last executing test programs:
2m11.681138534s ago: executing program 1 (id=2379):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4, 0xde, 0x9b72, 0xffffffffffffffff, 0xa000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) (async)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/008/001\x00', 0x402, 0x0)
ioctl$auto_USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000180)={0x7, 0x6a, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'wlan1\x00'}) (async)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r0], 0x1c}, 0x1, 0x0, 0x0, 0x20008001}, 0x81)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8a241, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x0, 0xed2, 0x0, &(0x7f0000001140), 0x0, 0x3) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001) (async)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0)
pread64$auto(r4, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7)
ioctl$auto_FS_IOC_UNRESVSP64(r4, 0x4030582b, 0xffffffffffffffff) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0)
close_range$auto(0x2, 0x8, 0x0) (async)
r5 = socket(0x2, 0x3, 0x6) (async)
r6 = socket(0x2, 0x1, 0x0)
bind$auto(r6, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0xea) (async)
write$auto(r5, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0xcb)
sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async)
syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff)
write$auto(0x3, 0x0, 0x100085) (async)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
2m9.248162482s ago: executing program 1 (id=2387):
mmap$auto(0x1, 0x5, 0x8000000002, 0xeb1, 0xffffffffffffffff, 0x8008)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/numa_maps\x00', 0x40, 0x0)
r0 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x7, 0xa505}, 0x4}, 0x2004, 0x8)
read$auto(0xffffffffffffffff, 0x0, 0x1ff)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa140, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0)
mkdir$auto(0x0, 0x353)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/122, 0x7a)
sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, 0x0, 0x4000840)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, 0x0, 0x0)
r4 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r3, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r4}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) (fail_nth: 4)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
sendmsg$auto_NL80211_CMD_PROBE_CLIENT(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x1c, r3, 0x6, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_USE_MFP={0x8, 0x42, 0x92d}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
2m8.587930433s ago: executing program 1 (id=2392):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/driver/serial\x00', 0x40000, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000040)=""/211, 0xd3)
ioctl$auto_XFS_IOC_START_COMMIT(r0, 0x80585882, &(0x7f0000000140)={r0, 0x0, 0x7fffffffffffffff, 0x6, 0xe1f, 0x7, [0x5, 0x1, 0xa7f5, 0xfffffffffffff517, 0x7, 0xd]})
getsockopt$auto_SO_LINGER(r0, 0x7fff, 0xd, &(0x7f0000000040)='#\x15:*\'\x00', &(0x7f0000000080)=0x5)
r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0xc0040, 0x0)
close_range$auto(0x0, 0x5, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
getpeername$auto(r2, 0x0, 0x0)
getsockopt$auto_SO_PEERGROUPS(0xffffffffffffffff, 0xa19d, 0x3b, 0x0, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0x40305839, 0x0)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/trap_flow_action_cookie\x00', 0x622200, 0x0)
2m7.188764931s ago: executing program 2 (id=2396):
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/fs/ocfs2/loaded_cluster_plugins\x00', 0x800, 0x0)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
io_uring_register$auto_IORING_UNREGISTER_FILES(0xffffffffffffffff, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x3, 0xad6)
settimeofday$auto(&(0x7f00000001c0)={0x7, 0x3}, &(0x7f0000000240)={0x7, 0x3})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r2 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r2)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r3, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e20}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x40, 0x8a}}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008090)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r2}, 0x6f4)
read$auto(r1, 0x0, 0x20)
write$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)="b2", 0x1)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
2m6.44433232s ago: executing program 2 (id=2398):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04) (fail_nth: 1)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x40002, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/mm/ksm/merge_across_nodes\x00', 0x808882, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0xbffffeff, 0x2, 0x6, 0x8, 0x8, 0xffffffffffffffff, [0x80], {0x6, 0x806, 0xf, 0x6, 0x2, 0x85, 0x101, 0x17f, 0x2}, {0xff, 0x401, 0x4f, 0x32, 0x3, 0x1639, 0x4, 0x7, 0x100000004}})
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x3, 0xa505}, 0x800}, 0x7, 0x4008)
listmount$auto(&(0x7f0000000180)={0xffff, @raw=0xeaf, 0x75, 0x7, 0x5d}, &(0x7f00000001c0)=0x67712c77, 0x81, 0xffffff80)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, r4, 0x5)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
socket(0x11, 0x80003, 0x300)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:02/path\x00', 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0xa, 0x4, 0x200000015f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0xd, 0x5, 0x2, 0x1]}, 0x0)
write$auto(r1, &(0x7f00000004c0)='1\x00\\\xa0\x04|\xfd\xca\x12\xfa\b\x1c\xc7k\x923\xe05\"3n\x84n#\xd1\xcaso\v\xf0\xda\xbb\x86\xbcX\xb4\x999\\\xa8&;<\xca\xa8\x05\x9d\x9e-\xc3\x93\xaa\xda\x02\x03\xddUbHu\x01\x00\n\x00\xac\xa7\x93T\aA\xbd\xc0\xb8K\xd7\xed\xcbP\xa1\xfe\xc7\xa1\x8b\xa7\x02\xad\xbc\xfaq*0F\xff&\xbb+\x9b\xe2\xbfd\xf7\xde\xb40\x1d=\x99\xe2\x06\xbf\x9cNS\xbf\x82\x9c\xfb', 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
2m6.05189155s ago: executing program 1 (id=2399):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x40002, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/mm/ksm/merge_across_nodes\x00', 0x808882, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0xbffffeff, 0x2, 0x6, 0x8, 0x8, 0xffffffffffffffff, [0x80], {0x6, 0x806, 0xf, 0x6, 0x2, 0x85, 0x101, 0x17f, 0x2}, {0xff, 0x401, 0x4f, 0x32, 0x3, 0x1639, 0x4, 0x7, 0x100000004}})
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x3, 0xa505}, 0x800}, 0x7, 0x4008)
listmount$auto(&(0x7f0000000180)={0xffff, @raw=0xeaf, 0x75, 0x7, 0x5d}, &(0x7f00000001c0)=0x67712c77, 0x81, 0xffffff80)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, r4, 0x5)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x900, 0x0)
socket(0x11, 0x80003, 0x300)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:02/path\x00', 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0xa, 0x4, 0x200000015f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0xd, 0x5, 0x2, 0x1]}, 0x0)
write$auto(r1, &(0x7f00000004c0)='1\x00\\\xa0\x04|\xfd\xca\x12\xfa\b\x1c\xc7k\x923\xe05\"3n\x84n#\xd1\xcaso\v\xf0\xda\xbb\x86\xbcX\xb4\x999\\\xa8&;<\xca\xa8\x05\x9d\x9e-\xc3\x93\xaa\xda\x02\x03\xddUbHu\x01\x00\n\x00\xac\xa7\x93T\aA\xbd\xc0\xb8K\xd7\xed\xcbP\xa1\xfe\xc7\xa1\x8b\xa7\x02\xad\xbc\xfaq*0F\xff&\xbb+\x9b\xe2\xbfd\xf7\xde\xb40\x1d=\x99\xe2\x06\xbf\x9cNS\xbf\x82\x9c\xfb', 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
2m5.892314825s ago: executing program 2 (id=2400):
mmap$auto(0x0, 0x2020009, 0x4000000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x6c842, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto(0x3, 0x8925, 0x38)
kcmp$auto(0x1, 0x1, 0x3, 0x85, 0x2)
write$auto(0xffffffffffffffff, 0x0, 0x30)
close_range$auto(0x0, 0x5, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/020/001\x00', 0x209403, 0x0)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0xc0482, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r1, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e)
2m5.355071775s ago: executing program 1 (id=2402):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffe, 0x6, 0x0)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mprotect$auto(0x0, 0x8, 0x2000006)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
semctl$auto_SETALL(0x0, 0x9, 0x11, 0x9)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5)
write$auto(0x3, 0x0, 0xffd8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
pipe2$auto(0x0, 0x0)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x42000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x7, 0x4)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
2m4.973799794s ago: executing program 2 (id=2403):
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
socket(0x1e, 0x4, 0x0)
socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
brk$auto(0x40008000)
2m4.573694705s ago: executing program 2 (id=2405):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x1f, 0x200007, 0x19)
2m4.145940876s ago: executing program 2 (id=2407):
socket(0xa, 0xa, 0x3b)
socket(0xa, 0x3, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40)
ioctl$auto(0x3, 0x800005411, 0x38)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x10, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0)
futex$auto(0x0, 0xa, 0x38, 0x0, 0x0, 0x80800005)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_CONTINUE_OLD(r0, 0x5422, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x21, 0x3, 0x0)
ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
write$auto(r1, 0x0, 0x6051)
readv$auto(0x3, 0x0, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r2 = socket(0xa, 0x801, 0x84)
setsockopt$auto(r2, 0x10000000084, 0x1, 0x0, 0x1)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)
msync$auto(0x0, 0xe0, 0x6)
2m1.28260536s ago: executing program 1 (id=2411):
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001380)='/proc/sys/net/ipv6/conf/team_slave_0/suppress_frag_ndisc\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x6, 0x14, 0x944, 0x1ffe4, 0x0, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x4, 0x1000003, 0x4, 0x6e0d7ad0, 0x20, 0x309, 0x8, 0x8e4, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x3, 0xffffffffffffffff, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x5]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fchdir$auto(r3)
open(&(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x103040, 0xd1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r2})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r5, 0x0, 0x1ff)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x8402, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
ioctl$auto(r7, 0x92106402, r7)
close_range$auto(0x2, 0x8, 0x0)
1m45.935247198s ago: executing program 32 (id=2411):
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001380)='/proc/sys/net/ipv6/conf/team_slave_0/suppress_frag_ndisc\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x6, 0x14, 0x944, 0x1ffe4, 0x0, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x4, 0x1000003, 0x4, 0x6e0d7ad0, 0x20, 0x309, 0x8, 0x8e4, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x0, [0x3, 0xffffffffffffffff, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x5]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fchdir$auto(r3)
open(&(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x103040, 0xd1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r2})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r5, 0x0, 0x1ff)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x8402, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
ioctl$auto(r7, 0x92106402, r7)
close_range$auto(0x2, 0x8, 0x0)
1m23.977589669s ago: executing program 3 (id=2520):
syz_open_procfs$namespace(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0xa, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x40000072, 0x400, 0x718c1257}]})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x84)
socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x4)
1m23.696491926s ago: executing program 3 (id=2521):
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
settimeofday$auto(&(0x7f00000001c0)={0x7, 0x3}, &(0x7f0000000240)={0x7, 0x3})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r3 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r3)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r4, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e20}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x40, 0x8a}}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008090)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r3}, 0x6f4)
read$auto(r2, 0x0, 0x20)
write$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)="b2", 0x1)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
1m23.117160161s ago: executing program 3 (id=2523):
unshare$auto(0x8)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon26\x00', 0x109000, 0x0)
fcntl$auto_F_GET_SEALS(r1, 0x40a, 0x2)
r2 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0xe0080, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_PVERSION(r2, 0x800441f5, 0x0)
socket(0x18, 0x800, 0xffffbdc9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mremap$auto(0x1d, 0x100005, 0x843, 0x3, 0x2)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
madvise$auto(0x0, 0x2003f2, 0x15)
sendmsg$auto_OVS_DP_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400", @ANYRES16, @ANYBLOB="010028bd70007ddbdf2504000000"], 0x14}}, 0x0)
socket(0x1d, 0x3, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x62, 0x0, 0x210000, 0x7fffffff, 0xfffffffffffffffe, 0xfffffffffffffff7, 0x80000000, 0x2000000000000e8, 0x1000000000, 0x4, 0x0, 0x8})
r4 = socket(0xa, 0x801, 0x84)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
setsockopt$auto(r4, 0x10000000084, 0x9, 0x0, 0x9c)
sendfile$auto(r3, r3, 0x0, 0x3)
madvise$auto(0xf400, 0xffffffffffff0005, 0x19)
1m21.741905392s ago: executing program 3 (id=2524):
r0 = socket(0x25, 0x1, 0x5)
recvfrom$auto(r0, 0x0, 0x0, 0x40, 0x0, 0x0)
r1 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x109000, 0x0)
fstat$auto(r1, &(0x7f0000000040)={0x1049ef, 0xa, 0xc, 0x5, 0x0, 0xee00, 0x0, 0xb6, 0x586d, 0x1c3084ec, 0xffffffffffff5f44, 0x7, 0x4, 0x4d, 0x6, 0x7fff, 0x9})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
io_uring_setup$auto(0x7, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x50, 0xffffffffffffffff, [0x5, 0x101], {0x6, 0x6, 0xf, 0xb, 0x1, 0x1, 0x3, 0x4, 0x2}, {0xff, 0x401, 0x4f, 0x9, 0x4cd, 0x20000041, 0x7fffffff, 0x7, 0x8}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0xa402, 0x0)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd9\x00', 0x0, 0x0)
ioctl$auto(r5, 0xab02, r5)
ioctl$auto_SG_SET_FORCE_PACK_ID(r4, 0x227b, &(0x7f0000000080)="ec")
read$auto(r4, 0x0, 0x23)
write$auto(0x3, 0x0, 0x5c8)
r6 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000380), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x17, &(0x7f00000000c0), 0x1)
unshare$auto(0x40000080)
ioctl$auto_UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, &(0x7f0000000100)=0x4)
fcntl$auto_F_OFD_GETLK(r2, 0x24, 0x80)
1m21.133018292s ago: executing program 3 (id=2525):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x4000010)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0)
readv$auto(r0, &(0x7f0000000100)={0x0, 0x40}, 0x8) (fail_nth: 4)
1m20.245977276s ago: executing program 3 (id=2526):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
statmount$auto(0x0, &(0x7f00000004c0)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210006, 0x0, 0x7, 0x5, 0x5, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200], "94ca3e8d0d3a40a841e4e8bcd119c28e72a40dce9754debb6c59f9187508f4146734490099bab251c4425c379c08575cd65f04a41135959e5739c9b5ee62757f8e611c676410b1c12fe32500913845e5cb6bae6af0c5aaa88141ce88fad7f0947a1f92e5e4fce386d87297c1b547eee377d5dbddc53b0fb19a7cf2cbf35c"}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/irq/2/name\x00', 0x800, 0x0)
read$auto(r0, 0x0, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x200, 0x3, 0x205, 0x7, 0x0, 0x3ffff, 0x0, 0x3, 0x7069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x0, 0x100000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d)
r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/max_vfs\x00', 0x2042, 0x0)
write$auto(r1, &(0x7f0000000080)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\xd6M\xce\xd6\'\t\xf8\x93\xc8\x92\xc8\x85H\x05\xae\xdf\x04\x15A\xdb$\'\x87', 0x1)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r3)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01ed29bd7000fbdbdf2504000009040005000800040009000000"], 0x20}, 0x1, 0x3000700, 0x0, 0x1}, 0x8010)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000227bd7000ffdbdf2502000000060001000f0000000600010081000000"], 0x24}}, 0x4000000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), r3)
socket(0x10, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
ioctl$auto(r5, 0x542e, r5)
close_range$auto(0x2, 0x8, 0x0)
1m4.979492356s ago: executing program 33 (id=2526):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
statmount$auto(0x0, &(0x7f00000004c0)={0x8, 0x1, 0x9, 0x7, 0x7, 0x0, 0x5, 0xffffffff, 0x2000000000210006, 0x0, 0x7, 0x5, 0x5, 0x7, 0xaf, 0x6, 0x8, 0x3, 0xa, 0x7, 0x0, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, [0x3, 0x0, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x200000000000000, 0x0, 0x200], "94ca3e8d0d3a40a841e4e8bcd119c28e72a40dce9754debb6c59f9187508f4146734490099bab251c4425c379c08575cd65f04a41135959e5739c9b5ee62757f8e611c676410b1c12fe32500913845e5cb6bae6af0c5aaa88141ce88fad7f0947a1f92e5e4fce386d87297c1b547eee377d5dbddc53b0fb19a7cf2cbf35c"}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/irq/2/name\x00', 0x800, 0x0)
read$auto(r0, 0x0, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x9, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x200, 0x3, 0x205, 0x7, 0x0, 0x3ffff, 0x0, 0x3, 0x7069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x5, 0x8000004, 0x0, 0x100000000000000, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x0, 0x8000000000000001, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d)
r1 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/max_vfs\x00', 0x2042, 0x0)
write$auto(r1, &(0x7f0000000080)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xfc\xb2\x00\x00\x00\x00\x00\x10\x00\x00\x00\x00\xd6M\xce\xd6\'\t\xf8\x93\xc8\x92\xc8\x85H\x05\xae\xdf\x04\x15A\xdb$\'\x87', 0x1)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r3)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000480)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01ed29bd7000fbdbdf2504000009040005000800040009000000"], 0x20}, 0x1, 0x3000700, 0x0, 0x1}, 0x8010)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000227bd7000ffdbdf2502000000060001000f0000000600010081000000"], 0x24}}, 0x4000000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), r3)
socket(0x10, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
ioctl$auto(r5, 0x542e, r5)
close_range$auto(0x2, 0x8, 0x0)
609.670542ms ago: executing program 0 (id=2661):
r0 = socket(0x23, 0x2, 0x0)
pwrite64$auto(r0, 0x0, 0xc31, 0x9)
close_range$auto(0x2, 0x8, 0x7000000)
567.091042ms ago: executing program 0 (id=2662):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
r1 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r1, 0x65, 0x8, 0x0, 0x5)
write$auto(r0, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3)
524.236466ms ago: executing program 0 (id=2663):
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
socket(0x15, 0x6, 0x3)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
unlink$auto(&(0x7f00000000c0)='./file0\x00')
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0xfffffffffffffff9, 0x2000a, 0x100000000009f, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000480)='/dev/sda1\x00', 0x8800, 0x0)
cachestat$auto(r1, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe800007c0fe00"}, 0x1c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptycc\x00', 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0xffffffffffffffff, 0x8000)
r3 = memfd_create$auto(0x0, 0x4)
statx$auto(r3, 0x0, 0x1ff, 0x9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video31\x00', 0x640601, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x20000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0)
write$auto(0x3, 0x0, 0xfdef)
ioctl$auto(0x3, 0x541a, 0xffffffffffffffff)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
336.521773ms ago: executing program 0 (id=2664):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
socket(0x1e, 0x1, 0x0)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f00000000c0)={0x4, 0x8, [{0xffffffffffffffff, 0x0, 0xfffffffffffffffe, 0x8000000ba1}, {0xffffffffffffffff, 0x0, 0x400, 0x5}, {0xffffffffffffffff, 0x0, 0x2, 0x2}]})
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
152.367959ms ago: executing program 0 (id=2665):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
flock$auto(0xffffffffffffffff, 0x6)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (fail_nth: 5)
swapon$auto(&(0x7f0000000000)='/dev/ram5\x00', 0x0)
socket(0xa, 0x5, 0x84)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0)
lseek$auto(0x3, 0x2, 0x4)
fchown$auto(0xffffffffffffffff, 0x0, 0x0)
0s ago: executing program 0 (id=2666):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={0x0, 0x30000, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="05082dbd7000fbdbdf257e", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
kernel console output (not intermixed with test programs):
01] do_user_addr_fault+0x74c/0x12f0
[ 553.833771][T14501] exc_page_fault+0x6f/0xd0
[ 553.833811][T14501] asm_exc_page_fault+0x26/0x30
[ 553.833925][T14501] RIP: 0010:__get_user_8+0x14/0x30
[ 553.833961][T14501] Code: ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <48> 8b 10 31 c0 0f 01 ca e9 7f 8c 04 00 66 66 2e 0f 1f 84 00 00 00
[ 553.833987][T14501] RSP: 0000:ffffc90005c2fd38 EFLAGS: 00050287
[ 553.834008][T14501] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc90005c2fcdc
[ 553.834024][T14501] RDX: 00007ffffffff000 RSI: ffffffff82561871 RDI: ffffffff8c1b11a0
[ 553.834042][T14501] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000000000001ca
[ 553.834057][T14501] R10: 0000000000000200 R11: 0000000000000000 R12: 00000000ffffffff
[ 553.834073][T14501] R13: 0000000000000117 R14: 1ffff92000b85fb7 R15: 0000000000000000
[ 553.834100][T14501] ? __might_fault+0x111/0x140
[ 553.834145][T14501] kernel_move_pages+0x325/0x13f0
[ 553.834190][T14501] ? __pfx_kernel_move_pages+0x10/0x10
[ 553.834234][T14501] ? fput+0x79/0x100
[ 553.834271][T14501] ? ksys_write+0x1ac/0x250
[ 553.834296][T14501] ? __pfx_ksys_write+0x10/0x10
[ 553.834344][T14501] __x64_sys_move_pages+0xe0/0x1c0
[ 553.834378][T14501] ? do_syscall_64+0x95/0xf80
[ 553.834417][T14501] ? lockdep_hardirqs_on+0x78/0x100
[ 553.834456][T14501] do_syscall_64+0x106/0xf80
[ 553.834494][T14501] ? clear_bhb_loop+0x40/0x90
[ 553.834526][T14501] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 553.834553][T14501] RIP: 0033:0x7fdff499c799
[ 553.834573][T14501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 553.834598][T14501] RSP: 002b:00007fdff58b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[ 553.834621][T14501] RAX: ffffffffffffffda RBX: 00007fdff4c15fa0 RCX: 00007fdff499c799
[ 553.834638][T14501] RDX: 0000000000000000 RSI: 0000000000001002 RDI: 0000000000000000
[ 553.834654][T14501] RBP: 00007fdff58b2090 R08: 0000000000000000 R09: 0000000000000000
[ 553.834670][T14501] R10: 0000200000001140 R11: 0000000000000246 R12: 0000000000000001
[ 553.834686][T14501] R13: 00007fdff4c16038 R14: 00007fdff4c15fa0 R15: 00007fff59ad9968
[ 553.834721][T14501]
[ 557.134466][T14551] zram0: detected capacity change from 0 to 16
[ 557.677817][T14560] openvswitch: netlink: Duplicate or invalid key (type 0).
[ 557.727121][T14560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2255'.
[ 559.205008][T14587] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2260'.
[ 559.259210][T14587] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2260'.
[ 560.396866][T14615] input: j�J�Ǹ-9%vJ86� as /devices/virtual/input/input35
[ 562.020718][T14644] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2273'.
[ 562.130950][T14644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2273'.
[ 562.482272][T14656] FAULT_INJECTION: forcing a failure.
[ 562.482272][T14656] name failslab, interval 1, probability 0, space 0, times 0
[ 562.505559][T14656] CPU: 0 UID: 0 PID: 14656 Comm: syz.3.2278 Tainted: G L syzkaller #0 PREEMPT(full)
[ 562.505615][T14656] Tainted: [L]=SOFTLOCKUP
[ 562.505629][T14656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 562.505648][T14656] Call Trace:
[ 562.505660][T14656]
[ 562.505673][T14656] dump_stack_lvl+0x100/0x190
[ 562.505736][T14656] should_fail_ex.cold+0x5/0xa
[ 562.505779][T14656] should_failslab+0xc2/0x120
[ 562.505818][T14656] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 562.505874][T14656] ? __d_alloc+0x34/0xa80
[ 562.505915][T14656] ? security_inode_alloc+0xcf/0x2c0
[ 562.505959][T14656] __d_alloc+0x34/0xa80
[ 562.506003][T14656] path_from_stashed+0x427/0x750
[ 562.506052][T14656] pidfs_alloc_file+0xf8/0x290
[ 562.506086][T14656] ? __pfx_pidfs_alloc_file+0x10/0x10
[ 562.506132][T14656] pidfd_prepare+0x123/0x200
[ 562.506178][T14656] __x64_sys_pidfd_open+0x105/0x1a0
[ 562.506229][T14656] ? __pfx___x64_sys_pidfd_open+0x10/0x10
[ 562.506292][T14656] do_syscall_64+0x106/0xf80
[ 562.506345][T14656] ? clear_bhb_loop+0x40/0x90
[ 562.506388][T14656] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 562.506422][T14656] RIP: 0033:0x7fdff499c799
[ 562.506451][T14656] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 562.506486][T14656] RSP: 002b:00007fdff5891028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2
[ 562.506520][T14656] RAX: ffffffffffffffda RBX: 00007fdff4c16090 RCX: 00007fdff499c799
[ 562.506543][T14656] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 562.506571][T14656] RBP: 00007fdff4a32c99 R08: 0000000000000000 R09: 0000000000000000
[ 562.506592][T14656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 562.506613][T14656] R13: 00007fdff4c16128 R14: 00007fdff4c16090 R15: 00007fff59ad9968
[ 562.506660][T14656]
[ 562.992298][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 562.998865][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 563.397055][T14666] FAULT_INJECTION: forcing a failure.
[ 563.397055][T14666] name failslab, interval 1, probability 0, space 0, times 0
[ 563.412360][T14666] CPU: 1 UID: 0 PID: 14666 Comm: syz.2.2280 Tainted: G L syzkaller #0 PREEMPT(full)
[ 563.412414][T14666] Tainted: [L]=SOFTLOCKUP
[ 563.412425][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 563.412444][T14666] Call Trace:
[ 563.412453][T14666]
[ 563.412466][T14666] dump_stack_lvl+0x100/0x190
[ 563.412527][T14666] should_fail_ex.cold+0x5/0xa
[ 563.412568][T14666] should_failslab+0xc2/0x120
[ 563.412607][T14666] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 563.412662][T14666] ? __d_alloc+0x34/0xa80
[ 563.412700][T14666] ? lockdep_init_map_type+0x5c/0x250
[ 563.412753][T14666] __d_alloc+0x34/0xa80
[ 563.412796][T14666] d_alloc_pseudo+0x1c/0xc0
[ 563.412847][T14666] alloc_file_pseudo+0xcf/0x230
[ 563.412894][T14666] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 563.412941][T14666] ? alloc_fd+0x476/0x790
[ 563.412992][T14666] sock_alloc_file+0x50/0x210
[ 563.413052][T14666] __sys_socket+0x1c0/0x260
[ 563.413093][T14666] ? __pfx___sys_socket+0x10/0x10
[ 563.413148][T14666] __x64_sys_socket+0x72/0xb0
[ 563.413191][T14666] ? lockdep_hardirqs_on+0x78/0x100
[ 563.413245][T14666] do_syscall_64+0x106/0xf80
[ 563.413307][T14666] ? clear_bhb_loop+0x40/0x90
[ 563.413369][T14666] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 563.413406][T14666] RIP: 0033:0x7f6547b9c799
[ 563.413435][T14666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 563.413469][T14666] RSP: 002b:00007f6548a0b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 563.413502][T14666] RAX: ffffffffffffffda RBX: 00007f6547e15fa0 RCX: 00007f6547b9c799
[ 563.413524][T14666] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 563.413546][T14666] RBP: 00007f6547c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 563.413567][T14666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 563.413589][T14666] R13: 00007f6547e16038 R14: 00007f6547e15fa0 R15: 00007ffc9e0f3b88
[ 563.413634][T14666]
[ 564.457394][T14700] FAULT_INJECTION: forcing a failure.
[ 564.457394][T14700] name failslab, interval 1, probability 0, space 0, times 0
[ 564.485856][T14700] CPU: 0 UID: 0 PID: 14700 Comm: syz.3.2291 Tainted: G L syzkaller #0 PREEMPT(full)
[ 564.485920][T14700] Tainted: [L]=SOFTLOCKUP
[ 564.485932][T14700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 564.485953][T14700] Call Trace:
[ 564.485964][T14700]
[ 564.485976][T14700] dump_stack_lvl+0x100/0x190
[ 564.486039][T14700] should_fail_ex.cold+0x5/0xa
[ 564.486081][T14700] should_failslab+0xc2/0x120
[ 564.486121][T14700] kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 564.486179][T14700] ? zswap_store+0xc42/0x29d0
[ 564.486229][T14700] ? zswap_store+0x60a/0x29d0
[ 564.486274][T14700] zswap_store+0xc42/0x29d0
[ 564.486316][T14700] ? smp_call_function_many_cond+0x11d1/0x1500
[ 564.486365][T14700] ? __pfx_should_flush_tlb+0x10/0x10
[ 564.486421][T14700] ? __pfx_zswap_store+0x10/0x10
[ 564.486465][T14700] ? do_raw_spin_lock+0x128/0x260
[ 564.486518][T14700] ? find_held_lock+0x2b/0x80
[ 564.486552][T14700] ? folio_free_swap+0x3d9/0xb50
[ 564.486587][T14700] ? folio_free_swap+0x3d9/0xb50
[ 564.486628][T14700] ? do_raw_spin_unlock+0x145/0x1e0
[ 564.486683][T14700] ? _raw_spin_unlock+0x28/0x50
[ 564.486731][T14700] ? folio_free_swap+0x39/0xb50
[ 564.486776][T14700] swap_writeout+0x49d/0x12b0
[ 564.486848][T14700] shrink_folio_list+0x5c4a/0x6000
[ 564.486925][T14700] ? __pfx_shrink_folio_list+0x10/0x10
[ 564.486984][T14700] ? __lock_acquire+0x4a5/0x2630
[ 564.487036][T14700] ? __lock_acquire+0x4a5/0x2630
[ 564.487119][T14700] ? kernel_text_address+0x8d/0x100
[ 564.487172][T14700] ? __kernel_text_address+0xd/0x30
[ 564.487223][T14700] ? unwind_get_return_address+0x59/0xa0
[ 564.487271][T14700] reclaim_folio_list+0xdc/0x600
[ 564.487327][T14700] ? __pfx_reclaim_folio_list+0x10/0x10
[ 564.487394][T14700] ? lru_gen_update_size+0x431/0xe40
[ 564.487453][T14700] ? lru_gen_del_folio+0x382/0x5f0
[ 564.487503][T14700] reclaim_pages+0x428/0x5e0
[ 564.487559][T14700] ? __pfx_reclaim_pages+0x10/0x10
[ 564.487607][T14700] ? find_held_lock+0x2b/0x80
[ 564.487641][T14700] ? madvise_cold_or_pageout_pte_range+0xb49/0x2720
[ 564.487705][T14700] madvise_cold_or_pageout_pte_range+0x1635/0x2720
[ 564.487782][T14700] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 564.487839][T14700] ? stack_trace_save+0x8e/0xc0
[ 564.487889][T14700] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 564.487956][T14700] walk_pgd_range+0xc04/0x1eb0
[ 564.488044][T14700] ? __pfx_walk_pgd_range+0x10/0x10
[ 564.488114][T14700] __walk_page_range+0x163/0x820
[ 564.488172][T14700] ? find_held_lock+0x2b/0x80
[ 564.488225][T14700] walk_page_range_vma_unsafe+0x209/0x8f0
[ 564.488268][T14700] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[ 564.488313][T14700] ? find_held_lock+0x2b/0x80
[ 564.488348][T14700] ? mlock_drain_local+0x254/0x4e0
[ 564.488402][T14700] ? mlock_drain_local+0x254/0x4e0
[ 564.488462][T14700] walk_page_range_vma+0x63/0x90
[ 564.488500][T14700] madvise_pageout+0x259/0x540
[ 564.488543][T14700] ? __pfx_madvise_pageout+0x10/0x10
[ 564.488607][T14700] ? mtree_range_walk+0x6ce/0xcd0
[ 564.488661][T14700] madvise_vma_behavior+0x3e6/0x3050
[ 564.488707][T14700] ? mt_find+0x687/0x8e0
[ 564.488737][T14700] ? mt_find+0x687/0x8e0
[ 564.488768][T14700] ? __pfx_madvise_vma_behavior+0x10/0x10
[ 564.488817][T14700] ? mt_find+0x45e/0x8e0
[ 564.488853][T14700] ? __pfx_mt_find+0x10/0x10
[ 564.488904][T14700] ? find_vma_prev+0xd8/0x150
[ 564.488954][T14700] ? futex_unqueue+0x133/0x2c0
[ 564.489009][T14700] ? find_vma+0xbf/0x140
[ 564.489043][T14700] ? __pfx_find_vma+0x10/0x10
[ 564.489075][T14700] ? __futex_wait+0x256/0x300
[ 564.489137][T14700] madvise_walk_vmas+0x2fe/0xa90
[ 564.489188][T14700] ? __pfx_madvise_walk_vmas+0x10/0x10
[ 564.489243][T14700] madvise_do_behavior+0x1ea/0x510
[ 564.489290][T14700] ? __pfx_madvise_do_behavior+0x10/0x10
[ 564.489333][T14700] ? down_read+0x13b/0x460
[ 564.489388][T14700] do_madvise+0x195/0x240
[ 564.489429][T14700] ? __pfx_do_madvise+0x10/0x10
[ 564.489471][T14700] ? do_futex+0x192/0x350
[ 564.489524][T14700] ? __pfx_get_nodes+0x10/0x10
[ 564.489584][T14700] __x64_sys_madvise+0xa9/0x110
[ 564.489626][T14700] ? lockdep_hardirqs_on+0x78/0x100
[ 564.489674][T14700] do_syscall_64+0x106/0xf80
[ 564.489725][T14700] ? clear_bhb_loop+0x40/0x90
[ 564.489767][T14700] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 564.489802][T14700] RIP: 0033:0x7fdff499c799
[ 564.489830][T14700] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 564.489862][T14700] RSP: 002b:00007fdff58b2028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 564.489903][T14700] RAX: ffffffffffffffda RBX: 00007fdff4c15fa0 RCX: 00007fdff499c799
[ 564.489926][T14700] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000
[ 564.489946][T14700] RBP: 00007fdff4a32c99 R08: 0000000000000000 R09: 0000000000000000
[ 564.489967][T14700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 564.489987][T14700] R13: 00007fdff4c16038 R14: 00007fdff4c15fa0 R15: 00007fff59ad9968
[ 564.490032][T14700]
[ 565.087751][T14706] Format for deleting device is "id" (uint).
[ 565.170212][T14701] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2289'.
[ 565.258280][T14701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2289'.
[ 565.519822][T14709] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2293'.
[ 565.533514][T14714] FAULT_INJECTION: forcing a failure.
[ 565.533514][T14714] name failslab, interval 1, probability 0, space 0, times 0
[ 565.547241][T14714] CPU: 0 UID: 0 PID: 14714 Comm: syz.2.2295 Tainted: G L syzkaller #0 PREEMPT(full)
[ 565.547295][T14714] Tainted: [L]=SOFTLOCKUP
[ 565.547315][T14714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 565.547334][T14714] Call Trace:
[ 565.547345][T14714]
[ 565.547357][T14714] dump_stack_lvl+0x100/0x190
[ 565.547417][T14714] should_fail_ex.cold+0x5/0xa
[ 565.547459][T14714] should_failslab+0xc2/0x120
[ 565.547496][T14714] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 565.547549][T14714] ? security_file_alloc+0x34/0x2c0
[ 565.547593][T14714] ? trace_kmem_cache_alloc+0xf3/0x120
[ 565.547638][T14714] security_file_alloc+0x34/0x2c0
[ 565.547683][T14714] init_file+0x95/0x480
[ 565.547725][T14714] alloc_empty_file+0x73/0x1c0
[ 565.547771][T14714] alloc_file_pseudo+0x13a/0x230
[ 565.547818][T14714] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 565.547863][T14714] ? alloc_fd+0x476/0x790
[ 565.547904][T14714] sock_alloc_file+0x50/0x210
[ 565.547960][T14714] __sys_socket+0x1c0/0x260
[ 565.548006][T14714] ? __pfx___sys_socket+0x10/0x10
[ 565.548058][T14714] __x64_sys_socket+0x72/0xb0
[ 565.548096][T14714] ? lockdep_hardirqs_on+0x78/0x100
[ 565.548150][T14714] do_syscall_64+0x106/0xf80
[ 565.548204][T14714] ? clear_bhb_loop+0x40/0x90
[ 565.548266][T14714] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 565.548302][T14714] RIP: 0033:0x7f6547b9c799
[ 565.548338][T14714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 565.548371][T14714] RSP: 002b:00007f65489ea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 565.548405][T14714] RAX: ffffffffffffffda RBX: 00007f6547e16090 RCX: 00007f6547b9c799
[ 565.548428][T14714] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 565.548448][T14714] RBP: 00007f6547c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 565.548468][T14714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 565.548487][T14714] R13: 00007f6547e16128 R14: 00007f6547e16090 R15: 00007ffc9e0f3b88
[ 565.548531][T14714]
[ 566.252661][T14727] zram0: detected capacity change from 16 to 0
[ 566.305843][ T9693] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 566.336977][ T9693] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 566.345971][ T9693] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 566.354441][ T9693] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 566.362925][ T9693] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 567.360959][T14728] chnl_net:caif_netlink_parms(): no params data found
[ 567.414348][T14750] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2305'.
[ 567.424099][T14752] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2305'.
[ 567.458317][T14748] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2305'.
[ 567.951868][ T8510] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 568.117439][T14728] bridge0: port 1(bridge_slave_0) entered blocking state
[ 568.137174][T14728] bridge0: port 1(bridge_slave_0) entered disabled state
[ 568.146819][T14728] bridge_slave_0: entered allmulticast mode
[ 568.159945][T14728] bridge_slave_0: entered promiscuous mode
[ 568.180052][T14728] bridge0: port 2(bridge_slave_1) entered blocking state
[ 568.197971][T14728] bridge0: port 2(bridge_slave_1) entered disabled state
[ 568.205327][T14728] bridge_slave_1: entered allmulticast mode
[ 568.240677][T14728] bridge_slave_1: entered promiscuous mode
[ 568.362103][ T8510] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 568.434650][ T9728] Bluetooth: hci4: command tx timeout
[ 568.495037][ T8510] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 568.516438][T14728] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 568.551686][T14728] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 568.629640][ T8510] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 568.691952][T14762] FAULT_INJECTION: forcing a failure.
[ 568.691952][T14762] name failslab, interval 1, probability 0, space 0, times 0
[ 568.748410][T14762] CPU: 0 UID: 0 PID: 14762 Comm: syz.0.2307 Tainted: G L syzkaller #0 PREEMPT(full)
[ 568.748463][T14762] Tainted: [L]=SOFTLOCKUP
[ 568.748476][T14762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 568.748496][T14762] Call Trace:
[ 568.748506][T14762]
[ 568.748519][T14762] dump_stack_lvl+0x100/0x190
[ 568.748581][T14762] should_fail_ex.cold+0x5/0xa
[ 568.748622][T14762] should_failslab+0xc2/0x120
[ 568.748661][T14762] __kmalloc_cache_noprof+0x7a/0x6f0
[ 568.748711][T14762] ? sctp_endpoint_new+0xfc/0xb20
[ 568.748888][T14762] ? __debug_object_init+0x2de/0x3d0
[ 568.748962][T14762] sctp_endpoint_new+0xfc/0xb20
[ 568.749020][T14762] ? __pfx_sctp_endpoint_new+0x10/0x10
[ 568.749076][T14762] ? lockdep_init_map_type+0x5c/0x250
[ 568.749135][T14762] ? lockdep_init_map_type+0x5c/0x250
[ 568.749184][T14762] ? lockdep_init_map_type+0x5c/0x250
[ 568.749239][T14762] sctp_init_sock+0xe2b/0x1300
[ 568.749294][T14762] ? __pfx_sctp_v6_init_sock+0x10/0x10
[ 568.749352][T14762] sctp_v6_init_sock+0x16/0x70
[ 568.749404][T14762] ? __pfx_sctp_v6_init_sock+0x10/0x10
[ 568.749457][T14762] inet6_create+0xb21/0x12b0
[ 568.749555][T14762] ? inet6_create+0x7f/0x12b0
[ 568.749613][T14762] __sock_create+0x339/0x860
[ 568.749663][T14762] __sys_socket+0x14d/0x260
[ 568.749706][T14762] ? __pfx___sys_socket+0x10/0x10
[ 568.749760][T14762] __x64_sys_socket+0x72/0xb0
[ 568.749800][T14762] ? lockdep_hardirqs_on+0x78/0x100
[ 568.749868][T14762] do_syscall_64+0x106/0xf80
[ 568.749922][T14762] ? clear_bhb_loop+0x40/0x90
[ 568.749969][T14762] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 568.750006][T14762] RIP: 0033:0x7f665639c799
[ 568.750037][T14762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 568.750073][T14762] RSP: 002b:00007f6657181028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 568.750109][T14762] RAX: ffffffffffffffda RBX: 00007f6656616090 RCX: 00007f665639c799
[ 568.750141][T14762] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a
[ 568.750164][T14762] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 568.750186][T14762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 568.750208][T14762] R13: 00007f6656616128 R14: 00007f6656616090 R15: 00007ffdb59a53f8
[ 568.750255][T14762]
[ 569.019917][T14770] FAULT_INJECTION: forcing a failure.
[ 569.019917][T14770] name failslab, interval 1, probability 0, space 0, times 0
[ 569.033005][T14770] CPU: 0 UID: 0 PID: 14770 Comm: syz.2.2311 Tainted: G L syzkaller #0 PREEMPT(full)
[ 569.033055][T14770] Tainted: [L]=SOFTLOCKUP
[ 569.033066][T14770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 569.033084][T14770] Call Trace:
[ 569.033094][T14770]
[ 569.033104][T14770] dump_stack_lvl+0x100/0x190
[ 569.033160][T14770] should_fail_ex.cold+0x5/0xa
[ 569.033198][T14770] should_failslab+0xc2/0x120
[ 569.033234][T14770] kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 569.033294][T14770] ? __alloc_skb+0x140/0x710
[ 569.033349][T14770] __alloc_skb+0x140/0x710
[ 569.033392][T14770] ? __alloc_skb+0x5b7/0x710
[ 569.033438][T14770] ? __pfx___alloc_skb+0x10/0x10
[ 569.033505][T14770] netlink_alloc_large_skb+0x69/0x150
[ 569.033583][T14770] netlink_sendmsg+0x680/0xda0
[ 569.033622][T14770] ? __pfx_netlink_sendmsg+0x10/0x10
[ 569.033651][T14770] ? __import_iovec+0x1d2/0x640
[ 569.033698][T14770] ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 569.033862][T14770] ____sys_sendmsg+0x9e1/0xb70
[ 569.033897][T14770] ? __pfx_netlink_sendmsg+0x10/0x10
[ 569.033930][T14770] ? __pfx_____sys_sendmsg+0x10/0x10
[ 569.033985][T14770] ___sys_sendmsg+0x190/0x1e0
[ 569.034025][T14770] ? __pfx____sys_sendmsg+0x10/0x10
[ 569.034101][T14770] ? __pfx_vfs_write+0x10/0x10
[ 569.034133][T14770] ? do_sys_openat2+0x157/0x1e0
[ 569.034184][T14770] __sys_sendmsg+0x170/0x220
[ 569.034235][T14770] ? __pfx___sys_sendmsg+0x10/0x10
[ 569.034308][T14770] do_syscall_64+0x106/0xf80
[ 569.034356][T14770] ? clear_bhb_loop+0x40/0x90
[ 569.034396][T14770] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 569.034430][T14770] RIP: 0033:0x7f6547b9c799
[ 569.034458][T14770] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 569.034491][T14770] RSP: 002b:00007f6548a0b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 569.034534][T14770] RAX: ffffffffffffffda RBX: 00007f6547e15fa0 RCX: 00007f6547b9c799
[ 569.034554][T14770] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[ 569.034573][T14770] RBP: 00007f6548a0b090 R08: 0000000000000000 R09: 0000000000000000
[ 569.034593][T14770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 569.034612][T14770] R13: 00007f6547e16038 R14: 00007f6547e15fa0 R15: 00007ffc9e0f3b88
[ 569.034656][T14770]
[ 569.281496][T14728] team0: Port device team_slave_0 added
[ 569.311041][T14728] team0: Port device team_slave_1 added
[ 569.431547][T14728] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 569.450632][T14728] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 569.528320][T14728] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 569.551144][T14728] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 569.558170][T14728] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 569.590971][T14728] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 569.964104][T14728] hsr_slave_0: entered promiscuous mode
[ 570.000107][T14728] hsr_slave_1: entered promiscuous mode
[ 570.006537][T14728] debugfs: 'hsr0' already exists in 'hsr'
[ 570.024133][T14728] Cannot create hsr debugfs directory
[ 570.523004][ T9728] Bluetooth: hci4: command tx timeout
[ 570.865312][ T8510] bond0: left allmulticast mode
[ 570.875802][ T8510] bond_slave_1: left allmulticast mode
[ 570.883801][ T8510] bond0: left promiscuous mode
[ 570.888649][ T8510] bond_slave_1: left promiscuous mode
[ 570.898772][ T8510] bridge0: port 2(bond0) entered disabled state
[ 570.930203][ T8510] bridge_slave_0: left allmulticast mode
[ 570.935946][ T8510] bridge_slave_0: left promiscuous mode
[ 570.942836][ T8510] bridge0: port 1(bridge_slave_0) entered disabled state
[ 571.301757][ T9728] Bluetooth: hci3: Received unexpected HCI Event 0x00
[ 571.346304][ T8510] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 571.358781][ T8510] bond0 (unregistering): Released all slaves
[ 571.449958][ T8510] ovs_�: left promiscuous mode
[ 571.553354][ T8510] tipc: Left network mode
[ 572.590478][ T9728] Bluetooth: hci4: command tx timeout
[ 573.210600][ T8510] hsr_slave_0: left promiscuous mode
[ 573.248762][ T8510] hsr_slave_1: left promiscuous mode
[ 573.273544][ T8510] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 573.287876][ T8510] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 573.325300][ T8510] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 573.333102][ T8510] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 573.362665][ T9693] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 573.430797][ T8510] veth1_macvtap: left promiscuous mode
[ 573.436789][ T8510] veth0_macvtap: left promiscuous mode
[ 573.710433][T14826] phram: not enough arguments
[ 573.736581][T14826] input: j�J�Ǹ-9%vlQ J86� as /devices/virtual/input/input36
[ 573.839932][ T8510] team0 (unregistering): Port device team_slave_1 removed
[ 573.873164][ T8510] team0 (unregistering): Port device team_slave_0 removed
[ 574.183809][T14828] FAULT_INJECTION: forcing a failure.
[ 574.183809][T14828] name failslab, interval 1, probability 0, space 0, times 0
[ 574.244289][T14828] CPU: 1 UID: 0 PID: 14828 Comm: syz.2.2324 Tainted: G L syzkaller #0 PREEMPT(full)
[ 574.244342][T14828] Tainted: [L]=SOFTLOCKUP
[ 574.244355][T14828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 574.244376][T14828] Call Trace:
[ 574.244385][T14828]
[ 574.244399][T14828] dump_stack_lvl+0x100/0x190
[ 574.244462][T14828] should_fail_ex.cold+0x5/0xa
[ 574.244507][T14828] should_failslab+0xc2/0x120
[ 574.244546][T14828] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 574.244618][T14828] ? __d_alloc+0x34/0xa80
[ 574.244657][T14828] ? lockdep_init_map_type+0x5c/0x250
[ 574.244710][T14828] __d_alloc+0x34/0xa80
[ 574.244752][T14828] d_alloc_pseudo+0x1c/0xc0
[ 574.244804][T14828] alloc_file_pseudo+0xcf/0x230
[ 574.244851][T14828] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 574.244898][T14828] ? alloc_fd+0x476/0x790
[ 574.244941][T14828] sock_alloc_file+0x50/0x210
[ 574.244998][T14828] __sys_socket+0x1c0/0x260
[ 574.245040][T14828] ? __pfx___sys_socket+0x10/0x10
[ 574.245094][T14828] __x64_sys_socket+0x72/0xb0
[ 574.245136][T14828] ? lockdep_hardirqs_on+0x78/0x100
[ 574.245192][T14828] do_syscall_64+0x106/0xf80
[ 574.245244][T14828] ? clear_bhb_loop+0x40/0x90
[ 574.245289][T14828] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 574.245326][T14828] RIP: 0033:0x7f6547b9c799
[ 574.245355][T14828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 574.245390][T14828] RSP: 002b:00007f6548a0b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 574.245425][T14828] RAX: ffffffffffffffda RBX: 00007f6547e15fa0 RCX: 00007f6547b9c799
[ 574.245450][T14828] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 574.245471][T14828] RBP: 00007f6547c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 574.245492][T14828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 574.245513][T14828] R13: 00007f6547e16038 R14: 00007f6547e15fa0 R15: 00007ffc9e0f3b88
[ 574.245568][T14828]
[ 574.621933][T14728] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 574.677444][ T9693] Bluetooth: hci4: command tx timeout
[ 574.738177][T14728] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 574.890651][T14728] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 574.934783][T14728] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 575.133103][T14860] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2329'.
[ 575.153667][T14860] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2329'.
[ 575.335311][ T9693] Bluetooth: hci2: Malformed LE Event: 0x0b
[ 575.525165][T14728] 8021q: adding VLAN 0 to HW filter on device bond0
[ 576.022185][T14881] bridge0: port 2(bond0) entered blocking state
[ 576.028571][T14881] bridge0: port 2(bond0) entered disabled state
[ 576.061805][T14881] bond0: entered allmulticast mode
[ 576.088479][T14881] bond_slave_0: entered allmulticast mode
[ 576.131601][T14881] bond_slave_1: entered allmulticast mode
[ 576.155772][T14881] bond0: entered promiscuous mode
[ 576.160890][T14881] bond_slave_0: entered promiscuous mode
[ 576.167568][T14881] bond_slave_1: entered promiscuous mode
[ 576.174541][T14881] bridge0: port 2(bond0) entered blocking state
[ 576.180974][T14881] bridge0: port 2(bond0) entered forwarding state
[ 576.200981][T14728] 8021q: adding VLAN 0 to HW filter on device team0
[ 576.229528][ T8521] bridge0: port 1(bridge_slave_0) entered blocking state
[ 576.236750][ T8521] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 576.339526][ T8525] bridge0: port 2(bridge_slave_1) entered blocking state
[ 576.346762][ T8525] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 576.887043][T14728] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 577.002062][T14728] veth0_vlan: entered promiscuous mode
[ 577.142727][T14728] veth1_vlan: entered promiscuous mode
[ 577.315183][T14728] veth0_macvtap: entered promiscuous mode
[ 577.342600][T14908] bridge0: port 2(bond0) entered blocking state
[ 577.357497][T14908] bridge0: port 2(bond0) entered disabled state
[ 577.378242][T14908] bond0: entered allmulticast mode
[ 577.391121][T14908] bond_slave_1: entered allmulticast mode
[ 577.443774][T14908] bond0: entered promiscuous mode
[ 577.455525][T14908] bond_slave_1: entered promiscuous mode
[ 577.473200][T14908] bridge0: port 2(bond0) entered blocking state
[ 577.479639][T14908] bridge0: port 2(bond0) entered forwarding state
[ 577.523297][T14728] veth1_macvtap: entered promiscuous mode
[ 577.582207][T14728] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 577.614038][T14728] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 577.635673][ T9077] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 577.689822][ T9077] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 577.736288][ T9077] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 577.770031][T14913] zram0: detected capacity change from 0 to 16
[ 577.782585][ T9077] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 577.909684][ T8510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 577.943379][ T8510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 577.989993][ T8510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 578.002378][ T8510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 578.180527][T14911] FAULT_INJECTION: forcing a failure.
[ 578.180527][T14911] name failslab, interval 1, probability 0, space 0, times 0
[ 578.223067][T14911] CPU: 0 UID: 0 PID: 14911 Comm: syz.3.2339 Tainted: G L syzkaller #0 PREEMPT(full)
[ 578.223117][T14911] Tainted: [L]=SOFTLOCKUP
[ 578.223129][T14911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 578.223150][T14911] Call Trace:
[ 578.223160][T14911]
[ 578.223173][T14911] dump_stack_lvl+0x100/0x190
[ 578.223230][T14911] should_fail_ex.cold+0x5/0xa
[ 578.223268][T14911] ? lsm_blob_alloc+0x68/0x90
[ 578.223315][T14911] should_failslab+0xc2/0x120
[ 578.223352][T14911] __kmalloc_noprof+0xe0/0x850
[ 578.223401][T14911] ? trace_kmalloc+0x101/0x130
[ 578.223441][T14911] lsm_blob_alloc+0x68/0x90
[ 578.223488][T14911] security_sk_alloc+0x2d/0x290
[ 578.223523][T14911] sk_prot_alloc+0x12a/0x2a0
[ 578.223561][T14911] sk_alloc+0x36/0xe80
[ 578.223605][T14911] __netlink_create+0x5e/0x2c0
[ 578.223648][T14911] ? lockdep_hardirqs_on+0x78/0x100
[ 578.223698][T14911] netlink_create+0x293/0x610
[ 578.223742][T14911] ? __pfx_genl_bind+0x10/0x10
[ 578.223772][T14911] ? __pfx_genl_unbind+0x10/0x10
[ 578.223800][T14911] ? __pfx_genl_release+0x10/0x10
[ 578.223833][T14911] __sock_create+0x339/0x860
[ 578.223883][T14911] __sys_socket+0x14d/0x260
[ 578.223928][T14911] ? __pfx___sys_socket+0x10/0x10
[ 578.223975][T14911] __x64_sys_socket+0x72/0xb0
[ 578.224006][T14911] ? lockdep_hardirqs_on+0x78/0x100
[ 578.224045][T14911] do_syscall_64+0x106/0xf80
[ 578.224089][T14911] ? clear_bhb_loop+0x40/0x90
[ 578.224131][T14911] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 578.224165][T14911] RIP: 0033:0x7fdff499c799
[ 578.224192][T14911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 578.224224][T14911] RSP: 002b:00007fdff58b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 578.224255][T14911] RAX: ffffffffffffffda RBX: 00007fdff4c15fa0 RCX: 00007fdff499c799
[ 578.224277][T14911] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 578.224296][T14911] RBP: 00007fdff4a32c99 R08: 0000000000000000 R09: 0000000000000000
[ 578.224315][T14911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 578.224334][T14911] R13: 00007fdff4c16038 R14: 00007fdff4c15fa0 R15: 00007fff59ad9968
[ 578.224375][T14911]
[ 579.185053][T14927] zram0: detected capacity change from 16 to 0
[ 579.855141][T14944] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2345'.
[ 579.904103][T14944] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2345'.
[ 579.936199][T14941] zswap: compressor not available
[ 580.114121][T14948] nbd: socks must be embedded in a SOCK_ITEM attr
[ 580.125553][T14948] block nbd0: shutting down sockets
[ 580.499279][ T9728] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 580.515734][ T9728] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 580.516586][T14956] hub 1-0:1.0: USB hub found
[ 580.534039][ T9728] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 580.574046][ T9728] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 580.585906][T14956] hub 1-0:1.0: 1 port detected
[ 580.591487][ T9728] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 581.390331][T14963] FAULT_INJECTION: forcing a failure.
[ 581.390331][T14963] name failslab, interval 1, probability 0, space 0, times 0
[ 581.452792][T14963] CPU: 1 UID: 0 PID: 14963 Comm: syz.1.2352 Tainted: G L syzkaller #0 PREEMPT(full)
[ 581.452843][T14963] Tainted: [L]=SOFTLOCKUP
[ 581.452853][T14963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 581.452871][T14963] Call Trace:
[ 581.452881][T14963]
[ 581.452892][T14963] dump_stack_lvl+0x100/0x190
[ 581.452945][T14963] should_fail_ex.cold+0x5/0xa
[ 581.452981][T14963] should_failslab+0xc2/0x120
[ 581.453028][T14963] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 581.453084][T14963] ? __proc_create+0x2cb/0x8c0
[ 581.453122][T14963] __proc_create+0x2cb/0x8c0
[ 581.453152][T14963] ? __pfx___proc_create+0x10/0x10
[ 581.453186][T14963] ? _raw_write_unlock+0x28/0x50
[ 581.453230][T14963] ? proc_register+0x559/0x8a0
[ 581.453282][T14963] proc_create_reg+0x75/0x170
[ 581.453315][T14963] ? __pfx_can_stats_proc_show+0x10/0x10
[ 581.453489][T14963] proc_create_net_single+0x86/0x180
[ 581.453522][T14963] ? __pfx_proc_create_net_single+0x10/0x10
[ 581.453556][T14963] ? round_jiffies+0x10a/0x160
[ 581.453600][T14963] can_init_proc+0xac/0x4b0
[ 581.453646][T14963] can_pernet_init+0x1e4/0x370
[ 581.453689][T14963] ? __pfx_can_pernet_init+0x10/0x10
[ 581.453729][T14963] ops_init+0x1e2/0x5f0
[ 581.453783][T14963] setup_net+0x118/0x3a0
[ 581.453837][T14963] ? __pfx_setup_net+0x10/0x10
[ 581.453882][T14963] ? lockdep_init_map_type+0x5c/0x250
[ 581.453926][T14963] ? mutex_init_lockep+0x110/0x150
[ 581.453974][T14963] copy_net_ns+0x46f/0x7c0
[ 581.454009][T14963] create_new_namespaces+0x3ea/0xac0
[ 581.454052][T14963] unshare_nsproxy_namespaces+0xc3/0x1f0
[ 581.454097][T14963] ksys_unshare+0x473/0xad0
[ 581.454139][T14963] ? __pfx_ksys_unshare+0x10/0x10
[ 581.454201][T14963] __x64_sys_unshare+0x31/0x40
[ 581.454246][T14963] do_syscall_64+0x106/0xf80
[ 581.454298][T14963] ? clear_bhb_loop+0x40/0x90
[ 581.454345][T14963] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 581.454377][T14963] RIP: 0033:0x7fb41a59c799
[ 581.454402][T14963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 581.454433][T14963] RSP: 002b:00007fb41b4bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 581.454462][T14963] RAX: ffffffffffffffda RBX: 00007fb41a815fa0 RCX: 00007fb41a59c799
[ 581.454482][T14963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 581.454500][T14963] RBP: 00007fb41a632c99 R08: 0000000000000000 R09: 0000000000000000
[ 581.454518][T14963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 581.454536][T14963] R13: 00007fb41a816038 R14: 00007fb41a815fa0 R15: 00007ffcfc54d4d8
[ 581.454577][T14963]
[ 582.164662][T14990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2354'.
[ 582.388326][ T9077] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 582.411349][T14957] chnl_net:caif_netlink_parms(): no params data found
[ 582.488603][ T9077] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 582.623499][ T9077] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 582.677841][ T9693] Bluetooth: hci0: command tx timeout
[ 582.705829][T14957] bridge0: port 1(bridge_slave_0) entered blocking state
[ 582.714676][T14957] bridge0: port 1(bridge_slave_0) entered disabled state
[ 582.725343][T14957] bridge_slave_0: entered allmulticast mode
[ 582.733583][T14957] bridge_slave_0: entered promiscuous mode
[ 582.744756][T14957] bridge0: port 2(bridge_slave_1) entered blocking state
[ 582.752175][T14957] bridge0: port 2(bridge_slave_1) entered disabled state
[ 582.760198][T14957] bridge_slave_1: entered allmulticast mode
[ 582.771354][T14957] bridge_slave_1: entered promiscuous mode
[ 582.832047][ T9077] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 582.981834][T14957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 582.998378][T14957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 583.303511][T14957] team0: Port device team_slave_0 added
[ 583.359209][T14957] team0: Port device team_slave_1 added
[ 583.437713][ T9077] team0: left allmulticast mode
[ 583.442694][ T9077] team_slave_0: left allmulticast mode
[ 583.449778][ T9077] team_slave_1: left allmulticast mode
[ 583.455593][ T9077] team0: left promiscuous mode
[ 583.460571][ T9077] team_slave_0: left promiscuous mode
[ 583.466479][ T9077] team_slave_1: left promiscuous mode
[ 583.472552][ T9077] bridge0: port 2(team0) entered disabled state
[ 583.531069][ T9077] bridge_slave_0: left allmulticast mode
[ 583.556133][ T9077] bridge_slave_0: left promiscuous mode
[ 583.562128][ T9077] bridge0: port 1(bridge_slave_0) entered disabled state
���Ijn9_U�VQ[ 584.060282][T14957] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 584.114940][T14957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 584.194225][T14957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 584.238929][T14957] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 584.255418][T14957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 584.312867][T14957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 584.538553][T14957] hsr_slave_0: entered promiscuous mode
[ 584.560149][T14957] hsr_slave_1: entered promiscuous mode
[ 584.763908][ T9693] Bluetooth: hci0: command tx timeout
[ 585.747092][ T9077] hsr_slave_0: left promiscuous mode
[ 585.767586][ T9077] hsr_slave_1: left promiscuous mode
[ 585.785257][ T9077] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 585.794828][ T9077] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 585.807648][ T9077] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 585.825311][ T9077] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 585.856681][ T9077] veth1_macvtap: left promiscuous mode
[ 585.862420][ T9077] veth0_macvtap: left promiscuous mode
[ 585.868786][ T9077] veth1_vlan: left promiscuous mode
[ 585.874206][ T9077] veth0_vlan: left promiscuous mode
[ 586.472123][ T9077] team0 (unregistering): Port device team_slave_1 removed
[ 586.505431][ T9077] team0 (unregistering): Port device team_slave_0 removed
[ 586.842962][ T9693] Bluetooth: hci0: command tx timeout
[ 587.539876][T14957] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 587.578587][T14957] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 587.640584][T14957] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 587.676198][T14957] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 588.122579][T14957] 8021q: adding VLAN 0 to HW filter on device bond0
[ 588.144025][T14957] 8021q: adding VLAN 0 to HW filter on device team0
[ 588.209765][ T9077] bridge0: port 1(bridge_slave_0) entered blocking state
[ 588.217007][ T9077] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 588.297712][ T9077] bridge0: port 2(bridge_slave_1) entered blocking state
[ 588.304890][ T9077] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 588.891799][ T9693] Bluetooth: hci0: command tx timeout
[ 589.089905][T14957] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 589.218276][T14957] veth0_vlan: entered promiscuous mode
[ 589.248431][T14957] veth1_vlan: entered promiscuous mode
[ 589.341295][T14957] veth0_macvtap: entered promiscuous mode
[ 589.359532][T15122] FAULT_INJECTION: forcing a failure.
[ 589.359532][T15122] name failslab, interval 1, probability 0, space 0, times 0
[ 589.390947][T14957] veth1_macvtap: entered promiscuous mode
[ 589.429439][T15122] CPU: 1 UID: 0 PID: 15122 Comm: syz.0.2374 Tainted: G L syzkaller #0 PREEMPT(full)
[ 589.429499][T15122] Tainted: [L]=SOFTLOCKUP
[ 589.429513][T15122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 589.429535][T15122] Call Trace:
[ 589.429547][T15122]
[ 589.429560][T15122] dump_stack_lvl+0x100/0x190
[ 589.429622][T15122] should_fail_ex.cold+0x5/0xa
[ 589.429666][T15122] should_failslab+0xc2/0x120
[ 589.429707][T15122] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 589.429763][T15122] ? __d_alloc+0x34/0xa80
[ 589.429803][T15122] ? lockdep_init_map_type+0x5c/0x250
[ 589.429859][T15122] __d_alloc+0x34/0xa80
[ 589.429904][T15122] d_alloc_pseudo+0x1c/0xc0
[ 589.429958][T15122] alloc_file_pseudo+0xcf/0x230
[ 589.430008][T15122] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 589.430057][T15122] ? alloc_fd+0x476/0x790
[ 589.430101][T15122] sock_alloc_file+0x50/0x210
[ 589.430172][T15122] __sys_socket+0x1c0/0x260
[ 589.430231][T15122] ? __pfx___sys_socket+0x10/0x10
[ 589.430286][T15122] __x64_sys_socket+0x72/0xb0
[ 589.430326][T15122] ? lockdep_hardirqs_on+0x78/0x100
[ 589.430409][T15122] do_syscall_64+0x106/0xf80
[ 589.430464][T15122] ? clear_bhb_loop+0x40/0x90
[ 589.430506][T15122] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 589.430544][T15122] RIP: 0033:0x7f665639c799
[ 589.430573][T15122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 589.430609][T15122] RSP: 002b:00007f66571a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 589.430644][T15122] RAX: ffffffffffffffda RBX: 00007f6656615fa0 RCX: 00007f665639c799
[ 589.430668][T15122] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 589.430689][T15122] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 589.430710][T15122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 589.430730][T15122] R13: 00007f6656616038 R14: 00007f6656615fa0 R15: 00007ffdb59a53f8
[ 589.430775][T15122]
[ 589.434015][T14957] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 589.758836][T14957] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 589.792415][ T8510] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 589.818180][ T8510] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 589.882712][ T8510] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 589.915127][ T8510] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 590.090770][ T8526] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 590.101525][ T8526] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 590.215315][ T8510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 590.244706][ T8510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 593.344124][T15220] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 593.591631][ T9693] Bluetooth: hci3: Malformed LE Event: 0x0b
[ 595.600304][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[ 595.784503][T15257] FAULT_INJECTION: forcing a failure.
[ 595.784503][T15257] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 595.798105][T15257] CPU: 0 UID: 0 PID: 15257 Comm: syz.2.2398 Tainted: G L syzkaller #0 PREEMPT(full)
[ 595.798155][T15257] Tainted: [L]=SOFTLOCKUP
[ 595.798166][T15257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 595.798185][T15257] Call Trace:
[ 595.798196][T15257]
[ 595.798208][T15257] dump_stack_lvl+0x100/0x190
[ 595.798262][T15257] should_fail_ex.cold+0x5/0xa
[ 595.798302][T15257] _copy_from_user+0x2e/0xd0
[ 595.798346][T15257] snd_seq_oss_write+0x395/0x7f0
[ 595.798489][T15257] ? __pfx_snd_seq_oss_write+0x10/0x10
[ 595.798541][T15257] ? apparmor_file_permission+0x13f/0x1c0
[ 595.798583][T15257] ? bpf_lsm_file_permission+0x9/0x10
[ 595.798622][T15257] odev_write+0x51/0xa0
[ 595.798656][T15257] vfs_write+0x2aa/0x1070
[ 595.798688][T15257] ? __pfx_odev_write+0x10/0x10
[ 595.798724][T15257] ? __pfx_vfs_write+0x10/0x10
[ 595.798778][T15257] ? find_held_lock+0x2b/0x80
[ 595.798818][T15257] ? __fget_files+0x215/0x3d0
[ 595.798849][T15257] ? __fget_files+0x215/0x3d0
[ 595.798885][T15257] ? __fget_files+0x21f/0x3d0
[ 595.798929][T15257] ksys_write+0x12a/0x250
[ 595.798961][T15257] ? __pfx_ksys_write+0x10/0x10
[ 595.799006][T15257] do_syscall_64+0x106/0xf80
[ 595.799058][T15257] ? clear_bhb_loop+0x40/0x90
[ 595.799100][T15257] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 595.799139][T15257] RIP: 0033:0x7f6547b9c799
[ 595.799166][T15257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 595.799199][T15257] RSP: 002b:00007f6548a0b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 595.799229][T15257] RAX: ffffffffffffffda RBX: 00007f6547e15fa0 RCX: 00007f6547b9c799
[ 595.799251][T15257] RDX: 000000000000fe04 RSI: 0000200000000040 RDI: 0000000000000003
[ 595.799272][T15257] RBP: 00007f6548a0b090 R08: 0000000000000000 R09: 0000000000000000
[ 595.799292][T15257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 595.799312][T15257] R13: 00007f6547e16038 R14: 00007f6547e15fa0 R15: 00007ffc9e0f3b88
[ 595.799355][T15257]
[ 597.029242][T15272] FAULT_INJECTION: forcing a failure.
[ 597.029242][T15272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 597.049328][T15272] CPU: 0 UID: 0 PID: 15272 Comm: syz.0.2401 Tainted: G L syzkaller #0 PREEMPT(full)
[ 597.049381][T15272] Tainted: [L]=SOFTLOCKUP
[ 597.049393][T15272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 597.049412][T15272] Call Trace:
[ 597.049423][T15272]
[ 597.049436][T15272] dump_stack_lvl+0x100/0x190
[ 597.049493][T15272] should_fail_ex.cold+0x5/0xa
[ 597.049535][T15272] _copy_from_user+0x2e/0xd0
[ 597.049578][T15272] copy_msghdr_from_user+0x9f/0x4f0
[ 597.049622][T15272] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 597.049684][T15272] ___sys_sendmsg+0x106/0x1e0
[ 597.049728][T15272] ? __pfx____sys_sendmsg+0x10/0x10
[ 597.049820][T15272] __sys_sendmsg+0x170/0x220
[ 597.049873][T15272] ? __pfx___sys_sendmsg+0x10/0x10
[ 597.049952][T15272] do_syscall_64+0x106/0xf80
[ 597.050003][T15272] ? clear_bhb_loop+0x40/0x90
[ 597.050046][T15272] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 597.050081][T15272] RIP: 0033:0x7f665639c799
[ 597.050109][T15272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 597.050142][T15272] RSP: 002b:00007f6657181028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 597.050174][T15272] RAX: ffffffffffffffda RBX: 00007f6656616090 RCX: 00007f665639c799
[ 597.050197][T15272] RDX: 0000000004000050 RSI: 0000200000000180 RDI: 000000000000000d
[ 597.050219][T15272] RBP: 00007f6657181090 R08: 0000000000000000 R09: 0000000000000000
[ 597.050240][T15272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 597.050268][T15272] R13: 00007f6656616128 R14: 00007f6656616090 R15: 00007ffdb59a53f8
[ 597.050312][T15272]
[ 599.721595][ T9728] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 599.755419][ T9728] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 599.765497][ T9728] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 599.773753][ T9728] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 599.782844][ T9728] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 600.964811][ T8525] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 601.020401][T15309] chnl_net:caif_netlink_parms(): no params data found
[ 601.051909][T15317] bond0: invalid ARP target specified
[ 601.126241][ T8525] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 601.161660][T15321] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2411'.
[ 601.196490][T15321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 601.232027][T15321] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 601.273867][T15316] FAULT_INJECTION: forcing a failure.
[ 601.273867][T15316] name fail_futex, interval 1, probability 0, space 0, times 0
[ 601.289872][T15321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 601.303801][T15316] CPU: 0 UID: 0 PID: 15316 Comm: syz.1.2411 Tainted: G L syzkaller #0 PREEMPT(full)
[ 601.303859][T15316] Tainted: [L]=SOFTLOCKUP
[ 601.303871][T15316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 601.303890][T15316] Call Trace:
[ 601.303901][T15316]
[ 601.303914][T15316] dump_stack_lvl+0x100/0x190
[ 601.303971][T15316] should_fail_ex.cold+0x5/0xa
[ 601.304006][T15316] ? do_raw_spin_unlock+0x145/0x1e0
[ 601.304062][T15316] get_futex_key+0x1d2/0x1620
[ 601.304110][T15316] ? __pfx_get_futex_key+0x10/0x10
[ 601.304150][T15316] ? fault_dirty_shared_page+0x190/0x690
[ 601.304184][T15316] ? __pfx_ext4_page_mkwrite+0x10/0x10
[ 601.304280][T15316] ? do_fault+0x666/0x1990
[ 601.304324][T15316] futex_wake+0xea/0x530
[ 601.304375][T15316] ? __handle_mm_fault+0x4ec/0x2b60
[ 601.304426][T15316] ? __pfx_futex_wake+0x10/0x10
[ 601.304478][T15316] ? __lock_acquire+0x4a5/0x2630
[ 601.304525][T15316] ? __pfx___handle_mm_fault+0x10/0x10
[ 601.304574][T15316] ? __pfx_css_rstat_updated+0x10/0x10
[ 601.304622][T15316] do_futex+0x32b/0x350
[ 601.304669][T15316] ? __pfx_do_futex+0x10/0x10
[ 601.304712][T15316] ? find_held_lock+0x2b/0x80
[ 601.304745][T15316] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 601.304781][T15316] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 601.304832][T15316] __x64_sys_futex+0x34f/0x4d0
[ 601.304886][T15316] ? __pfx___x64_sys_futex+0x10/0x10
[ 601.304939][T15316] ? do_user_addr_fault+0x8d6/0x12f0
[ 601.304982][T15316] do_syscall_64+0x106/0xf80
[ 601.305035][T15316] ? clear_bhb_loop+0x40/0x90
[ 601.305078][T15316] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 601.305114][T15316] RIP: 0033:0x7fb41a59c799
[ 601.305143][T15316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 601.305177][T15316] RSP: 002b:00007ffcfc54d638 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 601.305209][T15316] RAX: ffffffffffffffda RBX: 00000000000001e0 RCX: 00007fb41a59c799
[ 601.305231][T15316] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb41a816188
[ 601.305253][T15316] RBP: 00000000000000fd R08: 0000000000000000 R09: 0000000000000000
[ 601.305273][T15316] R10: 00007fb41a815fa0 R11: 0000000000000246 R12: 0000000000000002
[ 601.305294][T15316] R13: 00007fb41a81618c R14: 00007fb41a816188 R15: 00007fb41a816180
[ 601.305338][T15316]
[ 601.323711][T15321] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 601.775329][ T8525] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 601.880703][ T9728] Bluetooth: hci2: command tx timeout
[ 602.034083][T15309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 602.071659][T15309] bridge0: port 1(bridge_slave_0) entered disabled state
[ 602.106295][T15309] bridge_slave_0: entered allmulticast mode
[ 602.132000][T15309] bridge_slave_0: entered promiscuous mode
[ 602.243824][ T8525] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 602.304462][T15309] bridge0: port 2(bridge_slave_1) entered blocking state
[ 602.321691][T15309] bridge0: port 2(bridge_slave_1) entered disabled state
[ 602.337313][T15309] bridge_slave_1: entered allmulticast mode
[ 602.358983][T15309] bridge_slave_1: entered promiscuous mode
[ 602.456340][T15309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 602.481980][T15309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 602.578782][T15309] team0: Port device team_slave_0 added
[ 602.596567][T15309] team0: Port device team_slave_1 added
[ 602.697099][T15309] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 602.704122][T15309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 602.767196][T15309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 602.793527][T15309] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 602.816281][T15309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 602.865992][T15309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 603.013204][T15342] FAULT_INJECTION: forcing a failure.
[ 603.013204][T15342] name failslab, interval 1, probability 0, space 0, times 0
[ 603.026203][T15342] CPU: 0 UID: 0 PID: 15342 Comm: syz.3.2418 Tainted: G L syzkaller #0 PREEMPT(full)
[ 603.026258][T15342] Tainted: [L]=SOFTLOCKUP
[ 603.026271][T15342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 603.026292][T15342] Call Trace:
[ 603.026305][T15342]
[ 603.026318][T15342] dump_stack_lvl+0x100/0x190
[ 603.026380][T15342] should_fail_ex.cold+0x5/0xa
[ 603.026421][T15342] should_failslab+0xc2/0x120
[ 603.026461][T15342] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 603.026513][T15342] ? dst_alloc+0x99/0x1a0
[ 603.026567][T15342] dst_alloc+0x99/0x1a0
[ 603.026616][T15342] rt_dst_alloc+0x35/0x3a0
[ 603.026754][T15342] ip_route_output_key_hash_rcu+0x87a/0x2870
[ 603.026841][T15342] ip_route_output_key_hash+0x118/0x2b0
[ 603.026886][T15342] ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 603.026942][T15342] ? find_held_lock+0x2b/0x80
[ 603.026984][T15342] ip_route_output_flow+0x27/0x150
[ 603.027029][T15342] udp_sendmsg+0x1a77/0x2890
[ 603.027117][T15342] ? __pfx_udplite_getfrag+0x10/0x10
[ 603.027166][T15342] ? __pfx_udp_sendmsg+0x10/0x10
[ 603.027220][T15342] ? update_cfs_rq_load_avg+0x51/0x550
[ 603.027291][T15342] ? __lock_acquire+0x4a5/0x2630
[ 603.027356][T15342] ? lock_acquire+0x1cf/0x380
[ 603.027405][T15342] udpv6_sendmsg+0x156c/0x2f60
[ 603.027506][T15342] ? rcu_is_watching+0x12/0xc0
[ 603.027564][T15342] ? aa_label_sk_perm+0x194/0x5f0
[ 603.027622][T15342] ? __pfx_udpv6_sendmsg+0x10/0x10
[ 603.027712][T15342] ? __pfx___might_resched+0x10/0x10
[ 603.027786][T15342] ? __pfx_aa_sk_perm+0x10/0x10
[ 603.027835][T15342] ? __pfx_udpv6_sendmsg+0x10/0x10
[ 603.027885][T15342] ? inet6_sendmsg+0x105/0x140
[ 603.027934][T15342] inet6_sendmsg+0x105/0x140
[ 603.027987][T15342] sock_write_iter+0x439/0x5a0
[ 603.028028][T15342] ? __pfx_sock_write_iter+0x10/0x10
[ 603.028084][T15342] ? bpf_lsm_file_permission+0x9/0x10
[ 603.028117][T15342] ? security_file_permission+0x76/0x210
[ 603.028164][T15342] ? rw_verify_area+0xce/0x6d0
[ 603.028218][T15342] vfs_write+0x6ac/0x1070
[ 603.028254][T15342] ? __pfx_sock_write_iter+0x10/0x10
[ 603.028299][T15342] ? __pfx_vfs_write+0x10/0x10
[ 603.028331][T15342] ? find_held_lock+0x2b/0x80
[ 603.028394][T15342] ksys_write+0x1f8/0x250
[ 603.028429][T15342] ? __pfx_ksys_write+0x10/0x10
[ 603.028483][T15342] do_syscall_64+0x106/0xf80
[ 603.028539][T15342] ? clear_bhb_loop+0x40/0x90
[ 603.028583][T15342] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 603.028619][T15342] RIP: 0033:0x7fdcfe79c799
[ 603.028647][T15342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 603.028682][T15342] RSP: 002b:00007fdcff678028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 603.028725][T15342] RAX: ffffffffffffffda RBX: 00007fdcfea16090 RCX: 00007fdcfe79c799
[ 603.028750][T15342] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[ 603.028772][T15342] RBP: 00007fdcfe832c99 R08: 0000000000000000 R09: 0000000000000000
[ 603.028795][T15342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 603.028817][T15342] R13: 00007fdcfea16128 R14: 00007fdcfea16090 R15: 00007ffdf99298f8
[ 603.028864][T15342]
[ 603.034685][T15309] hsr_slave_0: entered promiscuous mode
[ 603.358523][T15309] hsr_slave_1: entered promiscuous mode
[ 603.359420][T15309] debugfs: 'hsr0' already exists in 'hsr'
[ 603.359450][T15309] Cannot create hsr debugfs directory
[ 603.434724][T15343] input: f� as /devices/virtual/input/input38
[ 603.952831][ T9728] Bluetooth: hci2: command tx timeout
[ 604.445705][T15356] FAULT_INJECTION: forcing a failure.
[ 604.445705][T15356] name failslab, interval 1, probability 0, space 0, times 0
[ 604.508466][T15356] CPU: 1 UID: 0 PID: 15356 Comm: syz.3.2422 Tainted: G L syzkaller #0 PREEMPT(full)
[ 604.508520][T15356] Tainted: [L]=SOFTLOCKUP
[ 604.508532][T15356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 604.508551][T15356] Call Trace:
[ 604.508562][T15356]
[ 604.508585][T15356] dump_stack_lvl+0x100/0x190
[ 604.508646][T15356] should_fail_ex.cold+0x5/0xa
[ 604.508689][T15356] should_failslab+0xc2/0x120
[ 604.508745][T15356] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 604.508802][T15356] ? __d_alloc+0x34/0xa80
[ 604.508840][T15356] ? lockdep_init_map_type+0x5c/0x250
[ 604.508896][T15356] __d_alloc+0x34/0xa80
[ 604.508942][T15356] d_alloc_pseudo+0x1c/0xc0
[ 604.508994][T15356] alloc_file_pseudo+0xcf/0x230
[ 604.509045][T15356] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 604.509092][T15356] ? alloc_fd+0x476/0x790
[ 604.509135][T15356] sock_alloc_file+0x50/0x210
[ 604.509195][T15356] __sys_socket+0x1c0/0x260
[ 604.509244][T15356] ? __pfx___sys_socket+0x10/0x10
[ 604.509299][T15356] __x64_sys_socket+0x72/0xb0
[ 604.509341][T15356] ? lockdep_hardirqs_on+0x78/0x100
[ 604.509395][T15356] do_syscall_64+0x106/0xf80
[ 604.509447][T15356] ? clear_bhb_loop+0x40/0x90
[ 604.509489][T15356] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 604.509527][T15356] RIP: 0033:0x7fdcfe79c799
[ 604.509555][T15356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 604.509599][T15356] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 604.509633][T15356] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 604.509657][T15356] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 604.509680][T15356] RBP: 00007fdcfe832c99 R08: 0000000000000000 R09: 0000000000000000
[ 604.509703][T15356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 604.509725][T15356] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 604.509771][T15356]
[ 606.022871][ T9728] Bluetooth: hci2: command tx timeout
[ 606.127030][T15381] block2mtd: illegal erase size
[ 607.414518][T15396] netlink: 504 bytes leftover after parsing attributes in process `syz.0.2432'.
[ 607.447040][T15396] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2432'.
[ 607.462152][T15400] netlink: zone id is out of range
[ 607.469692][T15400] netlink: zone id is out of range
[ 607.475748][T15400] netlink: zone id is out of range
[ 607.483560][T15400] netlink: zone id is out of range
[ 607.503825][T15400] netlink: set zone limit has 8 unknown bytes
[ 608.081686][ T9728] Bluetooth: hci2: command tx timeout
[ 608.197848][T15425] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2437'.
[ 608.209179][T15425] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2437'.
[ 608.302719][T15426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2437'.
[ 608.509137][T15423] futex_wake_op: syz.0.2438 tries to shift op by -2048; fix this program
[ 608.528796][T15423] futex_wake_op: syz.0.2438 tries to shift op by -2048; fix this program
[ 608.601039][T15423] 0x000000000001-0x000000020000 : ""
[ 608.667916][T15423] ftl_cs: FTL header corrupt!
[ 610.120939][T15461] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2443'.
[ 610.139295][T15461] i: entered promiscuous mode
[ 610.467449][T15468] NFSD: Failed to start, no listeners configured.
[ 610.862592][T15469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2445'.
[ 611.674852][T15481] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2447'.
[ 611.689419][T15474] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2446'.
[ 611.724323][T15474] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2446'.
[ 612.048761][T15483] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[ 612.483751][T15486] zswap: compressor not available
[ 612.649778][T15500] __nla_validate_parse: 3 callbacks suppressed
[ 612.649804][T15500] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 612.706237][T15500] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 612.730035][T15500] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 612.781980][T15500] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 612.801477][T15503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 612.811821][T15500] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2450'.
[ 613.005633][T15504] smpboot: CPU 1 is now offline
[ 613.561416][T15510] zswap: compressor not available
[ 613.571315][T15510] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2453'.
[ 613.584741][T15505] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 613.597672][T15505] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 613.614835][T15505] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 613.636041][T15505] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 613.656897][T15505] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 613.673328][T15505] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 613.693195][T15505] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 613.706203][T15505] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 613.723620][T15505] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 613.735534][T15505] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 615.168238][ T9728] Bluetooth: hci1: command 0x0406 tx timeout
[ 615.646551][ T9728] Bluetooth: hci0: command 0x0c1a tx timeout
[ 615.652647][ T9728] Bluetooth: hci4: command 0x0c1a tx timeout
[ 615.725732][ T9728] Bluetooth: hci2: command 0x0c1a tx timeout
[ 616.117558][T15531] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2457'.
[ 616.555763][T15536] zswap: compressor not available
[ 616.641959][ T9693] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 616.650496][ T9693] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 616.658851][ T9693] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 616.667651][ T9693] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 616.675305][ T9693] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 617.151889][T15541] chnl_net:caif_netlink_parms(): no params data found
[ 617.397003][T15541] bridge0: port 1(bridge_slave_0) entered blocking state
[ 617.423503][T15541] bridge0: port 1(bridge_slave_0) entered disabled state
[ 617.449764][T15541] bridge_slave_0: entered allmulticast mode
[ 617.477805][T15541] bridge_slave_0: entered promiscuous mode
[ 617.499245][T15541] bridge0: port 2(bridge_slave_1) entered blocking state
[ 617.522318][T15541] bridge0: port 2(bridge_slave_1) entered disabled state
[ 617.547790][T15541] bridge_slave_1: entered allmulticast mode
[ 617.575357][T15541] bridge_slave_1: entered promiscuous mode
[ 617.688620][T15541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 617.716318][ T9693] Bluetooth: hci4: command 0x0c1a tx timeout
[ 617.722370][ T9693] Bluetooth: hci0: command 0x0c1a tx timeout
[ 617.738948][T15541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 617.796031][ T9693] Bluetooth: hci2: command 0x0c1a tx timeout
[ 617.867076][T15541] team0: Port device team_slave_0 added
[ 617.874771][T15541] team0: Port device team_slave_1 added
[ 617.972111][T15541] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 617.994641][T15541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 618.083998][T15541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 618.126560][T15541] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 618.133537][T15541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 618.280613][T15541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 618.474073][T15541] hsr_slave_0: entered promiscuous mode
[ 618.500709][T15541] hsr_slave_1: entered promiscuous mode
[ 618.525459][T15541] debugfs: 'hsr0' already exists in 'hsr'
[ 618.550590][T15541] Cannot create hsr debugfs directory
[ 618.751531][ T9693] Bluetooth: hci3: command tx timeout
[ 619.007994][ T9693] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 619.790462][ T9693] Bluetooth: hci0: command 0x0c1a tx timeout
[ 619.796676][ T9728] Bluetooth: hci4: command 0x0c1a tx timeout
[ 619.866237][ T9693] Bluetooth: hci2: command 0x0c1a tx timeout
[ 620.821997][ T9693] Bluetooth: hci3: command tx timeout
[ 621.057408][ T9693] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 621.658738][T15595] FAULT_INJECTION: forcing a failure.
[ 621.658738][T15595] name failslab, interval 1, probability 0, space 0, times 0
[ 621.683688][T15595] CPU: 0 UID: 0 PID: 15595 Comm: syz.3.2473 Tainted: G L syzkaller #0 PREEMPT(full)
[ 621.683720][T15595] Tainted: [L]=SOFTLOCKUP
[ 621.683728][T15595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 621.683740][T15595] Call Trace:
[ 621.683748][T15595]
[ 621.683756][T15595] dump_stack_lvl+0x100/0x190
[ 621.683794][T15595] should_fail_ex.cold+0x5/0xa
[ 621.683818][T15595] ? kernfs_fop_write_iter+0x26a/0x5f0
[ 621.683840][T15595] should_failslab+0xc2/0x120
[ 621.683863][T15595] __kmalloc_noprof+0xe0/0x850
[ 621.683900][T15595] kernfs_fop_write_iter+0x26a/0x5f0
[ 621.683925][T15595] vfs_write+0x6ac/0x1070
[ 621.683946][T15595] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 621.683972][T15595] ? __pfx_vfs_write+0x10/0x10
[ 621.684028][T15595] ksys_write+0x12a/0x250
[ 621.684048][T15595] ? __pfx_ksys_write+0x10/0x10
[ 621.684077][T15595] do_syscall_64+0x106/0xf80
[ 621.684110][T15595] ? clear_bhb_loop+0x40/0x90
[ 621.684137][T15595] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 621.684160][T15595] RIP: 0033:0x7fdcfe79c799
[ 621.684177][T15595] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 621.684199][T15595] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 621.684220][T15595] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 621.684235][T15595] RDX: 0000020000000005 RSI: 0000200000000040 RDI: 0000000000000003
[ 621.684249][T15595] RBP: 00007fdcff699090 R08: 0000000000000000 R09: 0000000000000000
[ 621.684263][T15595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 621.684275][T15595] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 621.684303][T15595]
[ 621.949316][T15597] FAULT_INJECTION: forcing a failure.
[ 621.949316][T15597] name failslab, interval 1, probability 0, space 0, times 0
[ 621.962292][T15597] CPU: 0 UID: 0 PID: 15597 Comm: syz.3.2474 Tainted: G L syzkaller #0 PREEMPT(full)
[ 621.962330][T15597] Tainted: [L]=SOFTLOCKUP
[ 621.962340][T15597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 621.962354][T15597] Call Trace:
[ 621.962364][T15597]
[ 621.962373][T15597] dump_stack_lvl+0x100/0x190
[ 621.962416][T15597] should_fail_ex.cold+0x5/0xa
[ 621.962446][T15597] ? trace_parser_get_init+0x30/0xc0
[ 621.962473][T15597] should_failslab+0xc2/0x120
[ 621.962500][T15597] __kmalloc_noprof+0xe0/0x850
[ 621.962544][T15597] trace_parser_get_init+0x30/0xc0
[ 621.962573][T15597] trace_pid_write+0xf3/0x460
[ 621.962614][T15597] ? __pfx_trace_pid_write+0x10/0x10
[ 621.962678][T15597] event_pid_write.isra.0+0x1e4/0x800
[ 621.962705][T15597] ? __pfx_event_pid_write.isra.0+0x10/0x10
[ 621.962739][T15597] vfs_write+0x2aa/0x1070
[ 621.962765][T15597] ? __pfx_ftrace_event_npid_write+0x10/0x10
[ 621.962793][T15597] ? __pfx_vfs_write+0x10/0x10
[ 621.962827][T15597] ? __fget_files+0x215/0x3d0
[ 621.962856][T15597] ? __fget_files+0x21f/0x3d0
[ 621.962885][T15597] ksys_write+0x12a/0x250
[ 621.962908][T15597] ? __pfx_ksys_write+0x10/0x10
[ 621.962938][T15597] do_syscall_64+0x106/0xf80
[ 621.962973][T15597] ? clear_bhb_loop+0x40/0x90
[ 621.963001][T15597] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 621.963025][T15597] RIP: 0033:0x7fdcfe79c799
[ 621.963044][T15597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 621.963067][T15597] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 621.963089][T15597] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 621.963105][T15597] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[ 621.963120][T15597] RBP: 00007fdcfe832c99 R08: 0000000000000000 R09: 0000000000000000
[ 621.963134][T15597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 621.963149][T15597] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 621.963178][T15597]
[ 622.629742][T15601] NFSD: Failed to start, no listeners configured.
[ 622.852957][T15606] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40
[ 622.892095][ T9693] Bluetooth: hci3: command tx timeout
[ 622.977306][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 622.983729][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 623.615191][ T9693] Bluetooth: hci0: Malformed LE Event: 0x0b
[ 624.012135][T15619] FAULT_INJECTION: forcing a failure.
[ 624.012135][T15619] name failslab, interval 1, probability 0, space 0, times 0
[ 624.040465][T15619] CPU: 0 UID: 0 PID: 15619 Comm: syz.3.2479 Tainted: G L syzkaller #0 PREEMPT(full)
[ 624.040501][T15619] Tainted: [L]=SOFTLOCKUP
[ 624.040514][T15619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 624.040529][T15619] Call Trace:
[ 624.040537][T15619]
[ 624.040546][T15619] dump_stack_lvl+0x100/0x190
[ 624.040587][T15619] should_fail_ex.cold+0x5/0xa
[ 624.040615][T15619] should_failslab+0xc2/0x120
[ 624.040641][T15619] kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 624.040678][T15619] ? sock_alloc_inode+0x25/0x1c0
[ 624.040706][T15619] ? __pfx_sock_alloc_inode+0x10/0x10
[ 624.040731][T15619] sock_alloc_inode+0x25/0x1c0
[ 624.040754][T15619] alloc_inode+0x68/0x250
[ 624.040786][T15619] sock_alloc+0x44/0x280
[ 624.040805][T15619] ? security_socket_create+0x7f/0x250
[ 624.040847][T15619] __sock_create+0xc2/0x860
[ 624.040878][T15619] __sys_socket+0x14d/0x260
[ 624.040906][T15619] ? __pfx___sys_socket+0x10/0x10
[ 624.040941][T15619] __x64_sys_socket+0x72/0xb0
[ 624.040968][T15619] ? lockdep_hardirqs_on+0x78/0x100
[ 624.041005][T15619] do_syscall_64+0x106/0xf80
[ 624.041039][T15619] ? clear_bhb_loop+0x40/0x90
[ 624.041067][T15619] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 624.041091][T15619] RIP: 0033:0x7fdcfe79c799
[ 624.041109][T15619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 624.041131][T15619] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 624.041153][T15619] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 624.041168][T15619] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 624.041182][T15619] RBP: 00007fdcfe832c99 R08: 0000000000000000 R09: 0000000000000000
[ 624.041196][T15619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 624.041210][T15619] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 624.041239][T15619]
[ 624.041278][T15619] socket: no more sockets
[ 624.435176][T15624] netlink: 116 bytes leftover after parsing attributes in process `syz.0.2481'.
[ 624.962488][ T9693] Bluetooth: hci3: command tx timeout
[ 624.985136][T15630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2483'.
[ 625.612078][T15638] nvme_fcloop: unknown parameter or missing value '7'
[ 625.792304][T15640] FAULT_INJECTION: forcing a failure.
[ 625.792304][T15640] name failslab, interval 1, probability 0, space 0, times 0
[ 625.824271][T15640] CPU: 0 UID: 0 PID: 15640 Comm: syz.3.2486 Tainted: G L syzkaller #0 PREEMPT(full)
[ 625.824311][T15640] Tainted: [L]=SOFTLOCKUP
[ 625.824319][T15640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 625.824333][T15640] Call Trace:
[ 625.824340][T15640]
[ 625.824349][T15640] dump_stack_lvl+0x100/0x190
[ 625.824388][T15640] should_fail_ex.cold+0x5/0xa
[ 625.824414][T15640] should_failslab+0xc2/0x120
[ 625.824439][T15640] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 625.824474][T15640] ? mas_alloc_nodes+0x280/0x390
[ 625.824508][T15640] mas_alloc_nodes+0x280/0x390
[ 625.824540][T15640] mas_preallocate+0x39c/0xf10
[ 625.824574][T15640] ? __memcg_slab_post_alloc_hook+0x460/0x990
[ 625.824606][T15640] ? __pfx_mas_preallocate+0x10/0x10
[ 625.824649][T15640] ? anon_vma_name+0x5a/0x250
[ 625.824680][T15640] __split_vma+0x33d/0xd90
[ 625.824714][T15640] ? __pfx___split_vma+0x10/0x10
[ 625.824751][T15640] ? __pfx_mas_prev+0x10/0x10
[ 625.824777][T15640] vms_gather_munmap_vmas+0x39f/0x1500
[ 625.824808][T15640] ? find_held_lock+0x2b/0x80
[ 625.824835][T15640] ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 625.824867][T15640] ? move_page_tables+0xe1d/0x4500
[ 625.824913][T15640] do_vmi_align_munmap+0x287/0x5f0
[ 625.824949][T15640] ? __pfx_do_vmi_align_munmap+0x10/0x10
[ 625.825017][T15640] do_vmi_munmap+0x1f8/0x3e0
[ 625.825053][T15640] move_vma+0xd99/0x1890
[ 625.825089][T15640] ? __pfx_move_vma+0x10/0x10
[ 625.825124][T15640] ? mm_get_unmapped_area_vmflags+0xd7/0x130
[ 625.825177][T15640] ? vrm_set_new_addr+0x204/0x290
[ 625.825214][T15640] mremap_to+0x1b7/0x450
[ 625.825249][T15640] do_mremap+0xb76/0x2130
[ 625.825300][T15640] ? __pfx_do_mremap+0x10/0x10
[ 625.825342][T15640] ? __sanitizer_cov_trace_switch+0x54/0x90
[ 625.825374][T15640] __do_sys_mremap+0x126/0x170
[ 625.825411][T15640] ? __pfx___do_sys_mremap+0x10/0x10
[ 625.825453][T15640] ? __x64_sys_futex+0x34f/0x4d0
[ 625.825501][T15640] do_syscall_64+0x106/0xf80
[ 625.825536][T15640] ? clear_bhb_loop+0x40/0x90
[ 625.825564][T15640] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 625.825606][T15640] RIP: 0033:0x7fdcfe79c799
[ 625.825627][T15640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 625.825652][T15640] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[ 625.825677][T15640] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 625.825694][T15640] RDX: 0000000000000037 RSI: 0000000000000008 RDI: 0000200000001000
[ 625.825711][T15640] RBP: 00007fdcfe832c99 R08: 000000110c230000 R09: 0000000000000000
[ 625.825728][T15640] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[ 625.825743][T15640] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 625.825776][T15640]
[ 627.338969][T15658] nfs: Unknown parameter 'nl802154'
[ 627.978863][T15668] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2493'.
[ 628.071808][T15669] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2493'.
[ 628.158314][T15668] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2493'.
[ 628.844423][T15677] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2494'.
[ 628.941694][T15678] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2494'.
[ 629.025574][T15677] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2494'.
[ 630.547064][T15696] nvme_fcloop: unknown parameter or missing value '7'
[ 631.213771][T15703] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 631.234121][T15703] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 631.246720][T15703] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 631.263089][T15703] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 631.272582][T15703] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 631.284699][T15703] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 631.304820][T15703] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 632.616176][ T9693] Bluetooth: hci1: command 0x0406 tx timeout
[ 633.193203][ T9693] Bluetooth: hci0: Unexpected cc 0x7c89 with no status
[ 633.243469][ T9693] Bluetooth: hci0: command 0x0c1a tx timeout
[ 633.249650][ T9728] Bluetooth: hci4: command 0x0c1a tx timeout
[ 633.323363][ T9693] Bluetooth: hci3: command 0x0c1a tx timeout
[ 633.330152][ T9728] Bluetooth: hci2: command 0x0c1a tx timeout
[ 634.272650][ T29] audit: type=1800 audit(1774318996.395:10): pid=15751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2512" name="members" dev="configfs" ino=65350 res=0 errno=0
[ 634.641588][T15756] nfsd: Unknown parameter '*'
[ 634.967096][T15760] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2514'.
[ 635.393326][T15731] Bluetooth: hci3: command 0x0c1a tx timeout
[ 636.014376][T15769] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2516'.
[ 636.082114][T15770] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2516'.
[ 636.135303][T15769] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2516'.
[ 637.245380][T15781] FAULT_INJECTION: forcing a failure.
[ 637.245380][T15781] name failslab, interval 1, probability 0, space 0, times 0
[ 637.245432][T15781] CPU: 0 UID: 0 PID: 15781 Comm: syz.3.2519 Tainted: G L syzkaller #0 PREEMPT(full)
[ 637.245465][T15781] Tainted: [L]=SOFTLOCKUP
[ 637.245473][T15781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 637.245487][T15781] Call Trace:
[ 637.245495][T15781]
[ 637.245503][T15781] dump_stack_lvl+0x100/0x190
[ 637.245543][T15781] should_fail_ex.cold+0x5/0xa
[ 637.245591][T15781] should_failslab+0xc2/0x120
[ 637.245620][T15781] __kmalloc_cache_noprof+0x7a/0x6f0
[ 637.245655][T15781] ? device_add+0xd3a/0x1950
[ 637.245694][T15781] device_add+0xd3a/0x1950
[ 637.245727][T15781] ? kfree_const+0x5a/0x70
[ 637.245750][T15781] ? __pfx_device_add+0x10/0x10
[ 637.245780][T15781] ? kfree_const+0x5a/0x70
[ 637.245801][T15781] ? kfree+0x2ec/0x6b0
[ 637.245845][T15781] device_create_groups_vargs+0x1f8/0x270
[ 637.245883][T15781] device_create+0xed/0x130
[ 637.245917][T15781] ? __pfx_device_create+0x10/0x10
[ 637.245952][T15781] ? is_console_locked+0x9/0x20
[ 637.245983][T15781] ? con_is_visible+0x65/0x150
[ 637.246097][T15781] ? csi_J+0x57e/0xad0
[ 637.246137][T15781] vcs_make_sysfs+0x32/0x80
[ 637.246189][T15781] vc_allocate+0x539/0x880
[ 637.246227][T15781] ? __pfx_vc_allocate+0x10/0x10
[ 637.246274][T15781] con_install+0xa1/0x620
[ 637.246321][T15781] ? __pfx_con_install+0x10/0x10
[ 637.246364][T15781] ? __pfx_con_install+0x10/0x10
[ 637.246403][T15781] tty_init_dev.part.0+0x9e/0x470
[ 637.246449][T15781] tty_open+0xa63/0xfa0
[ 637.246477][T15781] ? __pfx_tty_open+0x10/0x10
[ 637.246498][T15781] ? chrdev_open+0x589/0x6a0
[ 637.246525][T15781] ? chrdev_open+0x589/0x6a0
[ 637.246556][T15781] ? __pfx_tty_open+0x10/0x10
[ 637.246579][T15781] chrdev_open+0x234/0x6a0
[ 637.246607][T15781] ? __pfx_chrdev_open+0x10/0x10
[ 637.246636][T15781] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 637.246672][T15781] do_dentry_open+0x6d8/0x1660
[ 637.246697][T15781] ? __pfx_chrdev_open+0x10/0x10
[ 637.246732][T15781] vfs_open+0x82/0x3f0
[ 637.246781][T15781] path_openat+0x208c/0x31a0
[ 637.246814][T15781] ? __pfx_path_openat+0x10/0x10
[ 637.246849][T15781] do_file_open+0x20e/0x430
[ 637.246877][T15781] ? __pfx_do_file_open+0x10/0x10
[ 637.246922][T15781] ? alloc_fd+0x476/0x790
[ 637.246948][T15781] ? do_getname+0x191/0x390
[ 637.246981][T15781] do_sys_openat2+0x10d/0x1e0
[ 637.247013][T15781] ? __pfx_do_sys_openat2+0x10/0x10
[ 637.247047][T15781] ? __fget_files+0x21f/0x3d0
[ 637.247075][T15781] __x64_sys_openat+0x12d/0x210
[ 637.247108][T15781] ? __pfx___x64_sys_openat+0x10/0x10
[ 637.247151][T15781] do_syscall_64+0x106/0xf80
[ 637.247187][T15781] ? clear_bhb_loop+0x40/0x90
[ 637.247217][T15781] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 637.247241][T15781] RIP: 0033:0x7fdcfe79c799
[ 637.247259][T15781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 637.247282][T15781] RSP: 002b:00007fdcff699028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 637.247310][T15781] RAX: ffffffffffffffda RBX: 00007fdcfea15fa0 RCX: 00007fdcfe79c799
[ 637.247326][T15781] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 637.247346][T15781] RBP: 00007fdcfe832c99 R08: 0000000000000000 R09: 0000000000000000
[ 637.247360][T15781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 637.247374][T15781] R13: 00007fdcfea16038 R14: 00007fdcfea15fa0 R15: 00007ffdf99298f8
[ 637.247422][T15781]
[ 637.410049][T15783] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2518'.
[ 637.416452][T15783] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2518'.
[ 637.426824][T15783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2518'.
[ 637.463546][T15731] Bluetooth: hci3: command 0x0c1a tx timeout
[ 641.162719][T15810] FAULT_INJECTION: forcing a failure.
[ 641.162719][T15810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 641.195902][T15810] CPU: 0 UID: 0 PID: 15810 Comm: syz.3.2525 Tainted: G L syzkaller #0 PREEMPT(full)
[ 641.195940][T15810] Tainted: [L]=SOFTLOCKUP
[ 641.195949][T15810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 641.195964][T15810] Call Trace:
[ 641.195972][T15810]
[ 641.195982][T15810] dump_stack_lvl+0x100/0x190
[ 641.196024][T15810] should_fail_ex.cold+0x5/0xa
[ 641.196053][T15810] _copy_to_user+0x32/0xd0
[ 641.196092][T15810] pagemap_read+0x51b/0x830
[ 641.196162][T15810] ? __pfx_pagemap_read+0x10/0x10
[ 641.196198][T15810] ? iov_iter_advance+0xac/0x6d0
[ 641.196224][T15810] ? rw_verify_area+0xce/0x6d0
[ 641.196262][T15810] ? __pfx_pagemap_read+0x10/0x10
[ 641.196292][T15810] vfs_readv+0x5d8/0x8d0
[ 641.196327][T15810] ? rcu_is_watching+0x12/0xc0
[ 641.196373][T15810] ? __pfx_vfs_readv+0x10/0x10
[ 641.196408][T15810] ? fdget_pos+0x2aa/0x380
[ 641.196435][T15810] ? find_held_lock+0x2b/0x80
[ 641.196476][T15810] ? __fget_files+0x21f/0x3d0
[ 641.196506][T15810] ? do_readv+0x13e/0x340
[ 641.196541][T15810] do_readv+0x13e/0x340
[ 641.196579][T15810] ? __pfx_do_readv+0x10/0x10
[ 641.196623][T15810] do_syscall_64+0x106/0xf80
[ 641.196660][T15810] ? clear_bhb_loop+0x40/0x90
[ 641.196690][T15810] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 641.196715][T15810] RIP: 0033:0x7fdcfe79c799
[ 641.196734][T15810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 641.196769][T15810] RSP: 002b:00007fdcff678028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 641.196789][T15810] RAX: ffffffffffffffda RBX: 00007fdcfea16090 RCX: 00007fdcfe79c799
[ 641.196803][T15810] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003
[ 641.196816][T15810] RBP: 00007fdcff678090 R08: 0000000000000000 R09: 0000000000000000
[ 641.196829][T15810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 641.196842][T15810] R13: 00007fdcfea16128 R14: 00007fdcfea16090 R15: 00007ffdf99298f8
[ 641.196870][T15810]
[ 642.029512][T15813] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2526'.
[ 642.049672][T15813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 642.076699][T15813] bridge_slave_1 (unregistering): left allmulticast mode
[ 642.092437][T15813] bridge_slave_1 (unregistering): left promiscuous mode
[ 642.119866][T15813] bridge0: port 2(bridge_slave_1) entered disabled state
[ 648.350722][T15820] random: crng reseeded on system resumption
[ 648.906548][T15827] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2528'.
[ 649.228938][T15831] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2529'.
[ 650.309659][T15692] syz.0.2498 (15692) used greatest stack depth: 18800 bytes left
[ 652.590437][T15851] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2533'.
[ 652.635147][T15851] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2533'.
[ 652.722795][T15849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2533'.
[ 653.343186][T15853] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [58]
[ 655.673079][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 656.588177][T15889] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2544'.
[ 656.630215][T15889] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2544'.
[ 656.718406][T15887] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2544'.
[ 657.463768][ T8545] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 657.473634][ T8545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 657.486966][ T8545] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 657.498552][ T8545] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 657.506793][ T8545] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 657.663689][T15892] zswap: compressor not available
[ 657.892107][T15894] chnl_net:caif_netlink_parms(): no params data found
[ 658.048926][T15894] bridge0: port 1(bridge_slave_0) entered blocking state
[ 658.068597][T15894] bridge0: port 1(bridge_slave_0) entered disabled state
[ 658.087106][T15894] bridge_slave_0: entered allmulticast mode
[ 658.105042][T15894] bridge_slave_0: entered promiscuous mode
[ 658.120028][T15894] bridge0: port 2(bridge_slave_1) entered blocking state
[ 658.138954][T15894] bridge0: port 2(bridge_slave_1) entered disabled state
[ 658.156243][T15894] bridge_slave_1: entered allmulticast mode
[ 658.172359][T15894] bridge_slave_1: entered promiscuous mode
[ 658.237809][T15894] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 658.266539][T15894] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 658.333713][T15894] team0: Port device team_slave_0 added
[ 658.352106][T15894] team0: Port device team_slave_1 added
[ 658.425175][T15894] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 658.432151][T15894] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 658.476691][T15894] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 658.490137][T15894] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 658.498838][T15894] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 658.526451][T15894] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 658.633261][T15894] hsr_slave_0: entered promiscuous mode
[ 658.648829][T15894] hsr_slave_1: entered promiscuous mode
[ 658.663133][T15894] debugfs: 'hsr0' already exists in 'hsr'
[ 658.674703][T15894] Cannot create hsr debugfs directory
[ 658.714444][T15916] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2549'.
[ 658.775691][T15917] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2549'.
[ 658.834425][T15916] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2549'.
[ 659.521082][T15731] Bluetooth: hci5: command tx timeout
[ 659.613150][ T8545] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 659.629602][ T8545] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 659.640304][ T8545] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 659.647958][ T8545] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 659.655773][ T8545] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 660.026584][T15924] chnl_net:caif_netlink_parms(): no params data found
[ 660.196296][T15924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 660.210833][T15924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 660.223608][T15924] bridge_slave_0: entered allmulticast mode
[ 660.247775][T15924] bridge_slave_0: entered promiscuous mode
[ 660.261153][T15924] bridge0: port 2(bridge_slave_1) entered blocking state
[ 660.275307][T15924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 660.289218][T15924] bridge_slave_1: entered allmulticast mode
[ 660.307015][T15924] bridge_slave_1: entered promiscuous mode
[ 660.376483][T15924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 660.406273][T15924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 660.468993][T15924] team0: Port device team_slave_0 added
[ 660.483326][T15924] team0: Port device team_slave_1 added
[ 660.545631][T15924] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 660.560504][T15924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 660.621158][T15924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 660.654253][T15924] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 660.662722][T15924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 660.721241][T15924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 660.811693][T15924] hsr_slave_0: entered promiscuous mode
[ 660.824420][T15924] hsr_slave_1: entered promiscuous mode
[ 660.842323][T15924] debugfs: 'hsr0' already exists in 'hsr'
[ 660.853496][T15924] Cannot create hsr debugfs directory
[ 661.591211][T15731] Bluetooth: hci5: command tx timeout
[ 661.749635][T15731] Bluetooth: hci6: command tx timeout
[ 663.378388][T15966] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2557'.
[ 663.479469][T15964] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2557'.
[ 663.503398][T15964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2557'.
[ 663.660362][T15731] Bluetooth: hci5: command tx timeout
[ 663.819856][T15731] Bluetooth: hci6: command tx timeout
[ 665.730674][T15731] Bluetooth: hci5: command tx timeout
[ 665.891100][T15731] Bluetooth: hci6: command tx timeout
[ 667.960408][T15731] Bluetooth: hci6: command tx timeout
[ 669.608736][T15994] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2564'.
[ 669.661317][T15994] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2564'.
[ 669.743780][T15992] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2564'.
[ 670.387831][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 670.546521][ T29] audit: type=1804 audit(1774319032.835:11): pid=15998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2566" name="/newroot/672/file0" dev="tmpfs" ino=3513 res=1 errno=0
[ 670.600691][ T29] audit: type=1804 audit(1774319032.895:12): pid=15998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2566" name="/newroot/672/file0" dev="tmpfs" ino=3513 res=1 errno=0
[ 670.774250][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 670.913796][T16005] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2568'.
[ 670.925523][T16005] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2568'.
[ 670.939168][T16005] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2568'.
[ 670.949874][T16005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2568'.
[ 675.529260][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 675.795377][T16047] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2577'.
[ 675.833723][T16047] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2577'.
[ 675.924213][T16045] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2577'.
[ 676.327856][ T8545] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 676.340511][ T8545] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 676.349451][ T8545] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 676.357786][ T8545] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 676.365446][ T8545] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 676.656126][T16049] chnl_net:caif_netlink_parms(): no params data found
[ 676.671436][T16055] FAULT_INJECTION: forcing a failure.
[ 676.671436][T16055] name failslab, interval 1, probability 0, space 0, times 0
[ 676.699156][T16055] CPU: 0 UID: 0 PID: 16055 Comm: syz.0.2578 Tainted: G L syzkaller #0 PREEMPT(full)
[ 676.699190][T16055] Tainted: [L]=SOFTLOCKUP
[ 676.699198][T16055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 676.699211][T16055] Call Trace:
[ 676.699219][T16055]
[ 676.699226][T16055] dump_stack_lvl+0x100/0x190
[ 676.699268][T16055] should_fail_ex.cold+0x5/0xa
[ 676.699296][T16055] should_failslab+0xc2/0x120
[ 676.699321][T16055] kmem_cache_alloc_noprof+0x7b/0x6e0
[ 676.699357][T16055] ? security_file_alloc+0x34/0x2c0
[ 676.699386][T16055] ? trace_kmem_cache_alloc+0xf3/0x120
[ 676.699415][T16055] security_file_alloc+0x34/0x2c0
[ 676.699443][T16055] init_file+0x95/0x480
[ 676.699470][T16055] alloc_empty_file+0x73/0x1c0
[ 676.699499][T16055] alloc_file_pseudo+0x13a/0x230
[ 676.699529][T16055] ? __pfx_alloc_file_pseudo+0x10/0x10
[ 676.699556][T16055] ? inode_init_always_gfp+0xd0e/0x1040
[ 676.699587][T16055] sock_alloc_file+0x50/0x210
[ 676.699625][T16055] do_accept+0x242/0x530
[ 676.699652][T16055] ? 0xffffffff81000000
[ 676.699668][T16055] ? do_raw_spin_lock+0x128/0x260
[ 676.699703][T16055] ? __pfx_do_accept+0x10/0x10
[ 676.699745][T16055] ? 0xffffffff81000000
[ 676.699760][T16055] __sys_accept4+0x108/0x200
[ 676.699788][T16055] ? __pfx___sys_accept4+0x10/0x10
[ 676.699824][T16055] __x64_sys_accept+0x74/0xb0
[ 676.699851][T16055] ? lockdep_hardirqs_on+0x78/0x100
[ 676.699886][T16055] do_syscall_64+0x106/0xf80
[ 676.699919][T16055] ? clear_bhb_loop+0x40/0x90
[ 676.699945][T16055] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 676.699968][T16055] RIP: 0033:0x7f665639c799
[ 676.699985][T16055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 676.700006][T16055] RSP: 002b:00007f66571a2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 676.700027][T16055] RAX: ffffffffffffffda RBX: 00007f6656615fa0 RCX: 00007f665639c799
[ 676.700042][T16055] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003
[ 676.700056][T16055] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 676.700070][T16055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 676.700090][T16055] R13: 00007f6656616038 R14: 00007f6656615fa0 R15: 00007ffdb59a53f8
[ 676.700112][T16055] ? 0xffffffff81000000
[ 676.700132][T16055]
[ 677.010444][T16049] bridge0: port 1(bridge_slave_0) entered blocking state
[ 677.025713][T16049] bridge0: port 1(bridge_slave_0) entered disabled state
[ 677.038449][T16049] bridge_slave_0: entered allmulticast mode
[ 677.047525][T16049] bridge_slave_0: entered promiscuous mode
[ 677.063029][T16049] bridge0: port 2(bridge_slave_1) entered blocking state
[ 677.090064][T16049] bridge0: port 2(bridge_slave_1) entered disabled state
[ 677.107393][T16049] bridge_slave_1: entered allmulticast mode
[ 677.114873][T16049] bridge_slave_1: entered promiscuous mode
[ 677.225929][T16049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 677.238732][T16049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 677.273982][T16049] team0: Port device team_slave_0 added
[ 677.297773][T16049] team0: Port device team_slave_1 added
[ 677.369576][T16049] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 677.379542][T16049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 677.409783][T16049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 677.422221][T16049] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 677.432384][T16049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 677.461428][T16049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 677.538306][T16049] hsr_slave_0: entered promiscuous mode
[ 677.545581][T16049] hsr_slave_1: entered promiscuous mode
[ 677.551782][T16049] debugfs: 'hsr0' already exists in 'hsr'
[ 677.560018][T16049] Cannot create hsr debugfs directory
[ 677.856239][T16070] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2580'.
[ 677.869915][T16070] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2580'.
[ 677.880616][T16070] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2580'.
[ 677.891393][T16070] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2580'.
[ 678.391284][T15731] Bluetooth: hci7: command tx timeout
[ 679.162275][T16073] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2581'.
[ 679.589846][T16079] FAULT_INJECTION: forcing a failure.
[ 679.589846][T16079] name failslab, interval 1, probability 0, space 0, times 0
[ 679.607946][T16079] CPU: 0 UID: 0 PID: 16079 Comm: syz.0.2582 Tainted: G L syzkaller #0 PREEMPT(full)
[ 679.607981][T16079] Tainted: [L]=SOFTLOCKUP
[ 679.607990][T16079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 679.608005][T16079] Call Trace:
[ 679.608013][T16079]
[ 679.608022][T16079] dump_stack_lvl+0x100/0x190
[ 679.608062][T16079] should_fail_ex.cold+0x5/0xa
[ 679.608091][T16079] should_failslab+0xc2/0x120
[ 679.608116][T16079] __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 679.608156][T16079] ? kstrdup_const+0x63/0x80
[ 679.608188][T16079] kstrdup+0x51/0xe0
[ 679.608234][T16079] kstrdup_const+0x63/0x80
[ 679.608257][T16079] kvasprintf_const+0x10f/0x1a0
[ 679.608311][T16079] kobject_set_name_vargs+0x5a/0x140
[ 679.608343][T16079] dev_set_name+0xc7/0x100
[ 679.608382][T16079] ? __pfx_dev_set_name+0x10/0x10
[ 679.608420][T16079] ? __pfx___might_resched+0x10/0x10
[ 679.608459][T16079] ? lockdep_hardirqs_on+0x78/0x100
[ 679.608508][T16079] __add_disk+0x414/0xe40
[ 679.608610][T16079] add_disk_fwnode+0x118/0x5c0
[ 679.608640][T16079] loop_add+0x90b/0xb60
[ 679.608678][T16079] ? __pfx_loop_add+0x10/0x10
[ 679.608738][T16079] ? find_held_lock+0x2b/0x80
[ 679.608764][T16079] ? __fget_files+0x215/0x3d0
[ 679.608792][T16079] loop_control_ioctl+0xae/0x620
[ 679.608838][T16079] ? __pfx_loop_control_ioctl+0x10/0x10
[ 679.608883][T16079] ? __pfx_loop_control_ioctl+0x10/0x10
[ 679.608923][T16079] __x64_sys_ioctl+0x18e/0x210
[ 679.608965][T16079] do_syscall_64+0x106/0xf80
[ 679.609003][T16079] ? clear_bhb_loop+0x40/0x90
[ 679.609034][T16079] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 679.609060][T16079] RIP: 0033:0x7f665639c799
[ 679.609081][T16079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 679.609106][T16079] RSP: 002b:00007f66571a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 679.609130][T16079] RAX: ffffffffffffffda RBX: 00007f6656615fa0 RCX: 00007f665639c799
[ 679.609148][T16079] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[ 679.609164][T16079] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 679.609180][T16079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 679.609195][T16079] R13: 00007f6656616038 R14: 00007f6656615fa0 R15: 00007ffdb59a53f8
[ 679.609228][T16079]
[ 680.463297][T15731] Bluetooth: hci7: command tx timeout
[ 682.532005][T15731] Bluetooth: hci7: command tx timeout
[ 683.461144][T16112] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2589'.
[ 683.512942][T16112] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2589'.
[ 683.573575][T16112] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2589'.
[ 684.586405][T16118] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42
[ 684.601980][T15731] Bluetooth: hci7: command tx timeout
[ 684.818058][T16119] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43
[ 685.402768][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 685.410488][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 685.505340][T16124] NFSD: Failed to start, no listeners configured.
[ 685.968623][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 686.174657][T16131] futex_wake_op: syz.0.2594 tries to shift op by -1; fix this program
[ 688.116395][T16143] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 688.195778][T16141] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 688.218190][T16141] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2596'.
[ 689.394444][T16150] __vm_enough_memory: pid: 16150, comm: syz.0.2598, bytes: 4398046457856 not enough memory for the allocation
[ 689.901307][T16153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2599'.
[ 690.796480][T16167] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2601'.
[ 690.883494][T16165] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2601'.
[ 690.909517][T16165] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2601'.
syzkaller
syzkaller login: [ 692.428126][T16173] FAULT_INJECTION: forcing a failure.
[ 692.428126][T16173] name failslab, interval 1, probability 0, space 0, times 0
[ 692.443417][T16173] CPU: 0 UID: 0 PID: 16173 Comm: syz.0.2603 Tainted: G L syzkaller #0 PREEMPT(full)
[ 692.443452][T16173] Tainted: [L]=SOFTLOCKUP
[ 692.443460][T16173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 692.443474][T16173] Call Trace:
[ 692.443483][T16173]
[ 692.443491][T16173] dump_stack_lvl+0x100/0x190
[ 692.443532][T16173] should_fail_ex.cold+0x5/0xa
[ 692.443559][T16173] should_failslab+0xc2/0x120
[ 692.443584][T16173] __kmalloc_cache_node_noprof+0x7d/0x770
[ 692.443624][T16173] ? sbitmap_queue_init_node+0x291/0x4a0
[ 692.443666][T16173] sbitmap_queue_init_node+0x291/0x4a0
[ 692.443706][T16173] blk_mq_init_tags+0x184/0x300
[ 692.443739][T16173] blk_mq_alloc_map_and_rqs+0x218/0xeb0
[ 692.443793][T16173] ? blk_mq_update_queue_map+0x227/0x3a0
[ 692.443821][T16173] blk_mq_alloc_tag_set+0x848/0x1330
[ 692.443866][T16173] loop_add+0x3b7/0xb60
[ 692.443898][T16173] ? __pfx_loop_add+0x10/0x10
[ 692.443949][T16173] loop_control_ioctl+0xae/0x620
[ 692.443982][T16173] ? __pfx_loop_control_ioctl+0x10/0x10
[ 692.444015][T16173] ? xfd_validate_state+0x129/0x190
[ 692.444050][T16173] ? __pfx_loop_control_ioctl+0x10/0x10
[ 692.444084][T16173] __x64_sys_ioctl+0x18e/0x210
[ 692.444118][T16173] do_syscall_64+0x106/0xf80
[ 692.444151][T16173] ? clear_bhb_loop+0x40/0x90
[ 692.444178][T16173] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 692.444218][T16173] RIP: 0033:0x7f665639c799
[ 692.444237][T16173] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 692.444273][T16173] RSP: 002b:00007f66571a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 692.444293][T16173] RAX: ffffffffffffffda RBX: 00007f6656615fa0 RCX: 00007f665639c799
[ 692.444308][T16173] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000003
[ 692.444321][T16173] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 692.444335][T16173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 692.444347][T16173] R13: 00007f6656616038 R14: 00007f6656615fa0 R15: 00007ffdb59a53f8
[ 692.444393][T16173]
[ 692.444509][T16173] blk-mq: reduced tag depth (128 -> 64)
[ 692.960087][T16180] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1869770799.1702047587.1966040684), cmd(11)
[ 693.331830][T16187] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2606'.
[ 693.342811][T16187] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2606'.
[ 693.355041][T16187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2606'.
[ 697.125550][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 697.664726][T16212] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2613'.
[ 698.353485][T16221] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2614'.
[ 698.379495][T16221] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2614'.
[ 698.461075][T16219] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2614'.
[ 699.156449][T16223] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[ 701.184783][T16242] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2620'.
[ 701.195326][T16242] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2620'.
[ 701.210946][T16242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2620'.
[ 703.427140][ T29] audit: type=1800 audit(1774319065.880:13): pid=16258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2623" name="sr0" dev="devtmpfs" ino=2897 res=0 errno=0
[ 704.373422][T16266] netlink: 'syz.0.2625': attribute type 1 has an invalid length.
[ 706.529410][T16287] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2631'.
[ 706.680510][T16291] hub 27-0:1.0: USB hub found
[ 706.686924][T16291] hub 27-0:1.0: 1 port detected
[ 707.695511][T16296] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2633'.
[ 707.729965][T16296] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2633'.
[ 707.760238][T16294] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2633'.
[ 708.448511][T16298] FAULT_INJECTION: forcing a failure.
[ 708.448511][T16298] name failslab, interval 1, probability 0, space 0, times 0
[ 708.461456][T16298] CPU: 0 UID: 0 PID: 16298 Comm: syz.0.2634 Tainted: G L syzkaller #0 PREEMPT(full)
[ 708.461489][T16298] Tainted: [L]=SOFTLOCKUP
[ 708.461497][T16298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 708.461510][T16298] Call Trace:
[ 708.461518][T16298]
[ 708.461526][T16298] dump_stack_lvl+0x100/0x190
[ 708.461564][T16298] should_fail_ex.cold+0x5/0xa
[ 708.461590][T16298] ? tomoyo_encode2+0xfb/0x3c0
[ 708.461620][T16298] should_failslab+0xc2/0x120
[ 708.461644][T16298] __kmalloc_noprof+0xe0/0x850
[ 708.461677][T16298] ? d_absolute_path+0x136/0x1b0
[ 708.461712][T16298] tomoyo_encode2+0xfb/0x3c0
[ 708.461745][T16298] tomoyo_encode+0x29/0x50
[ 708.461773][T16298] tomoyo_realpath_from_path+0x18c/0x690
[ 708.461809][T16298] tomoyo_path_perm+0x276/0x460
[ 708.461832][T16298] ? tomoyo_path_perm+0x262/0x460
[ 708.461859][T16298] ? __pfx_tomoyo_path_perm+0x10/0x10
[ 708.461884][T16298] ? terminate_walk+0x246/0x670
[ 708.461923][T16298] ? __lock_acquire+0x4a5/0x2630
[ 708.461951][T16298] ? current_check_access_path+0x281/0x460
[ 708.461995][T16298] ? mnt_get_write_access+0x52/0x2f0
[ 708.462026][T16298] ? mnt_get_write_access+0x1e9/0x2f0
[ 708.462059][T16298] security_path_truncate+0x138/0x280
[ 708.462083][T16298] vfs_truncate+0x4ab/0x720
[ 708.462108][T16298] ? __pfx_vfs_truncate+0x10/0x10
[ 708.462139][T16298] do_sys_truncate+0xee/0x190
[ 708.462162][T16298] ? __pfx_do_sys_truncate+0x10/0x10
[ 708.462193][T16298] __x64_sys_truncate+0x54/0x80
[ 708.462216][T16298] do_syscall_64+0x106/0xf80
[ 708.462249][T16298] ? clear_bhb_loop+0x40/0x90
[ 708.462276][T16298] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 708.462299][T16298] RIP: 0033:0x7f665639c799
[ 708.462317][T16298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 708.462338][T16298] RSP: 002b:00007f66571a2028 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 708.462359][T16298] RAX: ffffffffffffffda RBX: 00007f6656615fa0 RCX: 00007f665639c799
[ 708.462374][T16298] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 00002000000000c0
[ 708.462387][T16298] RBP: 00007f66571a2090 R08: 0000000000000000 R09: 0000000000000000
[ 708.462406][T16298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 708.462418][T16298] R13: 00007f6656616038 R14: 00007f6656615fa0 R15: 00007ffdb59a53f8
[ 708.462446][T16298]
[ 708.462466][T16298] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 711.238846][ T29] audit: type=1800 audit(1774319073.726:14): pid=16316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2638" name="sr0" dev="devtmpfs" ino=2897 res=0 errno=0
[ 713.903059][T16342] syz.0.2647(16342): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[ 715.250886][T16355] FAULT_INJECTION: forcing a failure.
[ 715.250886][T16355] name failslab, interval 1, probability 0, space 0, times 0
[ 715.265370][T16355] CPU: 0 UID: 0 PID: 16355 Comm: syz.0.2650 Tainted: G L syzkaller #0 PREEMPT(full)
[ 715.265406][T16355] Tainted: [L]=SOFTLOCKUP
[ 715.265415][T16355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 715.265429][T16355] Call Trace:
[ 715.265437][T16355]
[ 715.265445][T16355] dump_stack_lvl+0x100/0x190
[ 715.265486][T16355] should_fail_ex.cold+0x5/0xa
[ 715.265515][T16355] should_failslab+0xc2/0x120
[ 715.265540][T16355] __kmalloc_cache_noprof+0x7a/0x6f0
[ 715.265572][T16355] ? fqdir_init+0x4f/0x1f0
[ 715.265681][T16355] ? net_generic+0xea/0x2a0
[ 715.265789][T16355] ? net_generic+0xea/0x2a0
[ 715.265823][T16355] fqdir_init+0x4f/0x1f0
[ 715.265869][T16355] nf_ct_net_init+0x3d/0x370
[ 715.265901][T16355] ? __pfx_nf_ct_net_init+0x10/0x10
[ 715.265932][T16355] ops_init+0x1e2/0x5f0
[ 715.265976][T16355] setup_net+0x118/0x3a0
[ 715.266015][T16355] ? __pfx_setup_net+0x10/0x10
[ 715.266054][T16355] ? lockdep_init_map_type+0x5c/0x250
[ 715.266101][T16355] ? mutex_init_lockep+0x110/0x150
[ 715.266138][T16355] copy_net_ns+0x46f/0x7c0
[ 715.266163][T16355] create_new_namespaces+0x3ea/0xac0
[ 715.266195][T16355] unshare_nsproxy_namespaces+0xc3/0x1f0
[ 715.266224][T16355] ksys_unshare+0x473/0xad0
[ 715.266256][T16355] ? __pfx_ksys_unshare+0x10/0x10
[ 715.266299][T16355] __x64_sys_unshare+0x31/0x40
[ 715.266329][T16355] do_syscall_64+0x106/0xf80
[ 715.266364][T16355] ? clear_bhb_loop+0x40/0x90
[ 715.266393][T16355] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 715.266417][T16355] RIP: 0033:0x7f665639c799
[ 715.266436][T16355] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 715.266458][T16355] RSP: 002b:00007f6657181028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 715.266480][T16355] RAX: ffffffffffffffda RBX: 00007f6656616090 RCX: 00007f665639c799
[ 715.266495][T16355] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 715.266509][T16355] RBP: 00007f6656432c99 R08: 0000000000000000 R09: 0000000000000000
[ 715.266525][T16355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 715.266539][T16355] R13: 00007f6656616128 R14: 00007f6656616090 R15: 00007ffdb59a53f8
[ 715.266568][T16355]
[ 717.156995][ T8545] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 717.160295][ T8545] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 717.161085][ T8545] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 717.161894][ T8545] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 717.162939][ T8545] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 717.505451][T16365] chnl_net:caif_netlink_parms(): no params data found
[ 717.745083][T16365] bridge0: port 1(bridge_slave_0) entered blocking state
[ 717.764542][T16365] bridge0: port 1(bridge_slave_0) entered disabled state
[ 717.783285][T16365] bridge_slave_0: entered allmulticast mode
[ 717.804309][T16365] bridge_slave_0: entered promiscuous mode
[ 717.824962][T16365] bridge0: port 2(bridge_slave_1) entered blocking state
[ 717.842876][T16365] bridge0: port 2(bridge_slave_1) entered disabled state
[ 717.863174][T16365] bridge_slave_1: entered allmulticast mode
[ 717.877642][T16365] bridge_slave_1: entered promiscuous mode
[ 717.952552][T16365] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 717.978092][T16365] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 718.039054][T16365] team0: Port device team_slave_0 added
[ 718.069735][T16365] team0: Port device team_slave_1 added
[ 718.149050][T16365] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 718.177953][T16365] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 718.261611][T16365] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 718.287454][T16382] zswap: compressor not available
[ 718.304868][T16365] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 718.312205][T16365] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 718.342334][T16365] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 718.425493][T16365] hsr_slave_0: entered promiscuous mode
[ 718.445768][T16365] hsr_slave_1: entered promiscuous mode
[ 718.452298][T16365] debugfs: 'hsr0' already exists in 'hsr'
[ 718.466167][T16365] Cannot create hsr debugfs directory
[ 719.161024][ T8545] Bluetooth: hci8: command tx timeout
[ 719.191710][ T8545] Bluetooth: hci1: SCO packet too small
[ 719.314375][T16393] zswap: compressor not available
[ 719.391825][T15731] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 719.408917][T15731] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 719.416704][T15731] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 719.424476][T15731] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 719.432986][T15731] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 719.653280][T16397] chnl_net:caif_netlink_parms(): no params data found
[ 719.738192][T16397] bridge0: port 1(bridge_slave_0) entered blocking state
[ 719.745422][T16397] bridge0: port 1(bridge_slave_0) entered disabled state
[ 719.756006][T16397] bridge_slave_0: entered allmulticast mode
[ 719.764986][T16397] bridge_slave_0: entered promiscuous mode
[ 719.773328][T16397] bridge0: port 2(bridge_slave_1) entered blocking state
[ 719.782251][T16397] bridge0: port 2(bridge_slave_1) entered disabled state
[ 719.790419][T16397] bridge_slave_1: entered allmulticast mode
[ 719.798846][T16397] bridge_slave_1: entered promiscuous mode
[ 719.829812][T16397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 719.842052][T16397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 719.879904][T16397] team0: Port device team_slave_0 added
[ 719.889241][T16397] team0: Port device team_slave_1 added
[ 719.917004][T16397] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 719.924071][T16397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 719.950577][T16397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 719.965671][T16397] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 719.972669][T16397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 720.003122][T16397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 720.050011][T16397] hsr_slave_0: entered promiscuous mode
[ 720.058028][T16397] hsr_slave_1: entered promiscuous mode
[ 720.065754][T16397] debugfs: 'hsr0' already exists in 'hsr'
[ 720.071599][T16397] Cannot create hsr debugfs directory
[ 721.229713][T15731] Bluetooth: hci8: command tx timeout
[ 721.447874][T15731] Bluetooth: hci1: Malformed LE Event: 0x0b
[ 721.469189][T15731] Bluetooth: hci9: command tx timeout
[ 722.098075][T16428] Unable to find swap-space signature
[ 722.164718][T16430] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2666'.
[ 723.300355][T15731] Bluetooth: hci8: command tx timeout
[ 723.539120][T15731] Bluetooth: hci9: command tx timeout
[ 725.370472][T15731] Bluetooth: hci8: command tx timeout
[ 725.609365][T15731] Bluetooth: hci9: command tx timeout
[ 727.679757][T15731] Bluetooth: hci9: command tx timeout
[ 736.889341][ T8545] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 736.898014][ T8545] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 736.905774][ T8545] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 736.914183][ T8545] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 736.925539][ T8545] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 737.102634][T16432] chnl_net:caif_netlink_parms(): no params data found
[ 737.178130][T16432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 737.189193][T16432] bridge0: port 1(bridge_slave_0) entered disabled state
[ 737.197550][T16432] bridge_slave_0: entered allmulticast mode
[ 737.205215][T16432] bridge_slave_0: entered promiscuous mode
[ 737.213330][T16432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 737.220797][T16432] bridge0: port 2(bridge_slave_1) entered disabled state
[ 737.228394][T16432] bridge_slave_1: entered allmulticast mode
[ 737.243924][T16432] bridge_slave_1: entered promiscuous mode
[ 737.276244][T16432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 737.292214][T16432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 737.326990][T16432] team0: Port device team_slave_0 added
[ 737.335661][T16432] team0: Port device team_slave_1 added
[ 737.362566][T16432] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 737.370128][T16432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 737.399703][T16432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 737.415443][T16432] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 737.422408][T16432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 737.448929][T16432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 737.497824][T16432] hsr_slave_0: entered promiscuous mode
[ 737.504613][T16432] hsr_slave_1: entered promiscuous mode
[ 737.510822][T16432] debugfs: 'hsr0' already exists in 'hsr'
[ 737.518696][T16432] Cannot create hsr debugfs directory
[ 738.986319][T15731] Bluetooth: hci10: command tx timeout
[ 741.057283][T15731] Bluetooth: hci10: command tx timeout
[ 743.126778][T15731] Bluetooth: hci10: command tx timeout
[ 745.197324][T15731] Bluetooth: hci10: command tx timeout
[ 746.554957][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 746.567037][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 759.291044][ T30] INFO: task kworker/u10:3:8525 blocked for more than 143 seconds.
[ 759.300234][ T30] Tainted: G L syzkaller #0
[ 759.313547][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 759.322598][ T30] task:kworker/u10:3 state:D stack:23592 pid:8525 tgid:8525 ppid:2 task_flags:0x4208160 flags:0x00080000
[ 759.334908][ T30] Workqueue: netns cleanup_net
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 759.339692][ T30] Call Trace:
[ 759.350747][ T30]
[ 759.353897][ T30] __schedule+0xfee/0x6120
[ 759.358352][ T30] ? __lock_acquire+0x4a5/0x2630
[ 759.380307][ T30] ? __pfx___schedule+0x10/0x10
[ 759.385201][ T30] ? find_held_lock+0x2b/0x80
[ 759.389890][ T30] ? schedule+0x2bf/0x390
[ 759.402425][ T30] schedule+0xdd/0x390
[ 759.406551][ T30] schedule_timeout+0x1b2/0x280
[ 759.425401][ T30] ? __pfx_schedule_timeout+0x10/0x10
[ 759.440086][ T30] ? mark_held_locks+0x40/0x70
[ 759.444919][ T30] __wait_for_common+0x2e7/0x4c0
[ 759.449888][ T30] ? __pfx_schedule_timeout+0x10/0x10
[ 759.465677][ T30] ? __pfx___wait_for_common+0x10/0x10
[ 759.480325][ T30] remove_one+0x312/0x420
[ 759.484783][ T30] ? find_next_child+0x18f/0x280
[ 759.501004][ T30] __simple_recursive_removal+0x148/0x5c0
[ 759.521316][ T30] ? __pfx_remove_one+0x10/0x10
[ 759.526271][ T30] debugfs_remove+0x5d/0x80
[ 759.539549][ T30] nsim_dev_health_exit+0x3b/0xe0
[ 759.544685][ T30] nsim_dev_reload_destroy+0x144/0x4a0
[ 759.559779][ T30] nsim_dev_reload_down+0x66/0xd0
[ 759.564839][ T30] devlink_reload+0x173/0x790
[ 759.579588][ T30] ? __pfx_devlink_reload+0x10/0x10
[ 759.584848][ T30] devlink_pernet_pre_exit+0x222/0x330
[ 759.642498][ T30] ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[ 759.648541][ T30] ? kobject_put+0xb9/0x640
[ 759.708237][ T30] ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[ 759.735088][ T30] ops_undo_list+0x187/0xab0
[ 759.742048][ T30] ? __pfx_ops_undo_list+0x10/0x10
[ 759.747202][ T30] ? cleanup_net+0x332/0x920
[ 759.770298][ T30] ? cleanup_net+0x332/0x920
[ 759.774967][ T30] ? idr_destroy+0x62/0x2e0
[ 759.788665][ T30] cleanup_net+0x499/0x920
[ 759.793167][ T30] ? __pfx_cleanup_net+0x10/0x10
[ 759.798126][ T30] ? rcu_is_watching+0x12/0xc0
[ 759.817626][ T30] process_one_work+0xa23/0x19a0
[ 759.828470][ T30] ? __pfx_process_one_work+0x10/0x10
[ 759.833902][ T30] ? __pfx_cleanup_net+0x10/0x10
[ 759.845695][ T30] worker_thread+0x5ef/0xe50
[ 759.858034][ T30] ? kthread+0x13a/0x450
[ 759.862328][ T30] ? __pfx_worker_thread+0x10/0x10
[ 759.867460][ T30] kthread+0x370/0x450
[ 759.888898][ T30] ? __pfx_kthread+0x10/0x10
[ 759.893565][ T30] ret_from_fork+0x754/0xd80
[ 759.909392][ T30] ? __pfx_ret_from_fork+0x10/0x10
[ 759.918027][ T30] ? __switch_to+0x7b4/0x1120
[ 759.922751][ T30] ? __pfx_kthread+0x10/0x10
[ 759.927379][ T30] ret_from_fork_asm+0x1a/0x30
[ 759.959439][ T30]
[ 759.962568][ T30] INFO: task syz-executor:15309 blocked for more than 143 seconds.
[ 759.988162][ T30] Tainted: G L syzkaller #0
[ 760.017344][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 760.026101][ T30] task:syz-executor state:D stack:24168 pid:15309 tgid:15309 ppid:1 task_flags:0x400140 flags:0x00080002
[ 760.060468][ T30] Call Trace:
[ 760.063773][ T30]
[ 760.066712][ T30] __schedule+0xfee/0x6120
[ 760.073406][ T30] ? __lock_acquire+0x4a5/0x2630
[ 760.078615][ T30] ? __pfx___schedule+0x10/0x10
[ 760.083498][ T30] ? find_held_lock+0x2b/0x80
[ 760.090134][ T30] ? schedule+0x2bf/0x390
[ 760.094534][ T30] schedule+0xdd/0x390
[ 760.098902][ T30] schedule_preempt_disabled+0x13/0x30
[ 760.104379][ T30] __mutex_lock+0xc9a/0x1b90
[ 760.109799][ T30] ? device_del+0xa0/0x9b0
[ 760.116406][ T30] ? __pfx___mutex_lock+0x10/0x10
[ 760.121734][ T30] ? mark_held_locks+0x40/0x70
[ 760.126542][ T30] ? device_del+0xa0/0x9b0
[ 760.131309][ T30] device_del+0xa0/0x9b0
[ 760.135581][ T30] ? __pfx_ida_free+0x10/0x10
[ 760.140557][ T30] ? __pfx_device_del+0x10/0x10
[ 760.145421][ T30] ? __lock_acquire+0x4a5/0x2630
[ 760.150684][ T30] device_unregister+0x1d/0xe0
[ 760.155524][ T30] del_device_store+0x346/0x480
[ 760.160684][ T30] ? __pfx_del_device_store+0x10/0x10
[ 760.166076][ T30] ? find_held_lock+0x2b/0x80
[ 760.172400][ T30] ? sysfs_file_kobj+0xe4/0x290
[ 760.180006][ T30] ? sysfs_file_kobj+0xe4/0x290
[ 760.184878][ T30] ? __pfx_del_device_store+0x10/0x10
[ 760.190602][ T30] bus_attr_store+0x74/0xb0
[ 760.195171][ T30] ? __pfx_bus_attr_store+0x10/0x10
[ 760.200674][ T30] sysfs_kf_write+0xf2/0x150
[ 760.205307][ T30] kernfs_fop_write_iter+0x3e0/0x5f0
[ 760.211301][ T30] ? __pfx_sysfs_kf_write+0x10/0x10
[ 760.219143][ T30] vfs_write+0x6ac/0x1070
[ 760.223533][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 760.229694][ T30] ? __pfx_vfs_write+0x10/0x10
[ 760.234478][ T30] ? __pfx_do_sys_openat2+0x10/0x10
[ 760.240107][ T30] ksys_write+0x12a/0x250
[ 760.244479][ T30] ? __pfx_ksys_write+0x10/0x10
[ 760.250417][ T30] do_syscall_64+0x106/0xf80
[ 760.255060][ T30] ? clear_bhb_loop+0x40/0x90
[ 760.260095][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 760.266038][ T30] RIP: 0033:0x7f80e195cfce
[ 760.270797][ T30] RSP: 002b:00007ffcfbe98cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 760.279441][ T30] RAX: ffffffffffffffda RBX: 000055555edaf500 RCX: 00007f80e195cfce
[ 760.289346][ T30] RDX: 0000000000000001 RSI: 00007ffcfbe98d50 RDI: 0000000000000005
[ 760.297509][ T30] RBP: 00007f80e1a3351c R08: 0000000000000000 R09: 0000000000000000
[ 760.305503][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 760.313792][ T30] R13: 00007ffcfbe98d50 R14: 00007f80e2744620 R15: 0000000000000003
[ 760.323969][ T30]
[ 760.348921][ T30] INFO: task syz.1.2411:15317 blocked for more than 144 seconds.
[ 760.365754][ T30] Tainted: G L syzkaller #0
[ 760.372291][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 760.397246][ T30] task:syz.1.2411 state:D stack:28240 pid:15317 tgid:15316 ppid:14728 task_flags:0x400140 flags:0x00080002
[ 760.425427][ T30] Call Trace:
[ 760.428755][ T30]
[ 760.431694][ T30] __schedule+0xfee/0x6120
[ 760.455371][ T30] ? __lock_acquire+0x4a5/0x2630
[ 760.460367][ T30] ? __pfx___schedule+0x10/0x10
[ 760.486423][ T30] ? find_held_lock+0x2b/0x80
[ 760.491207][ T30] ? schedule+0x2bf/0x390
[ 760.495880][ T30] schedule+0xdd/0x390
[ 760.499975][ T30] schedule_preempt_disabled+0x13/0x30
[ 760.520327][ T30] __mutex_lock+0xc9a/0x1b90
[ 760.534880][ T30] ? __pfx___alloc_skb+0x10/0x10
[ 760.539867][ T30] ? devlink_health_report+0x681/0xb50
[ 760.554765][ T30] ? __pfx___mutex_lock+0x10/0x10
[ 760.559829][ T30] ? devlink_recover_notify.constprop.0+0x4d7/0x670
[ 760.593226][ T30] ? devlink_recover_notify.constprop.0+0x200/0x670
[ 760.600132][ T30] ? devlink_health_report+0x681/0xb50
[ 760.622258][ T30] devlink_health_report+0x681/0xb50
[ 760.634422][ T30] ? __pfx_devlink_health_report+0x10/0x10
[ 760.640298][ T30] ? _copy_from_user+0x59/0xd0
[ 760.647213][ T30] nsim_dev_health_break_write+0x166/0x210
[ 760.653070][ T30] ? __pfx_nsim_dev_health_break_write+0x10/0x10
[ 760.660151][ T30] full_proxy_write+0x135/0x1a0
[ 760.665352][ T30] vfs_write+0x2aa/0x1070
[ 760.669712][ T30] ? __pfx_full_proxy_write+0x10/0x10
[ 760.675398][ T30] ? __pfx_vfs_write+0x10/0x10
[ 760.680177][ T30] ? __fget_files+0x215/0x3d0
[ 760.685398][ T30] ? __fget_files+0x21f/0x3d0
[ 760.691392][ T30] ksys_write+0x12a/0x250
[ 760.696023][ T30] ? __pfx_ksys_write+0x10/0x10
[ 760.700897][ T30] do_syscall_64+0x106/0xf80
[ 760.705906][ T30] ? clear_bhb_loop+0x40/0x90
[ 760.710615][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 760.717145][ T30] RIP: 0033:0x7fb41a59c799
[ 760.721583][ T30] RSP: 002b:00007fb41b4bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 760.734966][ T30] RAX: ffffffffffffffda RBX: 00007fb41a815fa0 RCX: 00007fb41a59c799
[ 760.742991][ T30] RDX: 00000000000001e1 RSI: 0000200000000080 RDI: 0000000000000004
[ 760.751338][ T30] RBP: 00007fb41a632c99 R08: 0000000000000000 R09: 0000000000000000
[ 760.759516][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 760.768253][ T30] R13: 00007fb41a816038 R14: 00007fb41a815fa0 R15: 00007ffcfc54d4d8
[ 760.776527][ T30]
[ 760.796189][ T30]
[ 760.796189][ T30] Showing all locks held in the system:
[ 760.810503][ T30] 1 lock held by khungtaskd/30:
[ 760.816340][ T30] #0: ffffffff8e7e7720 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[ 760.827556][ T30] 3 locks held by kworker/0:3/5820:
[ 760.835996][ T30] #0: ffff88813fe63148 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[ 760.846763][ T30] #1: ffffc900039e7d08 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[ 760.859270][ T30] #2: ffff88805bfc0240 (&data->fib_lock){+.+.}-{4:4}, at: nsim_fib_event_work+0x1b8/0x63b0
[ 760.869647][ T30] 6 locks held by kworker/u10:3/8525:
[ 760.875767][ T30] #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[ 760.886723][ T30] #1: ffffc90004867d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[ 760.897417][ T30] #2: ffffffff905fca50 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[ 760.907122][ T30] #3: ffff88805beba130 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x185/0x330
[ 760.917830][ T30] #4: ffff88805beb8250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x18f/0x330
[ 760.931255][ T30] #5: ffff88805b82d060 (&sb->s_type->i_mutex_key#10/2){+.+.}-{4:4}, at: __simple_recursive_removal+0xe0/0x5c0
[ 760.945846][ T30] 1 lock held by syz.0.1713/12498:
[ 760.950964][ T30] #0: ffffffff8e7f3200 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6d0
[ 760.961207][ T30] 5 locks held by syz-executor/15309:
[ 760.966925][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 760.976216][ T30] #1: ffff888055dd9488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 760.986694][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 760.996948][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.007653][ T30] #4: ffff88805beba130 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9b0
[ 761.016676][ T30] 3 locks held by syz.1.2411/15317:
[ 761.021909][ T30] #0: ffff88802b7167f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[ 761.033486][ T30] #1: ffff8880202ca420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.049970][ T30] #2: ffff88805beb8250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_health_report+0x681/0xb50
[ 761.062548][ T30] 4 locks held by syz-executor/15541:
[ 761.067941][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.077211][ T30] #1: ffff88803367a488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.087298][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.097991][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.108681][ T30] 3 locks held by syz.3.2526/15812:
[ 761.114067][ T30] #0: ffff888025cdeb78 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[ 761.125737][ T30] #1: ffff8880202ca420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.137149][ T30] #2: ffff88805beb8250 (&devlink->lock_key#3){+.+.}-{4:4}, at: nsim_bus_dev_max_vfs_write+0x206/0x410
[ 761.148513][ T30] 4 locks held by syz-executor/15894:
[ 761.154087][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.165207][ T30] #1: ffff88805befd088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.175884][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.186335][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.197024][ T30] 4 locks held by syz-executor/15924:
[ 761.206446][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.215780][ T30] #1: ffff888049940888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.226262][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.238939][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.249589][ T30] 4 locks held by syz-executor/16049:
[ 761.255215][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.264486][ T30] #1: ffff888058b11488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.275683][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.287110][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.297596][ T30] 2 locks held by getty/16168:
[ 761.302658][ T30] #0: ffff888038a320a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 761.313127][ T30] #1: ffffc9000371b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[ 761.323576][ T30] 4 locks held by syz-executor/16365:
[ 761.328958][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.340408][ T30] #1: ffff88801f69a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.350464][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.361927][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.372444][ T30] 4 locks held by syz-executor/16397:
[ 761.377816][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.388806][ T30] #1: ffff8880776bb488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.399586][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.409899][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.420443][ T30] 4 locks held by syz-executor/16432:
[ 761.426571][ T30] #0: ffff888036bac420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[ 761.435790][ T30] #1: ffff88806a71b888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[ 761.448485][ T30] #2: ffff8880298e8698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[ 761.458820][ T30] #3: ffffffff8fb6d828 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[ 761.469409][ T30]
[ 761.480724][ T30] =============================================
[ 761.480724][ T30]
[ 761.489172][ T30] NMI backtrace for cpu 0
[ 761.489191][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full)
[ 761.489225][ T30] Tainted: [L]=SOFTLOCKUP
[ 761.489234][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 761.489248][ T30] Call Trace:
[ 761.489257][ T30]
[ 761.489267][ T30] dump_stack_lvl+0x100/0x190
[ 761.489309][ T30] nmi_cpu_backtrace.cold+0x12d/0x151
[ 761.489350][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 761.489383][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230
[ 761.489412][ T30] sys_info+0x141/0x190
[ 761.489433][ T30] watchdog+0xd25/0x1050
[ 761.489461][ T30] ? __pfx_watchdog+0x10/0x10
[ 761.489482][ T30] ? __kthread_parkme+0x18c/0x230
[ 761.489509][ T30] ? kthread+0x13a/0x450
[ 761.489534][ T30] ? __pfx_watchdog+0x10/0x10
[ 761.489552][ T30] kthread+0x370/0x450
[ 761.489579][ T30] ? __pfx_kthread+0x10/0x10
[ 761.489608][ T30] ret_from_fork+0x754/0xd80
[ 761.489639][ T30] ? __pfx_ret_from_fork+0x10/0x10
[ 761.489672][ T30] ? __switch_to+0x7b4/0x1120
[ 761.489695][ T30] ? __pfx_kthread+0x10/0x10
[ 761.489724][ T30] ret_from_fork_asm+0x1a/0x30
[ 761.489758][ T30]
[ 761.779264][ T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 761.786177][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full)
[ 761.796858][ T30] Tainted: [L]=SOFTLOCKUP
[ 761.801182][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 761.811240][ T30] Call Trace:
[ 761.814535][ T30]
[ 761.817465][ T30] dump_stack_lvl+0x100/0x190
[ 761.822189][ T30] vpanic+0x552/0x970
[ 761.826187][ T30] ? __pfx_vpanic+0x10/0x10
[ 761.830706][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 761.836876][ T30] panic+0xd1/0xe0
[ 761.840605][ T30] ? __pfx_panic+0x10/0x10
[ 761.845033][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[ 761.851202][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[ 761.857373][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230
[ 761.863539][ T30] ? watchdog.cold+0x198/0x1ca
[ 761.868309][ T30] ? watchdog+0xd35/0x1050
[ 761.872737][ T30] watchdog.cold+0x1a9/0x1ca
[ 761.877347][ T30] ? __pfx_watchdog+0x10/0x10
[ 761.882044][ T30] ? __kthread_parkme+0x18c/0x230
[ 761.887107][ T30] ? kthread+0x13a/0x450
[ 761.891362][ T30] ? __pfx_watchdog+0x10/0x10
[ 761.896045][ T30] kthread+0x370/0x450
[ 761.900124][ T30] ? __pfx_kthread+0x10/0x10
[ 761.904736][ T30] ret_from_fork+0x754/0xd80
[ 761.909365][ T30] ? __pfx_ret_from_fork+0x10/0x10
[ 761.914500][ T30] ? __switch_to+0x7b4/0x1120
[ 761.919184][ T30] ? __pfx_kthread+0x10/0x10
[ 761.923792][ T30] ret_from_fork_asm+0x1a/0x30
[ 761.928574][ T30]
[ 761.931672][ T30] Kernel Offset: disabled
[ 761.936006][ T30] Rebooting in 86400 seconds..