last executing test programs:

5.402488876s ago: executing program 2 (id=333):
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_SG_SET_TIMEOUT2(r0, 0x2201, 0x0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0)
write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(0x3, 0x0, 0x100082)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2)
futex_wake$auto(0x0, 0x4, 0x1, 0x9)
mincore$auto(0x1000, 0x4000000, 0x0)

3.99682722s ago: executing program 1 (id=343):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
sendmsg$auto_NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x44110}, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0xb, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xf00)

3.701138767s ago: executing program 0 (id=345):
r0 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x3, 0x4020009, 0x400000000000dc, 0x7fff, r0, 0x8000)
pidfd_open$auto(0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x1)
sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x4000000)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x3, 0x0, 0xfffffdef)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_PNETID_DEL(r1, 0x0, 0x20000000)
getpid()
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)

3.684110266s ago: executing program 1 (id=346):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4)
pidfd_open$auto(0x1, 0x0)
socket(0x2, 0x3, 0x100)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

3.662039192s ago: executing program 2 (id=347):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d)
write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0)
lchown$auto(&(0x7f0000000080)='./file0\x00', 0xee01, 0xee00)
write$auto(0x3, 0x0, 0x100082)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x0, 0x0)
ioctl$auto(r1, 0x800064d1, r1)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x101)
lseek$auto(0x3, 0x2, 0x4)

3.603931351s ago: executing program 3 (id=348):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
pidfd_open$auto(0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x1e, 0x4, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
ioctl$auto(r0, 0x2, 0x4)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, 0x0, 0x7, 0x0)

3.380584095s ago: executing program 3 (id=349):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
ioctl$auto_BLKTRACETEARDOWN(r0, 0x1276, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0xa, 0x3)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)
ioctl$auto(r1, 0x4b67, 0x1)

2.893158868s ago: executing program 0 (id=350):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0)
read$auto(r0, 0x0, 0x9a28)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000140)={0x0, 0x7}, 0x3)
write$auto_snd_pcm_f_ops_pcm(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
write$auto(0xca, &(0x7f0000000280)='\x04>V\x1b\x89\x0e\x82\xd5\x99\xb6\x00\xeb\xbc(ex\x8c6\x9aK\x13\xa9m\xa5\vL\x00\x00\x00\x00\x00o\x9eR_\x03\x82]\xdc\a\b\xda\xe2\xadi\xf0\xa6\x068\xdb\xb12k\r\xd7\fC\b\f\x9fA>\xb3/\x0f\xc3\f\xf3\x95-\xc9\xe2\x84+O\x922+\b\a\xf4S\xab\x9a8\xa8\xa2\xf6$^N\xb5.\xc5%m\xaeeP\xd7M\xe0\xfb\x86\xcd\xf9\x844\xa5H\xf9\xf2e\n\xc0\x11_T\x16*p\xcf\x7f\xc3\x94\xdb_\x9d\xe5\xd5\xc4\xf0\xc2<\xb0\xb4\xc9\xf2\xdd+\xe3\xb5)&[\x7f\xb2R\x11o8\xb6\xc0\x80?b\xa7\x03=E\x98\xd5\xa2Z\x8e-\xc2J\xaaM\xe10Dh\x143\x02V\xec\xce\x9cD\xff\x85=\x82g\xfe\xc8\xfa\xecK\xc1\x8c\x8cA\f\xfe', 0x80)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)

2.856084558s ago: executing program 1 (id=351):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x848000000015, 0x805, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x55)
sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$auto_OVS_DP_CMD_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[], 0xd000}, 0x1, 0x0, 0x0, 0x50}, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2.459347518s ago: executing program 1 (id=352):
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0)
socket(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r0)

2.320591124s ago: executing program 0 (id=353):
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0)
openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x40, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/nr_hugepages\x00', 0x642, 0x0)
socketpair$auto(0x1e, 0x5, 0x8, 0x0)
write$auto_uhid_fops_uhid(r0, 0x0, 0xfccd)

2.198566028s ago: executing program 1 (id=354):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
connect$auto(0x3, 0x0, 0x54)
sendto$auto(0x3, 0x0, 0x18, 0x101, 0x0, 0x1c)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x2, 0x0)

1.965786596s ago: executing program 2 (id=355):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb9, 0xfffffffffffffffa, 0x48003)
mmap$auto(0x6, 0x8, 0x2, 0xacdb, 0x5, 0x0)
socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
timerfd_create$auto(0x7, 0x0)
timerfd_gettime$auto(0x4, 0x0)
listen$auto(0x3, 0x83)
setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9)
mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

1.768641287s ago: executing program 3 (id=356):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0xfffff004, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x2, 0x88)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond0\x00', <r3=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x8, 0xff, r0, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4)
r4 = bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb)
ioctl$auto_SNDCTL_DSP_PROFILE(r4, 0x541b, 0x0)

1.716690791s ago: executing program 0 (id=357):
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
recvfrom$auto(r0, 0x0, 0xc, 0xb21, 0x0, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
bind$auto(0x3, 0xfffffffffffffffd, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1.600583116s ago: executing program 3 (id=358):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
pidfd_open$auto(0x1, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
setreuid$auto(0x3, 0x7)
fanotify_init$auto(0x200, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

1.207987259s ago: executing program 3 (id=359):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0)
read$auto(r0, &(0x7f0000000100)='nl80211\x00', 0xbe62)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000000000600010000000a0005000000000000000000b3fc010000000000000000000a0001000000000000000000060006000500000008000200", @ANYRES32=0x0, @ANYBLOB="080004000301"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0x6)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c014}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc5}, 0x1, 0x0, 0x5, 0x9}, 0x7}, 0x3, 0x0)

1.095124901s ago: executing program 1 (id=360):
close_range$auto(0x2, 0x8, 0x0)
socket(0x1d, 0x2, 0x6)
open(&(0x7f00000001c0)='./file0\x00', 0x60142, 0x130)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x101101, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1600, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev0\x00', 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x0, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x0, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x4, 0x3, 0x5, 0x10001, 0x400000000003, 0x5, 0xffffffffffffffff, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0)

962.16585ms ago: executing program 2 (id=361):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = open(0x0, 0x261c2, 0x84)
r1 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=r1, 0xa, @old_map_fd=r2}, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc)

854.414892ms ago: executing program 3 (id=362):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
connect$auto(r1, 0x0, 0x54)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x7, 0x734f, 0x37, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0x83ad, 0x9, 0x6, 0x6, 0x81, 0x4, 0x1cd7, 0x8, 0x2000, 0x203, 0x0, 0x84, 0xfffffffffffffffa, 0x0, 0x0, 0x2, 0x101, [0x0, 0x0, 0x8003, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa04, 0x0, 0xfffffffffffffffc, 0x3, 0x4, 0x1ff, 0x0, 0x9, 0x0, 0x40000000, 0x0, 0x7, 0x0, 0x2, 0x7ff, 0x0, 0x0, 0x3, 0x40000000000000, 0x0, 0x0, 0x0, 0xff, 0x0, 0x8, 0x0, 0x3c3, 0x0, 0x2]}, 0x1fe, 0x2)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x13, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000080)={0x0, 0xfc2}, 0x2, &(0x7f0000000100), 0x3, 0x2}, 0x10000}, 0xffffffff, 0x4008)

781.188672ms ago: executing program 0 (id=363):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0xc4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x3, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0xd, 0x1, 0x71, 0x0, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x3, 0x40a, 0xd, 0x3fd, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0x46e, 0xa5cf, 0x8, 0x7, 0xc16b, 0x6, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x3, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x4, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0x1, 0x7, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff8, 0x40], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, <r0=>0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0xb}})
sendmsg$auto_NL802154_CMD_SET_CHANNEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x10, 0x2, 0x0)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0)

762.559686ms ago: executing program 2 (id=364):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0xa, 0x2, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0)

420.207768ms ago: executing program 0 (id=365):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d)
listen$auto(0x3, 0x81)
r1 = socket(0x2b, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108)

0s ago: executing program 2 (id=366):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x109100, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r1, 0xc0385720, &(0x7f0000000240)={0x1, "77947a0f", 0x9, 0x2, 0x7ff, 0x1bb8, "d00f5322a8e93a161984686708c98cd7"})
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28000, 0x0)
setsockopt$auto_SO_CNX_ADVICE(r0, 0x4, 0x35, 0x0, 0xb7)
mmap$auto(0x0, 0x400006, 0x6, 0x9b72, 0x2, 0x8000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.92' (ED25519) to the list of known hosts.
[   82.446272][ T5811] cgroup: Unknown subsys name 'net'
[   82.562540][ T5811] cgroup: Unknown subsys name 'cpuset'
[   82.572839][ T5811] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.388675][ T5811] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.520578][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.530935][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.550539][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.557830][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.566120][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.573482][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.582834][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.591304][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.599126][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.601163][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.614655][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.621847][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.621964][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.636614][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.637960][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.652409][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.658244][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.667987][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.681457][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.688833][ T5144] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   87.352334][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   87.365016][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   87.519153][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   87.681778][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   87.694332][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.702245][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.709746][ T5824] bridge_slave_0: entered allmulticast mode
[   87.717245][ T5824] bridge_slave_0: entered promiscuous mode
[   87.733191][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.740421][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.747695][ T5821] bridge_slave_0: entered allmulticast mode
[   87.755228][ T5821] bridge_slave_0: entered promiscuous mode
[   87.783926][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.791305][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.799231][ T5824] bridge_slave_1: entered allmulticast mode
[   87.806738][ T5824] bridge_slave_1: entered promiscuous mode
[   87.821604][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.828819][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.836025][ T5821] bridge_slave_1: entered allmulticast mode
[   87.844078][ T5821] bridge_slave_1: entered promiscuous mode
[   87.948259][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.972728][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.992217][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.001812][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.009145][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.016306][ T5823] bridge_slave_0: entered allmulticast mode
[   88.024292][ T5823] bridge_slave_0: entered promiscuous mode
[   88.034336][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.067063][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.074365][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.081626][ T5823] bridge_slave_1: entered allmulticast mode
[   88.089160][ T5823] bridge_slave_1: entered promiscuous mode
[   88.155001][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.162330][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.169624][ T5822] bridge_slave_0: entered allmulticast mode
[   88.177072][ T5822] bridge_slave_0: entered promiscuous mode
[   88.187557][ T5824] team0: Port device team_slave_0 added
[   88.208289][ T5821] team0: Port device team_slave_0 added
[   88.214120][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.221418][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.228745][ T5822] bridge_slave_1: entered allmulticast mode
[   88.236204][ T5822] bridge_slave_1: entered promiscuous mode
[   88.246018][ T5824] team0: Port device team_slave_1 added
[   88.266981][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.280131][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.291248][ T5821] team0: Port device team_slave_1 added
[   88.364272][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.371324][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.397315][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.436309][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.448972][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.459292][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.466258][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.492225][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.505620][ T5823] team0: Port device team_slave_0 added
[   88.512505][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.519521][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.545490][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.580577][ T5823] team0: Port device team_slave_1 added
[   88.599627][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.606613][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.632702][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.659112][ T5822] team0: Port device team_slave_0 added
[   88.690897][ T5822] team0: Port device team_slave_1 added
[   88.698053][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.705037][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.731679][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.743174][ T5838] Bluetooth: hci3: command tx timeout
[   88.743569][ T5833] Bluetooth: hci2: command tx timeout
[   88.754431][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.762203][ T5838] Bluetooth: hci1: command tx timeout
[   88.762396][ T5833] Bluetooth: hci0: command tx timeout
[   88.768960][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.799586][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.867461][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.874457][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.900842][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.938532][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.945524][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.972083][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.989876][ T5824] hsr_slave_0: entered promiscuous mode
[   88.996608][ T5824] hsr_slave_1: entered promiscuous mode
[   89.021696][ T5821] hsr_slave_0: entered promiscuous mode
[   89.028597][ T5821] hsr_slave_1: entered promiscuous mode
[   89.034861][ T5821] debugfs: 'hsr0' already exists in 'hsr'
[   89.041166][ T5821] Cannot create hsr debugfs directory
[   89.093362][ T5823] hsr_slave_0: entered promiscuous mode
[   89.100121][ T5823] hsr_slave_1: entered promiscuous mode
[   89.106437][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   89.112437][ T5823] Cannot create hsr debugfs directory
[   89.206959][ T5822] hsr_slave_0: entered promiscuous mode
[   89.213593][ T5822] hsr_slave_1: entered promiscuous mode
[   89.220956][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   89.226712][ T5822] Cannot create hsr debugfs directory
[   89.695432][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   89.711302][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   89.722141][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   89.734504][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   89.811891][ T5821] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   89.832875][ T5821] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   89.845769][ T5821] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   89.872559][ T5821] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   89.969305][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.981594][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   90.015391][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   90.038234][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   90.120501][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.149869][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.162877][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.174502][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.196442][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.216022][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   90.256255][ T3529] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.263563][ T3529] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.290123][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.297335][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.339923][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.445889][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   90.481535][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.488767][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.511144][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.533456][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.540718][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.593359][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   90.640448][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.647701][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.680656][ T1165] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.687898][ T1165] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.732380][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.818004][ T5833] Bluetooth: hci1: command tx timeout
[   90.818023][ T5834] Bluetooth: hci2: command tx timeout
[   90.818096][ T5834] Bluetooth: hci0: command tx timeout
[   90.823502][ T5833] Bluetooth: hci3: command tx timeout
[   90.856978][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   90.885587][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.892804][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.944436][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.951705][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.992829][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.182386][ T5824] veth0_vlan: entered promiscuous mode
[   91.206475][ T5824] veth1_vlan: entered promiscuous mode
[   91.272387][ T5824] veth0_macvtap: entered promiscuous mode
[   91.291881][ T5824] veth1_macvtap: entered promiscuous mode
[   91.364801][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.423956][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.447623][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.506611][   T58] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.533608][   T58] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.549181][   T58] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.592264][   T58] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.614678][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.626046][   T10] cfg80211: failed to load regulatory.db
[   91.741356][ T5821] veth0_vlan: entered promiscuous mode
[   91.798086][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.806141][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.817839][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.836159][ T5823] veth0_vlan: entered promiscuous mode
[   91.843467][ T5821] veth1_vlan: entered promiscuous mode
[   91.905837][ T3529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.914714][ T3529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.925063][ T5823] veth1_vlan: entered promiscuous mode
[   92.039786][ T5822] veth0_vlan: entered promiscuous mode
[   92.050426][ T5821] veth0_macvtap: entered promiscuous mode
[   92.051075][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.083272][ T5823] veth0_macvtap: entered promiscuous mode
[   92.101423][ T5821] veth1_macvtap: entered promiscuous mode
[   92.114701][ T5822] veth1_vlan: entered promiscuous mode
[   92.136033][ T5823] veth1_macvtap: entered promiscuous mode
[   92.211220][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.242389][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.262603][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.268654][ T5915] Zero length message leads to an empty skb
[   92.284445][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.314897][ T5822] veth0_macvtap: entered promiscuous mode
[   92.349944][ T3529] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.358882][ T3529] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.400748][ T3529] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.412534][ T3529] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.443798][ T3529] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.466303][ T5822] veth1_macvtap: entered promiscuous mode
[   92.481231][ T3529] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.490356][ T3529] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.501805][ T3529] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.566071][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.603813][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.663443][ T3529] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.672868][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.687591][ T3529] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.695242][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.767200][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.777019][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.799251][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.836168][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.901977][ T5833] Bluetooth: hci3: command tx timeout
[   92.902003][ T5834] Bluetooth: hci0: command tx timeout
[   92.907740][ T5828] Bluetooth: hci1: command tx timeout
[   92.912982][ T5838] Bluetooth: hci2: command tx timeout
[   92.952829][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.962834][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.985431][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.995719][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.135526][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.175484][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.279844][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.313906][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.429574][ T5923] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   93.578762][ T5928] netlink: 330 bytes leftover after parsing attributes in process `syz.3.7'.
[   93.876261][ T5941] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   94.572695][ T5958] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   94.885242][ T5965] raw_sendmsg: syz.3.19 forgot to set AF_INET. Fix it!
[   94.980383][ T5828] Bluetooth: hci1: command tx timeout
[   94.985925][ T5833] Bluetooth: hci3: command tx timeout
[   94.985946][ T5834] Bluetooth: hci0: command tx timeout
[   94.991972][ T5828] Bluetooth: hci2: command tx timeout
[   95.108216][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.3.21'.
[   95.121015][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.3.21'.
[   95.131350][ T5968] netlink: 342 bytes leftover after parsing attributes in process `syz.3.21'.
[   95.149305][ T5968] netlink: 302 bytes leftover after parsing attributes in process `syz.3.21'.
[   95.368915][    T0] NOHZ tick-stop error: local softirq work is pending, handler #342!!!
[   95.509974][ T5975] syz.2.22 uses obsolete (PF_INET,SOCK_PACKET)
[   95.587663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.188730][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.208077][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.288628][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.327882][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.358346][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.368858][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.388670][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   98.623547][ T6032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[   98.707350][ T6032] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   98.746572][ T6032] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[   98.774796][ T6032] page_type: f5(slab)
[   98.797474][ T6032] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122
[   98.839555][ T6032] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[   98.904466][ T6032] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122
[   98.955184][ T6032] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[   99.024782][ T6032] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[   99.061141][ T6032] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[   99.124961][ T6032] page dumped because: unmovable page
[   99.151706][ T6032] page_owner tracks the page as allocated
[   99.170258][ T6044] random: crng reseeded on system resumption
[   99.200142][ T6032] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3529, tgid 3529 (kworker/u8:10), ts 97317332775, free_ts 97223548646
[   99.348069][ T6032]  post_alloc_hook+0x153/0x170
[   99.352942][ T6032]  get_page_from_freelist+0x111d/0x3140
[   99.372824][ T6045] sp0: Synchronizing with TNC
[   99.430782][ T6032]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[   99.459439][ T6032]  alloc_pages_mpol+0x1fb/0x550
[   99.489903][ T6032]  new_slab+0x43a/0x6d0
[   99.513035][ T6032]  ___slab_alloc+0x2a0/0x850
[   99.521241][ T6048] netlink: 326 bytes leftover after parsing attributes in process `syz.0.49'.
[   99.543729][ T6032]  __kmalloc_node_track_caller_noprof+0x45c/0x850
[   99.583417][ T6032]  kmalloc_reserve+0xe8/0x350
[   99.615070][ T6032]  __alloc_skb+0x185/0x710
[   99.643464][ T6032]  nsim_dev_trap_report_work+0x2af/0xd10
[   99.690442][ T6032]  process_one_work+0x9d7/0x1920
[   99.733085][ T6032]  worker_thread+0x5da/0xe40
[   99.776873][ T6032]  kthread+0x370/0x450
[   99.800977][ T6032]  ret_from_fork+0x754/0xd80
[   99.821553][ T6032]  ret_from_fork_asm+0x1a/0x30
[   99.867985][ T6032] page last free pid 5827 tgid 5827 stack trace:
[   99.913613][ T6032]  __free_frozen_pages+0x7e1/0x10d0
[   99.967214][ T6032]  qlist_free_all+0x47/0xe0
[   99.987183][ T6032]  kasan_quarantine_reduce+0x1a0/0x1f0
[  100.007294][ T6032]  __kasan_slab_alloc+0x69/0x90
[  100.012260][ T6032]  kmem_cache_alloc_noprof+0x241/0x6e0
[  100.074354][ T6032]  do_getname+0x35/0x390
[  100.087187][ T6032]  __x64_sys_rename+0x57/0xb0
[  100.091963][ T6032]  do_syscall_64+0x106/0xf80
[  100.147187][ T6032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.224810][ T6044] Restarting kernel threads ...
[  100.237809][ T6044] Done restarting kernel threads.
[  101.728175][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.899283][ T6076] netlink: 'syz.0.57': attribute type 27 has an invalid length.
[  101.950757][ T6076] netlink: 146 bytes leftover after parsing attributes in process `syz.0.57'.
[  103.602554][ T6093] netlink: 4 bytes leftover after parsing attributes in process `syz.1.63'.
[  103.861827][ T6098] futex_wake_op: syz.1.65 tries to shift op by -2048; fix this program
[  103.907114][ T6098] futex_wake_op: syz.1.65 tries to shift op by -2048; fix this program
[  104.333216][ T6105] netlink: 194 bytes leftover after parsing attributes in process `syz.0.68'.
[  104.431656][ T6111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.69'.
[  104.600506][ T6114] usb usb2: usbfs: process 6114 (syz.3.69) did not claim interface 4 before use
[  104.674561][ T6117] netlink: 'syz.0.72': attribute type 1 has an invalid length.
[  104.683600][ T6117] netlink: 330 bytes leftover after parsing attributes in process `syz.0.72'.
[  104.811895][ T6115] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  107.114416][ T6167] netlink: 338 bytes leftover after parsing attributes in process `syz.2.90'.
[  107.132785][ T6162] netlink: 62 bytes leftover after parsing attributes in process `syz.0.89'.
[  107.171400][ T6167] team_slave_0: entered allmulticast mode
[  108.090264][   T29] audit: type=1804 audit(1772500503.971:2): pid=6181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.94" name="/newroot/18/file0" dev="tmpfs" ino=112 res=1 errno=0
[  108.169273][   T29] audit: type=1804 audit(1772500504.061:3): pid=6191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.94" name="/newroot/18/file0" dev="tmpfs" ino=112 res=1 errno=0
[  108.271553][ T6195] netlink: 4 bytes leftover after parsing attributes in process `syz.0.100'.
[  108.303675][ T6195] netlink: 13 bytes leftover after parsing attributes in process `syz.0.100'.
[  108.423545][ T6199] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.452626][ T6199] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.716776][ T6205] netlink: 338 bytes leftover after parsing attributes in process `syz.3.105'.
[  108.941039][ T6211] FAULT_INJECTION: forcing a failure.
[  108.941039][ T6211] name failslab, interval 1, probability 0, space 0, times 0
[  108.963902][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.1.106 Not tainted syzkaller #0 PREEMPT(full) 
[  108.963942][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  108.963964][ T6211] Call Trace:
[  108.963975][ T6211]  <TASK>
[  108.963991][ T6211]  dump_stack_lvl+0x100/0x190
[  108.964049][ T6211]  should_fail_ex.cold+0x5/0xa
[  108.964084][ T6211]  should_failslab+0xc2/0x120
[  108.964114][ T6211]  __kmalloc_cache_noprof+0x7a/0x6f0
[  108.964154][ T6211]  ? kvm_uevent_notify_change.part.0+0x2a6/0x450
[  108.964205][ T6211]  kvm_uevent_notify_change.part.0+0x2a6/0x450
[  108.964246][ T6211]  ? __pfx_kvm_vm_release+0x10/0x10
[  108.964280][ T6211]  kvm_put_kvm+0xe4/0xb10
[  108.964313][ T6211]  ? lockdep_hardirqs_on+0x78/0x100
[  108.964351][ T6211]  ? _raw_spin_unlock_irq+0x2e/0x50
[  108.964383][ T6211]  ? __pfx_kvm_vm_release+0x10/0x10
[  108.964417][ T6211]  kvm_vm_release+0x3c/0x50
[  108.964449][ T6211]  __fput+0x3ff/0xb40
[  108.964487][ T6211]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.964522][ T6211]  task_work_run+0x150/0x240
[  108.964575][ T6211]  ? __pfx_task_work_run+0x10/0x10
[  108.964630][ T6211]  exit_to_user_mode_loop+0x100/0x4a0
[  108.964673][ T6211]  do_syscall_64+0x668/0xf80
[  108.964709][ T6211]  ? clear_bhb_loop+0x40/0x90
[  108.964746][ T6211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.964778][ T6211] RIP: 0033:0x7f43ecd9c799
[  108.964803][ T6211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  108.964850][ T6211] RSP: 002b:00007f43edb7d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  108.964893][ T6211] RAX: 0000000000000000 RBX: 00007f43ed016090 RCX: 00007f43ecd9c799
[  108.964913][ T6211] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  108.964931][ T6211] RBP: 00007f43ece32bd9 R08: 0000000000000000 R09: 0000000000000000
[  108.964948][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  108.964966][ T6211] R13: 00007f43ed016128 R14: 00007f43ed016090 R15: 00007fff75dd7848
[  108.965005][ T6211]  </TASK>
[  111.888387][ T6251] netlink: 12 bytes leftover after parsing attributes in process `syz.2.120'.
[  111.949764][ T6251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.120'.
[  113.543710][ T6295] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  113.706519][ T5828] Bluetooth: hci0: unexpected event 0x09 length: 435 > 3
[  114.662656][ T6305] FAULT_INJECTION: forcing a failure.
[  114.662656][ T6305] name failslab, interval 1, probability 0, space 0, times 0
[  114.717310][ T6305] CPU: 1 UID: 0 PID: 6305 Comm: syz.1.137 Not tainted syzkaller #0 PREEMPT(full) 
[  114.717354][ T6305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  114.717372][ T6305] Call Trace:
[  114.717382][ T6305]  <TASK>
[  114.717393][ T6305]  dump_stack_lvl+0x100/0x190
[  114.717448][ T6305]  should_fail_ex.cold+0x5/0xa
[  114.717488][ T6305]  should_failslab+0xc2/0x120
[  114.717521][ T6305]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  114.717575][ T6305]  ? __request_module+0x2d5/0x6c0
[  114.717625][ T6305]  kstrdup+0x51/0xe0
[  114.717680][ T6305]  __request_module+0x2d5/0x6c0
[  114.717724][ T6305]  ? __pfx___request_module+0x10/0x10
[  114.717772][ T6305]  ? __mutex_unlock_slowpath+0x15c/0x790
[  114.717822][ T6305]  ? __up_read+0x2c5/0x700
[  114.717869][ T6305]  ? __pfx___up_read+0x10/0x10
[  114.717911][ T6305]  ? ctrl_getfamily+0x1c9/0x550
[  114.717961][ T6305]  ? ctrl_getfamily+0x1c9/0x550
[  114.718018][ T6305]  ctrl_getfamily+0x1e7/0x550
[  114.718069][ T6305]  ? __pfx_ctrl_getfamily+0x10/0x10
[  114.718141][ T6305]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  114.718194][ T6305]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  114.718253][ T6305]  genl_family_rcv_msg_doit+0x214/0x300
[  114.718304][ T6305]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  114.718353][ T6305]  ? genl_get_cmd+0x3ef/0x720
[  114.718410][ T6305]  ? __dev_queue_xmit+0x5af/0x4800
[  114.718463][ T6305]  ? __radix_tree_lookup+0x217/0x2b0
[  114.718504][ T6305]  genl_rcv_msg+0x560/0x800
[  114.718559][ T6305]  ? __pfx_genl_rcv_msg+0x10/0x10
[  114.718609][ T6305]  ? __pfx_ctrl_getfamily+0x10/0x10
[  114.718674][ T6305]  netlink_rcv_skb+0x159/0x420
[  114.718718][ T6305]  ? __pfx_genl_rcv_msg+0x10/0x10
[  114.718769][ T6305]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  114.718833][ T6305]  ? netlink_deliver_tap+0x1ae/0xcc0
[  114.718880][ T6305]  genl_rcv+0x28/0x40
[  114.718924][ T6305]  netlink_unicast+0x5aa/0x870
[  114.718974][ T6305]  ? __pfx_netlink_unicast+0x10/0x10
[  114.719034][ T6305]  netlink_sendmsg+0x8b0/0xda0
[  114.719085][ T6305]  ? __pfx_netlink_sendmsg+0x10/0x10
[  114.719148][ T6305]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  114.719203][ T6305]  __sys_sendto+0x4aa/0x520
[  114.719243][ T6305]  ? __pfx___sys_sendto+0x10/0x10
[  114.719289][ T6305]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  114.719348][ T6305]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  114.719433][ T6305]  __x64_sys_sendto+0xe0/0x1c0
[  114.719468][ T6305]  ? do_syscall_64+0x95/0xf80
[  114.719507][ T6305]  ? lockdep_hardirqs_on+0x78/0x100
[  114.719546][ T6305]  do_syscall_64+0x106/0xf80
[  114.719583][ T6305]  ? clear_bhb_loop+0x40/0x90
[  114.719623][ T6305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.719659][ T6305] RIP: 0033:0x7f43ecd5cfce
[  114.719685][ T6305] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  114.719716][ T6305] RSP: 002b:00007f43edb9ce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  114.719747][ T6305] RAX: ffffffffffffffda RBX: 00007f43edb9e6c0 RCX: 00007f43ecd5cfce
[  114.719767][ T6305] RDX: 000000000000001c RSI: 00007f43edb9d000 RDI: 0000000000000003
[  114.719787][ T6305] RBP: 0000000000000000 R08: 00007f43edb9cf04 R09: 000000000000000c
[  114.719807][ T6305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  114.719825][ T6305] R13: 00007f43edb9cf58 R14: 00007f43edb9d000 R15: 0000000000000000
[  114.719867][ T6305]  </TASK>
[  116.095912][ T6315] ubi0: attaching mtd0
[  116.109824][ T6315] ubi0: scanning is finished
[  116.121070][ T6315] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  116.900298][ T6315] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  117.497921][ T6337] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  117.527333][   T29] audit: type=1800 audit(1772500513.381:4): pid=6337 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.146" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  117.549499][ T6337] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  117.586706][ T6337] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  117.757610][ T6337] syz.1.146 (6337) used greatest stack depth: 19880 bytes left
[  122.766132][ T6439] netlink: 17 bytes leftover after parsing attributes in process `syz.0.180'.
[  126.742510][ T6522] netlink: 28 bytes leftover after parsing attributes in process `syz.0.204'.
[  127.748943][ T6526] mkiss: ax0: crc mode is auto.
[  127.773314][ T6528] FAULT_INJECTION: forcing a failure.
[  127.773314][ T6528] name failslab, interval 1, probability 0, space 0, times 0
[  127.805214][ T6528] CPU: 0 UID: 0 PID: 6528 Comm: syz.2.208 Not tainted syzkaller #0 PREEMPT(full) 
[  127.805259][ T6528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  127.805278][ T6528] Call Trace:
[  127.805289][ T6528]  <TASK>
[  127.805301][ T6528]  dump_stack_lvl+0x100/0x190
[  127.805374][ T6528]  should_fail_ex.cold+0x5/0xa
[  127.805414][ T6528]  ? lsm_blob_alloc+0x68/0x90
[  127.805455][ T6528]  should_failslab+0xc2/0x120
[  127.805491][ T6528]  __kmalloc_noprof+0xe0/0x850
[  127.805541][ T6528]  ? trace_kmem_cache_alloc+0xf3/0x120
[  127.805585][ T6528]  lsm_blob_alloc+0x68/0x90
[  127.805633][ T6528]  security_sk_alloc+0x2d/0x290
[  127.805684][ T6528]  sk_prot_alloc+0x1d1/0x2a0
[  127.805741][ T6528]  sk_alloc+0x36/0xe80
[  127.805779][ T6528]  rds_create+0x9e/0x5f0
[  127.805834][ T6528]  __sock_create+0x339/0x860
[  127.805894][ T6528]  __sys_socket+0x14d/0x260
[  127.805948][ T6528]  ? __pfx___sys_socket+0x10/0x10
[  127.806116][ T6528]  __x64_sys_socket+0x72/0xb0
[  127.806180][ T6528]  ? lockdep_hardirqs_on+0x78/0x100
[  127.806220][ T6528]  do_syscall_64+0x106/0xf80
[  127.806259][ T6528]  ? clear_bhb_loop+0x40/0x90
[  127.806304][ T6528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.806339][ T6528] RIP: 0033:0x7f1edbb9c799
[  127.806385][ T6528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  127.806419][ T6528] RSP: 002b:00007f1edcb1b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  127.806457][ T6528] RAX: ffffffffffffffda RBX: 00007f1edbe15fa0 RCX: 00007f1edbb9c799
[  127.806479][ T6528] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015
[  127.806500][ T6528] RBP: 00007f1edbc32bd9 R08: 0000000000000000 R09: 0000000000000000
[  127.806526][ T6528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.806559][ T6528] R13: 00007f1edbe16038 R14: 00007f1edbe15fa0 R15: 00007ffebf7a8a78
[  127.806603][ T6528]  </TASK>
[  128.786919][ T6542] netlink: 4 bytes leftover after parsing attributes in process `syz.1.213'.
[  128.797817][ T6542] netlink: 'syz.1.213': attribute type 1 has an invalid length.
[  128.805505][ T6542] netlink: 13 bytes leftover after parsing attributes in process `syz.1.213'.
[  129.209699][ T6547] zswap: compressor  not available
[  130.494087][ T6567] netlink: 330 bytes leftover after parsing attributes in process `syz.1.218'.
[  132.607915][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  132.614521][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  133.118186][ T6605] process 'syz.1.230' launched ':,' with NULL argv: empty string added
[  133.294628][ T6609] netlink: 20 bytes leftover after parsing attributes in process `syz.0.233'.
[  133.741852][ T6616] FAULT_INJECTION: forcing a failure.
[  133.741852][ T6616] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  133.755155][ T6616] CPU: 1 UID: 0 PID: 6616 Comm: syz.1.235 Not tainted syzkaller #0 PREEMPT(full) 
[  133.755198][ T6616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  133.755218][ T6616] Call Trace:
[  133.755234][ T6616]  <TASK>
[  133.755251][ T6616]  dump_stack_lvl+0x100/0x190
[  133.755310][ T6616]  should_fail_ex.cold+0x5/0xa
[  133.755350][ T6616]  _copy_from_user+0x2e/0xd0
[  133.755409][ T6616]  copy_msghdr_from_user+0x9f/0x4f0
[  133.755471][ T6616]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  133.755532][ T6616]  ? rcu_is_watching+0x12/0xc0
[  133.755594][ T6616]  ? ___sys_sendmsg+0x19d/0x1e0
[  133.755652][ T6616]  ? kfree+0x2ec/0x6b0
[  133.755704][ T6616]  ___sys_sendmsg+0x106/0x1e0
[  133.755767][ T6616]  ? __pfx____sys_sendmsg+0x10/0x10
[  133.755869][ T6616]  ? __pfx___might_resched+0x10/0x10
[  133.755930][ T6616]  __sys_sendmmsg+0x205/0x430
[  133.755977][ T6616]  ? __pfx___sys_sendmmsg+0x10/0x10
[  133.756016][ T6616]  ? __local_bh_enable_ip+0x9e/0x120
[  133.756072][ T6616]  ? __pfx_do_futex+0x10/0x10
[  133.756137][ T6616]  ? xfd_validate_state+0x129/0x190
[  133.756199][ T6616]  __x64_sys_sendmmsg+0x9c/0x100
[  133.756245][ T6616]  ? lockdep_hardirqs_on+0x78/0x100
[  133.756287][ T6616]  do_syscall_64+0x106/0xf80
[  133.756327][ T6616]  ? clear_bhb_loop+0x40/0x90
[  133.756371][ T6616]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  133.756408][ T6616] RIP: 0033:0x7f43ecd9c799
[  133.756436][ T6616] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  133.756468][ T6616] RSP: 002b:00007f43edb9e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  133.756500][ T6616] RAX: ffffffffffffffda RBX: 00007f43ed015fa0 RCX: 00007f43ecd9c799
[  133.756523][ T6616] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003
[  133.756543][ T6616] RBP: 00007f43ece32bd9 R08: 0000000000000000 R09: 0000000000000000
[  133.756564][ T6616] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  133.756585][ T6616] R13: 00007f43ed016038 R14: 00007f43ed015fa0 R15: 00007fff75dd7848
[  133.756635][ T6616]  </TASK>
[  135.357932][ T6630] netlink: 50 bytes leftover after parsing attributes in process `syz.3.238'.
[  136.470809][ T6657] netlink: 28 bytes leftover after parsing attributes in process `syz.1.248'.
[  136.484910][ T6657] vlan1: entered promiscuous mode
[  136.528394][ T6657] vlan1: entered allmulticast mode
[  136.547197][ T6657] veth0_vlan: entered allmulticast mode
[  137.354053][ T6676] netlink: 'syz.0.256': attribute type 1 has an invalid length.
[  137.363901][ T6676] netlink: 'syz.0.256': attribute type 6 has an invalid length.
[  139.309795][ T6727] netlink: 28 bytes leftover after parsing attributes in process `syz.2.275'.
[  139.375474][ T6727] team0 (unregistering): Port device team_slave_0 removed
[  139.400194][ T6727] team0 (unregistering): Port device team_slave_1 removed
[  139.695460][ T6736] FAULT_INJECTION: forcing a failure.
[  139.695460][ T6736] name failslab, interval 1, probability 0, space 0, times 0
[  139.717712][ T6736] CPU: 1 UID: 0 PID: 6736 Comm: syz.2.278 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  139.717779][ T6736] Tainted: [L]=SOFTLOCKUP
[  139.717792][ T6736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  139.717812][ T6736] Call Trace:
[  139.717822][ T6736]  <TASK>
[  139.717834][ T6736]  dump_stack_lvl+0x100/0x190
[  139.717893][ T6736]  should_fail_ex.cold+0x5/0xa
[  139.717932][ T6736]  should_failslab+0xc2/0x120
[  139.717969][ T6736]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  139.718021][ T6736]  ? __kernfs_new_node+0xd2/0x960
[  139.718080][ T6736]  __kernfs_new_node+0xd2/0x960
[  139.718124][ T6736]  ? __pfx___kernfs_new_node+0x10/0x10
[  139.718174][ T6736]  ? find_held_lock+0x2b/0x80
[  139.718200][ T6736]  ? kernfs_root+0xee/0x2a0
[  139.718238][ T6736]  ? kernfs_root+0xee/0x2a0
[  139.718285][ T6736]  kernfs_new_node+0x11b/0x1a0
[  139.718336][ T6736]  __kernfs_create_file+0x53/0x350
[  139.718372][ T6736]  sysfs_add_file_mode_ns+0x207/0x3c0
[  139.718418][ T6736]  internal_create_group+0x593/0xf40
[  139.718467][ T6736]  ? __pfx_internal_create_group+0x10/0x10
[  139.718514][ T6736]  ? kernfs_create_link+0x1bd/0x240
[  139.718553][ T6736]  internal_create_groups+0x9d/0x150
[  139.718599][ T6736]  device_add+0x71a/0x1950
[  139.718646][ T6736]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  139.718698][ T6736]  ? __pfx_device_add+0x10/0x10
[  139.718744][ T6736]  ? lockdep_init_map_type+0x5c/0x250
[  139.718782][ T6736]  ? __init_waitqueue_head+0xca/0x150
[  139.718834][ T6736]  netdev_register_kobject+0x1a9/0x3d0
[  139.718879][ T6736]  register_netdevice+0x12e0/0x2210
[  139.718957][ T6736]  ? __pfx_register_netdevice+0x10/0x10
[  139.719001][ T6736]  ? __pfx_loopback_net_init+0x10/0x10
[  139.719051][ T6736]  register_netdev+0x34/0x50
[  139.719086][ T6736]  loopback_net_init+0x7a/0x170
[  139.719128][ T6736]  ? __pfx_loopback_net_init+0x10/0x10
[  139.719169][ T6736]  ops_init+0x1e2/0x5f0
[  139.719209][ T6736]  setup_net+0x118/0x3a0
[  139.719244][ T6736]  ? __pfx_setup_net+0x10/0x10
[  139.719278][ T6736]  ? lockdep_init_map_type+0x5c/0x250
[  139.719316][ T6736]  ? mutex_init_lockep+0x110/0x150
[  139.719360][ T6736]  copy_net_ns+0x46f/0x7c0
[  139.719402][ T6736]  create_new_namespaces+0x3ea/0xac0
[  139.719440][ T6736]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  139.719474][ T6736]  ksys_unshare+0x473/0xad0
[  139.719512][ T6736]  ? __pfx_ksys_unshare+0x10/0x10
[  139.719562][ T6736]  __x64_sys_unshare+0x31/0x40
[  139.719597][ T6736]  do_syscall_64+0x106/0xf80
[  139.719629][ T6736]  ? clear_bhb_loop+0x40/0x90
[  139.719670][ T6736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.719699][ T6736] RIP: 0033:0x7f1edbb9c799
[  139.719724][ T6736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  139.719750][ T6736] RSP: 002b:00007f1edcb1b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  139.719777][ T6736] RAX: ffffffffffffffda RBX: 00007f1edbe15fa0 RCX: 00007f1edbb9c799
[  139.719796][ T6736] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  139.719813][ T6736] RBP: 00007f1edbc32bd9 R08: 0000000000000000 R09: 0000000000000000
[  139.719830][ T6736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  139.719846][ T6736] R13: 00007f1edbe16038 R14: 00007f1edbe15fa0 R15: 00007ffebf7a8a78
[  139.719885][ T6736]  </TASK>
[  140.233477][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.3.280'.
[  141.992036][ T6764] lo: entered allmulticast mode
[  142.078062][ T6764] lo: left allmulticast mode
[  142.384001][ T6764] zswap: compressor û not available
[  142.413982][ T6768] Setting dangerous option i915.mitigations - tainting kernel
[  142.474708][ T6766] Setting dangerous option i915.mitigations - tainting kernel
[  142.759904][ T6771] syz.0.288 (6771) used greatest stack depth: 16792 bytes left
[  142.768163][ T6774] netlink: 186 bytes leftover after parsing attributes in process `syz.3.289'.
[  143.487282][ T6786] zswap: compressor  not available
[  145.653899][ T6820] lo: entered allmulticast mode
[  145.688984][ T6820] lo: left allmulticast mode
[  145.881620][ T6820] zswap: compressor û not available
[  145.889006][ T6824] Setting dangerous option i915.mitigations - tainting kernel
[  145.905518][ T6822] Setting dangerous option i915.mitigations - tainting kernel
[  148.513252][ T6847] netlink: 28 bytes leftover after parsing attributes in process `syz.3.307'.
[  148.534642][ T6849] netlink: 8 bytes leftover after parsing attributes in process `syz.0.306'.
[  148.628551][ T6853] usb usb2: usbfs: process 6853 (syz.0.306) did not claim interface 4 before use
[  148.743147][ T6847] team0 (unregistering): Port device team_slave_0 removed
[  148.774273][ T6847] team0 (unregistering): Port device team_slave_1 removed
[  149.246956][ T6863] FAULT_INJECTION: forcing a failure.
[  149.246956][ T6863] name failslab, interval 1, probability 0, space 0, times 0
[  149.260394][ T6863] CPU: 1 UID: 0 PID: 6863 Comm: syz.3.309 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  149.260452][ T6863] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  149.260465][ T6863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  149.260485][ T6863] Call Trace:
[  149.260496][ T6863]  <TASK>
[  149.260509][ T6863]  dump_stack_lvl+0x100/0x190
[  149.260567][ T6863]  should_fail_ex.cold+0x5/0xa
[  149.260608][ T6863]  should_failslab+0xc2/0x120
[  149.260642][ T6863]  __kmalloc_cache_noprof+0x7a/0x6f0
[  149.260686][ T6863]  ? kvm_uevent_notify_change.part.0+0x94/0x450
[  149.260742][ T6863]  kvm_uevent_notify_change.part.0+0x94/0x450
[  149.260797][ T6863]  ? __pfx_kvm_vm_release+0x10/0x10
[  149.260836][ T6863]  kvm_put_kvm+0xe4/0xb10
[  149.260872][ T6863]  ? lockdep_hardirqs_on+0x78/0x100
[  149.260913][ T6863]  ? _raw_spin_unlock_irq+0x2e/0x50
[  149.260950][ T6863]  ? __pfx_kvm_vm_release+0x10/0x10
[  149.260988][ T6863]  kvm_vm_release+0x3c/0x50
[  149.261024][ T6863]  __fput+0x3ff/0xb40
[  149.261066][ T6863]  ? _raw_spin_unlock_irq+0x23/0x50
[  149.261105][ T6863]  task_work_run+0x150/0x240
[  149.261156][ T6863]  ? __pfx_task_work_run+0x10/0x10
[  149.261217][ T6863]  exit_to_user_mode_loop+0x100/0x4a0
[  149.261266][ T6863]  do_syscall_64+0x668/0xf80
[  149.261304][ T6863]  ? clear_bhb_loop+0x40/0x90
[  149.261347][ T6863]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.261383][ T6863] RIP: 0033:0x7efdddf9c799
[  149.261411][ T6863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  149.261443][ T6863] RSP: 002b:00007efddc1d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  149.261476][ T6863] RAX: 0000000000000000 RBX: 00007efdde216090 RCX: 00007efdddf9c799
[  149.261498][ T6863] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  149.261519][ T6863] RBP: 00007efdde032bd9 R08: 0000000000000000 R09: 0000000000000000
[  149.261540][ T6863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.261572][ T6863] R13: 00007efdde216128 R14: 00007efdde216090 R15: 00007ffe78241668
[  149.261615][ T6863]  </TASK>
[  151.523433][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.1.318'.
[  151.655275][ T6900] usb usb2: usbfs: process 6900 (syz.1.318) did not claim interface 4 before use
[  154.178647][ T6919] syz.3.325 (6919): /proc/6909/oom_adj is deprecated, please use /proc/6909/oom_score_adj instead.
[  155.605412][ T6960] netlink: 186 bytes leftover after parsing attributes in process `syz.0.336'.
[  155.763677][ T6968] netlink: 25 bytes leftover after parsing attributes in process `syz.3.340'.
[  155.945231][ T6974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.342'.
[  155.955120][ T6974] netlink: 25 bytes leftover after parsing attributes in process `syz.3.342'.
[  156.120925][ T6978] netlink: 'syz.3.344': attribute type 10 has an invalid length.
[  156.139254][ T6978] netlink: 'syz.3.344': attribute type 13 has an invalid length.
[  156.876189][ T6980] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  157.036435][ T6996] FAULT_INJECTION: forcing a failure.
[  157.036435][ T6996] name failslab, interval 1, probability 0, space 0, times 0
[  157.077275][ T6996] CPU: 0 UID: 0 PID: 6996 Comm: syz.0.350 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  157.077329][ T6996] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  157.077343][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  157.077362][ T6996] Call Trace:
[  157.077372][ T6996]  <TASK>
[  157.077385][ T6996]  dump_stack_lvl+0x100/0x190
[  157.077442][ T6996]  should_fail_ex.cold+0x5/0xa
[  157.077482][ T6996]  should_failslab+0xc2/0x120
[  157.077517][ T6996]  __kmalloc_cache_noprof+0x7a/0x6f0
[  157.077562][ T6996]  ? nci_hci_allocate+0x45/0x330
[  157.077608][ T6996]  ? mutex_init_lockep+0x110/0x150
[  157.077660][ T6996]  nci_hci_allocate+0x45/0x330
[  157.077698][ T6996]  nci_allocate_device+0x26f/0x410
[  157.077751][ T6996]  virtual_ncidev_open+0x6f/0x220
[  157.077789][ T6996]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  157.077825][ T6996]  misc_open+0x26d/0x450
[  157.077879][ T6996]  ? __pfx_misc_open+0x10/0x10
[  157.077932][ T6996]  chrdev_open+0x234/0x6a0
[  157.077983][ T6996]  ? __pfx_apparmor_file_open+0x10/0x10
[  157.078034][ T6996]  ? __pfx_chrdev_open+0x10/0x10
[  157.078071][ T6996]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  157.078117][ T6996]  do_dentry_open+0x6d8/0x1660
[  157.078150][ T6996]  ? __pfx_chrdev_open+0x10/0x10
[  157.078227][ T6996]  vfs_open+0x82/0x3f0
[  157.078274][ T6996]  path_openat+0x208c/0x31a0
[  157.078323][ T6996]  ? __pfx_path_openat+0x10/0x10
[  157.078374][ T6996]  do_file_open+0x20e/0x430
[  157.078412][ T6996]  ? __pfx_do_file_open+0x10/0x10
[  157.078475][ T6996]  ? alloc_fd+0x476/0x790
[  157.078512][ T6996]  ? do_getname+0x191/0x390
[  157.078557][ T6996]  do_sys_openat2+0x10d/0x1e0
[  157.078600][ T6996]  ? __pfx_do_sys_openat2+0x10/0x10
[  157.078659][ T6996]  __x64_sys_openat+0x12d/0x210
[  157.078705][ T6996]  ? __pfx___x64_sys_openat+0x10/0x10
[  157.078747][ T6996]  ? ksys_write+0x1ac/0x250
[  157.078814][ T6996]  do_syscall_64+0x106/0xf80
[  157.078852][ T6996]  ? clear_bhb_loop+0x40/0x90
[  157.078894][ T6996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.078929][ T6996] RIP: 0033:0x7f2d4bb9c799
[  157.078956][ T6996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  157.078988][ T6996] RSP: 002b:00007f2d4c9dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  157.079020][ T6996] RAX: ffffffffffffffda RBX: 00007f2d4be15fa0 RCX: 00007f2d4bb9c799
[  157.079042][ T6996] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  157.079063][ T6996] RBP: 00007f2d4bc32bd9 R08: 0000000000000000 R09: 0000000000000000
[  157.079083][ T6996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  157.079102][ T6996] R13: 00007f2d4be16038 R14: 00007f2d4be15fa0 R15: 00007ffdc9d25518
[  157.079145][ T6996]  </TASK>
[  157.464720][ T5828] Bluetooth: hci0: Malformed LE Event: 0x1b
[  158.530575][ T7020] netlink: 4 bytes leftover after parsing attributes in process `syz.3.358'.
[  158.768341][ T7023] netlink: 'syz.3.359': attribute type 10 has an invalid length.
[  158.804214][ T7023] netlink: 230 bytes leftover after parsing attributes in process `syz.3.359'.
[  158.852892][ T7023] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  159.206419][ T7035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.362'.
[  159.360300][ T7033] netlink: 62 bytes leftover after parsing attributes in process `syz.0.363'.
[  160.280938][ T7038] 
[  160.283301][ T7038] ======================================================
[  160.290319][ T7038] WARNING: possible circular locking dependency detected
[  160.297373][ T7038] syzkaller #0 Tainted: G     U       L     
[  160.303365][ T7038] ------------------------------------------------------
[  160.310392][ T7038] syz.0.365/7038 is trying to acquire lock:
[  160.316302][ T7038] ffff888025f6e1e8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0
[  160.327821][ T7038] 
[  160.327821][ T7038] but task is already holding lock:
[  160.335187][ T7038] ffff88807c588ee0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  160.344197][ T7038] 
[  160.344197][ T7038] which lock already depends on the new lock.
[  160.344197][ T7038] 
[  160.354595][ T7038] 
[  160.354595][ T7038] the existing dependency chain (in reverse order) is:
[  160.363607][ T7038] 
[  160.363607][ T7038] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  160.371371][ T7038]        lock_sock_nested+0x41/0xf0
[  160.376584][ T7038]        smc_listen_out+0x1f5/0x4b0
[  160.381790][ T7038]        smc_listen_work+0x4c2/0x50e0
[  160.387181][ T7038]        process_one_work+0x9d7/0x1920
[  160.392673][ T7038]        worker_thread+0x5da/0xe40
[  160.397798][ T7038]        kthread+0x370/0x450
[  160.402397][ T7038]        ret_from_fork+0x754/0xd80
[  160.407521][ T7038]        ret_from_fork_asm+0x1a/0x30
[  160.412816][ T7038] 
[  160.412816][ T7038] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  160.423003][ T7038]        __lock_acquire+0x14b8/0x2630
[  160.428520][ T7038]        lock_acquire+0x1cf/0x380
[  160.433590][ T7038]        __flush_work+0x4de/0xcb0
[  160.438747][ T7038]        cancel_work_sync+0xd1/0xf0
[  160.443989][ T7038]        smc_clcsock_release+0x5f/0xe0
[  160.449485][ T7038]        __smc_release+0x5c2/0x880
[  160.454635][ T7038]        smc_close_non_accepted+0xda/0x200
[  160.460479][ T7038]        smc_close_active+0x4ff/0x1070
[  160.465975][ T7038]        __smc_release+0x634/0x880
[  160.471137][ T7038]        smc_release+0x1fc/0x620
[  160.476129][ T7038]        __sock_release+0xb3/0x260
[  160.481288][ T7038]        sock_close+0x1c/0x30
[  160.486009][ T7038]        __fput+0x3ff/0xb40
[  160.490548][ T7038]        task_work_run+0x150/0x240
[  160.495707][ T7038]        exit_to_user_mode_loop+0x100/0x4a0
[  160.501641][ T7038]        do_syscall_64+0x668/0xf80
[  160.506786][ T7038]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.513229][ T7038] 
[  160.513229][ T7038] other info that might help us debug this:
[  160.513229][ T7038] 
[  160.523491][ T7038]  Possible unsafe locking scenario:
[  160.523491][ T7038] 
[  160.530968][ T7038]        CPU0                    CPU1
[  160.536352][ T7038]        ----                    ----
[  160.541734][ T7038]   lock(sk_lock-AF_SMC/1);
[  160.546274][ T7038]                                lock((work_completion)(&new_smc->smc_listen_work));
[  160.555758][ T7038]                                lock(sk_lock-AF_SMC/1);
[  160.562855][ T7038]   lock((work_completion)(&new_smc->smc_listen_work));
[  160.569830][ T7038] 
[  160.569830][ T7038]  *** DEADLOCK ***
[  160.569830][ T7038] 
[  160.578004][ T7038] 3 locks held by syz.0.365/7038:
[  160.583069][ T7038]  #0: ffff888024875e08 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  160.593668][ T7038]  #1: ffff88807c588ee0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  160.603096][ T7038]  #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0
[  160.612256][ T7038] 
[  160.612256][ T7038] stack backtrace:
[  160.618158][ T7038] CPU: 1 UID: 0 PID: 7038 Comm: syz.0.365 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  160.618189][ T7038] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  160.618197][ T7038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  160.618209][ T7038] Call Trace:
[  160.618215][ T7038]  <TASK>
[  160.618223][ T7038]  dump_stack_lvl+0x100/0x190
[  160.618255][ T7038]  print_circular_bug.cold+0x178/0x1c7
[  160.618291][ T7038]  check_noncircular+0x146/0x160
[  160.618319][ T7038]  __lock_acquire+0x14b8/0x2630
[  160.618350][ T7038]  lock_acquire+0x1cf/0x380
[  160.618374][ T7038]  ? __flush_work+0x4ca/0xcb0
[  160.618406][ T7038]  ? mark_held_locks+0x40/0x70
[  160.618431][ T7038]  ? __flush_work+0x4ca/0xcb0
[  160.618462][ T7038]  __flush_work+0x4de/0xcb0
[  160.618492][ T7038]  ? __flush_work+0x4ca/0xcb0
[  160.618524][ T7038]  ? __pfx___flush_work+0x10/0x10
[  160.618556][ T7038]  ? __pfx_wq_barrier_func+0x10/0x10
[  160.618583][ T7038]  ? __pfx___might_resched+0x10/0x10
[  160.618634][ T7038]  cancel_work_sync+0xd1/0xf0
[  160.618656][ T7038]  smc_clcsock_release+0x5f/0xe0
[  160.618678][ T7038]  __smc_release+0x5c2/0x880
[  160.618726][ T7038]  ? __pfx_sock_def_readable+0x10/0x10
[  160.618748][ T7038]  smc_close_non_accepted+0xda/0x200
[  160.618769][ T7038]  smc_close_active+0x4ff/0x1070
[  160.618791][ T7038]  __smc_release+0x634/0x880
[  160.618824][ T7038]  smc_release+0x1fc/0x620
[  160.618857][ T7038]  __sock_release+0xb3/0x260
[  160.618886][ T7038]  ? __pfx_sock_close+0x10/0x10
[  160.618911][ T7038]  sock_close+0x1c/0x30
[  160.618934][ T7038]  __fput+0x3ff/0xb40
[  160.618958][ T7038]  ? _raw_spin_unlock_irq+0x23/0x50
[  160.618980][ T7038]  task_work_run+0x150/0x240
[  160.619010][ T7038]  ? __pfx_task_work_run+0x10/0x10
[  160.619043][ T7038]  exit_to_user_mode_loop+0x100/0x4a0
[  160.619071][ T7038]  do_syscall_64+0x668/0xf80
[  160.619095][ T7038]  ? clear_bhb_loop+0x40/0x90
[  160.619119][ T7038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.619140][ T7038] RIP: 0033:0x7f2d4bb9c799
[  160.619157][ T7038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.619177][ T7038] RSP: 002b:00007ffdc9d25678 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  160.619196][ T7038] RAX: 0000000000000000 RBX: 00007f2d4be17da0 RCX: 00007f2d4bb9c799
[  160.619209][ T7038] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  160.619221][ T7038] RBP: 00007f2d4be17da0 R08: 00007f2d4be16038 R09: 0000000000000000
[  160.619234][ T7038] R10: 00000000005d7cb4 R11: 0000000000000246 R12: 0000000000027244
[  160.619247][ T7038] R13: 00007f2d4be15fac R14: 00000000000271dc R15: 00007ffdc9d25780
[  160.619266][ T7038]  </TASK>