last executing test programs:

2m34.753566709s ago: executing program 0 (id=4025):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto_SO_PEERSEC(0xffffffffffffffff, 0x6, 0x1f, 0x0, &(0x7f0000000200)=0x8)
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
r3 = socket(0xa, 0x3, 0x3b)
getsockopt$auto(r3, 0x3a, 0x20, 0x0, 0x0)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x20)

2m34.588458928s ago: executing program 0 (id=4028):
mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x1e, 0x1, 0x0)
socket(0x2b, 0x1, 0x1)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000040)={0x4, "87fe7b014077e08701ee88c6923077b8542c55f8c30ccb575540f50c0a515ca3", @inferred=r1})
r3 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
read$auto(r3, &(0x7f0000000080)='\xbb\x00', 0x3)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0xd5b, 0xc, 0x8001, 0x1, 0x2, 0x15f4da0a, 0x7fff, 0x3, 0x300000000000600, 0x5, 0x1f, 0x5, 0x5, 0x9]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x2, 0x1)
socket(0x15, 0x5, 0x0)
io_uring_setup$auto(0x6, 0x0)
exit$auto(0x7)
ioctl$auto(0x3, 0xff08, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0xc)
epoll_create$auto(0x3e)
epoll_ctl$auto(r0, 0x7, r2, 0x0)

2m33.624912796s ago: executing program 0 (id=4033):
socket(0x2b, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
write$auto(0xca, &(0x7f0000000040)='\x04>\x01\x01\x00\x1a\x1e`<I}\xe8N\x94\xf2\xa2\x00\x00\f\x15\xd8a\x8b\x06\x9e\xae\x87\\\xfd\x01U\xc8\x911.\xb0`T\xd3M\x8a\xbf\xcd\xb2\tBAh\xe3\x02K\xfcS_\x8a\xfe|\xe4\xc9\xf5\x1c2]\x8aY\xea,\xf7\xaaX\xe3\xd7\x84\xb8o\xe6\xac>d\xf8\x00'/92, 0x9)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f0000000000)={{0x4d4, 0x2}, {0xfe, 0x7}}, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x5, 0x84)
sendto$auto(r0, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "000000000000fe8000"}, 0x1f)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x7, 0x3, 0x4)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
madvise$auto(0x0, 0x2003f0, 0x18)

2m32.420192365s ago: executing program 0 (id=4039):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
r0 = socket(0x2, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x23, 0x80805, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000c80)={0x9, &(0x7f0000000c40)={0x6, 0x6, 0x6, @inferred=r1}})
ioctl$auto_VHOST_SET_VRING_KICK2(r3, 0x4008af20, &(0x7f0000000cc0)={0x7, r0})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4d5f28bd7000fd6dd6251100000014003880210000800b000600519c7b06000000008c96d9069b1717da9867b151486c55ee8b274a07567d191dd0776867dcffcf94813bf63e5af7b94a2996c029d309de1b7cb6091e4d3943ca4d0686be1316a1088d42247ef7295f6152711aefb76a7dc02f7d0c001bdeff7781978dd3b6410fb1fa4fd4d191"], 0x28}, 0x1, 0x0, 0x0, 0x40004001}, 0x8886)
syz_clone3(&(0x7f0000000340)={0x62030000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=<r6=>0x0, {0x12}, &(0x7f0000000240)=""/42, 0x2a, &(0x7f0000000280)=""/77, &(0x7f0000000300)=[0x0, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5b0, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_BEACON_TAIL={0x1f1, 0xf, "1773b1b55e2cfa8c8b9dd4e4741613ac6ba81d663cb88c731c865ac9ba5fb38713fc7e8f7e1737f0a76734894a068cb43f43fd37c7c700e0f87e4ca6b6c69a835d1e485ae9e00fd9daebc261f61d35115539b463c0d96e8ed4f38f20689a5ac2a285ee6dc5de86c5fe20be9cd878dec524b86d9cff79d691942f0a0b3a9562a9e930fec73b11542c9edf634ce1d7a8c64f19c4ed846c79e1ed2a6d209732addc2e407b71c4f0e28ce546228a106863eaac20e3a63c268ee4664a1b87ac274c45f9e3113296b05f4be41126f699ffcf4e952c403366e38fe2d7f72fffa90fda69592ad1897c2b51f1b52b1cbd9bf13f37223516e6bda7e6e1f4592b4685dd6bdbc68cc655904f441f7372c61da24d4c125b7d18e2151b56723b808f9b70fd359dcb4adc0798ee75b8e5a82bcc0385a4cce14e155f86c0eb8c64c3fdf2aa3dc89bff7ae31da4c9f76e635a4b103b42bcd17bdc0aa7a40e1c17147bbf03aaf290b41c8f8998226ce626d0ba011d41ea81781bb5884708e62c2279fed82567f75716670a32bbe38306aee818b337f9608b3dd4825950b1e489e6bd2d9de95d67e2ff7463e860d32771de83f6f341cdd1b24aa47532e1a5279fd2ce267e02245af6bc625439fcd9ed29e4fd1e1854fa1b0df79cb0e11c447e7e2de2cf81e3cae9bc60c1da749be81066ba674b0d0f05"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x29a, 0x2c, 0x0, 0x1, [@typed={0x15, 0xe9, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0x8, 0x13b, 0x0, 0x0, @pid=r6}, @nested={0x164, 0x48, 0x0, 0x1, [@typed={0x4, 0x11}, @typed={0x15, 0x4f, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0xf9, 0xfd, 0x0, 0x0, @binary="7195759944075f3fd6d489ad87222cf3ac97596441f982e363fe2d35bf69fe94e3e95b1cdc4330c1bd63d17f8f93069279373928c6a83a42b545d213175cdb279354d092e3f8bf2bed9ef38cc3567b021f1a74cff13876af7fbe14072a53ea5dc4f7289b781d2e98ab1d0d461c62ba73b00b7a86c8f80861f254e4d46ca541b35a027a6687a5197a6a2ca29d3e7d7dec3e546d26620604c3a877f115fc0252f3ed18efe0e33e01b733a7fe6e17bc5a98aa1516301edc12050832b79bd242754d9041fd403576569e3f78f92b4cb2d965f6e51994521c240b20364ce03cc7bfdfc666114854d39c871cc2e2fa344a82a6186b515d0e"}, @nested={0x4, 0x1d}, @nested={0x4, 0x3}, @generic="22c153e38bf9cac74acc3b9787a0325ff48fab113d81e6c37952c7587845fbabba665ec566c481524dd8d1df91833985974795c7c3c1e91520688600d3315946"]}, @generic="ebdeec4e679ccbb22a4dd2198625a68ad4bc7c5d67d7c73f23b3759a987a82ec2901b77f684aaa2f7aca9c73246f62e79b1f7940754ad8153976f4fdff78ac482ccdb84c395320a063d773a8a0a9a7233bf42ea7a6960a6af61e60eb8ac8d0fd28bd7fe516777f51e2a616f96cf08acb06ec79c0707ec4abd8c04a877c57de69cc549dfaba2c6540d50681b33aa1e37287e035b31aaba20ce370ddeb9517ba99abbb5f7364e30654fea602900856c78d85cddfea7daac1aaf8f81822cb1540648ddc77957655c2bf1e46040540bf41081e09093e8131da69141d", @nested={0x36, 0x6e, 0x0, 0x1, [@typed={0x4, 0x8d}, @nested={0x4, 0x48}, @generic="97f52214b1848faf4eb8f216494e60392bb5", @nested={0x4, 0x4a}, @typed={0x14, 0xa8, 0x0, 0x0, @ipv6=@remote}]}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xfffffff8}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x9}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xf5, 0xe8, "610948cd915ca50757ba5740c617761b66f78e1d6f9ae09aea73ecbcadc05d5453e357132541ed2cc0689cf25c93e20c56572274f3b883d468decda544eb6aed8b1b4d01e2de848246beca9c576be2bdc144d6216004e9764b89ada530a7a55ed75df5da75faf89b62ee0672d3fac2ae975118a63975a3a08ad612a1197d032046895a1f0c4bb6bb2c1bef8ea2a17499843dea1ed4125e2d2a29408a626ea128f3e3678b59fe28274bffd3cb80124b2f441927df0998ff54c331c51dd23f10f7ed528dd9df0f4b3ed9ffbbcdecaa0cd0d1100cd5a242182884f7f0595fb5564ed3ada57caf6d4d63860be6d303e291dcf8"}]}, 0x5b0}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040044)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000c00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x150, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_QOS_MAP={0xe4, 0xc7, "e1881ac5ae2a0b513b93f81dbdf7ceba316ae480c88440dda4f32f43af9a9ec3bec2e7beaa7323b51b48047df125dc69c591be0831057b901a4b479166c455c46acd05b1fe75180b5827d51bf3e3777b1a38778c02479a3e62dd43eb2d6f511206de787e45f3aae386bf64b7d1d511f231d4227ea6971dcc34adae6fde7d380810101ea219449d27b56e75108fabc852d4d650cc17aa612232c2792133c8c9744e4cbe50d13a3130757091c4d4af80939886c97e7c2d12f8065f514a39a8080be860faa759fa21b71665590d45766909343f1902a187a57339b57e3618fa5760"}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0xfffffdf7}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x2}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xd}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_FILS_KEK={0x8, 0xf2, '!T2b'}, @NL80211_ATTR_SSID={0x15, 0x34, "90afdd040ceff2a616d50d00979fe41db8"}, @NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0x14, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x5}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xa7a0}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x8840}, 0x4)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x8240, 0x0)

2m31.226902548s ago: executing program 0 (id=4046):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0xfeffffff, 0x0)
mmap$auto(0x0, 0xf92c, 0x4000000000df, 0xeb1, 0x401, 0x2000000000004000)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)

2m30.107728324s ago: executing program 0 (id=4050):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x109000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x80805, 0x0)
memfd_secret$auto(0x0)
socket(0x2b, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
getsockopt$auto(0x6, 0x84, 0x18, 0x0, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
madvise$auto(0x200000000008000, 0xffffffffffff0005, 0x404)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0)
sendmsg$auto_GTP_CMD_DELPDP(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000040)={0xe, <r2=>r0})
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000140)="671d264add77b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763c1dbfee3f787fc87cd0f5600ac8caf4bde4c30b530ac6ebbff", 0x37)
r3 = socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0xf8, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xe1, 0x3, 0x0, 0x1, [@typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x4, 0x2a}, @typed={0x4, 0x11}, @typed={0x8, 0x2e, 0x0, 0x0, @fd}, @generic="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b6cdd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014", @nested={0x10, 0x5, 0x0, 0x1, [@typed={0xc, 0xc5, 0x0, 0x0, @u64=0x3}]}, @generic="21aadf3f78e2cd52d7f733c38da99fe8ec1ead"]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
setns(r2, 0x20000000)

2m14.772407099s ago: executing program 32 (id=4050):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x109000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x23, 0x80805, 0x0)
memfd_secret$auto(0x0)
socket(0x2b, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
getsockopt$auto(0x6, 0x84, 0x18, 0x0, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
madvise$auto(0x200000000008000, 0xffffffffffff0005, 0x404)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0)
sendmsg$auto_GTP_CMD_DELPDP(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@GTPA_FLOW={0x6, 0x6, 0x3}, @GTPA_I_TEI={0x8, 0x8, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_VHOST_SET_VRING_CALL(0xffffffffffffffff, 0x4008af21, &(0x7f0000000040)={0xe, <r2=>r0})
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000140)="671d264add77b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763c1dbfee3f787fc87cd0f5600ac8caf4bde4c30b530ac6ebbff", 0x37)
r3 = socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0xf8, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_LINKMODES_OURS={0xe1, 0x3, 0x0, 0x1, [@typed={0x8, 0xc0, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x4, 0x2a}, @typed={0x4, 0x11}, @typed={0x8, 0x2e, 0x0, 0x0, @fd}, @generic="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b6cdd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014", @nested={0x10, 0x5, 0x0, 0x1, [@typed={0xc, 0xc5, 0x0, 0x0, @u64=0x3}]}, @generic="21aadf3f78e2cd52d7f733c38da99fe8ec1ead"]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x50)
setns(r2, 0x20000000)

27.569431872s ago: executing program 2 (id=4634):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
bpf$auto(0x9, 0x0, 0x18)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x19, &(0x7f0000000040), 0x4)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xaea3, 0x10000000000402)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0xfffffffffffff000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})

26.442424437s ago: executing program 2 (id=4638):
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
mmap$auto(0x0, 0x8, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
lseek$auto(r0, 0xf3f, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x3d, 0x200000000045f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x1, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xffffffff]}, 0x9, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x7})
ioctl$auto(0xc8, 0x894c, 0x5c8d)
socket(0x2a, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b)
removexattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0xd5f, &(0x7f0000000040)='/\x00')
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0)
read$auto(r2, 0x0, 0x18)
write$auto(0x3, 0x0, 0xfdef)

26.23304277s ago: executing program 2 (id=4641):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto_SO_PEERSEC(0xffffffffffffffff, 0x6, 0x1f, 0x0, &(0x7f0000000200)=0x8)
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
r3 = socket(0xa, 0x3, 0x3b)
getsockopt$auto(r3, 0x3a, 0x20, 0x0, 0x0)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x15, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x20)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0x8}, 0x800}, 0x107, 0x400a)

25.357358889s ago: executing program 2 (id=4647):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054)
r1 = socketpair$auto(0x0, 0x200, 0xc7, &(0x7f00000000c0)=0xff)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0)
mmap$auto(0x0, 0xb991, 0x5, 0x19, 0xffffffffffffffff, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/jfs/loglevel\x00', 0x1a9701, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
connect$auto(0x3, &(0x7f0000000140), 0x55)
fcntl$auto_F_RDLCK(r1, 0x4, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x6)
r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000123bd7000fbdbdf250400000008000100ff0f000004000600"], 0x20}, 0x1, 0x0, 0x0, 0x40008c0}, 0x8000000)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0xa, 0xdf, 0x9b72, 0x2, 0x8001)
mlockall$auto(0x7)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(r0, 0x901064ae, 0x4)
sysfs$auto(0x2, 0x8000000000000000, 0xb)

23.928211714s ago: executing program 2 (id=4654):
mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff})
close_range$auto(0x2, 0x8, 0x0)
socket(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x5, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x8, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x20000, 0x0)

23.770180077s ago: executing program 1 (id=4655):
mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000)
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff})
close_range$auto(0x2, 0x8, 0x0)
socket(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x8, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x2, 0x801, 0x100)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
getsockopt$auto(0x4, 0x6, 0x6, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
r2 = gettid()
process_vm_readv$auto(r2, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x20000, 0x0)

22.796609886s ago: executing program 2 (id=4660):
sysfs$auto(0x2, 0x10000000000002a, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x6, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x401, 0xfffffffffffffffd, 0xd4, 0x4, 0x28c, 0x0, 0x3, 0x1, 0x9, {0xfffffffe, 0x10000}, 0x5, 0x6, 0xfffffffffff7fffd, 0x1007ffd, 0x0, 0xfe, 0x81, 0xffffffffffff628e, 0xa749, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
setsockopt$auto(0x3, 0x0, 0x13, 0xffffffffffffffff, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3a600, 0x0)
r2 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0)
writev$auto(r2, &(0x7f0000001040)={0x0, 0x7fff}, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendmsg$auto_NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[@ANYBLOB="24020000", @ANYRES16=0x0, @ANYBLOB="00042cbd7000fcdbdf250100000004000780080005000900000008000200ba4d2406ad01088014000400200100000000000000000000000000024b355a7d87f7b4f825a4a32d7dfa4ee030a8ba8339836473c6adba8b7388e7f88d51c075f83f22a245691267852d736f73b58f947976a14944c5f83e3de059bd70c89a7d2c62db2b6f455e5749a8814a762bc1f104ffec1a139bb0679c984bef8347332d48ff772a0af2bf248adab10c5040d1af4a74769649db6c36f033c580991b176adb52448ed07ad8a08b7702a852f1000c80ac3e30a94c5b0434db050d91bd33fad83a5fb91445bed981a2c4498e92b08be4b372be3c7a78d712f5a27dbb7f6a9f4eb0380904000280080016000600000008002b00", @ANYRES32, @ANYBLOB="68a8105d08ce306178305fb4613924c9e754c150257c028dcb51de1fcccdce0696066efcdae939f778a147bda713ffe2a9f3f267b71b6fb15c748d05d1cbaa37757798b91f63f6f92d2f6d3322ccb4238f20945854c197e4e02431baeb82189b9b8df92443e8af715b967afb9f2ca7e823aec8aef56f85a48e711ca58408739186a4bfbb9f819de994b628151ae6e9067dc860584ac9fe7c3aa9b2b970026e9581d7e9aa4e690000001000898004007d800800f100", @ANYRES32, @ANYBLOB="000000080002000700000042000b80d6a878d8fe755a7537a430b0b0568a157040b88fa8824641bb79f0a9846f9304ade1006e72eafe1e10f09de86f2422f3f20000d497941a72b36917619ea2942ec36db90d78954c7925b818260346278c60859ce38c0a238c8eb1f9747ccf9d7d31e5402dc9fa907c45af9efcbbd8f5ff9355daa9b909bdf8bfc15a21a53170739f6d6af5dcc2ca11751b9aa5f8e81b8a0653dd09915facbac7dfb89b78cc2af3eceea78ef0ce7f08dcab12e3216c49781e432a57b4aa8debfc9607fa38bcbc01f7d93c62ecf9045a895a8aea3a396d4efddd7fe8b53b376bad9d94de7895e99e15daf103f99c2fbd57b4d82d3beb0f1c905631a3b4a4e982cba08e952be2dd6413f62b64ffb5ba67e705faef419dd73a8ce4f3706ec5e790b7fd87cf76"], 0x224}, 0x1, 0x0, 0x0, 0x801}, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r5, @ANYBLOB="08009e"], 0x24}}, 0x4000000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
getcpu$auto(&(0x7f00000002c0)=0x9, &(0x7f0000000300)=0x8, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
ioctl$auto_KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000000)=0x3)
mmap$auto(0x9, 0x9, 0x5, 0x12, r0, 0x58b5)
r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x8f3b7a51b80ebd01, 0x0)
ioctl$auto_USBDEVFS_CONTROL32(r6, 0xc0105500, &(0x7f0000000080)={0x7a, 0x7d, 0x7, 0x4, 0x100, 0x7, 0xa})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0)

22.205604111s ago: executing program 1 (id=4669):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
r0 = socket(0x2, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x23, 0x80805, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000c80)={0x9, &(0x7f0000000c40)={0x6, 0x6, 0x6, @inferred=r1}})
ioctl$auto_VHOST_SET_VRING_KICK2(r3, 0x4008af20, &(0x7f0000000cc0)={0x7, r0})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4d5f28bd7000fd6dd6251100000014003880210000800b000600519c7b06000000008c96d9069b1717da9867b151486c55ee8b274a07567d191dd0776867dcffcf94813bf63e5af7b94a2996c029d309de1b7cb6091e4d3943ca4d0686be1316a1088d42247ef7295f6152711aefb76a7dc02f7d0c001bdeff7781978dd3b6410fb1fa4fd4d191"], 0x28}, 0x1, 0x0, 0x0, 0x40004001}, 0x8886)
syz_clone3(&(0x7f0000000340)={0x62030000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=<r6=>0x0, {0x12}, &(0x7f0000000240)=""/42, 0x2a, &(0x7f0000000280)=""/77, &(0x7f0000000300)=[0x0, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5b0, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_BEACON_TAIL={0x1f1, 0xf, "1773b1b55e2cfa8c8b9dd4e4741613ac6ba81d663cb88c731c865ac9ba5fb38713fc7e8f7e1737f0a76734894a068cb43f43fd37c7c700e0f87e4ca6b6c69a835d1e485ae9e00fd9daebc261f61d35115539b463c0d96e8ed4f38f20689a5ac2a285ee6dc5de86c5fe20be9cd878dec524b86d9cff79d691942f0a0b3a9562a9e930fec73b11542c9edf634ce1d7a8c64f19c4ed846c79e1ed2a6d209732addc2e407b71c4f0e28ce546228a106863eaac20e3a63c268ee4664a1b87ac274c45f9e3113296b05f4be41126f699ffcf4e952c403366e38fe2d7f72fffa90fda69592ad1897c2b51f1b52b1cbd9bf13f37223516e6bda7e6e1f4592b4685dd6bdbc68cc655904f441f7372c61da24d4c125b7d18e2151b56723b808f9b70fd359dcb4adc0798ee75b8e5a82bcc0385a4cce14e155f86c0eb8c64c3fdf2aa3dc89bff7ae31da4c9f76e635a4b103b42bcd17bdc0aa7a40e1c17147bbf03aaf290b41c8f8998226ce626d0ba011d41ea81781bb5884708e62c2279fed82567f75716670a32bbe38306aee818b337f9608b3dd4825950b1e489e6bd2d9de95d67e2ff7463e860d32771de83f6f341cdd1b24aa47532e1a5279fd2ce267e02245af6bc625439fcd9ed29e4fd1e1854fa1b0df79cb0e11c447e7e2de2cf81e3cae9bc60c1da749be81066ba674b0d0f05"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x29a, 0x2c, 0x0, 0x1, [@typed={0x15, 0xe9, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0x8, 0x13b, 0x0, 0x0, @pid=r6}, @nested={0x164, 0x48, 0x0, 0x1, [@typed={0x4, 0x11}, @typed={0x15, 0x4f, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0xf9, 0xfd, 0x0, 0x0, @binary="7195759944075f3fd6d489ad87222cf3ac97596441f982e363fe2d35bf69fe94e3e95b1cdc4330c1bd63d17f8f93069279373928c6a83a42b545d213175cdb279354d092e3f8bf2bed9ef38cc3567b021f1a74cff13876af7fbe14072a53ea5dc4f7289b781d2e98ab1d0d461c62ba73b00b7a86c8f80861f254e4d46ca541b35a027a6687a5197a6a2ca29d3e7d7dec3e546d26620604c3a877f115fc0252f3ed18efe0e33e01b733a7fe6e17bc5a98aa1516301edc12050832b79bd242754d9041fd403576569e3f78f92b4cb2d965f6e51994521c240b20364ce03cc7bfdfc666114854d39c871cc2e2fa344a82a6186b515d0e"}, @nested={0x4, 0x1d}, @nested={0x4, 0x3}, @generic="22c153e38bf9cac74acc3b9787a0325ff48fab113d81e6c37952c7587845fbabba665ec566c481524dd8d1df91833985974795c7c3c1e91520688600d3315946"]}, @generic="ebdeec4e679ccbb22a4dd2198625a68ad4bc7c5d67d7c73f23b3759a987a82ec2901b77f684aaa2f7aca9c73246f62e79b1f7940754ad8153976f4fdff78ac482ccdb84c395320a063d773a8a0a9a7233bf42ea7a6960a6af61e60eb8ac8d0fd28bd7fe516777f51e2a616f96cf08acb06ec79c0707ec4abd8c04a877c57de69cc549dfaba2c6540d50681b33aa1e37287e035b31aaba20ce370ddeb9517ba99abbb5f7364e30654fea602900856c78d85cddfea7daac1aaf8f81822cb1540648ddc77957655c2bf1e46040540bf41081e09093e8131da69141d", @nested={0x36, 0x6e, 0x0, 0x1, [@typed={0x4, 0x8d}, @nested={0x4, 0x48}, @generic="97f52214b1848faf4eb8f216494e60392bb5", @nested={0x4, 0x4a}, @typed={0x14, 0xa8, 0x0, 0x0, @ipv6=@remote}]}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xfffffff8}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x9}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xf5, 0xe8, "610948cd915ca50757ba5740c617761b66f78e1d6f9ae09aea73ecbcadc05d5453e357132541ed2cc0689cf25c93e20c56572274f3b883d468decda544eb6aed8b1b4d01e2de848246beca9c576be2bdc144d6216004e9764b89ada530a7a55ed75df5da75faf89b62ee0672d3fac2ae975118a63975a3a08ad612a1197d032046895a1f0c4bb6bb2c1bef8ea2a17499843dea1ed4125e2d2a29408a626ea128f3e3678b59fe28274bffd3cb80124b2f441927df0998ff54c331c51dd23f10f7ed528dd9df0f4b3ed9ffbbcdecaa0cd0d1100cd5a242182884f7f0595fb5564ed3ada57caf6d4d63860be6d303e291dcf8"}]}, 0x5b0}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040044)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000c00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x154, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_QOS_MAP={0xdd, 0xc7, "e1881ac5ae2a0b513b93f81dbdf7ceba316ae480c88440dda4f32f43af9a9ec3bec2e7beaa7323b51b48047df125dc69c591be0831057b901a4b479166c455c46acd05b1fe75180b5827d51bf3e3777b1a38778c02479a3e62dd43eb2d6f511206de787e45f3aae386bf64b7d1d511f231d4227ea6971dcc34adae6fde7d380810101ea219449d27b56e75108fabc852d4d650cc17aa612232c2792133c8c9744e4cbe50d13a3130757091c4d4af80939886c97e7c2d12f8065f514a39a8080be860faa759fa21b71665590d45766909343f1902a187a57339"}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0xfffffdf7}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x2}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xd}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_FILS_KEK={0x8, 0xf2, '!T2b'}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0xb}, @NL80211_ATTR_SSID={0x15, 0x34, "90afdd040ceff2a616d50d00979fe41db8"}, @NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0x14, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x5}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xa7a0}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x8840}, 0x4)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x8240, 0x0)

21.279301872s ago: executing program 1 (id=4665):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x186a00, 0x0)
shmget$auto(0xffffffffffffffff, 0xb0d, 0xa7db6ba)
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x2021009, 0x3, 0xeb1, 0xffffffffffffffff, 0x7ffe)
mmap$auto(0x2, 0x2000b, 0x4, 0xeb1, 0xffffffffffffffff, 0x5)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@l2={0x1f, 0x0, @any, 0x9, 0x2}, 0x6)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55)
write$auto(0x3, 0x0, 0x7fffffff)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
socket(0x10, 0x2, 0x88)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r1 = openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_nodes_fops_netdebug(r1, 0x0, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
ioctl$auto_PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000200)=0x4)
r3 = socket(0xb, 0x2, 0x84)
setsockopt$auto(r3, 0x0, 0x40, 0x0, 0x10000)
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0xc41, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r5, 0xea6c, &(0x7f00000002c0)="3914044c7781e7c50ac3b99e79e71898fa47e05eaa96a3dfb641e8c0ed1440b9194f943e8d794800cd176198ced789875c2fa951bb407e7c588457a48d7673e2ed8a4e6564e2236b22da508003e878e49dcef8eda6fac24e5e412a655c6c334b08011049813fb21f9023f05abaa8d03065a6b7e7397b0e92e03a4adc347e47083a9ca7f062ad213158c37e10889c9d4d66b1f8a9ee5e3cabeef806b1bf6988489aab9d91943d9bcc7b1664959011aaeb79fe54e77e9b439069640813bfd6eb8a9e6f4cb2112910fafbfe386e4fd4d4605441ceaf416ecb3f84637c3c8af1d01633584b056f3dd89a623b490d9f72bfbb967c8b4d8956699a")
get_robust_list$auto(r4, &(0x7f0000000180)=&(0x7f0000000140)={{&(0x7f0000000040)={&(0x7f0000000000)}}, 0x9, &(0x7f0000000100)={&(0x7f00000000c0)={&(0x7f0000000080)}}}, &(0x7f00000001c0)=0x7ff)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)

20.831152583s ago: executing program 4 (id=4667):
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
mmap$auto(0x0, 0x8, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
lseek$auto(r0, 0xf3f, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x3d, 0x200000000045f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x1, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xffffffff]}, 0x9, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x7})
ioctl$auto(0xc8, 0x894c, 0x5c8d)
socket(0x2a, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b)
removexattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0xd5f, &(0x7f0000000040)='/\x00')
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0)
read$auto(r2, 0x0, 0x18)
write$auto(0x3, 0x0, 0xfdef)

20.756059455s ago: executing program 1 (id=4670):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto_SO_PEERSEC(0xffffffffffffffff, 0x6, 0x1f, 0x0, &(0x7f0000000200)=0x8)
r0 = socket(0x2b, 0x1, 0x1)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
r3 = socket(0xa, 0x3, 0x3b)
getsockopt$auto(r3, 0x3a, 0x20, 0x0, 0x0)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x15, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
setsockopt$auto(r0, 0x29, 0x20, 0x0, 0x20)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0x8}, 0x800}, 0x107, 0x400a)

20.64643112s ago: executing program 4 (id=4671):
r0 = socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0x11, 0xfffffffffffffffa, 0x8000)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_3={0x80000000, 0x2, 0x8, 0x10000, 0x3, 0x7, 0x9, 0x5, 0x6, "b5ea07820b37d497c1d1540eeca13ff1", 0x0, 0xd, r2, 0x9, 0x10000, 0x9, 0x3, 0xc80000, 0x1, 0x3, @attach_prog_fd=r1, 0x213, 0x4, 0x4, 0x9, 0x1, r1, r1}, 0xf)
r3 = socket(0x2, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@phonet={0x23, 0xd1, 0x6, 0x81}, 0x10006b)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
socket(0x2c, 0x4, 0x2)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x801, 0x84)
ftruncate$auto(r0, 0x1)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

19.749268886s ago: executing program 1 (id=4673):
r0 = socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0x11, 0xfffffffffffffffa, 0x8000)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_3={0x80000000, 0x2, 0x8, 0x10000, 0x3, 0x7, 0x9, 0x5, 0x6, "b5ea07820b37d497c1d1540eeca13ff1", 0x0, 0xd, r2, 0x9, 0x10000, 0x9, 0x3, 0xc80000, 0x1, 0x3, @attach_prog_fd=r1, 0x213, 0x4, 0x4, 0x9, 0x1, r1, r1}, 0xf)
r3 = socket(0x2, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@phonet={0x23, 0xd1, 0x6, 0x81}, 0x10006b)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
socket(0x2c, 0x4, 0x2)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x801, 0x84)
ftruncate$auto(r0, 0x1)

19.141400957s ago: executing program 4 (id=4675):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(0x0, 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

19.085404927s ago: executing program 1 (id=4676):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

18.877823838s ago: executing program 3 (id=4677):
socket(0x1a, 0x4, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event1\x00', 0x1c402, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x801}, 0x80)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x80000, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
ioctl$auto(r2, 0x900064b4, 0x2000000000000c37)
socket(0x29, 0x2, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x129800, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0)
fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001100)=""/192, 0xc0)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
acct$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)

18.570938791s ago: executing program 4 (id=4678):
r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
mmap$auto(0x0, 0x8, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
lseek$auto(r0, 0xf3f, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x7352, 0x3d, 0x200000000045f, 0x401ffde, 0x7, 0x3, 0x2, 0x9, 0x3eb, 0x5, 0x2, 0x3000, 0x9, 0x6, 0x10003, 0x80, 0x1, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xffffffff]}, 0x9, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x7})
ioctl$auto(0xc8, 0x894c, 0x5c8d)
socket(0x2a, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@qipcrtr={0x2a, 0x1, 0x8000}, 0x6b)
removexattrat$auto(r0, &(0x7f0000000000)='./file0\x00', 0xd5f, &(0x7f0000000040)='/\x00')
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0)
read$auto(r2, 0x0, 0x18)
write$auto(0x3, 0x0, 0xfdef)

18.397082358s ago: executing program 4 (id=4679):
r0 = socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0x11, 0xfffffffffffffffa, 0x8000)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x6, 0x7, 0x0, 0x0, 0x80000002)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_3={0x80000000, 0x2, 0x8, 0x10000, 0x3, 0x7, 0x9, 0x5, 0x6, "b5ea07820b37d497c1d1540eeca13ff1", 0x0, 0xd, r2, 0x9, 0x10000, 0x9, 0x3, 0xc80000, 0x1, 0x3, @attach_prog_fd=r1, 0x213, 0x4, 0x4, 0x9, 0x1, r1, r1}, 0xf)
r3 = socket(0x2, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@phonet={0x23, 0xd1, 0x6, 0x81}, 0x10006b)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
socket(0x2c, 0x4, 0x2)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x801, 0x84)
ftruncate$auto(r0, 0x1)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)

18.326367947s ago: executing program 3 (id=4680):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
r0 = socket(0x2, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x23, 0x80805, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000c80)={0x9, &(0x7f0000000c40)={0x6, 0x6, 0x6, @inferred=r1}})
ioctl$auto_VHOST_SET_VRING_KICK2(r3, 0x4008af20, &(0x7f0000000cc0)={0x7, r0})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4d5f28bd7000fd6dd6251100000014003880210000800b000600519c7b06000000008c96d9069b1717da9867b151486c55ee8b274a07567d191dd0776867dcffcf94813bf63e5af7b94a2996c029d309de1b7cb6091e4d3943ca4d0686be1316a1088d42247ef7295f6152711aefb76a7dc02f7d0c001bdeff7781978dd3b6410fb1fa4fd4d191"], 0x28}, 0x1, 0x0, 0x0, 0x40004001}, 0x8886)
syz_clone3(&(0x7f0000000340)={0x62030000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=<r6=>0x0, {0x12}, &(0x7f0000000240)=""/42, 0x2a, &(0x7f0000000280)=""/77, &(0x7f0000000300)=[0x0, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5b0, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_BEACON_TAIL={0x1f1, 0xf, "1773b1b55e2cfa8c8b9dd4e4741613ac6ba81d663cb88c731c865ac9ba5fb38713fc7e8f7e1737f0a76734894a068cb43f43fd37c7c700e0f87e4ca6b6c69a835d1e485ae9e00fd9daebc261f61d35115539b463c0d96e8ed4f38f20689a5ac2a285ee6dc5de86c5fe20be9cd878dec524b86d9cff79d691942f0a0b3a9562a9e930fec73b11542c9edf634ce1d7a8c64f19c4ed846c79e1ed2a6d209732addc2e407b71c4f0e28ce546228a106863eaac20e3a63c268ee4664a1b87ac274c45f9e3113296b05f4be41126f699ffcf4e952c403366e38fe2d7f72fffa90fda69592ad1897c2b51f1b52b1cbd9bf13f37223516e6bda7e6e1f4592b4685dd6bdbc68cc655904f441f7372c61da24d4c125b7d18e2151b56723b808f9b70fd359dcb4adc0798ee75b8e5a82bcc0385a4cce14e155f86c0eb8c64c3fdf2aa3dc89bff7ae31da4c9f76e635a4b103b42bcd17bdc0aa7a40e1c17147bbf03aaf290b41c8f8998226ce626d0ba011d41ea81781bb5884708e62c2279fed82567f75716670a32bbe38306aee818b337f9608b3dd4825950b1e489e6bd2d9de95d67e2ff7463e860d32771de83f6f341cdd1b24aa47532e1a5279fd2ce267e02245af6bc625439fcd9ed29e4fd1e1854fa1b0df79cb0e11c447e7e2de2cf81e3cae9bc60c1da749be81066ba674b0d0f05"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x29a, 0x2c, 0x0, 0x1, [@typed={0x15, 0xe9, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0x8, 0x13b, 0x0, 0x0, @pid=r6}, @nested={0x164, 0x48, 0x0, 0x1, [@typed={0x4, 0x11}, @typed={0x15, 0x4f, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0xf9, 0xfd, 0x0, 0x0, @binary="7195759944075f3fd6d489ad87222cf3ac97596441f982e363fe2d35bf69fe94e3e95b1cdc4330c1bd63d17f8f93069279373928c6a83a42b545d213175cdb279354d092e3f8bf2bed9ef38cc3567b021f1a74cff13876af7fbe14072a53ea5dc4f7289b781d2e98ab1d0d461c62ba73b00b7a86c8f80861f254e4d46ca541b35a027a6687a5197a6a2ca29d3e7d7dec3e546d26620604c3a877f115fc0252f3ed18efe0e33e01b733a7fe6e17bc5a98aa1516301edc12050832b79bd242754d9041fd403576569e3f78f92b4cb2d965f6e51994521c240b20364ce03cc7bfdfc666114854d39c871cc2e2fa344a82a6186b515d0e"}, @nested={0x4, 0x1d}, @nested={0x4, 0x3}, @generic="22c153e38bf9cac74acc3b9787a0325ff48fab113d81e6c37952c7587845fbabba665ec566c481524dd8d1df91833985974795c7c3c1e91520688600d3315946"]}, @generic="ebdeec4e679ccbb22a4dd2198625a68ad4bc7c5d67d7c73f23b3759a987a82ec2901b77f684aaa2f7aca9c73246f62e79b1f7940754ad8153976f4fdff78ac482ccdb84c395320a063d773a8a0a9a7233bf42ea7a6960a6af61e60eb8ac8d0fd28bd7fe516777f51e2a616f96cf08acb06ec79c0707ec4abd8c04a877c57de69cc549dfaba2c6540d50681b33aa1e37287e035b31aaba20ce370ddeb9517ba99abbb5f7364e30654fea602900856c78d85cddfea7daac1aaf8f81822cb1540648ddc77957655c2bf1e46040540bf41081e09093e8131da69141d", @nested={0x36, 0x6e, 0x0, 0x1, [@typed={0x4, 0x8d}, @nested={0x4, 0x48}, @generic="97f52214b1848faf4eb8f216494e60392bb5", @nested={0x4, 0x4a}, @typed={0x14, 0xa8, 0x0, 0x0, @ipv6=@remote}]}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xfffffff8}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x9}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xf5, 0xe8, "610948cd915ca50757ba5740c617761b66f78e1d6f9ae09aea73ecbcadc05d5453e357132541ed2cc0689cf25c93e20c56572274f3b883d468decda544eb6aed8b1b4d01e2de848246beca9c576be2bdc144d6216004e9764b89ada530a7a55ed75df5da75faf89b62ee0672d3fac2ae975118a63975a3a08ad612a1197d032046895a1f0c4bb6bb2c1bef8ea2a17499843dea1ed4125e2d2a29408a626ea128f3e3678b59fe28274bffd3cb80124b2f441927df0998ff54c331c51dd23f10f7ed528dd9df0f4b3ed9ffbbcdecaa0cd0d1100cd5a242182884f7f0595fb5564ed3ada57caf6d4d63860be6d303e291dcf8"}]}, 0x5b0}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040044)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000c00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x158, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_QOS_MAP={0xe1, 0xc7, "e1881ac5ae2a0b513b93f81dbdf7ceba316ae480c88440dda4f32f43af9a9ec3bec2e7beaa7323b51b48047df125dc69c591be0831057b901a4b479166c455c46acd05b1fe75180b5827d51bf3e3777b1a38778c02479a3e62dd43eb2d6f511206de787e45f3aae386bf64b7d1d511f231d4227ea6971dcc34adae6fde7d380810101ea219449d27b56e75108fabc852d4d650cc17aa612232c2792133c8c9744e4cbe50d13a3130757091c4d4af80939886c97e7c2d12f8065f514a39a8080be860faa759fa21b71665590d45766909343f1902a187a57339b57e3618"}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0xfffffdf7}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x2}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xd}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_FILS_KEK={0x8, 0xf2, '!T2b'}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0xb}, @NL80211_ATTR_SSID={0x15, 0x34, "90afdd040ceff2a616d50d00979fe41db8"}, @NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0x14, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x5}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xa7a0}]}]}, 0x158}, 0x1, 0x0, 0x0, 0x8840}, 0x4)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x8240, 0x0)

17.837157491s ago: executing program 4 (id=4681):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

17.422858565s ago: executing program 3 (id=4682):
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
timerfd_create$auto(0x0, 0x0)
timerfd_gettime$auto(0x6, &(0x7f0000000200)={{0xfffffffffffffff9, 0x8000}, {0x81, 0x5}})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
r0 = epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setsockopt$auto_SO_SNDBUF(r0, 0x0, 0x7, &(0x7f0000000140)='/dev/ppp\x00', 0x9)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/suspend_stats/failed_prepare\x00', 0x2400, 0x0)
read$auto(r1, &(0x7f00000002c0)='\x91\xf3\xc5\xe7\xf4\xfc\x8e\xf5\x1a14\x8a\xd9\x9a\x11\xb1\x10q\xdf\x8doi\xfc\x9f\x18\x9a\xd4\x1d\xf7\xc7\xf9\xf8\xa2\xa3\x10Cs]\x01\xfec~\x9c\x9e\xb2\xa5Io\x11\x83\xf2\x06\a\xc0\xca\xcd\x1fHl2\xf4a\x88`\xd8(\x0fR\xb4\xcb\xc9\xf4E\xe8\xdd\xec\x85\xfa\xdc\xd7\x0eZ\xb5\x8f\x06\x89Ss6\x04\x00'/100, 0x5ff15ff9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0)
read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f00000001c0)=""/191, 0x1f8)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000000)=""/194, 0xc2)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
write$auto(0x3, 0x0, 0x1)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)

17.09097663s ago: executing program 3 (id=4683):
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
timerfd_create$auto(0x0, 0x0)
timerfd_gettime$auto(0x6, &(0x7f0000000200)={{0xfffffffffffffff9, 0x8000}, {0x81, 0x5}})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
r0 = epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
setsockopt$auto_SO_SNDBUF(r0, 0x0, 0x7, &(0x7f0000000140)='/dev/ppp\x00', 0x9)
mprotect$auto(0x0, 0x3ff, 0x6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/suspend_stats/failed_prepare\x00', 0x2400, 0x0)
read$auto(r1, &(0x7f00000002c0)='\x91\xf3\xc5\xe7\xf4\xfc\x8e\xf5\x1a14\x8a\xd9\x9a\x11\xb1\x10q\xdf\x8doi\xfc\x9f\x18\x9a\xd4\x1d\xf7\xc7\xf9\xf8\xa2\xa3\x10Cs]\x01\xfec~\x9c\x9e\xb2\xa5Io\x11\x83\xf2\x06\a\xc0\xca\xcd\x1fHl2\xf4a\x88`\xd8(\x0fR\xb4\xcb\xc9\xf4E\xe8\xdd\xec\x85\xfa\xdc\xd7\x0eZ\xb5\x8f\x06\x89Ss6\x04\x00'/100, 0x5ff15ff9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0)
read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f00000001c0)=""/191, 0x1f8)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000000)=""/194, 0xc2)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
write$auto(0x3, 0x0, 0x1)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)

16.791863925s ago: executing program 3 (id=4684):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3)
r0 = socket(0x2, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0)
preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x10}, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x23, 0x80805, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r3 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000c80)={0x9, &(0x7f0000000c40)={0x6, 0x6, 0x6, @inferred=r1}})
ioctl$auto_VHOST_SET_VRING_KICK2(r3, 0x4008af20, &(0x7f0000000cc0)={0x7, r0})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r4)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0xfdef)
sendmsg$auto_NL80211_CMD_GET_STATION(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001880)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="4d5f28bd7000fd6dd6251100000014003880210000800b000600519c7b06000000008c96d9069b1717da9867b151486c55ee8b274a07567d191dd0776867dcffcf94813bf63e5af7b94a2996c029d309de1b7cb6091e4d3943ca4d0686be1316a1088d42247ef7295f6152711aefb76a7dc02f7d0c001bdeff7781978dd3b6410fb1fa4fd4d191"], 0x28}, 0x1, 0x0, 0x0, 0x40004001}, 0x8886)
syz_clone3(&(0x7f0000000340)={0x62030000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)=<r6=>0x0, {0x12}, &(0x7f0000000240)=""/42, 0x2a, &(0x7f0000000280)=""/77, &(0x7f0000000300)=[0x0, 0xffffffffffffffff, 0x0], 0x3, {r1}}, 0x58)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r2, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5b0, r5, 0x300, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_ASSOC_SPP_AMSDU={0x4}, @NL80211_ATTR_BEACON_TAIL={0x1f1, 0xf, "1773b1b55e2cfa8c8b9dd4e4741613ac6ba81d663cb88c731c865ac9ba5fb38713fc7e8f7e1737f0a76734894a068cb43f43fd37c7c700e0f87e4ca6b6c69a835d1e485ae9e00fd9daebc261f61d35115539b463c0d96e8ed4f38f20689a5ac2a285ee6dc5de86c5fe20be9cd878dec524b86d9cff79d691942f0a0b3a9562a9e930fec73b11542c9edf634ce1d7a8c64f19c4ed846c79e1ed2a6d209732addc2e407b71c4f0e28ce546228a106863eaac20e3a63c268ee4664a1b87ac274c45f9e3113296b05f4be41126f699ffcf4e952c403366e38fe2d7f72fffa90fda69592ad1897c2b51f1b52b1cbd9bf13f37223516e6bda7e6e1f4592b4685dd6bdbc68cc655904f441f7372c61da24d4c125b7d18e2151b56723b808f9b70fd359dcb4adc0798ee75b8e5a82bcc0385a4cce14e155f86c0eb8c64c3fdf2aa3dc89bff7ae31da4c9f76e635a4b103b42bcd17bdc0aa7a40e1c17147bbf03aaf290b41c8f8998226ce626d0ba011d41ea81781bb5884708e62c2279fed82567f75716670a32bbe38306aee818b337f9608b3dd4825950b1e489e6bd2d9de95d67e2ff7463e860d32771de83f6f341cdd1b24aa47532e1a5279fd2ce267e02245af6bc625439fcd9ed29e4fd1e1854fa1b0df79cb0e11c447e7e2de2cf81e3cae9bc60c1da749be81066ba674b0d0f05"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x29a, 0x2c, 0x0, 0x1, [@typed={0x15, 0xe9, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0x8, 0x13b, 0x0, 0x0, @pid=r6}, @nested={0x164, 0x48, 0x0, 0x1, [@typed={0x4, 0x11}, @typed={0x15, 0x4f, 0x0, 0x0, @str='/dev/vhost-vsock\x00'}, @typed={0xf9, 0xfd, 0x0, 0x0, @binary="7195759944075f3fd6d489ad87222cf3ac97596441f982e363fe2d35bf69fe94e3e95b1cdc4330c1bd63d17f8f93069279373928c6a83a42b545d213175cdb279354d092e3f8bf2bed9ef38cc3567b021f1a74cff13876af7fbe14072a53ea5dc4f7289b781d2e98ab1d0d461c62ba73b00b7a86c8f80861f254e4d46ca541b35a027a6687a5197a6a2ca29d3e7d7dec3e546d26620604c3a877f115fc0252f3ed18efe0e33e01b733a7fe6e17bc5a98aa1516301edc12050832b79bd242754d9041fd403576569e3f78f92b4cb2d965f6e51994521c240b20364ce03cc7bfdfc666114854d39c871cc2e2fa344a82a6186b515d0e"}, @nested={0x4, 0x1d}, @nested={0x4, 0x3}, @generic="22c153e38bf9cac74acc3b9787a0325ff48fab113d81e6c37952c7587845fbabba665ec566c481524dd8d1df91833985974795c7c3c1e91520688600d3315946"]}, @generic="ebdeec4e679ccbb22a4dd2198625a68ad4bc7c5d67d7c73f23b3759a987a82ec2901b77f684aaa2f7aca9c73246f62e79b1f7940754ad8153976f4fdff78ac482ccdb84c395320a063d773a8a0a9a7233bf42ea7a6960a6af61e60eb8ac8d0fd28bd7fe516777f51e2a616f96cf08acb06ec79c0707ec4abd8c04a877c57de69cc549dfaba2c6540d50681b33aa1e37287e035b31aaba20ce370ddeb9517ba99abbb5f7364e30654fea602900856c78d85cddfea7daac1aaf8f81822cb1540648ddc77957655c2bf1e46040540bf41081e09093e8131da69141d", @nested={0x36, 0x6e, 0x0, 0x1, [@typed={0x4, 0x8d}, @nested={0x4, 0x48}, @generic="97f52214b1848faf4eb8f216494e60392bb5", @nested={0x4, 0x4a}, @typed={0x14, 0xa8, 0x0, 0x0, @ipv6=@remote}]}]}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0xfffffff8}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x9}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xf5, 0xe8, "610948cd915ca50757ba5740c617761b66f78e1d6f9ae09aea73ecbcadc05d5453e357132541ed2cc0689cf25c93e20c56572274f3b883d468decda544eb6aed8b1b4d01e2de848246beca9c576be2bdc144d6216004e9764b89ada530a7a55ed75df5da75faf89b62ee0672d3fac2ae975118a63975a3a08ad612a1197d032046895a1f0c4bb6bb2c1bef8ea2a17499843dea1ed4125e2d2a29408a626ea128f3e3678b59fe28274bffd3cb80124b2f441927df0998ff54c331c51dd23f10f7ed528dd9df0f4b3ed9ffbbcdecaa0cd0d1100cd5a242182884f7f0595fb5564ed3ada57caf6d4d63860be6d303e291dcf8"}]}, 0x5b0}, 0x1, 0x0, 0x0, 0x20040000}, 0x4040044)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000c00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a40)={0x154, r5, 0x100, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_QOS_MAP={0xdd, 0xc7, "e1881ac5ae2a0b513b93f81dbdf7ceba316ae480c88440dda4f32f43af9a9ec3bec2e7beaa7323b51b48047df125dc69c591be0831057b901a4b479166c455c46acd05b1fe75180b5827d51bf3e3777b1a38778c02479a3e62dd43eb2d6f511206de787e45f3aae386bf64b7d1d511f231d4227ea6971dcc34adae6fde7d380810101ea219449d27b56e75108fabc852d4d650cc17aa612232c2792133c8c9744e4cbe50d13a3130757091c4d4af80939886c97e7c2d12f8065f514a39a8080be860faa759fa21b71665590d45766909343f1902a187a57339"}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0xfffffdf7}, @NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x2}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0xd}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_FILS_KEK={0x8, 0xf2, '!T2b'}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0xb}, @NL80211_ATTR_SSID={0x15, 0x34, "90afdd040ceff2a616d50d00979fe41db8"}, @NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0x14, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x5}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xa7a0}]}]}, 0x154}, 0x1, 0x0, 0x0, 0x8840}, 0x4)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x8240, 0x0)

15.905019617s ago: executing program 3 (id=4685):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, 0x0, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

3.505257152s ago: executing program 33 (id=4676):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

2.503835147s ago: executing program 34 (id=4681):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

0s ago: executing program 35 (id=4685):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
readv$auto(0xffffffffffffffff, 0x0, 0x8)
madvise$auto(0x0, 0xd0, 0x2)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0)
faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7)
open(&(0x7f0000000040)='./cgroup\x00', 0x593002, 0x408)
read$auto(r0, 0x0, 0x20)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48)
faccessat$auto(r1, 0x0, 0x2)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc44c1, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000)
mmap$auto(0x0, 0x9, 0xe3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r4, 0x0, 0x1ff)
read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0)
ioperm$auto(0x7, 0x6, 0x2)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
unlink$auto(&(0x7f0000000640)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00')
ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd)

kernel console output (not intermixed with test programs):

UID: 0 PID: 23627 Comm: syz.3.4127 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1080.967812][T23627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1080.967827][T23627] Call Trace:
[ 1080.967836][T23627]  <TASK>
[ 1080.967846][T23627]  dump_stack_lvl+0x16c/0x1f0
[ 1080.967886][T23627]  should_fail_ex+0x512/0x640
[ 1080.967927][T23627]  ? __kvmalloc_node_noprof+0x122/0x600
[ 1080.967955][T23627]  should_failslab+0xc2/0x120
[ 1080.967986][T23627]  __kvmalloc_node_noprof+0x135/0x600
[ 1080.968013][T23627]  ? sbitmap_init_node+0x1ca/0x770
[ 1080.968042][T23627]  ? sbitmap_init_node+0x1ca/0x770
[ 1080.968064][T23627]  sbitmap_init_node+0x1ca/0x770
[ 1080.968094][T23627]  sbitmap_queue_init_node+0x41/0x560
[ 1080.968124][T23627]  blk_mq_init_tags+0x12d/0x2b0
[ 1080.968161][T23627]  blk_mq_alloc_map_and_rqs+0x237/0xf10
[ 1080.968196][T23627]  ? blk_mq_map_queues+0x211/0x410
[ 1080.968227][T23627]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[ 1080.968263][T23627]  blk_mq_alloc_tag_set+0x75e/0x1250
[ 1080.968306][T23627]  loop_add+0x3b7/0xb70
[ 1080.968336][T23627]  ? do_vfs_ioctl+0x512/0x1990
[ 1080.968366][T23627]  ? __pfx_loop_add+0x10/0x10
[ 1080.968393][T23627]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1080.968445][T23627]  ? find_held_lock+0x2b/0x80
[ 1080.968472][T23627]  loop_control_ioctl+0x13c/0x630
[ 1080.968504][T23627]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1080.968538][T23627]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1080.968571][T23627]  __x64_sys_ioctl+0x190/0x200
[ 1080.968604][T23627]  do_syscall_64+0xcd/0x230
[ 1080.968637][T23627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.968662][T23627] RIP: 0033:0x7fcdf6b8e969
[ 1080.968682][T23627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1080.968705][T23627] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1080.968726][T23627] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1080.968744][T23627] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[ 1080.968759][T23627] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1080.968774][T23627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1080.968788][T23627] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1080.968819][T23627]  </TASK>
[ 1080.968981][T23627] blk-mq: reduced tag depth (128 -> 64)
[ 1081.751449][ T5832] Bluetooth: hci1: command tx timeout
[ 1081.939574][   T36] team0 (unregistering): Port device team_slave_1 removed
[ 1081.988814][   T36] team0 (unregistering): Port device team_slave_0 removed
[ 1082.979384][T23545] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1083.020985][T23545] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1083.072238][T23545] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1083.128578][T23545] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1083.422086][T23545] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1083.457748][T23545] 8021q: adding VLAN 0 to HW filter on device team0
[ 1083.493284][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1083.500499][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1083.534316][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1083.541531][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1083.675311][T23545] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1083.833367][ T5832] Bluetooth: hci1: command tx timeout
[ 1084.469743][T23545] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1084.611082][T23685] FAULT_INJECTION: forcing a failure.
[ 1084.611082][T23685] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.651019][T23685] CPU: 0 UID: 0 PID: 23685 Comm: syz.1.4135 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1084.651056][T23685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1084.651071][T23685] Call Trace:
[ 1084.651080][T23685]  <TASK>
[ 1084.651090][T23685]  dump_stack_lvl+0x16c/0x1f0
[ 1084.651129][T23685]  should_fail_ex+0x512/0x640
[ 1084.651161][T23685]  ? fs_reclaim_acquire+0xae/0x150
[ 1084.651195][T23685]  ? tomoyo_supervisor+0x45b/0x13b0
[ 1084.651234][T23685]  should_failslab+0xc2/0x120
[ 1084.651264][T23685]  __kmalloc_noprof+0xd2/0x510
[ 1084.651287][T23685]  ? tomoyo_profile+0x47/0x60
[ 1084.651329][T23685]  tomoyo_supervisor+0x45b/0x13b0
[ 1084.651369][T23685]  ? __pfx_tomoyo_supervisor+0x10/0x10
[ 1084.651421][T23685]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1084.651458][T23685]  ? kfree+0x2b6/0x4d0
[ 1084.651490][T23685]  ? tomoyo_check_path_acl+0xad/0x210
[ 1084.651520][T23685]  ? tomoyo_check_acl+0x1f7/0x410
[ 1084.651552][T23685]  tomoyo_path_permission+0x270/0x3b0
[ 1084.651583][T23685]  tomoyo_path_perm+0x362/0x460
[ 1084.651623][T23685]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1084.651689][T23685]  ? __d_lookup+0x25c/0x4a0
[ 1084.651728][T23685]  tomoyo_path_unlink+0x91/0xe0
[ 1084.651760][T23685]  ? __pfx_tomoyo_path_unlink+0x10/0x10
[ 1084.651789][T23685]  ? d_lookup+0xe7/0x190
[ 1084.651824][T23685]  security_path_unlink+0x145/0x2b0
[ 1084.651851][T23685]  do_unlinkat+0x463/0x6a0
[ 1084.651878][T23685]  ? __pfx_do_unlinkat+0x10/0x10
[ 1084.651914][T23685]  ? getname_flags.part.0+0x1c5/0x550
[ 1084.651944][T23685]  __x64_sys_unlink+0xc5/0x110
[ 1084.651966][T23685]  do_syscall_64+0xcd/0x230
[ 1084.651997][T23685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1084.652022][T23685] RIP: 0033:0x7fe52f38e969
[ 1084.652043][T23685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1084.652068][T23685] RSP: 002b:00007fe5301f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 1084.652093][T23685] RAX: ffffffffffffffda RBX: 00007fe52f5b5fa0 RCX: 00007fe52f38e969
[ 1084.652110][T23685] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000640
[ 1084.652126][T23685] RBP: 00007fe52f410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1084.652142][T23685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1084.652157][T23685] R13: 0000000000000000 R14: 00007fe52f5b5fa0 R15: 00007ffd1239ad18
[ 1084.652192][T23685]  </TASK>
[ 1084.888850][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1085.374653][T23545] veth0_vlan: entered promiscuous mode
[ 1085.453565][T23545] veth1_vlan: entered promiscuous mode
[ 1085.577197][T23545] veth0_macvtap: entered promiscuous mode
[ 1085.615672][T23545] veth1_macvtap: entered promiscuous mode
[ 1085.676091][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1085.700106][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1085.761337][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1085.796143][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1085.840326][T23545] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1085.881640][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1085.926633][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1085.941311][T23545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1085.961294][T23545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1085.983788][T23545] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1086.022807][T23545] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1086.051400][T23545] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1086.060159][T23545] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1086.092345][T23545] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1086.372758][   T80] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1086.380630][   T80] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1086.474900][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1086.499140][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1086.970752][T23735] FAULT_INJECTION: forcing a failure.
[ 1086.970752][T23735] name failslab, interval 1, probability 0, space 0, times 0
[ 1087.039929][T23735] CPU: 0 UID: 0 PID: 23735 Comm: syz.4.4106 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1087.039959][T23735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1087.039971][T23735] Call Trace:
[ 1087.039978][T23735]  <TASK>
[ 1087.039985][T23735]  dump_stack_lvl+0x16c/0x1f0
[ 1087.040014][T23735]  should_fail_ex+0x512/0x640
[ 1087.040037][T23735]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1087.040061][T23735]  should_failslab+0xc2/0x120
[ 1087.040086][T23735]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1087.040107][T23735]  ? __alloc_skb+0x2b2/0x380
[ 1087.040135][T23735]  __alloc_skb+0x2b2/0x380
[ 1087.040157][T23735]  ? __pfx___alloc_skb+0x10/0x10
[ 1087.040181][T23735]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1087.040205][T23735]  ? __lock_acquire+0xaa4/0x1ba0
[ 1087.040237][T23735]  netlink_alloc_large_skb+0x69/0x130
[ 1087.040265][T23735]  netlink_sendmsg+0x6a1/0xdd0
[ 1087.040293][T23735]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1087.040339][T23735]  ____sys_sendmsg+0xa95/0xc70
[ 1087.040367][T23735]  ? copy_msghdr_from_user+0x10a/0x160
[ 1087.040390][T23735]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1087.040432][T23735]  ___sys_sendmsg+0x134/0x1d0
[ 1087.040456][T23735]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1087.040519][T23735]  __sys_sendmsg+0x16d/0x220
[ 1087.040542][T23735]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1087.040574][T23735]  ? rcu_is_watching+0x12/0xc0
[ 1087.040601][T23735]  do_syscall_64+0xcd/0x230
[ 1087.040633][T23735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1087.040656][T23735] RIP: 0033:0x7fc02d98e969
[ 1087.040675][T23735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1087.040697][T23735] RSP: 002b:00007fc02e79f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1087.040720][T23735] RAX: ffffffffffffffda RBX: 00007fc02dbb6080 RCX: 00007fc02d98e969
[ 1087.040734][T23735] RDX: 000000000400c004 RSI: 0000200000000140 RDI: 0000000000000003
[ 1087.040747][T23735] RBP: 00007fc02e79f090 R08: 0000000000000000 R09: 0000000000000000
[ 1087.040760][T23735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1087.040772][T23735] R13: 0000000000000000 R14: 00007fc02dbb6080 R15: 00007ffdf0f19518
[ 1087.040802][T23735]  </TASK>
[ 1088.478494][ T5832] Bluetooth: hci4: unexpected subevent 0x01 length: 5 < 18
[ 1088.666101][T23774] random: crng reseeded on system resumption
[ 1089.509287][ T5832] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[ 1090.415647][T23833] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4160'.
[ 1093.030006][ T5832] Bluetooth: hci4: unexpected subevent 0x01 length: 5 < 18
[ 1095.116929][ T5832] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[ 1096.197641][T24006] netlink: 206 bytes leftover after parsing attributes in process `syz.2.4191'.
[ 1096.254276][T24009] netlink: 93 bytes leftover after parsing attributes in process `syz.4.4193'.
[ 1096.670734][T24025] FAULT_INJECTION: forcing a failure.
[ 1096.670734][T24025] name failslab, interval 1, probability 0, space 0, times 0
[ 1096.719147][T24025] CPU: 1 UID: 0 PID: 24025 Comm: syz.4.4196 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1096.719171][T24025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1096.719180][T24025] Call Trace:
[ 1096.719186][T24025]  <TASK>
[ 1096.719192][T24025]  dump_stack_lvl+0x16c/0x1f0
[ 1096.719216][T24025]  should_fail_ex+0x512/0x640
[ 1096.719237][T24025]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1096.719254][T24025]  should_failslab+0xc2/0x120
[ 1096.719271][T24025]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1096.719285][T24025]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1096.719300][T24025]  ? getname_flags.part.0+0x4c/0x550
[ 1096.719319][T24025]  getname_flags.part.0+0x4c/0x550
[ 1096.719335][T24025]  ? rcu_is_watching+0x12/0xc0
[ 1096.719350][T24025]  getname_flags+0x93/0xf0
[ 1096.719370][T24025]  __x64_sys_mknod+0x74/0xb0
[ 1096.719383][T24025]  do_syscall_64+0xcd/0x230
[ 1096.719410][T24025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.719426][T24025] RIP: 0033:0x7fc02d98e969
[ 1096.719439][T24025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1096.719453][T24025] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1096.719467][T24025] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1096.719475][T24025] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1096.719483][T24025] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1096.719491][T24025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1096.719499][T24025] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1096.719516][T24025]  </TASK>
[ 1097.062045][T24036] vivid-003: =================  START STATUS  =================
[ 1097.069705][T24036] vivid-003: Radio HW Seek Mode: Bounded
[ 1097.086184][T24036] vivid-003: Radio Programmable HW Seek: false
[ 1097.119454][T24036] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1097.129316][T24036] vivid-003: Generate RBDS Instead of RDS: false
[ 1097.139672][T24036] vivid-003: RDS Reception: true
[ 1097.145654][T24036] vivid-003: RDS Program Type: 0 inactive
[ 1097.154144][T24036] vivid-003: RDS PS Name:  inactive
[ 1097.159404][T24036] vivid-003: RDS Radio Text:  inactive
[ 1097.174278][T24036] vivid-003: RDS Traffic Announcement: false inactive
[ 1097.272702][T24036] vivid-003: RDS Traffic Program: false inactive
[ 1097.285111][T24036] vivid-003: RDS Music: false inactive
[ 1097.363392][T24036] vivid-003: ==================  END STATUS  ==================
[ 1099.001401][ T5832] Bluetooth: hci3: unexpected subevent 0x01 length: 5 < 18
[ 1099.134934][T24084] FAULT_INJECTION: forcing a failure.
[ 1099.134934][T24084] name failslab, interval 1, probability 0, space 0, times 0
[ 1099.151351][T24084] CPU: 0 UID: 0 PID: 24084 Comm: syz.4.4211 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1099.151389][T24084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1099.151404][T24084] Call Trace:
[ 1099.151413][T24084]  <TASK>
[ 1099.151423][T24084]  dump_stack_lvl+0x16c/0x1f0
[ 1099.151471][T24084]  should_fail_ex+0x512/0x640
[ 1099.151504][T24084]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1099.151536][T24084]  should_failslab+0xc2/0x120
[ 1099.151565][T24084]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1099.151592][T24084]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1099.151619][T24084]  ? getname_flags.part.0+0x4c/0x550
[ 1099.151655][T24084]  getname_flags.part.0+0x4c/0x550
[ 1099.151684][T24084]  ? rcu_is_watching+0x12/0xc0
[ 1099.151711][T24084]  getname_flags+0x93/0xf0
[ 1099.151747][T24084]  __x64_sys_mknod+0x74/0xb0
[ 1099.151771][T24084]  do_syscall_64+0xcd/0x230
[ 1099.151806][T24084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1099.151831][T24084] RIP: 0033:0x7fc02d98e969
[ 1099.151851][T24084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1099.151876][T24084] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1099.151901][T24084] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1099.151918][T24084] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1099.151934][T24084] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1099.151949][T24084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1099.151964][T24084] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1099.151997][T24084]  </TASK>
[ 1099.329353][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1100.281022][T24105] FAULT_INJECTION: forcing a failure.
[ 1100.281022][T24105] name failslab, interval 1, probability 0, space 0, times 0
[ 1100.296572][T24105] CPU: 0 UID: 0 PID: 24105 Comm: syz.3.4217 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1100.296611][T24105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1100.296626][T24105] Call Trace:
[ 1100.296635][T24105]  <TASK>
[ 1100.296646][T24105]  dump_stack_lvl+0x16c/0x1f0
[ 1100.296684][T24105]  should_fail_ex+0x512/0x640
[ 1100.296717][T24105]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1100.296749][T24105]  should_failslab+0xc2/0x120
[ 1100.296779][T24105]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1100.296804][T24105]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1100.296832][T24105]  ? getname_flags.part.0+0x4c/0x550
[ 1100.296867][T24105]  getname_flags.part.0+0x4c/0x550
[ 1100.296896][T24105]  ? rcu_is_watching+0x12/0xc0
[ 1100.296923][T24105]  getname_flags+0x93/0xf0
[ 1100.296958][T24105]  __x64_sys_mknod+0x74/0xb0
[ 1100.296983][T24105]  do_syscall_64+0xcd/0x230
[ 1100.297020][T24105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.297045][T24105] RIP: 0033:0x7fcdf6b8e969
[ 1100.297065][T24105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1100.297089][T24105] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1100.297113][T24105] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1100.297131][T24105] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1100.297146][T24105] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1100.297161][T24105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1100.297176][T24105] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1100.297210][T24105]  </TASK>
[ 1100.469176][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1101.215583][ T5832] Bluetooth: hci4: unexpected subevent 0x01 length: 5 < 18
[ 1101.254657][T24142] FAULT_INJECTION: forcing a failure.
[ 1101.254657][T24142] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1101.286901][T24142] CPU: 0 UID: 0 PID: 24142 Comm: syz.2.4223 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1101.286937][T24142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1101.286950][T24142] Call Trace:
[ 1101.286958][T24142]  <TASK>
[ 1101.286974][T24142]  dump_stack_lvl+0x16c/0x1f0
[ 1101.287009][T24142]  should_fail_ex+0x512/0x640
[ 1101.287046][T24142]  get_futex_key+0x49e/0x1000
[ 1101.287076][T24142]  ? __pfx_get_futex_key+0x10/0x10
[ 1101.287098][T24142]  ? stack_trace_save+0x8e/0xc0
[ 1101.287120][T24142]  ? __pfx_stack_trace_save+0x10/0x10
[ 1101.287141][T24142]  ? stack_depot_save_flags+0x28/0xa50
[ 1101.287174][T24142]  ? __lock_acquire+0xaa4/0x1ba0
[ 1101.287209][T24142]  futex_wait_setup+0x78/0x290
[ 1101.287236][T24142]  ? kasan_save_free_info+0x3b/0x60
[ 1101.287272][T24142]  ? __x64_sys_openat+0x174/0x210
[ 1101.287310][T24142]  __futex_wait+0x266/0x3c0
[ 1101.287344][T24142]  ? __pfx___futex_wait+0x10/0x10
[ 1101.287382][T24142]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1101.287428][T24142]  futex_wait+0xe8/0x380
[ 1101.287459][T24142]  ? __pfx_futex_wait+0x10/0x10
[ 1101.287494][T24142]  ? kmem_cache_free+0x2d4/0x4d0
[ 1101.287518][T24142]  ? fd_install+0x225/0x750
[ 1101.287548][T24142]  ? putname+0x154/0x1a0
[ 1101.287578][T24142]  do_futex+0x229/0x350
[ 1101.287600][T24142]  ? __pfx_do_futex+0x10/0x10
[ 1101.287633][T24142]  __x64_sys_futex+0x1e0/0x4c0
[ 1101.287658][T24142]  ? __x64_sys_openat+0x174/0x210
[ 1101.287688][T24142]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1101.287715][T24142]  ? rcu_is_watching+0x12/0xc0
[ 1101.287747][T24142]  do_syscall_64+0xcd/0x230
[ 1101.287782][T24142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.287808][T24142] RIP: 0033:0x7fca7578e969
[ 1101.287829][T24142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.287852][T24142] RSP: 002b:00007fca765280e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1101.287874][T24142] RAX: ffffffffffffffda RBX: 00007fca759b5fa8 RCX: 00007fca7578e969
[ 1101.287889][T24142] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fca759b5fa8
[ 1101.287903][T24142] RBP: 00007fca759b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1101.287916][T24142] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca759b5fac
[ 1101.287928][T24142] R13: 0000000000000000 R14: 00007fff31552380 R15: 00007fff31552468
[ 1101.287956][T24142]  </TASK>
[ 1101.526535][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1101.590950][T24149] FAULT_INJECTION: forcing a failure.
[ 1101.590950][T24149] name failslab, interval 1, probability 0, space 0, times 0
[ 1101.606457][T24149] CPU: 1 UID: 0 PID: 24149 Comm: syz.4.4225 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1101.606490][T24149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1101.606504][T24149] Call Trace:
[ 1101.606512][T24149]  <TASK>
[ 1101.606521][T24149]  dump_stack_lvl+0x16c/0x1f0
[ 1101.606556][T24149]  should_fail_ex+0x512/0x640
[ 1101.606585][T24149]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1101.606623][T24149]  should_failslab+0xc2/0x120
[ 1101.606650][T24149]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1101.606685][T24149]  ? net_shaper_hierarchy_setup+0xde/0x260
[ 1101.606721][T24149]  ? ref_tracker_alloc+0x305/0x5b0
[ 1101.606756][T24149]  net_shaper_hierarchy_setup+0xde/0x260
[ 1101.606791][T24149]  net_shaper_nl_group_doit+0x854/0x1460
[ 1101.606821][T24149]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.606846][T24149]  ? __pfx_net_shaper_nl_group_doit+0x10/0x10
[ 1101.606879][T24149]  ? netdev_get_by_index+0x81/0xb0
[ 1101.606907][T24149]  ? net_shaper_ctx_setup+0x1a3/0x530
[ 1101.606941][T24149]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1101.606973][T24149]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1101.607000][T24149]  ? rcu_is_watching+0x12/0xc0
[ 1101.607032][T24149]  ? bpf_lsm_capable+0x9/0x10
[ 1101.607054][T24149]  ? security_capable+0x7e/0x260
[ 1101.607095][T24149]  genl_rcv_msg+0x55c/0x800
[ 1101.607128][T24149]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1101.607154][T24149]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1101.607182][T24149]  ? __pfx_net_shaper_nl_pre_doit+0x10/0x10
[ 1101.607220][T24149]  ? __pfx_net_shaper_nl_group_doit+0x10/0x10
[ 1101.607240][T24149]  ? __pfx_net_shaper_nl_post_doit+0x10/0x10
[ 1101.607277][T24149]  ? __lock_acquire+0xaa4/0x1ba0
[ 1101.607310][T24149]  netlink_rcv_skb+0x16a/0x440
[ 1101.607337][T24149]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1101.607369][T24149]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1101.607418][T24149]  ? __pfx_down_read+0x10/0x10
[ 1101.607451][T24149]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1101.607483][T24149]  genl_rcv+0x28/0x40
[ 1101.607510][T24149]  netlink_unicast+0x53a/0x7f0
[ 1101.607543][T24149]  ? __pfx_netlink_unicast+0x10/0x10
[ 1101.607568][T24149]  ? __lock_acquire+0xaa4/0x1ba0
[ 1101.607606][T24149]  netlink_sendmsg+0x8d1/0xdd0
[ 1101.607640][T24149]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1101.607681][T24149]  ____sys_sendmsg+0xa95/0xc70
[ 1101.607714][T24149]  ? copy_msghdr_from_user+0x10a/0x160
[ 1101.607740][T24149]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1101.607790][T24149]  ___sys_sendmsg+0x134/0x1d0
[ 1101.607818][T24149]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1101.607890][T24149]  __sys_sendmsg+0x16d/0x220
[ 1101.607917][T24149]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1101.607953][T24149]  ? rcu_is_watching+0x12/0xc0
[ 1101.607986][T24149]  do_syscall_64+0xcd/0x230
[ 1101.608020][T24149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.608044][T24149] RIP: 0033:0x7fc02d98e969
[ 1101.608064][T24149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.608087][T24149] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1101.608110][T24149] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1101.608127][T24149] RDX: 0000000000000014 RSI: 0000200000001600 RDI: 0000000000000004
[ 1101.608142][T24149] RBP: 00007fc02e7c0090 R08: 0000000000000000 R09: 0000000000000000
[ 1101.608157][T24149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1101.608171][T24149] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1101.608212][T24149]  </TASK>
[ 1102.296568][T24167] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4226'.
[ 1103.862062][T24187] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4232'.
[ 1104.562501][ T5832] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[ 1105.015090][T24231] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124
[ 1105.092730][T24232] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125
[ 1105.198488][T24231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4240'.
[ 1105.396815][T24237] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4242'.
[ 1106.206231][T24257] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4247'.
[ 1107.009137][T24278] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4252'.
[ 1107.034613][T24278] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1107.054433][T24278] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1107.089638][T24278] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1107.122067][T24278] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1109.349269][ T5832] Bluetooth: hci0: unexpected subevent 0x01 length: 5 < 18
[ 1109.376891][ T5832] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[ 1109.376926][ T5832] Bluetooth: hci1: unexpected subevent 0x05 length: 725 > 12
[ 1111.434410][ T5832] Bluetooth: hci1: command tx timeout
[ 1113.028771][T24402] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4270'.
[ 1115.887312][T24501] FAULT_INJECTION: forcing a failure.
[ 1115.887312][T24501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1115.901044][T24501] CPU: 0 UID: 0 PID: 24501 Comm: syz.2.4288 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1115.901080][T24501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1115.901096][T24501] Call Trace:
[ 1115.901105][T24501]  <TASK>
[ 1115.901115][T24501]  dump_stack_lvl+0x16c/0x1f0
[ 1115.901154][T24501]  should_fail_ex+0x512/0x640
[ 1115.901193][T24501]  strncpy_from_user+0x3b/0x2e0
[ 1115.901231][T24501]  getname_flags.part.0+0x8f/0x550
[ 1115.901270][T24501]  __x64_sys_unlink+0xb0/0x110
[ 1115.901293][T24501]  do_syscall_64+0xcd/0x230
[ 1115.901324][T24501]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.901350][T24501] RIP: 0033:0x7fca7578e969
[ 1115.901370][T24501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1115.901394][T24501] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 1115.901419][T24501] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1115.901435][T24501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000640
[ 1115.901451][T24501] RBP: 00007fca75810ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1115.901465][T24501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1115.901479][T24501] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1115.901513][T24501]  </TASK>
[ 1116.081789][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.088632][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.741687][T24516] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4291'.
[ 1117.234608][T24524] can: request_module (can-proto-4) failed.
[ 1117.973350][T24535] FAULT_INJECTION: forcing a failure.
[ 1117.973350][T24535] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1117.986727][T24535] CPU: 0 UID: 0 PID: 24535 Comm: syz.3.4297 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1117.986747][T24535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1117.986756][T24535] Call Trace:
[ 1117.986761][T24535]  <TASK>
[ 1117.986767][T24535]  dump_stack_lvl+0x16c/0x1f0
[ 1117.986789][T24535]  should_fail_ex+0x512/0x640
[ 1117.986811][T24535]  get_futex_key+0x49e/0x1000
[ 1117.986828][T24535]  ? __pfx_get_futex_key+0x10/0x10
[ 1117.986840][T24535]  ? stack_trace_save+0x8e/0xc0
[ 1117.986853][T24535]  ? __pfx_stack_trace_save+0x10/0x10
[ 1117.986866][T24535]  ? stack_depot_save_flags+0x28/0xa50
[ 1117.986885][T24535]  ? __lock_acquire+0xaa4/0x1ba0
[ 1117.986905][T24535]  futex_wait_setup+0x78/0x290
[ 1117.986921][T24535]  ? kasan_save_free_info+0x3b/0x60
[ 1117.986941][T24535]  ? __x64_sys_openat+0x174/0x210
[ 1117.986960][T24535]  __futex_wait+0x266/0x3c0
[ 1117.986978][T24535]  ? __pfx___futex_wait+0x10/0x10
[ 1117.986998][T24535]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1117.987022][T24535]  futex_wait+0xe8/0x380
[ 1117.987038][T24535]  ? __pfx_futex_wait+0x10/0x10
[ 1117.987058][T24535]  ? kmem_cache_free+0x2d4/0x4d0
[ 1117.987071][T24535]  ? fd_install+0x225/0x750
[ 1117.987089][T24535]  ? putname+0x154/0x1a0
[ 1117.987106][T24535]  do_futex+0x229/0x350
[ 1117.987120][T24535]  ? __pfx_do_futex+0x10/0x10
[ 1117.987139][T24535]  __x64_sys_futex+0x1e0/0x4c0
[ 1117.987155][T24535]  ? __x64_sys_openat+0x174/0x210
[ 1117.987171][T24535]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1117.987186][T24535]  ? rcu_is_watching+0x12/0xc0
[ 1117.987204][T24535]  do_syscall_64+0xcd/0x230
[ 1117.987223][T24535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1117.987236][T24535] RIP: 0033:0x7fcdf6b8e969
[ 1117.987248][T24535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1117.987261][T24535] RSP: 002b:00007fcdf79890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1117.987274][T24535] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa8 RCX: 00007fcdf6b8e969
[ 1117.987284][T24535] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcdf6db5fa8
[ 1117.987292][T24535] RBP: 00007fcdf6db5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1117.987299][T24535] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdf6db5fac
[ 1117.987307][T24535] R13: 0000000000000000 R14: 00007fff9f8ce740 R15: 00007fff9f8ce828
[ 1117.987324][T24535]  </TASK>
[ 1118.764674][T24543] blk-mq: reduced tag depth (128 -> 64)
[ 1118.948426][T24547] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4303'.
[ 1119.813430][T24572] mkiss: ax0: crc mode is auto.
[ 1120.595564][T24584] FAULT_INJECTION: forcing a failure.
[ 1120.595564][T24584] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1120.608950][T24584] CPU: 1 UID: 0 PID: 24584 Comm: syz.3.4313 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1120.608987][T24584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1120.609003][T24584] Call Trace:
[ 1120.609012][T24584]  <TASK>
[ 1120.609023][T24584]  dump_stack_lvl+0x16c/0x1f0
[ 1120.609063][T24584]  should_fail_ex+0x512/0x640
[ 1120.609101][T24584]  strncpy_from_user+0x3b/0x2e0
[ 1120.609138][T24584]  getname_flags.part.0+0x8f/0x550
[ 1120.609169][T24584]  ? rcu_is_watching+0x12/0xc0
[ 1120.609197][T24584]  getname_flags+0x93/0xf0
[ 1120.609231][T24584]  __x64_sys_mknod+0x74/0xb0
[ 1120.609256][T24584]  do_syscall_64+0xcd/0x230
[ 1120.609292][T24584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1120.609318][T24584] RIP: 0033:0x7fcdf6b8e969
[ 1120.609339][T24584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1120.609363][T24584] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1120.609388][T24584] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1120.609405][T24584] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1120.609422][T24584] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1120.609437][T24584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1120.609451][T24584] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1120.609493][T24584]  </TASK>
[ 1120.759231][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1121.006568][T24591] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4315'.
[ 1123.016058][T24631] FAULT_INJECTION: forcing a failure.
[ 1123.016058][T24631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1123.034021][T24631] CPU: 1 UID: 0 PID: 24631 Comm: syz.2.4325 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1123.034058][T24631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1123.034074][T24631] Call Trace:
[ 1123.034083][T24631]  <TASK>
[ 1123.034093][T24631]  dump_stack_lvl+0x16c/0x1f0
[ 1123.034130][T24631]  should_fail_ex+0x512/0x640
[ 1123.034168][T24631]  strncpy_from_user+0x3b/0x2e0
[ 1123.034202][T24631]  getname_flags.part.0+0x8f/0x550
[ 1123.034233][T24631]  ? rcu_is_watching+0x12/0xc0
[ 1123.034259][T24631]  getname_flags+0x93/0xf0
[ 1123.034295][T24631]  __x64_sys_mknod+0x74/0xb0
[ 1123.034320][T24631]  do_syscall_64+0xcd/0x230
[ 1123.034354][T24631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1123.034378][T24631] RIP: 0033:0x7fca7578e969
[ 1123.034399][T24631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1123.034423][T24631] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1123.034447][T24631] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1123.034464][T24631] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1123.034481][T24631] RBP: 00007fca75810ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1123.034496][T24631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1123.034512][T24631] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1123.034547][T24631]  </TASK>
[ 1123.188219][    C1] vkms_vblank_simulate: vblank timer overrun

syzkaller
syzkaller login: [ 1124.374765][ T5832] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[ 1124.374801][ T5832] Bluetooth: hci0: unexpected subevent 0x05 length: 725 > 12
[ 1124.415512][T24664] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4335'.
[ 1126.481282][ T5832] Bluetooth: hci0: command 0x0406 tx timeout
[ 1126.616193][T24706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4347'.
[ 1127.231513][T24718] can: request_module (can-proto-0) failed.
[ 1130.249701][T24772] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4363'.
[ 1131.356571][T24791] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4369'.
[ 1131.559128][T24797] FAULT_INJECTION: forcing a failure.
[ 1131.559128][T24797] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1131.589560][T24797] CPU: 0 UID: 0 PID: 24797 Comm: syz.4.4371 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1131.589599][T24797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1131.589615][T24797] Call Trace:
[ 1131.589624][T24797]  <TASK>
[ 1131.589635][T24797]  dump_stack_lvl+0x16c/0x1f0
[ 1131.589674][T24797]  should_fail_ex+0x512/0x640
[ 1131.589714][T24797]  get_futex_key+0x49e/0x1000
[ 1131.589740][T24797]  ? __pfx_get_page_from_freelist+0x10/0x10
[ 1131.589770][T24797]  ? __pfx_get_futex_key+0x10/0x10
[ 1131.589796][T24797]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1131.589832][T24797]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[ 1131.589867][T24797]  futex_wake+0xe7/0x4e0
[ 1131.589900][T24797]  ? __pfx_futex_wake+0x10/0x10
[ 1131.589929][T24797]  ? __lock_acquire+0x5ca/0x1ba0
[ 1131.589963][T24797]  ? fd_install+0x225/0x750
[ 1131.590005][T24797]  do_futex+0x1e3/0x350
[ 1131.590033][T24797]  ? __pfx_do_futex+0x10/0x10
[ 1131.590060][T24797]  ? rcu_read_unlock+0x17/0x60
[ 1131.590096][T24797]  __x64_sys_futex+0x1e0/0x4c0
[ 1131.590124][T24797]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1131.590152][T24797]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1131.590192][T24797]  do_syscall_64+0xcd/0x230
[ 1131.590228][T24797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1131.590260][T24797] RIP: 0033:0x7fc02d98e969
[ 1131.590281][T24797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1131.590307][T24797] RSP: 002b:00007fc02e7c00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1131.590332][T24797] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa8 RCX: 00007fc02d98e969
[ 1131.590350][T24797] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc02dbb5fac
[ 1131.590366][T24797] RBP: 00007fc02dbb5fa0 R08: 00007fc02e7c1000 R09: 0000000000000000
[ 1131.590383][T24797] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc02dbb5fac
[ 1131.590399][T24797] R13: 0000000000000000 R14: 00007ffdf0f19430 R15: 00007ffdf0f19518
[ 1131.590433][T24797]  </TASK>
[ 1131.931909][T24801] can: request_module (can-proto-0) failed.
[ 1132.808713][T24816] FAULT_INJECTION: forcing a failure.
[ 1132.808713][T24816] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1132.822130][T24816] CPU: 0 UID: 0 PID: 24816 Comm: syz.4.4376 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1132.822166][T24816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1132.822181][T24816] Call Trace:
[ 1132.822191][T24816]  <TASK>
[ 1132.822201][T24816]  dump_stack_lvl+0x16c/0x1f0
[ 1132.822240][T24816]  should_fail_ex+0x512/0x640
[ 1132.822278][T24816]  should_fail_alloc_page+0xe7/0x130
[ 1132.822310][T24816]  prepare_alloc_pages+0x3c2/0x610
[ 1132.822352][T24816]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[ 1132.822388][T24816]  ? futex_wait+0x120/0x380
[ 1132.822420][T24816]  ? __pfx_futex_wait+0x10/0x10
[ 1132.822455][T24816]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1132.822483][T24816]  ? kmem_cache_free+0x2d4/0x4d0
[ 1132.822507][T24816]  ? fd_install+0x225/0x750
[ 1132.822539][T24816]  ? putname+0x154/0x1a0
[ 1132.822573][T24816]  ? do_futex+0x122/0x350
[ 1132.822598][T24816]  ? aa_get_newest_label+0x375/0x680
[ 1132.822621][T24816]  ? __pfx_do_futex+0x10/0x10
[ 1132.822649][T24816]  ? __pfx_aa_get_newest_label+0x10/0x10
[ 1132.822674][T24816]  ? rcu_is_watching+0x12/0xc0
[ 1132.822697][T24816]  ? trace_cap_capable+0x18d/0x200
[ 1132.822724][T24816]  __alloc_pages_noprof+0xb/0x1b0
[ 1132.822751][T24816]  ___kmalloc_large_node+0x82/0x1e0
[ 1132.822789][T24816]  __kmalloc_large_noprof+0x1c/0x70
[ 1132.822821][T24816]  ? bpf_lsm_locked_down+0x9/0x10
[ 1132.822849][T24816]  ksys_ioperm+0x3c9/0x4f0
[ 1132.822888][T24816]  do_syscall_64+0xcd/0x230
[ 1132.822940][T24816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1132.822966][T24816] RIP: 0033:0x7fc02d98e969
[ 1132.822987][T24816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1132.823012][T24816] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[ 1132.823036][T24816] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1132.823062][T24816] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000007
[ 1132.823076][T24816] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1132.823092][T24816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1132.823108][T24816] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1132.823141][T24816]  </TASK>
[ 1137.075659][T24917] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4401'.
[ 1137.301833][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802928d400: rx timeout, send abort
[ 1137.811434][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802928d400: abort rx timeout. Force session deactivation
[ 1138.187662][T24945] FAULT_INJECTION: forcing a failure.
[ 1138.187662][T24945] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1138.210397][T24945] CPU: 1 UID: 0 PID: 24945 Comm: syz.2.4405 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1138.210434][T24945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1138.210450][T24945] Call Trace:
[ 1138.210460][T24945]  <TASK>
[ 1138.210470][T24945]  dump_stack_lvl+0x16c/0x1f0
[ 1138.210509][T24945]  should_fail_ex+0x512/0x640
[ 1138.210542][T24945]  ? putname+0x154/0x1a0
[ 1138.210572][T24945]  get_futex_key+0x49e/0x1000
[ 1138.210603][T24945]  ? __pfx_get_futex_key+0x10/0x10
[ 1138.210640][T24945]  futex_wake+0xe7/0x4e0
[ 1138.210673][T24945]  ? __pfx_futex_wake+0x10/0x10
[ 1138.210709][T24945]  ? rcu_is_watching+0x12/0xc0
[ 1138.210732][T24945]  ? kasan_quarantine_put+0x10a/0x240
[ 1138.210756][T24945]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1138.210790][T24945]  do_futex+0x1e3/0x350
[ 1138.210817][T24945]  ? __pfx_do_futex+0x10/0x10
[ 1138.210853][T24945]  __x64_sys_futex+0x1e0/0x4c0
[ 1138.210890][T24945]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1138.210918][T24945]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1138.210947][T24945]  ? getname_flags.part.0+0x1c5/0x550
[ 1138.210977][T24945]  ? rcu_is_watching+0x12/0xc0
[ 1138.211008][T24945]  do_syscall_64+0xcd/0x230
[ 1138.211043][T24945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1138.211068][T24945] RIP: 0033:0x7fca7578e969
[ 1138.211088][T24945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1138.211111][T24945] RSP: 002b:00007fca765280e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1138.211135][T24945] RAX: ffffffffffffffda RBX: 00007fca759b5fa8 RCX: 00007fca7578e969
[ 1138.211153][T24945] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fca759b5fac
[ 1138.211169][T24945] RBP: 00007fca759b5fa0 R08: 00007fca76529000 R09: 0000000000000000
[ 1138.211185][T24945] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fca759b5fac
[ 1138.211201][T24945] R13: 0000000000000000 R14: 00007fff31552380 R15: 00007fff31552468
[ 1138.211236][T24945]  </TASK>
[ 1138.408438][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1138.768317][T24958] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4408'.
[ 1139.208375][T24984] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4413'.
[ 1139.498793][T24992] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4415'.
[ 1141.097148][T25029] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4423'.
[ 1142.247914][T25046] FAULT_INJECTION: forcing a failure.
[ 1142.247914][T25046] name failslab, interval 1, probability 0, space 0, times 0
[ 1142.260948][T25046] CPU: 1 UID: 0 PID: 25046 Comm: syz.3.4430 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1142.260985][T25046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1142.261002][T25046] Call Trace:
[ 1142.261011][T25046]  <TASK>
[ 1142.261022][T25046]  dump_stack_lvl+0x16c/0x1f0
[ 1142.261061][T25046]  should_fail_ex+0x512/0x640
[ 1142.261095][T25046]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1142.261126][T25046]  should_failslab+0xc2/0x120
[ 1142.261155][T25046]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1142.261193][T25046]  ? getname_flags.part.0+0x4c/0x550
[ 1142.261233][T25046]  getname_flags.part.0+0x4c/0x550
[ 1142.261265][T25046]  __x64_sys_unlink+0xb0/0x110
[ 1142.261289][T25046]  do_syscall_64+0xcd/0x230
[ 1142.261322][T25046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.261346][T25046] RIP: 0033:0x7fcdf6b8e969
[ 1142.261366][T25046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1142.261389][T25046] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 1142.261413][T25046] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1142.261431][T25046] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000640
[ 1142.261446][T25046] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1142.261462][T25046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1142.261477][T25046] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1142.261510][T25046]  </TASK>
[ 1142.415427][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1143.727592][T25086] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4438'.
[ 1144.137525][T25095] FAULT_INJECTION: forcing a failure.
[ 1144.137525][T25095] name failslab, interval 1, probability 0, space 0, times 0
[ 1144.162437][T25095] CPU: 1 UID: 0 PID: 25095 Comm: syz.4.4441 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1144.162476][T25095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1144.162491][T25095] Call Trace:
[ 1144.162500][T25095]  <TASK>
[ 1144.162511][T25095]  dump_stack_lvl+0x16c/0x1f0
[ 1144.162551][T25095]  should_fail_ex+0x512/0x640
[ 1144.162586][T25095]  ? fs_reclaim_acquire+0xae/0x150
[ 1144.162624][T25095]  ? tomoyo_encode2+0x100/0x3e0
[ 1144.162652][T25095]  should_failslab+0xc2/0x120
[ 1144.162679][T25095]  __kmalloc_noprof+0xd2/0x510
[ 1144.162705][T25095]  ? d_absolute_path+0x136/0x1a0
[ 1144.162738][T25095]  tomoyo_encode2+0x100/0x3e0
[ 1144.162772][T25095]  tomoyo_encode+0x29/0x50
[ 1144.162803][T25095]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1144.162846][T25095]  tomoyo_path_perm+0x274/0x460
[ 1144.162868][T25095]  ? tomoyo_path_perm+0x260/0x460
[ 1144.162903][T25095]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1144.162969][T25095]  ? __d_lookup+0x25c/0x4a0
[ 1144.163019][T25095]  tomoyo_path_unlink+0x91/0xe0
[ 1144.163067][T25095]  ? __pfx_tomoyo_path_unlink+0x10/0x10
[ 1144.163101][T25095]  ? d_lookup+0xe7/0x190
[ 1144.163138][T25095]  security_path_unlink+0x145/0x2b0
[ 1144.163169][T25095]  do_unlinkat+0x463/0x6a0
[ 1144.163196][T25095]  ? __pfx_do_unlinkat+0x10/0x10
[ 1144.163235][T25095]  ? getname_flags.part.0+0x1c5/0x550
[ 1144.163270][T25095]  __x64_sys_unlink+0xc5/0x110
[ 1144.163296][T25095]  do_syscall_64+0xcd/0x230
[ 1144.163328][T25095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1144.163353][T25095] RIP: 0033:0x7fc02d98e969
[ 1144.163375][T25095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1144.163399][T25095] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[ 1144.163423][T25095] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1144.163441][T25095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000640
[ 1144.163455][T25095] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1144.163468][T25095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1144.163481][T25095] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1144.163513][T25095]  </TASK>
[ 1144.165223][T25095] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1144.189933][T25098] can: request_module (can-proto-0) failed.
[ 1144.902870][T25119] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4448'.
[ 1145.116920][T25126] FAULT_INJECTION: forcing a failure.
[ 1145.116920][T25126] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1145.141515][T25126] CPU: 0 UID: 0 PID: 25126 Comm: syz.3.4451 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1145.141554][T25126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1145.141570][T25126] Call Trace:
[ 1145.141580][T25126]  <TASK>
[ 1145.141590][T25126]  dump_stack_lvl+0x16c/0x1f0
[ 1145.141631][T25126]  should_fail_ex+0x512/0x640
[ 1145.141670][T25126]  get_futex_key+0x49e/0x1000
[ 1145.141701][T25126]  ? __pfx_get_futex_key+0x10/0x10
[ 1145.141725][T25126]  ? rcu_is_watching+0x12/0xc0
[ 1145.141752][T25126]  ? __resched_curr+0x2a0/0x3a0
[ 1145.141815][T25126]  futex_wait_setup+0x78/0x290
[ 1145.141855][T25126]  __futex_wait+0x266/0x3c0
[ 1145.141887][T25126]  ? __pfx___futex_wait+0x10/0x10
[ 1145.141916][T25126]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1145.141952][T25126]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1145.141998][T25126]  futex_wait+0xe8/0x380
[ 1145.142028][T25126]  ? __pfx_futex_wait+0x10/0x10
[ 1145.142065][T25126]  ? kmem_cache_free+0x2d4/0x4d0
[ 1145.142090][T25126]  ? fd_install+0x225/0x750
[ 1145.142122][T25126]  ? putname+0x154/0x1a0
[ 1145.142162][T25126]  do_futex+0x229/0x350
[ 1145.142190][T25126]  ? __pfx_do_futex+0x10/0x10
[ 1145.142228][T25126]  __x64_sys_futex+0x1e0/0x4c0
[ 1145.142260][T25126]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1145.142286][T25126]  ? rcu_is_watching+0x12/0xc0
[ 1145.142319][T25126]  do_syscall_64+0xcd/0x230
[ 1145.142354][T25126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.142380][T25126] RIP: 0033:0x7fcdf6b8e969
[ 1145.142400][T25126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.142429][T25126] RSP: 002b:00007fcdf79890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1145.142453][T25126] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa8 RCX: 00007fcdf6b8e969
[ 1145.142472][T25126] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcdf6db5fa8
[ 1145.142488][T25126] RBP: 00007fcdf6db5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.142504][T25126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdf6db5fac
[ 1145.142520][T25126] R13: 0000000000000000 R14: 00007fff9f8ce740 R15: 00007fff9f8ce828
[ 1145.142552][T25126]  </TASK>
[ 1145.366167][    C0] vcan0: j1939_tp_rxtimer: 0xffff888025436000: rx timeout, send abort
[ 1145.374585][    C0] vcan0: j1939_tp_rxtimer: 0xffff888025435800: rx timeout, send abort
[ 1145.383256][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888025436000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1145.399258][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888025435800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1145.516802][T25131] FAULT_INJECTION: forcing a failure.
[ 1145.516802][T25131] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1145.529686][T25131] CPU: 0 UID: 0 PID: 25131 Comm: syz.3.4452 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1145.529721][T25131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1145.529736][T25131] Call Trace:
[ 1145.529746][T25131]  <TASK>
[ 1145.529756][T25131]  dump_stack_lvl+0x16c/0x1f0
[ 1145.529794][T25131]  should_fail_ex+0x512/0x640
[ 1145.529832][T25131]  get_futex_key+0x49e/0x1000
[ 1145.529863][T25131]  ? __pfx_get_futex_key+0x10/0x10
[ 1145.529898][T25131]  ? pick_eevdf+0x3be/0x5b0
[ 1145.529926][T25131]  ? update_curr_se+0x8b/0x270
[ 1145.529958][T25131]  ? update_curr+0x74/0x800
[ 1145.529997][T25131]  futex_wait_setup+0x78/0x290
[ 1145.530037][T25131]  __futex_wait+0x266/0x3c0
[ 1145.530069][T25131]  ? __pfx___futex_wait+0x10/0x10
[ 1145.530098][T25131]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1145.530133][T25131]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1145.530177][T25131]  futex_wait+0xe8/0x380
[ 1145.530207][T25131]  ? __pfx_futex_wait+0x10/0x10
[ 1145.530246][T25131]  ? fd_install+0x225/0x750
[ 1145.530278][T25131]  ? putname+0x154/0x1a0
[ 1145.530311][T25131]  do_futex+0x229/0x350
[ 1145.530336][T25131]  ? __pfx_do_futex+0x10/0x10
[ 1145.530361][T25131]  ? rcu_read_unlock+0x17/0x60
[ 1145.530393][T25131]  __x64_sys_futex+0x1e0/0x4c0
[ 1145.530420][T25131]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1145.530446][T25131]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1145.530485][T25131]  do_syscall_64+0xcd/0x230
[ 1145.530519][T25131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.530544][T25131] RIP: 0033:0x7fcdf6b8e969
[ 1145.530566][T25131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.530589][T25131] RSP: 002b:00007fcdf79890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1145.530613][T25131] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa8 RCX: 00007fcdf6b8e969
[ 1145.530631][T25131] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcdf6db5fa8
[ 1145.530646][T25131] RBP: 00007fcdf6db5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.530662][T25131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdf6db5fac
[ 1145.530676][T25131] R13: 0000000000000000 R14: 00007fff9f8ce740 R15: 00007fff9f8ce828
[ 1145.530709][T25131]  </TASK>
[ 1147.418218][T25171] FAULT_INJECTION: forcing a failure.
[ 1147.418218][T25171] name failslab, interval 1, probability 0, space 0, times 0
[ 1147.450366][T25171] CPU: 0 UID: 0 PID: 25171 Comm: syz.3.4461 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1147.450400][T25171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1147.450414][T25171] Call Trace:
[ 1147.450422][T25171]  <TASK>
[ 1147.450431][T25171]  dump_stack_lvl+0x16c/0x1f0
[ 1147.450467][T25171]  should_fail_ex+0x512/0x640
[ 1147.450495][T25171]  ? __kmalloc_noprof+0xbf/0x510
[ 1147.450524][T25171]  ? copy_splice_read+0x1a8/0xba0
[ 1147.450552][T25171]  should_failslab+0xc2/0x120
[ 1147.450579][T25171]  __kmalloc_noprof+0xd2/0x510
[ 1147.450611][T25171]  copy_splice_read+0x1a8/0xba0
[ 1147.450650][T25171]  ? __pfx_copy_splice_read+0x10/0x10
[ 1147.450682][T25171]  ? look_up_lock_class+0x6b/0x150
[ 1147.450713][T25171]  ? lockdep_init_map_type+0x5c/0x280
[ 1147.450744][T25171]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1147.450789][T25171]  ? __pfx_copy_splice_read+0x10/0x10
[ 1147.450820][T25171]  do_splice_read+0x282/0x370
[ 1147.450855][T25171]  splice_direct_to_actor+0x2a1/0xa30
[ 1147.450887][T25171]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1147.450923][T25171]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1147.450953][T25171]  ? get_pid_task+0xfc/0x250
[ 1147.450993][T25171]  do_splice_direct+0x174/0x240
[ 1147.451026][T25171]  ? __pfx_do_splice_direct+0x10/0x10
[ 1147.451058][T25171]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1147.451092][T25171]  ? rw_verify_area+0xcf/0x680
[ 1147.451128][T25171]  do_sendfile+0xafd/0xe50
[ 1147.451166][T25171]  ? __pfx_do_sendfile+0x10/0x10
[ 1147.451201][T25171]  ? __fget_files+0x20e/0x3c0
[ 1147.451238][T25171]  __x64_sys_sendfile64+0x1d8/0x220
[ 1147.451264][T25171]  ? ksys_write+0x1b9/0x240
[ 1147.451286][T25171]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1147.451311][T25171]  ? rcu_is_watching+0x12/0xc0
[ 1147.451341][T25171]  do_syscall_64+0xcd/0x230
[ 1147.451371][T25171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1147.451393][T25171] RIP: 0033:0x7fcdf6b8e969
[ 1147.451412][T25171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1147.451432][T25171] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1147.451453][T25171] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1147.451468][T25171] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1147.451480][T25171] RBP: 00007fcdf7989090 R08: 0000000000000000 R09: 0000000000000000
[ 1147.451494][T25171] R10: 000000004f64a1d2 R11: 0000000000000246 R12: 0000000000000001
[ 1147.451507][T25171] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1147.451538][T25171]  </TASK>
[ 1147.812993][T25173] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126
[ 1147.882898][T25180] FAULT_INJECTION: forcing a failure.
[ 1147.882898][T25180] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1147.897406][T25180] CPU: 0 UID: 0 PID: 25180 Comm: syz.3.4463 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1147.897428][T25180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1147.897438][T25180] Call Trace:
[ 1147.897443][T25180]  <TASK>
[ 1147.897449][T25180]  dump_stack_lvl+0x16c/0x1f0
[ 1147.897472][T25180]  should_fail_ex+0x512/0x640
[ 1147.897507][T25180]  should_fail_alloc_page+0xe7/0x130
[ 1147.897539][T25180]  prepare_alloc_pages+0x3c2/0x610
[ 1147.897577][T25180]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[ 1147.897596][T25180]  ? futex_wait+0x120/0x380
[ 1147.897613][T25180]  ? __pfx_futex_wait+0x10/0x10
[ 1147.897632][T25180]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1147.897647][T25180]  ? kmem_cache_free+0x2d4/0x4d0
[ 1147.897660][T25180]  ? fd_install+0x225/0x750
[ 1147.897680][T25180]  ? putname+0x154/0x1a0
[ 1147.897698][T25180]  ? do_futex+0x122/0x350
[ 1147.897711][T25180]  ? aa_get_newest_label+0x375/0x680
[ 1147.897724][T25180]  ? __pfx_do_futex+0x10/0x10
[ 1147.897747][T25180]  ? __pfx_aa_get_newest_label+0x10/0x10
[ 1147.897762][T25180]  ? rcu_is_watching+0x12/0xc0
[ 1147.897776][T25180]  ? trace_cap_capable+0x18d/0x200
[ 1147.897792][T25180]  __alloc_pages_noprof+0xb/0x1b0
[ 1147.897807][T25180]  ___kmalloc_large_node+0x82/0x1e0
[ 1147.897827][T25180]  __kmalloc_large_noprof+0x1c/0x70
[ 1147.897845][T25180]  ? bpf_lsm_locked_down+0x9/0x10
[ 1147.897860][T25180]  ksys_ioperm+0x3c9/0x4f0
[ 1147.897882][T25180]  do_syscall_64+0xcd/0x230
[ 1147.897902][T25180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1147.897916][T25180] RIP: 0033:0x7fcdf6b8e969
[ 1147.897929][T25180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1147.897941][T25180] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[ 1147.897954][T25180] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1147.897963][T25180] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000007
[ 1147.897971][T25180] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1147.897981][T25180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1147.897989][T25180] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1147.898005][T25180]  </TASK>
[ 1148.376328][T25181] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127
[ 1149.163755][T25201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4470'.
[ 1151.111999][T25238] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128
[ 1151.208253][T25248] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input129
[ 1153.915476][T25296] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1154.087058][T25302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4494'.
[ 1155.292396][T25321] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4499'.
[ 1159.096891][T25410] FAULT_INJECTION: forcing a failure.
[ 1159.096891][T25410] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1159.114391][T25410] CPU: 0 UID: 0 PID: 25410 Comm: syz.2.4519 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1159.114471][T25410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1159.114509][T25410] Call Trace:
[ 1159.114518][T25410]  <TASK>
[ 1159.114528][T25410]  dump_stack_lvl+0x16c/0x1f0
[ 1159.114567][T25410]  should_fail_ex+0x512/0x640
[ 1159.114607][T25410]  get_futex_key+0x49e/0x1000
[ 1159.114639][T25410]  ? __kernel_text_address+0xd/0x40
[ 1159.114677][T25410]  ? unwind_get_return_address+0x59/0xa0
[ 1159.114706][T25410]  ? arch_stack_walk+0xa6/0x100
[ 1159.114734][T25410]  ? __pfx_get_futex_key+0x10/0x10
[ 1159.114772][T25410]  futex_wait_setup+0x78/0x290
[ 1159.114802][T25410]  ? stack_depot_save_flags+0x28/0xa50
[ 1159.114843][T25410]  __futex_wait+0x266/0x3c0
[ 1159.114875][T25410]  ? __pfx___futex_wait+0x10/0x10
[ 1159.114913][T25410]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1159.114958][T25410]  futex_wait+0xe8/0x380
[ 1159.114988][T25410]  ? __pfx_futex_wait+0x10/0x10
[ 1159.115027][T25410]  ? rcu_is_watching+0x12/0xc0
[ 1159.115050][T25410]  ? kasan_quarantine_put+0x10a/0x240
[ 1159.115075][T25410]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1159.115106][T25410]  do_futex+0x229/0x350
[ 1159.115132][T25410]  ? __pfx_do_futex+0x10/0x10
[ 1159.115167][T25410]  __x64_sys_futex+0x1e0/0x4c0
[ 1159.115195][T25410]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1159.115222][T25410]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1159.115249][T25410]  ? getname_flags.part.0+0x1c5/0x550
[ 1159.115278][T25410]  ? rcu_is_watching+0x12/0xc0
[ 1159.115310][T25410]  do_syscall_64+0xcd/0x230
[ 1159.115345][T25410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1159.115371][T25410] RIP: 0033:0x7fca7578e969
[ 1159.115391][T25410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1159.115416][T25410] RSP: 002b:00007fca765280e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1159.115440][T25410] RAX: ffffffffffffffda RBX: 00007fca759b5fa8 RCX: 00007fca7578e969
[ 1159.115458][T25410] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fca759b5fa8
[ 1159.115474][T25410] RBP: 00007fca759b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1159.115490][T25410] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca759b5fac
[ 1159.115505][T25410] R13: 0000000000000000 R14: 00007fff31552380 R15: 00007fff31552468
[ 1159.115538][T25410]  </TASK>
[ 1161.613546][T25452] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1162.066758][T25465] FAULT_INJECTION: forcing a failure.
[ 1162.066758][T25465] name failslab, interval 1, probability 0, space 0, times 0
[ 1162.087404][T25465] CPU: 0 UID: 0 PID: 25465 Comm: syz.4.4533 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1162.087442][T25465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1162.087457][T25465] Call Trace:
[ 1162.087465][T25465]  <TASK>
[ 1162.087476][T25465]  dump_stack_lvl+0x16c/0x1f0
[ 1162.087513][T25465]  should_fail_ex+0x512/0x640
[ 1162.087543][T25465]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1162.087572][T25465]  should_failslab+0xc2/0x120
[ 1162.087610][T25465]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1162.087634][T25465]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1162.087661][T25465]  ? getname_flags.part.0+0x4c/0x550
[ 1162.087695][T25465]  getname_flags.part.0+0x4c/0x550
[ 1162.087724][T25465]  ? rcu_is_watching+0x12/0xc0
[ 1162.087751][T25465]  getname_flags+0x93/0xf0
[ 1162.087784][T25465]  __x64_sys_mknod+0x74/0xb0
[ 1162.087807][T25465]  do_syscall_64+0xcd/0x230
[ 1162.087841][T25465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.087866][T25465] RIP: 0033:0x7fc02d98e969
[ 1162.087886][T25465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1162.087909][T25465] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1162.087933][T25465] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1162.087951][T25465] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1162.087966][T25465] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1162.087982][T25465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1162.087997][T25465] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1162.088034][T25465]  </TASK>
[ 1163.911744][T25516] FAULT_INJECTION: forcing a failure.
[ 1163.911744][T25516] name failslab, interval 1, probability 0, space 0, times 0
[ 1163.964325][T25516] CPU: 1 UID: 0 PID: 25516 Comm: syz.1.4543 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1163.964364][T25516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1163.964379][T25516] Call Trace:
[ 1163.964388][T25516]  <TASK>
[ 1163.964398][T25516]  dump_stack_lvl+0x16c/0x1f0
[ 1163.964438][T25516]  should_fail_ex+0x512/0x640
[ 1163.964481][T25516]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1163.964529][T25516]  should_failslab+0xc2/0x120
[ 1163.964560][T25516]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1163.964597][T25516]  ? percpu_ref_init+0xec/0x410
[ 1163.964628][T25516]  ? __pfx_blk_queue_usage_counter_release+0x10/0x10
[ 1163.964656][T25516]  percpu_ref_init+0xec/0x410
[ 1163.964689][T25516]  blk_alloc_queue+0x577/0x760
[ 1163.964721][T25516]  blk_mq_alloc_queue+0x179/0x290
[ 1163.964754][T25516]  ? __pfx_blk_mq_alloc_queue+0x10/0x10
[ 1163.964785][T25516]  ? blk_mq_alloc_map_and_rqs+0xb1b/0xf10
[ 1163.964834][T25516]  ? debug_mutex_init+0x37/0x70
[ 1163.964871][T25516]  ? blk_mq_alloc_tag_set+0xce4/0x1250
[ 1163.964911][T25516]  __blk_mq_alloc_disk+0x29/0x120
[ 1163.964946][T25516]  loop_add+0x496/0xb70
[ 1163.964977][T25516]  ? do_vfs_ioctl+0x512/0x1990
[ 1163.965010][T25516]  ? __pfx_loop_add+0x10/0x10
[ 1163.965038][T25516]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1163.965094][T25516]  ? find_held_lock+0x2b/0x80
[ 1163.965124][T25516]  loop_control_ioctl+0x13c/0x630
[ 1163.965158][T25516]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1163.965196][T25516]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1163.965229][T25516]  __x64_sys_ioctl+0x190/0x200
[ 1163.965265][T25516]  do_syscall_64+0xcd/0x230
[ 1163.965301][T25516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.965327][T25516] RIP: 0033:0x7fe52f38e969
[ 1163.965348][T25516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1163.965372][T25516] RSP: 002b:00007fe5301f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1163.965397][T25516] RAX: ffffffffffffffda RBX: 00007fe52f5b5fa0 RCX: 00007fe52f38e969
[ 1163.965415][T25516] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 1163.965431][T25516] RBP: 00007fe52f410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1163.965447][T25516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1163.965462][T25516] R13: 0000000000000000 R14: 00007fe52f5b5fa0 R15: 00007ffd1239ad18
[ 1163.965502][T25516]  </TASK>
[ 1164.206284][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1164.712477][T25531] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4548'.
[ 1166.067608][T25567] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4558'.
[ 1166.958601][T25586] FAULT_INJECTION: forcing a failure.
[ 1166.958601][T25586] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1167.090613][T25586] CPU: 0 UID: 0 PID: 25586 Comm: syz.2.4561 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1167.090649][T25586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1167.090662][T25586] Call Trace:
[ 1167.090670][T25586]  <TASK>
[ 1167.090680][T25586]  dump_stack_lvl+0x16c/0x1f0
[ 1167.090717][T25586]  should_fail_ex+0x512/0x640
[ 1167.090754][T25586]  get_futex_key+0x49e/0x1000
[ 1167.090782][T25586]  ? __pfx_get_futex_key+0x10/0x10
[ 1167.090807][T25586]  ? pick_eevdf+0x3be/0x5b0
[ 1167.090832][T25586]  ? update_curr_se+0x8b/0x270
[ 1167.090862][T25586]  ? update_curr+0x74/0x800
[ 1167.090901][T25586]  futex_wait_setup+0x78/0x290
[ 1167.090938][T25586]  __futex_wait+0x266/0x3c0
[ 1167.090970][T25586]  ? __pfx___futex_wait+0x10/0x10
[ 1167.091001][T25586]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1167.091036][T25586]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1167.091082][T25586]  futex_wait+0xe8/0x380
[ 1167.091112][T25586]  ? __pfx_futex_wait+0x10/0x10
[ 1167.091152][T25586]  ? __pfx___schedule+0x10/0x10
[ 1167.091198][T25586]  do_futex+0x229/0x350
[ 1167.091227][T25586]  ? __pfx_do_futex+0x10/0x10
[ 1167.091253][T25586]  ? rcu_is_watching+0x12/0xc0
[ 1167.091279][T25586]  __x64_sys_futex+0x1e0/0x4c0
[ 1167.091309][T25586]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1167.091335][T25586]  ? rcu_is_watching+0x12/0xc0
[ 1167.091366][T25586]  do_syscall_64+0xcd/0x230
[ 1167.091398][T25586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1167.091422][T25586] RIP: 0033:0x7fca7578e969
[ 1167.091442][T25586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1167.091467][T25586] RSP: 002b:00007fca765280e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1167.091492][T25586] RAX: ffffffffffffffda RBX: 00007fca759b5fa8 RCX: 00007fca7578e969
[ 1167.091510][T25586] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fca759b5fa8
[ 1167.091525][T25586] RBP: 00007fca759b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1167.091540][T25586] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fca759b5fac
[ 1167.091556][T25586] R13: 0000000000000000 R14: 00007fff31552380 R15: 00007fff31552468
[ 1167.091589][T25586]  </TASK>
[ 1167.306163][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1170.196960][T25645] FAULT_INJECTION: forcing a failure.
[ 1170.196960][T25645] name failslab, interval 1, probability 0, space 0, times 0
[ 1170.244967][T25645] CPU: 1 UID: 0 PID: 25645 Comm: syz.2.4575 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1170.245002][T25645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1170.245017][T25645] Call Trace:
[ 1170.245025][T25645]  <TASK>
[ 1170.245035][T25645]  dump_stack_lvl+0x16c/0x1f0
[ 1170.245071][T25645]  should_fail_ex+0x512/0x640
[ 1170.245101][T25645]  ? __kvmalloc_node_noprof+0x122/0x600
[ 1170.245129][T25645]  should_failslab+0xc2/0x120
[ 1170.245157][T25645]  __kvmalloc_node_noprof+0x135/0x600
[ 1170.245183][T25645]  ? seq_read_iter+0x826/0x12c0
[ 1170.245220][T25645]  ? seq_read_iter+0x826/0x12c0
[ 1170.245249][T25645]  seq_read_iter+0x826/0x12c0
[ 1170.245280][T25645]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1170.245318][T25645]  kernfs_fop_read_iter+0x40f/0x5a0
[ 1170.245353][T25645]  copy_splice_read+0x615/0xba0
[ 1170.245393][T25645]  ? __pfx_copy_splice_read+0x10/0x10
[ 1170.245427][T25645]  ? look_up_lock_class+0x6b/0x150
[ 1170.245461][T25645]  ? lockdep_init_map_type+0x5c/0x280
[ 1170.245494][T25645]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1170.245535][T25645]  ? __pfx_copy_splice_read+0x10/0x10
[ 1170.245565][T25645]  do_splice_read+0x282/0x370
[ 1170.245600][T25645]  splice_direct_to_actor+0x2a1/0xa30
[ 1170.245634][T25645]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1170.245678][T25645]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1170.245707][T25645]  ? get_pid_task+0xfc/0x250
[ 1170.245746][T25645]  do_splice_direct+0x174/0x240
[ 1170.245779][T25645]  ? __pfx_do_splice_direct+0x10/0x10
[ 1170.245818][T25645]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1170.245855][T25645]  ? rw_verify_area+0xcf/0x680
[ 1170.245890][T25645]  do_sendfile+0xafd/0xe50
[ 1170.245930][T25645]  ? __pfx_do_sendfile+0x10/0x10
[ 1170.245964][T25645]  ? __fget_files+0x20e/0x3c0
[ 1170.246005][T25645]  __x64_sys_sendfile64+0x1d8/0x220
[ 1170.246031][T25645]  ? ksys_write+0x1b9/0x240
[ 1170.246052][T25645]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1170.246077][T25645]  ? rcu_is_watching+0x12/0xc0
[ 1170.246109][T25645]  do_syscall_64+0xcd/0x230
[ 1170.246141][T25645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.246166][T25645] RIP: 0033:0x7fca7578e969
[ 1170.246186][T25645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1170.246207][T25645] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1170.246230][T25645] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1170.246246][T25645] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[ 1170.246259][T25645] RBP: 00007fca76528090 R08: 0000000000000000 R09: 0000000000000000
[ 1170.246274][T25645] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001
[ 1170.246288][T25645] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1170.246320][T25645]  </TASK>
[ 1171.306214][T25661] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4578'.
[ 1172.762597][T25684] blk-mq: reduced tag depth (128 -> 64)
[ 1173.022453][T25689] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1173.085994][T25681] FAULT_INJECTION: forcing a failure.
[ 1173.085994][T25681] name failslab, interval 1, probability 0, space 0, times 0
[ 1173.111284][T25681] CPU: 0 UID: 0 PID: 25681 Comm: syz.2.4582 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1173.111329][T25681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1173.111343][T25681] Call Trace:
[ 1173.111353][T25681]  <TASK>
[ 1173.111363][T25681]  dump_stack_lvl+0x16c/0x1f0
[ 1173.111403][T25681]  should_fail_ex+0x512/0x640
[ 1173.111435][T25681]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[ 1173.111464][T25681]  should_failslab+0xc2/0x120
[ 1173.111490][T25681]  __kmalloc_cache_node_noprof+0x6d/0x420
[ 1173.111515][T25681]  ? sbitmap_init_node+0x2ca/0x770
[ 1173.111539][T25681]  ? sbitmap_queue_init_node+0x341/0x560
[ 1173.111568][T25681]  sbitmap_queue_init_node+0x341/0x560
[ 1173.111599][T25681]  blk_mq_init_tags+0x12d/0x2b0
[ 1173.111636][T25681]  blk_mq_alloc_map_and_rqs+0x237/0xf10
[ 1173.111672][T25681]  ? blk_mq_map_queues+0x211/0x410
[ 1173.111706][T25681]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[ 1173.111743][T25681]  blk_mq_alloc_tag_set+0x75e/0x1250
[ 1173.111787][T25681]  loop_add+0x3b7/0xb70
[ 1173.111819][T25681]  ? do_vfs_ioctl+0x512/0x1990
[ 1173.111852][T25681]  ? __pfx_loop_add+0x10/0x10
[ 1173.111881][T25681]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1173.111928][T25681]  ? find_held_lock+0x2b/0x80
[ 1173.111957][T25681]  loop_control_ioctl+0x13c/0x630
[ 1173.111990][T25681]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1173.112027][T25681]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1173.112061][T25681]  __x64_sys_ioctl+0x190/0x200
[ 1173.112096][T25681]  do_syscall_64+0xcd/0x230
[ 1173.112130][T25681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1173.112152][T25681] RIP: 0033:0x7fca7578e969
[ 1173.112172][T25681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1173.112196][T25681] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1173.112220][T25681] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1173.112238][T25681] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 1173.112255][T25681] RBP: 00007fca75810ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1173.112271][T25681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1173.112287][T25681] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1173.112330][T25681]  </TASK>
[ 1173.112504][T25681] blk-mq: reduced tag depth (128 -> 64)
[ 1173.555288][T25694] kernel read not supported for file /set_event_notrace_pid (pid: 25694 comm: syz.4.4586)
[ 1173.613567][   T30] audit: type=1800 audit(6041358548.348:30): pid=25694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4586" name="set_event_notrace_pid" dev="tracefs" ino=1072 res=0 errno=0
[ 1175.862804][T25735] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1176.994636][T25753] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130
[ 1177.095054][T25765] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input131
[ 1177.439202][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.446733][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.689015][T25770] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4603'.
[ 1178.528589][T25792] FAULT_INJECTION: forcing a failure.
[ 1178.528589][T25792] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1178.541716][T25792] CPU: 1 UID: 0 PID: 25792 Comm: syz.2.4609 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1178.541752][T25792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1178.541766][T25792] Call Trace:
[ 1178.541775][T25792]  <TASK>
[ 1178.541784][T25792]  dump_stack_lvl+0x16c/0x1f0
[ 1178.541821][T25792]  should_fail_ex+0x512/0x640
[ 1178.541863][T25792]  ? putname+0x154/0x1a0
[ 1178.541894][T25792]  get_futex_key+0x49e/0x1000
[ 1178.541925][T25792]  ? __pfx_get_futex_key+0x10/0x10
[ 1178.541963][T25792]  futex_wake+0xe7/0x4e0
[ 1178.541998][T25792]  ? __pfx_futex_wake+0x10/0x10
[ 1178.542034][T25792]  ? rcu_is_watching+0x12/0xc0
[ 1178.542057][T25792]  ? kasan_quarantine_put+0x10a/0x240
[ 1178.542081][T25792]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1178.542115][T25792]  do_futex+0x1e3/0x350
[ 1178.542141][T25792]  ? __pfx_do_futex+0x10/0x10
[ 1178.542177][T25792]  __x64_sys_futex+0x1e0/0x4c0
[ 1178.542205][T25792]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1178.542233][T25792]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1178.542261][T25792]  ? getname_flags.part.0+0x1c5/0x550
[ 1178.542291][T25792]  ? rcu_is_watching+0x12/0xc0
[ 1178.542324][T25792]  do_syscall_64+0xcd/0x230
[ 1178.542359][T25792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1178.542386][T25792] RIP: 0033:0x7fca7578e969
[ 1178.542406][T25792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1178.542428][T25792] RSP: 002b:00007fca765280e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1178.542450][T25792] RAX: ffffffffffffffda RBX: 00007fca759b5fa8 RCX: 00007fca7578e969
[ 1178.542465][T25792] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fca759b5fac
[ 1178.542481][T25792] RBP: 00007fca759b5fa0 R08: 00007fca76529000 R09: 0000000000000000
[ 1178.542497][T25792] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007fca759b5fac
[ 1178.542512][T25792] R13: 0000000000000000 R14: 00007fff31552380 R15: 00007fff31552468
[ 1178.542546][T25792]  </TASK>
[ 1179.010802][T25801] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1179.166339][T25808] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1179.775496][T25828] FAULT_INJECTION: forcing a failure.
[ 1179.775496][T25828] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1179.789352][T25828] CPU: 0 UID: 0 PID: 25828 Comm: syz.2.4620 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1179.789387][T25828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1179.789403][T25828] Call Trace:
[ 1179.789411][T25828]  <TASK>
[ 1179.789421][T25828]  dump_stack_lvl+0x16c/0x1f0
[ 1179.789457][T25828]  should_fail_ex+0x512/0x640
[ 1179.789496][T25828]  should_fail_alloc_page+0xe7/0x130
[ 1179.789526][T25828]  prepare_alloc_pages+0x3c2/0x610
[ 1179.789568][T25828]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[ 1179.789603][T25828]  ? futex_wait+0x120/0x380
[ 1179.789633][T25828]  ? __pfx_futex_wait+0x10/0x10
[ 1179.789668][T25828]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1179.789696][T25828]  ? kmem_cache_free+0x2d4/0x4d0
[ 1179.789728][T25828]  ? fd_install+0x225/0x750
[ 1179.789762][T25828]  ? putname+0x154/0x1a0
[ 1179.789797][T25828]  ? do_futex+0x122/0x350
[ 1179.789822][T25828]  ? aa_get_newest_label+0x375/0x680
[ 1179.789846][T25828]  ? __pfx_do_futex+0x10/0x10
[ 1179.789872][T25828]  ? __pfx_aa_get_newest_label+0x10/0x10
[ 1179.789899][T25828]  ? rcu_is_watching+0x12/0xc0
[ 1179.789922][T25828]  ? trace_cap_capable+0x18d/0x200
[ 1179.789950][T25828]  __alloc_pages_noprof+0xb/0x1b0
[ 1179.789976][T25828]  ___kmalloc_large_node+0x82/0x1e0
[ 1179.790013][T25828]  __kmalloc_large_noprof+0x1c/0x70
[ 1179.790045][T25828]  ? bpf_lsm_locked_down+0x9/0x10
[ 1179.790072][T25828]  ksys_ioperm+0x3c9/0x4f0
[ 1179.790111][T25828]  do_syscall_64+0xcd/0x230
[ 1179.790146][T25828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1179.790171][T25828] RIP: 0033:0x7fca7578e969
[ 1179.790192][T25828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1179.790216][T25828] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[ 1179.790240][T25828] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1179.790258][T25828] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000007
[ 1179.790273][T25828] RBP: 00007fca75810ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1179.790289][T25828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1179.790304][T25828] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1179.790337][T25828]  </TASK>
[ 1180.014138][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1180.658202][T25843] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4623'.
[ 1180.868810][T25845] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4624'.
[ 1181.439928][T25859] FAULT_INJECTION: forcing a failure.
[ 1181.439928][T25859] name failslab, interval 1, probability 0, space 0, times 0
[ 1181.478676][T25859] CPU: 1 UID: 0 PID: 25859 Comm: syz.2.4630 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1181.478718][T25859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1181.478734][T25859] Call Trace:
[ 1181.478744][T25859]  <TASK>
[ 1181.478755][T25859]  dump_stack_lvl+0x16c/0x1f0
[ 1181.478796][T25859]  should_fail_ex+0x512/0x640
[ 1181.478838][T25859]  ? fs_reclaim_acquire+0xae/0x150
[ 1181.478878][T25859]  ? tomoyo_encode2+0x100/0x3e0
[ 1181.478910][T25859]  should_failslab+0xc2/0x120
[ 1181.478939][T25859]  __kmalloc_noprof+0xd2/0x510
[ 1181.478966][T25859]  ? d_absolute_path+0x136/0x1a0
[ 1181.479001][T25859]  tomoyo_encode2+0x100/0x3e0
[ 1181.479037][T25859]  tomoyo_encode+0x29/0x50
[ 1181.479068][T25859]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1181.479111][T25859]  tomoyo_path_number_perm+0x245/0x580
[ 1181.479138][T25859]  ? tomoyo_path_number_perm+0x237/0x580
[ 1181.479170][T25859]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1181.479233][T25859]  ? find_held_lock+0x2b/0x80
[ 1181.479257][T25859]  ? hook_file_ioctl_common+0x145/0x410
[ 1181.479292][T25859]  ? __fget_files+0x20e/0x3c0
[ 1181.479335][T25859]  security_file_ioctl+0x9b/0x240
[ 1181.479367][T25859]  __x64_sys_ioctl+0xb7/0x200
[ 1181.479402][T25859]  do_syscall_64+0xcd/0x230
[ 1181.479439][T25859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.479465][T25859] RIP: 0033:0x7fca7578e969
[ 1181.479487][T25859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1181.479512][T25859] RSP: 002b:00007fca76528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1181.479537][T25859] RAX: ffffffffffffffda RBX: 00007fca759b5fa0 RCX: 00007fca7578e969
[ 1181.479554][T25859] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 1181.479568][T25859] RBP: 00007fca75810ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1181.479583][T25859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1181.479597][T25859] R13: 0000000000000000 R14: 00007fca759b5fa0 R15: 00007fff31552468
[ 1181.479630][T25859]  </TASK>
[ 1181.479844][T25859] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1181.708997][T25869] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input132
[ 1181.833598][T25866] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4633'.
[ 1181.955541][T25873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input133
[ 1183.242116][T25896] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4639'.
[ 1183.350743][T25901] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4641'.
[ 1183.779358][T25917] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input134
[ 1183.854560][T25918] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input135
[ 1185.101789][T25939] random: crng reseeded on system resumption
[ 1186.108802][T25958] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1186.460407][T25967] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4657'.
[ 1186.701486][T25971] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4659'.
[ 1187.645600][T25987] FAULT_INJECTION: forcing a failure.
[ 1187.645600][T25987] name failslab, interval 1, probability 0, space 0, times 0
[ 1187.658381][T25987] CPU: 0 UID: 0 PID: 25987 Comm: syz.4.4662 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1187.658411][T25987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1187.658426][T25987] Call Trace:
[ 1187.658435][T25987]  <TASK>
[ 1187.658445][T25987]  dump_stack_lvl+0x16c/0x1f0
[ 1187.658483][T25987]  should_fail_ex+0x512/0x640
[ 1187.658515][T25987]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1187.658556][T25987]  should_failslab+0xc2/0x120
[ 1187.658586][T25987]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1187.658622][T25987]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1187.658651][T25987]  ? loop_add+0xbd/0xb70
[ 1187.658686][T25987]  loop_add+0xbd/0xb70
[ 1187.658716][T25987]  ? do_vfs_ioctl+0x512/0x1990
[ 1187.658748][T25987]  ? __pfx_loop_add+0x10/0x10
[ 1187.658777][T25987]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1187.658831][T25987]  ? find_held_lock+0x2b/0x80
[ 1187.658861][T25987]  loop_control_ioctl+0x13c/0x630
[ 1187.658894][T25987]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1187.658931][T25987]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1187.658966][T25987]  __x64_sys_ioctl+0x190/0x200
[ 1187.659000][T25987]  do_syscall_64+0xcd/0x230
[ 1187.659034][T25987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1187.659060][T25987] RIP: 0033:0x7fc02d98e969
[ 1187.659079][T25987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1187.659099][T25987] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1187.659122][T25987] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1187.659138][T25987] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 1187.659153][T25987] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1187.659168][T25987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1187.659183][T25987] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1187.659216][T25987]  </TASK>
[ 1187.854608][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1188.322507][T25991] FAULT_INJECTION: forcing a failure.
[ 1188.322507][T25991] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1188.345811][T25991] CPU: 1 UID: 0 PID: 25991 Comm: syz.3.4664 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1188.345846][T25991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1188.345861][T25991] Call Trace:
[ 1188.345869][T25991]  <TASK>
[ 1188.345880][T25991]  dump_stack_lvl+0x16c/0x1f0
[ 1188.345916][T25991]  should_fail_ex+0x512/0x640
[ 1188.345964][T25991]  get_futex_key+0x49e/0x1000
[ 1188.345990][T25991]  ? __pfx_get_page_from_freelist+0x10/0x10
[ 1188.346020][T25991]  ? __pfx_get_futex_key+0x10/0x10
[ 1188.346047][T25991]  ? trace_mm_page_alloc+0x11f/0x1a0
[ 1188.346080][T25991]  ? __alloc_frozen_pages_noprof+0x298/0x23a0
[ 1188.346112][T25991]  futex_wake+0xe7/0x4e0
[ 1188.346143][T25991]  ? __pfx_futex_wake+0x10/0x10
[ 1188.346170][T25991]  ? __lock_acquire+0x5ca/0x1ba0
[ 1188.346200][T25991]  ? fd_install+0x225/0x750
[ 1188.346231][T25991]  ? putname+0x154/0x1a0
[ 1188.346263][T25991]  do_futex+0x1e3/0x350
[ 1188.346288][T25991]  ? __pfx_do_futex+0x10/0x10
[ 1188.346312][T25991]  ? rcu_read_unlock+0x17/0x60
[ 1188.346347][T25991]  __x64_sys_futex+0x1e0/0x4c0
[ 1188.346373][T25991]  ? __pfx_native_tss_update_io_bitmap+0x10/0x10
[ 1188.346399][T25991]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1188.346437][T25991]  do_syscall_64+0xcd/0x230
[ 1188.346470][T25991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.346494][T25991] RIP: 0033:0x7fcdf6b8e969
[ 1188.346514][T25991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1188.346537][T25991] RSP: 002b:00007fcdf79890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1188.346560][T25991] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa8 RCX: 00007fcdf6b8e969
[ 1188.346577][T25991] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcdf6db5fac
[ 1188.346592][T25991] RBP: 00007fcdf6db5fa0 R08: 00007fcdf798a000 R09: 0000000000000000
[ 1188.346608][T25991] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcdf6db5fac
[ 1188.346622][T25991] R13: 0000000000000000 R14: 00007fff9f8ce740 R15: 00007fff9f8ce828
[ 1188.346655][T25991]  </TASK>
[ 1188.888704][T26005] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4670'.
[ 1188.941003][T25996] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4666'.
[ 1189.204938][T26007] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input136
[ 1189.471419][T17519] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1189.481405][T17519] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1189.490050][T17519] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1189.502075][T17519] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1189.512049][T17519] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1189.562727][T26011] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input137
[ 1189.605539][T25996] syz.3.4666 (25996) used greatest stack depth: 20872 bytes left
[ 1190.110683][T26014] chnl_net:caif_netlink_parms(): no params data found
[ 1190.470835][T17336] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1190.640413][T26034] FAULT_INJECTION: forcing a failure.
[ 1190.640413][T26034] name failslab, interval 1, probability 0, space 0, times 0
[ 1190.657630][T26034] CPU: 1 UID: 0 PID: 26034 Comm: syz.4.4675 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1190.657679][T26034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1190.657695][T26034] Call Trace:
[ 1190.657705][T26034]  <TASK>
[ 1190.657716][T26034]  dump_stack_lvl+0x16c/0x1f0
[ 1190.657754][T26034]  should_fail_ex+0x512/0x640
[ 1190.657789][T26034]  ? __kmalloc_node_noprof+0xc5/0x500
[ 1190.657823][T26034]  should_failslab+0xc2/0x120
[ 1190.657854][T26034]  __kmalloc_node_noprof+0xd8/0x500
[ 1190.657882][T26034]  ? blk_mq_alloc_tag_set+0x414/0x1250
[ 1190.657923][T26034]  blk_mq_alloc_tag_set+0x414/0x1250
[ 1190.657957][T26034]  ? __pfx_idr_alloc+0x10/0x10
[ 1190.657997][T26034]  loop_add+0x3b7/0xb70
[ 1190.658031][T26034]  ? do_vfs_ioctl+0x512/0x1990
[ 1190.658063][T26034]  ? __pfx_loop_add+0x10/0x10
[ 1190.658091][T26034]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1190.658150][T26034]  ? find_held_lock+0x2b/0x80
[ 1190.658180][T26034]  loop_control_ioctl+0x13c/0x630
[ 1190.658213][T26034]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1190.658248][T26034]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1190.658280][T26034]  __x64_sys_ioctl+0x190/0x200
[ 1190.658312][T26034]  do_syscall_64+0xcd/0x230
[ 1190.658347][T26034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1190.658372][T26034] RIP: 0033:0x7fc02d98e969
[ 1190.658392][T26034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1190.658419][T26034] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1190.658443][T26034] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1190.658461][T26034] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 1190.658477][T26034] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1190.658492][T26034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1190.658506][T26034] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1190.658536][T26034]  </TASK>
[ 1190.870124][T17336] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1190.993662][T17336] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1191.063271][T26014] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1191.079259][T26014] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1191.087194][T26014] bridge_slave_0: entered allmulticast mode
[ 1191.103827][T26014] bridge_slave_0: entered promiscuous mode
[ 1191.160604][T17336] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1191.214291][T26014] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1191.221617][T26014] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1191.229272][T26014] bridge_slave_1: entered allmulticast mode
[ 1191.239487][T26014] bridge_slave_1: entered promiscuous mode
[ 1191.293522][T26014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1191.308072][T26014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1191.470742][T26045] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input138
[ 1191.516529][T26014] team0: Port device team_slave_0 added
[ 1191.569067][T26014] team0: Port device team_slave_1 added
[ 1191.596653][T17519] Bluetooth: hci2: command tx timeout
[ 1191.673475][T26014] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1191.683952][T26014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.712571][T26014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1191.726264][T26014] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1191.733523][T26014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1191.760453][T26014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1191.828101][T26014] hsr_slave_0: entered promiscuous mode
[ 1191.835757][T26014] hsr_slave_1: entered promiscuous mode
[ 1191.842105][T26014] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1191.850551][T26014] Cannot create hsr debugfs directory
[ 1193.675551][T17519] Bluetooth: hci2: command tx timeout
[ 1195.766397][T17519] Bluetooth: hci2: command tx timeout
[ 1197.837539][T17519] Bluetooth: hci2: command tx timeout
[ 1200.008701][T17519] Bluetooth: hci1: command 0x0406 tx timeout
[ 1206.206061][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1206.215931][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1206.223929][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1206.233153][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1206.243365][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1206.391183][T26075] chnl_net:caif_netlink_parms(): no params data found
[ 1206.460068][T26075] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1206.467476][T26075] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1206.474843][T26075] bridge_slave_0: entered allmulticast mode
[ 1206.487738][T26075] bridge_slave_0: entered promiscuous mode
[ 1206.496044][T26075] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1206.503488][T26075] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1206.510666][T26075] bridge_slave_1: entered allmulticast mode
[ 1206.518839][T26075] bridge_slave_1: entered promiscuous mode
[ 1206.548432][T26075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1206.560538][T26075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1206.593772][T26075] team0: Port device team_slave_0 added
[ 1206.601517][T26075] team0: Port device team_slave_1 added
[ 1206.628786][T26075] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1206.636161][T26075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1206.663205][T26075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1206.675749][T26075] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1206.683444][T26075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1206.709444][T26075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1206.753818][T26075] hsr_slave_0: entered promiscuous mode
[ 1206.760376][T26075] hsr_slave_1: entered promiscuous mode
[ 1206.766674][T26075] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1206.774462][T26075] Cannot create hsr debugfs directory
[ 1207.164937][ T5832] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1207.173942][ T5832] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1207.181722][ T5832] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1207.190699][ T5832] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1207.202130][ T5832] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1207.351026][T26085] chnl_net:caif_netlink_parms(): no params data found
[ 1207.420983][T26085] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1207.428309][T26085] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1207.435576][T26085] bridge_slave_0: entered allmulticast mode
[ 1207.444362][T26085] bridge_slave_0: entered promiscuous mode
[ 1207.452115][T26085] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1207.459537][T26085] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1207.467716][T26085] bridge_slave_1: entered allmulticast mode
[ 1207.475429][T26085] bridge_slave_1: entered promiscuous mode
[ 1207.504248][T26085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1207.515873][T26085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1207.556699][T26085] team0: Port device team_slave_0 added
[ 1207.565758][T26085] team0: Port device team_slave_1 added
[ 1207.594603][T26085] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1207.601575][T26085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1207.627585][T26085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1207.639645][T26085] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1207.647432][T26085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1207.674533][T26085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1207.716377][T26085] hsr_slave_0: entered promiscuous mode
[ 1207.722756][T26085] hsr_slave_1: entered promiscuous mode
[ 1207.729043][T26085] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1207.737809][T26085] Cannot create hsr debugfs directory
[ 1208.322867][ T5832] Bluetooth: hci3: command tx timeout
[ 1209.283313][ T5832] Bluetooth: hci5: command tx timeout
[ 1209.742619][T17519] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1209.754198][T17519] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1209.762048][T17519] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1209.773215][T17519] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1209.781555][T17519] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1209.938603][T26094] chnl_net:caif_netlink_parms(): no params data found
[ 1210.009017][T26094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1210.016184][T26094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1210.024110][T26094] bridge_slave_0: entered allmulticast mode
[ 1210.031872][T26094] bridge_slave_0: entered promiscuous mode
[ 1210.040001][T26094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1210.047507][T26094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1210.054800][T26094] bridge_slave_1: entered allmulticast mode
[ 1210.061783][T26094] bridge_slave_1: entered promiscuous mode
[ 1210.092192][T26094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1210.107456][T26094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1210.143242][T26094] team0: Port device team_slave_0 added
[ 1210.151041][T26094] team0: Port device team_slave_1 added
[ 1210.178348][T26094] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1210.185873][T26094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.212447][T26094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1210.225630][T26094] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1210.232597][T26094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.259642][T26094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1210.302872][T26094] hsr_slave_0: entered promiscuous mode
[ 1210.310170][T26094] hsr_slave_1: entered promiscuous mode
[ 1210.316711][T26094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1210.325161][T26094] Cannot create hsr debugfs directory
[ 1210.403849][ T5832] Bluetooth: hci3: command tx timeout
[ 1211.365324][ T5832] Bluetooth: hci5: command tx timeout
[ 1211.844634][ T5832] Bluetooth: hci6: command tx timeout
[ 1212.484847][ T5832] Bluetooth: hci3: command tx timeout
[ 1213.445307][ T5832] Bluetooth: hci5: command tx timeout
[ 1213.927075][ T5832] Bluetooth: hci6: command tx timeout
[ 1214.566019][ T5832] Bluetooth: hci3: command tx timeout
[ 1215.536317][ T5832] Bluetooth: hci5: command tx timeout
[ 1216.006718][ T5832] Bluetooth: hci6: command tx timeout
[ 1218.087756][ T5832] Bluetooth: hci6: command tx timeout
[ 1238.902222][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.908598][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1249.219302][T17519] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1249.229802][T17519] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1249.242117][T17519] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1249.251203][T17519] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1249.260521][T17519] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1249.421040][T26105] chnl_net:caif_netlink_parms(): no params data found
[ 1249.499174][T26105] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1249.506480][T26105] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1249.514602][T26105] bridge_slave_0: entered allmulticast mode
[ 1249.521745][T26105] bridge_slave_0: entered promiscuous mode
[ 1249.529786][T26105] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1249.537445][T26105] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1249.545795][T26105] bridge_slave_1: entered allmulticast mode
[ 1249.552954][T26105] bridge_slave_1: entered promiscuous mode
[ 1249.585211][T26105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1249.597933][T26105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1249.632103][T26105] team0: Port device team_slave_0 added
[ 1249.641159][T26105] team0: Port device team_slave_1 added
[ 1249.670015][T26105] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1249.677338][T26105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1249.704504][T26105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1249.717912][T26105] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1249.724948][T26105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1249.751999][T26105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1249.798102][T26105] hsr_slave_0: entered promiscuous mode
[ 1249.804506][T26105] hsr_slave_1: entered promiscuous mode
[ 1249.810851][T26105] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1249.818465][T26105] Cannot create hsr debugfs directory
[ 1251.304357][ T5832] Bluetooth: hci7: command tx timeout
[ 1253.385394][ T5832] Bluetooth: hci7: command tx timeout
[ 1255.466346][ T5832] Bluetooth: hci7: command tx timeout
[ 1257.547411][ T5832] Bluetooth: hci7: command tx timeout
[ 1266.219161][T17519] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1266.229662][T17519] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1266.237795][T17519] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1266.248195][T17519] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1266.257463][T17519] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1266.424549][T26116] chnl_net:caif_netlink_parms(): no params data found
[ 1266.502042][T26116] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1266.510575][T26116] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1266.518297][T26116] bridge_slave_0: entered allmulticast mode
[ 1266.527054][T26116] bridge_slave_0: entered promiscuous mode
[ 1266.534892][T26116] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1266.542107][T26116] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1266.549328][T26116] bridge_slave_1: entered allmulticast mode
[ 1266.557678][T26116] bridge_slave_1: entered promiscuous mode
[ 1266.590843][T26116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1266.603581][T26116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1266.641187][T26116] team0: Port device team_slave_0 added
[ 1266.649086][T26116] team0: Port device team_slave_1 added
[ 1266.680398][T26116] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1266.688169][T26116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1266.715228][T26116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1266.728383][T26116] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1266.735708][T26116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1266.762428][T26116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1266.810139][T26116] hsr_slave_0: entered promiscuous mode
[ 1266.816530][T26116] hsr_slave_1: entered promiscuous mode
[ 1266.822772][T26116] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1266.830322][T26116] Cannot create hsr debugfs directory
[ 1267.245639][T17519] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1267.255124][T17519] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1267.264417][T17519] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1267.274975][T17519] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1267.282759][T17519] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1267.462458][T26128] chnl_net:caif_netlink_parms(): no params data found
[ 1267.559608][T26128] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1267.566854][T26128] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1267.574588][T26128] bridge_slave_0: entered allmulticast mode
[ 1267.582642][T26128] bridge_slave_0: entered promiscuous mode
[ 1267.590210][T26128] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1267.598023][T26128] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1267.605599][T26128] bridge_slave_1: entered allmulticast mode
[ 1267.614114][T26128] bridge_slave_1: entered promiscuous mode
[ 1267.646168][T26128] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1267.658023][T26128] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1267.693276][T26128] team0: Port device team_slave_0 added
[ 1267.704722][T26128] team0: Port device team_slave_1 added
[ 1267.736715][T26128] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1267.743857][T26128] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1267.770207][T26128] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1267.785077][T26128] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1267.792050][T26128] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1267.820027][T26128] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1267.867434][T26128] hsr_slave_0: entered promiscuous mode
[ 1267.874700][T26128] hsr_slave_1: entered promiscuous mode
[ 1267.881046][T26128] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1267.889279][T26128] Cannot create hsr debugfs directory
[ 1268.352887][ T5832] Bluetooth: hci8: command tx timeout
[ 1269.313330][ T5832] Bluetooth: hci9: command tx timeout
[ 1270.232833][T17519] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1270.243031][T17519] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1270.251437][T17519] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1270.262697][T17519] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1270.270819][T17519] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1270.431282][T26140] chnl_net:caif_netlink_parms(): no params data found
[ 1270.434237][ T5832] Bluetooth: hci8: command tx timeout
[ 1270.513635][T26140] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1270.521268][T26140] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1270.529236][T26140] bridge_slave_0: entered allmulticast mode
[ 1270.537139][T26140] bridge_slave_0: entered promiscuous mode
[ 1270.545256][T26140] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1270.552893][T26140] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1270.560282][T26140] bridge_slave_1: entered allmulticast mode
[ 1270.568534][T26140] bridge_slave_1: entered promiscuous mode
[ 1270.600453][T26140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1270.613508][T26140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1270.651765][T26140] team0: Port device team_slave_0 added
[ 1270.660376][T26140] team0: Port device team_slave_1 added
[ 1270.690348][T26140] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1270.697717][T26140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1270.723892][T26140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1270.736261][T26140] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1270.743201][T26140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1270.770539][T26140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1270.819810][T26140] hsr_slave_0: entered promiscuous mode
[ 1270.827036][T26140] hsr_slave_1: entered promiscuous mode
[ 1270.833077][T26140] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1270.841088][T26140] Cannot create hsr debugfs directory
[ 1271.395317][ T5832] Bluetooth: hci9: command tx timeout
[ 1272.364850][ T5832] Bluetooth: hci10: command tx timeout
[ 1272.514884][ T5832] Bluetooth: hci8: command tx timeout
[ 1273.475296][ T5832] Bluetooth: hci9: command tx timeout
[ 1274.435936][ T5832] Bluetooth: hci10: command tx timeout
[ 1274.596374][ T5832] Bluetooth: hci8: command tx timeout
[ 1275.566365][ T5832] Bluetooth: hci9: command tx timeout
[ 1276.527202][ T5832] Bluetooth: hci10: command tx timeout
[ 1278.598007][ T5832] Bluetooth: hci10: command tx timeout
[ 1300.371315][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.377646][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1309.796818][T17519] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1309.806322][T17519] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1309.815962][T17519] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1309.827751][T17519] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1309.837318][T17519] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1310.002703][T26156] chnl_net:caif_netlink_parms(): no params data found
[ 1310.081819][T26156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1310.089048][T26156] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1310.097542][T26156] bridge_slave_0: entered allmulticast mode
[ 1310.105236][T26156] bridge_slave_0: entered promiscuous mode
[ 1310.112801][T26156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1310.120756][T26156] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1310.129875][T26156] bridge_slave_1: entered allmulticast mode
[ 1310.138173][T26156] bridge_slave_1: entered promiscuous mode
[ 1310.172073][T26156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1310.184537][T26156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1310.225705][T26156] team0: Port device team_slave_0 added
[ 1310.236344][T26156] team0: Port device team_slave_1 added
[ 1310.265360][T26156] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1310.272334][T26156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1310.298618][T26156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1310.311732][T26156] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1310.319637][T26156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1310.346279][T26156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1310.392549][T26156] hsr_slave_0: entered promiscuous mode
[ 1310.398901][T26156] hsr_slave_1: entered promiscuous mode
[ 1310.406681][T26156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1310.414347][T26156] Cannot create hsr debugfs directory
[ 1311.894738][ T5832] Bluetooth: hci11: command tx timeout
[ 1312.695454][ T5832] Bluetooth: hci2: command 0x0406 tx timeout
[ 1313.975684][T17519] Bluetooth: hci11: command tx timeout
[ 1316.056765][T17519] Bluetooth: hci11: command tx timeout
[ 1318.137847][T17519] Bluetooth: hci11: command tx timeout
[ 1326.328046][ T5832] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1326.339891][ T5832] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1326.349043][ T5832] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1326.358384][ T5832] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1326.366538][ T5832] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1326.546566][T26166] chnl_net:caif_netlink_parms(): no params data found
[ 1326.634368][T26166] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1326.641504][T26166] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1326.650347][T26166] bridge_slave_0: entered allmulticast mode
[ 1326.657935][T26166] bridge_slave_0: entered promiscuous mode
[ 1326.667352][T26166] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1326.674595][T26166] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1326.681872][T26166] bridge_slave_1: entered allmulticast mode
[ 1326.689717][T26166] bridge_slave_1: entered promiscuous mode
[ 1326.725598][T26166] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1326.737936][T26166] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1326.774515][T26166] team0: Port device team_slave_0 added
[ 1326.785094][T26166] team0: Port device team_slave_1 added
[ 1326.817491][T26166] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1326.825217][T26166] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1326.851197][T26166] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1326.864200][T26166] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1326.871169][T26166] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1326.898014][T26166] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1326.950453][T26166] hsr_slave_0: entered promiscuous mode
[ 1326.957686][T26166] hsr_slave_1: entered promiscuous mode
[ 1326.964564][T26166] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1326.972330][T26166] Cannot create hsr debugfs directory
[ 1327.314254][T17519] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1327.324438][T17519] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1327.333402][T17519] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1327.345223][T17519] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1327.357100][T17519] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1327.531482][T26176] chnl_net:caif_netlink_parms(): no params data found
[ 1327.621265][T26176] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1327.629352][T26176] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1327.639587][T26176] bridge_slave_0: entered allmulticast mode
[ 1327.647991][T26176] bridge_slave_0: entered promiscuous mode
[ 1327.656782][T26176] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1327.664476][T26176] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1327.671736][T26176] bridge_slave_1: entered allmulticast mode
[ 1327.678960][T26176] bridge_slave_1: entered promiscuous mode
[ 1327.712235][T26176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1327.725778][T26176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1327.771766][T26176] team0: Port device team_slave_0 added
[ 1327.780102][T26176] team0: Port device team_slave_1 added
[ 1327.807896][T26176] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1327.815351][T26176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1327.842762][T26176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1327.856625][T26176] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1327.863933][T26176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1327.890346][T26176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1327.938872][T26176] hsr_slave_0: entered promiscuous mode
[ 1327.946158][T26176] hsr_slave_1: entered promiscuous mode
[ 1327.953191][T26176] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1327.960771][T26176] Cannot create hsr debugfs directory
[ 1328.462883][ T5832] Bluetooth: hci12: command tx timeout
[ 1329.423374][ T5832] Bluetooth: hci13: command tx timeout
[ 1330.319721][T17519] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1330.329062][T17519] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1330.338643][T17519] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1330.349450][T17519] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1330.358436][T17519] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1330.544108][ T5832] Bluetooth: hci12: command tx timeout
[ 1330.554748][T26185] chnl_net:caif_netlink_parms(): no params data found
[ 1330.643366][T26185] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1330.651664][T26185] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1330.659167][T26185] bridge_slave_0: entered allmulticast mode
[ 1330.667245][T26185] bridge_slave_0: entered promiscuous mode
[ 1330.675531][T26185] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1330.682715][T26185] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1330.691136][T26185] bridge_slave_1: entered allmulticast mode
[ 1330.698417][T26185] bridge_slave_1: entered promiscuous mode
[ 1330.737721][T26185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1330.751132][T26185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1330.790124][T26185] team0: Port device team_slave_0 added
[ 1330.798180][T26185] team0: Port device team_slave_1 added
[ 1330.833516][T26185] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1330.840644][T26185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1330.868460][T26185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1330.881052][T26185] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1330.888139][T26185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1330.915201][T26185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1330.970153][T26185] hsr_slave_0: entered promiscuous mode
[ 1330.977229][T26185] hsr_slave_1: entered promiscuous mode
[ 1330.983315][T26185] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1330.991264][T26185] Cannot create hsr debugfs directory
[ 1331.504426][T26195] Bluetooth: hci13: command tx timeout
[ 1332.385268][T26195] Bluetooth: hci14: command tx timeout
[ 1332.625300][T26195] Bluetooth: hci12: command tx timeout
[ 1333.189096][T26195] Bluetooth: hci6: command 0x0406 tx timeout
[ 1333.195252][T26194] Bluetooth: hci5: command 0x0406 tx timeout
[ 1333.201298][T26194] Bluetooth: hci3: command 0x0406 tx timeout
[ 1333.585813][ T5832] Bluetooth: hci13: command tx timeout
[ 1334.465961][ T5832] Bluetooth: hci14: command tx timeout
[ 1334.705995][ T5832] Bluetooth: hci12: command tx timeout
[ 1335.666609][ T5832] Bluetooth: hci13: command tx timeout
[ 1336.546932][ T5832] Bluetooth: hci14: command tx timeout
[ 1338.633139][ T5832] Bluetooth: hci14: command tx timeout
[ 1343.911087][   T31] INFO: task kworker/u8:12:17336 blocked for more than 143 seconds.
[ 1343.919136][   T31]       Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0
[ 1343.927650][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1343.937343][   T31] task:kworker/u8:12   state:D stack:24568 pid:17336 tgid:17336 ppid:2      task_flags:0x4208160 flags:0x00004000
[ 1343.949517][   T31] Workqueue: netns cleanup_net
[ 1343.954375][   T31] Call Trace:
[ 1343.957658][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1343.960654][   T31]  __schedule+0x116f/0x5de0
[ 1343.965387][   T31]  ? __pfx___schedule+0x10/0x10
[ 1343.970290][   T31]  ? find_held_lock+0x2b/0x80
[ 1343.975954][   T31]  ? schedule+0x2d7/0x3a0
[ 1343.980518][   T31]  schedule+0xe7/0x3a0
[ 1343.984630][   T31]  schedule_timeout+0x257/0x290
[ 1343.989521][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1343.995814][   T31]  ? mark_held_locks+0x49/0x80
[ 1344.000968][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1344.007137][   T31]  __wait_for_common+0x2fc/0x4e0
[ 1344.012603][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1344.018018][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1344.026181][   T31]  remove_one+0x312/0x420
[ 1344.040791][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1344.045701][   T31]  simple_recursive_removal+0x4e2/0x8e0
[ 1344.060543][   T31]  ? __pfx_remove_one+0x10/0x10
[ 1344.065466][   T31]  debugfs_remove+0x5d/0x80
[ 1344.070010][   T31]  nsim_dev_health_exit+0x3b/0xe0
[ 1344.086399][   T31]  nsim_dev_reload_destroy+0x144/0x4d0
[ 1344.097564][   T31]  nsim_dev_reload_down+0x6e/0xd0
[ 1344.108982][   T31]  devlink_reload+0x19e/0x7c0
[ 1344.114285][   T31]  ? __pfx_devlink_reload+0x10/0x10
[ 1344.119551][   T31]  devlink_pernet_pre_exit+0x1a0/0x2b0
[ 1344.126519][   T31]  ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[ 1344.133466][   T31]  ? up_write+0x1b2/0x520
[ 1344.137858][   T31]  ? kobject_put+0xab/0x5a0
[ 1344.147896][   T31]  ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[ 1344.154843][   T31]  cleanup_net+0x494/0xb30
[ 1344.159313][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1344.165049][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1344.169857][   T31]  process_one_work+0x9cc/0x1b70
[ 1344.175399][   T31]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[ 1344.183242][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1344.188698][   T31]  ? assign_work+0x1a0/0x250
[ 1344.193851][   T31]  worker_thread+0x6c8/0xf10
[ 1344.198513][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1344.204247][   T31]  kthread+0x3c2/0x780
[ 1344.208394][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.214392][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.219037][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.224156][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.228800][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1344.234826][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.239468][   T31]  ret_from_fork+0x45/0x80
[ 1344.249738][   T31]  ? __pfx_kthread+0x10/0x10
[ 1344.254651][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1344.259489][   T31]  </TASK>
[ 1344.263862][   T31] INFO: task syz-executor:26014 blocked for more than 143 seconds.
[ 1344.271876][   T31]       Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0
[ 1344.279525][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1344.288348][   T31] task:syz-executor    state:D stack:24120 pid:26014 tgid:26014 ppid:1      task_flags:0x400140 flags:0x00000004
[ 1344.302310][   T31] Call Trace:
[ 1344.305621][   T31]  <TASK>
[ 1344.308576][   T31]  __schedule+0x116f/0x5de0
[ 1344.314218][   T31]  ? __pfx___schedule+0x10/0x10
[ 1344.319124][   T31]  ? find_held_lock+0x2b/0x80
[ 1344.323913][   T31]  ? schedule+0x2d7/0x3a0
[ 1344.328281][   T31]  schedule+0xe7/0x3a0
[ 1344.333965][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1344.339481][   T31]  __mutex_lock+0x6c7/0xb90
[ 1344.345305][   T31]  ? device_del+0xa0/0x9f0
[ 1344.349782][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1344.354943][   T31]  ? mark_held_locks+0x49/0x80
[ 1344.359938][   T31]  ? device_del+0xa0/0x9f0
[ 1344.364452][   T31]  device_del+0xa0/0x9f0
[ 1344.368750][   T31]  ? __pfx_ida_free+0x10/0x10
[ 1344.375237][   T31]  ? __pfx_device_del+0x10/0x10
[ 1344.380148][   T31]  device_unregister+0x1d/0xc0
[ 1344.385705][   T31]  del_device_store+0x355/0x4a0
[ 1344.390595][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1344.397233][   T31]  ? find_held_lock+0x2b/0x80
[ 1344.402329][   T31]  ? sysfs_file_kobj+0xe4/0x290
[ 1344.407320][   T31]  ? __pfx_del_device_store+0x10/0x10
[ 1344.413222][   T31]  bus_attr_store+0x71/0xb0
[ 1344.418758][   T31]  ? __pfx_bus_attr_store+0x10/0x10
[ 1344.426050][   T31]  sysfs_kf_write+0xef/0x150
[ 1344.431015][   T31]  kernfs_fop_write_iter+0x351/0x510
[ 1344.436915][   T31]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1344.442642][   T31]  vfs_write+0x5ba/0x1180
[ 1344.447748][   T31]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1344.454036][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1344.458842][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1344.464603][   T31]  ksys_write+0x12a/0x240
[ 1344.468971][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1344.474645][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1344.479459][   T31]  do_syscall_64+0xcd/0x230
[ 1344.485574][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1344.494608][   T31] RIP: 0033:0x7f155558d41f
[ 1344.499108][   T31] RSP: 002b:00007fffb2f8a1e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1344.519423][   T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f155558d41f
[ 1344.546146][   T31] RDX: 0000000000000001 RSI: 00007fffb2f8a230 RDI: 0000000000000005
[ 1344.555747][   T31] RBP: 00007f1555611d05 R08: 0000000000000000 R09: 00007fffb2f8a037
[ 1344.568546][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1344.576954][   T31] R13: 00007fffb2f8a230 R14: 00007f15562e4620 R15: 0000000000000003
[ 1344.596760][   T31]  </TASK>
[ 1344.599925][   T31] INFO: task syz.1.4676:26033 blocked for more than 144 seconds.
[ 1344.625479][   T31]       Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0
[ 1344.670926][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1344.679647][   T31] task:syz.1.4676      state:D stack:26776 pid:26033 tgid:26031 ppid:15675  task_flags:0x400140 flags:0x00000004
[ 1344.702238][   T31] Call Trace:
[ 1344.705572][   T31]  <TASK>
[ 1344.708503][   T31]  __schedule+0x116f/0x5de0
[ 1344.713475][   T31]  ? save_trace+0x4e/0x380
[ 1344.717932][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[ 1344.724483][   T31]  ? __pfx___schedule+0x10/0x10
[ 1344.729378][   T31]  ? find_held_lock+0x2b/0x80
[ 1344.734379][   T31]  ? schedule+0x2d7/0x3a0
[ 1344.738747][   T31]  schedule+0xe7/0x3a0
[ 1344.743222][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1344.748733][   T31]  __mutex_lock+0x6c7/0xb90
[ 1344.753852][   T31]  ? netlink_has_listeners+0x219/0x430
[ 1344.759341][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1344.765001][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1344.770056][   T31]  ? irqentry_exit+0x3b/0x90
[ 1344.774734][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1344.779956][   T31]  ? devlink_health_report+0x3ba/0x9c0
[ 1344.785507][   T31]  devlink_health_report+0x3ba/0x9c0
[ 1344.790860][   T31]  ? __pfx_devlink_health_report+0x10/0x10
[ 1344.796789][   T31]  ? _copy_from_user+0x59/0xd0
[ 1344.801752][   T31]  nsim_dev_health_break_write+0x166/0x210
[ 1344.807583][   T31]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 1344.813997][   T31]  full_proxy_write+0x13c/0x200
[ 1344.818882][   T31]  vfs_write+0x25c/0x1180
[ 1344.823309][   T31]  ? __pfx_full_proxy_write+0x10/0x10
[ 1344.829293][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1344.834416][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1344.839303][   T31]  ? __fget_files+0x20e/0x3c0
[ 1344.845426][   T31]  ksys_write+0x12a/0x240
[ 1344.849807][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1344.855071][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1344.860270][   T31]  do_syscall_64+0xcd/0x230
[ 1344.864872][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1344.870787][   T31] RIP: 0033:0x7fe52f38e969
[ 1344.879181][   T31] RSP: 002b:00007fe5301f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1344.888398][   T31] RAX: ffffffffffffffda RBX: 00007fe52f5b5fa0 RCX: 00007fe52f38e969
[ 1344.896669][   T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000006
[ 1344.904746][   T31] RBP: 00007fe52f410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1344.912786][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1344.920771][   T31] R13: 0000000000000000 R14: 00007fe52f5b5fa0 R15: 00007ffd1239ad18
[ 1344.929341][   T31]  </TASK>
[ 1344.932478][   T31] INFO: task syz.4.4681:26056 blocked for more than 144 seconds.
[ 1344.940200][   T31]       Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0
[ 1344.950461][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1344.960052][   T31] task:syz.4.4681      state:D stack:26984 pid:26056 tgid:26055 ppid:23545  task_flags:0x400140 flags:0x00000004
[ 1344.972221][   T31] Call Trace:
[ 1344.975520][   T31]  <TASK>
[ 1344.978468][   T31]  __schedule+0x116f/0x5de0
[ 1344.983120][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[ 1344.988094][   T31]  ? __pfx___schedule+0x10/0x10
[ 1344.993192][   T31]  ? find_held_lock+0x2b/0x80
[ 1344.997897][   T31]  ? schedule+0x2d7/0x3a0
[ 1345.002333][   T31]  schedule+0xe7/0x3a0
[ 1345.006422][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1345.011942][   T31]  rwsem_down_read_slowpath+0x62f/0xb60
[ 1345.017520][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1345.023668][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1345.028973][   T31]  ? find_held_lock+0x2b/0x80
[ 1345.034466][   T31]  down_read+0xef/0x480
[ 1345.038794][   T31]  ? mnt_get_write_access+0x54/0x300
[ 1345.044180][   T31]  ? __pfx_down_read+0x10/0x10
[ 1345.048964][   T31]  ? mnt_get_write_access+0x20c/0x300
[ 1345.054829][   T31]  path_openat+0x88a/0x2d40
[ 1345.059383][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1345.065022][   T31]  do_filp_open+0x20b/0x470
[ 1345.069555][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1345.074676][   T31]  ? alloc_fd+0x471/0x7d0
[ 1345.079034][   T31]  do_sys_openat2+0x11b/0x1d0
[ 1345.083789][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1345.089013][   T31]  __x64_sys_openat+0x174/0x210
[ 1345.093936][   T31]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1345.099336][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1345.104334][   T31]  do_syscall_64+0xcd/0x230
[ 1345.108874][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.114978][   T31] RIP: 0033:0x7fc02d98e969
[ 1345.119427][   T31] RSP: 002b:00007fc02e7c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1345.127912][   T31] RAX: ffffffffffffffda RBX: 00007fc02dbb5fa0 RCX: 00007fc02d98e969
[ 1345.136599][   T31] RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1345.144666][   T31] RBP: 00007fc02da10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1345.153024][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1345.161076][   T31] R13: 0000000000000000 R14: 00007fc02dbb5fa0 R15: 00007ffdf0f19518
[ 1345.169544][   T31]  </TASK>
[ 1345.172737][   T31] INFO: task syz.3.4685:26071 blocked for more than 144 seconds.
[ 1345.180489][   T31]       Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0
[ 1345.189411][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1345.198365][   T31] task:syz.3.4685      state:D stack:26984 pid:26071 tgid:26070 ppid:16325  task_flags:0x400140 flags:0x00000004
[ 1345.210568][   T31] Call Trace:
[ 1345.214070][   T31]  <TASK>
[ 1345.217015][   T31]  __schedule+0x116f/0x5de0
[ 1345.221840][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[ 1345.226822][   T31]  ? __pfx___schedule+0x10/0x10
[ 1345.231944][   T31]  ? find_held_lock+0x2b/0x80
[ 1345.237046][   T31]  ? schedule+0x2d7/0x3a0
[ 1345.241670][   T31]  schedule+0xe7/0x3a0
[ 1345.245770][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1345.252573][   T31]  rwsem_down_read_slowpath+0x62f/0xb60
[ 1345.258365][   T31]  ? __pfx_rwsem_down_read_slowpath+0x10/0x10
[ 1345.264789][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1345.270505][   T31]  ? find_held_lock+0x2b/0x80
[ 1345.275381][   T31]  down_read+0xef/0x480
[ 1345.279561][   T31]  ? mnt_get_write_access+0x54/0x300
[ 1345.284924][   T31]  ? __pfx_down_read+0x10/0x10
[ 1345.289711][   T31]  ? mnt_get_write_access+0x20c/0x300
[ 1345.295152][   T31]  path_openat+0x88a/0x2d40
[ 1345.299702][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1345.304746][   T31]  do_filp_open+0x20b/0x470
[ 1345.309284][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1345.314430][   T31]  ? alloc_fd+0x471/0x7d0
[ 1345.318807][   T31]  do_sys_openat2+0x11b/0x1d0
[ 1345.323734][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1345.328968][   T31]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1345.334514][   T31]  __x64_sys_openat+0x174/0x210
[ 1345.339798][   T31]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1345.345319][   T31]  ? ksys_mmap_pgoff+0x85/0x5c0
[ 1345.350201][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1345.355161][   T31]  do_syscall_64+0xcd/0x230
[ 1345.360082][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.366104][   T31] RIP: 0033:0x7fcdf6b8e969
[ 1345.371420][   T31] RSP: 002b:00007fcdf7989038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1345.379863][   T31] RAX: ffffffffffffffda RBX: 00007fcdf6db5fa0 RCX: 00007fcdf6b8e969
[ 1345.387909][   T31] RDX: 0000000000048081 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1345.395934][   T31] RBP: 00007fcdf6c10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1345.403976][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1345.412022][   T31] R13: 0000000000000000 R14: 00007fcdf6db5fa0 R15: 00007fff9f8ce828
[ 1345.420017][   T31]  </TASK>
[ 1345.423149][   T31] 
[ 1345.423149][   T31] Showing all locks held in the system:
[ 1345.430905][   T31] 1 lock held by khungtaskd/31:
[ 1345.443124][   T31]  #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1345.453151][   T31] 1 lock held by kworker/u8:2/36:
[ 1345.458183][   T31]  #0: ffff8880b8539f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 1345.468520][   T31] 2 locks held by kworker/u8:3/53:
[ 1345.474270][   T31] 3 locks held by kworker/u8:5/80:
[ 1345.479395][   T31]  #0: ffff8880b8539f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 1345.489381][   T31]  #1: ffff8880b8523c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x2c1/0x8e0
[ 1345.500868][   T31]  #2: ffff88802a3a8768 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0x99/0x550
[ 1345.510999][   T31] 1 lock held by klogd/5190:
[ 1345.515883][   T31]  #0: ffff8880b8539f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 1345.525932][   T31] 6 locks held by kworker/u8:12/17336:
[ 1345.531434][   T31]  #0: ffff88801c2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1345.542526][   T31]  #1: ffffc9000458fd18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1345.552723][   T31]  #2: ffffffff90110750 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[ 1345.562528][   T31]  #3: ffff8880222be0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0
[ 1345.573218][   T31]  #4: ffff888143f0f250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0
[ 1345.584160][   T31]  #5: ffff88804eaa6f20 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_recursive_removal+0x2f5/0x8e0
[ 1345.595719][   T31] 2 locks held by getty/24650:
[ 1345.600494][   T31]  #0: ffff888031efe0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1345.610334][   T31]  #1: ffffc900030642f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1345.620534][   T31] 5 locks held by syz-executor/26014:
[ 1345.625969][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.635040][   T31]  #1: ffff88806fc3d488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.645405][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.655578][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.666424][   T31]  #4: ffff8880222be0e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9f0
[ 1345.676375][   T31] 3 locks held by syz.1.4676/26033:
[ 1345.683415][   T31]  #0: ffff888023b23b38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[ 1345.693581][   T31]  #1: ffff888141eca420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.702870][   T31]  #2: ffff888143f0f250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_health_report+0x3ba/0x9c0
[ 1345.713739][   T31] 2 locks held by syz.4.4681/26056:
[ 1345.718953][   T31]  #0: ffff888141eca420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1f3e/0x2d40
[ 1345.728352][   T31]  #1: ffff88804eaa6f20 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x88a/0x2d40
[ 1345.738890][   T31] 2 locks held by syz.3.4685/26071:
[ 1345.744175][   T31]  #0: ffff888141eca420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1f3e/0x2d40
[ 1345.754592][   T31]  #1: ffff88804eaa6f20 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x88a/0x2d40
[ 1345.765216][   T31] 4 locks held by syz-executor/26075:
[ 1345.771022][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.780613][   T31]  #1: ffff8880714df488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.790504][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.800646][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.811047][   T31] 4 locks held by syz-executor/26085:
[ 1345.816490][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.825605][   T31]  #1: ffff888034c23488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.835643][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.845926][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.857173][   T31] 4 locks held by syz-executor/26094:
[ 1345.862624][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.872278][   T31]  #1: ffff88806855dc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.882689][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.892830][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.903240][   T31] 4 locks held by syz-executor/26105:
[ 1345.908621][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.920006][   T31]  #1: ffff888012f2ec88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.930307][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.940462][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.950841][   T31] 4 locks held by syz-executor/26116:
[ 1345.956878][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1345.965993][   T31]  #1: ffff8880810fe888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1345.976181][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1345.986858][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1345.997584][   T31] 4 locks held by syz-executor/26128:
[ 1346.003013][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.012105][   T31]  #1: ffff8880295e5c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.021944][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.032085][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.042445][   T31] 4 locks held by syz-executor/26140:
[ 1346.047823][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.057427][   T31]  #1: ffff88808d225888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.067294][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.077933][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.088843][   T31] 4 locks held by syz-executor/26156:
[ 1346.094293][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.103526][   T31]  #1: ffff888029958c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.113411][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.123548][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.133925][   T31] 4 locks held by syz-executor/26166:
[ 1346.139316][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.148419][   T31]  #1: ffff8880840f2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.158662][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.168811][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.179359][   T31] 4 locks held by syz-executor/26176:
[ 1346.184807][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.194237][   T31]  #1: ffff88806f99b488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.204295][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.214634][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.225047][   T31] 4 locks held by syz-executor/26185:
[ 1346.230431][   T31]  #0: ffff888036ad8420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x240
[ 1346.239809][   T31]  #1: ffff88809a918088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[ 1346.249810][   T31]  #2: ffff888027c01008 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[ 1346.260493][   T31]  #3: ffffffff8f6c8bc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0
[ 1346.271046][   T31] 
[ 1346.273457][   T31] =============================================
[ 1346.273457][   T31] 
[ 1346.282249][   T31] NMI backtrace for cpu 0
[ 1346.282269][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1346.282298][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1346.282320][   T31] Call Trace:
[ 1346.282329][   T31]  <TASK>
[ 1346.282338][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1346.282373][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1346.282399][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1346.282433][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1346.282461][   T31]  watchdog+0xf70/0x12c0
[ 1346.282497][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1346.282523][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1346.282555][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1346.282585][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1346.282612][   T31]  kthread+0x3c2/0x780
[ 1346.282644][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282673][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282702][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282732][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282761][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1346.282790][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282822][   T31]  ret_from_fork+0x45/0x80
[ 1346.282855][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.282886][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1346.282934][   T31]  </TASK>
[ 1346.282943][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1346.418267][    C1] NMI backtrace for cpu 1
[ 1346.418284][    C1] CPU: 1 UID: 0 PID: 80 Comm: kworker/u8:5 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1346.418311][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1346.418325][    C1] Workqueue: bat_events batadv_nc_worker
[ 1346.418352][    C1] RIP: 0010:lock_acquire+0x127/0x350
[ 1346.418380][    C1] Code: 0d d2 a6 ed 0e 85 c9 0f 84 b1 00 00 00 65 8b 05 b7 d1 0b 12 85 c0 0f 85 a2 00 00 00 65 48 8b 05 37 94 0b 12 8b 90 ec 0a 00 00 <85> d2 0f 85 8c 00 00 00 9c 8f 04 24 fa 48 c7 c7 7d c3 cc 8d e8 90
[ 1346.418400][    C1] RSP: 0018:ffffc9000157fa48 EFLAGS: 00000246
[ 1346.418416][    C1] RAX: ffff88801db43c00 RBX: ffffffff8e3bf440 RCX: 0000000000000001
[ 1346.418430][    C1] RDX: 0000000000000000 RSI: ffffffff8b36c734 RDI: fffffbfff1c77e88
[ 1346.418444][    C1] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[ 1346.418456][    C1] R10: 0000000000000014 R11: 0000000000000000 R12: 0000000000000000
[ 1346.418468][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1346.418481][    C1] FS:  0000000000000000(0000) GS:ffff888124aec000(0000) knlGS:0000000000000000
[ 1346.418501][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1346.418514][    C1] CR2: 000055a60f18f088 CR3: 000000000e180000 CR4: 00000000003526f0
[ 1346.418527][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1346.418539][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1346.418557][    C1] Call Trace:
[ 1346.418565][    C1]  <TASK>
[ 1346.418575][    C1]  ? batadv_nc_process_nc_paths.part.0+0x215/0x3e0
[ 1346.418602][    C1]  ? __pfx_batadv_nc_fwd_flush+0x10/0x10
[ 1346.418624][    C1]  batadv_nc_process_nc_paths.part.0+0xe4/0x3e0
[ 1346.418649][    C1]  ? batadv_nc_process_nc_paths.part.0+0xd3/0x3e0
[ 1346.418677][    C1]  batadv_nc_worker+0xcd3/0x1030
[ 1346.418701][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1346.418727][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1346.418754][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1346.418775][    C1]  process_one_work+0x9cc/0x1b70
[ 1346.418808][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 1346.418831][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1346.418863][    C1]  ? assign_work+0x1a0/0x250
[ 1346.418890][    C1]  worker_thread+0x6c8/0xf10
[ 1346.418922][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1346.418946][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1346.418974][    C1]  kthread+0x3c2/0x780
[ 1346.419000][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419024][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419049][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419074][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419099][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1346.419116][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419143][    C1]  ret_from_fork+0x45/0x80
[ 1346.419171][    C1]  ? __pfx_kthread+0x10/0x10
[ 1346.419196][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1346.419230][    C1]  </TASK>
[ 1346.419425][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1346.702930][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(full) 
[ 1346.714733][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
[ 1346.724794][   T31] Call Trace:
[ 1346.728066][   T31]  <TASK>
[ 1346.730994][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1346.735594][   T31]  panic+0x71c/0x800
[ 1346.739495][   T31]  ? __pfx_panic+0x10/0x10
[ 1346.743913][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1346.749323][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1346.755315][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1346.760695][   T31]  ? watchdog+0xdda/0x12c0
[ 1346.765142][   T31]  ? watchdog+0xdcd/0x12c0
[ 1346.769565][   T31]  watchdog+0xdeb/0x12c0
[ 1346.773819][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1346.778502][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1346.783706][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1346.788732][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1346.793414][   T31]  kthread+0x3c2/0x780
[ 1346.797490][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.802098][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.806709][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.811302][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.815896][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1346.820659][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.825267][   T31]  ret_from_fork+0x45/0x80
[ 1346.829691][   T31]  ? __pfx_kthread+0x10/0x10
[ 1346.834287][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1346.839066][   T31]  </TASK>
[ 1346.842323][   T31] Kernel Offset: disabled
[ 1346.846636][   T31] Rebooting in 86400 seconds..