last executing test programs:

3m26.9183241s ago: executing program 0 (id=2596):
r0 = socket(0x2, 0x3, 0x6)
mmap$auto(0x0, 0x20007, 0x1, 0xeb2, r0, 0x13b1)
socketpair$auto(0xb, 0x9, 0x800, 0x0)
setsockopt$auto(0x3, 0x0, 0x31, 0x0, 0x28)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x10000, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, r0, 0x4)
clock_adjtime$auto(0x6, &(0x7f0000000200)={0x6, 0x0, 0x504, 0x9, 0x7, 0x8ac, 0x80, 0x0, 0x3ff, 0x4, 0x350, {0x5, 0x6}, 0x3, 0x6, 0x5, 0x3a9, 0x0, 0x683, 0x78771cb, 0xf, 0x80, 0x9, 0x39bc5ade})
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
ioctl$auto(0xffffffffffffffff, 0x3, r1)
r2 = socket(0x2, 0x3, 0xa)
connect$auto(r2, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, 0x54)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0x1, 0xb8}})

3m22.718398076s ago: executing program 0 (id=2603):
statmount$auto(0x0, &(0x7f0000000380)={0xd, 0xb9, 0x44f, 0xa, 0x1, 0x1007181, 0x8a0d, 0x4, 0x10007, 0x7, 0x89, 0x29, 0x4, 0x1ffffffffffe, 0xfffffffffffff340, 0x1ff, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffb, 0x6, 0x401, 0x22402, 0xfffffffa, 0xfffffffd, 0x84, 0x100000006, 0x0, 0x0, 0x0, 0x0, [0x70e2, 0x0, 0x3, 0xb7, 0x0, 0x0, 0x8, 0x3, 0xd, 0x100000, 0x10000, 0x15b, 0x7, 0x1fb, 0x0, 0x10000000000002, 0x0, 0x0, 0x9, 0x0, 0x9, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffd, 0x400000000, 0x0, 0x8, 0x3, 0x1, 0x1, 0x1ff, 0x100000000, 0x3, 0xe, 0x0, 0x0, 0x0, 0xa53, 0xbd9, 0xbffffffffffffffd, 0x6], "11a5192256c24d5860bbf6c68071aeda"}, 0x7, 0xd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x0, 0x0)
ioctl$auto(r0, 0x802064b6, r0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r1, 0x0, 0x39b8)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, 0x0, 0x810)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0xb60)
socket(0xa, 0x5, 0x84)
r2 = gettid()
prlimit64$auto(r2, 0x6, 0x0, &(0x7f0000000240)={0x4f7})
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
accept4$auto(0xffffffffffffffff, 0x0, 0x0, 0xffffffff)
mprotect$auto(0x37, 0x806121, 0x8)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000100), 0x321b40, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r3, 0x84, 0x4, 0x0, &(0x7f0000000080)=0x9c8)

3m19.756959958s ago: executing program 0 (id=2608):
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff)
r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
write$auto(r0, 0x0, 0xfffffdf1)
linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)
mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862)
getxattrat$auto(r0, &(0x7f0000000000)='&&\x00', 0x47d, 0x0, 0x0, 0x1ff)
r1 = gettid()
process_vm_readv$auto(r1, &(0x7f0000000200)={&(0x7f00000001c0), 0x7fffffffffffffff}, 0x3, 0x0, 0xbd, 0x101)
mprotect$auto(0x0, 0x8000000000000001, 0x8)
socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x4004000)

3m19.027583689s ago: executing program 0 (id=2609):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
shutdown$auto(0x200000003, 0x1)
select$auto(0x8, &(0x7f0000000240)={[0x8, 0x8, 0x3, 0x4, 0xffffffffffff7fff, 0x8000, 0x4, 0x5, 0xd3b, 0x34, 0x5, 0x0, 0x5, 0x5, 0x3, 0x5]}, 0x0, 0x0, 0x0)
pread64$auto(r0, &(0x7f0000000100)='/sy\x00\x88\x00ce/\x00\x00\x00_\x98q\x05\x03\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff', 0x100000000b, 0x1)

3m18.820780574s ago: executing program 0 (id=2610):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x4000000000000, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x14, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x2)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0)
write$auto(r0, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto_KEY_SPEC_THREAD_KEYRING(0x3, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r1, 0xffffffffffffffff, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf)
ioctl$auto_FS_IOC_SETFLAGS(r1, 0x40086602, 0x3)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0)
sendfile$auto(r2, r2, 0x0, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, &(0x7f0000000040))
mmap$auto(0x0, 0x200002, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40e02, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r4, 0x80045439, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto(r3, 0x8926, r3)

3m17.320590943s ago: executing program 0 (id=2615):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
keyctl$auto(0x6, 0xffffffffffffffff, 0x0, 0x0, 0x7)
shmctl$auto_IPC_SET(0x3, 0x1, &(0x7f0000000240)={{0xff6e, <r1=>0xee01, 0x0, 0x5, 0x3, 0x8, 0x3}, 0x80, 0x4, 0x101, 0x7, @inferred, @raw, 0x0, 0x0, &(0x7f0000000140)="0313d666924c3d63a0289947ec754e2f135933d65fdb0a19ec6f998d80a7da8f3ddb5df3060e0667904a7d534795b08b3d3acd0620e731966c34b030306f44a22d3d856576c2c50b1b29dbb42c2b5e5e13fce22d4ff7526bc97a085620240b3c22c9fcc90a1c467980928c8b3dcb1d0512e97a05caaced014ddca2f3627160876fbad77aea83674c343c409a4a22a6c38d1095dfb14ddcd860eab67e2caf0008d9354fa15c2d8c864c5fc08fbb3939e84ff2f08132b532ccc0474cb1919c13d4a58927be2767f73327169b5878e530de8f1a149ac153", &(0x7f0000000000)="65241ec2a60793e07a1dd2cfebb43389dea64dfbe3a183d7575002509df0c82e91dced19e65b663cd7e512d768605bd40eff4acd5b83342d9547fc8e39c3ffac77e742749bf48c5d6e097b188aab3eea149d8503c8a89a033c08b19bc8bfefab811b9008653c56024baef07b9a50992718632c18f11e2fcfc647dd9092eaac0c9ff17c3483fc46c9d18b7937b64a2c8c765af7b738ea87d9d647fa0c60f4b9c4"})
keyctl$auto(0x4, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0x8)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
getegid()
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55)
capget$auto(0x0, 0xfffffffffffffffe)
setsockopt$auto(r0, 0x10000000084, 0x1e, 0x0, 0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_ADD_LINK(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xb90e9a6a7cb7d163}, 0xc, &(0x7f0000000180)={&(0x7f0000001100)=ANY=[@ANYBLOB="b325409bf3eb1927fbae6201170bf00004716e1820393b37bc51b8c444154f747c198c60164912303da0b839101684de7baec329ee34fc2ec30f38099e32d30b323c14ee267d980bdd9c7436169130244312cd0d04888457bed032a4d9c31d6788a6487b4feeb2c8ae9a1074643f9916334bcecadf370df01148d63beb62247d894fdf024d90dcc09c3c840e42cb59ed64bcfccbe5b052755b3335634bfc6baaf9b7c2caa40c563709363ef004cd54162ed69dfa082adb67e71f76814e02ca28ba4dab9d8cf375a1df34ffb22c00bb906eada8bf24cff214", @ANYRESDEC, @ANYBLOB="020026bd7000fddbdf259400000064057f00a6d31c3a6cf69d382d063646f3db7954888a9a4890aa8c72cdda867a57af285cf1db5977c5b0f063a392811a1522556a12a676d2b0cf84d1ffde8359933778ed643a650d234f03ccc85d589c0b6752b62c2ce6b1e463fa0552071212465ebb5035587887ec9284facb2a8c454f222427b6eba044344089bca143d51106028d68497273f3698f331ab8dbc27bd0efc26542320e04cb9f3fed9d1a4a4289ca7036135f9efe851f1b1b3b7153c8e1f13e9ada9cd0ada9f4ac6c476922431bfc7bf69ced5e4383c1c891b963b670cb70efce7433601811b78a7b249cadae92055f7daa07cb8f2b050f25d32748036d37931dcd22f0800cd0d1430074341f4e422718f416ae58dd6fc511dac8a6f44ff23452ceb6b4048e05195c0f1db2eea0d0b66e53a33bab37e50f3bf9e5b9abe7ae292734de1509c145079a8cce2210d0a69c7136bcc07e34686796d1121d27400b4dc9ef9a90bf56f0b8630c2b491f991f69fa05be9fcc34f82e422c6aaadda0b559ef266d21e7dc756b9f452ae05fd6616c726e6d063793001f81432c20feed58a428ebd291f3d190276cc4f604574d3a5737366a99f90c68173d3f935388a19becd0cc8cfa1a9b63cbedfa92a7637b6495d7ad4ea1a885d5dc389ebb537a91eddee05d737add5f443e7af041cecb53c3cfb32c702f70e7d9ea0e6cf44b6112dda49b9d059b42fdb6eca005d7f8863e21d8d48958c91ea1ddb7226a8a3b83cd29aa048600fa773fed60d168b88aee33d13aeae3ce0020d10dcbe19ea814bc4a955266007b4a803a76410ca53df62a1c32316efa84aee5d72212b9459997409354edcb0f994b5cff8ff20bcfa565ff9cc3adf39d0bd4fdb6f429e66a42713cfa1274f2849f063077c16afc1cb2e5028dc9114bcb80e5e698cdd80e32c744f5822ccc7f18e440b70617d11e60c685b3356546096250dfb542d55cefc91d9310bf9ff084631d1b7d5c066e694451a69ae65deb21294513e6ac205e961787d8f6859f8c4cc34e92d5e80e927d7c74cd597c1f552753d066e46c925ff656b2bc9ebb152812e63b74fa1026c68729b637d42c8213b7fa3c04206218d12811589fd9777dbcb270590573134e49fe8c8ccd5780481f47f1e5437e39077e1a341f28565f23a0af1e43e711d85c89f07e4b56a7c2a912fd6ecb0a75854a9c1534ee406462af4ffe91ea05bab5a865122e7ab9e583bb6de1e1bef228ccc4a0ccd47599b4f2d0157caa52106302cf5038031c30120cb081c895c04b3e1586fc63e1d55ecdb1b6f04629e089a72ba06764dc54d7159b1f9d023cd96274206eaea2317deec6bf832f35a4f21036a5fb38681a123c2c2f289af54303e950758b489ad4ef2f474f404d128f4a2cf05b18bfa3c0f8e7ae58f112fab9ca8525d60890d5aa9c72bab2214741f9e4c3377493fe23ed5a0a09d8134c5f7d803480632764051b7d3ed8701853e044f4569f842d05ccbab8bc1b3e0d55690111018a48ef87e7badf065f445e297dba6bc2a2c278826f5b02ea7b192fd7cd1f4eb4ceeac26bf6e5c9ad68846645b003090e072b72eaa1ec2c747f863a84d9575b09a7976dcbcf9c69fe860f2dc0f3e1dc3531152c9508855e64cd862dbbf94baa72e271ceb1eee018d97aa75f178144df4086b55692a2a1d8007affe225ebcbd7c660c93e59acfd74956b6a89eaad9b8735620313797e47967d8a8a6c77cc4178f0c62acfe1a2aa8c4f373fa41a1e954a336011e087654dbaf2bc10618b18927430c5bd3327f16a05ed6adb24712bdff9828c3da726f09b3050a720f82ba991d99a060cd083c841806acaa9c998b07c99fe9187d191a856c11725365c397c2558db03c0e2c41d5492af41bbca5918b793e7ea99db6d035c8739837e9a867c4d20502e35216ed82217a1a6914141bd089349c4f5b14a94ac1c9ed9eb981e3f04003c000600d4000000000004008e000600f7000f070000"], 0x590}, 0x1, 0x0, 0x0, 0x4}, 0x4040081)
sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r2, &(0x7f0000000680)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x40000810)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x103841, 0x0)
r3 = epoll_create$auto(0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd10/state\x00', 0x189e42, 0x0)
write$auto(r4, 0x0, 0xf)
r5 = socket(0x2, 0x5, 0x0)
epoll_ctl$auto(r3, 0x1, r5, 0x0)
r6 = epoll_create$auto(0x3e)
r7 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0)
read$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(r7, &(0x7f0000000080)=""/159, 0x9f)
epoll_ctl$auto(r6, 0x1, r3, 0x0)

3m2.108505217s ago: executing program 32 (id=2615):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
keyctl$auto(0x6, 0xffffffffffffffff, 0x0, 0x0, 0x7)
shmctl$auto_IPC_SET(0x3, 0x1, &(0x7f0000000240)={{0xff6e, <r1=>0xee01, 0x0, 0x5, 0x3, 0x8, 0x3}, 0x80, 0x4, 0x101, 0x7, @inferred, @raw, 0x0, 0x0, &(0x7f0000000140)="0313d666924c3d63a0289947ec754e2f135933d65fdb0a19ec6f998d80a7da8f3ddb5df3060e0667904a7d534795b08b3d3acd0620e731966c34b030306f44a22d3d856576c2c50b1b29dbb42c2b5e5e13fce22d4ff7526bc97a085620240b3c22c9fcc90a1c467980928c8b3dcb1d0512e97a05caaced014ddca2f3627160876fbad77aea83674c343c409a4a22a6c38d1095dfb14ddcd860eab67e2caf0008d9354fa15c2d8c864c5fc08fbb3939e84ff2f08132b532ccc0474cb1919c13d4a58927be2767f73327169b5878e530de8f1a149ac153", &(0x7f0000000000)="65241ec2a60793e07a1dd2cfebb43389dea64dfbe3a183d7575002509df0c82e91dced19e65b663cd7e512d768605bd40eff4acd5b83342d9547fc8e39c3ffac77e742749bf48c5d6e097b188aab3eea149d8503c8a89a033c08b19bc8bfefab811b9008653c56024baef07b9a50992718632c18f11e2fcfc647dd9092eaac0c9ff17c3483fc46c9d18b7937b64a2c8c765af7b738ea87d9d647fa0c60f4b9c4"})
keyctl$auto(0x4, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0x8)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
getegid()
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55)
capget$auto(0x0, 0xfffffffffffffffe)
setsockopt$auto(r0, 0x10000000084, 0x1e, 0x0, 0x8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_ADD_LINK(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xb90e9a6a7cb7d163}, 0xc, &(0x7f0000000180)={&(0x7f0000001100)=ANY=[@ANYBLOB="b325409bf3eb1927fbae6201170bf00004716e1820393b37bc51b8c444154f747c198c60164912303da0b839101684de7baec329ee34fc2ec30f38099e32d30b323c14ee267d980bdd9c7436169130244312cd0d04888457bed032a4d9c31d6788a6487b4feeb2c8ae9a1074643f9916334bcecadf370df01148d63beb62247d894fdf024d90dcc09c3c840e42cb59ed64bcfccbe5b052755b3335634bfc6baaf9b7c2caa40c563709363ef004cd54162ed69dfa082adb67e71f76814e02ca28ba4dab9d8cf375a1df34ffb22c00bb906eada8bf24cff214", @ANYRESDEC, @ANYBLOB="020026bd7000fddbdf259400000064057f00a6d31c3a6cf69d382d063646f3db7954888a9a4890aa8c72cdda867a57af285cf1db5977c5b0f063a392811a1522556a12a676d2b0cf84d1ffde8359933778ed643a650d234f03ccc85d589c0b6752b62c2ce6b1e463fa0552071212465ebb5035587887ec9284facb2a8c454f222427b6eba044344089bca143d51106028d68497273f3698f331ab8dbc27bd0efc26542320e04cb9f3fed9d1a4a4289ca7036135f9efe851f1b1b3b7153c8e1f13e9ada9cd0ada9f4ac6c476922431bfc7bf69ced5e4383c1c891b963b670cb70efce7433601811b78a7b249cadae92055f7daa07cb8f2b050f25d32748036d37931dcd22f0800cd0d1430074341f4e422718f416ae58dd6fc511dac8a6f44ff23452ceb6b4048e05195c0f1db2eea0d0b66e53a33bab37e50f3bf9e5b9abe7ae292734de1509c145079a8cce2210d0a69c7136bcc07e34686796d1121d27400b4dc9ef9a90bf56f0b8630c2b491f991f69fa05be9fcc34f82e422c6aaadda0b559ef266d21e7dc756b9f452ae05fd6616c726e6d063793001f81432c20feed58a428ebd291f3d190276cc4f604574d3a5737366a99f90c68173d3f935388a19becd0cc8cfa1a9b63cbedfa92a7637b6495d7ad4ea1a885d5dc389ebb537a91eddee05d737add5f443e7af041cecb53c3cfb32c702f70e7d9ea0e6cf44b6112dda49b9d059b42fdb6eca005d7f8863e21d8d48958c91ea1ddb7226a8a3b83cd29aa048600fa773fed60d168b88aee33d13aeae3ce0020d10dcbe19ea814bc4a955266007b4a803a76410ca53df62a1c32316efa84aee5d72212b9459997409354edcb0f994b5cff8ff20bcfa565ff9cc3adf39d0bd4fdb6f429e66a42713cfa1274f2849f063077c16afc1cb2e5028dc9114bcb80e5e698cdd80e32c744f5822ccc7f18e440b70617d11e60c685b3356546096250dfb542d55cefc91d9310bf9ff084631d1b7d5c066e694451a69ae65deb21294513e6ac205e961787d8f6859f8c4cc34e92d5e80e927d7c74cd597c1f552753d066e46c925ff656b2bc9ebb152812e63b74fa1026c68729b637d42c8213b7fa3c04206218d12811589fd9777dbcb270590573134e49fe8c8ccd5780481f47f1e5437e39077e1a341f28565f23a0af1e43e711d85c89f07e4b56a7c2a912fd6ecb0a75854a9c1534ee406462af4ffe91ea05bab5a865122e7ab9e583bb6de1e1bef228ccc4a0ccd47599b4f2d0157caa52106302cf5038031c30120cb081c895c04b3e1586fc63e1d55ecdb1b6f04629e089a72ba06764dc54d7159b1f9d023cd96274206eaea2317deec6bf832f35a4f21036a5fb38681a123c2c2f289af54303e950758b489ad4ef2f474f404d128f4a2cf05b18bfa3c0f8e7ae58f112fab9ca8525d60890d5aa9c72bab2214741f9e4c3377493fe23ed5a0a09d8134c5f7d803480632764051b7d3ed8701853e044f4569f842d05ccbab8bc1b3e0d55690111018a48ef87e7badf065f445e297dba6bc2a2c278826f5b02ea7b192fd7cd1f4eb4ceeac26bf6e5c9ad68846645b003090e072b72eaa1ec2c747f863a84d9575b09a7976dcbcf9c69fe860f2dc0f3e1dc3531152c9508855e64cd862dbbf94baa72e271ceb1eee018d97aa75f178144df4086b55692a2a1d8007affe225ebcbd7c660c93e59acfd74956b6a89eaad9b8735620313797e47967d8a8a6c77cc4178f0c62acfe1a2aa8c4f373fa41a1e954a336011e087654dbaf2bc10618b18927430c5bd3327f16a05ed6adb24712bdff9828c3da726f09b3050a720f82ba991d99a060cd083c841806acaa9c998b07c99fe9187d191a856c11725365c397c2558db03c0e2c41d5492af41bbca5918b793e7ea99db6d035c8739837e9a867c4d20502e35216ed82217a1a6914141bd089349c4f5b14a94ac1c9ed9eb981e3f04003c000600d4000000000004008e000600f7000f070000"], 0x590}, 0x1, 0x0, 0x0, 0x4}, 0x4040081)
sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r2, &(0x7f0000000680)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x40000810)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x103841, 0x0)
r3 = epoll_create$auto(0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd10/state\x00', 0x189e42, 0x0)
write$auto(r4, 0x0, 0xf)
r5 = socket(0x2, 0x5, 0x0)
epoll_ctl$auto(r3, 0x1, r5, 0x0)
r6 = epoll_create$auto(0x3e)
r7 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0)
read$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(r7, &(0x7f0000000080)=""/159, 0x9f)
epoll_ctl$auto(r6, 0x1, r3, 0x0)

7.639600145s ago: executing program 1 (id=3287):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, 0x0, 0xc800)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129800, 0x0)
ioctl$auto(r1, 0xb21064a7, 0x20000a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x4, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2)
io_uring_enter$auto(0x3, 0x1, 0x2688, 0x5, 0x0, 0x7)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0x40047452, &(0x7f0000000100)=0xd)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
unshare$auto(0x8000000)
semtimedop$auto(0x0, 0x0, 0x1f4, 0x0)
unshare$auto(0x8000400)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x24000, 0x0)
ioctl$auto_TUNSETDEBUG(r2, 0x400454c9, &(0x7f00000000c0)=0x2)
socket(0x10, 0x2, 0xc)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/force_tx_status\x00', 0x82, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x2}, 0x3)

6.92542694s ago: executing program 1 (id=3293):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/loginuid\x00', 0x11b942, 0x0)
bpf$auto(0x7fffffff, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101)
openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x5, 0xfffffffd)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000)
socket(0x2b, 0x1, 0x0)
select$auto(0x804, 0x0, &(0x7f0000000100)={[0x9, 0x2, 0x0, 0x80000300, 0x1, 0x10000000, 0x2, 0x3, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x7ff, 0x200, 0x20000000008, 0x4000000000006]}, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x4000001ff, 0xffffffffffffffff, 0x13, 0x3)
ioctl$auto(0xc8, 0x8924, 0x8)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mremap$auto(0xfffffffffffffe01, 0x40000000100005, 0x843, 0x3, 0x2)
fsopen$auto(0x0, 0x1)
prctl$auto(0x38, 0x3, 0x0, 0x0, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
shutdown$auto(0x200000003, 0x2)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
setsockopt$auto(0xffffffffffffffff, 0x100, 0x8001, &(0x7f0000000040)='\")\x7f\xc3\x8d\xff\xff\xff\xff\xff\x00', 0x8001)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182a82, 0x0)
sendfile$auto(r3, r3, 0x0, 0x3)
unshare$auto(0x2000000000000003)

5.566045696s ago: executing program 3 (id=3300):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi22\x00', 0x100, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x10001, 0xdf, 0x9b71, 0xffffffffffffffff, 0x0)
socket(0xa, 0x1, 0x100)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x9, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000380)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1000001, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x80000000003fffff, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x80000, 0x0)
r1 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3)
write$auto(r1, 0x0, 0x6)
write$auto_fops_init_pkru_pkeys(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311)
r2 = set_tid_address$auto(&(0x7f0000000080)=0x8)
prctl$auto(0x3e, 0x1, r2, 0x3, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

5.56421851s ago: executing program 2 (id=3301):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x14, 0x0, 0x73b, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x400c880)
setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27)

5.168053431s ago: executing program 4 (id=3303):
mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
semget$auto(0x0, 0x13c, 0x1ff)
recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, 0x0, 0x9, 0x0, 0x800000000005, 0x7ffffffd}, 0x8}, 0x3, 0x1, 0x0)
semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat2$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00', &(0x7f0000000280)={0xd91f, 0x6, 0x4}, 0x7f)
sendmsg$auto_IEEE802154_ADD_IFACE(r1, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_SRC_SHORT_ADDR={0x6, 0xb, 0x9}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0xd4}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0xac6a}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x40}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x525a05df5b8ef67a)
ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0)
r2 = socket(0x1e, 0x80000, 0x9)
r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000340), r1)
sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000500)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, r3, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xa8}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x44881}, 0x4000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
open_tree$auto(r1, &(0x7f0000000540)='./file0\x00', 0xf)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0)
r5 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000180)=0x10)
write$auto_dev_fops_plock(r5, &(0x7f0000000200)="ea579eafbef6a78ace20c66c3ed28a307811ba5a77e0d6f20eee070874ce267321ef2da8ccef77a2a57912658cfac38b23199ba898ef2c29ea039494e108e23fc3d3de801c6cdb8c585be1ec026d327ad05a0c7812805bb6d050f902f2e77e549ec276c282a2bb8c2847f2e7105018d493a4a1dc", 0x74)
r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x16, 0x21, 0x6, 0xfffffffffffffffe, 0x5)
sendfile$auto(r6, r4, 0x0, 0x1fff5)
close_range$auto(0x2, 0x8, 0x0)
semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4)
io_uring_setup$auto(0x4bf15e08, 0x0)

5.013275998s ago: executing program 2 (id=3304):
mmap$auto(0x0, 0x4020009, 0x80000db, 0xebe, 0x401, 0x8000)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x83, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x14f602, 0x0)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="f585ec32", @ANYRES16=r3, @ANYBLOB="01002dbd7000ffdbdf2514000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000c00}, 0x4000000)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100)=""/92, 0x5c)
write$auto(0x3, 0x0, 0x1)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r4, 0x0, 0x400000000006)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80161, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x27, 0x80000, 0x4)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000040)=0x5)
r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e000000000100", @raw=0x3}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0xffffffffffffffff)
msync$auto(0x200000, 0x2000000005, 0x6)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)

4.529094814s ago: executing program 3 (id=3305):
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x601, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x6ca82, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(0xffffffffffffffff, 0x0, 0x6d7, 0x80000008, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mlock$auto(0x112, 0x80006)
mlockall$auto(0x800000000000005)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0x800006, 0xba)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@l2tp={0x2, 0x0, @rand_addr=0x64010101, 0x100000}, 0xfff)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1)
sendmsg$auto_NL80211_CMD_SET_STATION(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYRES16=r2, @ANYRES16=r2, @ANYBLOB="000027bd7000ffdbdf25120000007200ac008301d097cad41fb94bed58a942b6a5721aed3ac377a0badbd68ff41ffe52beb2fb2dc9251f16cde9b7657cb2e0b5f96aa15dded41ac4a9370cf778a07a4aea55b8417a2717949f66b20ddf79f3f47c646d3a35a159ba6c546aa146e1e0ea8e26695e247dffcf14545b4c88829e6200000c009900ff00000000000000"], 0x94}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
getsockopt$auto_SO_DOMAIN(r0, 0x1ff, 0x27, 0x0, &(0x7f0000000040)=0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x181502, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x4)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301040, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x2000, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)

4.293902373s ago: executing program 1 (id=3306):
syz_clone(0x0, 0x0, 0xfffffffffffffeed, 0x0, 0x0, 0x0)
socket(0xa, 0x800, 0x73)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/hsr0/disable_policy\x00', 0x40001, 0x0)
write$auto(r0, &(0x7f0000000040)='\x00', 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/shmem_enabled\x00', 0xc8002, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
futex$auto(0x0, 0x204, 0x3, 0x0, 0x0, 0x7d)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r3 = socket(0xa, 0x1, 0x84)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/usb/drivers/snd_usb_variax/new_id\x00', 0x51c51f3605c3dea0, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
ioctl$auto_NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0)
mmap$auto(0x0, 0x5, 0xdb, 0x10, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x80000, 0xfffffff8)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r2, 0x3, 0x1, 0x0, 0x6)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r4)
sendmsg$auto_TIPC_NL_NET_SET(r4, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000003d00)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x44050}, 0x2)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
mmap$auto(0x4, 0x2, 0xdf, 0xeb1, r3, 0x6)
close_range$auto(0x2, 0x8, 0x0)
writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000100)="78203c01e4bb5c0c0a", 0x9}, 0x9)

4.114184202s ago: executing program 4 (id=3307):
r0 = socket(0xa, 0x2, 0x73)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r2, 0x41, 0x70bd25, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40008840}, 0x0)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xffffffffffffffff, 0x8000)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0)
ioctl$auto(0x3, 0x541b, 0x7f)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x8, 0x4)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x6f9, 0x4}, {0x0, 0x83}}, 0x0)
mmap$auto(0x457, 0xe983, 0x8, 0x819, 0xffffffffffffffff, 0x7fff)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0)
openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0)
readv$auto(r0, &(0x7f0000000a80)={0x0, 0x8}, 0xfffffffffffffffe)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x14000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TCFLSH2(r4, 0x5422, 0x0)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r5, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)

3.893858557s ago: executing program 3 (id=3308):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram6/queue/max_hw_sectors_kb\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r2 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/error_log\x00', 0x80000, 0x0)
pread64$auto(r2, 0x0, 0x7e91, 0x7fffffff)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x0, 0x0)
ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000180)={0x4, &(0x7f0000000140)={0x2, 0x82, 0x3, @raw=0x5}})
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.stat\x00', 0x8040, 0x0)
openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/features/extended_error\x00', 0x800, 0x0)
setsockopt$auto_SO_SNDTIMEO_NEW(r2, 0x7, 0x43, &(0x7f00000001c0)='\x00', 0x4)
syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)

2.991981222s ago: executing program 1 (id=3309):
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
socket(0x2, 0x80002, 0x73)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/o2cb/logmask/BASTS\x00', 0xb02, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
socket(0x29, 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_pid\x00', 0xa0000, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram12\x00', 0x2c65c0, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
semctl$auto(0x7, 0x2, 0x13, 0x1)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x560a, r0)

2.989313076s ago: executing program 2 (id=3310):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e1000000ff00"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = socket(0x11, 0x2, 0x9)
unshare$auto(0x40000080)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
close_range$auto(0x2, 0x8, 0x0)

2.700071338s ago: executing program 1 (id=3311):
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/dri/vkms/name\x00', 0xa8001, 0x0)
mmap$auto(0xe6, 0x20009, 0x4000000000df, 0x16, 0xffffffffffffffff, 0x8000)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rxrpc/peers\x00', 0x101000, 0x0)
pread64$auto(r0, 0x0, 0x80, 0xffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x5, 0x0, 0xffffffffffffffff)
migrate_pages$auto(0x0, 0x3, 0x0, &(0x7f0000000140)=0x2)
close_range$auto(0x2, 0x8, 0x0)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0xfc}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4)
io_uring_setup$auto(0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r4)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r4, &(0x7f00000050c0)={0x0, 0x5c1e, &(0x7f0000005080)={&(0x7f0000002a80)={0x14, r5, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c0029d5c799f6de5ec4b44e13ae946393040f00", @ANYRES16=r5, @ANYBLOB="010028bd7000ffdbdf25020000000800010000020000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40800)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4)
futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nbd15\x00', 0x2081, 0x0)
ioctl$auto_BLKBSZGET(r6, 0x80081270, &(0x7f0000000280)=0xa)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x4042, 0x0)
mq_timedreceive$auto(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x16, &(0x7f0000000040)=0x5, &(0x7f0000000080)={0xe4b, 0xb})
write$auto_cachefiles_daemon_fops_internal(r0, &(0x7f00000002c0)="09fa8f0c128211fdfa9d5fb1241d17908fd90481448ed9c2f513011b9e4a40fda873a7638ec1f91c52308279a342f33f14e70435a54223ecc365a7ae9e0750e5b272d2d143dc38455c483c3d460b582a5443cc94ed0942ade77c21b8466279fe", 0x60)

2.066024224s ago: executing program 3 (id=3312):
msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x7}, 0x4000400, 0x1)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
unshare$auto(0x40000080)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r2, 0xb, 0xa79e)
lstat$auto(0x0, 0x0)
ioctl$auto_snd_seq_f_ops_seq_clientmgr(r1, 0x4089, &(0x7f0000000140)="decf10511530263373acd6f9decf1c77c7a6a590c592e9e58ea62e21cd2765ca8f1f892884a9f72728da7e63e36793559b37b8cb67c5848a0ca588b90fc31f83b96fb4479f88387be540a0bf3eaf666eea2a923021ff5275e583f6de88f92960a8c61112ef450d46378f1230727f2327bcefd165a2d3b21cda4ddf82f0c1bd69063456084e8d19f5d2afc1bd13ab18cc835497f764e9390a5b348f2d838d8ac558d5d24879c34066f191fccf8a95e7c1bf42a9c2481d1da9ff8076f5d93b3509a6a6b2bceeb13088cd2bfe176dd756e04fa879ecb7df92e3e99a0b0acfbf146bed4a52e8bb7b30623c7487")
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fbdbdf2531000000180001801400020076657468315f6d616376746170"], 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
r6 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2681, 0x0)
r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r7)
r9 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0xe, 0x2, 0x0, 0x7fe, 0x7db3)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r1, &(0x7f00000006c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000680)={&(0x7f0000000400)={0x26c, r8, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_LEVEL={0x244, 0x2d, 0x0, 0x1, [@generic="006e3baf9ea8b90cdd21cad607f681896673625df2791fde03d8223fdf733e6078460a563372e0dd5091b75343a7581edccefce2c63a211c988de50abb27de2e6c7c84248c6171cc0ee863f2d38f9a2e4ae808ce2d3cd7eecbcee7b2d7cfe0b8f861912fcd0ca57cb0b9b3d5d8991fac282181193e75adc503c0d47545b1848e256c4e2de7b19e19f8", @generic="73f6cf239a492cdb4ffd9d56ae", @generic="d31318e74c4961bafc1de600dfff57efb55e3493d493eed996f438e98c9f8667e4559e1e156e318a662911407b2229600137d50ce35ba8742598eb5c7bca58561d80f3394484fe5a75fb45b6ae637d46370023f40fe1a71bfd55e433dc8b3b4a56", @generic="cc2dba9bb0122e4555570ec09e63b310470b01f8d0bd6dcea99f1a440620ae35c87dbb649c61c2786494dad6a30f97c7d3", @typed={0x8, 0xa3, 0x0, 0x0, @u32=0x7f}, @generic="91391573a0409c7bc2e41b8ee5d21c644aaae4581f44ed32911507d25884b41079469c95647bdf9f87f3df2af8df80bc7facc498c215eea3c1f24a863b94c29dc594bc28a5421f5d873330d5e65ac3e32f256383d4d9ca32b7058b646bdd311fdb1219e0d8d9c3bb06804d37fbd81dd62c257acc9a268b8c031ea9337ebc31b53b9e1fbbc43d2786fc35dd74467fbe016df639ac21651a99619fcb7f294fcd3945a578b6cdbafbfe73c72814e9a198fc6b915507130e1ade9a2e6196df040012b33dd699b5083f2a14035431de022ae4a5f0c4e6f7d181a17ae1c27359a182dacbe1e48111a4c0d192785347", @typed={0xc, 0xd2, 0x0, 0x0, @u64=0x4}, @typed={0x8, 0x1f, 0x0, 0x0, @fd=r9}, @typed={0x8, 0x12f, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x4c, 0x0, 0x0, @fd=r6}]}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x9}]}, 0x26c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000051)
sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x80)
ioctl$auto(0x3, 0xc040aed4, r0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)

1.989573099s ago: executing program 4 (id=3313):
mmap$auto(0x0, 0x5, 0x2, 0xeb1, 0xffffffffffffffff, 0x8000)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
writev$auto(0x3, 0x0, 0x6)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
r1 = prctl$auto_PR_SET_MM_END_DATA(0x80000000, 0x4, 0x0, 0x0, 0x2)
read$auto(r0, 0x0, 0x80000000)
r2 = socket(0xa, 0x5, 0x0)
setsockopt$auto(r2, 0x29, 0x36, &(0x7f00000001c0)='\x15!\xa8^J/!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x100110)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0xa}, 0x1)
r4 = ioctl$auto_NS_GET_USERNS(r1, 0xb701, 0x0)
fanotify_mark$auto(r3, 0x4, 0x3, r4, &(0x7f0000000000)=':,\x00')
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
remap_file_pages$auto(0x7, 0x8, 0x6, 0x8, 0x14)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2381, 0x0)
process_vm_readv$auto(0x0, 0x0, 0x3, 0x0, 0xc, 0x800000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.3/udc/dummy_udc.3/b_hnp_enable\x00', 0x400, 0x0)
read$auto(r5, &(0x7f0000000100)='\xedA\xf7\x118 \xf8p{\x87\xc0\xc9\'\xc98\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x9)
close_range$auto(0x0, r3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r6, 0xc0045009, &(0x7f0000000040))
socket(0x5, 0x800, 0x0)
r7 = socket(0x2a, 0x2, 0x1)
connect$auto(r7, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x51)
bind$auto(0x3, &(0x7f0000000080)=@xdp={0x2c, 0x6, 0x0, 0x18}, 0x6b)
setsockopt$auto_SO_PASSSEC(r0, 0xffffffe3, 0x22, 0x0, 0x10001)

1.944206549s ago: executing program 2 (id=3314):
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/setgroups\x00', 0x40, 0x0)
r0 = getpid()
r1 = gettid()
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x1, 0x0)
ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0)
bind$auto(0x3, 0x0, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x4}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0x100000000)
sendfile$auto(0x1, 0x3, 0x0, 0x74c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0x400000000000003, 0x29, 0xcd, 0x0, 0x567)
rt_tgsigqueueinfo$auto(r0, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_kill={r0}}})
mmap$auto(0x6, 0x20000a, 0x5, 0x40eb1, 0x602, 0x1000300000000000)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x2c, 0x2c, 0x0, 0x2})
setrlimit$auto(0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/system/cpu/hotplug/states\x00', 0x8800, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14f602, 0x0)
mmap$auto(0xfffffffffffffffd, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
write$auto(r4, 0x0, 0x10007c)

1.376394848s ago: executing program 1 (id=3315):
r0 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close_range$auto(r0, 0xfffffffffffff000, 0x8) (async)
unshare$auto(0x40000080) (async)
unshare$auto(0x7f)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0x100de, 0x9b72, r0, 0x8000) (async)
pwritev$auto(0xffffffffffffffff, 0x0, 0x202, 0x1000, 0x8) (async)
msgrcv$auto(0x10, 0x0, 0x2000ff9, 0x0, 0x3) (async)
r1 = socket(0x2, 0x2, 0x0) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xdf802, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
unshare$auto(0x40000080) (async)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x40) (async)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0x4000000dc, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vim2m.0/media2/power/runtime_active_time\x00', 0x10283, 0x0) (async)
pwritev$auto(r1, &(0x7f00000001c0)={0x0, 0x7}, 0x2000080007, 0x12, 0x9) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00 \x00'/21, 0x100000002, 0x100000001)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x204000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
sysfs$auto(0x2, 0x23, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x840, 0x0)
ioctl$auto(r5, 0x5608, 0x7)

1.333017072s ago: executing program 4 (id=3316):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080), 0x3}, 0x2, 0x0, 0x1, 0x1}, 0x5}, 0x8002, 0x100)
sysfs$auto(0x2, 0x1f, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
flistxattr$auto(0xffffffffffffffff, 0x0, 0x7)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/fs/cifs/smbd_keep_alive_interval\x00', 0x88040, 0x0)
pread64$auto(r1, 0x0, 0xcd5, 0x8)

1.016333528s ago: executing program 4 (id=3317):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x6, 0x0, 0x0, 0xb)
mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x735)
rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)='./file1\x00')
r1 = socket(0x18, 0x5, 0x1)
mmap$auto(0x5, 0x402100c, 0x2, 0x40000ebe, r1, 0x7f)
r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x80083, 0x0)
ioctl$auto(0x3, 0x80000541b, 0x38)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop10\x00', 0x34f202, 0x0)
r3 = socket(0x4, 0x4, 0x102)
bind$auto(r2, &(0x7f0000000040)=@vsock={0x28, 0x0, 0x2711, @hyper}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/arp\x00', 0x101000, 0x0)
write$auto(r3, 0x0, 0x1)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r4, 0x0, 0x400000000006)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xab94905153f3fe69, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000040)=0x5)
read$auto(0x3, 0x0, 0x80)
r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r6, 0xc1105517, &(0x7f0000000340)={{@inferred, 0xf0ce, 0x20009, 0xffffffff, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e000000000100", @raw=0x3}, 0x4, 0x966, 0x3, @inferred, @integer={0x800000000000400e, 0x2000000b752, 0x2}, "6cc1294d63a4f1b6285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b40d1b078fa1c1c61c329794e5311121c760cb9626c78e6947a99807bcc1"})

878.36917ms ago: executing program 2 (id=3318):
r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x3e102, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900), 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x5, 0x400, 0x3, 0x9, 0x4, 0x6, 0x4, 0x1, 0x81, 0x2, 0x0, 0x10, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0xd, 0xbca7, 0xfffffffffffffff6, 0x0, 0x0, 0x0, 0x6b2, [0x2, 0x4, 0x400000000000000, 0x5, 0x0, 0x0, 0x1fffffffffe, 0x0, 0x4, 0x2, 0x3169b201, 0x79, 0x3, 0xfffffffffffffc01, 0x5, 0xfffffbffffeffffb, 0x0, 0x9, 0x2000004, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x200000000000000, 0x0, 0x8000000000000000, 0x0, 0x1, 0x0, 0x7fffffff, 0x101, 0x0, 0x20000000000000, 0x40000000000000, 0x1000000000000200, 0x0, 0x400, 0x800000000096, 0x5, 0x4, 0xe17, 0x0, 0x6]}, 0x81, 0x1)
r1 = socket(0x10, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="bfcd4738b564a2ff3b160bbe43260aec9633"], 0x1ac}, 0x1, 0x0, 0x0, 0x24000000}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x8000000000000001, 0x9}, 0x7}, 0x3, 0x10000)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9)
rename$auto(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mkdir$auto(&(0x7f0000000000)='./file1\x00', 0x4)
renameat2$auto(r2, &(0x7f00000000c0)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x4, 0x400008, 0x4ed0, 0x9b72, 0x2, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r3 = socket(0x10, 0x2, 0xf)
r4 = bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r3, 0xffffffff}, 0xd)
bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r4, 0x98}, 0x5)
r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffffffffffd03, &(0x7f00000001c0))
mmap$auto(0x7e, 0x10, 0x4, 0x1c77, r0, 0x800)
socketpair$auto(0x1, 0x2, 0xfffffffe, 0x0)

774.956403ms ago: executing program 3 (id=3319):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)="94", 0x1)
bpf$auto(0x0, &(0x7f0000001880)=@bpf_attr_4={0xb, 0xffffffffffffffff, 0x5}, 0x5)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x40103, 0x0)
ioctl$auto_SNDCTL_SEQ_CTRLRATE(r1, 0xc0045103, &(0x7f0000001940))
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xf7fffffe, 0x8, 0x6, 0x4005, 0x0, 0x5, 0x400, 0x3, 0x9, 0x26, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0x6, 0x10, 0x80, 0x7ff, 0x9, 0x1, 0x1, 0x202, 0xd, 0xbca7, 0xfffffffffffffff6, 0x0, 0x0, 0x0, 0x6b4, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x4, 0x2, 0x3169b201, 0x0, 0x3, 0xfffffffffffffc01, 0x5, 0xfffffbfffffffffb, 0x0, 0x9, 0x2000000, 0xfffffffffffffffe, 0x0, 0x8, 0x0, 0x1fffffffffffffe, 0x0, 0x8000000000000000, 0x0, 0x1, 0x0, 0x7fffffff, 0x101, 0x0, 0x20000000000000, 0x40000000000000, 0x1000000000000200, 0x0, 0x402, 0x96, 0x5, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x0)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffffffffffd03, &(0x7f00000001c0))
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
read$auto(r3, 0x0, 0x200001)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpu0/topology/core_id\x00', 0x101000, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x103700, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0)
r5 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x40482, 0x0)
writev$auto(r5, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2)
poll$auto(&(0x7f0000000240)={r4, 0x20, 0x2}, 0x5, 0x104)
socket(0xa, 0x5, 0x84)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4)
ioctl$auto(0x3, 0x40505331, 0x38)

641.926662ms ago: executing program 2 (id=3320):
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x42000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_BATADV_CMD_TP_METER(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x28, 0x0, 0x77bed28568c43d3b, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x11}}]}, 0x28}, 0x1, 0x100000001000000, 0x0, 0x2019}, 0x8080)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100f9020000fbdbdf250100000008000b00ac141420080001"], 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r2 = socket(0x11, 0xa, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC0\x00', 0x880, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
socket(0xa, 0x2, 0x0)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001280)='/dev/sequencer2\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r2, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082)
write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x40001, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

68.731762ms ago: executing program 3 (id=3321):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
msgctl$auto_IPC_STAT(0x5, 0x2, &(0x7f00000010c0)={{0xc2, 0xee01, 0xee00, 0x10004, 0x6, 0x4, 0x1410}, &(0x7f0000000240)=0x9d, &(0x7f0000001080)=0x2, 0x5, 0xfffffffffffffff7, 0x10, 0xfff, 0x80, 0x3, 0x3ff, 0x8b49, @raw=0x2, @raw=0x3}) (async)
mmap$auto(0x5, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) (async)
socket(0x29, 0x2, 0x6)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/irq/5/type\x00', 0x2400, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/content\x00', 0x40c80, 0x0) (rerun: 32)
pread64$auto(r1, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5\x05\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x1)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0x82a02, 0x0) (async)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) (async, rerun: 32)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 32)
read$auto(r0, 0x0, 0x20) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 64)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async)
mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB="d8000000", @ANYRES16=0x0, @ANYBLOB="100327bd7000fedbdf2506000000ec3dcc0f2ea6e3c1d705719d4617ddd6aecc5385e61f58a3c47a8802f27790b782e9e3c99614f9593502f02d75121e488f54ed3453b8ffa948d0661ea1fca92b8d7ef3630e2587a5e4c47c7cd58552e81c6c69de23be883b0af261f233b581e41b8da64e5b199b2abf092b112dbbbea608f5a726c6760189cf6d2129ad9cc10e6c2d5b6a9b382234b4c370d1cbe377b4a4fe041183960000f87f7f687e5ecb0e1d74a572251cccbe195a66305f84df3f57afc0d6c10b0000000000000000000000000081db5f41139a4f3251757d82fa689cd04bb4120a385ade0ee9089c57dc9944"], 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x40) (async, rerun: 32)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async, rerun: 32)
syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff)
unshare$auto(0x40000080) (async)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) (async, rerun: 32)
socket(0x2b, 0x1, 0x0) (rerun: 32)
mmap$auto(0x0, 0x2020009, 0x7, 0x12, 0xffffffffffffffff, 0x8534)
sendmsg$auto_NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="303ffd9b", @ANYRES16=0x0, @ANYBLOB="08002dbd7000fddbdf250e0000000500120040000000"], 0x1c}, 0x1, 0x0, 0x0, 0x14000000}, 0x0)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/178, 0xb2) (async)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x2000c840)
madvise$auto(0x110c230000, 0x1, 0x9) (async)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000000000008000)

0s ago: executing program 4 (id=3322):
r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/32t\x00', 0x400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xebf, r0, 0x8003)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
getresuid$auto(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x20000000)

kernel console output (not intermixed with test programs):

43][T15678] CPU: 0 UID: 0 PID: 15678 Comm: syz.1.2317 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  639.688484][T15678] Tainted: [L]=SOFTLOCKUP
[  639.688494][T15678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  639.688511][T15678] Call Trace:
[  639.688520][T15678]  <TASK>
[  639.688529][T15678]  dump_stack_lvl+0x100/0x190
[  639.688561][T15678]  should_fail_ex.cold+0x5/0xa
[  639.688592][T15678]  should_failslab+0xc2/0x120
[  639.688636][T15678]  __kmalloc_cache_noprof+0x7a/0x6f0
[  639.688671][T15678]  ? sctp_association_new+0xbb/0x2990
[  639.688705][T15678]  sctp_association_new+0xbb/0x2990
[  639.688738][T15678]  sctp_connect_new_asoc+0x1a8/0x770
[  639.688768][T15678]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  639.688807][T15678]  ? __ipv6_addr_type+0xe8/0x2e0
[  639.688840][T15678]  ? __ipv6_addr_type+0xe8/0x2e0
[  639.688877][T15678]  __sctp_connect+0x3e7/0xc70
[  639.688911][T15678]  ? __pfx___sctp_connect+0x10/0x10
[  639.688940][T15678]  ? __pfx_sctp_inet_connect+0x10/0x10
[  639.688969][T15678]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  639.689008][T15678]  ? __pfx_sctp_inet_connect+0x10/0x10
[  639.689034][T15678]  sctp_inet_connect+0x15f/0x220
[  639.689063][T15678]  __sys_connect_file+0x141/0x1a0
[  639.689103][T15678]  __sys_connect+0x141/0x170
[  639.689139][T15678]  ? __pfx___sys_connect+0x10/0x10
[  639.689193][T15678]  __x64_sys_connect+0x72/0xb0
[  639.689231][T15678]  ? lockdep_hardirqs_on+0x78/0x100
[  639.689261][T15678]  do_syscall_64+0x10b/0xf80
[  639.689289][T15678]  ? clear_bhb_loop+0x40/0x90
[  639.689319][T15678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.689343][T15678] RIP: 0033:0x7fbf7a59cdd9
[  639.689363][T15678] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  639.689386][T15678] RSP: 002b:00007fbf7b3e0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  639.689410][T15678] RAX: ffffffffffffffda RBX: 00007fbf7a815fa0 RCX: 00007fbf7a59cdd9
[  639.689426][T15678] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000007
[  639.689441][T15678] RBP: 00007fbf7a632d69 R08: 0000000000000000 R09: 0000000000000000
[  639.689456][T15678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  639.689470][T15678] R13: 00007fbf7a816038 R14: 00007fbf7a815fa0 R15: 00007ffe4d083418
[  639.689500][T15678]  </TASK>
[  640.712466][T15682] futex_wake_op: syz.0.2318 tries to shift op by -2048; fix this program
[  640.775370][T15682] binder: 15681:15682 ioctl 40046210 0 returned -14
[  640.966342][T15664] Process accounting resumed
[  641.054959][T15545] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  641.123379][T15545] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  641.163013][T15545] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  641.231740][T15545] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  641.289346][T15545] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  641.316670][T15693] NFSD: Failed to start, no listeners configured.
[  641.357722][T15545] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  641.388018][T15545] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  641.431660][T15545] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  641.907530][T15545] 8021q: adding VLAN 0 to HW filter on device bond0
[  641.967692][T15545] 8021q: adding VLAN 0 to HW filter on device team0
[  642.021664][ T9140] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.028837][ T9140] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.100146][ T9140] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.107340][ T9140] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.136215][T15713] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2325'.
[  642.522704][T15722] NFSD: Failed to start, no listeners configured.
[  642.550615][T15726] futex_wake_op: syz.3.2329 tries to shift op by -2048; fix this program
[  642.595357][T15726] binder: 15723:15726 ioctl 40046210 0 returned -14
[  643.106301][T15735] NFSD: Failed to start, no listeners configured.
[  643.125147][T15737] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2332'.
[  643.576102][ T9145] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  643.583742][ T9145] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff
[  643.635860][T13710] Process accounting resumed
[  644.046203][T15545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  644.271802][T15748] Process accounting resumed
[  644.616493][T15545] veth0_vlan: entered promiscuous mode
[  644.723791][T15545] veth1_vlan: entered promiscuous mode
[  644.862956][T15545] veth0_macvtap: entered promiscuous mode
[  644.900750][T15545] veth1_macvtap: entered promiscuous mode
[  644.957315][T15545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  645.145884][T15545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  645.202638][T14346] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  645.242449][T14346] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  645.356123][T14346] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  645.410382][T14346] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  645.748751][T14344] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.792736][T14344] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  645.905204][T14346] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  645.937972][T14346] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  647.141512][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  647.232120][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  647.232120][ T9267] 
[  647.771248][T15804] NFSD: Failed to start, no listeners configured.
[  649.522232][T15846] NFSD: Failed to start, no listeners configured.
[  650.585388][T15879] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  650.691436][T15873] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  650.768614][T15873] EXT4-fs (sda1): This should not happen!! Data will be lost
[  650.768614][T15873] 
[  651.418757][T15886] vivid-007: =================  START STATUS  =================
[  651.512742][T15886] vivid-007: Enable Output Cropping: true
[  651.597296][T15886] vivid-007: Enable Output Composing: true
[  651.666383][T15894] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  651.749920][T15886] vivid-007: Enable Output Scaler: true
[  651.811443][T15886] vivid-007: Tx RGB Quantization Range: Automatic
[  651.848705][T15886] vivid-007: Transmit Mode: HDMI
[  651.892129][T15886] vivid-007: Hotplug Present: 0x00000000
[  651.930153][T15886] vivid-007: RxSense Present: 0x00000000
[  651.963003][T15896] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2360'.
[  651.987070][T15886] vivid-007: EDID Present: 0x00000000
[  652.018122][T15886] vivid-007: ==================  END STATUS  ==================
[  654.671702][T15934] ptrace attach of "./syz-executor exec"[5622] was attempted by "./syz-executor exec"[15934]
[  654.707995][T15933] netlink: 306 bytes leftover after parsing attributes in process `syz.0.2367'.
[  655.026831][T15944] : Can't lookup blockdev
[  655.122077][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  655.198541][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  655.198541][ T9267] 
[  655.725446][T15955] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  656.123859][T15963] futex_wake_op: syz.1.2375 tries to shift op by -2048; fix this program
[  656.165883][T15963] binder: 15962:15963 ioctl 40046210 0 returned -14
[  656.311104][T14345] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  656.370072][T14345] EXT4-fs (sda1): This should not happen!! Data will be lost
[  656.370072][T14345] 
[  656.800844][T15977] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  656.945567][T15971] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  657.020342][T15971] EXT4-fs (sda1): This should not happen!! Data will be lost
[  657.020342][T15971] 
[  657.432507][T15989] : Can't lookup blockdev
[  657.536196][T15989] snd_virmidi snd_virmidi.0: control 61678:131081:3:yª:65534 is already present
[  658.379771][T15998] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2382'.
[  658.551521][T16011] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2382'.
[  659.707070][T16046] FAULT_INJECTION: forcing a failure.
[  659.707070][T16046] name failslab, interval 1, probability 0, space 0, times 0
[  659.789486][T16046] CPU: 0 UID: 0 PID: 16046 Comm: syz.1.2395 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  659.789536][T16046] Tainted: [L]=SOFTLOCKUP
[  659.789543][T16046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  659.789557][T16046] Call Trace:
[  659.789564][T16046]  <TASK>
[  659.789585][T16046]  dump_stack_lvl+0x100/0x190
[  659.789613][T16046]  should_fail_ex.cold+0x5/0xa
[  659.789641][T16046]  ? tomoyo_realpath_from_path+0xb6/0x690
[  659.789669][T16046]  should_failslab+0xc2/0x120
[  659.789694][T16046]  __kmalloc_noprof+0xe0/0x850
[  659.789729][T16046]  ? kfree+0x1dd/0x6c0
[  659.789763][T16046]  tomoyo_realpath_from_path+0xb6/0x690
[  659.789796][T16046]  tomoyo_check_open_permission+0x2af/0x3c0
[  659.789820][T16046]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  659.789852][T16046]  ? hook_file_open+0x24e/0x7a0
[  659.789892][T16046]  ? path_get+0x61/0x80
[  659.789923][T16046]  tomoyo_file_open+0x6b/0x90
[  659.789955][T16046]  security_file_open+0xb5/0x1e0
[  659.789980][T16046]  do_dentry_open+0x5aa/0x1660
[  659.790008][T16046]  ? security_inode_permission+0xbf/0x250
[  659.790034][T16046]  vfs_open+0x82/0x3f0
[  659.790069][T16046]  path_openat+0x208c/0x31a0
[  659.790104][T16046]  ? __pfx_path_openat+0x10/0x10
[  659.790141][T16046]  do_file_open+0x20e/0x430
[  659.790177][T16046]  ? __pfx_do_file_open+0x10/0x10
[  659.790224][T16046]  ? alloc_fd+0x476/0x790
[  659.790264][T16046]  ? do_getname+0x191/0x390
[  659.790297][T16046]  do_sys_openat2+0x10d/0x1e0
[  659.790328][T16046]  ? __pfx_do_sys_openat2+0x10/0x10
[  659.790369][T16046]  __x64_sys_openat+0x12d/0x210
[  659.790401][T16046]  ? __pfx___x64_sys_openat+0x10/0x10
[  659.790432][T16046]  ? ksys_write+0x1ac/0x250
[  659.790458][T16046]  ? rcu_is_watching+0x12/0xc0
[  659.790486][T16046]  do_syscall_64+0x10b/0xf80
[  659.790511][T16046]  ? clear_bhb_loop+0x40/0x90
[  659.790536][T16046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.790557][T16046] RIP: 0033:0x7fbf7a59cdd9
[  659.790574][T16046] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  659.790594][T16046] RSP: 002b:00007fbf7b3e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  659.790613][T16046] RAX: ffffffffffffffda RBX: 00007fbf7a815fa0 RCX: 00007fbf7a59cdd9
[  659.790627][T16046] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  659.790640][T16046] RBP: 00007fbf7a632d69 R08: 0000000000000000 R09: 0000000000000000
[  659.790652][T16046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  659.790664][T16046] R13: 00007fbf7a816038 R14: 00007fbf7a815fa0 R15: 00007ffe4d083418
[  659.790690][T16046]  </TASK>
[  660.356261][T16046] ERROR: Out of memory at tomoyo_realpath_from_path.
[  660.828947][T16062] : Can't lookup blockdev
[  660.961302][T16062] snd_virmidi snd_virmidi.0: control 61678:131081:3:yª:65534 is already present
[  665.871044][T16131] netlink: 306 bytes leftover after parsing attributes in process `syz.1.2418'.
[  666.353536][T16138] =======================================================
[  666.353536][T16138] WARNING: The mand mount option has been deprecated and
[  666.353536][T16138]          and is ignored by this kernel. Remove the mand
[  666.353536][T16138]          option from the mount to silence this warning.
[  666.353536][T16138] =======================================================
[  666.614732][T16140] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  666.706827][T16140] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  666.775477][T16140] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  666.824406][T16140] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  666.890857][T16140] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  666.949419][T16140] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  666.992289][T16140] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  667.086277][T16140] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  668.098464][T16162] can: request_module (can-proto-0) failed.
[  668.673427][T12377] Bluetooth: hci2: command 0x0c1a tx timeout
[  668.753582][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  668.835109][T12377] Bluetooth: hci3: command 0x0c1a tx timeout
[  668.993636][T12377] Bluetooth: hci4: command 0x0c1a tx timeout
[  669.682740][T16209] NFSD: Failed to start, no listeners configured.
[  670.187886][T16219] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2444'.
[  670.495780][T16223] FAULT_INJECTION: forcing a failure.
[  670.495780][T16223] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  670.621681][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  670.653772][T16223] CPU: 0 UID: 0 PID: 16223 Comm: syz.3.2445 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  670.653803][T16223] Tainted: [L]=SOFTLOCKUP
[  670.653810][T16223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  670.653822][T16223] Call Trace:
[  670.653828][T16223]  <TASK>
[  670.653835][T16223]  dump_stack_lvl+0x100/0x190
[  670.653861][T16223]  should_fail_ex.cold+0x5/0xa
[  670.653886][T16223]  _copy_from_user+0x2e/0xd0
[  670.653919][T16223]  kvm_arch_vcpu_ioctl+0xfa0/0x5730
[  670.653955][T16223]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  670.653982][T16223]  ? __pfx_stack_trace_save+0x10/0x10
[  670.654010][T16223]  ? stack_depot_save_flags+0x27/0x9d0
[  670.654033][T16223]  ? __lock_acquire+0x4a5/0x2630
[  670.654052][T16223]  ? tomoyo_path_number_perm+0x46d/0x580
[  670.654076][T16223]  ? __lock_acquire+0x4a5/0x2630
[  670.654093][T16223]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.654122][T16223]  ? lock_acquire+0x1b1/0x370
[  670.654145][T16223]  ? trace_contention_end+0x122/0x170
[  670.654167][T16223]  ? __mutex_lock+0x26d/0x1b10
[  670.654196][T16223]  ? kvm_vcpu_ioctl+0x322/0x1720
[  670.654220][T16223]  ? __pfx___mutex_lock+0x10/0x10
[  670.654244][T16223]  ? kasan_quarantine_put+0x104/0x240
[  670.654280][T16223]  ? tomoyo_path_number_perm+0x28f/0x580
[  670.654305][T16223]  ? tomoyo_path_number_perm+0x188/0x580
[  670.654336][T16223]  ? kvm_vcpu_ioctl+0x8a0/0x1720
[  670.654354][T16223]  kvm_vcpu_ioctl+0x8a0/0x1720
[  670.654375][T16223]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  670.654394][T16223]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  670.654430][T16223]  ? do_vfs_ioctl+0x226/0x13e0
[  670.654449][T16223]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  670.654499][T16223]  ? hook_file_ioctl_common+0x149/0x410
[  670.654535][T16223]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  670.654558][T16223]  __x64_sys_ioctl+0x18e/0x210
[  670.654583][T16223]  do_syscall_64+0x10b/0xf80
[  670.654609][T16223]  ? clear_bhb_loop+0x40/0x90
[  670.654638][T16223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.654661][T16223] RIP: 0033:0x7fecf999cdd9
[  670.654679][T16223] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  670.654702][T16223] RSP: 002b:00007fecfa7e9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  670.654724][T16223] RAX: ffffffffffffffda RBX: 00007fecf9c15fa0 RCX: 00007fecf999cdd9
[  670.654739][T16223] RDX: 0000000000000000 RSI: 000000004048aecb RDI: 0000000000000004
[  670.654752][T16223] RBP: 00007fecfa7e9090 R08: 0000000000000000 R09: 0000000000000000
[  670.654766][T16223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  670.654780][T16223] R13: 00007fecf9c16038 R14: 00007fecf9c15fa0 R15: 00007ffe84d1d948
[  670.654809][T16223]  </TASK>
[  671.195338][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  671.195338][ T9267] 
[  671.243166][T12377] Bluetooth: hci3: command 0x0c1a tx timeout
[  671.253499][T12377] Bluetooth: hci4: command 0x0c1a tx timeout
[  671.386165][T16236] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  671.460460][T16236] EXT4-fs (sda1): This should not happen!! Data will be lost
[  671.460460][T16236] 
[  673.117935][T16267] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2457'.
[  673.313644][ T9145] Bluetooth: hci4: command 0x0c1a tx timeout
[  673.319713][T12377] Bluetooth: hci3: command 0x0c1a tx timeout
[  673.345992][T16279] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  673.445542][T16223] Process accounting paused
[  673.452122][T16279] EXT4-fs (sda1): This should not happen!! Data will be lost
[  673.452122][T16279] 
[  673.993377][T16293] futex_wake_op: syz.0.2465 tries to shift op by -2048; fix this program
[  674.048905][T16293] binder: 16291:16293 ioctl 40046210 0 returned -14
[  674.430427][T16305] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2469'.
[  674.897003][T16317] NFSD: Failed to start, no listeners configured.
[  675.440701][T14357] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  675.550394][T14357] EXT4-fs (sda1): This should not happen!! Data will be lost
[  675.550394][T14357] 
[  675.769895][T16296] Process accounting paused
[  676.062699][   T30] audit: type=1800 audit(1843106763.936:13): pid=16344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2480" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  676.536275][T16357] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  676.659240][T16357] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  676.760535][T16357] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  676.902217][T16357] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  678.353305][ T9145] Bluetooth: hci2: command 0x0c1a tx timeout
[  678.398858][T16399] zram: Removed device: zram0
[  678.673505][ T9145] Bluetooth: hci0: command 0x0c1a tx timeout
[  678.813766][T16409] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  678.833479][ T9145] Bluetooth: hci3: command 0x0c1a tx timeout
[  678.913951][ T9145] Bluetooth: hci4: command 0x0c1a tx timeout
[  681.686998][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  681.819090][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  681.819090][ T9267] 
[  681.927078][T16456] FAULT_INJECTION: forcing a failure.
[  681.927078][T16456] name failslab, interval 1, probability 0, space 0, times 0
[  682.043430][T16456] CPU: 0 UID: 0 PID: 16456 Comm: syz.1.2502 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  682.043464][T16456] Tainted: [L]=SOFTLOCKUP
[  682.043471][T16456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  682.043484][T16456] Call Trace:
[  682.043490][T16456]  <TASK>
[  682.043498][T16456]  dump_stack_lvl+0x100/0x190
[  682.043526][T16456]  should_fail_ex.cold+0x5/0xa
[  682.043553][T16456]  should_failslab+0xc2/0x120
[  682.043577][T16456]  __kvmalloc_node_noprof+0xfa/0xa00
[  682.043597][T16456]  ? traverse.part.0.constprop.0+0x397/0x650
[  682.043628][T16456]  traverse.part.0.constprop.0+0x397/0x650
[  682.043659][T16456]  seq_read_iter+0x93f/0x1270
[  682.043691][T16456]  kernfs_fop_read_iter+0x46c/0x610
[  682.043723][T16456]  ? rw_verify_area+0xce/0x6d0
[  682.043742][T16456]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  682.043775][T16456]  vfs_read+0x825/0xb30
[  682.043800][T16456]  ? __pfx_vfs_read+0x10/0x10
[  682.043821][T16456]  ? find_held_lock+0x2b/0x80
[  682.043864][T16456]  __x64_sys_pread64+0x1eb/0x250
[  682.043890][T16456]  ? __pfx___x64_sys_pread64+0x10/0x10
[  682.043916][T16456]  ? rcu_is_watching+0x12/0xc0
[  682.043945][T16456]  do_syscall_64+0x10b/0xf80
[  682.043970][T16456]  ? clear_bhb_loop+0x40/0x90
[  682.043996][T16456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.044017][T16456] RIP: 0033:0x7fbf7a59cdd9
[  682.044034][T16456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  682.044054][T16456] RSP: 002b:00007fbf7b3e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  682.044075][T16456] RAX: ffffffffffffffda RBX: 00007fbf7a815fa0 RCX: 00007fbf7a59cdd9
[  682.044088][T16456] RDX: 000000100000000b RSI: 0000200000000100 RDI: 0000000000000003
[  682.044101][T16456] RBP: 00007fbf7b3e0090 R08: 0000000000000000 R09: 0000000000000000
[  682.044114][T16456] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  682.044126][T16456] R13: 00007fbf7a816038 R14: 00007fbf7a815fa0 R15: 00007ffe4d083418
[  682.044152][T16456]  </TASK>
[  683.393066][ T9145] Bluetooth: hci4: unexpected event for opcode 0x7c89
[  685.089771][T16504] futex_wake_op: syz.1.2510 tries to shift op by -2048; fix this program
[  685.149471][T16506] binder: 16503:16506 ioctl 40046210 0 returned -14
[  685.326397][T16508] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  686.252504][T16527] NFSD: Failed to start, no listeners configured.
[  687.408267][T14357] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  687.491568][T14357] EXT4-fs (sda1): This should not happen!! Data will be lost
[  687.491568][T14357] 
[  688.061912][T16565] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  688.121841][T16561] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  688.266851][T16561] EXT4-fs (sda1): This should not happen!! Data will be lost
[  688.266851][T16561] 
[  689.011436][T16578] FAULT_INJECTION: forcing a failure.
[  689.011436][T16578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  689.135356][T16578] CPU: 0 UID: 0 PID: 16578 Comm: syz.3.2526 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  689.135386][T16578] Tainted: [L]=SOFTLOCKUP
[  689.135393][T16578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  689.135405][T16578] Call Trace:
[  689.135411][T16578]  <TASK>
[  689.135418][T16578]  dump_stack_lvl+0x100/0x190
[  689.135443][T16578]  should_fail_ex.cold+0x5/0xa
[  689.135469][T16578]  _copy_to_iter+0x1f3/0x1720
[  689.135505][T16578]  ? __pfx__copy_to_iter+0x10/0x10
[  689.135539][T16578]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  689.135569][T16578]  seq_read_iter+0x691/0x1270
[  689.135599][T16578]  kernfs_fop_read_iter+0x46c/0x610
[  689.135629][T16578]  ? rw_verify_area+0xce/0x6d0
[  689.135647][T16578]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  689.135677][T16578]  vfs_read+0x825/0xb30
[  689.135701][T16578]  ? __pfx_vfs_read+0x10/0x10
[  689.135721][T16578]  ? find_held_lock+0x2b/0x80
[  689.135761][T16578]  __x64_sys_pread64+0x1eb/0x250
[  689.135785][T16578]  ? __pfx___x64_sys_pread64+0x10/0x10
[  689.135810][T16578]  ? rcu_is_watching+0x12/0xc0
[  689.135836][T16578]  do_syscall_64+0x10b/0xf80
[  689.135861][T16578]  ? clear_bhb_loop+0x40/0x90
[  689.135884][T16578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.135911][T16578] RIP: 0033:0x7fecf999cdd9
[  689.135927][T16578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  689.135946][T16578] RSP: 002b:00007fecfa7e9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  689.135965][T16578] RAX: ffffffffffffffda RBX: 00007fecf9c15fa0 RCX: 00007fecf999cdd9
[  689.135979][T16578] RDX: 000000100000000b RSI: 0000200000000100 RDI: 0000000000000003
[  689.135991][T16578] RBP: 00007fecfa7e9090 R08: 0000000000000000 R09: 0000000000000000
[  689.136002][T16578] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  689.136014][T16578] R13: 00007fecf9c16038 R14: 00007fecf9c15fa0 R15: 00007ffe84d1d948
[  689.136038][T16578]  </TASK>
[  689.141284][T16576] sctp: [Deprecated]: syz.1.2525 (pid 16576) Use of int in max_burst socket option deprecated.
[  689.141284][T16576] Use struct sctp_assoc_value instead
[  689.748893][T16595] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.0.2528: Error -117 reading block bitmap for 4
[  690.059634][T16589] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(3373199068.4118818858.3687619798), cmd(12)
[  691.184962][T16618] NFSD: Failed to start, no listeners configured.
[  691.413003][T12377] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  691.427340][T12377] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  691.436546][T12377] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  691.454929][T12377] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  691.462594][T12377] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  692.112080][T16641] hub 1-0:1.0: USB hub found
[  692.244871][T16641] hub 1-0:1.0: 1 port detected
[  692.401116][T14346] bridge0: port 3(syz_tun) entered disabled state
[  692.702642][ T9267] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.149069][ T9267] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.426444][ T9267] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.553390][T12377] Bluetooth: hci1: command tx timeout
[  693.645666][ T9267] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.657804][T16665] FAULT_INJECTION: forcing a failure.
[  693.657804][T16665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  693.711972][T16665] CPU: 0 UID: 0 PID: 16665 Comm: syz.2.2540 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  693.712006][T16665] Tainted: [L]=SOFTLOCKUP
[  693.712014][T16665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  693.712028][T16665] Call Trace:
[  693.712035][T16665]  <TASK>
[  693.712043][T16665]  dump_stack_lvl+0x100/0x190
[  693.712072][T16665]  should_fail_ex.cold+0x5/0xa
[  693.712102][T16665]  _copy_to_user+0x32/0xd0
[  693.712149][T16665]  simple_read_from_buffer+0xcb/0x170
[  693.712178][T16665]  proc_fail_nth_read+0x1af/0x230
[  693.712215][T16665]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  693.712254][T16665]  ? rw_verify_area+0xce/0x6d0
[  693.712276][T16665]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  693.712316][T16665]  vfs_read+0x1e4/0xb30
[  693.712345][T16665]  ? __pfx_vfs_read+0x10/0x10
[  693.712369][T16665]  ? __fget_files+0x215/0x3d0
[  693.712402][T16665]  ? __fget_files+0x21f/0x3d0
[  693.712435][T16665]  ksys_read+0x12a/0x250
[  693.712466][T16665]  ? __pfx_ksys_read+0x10/0x10
[  693.712504][T16665]  ? rcu_is_watching+0x12/0xc0
[  693.712531][T16665]  do_syscall_64+0x10b/0xf80
[  693.712554][T16665]  ? clear_bhb_loop+0x40/0x90
[  693.712579][T16665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.712599][T16665] RIP: 0033:0x7ff8b475d60e
[  693.712614][T16665] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  693.712634][T16665] RSP: 002b:00007ff8b55f6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  693.712652][T16665] RAX: ffffffffffffffda RBX: 00007ff8b55f76c0 RCX: 00007ff8b475d60e
[  693.712665][T16665] RDX: 000000000000000f RSI: 00007ff8b55f70a0 RDI: 0000000000000004
[  693.712676][T16665] RBP: 00007ff8b55f7090 R08: 0000000000000000 R09: 0000000000000000
[  693.712688][T16665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  693.712699][T16665] R13: 00007ff8b4a16038 R14: 00007ff8b4a15fa0 R15: 00007ffe9af1e8e8
[  693.712724][T16665]  </TASK>
[  695.100194][ T9267] syz_tun: left allmulticast mode
[  695.116998][ T9267] syz_tun: left promiscuous mode
[  695.145290][ T9267] bridge0: port 3(syz_tun) entered disabled state
[  695.206725][ T9267] bridge_slave_1: left allmulticast mode
[  695.226458][ T9267] bridge_slave_1: left promiscuous mode
[  695.261284][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  695.325853][ T9267] bridge_slave_0: left allmulticast mode
[  695.347694][ T9267] bridge_slave_0: left promiscuous mode
[  695.378867][ T9267] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.633317][T12377] Bluetooth: hci1: command tx timeout
[  696.262443][ T9267] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  696.341638][ T9267] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  696.399875][ T9267] bond0 (unregistering): Released all slaves
[  696.633148][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1
[  696.662558][ T9267] tipc: Left network mode
[  697.114841][T16623] bridge0: port 1(bridge_slave_0) entered blocking state
[  697.158675][T16707] FAULT_INJECTION: forcing a failure.
[  697.158675][T16707] name failslab, interval 1, probability 0, space 0, times 0
[  697.185568][T16623] bridge0: port 1(bridge_slave_0) entered disabled state
[  697.227402][T16623] bridge_slave_0: entered allmulticast mode
[  697.246298][T16707] CPU: 0 UID: 0 PID: 16707 Comm: syz.2.2544 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  697.246330][T16707] Tainted: [L]=SOFTLOCKUP
[  697.246337][T16707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  697.246350][T16707] Call Trace:
[  697.246356][T16707]  <TASK>
[  697.246363][T16707]  dump_stack_lvl+0x100/0x190
[  697.246389][T16707]  should_fail_ex.cold+0x5/0xa
[  697.246417][T16707]  should_failslab+0xc2/0x120
[  697.246440][T16707]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  697.246473][T16707]  ? alloc_empty_file+0x5b/0x1c0
[  697.246503][T16707]  ? __pfx_stack_trace_save+0x10/0x10
[  697.246536][T16707]  alloc_empty_file+0x5b/0x1c0
[  697.246566][T16707]  path_openat+0xe8/0x31a0
[  697.246590][T16707]  ? kasan_save_stack+0x3f/0x50
[  697.246609][T16707]  ? kasan_save_stack+0x30/0x50
[  697.246627][T16707]  ? kasan_save_track+0x14/0x30
[  697.246645][T16707]  ? __kasan_slab_alloc+0x89/0x90
[  697.246665][T16707]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  697.246697][T16707]  ? do_getname+0x35/0x390
[  697.246726][T16707]  ? do_sys_openat2+0xc5/0x1e0
[  697.246756][T16707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.246780][T16707]  ? __pfx_path_openat+0x10/0x10
[  697.246814][T16707]  do_file_open+0x20e/0x430
[  697.246841][T16707]  ? __pfx_do_file_open+0x10/0x10
[  697.246887][T16707]  ? alloc_fd+0x476/0x790
[  697.246914][T16707]  ? do_getname+0x191/0x390
[  697.246946][T16707]  do_sys_openat2+0x10d/0x1e0
[  697.246977][T16707]  ? __pfx_do_sys_openat2+0x10/0x10
[  697.247017][T16707]  __x64_sys_openat+0x12d/0x210
[  697.247050][T16707]  ? __pfx___x64_sys_openat+0x10/0x10
[  697.247081][T16707]  ? ksys_write+0x1ac/0x250
[  697.247107][T16707]  ? rcu_is_watching+0x12/0xc0
[  697.247135][T16707]  do_syscall_64+0x10b/0xf80
[  697.247159][T16707]  ? clear_bhb_loop+0x40/0x90
[  697.247203][T16707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.247224][T16707] RIP: 0033:0x7ff8b479cdd9
[  697.247240][T16707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  697.247260][T16707] RSP: 002b:00007ff8b55d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  697.247280][T16707] RAX: ffffffffffffffda RBX: 00007ff8b4a16090 RCX: 00007ff8b479cdd9
[  697.247293][T16707] RDX: 0000000000080240 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  697.247306][T16707] RBP: 00007ff8b4832d69 R08: 0000000000000000 R09: 0000000000000000
[  697.247318][T16707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  697.247330][T16707] R13: 00007ff8b4a16128 R14: 00007ff8b4a16090 R15: 00007ffe9af1e8e8
[  697.247355][T16707]  </TASK>
[  697.536201][T16623] bridge_slave_0: entered promiscuous mode
[  697.544001][T16623] bridge0: port 2(bridge_slave_1) entered blocking state
[  697.551139][T16623] bridge0: port 2(bridge_slave_1) entered disabled state
[  697.558365][T16623] bridge_slave_1: entered allmulticast mode
[  697.565742][T16623] bridge_slave_1: entered promiscuous mode
[  697.594682][T16623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  697.607350][T16623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  697.636805][T16623] team0: Port device team_slave_0 added
[  697.644543][T16623] team0: Port device team_slave_1 added
[  697.669931][T16623] batman_adv: batadv0: Adding interface: batadv_slave_0
[  697.677247][T16623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  697.703747][T16623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  697.716399][T16623] batman_adv: batadv0: Adding interface: batadv_slave_1
[  697.723405][T16623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  697.749511][T16623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  697.790641][T16623] hsr_slave_0: entered promiscuous mode
[  697.796954][T16623] hsr_slave_1: entered promiscuous mode
[  697.808011][T16623] debugfs: 'hsr0' already exists in 'hsr'
[  697.822017][T16623] Cannot create hsr debugfs directory
[  697.867560][T12377] Bluetooth: hci1: command tx timeout
[  698.229308][T12377] Bluetooth: hci4: unexpected event for opcode 0x7c89
[  698.946305][T16731] futex_wake_op: syz.3.2547 tries to shift op by -2048; fix this program
[  698.992391][T16731] binder: 16730:16731 ioctl 40046210 0 returned -14
[  699.298384][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2
[  699.873873][T12377] Bluetooth: hci1: command tx timeout
[  699.931931][T16745] futex_wake_op: syz.2.2551 tries to shift op by -2048; fix this program
[  700.001849][T16749] binder: 16744:16749 ioctl 40046210 0 returned -14
[  700.070654][T16745] futex_wake_op: syz.2.2551 tries to shift op by -2048; fix this program
[  700.421030][T12377] Bluetooth: hci3: unexpected event for opcode 0x7c89
[  700.440555][T16759] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2554'.
[  700.693537][T16754] netlink: 'syz.3.2552': attribute type 33 has an invalid length.
[  700.776460][T16754] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2552'.
[  702.539503][T16623] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  702.569877][T16623] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  702.679948][  T937] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243)
[  702.741389][T16623] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  702.777274][T16623] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  702.807259][T16623] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  702.857038][T16623] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  702.888322][T16623] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  702.945960][T16623] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  703.006172][ T9267] hsr_slave_0: left promiscuous mode
[  703.028929][ T9267] hsr_slave_1: left promiscuous mode
[  703.050765][ T9267] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  703.072469][ T9267] batman_adv: batadv0: Removing interface: batadv_slave_0
[  703.096220][ T9267] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  703.114068][ T9267] batman_adv: batadv0: Removing interface: batadv_slave_1
[  703.142052][ T9267] veth1_macvtap: left promiscuous mode
[  703.151713][ T9267] veth0_macvtap: left promiscuous mode
[  703.169090][ T9267] veth1_vlan: left promiscuous mode
[  703.175956][ T9267] veth0_vlan: left promiscuous mode
[  703.578147][ T9267] team0 (unregistering): Port device team_slave_1 removed
[  703.610248][ T9267] team0 (unregistering): Port device team_slave_0 removed
[  704.350014][T16623] 8021q: adding VLAN 0 to HW filter on device bond0
[  704.445222][T16793] Process accounting resumed
[  704.499572][T16623] 8021q: adding VLAN 0 to HW filter on device team0
[  704.576080][ T9267] bridge0: port 1(bridge_slave_0) entered blocking state
[  704.584403][ T9267] bridge0: port 1(bridge_slave_0) entered forwarding state
[  704.692641][ T9267] bridge0: port 2(bridge_slave_1) entered blocking state
[  704.699817][ T9267] bridge0: port 2(bridge_slave_1) entered forwarding state
[  707.389038][T16623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  707.594389][T16623] veth0_vlan: entered promiscuous mode
[  707.670659][T16623] veth1_vlan: entered promiscuous mode
[  707.813827][T16623] veth0_macvtap: entered promiscuous mode
[  707.856872][T16623] veth1_macvtap: entered promiscuous mode
[  708.023970][T16623] batman_adv: batadv0: Interface activated: batadv_slave_0
[  708.088993][T16623] batman_adv: batadv0: Interface activated: batadv_slave_1
[  708.187592][ T9267] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  708.232998][ T9267] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  708.431828][ T9267] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  708.466216][T12377] Bluetooth: hci3: unexpected event for opcode 0x7c89
[  708.491469][ T9267] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  708.880463][T14345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  708.935414][T14345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  709.149903][ T9136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  709.202134][ T9136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  709.872096][T16914] NFSD: Failed to start, no listeners configured.
[  710.647327][T16934] NFSD: Failed to start, no listeners configured.
[  710.672586][T16935] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2587'.
[  712.816467][ T9145] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  712.830632][ T9145] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  712.841656][ T9145] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  712.859960][ T9145] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  712.871842][ T9145] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  714.913625][ T9145] Bluetooth: hci2: command tx timeout
[  714.980942][T17015] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2598'.
[  716.379485][ T9267] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.696852][ T9267] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.915102][ T9267] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.993401][ T9145] Bluetooth: hci2: command tx timeout
[  717.098764][ T9267] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  718.395594][T16973] bridge0: port 1(bridge_slave_0) entered blocking state
[  718.440588][T16973] bridge0: port 1(bridge_slave_0) entered disabled state
[  718.485582][T16973] bridge_slave_0: entered allmulticast mode
[  718.539919][T16973] bridge_slave_0: entered promiscuous mode
[  718.602595][T16973] bridge0: port 2(bridge_slave_1) entered blocking state
[  718.645664][T16973] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.698042][T16973] bridge_slave_1: entered allmulticast mode
[  718.760113][T16973] bridge_slave_1: entered promiscuous mode
[  718.876319][T17071] NFSD: Failed to start, no listeners configured.
[  718.946362][ T9267] bridge_slave_1: left allmulticast mode
[  718.967762][ T9267] bridge_slave_1: left promiscuous mode
[  719.011552][ T9267] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.070529][ T9267] bridge_slave_0: left allmulticast mode
[  719.076766][ T9145] Bluetooth: hci2: command tx timeout
[  719.110383][ T9267] bridge_slave_0: left promiscuous mode
[  719.151861][ T9267] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.722486][T17091] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2607'.
[  720.146174][ T9267] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  720.183864][ T9267] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  720.236005][ T9267] bond0 (unregistering): Released all slaves
[  720.336577][T16973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  720.374898][T16973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  720.527587][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1
[  720.660269][T16973] team0: Port device team_slave_0 added
[  720.710864][T16973] team0: Port device team_slave_1 added
[  720.972112][T16973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  720.998419][T16973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  721.085184][T16973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  721.157021][ T9145] Bluetooth: hci2: command tx timeout
[  721.164733][T16973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  721.191592][T16973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  721.284190][T16973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  721.729297][T16973] hsr_slave_0: entered promiscuous mode
[  721.769907][T16973] hsr_slave_1: entered promiscuous mode
[  722.645318][ T5288] 8021q: adding VLAN 0 to HW filter on device eth3
[  722.779234][T17137] NFSD: Failed to start, no listeners configured.
[  723.237569][T17144] queue_state_write: unsupported operation ''
[  723.319670][T17144] queue_state_write: use 'run', 'start' or 'kick'
[  724.107903][T17156] futex_wake_op: syz.2.2617 tries to shift op by -2048; fix this program
[  724.161305][T17156] binder: 17154:17156 ioctl 40046210 0 returned -14
[  724.497333][ T9267] hsr_slave_0: left promiscuous mode
[  724.529240][ T9267] hsr_slave_1: left promiscuous mode
[  724.565050][ T9267] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  724.609882][ T9267] batman_adv: batadv0: Removing interface: batadv_slave_0
[  724.648171][ T9267] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  724.686977][ T9267] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.756399][ T9267] veth1_macvtap: left promiscuous mode
[  724.790890][ T9267] veth0_macvtap: left promiscuous mode
[  724.825457][ T9267] veth1_vlan: left promiscuous mode
[  724.851089][ T9267] veth0_vlan: left promiscuous mode
[  725.658288][ T9267] team0 (unregistering): Port device team_slave_1 removed
[  725.689983][ T9267] team0 (unregistering): Port device team_slave_0 removed
[  726.226748][T16973] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  726.292411][T16973] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  726.330690][T16973] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  726.339254][T17177] NFSD: Failed to start, no listeners configured.
[  726.373531][T16973] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  726.404489][T16973] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  726.440147][T16973] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  726.570243][T16973] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  726.626311][T16973] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  727.399398][T17198] FAULT_INJECTION: forcing a failure.
[  727.399398][T17198] name failslab, interval 1, probability 0, space 0, times 0
[  727.494002][T16973] 8021q: adding VLAN 0 to HW filter on device bond0
[  727.528508][T17198] CPU: 0 UID: 0 PID: 17198 Comm: syz.1.2623 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  727.528546][T17198] Tainted: [L]=SOFTLOCKUP
[  727.528554][T17198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  727.528568][T17198] Call Trace:
[  727.528577][T17198]  <TASK>
[  727.528586][T17198]  dump_stack_lvl+0x100/0x190
[  727.528616][T17198]  should_fail_ex.cold+0x5/0xa
[  727.528647][T17198]  should_failslab+0xc2/0x120
[  727.528675][T17198]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  727.528716][T17198]  ? alloc_inode+0x68/0x250
[  727.528754][T17198]  ? simple_start_creating+0xb0/0x110
[  727.528789][T17198]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  727.528826][T17198]  alloc_inode+0x68/0x250
[  727.528863][T17198]  new_inode+0x22/0x1c0
[  727.528903][T17198]  __debugfs_create_file+0x105/0x4f0
[  727.528944][T17198]  debugfs_create_file_full+0x41/0x60
[  727.528984][T17198]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  727.529014][T17198]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  727.529068][T17198]  ? lockdep_init_map_type+0x5c/0x250
[  727.529096][T17198]  preinit_net.part.0+0x43b/0x920
[  727.529124][T17198]  copy_net_ns+0x339/0x7c0
[  727.529155][T17198]  create_new_namespaces+0x3ea/0xac0
[  727.529193][T17198]  unshare_nsproxy_namespaces+0xf2/0x220
[  727.529228][T17198]  ksys_unshare+0x438/0xab0
[  727.529266][T17198]  ? __pfx_ksys_unshare+0x10/0x10
[  727.529301][T17198]  ? xfd_validate_state+0x129/0x190
[  727.529326][T17198]  ? ksys_write+0x1ac/0x250
[  727.529361][T17198]  __x64_sys_unshare+0x31/0x40
[  727.529397][T17198]  do_syscall_64+0x10b/0xf80
[  727.529426][T17198]  ? clear_bhb_loop+0x40/0x90
[  727.529455][T17198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.529480][T17198] RIP: 0033:0x7f939f79cdd9
[  727.529498][T17198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  727.529539][T17198] RSP: 002b:00007f93a06b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  727.529573][T17198] RAX: ffffffffffffffda RBX: 00007f939fa16090 RCX: 00007f939f79cdd9
[  727.529588][T17198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  727.529602][T17198] RBP: 00007f939f832d69 R08: 0000000000000000 R09: 0000000000000000
[  727.529615][T17198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.529628][T17198] R13: 00007f939fa16128 R14: 00007f939fa16090 R15: 00007ffccd2a92b8
[  727.529656][T17198]  </TASK>
[  727.530708][T17198] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff8880326502f8'
[  728.435942][T17213] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2627'.
[  728.505668][T16973] 8021q: adding VLAN 0 to HW filter on device team0
[  728.542100][T14344] bridge0: port 1(bridge_slave_0) entered blocking state
[  728.549355][T14344] bridge0: port 1(bridge_slave_0) entered forwarding state
[  728.631739][T14344] bridge0: port 2(bridge_slave_1) entered blocking state
[  728.638992][T14344] bridge0: port 2(bridge_slave_1) entered forwarding state
[  729.341876][T17230] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2631'.
[  730.751985][T16973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  731.216256][T16973] veth0_vlan: entered promiscuous mode
[  731.295189][T16973] veth1_vlan: entered promiscuous mode
[  731.419706][T17280] vivid-008: =================  START STATUS  =================
[  731.466651][T16973] veth0_macvtap: entered promiscuous mode
[  731.475990][T17280] vivid-008: ==================  END STATUS  ==================
[  731.532990][T16973] veth1_macvtap: entered promiscuous mode
[  731.639825][T16973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  731.697799][T16973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  731.787680][T14357] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  731.849229][T14357] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  731.911262][T14357] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  731.968885][T14357] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  732.241798][T14357] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.297816][T14357] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.459513][T14345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.509655][T14345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.754737][T17302] random: crng reseeded on system resumption
[  734.322215][T17341] FAULT_INJECTION: forcing a failure.
[  734.322215][T17341] name failslab, interval 1, probability 0, space 0, times 0
[  734.403157][T17341] CPU: 0 UID: 0 PID: 17341 Comm: syz.2.2647 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  734.403194][T17341] Tainted: [L]=SOFTLOCKUP
[  734.403204][T17341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  734.403216][T17341] Call Trace:
[  734.403222][T17341]  <TASK>
[  734.403230][T17341]  dump_stack_lvl+0x100/0x190
[  734.403255][T17341]  should_fail_ex.cold+0x5/0xa
[  734.403280][T17341]  ? copy_splice_read+0x1a3/0xb90
[  734.403303][T17341]  should_failslab+0xc2/0x120
[  734.403326][T17341]  __kmalloc_noprof+0xe0/0x850
[  734.403362][T17341]  copy_splice_read+0x1a3/0xb90
[  734.403391][T17341]  ? __pfx_copy_splice_read+0x10/0x10
[  734.403416][T17341]  ? look_up_lock_class+0x64/0x120
[  734.403444][T17341]  ? lockdep_init_map_type+0x5c/0x250
[  734.403465][T17341]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  734.403489][T17341]  ? __pfx_copy_splice_read+0x10/0x10
[  734.403513][T17341]  do_splice_read+0x285/0x370
[  734.403539][T17341]  splice_direct_to_actor+0x2a1/0xa30
[  734.403565][T17341]  ? __pfx_direct_splice_actor+0x10/0x10
[  734.403593][T17341]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  734.403624][T17341]  do_splice_direct+0x174/0x240
[  734.403649][T17341]  ? __pfx_do_splice_direct+0x10/0x10
[  734.403674][T17341]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  734.403701][T17341]  ? rw_verify_area+0xce/0x6d0
[  734.403722][T17341]  do_sendfile+0xadc/0xe20
[  734.403747][T17341]  ? __pfx_do_sendfile+0x10/0x10
[  734.403767][T17341]  ? __fget_files+0x21f/0x3d0
[  734.403796][T17341]  __x64_sys_sendfile64+0x1d8/0x220
[  734.403821][T17341]  ? ksys_write+0x1ac/0x250
[  734.403843][T17341]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  734.403871][T17341]  ? rcu_is_watching+0x12/0xc0
[  734.403898][T17341]  do_syscall_64+0x10b/0xf80
[  734.403921][T17341]  ? clear_bhb_loop+0x40/0x90
[  734.403945][T17341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.403964][T17341] RIP: 0033:0x7ff8b479cdd9
[  734.403980][T17341] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  734.403999][T17341] RSP: 002b:00007ff8b55f7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  734.404019][T17341] RAX: ffffffffffffffda RBX: 00007ff8b4a15fa0 RCX: 00007ff8b479cdd9
[  734.404032][T17341] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  734.404043][T17341] RBP: 00007ff8b55f7090 R08: 0000000000000000 R09: 0000000000000000
[  734.404055][T17341] R10: 00000000000007cc R11: 0000000000000246 R12: 0000000000000001
[  734.404066][T17341] R13: 00007ff8b4a16038 R14: 00007ff8b4a15fa0 R15: 00007ffe9af1e8e8
[  734.404091][T17341]  </TASK>
[  735.657443][T17349] NFSD: Failed to start, no listeners configured.
[  736.797704][T17368] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2653'.
[  737.132903][T17373] NFSD: Failed to start, no listeners configured.
[  737.378832][T17382] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input7
[  738.372428][T17405] misc userio: Invalid payload size
[  738.952941][T12377] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  738.978997][T12377] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  738.990043][T12377] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  738.999732][T12377] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  739.008035][T12377] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  739.345608][   T30] audit: type=1800 audit(1843106827.216:14): pid=17426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2666" name="dummy_udc" dev="gadgetfs" ino=7344 res=0 errno=0
[  740.636917][T17411] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  741.073545][T12377] Bluetooth: hci0: command tx timeout
[  742.459561][T17413] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.498634][T17413] bridge0: port 1(bridge_slave_0) entered disabled state
[  742.538340][T17413] bridge_slave_0: entered allmulticast mode
[  742.582314][T17413] bridge_slave_0: entered promiscuous mode
[  742.633023][T17413] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.683961][T17413] bridge0: port 2(bridge_slave_1) entered disabled state
[  742.732174][T17413] bridge_slave_1: entered allmulticast mode
[  742.775289][T17413] bridge_slave_1: entered promiscuous mode
[  742.964236][T17413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  743.051808][T17413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  743.156182][T12377] Bluetooth: hci0: command tx timeout
[  743.261622][T17413] team0: Port device team_slave_0 added
[  743.334438][T17413] team0: Port device team_slave_1 added
[  743.507259][T17413] batman_adv: batadv0: Adding interface: batadv_slave_0
[  743.551884][T17413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  743.698348][T17413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  743.819660][T17413] batman_adv: batadv0: Adding interface: batadv_slave_1
[  743.860782][T17413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  743.986380][T17413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  744.294338][T17413] hsr_slave_0: entered promiscuous mode
[  744.339392][T17413] hsr_slave_1: entered promiscuous mode
[  744.385922][T17413] debugfs: 'hsr0' already exists in 'hsr'
[  744.429391][T17413] Cannot create hsr debugfs directory
[  745.234946][T12377] Bluetooth: hci0: command tx timeout
[  745.300572][T17522] futex_wake_op: syz.1.2686 tries to shift op by -2048; fix this program
[  745.350382][T17522] binder: 17521:17522 ioctl 40046210 0 returned -14
[  745.945350][T17413] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  746.032814][T17413] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  746.078711][T17413] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  746.142144][T17413] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  746.185821][T17413] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  746.228935][T17413] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  746.266554][T17413] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  746.312490][T17413] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  747.096933][T17413] 8021q: adding VLAN 0 to HW filter on device bond0
[  747.282030][T17413] 8021q: adding VLAN 0 to HW filter on device team0
[  747.315163][T12377] Bluetooth: hci0: command tx timeout
[  747.361276][T14345] bridge0: port 1(bridge_slave_0) entered blocking state
[  747.368449][T14345] bridge0: port 1(bridge_slave_0) entered forwarding state
[  747.615708][T14345] bridge0: port 2(bridge_slave_1) entered blocking state
[  747.622854][T14345] bridge0: port 2(bridge_slave_1) entered forwarding state
[  747.708055][T17560] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2695'.
[  748.171855][T17551] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  748.203547][T17551] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  748.248858][T17551] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  748.278228][T17551] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  748.348639][T17551] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  748.405534][T17551] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  748.445464][T17551] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  748.506630][T17551] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  748.572311][T17551] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  748.604597][T17551] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  748.658270][T17551] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  749.553608][T12377] Bluetooth: hci3: command 0x0c1a tx timeout
[  750.108474][T17413] 8021q: adding VLAN 0 to HW filter on device batadv0
[  750.273366][T12377] Bluetooth: hci1: command 0x0c1a tx timeout
[  750.280167][ T9145] Bluetooth: hci4: command 0x0c1a tx timeout
[  750.433829][T12377] Bluetooth: hci2: command 0x0c1a tx timeout
[  750.593660][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  751.200324][T17603] NFSD: Failed to start, no listeners configured.
[  751.534588][T17413] veth0_vlan: entered promiscuous mode
[  751.798093][T17413] veth1_vlan: entered promiscuous mode
[  752.017558][T17413] veth0_macvtap: entered promiscuous mode
[  752.086448][T17413] veth1_macvtap: entered promiscuous mode
[  752.197775][T17413] batman_adv: batadv0: Interface activated: batadv_slave_0
[  752.216157][T12377] Bluetooth: hci2: unexpected event for opcode 0x7c89
[  752.287502][T17413] batman_adv: batadv0: Interface activated: batadv_slave_1
[  752.354157][T12377] Bluetooth: hci1: command 0x0c1a tx timeout
[  752.371066][ T9267] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  752.427366][ T9267] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  752.489318][ T9267] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  752.545083][ T9267] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  752.674365][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  752.980432][T14345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  753.037580][T14345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  753.265411][ T9136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  753.282229][T17628] futex_wake_op: syz.2.2706 tries to shift op by -2048; fix this program
[  753.304843][ T9136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  753.336994][T17628] binder: 17627:17628 ioctl 40046210 0 returned -14
[  753.761028][T17637] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  753.828237][T12377] Bluetooth: hci1: unexpected event for opcode 0x7c89
[  754.097051][T17642] random: crng reseeded on system resumption
[  754.177411][T14344] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.667553][T14344] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.753621][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  754.792946][T14344] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.947045][T14344] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  755.142251][T17659] futex_wake_op: syz.4.2711 tries to shift op by -2048; fix this program
[  755.179910][T17659] futex_wake_op: syz.4.2711 tries to shift op by -2048; fix this program
[  755.221844][T17659] 0x000000000001-0x000000020000 : ""
[  755.261226][T17659] ftl_cs: FTL header corrupt!
[  755.920420][T17664] netlink: 306 bytes leftover after parsing attributes in process `syz.4.2712'.
[  756.348671][T14344] bridge_slave_1: left allmulticast mode
[  756.379691][T14344] bridge_slave_1: left promiscuous mode
[  756.417756][T14344] bridge0: port 2(bridge_slave_1) entered disabled state
[  756.507624][T14344] bridge_slave_0: left allmulticast mode
[  756.552570][T14344] bridge_slave_0: left promiscuous mode
[  756.576948][T12377] Bluetooth: hci4: unexpected event for opcode 0x7c89
[  756.605633][T14344] bridge0: port 1(bridge_slave_0) entered disabled state
[  757.446443][T17704] netlink: 306 bytes leftover after parsing attributes in process `syz.2.2722'.
[  757.635051][T14344] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  757.760223][T14344] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  757.839089][T14344] bond0 (unregistering): Released all slaves
[  758.184383][T17722] block2mtd: parameter too long
[  758.237432][ T5288] 8021q: adding VLAN 0 to HW filter on device eth1
[  758.757681][T14344] hsr_slave_0: left promiscuous mode
[  758.785169][T14344] hsr_slave_1: left promiscuous mode
[  758.800947][T14344] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  758.830566][T14344] batman_adv: batadv0: Removing interface: batadv_slave_0
[  758.870306][T14344] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  758.903180][T14344] batman_adv: batadv0: Removing interface: batadv_slave_1
[  758.996002][T14344] veth1_macvtap: left promiscuous mode
[  759.024112][T14344] veth0_macvtap: left promiscuous mode
[  759.051510][T14344] veth1_vlan: left promiscuous mode
[  759.076250][T14344] veth0_vlan: left promiscuous mode
[  759.084193][T17733] NFSD: Failed to start, no listeners configured.
[  759.283639][T17736] NFSD: Failed to start, no listeners configured.
[  759.606425][   T30] audit: type=1804 audit(1843106847.486:15): pid=17740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2733" name="/newroot/124/file0" dev="tmpfs" ino=655 res=1 errno=0
[  759.807797][T14344] team0 (unregistering): Port device team_slave_1 removed
[  759.840854][T14344] team0 (unregistering): Port device team_slave_0 removed
[  759.886145][T17742] ksmbd: Unknown IPC event: 14, ignore.
[  760.487325][T17748] futex_wake_op: syz.3.2735 tries to shift op by -2048; fix this program
[  760.598796][T17748] binder: 17745:17748 ioctl 40046210 0 returned -14
[  761.480889][T17770] futex_wake_op: syz.3.2739 tries to shift op by -2048; fix this program
[  761.586369][T17772] binder: 17767:17772 ioctl 40046210 0 returned -14
[  762.769746][ T5288] 8021q: adding VLAN 0 to HW filter on device eth2
[  765.000635][T17832] futex_wake_op: syz.2.2750 tries to shift op by -2048; fix this program
[  765.053959][T17832] binder: 17831:17832 ioctl 40046210 0 returned -14
[  765.397788][ T5288] 8021q: adding VLAN 0 to HW filter on device eth3
[  767.820705][ T5288] 8021q: adding VLAN 0 to HW filter on device eth4
[  771.454955][T17925] netlink: 290 bytes leftover after parsing attributes in process `syz.2.2761'.
[  775.199151][T17977] NFSD: Failed to start, no listeners configured.
[  775.682921][T17982] NFSD: Failed to start, no listeners configured.
[  778.223591][T18023] futex_wake_op: syz.3.2783 tries to shift op by -2048; fix this program
[  778.302832][T18023] binder: 18022:18023 ioctl 40046210 0 returned -14
[  778.846650][T18032] snd_virmidi snd_virmidi.0: control 61678:131081:-1:yª:3 is already present
[  778.898282][T18029] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.2785: bg 5: bad block bitmap checksum
[  778.960318][T18029] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 74
[  779.049827][T18029] EXT4-fs (sda1): This should not happen!! Data will be lost
[  779.049827][T18029] 
[  779.905769][T18042] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2786'.
[  780.178697][T18047] futex_wake_op: syz.2.2788 tries to shift op by -2048; fix this program
[  780.237047][T18047] binder: 18046:18047 ioctl 40046210 0 returned -14
[  780.634697][T18049] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off
[  780.830536][T18049] pci 0000:00:01.3: PCI INT A: no GSI
[  781.195864][T18068] NFSD: Failed to start, no listeners configured.
[  782.148906][T18081] vhci_hcd vhci_hcd.1: invalid port number 16
[  782.204972][T18081] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[  782.675522][T18095] futex_wake_op: syz.2.2799 tries to shift op by -2048; fix this program
[  782.732601][T18097] binder: 18093:18097 ioctl 40046210 0 returned -14
[  784.468269][T18144] random: crng reseeded on system resumption
[  785.311404][T18140] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.815080][T18140] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.018851][T18140] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.245236][T18140] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  786.621526][T18185] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2816'.
[  788.030483][T18216] FAULT_INJECTION: forcing a failure.
[  788.030483][T18216] name failslab, interval 1, probability 0, space 0, times 0
[  788.100971][T18216] CPU: 0 UID: 0 PID: 18216 Comm: syz.3.2823 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  788.101004][T18216] Tainted: [L]=SOFTLOCKUP
[  788.101011][T18216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  788.101024][T18216] Call Trace:
[  788.101031][T18216]  <TASK>
[  788.101039][T18216]  dump_stack_lvl+0x100/0x190
[  788.101068][T18216]  should_fail_ex.cold+0x5/0xa
[  788.101095][T18216]  should_failslab+0xc2/0x120
[  788.101119][T18216]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  788.101153][T18216]  ? __d_alloc+0x34/0xa40
[  788.101186][T18216]  __d_alloc+0x34/0xa40
[  788.101215][T18216]  d_alloc+0x4a/0x1e0
[  788.101243][T18216]  lookup_one_qstr_excl+0x171/0x250
[  788.101277][T18216]  start_dirop+0x59/0xb0
[  788.101300][T18216]  simple_start_creating+0xf9/0x110
[  788.101324][T18216]  ? __pfx_simple_start_creating+0x10/0x10
[  788.101350][T18216]  ? mntput+0x70/0xa0
[  788.101370][T18216]  ? simple_pin_fs+0xa3/0x190
[  788.101391][T18216]  debugfs_start_creating.part.0+0x82/0x170
[  788.101424][T18216]  __debugfs_create_file+0xb3/0x4f0
[  788.101458][T18216]  debugfs_create_file_full+0x41/0x60
[  788.101492][T18216]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  788.101517][T18216]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  788.101562][T18216]  ? lockdep_init_map_type+0x5c/0x250
[  788.101586][T18216]  preinit_net.part.0+0x43b/0x920
[  788.101610][T18216]  copy_net_ns+0x339/0x7c0
[  788.101636][T18216]  create_new_namespaces+0x3ea/0xac0
[  788.101668][T18216]  unshare_nsproxy_namespaces+0xf2/0x220
[  788.101699][T18216]  ksys_unshare+0x438/0xab0
[  788.101731][T18216]  ? __pfx_ksys_unshare+0x10/0x10
[  788.101761][T18216]  ? xfd_validate_state+0x129/0x190
[  788.101781][T18216]  ? ksys_write+0x1ac/0x250
[  788.101811][T18216]  __x64_sys_unshare+0x31/0x40
[  788.101841][T18216]  do_syscall_64+0x10b/0xf80
[  788.101865][T18216]  ? clear_bhb_loop+0x40/0x90
[  788.101900][T18216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.101922][T18216] RIP: 0033:0x7febe3d9cdd9
[  788.101938][T18216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.101959][T18216] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  788.101979][T18216] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  788.101993][T18216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  788.102005][T18216] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  788.102018][T18216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  788.102030][T18216] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  788.102056][T18216]  </TASK>
[  788.426279][T18220] FAULT_INJECTION: forcing a failure.
[  788.426279][T18220] name failslab, interval 1, probability 0, space 0, times 0
[  788.439100][T18220] CPU: 0 UID: 0 PID: 18220 Comm: syz.3.2823 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  788.439137][T18220] Tainted: [L]=SOFTLOCKUP
[  788.439145][T18220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  788.439160][T18220] Call Trace:
[  788.439168][T18220]  <TASK>
[  788.439176][T18220]  dump_stack_lvl+0x100/0x190
[  788.439205][T18220]  should_fail_ex.cold+0x5/0xa
[  788.439237][T18220]  should_failslab+0xc2/0x120
[  788.439264][T18220]  __kmalloc_cache_noprof+0x7a/0x6f0
[  788.439299][T18220]  ? refill_pi_state_cache+0x91/0x260
[  788.439336][T18220]  refill_pi_state_cache+0x91/0x260
[  788.439368][T18220]  futex_lock_pi+0x16d/0x7a0
[  788.439402][T18220]  ? __pfx_futex_lock_pi+0x10/0x10
[  788.439436][T18220]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  788.439494][T18220]  ? __pfx_futex_wake_mark+0x10/0x10
[  788.439532][T18220]  ? __get_user_nocheck_8+0x20/0x20
[  788.439557][T18220]  ? do_vfs_ioctl+0x226/0x13e0
[  788.439595][T18220]  do_futex+0x18a/0x350
[  788.439619][T18220]  ? __pfx_do_futex+0x10/0x10
[  788.439644][T18220]  ? find_held_lock+0x2b/0x80
[  788.439676][T18220]  __x64_sys_futex+0x34f/0x4d0
[  788.439703][T18220]  ? __pfx___x64_sys_futex+0x10/0x10
[  788.439732][T18220]  ? rcu_is_watching+0x12/0xc0
[  788.439761][T18220]  do_syscall_64+0x10b/0xf80
[  788.439787][T18220]  ? clear_bhb_loop+0x40/0x90
[  788.439813][T18220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.439835][T18220] RIP: 0033:0x7febe3d9cdd9
[  788.439859][T18220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  788.439881][T18220] RSP: 002b:00007febe4c14028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  788.439919][T18220] RAX: ffffffffffffffda RBX: 00007febe4016090 RCX: 00007febe3d9cdd9
[  788.439935][T18220] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000
[  788.439948][T18220] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 000000008000fff5
[  788.439963][T18220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  788.439977][T18220] R13: 00007febe4016128 R14: 00007febe4016090 R15: 00007ffcd2305a68
[  788.440006][T18220]  </TASK>
[  788.946237][T18222] NFSD: Failed to start, no listeners configured.
[  789.272898][T18234] input: f¬
 as /devices/virtual/input/input8
[  789.431291][T18229] FAULT_INJECTION: forcing a failure.
[  789.431291][T18229] name failslab, interval 1, probability 0, space 0, times 0
[  789.485381][T18241] NFSD: Failed to start, no listeners configured.
[  789.562234][T18234] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2827'.
[  789.596863][T18229] CPU: 0 UID: 0 PID: 18229 Comm: syz.4.2826 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  789.596894][T18229] Tainted: [L]=SOFTLOCKUP
[  789.596904][T18229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  789.596916][T18229] Call Trace:
[  789.596923][T18229]  <TASK>
[  789.596930][T18229]  dump_stack_lvl+0x100/0x190
[  789.596955][T18229]  should_fail_ex.cold+0x5/0xa
[  789.596981][T18229]  should_failslab+0xc2/0x120
[  789.597004][T18229]  __kmalloc_cache_node_noprof+0x7d/0x770
[  789.597025][T18229]  ? __get_vm_area_node+0x101/0x330
[  789.597053][T18229]  __get_vm_area_node+0x101/0x330
[  789.597080][T18229]  __vmalloc_node_range_noprof+0x228/0x1630
[  789.597107][T18229]  ? kernel_clone+0x12e/0x9c0
[  789.597142][T18229]  ? kernel_clone+0x12e/0x9c0
[  789.597175][T18229]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  789.597207][T18229]  ? rcu_is_watching+0x12/0xc0
[  789.597231][T18229]  ? trace_kmem_cache_alloc+0xd5/0x100
[  789.597256][T18229]  ? kernel_clone+0x12e/0x9c0
[  789.597282][T18229]  __vmalloc_node_noprof+0xad/0xf0
[  789.597308][T18229]  ? kernel_clone+0x12e/0x9c0
[  789.597337][T18229]  copy_process+0x7fb/0x7fa0
[  789.597363][T18229]  ? _kstrtoull+0x13c/0x1f0
[  789.597386][T18229]  ? __pfx__kstrtoull+0x10/0x10
[  789.597419][T18229]  ? __pfx_copy_process+0x10/0x10
[  789.597452][T18229]  ? _copy_from_user+0x59/0xd0
[  789.597486][T18229]  kernel_clone+0x12e/0x9c0
[  789.597512][T18229]  ? get_pid_task+0xfc/0x250
[  789.597543][T18229]  ? __pfx_kernel_clone+0x10/0x10
[  789.597575][T18229]  ? find_held_lock+0x2b/0x80
[  789.597606][T18229]  __do_sys_clone3+0x214/0x290
[  789.597634][T18229]  ? __pfx___do_sys_clone3+0x10/0x10
[  789.597673][T18229]  ? __fget_files+0x21f/0x3d0
[  789.597707][T18229]  ? rcu_is_watching+0x12/0xc0
[  789.597733][T18229]  do_syscall_64+0x10b/0xf80
[  789.597756][T18229]  ? clear_bhb_loop+0x40/0x90
[  789.597781][T18229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.597800][T18229] RIP: 0033:0x7f0c9bb9cdd9
[  789.597821][T18229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  789.597840][T18229] RSP: 002b:00007f0c9cac3ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  789.597858][T18229] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0c9bb9cdd9
[  789.597871][T18229] RDX: 00007f0c9cac3f10 RSI: 0000000000000058 RDI: 00007f0c9cac3f10
[  789.597883][T18229] RBP: 00007f0c9cac4090 R08: 0000000000000000 R09: 0000000000000058
[  789.597895][T18229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  789.597906][T18229] R13: 00007f0c9be16128 R14: 00007f0c9be16090 R15: 00007fff44fa5368
[  789.597931][T18229]  </TASK>
[  789.598085][T18229] syz.4.2826: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  790.496065][T18255] nfs: Unknown parameter './file0'
[  790.936747][T18261] NFSD: Failed to start, no listeners configured.
[  791.269142][T18269] futex_wake_op: syz.2.2838 tries to shift op by -2048; fix this program
[  791.315632][T18269] binder: 18267:18269 ioctl 40046210 0 returned -14
[  792.382226][T18229] ,cpuset=/,mems_allowed=0-1
[  792.436463][T18229] CPU: 0 UID: 0 PID: 18229 Comm: syz.4.2826 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.436496][T18229] Tainted: [L]=SOFTLOCKUP
[  792.436503][T18229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  792.436516][T18229] Call Trace:
[  792.436523][T18229]  <TASK>
[  792.436535][T18229]  dump_stack_lvl+0x100/0x190
[  792.436563][T18229]  warn_alloc.cold+0x95/0x1c1
[  792.436585][T18229]  ? __pfx_warn_alloc+0x10/0x10
[  792.436617][T18229]  ? trace_kmalloc+0xe3/0x110
[  792.436643][T18229]  ? __kmalloc_cache_node_noprof+0x2d9/0x770
[  792.436669][T18229]  ? __kasan_kmalloc+0x8a/0xb0
[  792.436689][T18229]  ? __get_vm_area_node+0x208/0x330
[  792.436721][T18229]  __vmalloc_node_range_noprof+0xccd/0x1630
[  792.436758][T18229]  ? kernel_clone+0x12e/0x9c0
[  792.436794][T18229]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  792.436828][T18229]  ? rcu_is_watching+0x12/0xc0
[  792.436853][T18229]  ? trace_kmem_cache_alloc+0xd5/0x100
[  792.436880][T18229]  ? kernel_clone+0x12e/0x9c0
[  792.436908][T18229]  __vmalloc_node_noprof+0xad/0xf0
[  792.436935][T18229]  ? kernel_clone+0x12e/0x9c0
[  792.436966][T18229]  copy_process+0x7fb/0x7fa0
[  792.436993][T18229]  ? _kstrtoull+0x13c/0x1f0
[  792.437018][T18229]  ? __pfx__kstrtoull+0x10/0x10
[  792.437064][T18229]  ? __pfx_copy_process+0x10/0x10
[  792.437098][T18229]  ? _copy_from_user+0x59/0xd0
[  792.437132][T18229]  kernel_clone+0x12e/0x9c0
[  792.437158][T18229]  ? get_pid_task+0xfc/0x250
[  792.437189][T18229]  ? __pfx_kernel_clone+0x10/0x10
[  792.437221][T18229]  ? find_held_lock+0x2b/0x80
[  792.437263][T18229]  __do_sys_clone3+0x214/0x290
[  792.437291][T18229]  ? __pfx___do_sys_clone3+0x10/0x10
[  792.437331][T18229]  ? __fget_files+0x21f/0x3d0
[  792.437365][T18229]  ? rcu_is_watching+0x12/0xc0
[  792.437391][T18229]  do_syscall_64+0x10b/0xf80
[  792.437415][T18229]  ? clear_bhb_loop+0x40/0x90
[  792.437438][T18229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.437458][T18229] RIP: 0033:0x7f0c9bb9cdd9
[  792.437473][T18229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  792.437495][T18229] RSP: 002b:00007f0c9cac3ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  792.437514][T18229] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0c9bb9cdd9
[  792.437531][T18229] RDX: 00007f0c9cac3f10 RSI: 0000000000000058 RDI: 00007f0c9cac3f10
[  792.437543][T18229] RBP: 00007f0c9cac4090 R08: 0000000000000000 R09: 0000000000000058
[  792.437555][T18229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  792.437567][T18229] R13: 00007f0c9be16128 R14: 00007f0c9be16090 R15: 00007fff44fa5368
[  792.437591][T18229]  </TASK>
[  792.983267][T18229] Mem-Info:
[  792.999700][T18229] active_anon:15755 inactive_anon:2192 isolated_anon:1319
[  792.999700][T18229]  active_file:9598 inactive_file:46683 isolated_file:0
[  792.999700][T18229]  unevictable:768 dirty:1525 writeback:0
[  792.999700][T18229]  slab_reclaimable:11654 slab_unreclaimable:95429
[  792.999700][T18229]  mapped:37563 shmem:11971 pagetables:1659
[  792.999700][T18229]  sec_pagetables:0 bounce:0
[  792.999700][T18229]  kernel_misc_reclaimable:0
[  792.999700][T18229]  free:1116766 free_pcp:4384 free_cma:0
[  793.287525][T18229] Node 0 active_anon:56780kB inactive_anon:8768kB active_file:38356kB inactive_file:186600kB unevictable:1536kB isolated(anon):5272kB isolated(file):0kB mapped:150324kB dirty:6128kB writeback:0kB shmem:35868kB shmem_thp:4096kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:12096kB pagetables:6652kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  793.433236][T18229] Node 1 active_anon:0kB inactive_anon:0kB active_file:40kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB
[  793.516461][T18229] Node 0 DMA free:11264kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  793.582038][T18229] lowmem_reserve[]: 0 2477 2479 2479 2479
[  793.599291][T18229] Node 0 DMA32 free:690780kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:62084kB inactive_anon:8768kB active_file:38356kB inactive_file:186600kB unevictable:1536kB writepending:6128kB zspages:28kB present:3129332kB managed:2537436kB mlocked:0kB bounce:0kB free_pcp:20200kB local_pcp:20200kB free_cma:0kB
[  793.637377][T18280] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  793.645212][T18280] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  793.669456][T18280] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  793.691388][T18280] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  793.758176][T18229] lowmem_reserve[]: 0 0 1 1 1
[  793.778842][T18229] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1104kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  793.939380][T18229] lowmem_reserve[]: 0 0 0 0 0
[  793.974158][T18229] Node 1 Normal free:3764240kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:40kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4308kB local_pcp:4308kB free_cma:0kB
[  794.070984][T14346] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  794.113802][T14346] EXT4-fs (sda1): This should not happen!! Data will be lost
[  794.113802][T14346] 
[  794.138593][T18229] lowmem_reserve[]: 0 0 0 0 0
[  794.151590][T18229] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 2*4096kB (M) = 11264kB
[  794.197906][T18229] Node 0 DMA32: 5205*4kB (UME) 4570*8kB (UME) 2409*16kB (UME) 969*32kB (UME) 624*64kB (UME) 347*128kB (UME) 324*256kB (UME) 176*512kB (UME) 79*1024kB (UM) 17*2048kB (UM) 46*4096kB (M) = 688468kB
[  794.289809][T18229] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  794.356817][T18229] Node 1 Normal: 5*4kB (UM) 7*8kB (UM) 7*16kB (UM) 10*32kB (UM) 7*64kB (UM) 3*128kB (U) 1*256kB (M) 3*512kB (UM) 1*1024kB (M) 2*2048kB (U) 917*4096kB (UM) = 3764284kB
[  794.455573][T18229] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  794.514960][T18229] Node 0 hugepages_total=8 hugepages_free=7 hugepages_surp=0 hugepages_size=2048kB
[  794.571675][T18229] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  794.631124][T18229] Node 1 hugepages_total=7 hugepages_free=7 hugepages_surp=0 hugepages_size=2048kB
[  794.681953][T18229] 62566 total pagecache pages
[  794.725644][T18229] 31 pages in swap cache
[  794.746454][T18229] Free swap  = 119516kB
[  794.766319][T18229] Total swap = 124996kB
[  794.788038][T18229] 2097051 pages RAM
[  794.812330][T18229] 0 pages HighMem/MovableOnly
[  794.838201][T18229] 430801 pages reserved
[  794.865313][T18229] 0 pages cma reserved
[  795.657022][T18307] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[  795.714758][ T9145] Bluetooth: hci0: command 0x0c1a tx timeout
[  795.721009][ T9145] Bluetooth: hci2: command 0x0c1a tx timeout
[  795.727066][ T9145] Bluetooth: hci1: command 0x0c1a tx timeout
[  795.733099][ T9145] Bluetooth: hci4: command 0x0c1a tx timeout
[  795.764656][T18307] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  797.794477][T18311] Bluetooth: hci2: command 0x0c1a tx timeout
[  798.422343][T18356] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2856'.
[  799.115455][T18372] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2860'.
[  799.196035][T18372] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2860'.
[  799.293058][T18372] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2860'.
[  799.870726][T18385] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2862'.
[  802.431514][T18427] netlink: 290 bytes leftover after parsing attributes in process `syz.4.2872'.
[  802.862630][T18437] NFSD: Failed to start, no listeners configured.
[  802.920468][T18311] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  803.022815][T18439] futex_wake_op: syz.4.2874 tries to shift op by -1984; fix this program
[  803.369752][T18450] FAULT_INJECTION: forcing a failure.
[  803.369752][T18450] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  803.489562][T18450] CPU: 0 UID: 0 PID: 18450 Comm: syz.3.2877 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  803.489599][T18450] Tainted: [L]=SOFTLOCKUP
[  803.489606][T18450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  803.489621][T18450] Call Trace:
[  803.489639][T18450]  <TASK>
[  803.489646][T18450]  dump_stack_lvl+0x100/0x190
[  803.489678][T18450]  should_fail_ex.cold+0x5/0xa
[  803.489699][T18450]  ? prepare_alloc_pages+0x16d/0x5f0
[  803.489729][T18450]  should_fail_alloc_page+0xeb/0x140
[  803.489754][T18450]  prepare_alloc_pages+0x1f0/0x5f0
[  803.489782][T18450]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  803.489818][T18450]  ? __lock_acquire+0x4a5/0x2630
[  803.489842][T18450]  ? __lock_acquire+0x4a5/0x2630
[  803.489862][T18450]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  803.489904][T18450]  ? is_bpf_text_address+0x8a/0x1a0
[  803.489931][T18450]  ? is_bpf_text_address+0x8a/0x1a0
[  803.489958][T18450]  ? bpf_ksym_find+0x124/0x1c0
[  803.489978][T18450]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  803.490008][T18450]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  803.490043][T18450]  ? policy_nodemask+0xed/0x4f0
[  803.490085][T18450]  alloc_pages_mpol+0x1fb/0x540
[  803.490113][T18450]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  803.490147][T18450]  folio_alloc_mpol_noprof+0x36/0x260
[  803.490184][T18450]  shmem_alloc_folio+0x135/0x160
[  803.490219][T18450]  shmem_alloc_and_add_folio+0x371/0xd40
[  803.490264][T18450]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  803.490304][T18450]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  803.490349][T18450]  shmem_get_folio_gfp+0x6ab/0x1900
[  803.490393][T18450]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  803.490432][T18450]  ? filemap_map_pages+0x9c1/0x2140
[  803.490475][T18450]  shmem_fault+0x1f9/0xa20
[  803.490498][T18450]  ? __pfx_shmem_fault+0x10/0x10
[  803.490537][T18450]  ? tomoyo_check_open_permission+0x1db/0x3c0
[  803.490563][T18450]  ? __pfx_filemap_map_pages+0x10/0x10
[  803.490604][T18450]  ? find_held_lock+0x2b/0x80
[  803.490636][T18450]  __do_fault+0x10b/0x440
[  803.490667][T18450]  do_fault+0xa99/0x1750
[  803.490701][T18450]  __handle_mm_fault+0x187d/0x2a00
[  803.490740][T18450]  ? mt_find+0x45e/0x8e0
[  803.490772][T18450]  ? __pfx___handle_mm_fault+0x10/0x10
[  803.490805][T18450]  ? __pfx_mt_find+0x10/0x10
[  803.490850][T18450]  ? find_vma+0xbf/0x140
[  803.490874][T18450]  ? __pfx_find_vma+0x10/0x10
[  803.490902][T18450]  handle_mm_fault+0x36d/0xa20
[  803.490941][T18450]  do_user_addr_fault+0x74c/0x12f0
[  803.490973][T18450]  ? trace_page_fault_kernel+0x7a/0x200
[  803.491003][T18450]  exc_page_fault+0x6f/0xd0
[  803.491031][T18450]  asm_exc_page_fault+0x26/0x30
[  803.491054][T18450] RIP: 0010:rep_movs_alternative+0xf/0x90
[  803.491090][T18450] Code: c4 10 e9 84 9b 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 9b 04 00 66 66
[  803.491113][T18450] RSP: 0018:ffffc90003d9fbd0 EFLAGS: 00050202
[  803.491131][T18450] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004
[  803.491145][T18450] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003d9fcf0
[  803.491159][T18450] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520007b3f9e
[  803.491172][T18450] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[  803.491186][T18450] R13: ffffc90003d9fcf0 R14: 0000000000000000 R15: 0000000000000000
[  803.491213][T18450]  _copy_from_user+0x98/0xd0
[  803.491252][T18450]  copy_from_sockptr_offset.constprop.0+0x12c/0x150
[  803.491285][T18450]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  803.491325][T18450]  do_sock_getsockopt+0x530/0x6e0
[  803.491363][T18450]  ? __lock_acquire+0x4a5/0x2630
[  803.491397][T18450]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  803.491421][T18450]  ? find_held_lock+0x2b/0x80
[  803.491445][T18450]  ? ksys_write+0x190/0x250
[  803.491472][T18450]  ? find_held_lock+0x2b/0x80
[  803.491504][T18450]  ? __fget_files+0x21f/0x3d0
[  803.491532][T18450]  __sys_getsockopt+0x133/0x1d0
[  803.491552][T18450]  ? __pfx_ksys_write+0x10/0x10
[  803.491577][T18450]  ? __x64_sys_getsockopt+0xbd/0x160
[  803.491594][T18450]  __x64_sys_getsockopt+0xbd/0x160
[  803.491612][T18450]  ? do_syscall_64+0x90/0xf80
[  803.491635][T18450]  ? lockdep_hardirqs_on+0x78/0x100
[  803.491662][T18450]  do_syscall_64+0x10b/0xf80
[  803.491684][T18450]  ? clear_bhb_loop+0x40/0x90
[  803.491708][T18450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.491728][T18450] RIP: 0033:0x7febe3d9cdd9
[  803.491742][T18450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  803.491761][T18450] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  803.491779][T18450] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  803.491791][T18450] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000002
[  803.491803][T18450] RBP: 00007febe4c35090 R08: 0000000000000000 R09: 0000000000000000
[  803.491814][T18450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  803.491826][T18450] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  803.491850][T18450]  </TASK>
[  804.734003][T18468] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2883'.
[  804.965360][T18477] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  807.079719][T18502] netlink: 201 bytes leftover after parsing attributes in process `syz.1.2891'.
[  807.446277][T12377] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13
[  810.100880][ T9267] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  811.181240][T18563] snd_virmidi snd_virmidi.0: control 61646:131081:-1:yª:3 is already present
[  811.619901][T18567] NFSD: Failed to start, no listeners configured.
[  812.142692][T18574] NFSD: Failed to start, no listeners configured.
[  812.245817][T18576] futex_wake_op: syz.4.2909 tries to shift op by -2048; fix this program
[  812.310410][T18576] binder: 18575:18576 ioctl 40046210 0 returned -14
[  812.650070][T18583] nbd: must specify a size in bytes for the device
[  814.268082][T18601] NFSD: Failed to start, no listeners configured.
[  816.906192][T18610] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  817.036296][T18610] EXT4-fs (sda1): This should not happen!! Data will be lost
[  817.036296][T18610] 
[  818.311738][T14357] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  818.371768][T14357] EXT4-fs (sda1): This should not happen!! Data will be lost
[  818.371768][T14357] 
[  819.269124][T18667] netlink: 201 bytes leftover after parsing attributes in process `syz.1.2933'.
[  819.572228][T18675] nbd: must specify a size in bytes for the device
[  820.612477][T18695] futex_wake_op: syz.1.2941 tries to shift op by -2048; fix this program
[  820.654946][T18695] binder: 18694:18695 ioctl 40046210 0 returned -14
[  821.722614][T18713] NFSD: Failed to start, no listeners configured.
[  822.370776][T18729] futex_wake_op: syz.2.2950 tries to shift op by -2048; fix this program
[  822.462593][T18729] futex_wake_op: syz.2.2950 tries to shift op by -2048; fix this program
[  823.079528][T14357] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  823.177096][T14357] EXT4-fs (sda1): This should not happen!! Data will be lost
[  823.177096][T14357] 
[  823.687870][   T30] audit: type=1800 audit(1843106911.566:16): pid=18748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2955" name="discovery_nqn" dev="configfs" ino=71678 res=0 errno=0
[  824.100917][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  824.196040][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  824.196040][ T9267] 
[  824.540510][ T9267] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  824.631878][ T9267] EXT4-fs (sda1): This should not happen!! Data will be lost
[  824.631878][ T9267] 
[  824.961623][T14344] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  825.067213][T14344] EXT4-fs (sda1): This should not happen!! Data will be lost
[  825.067213][T14344] 
[  827.358582][T18807] netlink: 4607 bytes leftover after parsing attributes in process `syz.3.2964'.
[  827.511782][T18802] binder: 18796:18802 ioctl c0306201 200000001100 returned -14
[  827.872946][T18809] could not allocate digest TFM handle 
[  829.114787][T14344] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  829.189729][T14344] EXT4-fs (sda1): This should not happen!! Data will be lost
[  829.189729][T14344] 
[  834.677835][T18913] __vm_enough_memory: pid: 18913, comm: syz.2.2991, bytes: 4398046511104 not enough memory for the allocation
[  834.960154][T18930] nbd: must specify a size in bytes for the device
[  835.702986][T18917] GUP no longer grows the stack in syz.4.2989 (18917): 2000-403000 (0)
[  835.753978][T18938] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  835.844854][T18917] CPU: 0 UID: 0 PID: 18917 Comm: syz.4.2989 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  835.844886][T18917] Tainted: [L]=SOFTLOCKUP
[  835.844893][T18917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  835.844906][T18917] Call Trace:
[  835.844913][T18917]  <TASK>
[  835.844920][T18917]  dump_stack_lvl+0x100/0x190
[  835.844946][T18917]  gup_vma_lookup.cold+0x83/0x96
[  835.844978][T18917]  __get_user_pages+0x241/0x32a0
[  835.845011][T18917]  ? down_read_killable+0x307/0x4b0
[  835.845042][T18917]  ? __pfx___get_user_pages+0x10/0x10
[  835.845075][T18917]  __gup_longterm_locked+0x87d/0x16f0
[  835.845107][T18917]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  835.845137][T18917]  ? __pfx___gup_longterm_locked+0x10/0x10
[  835.845167][T18917]  ? find_held_lock+0x2b/0x80
[  835.845193][T18917]  ? gup_fast_fallback+0x7e8/0x2790
[  835.845219][T18917]  ? rcu_is_watching+0x12/0xc0
[  835.845247][T18917]  gup_fast_fallback+0x16dc/0x2790
[  835.845290][T18917]  ? __pfx_gup_fast_fallback+0x10/0x10
[  835.845328][T18917]  get_user_pages_fast+0xa7/0xf0
[  835.845354][T18917]  ? __pfx_get_user_pages_fast+0x10/0x10
[  835.845381][T18917]  ? futex_unqueue+0x13d/0x2c0
[  835.845406][T18917]  get_futex_key+0x2c8/0x1510
[  835.845428][T18917]  ? __pfx_get_futex_key+0x10/0x10
[  835.845449][T18917]  ? __pfx_futex_wake_mark+0x10/0x10
[  835.845481][T18917]  futex_wake_op+0x12d/0xdc0
[  835.845514][T18917]  ? __pfx_futex_wake_op+0x10/0x10
[  835.845543][T18917]  ? __pfx_futex_wait+0x10/0x10
[  835.845583][T18917]  do_futex+0x2f1/0x350
[  835.845606][T18917]  ? __pfx_do_futex+0x10/0x10
[  835.845630][T18917]  ? fput+0x79/0x100
[  835.845659][T18917]  __x64_sys_futex+0x34f/0x4d0
[  835.845685][T18917]  ? __pfx___x64_sys_futex+0x10/0x10
[  835.845712][T18917]  ? rcu_is_watching+0x12/0xc0
[  835.845739][T18917]  do_syscall_64+0x10b/0xf80
[  835.845764][T18917]  ? clear_bhb_loop+0x40/0x90
[  835.845789][T18917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.845810][T18917] RIP: 0033:0x7f0c9bb9cdd9
[  835.845826][T18917] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  835.845846][T18917] RSP: 002b:00007f0c9caa3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  835.845866][T18917] RAX: ffffffffffffffda RBX: 00007f0c9be16180 RCX: 00007f0c9bb9cdd9
[  835.845879][T18917] RDX: 000000000000003d RSI: 0000000000000005 RDI: 0000000000000000
[  835.845891][T18917] RBP: 00007f0c9bc32d69 R08: 0000000000000000 R09: 0000000000000000
[  835.845904][T18917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  835.845917][T18917] R13: 00007f0c9be16218 R14: 00007f0c9be16180 R15: 00007fff44fa5368
[  835.845943][T18917]  </TASK>
[  836.230574][T18917] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  836.243111][T18917] EXT4-fs (sda1): This should not happen!! Data will be lost
[  836.243111][T18917] 
[  839.478618][T18987] futex_wake_op: syz.3.3009 tries to shift op by -2048; fix this program
[  839.517621][T18984] random: crng reseeded on system resumption
[  839.527090][T18987] binder: 18986:18987 ioctl 40046210 0 returned -14
[  840.022801][   T30] audit: type=1326 audit(1843106927.896:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18995 comm="syz.1.3012" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f939f79cdd9 code=0x0
[  841.078019][T14357] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  841.163048][T14357] EXT4-fs (sda1): This should not happen!! Data will be lost
[  841.163048][T14357] 
[  842.938131][T14344] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 0 with max blocks 1 with error 117
[  843.071352][T14344] EXT4-fs (sda1): This should not happen!! Data will be lost
[  843.071352][T14344] 
[  843.916356][T19068] netlink: 'syz.2.3022': attribute type 11 has an invalid length.
[  845.140005][T19099] NFSD: Failed to start, no listeners configured.
[  845.529591][T19104] futex_wake_op: syz.2.3027 tries to shift op by -2048; fix this program
[  845.602249][T19104] futex_wake_op: syz.2.3027 tries to shift op by -2048; fix this program
[  845.797117][T19111] NFSD: Failed to start, no listeners configured.
[  846.238267][T19124] FAULT_INJECTION: forcing a failure.
[  846.238267][T19124] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  846.321055][T19124] CPU: 0 UID: 0 PID: 19124 Comm: syz.3.3031 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  846.321087][T19124] Tainted: [L]=SOFTLOCKUP
[  846.321094][T19124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  846.321106][T19124] Call Trace:
[  846.321113][T19124]  <TASK>
[  846.321120][T19124]  dump_stack_lvl+0x100/0x190
[  846.321146][T19124]  should_fail_ex.cold+0x5/0xa
[  846.321167][T19124]  ? prepare_alloc_pages+0x16d/0x5f0
[  846.321195][T19124]  should_fail_alloc_page+0xeb/0x140
[  846.321219][T19124]  prepare_alloc_pages+0x1f0/0x5f0
[  846.321257][T19124]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  846.321289][T19124]  ? ima_match_policy+0x8c4/0x2350
[  846.321314][T19124]  ? __lock_acquire+0x4a5/0x2630
[  846.321340][T19124]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  846.321378][T19124]  ? __pfx___might_resched+0x10/0x10
[  846.321401][T19124]  ? find_held_lock+0x2b/0x80
[  846.321432][T19124]  ? vma_is_special_huge+0x23f/0x2d0
[  846.321455][T19124]  ? __pfx_vma_is_special_huge+0x10/0x10
[  846.321477][T19124]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  846.321508][T19124]  ? policy_nodemask+0xed/0x4f0
[  846.321532][T19124]  alloc_pages_mpol+0x1fb/0x540
[  846.321556][T19124]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  846.321580][T19124]  ? __lock_acquire+0x4a5/0x2630
[  846.321599][T19124]  ? __pfx___thp_vma_allowable_orders+0x10/0x10
[  846.321629][T19124]  alloc_pages_noprof+0x1a/0x160
[  846.321655][T19124]  __pmd_alloc+0x3b/0x950
[  846.321683][T19124]  __handle_mm_fault+0xa9c/0x2a00
[  846.321716][T19124]  ? mt_find+0x45e/0x8e0
[  846.321742][T19124]  ? __pfx___handle_mm_fault+0x10/0x10
[  846.321770][T19124]  ? __pfx_mt_find+0x10/0x10
[  846.321808][T19124]  ? find_vma+0xbf/0x140
[  846.321829][T19124]  ? __pfx_find_vma+0x10/0x10
[  846.321852][T19124]  handle_mm_fault+0x36d/0xa20
[  846.321886][T19124]  do_user_addr_fault+0x74c/0x12f0
[  846.321913][T19124]  ? trace_page_fault_kernel+0x7a/0x200
[  846.321938][T19124]  exc_page_fault+0x6f/0xd0
[  846.321962][T19124]  asm_exc_page_fault+0x26/0x30
[  846.321982][T19124] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  846.322013][T19124] Code: 9b 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  846.322032][T19124] RSP: 0018:ffffc900037a7b98 EFLAGS: 00050206
[  846.322048][T19124] RAX: 0000000000000001 RBX: ffff88807c270000 RCX: 0000000000001000
[  846.322060][T19124] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807c270000
[  846.322072][T19124] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100f84e1ff
[  846.322084][T19124] R10: ffff88807c270fff R11: 0000000000000000 R12: ffffc900037a7d80
[  846.322096][T19124] R13: 0000000000000000 R14: 0000000000001000 R15: 0000000000000000
[  846.322120][T19124]  _copy_from_iter+0x355/0x1690
[  846.322144][T19124]  ? __pfx__copy_from_iter+0x10/0x10
[  846.322176][T19124]  ? rcu_is_watching+0x12/0xc0
[  846.322199][T19124]  ? trace_kmalloc+0xe3/0x110
[  846.322225][T19124]  ? __kasan_kmalloc+0xaa/0xb0
[  846.322244][T19124]  ? __kmalloc_noprof+0x320/0x850
[  846.322280][T19124]  kernfs_fop_write_iter+0x186/0x5f0
[  846.322312][T19124]  vfs_write+0x6ac/0x1070
[  846.322335][T19124]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  846.322364][T19124]  ? __pfx_vfs_write+0x10/0x10
[  846.322401][T19124]  ksys_write+0x12a/0x250
[  846.322423][T19124]  ? __pfx_ksys_write+0x10/0x10
[  846.322446][T19124]  ? rcu_is_watching+0x12/0xc0
[  846.322472][T19124]  do_syscall_64+0x10b/0xf80
[  846.322495][T19124]  ? clear_bhb_loop+0x40/0x90
[  846.322519][T19124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.322538][T19124] RIP: 0033:0x7febe3d9cdd9
[  846.322553][T19124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  846.322572][T19124] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  846.322589][T19124] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  846.322602][T19124] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  846.322613][T19124] RBP: 00007febe4c35090 R08: 0000000000000000 R09: 0000000000000000
[  846.322625][T19124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.322636][T19124] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  846.322661][T19124]  </TASK>
[  849.655803][T19166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3038'.
[  849.725110][T19167] netlink: 'syz.1.3038': attribute type 2 has an invalid length.
[  849.860990][T19167] netlink: 'syz.1.3038': attribute type 3 has an invalid length.
[  849.957746][T19167] netlink: 51465 bytes leftover after parsing attributes in process `syz.1.3038'.
[  850.081327][T19179] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.2.3039: Error -117 reading block bitmap for 5
[  851.714307][T19212] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3042'.
[  853.811786][T19250] NFSD: Failed to start, no listeners configured.
[  854.451145][T19262] NFSD: Failed to start, no listeners configured.
[  854.744847][T19265] futex_wake_op: syz.2.3053 tries to shift op by -2048; fix this program
[  855.110090][T19220] kexec: Could not allocate control_code_buffer
[  855.322890][T19273] NFSD: Failed to start, no listeners configured.
[  855.604001][T19279] QAT: Device 10 not found
[  857.414191][T19313] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3064'.
[  857.705416][T19317] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3065'.
[  860.120209][T19343] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3073'.
[  860.554528][T19362] NFSD: Failed to start, no listeners configured.
[  861.676785][T19383] FAULT_INJECTION: forcing a failure.
[  861.676785][T19383] name failslab, interval 1, probability 0, space 0, times 0
[  861.738903][T19383] CPU: 0 UID: 0 PID: 19383 Comm: syz.4.3084 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  861.738941][T19383] Tainted: [L]=SOFTLOCKUP
[  861.738949][T19383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  861.738964][T19383] Call Trace:
[  861.738972][T19383]  <TASK>
[  861.738987][T19383]  dump_stack_lvl+0x100/0x190
[  861.739016][T19383]  should_fail_ex.cold+0x5/0xa
[  861.739047][T19383]  should_failslab+0xc2/0x120
[  861.739076][T19383]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  861.739114][T19383]  ? prepare_creds+0x2c/0x950
[  861.739146][T19383]  prepare_creds+0x2c/0x950
[  861.739173][T19383]  __do_sys_landlock_restrict_self+0x14c/0x9e0
[  861.739212][T19383]  ? rcu_is_watching+0x12/0xc0
[  861.739245][T19383]  do_syscall_64+0x10b/0xf80
[  861.739273][T19383]  ? clear_bhb_loop+0x40/0x90
[  861.739302][T19383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.739327][T19383] RIP: 0033:0x7f0c9bb9cdd9
[  861.739346][T19383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  861.739370][T19383] RSP: 002b:00007f0c9cae5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  861.739393][T19383] RAX: ffffffffffffffda RBX: 00007f0c9be15fa0 RCX: 00007f0c9bb9cdd9
[  861.739409][T19383] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000007
[  861.739423][T19383] RBP: 00007f0c9bc32d69 R08: 0000000000000000 R09: 0000000000000000
[  861.739437][T19383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  861.739451][T19383] R13: 00007f0c9be16038 R14: 00007f0c9be15fa0 R15: 00007fff44fa5368
[  861.739481][T19383]  </TASK>
[  862.331361][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807b1c9400: rx timeout, send abort
[  862.345086][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807b1c9400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  863.741568][T19403] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  865.260779][T19432] NFSD: Failed to start, no listeners configured.
[  865.779050][T19447] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3097'.
[  866.128202][T19458] vivid-007: =================  START STATUS  =================
[  866.164262][T19458] vivid-007: Generate PTS: true
[  866.194251][T19458] vivid-007: Generate SCR: true
[  866.224267][T19458] tpg source WxH: 320x240 (Y'CbCr)
[  866.263301][T19458] tpg field: 1
[  866.286315][T19458] tpg crop: (0,0)/320x240
[  866.302566][T19464] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3100: iget: checksum invalid
[  866.331272][T19458] tpg compose: (0,0)/320x240
[  866.366286][T19458] tpg colorspace: 8
[  866.384846][T19464] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  866.400048][T19458] tpg transfer function: 0/0
[  866.425232][T19458] tpg Y'CbCr encoding: 0/0
[  866.451378][T19458] tpg quantization: 0/0
[  866.468220][T19464] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3100: iget: checksum invalid
[  866.489524][T19458] tpg RGB range: 0/2
[  866.511421][T19458] vivid-007: ==================  END STATUS  ==================
[  866.539049][T19464] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  866.577063][T19471] futex_wake_op: syz.3.3102 tries to shift op by -2048; fix this program
[  866.594404][T19464] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3100: iget: checksum invalid
[  866.633790][T19464] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  866.683078][T19464] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3100: iget: checksum invalid
[  866.732016][T19464] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  866.752143][T19474] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3103'.
[  866.789423][T19464] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  866.830178][T19464] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  867.019823][T19483] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3106'.
[  867.231545][T19488] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3107'.
[  869.517024][T19512] NFSD: Failed to start, no listeners configured.
[  870.044008][T19517] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243)
[  870.728217][T19523] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3113'.
[  870.837853][T19515] ACPI Error: Could not disable RealTimeClock events (20251212/evxfevnt-243)
[  871.459302][T19525] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3114'.
[  871.639683][T19525] i: entered promiscuous mode
[  871.714397][T19532] HfR: entered promiscuous mode
[  872.071637][T19539] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3117'.
[  873.318534][   T30] audit: type=1800 audit(1843106961.186:18): pid=19558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3120" name="file0" dev="tmpfs" ino=414 res=0 errno=0
[  873.376964][T19564] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3123'.
[  874.184519][T14357] i: left promiscuous mode
[  874.503965][T14357] HfR: left promiscuous mode
[  877.595909][T19639] HfR: entered promiscuous mode
[  886.721569][T19779] NFSD: Failed to start, no listeners configured.
[  886.756938][T19782] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  886.756938][T19782] The task syz.2.3174 (19782) triggered the difference, watch for misbehavior.
[  887.626026][T19790] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3177'.
[  888.876497][T19795] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  888.917024][T19795] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  888.946167][T19795] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  888.976412][T19795] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  889.009272][T19795] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  889.060117][T19793] FAULT_INJECTION: forcing a failure.
[  889.060117][T19793] name failslab, interval 1, probability 0, space 0, times 0
[  889.129499][T19793] CPU: 0 UID: 0 PID: 19793 Comm: syz.3.3178 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  889.129541][T19793] Tainted: [L]=SOFTLOCKUP
[  889.129550][T19793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  889.129565][T19793] Call Trace:
[  889.129572][T19793]  <TASK>
[  889.129581][T19793]  dump_stack_lvl+0x100/0x190
[  889.129613][T19793]  should_fail_ex.cold+0x5/0xa
[  889.129655][T19793]  should_failslab+0xc2/0x120
[  889.129681][T19793]  __kmalloc_cache_noprof+0x7a/0x6f0
[  889.129713][T19793]  ? __request_module+0x2c3/0x6c0
[  889.129736][T19793]  ? lockdep_hardirqs_on+0x78/0x100
[  889.129767][T19793]  __request_module+0x2c3/0x6c0
[  889.129792][T19793]  ? __pfx___request_module+0x10/0x10
[  889.129820][T19793]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  889.129856][T19793]  ? ilookup+0x189/0x210
[  889.129896][T19793]  blk_request_module+0x5c/0xc0
[  889.129929][T19793]  blkdev_get_no_open+0x9b/0xf0
[  889.129953][T19793]  bdev_file_open_by_dev+0x70/0x210
[  889.129978][T19793]  swsusp_check+0x72/0x470
[  889.130011][T19793]  software_resume+0x6f/0x330
[  889.130045][T19793]  resume_store+0x248/0x460
[  889.130071][T19793]  ? __pfx_resume_store+0x10/0x10
[  889.130104][T19793]  ? find_held_lock+0x2b/0x80
[  889.130132][T19793]  ? sysfs_file_kobj+0xe4/0x290
[  889.130177][T19793]  ? sysfs_file_kobj+0xe4/0x290
[  889.130210][T19793]  ? __pfx_resume_store+0x10/0x10
[  889.130233][T19793]  kobj_attr_store+0x58/0x80
[  889.130261][T19793]  ? __pfx_kobj_attr_store+0x10/0x10
[  889.130308][T19793]  sysfs_kf_write+0xf2/0x150
[  889.130344][T19793]  kernfs_fop_write_iter+0x3e0/0x5f0
[  889.130374][T19793]  ? __pfx_sysfs_kf_write+0x10/0x10
[  889.130411][T19793]  vfs_write+0x6ac/0x1070
[  889.130436][T19793]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  889.130470][T19793]  ? __pfx_vfs_write+0x10/0x10
[  889.130511][T19793]  ksys_write+0x12a/0x250
[  889.130535][T19793]  ? __pfx_ksys_write+0x10/0x10
[  889.130562][T19793]  ? rcu_is_watching+0x12/0xc0
[  889.130591][T19793]  do_syscall_64+0x10b/0xf80
[  889.130617][T19793]  ? clear_bhb_loop+0x40/0x90
[  889.130655][T19793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.130676][T19793] RIP: 0033:0x7febe3d9cdd9
[  889.130693][T19793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  889.130713][T19793] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  889.130732][T19793] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  889.130746][T19793] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003
[  889.130758][T19793] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  889.130770][T19793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  889.130783][T19793] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  889.130809][T19793]  </TASK>
[  890.182739][T19752] kexec: Could not allocate control_code_buffer
[  890.302582][T12377] Bluetooth: hci4: command 0x0c1a tx timeout
[  890.633229][T19814] futex_wake_op: syz.1.3184 tries to shift op by -2048; fix this program
[  890.691416][T19814] binder: 19813:19814 ioctl 40046210 0 returned -14
[  890.985438][T19818] random: crng reseeded on system resumption
[  890.997147][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  891.004410][T12377] Bluetooth: hci2: command 0x0c1a tx timeout
[  891.010920][T12377] Bluetooth: hci1: command 0x0c1a tx timeout
[  892.306552][T19842] NFSD: Failed to start, no listeners configured.
[  892.478504][T19845] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3190'.
[  892.852631][T19849] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3191'.
[  893.075298][T12377] Bluetooth: hci0: command 0x0c1a tx timeout
[  894.507540][T19889] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3198'.
[  895.371793][T19903] NFSD: Failed to start, no listeners configured.
[  895.836873][T19910] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3205'.
[  895.991149][T19910] HfR: entered promiscuous mode
[  896.261713][T12377] Bluetooth: hci2: unexpected event for opcode 0x7c89
[  897.223015][T19941] binder: 19940:19941 ioctl 40046210 0 returned -14
[  897.298001][T19939] NFSD: Failed to start, no listeners configured.
[  897.697059][T19943] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3215'.
[  897.800767][T19943] FAULT_INJECTION: forcing a failure.
[  897.800767][T19943] name failslab, interval 1, probability 0, space 0, times 0
[  897.852922][T19943] CPU: 0 UID: 0 PID: 19943 Comm: syz.1.3215 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  897.852955][T19943] Tainted: [L]=SOFTLOCKUP
[  897.852962][T19943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  897.852975][T19943] Call Trace:
[  897.852981][T19943]  <TASK>
[  897.852989][T19943]  dump_stack_lvl+0x100/0x190
[  897.853016][T19943]  should_fail_ex.cold+0x5/0xa
[  897.853042][T19943]  ? tomoyo_encode2+0xfb/0x3c0
[  897.853066][T19943]  should_failslab+0xc2/0x120
[  897.853096][T19943]  __kmalloc_noprof+0xe0/0x850
[  897.853131][T19943]  ? d_absolute_path+0x136/0x1b0
[  897.853170][T19943]  tomoyo_encode2+0xfb/0x3c0
[  897.853198][T19943]  tomoyo_encode+0x29/0x50
[  897.853221][T19943]  tomoyo_realpath_from_path+0x18c/0x690
[  897.853252][T19943]  tomoyo_path_number_perm+0x23c/0x580
[  897.853272][T19943]  ? tomoyo_path_number_perm+0x22e/0x580
[  897.853293][T19943]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  897.853322][T19943]  ? do_raw_spin_lock+0x128/0x260
[  897.853345][T19943]  ? find_held_lock+0x2b/0x80
[  897.853384][T19943]  ? current_check_access_path+0x269/0x430
[  897.853410][T19943]  ? __pfx_current_check_access_path+0x10/0x10
[  897.853433][T19943]  ? do_raw_spin_unlock+0x145/0x1e0
[  897.853459][T19943]  ? simple_lookup+0x105/0x1d0
[  897.853483][T19943]  ? lookup_one_qstr_excl+0xaf/0x250
[  897.853517][T19943]  tomoyo_path_mkdir+0x9b/0xe0
[  897.853546][T19943]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[  897.853581][T19943]  security_path_mkdir+0x154/0x2e0
[  897.853608][T19943]  filename_mkdirat+0x168/0x5e0
[  897.853638][T19943]  ? __pfx_filename_mkdirat+0x10/0x10
[  897.853665][T19943]  ? strncpy_from_user+0x19d/0x2d0
[  897.853688][T19943]  ? do_getname+0x191/0x390
[  897.853720][T19943]  __x64_sys_mkdir+0x6b/0x90
[  897.853747][T19943]  do_syscall_64+0x10b/0xf80
[  897.853771][T19943]  ? clear_bhb_loop+0x40/0x90
[  897.853797][T19943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.853818][T19943] RIP: 0033:0x7f939f79cdd9
[  897.853834][T19943] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  897.853855][T19943] RSP: 002b:00007f93a06d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  897.853874][T19943] RAX: ffffffffffffffda RBX: 00007f939fa15fa0 RCX: 00007f939f79cdd9
[  897.853888][T19943] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000200000000300
[  897.853900][T19943] RBP: 00007f939f832d69 R08: 0000000000000000 R09: 0000000000000000
[  897.853913][T19943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.853925][T19943] R13: 00007f939fa16038 R14: 00007f939fa15fa0 R15: 00007ffccd2a92b8
[  897.853951][T19943]  </TASK>
[  898.750070][T19960] snd_virmidi snd_virmidi.0: control 61646:131081:-1:yª:3 is already present
[  898.991703][T19962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3219'.
[  899.121813][T19943] ERROR: Out of memory at tomoyo_realpath_from_path.
[  899.692657][T19971] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3222'.
[  899.822354][T19976] futex_wake_op: syz.4.3224 tries to shift op by -2048; fix this program
[  899.907003][T19983] binder: 19975:19983 ioctl 40046210 0 returned -14
[  900.865094][T19999] NFSD: Failed to start, no listeners configured.
[  901.332183][T20010] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3230'.
[  901.632631][T20019] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3232'.
[  902.788955][T20033] NFSD: Failed to start, no listeners configured.
[  903.747514][T20049] futex_wake_op: syz.4.3240 tries to shift op by -2048; fix this program
[  903.841891][T20053] binder: 20048:20053 ioctl 40046210 0 returned -14
[  903.860413][T20054] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3242'.
[  904.403977][T20061] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3244'.
[  904.464567][T20059] bridge0: port 3(gretap0) entered blocking state
[  904.522543][T20059] bridge0: port 3(gretap0) entered disabled state
[  904.562343][T20059] gretap0: entered allmulticast mode
[  904.598225][T20059] gretap0: entered promiscuous mode
[  904.622042][T20059] FAULT_INJECTION: forcing a failure.
[  904.622042][T20059] name failslab, interval 1, probability 0, space 0, times 0
[  904.682807][T20059] CPU: 0 UID: 0 PID: 20059 Comm: syz.3.3243 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  904.682839][T20059] Tainted: [L]=SOFTLOCKUP
[  904.682846][T20059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  904.682858][T20059] Call Trace:
[  904.682864][T20059]  <TASK>
[  904.682873][T20059]  dump_stack_lvl+0x100/0x190
[  904.682899][T20059]  should_fail_ex.cold+0x5/0xa
[  904.682926][T20059]  should_failslab+0xc2/0x120
[  904.682950][T20059]  __kmalloc_cache_noprof+0x7a/0x6f0
[  904.682980][T20059]  ? vlan_vid_add+0x514/0x730
[  904.683016][T20059]  vlan_vid_add+0x514/0x730
[  904.683052][T20059]  __vlan_add+0x282a/0x2e10
[  904.683091][T20059]  ? __pfx___vlan_add+0x10/0x10
[  904.683128][T20059]  nbp_vlan_add+0x258/0x3e0
[  904.683160][T20059]  nbp_vlan_init+0x373/0x500
[  904.683191][T20059]  ? __pfx_nbp_vlan_init+0x10/0x10
[  904.683225][T20059]  ? __local_bh_enable_ip+0x9e/0x120
[  904.683252][T20059]  ? lockdep_hardirqs_on+0x78/0x100
[  904.683277][T20059]  ? br_fdb_add_local+0x43/0x60
[  904.683302][T20059]  ? __local_bh_enable_ip+0x9e/0x120
[  904.683332][T20059]  br_add_if+0xf79/0x1b40
[  904.683363][T20059]  ? veth_get_iflink+0x2a3/0x2c0
[  904.683391][T20059]  add_del_if+0x114/0x160
[  904.683423][T20059]  br_dev_siocdevprivate+0x8ac/0x1650
[  904.683459][T20059]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[  904.683498][T20059]  ? do_raw_spin_lock+0x128/0x260
[  904.683523][T20059]  ? find_held_lock+0x2b/0x80
[  904.683558][T20059]  ? debug_mutex_remove_waiter+0xa8/0x320
[  904.683585][T20059]  ? debug_mutex_remove_waiter+0xa8/0x320
[  904.683621][T20059]  ? netdev_name_node_lookup+0x107/0x150
[  904.683652][T20059]  ? __mutex_lock+0x838/0x1b10
[  904.683681][T20059]  dev_ifsioc+0xc2f/0x1f10
[  904.683716][T20059]  ? __pfx_dev_ifsioc+0x10/0x10
[  904.683747][T20059]  ? __pfx___mutex_lock+0x10/0x10
[  904.683781][T20059]  ? dev_load+0x8e/0x240
[  904.683810][T20059]  ? dev_load+0x8e/0x240
[  904.683846][T20059]  dev_ioctl+0x70e/0x1070
[  904.683900][T20059]  sock_ioctl+0x494/0x6b0
[  904.683943][T20059]  ? __pfx_sock_ioctl+0x10/0x10
[  904.683969][T20059]  ? hook_file_ioctl_common+0x149/0x410
[  904.683996][T20059]  ? __fget_files+0x21f/0x3d0
[  904.684023][T20059]  ? __pfx_sock_ioctl+0x10/0x10
[  904.684051][T20059]  __x64_sys_ioctl+0x18e/0x210
[  904.684073][T20059]  do_syscall_64+0x10b/0xf80
[  904.684097][T20059]  ? clear_bhb_loop+0x40/0x90
[  904.684122][T20059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  904.684143][T20059] RIP: 0033:0x7febe3d9cdd9
[  904.684159][T20059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  904.684180][T20059] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  904.684199][T20059] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  904.684212][T20059] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000009
[  904.684225][T20059] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  904.684237][T20059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  904.684250][T20059] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  904.684276][T20059]  </TASK>
[  904.992986][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c1ce400: rx timeout, send abort
[  905.003298][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805c1ce400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  905.461908][T20059] gretap0: failed to initialize vlan filtering on this port
[  905.500200][T20059] gretap0: left allmulticast mode
[  905.740534][T20077] NFSD: Failed to start, no listeners configured.
[  905.966485][T20081] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3250'.
[  906.170366][T20084] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3251'.
[  906.437830][T20093] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3253'.
[  907.027927][T20111] snd_virmidi snd_virmidi.0: control 61646:131081:-1:yª:3 is already present
[  908.656901][T20145] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3267'.
[  909.332718][T20168] netlink: 4394 bytes leftover after parsing attributes in process `syz.3.3271'.
[  909.884702][T20174] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3273'.
[  911.877546][T20225] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3282'.
[  916.615449][T20324] FAULT_INJECTION: forcing a failure.
[  916.615449][T20324] name failslab, interval 1, probability 0, space 0, times 0
[  916.700859][T20324] CPU: 0 UID: 0 PID: 20324 Comm: syz.3.3308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  916.700893][T20324] Tainted: [L]=SOFTLOCKUP
[  916.700900][T20324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  916.700912][T20324] Call Trace:
[  916.700919][T20324]  <TASK>
[  916.700926][T20324]  dump_stack_lvl+0x100/0x190
[  916.700953][T20324]  should_fail_ex.cold+0x5/0xa
[  916.700979][T20324]  should_failslab+0xc2/0x120
[  916.701004][T20324]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  916.701036][T20324]  ? __proc_create+0x2cb/0x8c0
[  916.701068][T20324]  __proc_create+0x2cb/0x8c0
[  916.701094][T20324]  ? __pfx___proc_create+0x10/0x10
[  916.701122][T20324]  ? _raw_write_unlock+0x28/0x50
[  916.701145][T20324]  ? proc_register+0x559/0x8a0
[  916.701175][T20324]  proc_create_reg+0x75/0x170
[  916.701202][T20324]  ? __pfx_rt_acct_proc_show+0x10/0x10
[  916.701232][T20324]  proc_create_single_data+0x86/0x130
[  916.701261][T20324]  ? __pfx_proc_create_single_data+0x10/0x10
[  916.701290][T20324]  ? timer_init_key+0x155/0x330
[  916.701321][T20324]  ? __pfx_nl_fib_input+0x10/0x10
[  916.701349][T20324]  ip_rt_do_proc_init+0xf9/0x1d0
[  916.701378][T20324]  ? __pfx_ip_rt_do_proc_init+0x10/0x10
[  916.701405][T20324]  ops_init+0x1e2/0x5f0
[  916.701428][T20324]  setup_net+0x118/0x3a0
[  916.701450][T20324]  ? __pfx_setup_net+0x10/0x10
[  916.701475][T20324]  ? mutex_init_lockdep+0xf1/0x120
[  916.701500][T20324]  copy_net_ns+0x46f/0x7c0
[  916.701526][T20324]  create_new_namespaces+0x3ea/0xac0
[  916.701558][T20324]  unshare_nsproxy_namespaces+0xf2/0x220
[  916.701587][T20324]  ksys_unshare+0x438/0xab0
[  916.701638][T20324]  ? __pfx_ksys_unshare+0x10/0x10
[  916.701670][T20324]  ? xfd_validate_state+0x129/0x190
[  916.701701][T20324]  __x64_sys_unshare+0x31/0x40
[  916.701733][T20324]  do_syscall_64+0x10b/0xf80
[  916.701759][T20324]  ? clear_bhb_loop+0x40/0x90
[  916.701786][T20324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.701808][T20324] RIP: 0033:0x7febe3d9cdd9
[  916.701833][T20324] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  916.701854][T20324] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  916.701875][T20324] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  916.701889][T20324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  916.701902][T20324] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  916.701915][T20324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  916.701929][T20324] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  916.701956][T20324]  </TASK>
[  918.490987][T20346] ERROR: Out of memory at tomoyo_memory_ok.
[  919.481453][T20370] snd_virmidi snd_virmidi.0: control 61646:131081:-1:yª:3 is already present
[  920.425594][T20388] ==================================================================
[  920.433721][T20388] BUG: KASAN: slab-out-of-bounds in cache_seq_start_rcu+0x3fe/0x420
[  920.441720][T20388] Read of size 8 at addr ffff888037c2d800 by task syz.3.3321/20388
[  920.449624][T20388] 
[  920.451978][T20388] CPU: 0 UID: 0 PID: 20388 Comm: syz.3.3321 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  920.452006][T20388] Tainted: [L]=SOFTLOCKUP
[  920.452013][T20388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  920.452025][T20388] Call Trace:
[  920.452031][T20388]  <TASK>
[  920.452039][T20388]  dump_stack_lvl+0x100/0x190
[  920.452060][T20388]  print_report+0x13d/0x4b0
[  920.452090][T20388]  ? __virt_addr_valid+0x239/0x430
[  920.452122][T20388]  ? cache_seq_start_rcu+0x3fe/0x420
[  920.452173][T20388]  kasan_report+0xdf/0x1d0
[  920.452197][T20388]  ? cache_seq_start_rcu+0x3fe/0x420
[  920.452247][T20388]  cache_seq_start_rcu+0x3fe/0x420
[  920.452287][T20388]  seq_read_iter+0x2c1/0x1270
[  920.452318][T20388]  seq_read+0x33b/0x4c0
[  920.452341][T20388]  ? __pfx_seq_read+0x10/0x10
[  920.452367][T20388]  ? lock_acquire+0x1b1/0x370
[  920.452393][T20388]  ? __pfx_seq_read+0x10/0x10
[  920.452415][T20388]  proc_reg_read+0x240/0x330
[  920.452441][T20388]  ? __pfx_proc_reg_read+0x10/0x10
[  920.452467][T20388]  vfs_read+0x1e4/0xb30
[  920.452493][T20388]  ? __pfx_vfs_read+0x10/0x10
[  920.452516][T20388]  ? __fget_files+0x215/0x3d0
[  920.452545][T20388]  ? __fget_files+0x21f/0x3d0
[  920.452573][T20388]  ksys_read+0x12a/0x250
[  920.452597][T20388]  ? __pfx_ksys_read+0x10/0x10
[  920.452623][T20388]  ? rcu_is_watching+0x12/0xc0
[  920.452652][T20388]  do_syscall_64+0x10b/0xf80
[  920.452679][T20388]  ? clear_bhb_loop+0x40/0x90
[  920.452705][T20388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.452729][T20388] RIP: 0033:0x7febe3d9cdd9
[  920.452747][T20388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  920.452769][T20388] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  920.452791][T20388] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  920.452807][T20388] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000003
[  920.452821][T20388] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  920.452835][T20388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  920.452849][T20388] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  920.452871][T20388]  </TASK>
[  920.452878][T20388] 
[  920.675739][T20388] Allocated by task 16973:
[  920.680162][T20388]  kasan_save_stack+0x30/0x50
[  920.684857][T20388]  kasan_save_track+0x14/0x30
[  920.689550][T20388]  __kasan_kmalloc+0xaa/0xb0
[  920.694155][T20388]  __kmalloc_noprof+0x301/0x850
[  920.699029][T20388]  cache_create_net+0xa2/0x1f0
[  920.703824][T20388]  nfsd_export_init+0x11f/0x250
[  920.708698][T20388]  nfsd_net_init+0x69/0x3e0
[  920.713231][T20388]  ops_init+0x1e2/0x5f0
[  920.717404][T20388]  setup_net+0x118/0x3a0
[  920.721658][T20388]  copy_net_ns+0x46f/0x7c0
[  920.726078][T20388]  create_new_namespaces+0x3ea/0xac0
[  920.731370][T20388]  unshare_nsproxy_namespaces+0xf2/0x220
[  920.737011][T20388]  ksys_unshare+0x438/0xab0
[  920.741524][T20388]  __x64_sys_unshare+0x31/0x40
[  920.746295][T20388]  do_syscall_64+0x10b/0xf80
[  920.750896][T20388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.756788][T20388] 
[  920.759109][T20388] The buggy address belongs to the object at ffff888037c2d000
[  920.759109][T20388]  which belongs to the cache kmalloc-2k of size 2048
[  920.773166][T20388] The buggy address is located 0 bytes to the right of
[  920.773166][T20388]  allocated 2048-byte region [ffff888037c2d000, ffff888037c2d800)
[  920.787744][T20388] 
[  920.790080][T20388] The buggy address belongs to the physical page:
[  920.796497][T20388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37c28
[  920.805307][T20388] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  920.813802][T20388] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  920.821341][T20388] page_type: f5(slab)
[  920.825329][T20388] raw: 00fff00000000040 ffff88813fe2e000 dead000000000100 dead000000000122
[  920.833909][T20388] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  920.842490][T20388] head: 00fff00000000040 ffff88813fe2e000 dead000000000100 dead000000000122
[  920.851169][T20388] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  920.859926][T20388] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  920.868604][T20388] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  920.877272][T20388] page dumped because: kasan: bad access detected
[  920.883680][T20388] page_owner tracks the page as allocated
[  920.889404][T20388] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 29917299155, free_ts 26540374701
[  920.909992][T20388]  post_alloc_hook+0x153/0x170
[  920.914764][T20388]  get_page_from_freelist+0x11a6/0x33b0
[  920.920325][T20388]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  920.926240][T20388]  new_slab+0xa6/0x6c0
[  920.930328][T20388]  refill_objects+0x277/0x420
[  920.935016][T20388]  __pcs_replace_empty_main+0x375/0x650
[  920.940570][T20388]  __kmalloc_cache_noprof+0x493/0x6f0
[  920.945956][T20388]  rxrpc_alloc_connection+0xa3/0x770
[  920.951246][T20388]  rxrpc_prealloc_service_connection+0x26/0x390
[  920.957496][T20388]  rxrpc_service_prealloc_one+0x2c5/0x1060
[  920.963312][T20388]  rxrpc_kernel_charge_accept+0xcd/0x110
[  920.968965][T20388]  afs_charge_preallocation+0xc6/0x320
[  920.974444][T20388]  afs_open_socket+0x31e/0x3f0
[  920.979235][T20388]  afs_net_init+0x825/0xb00
[  920.983837][T20388]  ops_init+0x1e2/0x5f0
[  920.987996][T20388]  register_pernet_operations+0x3cb/0x740
[  920.993724][T20388] page last free pid 9 tgid 9 stack trace:
[  920.999613][T20388]  __free_frozen_pages+0x747/0x1040
[  921.004842][T20388]  vfree+0x15f/0x8d0
[  921.008740][T20388]  delayed_vfree_work+0x56/0x80
[  921.013599][T20388]  process_one_work+0xa0e/0x1980
[  921.018539][T20388]  worker_thread+0x5ef/0xe50
[  921.023132][T20388]  kthread+0x370/0x450
[  921.027201][T20388]  ret_from_fork+0x72b/0xd50
[  921.031806][T20388]  ret_from_fork_asm+0x1a/0x30
[  921.036701][T20388] 
[  921.039032][T20388] Memory state around the buggy address:
[  921.044665][T20388]  ffff888037c2d700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  921.052727][T20388]  ffff888037c2d780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  921.060799][T20388] >ffff888037c2d800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  921.068854][T20388]                    ^
[  921.072927][T20388]  ffff888037c2d880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  921.080989][T20388]  ffff888037c2d900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  921.089043][T20388] ==================================================================
[  923.476764][T20388] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  923.483992][T20388] CPU: 0 UID: 0 PID: 20388 Comm: syz.3.3321 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  923.494931][T20388] Tainted: [L]=SOFTLOCKUP
[  923.499249][T20388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  923.509306][T20388] Call Trace:
[  923.512584][T20388]  <TASK>
[  923.515517][T20388]  dump_stack_lvl+0x100/0x190
[  923.520196][T20388]  vpanic+0x552/0x970
[  923.524172][T20388]  ? __pfx_vpanic+0x10/0x10
[  923.528676][T20388]  ? cache_seq_start_rcu+0x3fe/0x420
[  923.533973][T20388]  panic+0xd1/0xe0
[  923.537693][T20388]  ? __pfx_panic+0x10/0x10
[  923.542106][T20388]  ? cache_seq_start_rcu+0x3fe/0x420
[  923.547396][T20388]  ? preempt_schedule_common+0x42/0xc0
[  923.552861][T20388]  ? check_panic_on_warn+0x1f/0x90
[  923.557987][T20388]  check_panic_on_warn.cold+0x19/0x34
[  923.563362][T20388]  end_report.part.0+0x3a/0x90
[  923.568138][T20388]  kasan_report.cold+0xe/0x18
[  923.572830][T20388]  ? cache_seq_start_rcu+0x3fe/0x420
[  923.578135][T20388]  cache_seq_start_rcu+0x3fe/0x420
[  923.583253][T20388]  seq_read_iter+0x2c1/0x1270
[  923.587949][T20388]  seq_read+0x33b/0x4c0
[  923.592115][T20388]  ? __pfx_seq_read+0x10/0x10
[  923.596798][T20388]  ? lock_acquire+0x1b1/0x370
[  923.601477][T20388]  ? __pfx_seq_read+0x10/0x10
[  923.606149][T20388]  proc_reg_read+0x240/0x330
[  923.610745][T20388]  ? __pfx_proc_reg_read+0x10/0x10
[  923.615867][T20388]  vfs_read+0x1e4/0xb30
[  923.620037][T20388]  ? __pfx_vfs_read+0x10/0x10
[  923.624719][T20388]  ? __fget_files+0x215/0x3d0
[  923.629400][T20388]  ? __fget_files+0x21f/0x3d0
[  923.634091][T20388]  ksys_read+0x12a/0x250
[  923.638337][T20388]  ? __pfx_ksys_read+0x10/0x10
[  923.643112][T20388]  ? rcu_is_watching+0x12/0xc0
[  923.647891][T20388]  do_syscall_64+0x10b/0xf80
[  923.652485][T20388]  ? clear_bhb_loop+0x40/0x90
[  923.657170][T20388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.663058][T20388] RIP: 0033:0x7febe3d9cdd9
[  923.667479][T20388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  923.687091][T20388] RSP: 002b:00007febe4c35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  923.695499][T20388] RAX: ffffffffffffffda RBX: 00007febe4015fa0 RCX: 00007febe3d9cdd9
[  923.703463][T20388] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000003
[  923.711426][T20388] RBP: 00007febe3e32d69 R08: 0000000000000000 R09: 0000000000000000
[  923.719396][T20388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  923.727383][T20388] R13: 00007febe4016038 R14: 00007febe4015fa0 R15: 00007ffcd2305a68
[  923.735361][T20388]  </TASK>
[  923.738429][T20388] Kernel Offset: disabled
[  923.742784][T20388] Rebooting in 86400 seconds..