0
[   97.485771][ T6172]  ? __x64_sys_futex+0x1e9/0x4c0
[   97.485806][ T6172]  ksys_mmap_pgoff+0x7d/0x5c0
[   97.485836][ T6172]  ? rcu_is_watching+0x12/0xc0
[   97.485864][ T6172]  __x64_sys_mmap+0x125/0x190
[   97.485903][ T6172]  do_syscall_64+0xcd/0x260
[   97.485931][ T6172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.485958][ T6172] RIP: 0033:0x7feeaf18d169
[   97.485980][ T6172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.486006][ T6172] RSP: 002b:00007feeb002b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   97.486033][ T6172] RAX: ffffffffffffffda RBX: 00007feeaf3a5fa0 RCX: 00007feeaf18d169
[   97.486052][ T6172] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[   97.486069][ T6172] RBP: 00007feeaf20e2a0 R08: 0000000000000401 R09: 0000000000008000
[   97.486086][ T6172] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[   97.486102][ T6172] R13: 0000000000000000 R14: 00007feeaf3a5fa0 R15: 00007ffec6cc5c98
[   97.486131][ T6172]  </TASK>
[   98.372111][ T5597] getty (5597) used greatest stack depth: 21560 bytes left
[   98.375588][ T6182] FAULT_INJECTION: forcing a failure.
[   98.375588][ T6182] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   98.375632][ T6182] CPU: 0 UID: 0 PID: 6182 Comm: syz.3.75 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   98.375669][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   98.375685][ T6182] Call Trace:
[   98.375694][ T6182]  <TASK>
[   98.375704][ T6182]  dump_stack_lvl+0x16c/0x1f0
[   98.375736][ T6182]  should_fail_ex+0x512/0x640
[   98.375772][ T6182]  should_fail_alloc_page+0xe7/0x130
[   98.375823][ T6182]  prepare_alloc_pages.constprop.0+0x172/0x570
[   98.375861][ T6182]  __alloc_frozen_pages_noprof+0x18f/0x24d0
[   98.375904][ T6182]  ? do_raw_spin_lock+0x12c/0x2b0
[   98.375948][ T6182]  ? find_held_lock+0x2b/0x80
[   98.375980][ T6182]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   98.376018][ T6182]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[   98.376056][ T6182]  ? lockdep_hardirqs_on+0x7c/0x110
[   98.376095][ T6182]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[   98.376132][ T6182]  ? stack_depot_save_flags+0x38a/0x9c0
[   98.376173][ T6182]  ? kasan_save_stack+0x42/0x60
[   98.376211][ T6182]  ? interleave_nodes+0x16b/0x410
[   98.376258][ T6182]  ? policy_nodemask+0xea/0x4e0
[   98.376302][ T6182]  alloc_pages_mpol+0x1fb/0x540
[   98.376347][ T6182]  ? __pfx_alloc_pages_mpol+0x10/0x10

syzkaller
syzkaller login: [   98.376388][ T6182]  ? __page_table_check_ptes_set+0x16a/0x3e0
[   98.376432][ T6182]  ? do_raw_spin_lock+0x12c/0x2b0
[   98.376472][ T6182]  ? find_held_lock+0x2b/0x80
[   98.376498][ T6182]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   98.376531][ T6182]  alloc_pages_noprof+0x131/0x390
[   98.376571][ T6182]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   98.376605][ T6182]  get_free_pages_noprof+0xc/0x40
[   98.376630][ T6182]  kasan_populate_vmalloc_pte+0x2d/0x160
[   98.376664][ T6182]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   98.376698][ T6182]  __apply_to_page_range+0x5f9/0xd30
[   98.376733][ T6182]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[   98.376769][ T6182]  ? __pfx___apply_to_page_range+0x10/0x10
[   98.376813][ T6182]  ? alloc_vmap_area+0x872/0x2970
[   98.376849][ T6182]  alloc_vmap_area+0x919/0x2970
[   98.376890][ T6182]  ? __pfx_alloc_vmap_area+0x10/0x10
[   98.376928][ T6182]  __get_vm_area_node+0x1a7/0x300
[   98.376965][ T6182]  __vmalloc_node_range_noprof+0x277/0x1540
[   98.377000][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.377045][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.377084][ T6182]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   98.377130][ T6182]  __kvmalloc_node_noprof+0x2ff/0x600
[   98.377165][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.377197][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.377234][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.377267][ T6182]  __do_sys_listmount+0x1c2/0xec0
[   98.377307][ T6182]  ? __x64_sys_futex+0x1e0/0x4c0
[   98.377337][ T6182]  ? __x64_sys_futex+0x1e9/0x4c0
[   98.377364][ T6182]  ? __pfx___do_sys_listmount+0x10/0x10
[   98.377396][ T6182]  ? xfd_validate_state+0x5d/0x180
[   98.377430][ T6182]  do_syscall_64+0xcd/0x260
[   98.377457][ T6182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.377483][ T6182] RIP: 0033:0x7f13d0b8d169
[   98.377505][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.377529][ T6182] RSP: 002b:00007f13d195f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[   98.377556][ T6182] RAX: ffffffffffffffda RBX: 00007f13d0da5fa0 RCX: 00007f13d0b8d169
[   98.377574][ T6182] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[   98.377590][ T6182] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   98.377606][ T6182] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   98.377620][ T6182] R13: 0000000000000000 R14: 00007f13d0da5fa0 R15: 00007ffed960d6d8
[   98.377648][ T6182]  </TASK>
[   98.377850][ T6182] syz.3.75: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[   98.378029][ T6182] CPU: 0 UID: 0 PID: 6182 Comm: syz.3.75 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   98.378062][ T6182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   98.378078][ T6182] Call Trace:
[   98.378086][ T6182]  <TASK>
[   98.378095][ T6182]  dump_stack_lvl+0x16c/0x1f0
[   98.378122][ T6182]  warn_alloc+0x248/0x3a0
[   98.378163][ T6182]  ? __pfx_warn_alloc+0x10/0x10
[   98.378204][ T6182]  ? kfree+0x2b6/0x4d0
[   98.378238][ T6182]  ? __get_vm_area_node+0x1e5/0x300
[   98.378272][ T6182]  __vmalloc_node_range_noprof+0xd31/0x1540
[   98.378312][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.378349][ T6182]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[   98.378394][ T6182]  __kvmalloc_node_noprof+0x2ff/0x600
[   98.378427][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.378459][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.378499][ T6182]  ? __do_sys_listmount+0x1c2/0xec0
[   98.378533][ T6182]  __do_sys_listmount+0x1c2/0xec0
[   98.378571][ T6182]  ? __x64_sys_futex+0x1e0/0x4c0
[   98.378603][ T6182]  ? __x64_sys_futex+0x1e9/0x4c0
[   98.378633][ T6182]  ? __pfx___do_sys_listmount+0x10/0x10
[   98.378670][ T6182]  ? xfd_validate_state+0x5d/0x180
[   98.378731][ T6182]  do_syscall_64+0xcd/0x260
[   98.378759][ T6182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.378786][ T6182] RIP: 0033:0x7f13d0b8d169
[   98.378816][ T6182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   98.378840][ T6182] RSP: 002b:00007f13d195f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[   98.378867][ T6182] RAX: ffffffffffffffda RBX: 00007f13d0da5fa0 RCX: 00007f13d0b8d169
[   98.378885][ T6182] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[   98.378902][ T6182] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   98.378917][ T6182] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[   98.378933][ T6182] R13: 0000000000000000 R14: 00007f13d0da5fa0 R15: 00007ffed960d6d8
[   98.378963][ T6182]  </TASK>
[   98.378972][ T6182] Mem-Info:
[   98.378985][ T6182] active_anon:42282 inactive_anon:0 isolated_anon:0
[   98.378985][ T6182]  active_file:10762 inactive_file:38441 isolated_file:0
[   98.378985][ T6182]  unevictable:768 dirty:530 writeback:0
[   98.378985][ T6182]  slab_reclaimable:9672 slab_unreclaimable:94860
[   98.378985][ T6182]  mapped:45892 shmem:35896 pagetables:875
[   98.378985][ T6182]  sec_pagetables:0 bounce:0
[   98.378985][ T6182]  kernel_misc_reclaimable:0
[   98.378985][ T6182]  free:1313995 free_pcp:740 free_cma:0
[   98.379054][ T6182] Node 0 active_anon:169128kB inactive_anon:0kB active_file:43048kB inactive_file:153688kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:183568kB dirty:2112kB writeback:0kB shmem:142048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10820kB pagetables:3500kB sec_pagetables:0kB all_unreclaimable? no
[   98.379120][ T6182] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[   98.379184][ T6182] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   98.379256][ T6182] lowmem_reserve[]: 0 2485 2487 2487 2487
[   98.379312][ T6182] Node 0 DMA32 free:1335356kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:169084kB inactive_anon:0kB active_file:43048kB inactive_file:151856kB unevictable:1536kB writepending:2104kB present:3129332kB managed:2544812kB mlocked:0kB bounce:0kB free_pcp:2324kB local_pcp:1088kB free_cma:0kB
[   98.403684][ T6182] lowmem_reserve[]: 0 0 1 1 1
[   98.403751][ T6182] Node 0 Normal free:16kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1832kB unevictable:0kB writepending:8kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[   98.403844][ T6182] lowmem_reserve[]: 0 0 0 0 0
[   98.403901][ T6182] Node 1 Normal free:3905248kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:608kB local_pcp:608kB free_cma:0kB
[   98.403975][ T6182] lowmem_reserve[]: 0 0 0 0 0
[   98.404024][ T6182] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   98.404274][ T6182] Node 0 DMA32: 109*4kB (UE) 183*8kB (UME) 448*16kB (UM) 196*32kB (UM) 475*64kB (UME) 212*128kB (UME) 136*256kB (UME) 79*512kB (UME) 44*1024kB (UME) 25*2048kB (UME) 266*4096kB (UM) = 1333932kB
[   98.404508][ T6182] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB
[   98.404658][ T6182] Node 1 Normal: 146*4kB (UME) 54*8kB (UE) 51*16kB (UE) 212*32kB (UE) 84*64kB (UME) 32*128kB (UE) 16*256kB (UM) 8*512kB (UME) 6*1024kB (UME) 3*2048kB (UE) 944*4096kB (UM) = 3905192kB
[   98.404904][ T6182] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   98.404926][ T6182] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   98.404945][ T6182] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[   98.404968][ T6182] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[   98.404990][ T6182] 85224 total pagecache pages
[   98.404998][ T6182] 0 pages in swap cache
[   98.405007][ T6182] Free swap  = 124812kB
[   98.405017][ T6182] Total swap = 124996kB
[   98.405027][ T6182] 2097051 pages RAM
[   98.405037][ T6182] 0 pages HighMem/MovableOnly
[   98.405045][ T6182] 428742 pages reserved
[   98.405055][ T6182] 0 pages cma reserved
[   98.941347][ T6189] netlink: 42 bytes leftover after parsing attributes in process `syz.2.76'.
[   99.038310][ T6191] FAULT_INJECTION: forcing a failure.
[   99.038310][ T6191] name failslab, interval 1, probability 0, space 0, times 0
[   99.038390][ T6191] CPU: 0 UID: 0 PID: 6191 Comm: syz.3.77 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[   99.038426][ T6191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   99.038441][ T6191] Call Trace:
[   99.038449][ T6191]  <TASK>
[   99.038459][ T6191]  dump_stack_lvl+0x16c/0x1f0
[   99.038491][ T6191]  should_fail_ex+0x512/0x640
[   99.038524][ T6191]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[   99.038569][ T6191]  should_failslab+0xc2/0x120
[   99.038612][ T6191]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[   99.038656][ T6191]  ? find_held_lock+0x2b/0x80
[   99.038706][ T6191]  ? kstrdup_const+0x63/0x80
[   99.038743][ T6191]  kstrdup+0x53/0x100
[   99.038777][ T6191]  kstrdup_const+0x63/0x80
[   99.038809][ T6191]  __kernfs_new_node+0x9b/0x8a0
[   99.038849][ T6191]  ? __kernel_text_address+0xd/0x40
[   99.038880][ T6191]  ? __pfx___kernfs_new_node+0x10/0x10
[   99.038923][ T6191]  ? map_id_range_down+0x2bc/0x3b0
[   99.038965][ T6191]  ? __pfx_map_id_range_down+0x10/0x10
[   99.039000][ T6191]  ? __lock_acquire+0xaa4/0x1ba0
[   99.039041][ T6191]  kernfs_new_node+0x186/0x240
[   99.039066][ T6191]  ? net_ns_get_ownership+0xf8/0x1b0
[   99.039117][ T6191]  kernfs_create_dir_ns+0x4c/0x190
[   99.039145][ T6191]  sysfs_create_dir_ns+0x13a/0x2b0
[   99.039182][ T6191]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   99.039221][ T6191]  ? find_held_lock+0x2b/0x80
[   99.039251][ T6191]  ? net_namespace+0x12/0x50
[   99.039290][ T6191]  ? device_namespace+0x76/0xa0
[   99.039320][ T6191]  kobject_add_internal+0x2c4/0x9b0
[   99.039355][ T6191]  kobject_add+0x16e/0x240
[   99.039386][ T6191]  ? __pfx_kobject_add+0x10/0x10
[   99.039419][ T6191]  ? get_device_parent+0x1c5/0x4e0
[   99.039446][ T6191]  ? kobject_put+0xab/0x5a0
[   99.039482][ T6191]  device_add+0x288/0x1a70
[   99.039513][ T6191]  ? __pfx_dev_set_name+0x10/0x10
[   99.039548][ T6191]  ? __pfx_device_add+0x10/0x10
[   99.039578][ T6191]  ? lockdep_init_map_type+0x5c/0x280
[   99.039617][ T6191]  ? __init_waitqueue_head+0xca/0x150
[   99.039650][ T6191]  netdev_register_kobject+0x182/0x3a0
[   99.039696][ T6191]  register_netdevice+0x13dc/0x2040
[   99.039743][ T6191]  ? __pfx_register_netdevice+0x10/0x10
[   99.039787][ T6191]  ? alloc_netdev_mqs+0xe7e/0x1570
[   99.039828][ T6191]  ? __pfx_loopback_net_init+0x10/0x10
[   99.039856][ T6191]  register_netdev+0x34/0x50
[   99.039897][ T6191]  loopback_net_init+0x7a/0x170
[   99.039927][ T6191]  ? __pfx_loopback_net_init+0x10/0x10
[   99.039955][ T6191]  ops_init+0x1df/0x5f0
[   99.039996][ T6191]  setup_net+0x21e/0x850
[   99.040039][ T6191]  ? __pfx_setup_net+0x10/0x10
[   99.040078][ T6191]  ? lockdep_init_map_type+0x5c/0x280
[   99.040124][ T6191]  ? __pfx_down_read_killable+0x10/0x10
[   99.040161][ T6191]  ? debug_mutex_init+0x37/0x70
[   99.040191][ T6191]  copy_net_ns+0x2a6/0x5f0
[   99.040233][ T6191]  create_new_namespaces+0x3ea/0xad0
[   99.040271][ T6191]  unshare_nsproxy_namespaces+0xc0/0x1f0
[   99.040314][ T6191]  ksys_unshare+0x45b/0xa40
[   99.040349][ T6191]  ? __pfx_ksys_unshare+0x10/0x10
[   99.040381][ T6191]  ? xfd_validate_state+0x5d/0x180
[   99.040409][ T6191]  ? rcu_is_watching+0x12/0xc0
[   99.040443][ T6191]  __x64_sys_unshare+0x31/0x40
[   99.040481][ T6191]  do_syscall_64+0xcd/0x260
[   99.040516][ T6191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.040543][ T6191] RIP: 0033:0x7f13d0b8d169
[   99.040566][ T6191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.040593][ T6191] RSP: 002b:00007f13d195f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   99.040620][ T6191] RAX: ffffffffffffffda RBX: 00007f13d0da5fa0 RCX: 00007f13d0b8d169
[   99.040639][ T6191] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[   99.040656][ T6191] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[   99.040672][ T6191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   99.040688][ T6191] R13: 0000000000000000 R14: 00007f13d0da5fa0 R15: 00007ffed960d6d8
[   99.040719][ T6191]  </TASK>
[   99.060320][ T6191] kobject: kobject_add_internal failed for lo (error: -12 parent: net)
[  101.649128][ T6209] FAULT_INJECTION: forcing a failure.
[  101.649128][ T6209] name failslab, interval 1, probability 0, space 0, times 0
[  102.617822][ T6209] CPU: 0 UID: 0 PID: 6209 Comm: syz.1.81 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  102.617862][ T6209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  102.617876][ T6209] Call Trace:
[  102.617883][ T6209]  <TASK>
[  102.617891][ T6209]  dump_stack_lvl+0x16c/0x1f0
[  102.617918][ T6209]  should_fail_ex+0x512/0x640
[  102.617946][ T6209]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  102.617984][ T6209]  should_failslab+0xc2/0x120
[  102.618027][ T6209]  __kmalloc_cache_noprof+0x6a/0x3e0
[  102.618061][ T6209]  ? sctp_auth_shkey_create+0x9e/0x210
[  102.618109][ T6209]  sctp_auth_shkey_create+0x9e/0x210
[  102.618160][ T6209]  sctp_endpoint_new+0x562/0xcd0
[  102.618206][ T6209]  sctp_init_sock+0xe2d/0x1330
[  102.618243][ T6209]  ? sock_init_data_uid+0x7f6/0xa00
[  102.618273][ T6209]  ? __pfx_sctp_init_sock+0x10/0x10
[  102.618313][ T6209]  inet_create+0x936/0x1090
[  102.618338][ T6209]  ? inet_create+0x93/0x1090
[  102.618366][ T6209]  __sock_create+0x335/0x8d0
[  102.618397][ T6209]  __sys_socket+0x14d/0x260
[  102.618423][ T6209]  ? __pfx___sys_socket+0x10/0x10
[  102.618450][ T6209]  ? rcu_is_watching+0x12/0xc0
[  102.618481][ T6209]  __x64_sys_socket+0x72/0xb0
[  102.618506][ T6209]  ? lockdep_hardirqs_on+0x7c/0x110
[  102.618548][ T6209]  do_syscall_64+0xcd/0x260
[  102.618575][ T6209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.618601][ T6209] RIP: 0033:0x7fec8058d169
[  102.618623][ T6209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  102.618648][ T6209] RSP: 002b:00007fec814c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  102.618673][ T6209] RAX: ffffffffffffffda RBX: 00007fec807a5fa0 RCX: 00007fec8058d169
[  102.618710][ T6209] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000002
[  102.618725][ T6209] RBP: 00007fec8060e2a0 R08: 0000000000000000 R09: 0000000000000000
[  102.618740][ T6209] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.618754][ T6209] R13: 0000000000000000 R14: 00007fec807a5fa0 R15: 00007ffd79039218
[  102.618782][ T6209]  </TASK>
[  103.091151][ T6220] netlink: 28 bytes leftover after parsing attributes in process `syz.0.84'.
[  103.243677][ T6220] bond0: (slave bond_slave_0): Releasing backup interface
[  105.708381][ T6280] usb usb32: usbfs: process 6280 (syz.2.90) did not claim interface 0 before use
[  106.399972][ T6284] FAULT_INJECTION: forcing a failure.
[  106.399972][ T6284] name failslab, interval 1, probability 0, space 0, times 0
[  106.451056][ T6287] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT
[  106.494225][ T6284] CPU: 0 UID: 0 PID: 6284 Comm: syz.0.91 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  106.494268][ T6284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  106.494286][ T6284] Call Trace:
[  106.494295][ T6284]  <TASK>
[  106.494306][ T6284]  dump_stack_lvl+0x16c/0x1f0
[  106.494340][ T6284]  should_fail_ex+0x512/0x640
[  106.494374][ T6284]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  106.494415][ T6284]  should_failslab+0xc2/0x120
[  106.494458][ T6284]  __kmalloc_cache_noprof+0x6a/0x3e0
[  106.494495][ T6284]  ? kvm_init_irq_routing+0x43/0xf0
[  106.494543][ T6284]  kvm_init_irq_routing+0x43/0xf0
[  106.494585][ T6284]  kvm_dev_ioctl+0x7dd/0x1ad0
[  106.494622][ T6284]  ? find_held_lock+0x2b/0x80
[  106.494652][ T6284]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  106.494686][ T6284]  ? __fget_files+0x20e/0x3c0
[  106.494728][ T6284]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  106.494762][ T6284]  __x64_sys_ioctl+0x190/0x200
[  106.494797][ T6284]  do_syscall_64+0xcd/0x260
[  106.494826][ T6284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.494853][ T6284] RIP: 0033:0x7fa1b478d169
[  106.494875][ T6284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  106.494901][ T6284] RSP: 002b:00007fa1b5552038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  106.494927][ T6284] RAX: ffffffffffffffda RBX: 00007fa1b49a5fa0 RCX: 00007fa1b478d169
[  106.495001][ T6284] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006
[  106.495018][ T6284] RBP: 00007fa1b480e2a0 R08: 0000000000000000 R09: 0000000000000000
[  106.495036][ T6284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  106.495053][ T6284] R13: 0000000000000000 R14: 00007fa1b49a5fa0 R15: 00007ffd2c3d4f08
[  106.495083][ T6284]  </TASK>
[  108.825124][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  110.261710][ T6332] syz.2.103 uses obsolete (PF_INET,SOCK_PACKET)
[  111.735283][ T6346] netlink: 194 bytes leftover after parsing attributes in process `syz.1.107'.
[  111.742964][ T6341] FAULT_INJECTION: forcing a failure.
[  111.742964][ T6341] name failslab, interval 1, probability 0, space 0, times 0
[  111.884310][ T6341] CPU: 1 UID: 0 PID: 6341 Comm: syz.2.106 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  111.884356][ T6341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  111.884372][ T6341] Call Trace:
[  111.884381][ T6341]  <TASK>
[  111.884393][ T6341]  dump_stack_lvl+0x16c/0x1f0
[  111.884427][ T6341]  should_fail_ex+0x512/0x640
[  111.884461][ T6341]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  111.884505][ T6341]  should_failslab+0xc2/0x120
[  111.884548][ T6341]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  111.884591][ T6341]  ? devinet_init_net+0xc3/0x910
[  111.884636][ T6341]  kmemdup_noprof+0x29/0x60
[  111.884668][ T6341]  devinet_init_net+0xc3/0x910
[  111.884710][ T6341]  ? __pfx_devinet_init_net+0x10/0x10
[  111.884752][ T6341]  ops_init+0x1df/0x5f0
[  111.884795][ T6341]  setup_net+0x21e/0x850
[  111.884838][ T6341]  ? __pfx_setup_net+0x10/0x10
[  111.884874][ T6341]  ? lockdep_init_map_type+0x5c/0x280
[  111.884914][ T6341]  ? __pfx_down_read_killable+0x10/0x10
[  111.884949][ T6341]  ? debug_mutex_init+0x37/0x70
[  111.884978][ T6341]  copy_net_ns+0x2a6/0x5f0
[  111.885019][ T6341]  create_new_namespaces+0x3ea/0xad0
[  111.885062][ T6341]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  111.885108][ T6341]  ksys_unshare+0x45b/0xa40
[  111.885146][ T6341]  ? __pfx_ksys_unshare+0x10/0x10
[  111.885182][ T6341]  ? xfd_validate_state+0x5d/0x180
[  111.885211][ T6341]  ? rcu_is_watching+0x12/0xc0
[  111.885246][ T6341]  __x64_sys_unshare+0x31/0x40
[  111.885283][ T6341]  do_syscall_64+0xcd/0x260
[  111.885312][ T6341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.885340][ T6341] RIP: 0033:0x7feeaf18d169
[  111.885364][ T6341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.885390][ T6341] RSP: 002b:00007feeb002b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  111.885417][ T6341] RAX: ffffffffffffffda RBX: 00007feeaf3a5fa0 RCX: 00007feeaf18d169
[  111.885436][ T6341] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  111.885453][ T6341] RBP: 00007feeaf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  111.885470][ T6341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  111.885486][ T6341] R13: 0000000000000000 R14: 00007feeaf3a5fa0 R15: 00007ffec6cc5c98
[  111.885517][ T6341]  </TASK>
[  112.327938][   T30] audit: type=1800 audit(6038054344.160:3): pid=6330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.102" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  115.154975][ T6401] FAULT_INJECTION: forcing a failure.
[  115.154975][ T6401] name failslab, interval 1, probability 0, space 0, times 0
[  115.204301][ T6401] CPU: 1 UID: 0 PID: 6401 Comm: syz.0.118 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  115.204343][ T6401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  115.204361][ T6401] Call Trace:
[  115.204369][ T6401]  <TASK>
[  115.204380][ T6401]  dump_stack_lvl+0x16c/0x1f0
[  115.204412][ T6401]  should_fail_ex+0x512/0x640
[  115.204447][ T6401]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  115.204490][ T6401]  should_failslab+0xc2/0x120
[  115.204533][ T6401]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  115.204570][ T6401]  ? __proc_create+0xc3/0x8c0
[  115.204596][ T6401]  ? __proc_create+0x2ce/0x8c0
[  115.204629][ T6401]  __proc_create+0x2ce/0x8c0
[  115.204658][ T6401]  ? __pfx___proc_create+0x10/0x10
[  115.204691][ T6401]  ? _raw_write_unlock+0x28/0x50
[  115.204737][ T6401]  proc_create_reg+0x7d/0x180
[  115.204768][ T6401]  proc_create_data+0x86/0x110
[  115.204799][ T6401]  ? __pfx_proc_create_data+0x10/0x10
[  115.204832][ T6401]  ? cache_register_net+0x137/0x5e0
[  115.204869][ T6401]  cache_register_net+0x1e0/0x5e0
[  115.204902][ T6401]  ip_map_cache_create+0x8b/0x130
[  115.204935][ T6401]  ? __pfx_sunrpc_init_net+0x10/0x10
[  115.204959][ T6401]  sunrpc_init_net+0x55/0x190
[  115.204985][ T6401]  ops_init+0x1df/0x5f0
[  115.205024][ T6401]  setup_net+0x21e/0x850
[  115.205061][ T6401]  ? __pfx_setup_net+0x10/0x10
[  115.205087][ T6401]  ? lockdep_init_map_type+0x5c/0x280
[  115.205109][ T6401]  ? __pfx_down_read_killable+0x10/0x10
[  115.205137][ T6401]  ? debug_mutex_init+0x37/0x70
[  115.205154][ T6401]  copy_net_ns+0x2a6/0x5f0
[  115.205182][ T6401]  create_new_namespaces+0x3ea/0xad0
[  115.205206][ T6401]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  115.205228][ T6401]  ksys_unshare+0x45b/0xa40
[  115.205251][ T6401]  ? __pfx_ksys_unshare+0x10/0x10
[  115.205272][ T6401]  ? xfd_validate_state+0x5d/0x180
[  115.205290][ T6401]  ? rcu_is_watching+0x12/0xc0
[  115.205314][ T6401]  __x64_sys_unshare+0x31/0x40
[  115.205335][ T6401]  do_syscall_64+0xcd/0x260
[  115.205351][ T6401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.205368][ T6401] RIP: 0033:0x7fa1b478d169
[  115.205382][ T6401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.205398][ T6401] RSP: 002b:00007fa1b5552038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  115.205416][ T6401] RAX: ffffffffffffffda RBX: 00007fa1b49a5fa0 RCX: 00007fa1b478d169
[  115.205426][ T6401] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  115.205436][ T6401] RBP: 00007fa1b480e2a0 R08: 0000000000000000 R09: 0000000000000000
[  115.205445][ T6401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  115.205454][ T6401] R13: 0000000000000000 R14: 00007fa1b49a5fa0 R15: 00007ffd2c3d4f08
[  115.205471][ T6401]  </TASK>
[  116.101044][ T6406] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[  118.806693][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  120.270398][ T6475] Invalid ELF header magic: != ELF
[  120.800598][ T6499] netlink: 338 bytes leftover after parsing attributes in process `syz.0.132'.
[  120.933725][ T6499] netlink: 338 bytes leftover after parsing attributes in process `syz.0.132'.
[  121.011258][ T6507] netlink: 290 bytes leftover after parsing attributes in process `syz.0.132'.
[  121.053597][ T6507] veth0_macvtap: left promiscuous mode
[  121.771642][ T6487] netlink: 28 bytes leftover after parsing attributes in process `syz.2.129'.
[  121.861649][ T6532] tipc: Started in network mode
[  121.868860][ T6532] tipc: Node identity 8e4e6f15, cluster identity 4711
[  121.878978][ T6532] tipc: Node number set to 2387504917
[  121.990285][ T6487] geneve1: entered allmulticast mode
[  122.941807][ T6542] netlink: 330 bytes leftover after parsing attributes in process `syz.3.140'.
[  122.971143][ T6542] net veth1_virt_wifi ›: renamed from virt_wifi0
[  123.177621][ T6548] Invalid ELF header magic: != ELF
[  123.204806][ T6545] FAULT_INJECTION: forcing a failure.
[  123.204806][ T6545] name failslab, interval 1, probability 0, space 0, times 0
[  123.277553][ T6545] CPU: 0 UID: 0 PID: 6545 Comm: syz.2.141 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  123.277599][ T6545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  123.277616][ T6545] Call Trace:
[  123.277625][ T6545]  <TASK>
[  123.277636][ T6545]  dump_stack_lvl+0x16c/0x1f0
[  123.277671][ T6545]  should_fail_ex+0x512/0x640
[  123.277707][ T6545]  ? fs_reclaim_acquire+0xae/0x150
[  123.277743][ T6545]  should_failslab+0xc2/0x120
[  123.277785][ T6545]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  123.277827][ T6545]  ? set_tracefs_inode_owner+0x235/0x310
[  123.277858][ T6545]  ? ima_alloc_tfm+0x21a/0x2e0
[  123.277883][ T6545]  ? ima_collect_measurement+0x4b5/0xa40
[  123.277918][ T6545]  krealloc_noprof+0x1fb/0x380
[  123.277960][ T6545]  ima_collect_measurement+0x4b5/0xa40
[  123.277997][ T6545]  ? __pfx_ima_collect_measurement+0x10/0x10
[  123.278043][ T6545]  ? trace_contention_end+0xdd/0x130
[  123.278081][ T6545]  ? __mutex_lock+0x1cb/0xb00
[  123.278106][ T6545]  ? is_bad_inode+0xd/0x40
[  123.278140][ T6545]  ? xattr_resolve_name+0x27b/0x3f0
[  123.278183][ T6545]  ? vfs_getxattr_alloc+0xec/0x340
[  123.278234][ T6545]  ? ima_get_hash_algo+0x27c/0x400
[  123.278276][ T6545]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  123.278324][ T6545]  ? process_measurement+0x126c/0x2360
[  123.278350][ T6545]  process_measurement+0x126c/0x2360
[  123.278384][ T6545]  ? __mutex_trylock_common+0xe9/0x250
[  123.278422][ T6545]  ? __pfx_process_measurement+0x10/0x10
[  123.278451][ T6545]  ? __pfx___might_resched+0x10/0x10
[  123.278486][ T6545]  ? rcu_is_watching+0x12/0xc0
[  123.278514][ T6545]  ? find_held_lock+0x2b/0x80
[  123.278542][ T6545]  ? tracing_check_open_get_tr.part.0+0xad/0x130
[  123.278609][ T6545]  ? tracing_check_open_get_tr.part.0+0xb2/0x130
[  123.278644][ T6545]  ? inode_to_bdi+0x9e/0x160
[  123.278682][ T6545]  ima_file_check+0xc5/0x110
[  123.278708][ T6545]  ? __pfx_ima_file_check+0x10/0x10
[  123.278762][ T6545]  security_file_post_open+0x8e/0x210
[  123.278806][ T6545]  path_openat+0x147d/0x2d40
[  123.278859][ T6545]  ? __pfx_path_openat+0x10/0x10
[  123.278907][ T6545]  do_filp_open+0x20b/0x470
[  123.278948][ T6545]  ? __pfx_do_filp_open+0x10/0x10
[  123.278985][ T6545]  ? find_held_lock+0x2b/0x80
[  123.279024][ T6545]  ? alloc_fd+0x420/0x760
[  123.279064][ T6545]  do_sys_openat2+0x11b/0x1d0
[  123.279089][ T6545]  ? __pfx_do_sys_openat2+0x10/0x10
[  123.279128][ T6545]  __x64_sys_openat+0x174/0x210
[  123.279157][ T6545]  ? __pfx___x64_sys_openat+0x10/0x10
[  123.279186][ T6545]  ? rcu_is_watching+0x12/0xc0
[  123.279228][ T6545]  do_syscall_64+0xcd/0x260
[  123.279259][ T6545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.279288][ T6545] RIP: 0033:0x7feeaf18d169
[  123.279312][ T6545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.279339][ T6545] RSP: 002b:00007feeb002b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  123.279369][ T6545] RAX: ffffffffffffffda RBX: 00007feeaf3a5fa0 RCX: 00007feeaf18d169
[  123.279387][ T6545] RDX: 0000000000141c02 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  123.279405][ T6545] RBP: 00007feeaf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  123.279421][ T6545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.279437][ T6545] R13: 0000000000000000 R14: 00007feeaf3a5fa0 R15: 00007ffec6cc5c98
[  123.279469][ T6545]  </TASK>
[  123.282899][   T30] audit: type=1800 audit(1032.110:4): pid=6545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.141" name="tracing_cpumask" dev="tracefs" ino=1251 res=0 errno=0
[  124.213601][ T6556] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  125.189894][ T6580] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  125.231377][ T6579] netlink: 504 bytes leftover after parsing attributes in process `syz.3.151'.
[  125.262494][ T6579] netlink: 350 bytes leftover after parsing attributes in process `syz.3.151'.
[  125.292820][ T6580] CIFS mount error: No usable UNC path provided in device string!
[  125.292820][ T6580] 
[  125.339616][ T6580] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  125.940947][ T6594] Invalid ELF header magic: != ELF
[  128.731045][ T6625] FAULT_INJECTION: forcing a failure.
[  128.731045][ T6625] name failslab, interval 1, probability 0, space 0, times 0
[  128.748605][ T6625] CPU: 0 UID: 0 PID: 6625 Comm: syz.3.163 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  128.748647][ T6625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  128.748663][ T6625] Call Trace:
[  128.748672][ T6625]  <TASK>
[  128.748683][ T6625]  dump_stack_lvl+0x16c/0x1f0
[  128.748717][ T6625]  should_fail_ex+0x512/0x640
[  128.748754][ T6625]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  128.748794][ T6625]  should_failslab+0xc2/0x120
[  128.748836][ T6625]  __kmalloc_cache_noprof+0x6a/0x3e0
[  128.748870][ T6625]  ? proc_create_net_single+0x10c/0x170
[  128.748900][ T6625]  ? fqdir_init+0x4f/0x1f0
[  128.748937][ T6625]  ? __pfx_proc_create_net_data+0x10/0x10
[  128.748971][ T6625]  fqdir_init+0x4f/0x1f0
[  128.749012][ T6625]  ipv4_frags_init_net+0x2b/0x3d0
[  128.749044][ T6625]  ? __pfx_ipv4_frags_init_net+0x10/0x10
[  128.749072][ T6625]  ops_init+0x1df/0x5f0
[  128.749126][ T6625]  setup_net+0x21e/0x850
[  128.749170][ T6625]  ? __pfx_setup_net+0x10/0x10
[  128.749205][ T6625]  ? lockdep_init_map_type+0x5c/0x280
[  128.749246][ T6625]  ? __pfx_down_read_killable+0x10/0x10
[  128.749281][ T6625]  ? debug_mutex_init+0x37/0x70
[  128.749311][ T6625]  copy_net_ns+0x2a6/0x5f0
[  128.749355][ T6625]  create_new_namespaces+0x3ea/0xad0
[  128.749398][ T6625]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  128.749434][ T6625]  ksys_unshare+0x45b/0xa40
[  128.749473][ T6625]  ? __pfx_ksys_unshare+0x10/0x10
[  128.749508][ T6625]  ? xfd_validate_state+0x5d/0x180
[  128.749537][ T6625]  ? rcu_is_watching+0x12/0xc0
[  128.749576][ T6625]  __x64_sys_unshare+0x31/0x40
[  128.749614][ T6625]  do_syscall_64+0xcd/0x260
[  128.749644][ T6625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.749672][ T6625] RIP: 0033:0x7f13d0b8d169
[  128.749696][ T6625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  128.749723][ T6625] RSP: 002b:00007f13d195f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  128.749750][ T6625] RAX: ffffffffffffffda RBX: 00007f13d0da5fa0 RCX: 00007f13d0b8d169
[  128.749769][ T6625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  128.749786][ T6625] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  128.749803][ T6625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  128.749820][ T6625] R13: 0000000000000000 R14: 00007f13d0da5fa0 R15: 00007ffed960d6d8
[  128.749850][ T6625]  </TASK>
[  129.452033][ T6634] tipc: Started in network mode
[  129.457152][ T6634] tipc: Node identity 8e4e6f15, cluster identity 4711
[  129.464258][ T6634] tipc: Node number set to 2387504917
[  130.913472][ T6643] FAULT_INJECTION: forcing a failure.
[  130.913472][ T6643] name failslab, interval 1, probability 0, space 0, times 0
[  131.002622][ T6643] CPU: 0 UID: 0 PID: 6643 Comm: syz.2.166 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  131.002666][ T6643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  131.002681][ T6643] Call Trace:
[  131.002689][ T6643]  <TASK>
[  131.002699][ T6643]  dump_stack_lvl+0x16c/0x1f0
[  131.002732][ T6643]  should_fail_ex+0x512/0x640
[  131.002765][ T6643]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  131.002806][ T6643]  should_failslab+0xc2/0x120
[  131.002852][ T6643]  __kmalloc_cache_noprof+0x6a/0x3e0
[  131.002890][ T6643]  ? loopback_open+0xa04/0x13a0
[  131.002927][ T6643]  ? kasan_save_track+0x14/0x30
[  131.002970][ T6643]  loopback_open+0xa04/0x13a0
[  131.003016][ T6643]  snd_pcm_open_substream+0xa5d/0x17f0
[  131.003053][ T6643]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  131.003086][ T6643]  ? lockdep_init_map_type+0x5c/0x280
[  131.003128][ T6643]  ? lockdep_init_map_type+0x5c/0x280
[  131.003178][ T6643]  snd_pcm_oss_open+0x735/0x13e0
[  131.003215][ T6643]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  131.003243][ T6643]  ? __lock_acquire+0xaa4/0x1ba0
[  131.003280][ T6643]  ? __pfx_default_wake_function+0x10/0x10
[  131.003312][ T6643]  ? __lock_acquire+0xaa4/0x1ba0
[  131.003355][ T6643]  ? do_raw_spin_lock+0x12c/0x2b0
[  131.003401][ T6643]  ? soundcore_open+0x35a/0x580
[  131.003443][ T6643]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  131.003472][ T6643]  soundcore_open+0x409/0x580
[  131.003514][ T6643]  ? __pfx_soundcore_open+0x10/0x10
[  131.003554][ T6643]  chrdev_open+0x231/0x6a0
[  131.003596][ T6643]  ? __pfx_apparmor_file_open+0x10/0x10
[  131.003644][ T6643]  ? __pfx_chrdev_open+0x10/0x10
[  131.003688][ T6643]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  131.003733][ T6643]  do_dentry_open+0x741/0x1c10
[  131.003771][ T6643]  ? __pfx_chrdev_open+0x10/0x10
[  131.003812][ T6643]  ? inode_permission+0xdd/0x5f0
[  131.003844][ T6643]  vfs_open+0x82/0x3f0
[  131.003869][ T6643]  ? may_open+0x1f2/0x400
[  131.003902][ T6643]  path_openat+0x1e5e/0x2d40
[  131.003949][ T6643]  ? __pfx_path_openat+0x10/0x10
[  131.003996][ T6643]  do_filp_open+0x20b/0x470
[  131.004038][ T6643]  ? __pfx_do_filp_open+0x10/0x10
[  131.004078][ T6643]  ? find_held_lock+0x2b/0x80
[  131.004121][ T6643]  ? alloc_fd+0x420/0x760
[  131.004160][ T6643]  do_sys_openat2+0x11b/0x1d0
[  131.004194][ T6643]  ? __pfx_do_sys_openat2+0x10/0x10
[  131.004222][ T6643]  ? find_held_lock+0x2b/0x80
[  131.004259][ T6643]  __x64_sys_openat+0x174/0x210
[  131.004290][ T6643]  ? __pfx___x64_sys_openat+0x10/0x10
[  131.004323][ T6643]  ? rcu_is_watching+0x12/0xc0
[  131.004361][ T6643]  do_syscall_64+0xcd/0x260
[  131.004392][ T6643]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.004420][ T6643] RIP: 0033:0x7feeaf18d169
[  131.004443][ T6643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.004469][ T6643] RSP: 002b:00007feeb000a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  131.004497][ T6643] RAX: ffffffffffffffda RBX: 00007feeaf3a6080 RCX: 00007feeaf18d169
[  131.004516][ T6643] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  131.004534][ T6643] RBP: 00007feeaf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  131.004551][ T6643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  131.004568][ T6643] R13: 0000000000000000 R14: 00007feeaf3a6080 R15: 00007ffec6cc5c98
[  131.004599][ T6643]  </TASK>
[  131.980463][ T6655] netlink: 342 bytes leftover after parsing attributes in process `syz.3.169'.
[  132.172098][ T6663] cougar: G6 mapped to space
[  133.017341][ T6672] CIFS mount error: No usable UNC path provided in device string!
[  133.017341][ T6672] 
[  133.048305][ T6672] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  133.751547][ T6692] netlink: 8 bytes leftover after parsing attributes in process `syz.0.179'.
[  133.949467][ T6698] netlink: 4 bytes leftover after parsing attributes in process `syz.2.189'.
[  134.001426][ T6698] netlink: 354 bytes leftover after parsing attributes in process `syz.2.189'.
[  135.155393][ T6700] FAULT_INJECTION: forcing a failure.
[  135.155393][ T6700] name failslab, interval 1, probability 0, space 0, times 0
[  135.174288][ T6700] CPU: 1 UID: 0 PID: 6700 Comm: syz.3.180 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  135.174330][ T6700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  135.174345][ T6700] Call Trace:
[  135.174353][ T6700]  <TASK>
[  135.174364][ T6700]  dump_stack_lvl+0x16c/0x1f0
[  135.174396][ T6700]  should_fail_ex+0x512/0x640
[  135.174429][ T6700]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  135.174472][ T6700]  should_failslab+0xc2/0x120
[  135.174516][ T6700]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  135.174560][ T6700]  ? snd_pcm_hw_rule_add+0x414/0x5a0
[  135.174603][ T6700]  krealloc_noprof+0x1fb/0x380
[  135.174645][ T6700]  snd_pcm_hw_rule_add+0x414/0x5a0
[  135.174686][ T6700]  ? __pfx_snd_pcm_hw_rule_format+0x10/0x10
[  135.174717][ T6700]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  135.174759][ T6700]  ? lockdep_init_map_type+0x5c/0x280
[  135.174799][ T6700]  ? debug_mutex_init+0x37/0x70
[  135.174826][ T6700]  ? snd_pcm_attach_substream+0x89d/0xd60
[  135.174866][ T6700]  snd_pcm_open_substream+0x534/0x17f0
[  135.174902][ T6700]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  135.174933][ T6700]  ? lockdep_init_map_type+0x5c/0x280
[  135.174971][ T6700]  ? lockdep_init_map_type+0x5c/0x280
[  135.175013][ T6700]  snd_pcm_oss_open+0x735/0x13e0
[  135.175049][ T6700]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  135.175076][ T6700]  ? __lock_acquire+0xaa4/0x1ba0
[  135.175112][ T6700]  ? __pfx_default_wake_function+0x10/0x10
[  135.175143][ T6700]  ? __lock_acquire+0xaa4/0x1ba0
[  135.175186][ T6700]  ? do_raw_spin_lock+0x12c/0x2b0
[  135.175239][ T6700]  ? soundcore_open+0x35a/0x580
[  135.175279][ T6700]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  135.175308][ T6700]  soundcore_open+0x409/0x580
[  135.175350][ T6700]  ? __pfx_soundcore_open+0x10/0x10
[  135.175387][ T6700]  chrdev_open+0x231/0x6a0
[  135.175428][ T6700]  ? __pfx_apparmor_file_open+0x10/0x10
[  135.175467][ T6700]  ? __pfx_chrdev_open+0x10/0x10
[  135.175511][ T6700]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  135.175554][ T6700]  do_dentry_open+0x741/0x1c10
[  135.175593][ T6700]  ? __pfx_chrdev_open+0x10/0x10
[  135.175635][ T6700]  ? inode_permission+0xdd/0x5f0
[  135.175667][ T6700]  vfs_open+0x82/0x3f0
[  135.175692][ T6700]  ? may_open+0x1f2/0x400
[  135.175723][ T6700]  path_openat+0x1e5e/0x2d40
[  135.175772][ T6700]  ? __pfx_path_openat+0x10/0x10
[  135.175819][ T6700]  do_filp_open+0x20b/0x470
[  135.175859][ T6700]  ? __pfx_do_filp_open+0x10/0x10
[  135.175897][ T6700]  ? find_held_lock+0x2b/0x80
[  135.175938][ T6700]  ? alloc_fd+0x420/0x760
[  135.175981][ T6700]  do_sys_openat2+0x11b/0x1d0
[  135.176010][ T6700]  ? __pfx_do_sys_openat2+0x10/0x10
[  135.176039][ T6700]  ? find_held_lock+0x2b/0x80
[  135.176074][ T6700]  __x64_sys_openat+0x174/0x210
[  135.176102][ T6700]  ? __pfx___x64_sys_openat+0x10/0x10
[  135.176132][ T6700]  ? rcu_is_watching+0x12/0xc0
[  135.176168][ T6700]  do_syscall_64+0xcd/0x260
[  135.176206][ T6700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.176236][ T6700] RIP: 0033:0x7f13d0b8d169
[  135.176259][ T6700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.176287][ T6700] RSP: 002b:00007f13d193e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  135.176315][ T6700] RAX: ffffffffffffffda RBX: 00007f13d0da6080 RCX: 00007f13d0b8d169
[  135.176333][ T6700] RDX: 0000000000020b42 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  135.176350][ T6700] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  135.176367][ T6700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  135.176383][ T6700] R13: 0000000000000000 R14: 00007f13d0da6080 R15: 00007ffed960d6d8
[  135.176414][ T6700]  </TASK>
[  135.810805][ T6714] tipc: Started in network mode
[  135.815945][ T6714] tipc: Node identity 8e4e6f15, cluster identity 4711
[  135.822830][ T6714] tipc: Node number set to 2387504917
[  136.142747][ T6721] netlink: 54 bytes leftover after parsing attributes in process `syz.0.185'.
[  138.284605][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  138.291172][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  141.031409][ T6788] netlink: 4 bytes leftover after parsing attributes in process `syz.0.204'.
[  141.061234][ T6788] netlink: 354 bytes leftover after parsing attributes in process `syz.0.204'.
[  145.904710][ T6870] FAULT_INJECTION: forcing a failure.
[  145.904710][ T6870] name failslab, interval 1, probability 0, space 0, times 0
[  145.953878][ T6870] CPU: 0 UID: 0 PID: 6870 Comm: syz.0.224 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  145.953929][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  145.953945][ T6870] Call Trace:
[  145.953954][ T6870]  <TASK>
[  145.953964][ T6870]  dump_stack_lvl+0x16c/0x1f0
[  145.953997][ T6870]  should_fail_ex+0x512/0x640
[  145.954027][ T6870]  ? __kvmalloc_node_noprof+0x122/0x600
[  145.954066][ T6870]  should_failslab+0xc2/0x120
[  145.954110][ T6870]  __kvmalloc_node_noprof+0x135/0x600
[  145.954145][ T6870]  ? alloc_netdev_mqs+0xd2/0x1570
[  145.954185][ T6870]  ? __pfx_loopback_net_init+0x10/0x10
[  145.954213][ T6870]  ? __pfx_loopback_setup+0x10/0x10
[  145.954240][ T6870]  ? alloc_netdev_mqs+0xd2/0x1570
[  145.954273][ T6870]  alloc_netdev_mqs+0xd2/0x1570
[  145.954310][ T6870]  ? __pfx_loopback_net_init+0x10/0x10
[  145.954338][ T6870]  loopback_net_init+0x38/0x170
[  145.954365][ T6870]  ? __pfx_loopback_net_init+0x10/0x10
[  145.954391][ T6870]  ops_init+0x1df/0x5f0
[  145.954429][ T6870]  setup_net+0x21e/0x850
[  145.954467][ T6870]  ? __pfx_setup_net+0x10/0x10
[  145.954500][ T6870]  ? lockdep_init_map_type+0x5c/0x280
[  145.954537][ T6870]  ? __pfx_down_read_killable+0x10/0x10
[  145.954572][ T6870]  ? debug_mutex_init+0x37/0x70
[  145.954601][ T6870]  copy_net_ns+0x2a6/0x5f0
[  145.954646][ T6870]  create_new_namespaces+0x3ea/0xad0
[  145.954687][ T6870]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  145.954725][ T6870]  ksys_unshare+0x45b/0xa40
[  145.954762][ T6870]  ? __pfx_ksys_unshare+0x10/0x10
[  145.954797][ T6870]  ? xfd_validate_state+0x5d/0x180
[  145.954826][ T6870]  ? rcu_is_watching+0x12/0xc0
[  145.954859][ T6870]  __x64_sys_unshare+0x31/0x40
[  145.954896][ T6870]  do_syscall_64+0xcd/0x260
[  145.954934][ T6870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.954962][ T6870] RIP: 0033:0x7fa1b478d169
[  145.954986][ T6870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  145.955013][ T6870] RSP: 002b:00007fa1b5552038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  145.955042][ T6870] RAX: ffffffffffffffda RBX: 00007fa1b49a5fa0 RCX: 00007fa1b478d169
[  145.955060][ T6870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  145.955076][ T6870] RBP: 00007fa1b480e2a0 R08: 0000000000000000 R09: 0000000000000000
[  145.955091][ T6870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  145.955106][ T6870] R13: 0000000000000000 R14: 00007fa1b49a5fa0 R15: 00007ffd2c3d4f08
[  145.955134][ T6870]  </TASK>
[  148.276962][ T6910] netlink: 12 bytes leftover after parsing attributes in process `syz.0.231'.
[  148.308300][ T6906] netlink: 11 bytes leftover after parsing attributes in process `syz.0.231'.
[  153.568559][ T6982] netlink: 4 bytes leftover after parsing attributes in process `syz.1.250'.
[  153.579417][ T6982] netlink: 354 bytes leftover after parsing attributes in process `syz.1.250'.
[  154.590956][ T5842] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260
[  155.585214][ T7025] netlink: 28 bytes leftover after parsing attributes in process `syz.3.262'.
[  155.691518][ T7025] veth0_macvtap: left promiscuous mode
[  155.715195][ T7025] macvtap0: entered promiscuous mode
[  155.758640][ T7025] macvtap0: entered allmulticast mode
[  156.691902][   T30] audit: type=1800 audit(4294968331.034:5): pid=7032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.257" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  163.836385][ T7107] 
: entered promiscuous mode
[  164.405500][ T7119] FAULT_INJECTION: forcing a failure.
[  164.405500][ T7119] name failslab, interval 1, probability 0, space 0, times 0
[  164.441592][ T7121] FAULT_INJECTION: forcing a failure.
[  164.441592][ T7121] name failslab, interval 1, probability 0, space 0, times 0
[  164.460056][ T7121] CPU: 1 UID: 0 PID: 7121 Comm: syz.1.287 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  164.460096][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.460113][ T7121] Call Trace:
[  164.460121][ T7121]  <TASK>
[  164.460130][ T7121]  dump_stack_lvl+0x16c/0x1f0
[  164.460162][ T7121]  should_fail_ex+0x512/0x640
[  164.460205][ T7121]  ? __kmalloc_noprof+0xbf/0x510
[  164.460240][ T7121]  ? __register_sysctl_table+0xb3/0x1900
[  164.460265][ T7121]  should_failslab+0xc2/0x120
[  164.460302][ T7121]  __kmalloc_noprof+0xd2/0x510
[  164.460339][ T7121]  __register_sysctl_table+0xb3/0x1900
[  164.460368][ T7121]  ? __pfx___register_sysctl_table+0x10/0x10
[  164.460391][ T7121]  ? is_module_address+0x2a/0x50
[  164.460420][ T7121]  ? register_net_sysctl_sz+0x228/0x3e0
[  164.460456][ T7121]  ? __asan_memcpy+0x3c/0x60
[  164.460485][ T7121]  lowpan_frags_init_net+0x254/0x3a0
[  164.460520][ T7121]  ? __pfx_lowpan_frags_init_net+0x10/0x10
[  164.460552][ T7121]  ops_init+0x1df/0x5f0
[  164.460586][ T7121]  setup_net+0x21e/0x850
[  164.460619][ T7121]  ? __pfx_setup_net+0x10/0x10
[  164.460649][ T7121]  ? lockdep_init_map_type+0x5c/0x280
[  164.460680][ T7121]  ? __pfx_down_read_killable+0x10/0x10
[  164.460708][ T7121]  ? debug_mutex_init+0x37/0x70
[  164.460731][ T7121]  copy_net_ns+0x2a6/0x5f0
[  164.460768][ T7121]  create_new_namespaces+0x3ea/0xad0
[  164.460801][ T7121]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  164.460830][ T7121]  ksys_unshare+0x45b/0xa40
[  164.460861][ T7121]  ? __pfx_ksys_unshare+0x10/0x10
[  164.460889][ T7121]  ? xfd_validate_state+0x5d/0x180
[  164.460911][ T7121]  ? rcu_is_watching+0x12/0xc0
[  164.460938][ T7121]  __x64_sys_unshare+0x31/0x40
[  164.460966][ T7121]  do_syscall_64+0xcd/0x260
[  164.460990][ T7121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.461012][ T7121] RIP: 0033:0x7fec8058d169
[  164.461036][ T7121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.461057][ T7121] RSP: 002b:00007fec814c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  164.461079][ T7121] RAX: ffffffffffffffda RBX: 00007fec807a5fa0 RCX: 00007fec8058d169
[  164.461093][ T7121] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  164.461106][ T7121] RBP: 00007fec8060e2a0 R08: 0000000000000000 R09: 0000000000000000
[  164.461119][ T7121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.461133][ T7121] R13: 0000000000000000 R14: 00007fec807a5fa0 R15: 00007ffd79039218
[  164.461158][ T7121]  </TASK>
[  164.461171][ T7119] CPU: 0 UID: 0 PID: 7119 Comm: syz.2.286 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  164.461211][ T7119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  164.461225][ T7119] Call Trace:
[  164.461233][ T7119]  <TASK>
[  164.461244][ T7119]  dump_stack_lvl+0x16c/0x1f0
[  164.461271][ T7119]  should_fail_ex+0x512/0x640
[  164.461301][ T7119]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[  164.461346][ T7119]  should_failslab+0xc2/0x120
[  164.461382][ T7119]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[  164.461421][ T7119]  ? __lock_acquire+0xaa4/0x1ba0
[  164.461450][ T7119]  ? kstrdup_const+0x63/0x80
[  164.461490][ T7119]  kstrdup+0x53/0x100
[  164.461524][ T7119]  kstrdup_const+0x63/0x80
[  164.461551][ T7119]  __kernfs_new_node+0x9b/0x8a0
[  164.461591][ T7119]  ? __pfx___kernfs_new_node+0x10/0x10
[  164.461632][ T7119]  ? __lock_acquire+0xaa4/0x1ba0
[  164.461678][ T7119]  kernfs_new_node+0x186/0x240
[  164.461707][ T7119]  kernfs_create_link+0xcc/0x240
[  164.461740][ T7119]  sysfs_do_create_link_sd+0x90/0x140
[  164.461779][ T7119]  sysfs_create_link+0x61/0xc0
[  164.461813][ T7119]  device_add+0x62c/0x1a70
[  164.461842][ T7119]  ? __pfx_device_add+0x10/0x10
[  164.461868][ T7119]  ? lockdep_init_map_type+0x5c/0x280
[  164.461898][ T7119]  ? __init_waitqueue_head+0xca/0x150
[  164.461927][ T7119]  netdev_register_kobject+0x182/0x3a0
[  164.461986][ T7119]  register_netdevice+0x13dc/0x2040
[  164.462030][ T7119]  ? __pfx_register_netdevice+0x10/0x10
[  164.462067][ T7119]  ? alloc_netdev_mqs+0xe7e/0x1570
[  164.462107][ T7119]  ? __pfx_loopback_net_init+0x10/0x10
[  164.462134][ T7119]  register_netdev+0x34/0x50
[  164.462168][ T7119]  loopback_net_init+0x7a/0x170
[  164.462195][ T7119]  ? __pfx_loopback_net_init+0x10/0x10
[  164.462220][ T7119]  ops_init+0x1df/0x5f0
[  164.462255][ T7119]  setup_net+0x21e/0x850
[  164.462289][ T7119]  ? __pfx_setup_net+0x10/0x10
[  164.462321][ T7119]  ? lockdep_init_map_type+0x5c/0x280
[  164.462356][ T7119]  ? __pfx_down_read_killable+0x10/0x10
[  164.462389][ T7119]  ? debug_mutex_init+0x37/0x70
[  164.462416][ T7119]  copy_net_ns+0x2a6/0x5f0
[  164.462452][ T7119]  create_new_namespaces+0x3ea/0xad0
[  164.462488][ T7119]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  164.462518][ T7119]  ksys_unshare+0x45b/0xa40
[  164.462551][ T7119]  ? __pfx_ksys_unshare+0x10/0x10
[  164.462583][ T7119]  ? xfd_validate_state+0x5d/0x180
[  164.462608][ T7119]  ? rcu_is_watching+0x12/0xc0
[  164.462638][ T7119]  __x64_sys_unshare+0x31/0x40
[  164.462669][ T7119]  do_syscall_64+0xcd/0x260
[  164.462697][ T7119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.462724][ T7119] RIP: 0033:0x7feeaf18d169
[  164.462746][ T7119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.462769][ T7119] RSP: 002b:00007feeb002b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  164.462795][ T7119] RAX: ffffffffffffffda RBX: 00007feeaf3a5fa0 RCX: 00007feeaf18d169
[  164.462812][ T7119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  164.462827][ T7119] RBP: 00007feeaf20e2a0 R08: 0000000000000000 R09: 0000000000000000
[  164.462841][ T7119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  164.462853][ T7119] R13: 0000000000000000 R14: 00007feeaf3a5fa0 R15: 00007ffec6cc5c98
[  164.462870][ T7119]  </TASK>
[  165.663759][ T7132] zswap: compressor  not available
[  167.195516][ T7170] netlink: 28 bytes leftover after parsing attributes in process `syz.1.299'.
[  168.455969][ T7183] 
[  168.458393][ T7183] ======================================================
[  168.465514][ T7183] WARNING: possible circular locking dependency detected
[  168.472557][ T7183] 6.14.0-syzkaller-05877-g1a9239bb4253 #0 Not tainted
[  168.479327][ T7183] ------------------------------------------------------
[  168.486378][ T7183] syz.3.303/7183 is trying to acquire lock:
[  168.492444][ T7183] ffff888026059958 (&q->elevator_lock){+.+.}-{4:4}, at: elv_iosched_store+0x201/0x5f0
[  168.502201][ T7183] 
[  168.502201][ T7183] but task is already holding lock:
[  168.509659][ T7183] ffff888026059428 (&q->q_usage_counter(io)#58){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  168.520928][ T7183] 
[  168.520928][ T7183] which lock already depends on the new lock.
[  168.520928][ T7183] 
[  168.531426][ T7183] 
[  168.531426][ T7183] the existing dependency chain (in reverse order) is:
[  168.540638][ T7183] 
[  168.540638][ T7183] -> #2 (&q->q_usage_counter(io)#58){++++}-{0:0}:
[  168.549501][ T7183]        blk_alloc_queue+0x619/0x760
[  168.554976][ T7183]        blk_mq_alloc_queue+0x179/0x290
[  168.560706][ T7183]        __blk_mq_alloc_disk+0x29/0x120
[  168.566450][ T7183]        nbd_dev_add+0x49d/0xbb0
[  168.571523][ T7183]        nbd_init+0x181/0x320
[  168.576314][ T7183]        do_one_initcall+0x120/0x6e0
[  168.581698][ T7183]        kernel_init_freeable+0x5c2/0x900
[  168.587518][ T7183]        kernel_init+0x1c/0x2b0
[  168.592371][ T7183]        ret_from_fork+0x45/0x80
[  168.597309][ T7183]        ret_from_fork_asm+0x1a/0x30
[  168.602688][ T7183] 
[  168.602688][ T7183] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  168.609919][ T7183]        fs_reclaim_acquire+0x102/0x150
[  168.615471][ T7183]        blk_mq_alloc_and_init_hctx+0x503/0x11c0
[  168.621818][ T7183]        blk_mq_realloc_hw_ctxs+0x8f6/0xc00
[  168.627904][ T7183]        blk_mq_init_allocated_queue+0x3af/0x1230
[  168.634323][ T7183]        blk_mq_alloc_queue+0x1c2/0x290
[  168.640067][ T7183]        __blk_mq_alloc_disk+0x29/0x120
[  168.645716][ T7183]        loop_add+0x496/0xb70
[  168.650396][ T7183]        loop_init+0x164/0x270
[  168.655160][ T7183]        do_one_initcall+0x120/0x6e0
[  168.660465][ T7183]        kernel_init_freeable+0x5c2/0x900
[  168.666207][ T7183]        kernel_init+0x1c/0x2b0
[  168.671078][ T7183]        ret_from_fork+0x45/0x80
[  168.676014][ T7183]        ret_from_fork_asm+0x1a/0x30
[  168.681497][ T7183] 
[  168.681497][ T7183] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[  168.689508][ T7183]        __lock_acquire+0x1173/0x1ba0
[  168.695020][ T7183]        lock_acquire+0x179/0x350
[  168.700079][ T7183]        __mutex_lock+0x19a/0xb00
[  168.705393][ T7183]        elv_iosched_store+0x201/0x5f0
[  168.710965][ T7183]        queue_attr_store+0x270/0x310
[  168.717142][ T7183]        sysfs_kf_write+0x117/0x170
[  168.722452][ T7183]        kernfs_fop_write_iter+0x349/0x510
[  168.728365][ T7183]        iter_file_splice_write+0x91c/0x1150
[  168.734442][ T7183]        direct_splice_actor+0x18f/0x6c0
[  168.740092][ T7183]        splice_direct_to_actor+0x342/0xa30
[  168.746005][ T7183]        do_splice_direct+0x174/0x240
[  168.751561][ T7183]        do_sendfile+0xafd/0xe50
[  168.756523][ T7183]        __x64_sys_sendfile64+0x1d8/0x220
[  168.762259][ T7183]        do_syscall_64+0xcd/0x260
[  168.767549][ T7183]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.774029][ T7183] 
[  168.774029][ T7183] other info that might help us debug this:
[  168.774029][ T7183] 
[  168.784258][ T7183] Chain exists of:
[  168.784258][ T7183]   &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#58
[  168.784258][ T7183] 
[  168.798109][ T7183]  Possible unsafe locking scenario:
[  168.798109][ T7183] 
[  168.805744][ T7183]        CPU0                    CPU1
[  168.811250][ T7183]        ----                    ----
[  168.816906][ T7183]   lock(&q->q_usage_counter(io)#58);
[  168.822374][ T7183]                                lock(fs_reclaim);
[  168.829092][ T7183]                                lock(&q->q_usage_counter(io)#58);
[  168.837270][ T7183]   lock(&q->elevator_lock);
[  168.841948][ T7183] 
[  168.841948][ T7183]  *** DEADLOCK ***
[  168.841948][ T7183] 
[  168.850191][ T7183] 5 locks held by syz.3.303/7183:
[  168.855294][ T7183]  #0: ffff888036668420 (sb_writers#7){.+.+}-{0:0}, at: splice_direct_to_actor+0x342/0xa30
[  168.865440][ T7183]  #1: ffff888065d5cc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x287/0x510
[  168.875286][ T7183]  #2: ffff88801f72ed28 (kn->active#93){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2aa/0x510
[  168.885313][ T7183]  #3: ffff888026059428 (&q->q_usage_counter(io)#58){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  168.897048][ T7183]  #4: ffff888026059460 (&q->q_usage_counter(queue)#10){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  168.909011][ T7183] 
[  168.909011][ T7183] stack backtrace:
[  168.914917][ T7183] CPU: 0 UID: 0 PID: 7183 Comm: syz.3.303 Not tainted 6.14.0-syzkaller-05877-g1a9239bb4253 #0 PREEMPT(full) 
[  168.914939][ T7183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  168.914955][ T7183] Call Trace:
[  168.914961][ T7183]  <TASK>
[  168.914968][ T7183]  dump_stack_lvl+0x116/0x1f0
[  168.915006][ T7183]  print_circular_bug+0x275/0x350
[  168.915029][ T7183]  check_noncircular+0x14c/0x170
[  168.915051][ T7183]  __lock_acquire+0x1173/0x1ba0
[  168.915074][ T7183]  ? __lock_acquire+0xaa4/0x1ba0
[  168.915096][ T7183]  lock_acquire+0x179/0x350
[  168.915117][ T7183]  ? elv_iosched_store+0x201/0x5f0
[  168.915139][ T7183]  ? __pfx___might_resched+0x10/0x10
[  168.915160][ T7183]  __mutex_lock+0x19a/0xb00
[  168.915176][ T7183]  ? elv_iosched_store+0x201/0x5f0
[  168.915196][ T7183]  ? mark_held_locks+0x49/0x80
[  168.915216][ T7183]  ? elv_iosched_store+0x201/0x5f0
[  168.915236][ T7183]  ? lockdep_hardirqs_on+0x7c/0x110
[  168.915264][ T7183]  ? __pfx___mutex_lock+0x10/0x10
[  168.915279][ T7183]  ? blk_mq_freeze_queue_wait+0xad/0x1b0
[  168.915304][ T7183]  ? __pfx_autoremove_wake_function+0x10/0x10
[  168.915326][ T7183]  ? elv_iosched_store+0x201/0x5f0
[  168.915346][ T7183]  elv_iosched_store+0x201/0x5f0
[  168.915366][ T7183]  ? do_syscall_64+0xcd/0x260
[  168.915381][ T7183]  ? __pfx_elv_iosched_store+0x10/0x10
[  168.915402][ T7183]  ? __mutex_trylock_common+0xe9/0x250
[  168.915425][ T7183]  ? __pfx_elv_iosched_store+0x10/0x10
[  168.915445][ T7183]  queue_attr_store+0x270/0x310
[  168.915470][ T7183]  ? __pfx_queue_attr_store+0x10/0x10
[  168.915495][ T7183]  ? __lock_acquire+0x5ca/0x1ba0
[  168.915517][ T7183]  ? kernfs_fop_write_iter+0x287/0x510
[  168.915540][ T7183]  ? __pfx_queue_attr_store+0x10/0x10
[  168.915565][ T7183]  sysfs_kf_write+0x117/0x170
[  168.915585][ T7183]  kernfs_fop_write_iter+0x349/0x510
[  168.915604][ T7183]  ? __pfx_sysfs_kf_write+0x10/0x10
[  168.915625][ T7183]  iter_file_splice_write+0x91c/0x1150
[  168.915651][ T7183]  ? __pfx_iter_file_splice_write+0x10/0x10
[  168.915675][ T7183]  ? __pfx_copy_splice_read+0x10/0x10
[  168.915700][ T7183]  ? __pfx_iter_file_splice_write+0x10/0x10
[  168.915723][ T7183]  direct_splice_actor+0x18f/0x6c0
[  168.915746][ T7183]  splice_direct_to_actor+0x342/0xa30
[  168.915768][ T7183]  ? __pfx_direct_splice_actor+0x10/0x10
[  168.915792][ T7183]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  168.915816][ T7183]  do_splice_direct+0x174/0x240
[  168.915837][ T7183]  ? __pfx_do_splice_direct+0x10/0x10
[  168.915859][ T7183]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  168.915881][ T7183]  ? rw_verify_area+0xcf/0x680
[  168.915901][ T7183]  do_sendfile+0xafd/0xe50
[  168.915922][ T7183]  ? __pfx_do_sendfile+0x10/0x10
[  168.915943][ T7183]  ? __x64_sys_futex+0x1e0/0x4c0
[  168.915962][ T7183]  ? __x64_sys_futex+0x1e9/0x4c0
[  168.915981][ T7183]  __x64_sys_sendfile64+0x1d8/0x220
[  168.916002][ T7183]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  168.916016][ T7183]  ? rcu_is_watching+0x12/0xc0
[  168.916033][ T7183]  do_syscall_64+0xcd/0x260
[  168.916049][ T7183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.916066][ T7183] RIP: 0033:0x7f13d0b8d169
[  168.916080][ T7183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  168.916096][ T7183] RSP: 002b:00007f13d195f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  168.916112][ T7183] RAX: ffffffffffffffda RBX: 00007f13d0da5fa0 RCX: 00007f13d0b8d169
[  168.916123][ T7183] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[  168.916132][ T7183] RBP: 00007f13d0c0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  168.916142][ T7183] R10: 00000000000007ff R11: 0000000000000246 R12: 0000000000000000
[  168.916151][ T7183] R13: 0000000000000000 R14: 00007f13d0da5fa0 R15: 00007ffed960d6d8
[  168.916164][ T7183]  </TASK>