last executing test programs:

2m46.947260348s ago: executing program 2 (id=2337):
read$auto_output_bpc_fops_(0xffffffffffffffff, &(0x7f0000000580)=""/209, 0xd1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44848}, 0x4000000)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000019c0), r0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002080)={0x20, r1, 0x503, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
seccomp$auto(0x2, 0x10, 0x0)
r2 = openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000300), 0x101100, 0x0)
lseek$auto(r2, 0x0, 0x4)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x759, 0x5, 0x7181, 0x1ffde, 0x7, 0xfffffffffffffffa, 0x8, 0x9, 0x80003, 0x4, 0x200000000005, 0x384, 0x9, 0xb10, 0x10006, 0x400007b, 0x7, 0x0, 0xe, 0x22000, 0x208, 0x0, 0x84, 0x8000000, 0x0, 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x25c3, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x40000000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x196fc46e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd]}, 0x1fa, 0xd)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0x9, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x4, 0xffffffff, 0xffffffffffffffff, @relative_fd, 0x8001}, 0xf)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x23, &(0x7f0000000040)="977d967824ff849a8fc41d56b36f24c069822818c0b047f230273995602602085d582d5aee", 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x400, 0x2000000000002)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent1/current_device\x00', 0x20000, 0x0)
read$auto(r3, 0x0, 0x20)
sysfs$auto(0x2, 0xe, 0x0)
open(0x0, 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd05, &(0x7f00000001c0))

2m46.592865734s ago: executing program 2 (id=2338):
ioctl$auto_VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000100)={0x10001})
syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket(0xa, 0x2, 0x88)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond0\x00', <r3=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x8, 0xfc, r0, @relative_fd, 0xe600}, 0xf)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001340)={'ip6gretap0\x00', <r7=>0x0})
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6c1dd0e7", @ANYRES16=r5, @ANYBLOB="01022abd7000fedbdf2503000000100002800c0001000a0000000000000008000100", @ANYRES32=r7, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x20004054}, 0x480b0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x400000000001, 0x0, 0x5, 0x9}, 0x7}, 0x3, 0x9)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)

2m46.339530907s ago: executing program 2 (id=2339):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x265c2, 0x84)
ftruncate$auto(r0, 0xa0)
read$auto(0x3, 0x0, 0x0)

2m46.165657358s ago: executing program 2 (id=2340):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = epoll_create$auto(0x3e)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card0/pcm0p/xrun_debug\x00', 0xaa102, 0x0)
write$auto(r4, 0x0, 0x0)
r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r5, 0x5509, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r6=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r6}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)={0x1fc, r7, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x3}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1a4, 0x7d, 0x0, 0x1, [@typed={0x4, 0xd3}, @nested={0x12a, 0xcb, 0x0, 0x1, [@generic="d4c3a98f906b75d5dcf8130f05c91d1a03310cca20531a957eee246bf02f45997f", @generic="e35d0099cb9c50fac524a789e95ca3d23ddfe4638c3d12f5cd101188b85de203091364c0abf68178de9faceb65f4e60f7f3d5f7709d28caa4b9d15ba9b4bf071b703876acdc3c01419d73e7a23b455a6b7eaab90caaec1", @generic="160c5e0a44a748a5a5ca7acac95c5d82ee0318a2ab4e4bcf9583c054380db2534daaf0bd8ef985ef8d66eda51a253134c402acfcba339df3cd587cf53cfb368ceea53fe7a9cf0dc2d1616a320e9d5d18ffdb498164b878b85a3f8793e9a843b827aab6ae22876d4eb713cbd58ff9a6f6769570c035f084225cd0d8ddee31547493ae86b5fa187326a14f80859f725875730177da4ad7faa37daaea48918d372611bc18c1d37d47a38f4c", @nested={0x4, 0xff}]}, @nested={0x63, 0x5, 0x0, 0x1, [@typed={0x8, 0x151, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}}, @generic="adfa71bb6df912a312b73656cc172320cf74b2d470749832161adc3385733e73eb8d23fadde5ea5e8c75eb86b1f75a196f8f0f4ae2c036cbf8847c2386e79b4426e608ff85f133de4bb44d1e1bcf32fd43e576f820c8cc"]}, @typed={0xc, 0x19, 0x0, 0x0, @u64=0x401}]}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xc0}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0xe}, @NL80211_ATTR_IFTYPE={0x8}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x2}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xff}, @NL80211_ATTR_MBSSID_ELEMS={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x7}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x20048880}, 0x44016)
read$auto(r2, &(0x7f0000000040)='\x00', 0x10001)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

2m45.113011688s ago: executing program 2 (id=2343):
r0 = pidfd_open$auto(0x1, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef)
setns(r0, 0x60020000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
setreuid$auto(0x3, 0x7)
syz_clone3(&(0x7f0000000000)={0x10920080, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58)

2m44.862084096s ago: executing program 2 (id=2344):
rt_sigqueueinfo$auto(0x0, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x2877, 0x7, 0xffffffc4, @_sigsys={0x0, 0xfffffffe, 0x5}}})
mmap$auto(0x32a82e25, 0xa, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
io_uring_setup$auto(0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
getcwd$auto(0x0, 0x7)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00'})
connect$auto(r0, &(0x7f0000000000)=@vsock={0x28, 0x0, 0x2711}, 0x53)
prctl$auto(0x3e, 0xfffffffffffffef8, 0x0, 0x1, 0x3)
socket(0x1e, 0x0, 0xfffffeff)
mmap$auto(0x0, 0x2020009, 0x3, 0x17, 0xfffffffffffffffa, 0x40000000008000)
io_uring_setup$auto(0xa, 0x0)
socket(0xa, 0x801, 0x106)
write$auto(0x1, 0x0, 0x80000000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x2, 0x3e, 0x0, 0x9)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001100), 0xffffffffffffffff)
openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0xc4200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
mmap$auto(0x5, 0x1, 0x4000000000df, 0xeb1, r1, 0x9f)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
mmap$auto(0xfffffffffffffffd, 0xe, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000140)="3318cb")

2m40.379667397s ago: executing program 1 (id=2363):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = epoll_create$auto(0x3e)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card0/pcm0p/xrun_debug\x00', 0xaa102, 0x0)
write$auto(r4, 0x0, 0x0)
r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r5, 0x5509, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r6=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r6}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)={0x1fc, r7, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x3}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1a4, 0x7d, 0x0, 0x1, [@typed={0x4, 0xd3}, @nested={0x12a, 0xcb, 0x0, 0x1, [@generic="d4c3a98f906b75d5dcf8130f05c91d1a03310cca20531a957eee246bf02f45997f", @generic="e35d0099cb9c50fac524a789e95ca3d23ddfe4638c3d12f5cd101188b85de203091364c0abf68178de9faceb65f4e60f7f3d5f7709d28caa4b9d15ba9b4bf071b703876acdc3c01419d73e7a23b455a6b7eaab90caaec1", @generic="160c5e0a44a748a5a5ca7acac95c5d82ee0318a2ab4e4bcf9583c054380db2534daaf0bd8ef985ef8d66eda51a253134c402acfcba339df3cd587cf53cfb368ceea53fe7a9cf0dc2d1616a320e9d5d18ffdb498164b878b85a3f8793e9a843b827aab6ae22876d4eb713cbd58ff9a6f6769570c035f084225cd0d8ddee31547493ae86b5fa187326a14f80859f725875730177da4ad7faa37daaea48918d372611bc18c1d37d47a38f4c", @nested={0x4, 0xff}]}, @nested={0x63, 0x5, 0x0, 0x1, [@typed={0x8, 0x151, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}}, @generic="adfa71bb6df912a312b73656cc172320cf74b2d470749832161adc3385733e73eb8d23fadde5ea5e8c75eb86b1f75a196f8f0f4ae2c036cbf8847c2386e79b4426e608ff85f133de4bb44d1e1bcf32fd43e576f820c8cc"]}, @typed={0xc, 0x19, 0x0, 0x0, @u64=0x401}]}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xc0}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0xe}, @NL80211_ATTR_IFTYPE={0x8}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x2}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xff}, @NL80211_ATTR_MBSSID_ELEMS={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x7}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x20048880}, 0x44016)
read$auto(r2, &(0x7f0000000040)='\x00', 0x10001)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

2m39.292030582s ago: executing program 1 (id=2366):
r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000005dc0)='/proc/thread-self/ns/cgroup\x00', 0x800, 0x0)
open_by_handle_at$auto(r0, 0x0, 0x80000001)

2m39.219475149s ago: executing program 1 (id=2367):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8607cf2d00e81f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000880}, 0x20008000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff)

2m37.273706653s ago: executing program 1 (id=2371):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="380000002a65a616386b382612f714c6a209ffc7d45f1bf81a2ee308d2e782a6c2e803444068917d63a2b8e6c797d166a53a7e09bab8bada6269522dfb0b0f490d6d5b438984f5b8949dc38868bf75f8634e6f635c7a605a5060d4a371870eea5004642216519f", @ANYRES8=r0, @ANYRES64=0x0], 0x38}, 0x1, 0x0, 0x0, 0x4000050}, 0xc804)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
writev$auto(r0, &(0x7f0000000640)={0x0, 0x9457}, 0x1)
mmap$auto(0x0, 0x1, 0x7fffffffffffffff, 0xfa31, r0, 0x8000)
mremap$auto(0x0, 0x1, 0x3fd6, 0x0, 0x28)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/snd_seq/drivers/snd_seq_ump_client/uevent\x00', 0x100, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap$auto(0x200000000000, 0x2000000002020009, 0xffffffffffffffff, 0xeb2, 0xffffffffffffffff, 0x8000)
getsockopt$auto_SO_REUSEPORT(0xffffffffffffffff, 0x0, 0xf, 0x0, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/memory.stat\x00', 0x90201, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000240)=""/118, 0x76)
socket(0x10, 0x2, 0x0)
process_madvise$auto_MADV_WILLNEED(0xffffffffffffffff, &(0x7f0000007900)={0x0, 0x4}, 0x9, 0x3, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.max.descendants\x00', 0x880040, 0x0)
write$auto(r3, &(0x7f0000000100)='-\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
statmount$auto(0x0, 0x0, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20000044}, 0x8000)
timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000000580)={@sival_ptr=&(0x7f0000000380)="179f19f3bb1ad3c2c85f086a6366ab0f542f5817fdc29af0db2db0e7e78ceb67869f81836993fb46562fec5ad1d93ffe2fd800d592b2a90badb529f2f7e02664153929cc5cf2a56e6a03281c3c1fe0c4f66408698f1d2523d656a71223f6fc054fb71c51b9eca122ee68043436509568b99ae821deebc55f67a9413bb4fdcd418cdb8fcd23e9c8041517e2df35678f2b83e02e22273b0d960942ff19f87b30b0590505c9fb27c408ddcb700f63da887d83", @inferred=r3, 0x0, @_sigev_thread={&(0x7f0000000440)=&(0x7f00000000c0)=0x3, &(0x7f0000000480)="04ca605d94ad3581a6a9873a9cb04c2dc4e16159bb87d1fc08925e370612c30be70ca9df9cf82a1b48709301a399682f8eea4003a0c392525a0b10efca39d2c535fae5885b77f6c7354977241b57f8565b1d0f147a94b7358e1f27fe315f6ba9e51b20be8e6c74a09e400685d970e193ec9e01a4fd072d9ac3efad0e66e12efff0aa5fe4158fa5f46aee21cfe38dce2ce9712ced2856f93f513ab842a10e8d3dbc6fcadc8d2a7b81c64194856fc88904c747422ec6cb3acce94969909cf88ebcbcb951cdab315e68"}}, &(0x7f00000005c0)=0x80)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffffba, 0x0, 0x1, 0x0, 0x0, 0x20008081}, 0x40840)

2m37.022030423s ago: executing program 1 (id=2372):
read$auto_output_bpc_fops_(0xffffffffffffffff, &(0x7f0000000580)=""/209, 0xd1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44848}, 0x4000000)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000019c0), r0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002080)={0x20, r1, 0x503, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
seccomp$auto(0x2, 0x10, 0x0)
r2 = openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000300), 0x101100, 0x0)
lseek$auto(r2, 0x0, 0x4)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x759, 0x5, 0x7181, 0x1ffde, 0x7, 0xfffffffffffffffa, 0x8, 0x9, 0x80003, 0x4, 0x200000000005, 0x384, 0x9, 0xb10, 0x10006, 0x400007b, 0x7, 0x0, 0xe, 0x22000, 0x208, 0x0, 0x84, 0x8000000, 0x0, 0x0, 0x0, 0x0, [0x0, 0x7, 0x0, 0x25c3, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x40000000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x196fc46e, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd]}, 0x1fa, 0xd)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0x9, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x4, 0xffffffff, 0xffffffffffffffff, @relative_fd, 0x8001}, 0xf)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x23, &(0x7f0000000040)="977d967824ff849a8fc41d56b36f24c069822818c0b047f230273995602602085d582d5aee230528af", 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x400, 0x2000000000002)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent1/current_device\x00', 0x20000, 0x0)
read$auto(r3, 0x0, 0x20)
sysfs$auto(0x2, 0xe, 0x0)
open(0x0, 0x1652c2, 0xe1d2b27bdc14aa98)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd05, &(0x7f00000001c0))

2m36.648754911s ago: executing program 1 (id=2374):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000380), r0)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
write$auto(r1, &(0x7f0000000080)=')@-!\x00', 0x1e1)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=<r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/volumes\x00', 0x40080, 0x0)
pread64$auto(r6, 0x0, 0x8100000041, 0xc00)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000)
listmount$auto(&(0x7f0000000100)={0xff, @raw, 0xffffffffffffffff, 0xa, 0x5}, 0x0, 0xfffffffffffffffa, 0x0)
clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0)
mmap$auto(0x1, 0x8000002020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x88)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r7, 0x0, 0x1ff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x5}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4, 0x0)
seccomp$auto(0x1, 0x0, &(0x7f0000000100)="740fb5dc698e7ba7e4")

2m21.552239079s ago: executing program 32 (id=2374):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000380), r0)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
write$auto(r1, &(0x7f0000000080)=')@-!\x00', 0x1e1)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=<r5=>r3})
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/volumes\x00', 0x40080, 0x0)
pread64$auto(r6, 0x0, 0x8100000041, 0xc00)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000)
listmount$auto(&(0x7f0000000100)={0xff, @raw, 0xffffffffffffffff, 0xa, 0x5}, 0x0, 0xfffffffffffffffa, 0x0)
clock_nanosleep$auto(0xfffffff2, 0x5, 0x0, 0x0)
mmap$auto(0x1, 0x8000002020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x88)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r7, 0x0, 0x1ff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x5}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4, 0x0)
seccomp$auto(0x1, 0x0, &(0x7f0000000100)="740fb5dc698e7ba7e4")

49.318010541s ago: executing program 3 (id=2649):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = socket(0x11, 0xa, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x0, 0x0)
r3 = socket(0x2, 0x1, 0x0)
r4 = getsockopt$auto(r3, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x14)
acct$auto(0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0)
r6 = prctl$auto_PR_SET_MM_END_DATA(0x1, 0x4, 0x0, 0x2, 0x3ff)
setsockopt$auto_SO_RCVPRIORITY(r6, 0x83, 0x52, &(0x7f0000000080)='\x00', 0xfffffffe)
r7 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_marker\x00', 0x480000, 0x0)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/io-timeout-fail\x00', 0x121201, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000200)='5', 0x1)
pidfd_getfd$auto(r7, r4, 0x9)
pread64$auto(r5, 0x0, 0x1, 0x3)

48.972419238s ago: executing program 3 (id=2650):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = epoll_create$auto(0x3e)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card0/pcm0p/xrun_debug\x00', 0xaa102, 0x0)
write$auto(r5, 0x0, 0x0)
r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r6, 0x5509, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r7=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r4, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r7}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)={0x1fc, r8, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0x3}, @NL80211_ATTR_SCAN_SUPP_RATES={0x1a4, 0x7d, 0x0, 0x1, [@typed={0x4, 0xd3}, @nested={0x12a, 0xcb, 0x0, 0x1, [@generic="d4c3a98f906b75d5dcf8130f05c91d1a03310cca20531a957eee246bf02f45997f", @generic="e35d0099cb9c50fac524a789e95ca3d23ddfe4638c3d12f5cd101188b85de203091364c0abf68178de9faceb65f4e60f7f3d5f7709d28caa4b9d15ba9b4bf071b703876acdc3c01419d73e7a23b455a6b7eaab90caaec1", @generic="160c5e0a44a748a5a5ca7acac95c5d82ee0318a2ab4e4bcf9583c054380db2534daaf0bd8ef985ef8d66eda51a253134c402acfcba339df3cd587cf53cfb368ceea53fe7a9cf0dc2d1616a320e9d5d18ffdb498164b878b85a3f8793e9a843b827aab6ae22876d4eb713cbd58ff9a6f6769570c035f084225cd0d8ddee31547493ae86b5fa187326a14f80859f725875730177da4ad7faa37daaea48918d372611bc18c1d37d47a38f4c", @nested={0x4, 0xff}]}, @nested={0x63, 0x5, 0x0, 0x1, [@typed={0x8, 0x151, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}}, @generic="adfa71bb6df912a312b73656cc172320cf74b2d470749832161adc3385733e73eb8d23fadde5ea5e8c75eb86b1f75a196f8f0f4ae2c036cbf8847c2386e79b4426e608ff85f133de4bb44d1e1bcf32fd43e576f820c8cc"]}, @typed={0xc, 0x19, 0x0, 0x0, @u64=0x401}]}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0xc0}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0xe}, @NL80211_ATTR_IFTYPE={0x8}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x2}, @NL80211_ATTR_TSID={0x5}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xff}, @NL80211_ATTR_MBSSID_ELEMS={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x7}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x20048880}, 0x44016)
read$auto(r2, &(0x7f0000000040)='\x00', 0x10001)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

48.002438231s ago: executing program 3 (id=2652):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kcore\x00', 0x40000, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r0, 0x0, 0xeffd)

47.919299137s ago: executing program 3 (id=2653):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop7\x00', 0x14f340, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x9, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000300)="db")
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2b, 0x1, 0x0)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto_SO_RCVLOWAT(r2, 0x1, 0x12, &(0x7f0000000ac0)='\'!\x00', &(0x7f0000000b00)=0x80)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0)
r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(r4, 0x560f, r5)
read$auto(r3, 0x0, 0x10001)
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r1)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="38000004", @ANYRES16=r6, @ANYBLOB="010028bd7000ffdbdf250700000008002a000100000005001f00050000000c001700ff0300000000000008000500ff0f0000"], 0x38}, 0x1, 0x0, 0x0, 0x4001}, 0x2000c000)
r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r7, &(0x7f0000000240)={0x0, 0x7}, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000002c0), r2)
wait4$auto(0x0, &(0x7f0000000300)=0x52, 0x3, &(0x7f0000000400)={{0x8, 0x8}, {0x1ced, 0x9}, 0xa00000000000, 0x6, 0x8, 0x1, 0x0, 0x9, 0x200, 0xffffffff, 0x4, 0xffffffffffffffff, 0x8000000000000001, 0x8001, 0x54, 0x9})
sendmsg$auto_IPVS_CMD_NEW_DEST(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f000000cac0)=ANY=[], 0x5f60}, 0x1, 0x0, 0x0, 0x8001}, 0x48004)

47.807848939s ago: executing program 3 (id=2654):
r0 = socket(0x9, 0x1, 0x100)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x14, r3, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084)
sysfs$auto(0x2, 0x44, 0x0)
socket(0x2, 0x801, 0x100)
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x894b, 0x38)
splice$auto(r0, &(0x7f00000001c0)=0x6, r0, &(0x7f0000000200)=0x5c2db475, 0xc77, 0x1000)
fsopen$auto(0x0, 0x1)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000003240), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000002c0)={'macsec0\x00', <r7=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r5, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r6, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
sendmsg$auto_MACSEC_CMD_ADD_RXSA(r1, &(0x7f0000005fc0)={0x0, 0x0, &(0x7f0000005f80)={&(0x7f0000000740)={0x1dc, r4, 0xd21, 0x70bd27, 0x25dfdbff, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r7}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_RXSC_CONFIG={0xdc, 0x2, 0x0, 0x1, [@typed={0x4, 0x83}, @nested={0xcb, 0xa2, 0x0, 0x1, [@nested={0x4, 0x127}, @generic="d4d88f296e205dbb6d824c33ffe20bcfeb378899516ce1791ea0185c3b410d8a135773b182cf7c58173c5044cb76b60cded90538bf033eb7f366af0b48333e43b5ca6061709ee432fd7b4e0569a341c54588cdc89dd606cb039286aacbb538ccce841394974e8c5679b5331c99b09dcfdf7b780b34b2848c902992df0a74957099edb3f32935a84dd95630855ddbf0e7cb7b733f756a41df4c0b7a772f6ce0c0da510b70cc9e034a55acd55edaa149a1ee6bacec91ab4e0e3e046eba68e0f7", @nested={0x4, 0xda}]}, @typed={0x8, 0x18, 0x0, 0x0, @pid=0xffffffffffffffff}]}, @MACSEC_ATTR_OFFLOAD={0xd7, 0x9, 0x0, 0x1, [@generic="cd25f848dabdf606d26ac6c8ac61fdcec744e1145fcdd62374c66d6b515ba22e0b03b04000c07efbd8d7a7b9322a96a4d117e61feb932bff4b6c2ffefe38199990b10e3a28fa31938ed54b423fc4f3a6296cf0cb9f85de0335e4c0a2d566ba76e9093b2d0db416d3bdf106d00041a447f6213eef7b93fbf4f7ad731fc41b3a5ae9077ae2c10c9f120841705ed5d0cd818c842a6160cfd3e3b5b8f330c408aa1593bd4c97fb3efad92f2d8fdaa365f706bec06413eb14d5ee8a45e71936c8a858c5b78d11754d28559577d222bd7bcbb1daa0cc"]}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x4000050}, 0x20000010)
r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="08006400010054dc9be76a327fc282cecb8090621d33545b680966fd680ff8c1c597e84b6a03159ee623244de0b1d55e8c6c175744bc5cd928093af026fe6b0ee83a0a2e643ade1323c5c6b394379a56b0a292169ee77d781ab33ceced32c09488f1ff2d5a00000000000000688c2a6373ada72bd6bc1ef0167796f0a5ef70b4bd5e01fbce48ffbf1befaa6935acb8c624c9546155e0357d97f68ebee4f09c2f3f3d99db20d99063877137abd36dce68e3d2550ca6c8117bdc9a706d3279b1e8fc9ad9179fa8992a8747ad5b2482c63a4b66fa51b0ea957394b99ad44b3e5b1669414f4db749d6df309cfc39b047bc5ed96b0000000000005aacf1b21190dd78fa06f7d7879453011c0bd5ca77de162b63632aa9a12d2f8050050000002ecc0ac9a9862bf7d7fd0103c3d570e5befc24856793ff83e5637fda24db365681206955a3312d2c509cb4f13852b8b9bf19e496ec029817b26d3d73aab357b68bb49bdaaf818e65e139784999a7ced39be83fa9ebad7d4b9e1193"], 0x78}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)

47.513356127s ago: executing program 3 (id=2656):
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sctp/eps\x00', 0x121000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000e80)=""/215, 0xd7)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
write$auto(r1, 0x0, 0x1e1)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f00000006c0)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x7, 0x4, 0xfffffffd, 0x400005, 0x4000fff, 0x8000007, 0x4, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x4, 0x0, 0x7b, 0xffffffff, 0x0, [0x2, 0x9d7d, 0x0, 0x1ff, 0x1, 0x0, 0x0, 0x4, 0x8000000000000000, 0x1, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x82, 0x7, 0x9, 0x1, 0xbec, 0x0, 0x0, 0xe, 0x100000001, 0x8a1, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x200000000000000, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8905, &(0x7f0000000200)={'ip6tnl0\x00'})
r5 = socket(0x10, 0x2, 0x2)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r3})
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r6, 0x0, 0x1ff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0xb}, 0x3)
r7 = openat$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy5/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats\x00', 0x101000, 0x0)
bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000080)=@bpf_attr_4={0x6, r7, 0x7e, r7}, 0x3)
r8 = socket(0xa, 0x3, 0x87)
getsockopt$auto_SO_ZEROCOPY(r8, 0xff, 0x3c, 0x0, &(0x7f0000000180)=0x1)
r9 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/pressure/memory\x00', 0x8f3b7a51b80ebd01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r9, &(0x7f0000000040)=' \\x', 0x3)

31.484657901s ago: executing program 33 (id=2656):
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/sctp/eps\x00', 0x121000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000e80)=""/215, 0xd7)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
write$auto(r1, 0x0, 0x1e1)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f00000006c0)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x7, 0x4, 0xfffffffd, 0x400005, 0x4000fff, 0x8000007, 0x4, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x4, 0x0, 0x7b, 0xffffffff, 0x0, [0x2, 0x9d7d, 0x0, 0x1ff, 0x1, 0x0, 0x0, 0x4, 0x8000000000000000, 0x1, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x82, 0x7, 0x9, 0x1, 0xbec, 0x0, 0x0, 0xe, 0x100000001, 0x8a1, 0x0, 0x0, 0x2, 0xfffffffffffffffc, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x200000000000000, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8905, &(0x7f0000000200)={'ip6tnl0\x00'})
r5 = socket(0x10, 0x2, 0x2)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r3})
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r6, 0x0, 0x1ff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0xb}, 0x3)
r7 = openat$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy5/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats\x00', 0x101000, 0x0)
bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000080)=@bpf_attr_4={0x6, r7, 0x7e, r7}, 0x3)
r8 = socket(0xa, 0x3, 0x87)
getsockopt$auto_SO_ZEROCOPY(r8, 0xff, 0x3c, 0x0, &(0x7f0000000180)=0x1)
r9 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/pressure/memory\x00', 0x8f3b7a51b80ebd01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r9, &(0x7f0000000040)=' \\x', 0x3)

1.015196697s ago: executing program 0 (id=2716):
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5o\x91p\xe6\x1eRN8\x99\x00\b\xaa\x1c?\x00\x00\x00c\x14\xaf\r\x94\x1a\xd3\xd3\x1d\xf8\xbebR\xddL\'\x03\xf1`\x9f5\xf9\xa4\xf8\x15\xdd\xac\x00\x00\x00\x00\x00\x00\"\x01\x0e\xa4\xdf\xdav\x1cC\xff\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\x9d*\xd1\x14^\xbe\xa2\x00\x00\x00\x01\x00\x00\x00\x00\x00\xe8\xff\x00\x00\x00\x00\x00', 0xfdef, 0x500000000000)

923.113849ms ago: executing program 0 (id=2717):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x11, 0x80003, 0x300)
socket(0x29, 0x5, 0x0)
r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322cf3)
open_by_handle_at$auto(r0, &(0x7f0000000040)={0x8, 0x1, "1700000000000000"}, 0x2)
read$auto(0x3, 0x0, 0x5)
sendmsg$auto_NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000440)={0xf4, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0xc5ff}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0xf3}, @NL80211_ATTR_TID_CONFIG={0xd0, 0x11d, 0x0, 0x1, [{0x50, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0xff}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x3c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xe, 0x1, "171af45f8c6eb4043380"}, @NL80211_TXRATE_LEGACY={0x1e, 0x1, "becee97fff08d5038cbbaa0f85c4f26c43d1dfe2209c00b92a5d"}, @NL80211_TXRATE_GI={0x5, 0x4, 0x5}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x8}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x7}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x2}]}, {0x4}, {0x4}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x24, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0xb}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0xff}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x3}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0xf}]}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0xf5}]}, {0x4}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x3}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10000}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x20000002}, 0x40)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x20881, 0x0)
write$auto(r1, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)

821.289162ms ago: executing program 0 (id=2718):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x84100, 0x0)
ioctl$auto_IOC_PR_RELEASE(r0, 0x801070cf, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x3, 0x66)
madvise$auto(0x0, 0x20000a, 0x8)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
mmap$auto(0x0, 0x2020009, 0x3, 0xb8, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nullb0/queue/write_cache\x00', 0x10b142, 0x0)
write$auto_dfs_sched_itmt_fops_itmt(r2, &(0x7f0000000000)="9c28ac6f0fd5", 0x6)
r3 = socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1)
socket(0x11, 0x3, 0x9)
socket(0x11, 0x80003, 0x300)
r4 = ioctl$auto_SIOCSIFHWADDR2(r3, 0x8924, &(0x7f0000000140)="de6acd75e526a20aae652ae6025154704dd6a2c7329e6c0e5cdd56e1df49aba98f874ab428d02b14e672220b985765bac58a1a2c8ed39db9f2506a0ac4e9ae4f5be4d09f95a9ec1a4929163655a3b971f4eeecd4b9741380debfb50c43c58f5047b378be788cf0206fa9678eb58c653cd3f3c24bdf53b55728015543c3095cd816f27c588831e2eb0637275fb5a781b3a402939b18e831868e4abe0430b68dca51bf47674afd5bd827dc10f56e77eb75bb1160e3a7b4017513150e3df201ef4420e39ce593aa6677da502c640a78a795cc9dfdf5aa5898ea4ee76bb60cf0")
sendmmsg$auto(r4, &(0x7f0000000040)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x9}, 0x5}, 0x2, 0x100)
syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0)

490.144847ms ago: executing program 0 (id=2719):
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0x14)
socket(0x9, 0x6, 0x4)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
socket(0xa, 0x5, 0x84)
r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x101b00, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0)
link$auto(0x0, 0x0)
r1 = io_uring_setup$auto(0x4, 0x0)
close_range$auto(0x2, r1, 0x0)
open(0x0, 0x40, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x40106f52, r2)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)

148.458031ms ago: executing program 0 (id=2720):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0x8, 0x1, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x12)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/rcutree/parameters/rcu_resched_ns\x00', 0x220000, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = socket(0x2, 0x801, 0x106)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x6, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
fcntl$auto_F_CREATED_QUERY(r4, 0x404, 0x7fff)
write$auto(0xca, &(0x7f0000000140)='\x042\x01\f\r\a\x00\xf6OL\xc8\xbe\x94\xf2\xa2\x00\xfb\x84(\x83\";\xa8\xd7\x05uXR\xa3\xb3@T\x89\x8e\xd4Q\xdd\xb80\xc7\xad\\\xf7C\xb3\x8f\r?\xb3>r\xdf\x99%\xd6s\xe3\x8b*\xe2\xbc\xc9\x8bV\xf0\xb7\xec.\xae\xe1\x04\x00\x00\x00\xaa', 0x2da)
r5 = socket(0x10, 0x80002, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.max.depth\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000100)='7', 0x7)
capset$auto(&(0x7f0000000280)={0x2, 0xffffffffffffffff}, &(0x7f00000002c0)={0x69, 0x7})
fallocate$auto(0xffffffffffffffff, 0x10, 0x7, 0x9)
r7 = setfsuid$auto(0xee00)
shmctl$auto_IPC_RMID(0x0, 0x0, &(0x7f0000002900)={{0x3, r7, 0xee00, 0x9, 0x17, 0x6, 0x1}, 0x6, 0x4, 0x7, 0x2, @raw=0xfffffff8, @raw=0x5, 0x80, 0x0, 0x0, &(0x7f0000002800)="98184e760a0f452eb11ea06b99ff21207e3b8c3b220044babfe4265728b83289334ad0fe741aa5ca55a08562caac2a4250362d60e4fa7c638f6df5ce567f74be13b83c270559872f67c6a2b22bf7734c63c04d9ee81bc615e00b15ccc53a5b6ed9157d27379564431ff2b3f0b4fda06486a9c5a82249d257871870a1070a15c7beaadf0dc4213674015e96a424cd97bb46607a111c53e42e0b"})
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto_SO_TIMESTAMPING_OLD(r3, 0x7, 0x25, &(0x7f0000000100)=',}\\/.#\x00', &(0x7f0000000140)=0x5)
getsockopt$auto_SO_INCOMING_CPU(r2, 0x3000, 0x31, &(0x7f0000000180)=',}\\/.#\x00', &(0x7f00000001c0)=0x1)
timerfd_create$auto(0x0, 0x0)
timerfd_settime$auto(r5, 0x3, 0x0, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x1ff, 0x0, 0xff, 0x7, 0x8, 0x0, 0x10, 0x0, 0x2, 0x4, 0x1f6a, {0x0, 0x3}, 0x9, 0x1, 0x2, 0x80000001, 0x0, 0x8, 0x545, 0x1, 0x0, 0x8})
fsconfig$auto_EROFS_MOUNT_DAX_ALWAYS(r0, 0x9, &(0x7f0000000240)='/sys/module/rcutree/parameters/rcu_resched_ns\x00', &(0x7f0000000300)="8448d769d6d92f89442a45e44c0f27d8aef77887108269026a013e7dbc6b0e5e36fa3da633f70124dc4db950a1893c8d86d1be2c7e881d7cee", 0x40)

0s ago: executing program 0 (id=2721):
fstatfs$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8001, 0x100000000000, 0x1, 0x9, 0x5d, 0x2, 0x75, {[0x80000000]}, 0x0, 0x7ff, 0x68a6, [0x5, 0x8, 0x5, 0x4]})
statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x4, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff]}, 0x200, 0x81)
setfsuid$auto(0xee00)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6)
sysfs$auto(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r1, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x7, 0x2000000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
getegid()
socket(0x18, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202, 0x0)
close_range$auto(0x0, 0x5, 0x0)

kernel console output (not intermixed with test programs):

 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  677.957679][T15569] RSP: 002b:00007f6cb0d81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  677.957694][T15569] RAX: ffffffffffffffda RBX: 00007f6cb0215fa0 RCX: 00007f6caff9c799
[  677.957704][T15569] RDX: 0000000000000080 RSI: 00002000000006c0 RDI: ffffffffffffff9c
[  677.957713][T15569] RBP: 00007f6cb0032c99 R08: 0000000000000000 R09: 0000000000000000
[  677.957722][T15569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  677.957731][T15569] R13: 00007f6cb0216038 R14: 00007f6cb0215fa0 R15: 00007ffe8ef137e8
[  677.957751][T15569]  </TASK>
[  679.296086][T15590] openvswitch: ovs_: Dropping previously announced user features
[  679.940955][T15604] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  686.385757][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  686.395405][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  686.889184][T15740] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  689.011690][T15793] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  689.301461][T15796] FAULT_INJECTION: forcing a failure.
[  689.301461][T15796] name failslab, interval 1, probability 0, space 0, times 0
[  689.398096][T15796] CPU: 0 UID: 0 PID: 15796 Comm: syz.3.2140 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  689.398124][T15796] Tainted: [L]=SOFTLOCKUP
[  689.398130][T15796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  689.398141][T15796] Call Trace:
[  689.398147][T15796]  <TASK>
[  689.398153][T15796]  dump_stack_lvl+0x100/0x190
[  689.398182][T15796]  should_fail_ex.cold+0x5/0xa
[  689.398200][T15796]  ? lsm_blob_alloc+0x68/0x90
[  689.398218][T15796]  should_failslab+0xc2/0x120
[  689.398234][T15796]  __kmalloc_noprof+0xe0/0x850
[  689.398266][T15796]  ? trace_kmalloc+0x101/0x130
[  689.398376][T15796]  lsm_blob_alloc+0x68/0x90
[  689.398398][T15796]  security_sk_alloc+0x2d/0x290
[  689.398422][T15796]  sk_prot_alloc+0x12a/0x2a0
[  689.398447][T15796]  sk_alloc+0x36/0xe80
[  689.398465][T15796]  pptp_create+0x32/0x340
[  689.398483][T15796]  pppox_create+0x15c/0x2c0
[  689.398507][T15796]  __sock_create+0x339/0x860
[  689.398534][T15796]  __sys_socket+0x14d/0x260
[  689.398548][T15796]  ? __pfx___sys_socket+0x10/0x10
[  689.398567][T15796]  __x64_sys_socket+0x72/0xb0
[  689.398581][T15796]  ? lockdep_hardirqs_on+0x78/0x100
[  689.398600][T15796]  do_syscall_64+0x106/0xf80
[  689.398618][T15796]  ? clear_bhb_loop+0x40/0x90
[  689.398638][T15796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.398655][T15796] RIP: 0033:0x7f6caff9c799
[  689.398670][T15796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  689.398686][T15796] RSP: 002b:00007f6cb0d81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  689.398703][T15796] RAX: ffffffffffffffda RBX: 00007f6cb0215fa0 RCX: 00007f6caff9c799
[  689.398728][T15796] RDX: 0000000000000002 RSI: 0000000000000003 RDI: 0000000000000018
[  689.398737][T15796] RBP: 00007f6cb0032c99 R08: 0000000000000000 R09: 0000000000000000
[  689.398748][T15796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  689.398757][T15796] R13: 00007f6cb0216038 R14: 00007f6cb0215fa0 R15: 00007ffe8ef137e8
[  689.398778][T15796]  </TASK>
[  689.647628][T15802] zram: Cannot change disksize for initialized device
[  691.580437][T15839] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  693.146093][T15873] FAULT_INJECTION: forcing a failure.
[  693.146093][T15873] name failslab, interval 1, probability 0, space 0, times 0
[  693.323847][T15873] CPU: 0 UID: 0 PID: 15873 Comm: syz.2.2157 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  693.323875][T15873] Tainted: [L]=SOFTLOCKUP
[  693.323881][T15873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  693.323891][T15873] Call Trace:
[  693.323897][T15873]  <TASK>
[  693.323903][T15873]  dump_stack_lvl+0x100/0x190
[  693.323930][T15873]  should_fail_ex.cold+0x5/0xa
[  693.323950][T15873]  should_failslab+0xc2/0x120
[  693.323966][T15873]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  693.323988][T15873]  ? mas_alloc_nodes+0x280/0x390
[  693.324009][T15873]  mas_alloc_nodes+0x280/0x390
[  693.324026][T15873]  mas_preallocate+0x39c/0xf10
[  693.324044][T15873]  ? __memcg_slab_post_alloc_hook+0x4c0/0x990
[  693.324065][T15873]  ? __pfx_mas_preallocate+0x10/0x10
[  693.324089][T15873]  ? anon_vma_name+0x5a/0x250
[  693.324109][T15873]  __split_vma+0x33d/0xd90
[  693.324132][T15873]  ? __pfx___split_vma+0x10/0x10
[  693.324155][T15873]  ? __pfx_mas_prev+0x10/0x10
[  693.324178][T15873]  vms_gather_munmap_vmas+0x39f/0x1500
[  693.324197][T15873]  ? find_held_lock+0x2b/0x80
[  693.324216][T15873]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  693.324235][T15873]  ? move_page_tables+0xe1d/0x4500
[  693.324265][T15873]  do_vmi_align_munmap+0x287/0x5f0
[  693.324288][T15873]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  693.324334][T15873]  do_vmi_munmap+0x1f8/0x3e0
[  693.324357][T15873]  move_vma+0xd99/0x1890
[  693.324381][T15873]  ? __pfx_move_vma+0x10/0x10
[  693.324402][T15873]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  693.324426][T15873]  ? vrm_set_new_addr+0x204/0x290
[  693.324457][T15873]  mremap_to+0x1b7/0x450
[  693.324479][T15873]  do_mremap+0xb76/0x2130
[  693.324509][T15873]  ? __pfx_do_mremap+0x10/0x10
[  693.324534][T15873]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  693.324563][T15873]  __do_sys_mremap+0x126/0x170
[  693.324583][T15873]  ? __pfx___do_sys_mremap+0x10/0x10
[  693.324609][T15873]  ? __x64_sys_futex+0x34f/0x4d0
[  693.324639][T15873]  do_syscall_64+0x106/0xf80
[  693.324657][T15873]  ? clear_bhb_loop+0x40/0x90
[  693.324675][T15873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.324690][T15873] RIP: 0033:0x7fdc1f99c799
[  693.324705][T15873] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  693.324719][T15873] RSP: 002b:00007fdc2087f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  693.324734][T15873] RAX: ffffffffffffffda RBX: 00007fdc1fc16090 RCX: 00007fdc1f99c799
[  693.324744][T15873] RDX: 0000000000000037 RSI: 0000000000000008 RDI: 0000200000001000
[  693.324753][T15873] RBP: 00007fdc1fa32c99 R08: 000000110c230000 R09: 0000000000000000
[  693.324763][T15873] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  693.324772][T15873] R13: 00007fdc1fc16128 R14: 00007fdc1fc16090 R15: 00007fffae1cb8d8
[  693.324792][T15873]  </TASK>
[  696.192549][T15905] input: 00
[  696.192549][T15905]  as /devices/virtual/input/input68
[  696.349525][T15905] FAULT_INJECTION: forcing a failure.
[  696.349525][T15905] name failslab, interval 1, probability 0, space 0, times 0
[  696.501884][T15905] CPU: 0 UID: 0 PID: 15905 Comm: syz.2.2166 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  696.501912][T15905] Tainted: [L]=SOFTLOCKUP
[  696.501917][T15905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  696.501931][T15905] Call Trace:
[  696.501937][T15905]  <TASK>
[  696.501946][T15905]  dump_stack_lvl+0x100/0x190
[  696.501973][T15905]  should_fail_ex.cold+0x5/0xa
[  696.501992][T15905]  should_failslab+0xc2/0x120
[  696.502009][T15905]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  696.502032][T15905]  ? kstrdup_const+0x63/0x80
[  696.502055][T15905]  ? find_held_lock+0x2b/0x80
[  696.502073][T15905]  kstrdup+0x51/0xe0
[  696.502095][T15905]  kstrdup_const+0x63/0x80
[  696.502117][T15905]  __kernfs_new_node+0x9b/0x960
[  696.502140][T15905]  ? __pfx___kernfs_new_node+0x10/0x10
[  696.502165][T15905]  ? find_held_lock+0x2b/0x80
[  696.502177][T15905]  ? kernfs_root+0xee/0x2a0
[  696.502284][T15905]  ? kernfs_root+0xee/0x2a0
[  696.502334][T15905]  kernfs_new_node+0x11b/0x1a0
[  696.502383][T15905]  kernfs_create_link+0xcc/0x240
[  696.502406][T15905]  sysfs_do_create_link_sd+0x90/0x140
[  696.502430][T15905]  sysfs_create_link+0x61/0xc0
[  696.502452][T15905]  device_add+0xb5d/0x1950
[  696.502471][T15905]  ? __pfx_device_add+0x10/0x10
[  696.502489][T15905]  ? kobject_get+0xbb/0x150
[  696.502513][T15905]  cdev_device_add+0x12b/0x270
[  696.502530][T15905]  evdev_connect+0x3a8/0x4b0
[  696.502557][T15905]  input_attach_handler.isra.0+0x177/0x1e0
[  696.502581][T15905]  input_register_device.cold+0x139/0x375
[  696.502604][T15905]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  696.502630][T15905]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  696.502652][T15905]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  696.502680][T15905]  ? find_held_lock+0x2b/0x80
[  696.502694][T15905]  ? __fget_files+0x215/0x3d0
[  696.502717][T15905]  ? __pfx_uinput_ioctl+0x10/0x10
[  696.502732][T15905]  __x64_sys_ioctl+0x18e/0x210
[  696.502754][T15905]  do_syscall_64+0x106/0xf80
[  696.502773][T15905]  ? clear_bhb_loop+0x40/0x90
[  696.502851][T15905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.502868][T15905] RIP: 0033:0x7fdc1f99c799
[  696.502884][T15905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  696.502900][T15905] RSP: 002b:00007fdc208a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  696.502916][T15905] RAX: ffffffffffffffda RBX: 00007fdc1fc15fa0 RCX: 00007fdc1f99c799
[  696.502927][T15905] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  696.502937][T15905] RBP: 00007fdc1fa32c99 R08: 0000000000000000 R09: 0000000000000000
[  696.502955][T15905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  696.502964][T15905] R13: 00007fdc1fc16038 R14: 00007fdc1fc15fa0 R15: 00007fffae1cb8d8
[  696.502986][T15905]  </TASK>
[  697.500892][T15905] input: failed to attach handler evdev to device input68, error: -12
[  697.763634][T15922] kAFS: Invalid Command on /proc/fs/afs/cells file
[  697.938747][T15930] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2172'.
[  699.142951][T15943] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078006000 pfn:0x78006
[  699.239866][T15943] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  699.247245][T15943] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  699.336845][T15943] raw: ffff888078006000 0000000000000000 00000001ffffffff 0000000000000000
[  699.397172][T15943] page dumped because: unmovable page
[  699.439964][T15943] page_owner tracks the page as allocated
[  699.480149][T15943] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO), pid 6331, tgid 6331 (syz.2.86), ts 138669010232, free_ts 134525110941
[  699.583490][T15943]  post_alloc_hook+0x153/0x170
[  699.608940][T15943]  get_page_from_freelist+0x111d/0x3140
[  699.658146][T15943]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  699.684968][T15943]  alloc_pages_mpol+0x1fb/0x550
[  699.724981][T15943]  alloc_pages_noprof+0x131/0x390
[  699.742823][T15943]  brd_submit_bio+0x116a/0x20d0
[  699.774799][T15943]  __submit_bio+0x419/0x6c0
[  699.805377][T15943]  submit_bio_noacct_nocheck+0x74f/0xc10
[  699.850384][T15943]  submit_bio_noacct+0xd17/0x2010
[  699.878297][T15943]  submit_bh_wbc+0x59c/0x770
[  699.902257][T15943]  __block_write_full_folio+0x77f/0xee0
[  699.958223][T15948] FAULT_INJECTION: forcing a failure.
[  699.958223][T15948] name failslab, interval 1, probability 0, space 0, times 0
[  699.972980][T15943]  block_write_full_folio+0x3b5/0x4e0
[  699.996761][T15943]  blkdev_writepages+0xc7/0x150
[  700.027008][T15943]  do_writepages+0x278/0x600
[  700.057395][T15943]  filemap_writeback+0x22d/0x2e0
[  700.087559][T15943]  filemap_write_and_wait_range+0xa6/0x130
[  700.123786][T15943] page last free pid 6275 tgid 6267 stack trace:
[  700.150965][T15948] CPU: 0 UID: 0 PID: 15948 Comm: syz.3.2173 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  700.150993][T15948] Tainted: [L]=SOFTLOCKUP
[  700.150999][T15948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  700.151014][T15948] Call Trace:
[  700.151020][T15948]  <TASK>
[  700.151028][T15948]  dump_stack_lvl+0x100/0x190
[  700.151057][T15948]  should_fail_ex.cold+0x5/0xa
[  700.151077][T15948]  should_failslab+0xc2/0x120
[  700.151093][T15948]  __kvmalloc_node_noprof+0xfa/0xa00
[  700.151115][T15948]  ? alloc_fdtable+0x110/0x2d0
[  700.151142][T15948]  alloc_fdtable+0x110/0x2d0
[  700.151165][T15948]  dup_fd+0x995/0xd10
[  700.151181][T15948]  ? fd_statfs+0xdd/0x120
[  700.151204][T15948]  ksys_unshare+0x7ad/0xad0
[  700.151224][T15948]  ? __pfx_ksys_unshare+0x10/0x10
[  700.151248][T15948]  __x64_sys_unshare+0x31/0x40
[  700.151266][T15948]  do_syscall_64+0x106/0xf80
[  700.151284][T15948]  ? clear_bhb_loop+0x40/0x90
[  700.151302][T15948]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.151317][T15948] RIP: 0033:0x7f6caff9c799
[  700.151331][T15948] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  700.151346][T15948] RSP: 002b:00007f6cae1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  700.151361][T15948] RAX: ffffffffffffffda RBX: 00007f6cb0216180 RCX: 00007f6caff9c799
[  700.151371][T15948] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400
[  700.151380][T15948] RBP: 00007f6cb0032c99 R08: 0000000000000000 R09: 0000000000000000
[  700.151389][T15948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  700.151398][T15948] R13: 00007f6cb0216218 R14: 00007f6cb0216180 R15: 00007ffe8ef137e8
[  700.151417][T15948]  </TASK>
[  700.531045][T15943]  __free_frozen_pages+0x7e1/0x10d0
[  700.536444][T15943]  qlist_free_all+0x47/0xe0
[  700.564946][T15943]  kasan_quarantine_reduce+0x1a0/0x1f0
[  700.591043][T15943]  __kasan_slab_alloc+0x69/0x90
[  700.596370][T15943]  kmem_cache_alloc_lru_noprof+0x246/0x6e0
[  700.658093][T15943]  __d_alloc+0x34/0xa80
[  700.662687][T15943]  d_alloc_parallel+0x111/0x14e0
[  700.667890][T15943]  __lookup_slow+0x193/0x460
[  700.697778][T15943]  lookup_slow+0x50/0x70
[  700.738927][T15943]  lookup_noperm_positive_unlocked+0xd5/0x110
[  700.768196][T15943]  debugfs_lookup+0xc7/0x150
[  700.772946][T15943]  debugfs_lookup_and_remove+0x1c/0xa0
[  700.808060][T15943]  kmem_cache_destroy+0xd1/0x180
[  700.833423][T15943]  mon_text_release+0x267/0x3b0
[  700.858114][T15943]  full_proxy_release+0xc0/0x140
[  700.868369][T15943]  __fput+0x3ff/0xb40
[  705.247510][T16007] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'.
[  705.972084][T16010] FAULT_INJECTION: forcing a failure.
[  705.972084][T16010] name failslab, interval 1, probability 0, space 0, times 0
[  706.112189][T16010] CPU: 0 UID: 0 PID: 16010 Comm: syz.0.2191 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  706.112216][T16010] Tainted: [L]=SOFTLOCKUP
[  706.112222][T16010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  706.112232][T16010] Call Trace:
[  706.112238][T16010]  <TASK>
[  706.112245][T16010]  dump_stack_lvl+0x100/0x190
[  706.112274][T16010]  should_fail_ex.cold+0x5/0xa
[  706.112293][T16010]  should_failslab+0xc2/0x120
[  706.112310][T16010]  __kmalloc_cache_noprof+0x7a/0x6f0
[  706.112329][T16010]  ? vidtv_psi_service_desc_init+0x93/0x4c0
[  706.112435][T16010]  vidtv_psi_service_desc_init+0x93/0x4c0
[  706.112455][T16010]  vidtv_psi_desc_clone+0x496/0x5d0
[  706.112472][T16010]  vidtv_channel_si_init+0x4b8/0x18d0
[  706.112520][T16010]  vidtv_mux_init+0x526/0xbf0
[  706.112542][T16010]  vidtv_start_feed+0x33e/0x4c0
[  706.112588][T16010]  ? __pfx_vidtv_start_feed+0x10/0x10
[  706.112619][T16010]  ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10
[  706.112647][T16010]  ? mark_held_locks+0x40/0x70
[  706.112669][T16010]  ? __pfx_vidtv_start_feed+0x10/0x10
[  706.112690][T16010]  dmx_ts_feed_start_filtering+0xf6/0x220
[  706.112743][T16010]  dvb_dmxdev_start_feed+0x273/0x3f0
[  706.112792][T16010]  dvb_dmxdev_filter_start+0x1b6/0xdd0
[  706.112817][T16010]  ? dvb_dmxdev_add_pid+0x2a1/0x380
[  706.112841][T16010]  dvb_demux_do_ioctl+0xe64/0x1200
[  706.112870][T16010]  dvb_usercopy+0x167/0x340
[  706.112889][T16010]  ? __pfx_dvb_demux_do_ioctl+0x10/0x10
[  706.112911][T16010]  ? __pfx_dvb_usercopy+0x10/0x10
[  706.112938][T16010]  ? __fget_files+0x21f/0x3d0
[  706.112957][T16010]  dvb_demux_ioctl+0x29/0x40
[  706.112976][T16010]  ? __pfx_dvb_demux_ioctl+0x10/0x10
[  706.112996][T16010]  __x64_sys_ioctl+0x18e/0x210
[  706.113024][T16010]  do_syscall_64+0x106/0xf80
[  706.113042][T16010]  ? clear_bhb_loop+0x40/0x90
[  706.113061][T16010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  706.113077][T16010] RIP: 0033:0x7fb419b9c799
[  706.113092][T16010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  706.113106][T16010] RSP: 002b:00007fb41a98c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  706.113121][T16010] RAX: ffffffffffffffda RBX: 00007fb419e16090 RCX: 00007fb419b9c799
[  706.113132][T16010] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000004
[  706.113141][T16010] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  706.113151][T16010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  706.113161][T16010] R13: 00007fb419e16128 R14: 00007fb419e16090 R15: 00007ffd3d6eaab8
[  706.113182][T16010]  </TASK>
[  708.053644][T16027] random: crng reseeded on system resumption
[  709.730618][T16056] ovs_: entered promiscuous mode
[  711.318763][T16089] openvswitch: ovs_: Dropping previously announced user features
[  712.241904][T16108] netlink: 'syz.2.2215': attribute type 2 has an invalid length.
[  712.959588][T16130] vivid-007: =================  START STATUS  =================
[  713.007536][T16130] vivid-007: Generate PTS: true
[  713.050955][T16130] vivid-007: Generate SCR: true
[  713.092386][T16130] tpg source WxH: 320x240 (Y'CbCr)
[  713.126265][T16130] tpg field: 1
[  713.160738][T16130] tpg crop: (0,0)/320x240
[  713.165348][T16130] tpg compose: (0,0)/320x240
[  713.217367][T16130] tpg colorspace: 8
[  713.264772][T16130] tpg transfer function: 0/0
[  713.347312][T16130] tpg Y'CbCr encoding: 0/0
[  713.436777][T16130] tpg quantization: 0/0
[  713.500755][T16130] tpg RGB range: 0/2
[  713.572164][T16130] vivid-007: ==================  END STATUS  ==================
[  714.186912][T16163] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  714.582333][T16178] netlink: 346 bytes leftover after parsing attributes in process `syz.0.2230'.
[  716.600954][T16209] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  716.771876][T16205] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  716.961998][T16215] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69
[  717.118120][   T29] audit: type=1800 audit(1773311951.304:14): pid=16218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2241" name="lu_gp_id" dev="configfs" ino=65829 res=0 errno=0
[  717.379246][T16220] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70
[  720.343894][T16305] usb usb15: usbfs: process 16305 (syz.1.2260) did not claim interface 0 before use
[  722.248647][T16346] random: crng reseeded on system resumption
[  722.632744][T16354] openvswitch: ovs_: Dropping previously announced user features
[  723.722785][T16365] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  724.207455][T16375] input: f�
 as /devices/virtual/input/input71
[  724.244991][T16375] FAULT_INJECTION: forcing a failure.
[  724.244991][T16375] name failslab, interval 1, probability 0, space 0, times 0
[  724.329260][T16375] CPU: 0 UID: 0 PID: 16375 Comm: syz.3.2275 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  724.329287][T16375] Tainted: [L]=SOFTLOCKUP
[  724.329293][T16375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  724.329303][T16375] Call Trace:
[  724.329308][T16375]  <TASK>
[  724.329315][T16375]  dump_stack_lvl+0x100/0x190
[  724.329348][T16375]  should_fail_ex.cold+0x5/0xa
[  724.329367][T16375]  should_failslab+0xc2/0x120
[  724.329392][T16375]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  724.329416][T16375]  ? kasprintf+0xc7/0x100
[  724.329438][T16375]  kvasprintf+0xbc/0x150
[  724.329455][T16375]  ? __pfx_kvasprintf+0x10/0x10
[  724.329477][T16375]  kasprintf+0xc7/0x100
[  724.329492][T16375]  ? __pfx_kasprintf+0x10/0x10
[  724.329527][T16375]  ? __pfx_input_devnode+0x10/0x10
[  724.329546][T16375]  device_get_devnode+0x166/0x2c0
[  724.329565][T16375]  devtmpfs_create_node+0xf0/0x290
[  724.329588][T16375]  ? __pfx_devtmpfs_create_node+0x10/0x10
[  724.329611][T16375]  ? up_write+0x290/0x4f0
[  724.329630][T16375]  ? kernfs_root+0xf8/0x2a0
[  724.329656][T16375]  ? kernfs_create_link+0x1bd/0x240
[  724.329673][T16375]  ? kernfs_put+0x3f/0x60
[  724.329693][T16375]  ? sysfs_do_create_link_sd+0xbb/0x140
[  724.329715][T16375]  device_add+0x114e/0x1950
[  724.329731][T16375]  ? __pfx_device_add+0x10/0x10
[  724.329753][T16375]  ? kobject_get+0xbb/0x150
[  724.329776][T16375]  cdev_device_add+0x12b/0x270
[  724.329793][T16375]  evdev_connect+0x3a8/0x4b0
[  724.329817][T16375]  input_attach_handler.isra.0+0x177/0x1e0
[  724.329838][T16375]  input_register_device.cold+0x139/0x375
[  724.329860][T16375]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  724.329885][T16375]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  724.329905][T16375]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  724.329934][T16375]  ? find_held_lock+0x2b/0x80
[  724.329947][T16375]  ? __fget_files+0x215/0x3d0
[  724.329970][T16375]  ? __pfx_uinput_ioctl+0x10/0x10
[  724.329985][T16375]  __x64_sys_ioctl+0x18e/0x210
[  724.330008][T16375]  do_syscall_64+0x106/0xf80
[  724.330261][T16375]  ? clear_bhb_loop+0x40/0x90
[  724.330299][T16375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.330327][T16375] RIP: 0033:0x7f6caff9c799
[  724.330346][T16375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  724.330361][T16375] RSP: 002b:00007f6cb0d81028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  724.330377][T16375] RAX: ffffffffffffffda RBX: 00007f6cb0215fa0 RCX: 00007f6caff9c799
[  724.330387][T16375] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  724.330407][T16375] RBP: 00007f6cb0032c99 R08: 0000000000000000 R09: 0000000000000000
[  724.330420][T16375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.330429][T16375] R13: 00007f6cb0216038 R14: 00007f6cb0215fa0 R15: 00007ffe8ef137e8
[  724.330449][T16375]  </TASK>
[  724.634219][T16377] input: f�
 as /devices/virtual/input/input72
[  725.093755][T16377] FAULT_INJECTION: forcing a failure.
[  725.093755][T16377] name failslab, interval 1, probability 0, space 0, times 0
[  725.158701][T16377] CPU: 0 UID: 0 PID: 16377 Comm: syz.2.2276 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  725.158730][T16377] Tainted: [L]=SOFTLOCKUP
[  725.158736][T16377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  725.158747][T16377] Call Trace:
[  725.158753][T16377]  <TASK>
[  725.158760][T16377]  dump_stack_lvl+0x100/0x190
[  725.158788][T16377]  should_fail_ex.cold+0x5/0xa
[  725.158807][T16377]  should_failslab+0xc2/0x120
[  725.158823][T16377]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  725.158845][T16377]  ? __kernfs_new_node+0xd2/0x960
[  725.158869][T16377]  __kernfs_new_node+0xd2/0x960
[  725.158891][T16377]  ? __pfx___kernfs_new_node+0x10/0x10
[  725.158915][T16377]  ? find_held_lock+0x2b/0x80
[  725.158929][T16377]  ? kernfs_root+0xee/0x2a0
[  725.158948][T16377]  ? kernfs_root+0xee/0x2a0
[  725.158971][T16377]  kernfs_new_node+0x11b/0x1a0
[  725.159004][T16377]  __kernfs_create_file+0x53/0x350
[  725.159025][T16377]  sysfs_add_file_mode_ns+0x207/0x3c0
[  725.159049][T16377]  sysfs_merge_group+0x194/0x340
[  725.159071][T16377]  ? __pfx_sysfs_merge_group+0x10/0x10
[  725.159094][T16377]  ? __pfx_dev_add_physical_location+0x10/0x10
[  725.159118][T16377]  ? bus_to_subsys+0x114/0x150
[  725.159137][T16377]  dpm_sysfs_add+0x237/0x280
[  725.159161][T16377]  device_add+0x9ef/0x1950
[  725.159177][T16377]  ? __pfx_device_add+0x10/0x10
[  725.159194][T16377]  ? kobject_get+0xbb/0x150
[  725.159215][T16377]  cdev_device_add+0x12b/0x270
[  725.159232][T16377]  evdev_connect+0x3a8/0x4b0
[  725.159256][T16377]  input_attach_handler.isra.0+0x177/0x1e0
[  725.159277][T16377]  input_register_device.cold+0x139/0x375
[  725.159300][T16377]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  725.159325][T16377]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  725.159345][T16377]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  725.159378][T16377]  ? find_held_lock+0x2b/0x80
[  725.159392][T16377]  ? __fget_files+0x215/0x3d0
[  725.159414][T16377]  ? __pfx_uinput_ioctl+0x10/0x10
[  725.159429][T16377]  __x64_sys_ioctl+0x18e/0x210
[  725.159452][T16377]  do_syscall_64+0x106/0xf80
[  725.159469][T16377]  ? clear_bhb_loop+0x40/0x90
[  725.159495][T16377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.159511][T16377] RIP: 0033:0x7fdc1f99c799
[  725.159525][T16377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  725.159540][T16377] RSP: 002b:00007fdc208a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  725.159556][T16377] RAX: ffffffffffffffda RBX: 00007fdc1fc15fa0 RCX: 00007fdc1f99c799
[  725.159566][T16377] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  725.159576][T16377] RBP: 00007fdc1fa32c99 R08: 0000000000000000 R09: 0000000000000000
[  725.159585][T16377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  725.159597][T16377] R13: 00007fdc1fc16038 R14: 00007fdc1fc15fa0 R15: 00007fffae1cb8d8
[  725.159616][T16377]  </TASK>
[  725.485871][T16377] input: failed to attach handler evdev to device input72, error: -12
[  725.718906][T16390] openvswitch: ovs_: Dropping previously announced user features
[  726.848068][T16416] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  727.475027][T16428] input: f�
 as /devices/virtual/input/input73
[  727.510164][T16428] FAULT_INJECTION: forcing a failure.
[  727.510164][T16428] name failslab, interval 1, probability 0, space 0, times 0
[  727.601434][T16428] CPU: 0 UID: 0 PID: 16428 Comm: syz.1.2288 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  727.601462][T16428] Tainted: [L]=SOFTLOCKUP
[  727.601467][T16428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  727.601476][T16428] Call Trace:
[  727.601482][T16428]  <TASK>
[  727.601489][T16428]  dump_stack_lvl+0x100/0x190
[  727.601516][T16428]  should_fail_ex.cold+0x5/0xa
[  727.601535][T16428]  ? kobject_get_path+0xcf/0x2c0
[  727.601553][T16428]  should_failslab+0xc2/0x120
[  727.601569][T16428]  __kmalloc_noprof+0xe0/0x850
[  727.601594][T16428]  kobject_get_path+0xcf/0x2c0
[  727.601617][T16428]  kobject_uevent_env+0x287/0x18b0
[  727.601640][T16428]  ? kernfs_put+0x3f/0x60
[  727.601661][T16428]  ? sysfs_do_create_link_sd+0xbb/0x140
[  727.601679][T16428]  ? bus_to_subsys+0x114/0x150
[  727.601714][T16428]  device_add+0x116e/0x1950
[  727.601732][T16428]  ? __pfx_device_add+0x10/0x10
[  727.601751][T16428]  ? kobject_get+0xbb/0x150
[  727.601772][T16428]  cdev_device_add+0x12b/0x270
[  727.601790][T16428]  evdev_connect+0x3a8/0x4b0
[  727.601813][T16428]  input_attach_handler.isra.0+0x177/0x1e0
[  727.601835][T16428]  input_register_device.cold+0x139/0x375
[  727.601857][T16428]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  727.601882][T16428]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  727.601902][T16428]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  727.601930][T16428]  ? find_held_lock+0x2b/0x80
[  727.601944][T16428]  ? __fget_files+0x215/0x3d0
[  727.601966][T16428]  ? __pfx_uinput_ioctl+0x10/0x10
[  727.601981][T16428]  __x64_sys_ioctl+0x18e/0x210
[  727.602003][T16428]  do_syscall_64+0x106/0xf80
[  727.602020][T16428]  ? clear_bhb_loop+0x40/0x90
[  727.602039][T16428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.602054][T16428] RIP: 0033:0x7f11d199c799
[  727.602068][T16428] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  727.602083][T16428] RSP: 002b:00007f11d28b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  727.602098][T16428] RAX: ffffffffffffffda RBX: 00007f11d1c15fa0 RCX: 00007f11d199c799
[  727.602108][T16428] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  727.602117][T16428] RBP: 00007f11d1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  727.602126][T16428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  727.602135][T16428] R13: 00007f11d1c16038 R14: 00007f11d1c15fa0 R15: 00007ffdfd3b9438
[  727.602155][T16428]  </TASK>
[  729.559834][T16463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2296'.
[  729.690026][T16466] FAULT_INJECTION: forcing a failure.
[  729.690026][T16466] name failslab, interval 1, probability 0, space 0, times 0
[  729.822960][T16466] CPU: 0 UID: 0 PID: 16466 Comm: syz.1.2296 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  729.822988][T16466] Tainted: [L]=SOFTLOCKUP
[  729.822993][T16466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  729.823003][T16466] Call Trace:
[  729.823009][T16466]  <TASK>
[  729.823017][T16466]  dump_stack_lvl+0x100/0x190
[  729.823045][T16466]  should_fail_ex.cold+0x5/0xa
[  729.823064][T16466]  should_failslab+0xc2/0x120
[  729.823080][T16466]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  729.823103][T16466]  ? __d_alloc+0x34/0xa80
[  729.823122][T16466]  __d_alloc+0x34/0xa80
[  729.823140][T16466]  d_alloc_pseudo+0x1c/0xc0
[  729.823161][T16466]  alloc_file_pseudo+0xcf/0x230
[  729.823180][T16466]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  729.823198][T16466]  ? alloc_fd+0x476/0x790
[  729.823215][T16466]  sock_alloc_file+0x50/0x210
[  729.823235][T16466]  __sys_socket+0x1c0/0x260
[  729.823249][T16466]  ? __pfx___sys_socket+0x10/0x10
[  729.823268][T16466]  __x64_sys_socket+0x72/0xb0
[  729.823281][T16466]  ? lockdep_hardirqs_on+0x78/0x100
[  729.823299][T16466]  do_syscall_64+0x106/0xf80
[  729.823315][T16466]  ? clear_bhb_loop+0x40/0x90
[  729.823333][T16466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.823348][T16466] RIP: 0033:0x7f11d199c799
[  729.823363][T16466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  729.823377][T16466] RSP: 002b:00007f11d2893028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  729.823392][T16466] RAX: ffffffffffffffda RBX: 00007f11d1c16090 RCX: 00007f11d199c799
[  729.823402][T16466] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002d
[  729.823411][T16466] RBP: 00007f11d1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  729.823421][T16466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  729.823431][T16466] R13: 00007f11d1c16128 R14: 00007f11d1c16090 R15: 00007ffdfd3b9438
[  729.823450][T16466]  </TASK>
[  731.461877][T16484] input: f�
 as /devices/virtual/input/input74
[  731.494986][T16484] FAULT_INJECTION: forcing a failure.
[  731.494986][T16484] name failslab, interval 1, probability 0, space 0, times 0
[  731.593512][T16484] CPU: 0 UID: 0 PID: 16484 Comm: syz.1.2301 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  731.593540][T16484] Tainted: [L]=SOFTLOCKUP
[  731.593546][T16484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  731.593556][T16484] Call Trace:
[  731.593562][T16484]  <TASK>
[  731.593568][T16484]  dump_stack_lvl+0x100/0x190
[  731.593597][T16484]  should_fail_ex.cold+0x5/0xa
[  731.593616][T16484]  should_failslab+0xc2/0x120
[  731.593633][T16484]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  731.593655][T16484]  ? __kernfs_new_node+0xd2/0x960
[  731.593676][T16484]  ? kstrdup+0xb3/0xe0
[  731.593700][T16484]  __kernfs_new_node+0xd2/0x960
[  731.593722][T16484]  ? __pfx___kernfs_new_node+0x10/0x10
[  731.593748][T16484]  ? find_held_lock+0x2b/0x80
[  731.593762][T16484]  ? kernfs_root+0xee/0x2a0
[  731.593780][T16484]  ? kernfs_root+0xee/0x2a0
[  731.593804][T16484]  kernfs_new_node+0x11b/0x1a0
[  731.593828][T16484]  kernfs_create_link+0xcc/0x240
[  731.593847][T16484]  sysfs_do_create_link_sd+0x90/0x140
[  731.593868][T16484]  sysfs_create_link+0x61/0xc0
[  731.593888][T16484]  device_add+0xb5d/0x1950
[  731.593905][T16484]  ? __pfx_device_add+0x10/0x10
[  731.593922][T16484]  ? kobject_get+0xbb/0x150
[  731.593945][T16484]  cdev_device_add+0x12b/0x270
[  731.593962][T16484]  evdev_connect+0x3a8/0x4b0
[  731.593993][T16484]  input_attach_handler.isra.0+0x177/0x1e0
[  731.594016][T16484]  input_register_device.cold+0x139/0x375
[  731.594038][T16484]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  731.594064][T16484]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  731.594085][T16484]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  731.594112][T16484]  ? find_held_lock+0x2b/0x80
[  731.594126][T16484]  ? __fget_files+0x215/0x3d0
[  731.594148][T16484]  ? __pfx_uinput_ioctl+0x10/0x10
[  731.594163][T16484]  __x64_sys_ioctl+0x18e/0x210
[  731.594185][T16484]  do_syscall_64+0x106/0xf80
[  731.594202][T16484]  ? clear_bhb_loop+0x40/0x90
[  731.594220][T16484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.594236][T16484] RIP: 0033:0x7f11d199c799
[  731.594249][T16484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  731.594263][T16484] RSP: 002b:00007f11d28b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  731.594278][T16484] RAX: ffffffffffffffda RBX: 00007f11d1c15fa0 RCX: 00007f11d199c799
[  731.594288][T16484] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  731.594296][T16484] RBP: 00007f11d1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  731.594305][T16484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  731.594317][T16484] R13: 00007f11d1c16038 R14: 00007f11d1c15fa0 R15: 00007ffdfd3b9438
[  731.594337][T16484]  </TASK>
[  732.675752][T16484] input: failed to attach handler evdev to device input74, error: -12
[  733.375246][T16494] netlink: 226 bytes leftover after parsing attributes in process `syz.0.2303'.
[  734.322225][T16517] nvme_fabrics: missing parameter 'transport=%s'
[  734.353677][T16517] nvme_fabrics: missing parameter 'nqn=%s'
[  734.561040][T16519] nvme_fabrics: missing parameter 'transport=%s'
[  734.567495][T16519] nvme_fabrics: missing parameter 'nqn=%s'
[  735.250529][T16538] sd 0:0:1:0: PR command failed: 1026
[  735.294938][T16533] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[  735.426023][T16538] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  735.488336][T16538] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  736.120316][T16551] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  736.220388][T16551] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  736.340569][T16551] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  736.572458][T16556] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum
[  736.789050][T16559] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 2: bad block bitmap checksum
[  737.520583][ T8969] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  737.532472][ T8969] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  737.549665][ T8969] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  737.561351][ T8969] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  737.580468][ T8969] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  738.022127][T15098] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  738.357581][T15098] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  738.670787][T15098] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  738.947234][T15098] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  739.219535][T16600] openvswitch: ovs_: Dropping previously announced user features
[  739.659346][ T8969] Bluetooth: hci3: command tx timeout
[  739.925365][T15098] team0: left allmulticast mode
[  739.955043][T15098] team_slave_1: left allmulticast mode
[  739.984967][T15098] team0: left promiscuous mode
[  740.010270][T15098] team_slave_1: left promiscuous mode
[  740.038813][T15098] bridge0: port 3(team0) entered disabled state
[  740.094378][T15098] bridge_slave_1: left allmulticast mode
[  740.118632][T15098] bridge_slave_1: left promiscuous mode
[  740.143063][T15098] bridge0: port 2(bridge_slave_1) entered disabled state
[  740.175445][T15098] bridge_slave_0: left allmulticast mode
[  740.205589][T15098] bridge_slave_0: left promiscuous mode
[  740.232976][T15098] bridge0: port 1(bridge_slave_0) entered disabled state
[  740.939697][T15098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  740.993083][T15098] bond0 (unregistering): Released all slaves
[  741.148361][T16573] chnl_net:caif_netlink_parms(): no params data found
[  741.195936][T15098] ovs_: left promiscuous mode
[  741.421815][T15098] tipc: Left network mode
[  741.739431][ T8969] Bluetooth: hci3: command tx timeout
[  742.120533][T16573] bridge0: port 1(bridge_slave_0) entered blocking state
[  742.158155][T16573] bridge0: port 1(bridge_slave_0) entered disabled state
[  742.180429][T16573] bridge_slave_0: entered allmulticast mode
[  742.215790][T16573] bridge_slave_0: entered promiscuous mode
[  742.254959][T16573] bridge0: port 2(bridge_slave_1) entered blocking state
[  742.289430][T16573] bridge0: port 2(bridge_slave_1) entered disabled state
[  742.328182][T16573] bridge_slave_1: entered allmulticast mode
[  742.361387][T16573] bridge_slave_1: entered promiscuous mode
[  742.555522][T16625] Unable to find swap-space signature
[  742.813978][T15098] hsr_slave_0: left promiscuous mode
[  742.899159][T15098] hsr_slave_1: left promiscuous mode
[  742.972759][T15098] veth1_macvtap: left promiscuous mode
[  743.012112][T15098] veth0_macvtap: left promiscuous mode
[  743.017688][T15098] veth1_vlan: left promiscuous mode
[  743.089897][T15098] veth0_vlan: left promiscuous mode
[  743.818754][ T8969] Bluetooth: hci3: command tx timeout
[  744.056736][T15098] team0 (unregistering): Port device team_slave_1 removed
[  744.475399][T16573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  744.569791][T16573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  744.688527][T16646] FAULT_INJECTION: forcing a failure.
[  744.688527][T16646] name failslab, interval 1, probability 0, space 0, times 0
[  744.768212][T16646] CPU: 0 UID: 0 PID: 16646 Comm: syz.1.2333 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  744.768240][T16646] Tainted: [L]=SOFTLOCKUP
[  744.768246][T16646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  744.768256][T16646] Call Trace:
[  744.768261][T16646]  <TASK>
[  744.768268][T16646]  dump_stack_lvl+0x100/0x190
[  744.768296][T16646]  should_fail_ex.cold+0x5/0xa
[  744.768315][T16646]  should_failslab+0xc2/0x120
[  744.768332][T16646]  __kmalloc_cache_noprof+0x7a/0x6f0
[  744.768351][T16646]  ? sctp_endpoint_new+0xfc/0xb20
[  744.768373][T16646]  ? __debug_object_init+0x2de/0x3d0
[  744.768398][T16646]  sctp_endpoint_new+0xfc/0xb20
[  744.768418][T16646]  ? __pfx_sctp_endpoint_new+0x10/0x10
[  744.768437][T16646]  ? lockdep_init_map_type+0x5c/0x250
[  744.768458][T16646]  ? lockdep_init_map_type+0x5c/0x250
[  744.768476][T16646]  ? lockdep_init_map_type+0x5c/0x250
[  744.768498][T16646]  sctp_init_sock+0xe2b/0x1300
[  744.768588][T16646]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  744.768606][T16646]  sctp_v6_init_sock+0x16/0x70
[  744.768623][T16646]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  744.768645][T16646]  inet6_create+0xb21/0x12b0
[  744.768666][T16646]  ? inet6_create+0x7f/0x12b0
[  744.768685][T16646]  __sock_create+0x339/0x860
[  744.768712][T16646]  __sys_socket+0x14d/0x260
[  744.768725][T16646]  ? __pfx___sys_socket+0x10/0x10
[  744.768745][T16646]  __x64_sys_socket+0x72/0xb0
[  744.768758][T16646]  ? lockdep_hardirqs_on+0x78/0x100
[  744.768777][T16646]  do_syscall_64+0x106/0xf80
[  744.768794][T16646]  ? clear_bhb_loop+0x40/0x90
[  744.768813][T16646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.768828][T16646] RIP: 0033:0x7f11d199c799
[  744.768842][T16646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  744.768856][T16646] RSP: 002b:00007f11d28b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  744.768871][T16646] RAX: ffffffffffffffda RBX: 00007f11d1c15fa0 RCX: 00007f11d199c799
[  744.768881][T16646] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a
[  744.768890][T16646] RBP: 00007f11d1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  744.768899][T16646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  744.768908][T16646] R13: 00007f11d1c16038 R14: 00007f11d1c15fa0 R15: 00007ffdfd3b9438
[  744.768928][T16646]  </TASK>
[  745.036324][T16573] team0: Port device team_slave_0 added
[  745.045686][T16573] team0: Port device team_slave_1 added
[  745.069842][T16573] batman_adv: batadv0: Adding interface: batadv_slave_0
[  745.077362][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  745.106690][T16573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  745.119954][T16573] batman_adv: batadv0: Adding interface: batadv_slave_1
[  745.127005][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  745.154131][T16573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  745.190725][T16573] hsr_slave_0: entered promiscuous mode
[  745.197299][T16573] hsr_slave_1: entered promiscuous mode
[  745.895399][T16573] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  745.903711][ T8969] Bluetooth: hci3: command tx timeout
[  745.946350][T16573] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  745.999159][T16573] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  746.084007][T16573] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  746.465895][T16573] 8021q: adding VLAN 0 to HW filter on device bond0
[  746.554873][T16573] 8021q: adding VLAN 0 to HW filter on device team0
[  746.649379][T15104] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.657265][T15104] bridge0: port 1(bridge_slave_0) entered forwarding state
[  746.729237][T16671] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  746.748392][T15104] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.756261][T15104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  746.920444][T16573] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  747.543219][T16573] 8021q: adding VLAN 0 to HW filter on device batadv0
[  747.735865][T16573] veth0_vlan: entered promiscuous mode
[  747.798464][T16573] veth1_vlan: entered promiscuous mode
[  747.824721][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  747.831829][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  747.940512][T16573] veth0_macvtap: entered promiscuous mode
[  747.984333][T16573] veth1_macvtap: entered promiscuous mode
[  748.060195][T16573] batman_adv: batadv0: Interface activated: batadv_slave_0
[  748.116167][T16573] batman_adv: batadv0: Interface activated: batadv_slave_1
[  748.183403][ T8755] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  748.227250][ T8755] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  748.364148][T15098] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  748.408670][T15098] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  748.699654][T15096] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  748.746422][T15096] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  748.883593][T15098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  748.928615][T15098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  750.430203][T10674] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  750.448115][T10674] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  750.457606][T10674] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  750.469334][T10674] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  750.477039][T10674] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  751.035981][T16737] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  751.439523][T15100] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  751.544312][T16723] chnl_net:caif_netlink_parms(): no params data found
[  751.700830][T15100] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  751.940323][T15100] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  752.103033][T15100] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  752.458744][T16723] bridge0: port 1(bridge_slave_0) entered blocking state
[  752.489674][T16723] bridge0: port 1(bridge_slave_0) entered disabled state
[  752.523101][T16723] bridge_slave_0: entered allmulticast mode
[  752.538909][T10674] Bluetooth: hci4: command tx timeout
[  752.569132][T16723] bridge_slave_0: entered promiscuous mode
[  752.625428][T16723] bridge0: port 2(bridge_slave_1) entered blocking state
[  752.657616][T16723] bridge0: port 2(bridge_slave_1) entered disabled state
[  752.693083][T16723] bridge_slave_1: entered allmulticast mode
[  752.750855][T16723] bridge_slave_1: entered promiscuous mode
[  752.980834][T16723] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  753.077021][T16723] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  753.495775][T16786] FAULT_INJECTION: forcing a failure.
[  753.495775][T16786] name failslab, interval 1, probability 0, space 0, times 0
[  753.521155][T16723] team0: Port device team_slave_0 added
[  753.560646][T16723] team0: Port device team_slave_1 added
[  753.566536][T16786] CPU: 0 UID: 0 PID: 16786 Comm: syz.0.2364 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  753.566663][T16786] Tainted: [L]=SOFTLOCKUP
[  753.566669][T16786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  753.566679][T16786] Call Trace:
[  753.566687][T16786]  <TASK>
[  753.566695][T16786]  dump_stack_lvl+0x100/0x190
[  753.566723][T16786]  should_fail_ex.cold+0x5/0xa
[  753.566742][T16786]  ? sk_prot_alloc+0x10b/0x2a0
[  753.566762][T16786]  should_failslab+0xc2/0x120
[  753.566779][T16786]  __kmalloc_noprof+0xe0/0x850
[  753.566804][T16786]  sk_prot_alloc+0x10b/0x2a0
[  753.566828][T16786]  sk_alloc+0x36/0xe80
[  753.566845][T16786]  packet_create+0x127/0x8e0
[  753.566869][T16786]  __sock_create+0x339/0x860
[  753.566894][T16786]  __sys_socket+0x14d/0x260
[  753.566909][T16786]  ? __pfx___sys_socket+0x10/0x10
[  753.566928][T16786]  __x64_sys_socket+0x72/0xb0
[  753.566942][T16786]  ? lockdep_hardirqs_on+0x78/0x100
[  753.566960][T16786]  do_syscall_64+0x106/0xf80
[  753.566987][T16786]  ? clear_bhb_loop+0x40/0x90
[  753.567006][T16786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.567022][T16786] RIP: 0033:0x7fb419b9c799
[  753.567036][T16786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  753.567054][T16786] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  753.567070][T16786] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  753.567081][T16786] RDX: 0000000000000300 RSI: 0000000000080003 RDI: 0000000000000011
[  753.567090][T16786] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  753.567100][T16786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.567109][T16786] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  753.567128][T16786]  </TASK>
[  754.148526][T15100] gretap0: left allmulticast mode
[  754.159161][T15100] gretap0: left promiscuous mode
[  754.183312][T15100] bridge0: port 3(gretap0) entered disabled state
[  754.202121][T15100] bridge_slave_1: left allmulticast mode
[  754.216201][T15100] bridge_slave_1: left promiscuous mode
[  754.236561][T15100] bridge0: port 2(bridge_slave_1) entered disabled state
[  754.261697][T15100] bridge_slave_0: left allmulticast mode
[  754.276482][T15100] bridge_slave_0: left promiscuous mode
[  754.292070][T15100] bridge0: port 1(bridge_slave_0) entered disabled state
[  754.618740][T10674] Bluetooth: hci4: command tx timeout
[  754.722008][T16802] NFSD: Failed to start, no listeners configured.
[  754.804664][T15100] bond0 (unregistering): (slave �): Releasing backup interface
[  754.828725][T15100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  754.854920][T15100] bond0 (unregistering): Released all slaves
[  755.024513][T16723] batman_adv: batadv0: Adding interface: batadv_slave_0
[  755.056326][T16723] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  755.153243][T16723] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  755.195513][T15100] HfR: left promiscuous mode
[  755.263653][T16723] batman_adv: batadv0: Adding interface: batadv_slave_1
[  755.283195][T16723] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  755.422720][T16723] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  755.462683][T15100] ovs_: left promiscuous mode
[  755.533385][T15100] tipc: Left network mode
[  755.636624][   T29] audit: type=1800 audit(1773311989.814:15): pid=16809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2369" name="dbroot" dev="configfs" ino=69798 res=0 errno=0
[  755.819278][T16723] hsr_slave_0: entered promiscuous mode
[  755.840665][T16723] hsr_slave_1: entered promiscuous mode
[  755.867331][T16723] debugfs: 'hsr0' already exists in 'hsr'
[  755.878002][T16723] Cannot create hsr debugfs directory
[  756.186388][T16809] tipc: Started in network mode
[  756.236222][T16809] tipc: Node identity ffffffff, cluster identity 4711
[  756.277193][T16809] tipc: Node number set to 4294967295
[  756.695817][T16820] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  756.711582][T10674] Bluetooth: hci4: command tx timeout
[  756.859856][T15100] hsr_slave_0: left promiscuous mode
[  756.885032][T15100] hsr_slave_1: left promiscuous mode
[  756.914350][T15100] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  756.955862][T15100] batman_adv: batadv0: Removing interface: batadv_slave_0
[  757.005022][T15100] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  757.052719][T15100] batman_adv: batadv0: Removing interface: batadv_slave_1
[  757.120251][T16829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2374'.
[  757.166957][T15100] veth1_macvtap: left promiscuous mode
[  757.201733][T15100] veth0_macvtap: left promiscuous mode
[  757.207600][T15100] veth1_vlan: left promiscuous mode
[  757.273616][T15100] veth0_vlan: left promiscuous mode
[  758.091051][T15100] team0 (unregistering): Port device team_slave_1 removed
[  758.149711][T15100] team0 (unregistering): Port device team_slave_0 removed
[  758.396547][T16829] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  758.421633][T16829] batman_adv: batadv0: Removing interface: batadv_slave_0
[  758.476255][T16829] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  758.497969][T16829] batman_adv: batadv0: Removing interface: batadv_slave_1
[  758.781175][T10674] Bluetooth: hci4: command tx timeout
[  759.298807][T16839] random: crng reseeded on system resumption
[  759.336368][T16841] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  759.724461][T16846] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2379'.
[  759.968628][T16851] random: crng reseeded on system resumption
[  762.680114][T16883] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2385'.
[  764.878839][T16903] openvswitch: netlink: Flow key attr not present in new flow.
[  764.950114][T16903] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  765.788700][T16915] random: crng reseeded on system resumption
[  769.273520][T16946] zswap: compressor  not available
[  771.934359][ T5823] process 9772 (syz.1.782) no longer affine to cpu1
[  772.429952][ T8969] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  772.443134][ T8969] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  772.453978][ T8969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  772.467816][ T8969] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  772.475635][ T8969] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  773.396420][T17003] chnl_net:caif_netlink_parms(): no params data found
[  774.263418][T17003] bridge0: port 1(bridge_slave_0) entered blocking state
[  774.318110][T17003] bridge0: port 1(bridge_slave_0) entered disabled state
[  774.325497][T17003] bridge_slave_0: entered allmulticast mode
[  774.412394][T17003] bridge_slave_0: entered promiscuous mode
[  774.538682][T10674] Bluetooth: hci2: command tx timeout
[  774.655261][T17003] bridge0: port 2(bridge_slave_1) entered blocking state
[  774.699531][T17003] bridge0: port 2(bridge_slave_1) entered disabled state
[  774.755513][T17003] bridge_slave_1: entered allmulticast mode
[  774.782854][T17003] bridge_slave_1: entered promiscuous mode
[  774.885259][T17042] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1701865840.29542.0), cmd(5)
[  774.994251][T17003] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  775.189089][T17003] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  775.400904][T17003] team0: Port device team_slave_0 added
[  775.423993][T17003] team0: Port device team_slave_1 added
[  775.447087][T17048] input: f�
 as /devices/virtual/input/input75
[  775.529177][T17048] FAULT_INJECTION: forcing a failure.
[  775.529177][T17048] name failslab, interval 1, probability 0, space 0, times 0
[  775.641937][T17048] CPU: 0 UID: 0 PID: 17048 Comm: syz.0.2421 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  775.641963][T17048] Tainted: [L]=SOFTLOCKUP
[  775.641969][T17048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  775.641978][T17048] Call Trace:
[  775.641984][T17048]  <TASK>
[  775.641991][T17048]  dump_stack_lvl+0x100/0x190
[  775.642019][T17048]  should_fail_ex.cold+0x5/0xa
[  775.642037][T17048]  should_failslab+0xc2/0x120
[  775.642053][T17048]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  775.642076][T17048]  ? __kernfs_new_node+0xd2/0x960
[  775.642096][T17048]  ? __pfx_try_to_wake_up+0x10/0x10
[  775.642114][T17048]  __kernfs_new_node+0xd2/0x960
[  775.642136][T17048]  ? __pfx___kernfs_new_node+0x10/0x10
[  775.642161][T17048]  ? find_held_lock+0x2b/0x80
[  775.642174][T17048]  ? kernfs_root+0xee/0x2a0
[  775.642193][T17048]  ? kernfs_root+0xee/0x2a0
[  775.642216][T17048]  kernfs_new_node+0x11b/0x1a0
[  775.642241][T17048]  __kernfs_create_file+0x53/0x350
[  775.642259][T17048]  sysfs_add_file_mode_ns+0x207/0x3c0
[  775.642283][T17048]  sysfs_create_file_ns+0x145/0x1e0
[  775.642302][T17048]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  775.642323][T17048]  ? mark_held_locks+0x40/0x70
[  775.642343][T17048]  device_create_file+0xf2/0x1d0
[  775.642363][T17048]  device_add+0xa74/0x1950
[  775.642379][T17048]  ? __pfx_device_add+0x10/0x10
[  775.642396][T17048]  ? kobject_get+0xbb/0x150
[  775.642418][T17048]  cdev_device_add+0x12b/0x270
[  775.642434][T17048]  evdev_connect+0x3a8/0x4b0
[  775.642467][T17048]  input_attach_handler.isra.0+0x177/0x1e0
[  775.642490][T17048]  input_register_device.cold+0x139/0x375
[  775.642512][T17048]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  775.642537][T17048]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  775.642558][T17048]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  775.642586][T17048]  ? find_held_lock+0x2b/0x80
[  775.642599][T17048]  ? __fget_files+0x215/0x3d0
[  775.642621][T17048]  ? __pfx_uinput_ioctl+0x10/0x10
[  775.642636][T17048]  __x64_sys_ioctl+0x18e/0x210
[  775.642658][T17048]  do_syscall_64+0x106/0xf80
[  775.642674][T17048]  ? clear_bhb_loop+0x40/0x90
[  775.642692][T17048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  775.642707][T17048] RIP: 0033:0x7fb419b9c799
[  775.642722][T17048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  775.642736][T17048] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  775.642750][T17048] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  775.642761][T17048] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  775.642769][T17048] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  775.642779][T17048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  775.642814][T17048] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  775.642836][T17048]  </TASK>
[  775.952396][T17003] batman_adv: batadv0: Adding interface: batadv_slave_0
[  775.959664][T17003] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  775.986319][T17003] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  775.999354][T17003] batman_adv: batadv0: Adding interface: batadv_slave_1
[  776.007614][T17003] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  776.034869][T17003] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  776.074904][T17003] hsr_slave_0: entered promiscuous mode
[  776.081395][T17003] hsr_slave_1: entered promiscuous mode
[  776.088311][T17003] debugfs: 'hsr0' already exists in 'hsr'
[  776.094762][T17003] Cannot create hsr debugfs directory
[  776.347323][T17048] input: failed to attach handler evdev to device input75, error: -12
[  776.632839][ T8969] Bluetooth: hci2: command tx timeout
[  777.486920][T17063] input: f�
 as /devices/virtual/input/input76
[  777.510233][T17063] FAULT_INJECTION: forcing a failure.
[  777.510233][T17063] name failslab, interval 1, probability 0, space 0, times 0
[  777.567308][T17063] CPU: 0 UID: 0 PID: 17063 Comm: syz.0.2424 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  777.567336][T17063] Tainted: [L]=SOFTLOCKUP
[  777.567342][T17063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  777.567352][T17063] Call Trace:
[  777.567358][T17063]  <TASK>
[  777.567364][T17063]  dump_stack_lvl+0x100/0x190
[  777.567393][T17063]  should_fail_ex.cold+0x5/0xa
[  777.567412][T17063]  should_failslab+0xc2/0x120
[  777.567427][T17063]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  777.567449][T17063]  ? __kernfs_new_node+0xd2/0x960
[  777.567469][T17063]  ? kstrdup+0xb3/0xe0
[  777.567499][T17063]  __kernfs_new_node+0xd2/0x960
[  777.567522][T17063]  ? __pfx___kernfs_new_node+0x10/0x10
[  777.567550][T17063]  ? find_held_lock+0x2b/0x80
[  777.567564][T17063]  ? kernfs_root+0xee/0x2a0
[  777.567582][T17063]  ? kernfs_root+0xee/0x2a0
[  777.567626][T17063]  kernfs_new_node+0x11b/0x1a0
[  777.567653][T17063]  kernfs_create_link+0xcc/0x240
[  777.567672][T17063]  sysfs_do_create_link_sd+0x90/0x140
[  777.567694][T17063]  sysfs_create_link+0x61/0xc0
[  777.567714][T17063]  device_add+0xb5d/0x1950
[  777.567732][T17063]  ? __pfx_device_add+0x10/0x10
[  777.567749][T17063]  ? kobject_get+0xbb/0x150
[  777.567772][T17063]  cdev_device_add+0x12b/0x270
[  777.567788][T17063]  evdev_connect+0x3a8/0x4b0
[  777.567812][T17063]  input_attach_handler.isra.0+0x177/0x1e0
[  777.567834][T17063]  input_register_device.cold+0x139/0x375
[  777.567856][T17063]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  777.567885][T17063]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  777.567905][T17063]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  777.567933][T17063]  ? find_held_lock+0x2b/0x80
[  777.567946][T17063]  ? __fget_files+0x215/0x3d0
[  777.567969][T17063]  ? __pfx_uinput_ioctl+0x10/0x10
[  777.567985][T17063]  __x64_sys_ioctl+0x18e/0x210
[  777.568007][T17063]  do_syscall_64+0x106/0xf80
[  777.568024][T17063]  ? clear_bhb_loop+0x40/0x90
[  777.568042][T17063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.568057][T17063] RIP: 0033:0x7fb419b9c799
[  777.568071][T17063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  777.568087][T17063] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  777.568102][T17063] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  777.568112][T17063] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  777.568121][T17063] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  777.568130][T17063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  777.568139][T17063] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  777.568159][T17063]  </TASK>
[  778.392379][T17068] ovs_: entered promiscuous mode
[  778.632606][T17063] input: failed to attach handler evdev to device input76, error: -12
[  778.698169][ T8969] Bluetooth: hci2: command tx timeout
[  778.790539][T17070] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1701865840.29542.0), cmd(5)
[  780.778166][ T8969] Bluetooth: hci2: command tx timeout
[  781.590859][T17097] random: crng reseeded on system resumption
[  782.335747][T17105] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1701865840.29542.0), cmd(5)
[  782.557232][T17109] kvm: user requested TSC rate below hardware speed
[  782.754832][T17114] zero sized request
[  786.959438][T17148] FAULT_INJECTION: forcing a failure.
[  786.959438][T17148] name failslab, interval 1, probability 0, space 0, times 0
[  787.008049][T17148] CPU: 0 UID: 0 PID: 17148 Comm: syz.0.2443 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  787.008075][T17148] Tainted: [L]=SOFTLOCKUP
[  787.008080][T17148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  787.008090][T17148] Call Trace:
[  787.008096][T17148]  <TASK>
[  787.008102][T17148]  dump_stack_lvl+0x100/0x190
[  787.008129][T17148]  should_fail_ex.cold+0x5/0xa
[  787.008147][T17148]  ? tomoyo_realpath_from_path+0xb6/0x690
[  787.008166][T17148]  should_failslab+0xc2/0x120
[  787.008182][T17148]  __kmalloc_noprof+0xe0/0x850
[  787.008207][T17148]  tomoyo_realpath_from_path+0xb6/0x690
[  787.008229][T17148]  tomoyo_path_number_perm+0x23c/0x580
[  787.008251][T17148]  ? tomoyo_path_number_perm+0x22e/0x580
[  787.008275][T17148]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  787.008304][T17148]  ? rcu_read_lock_any_held+0x6a/0xa0
[  787.008329][T17148]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  787.008349][T17148]  ? hook_file_ioctl_common+0x146/0x410
[  787.008381][T17148]  security_file_ioctl+0xd3/0x230
[  787.008407][T17148]  __x64_sys_ioctl+0xb7/0x210
[  787.008429][T17148]  do_syscall_64+0x106/0xf80
[  787.008447][T17148]  ? clear_bhb_loop+0x40/0x90
[  787.008466][T17148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.008481][T17148] RIP: 0033:0x7fb419b9c799
[  787.008495][T17148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  787.008516][T17148] RSP: 002b:00007fb41a98c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  787.008531][T17148] RAX: ffffffffffffffda RBX: 00007fb419e16090 RCX: 00007fb419b9c799
[  787.008540][T17148] RDX: 00002000000001c0 RSI: fffffff7effffd05 RDI: 0000000000000000
[  787.008550][T17148] RBP: 00007fb41a98c090 R08: 0000000000000000 R09: 0000000000000000
[  787.008559][T17148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  787.008567][T17148] R13: 00007fb419e16128 R14: 00007fb419e16090 R15: 00007ffd3d6eaab8
[  787.008587][T17148]  </TASK>
[  787.008594][T17148] ERROR: Out of memory at tomoyo_realpath_from_path.
[  787.302887][T17150] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2444'.
[  787.688243][   T29] audit: type=1800 audit(1773312021.844:16): pid=17153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2445" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  787.778403][T17148] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  790.546355][T17194] FAULT_INJECTION: forcing a failure.
[  790.546355][T17194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.641772][T17194] CPU: 0 UID: 0 PID: 17194 Comm: syz.0.2451 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  790.641803][T17194] Tainted: [L]=SOFTLOCKUP
[  790.641808][T17194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  790.641818][T17194] Call Trace:
[  790.641824][T17194]  <TASK>
[  790.641830][T17194]  dump_stack_lvl+0x100/0x190
[  790.641857][T17194]  should_fail_ex.cold+0x5/0xa
[  790.641875][T17194]  _copy_to_user+0x32/0xd0
[  790.641892][T17194]  crtc_crc_read+0x866/0xaf0
[  790.642001][T17194]  ? __pfx_crtc_crc_read+0x10/0x10
[  790.642016][T17194]  ? __pfx_aa_file_perm+0x10/0x10
[  790.642034][T17194]  ? __pfx_autoremove_wake_function+0x10/0x10
[  790.642067][T17194]  full_proxy_read+0x135/0x1a0
[  790.642086][T17194]  ? __pfx_full_proxy_read+0x10/0x10
[  790.642104][T17194]  vfs_read+0x1e4/0xb30
[  790.642129][T17194]  ? __pfx_vfs_read+0x10/0x10
[  790.642151][T17194]  ? __fget_files+0x215/0x3d0
[  790.642169][T17194]  ? __fget_files+0x21f/0x3d0
[  790.642188][T17194]  ksys_read+0x12a/0x250
[  790.642209][T17194]  ? __pfx_ksys_read+0x10/0x10
[  790.642237][T17194]  do_syscall_64+0x106/0xf80
[  790.642255][T17194]  ? clear_bhb_loop+0x40/0x90
[  790.642273][T17194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.642288][T17194] RIP: 0033:0x7fb419b9c799
[  790.642302][T17194] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  790.642317][T17194] RSP: 002b:00007fb41a98c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  790.642331][T17194] RAX: ffffffffffffffda RBX: 00007fb419e16090 RCX: 00007fb419b9c799
[  790.642341][T17194] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000009
[  790.642350][T17194] RBP: 00007fb41a98c090 R08: 0000000000000000 R09: 0000000000000000
[  790.642359][T17194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  790.642368][T17194] R13: 00007fb419e16128 R14: 00007fb419e16090 R15: 00007ffd3d6eaab8
[  790.642387][T17194]  </TASK>
[  791.241973][ T8969] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  792.223818][T17202] FAULT_INJECTION: forcing a failure.
[  792.223818][T17202] name failslab, interval 1, probability 0, space 0, times 0
[  792.320575][T17202] CPU: 0 UID: 0 PID: 17202 Comm: syz.3.2453 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  792.320604][T17202] Tainted: [L]=SOFTLOCKUP
[  792.320609][T17202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  792.320619][T17202] Call Trace:
[  792.320625][T17202]  <TASK>
[  792.320632][T17202]  dump_stack_lvl+0x100/0x190
[  792.320659][T17202]  should_fail_ex.cold+0x5/0xa
[  792.320678][T17202]  should_failslab+0xc2/0x120
[  792.320694][T17202]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  792.320717][T17202]  ? security_inode_alloc+0x3b/0x2c0
[  792.320740][T17202]  ? lockdep_init_map_type+0x5c/0x250
[  792.320762][T17202]  security_inode_alloc+0x3b/0x2c0
[  792.320785][T17202]  inode_init_always_gfp+0xced/0x1040
[  792.320804][T17202]  alloc_inode+0x8e/0x250
[  792.320823][T17202]  new_inode+0x22/0x1c0
[  792.320842][T17202]  hugetlbfs_get_inode+0x313/0x750
[  792.320870][T17202]  hugetlb_file_setup+0x3cc/0x5b0
[  792.320889][T17202]  newseg+0xabb/0xed0
[  792.320979][T17202]  ? __pfx_newseg+0x10/0x10
[  792.320994][T17202]  ? down_write+0x146/0x1f0
[  792.321016][T17202]  ? ksys_write+0x190/0x250
[  792.321029][T17202]  ? ksys_write+0x190/0x250
[  792.321044][T17202]  ipcget+0xee/0xf50
[  792.321086][T17202]  ? do_futex+0x192/0x350
[  792.321114][T17202]  ? __pfx_do_futex+0x10/0x10
[  792.321136][T17202]  ? __pfx_ipcget+0x10/0x10
[  792.321153][T17202]  ? __x64_sys_futex+0x34f/0x4d0
[  792.321172][T17202]  ? __x64_sys_futex+0x358/0x4d0
[  792.321193][T17202]  __x64_sys_shmget+0x13b/0x1b0
[  792.321211][T17202]  ? __pfx___x64_sys_shmget+0x10/0x10
[  792.321232][T17202]  do_syscall_64+0x106/0xf80
[  792.321250][T17202]  ? clear_bhb_loop+0x40/0x90
[  792.321268][T17202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  792.321284][T17202] RIP: 0033:0x7f43c3b9c799
[  792.321299][T17202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  792.321314][T17202] RSP: 002b:00007f43c1df6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  792.321330][T17202] RAX: ffffffffffffffda RBX: 00007f43c3e16090 RCX: 00007f43c3b9c799
[  792.321341][T17202] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000
[  792.321350][T17202] RBP: 00007f43c3c32c99 R08: 0000000000000000 R09: 0000000000000000
[  792.321360][T17202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  792.321369][T17202] R13: 00007f43c3e16128 R14: 00007f43c3e16090 R15: 00007ffe839dcd58
[  792.321389][T17202]  </TASK>
[  793.338109][T10674] Bluetooth: hci3: command 0x2016 tx timeout
[  795.421253][ T8969] Bluetooth: hci3: command 0x2016 tx timeout
[  802.102878][T17294] random: crng reseeded on system resumption
[  802.917314][T17299] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  807.563732][   T29] audit: type=1800 audit(1773312041.744:17): pid=17360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2489" name="dbroot" dev="configfs" ino=74204 res=0 errno=0
[  809.260257][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  809.267577][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  810.286701][T10674] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  810.298572][T10674] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  810.307022][T10674] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  810.316035][T10674] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  810.324118][T10674] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  811.125069][T17395] chnl_net:caif_netlink_parms(): no params data found
[  811.410730][T17395] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.451570][T17395] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.488278][T17395] bridge_slave_0: entered allmulticast mode
[  811.522295][T17395] bridge_slave_0: entered promiscuous mode
[  811.554916][T17395] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.587032][T17395] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.623412][T17395] bridge_slave_1: entered allmulticast mode
[  811.676782][T17395] bridge_slave_1: entered promiscuous mode
[  811.924460][T17395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  811.976820][T17395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  812.245467][T17395] team0: Port device team_slave_0 added
[  812.295224][T17395] team0: Port device team_slave_1 added
[  812.378650][T10674] Bluetooth: hci5: command tx timeout
[  812.427214][T17429] futex_wake_op: syz.0.2502 tries to shift op by -2048; fix this program
[  812.489440][T17429] futex_wake_op: syz.0.2502 tries to shift op by -2048; fix this program
[  812.502641][T17395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  812.539566][T17395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  812.631479][T17395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  812.691112][T17395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  812.718017][T17395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  812.804535][T17395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  813.037524][T17395] hsr_slave_0: entered promiscuous mode
[  813.098912][T17395] hsr_slave_1: entered promiscuous mode
[  813.105003][T17395] debugfs: 'hsr0' already exists in 'hsr'
[  813.148771][T17395] Cannot create hsr debugfs directory
[  813.780918][T17441] random: crng reseeded on system resumption
[  813.838428][T17441] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2504'.
[  814.458189][T10674] Bluetooth: hci5: command tx timeout
[  814.653095][T17448] HfR: entered promiscuous mode
[  814.726718][T17448] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2506'.
[  814.760903][T17448] HfR: left promiscuous mode
[  816.307481][T17472] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  816.541184][T10674] Bluetooth: hci5: command tx timeout
[  818.434903][T10674] Bluetooth: hci1: unexpected event 0xff length: 869 > 260
[  818.619460][T10674] Bluetooth: hci5: command tx timeout
[  820.391190][T17528] input: f�
 as /devices/virtual/input/input77
[  820.420942][T17528] FAULT_INJECTION: forcing a failure.
[  820.420942][T17528] name failslab, interval 1, probability 0, space 0, times 0
[  820.478395][T17528] CPU: 0 UID: 0 PID: 17528 Comm: syz.0.2524 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  820.478423][T17528] Tainted: [L]=SOFTLOCKUP
[  820.478429][T17528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  820.478439][T17528] Call Trace:
[  820.478444][T17528]  <TASK>
[  820.478451][T17528]  dump_stack_lvl+0x100/0x190
[  820.478482][T17528]  should_fail_ex.cold+0x5/0xa
[  820.478502][T17528]  should_failslab+0xc2/0x120
[  820.478520][T17528]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  820.478542][T17528]  ? __kernfs_new_node+0xd2/0x960
[  820.478569][T17528]  __kernfs_new_node+0xd2/0x960
[  820.478592][T17528]  ? __pfx___kernfs_new_node+0x10/0x10
[  820.478616][T17528]  ? find_held_lock+0x2b/0x80
[  820.478631][T17528]  ? kernfs_root+0xee/0x2a0
[  820.478650][T17528]  ? kernfs_root+0xee/0x2a0
[  820.478673][T17528]  kernfs_new_node+0x11b/0x1a0
[  820.478698][T17528]  __kernfs_create_file+0x53/0x350
[  820.478717][T17528]  sysfs_add_file_mode_ns+0x207/0x3c0
[  820.478741][T17528]  sysfs_merge_group+0x194/0x340
[  820.478761][T17528]  ? __pfx_sysfs_merge_group+0x10/0x10
[  820.478785][T17528]  ? __pfx_dev_add_physical_location+0x10/0x10
[  820.478811][T17528]  ? bus_to_subsys+0x114/0x150
[  820.478829][T17528]  dpm_sysfs_add+0x237/0x280
[  820.478853][T17528]  device_add+0x9ef/0x1950
[  820.478869][T17528]  ? __pfx_device_add+0x10/0x10
[  820.478886][T17528]  ? kobject_get+0xbb/0x150
[  820.478910][T17528]  cdev_device_add+0x12b/0x270
[  820.478927][T17528]  evdev_connect+0x3a8/0x4b0
[  820.478953][T17528]  input_attach_handler.isra.0+0x177/0x1e0
[  820.478975][T17528]  input_register_device.cold+0x139/0x375
[  820.478998][T17528]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  820.479024][T17528]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  820.479045][T17528]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  820.479072][T17528]  ? find_held_lock+0x2b/0x80
[  820.479086][T17528]  ? __fget_files+0x215/0x3d0
[  820.479109][T17528]  ? __pfx_uinput_ioctl+0x10/0x10
[  820.479124][T17528]  __x64_sys_ioctl+0x18e/0x210
[  820.479145][T17528]  do_syscall_64+0x106/0xf80
[  820.479163][T17528]  ? clear_bhb_loop+0x40/0x90
[  820.479182][T17528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  820.479197][T17528] RIP: 0033:0x7fb419b9c799
[  820.479212][T17528] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  820.479227][T17528] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  820.479242][T17528] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  820.479252][T17528] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  820.479262][T17528] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  820.479271][T17528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  820.479337][T17528] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  820.479374][T17528]  </TASK>
[  821.204355][T17528] input: failed to attach handler evdev to device input77, error: -12
[  825.033091][T17585] FAULT_INJECTION: forcing a failure.
[  825.033091][T17585] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  825.082396][T17585] CPU: 0 UID: 0 PID: 17585 Comm: syz.3.2539 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  825.082422][T17585] Tainted: [L]=SOFTLOCKUP
[  825.082427][T17585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  825.082437][T17585] Call Trace:
[  825.082442][T17585]  <TASK>
[  825.082448][T17585]  dump_stack_lvl+0x100/0x190
[  825.082475][T17585]  should_fail_ex.cold+0x5/0xa
[  825.082490][T17585]  ? prepare_alloc_pages+0x16d/0x5f0
[  825.082509][T17585]  should_fail_alloc_page+0xeb/0x140
[  825.082528][T17585]  prepare_alloc_pages+0x1f0/0x5f0
[  825.082545][T17585]  ? look_up_lock_class+0x64/0x120
[  825.082565][T17585]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  825.082592][T17585]  ? __lock_acquire+0x4a5/0x2630
[  825.082616][T17585]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  825.082640][T17585]  ? __lock_acquire+0x4a5/0x2630
[  825.082662][T17585]  ? __lock_acquire+0x4a5/0x2630
[  825.082683][T17585]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  825.082708][T17585]  ? policy_nodemask+0xed/0x4f0
[  825.082725][T17585]  alloc_pages_mpol+0x1fb/0x550
[  825.082742][T17585]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  825.082765][T17585]  alloc_pages_noprof+0x131/0x390
[  825.082781][T17585]  __pmd_alloc+0x3b/0x950
[  825.082800][T17585]  __handle_mm_fault+0xa99/0x2b60
[  825.082823][T17585]  ? mt_find+0x45e/0x8e0
[  825.082843][T17585]  ? __pfx___handle_mm_fault+0x10/0x10
[  825.082861][T17585]  ? __pfx_mt_find+0x10/0x10
[  825.082890][T17585]  ? find_vma+0xbf/0x140
[  825.082903][T17585]  ? __pfx_find_vma+0x10/0x10
[  825.082919][T17585]  handle_mm_fault+0x36d/0xa20
[  825.082942][T17585]  do_user_addr_fault+0x74c/0x12f0
[  825.082972][T17585]  exc_page_fault+0x6f/0xd0
[  825.082989][T17585]  asm_exc_page_fault+0x26/0x30
[  825.083004][T17585] RIP: 0010:rep_movs_alternative+0xf/0x90
[  825.083035][T17585] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66
[  825.083049][T17585] RSP: 0018:ffffc900000e7b90 EFLAGS: 00050202
[  825.083062][T17585] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000001
[  825.083070][T17585] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff8880216bd760
[  825.083079][T17585] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed10042d7aec
[  825.083088][T17585] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  825.083096][T17585] R13: ffff8880216bd760 R14: ffff888033593360 R15: ffffc900000e7e90
[  825.083116][T17585]  _copy_from_user+0x98/0xd0
[  825.083133][T17585]  memdup_user+0x6b/0xe0
[  825.083148][T17585]  nsim_dev_trap_fa_cookie_write+0xa8/0x240
[  825.083258][T17585]  full_proxy_write+0x135/0x1a0
[  825.083279][T17585]  ? __pfx_full_proxy_write+0x10/0x10
[  825.083296][T17585]  vfs_writev+0x5ea/0xe10
[  825.083318][T17585]  ? rcu_is_watching+0x12/0xc0
[  825.083345][T17585]  ? __pfx_vfs_writev+0x10/0x10
[  825.083365][T17585]  ? fdget_pos+0x2aa/0x380
[  825.083381][T17585]  ? find_held_lock+0x2b/0x80
[  825.083406][T17585]  ? __fget_files+0x21f/0x3d0
[  825.083424][T17585]  ? do_writev+0x13e/0x340
[  825.083444][T17585]  do_writev+0x13e/0x340
[  825.083466][T17585]  ? __pfx_do_writev+0x10/0x10
[  825.083492][T17585]  do_syscall_64+0x106/0xf80
[  825.083509][T17585]  ? clear_bhb_loop+0x40/0x90
[  825.083540][T17585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.083555][T17585] RIP: 0033:0x7f43c3b9c799
[  825.083568][T17585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  825.083582][T17585] RSP: 002b:00007f43c4980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  825.083596][T17585] RAX: ffffffffffffffda RBX: 00007f43c3e15fa0 RCX: 00007f43c3b9c799
[  825.083606][T17585] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  825.083614][T17585] RBP: 00007f43c4980090 R08: 0000000000000000 R09: 0000000000000000
[  825.083623][T17585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  825.083632][T17585] R13: 00007f43c3e16038 R14: 00007f43c3e15fa0 R15: 00007ffe839dcd58
[  825.083651][T17585]  </TASK>
[  830.930497][T17636] input: f�
 as /devices/virtual/input/input78
[  830.968337][T17636] FAULT_INJECTION: forcing a failure.
[  830.968337][T17636] name failslab, interval 1, probability 0, space 0, times 0
[  831.031256][T17636] CPU: 0 UID: 0 PID: 17636 Comm: syz.3.2549 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  831.031285][T17636] Tainted: [L]=SOFTLOCKUP
[  831.031291][T17636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  831.031300][T17636] Call Trace:
[  831.031307][T17636]  <TASK>
[  831.031313][T17636]  dump_stack_lvl+0x100/0x190
[  831.031341][T17636]  should_fail_ex.cold+0x5/0xa
[  831.031360][T17636]  should_failslab+0xc2/0x120
[  831.031376][T17636]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  831.031398][T17636]  ? __kernfs_new_node+0xd2/0x960
[  831.031423][T17636]  __kernfs_new_node+0xd2/0x960
[  831.031444][T17636]  ? __pfx___kernfs_new_node+0x10/0x10
[  831.031469][T17636]  ? find_held_lock+0x2b/0x80
[  831.031483][T17636]  ? kernfs_root+0xee/0x2a0
[  831.031501][T17636]  ? kernfs_root+0xee/0x2a0
[  831.031525][T17636]  kernfs_new_node+0x11b/0x1a0
[  831.031550][T17636]  __kernfs_create_file+0x53/0x350
[  831.031569][T17636]  sysfs_add_file_mode_ns+0x207/0x3c0
[  831.031593][T17636]  sysfs_merge_group+0x194/0x340
[  831.031614][T17636]  ? __pfx_sysfs_merge_group+0x10/0x10
[  831.031637][T17636]  ? __pfx_dev_add_physical_location+0x10/0x10
[  831.031660][T17636]  ? bus_to_subsys+0x114/0x150
[  831.031679][T17636]  dpm_sysfs_add+0x237/0x280
[  831.031703][T17636]  device_add+0x9ef/0x1950
[  831.031719][T17636]  ? __pfx_device_add+0x10/0x10
[  831.031736][T17636]  ? kobject_get+0xbb/0x150
[  831.031758][T17636]  cdev_device_add+0x12b/0x270
[  831.031774][T17636]  evdev_connect+0x3a8/0x4b0
[  831.031798][T17636]  input_attach_handler.isra.0+0x177/0x1e0
[  831.031819][T17636]  input_register_device.cold+0x139/0x375
[  831.031843][T17636]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  831.031868][T17636]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  831.031888][T17636]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  831.031916][T17636]  ? find_held_lock+0x2b/0x80
[  831.031930][T17636]  ? __fget_files+0x215/0x3d0
[  831.031952][T17636]  ? __pfx_uinput_ioctl+0x10/0x10
[  831.031967][T17636]  __x64_sys_ioctl+0x18e/0x210
[  831.031988][T17636]  do_syscall_64+0x106/0xf80
[  831.032005][T17636]  ? clear_bhb_loop+0x40/0x90
[  831.032024][T17636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.032048][T17636] RIP: 0033:0x7f43c3b9c799
[  831.032063][T17636] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  831.032078][T17636] RSP: 002b:00007f43c4980028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  831.032094][T17636] RAX: ffffffffffffffda RBX: 00007f43c3e15fa0 RCX: 00007f43c3b9c799
[  831.032105][T17636] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  831.032114][T17636] RBP: 00007f43c3c32c99 R08: 0000000000000000 R09: 0000000000000000
[  831.032123][T17636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  831.032132][T17636] R13: 00007f43c3e16038 R14: 00007f43c3e15fa0 R15: 00007ffe839dcd58
[  831.032153][T17636]  </TASK>
[  831.769868][T17636] input: failed to attach handler evdev to device input78, error: -12
[  832.360849][ T8969] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  832.372225][ T8969] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  832.381505][ T8969] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  832.389831][ T8969] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  832.398293][ T8969] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  833.080301][T17646] chnl_net:caif_netlink_parms(): no params data found
[  833.471660][T17646] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.518048][T17646] bridge0: port 1(bridge_slave_0) entered disabled state
[  833.525567][T17646] bridge_slave_0: entered allmulticast mode
[  833.588113][T17646] bridge_slave_0: entered promiscuous mode
[  833.632990][T17646] bridge0: port 2(bridge_slave_1) entered blocking state
[  833.678040][T17646] bridge0: port 2(bridge_slave_1) entered disabled state
[  833.718151][T17646] bridge_slave_1: entered allmulticast mode
[  833.758102][T17646] bridge_slave_1: entered promiscuous mode
[  833.924801][T17646] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  833.991244][T17646] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  834.142096][T17646] team0: Port device team_slave_0 added
[  834.190215][T17646] team0: Port device team_slave_1 added
[  834.335597][T17646] batman_adv: batadv0: Adding interface: batadv_slave_0
[  834.380286][T17646] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  834.469176][ T8969] Bluetooth: hci6: command tx timeout
[  834.521784][T17646] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  834.589510][T17646] batman_adv: batadv0: Adding interface: batadv_slave_1
[  834.596822][T17646] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  834.778028][T17646] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  835.012548][T17646] hsr_slave_0: entered promiscuous mode
[  835.060229][T17646] hsr_slave_1: entered promiscuous mode
[  835.101793][T17646] debugfs: 'hsr0' already exists in 'hsr'
[  835.148098][T17646] Cannot create hsr debugfs directory

syzkaller
syzkaller login: [  836.538444][ T8969] Bluetooth: hci6: command tx timeout
[  837.917799][T17693] can: request_module (can-proto-0) failed.
[  838.619533][ T8969] Bluetooth: hci6: command tx timeout
[  839.719045][T17732] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2564'.
[  840.698399][ T8969] Bluetooth: hci6: command tx timeout
[  841.625245][T17759] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2570'.
[  841.656159][T17759] openvswitch: netlink: IP tunnel dst address not specified
[  841.722226][T17761] FAULT_INJECTION: forcing a failure.
[  841.722226][T17761] name fail_futex, interval 1, probability 0, space 0, times 0
[  841.848614][T17761] CPU: 0 UID: 0 PID: 17761 Comm: syz.3.2570 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  841.848642][T17761] Tainted: [L]=SOFTLOCKUP
[  841.848648][T17761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  841.848658][T17761] Call Trace:
[  841.848664][T17761]  <TASK>
[  841.848670][T17761]  dump_stack_lvl+0x100/0x190
[  841.848697][T17761]  should_fail_ex.cold+0x5/0xa
[  841.848714][T17761]  ? lock_acquire+0x1cf/0x380
[  841.848734][T17761]  get_futex_key+0x1d2/0x1620
[  841.848754][T17761]  ? __pfx_get_futex_key+0x10/0x10
[  841.848770][T17761]  ? __lock_acquire+0x4a5/0x2630
[  841.848791][T17761]  ? __local_bh_enable_ip+0x9e/0x120
[  841.848811][T17761]  futex_wake+0xea/0x530
[  841.848832][T17761]  ? do_raw_spin_lock+0x128/0x260
[  841.848853][T17761]  ? __pfx_futex_wake+0x10/0x10
[  841.848872][T17761]  ? tipc_sk_bind+0x19a/0x380
[  841.848894][T17761]  ? tipc_sk_bind+0x19a/0x380
[  841.848914][T17761]  ? __local_bh_enable_ip+0x9e/0x120
[  841.848929][T17761]  ? lockdep_hardirqs_on+0x78/0x100
[  841.848947][T17761]  ? tipc_sk_bind+0x19a/0x380
[  841.848968][T17761]  do_futex+0x32b/0x350
[  841.848989][T17761]  ? __pfx_do_futex+0x10/0x10
[  841.849008][T17761]  ? __sys_bind+0x1c7/0x260
[  841.849027][T17761]  __x64_sys_futex+0x34f/0x4d0
[  841.849055][T17761]  ? __pfx___x64_sys_futex+0x10/0x10
[  841.849082][T17761]  do_syscall_64+0x106/0xf80
[  841.849100][T17761]  ? clear_bhb_loop+0x40/0x90
[  841.849119][T17761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.849136][T17761] RIP: 0033:0x7f43c3b9c799
[  841.849149][T17761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  841.849164][T17761] RSP: 002b:00007f43c1df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  841.849179][T17761] RAX: ffffffffffffffda RBX: 00007f43c3e16098 RCX: 00007f43c3b9c799
[  841.849190][T17761] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f43c3e1609c
[  841.849200][T17761] RBP: 00007f43c3e16090 R08: 0000000000000000 R09: 0000000000000000
[  841.849209][T17761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  841.849218][T17761] R13: 00007f43c3e16128 R14: 00007ffe839dcc70 R15: 00007ffe839dcd58
[  841.849238][T17761]  </TASK>
[  842.100088][T17763] random: crng reseeded on system resumption
[  842.341562][T17765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2571'.
[  843.996053][T17784] netlink: 310 bytes leftover after parsing attributes in process `syz.0.2575'.
[  845.919055][T17800] input: jJǸ-���9�%v����l��Q�	J������������hǙn�??ԙ/rk
[  845.919055][T17800] l6���x� �b6�Yh$X�.=��_ as /devices/virtual/input/input79
[  846.396363][T17804] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  847.412032][T17823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2584'.
[  847.453779][T17823] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2584'.
[  847.609212][T17826] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  850.376410][ T8969] Bluetooth: hci3: unexpected subevent 0x18 length: 123 > 19
[  850.384153][ T8969] Bluetooth: hci3: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00
[  850.798338][T17881] program syz.3.2601 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  855.063572][T17934] Invalid ELF header magic: != ELF
[  855.250329][T17940] netlink: 310 bytes leftover after parsing attributes in process `syz.3.2618'.
[  862.540788][T10674] Bluetooth: hci3: command 0x2016 tx timeout
[  862.571856][T18052] usb usb24: usbfs: process 18052 (syz.0.2643) did not claim interface 0 before use
[  864.658414][T18087] openvswitch: ovs_: Dropping previously announced user features
[  865.063386][T18090] openvswitch: ovs_: Dropping previously announced user features
[  866.067425][T18104] bond0: invalid ARP target specified
[  869.712498][T18128] FAULT_INJECTION: forcing a failure.
[  869.712498][T18128] name failslab, interval 1, probability 0, space 0, times 0
[  869.760517][T18128] CPU: 0 UID: 0 PID: 18128 Comm: syz.0.2663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  869.760558][T18128] Tainted: [L]=SOFTLOCKUP
[  869.760564][T18128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  869.760576][T18128] Call Trace:
[  869.760587][T18128]  <TASK>
[  869.760595][T18128]  dump_stack_lvl+0x100/0x190
[  869.760627][T18128]  should_fail_ex.cold+0x5/0xa
[  869.760650][T18128]  should_failslab+0xc2/0x120
[  869.760667][T18128]  __kmalloc_cache_noprof+0x7a/0x6f0
[  869.760688][T18128]  ? vb2_vmalloc_alloc+0xf9/0x410
[  869.760809][T18128]  ? trace_kmalloc+0x101/0x130
[  869.760827][T18128]  ? __kasan_kmalloc+0xaa/0xb0
[  869.760861][T18128]  vb2_vmalloc_alloc+0xf9/0x410
[  869.761125][T18128]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[  869.761295][T18128]  __vb2_queue_alloc+0x8d5/0x1160
[  869.761416][T18128]  vb2_core_reqbufs+0x899/0xf30
[  869.761444][T18128]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  869.761483][T18128]  __vb2_init_fileio+0x32d/0x1000
[  869.761506][T18128]  ? vb2_fop_read+0xe5/0x520
[  869.761526][T18128]  ? aa_file_perm+0x7f3/0x14d0
[  869.761550][T18128]  ? lockdep_hardirqs_on+0x78/0x100
[  869.761574][T18128]  __vb2_perform_fileio+0x91e/0x1380
[  869.761602][T18128]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  869.761624][T18128]  ? __pfx___might_resched+0x10/0x10
[  869.761661][T18128]  vb2_fop_read+0x211/0x520
[  869.761701][T18128]  v4l2_read+0x229/0x2c0
[  869.761765][T18128]  ? __pfx_v4l2_read+0x10/0x10
[  869.761786][T18128]  vfs_read+0x1e4/0xb30
[  869.761822][T18128]  ? __pfx_vfs_read+0x10/0x10
[  869.761843][T18128]  ? find_held_lock+0x2b/0x80
[  869.761857][T18128]  ? __fget_files+0x215/0x3d0
[  869.761871][T18128]  ? __fget_files+0x215/0x3d0
[  869.761888][T18128]  ? __fget_files+0x21f/0x3d0
[  869.761907][T18128]  ksys_read+0x12a/0x250
[  869.761928][T18128]  ? __pfx_ksys_read+0x10/0x10
[  869.761954][T18128]  do_syscall_64+0x106/0xf80
[  869.761972][T18128]  ? clear_bhb_loop+0x40/0x90
[  869.761991][T18128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  869.762007][T18128] RIP: 0033:0x7fb419b9c799
[  869.762024][T18128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  869.762040][T18128] RSP: 002b:00007fb41a98c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  869.762059][T18128] RAX: ffffffffffffffda RBX: 00007fb419e16090 RCX: 00007fb419b9c799
[  869.762070][T18128] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000008
[  869.762079][T18128] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  869.762088][T18128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  869.762097][T18128] R13: 00007fb419e16128 R14: 00007fb419e16090 R15: 00007ffd3d6eaab8
[  869.762116][T18128]  </TASK>
[  870.310598][T10674] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  870.321709][T10674] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  870.331233][T10674] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  870.340816][T10674] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  870.349532][T10674] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  870.632442][T18133] chnl_net:caif_netlink_parms(): no params data found
[  870.720750][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  870.727364][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  870.870595][T18133] bridge0: port 1(bridge_slave_0) entered blocking state
[  870.894604][T18133] bridge0: port 1(bridge_slave_0) entered disabled state
[  870.925319][T18133] bridge_slave_0: entered allmulticast mode
[  870.958093][T18133] bridge_slave_0: entered promiscuous mode
[  870.978602][T18133] bridge0: port 2(bridge_slave_1) entered blocking state
[  870.986126][T18133] bridge0: port 2(bridge_slave_1) entered disabled state
[  871.019416][T18133] bridge_slave_1: entered allmulticast mode
[  871.045090][T18133] bridge_slave_1: entered promiscuous mode
[  871.131721][T18133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  871.160932][T18155] FAULT_INJECTION: forcing a failure.
[  871.160932][T18155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  871.179442][T18133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  871.255391][T18155] CPU: 0 UID: 0 PID: 18155 Comm: syz.0.2668 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  871.255425][T18155] Tainted: [L]=SOFTLOCKUP
[  871.255431][T18155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  871.255441][T18155] Call Trace:
[  871.255448][T18155]  <TASK>
[  871.255457][T18155]  dump_stack_lvl+0x100/0x190
[  871.255487][T18155]  should_fail_ex.cold+0x5/0xa
[  871.255507][T18155]  _copy_from_user+0x2e/0xd0
[  871.255528][T18155]  input_event_from_user+0xb9/0x290
[  871.255553][T18155]  ? __pfx_input_event_from_user+0x10/0x10
[  871.255574][T18155]  ? __pfx___might_resched+0x10/0x10
[  871.255597][T18155]  ? input_inject_event+0x1c9/0x3b0
[  871.255619][T18155]  evdev_write+0x27a/0x430
[  871.255649][T18155]  ? __pfx_evdev_write+0x10/0x10
[  871.255669][T18155]  ? bpf_lsm_file_permission+0x9/0x10
[  871.255694][T18155]  ? security_file_permission+0x76/0x210
[  871.255711][T18155]  ? rw_verify_area+0xce/0x6d0
[  871.255735][T18155]  vfs_write+0x2aa/0x1070
[  871.255759][T18155]  ? __pfx_evdev_write+0x10/0x10
[  871.255779][T18155]  ? __pfx_vfs_write+0x10/0x10
[  871.255800][T18155]  ? find_held_lock+0x2b/0x80
[  871.255814][T18155]  ? __fget_files+0x215/0x3d0
[  871.255831][T18155]  ? __fget_files+0x215/0x3d0
[  871.255953][T18155]  ? __fget_files+0x21f/0x3d0
[  871.255972][T18155]  ksys_write+0x1f8/0x250
[  871.255990][T18155]  ? __pfx_ksys_write+0x10/0x10
[  871.256009][T18155]  do_syscall_64+0x106/0xf80
[  871.256028][T18155]  ? clear_bhb_loop+0x40/0x90
[  871.256048][T18155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.256155][T18155] RIP: 0033:0x7fb419b9c799
[  871.256172][T18155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  871.256186][T18155] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  871.256201][T18155] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  871.256212][T18155] RDX: 0000000000010001 RSI: 0000200000000040 RDI: 0000000000000003
[  871.256221][T18155] RBP: 00007fb41a9ad090 R08: 0000000000000000 R09: 0000000000000000
[  871.256230][T18155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  871.256238][T18155] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  871.256257][T18155]  </TASK>
[  872.440421][T18133] team0: Port device team_slave_0 added
[  872.458237][ T8969] Bluetooth: hci7: command tx timeout
[  872.474648][T18133] team0: Port device team_slave_1 added
[  872.578230][T18133] batman_adv: batadv0: Adding interface: batadv_slave_0
[  872.607944][T18133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  872.698009][T18133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  872.736606][T18133] batman_adv: batadv0: Adding interface: batadv_slave_1
[  872.768395][T18133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  872.821882][ T8969] Bluetooth: hci4: command 0x0406 tx timeout
[  872.878102][T18133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  873.265760][T18133] hsr_slave_0: entered promiscuous mode
[  873.287008][T18133] hsr_slave_1: entered promiscuous mode
[  873.309181][T18133] debugfs: 'hsr0' already exists in 'hsr'
[  873.314941][T18133] Cannot create hsr debugfs directory
[  874.538375][T10674] Bluetooth: hci7: command tx timeout
[  876.618693][T10674] Bluetooth: hci7: command tx timeout
[  878.699042][T10674] Bluetooth: hci7: command tx timeout
[  878.712083][T18188] FAULT_INJECTION: forcing a failure.
[  878.712083][T18188] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  878.778940][T18188] CPU: 0 UID: 0 PID: 18188 Comm: syz.0.2675 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  878.778966][T18188] Tainted: [L]=SOFTLOCKUP
[  878.778972][T18188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  878.778981][T18188] Call Trace:
[  878.778986][T18188]  <TASK>
[  878.778993][T18188]  dump_stack_lvl+0x100/0x190
[  878.779022][T18188]  should_fail_ex.cold+0x5/0xa
[  878.779041][T18188]  _copy_from_user+0x2e/0xd0
[  878.779058][T18188]  input_event_from_user+0xb9/0x290
[  878.779083][T18188]  ? __pfx_input_event_from_user+0x10/0x10
[  878.779107][T18188]  ? __pfx___might_resched+0x10/0x10
[  878.779130][T18188]  ? input_inject_event+0x1c9/0x3b0
[  878.779151][T18188]  evdev_write+0x27a/0x430
[  878.779174][T18188]  ? __pfx_evdev_write+0x10/0x10
[  878.779195][T18188]  ? bpf_lsm_file_permission+0x9/0x10
[  878.779218][T18188]  ? security_file_permission+0x76/0x210
[  878.779235][T18188]  ? rw_verify_area+0xce/0x6d0
[  878.779259][T18188]  vfs_write+0x2aa/0x1070
[  878.779282][T18188]  ? __pfx_evdev_write+0x10/0x10
[  878.779302][T18188]  ? __pfx_vfs_write+0x10/0x10
[  878.779323][T18188]  ? find_held_lock+0x2b/0x80
[  878.779337][T18188]  ? __fget_files+0x215/0x3d0
[  878.779351][T18188]  ? __fget_files+0x215/0x3d0
[  878.779367][T18188]  ? __fget_files+0x21f/0x3d0
[  878.779386][T18188]  ksys_write+0x1f8/0x250
[  878.779399][T18188]  ? __pfx_ksys_write+0x10/0x10
[  878.779417][T18188]  do_syscall_64+0x106/0xf80
[  878.779435][T18188]  ? clear_bhb_loop+0x40/0x90
[  878.779454][T18188]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.779469][T18188] RIP: 0033:0x7fb419b9c799
[  878.779483][T18188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  878.779497][T18188] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  878.779511][T18188] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  878.779521][T18188] RDX: 0000000000010001 RSI: 0000200000000040 RDI: 0000000000000003
[  878.779531][T18188] RBP: 00007fb41a9ad090 R08: 0000000000000000 R09: 0000000000000000
[  878.779540][T18188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  878.779549][T18188] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  878.779568][T18188]  </TASK>
[  881.093730][T18198] input: f�
 as /devices/virtual/input/input80
[  881.110517][T18198] FAULT_INJECTION: forcing a failure.
[  881.110517][T18198] name failslab, interval 1, probability 0, space 0, times 0
[  881.159094][T18198] CPU: 0 UID: 0 PID: 18198 Comm: syz.0.2678 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  881.159124][T18198] Tainted: [L]=SOFTLOCKUP
[  881.159130][T18198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  881.159141][T18198] Call Trace:
[  881.159147][T18198]  <TASK>
[  881.159155][T18198]  dump_stack_lvl+0x100/0x190
[  881.159183][T18198]  should_fail_ex.cold+0x5/0xa
[  881.159204][T18198]  should_failslab+0xc2/0x120
[  881.159222][T18198]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  881.159247][T18198]  ? kasprintf+0xc7/0x100
[  881.159267][T18198]  kvasprintf+0xbc/0x150
[  881.159282][T18198]  ? __pfx_kvasprintf+0x10/0x10
[  881.159304][T18198]  kasprintf+0xc7/0x100
[  881.159319][T18198]  ? __pfx_kasprintf+0x10/0x10
[  881.159347][T18198]  ? __pfx_input_devnode+0x10/0x10
[  881.159366][T18198]  device_get_devnode+0x166/0x2c0
[  881.159387][T18198]  devtmpfs_create_node+0xf0/0x290
[  881.159414][T18198]  ? __pfx_devtmpfs_create_node+0x10/0x10
[  881.159555][T18198]  ? up_write+0x290/0x4f0
[  881.159584][T18198]  ? kernfs_root+0xf8/0x2a0
[  881.159614][T18198]  ? kernfs_create_link+0x1bd/0x240
[  881.159632][T18198]  ? kernfs_put+0x3f/0x60
[  881.159654][T18198]  ? sysfs_do_create_link_sd+0xbb/0x140
[  881.159677][T18198]  device_add+0x114e/0x1950
[  881.159696][T18198]  ? __pfx_device_add+0x10/0x10
[  881.159714][T18198]  ? kobject_get+0xbb/0x150
[  881.159737][T18198]  cdev_device_add+0x12b/0x270
[  881.159754][T18198]  evdev_connect+0x3a8/0x4b0
[  881.159778][T18198]  input_attach_handler.isra.0+0x177/0x1e0
[  881.159800][T18198]  input_register_device.cold+0x139/0x375
[  881.159835][T18198]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  881.159867][T18198]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  881.159891][T18198]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  881.159923][T18198]  ? find_held_lock+0x2b/0x80
[  881.159939][T18198]  ? __fget_files+0x215/0x3d0
[  881.159969][T18198]  ? __pfx_uinput_ioctl+0x10/0x10
[  881.160016][T18198]  __x64_sys_ioctl+0x18e/0x210
[  881.160060][T18198]  do_syscall_64+0x106/0xf80
[  881.160081][T18198]  ? clear_bhb_loop+0x40/0x90
[  881.160103][T18198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  881.160121][T18198] RIP: 0033:0x7fb419b9c799
[  881.160138][T18198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  881.160155][T18198] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  881.160171][T18198] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  881.160185][T18198] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  881.160199][T18198] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  881.160208][T18198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  881.160218][T18198] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  881.160239][T18198]  </TASK>
[  882.208559][ T8969] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  882.221447][ T8969] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  882.230347][ T8969] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  882.238547][ T8969] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  882.247379][ T8969] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  882.751239][T18201] chnl_net:caif_netlink_parms(): no params data found
[  883.094752][T18201] bridge0: port 1(bridge_slave_0) entered blocking state
[  883.137179][T18201] bridge0: port 1(bridge_slave_0) entered disabled state
[  883.168218][T18201] bridge_slave_0: entered allmulticast mode
[  883.189173][T18201] bridge_slave_0: entered promiscuous mode
[  883.213829][T18201] bridge0: port 2(bridge_slave_1) entered blocking state
[  883.242186][T18201] bridge0: port 2(bridge_slave_1) entered disabled state
[  883.275515][T18201] bridge_slave_1: entered allmulticast mode
[  883.309487][T18201] bridge_slave_1: entered promiscuous mode
[  883.425861][T18201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  883.480921][T18201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  883.630658][T18201] team0: Port device team_slave_0 added
[  883.663669][T18201] team0: Port device team_slave_1 added
[  883.777185][T18201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  883.808088][T18201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  883.894431][T18216] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2681'.
[  883.908080][T18201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  883.949957][T18201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  883.970938][T18201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  884.048030][T18201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  884.299547][ T8969] Bluetooth: hci8: command tx timeout
[  884.332056][T18201] hsr_slave_0: entered promiscuous mode
[  884.361750][T18201] hsr_slave_1: entered promiscuous mode
[  884.378758][T18201] debugfs: 'hsr0' already exists in 'hsr'
[  884.384709][T18201] Cannot create hsr debugfs directory
[  886.119641][T18232] input: f�
 as /devices/virtual/input/input81
[  886.127264][T18232] FAULT_INJECTION: forcing a failure.
[  886.127264][T18232] name failslab, interval 1, probability 0, space 0, times 0
[  886.198080][T18232] CPU: 0 UID: 0 PID: 18232 Comm: syz.0.2685 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  886.198108][T18232] Tainted: [L]=SOFTLOCKUP
[  886.198114][T18232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  886.198123][T18232] Call Trace:
[  886.198129][T18232]  <TASK>
[  886.198136][T18232]  dump_stack_lvl+0x100/0x190
[  886.198164][T18232]  should_fail_ex.cold+0x5/0xa
[  886.198183][T18232]  should_failslab+0xc2/0x120
[  886.198198][T18232]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  886.198220][T18232]  ? __kernfs_new_node+0xd2/0x960
[  886.198244][T18232]  __kernfs_new_node+0xd2/0x960
[  886.198267][T18232]  ? __pfx___kernfs_new_node+0x10/0x10
[  886.198291][T18232]  ? find_held_lock+0x2b/0x80
[  886.198306][T18232]  ? kernfs_root+0xee/0x2a0
[  886.198325][T18232]  ? kernfs_root+0xee/0x2a0
[  886.198348][T18232]  kernfs_new_node+0x11b/0x1a0
[  886.198373][T18232]  __kernfs_create_file+0x53/0x350
[  886.198392][T18232]  sysfs_add_file_mode_ns+0x207/0x3c0
[  886.198416][T18232]  sysfs_merge_group+0x194/0x340
[  886.198437][T18232]  ? __pfx_sysfs_merge_group+0x10/0x10
[  886.198468][T18232]  ? __pfx_dev_add_physical_location+0x10/0x10
[  886.198496][T18232]  ? bus_to_subsys+0x114/0x150
[  886.198516][T18232]  dpm_sysfs_add+0x237/0x280
[  886.198544][T18232]  device_add+0x9ef/0x1950
[  886.198564][T18232]  ? __pfx_device_add+0x10/0x10
[  886.198595][T18232]  ? kobject_get+0xbb/0x150
[  886.198649][T18232]  cdev_device_add+0x12b/0x270
[  886.198669][T18232]  evdev_connect+0x3a8/0x4b0
[  886.198693][T18232]  input_attach_handler.isra.0+0x177/0x1e0
[  886.198728][T18232]  input_register_device.cold+0x139/0x375
[  886.198765][T18232]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  886.198792][T18232]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  886.198813][T18232]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  886.198842][T18232]  ? find_held_lock+0x2b/0x80
[  886.198856][T18232]  ? __fget_files+0x215/0x3d0
[  886.198879][T18232]  ? __pfx_uinput_ioctl+0x10/0x10
[  886.198894][T18232]  __x64_sys_ioctl+0x18e/0x210
[  886.198916][T18232]  do_syscall_64+0x106/0xf80
[  886.198933][T18232]  ? clear_bhb_loop+0x40/0x90
[  886.198951][T18232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  886.198967][T18232] RIP: 0033:0x7fb419b9c799
[  886.198981][T18232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  886.199001][T18232] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  886.199017][T18232] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  886.199027][T18232] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  886.199036][T18232] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  886.199045][T18232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  886.199059][T18232] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  886.199081][T18232]  </TASK>
[  886.962066][ T8969] Bluetooth: hci8: command tx timeout
[  886.979920][T18232] input: failed to attach handler evdev to device input81, error: -12
[  889.018882][ T8969] Bluetooth: hci8: command tx timeout
[  890.971079][T18251] openvswitch: netlink: IP tunnel dst address not specified
[  891.098353][ T8969] Bluetooth: hci8: command tx timeout
[  893.226655][T10674] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  893.238436][T10674] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  893.249987][T10674] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  893.258284][T10674] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  893.270104][T10674] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  893.695191][T18269] chnl_net:caif_netlink_parms(): no params data found
[  893.931340][T18269] bridge0: port 1(bridge_slave_0) entered blocking state
[  893.955446][T18269] bridge0: port 1(bridge_slave_0) entered disabled state
[  893.983828][T18269] bridge_slave_0: entered allmulticast mode
[  894.009643][T18269] bridge_slave_0: entered promiscuous mode
[  894.019825][T18269] bridge0: port 2(bridge_slave_1) entered blocking state
[  894.020150][T18269] bridge0: port 2(bridge_slave_1) entered disabled state
[  894.020327][T18269] bridge_slave_1: entered allmulticast mode
[  894.028709][T18269] bridge_slave_1: entered promiscuous mode
[  894.091910][T18269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  894.101136][T18269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  894.167360][T18269] team0: Port device team_slave_0 added
[  894.179784][T18269] team0: Port device team_slave_1 added
[  894.251155][T18269] batman_adv: batadv0: Adding interface: batadv_slave_0
[  894.251172][T18269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  894.251191][T18269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  894.254946][T18269] batman_adv: batadv0: Adding interface: batadv_slave_1
[  894.254963][T18269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  894.254983][T18269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  894.361784][T18269] hsr_slave_0: entered promiscuous mode
[  894.366000][T18269] hsr_slave_1: entered promiscuous mode
[  894.395110][T18269] debugfs: 'hsr0' already exists in 'hsr'
[  894.395132][T18269] Cannot create hsr debugfs directory
[  895.338760][T10674] Bluetooth: hci9: command tx timeout
[  895.805611][T18286] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  895.822258][T18286] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  895.838705][T18286] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  895.849549][T18286] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  895.870923][T18286] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  895.888050][T18286] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  895.896158][T18286] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  895.918524][T18286] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  895.925820][T18286] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  895.949552][T18286] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  895.955970][T18286] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  895.978814][T18286] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  895.999333][T18286] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  896.007228][T18286] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  896.029242][T18286] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  896.039712][T18286] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  896.058455][T18286] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  896.070090][T18286] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  896.088879][T18286] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  896.100742][T18286] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  896.119493][T18286] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  896.132231][T18286] Bluetooth: hci9: Opcode 0x0c1a failed: -4
[  896.148271][T18286] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  896.167745][T18286] Bluetooth: hci9: Opcode 0x0406 failed: -4
[  896.298577][T10674] Bluetooth: hci0: command 0x0c1a tx timeout
[  897.020182][T18293] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2697'.
[  897.873689][T18300] input: f�
 as /devices/virtual/input/input82
[  897.888347][T18300] FAULT_INJECTION: forcing a failure.
[  897.888347][T18300] name failslab, interval 1, probability 0, space 0, times 0
[  897.903893][T10674] Bluetooth: hci2: command 0x0c1a tx timeout
[  897.911452][ T8969] Bluetooth: hci4: command 0x0406 tx timeout
[  897.917745][ T8969] Bluetooth: hci3: command 0x2016 tx timeout
[  897.925395][T10674] Bluetooth: hci1: command 0x0c1a tx timeout
[  897.968510][T18300] CPU: 0 UID: 0 PID: 18300 Comm: syz.0.2698 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  897.968536][T18300] Tainted: [L]=SOFTLOCKUP
[  897.968542][T18300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  897.968552][T18300] Call Trace:
[  897.968557][T18300]  <TASK>
[  897.968564][T18300]  dump_stack_lvl+0x100/0x190
[  897.968593][T18300]  should_fail_ex.cold+0x5/0xa
[  897.968613][T18300]  should_failslab+0xc2/0x120
[  897.968636][T18300]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  897.968659][T18300]  ? __kernfs_new_node+0xd2/0x960
[  897.968684][T18300]  __kernfs_new_node+0xd2/0x960
[  897.968706][T18300]  ? __pfx___kernfs_new_node+0x10/0x10
[  897.968732][T18300]  ? find_held_lock+0x2b/0x80
[  897.968745][T18300]  ? kernfs_root+0xee/0x2a0
[  897.968764][T18300]  ? kernfs_root+0xee/0x2a0
[  897.968787][T18300]  kernfs_new_node+0x11b/0x1a0
[  897.968812][T18300]  __kernfs_create_file+0x53/0x350
[  897.968831][T18300]  sysfs_add_file_mode_ns+0x207/0x3c0
[  897.968855][T18300]  sysfs_merge_group+0x194/0x340
[  897.968876][T18300]  ? __pfx_sysfs_merge_group+0x10/0x10
[  897.968899][T18300]  ? __pfx_dev_add_physical_location+0x10/0x10
[  897.968923][T18300]  ? bus_to_subsys+0x114/0x150
[  897.968942][T18300]  dpm_sysfs_add+0x237/0x280
[  897.968965][T18300]  device_add+0x9ef/0x1950
[  897.968981][T18300]  ? __pfx_device_add+0x10/0x10
[  897.968998][T18300]  ? kobject_get+0xbb/0x150
[  897.969020][T18300]  cdev_device_add+0x12b/0x270
[  897.969037][T18300]  evdev_connect+0x3a8/0x4b0
[  897.969059][T18300]  input_attach_handler.isra.0+0x177/0x1e0
[  897.969081][T18300]  input_register_device.cold+0x139/0x375
[  897.969103][T18300]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  897.969128][T18300]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  897.969148][T18300]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  897.969176][T18300]  ? find_held_lock+0x2b/0x80
[  897.969190][T18300]  ? __fget_files+0x215/0x3d0
[  897.969213][T18300]  ? __pfx_uinput_ioctl+0x10/0x10
[  897.969228][T18300]  __x64_sys_ioctl+0x18e/0x210
[  897.969249][T18300]  do_syscall_64+0x106/0xf80
[  897.969266][T18300]  ? clear_bhb_loop+0x40/0x90
[  897.969284][T18300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.969300][T18300] RIP: 0033:0x7fb419b9c799
[  897.969314][T18300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  897.969329][T18300] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  897.969344][T18300] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  897.969354][T18300] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  897.969364][T18300] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  897.969373][T18300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.969389][T18300] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  897.969410][T18300]  </TASK>
[  898.803972][T18302] Bluetooth: hci5: command 0x0c1a tx timeout
[  898.812351][T18302] Bluetooth: hci7: command 0x0c1a tx timeout
[  898.822705][T18302] Bluetooth: hci6: command 0x0c1a tx timeout
[  898.830068][T18302] Bluetooth: hci9: command 0x040f tx timeout
[  898.840588][T18302] Bluetooth: hci8: command 0x0c1a tx timeout
[  899.074206][T18300] input: failed to attach handler evdev to device input82, error: -12
[  899.979455][T17650] Bluetooth: hci3: command 0x2016 tx timeout
[  899.986730][T17650] Bluetooth: hci2: command 0x0c1a tx timeout
[  899.995861][T18302] Bluetooth: hci4: command 0x0406 tx timeout
[  900.858840][T17650] Bluetooth: hci8: command 0x0c1a tx timeout
[  900.865314][T17650] Bluetooth: hci9: command 0x040f tx timeout
[  900.874398][T18302] Bluetooth: hci6: command 0x0c1a tx timeout
[  900.881616][T10674] Bluetooth: hci7: command 0x0c1a tx timeout
[  900.888493][T18302] Bluetooth: hci5: command 0x0c1a tx timeout
[  902.058046][T18310] Bluetooth: hci2: command 0x0c1a tx timeout
[  902.940903][ T8969] Bluetooth: hci9: command 0x040f tx timeout
[  902.947107][ T8969] Bluetooth: hci7: command 0x0c1a tx timeout
[  902.954251][T18310] Bluetooth: hci5: command 0x0c1a tx timeout
[  902.961079][T17650] Bluetooth: hci6: command 0x0c1a tx timeout
[  902.967147][T17650] Bluetooth: hci8: command 0x0c1a tx timeout
[  903.199152][T18332] input: f�
 as /devices/virtual/input/input83
[  903.218390][T18332] FAULT_INJECTION: forcing a failure.
[  903.218390][T18332] name failslab, interval 1, probability 0, space 0, times 0
[  903.248678][T18332] CPU: 0 UID: 0 PID: 18332 Comm: syz.0.2704 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  903.248706][T18332] Tainted: [L]=SOFTLOCKUP
[  903.248711][T18332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  903.248721][T18332] Call Trace:
[  903.248728][T18332]  <TASK>
[  903.248734][T18332]  dump_stack_lvl+0x100/0x190
[  903.248762][T18332]  should_fail_ex.cold+0x5/0xa
[  903.248781][T18332]  should_failslab+0xc2/0x120
[  903.248797][T18332]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  903.248819][T18332]  ? __kernfs_new_node+0xd2/0x960
[  903.248843][T18332]  __kernfs_new_node+0xd2/0x960
[  903.248865][T18332]  ? __pfx___kernfs_new_node+0x10/0x10
[  903.248890][T18332]  ? find_held_lock+0x2b/0x80
[  903.248904][T18332]  ? kernfs_root+0xee/0x2a0
[  903.248922][T18332]  ? kernfs_root+0xee/0x2a0
[  903.248946][T18332]  kernfs_new_node+0x11b/0x1a0
[  903.248971][T18332]  __kernfs_create_file+0x53/0x350
[  903.248990][T18332]  sysfs_add_file_mode_ns+0x207/0x3c0
[  903.249014][T18332]  sysfs_merge_group+0x194/0x340
[  903.249035][T18332]  ? __pfx_sysfs_merge_group+0x10/0x10
[  903.249058][T18332]  ? __pfx_dev_add_physical_location+0x10/0x10
[  903.249081][T18332]  ? bus_to_subsys+0x114/0x150
[  903.249107][T18332]  dpm_sysfs_add+0x237/0x280
[  903.249132][T18332]  device_add+0x9ef/0x1950
[  903.249149][T18332]  ? __pfx_device_add+0x10/0x10
[  903.249172][T18332]  ? kobject_get+0xbb/0x150
[  903.249195][T18332]  cdev_device_add+0x12b/0x270
[  903.249213][T18332]  evdev_connect+0x3a8/0x4b0
[  903.249237][T18332]  input_attach_handler.isra.0+0x177/0x1e0
[  903.249259][T18332]  input_register_device.cold+0x139/0x375
[  903.249281][T18332]  uinput_ioctl_handler.isra.0+0x8d8/0x1d10
[  903.249305][T18332]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  903.249325][T18332]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  903.249353][T18332]  ? find_held_lock+0x2b/0x80
[  903.249367][T18332]  ? __fget_files+0x215/0x3d0
[  903.249397][T18332]  ? __pfx_uinput_ioctl+0x10/0x10
[  903.249415][T18332]  __x64_sys_ioctl+0x18e/0x210
[  903.249436][T18332]  do_syscall_64+0x106/0xf80
[  903.249454][T18332]  ? clear_bhb_loop+0x40/0x90
[  903.249472][T18332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  903.249487][T18332] RIP: 0033:0x7fb419b9c799
[  903.249502][T18332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  903.249518][T18332] RSP: 002b:00007fb41a9ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  903.249533][T18332] RAX: ffffffffffffffda RBX: 00007fb419e15fa0 RCX: 00007fb419b9c799
[  903.249550][T18332] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  903.249560][T18332] RBP: 00007fb419c32c99 R08: 0000000000000000 R09: 0000000000000000
[  903.249569][T18332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  903.249579][T18332] R13: 00007fb419e16038 R14: 00007fb419e15fa0 R15: 00007ffd3d6eaab8
[  903.249599][T18332]  </TASK>
[  903.250169][T18332] input: failed to attach handler evdev to device input83, error: -12
[  905.019719][T18310] Bluetooth: hci9: command 0x040f tx timeout
[  907.101825][T18310] Bluetooth: hci9: command 0x040f tx timeout
[  907.140742][T18360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2709'.
[  914.858260][   T30] INFO: task syz-executor:16723 blocked for more than 143 seconds.
[  914.879310][   T30]       Tainted: G             L      syzkaller #0
[  914.886963][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  914.927940][   T30] task:syz-executor    state:D stack:24376 pid:16723 tgid:16723 ppid:1      task_flags:0x480140 flags:0x00080002
[  914.977962][   T30] Call Trace:
[  914.981942][   T30]  <TASK>
[  914.984891][   T30]  __schedule+0xfee/0x6120
[  915.038001][   T30]  ? __lock_acquire+0x4a5/0x2630
[  915.058068][   T30]  ? __pfx___schedule+0x10/0x10
[  915.079700][   T30]  ? find_held_lock+0x2b/0x80
[  915.084753][   T30]  ? schedule+0x2bf/0x390
[  915.127931][   T30]  schedule+0xdd/0x390
[  915.132684][   T30]  schedule_timeout+0x1b2/0x280
[  915.169576][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  915.175365][   T30]  ? mark_held_locks+0x40/0x70
[  915.208940][   T30]  __wait_for_common+0x2e7/0x4c0
[  915.228006][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  915.233800][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  915.278027][   T30]  remove_one+0x312/0x420
[  915.282858][   T30]  ? find_next_child+0x18f/0x280
[  915.319047][   T30]  __simple_recursive_removal+0x148/0x5c0
[  915.325495][   T30]  ? __pfx_remove_one+0x10/0x10
[  915.377988][   T30]  debugfs_remove+0x5d/0x80
[  915.382668][   T30]  nsim_dev_health_exit+0x3b/0xe0
[  915.417810][   T30]  nsim_dev_reload_destroy+0x144/0x4a0
[  915.423747][   T30]  nsim_drv_remove+0x52/0x1e0
[  915.467990][   T30]  ? __pfx_nsim_bus_remove+0x10/0x10
[  915.488226][   T30]  device_remove+0xcb/0x180
[  915.492947][   T30]  device_release_driver_internal+0x42e/0x600
[  915.539039][   T30]  bus_remove_device+0x22f/0x440
[  915.544148][   T30]  device_del+0x376/0x9b0
[  915.587984][   T30]  ? __pfx_device_del+0x10/0x10
[  915.597933][   T30]  ? __lock_acquire+0x4a5/0x2630
[  915.602930][   T30]  device_unregister+0x1d/0xe0
[  915.607748][   T30]  del_device_store+0x346/0x480
[  915.668132][   T30]  ? __pfx_del_device_store+0x10/0x10
[  915.674005][   T30]  ? find_held_lock+0x2b/0x80
[  915.707999][   T30]  ? sysfs_file_kobj+0xe4/0x290
[  915.713169][   T30]  ? sysfs_file_kobj+0xe4/0x290
[  915.753006][   T30]  ? __pfx_del_device_store+0x10/0x10
[  915.778083][   T30]  bus_attr_store+0x74/0xb0
[  915.782925][   T30]  ? __pfx_bus_attr_store+0x10/0x10
[  915.827440][   T30]  sysfs_kf_write+0xf2/0x150
[  915.837315][   T30]  kernfs_fop_write_iter+0x3e0/0x5f0
[  915.859094][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  915.888099][   T30]  vfs_write+0x6ac/0x1070
[  915.892581][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  915.917927][   T30]  ? __pfx_vfs_write+0x10/0x10
[  915.922748][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  915.942826][   T30]  ksys_write+0x12a/0x250
[  915.947264][   T30]  ? __pfx_ksys_write+0x10/0x10
[  916.048187][   T30]  do_syscall_64+0x106/0xf80
[  916.053283][   T30]  ? clear_bhb_loop+0x40/0x90
[  916.088976][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.094927][   T30] RIP: 0033:0x7fae1bd5cfce
[  916.117937][   T30] RSP: 002b:00007ffe678fb728 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  916.126466][   T30] RAX: ffffffffffffffda RBX: 000055555c2fb500 RCX: 00007fae1bd5cfce
[  916.169821][   T30] RDX: 0000000000000001 RSI: 00007ffe678fb7b0 RDI: 0000000000000005
[  916.198947][   T30] RBP: 00007fae1be3351c R08: 0000000000000000 R09: 0000000000000000
[  916.207134][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  916.258030][   T30] R13: 00007ffe678fb7b0 R14: 00007fae1cb44620 R15: 0000000000000003
[  916.266370][   T30]  </TASK>
[  916.287956][   T30] INFO: task syz.1.2374:16826 blocked for more than 144 seconds.
[  916.295733][   T30]       Tainted: G             L      syzkaller #0
[  916.328039][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  916.337350][   T30] task:syz.1.2374      state:D stack:29000 pid:16826 tgid:16823 ppid:5823   task_flags:0x400040 flags:0x00080002
[  916.408885][   T30] Call Trace:
[  916.412287][   T30]  <TASK>
[  916.415283][   T30]  __schedule+0xfee/0x6120
[  916.441981][   T30]  ? __lock_acquire+0x4a5/0x2630
[  916.447156][   T30]  ? __pfx___schedule+0x10/0x10
[  916.477162][   T30]  ? find_held_lock+0x2b/0x80
[  916.482171][   T30]  ? schedule+0x2bf/0x390
[  916.486726][   T30]  schedule+0xdd/0x390
[  916.518804][   T30]  schedule_preempt_disabled+0x13/0x30
[  916.524502][   T30]  __mutex_lock+0xc9a/0x1b90
[  916.557924][   T30]  ? __pfx___alloc_skb+0x10/0x10
[  916.563251][   T30]  ? devlink_health_report+0x681/0xb50
[  916.597924][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  916.604039][   T30]  ? devlink_recover_notify.constprop.0+0x4d7/0x670
[  916.638929][   T30]  ? devlink_recover_notify.constprop.0+0x200/0x670
[  916.645592][   T30]  ? devlink_health_report+0x681/0xb50
[  916.681926][   T30]  devlink_health_report+0x681/0xb50
[  916.687364][   T30]  ? __pfx_devlink_health_report+0x10/0x10
[  916.725119][   T30]  ? _copy_from_user+0x59/0xd0
[  916.738771][   T30]  nsim_dev_health_break_write+0x166/0x210
[  916.744732][   T30]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  916.779728][   T30]  full_proxy_write+0x135/0x1a0
[  916.807965][   T30]  vfs_write+0x2aa/0x1070
[  916.812772][   T30]  ? __pfx_full_proxy_write+0x10/0x10
[  916.838363][   T30]  ? __pfx_vfs_write+0x10/0x10
[  916.843273][   T30]  ? __fget_files+0x215/0x3d0
[  916.867970][   T30]  ? __fget_files+0x21f/0x3d0
[  916.872693][   T30]  ksys_write+0x12a/0x250
[  916.877136][   T30]  ? __pfx_ksys_write+0x10/0x10
[  916.908012][   T30]  ? kcov_ioctl+0x16a/0x720
[  916.912822][   T30]  do_syscall_64+0x106/0xf80
[  916.917729][   T30]  ? clear_bhb_loop+0x40/0x90
[  916.953845][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.978205][   T30] RIP: 0033:0x7f11d199c799
[  916.982922][   T30] RSP: 002b:00007f11d2893028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  917.004013][T13433] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  917.028057][   T30] RAX: ffffffffffffffda RBX: 00007f11d1c16090 RCX: 00007f11d199c799
[  917.036798][   T30] RDX: 00000000000001e1 RSI: 0000200000000080 RDI: 0000000000000004
[  917.074733][   T30] RBP: 00007f11d1a32c99 R08: 0000000000000000 R09: 0000000000000000
[  917.085379][T13433] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.0.1596: Error -117 reading block bitmap for 2
[  917.108021][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  917.116222][   T30] R13: 00007f11d1c16128 R14: 00007f11d1c16090 R15: 00007ffdfd3b9438
[  917.157998][   T30]  </TASK>
[  917.166920][T13433] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem
[  917.253170][   T30] 
[  917.253170][   T30] Showing all locks held in the system:
[  917.290615][   T30] 1 lock held by khungtaskd/30:
[  917.346341][   T30]  #0: ffffffff8e7e7460 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  917.368021][   T30] 1 lock held by udevd/5194:
[  917.372823][   T30] 2 locks held by syz.0.1738/14077:
[  917.388489][   T30]  #0: ffffffff906134a8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  917.413123][   T30]  #1: ffffffff8e7f3078 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  917.438143][   T30] 7 locks held by syz-executor/16723:
[  917.443756][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  917.477972][   T30]  #1: ffff88805e9f3488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  917.498632][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  917.522743][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  917.547979][   T30]  #4: ffff88805e02c0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xaa/0x600
[  917.568727][   T30]  #5: ffff88805e02b250 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1e0
[  917.603906][   T30]  #6: ffff8880931e1a70 (&sb->s_type->i_mutex_key#10/2){+.+.}-{4:4}, at: __simple_recursive_removal+0xe0/0x5c0
[  917.632675][   T30] 3 locks held by syz.1.2374/16826:
[  917.647905][   T30]  #0: ffff888028fe95f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[  917.667971][   T30]  #1: ffff88801fed2420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  917.689106][   T30]  #2: ffff88805e02b250 (&devlink->lock_key#2){+.+.}-{4:4}, at: devlink_health_report+0x681/0xb50
[  917.705897][   T30] 4 locks held by syz-executor/17003:
[  917.717968][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  917.727005][   T30]  #1: ffff88807c5a2088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  917.767958][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  917.788632][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  917.808543][   T30] 4 locks held by syz-executor/17395:
[  917.814244][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  917.848002][   T30]  #1: ffff888040f45488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  917.868003][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  917.888140][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  917.917941][   T30] 4 locks held by syz-executor/17646:
[  917.923441][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  917.947970][   T30]  #1: ffff88802b9d2488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  917.968227][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  917.987998][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  918.013048][   T30] 2 locks held by getty/17675:
[  918.028127][   T30]  #0: ffff8880339260a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  918.048190][   T30]  #1: ffffc9000381b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[  918.067969][   T30] 2 locks held by syz.3.2656/18102:
[  918.073201][   T30]  #0: ffff88801fed2420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x9b1/0x31a0
[  918.097917][   T30]  #1: ffff8880931e1a70 (&sb->s_type->i_mutex_key#18){++++}-{4:4}, at: path_openat+0xa16/0x31a0
[  918.129242][   T30] 4 locks held by syz-executor/18133:
[  918.134643][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  918.158095][   T30]  #1: ffff88805eb63088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  918.177916][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  918.197914][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  918.217898][   T30] 4 locks held by syz-executor/18201:
[  918.223575][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  918.257975][   T30]  #1: ffff88805decdc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  918.278140][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  918.297954][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  918.318139][   T30] 4 locks held by syz-executor/18269:
[  918.338560][   T30]  #0: ffff888036b26420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  918.358382][   T30]  #1: ffff88808c3f4088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  918.378253][   T30]  #2: ffff888029ea93c8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  918.398228][   T30]  #3: ffffffff8fb6bbe8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  918.430570][   T30] 
[  918.433050][   T30] =============================================
[  918.433050][   T30] 
[  918.583301][   T30] NMI backtrace for cpu 0
[  918.583322][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  918.583343][   T30] Tainted: [L]=SOFTLOCKUP
[  918.583348][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  918.583357][   T30] Call Trace:
[  918.583363][   T30]  <TASK>
[  918.583370][   T30]  dump_stack_lvl+0x100/0x190
[  918.583397][   T30]  nmi_cpu_backtrace.cold+0x12d/0x151
[  918.583421][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  918.583443][   T30]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  918.583473][   T30]  sys_info+0x141/0x190
[  918.583495][   T30]  watchdog+0xd25/0x1050
[  918.583518][   T30]  ? __pfx_watchdog+0x10/0x10
[  918.583532][   T30]  ? __kthread_parkme+0x18c/0x230
[  918.583551][   T30]  ? kthread+0x13a/0x450
[  918.583568][   T30]  ? __pfx_watchdog+0x10/0x10
[  918.583580][   T30]  kthread+0x370/0x450
[  918.583598][   T30]  ? __pfx_kthread+0x10/0x10
[  918.583617][   T30]  ret_from_fork+0x754/0xd80
[  918.583640][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  918.583662][   T30]  ? __switch_to+0x7b4/0x1120
[  918.583682][   T30]  ? __pfx_kthread+0x10/0x10
[  918.583702][   T30]  ret_from_fork_asm+0x1a/0x30
[  918.583726][   T30]  </TASK>
[  918.911440][ T8755] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  918.966197][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  918.973180][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  918.984135][   T30] Tainted: [L]=SOFTLOCKUP
[  918.988467][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  918.998965][   T30] Call Trace:
[  919.002342][   T30]  <TASK>
[  919.005311][   T30]  dump_stack_lvl+0x100/0x190
[  919.010109][   T30]  vpanic+0x552/0x970
[  919.014533][   T30]  ? __pfx_vpanic+0x10/0x10
[  919.019034][   T30]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  919.025296][   T30]  panic+0xd1/0xe0
[  919.029258][   T30]  ? __pfx_panic+0x10/0x10
[  919.033791][   T30]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  919.040991][   T30]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  919.047534][   T30]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  919.053937][   T30]  ? watchdog.cold+0x198/0x1ca
[  919.059731][   T30]  ? watchdog+0xd35/0x1050
[  919.064392][   T30]  watchdog.cold+0x1a9/0x1ca
[  919.069617][   T30]  ? __pfx_watchdog+0x10/0x10
[  919.074650][   T30]  ? __kthread_parkme+0x18c/0x230
[  919.081443][   T30]  ? kthread+0x13a/0x450
[  919.086768][   T30]  ? __pfx_watchdog+0x10/0x10
[  919.091637][   T30]  kthread+0x370/0x450
[  919.097317][   T30]  ? __pfx_kthread+0x10/0x10
[  919.102437][   T30]  ret_from_fork+0x754/0xd80
[  919.107581][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  919.113066][   T30]  ? __switch_to+0x7b4/0x1120
[  919.120324][   T30]  ? __pfx_kthread+0x10/0x10
[  919.126356][   T30]  ret_from_fork_asm+0x1a/0x30
[  919.131717][   T30]  </TASK>
[  919.135206][   T30] Kernel Offset: disabled
[  919.140259][   T30] Rebooting in 86400 seconds..