last executing test programs:

54.583806548s ago: executing program 1 (id=618):
r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/available_events\x00', 0x44080, 0x0)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r1, 0x400, 0x1)
read$auto_ftrace_avail_fops_trace_events(r1, &(0x7f0000000100)=""/177, 0xb1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
bpf$auto(0x1, &(0x7f0000000000)=@bpf_attr_4={0xf796, r0, 0x21, r0}, 0x7)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
close_range$auto(r1, 0x8, 0x0)
mmap$auto(0x0, 0x203, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
close_range$auto(0x2, 0x8, 0x0)
iopl$auto(0x3)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
mprotect$auto(0x80, 0x6, 0xd)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1, 0x801, 0x8000000000000000, 0x0)

54.029850194s ago: executing program 1 (id=620):
getpgid(0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
ioctl$auto(0x3, 0x80044d07, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x3, 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_create$auto(0x0, 0x5)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(0x3, 0x0, 0x5c8)
close_range$auto(0x0, 0x5, 0x0)

53.584067784s ago: executing program 1 (id=621):
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rB\x1cJ\x99`:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)

53.388544674s ago: executing program 1 (id=625):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000001100)='/sys/kernel/debug/dri/vkms/framebuffer\x00', 0x103402, 0x0)
unshare$auto(0x200)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/mnt\x00')
setns(r1, 0x0)
umount2$auto(&(0x7f0000000380)='/\x00', 0x1)
open(&(0x7f00000000c0)='./file0\x00', 0x200, 0xa4)
read$auto_drm_debugfs_entry_fops_drm_debugfs(r0, &(0x7f0000000000)=""/183, 0xb7)

53.240160537s ago: executing program 1 (id=627):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(0x4, 0x0, 0x100082)
sendmsg$auto_NL80211_CMD_STOP_AP(r0, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4001}, 0x4008000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
shutdown$auto(0x200000003, 0x2)

50.756022442s ago: executing program 0 (id=646):
r0 = openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x88041, 0x0)
write$auto_lowpan_enable_fops_(r0, &(0x7f0000000040)='3', 0x1)

50.511066428s ago: executing program 0 (id=639):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/options\x00', 0x800, 0x0)
socket(0x28, 0x1, 0x0)
socket(0x11, 0x80003, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(r0, &(0x7f00000001c0)='/dev/audio1\x00JR\xe7\xae\xd27M<f\xa7\x02\x8f\xcb],\xd3\x1d\x8c\x8bB\xc7\xfc\x90\xd1\x03h$\x98\xc4\xc2#\xc0{\xf2\xdf\x83\xa40\xa5?\x8e\x92\xf5\"\xa9q\x8d\xf9uR\x82\xbe.\x82OD.5\xc2\xcd\xa4\xd9@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\x1f\xc4\x03)\xbb\xa3\xb5\x10\'{\x97\x0e\xb3\xa1\xe10H\xd4\xefe\xac.f\x82Lk\xe5\xb3\x11AT6R@\xbb\x8c\xa4\xf2\xe8\xafo\x17\xb9\b<|tB!\xa3\xa5\n\b\x8cA;\xbc\xc7\x91\xeb\xc0\xc7\xeb$\xc0\xa6', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)

50.31085933s ago: executing program 1 (id=640):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(0x4, 0x0, 0x100082)
sendmsg$auto_NL80211_CMD_STOP_AP(r0, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000040)={0x644, 0x0, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_TID_CONFIG={0x5dc, 0x11d, 0x0, 0x1, [{0x120, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x7f}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xdc, 0xd, 0x0, 0x1, [@NL80211_TXRATE_VHT={0xd0, 0x3, "c24b91bffd21cbfcb71044a2c3556881be84858573a0407fbefd3fa3a99555e9d9f39c69d3a3c25eacd7dbd47e43c1600f5aeaa7ccc64e8ccc9236b2e7bd305828e54a08c0ebc081e8b84e9aaf00d2baedbed20e29e23d85f3ce075e0af38753361d446dd884998134f8e4e31b6caad92909c4f4b85aef7d054d4a1c672c365f5d4e62299e7c6692fe3432ee6039bd827939ce72e44ae82bbcfdc177d20e03e62c07ce26efbcff9a3099a3b3956e6686cacdfd30375ecc5b2163a390b419040e565c4ea30cc11c91dad0609a"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2f}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0xe4}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x9}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0xf8}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0xe1}]}, {0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2b}]}, {0x43c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1ff}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xffffffff}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x4e}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x23c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x10}, @NL80211_TXRATE_HE={0x88, 0x5, "4dacba5a2a976f762d395b55447479eccec0ded79c6424d73fa2256c0541f4a1df050ded8e310e7b70978e77cdc5577a90c0660c466d5d7012fff00242494beb0d97659ef5ec65d37d366b7e9a759ad185bc059ac303d1b70147a7097bfdd71ed5fdc4046096e24c02b68e1493e160bd6d2e26cd898f2a6d8481c925d7d4f84e318deeda"}, @NL80211_TXRATE_HE={0xa3, 0x5, "288b7683e45dffab5b25922bd43532d9f1d4c4db876bc8289c672860d02ed6c3d7dc522c1280529cbc0fbc807466cc561278e77934847d50b9379237c7cd9485c67df1fb354040d49462d22ad33208a5809e0929143d63b24686c87e44796d22e4048e20d10ce90b2e23b0dfe27a80b963ea57e9f54c295cfd81b60d450a5b860f25fb2d8de4565cafa18632669666e939f686dd182d813c2765a26961550e"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x9}, @NL80211_TXRATE_HE={0xea, 0x5, "2ccaf79a62a7bd7dc6b88715f9178727f818b7a978c52678eef23b07a8b4e9ec3ffc844d97f0c7d136bd4c98fba348781ac6b1af2be6c3f66e2e6c74c2271367d932dc489bd00568981eec637e48e4eacaa25fec1dc3f9cdc282d1c0badae7a9aeb0236c3750d749bb539a77b1c033299738e495956884a81dcded3cb344e62be0c2a1bea0549f9f5b6200a96a08d464f577d62d93e76d0bd68f2d6535d5c6b59f3c4c22ab514b457d8ccb9a9e8909607fbd844aa173391869cc4c6c50884102bda87ee05c8bb098a09fc94e0eeb4ecd78b724d041b84532a60275767478e89253843c53dd64"}, @NL80211_TXRATE_HE={0xf, 0x5, "90c746e7eca31fe352e4ef"}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c4, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x7}, @NL80211_TXRATE_VHT={0xef, 0x3, "9d86ccf3a3ccc6c9035cbc9d833e97aaf65100a1a01660c6cfa46559c1ee5be4dbcce4a83808d091336177be268d571d152c4b990709d5934f56179e4869c17bd0a0b3e26cb33d816c212d841f00469db9f456831e5dc2cdc529eb90d4d88c562d1a4faa25e119fbf9b18d26195ee765de2ab2d0060951f6a0a21ff76ed4bbe351538260d10c3b61b4d1f5ad3c7f5e04da99faaaf2dcde4d55b05c4ac274b8a5e0f19e9d05c63695ecde94ac3d410c6d59d17637881da54284c8cbe7047d6b2cfd21c8923a1d881110b5a41a2aa08c4b2e99b662da8ad4cfaa26a4910194c2870a29dc69af445527fafdb9"}, @NL80211_TXRATE_VHT={0x2e, 0x3, "3a69010ff9536f81d3d04f380d86ca5c3e1b1f12f404fbaf15b0c31312e181591f1435d8280b67eaa225"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x82, 0x3, "57ba5f71481653fc92755d6e5e81bf836e682072107a971a9a79e289ceda0c509cee134191e1dc42824fdec830aaacafd896f0ab326720cf953df15323c65aecb28c6ad8b8c357f88c066d6e1fafdc7dca714700010795160297ea20de530c4a3b19d1b8a2fd521b36e818c855b4582ea10da9f123aa3fc77c579aff927b"}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x8}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x8}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0xd0}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x75}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x6}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x53}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x3}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x8}]}, {0x4}]}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x8b}, @NL80211_ATTR_TIMED_OUT={0x4}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_MLO_TTLM_ULINK={0x3d, 0x149, "c1e4c1d5aaf723f3e5965667d6b94a065e422de5b6065b9755da527059eaeeba133740f135e45e0a5eccbef6b429657ec45fbf2e38b9db2695"}]}, 0x644}, 0x1, 0x0, 0x0, 0x4001}, 0x4008000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
shutdown$auto(0x200000003, 0x2)

49.097273618s ago: executing program 0 (id=642):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @my=0x1}, 0x55)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/options\x00', 0x800, 0x0)
socket(0x28, 0x1, 0x0)
socket(0x11, 0x80003, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
write$auto(r0, &(0x7f00000001c0)='/dev/audio1\x00JR\xe7\xae\xd27M<f\xa7\x02\x8f\xcb],\xd3\x1d\x8c\x8bB\xc7\xfc\x90\xd1\x03h$\x98\xc4\xc2#\xc0{\xf2\xdf\x83\xa40\xa5?\x8e\x92\xf5\"\xa9q\x8d\xf9uR\x82\xbe.\x82OD.5\xc2\xcd\xa4\xd9@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe9\x1f\xc4\x03)\xbb\xa3\xb5\x10\'{\x97\x0e\xb3\xa1\xe10H\xd4\xefe\xac.f\x82Lk\xe5\xb3\x11AT6R@\xbb\x8c\xa4\xf2\xe8\xafo\x17\xb9\b<|tB!\xa3\xa5\n\b\x8cA;\xbc\xc7\x91\xeb\xc0\xc7\xeb$\xc0\xa6', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)

47.372407657s ago: executing program 0 (id=647):
r0 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
read$auto(r0, 0x0, 0x7fff)

47.234144769s ago: executing program 0 (id=648):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0x261c2, 0x84)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)

46.959627845s ago: executing program 0 (id=650):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8006)
io_uring_setup$auto(0x59, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bpq4/address\x00', 0x185180, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4105, 0x1009)
socket(0xf, 0x3, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x2, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0xa, 0xffff, 0x0, 0x800000400000083}, 0x6)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0)
r1 = socket(0xa, 0x6, 0x0)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x69)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x1d, 0x6, 0x10000084)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6)
ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r2, 0x7cb, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x183080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001180)=""/187, 0xbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0)

31.828140075s ago: executing program 32 (id=650):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8006)
io_uring_setup$auto(0x59, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bpq4/address\x00', 0x185180, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4105, 0x1009)
socket(0xf, 0x3, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x2, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0xa, 0xffff, 0x0, 0x800000400000083}, 0x6)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0)
r1 = socket(0xa, 0x6, 0x0)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x69)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x1d, 0x6, 0x10000084)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6)
ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r2, 0x7cb, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x183080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001180)=""/187, 0xbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0)

29.323743354s ago: executing program 3 (id=691):
r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="280000008f4b9a74da14f91f189870021a80bb398aa58124d91038004be5cf6aebd1c5a8d5375d66adfc0c3b7357aa50e2d8bfe00e3c9bb6c5f2d53665bdd7d078220b9245783650f6f72b3ee011f6d0990647c94ca852f5", @ANYRES16=r0, @ANYBLOB="01002bbd7000fbdbdf2503000000040008001000018008001600", @ANYRES32=0x0, @ANYBLOB="b94c005e"], 0x28}, 0x1, 0x0, 0x0, 0x24000080}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/free_buffer\x00', 0x0, 0x0)
shutdown$auto(0x200000003, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40100, 0x0)
mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x280, 0x0)
open_tree$auto(r2, 0x0, 0x1001)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0x21, 0x2, 0x2)
socket(0x2, 0x80805, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, 0x0, 0x4000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x44000}, 0x40090)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

29.175577144s ago: executing program 3 (id=692):
r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/available_events\x00', 0x44080, 0x0)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r1, 0x400, 0x1)
read$auto_ftrace_avail_fops_trace_events(r1, &(0x7f0000000100)=""/177, 0xb1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
bpf$auto(0x1, &(0x7f0000000000)=@bpf_attr_4={0xf796, r0, 0x21, r0}, 0x7)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
close_range$auto(r1, 0x8, 0x0)
mmap$auto(0x0, 0x203, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
close_range$auto(0x2, 0x8, 0x0)
iopl$auto(0x3)
clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
mprotect$auto(0x80, 0x6, 0xd)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socketpair$auto(0x1, 0x801, 0x8000000000000000, 0x0)

28.997505762s ago: executing program 3 (id=693):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/rfkill6/persistent\x00', 0x8940, 0x0)
read$auto(r0, 0x0, 0x6)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x80000001, 0x8001, &(0x7f0000000040)=0xc9f, 0x3ff, 0x1)
unshare$auto(0x40000080)

28.825485651s ago: executing program 3 (id=694):
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
keyctl$auto(0x1e21470, 0x0, 0x0, 0xffffffffffffffff, 0xe)
mprotect$auto(0x10020000000000, 0x8000000000000001, 0xd)

28.662870675s ago: executing program 3 (id=695):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000)="5943e1ec9d0500003c9303000000000000007b6f727691c5fb562d213b203bc05d272097504adef1cf5aac050c99895e4b61c2bb99cc309becfff25848", 0x12, 0x0, 0x9, 0x0, 0xfff, 0xb}, 0x800009}, 0x5, 0x20000000)
socket(0x1d, 0x2, 0x7)
getpeername$auto(0x3, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, r0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_ETHTOOL_MSG_STATS_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x14, r1, 0x300, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x91}, 0x8c0)
socket(0x18, 0x4, 0x1)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
close_range$auto(0x2, 0x8, 0x0)

28.563313661s ago: executing program 3 (id=696):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8006)
io_uring_setup$auto(0x59, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bpq4/address\x00', 0x185180, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4105, 0x1009)
socket(0xf, 0x3, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x2, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0xa, 0xffff, 0x0, 0x800000400000083}, 0x6)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0)
r1 = socket(0xa, 0x6, 0x0)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x69)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
socket(0x1d, 0x6, 0x10000084)
bind$auto(r1, &(0x7f0000000280)=@nfc={0x27, 0x0, 0x1}, 0xffffffff)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6)
ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r2, 0x7cb, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x183080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001180)=""/187, 0xbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0)

12.635701596s ago: executing program 33 (id=696):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8006)
io_uring_setup$auto(0x59, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bpq4/address\x00', 0x185180, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4105, 0x1009)
socket(0xf, 0x3, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x2, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0xa, 0xffff, 0x0, 0x800000400000083}, 0x6)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0)
r1 = socket(0xa, 0x6, 0x0)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x0, @local}, 0x69)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
socket(0x1d, 0x6, 0x10000084)
bind$auto(r1, &(0x7f0000000280)=@nfc={0x27, 0x0, 0x1}, 0xffffffff)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20006, 0x3, 0xe72, 0x401, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0)
r3 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0x101, 0x0)
write$auto(r3, 0x0, 0xef)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6)
ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r2, 0x7cb, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x183080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001180)=""/187, 0xbb)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCVHANGUP2(0xffffffffffffffff, 0x5437, 0x0)

3.48911833s ago: executing program 2 (id=717):
landlock_create_ruleset$auto(0x0, 0xf4, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/soft_connect\x00', 0xc2481, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim4/take_snapshot\x00', 0x2, 0x0)
socket(0x2, 0x80805, 0x0)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
bpf$auto(0x4009, &(0x7f00000000c0)=@bpf_attr_0={0xf8b, 0x80006, 0xa, 0x4, 0x800, 0xffffffffffffffff, 0x10, "f0f59673e7cbac089db83500", 0x0, r0, 0xfffff588, 0x9, 0x2, 0x100000000000200}, 0x7f)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r0, 0x1, &(0x7f00000000c0))
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
msync$auto(0x1ffff000, 0x1800000fffffffb, 0x400000004)
mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8003)
write$auto(0x3, 0x0, 0x100082)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setns(0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="ea12e528ded30ff1309c8b1613007984cb"], 0x14}}, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10000, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff})
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0)
write$auto(r2, &(0x7f0000000000)='y\x8c', 0x2)
quotactl_fd$auto(r1, 0x2, 0xee01, &(0x7f0000000380)="c7a34676508b060b6a2b6c7752")
get_mempolicy$auto(&(0x7f0000000180)=0x6, &(0x7f0000000280)=0x5, 0xa6, 0xfff, 0x3)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x402, 0x8000)
r3 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
ppoll$auto(&(0x7f0000000000)={r3, 0x81, 0x9}, 0x9, &(0x7f0000000040)={0x1}, &(0x7f00000000c0), 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff)

2.609330007s ago: executing program 2 (id=718):
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000080}, 0x20000004)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000040)={{0x0, 0xf2cf, 0x1ff, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8})
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
write$auto(0x800000000000c8, 0x0, 0x1a)
mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001)
ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb5, 0x401, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x7fffffffffffffff, 0xdf, 0x15, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x9)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
r2 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r2, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='L', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x1b, 0x0, &(0x7f0000000040)=0x400)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

1.928359514s ago: executing program 2 (id=719):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x54}, 0x1)
r1 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
openat$auto_bsg_fops_bsg(0xffffffffffffff9c, 0x0, 0x81141, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
io_uring_setup$auto(0x81c5, 0x0)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/target/dbroot\x00', 0x0, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd)
acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00')
acct$auto(0x0)
getsockopt$auto(r1, 0x84, 0x1b, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x2, 0x1, 0x0)
r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
sendmsg$auto_SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, 0x0, 0x620, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x8880)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180), 0x2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0xb, 0x4008)
lseek$auto(r3, 0x1, 0x0)
sendmmsg$auto(r2, 0x0, 0x5, 0x20000000)
write$auto(0x3, 0x0, 0xfffffdef)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)

972.18058ms ago: executing program 2 (id=720):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0x1, 0x1)
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000000c0), r0)
shmctl$auto_IPC_SET(0x8020000, 0x1, &(0x7f0000000280)={{0x7, <r2=>0x0, 0x0, 0x200, 0x2579, 0x0, 0x6}, 0xd09c, 0x0, 0x81, 0x0, @inferred, @inferred, 0x0, 0x0, &(0x7f0000000100)="2a4d2c537b04732d810a5b5fe81329109d5dee9f307bce43e6b42eb70a845c29cb4c3c6b6fcf7b40cdadd9afb8838d92569db59aab4d614681a2f0f3e2ddd25af467795da1f4b3c4ed41dd06cfb9779a4409aa4d9c82e5d91415ced6c1572654c29ef18ff2fa26934bd21e69346650353e45dc6ded23b194615cb93c4a", &(0x7f0000000180)="169413"})
shmctl$auto_IPC_SET(0x7, 0x1, &(0x7f0000000440)={{0xff, <r3=>0xffffffffffffffff, 0xee01, 0x0, 0x7, 0xfffffffb, 0xa}, 0x9, 0x5, 0xffffffffffffffff, 0x3, @raw=0x2, @inferred, 0x8, 0x0, &(0x7f0000000300)="560f950fbc146e471f7e8987bc7765cf4d144acd1f1d9ccef1987ff99dc776de79b68e829d2f15fedfc61cf99169ef1770ef2e70d77f9ba08409cab2e9e0f20cdc02bdb173213c391be049208752568daaaca61865972653406e5c71ca631cb7c04814523a33146d8fa9703fd0", &(0x7f0000000380)="9723c8d269bbab92f047cce7273fa7a3e290ba8268b7211046c3214e765306a3959470bb7a0577476be8a6fdfa5f073d4ce4d18f3236e6301156ccda2bfa67563537c94bd39643f6"})
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
r4 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000980), 0x2, 0x0)
write$auto_ecryptfs_miscdev_fops_miscdev(r4, &(0x7f00000009c0)="becc40f99f699a920dd76162e2e2d950a225cdf54139bdd5eefd266c868c6c6f3c53a09ef395fc8752356877b4cd41ca3dc373d4b5b0bf4c41c677690c3117c42ff433b5b4c2fcbecabdbe2415af05cb288571081a9103bb81a317c382bc8f681042af9b7e3359f1a6909c1371ed2e6b08cbb6ccdee783121ed0378cf60dfe5cbce2b2a2", 0x84)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/wg0/drop_gratuitous_arp\x00', 0x202, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/net/bond0/queues/tx-6/traffic_class\x00', 0xe0a00, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000480)=""/142, 0x8e)
sendfile$auto(r5, r5, 0x0, 0x7fffe000)
sendmsg$auto_IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000940)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f00000004c0)={0x47c, r1, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xff}, @IPVS_CMD_ATTR_SERVICE={0x429, 0x1, 0x0, 0x1, [@typed={0x8, 0x6f, 0x0, 0x0, @fd=r0}, @nested={0x11d, 0x145, 0x0, 0x1, [@generic="1e533ee674e537f72bb7e1226024905492a98c562295fc28b5f4cd52b9b440be8d2cb717855fb90bcb8093f84549672b30ae0dd753184513f6595d1b3a7aa2fa5f201a577ce96c8381b33fc9b40457074c98495cc2fd721b6b5727f1b393293f2f9491141b75081a56c5e893fb75858b7a3f57713792e89b16ddb0ad0e9b97c5871cca2fcc810f7bc2afc0a13730b4df74500612c6d2c439a57471eea1a47726c0872e2e8e", @nested={0x4, 0x134}, @nested={0x4, 0x119}, @generic="d8995dd2d0a1fe75e07ebc30f88edecc86951cab856c891862255533858b9e4e7aa0395d4d1e3d3cdb7a31696917b461406bb104b5bcbfc281b735345fab5556c06cd5d465f93b3aa5a2e020523e68284651e00f221bc63f88e68d7c77470ba0e4e3b8eba4ae034e14c7c21e"]}, @typed={0x8, 0x13e, 0x0, 0x0, @uid=r2}, @generic="f5b8e7642d107c2894c79bd0af037d24ca54cccbee5b3106df084a07160393e23f61fa04025e08a9a1357d57aecd27b8099cbc9d41cc076694e74699b40c2745471e54647a68733087a7fe", @typed={0x8, 0x6e, 0x0, 0x0, @u32=0x4}, @nested={0x117, 0x96, 0x0, 0x1, [@nested={0x4, 0xc5}, @typed={0x8, 0xbe, 0x0, 0x0, @u32=0x6}, @typed={0x8, 0xd, 0x0, 0x0, @uid=r3}, @nested={0x4, 0xf5}, @generic="1c30ae884a3382bed9ac79e8ccac305ee8f2de623a4ccadef4c5af5a9a53c41c4411f3382039dde4cb62794452bc8e3d5d4b5cb2f6fb9ee50e64aead9d508639e2fceb92670f0bb3fd343f37e2b22dd3ad409141d48f9b9950b63dee99dd9b9f712fb121540935166b282eeb915b7f81b610db6e3c4a0bd8688c11cc335f8dc6e7d081a2578c51e6ad0b4df506154e31ae1fe1df78aa50499d350b5fbeba9e128cc5a531b352f6052482405ee4a9ceec63ac8acf1f5f2c36cd82635dbabb3c3c85cf8b6db81f0b25811d3866248d6a8e761b414261d49b737805811b7bdb4d2707f7ff626645f585070d89", @typed={0xc, 0x126, 0x0, 0x0, @u64=0x101}, @nested={0x4, 0x4d}]}, @typed={0x8, 0x118, 0x0, 0x0, @ipv4=@broadcast}, @generic="46e1825ee2679f745f96e6c98911d9a8b0e11eb98d3035ead79a6bc17660bd618116a8e63041da7971e26ae4d9e94e9134131e93ffbb82070fd8fd986d405a48966d25cc606cafccab2fef70e8fb77a03d22c630742e35dedadf2a6d16ca0b91fa6c218eb8dfd4541259e3d42b1c0a11b633d062e62bc8660e8010ae9be6f56a1fbb3d2694d7b86b9747aec5bf9b16bc53a82eb0531d0c2a8c1c0f2d088488c2b2555cc470ebe5f4167ae68f", @generic="a402fefe3fc506ef6faf7e799522c8d6f43e759f406eb4aefe6e98cf0c80428cdd9ca86ebb49a998d25a1c19268d0ad842409e5242023a9f39b112d357276f366c3dff3b96ea7d3a83d4e96e612149dcb715cfc9172c590115b12ecd1046c6bedd248e4c6a05df62ff7c9ce3ca9b1843108ee0f27585675c2f512ed0a38bc13354a47766740d0822ece26579563dceb35161a5b5c17f1beb31905a0c7f5747edd4316319562a49", @generic="e57bb94fddc127fbd8768a4cb8402917fa190852e12d85d64c28b0cb162a3107085482ba3981b9bf5384579bc827b3"]}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@nested={0x18, 0x22, 0x0, 0x1, [@typed={0x8, 0x27, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0xe7, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x13f}]}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xcc}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xd9}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}]}, 0x47c}, 0x1, 0x0, 0x0, 0x4080}, 0x40)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='J'], 0x1ac}}, 0x40000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r7 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
ioctl$auto(r7, 0xc0104d04, 0x8)

904.729932ms ago: executing program 2 (id=721):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000004180)='/dev/snd/controlC1\x00', 0x28180, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0xc1f, 0x9, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffc, 0x1f, 0xffffffffffffffff, 0x62)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0xd0800, 0x0)
write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000440)="19000003d30000", 0x7)
socket(0x2, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x80000000000000d, 0x1, 0x948d, 0x6, 0x15f4da0a, 0x1, 0x8, 0x1000000, 0xfffffffffffffffd, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card1\x00', 0x2000, 0x0)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/module/ima/parameters/ahash_bufsize\x00', 0x62, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video36\x00', 0x80800, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x741c3, 0x4c)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)

0s ago: executing program 2 (id=722):
r0 = socket(0x2, 0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/lru_gen/enabled\x00', 0x480, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/156, 0x9c)
sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)={0x1c, 0x0, 0x4, 0x70bd2c, 0x25dfdc00, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0xd000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
unshare$auto(0x6)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbcadf25020000000800038000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
process_vm_readv$auto(0x0, &(0x7f0000000040)={0x0, 0x8}, 0x4, 0x0, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ptrace$auto(0x10, 0x0, 0x4, 0x7ff)
r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev_snmp6/vlan0\x00', 0x9080, 0x0)
read$auto_proc_single_file_operations_base(r2, &(0x7f0000000140)=""/106, 0x6a)
r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x7c1, 0x3, 0xffffffffffffffff, 0x8, 0xff00000000000000)
write$auto_lowpan_enable_fops_(r3, &(0x7f0000000300)="d47e926bbb54e90c603d1358c17449d0814f95e06447c2090345f4f00cc1867faaa0222cdf854063292b6742e086df5bce34ceb21fb911afd7746f6f8261876f3af29e7d37944c14e55a409185ad1feab93aa77e06cabc72fd476ecf3dd0083c00a38f4cbd00fd25174037b42dd85e85e35556528f6aa73c26205ebe01285be582fbd61985ad818737f229459f847d8a6558146215f5c2357e70dc1b8bec7eb2684a3ccf32d4989e301e319396", 0xad)
mremap$auto(0x110c231000, 0x4, 0x4, 0x7, 0x100000000)
openat$auto_proc_auxv_operations_base(0xffffffffffffff9c, &(0x7f0000000440)='/proc/thread-self/auxv\x00', 0x10000, 0x0)

kernel console output (not intermixed with test programs):

 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  200.504041][ T7581] RSP: 002b:00007f80b670c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  200.504061][ T7581] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598bb7c
[  200.504075][ T7581] RDX: 000000000000000f RSI: 00007f80b670c0a0 RDI: 0000000000000004
[  200.504087][ T7581] RBP: 00007f80b670c090 R08: 0000000000000000 R09: 0000000000000000
[  200.504098][ T7581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.504109][ T7581] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  200.504137][ T7581]  </TASK>
[  202.754411][ T7613] FAULT_INJECTION: forcing a failure.
[  202.754411][ T7613] name failslab, interval 1, probability 0, space 0, times 0
[  202.885352][ T7613] CPU: 0 UID: 0 PID: 7613 Comm: syz.3.443 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  202.885389][ T7613] Tainted: [U]=USER
[  202.885396][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.885408][ T7613] Call Trace:
[  202.885414][ T7613]  <TASK>
[  202.885424][ T7613]  dump_stack_lvl+0x16c/0x1f0
[  202.885457][ T7613]  should_fail_ex+0x50a/0x650
[  202.885490][ T7613]  ? fs_reclaim_acquire+0xae/0x150
[  202.885521][ T7613]  should_failslab+0xc2/0x120
[  202.885543][ T7613]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  202.885580][ T7613]  ? handle_policy_update+0x1db/0x1210
[  202.885613][ T7613]  kstrdup+0x53/0x100
[  202.885642][ T7613]  handle_policy_update+0x1db/0x1210
[  202.885670][ T7613]  ? rcu_is_watching+0x12/0xc0
[  202.885699][ T7613]  ? __pfx_handle_policy_update+0x10/0x10
[  202.885728][ T7613]  ? apparmor_capable+0x114/0x1d0
[  202.885753][ T7613]  ? bpf_lsm_capable+0x9/0x10
[  202.885775][ T7613]  ? security_capable+0x7e/0x260
[  202.885814][ T7613]  safesetid_gid_file_write+0x87/0xc0
[  202.885844][ T7613]  ? __pfx_safesetid_gid_file_write+0x10/0x10
[  202.885872][ T7613]  vfs_write+0x24c/0x1150
[  202.885902][ T7613]  ? __fget_files+0x1fc/0x3a0
[  202.885933][ T7613]  ? __pfx___mutex_lock+0x10/0x10
[  202.885966][ T7613]  ? __pfx_vfs_write+0x10/0x10
[  202.886005][ T7613]  ? __fget_files+0x206/0x3a0
[  202.886044][ T7613]  ksys_write+0x12b/0x250
[  202.886072][ T7613]  ? __pfx_ksys_write+0x10/0x10
[  202.886112][ T7613]  do_syscall_64+0xcd/0x250
[  202.886143][ T7613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.886172][ T7613] RIP: 0033:0x7f080098d169
[  202.886191][ T7613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.886210][ T7613] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  202.886231][ T7613] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  202.886246][ T7613] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  202.886258][ T7613] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  202.886271][ T7613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.886284][ T7613] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  202.886315][ T7613]  </TASK>
[  207.131776][ T7654] FAULT_INJECTION: forcing a failure.
[  207.131776][ T7654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.210886][ T7654] CPU: 1 UID: 0 PID: 7654 Comm: syz.1.455 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  207.210921][ T7654] Tainted: [U]=USER
[  207.210928][ T7654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  207.210939][ T7654] Call Trace:
[  207.210945][ T7654]  <TASK>
[  207.210954][ T7654]  dump_stack_lvl+0x16c/0x1f0
[  207.210987][ T7654]  should_fail_ex+0x50a/0x650
[  207.211024][ T7654]  _copy_to_iter+0x2a1/0x1560
[  207.211052][ T7654]  ? chacha_block_generic+0x18a/0x270
[  207.211086][ T7654]  ? __pfx__copy_to_iter+0x10/0x10
[  207.211112][ T7654]  ? lockdep_hardirqs_on+0x7c/0x110
[  207.211138][ T7654]  ? crng_make_state+0x48e/0x6d0
[  207.211174][ T7654]  get_random_bytes_user+0x180/0x3c0
[  207.211208][ T7654]  ? __pfx_get_random_bytes_user+0x10/0x10
[  207.211245][ T7654]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  207.211283][ T7654]  ? import_ubuf+0x1b6/0x220
[  207.211307][ T7654]  __x64_sys_getrandom+0x184/0x290
[  207.211341][ T7654]  ? __pfx___x64_sys_getrandom+0x10/0x10
[  207.211389][ T7654]  do_syscall_64+0xcd/0x250
[  207.211418][ T7654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.211448][ T7654] RIP: 0033:0x7f80b598d169
[  207.211466][ T7654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.211486][ T7654] RSP: 002b:00007f80b670c038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[  207.211508][ T7654] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598d169
[  207.211530][ T7654] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000
[  207.211544][ T7654] RBP: 00007f80b670c090 R08: 0000000000000000 R09: 0000000000000000
[  207.211557][ T7654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  207.211570][ T7654] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  207.211600][ T7654]  </TASK>
[  208.466303][ T7673] FAULT_INJECTION: forcing a failure.
[  208.466303][ T7673] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  208.511773][ T7673] CPU: 0 UID: 0 PID: 7673 Comm: syz.1.461 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  208.511814][ T7673] Tainted: [U]=USER
[  208.511823][ T7673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  208.511836][ T7673] Call Trace:
[  208.511843][ T7673]  <TASK>
[  208.511852][ T7673]  dump_stack_lvl+0x16c/0x1f0
[  208.511888][ T7673]  should_fail_ex+0x50a/0x650
[  208.511923][ T7673]  ? __pfx___might_resched+0x10/0x10
[  208.511965][ T7673]  should_fail_alloc_page+0xe7/0x130
[  208.511991][ T7673]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  208.512029][ T7673]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  208.512066][ T7673]  ? mark_lock+0xb5/0xc60
[  208.512105][ T7673]  ? hlock_class+0x4e/0x130
[  208.512129][ T7673]  ? __lock_acquire+0xcc5/0x3c40
[  208.512160][ T7673]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  208.512208][ T7673]  ? __pfx___lock_acquire+0x10/0x10
[  208.512252][ T7673]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  208.512289][ T7673]  ? policy_nodemask+0xea/0x4e0
[  208.512329][ T7673]  alloc_pages_mpol+0x1fc/0x540
[  208.512354][ T7673]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  208.512389][ T7673]  ? xas_load+0x49/0x5b0
[  208.512418][ T7673]  ? filemap_get_entry+0xd0/0x3c0
[  208.512455][ T7673]  folio_alloc_noprof+0x20/0x2d0
[  208.512482][ T7673]  filemap_alloc_folio_noprof+0x39b/0x470
[  208.512511][ T7673]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  208.512546][ T7673]  __filemap_get_folio+0x5e9/0xbd0
[  208.512585][ T7673]  ioctx_alloc+0x763/0x2010
[  208.512620][ T7673]  ? __might_fault+0x13b/0x190
[  208.512650][ T7673]  ? __pfx_ioctx_alloc+0x10/0x10
[  208.512677][ T7673]  ? lock_acquire+0x2f/0xb0
[  208.512710][ T7673]  ? __might_fault+0xe3/0x190
[  208.512738][ T7673]  __x64_sys_io_setup+0xc9/0x210
[  208.512770][ T7673]  do_syscall_64+0xcd/0x250
[  208.512802][ T7673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.512834][ T7673] RIP: 0033:0x7f80b598d169
[  208.512854][ T7673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.512876][ T7673] RSP: 002b:00007f80b670c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  208.512900][ T7673] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598d169
[  208.512916][ T7673] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000007ffe
[  208.512931][ T7673] RBP: 00007f80b5a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  208.512946][ T7673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  208.512960][ T7673] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  208.512993][ T7673]  </TASK>
[  210.413926][ T7695] netlink: 342 bytes leftover after parsing attributes in process `syz.1.464'.
[  210.452013][ T7695] netlink: 342 bytes leftover after parsing attributes in process `syz.1.464'.
[  210.503037][ T7695] capability: warning: `syz.1.464' uses 32-bit capabilities (legacy support in use)
[  212.934160][ T7721] [U] 
[  212.936929][ T7721] [U] 
[  212.939669][ T7721] [U] 
[  212.942400][ T7721] [U] 
[  212.986604][ T7721] [U] 
[  212.989359][ T7721] [U] 
[  212.992086][ T7721] [U] 
[  212.994823][ T7721] [U] 
[  213.291093][ T7721] [U] 
[  213.293863][ T7721] [U] 
[  213.296589][ T7721] [U] 
[  213.299312][ T7721] [U] 
[  213.391161][ T7721] [U] 
[  213.393924][ T7721] [U] 
[  213.396651][ T7721] [U] 
[  213.399376][ T7721] [U] 
[  213.557611][ T7721] [U] 
[  213.560378][ T7721] [U] 
[  213.563111][ T7721] [U] 
[  213.565845][ T7721] [U] 
[  213.675892][ T7721] [U] 
[  213.678661][ T7721] [U] 
[  213.681387][ T7721] [U] 
[  213.684106][ T7721] [U] 
[  213.736926][ T7721] [U] 
[  213.739716][ T7721] [U] 
[  213.742444][ T7721] [U] 
[  213.745169][ T7721] [U] 
[  213.856503][ T7721] [U] 
[  213.859262][ T7721] [U] 
[  213.861987][ T7721] [U] 
[  213.864729][ T7721] [U] 
[  213.936208][ T7729] [U] 
[  215.739022][ T7728] kexec: Could not allocate control_code_buffer
[  217.254040][ T7775] FAULT_INJECTION: forcing a failure.
[  217.254040][ T7775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  217.281335][ T7775] CPU: 1 UID: 0 PID: 7775 Comm: syz.0.485 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  217.281371][ T7775] Tainted: [U]=USER
[  217.281379][ T7775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  217.281391][ T7775] Call Trace:
[  217.281398][ T7775]  <TASK>
[  217.281407][ T7775]  dump_stack_lvl+0x16c/0x1f0
[  217.281440][ T7775]  should_fail_ex+0x50a/0x650
[  217.281478][ T7775]  _copy_to_user+0x32/0xd0
[  217.281504][ T7775]  simple_read_from_buffer+0xd0/0x160
[  217.281535][ T7775]  proc_fail_nth_read+0x198/0x270
[  217.281564][ T7775]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  217.281594][ T7775]  ? rw_verify_area+0xcf/0x680
[  217.281621][ T7775]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  217.281648][ T7775]  vfs_read+0x1df/0xbf0
[  217.281683][ T7775]  ? __fget_files+0x1fc/0x3a0
[  217.281714][ T7775]  ? __pfx___mutex_lock+0x10/0x10
[  217.281742][ T7775]  ? __pfx_vfs_read+0x10/0x10
[  217.281779][ T7775]  ? __fget_files+0x206/0x3a0
[  217.281818][ T7775]  ksys_read+0x12b/0x250
[  217.281846][ T7775]  ? __pfx_ksys_read+0x10/0x10
[  217.281884][ T7775]  do_syscall_64+0xcd/0x250
[  217.281914][ T7775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.281944][ T7775] RIP: 0033:0x7fa041d8bb7c
[  217.281962][ T7775] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  217.281982][ T7775] RSP: 002b:00007fa042c10030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  217.282004][ T7775] RAX: ffffffffffffffda RBX: 00007fa041fa5fa0 RCX: 00007fa041d8bb7c
[  217.282019][ T7775] RDX: 000000000000000f RSI: 00007fa042c100a0 RDI: 0000000000000004
[  217.282032][ T7775] RBP: 00007fa042c10090 R08: 0000000000000000 R09: 0000000000000000
[  217.282045][ T7775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.282058][ T7775] R13: 0000000000000000 R14: 00007fa041fa5fa0 R15: 00007fff301d78c8
[  217.282089][ T7775]  </TASK>
[  218.628278][ T7792] FAULT_INJECTION: forcing a failure.
[  218.628278][ T7792] name failslab, interval 1, probability 0, space 0, times 0
[  218.665444][ T7792] CPU: 0 UID: 0 PID: 7792 Comm: syz.2.489 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  218.665484][ T7792] Tainted: [U]=USER
[  218.665492][ T7792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  218.665507][ T7792] Call Trace:
[  218.665514][ T7792]  <TASK>
[  218.665524][ T7792]  dump_stack_lvl+0x16c/0x1f0
[  218.665567][ T7792]  should_fail_ex+0x50a/0x650
[  218.665603][ T7792]  ? fs_reclaim_acquire+0xae/0x150
[  218.665637][ T7792]  ? seg6_net_init+0xac/0x1c0
[  218.665671][ T7792]  should_failslab+0xc2/0x120
[  218.665695][ T7792]  __kmalloc_cache_noprof+0x68/0x410
[  218.665726][ T7792]  ? __raw_spin_lock_init+0x3a/0x110
[  218.665767][ T7792]  ? __pfx_seg6_net_init+0x10/0x10
[  218.665803][ T7792]  seg6_net_init+0xac/0x1c0
[  218.665840][ T7792]  ops_init+0x1df/0x5f0
[  218.665879][ T7792]  setup_net+0x21f/0x860
[  218.665917][ T7792]  ? __pfx_setup_net+0x10/0x10
[  218.665950][ T7792]  ? down_read_killable+0xcc/0x380
[  218.665983][ T7792]  ? __pfx_down_read_killable+0x10/0x10
[  218.666014][ T7792]  ? __raw_spin_lock_init+0x3a/0x110
[  218.666052][ T7792]  ? debug_mutex_init+0x37/0x70
[  218.666081][ T7792]  copy_net_ns+0x2a6/0x5f0
[  218.666109][ T7792]  create_new_namespaces+0x3ea/0xad0
[  218.666154][ T7792]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  218.666193][ T7792]  ksys_unshare+0x45d/0xa40
[  218.666219][ T7792]  ? __pfx_ksys_unshare+0x10/0x10
[  218.666242][ T7792]  ? xfd_validate_state+0x5d/0x180
[  218.666285][ T7792]  __x64_sys_unshare+0x31/0x40
[  218.666310][ T7792]  do_syscall_64+0xcd/0x250
[  218.666342][ T7792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.666374][ T7792] RIP: 0033:0x7f589b98d169
[  218.666394][ T7792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.666417][ T7792] RSP: 002b:00007f589c796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  218.666438][ T7792] RAX: ffffffffffffffda RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  218.666454][ T7792] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  218.666468][ T7792] RBP: 00007f589ba0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  218.666483][ T7792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  218.666498][ T7792] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  218.666538][ T7792]  </TASK>
[  218.901150][    C0] vkms_vblank_simulate: vblank timer overrun
[  219.004100][ T7797] [U] 
[  219.006855][ T7797] [U] 
[  219.009580][ T7797] [U] 
[  219.012314][ T7797] [U] 
[  219.094634][ T7797] [U] 
[  219.097392][ T7797] [U] 
[  219.100114][ T7797] [U] 
[  219.102835][ T7797] [U] 
[  219.201415][ T7797] [U] 
[  219.204169][ T7797] [U] 
[  219.206887][ T7797] [U] 
[  219.209601][ T7797] [U] 
[  219.362597][ T7797] [U] 
[  219.365356][ T7797] [U] 
[  219.368081][ T7797] [U] 
[  219.370797][ T7797] [U] 
[  219.373975][ T7797] [U] 
[  219.376709][ T7797] [U] 
[  219.379425][ T7797] [U] 
[  219.382147][ T7797] [U] 
[  219.385223][ T7797] [U] 
[  219.387955][ T7797] [U] 
[  219.390670][ T7797] [U] 
[  219.393381][ T7797] [U] 
[  219.396390][ T7797] [U] 
[  219.399108][ T7797] [U] 
[  219.401828][ T7797] [U] 
[  219.404540][ T7797] [U] 
[  219.407537][ T7797] [U] 
[  219.410260][ T7797] [U] 
[  219.412974][ T7797] [U] 
[  219.415688][ T7797] [U] 
[  219.418685][ T7797] [U] 
[  219.421401][ T7797] [U] 
[  219.424128][ T7797] [U] 
[  219.426846][ T7797] [U] 
[  219.430375][ T7797] [U] 
[  219.433120][ T7797] [U] 
[  219.435839][ T7797] [U] 
[  219.438558][ T7797] [U] 
[  219.616776][ T7797] [U] 
[  219.619535][ T7797] [U] 
[  219.622255][ T7797] [U] 
[  219.624965][ T7797] [U] 
[  219.820654][ T7797] [U] 
[  219.823410][ T7797] [U] 
[  219.826115][ T7797] [U] 
[  219.828816][ T7797] [U] 
[  219.831788][ T7797] [U] 
[  219.834503][ T7797] [U] 
[  219.837226][ T7797] [U] 
[  219.839952][ T7797] [U] 
[  219.843622][ T7797] [U] 
[  219.846345][ T7797] [U] 
[  219.849062][ T7797] [U] 
[  219.851785][ T7797] [U] 
[  219.855240][ T7797] [U] 
[  219.857970][ T7797] [U] 
[  219.860685][ T7797] [U] 
[  219.863400][ T7797] [U] 
[  219.867170][ T7797] [U] 
[  219.869894][ T7797] [U] 
[  219.872607][ T7797] [U] 
[  219.875322][ T7797] [U] 
[  219.878894][ T7797] [U] 
[  219.881620][ T7797] [U] 
[  219.884331][ T7797] [U] 
[  219.887033][ T7797] [U] 
[  219.961242][ T7797] [U] 
[  219.963991][ T7797] [U] 
[  219.966712][ T7797] [U] 
[  219.969429][ T7797] [U] 
[  220.331135][ T7805] [U] 
[  222.388370][ T7837] FAULT_INJECTION: forcing a failure.
[  222.388370][ T7837] name failslab, interval 1, probability 0, space 0, times 0
[  222.469985][ T7837] CPU: 1 UID: 0 PID: 7837 Comm: syz.1.502 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  222.470023][ T7837] Tainted: [U]=USER
[  222.470030][ T7837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  222.470043][ T7837] Call Trace:
[  222.470049][ T7837]  <TASK>
[  222.470058][ T7837]  dump_stack_lvl+0x16c/0x1f0
[  222.470097][ T7837]  should_fail_ex+0x50a/0x650
[  222.470135][ T7837]  should_failslab+0xc2/0x120
[  222.470158][ T7837]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  222.470192][ T7837]  ? skb_clone+0x190/0x3f0
[  222.470228][ T7837]  skb_clone+0x190/0x3f0
[  222.470260][ T7837]  netlink_deliver_tap+0xabd/0xd30
[  222.470296][ T7837]  netlink_unicast+0x5e1/0x7f0
[  222.470329][ T7837]  ? __pfx_netlink_unicast+0x10/0x10
[  222.470359][ T7837]  ? __phys_addr_symbol+0x30/0x80
[  222.470382][ T7837]  ? __check_object_size+0x488/0x710
[  222.470409][ T7837]  netlink_sendmsg+0x8b8/0xd70
[  222.470444][ T7837]  ? __pfx_netlink_sendmsg+0x10/0x10
[  222.470485][ T7837]  ____sys_sendmsg+0xaaf/0xc90
[  222.470510][ T7837]  ? copy_msghdr_from_user+0x10b/0x160
[  222.470541][ T7837]  ? __pfx_____sys_sendmsg+0x10/0x10
[  222.470581][ T7837]  ___sys_sendmsg+0x135/0x1e0
[  222.470614][ T7837]  ? __pfx____sys_sendmsg+0x10/0x10
[  222.470658][ T7837]  ? __pfx_lock_release+0x10/0x10
[  222.470687][ T7837]  ? trace_lock_acquire+0x14e/0x1f0
[  222.470723][ T7837]  ? __fget_files+0x206/0x3a0
[  222.470763][ T7837]  __sys_sendmsg+0x16e/0x220
[  222.470799][ T7837]  ? __pfx___sys_sendmsg+0x10/0x10
[  222.470847][ T7837]  do_syscall_64+0xcd/0x250
[  222.470876][ T7837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.470907][ T7837] RIP: 0033:0x7f80b598d169
[  222.470930][ T7837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.470950][ T7837] RSP: 002b:00007f80b670c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  222.470977][ T7837] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598d169
[  222.470992][ T7837] RDX: 00000000040000c0 RSI: 0000400000000300 RDI: 0000000000000006
[  222.471005][ T7837] RBP: 00007f80b670c090 R08: 0000000000000000 R09: 0000000000000000
[  222.471018][ T7837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.471031][ T7837] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  222.471064][ T7837]  </TASK>
[  222.945509][ T7831] erspan0: entered allmulticast mode
[  224.887211][ T7867] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  226.005517][ T7877] FAULT_INJECTION: forcing a failure.
[  226.005517][ T7877] name failslab, interval 1, probability 0, space 0, times 0
[  226.032906][ T7877] CPU: 0 UID: 0 PID: 7877 Comm: syz.3.514 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  226.032947][ T7877] Tainted: [U]=USER
[  226.032956][ T7877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.032970][ T7877] Call Trace:
[  226.032977][ T7877]  <TASK>
[  226.032987][ T7877]  dump_stack_lvl+0x16c/0x1f0
[  226.033024][ T7877]  should_fail_ex+0x50a/0x650
[  226.033061][ T7877]  ? fs_reclaim_acquire+0xae/0x150
[  226.033097][ T7877]  should_failslab+0xc2/0x120
[  226.033121][ T7877]  __kmalloc_node_track_caller_noprof+0xcf/0x510
[  226.033162][ T7877]  ? __mutex_lock+0x1cc/0xb10
[  226.033190][ T7877]  ? kasprintf+0xc8/0x100
[  226.033220][ T7877]  kvasprintf+0xbd/0x160
[  226.033244][ T7877]  ? __pfx_kvasprintf+0x10/0x10
[  226.033272][ T7877]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  226.033312][ T7877]  kasprintf+0xc8/0x100
[  226.033337][ T7877]  ? __pfx_kasprintf+0x10/0x10
[  226.033365][ T7877]  ? __pfx_lockdep_lock+0x10/0x10
[  226.033397][ T7877]  ? lockdep_unlock+0x11a/0x290
[  226.033427][ T7877]  alloc_workqueue+0x115/0x200
[  226.033452][ T7877]  ? __pfx_alloc_workqueue+0x10/0x10
[  226.033483][ T7877]  ? rcu_is_watching+0x12/0xc0
[  226.033508][ T7877]  ? trace_kmalloc+0x2d/0xd0
[  226.033534][ T7877]  ? __kmalloc_noprof+0x23b/0x510
[  226.033567][ T7877]  ? __pfx_lock_release+0x10/0x10
[  226.033597][ T7877]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  226.033640][ T7877]  ieee80211_register_hw+0x1e3b/0x4060
[  226.033685][ T7877]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  226.033725][ T7877]  ? net_generic+0xea/0x2a0
[  226.033758][ T7877]  ? lockdep_init_map_type+0x16d/0x7d0
[  226.033797][ T7877]  ? __asan_memset+0x23/0x50
[  226.033828][ T7877]  ? __hrtimer_init+0x106/0x2c0
[  226.033866][ T7877]  mac80211_hwsim_new_radio+0x304e/0x54e0
[  226.033920][ T7877]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  226.033964][ T7877]  hwsim_new_radio_nl+0xb42/0x12b0
[  226.033999][ T7877]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.034043][ T7877]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  226.034080][ T7877]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  226.034124][ T7877]  genl_family_rcv_msg_doit+0x202/0x2f0
[  226.034162][ T7877]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  226.034197][ T7877]  ? trace_cap_capable+0x1a2/0x210
[  226.034232][ T7877]  ? bpf_lsm_capable+0x9/0x10
[  226.034257][ T7877]  ? security_capable+0x7e/0x260
[  226.034296][ T7877]  ? ns_capable+0xd7/0x110
[  226.034332][ T7877]  genl_rcv_msg+0x565/0x800
[  226.034372][ T7877]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.034407][ T7877]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  226.034450][ T7877]  netlink_rcv_skb+0x16b/0x440
[  226.034493][ T7877]  ? __pfx_genl_rcv_msg+0x10/0x10
[  226.034531][ T7877]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  226.034576][ T7877]  ? down_read+0xc9/0x330
[  226.034620][ T7877]  ? __pfx_down_read+0x10/0x10
[  226.034654][ T7877]  ? netlink_deliver_tap+0x1ae/0xd30
[  226.034690][ T7877]  genl_rcv+0x28/0x40
[  226.034727][ T7877]  netlink_unicast+0x53c/0x7f0
[  226.034773][ T7877]  ? __pfx_netlink_unicast+0x10/0x10
[  226.034808][ T7877]  ? __phys_addr_symbol+0x30/0x80
[  226.034834][ T7877]  ? __check_object_size+0x488/0x710
[  226.034864][ T7877]  netlink_sendmsg+0x8b8/0xd70
[  226.034918][ T7877]  ? __pfx_netlink_sendmsg+0x10/0x10
[  226.034974][ T7877]  ____sys_sendmsg+0xaaf/0xc90
[  226.035002][ T7877]  ? copy_msghdr_from_user+0x10b/0x160
[  226.035047][ T7877]  ? __pfx_____sys_sendmsg+0x10/0x10
[  226.035091][ T7877]  ___sys_sendmsg+0x135/0x1e0
[  226.035133][ T7877]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.035183][ T7877]  ? __pfx_lock_release+0x10/0x10
[  226.035216][ T7877]  ? trace_lock_acquire+0x14e/0x1f0
[  226.035255][ T7877]  ? __fget_files+0x206/0x3a0
[  226.035297][ T7877]  __sys_sendmsg+0x16e/0x220
[  226.035331][ T7877]  ? __pfx___sys_sendmsg+0x10/0x10
[  226.035364][ T7877]  ? __x64_sys_futex+0x1e1/0x4c0
[  226.035416][ T7877]  do_syscall_64+0xcd/0x250
[  226.035448][ T7877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.035481][ T7877] RIP: 0033:0x7f080098d169
[  226.035501][ T7877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.035525][ T7877] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  226.035548][ T7877] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  226.035564][ T7877] RDX: 00000000040000c0 RSI: 0000400000000300 RDI: 0000000000000006
[  226.035580][ T7877] RBP: 00007f0800a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  226.035595][ T7877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.035610][ T7877] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  226.035641][ T7877]  </TASK>
[  226.559819][ T7880] FAULT_INJECTION: forcing a failure.
[  226.559819][ T7880] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  226.638371][ T7880] CPU: 0 UID: 0 PID: 7880 Comm: syz.2.513 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  226.638408][ T7880] Tainted: [U]=USER
[  226.638415][ T7880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  226.638427][ T7880] Call Trace:
[  226.638433][ T7880]  <TASK>
[  226.638442][ T7880]  dump_stack_lvl+0x16c/0x1f0
[  226.638475][ T7880]  should_fail_ex+0x50a/0x650
[  226.638506][ T7880]  ? __pfx___might_resched+0x10/0x10
[  226.638543][ T7880]  should_fail_alloc_page+0xe7/0x130
[  226.638568][ T7880]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  226.638603][ T7880]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  226.638639][ T7880]  ? copy_splice_read+0x1a8/0xb80
[  226.638673][ T7880]  ? stack_trace_save+0x95/0xd0
[  226.638698][ T7880]  ? __pfx_stack_trace_save+0x10/0x10
[  226.638723][ T7880]  ? stack_depot_save_flags+0x28/0x9c0
[  226.638761][ T7880]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  226.638793][ T7880]  ? kasan_save_stack+0x42/0x60
[  226.638823][ T7880]  ? kasan_save_track+0x14/0x30
[  226.638853][ T7880]  ? __kmalloc_noprof+0x21c/0x510
[  226.638882][ T7880]  ? copy_splice_read+0x1a8/0xb80
[  226.638907][ T7880]  ? do_splice_read+0x282/0x370
[  226.638932][ T7880]  ? splice_direct_to_actor+0x2a4/0xa40
[  226.638959][ T7880]  ? do_splice_direct+0x178/0x250
[  226.638984][ T7880]  ? do_sendfile+0xafb/0xe40
[  226.639010][ T7880]  ? __x64_sys_sendfile64+0x1da/0x220
[  226.639053][ T7880]  alloc_pages_bulk_noprof+0x6f9/0x1390
[  226.639097][ T7880]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  226.639138][ T7880]  ? trace_kmalloc+0x2d/0xd0
[  226.639162][ T7880]  ? __kmalloc_noprof+0x23b/0x510
[  226.639200][ T7880]  copy_splice_read+0x1e0/0xb80
[  226.639230][ T7880]  ? ktime_get_coarse_real_ts64_mg+0x26c/0x320
[  226.639260][ T7880]  ? ktime_get_coarse_real_ts64_mg+0x200/0x320
[  226.639291][ T7880]  ? __pfx_copy_splice_read+0x10/0x10
[  226.639321][ T7880]  ? find_held_lock+0x2d/0x110
[  226.639351][ T7880]  ? __pfx_lock_release+0x10/0x10
[  226.639379][ T7880]  ? trace_lock_acquire+0x14e/0x1f0
[  226.639409][ T7880]  ? __pfx_copy_splice_read+0x10/0x10
[  226.639436][ T7880]  do_splice_read+0x282/0x370
[  226.639466][ T7880]  splice_direct_to_actor+0x2a4/0xa40
[  226.639494][ T7880]  ? __pfx_direct_splice_actor+0x10/0x10
[  226.639528][ T7880]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  226.639560][ T7880]  ? __fget_files+0x1fc/0x3a0
[  226.639594][ T7880]  do_splice_direct+0x178/0x250
[  226.639623][ T7880]  ? __pfx_do_splice_direct+0x10/0x10
[  226.639657][ T7880]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  226.639691][ T7880]  ? rw_verify_area+0xcf/0x680
[  226.639720][ T7880]  do_sendfile+0xafb/0xe40
[  226.639754][ T7880]  ? __pfx_do_sendfile+0x10/0x10
[  226.639782][ T7880]  ? arch_do_signal_or_restart+0x212/0x7e0
[  226.639807][ T7880]  ? __fget_files+0x206/0x3a0
[  226.639836][ T7880]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  226.639869][ T7880]  __x64_sys_sendfile64+0x1da/0x220
[  226.639890][ T7880]  ? ksys_write+0x1ba/0x250
[  226.639917][ T7880]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  226.639948][ T7880]  do_syscall_64+0xcd/0x250
[  226.639979][ T7880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.640008][ T7880] RIP: 0033:0x7f589b98d169
[  226.640027][ T7880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.640049][ T7880] RSP: 002b:00007f589c796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  226.640070][ T7880] RAX: ffffffffffffffda RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  226.640086][ T7880] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  226.640099][ T7880] RBP: 00007f589c796090 R08: 0000000000000000 R09: 0000000000000000
[  226.640113][ T7880] R10: 0000000e00000000 R11: 0000000000000246 R12: 0000000000000002
[  226.640126][ T7880] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  226.640156][ T7880]  </TASK>
[  227.733015][ T7892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.517'.
[  229.181045][   T29] audit: type=1800 audit(4294967302.930:6): pid=7912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.523" name="members" dev="configfs" ino=15393 res=0 errno=0
[  229.321171][ T7921] [U] 
[  229.323944][ T7921] [U] 
[  229.326663][ T7921] [U] 
[  229.329382][ T7921] [U] 
[  229.409637][ T7921] [U] 
[  229.412404][ T7921] [U] 
[  229.415139][ T7921] [U] 
[  229.417864][ T7921] [U] 
[  229.481028][ T7921] [U] 
[  229.483796][ T7921] [U] 
[  229.486522][ T7921] [U] 
[  229.489246][ T7921] [U] 
[  229.590986][ T7921] [U] 
[  229.593757][ T7921] [U] 
[  229.596482][ T7921] [U] 
[  229.599209][ T7921] [U] 
[  229.671882][ T7921] [U] 
[  229.674627][ T7921] [U] 
[  229.677328][ T7921] [U] 
[  229.680029][ T7921] [U] 
[  229.719441][ T7921] [U] 
[  229.722204][ T7921] [U] 
[  229.724921][ T7921] [U] 
[  229.727637][ T7921] [U] 
[  229.777848][ T7921] [U] 
[  229.780622][ T7921] [U] 
[  229.783346][ T7921] [U] 
[  229.786071][ T7921] [U] 
[  229.847864][ T7921] [U] 
[  229.850622][ T7921] [U] 
[  229.853349][ T7921] [U] 
[  229.856070][ T7921] [U] 
[  229.916217][ T7921] [U] 
[  229.918984][ T7921] [U] 
[  229.921710][ T7921] [U] 
[  229.924432][ T7921] [U] 
[  230.136629][ T7921] [U] 
[  230.139391][ T7921] [U] 
[  230.142126][ T7921] [U] 
[  230.144852][ T7921] [U] 
[  230.241434][ T7921] [U] 
[  230.244189][ T7921] [U] 
[  230.246914][ T7921] [U] 
[  230.249631][ T7921] [U] 
[  230.317383][ T7921] [U] 
[  230.320144][ T7921] [U] 
[  230.322871][ T7921] [U] 
[  230.325599][ T7921] [U] 
[  230.380050][ T7921] [U] 
[  230.382805][ T7921] [U] 
[  230.385533][ T7921] [U] 
[  230.388248][ T7921] [U] 
[  230.495903][ T7921] [U] 
[  230.498672][ T7921] [U] 
[  230.501393][ T7921] [U] 
[  230.504110][ T7921] [U] 
[  230.507328][ T7921] [U] 
[  230.510070][ T7921] [U] 
[  230.512800][ T7921] [U] 
[  230.515522][ T7921] [U] 
[  230.523700][ T7921] [U] 
[  230.526451][ T7921] [U] 
[  230.529186][ T7921] [U] 
[  230.531908][ T7921] [U] 
[  230.535303][ T7921] [U] 
[  230.538040][ T7921] [U] 
[  230.540765][ T7921] [U] 
[  230.543480][ T7921] [U] 
[  230.561865][ T7921] [U] 
[  230.564621][ T7921] [U] 
[  230.567346][ T7921] [U] 
[  230.570067][ T7921] [U] 
[  230.603901][ T7921] [U] 
[  231.560024][ T7955] FAULT_INJECTION: forcing a failure.
[  231.560024][ T7955] name failslab, interval 1, probability 0, space 0, times 0
[  231.658931][ T7955] CPU: 1 UID: 0 PID: 7955 Comm: syz.1.535 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  231.658973][ T7955] Tainted: [U]=USER
[  231.658982][ T7955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  231.658996][ T7955] Call Trace:
[  231.659001][ T7955]  <TASK>
[  231.659011][ T7955]  dump_stack_lvl+0x16c/0x1f0
[  231.659048][ T7955]  should_fail_ex+0x50a/0x650
[  231.659085][ T7955]  ? fs_reclaim_acquire+0xae/0x150
[  231.659120][ T7955]  should_failslab+0xc2/0x120
[  231.659145][ T7955]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  231.659183][ T7955]  ? __xlate_proc_name+0x173/0x210
[  231.659217][ T7955]  ? __proc_create+0x2c0/0x8b0
[  231.659256][ T7955]  __proc_create+0x2c0/0x8b0
[  231.659292][ T7955]  ? __pfx___proc_create+0x10/0x10
[  231.659326][ T7955]  ? find_held_lock+0x2d/0x110
[  231.659363][ T7955]  _proc_mkdir+0xbb/0x200
[  231.659387][ T7955]  ? __pfx__proc_mkdir+0x10/0x10
[  231.659418][ T7955]  ? __pfx_vlan_init_net+0x10/0x10
[  231.659450][ T7955]  vlan_proc_init+0x93/0x180
[  231.659479][ T7955]  ops_init+0x1df/0x5f0
[  231.659518][ T7955]  setup_net+0x21f/0x860
[  231.659555][ T7955]  ? __pfx_setup_net+0x10/0x10
[  231.659587][ T7955]  ? down_read_killable+0xcc/0x380
[  231.659620][ T7955]  ? __pfx_down_read_killable+0x10/0x10
[  231.659652][ T7955]  ? __raw_spin_lock_init+0x3a/0x110
[  231.659690][ T7955]  ? debug_mutex_init+0x37/0x70
[  231.659720][ T7955]  copy_net_ns+0x2a6/0x5f0
[  231.659748][ T7955]  create_new_namespaces+0x3ea/0xad0
[  231.659793][ T7955]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  231.659832][ T7955]  ksys_unshare+0x45d/0xa40
[  231.659858][ T7955]  ? __pfx_ksys_unshare+0x10/0x10
[  231.659890][ T7955]  ? xfd_validate_state+0x5d/0x180
[  231.659938][ T7955]  __x64_sys_unshare+0x31/0x40
[  231.659967][ T7955]  do_syscall_64+0xcd/0x250
[  231.660000][ T7955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.660034][ T7955] RIP: 0033:0x7f80b598d169
[  231.660055][ T7955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.660078][ T7955] RSP: 002b:00007f80b670c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  231.660102][ T7955] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598d169
[  231.660118][ T7955] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  231.660132][ T7955] RBP: 00007f80b5a0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  231.660147][ T7955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  231.660161][ T7955] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  231.660194][ T7955]  </TASK>
[  231.914738][    C1] vkms_vblank_simulate: vblank timer overrun
[  231.921658][ T7955] 8021q: can't create entry in proc filesystem!
[  232.623126][ T7968] netlink: 330 bytes leftover after parsing attributes in process `syz.0.540'.
[  232.890013][ T7973] netlink: 28 bytes leftover after parsing attributes in process `syz.1.542'.
[  233.547339][ T7972] FAULT_INJECTION: forcing a failure.
[  233.547339][ T7972] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  233.561791][ T7972] CPU: 1 UID: 0 PID: 7972 Comm: syz.2.543 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  233.561827][ T7972] Tainted: [U]=USER
[  233.561836][ T7972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  233.561849][ T7972] Call Trace:
[  233.561856][ T7972]  <TASK>
[  233.561866][ T7972]  dump_stack_lvl+0x16c/0x1f0
[  233.561901][ T7972]  should_fail_ex+0x50a/0x650
[  233.561937][ T7972]  ? __pfx___might_resched+0x10/0x10
[  233.561980][ T7972]  should_fail_alloc_page+0xe7/0x130
[  233.562007][ T7972]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  233.562046][ T7972]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  233.562101][ T7972]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  233.562151][ T7972]  ? find_held_lock+0x2d/0x110
[  233.562179][ T7972]  ? page_ext_put+0x3e/0xd0
[  233.562210][ T7972]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  233.562248][ T7972]  ? policy_nodemask+0xea/0x4e0
[  233.562287][ T7972]  alloc_pages_mpol+0x1fc/0x540
[  233.562312][ T7972]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  233.562332][ T7972]  ? page_ext_put+0x48/0xd0
[  233.562363][ T7972]  ? page_table_check_set.part.0+0x3b8/0x550
[  233.562399][ T7972]  ? find_held_lock+0x2d/0x110
[  233.562429][ T7972]  folio_alloc_mpol_noprof+0x36/0x2f0
[  233.562459][ T7972]  vma_alloc_folio_noprof+0xee/0x1b0
[  233.562486][ T7972]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  233.562515][ T7972]  ? __pfx___might_resched+0x10/0x10
[  233.562556][ T7972]  copy_page_range+0x3dac/0x5690
[  233.562625][ T7972]  ? __pfx_copy_page_range+0x10/0x10
[  233.562656][ T7972]  ? mas_store+0x941/0x10d0
[  233.562706][ T7972]  ? __pfx_mas_store+0x10/0x10
[  233.562738][ T7972]  ? lock_acquire+0x2f/0xb0
[  233.562769][ T7972]  ? copy_process+0x79c4/0x8c50
[  233.562805][ T7972]  ? up_write+0x1b2/0x520
[  233.562844][ T7972]  copy_process+0x7ccb/0x8c50
[  233.562893][ T7972]  ? __pfx_copy_process+0x10/0x10
[  233.562914][ T7972]  ? __pfx___futex_wait+0x10/0x10
[  233.562979][ T7972]  kernel_clone+0xfd/0x960
[  233.563005][ T7972]  ? __pfx_kernel_clone+0x10/0x10
[  233.563047][ T7972]  ? 0xffffffffff600000
[  233.563066][ T7972]  __do_sys_clone+0xcf/0x120
[  233.563090][ T7972]  ? __pfx___do_sys_clone+0x10/0x10
[  233.563116][ T7972]  ? 0xffffffffff600000
[  233.563146][ T7972]  ? rcu_is_watching+0x12/0xc0
[  233.563182][ T7972]  do_syscall_64+0xcd/0x250
[  233.563214][ T7972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.563246][ T7972] RIP: 0033:0x7f589b98d169
[  233.563265][ T7972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.563288][ T7972] RSP: 002b:00007f589c796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  233.563310][ T7972] RAX: ffffffffffffffda RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  233.563327][ T7972] RDX: ffffffffffffffff RSI: 0000000000002100 RDI: 0000000000008004
[  233.563342][ T7972] RBP: 00007f589ba0e2a0 R08: 0000000000000006 R09: 0000000000000000
[  233.563356][ T7972] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  233.563371][ T7972] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  233.563393][ T7972]  ? 0xffffffffff600000
[  233.563420][ T7972]  </TASK>
[  233.877811][    C1] vkms_vblank_simulate: vblank timer overrun
[  234.454414][ T8010] FAULT_INJECTION: forcing a failure.
[  234.454414][ T8010] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  234.512148][ T8010] CPU: 1 UID: 0 PID: 8010 Comm: syz.0.558 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  234.512190][ T8010] Tainted: [U]=USER
[  234.512198][ T8010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.512212][ T8010] Call Trace:
[  234.512219][ T8010]  <TASK>
[  234.512228][ T8010]  dump_stack_lvl+0x16c/0x1f0
[  234.512263][ T8010]  should_fail_ex+0x50a/0x650
[  234.512297][ T8010]  ? __pfx___might_resched+0x10/0x10
[  234.512335][ T8010]  should_fail_alloc_page+0xe7/0x130
[  234.512360][ T8010]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  234.512397][ T8010]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  234.512434][ T8010]  ? __pfx_mark_lock+0x10/0x10
[  234.512464][ T8010]  ? lock_acquire.part.0+0x11b/0x380
[  234.512491][ T8010]  ? hlock_class+0x4e/0x130
[  234.512512][ T8010]  ? __lock_acquire+0x15a9/0x3c40
[  234.512540][ T8010]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  234.512590][ T8010]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  234.512626][ T8010]  ? policy_nodemask+0xea/0x4e0
[  234.512661][ T8010]  alloc_pages_mpol+0x1fc/0x540
[  234.512682][ T8010]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  234.512802][ T8010]  ? find_held_lock+0x2d/0x110
[  234.512848][ T8010]  folio_alloc_mpol_noprof+0x36/0x2f0
[  234.512878][ T8010]  shmem_alloc_folio+0x135/0x160
[  234.512917][ T8010]  shmem_alloc_and_add_folio+0x48e/0xc10
[  234.512948][ T8010]  ? shmem_huge_global_enabled+0x72/0x6b0
[  234.513082][ T8010]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  234.513191][ T8010]  ? shmem_allowable_huge_orders+0xd0/0x410
[  234.513230][ T8010]  shmem_get_folio_gfp+0x689/0x1530
[  234.513265][ T8010]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  234.513290][ T8010]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  234.513312][ T8010]  ? __pfx___might_resched+0x10/0x10
[  234.513350][ T8010]  shmem_fallocate+0x7c0/0xfb0
[  234.513393][ T8010]  ? __pfx_shmem_fallocate+0x10/0x10
[  234.513422][ T8010]  ? __pfx___lock_acquire+0x10/0x10
[  234.513465][ T8010]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  234.513494][ T8010]  ? rcu_is_watching+0x12/0xc0
[  234.513527][ T8010]  ? trace_lock_acquire+0x14e/0x1f0
[  234.513555][ T8010]  ? __x64_sys_fallocate+0xd5/0x150
[  234.513592][ T8010]  ? __pfx_shmem_fallocate+0x10/0x10
[  234.513619][ T8010]  vfs_fallocate+0x60d/0x10d0
[  234.513651][ T8010]  ? __pfx_vfs_fallocate+0x10/0x10
[  234.513678][ T8010]  ? __fget_files+0x206/0x3a0
[  234.513716][ T8010]  __x64_sys_fallocate+0xd5/0x150
[  234.513752][ T8010]  do_syscall_64+0xcd/0x250
[  234.513784][ T8010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.513816][ T8010] RIP: 0033:0x7fa041d8d169
[  234.513836][ T8010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.513858][ T8010] RSP: 002b:00007fa042c10038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  234.513879][ T8010] RAX: ffffffffffffffda RBX: 00007fa041fa5fa0 RCX: 00007fa041d8d169
[  234.513894][ T8010] RDX: 000000000000000d RSI: 0000000000000000 RDI: 8000000000000003
[  234.513908][ T8010] RBP: 00007fa041e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  234.513923][ T8010] R10: 00000000000cbd5d R11: 0000000000000246 R12: 0000000000000000
[  234.513938][ T8010] R13: 0000000000000000 R14: 00007fa041fa5fa0 R15: 00007fff301d78c8
[  234.513972][ T8010]  </TASK>
[  234.838113][    C1] vkms_vblank_simulate: vblank timer overrun
[  235.537143][ T5836] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  235.537184][ T5836] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  235.553910][ T5836] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  235.553945][ T5836] Bluetooth: hci0: adv larger than maximum supported
[  235.561893][ T5836] Bluetooth: hci0: adv larger than maximum supported
[  235.568604][ T5836] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  235.577414][ T5836] Bluetooth: hci0: Malformed LE Event: 0x0d
[  235.632501][ T8030] FAULT_INJECTION: forcing a failure.
[  235.632501][ T8030] name failslab, interval 1, probability 0, space 0, times 0
[  235.651043][ T8030] CPU: 1 UID: 0 PID: 8030 Comm: syz.2.553 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  235.651077][ T8030] Tainted: [U]=USER
[  235.651083][ T8030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  235.651095][ T8030] Call Trace:
[  235.651100][ T8030]  <TASK>
[  235.651109][ T8030]  dump_stack_lvl+0x16c/0x1f0
[  235.651140][ T8030]  should_fail_ex+0x50a/0x650
[  235.651171][ T8030]  ? fs_reclaim_acquire+0xae/0x150
[  235.651201][ T8030]  should_failslab+0xc2/0x120
[  235.651221][ T8030]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  235.651253][ T8030]  ? __alloc_skb+0x2b1/0x380
[  235.651287][ T8030]  __alloc_skb+0x2b1/0x380
[  235.651314][ T8030]  ? __pfx___alloc_skb+0x10/0x10
[  235.651341][ T8030]  ? __mutex_init+0x120/0x120
[  235.651371][ T8030]  ? __pfx___mutex_trylock_common+0x10/0x10
[  235.651402][ T8030]  ? __netlink_dump_start+0x154/0x970
[  235.651433][ T8030]  netlink_dump+0x699/0xd00
[  235.651458][ T8030]  ? __mutex_lock+0x1cc/0xb10
[  235.651485][ T8030]  ? __pfx_netlink_dump+0x10/0x10
[  235.651511][ T8030]  ? __netlink_dump_start+0x154/0x970
[  235.651551][ T8030]  ? netlink_lookup+0x259/0x520
[  235.651578][ T8030]  ? __pfx_netlink_lookup+0x10/0x10
[  235.651615][ T8030]  __netlink_dump_start+0x6ca/0x970
[  235.651647][ T8030]  ? __pfx_tc_dump_action+0x10/0x10
[  235.651679][ T8030]  rtnetlink_rcv_msg+0xb44/0xea0
[  235.651723][ T8030]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  235.651754][ T8030]  ? __pfx_rtnl_dumpit+0x10/0x10
[  235.651776][ T8030]  ? __pfx_tc_dump_action+0x10/0x10
[  235.651821][ T8030]  netlink_rcv_skb+0x16b/0x440
[  235.651850][ T8030]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  235.651882][ T8030]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  235.651931][ T8030]  ? netlink_deliver_tap+0x1ae/0xd30
[  235.651966][ T8030]  netlink_unicast+0x53c/0x7f0
[  235.652003][ T8030]  ? __pfx_netlink_unicast+0x10/0x10
[  235.652034][ T8030]  ? __phys_addr_symbol+0x30/0x80
[  235.652057][ T8030]  ? __check_object_size+0x488/0x710
[  235.652086][ T8030]  netlink_sendmsg+0x8b8/0xd70
[  235.652120][ T8030]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.652163][ T8030]  ____sys_sendmsg+0xaaf/0xc90
[  235.652189][ T8030]  ? copy_msghdr_from_user+0x10b/0x160
[  235.652219][ T8030]  ? __pfx_____sys_sendmsg+0x10/0x10
[  235.652260][ T8030]  ___sys_sendmsg+0x135/0x1e0
[  235.652292][ T8030]  ? __pfx____sys_sendmsg+0x10/0x10
[  235.652338][ T8030]  ? __pfx_lock_release+0x10/0x10
[  235.652366][ T8030]  ? trace_lock_acquire+0x14e/0x1f0
[  235.652404][ T8030]  ? __fget_files+0x206/0x3a0
[  235.652444][ T8030]  __sys_sendmsg+0x16e/0x220
[  235.652476][ T8030]  ? __pfx___sys_sendmsg+0x10/0x10
[  235.652529][ T8030]  do_syscall_64+0xcd/0x250
[  235.652560][ T8030]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.652592][ T8030] RIP: 0033:0x7f589b98d169
[  235.652611][ T8030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.652632][ T8030] RSP: 002b:00007f589c775038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.652655][ T8030] RAX: ffffffffffffffda RBX: 00007f589bba6080 RCX: 00007f589b98d169
[  235.652670][ T8030] RDX: 0000000000040000 RSI: 0000400000000100 RDI: 0000000000000003
[  235.652685][ T8030] RBP: 00007f589c775090 R08: 0000000000000000 R09: 0000000000000000
[  235.652699][ T8030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.652717][ T8030] R13: 0000000000000000 R14: 00007f589bba6080 R15: 00007ffdb7b627a8
[  235.652749][ T8030]  </TASK>
[  235.994350][    C1] vkms_vblank_simulate: vblank timer overrun
[  236.152768][ T8037] FAULT_INJECTION: forcing a failure.
[  236.152768][ T8037] name failslab, interval 1, probability 0, space 0, times 0
[  236.305504][ T8037] CPU: 0 UID: 0 PID: 8037 Comm: syz.1.555 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  236.305547][ T8037] Tainted: [U]=USER
[  236.305555][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  236.305568][ T8037] Call Trace:
[  236.305575][ T8037]  <TASK>
[  236.305584][ T8037]  dump_stack_lvl+0x16c/0x1f0
[  236.305618][ T8037]  should_fail_ex+0x50a/0x650
[  236.305651][ T8037]  ? fs_reclaim_acquire+0xae/0x150
[  236.305682][ T8037]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  236.305717][ T8037]  should_failslab+0xc2/0x120
[  236.305740][ T8037]  __kmalloc_noprof+0xcb/0x510
[  236.305773][ T8037]  ? __pfx___mutex_lock+0x10/0x10
[  236.305806][ T8037]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  236.305848][ T8037]  genl_start+0x18e/0x960
[  236.305884][ T8037]  __netlink_dump_start+0x607/0x970
[  236.305918][ T8037]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  236.305955][ T8037]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  236.305997][ T8037]  ? __pfx_genl_get_cmd+0x10/0x10
[  236.306026][ T8037]  ? __pfx_genl_start+0x10/0x10
[  236.306055][ T8037]  ? __pfx_genl_dumpit+0x10/0x10
[  236.306083][ T8037]  ? __pfx_genl_done+0x10/0x10
[  236.306119][ T8037]  ? __radix_tree_lookup+0x21f/0x2c0
[  236.306152][ T8037]  genl_rcv_msg+0x470/0x800
[  236.306188][ T8037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  236.306220][ T8037]  ? __pfx_ethnl_default_start+0x10/0x10
[  236.306245][ T8037]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  236.306269][ T8037]  ? __pfx_ethnl_default_done+0x10/0x10
[  236.306307][ T8037]  netlink_rcv_skb+0x16b/0x440
[  236.306336][ T8037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  236.306371][ T8037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  236.306424][ T8037]  ? down_read+0xc9/0x330
[  236.306453][ T8037]  ? __pfx_down_read+0x10/0x10
[  236.306484][ T8037]  ? netlink_deliver_tap+0x1ae/0xd30
[  236.306518][ T8037]  genl_rcv+0x28/0x40
[  236.306546][ T8037]  netlink_unicast+0x53c/0x7f0
[  236.306580][ T8037]  ? __pfx_netlink_unicast+0x10/0x10
[  236.306610][ T8037]  ? __phys_addr_symbol+0x30/0x80
[  236.306634][ T8037]  ? __check_object_size+0x488/0x710
[  236.306662][ T8037]  netlink_sendmsg+0x8b8/0xd70
[  236.306698][ T8037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  236.306741][ T8037]  ____sys_sendmsg+0xaaf/0xc90
[  236.306767][ T8037]  ? copy_msghdr_from_user+0x10b/0x160
[  236.306798][ T8037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  236.306840][ T8037]  ___sys_sendmsg+0x135/0x1e0
[  236.306873][ T8037]  ? __pfx____sys_sendmsg+0x10/0x10
[  236.306919][ T8037]  ? __pfx_lock_release+0x10/0x10
[  236.306950][ T8037]  ? trace_lock_acquire+0x14e/0x1f0
[  236.306988][ T8037]  ? __fget_files+0x206/0x3a0
[  236.307029][ T8037]  __sys_sendmsg+0x16e/0x220
[  236.307060][ T8037]  ? __pfx___sys_sendmsg+0x10/0x10
[  236.307115][ T8037]  do_syscall_64+0xcd/0x250
[  236.307145][ T8037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.307175][ T8037] RIP: 0033:0x7f80b598d169
[  236.307194][ T8037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  236.307216][ T8037] RSP: 002b:00007f80b670c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  236.307239][ T8037] RAX: ffffffffffffffda RBX: 00007f80b5ba5fa0 RCX: 00007f80b598d169
[  236.307255][ T8037] RDX: 0000000000004090 RSI: 0000400000000100 RDI: 0000000000000003
[  236.307269][ T8037] RBP: 00007f80b670c090 R08: 0000000000000000 R09: 0000000000000000
[  236.307283][ T8037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  236.307297][ T8037] R13: 0000000000000000 R14: 00007f80b5ba5fa0 R15: 00007ffe77c22da8
[  236.307329][ T8037]  </TASK>
[  236.698015][ T8034] netlink: 4 bytes leftover after parsing attributes in process `syz.0.554'.
[  238.073350][ T8053] FAULT_INJECTION: forcing a failure.
[  238.073350][ T8053] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  238.117044][ T8053] CPU: 0 UID: 0 PID: 8053 Comm: syz.3.559 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  238.117084][ T8053] Tainted: [U]=USER
[  238.117092][ T8053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  238.117106][ T8053] Call Trace:
[  238.117114][ T8053]  <TASK>
[  238.117123][ T8053]  dump_stack_lvl+0x16c/0x1f0
[  238.117160][ T8053]  should_fail_ex+0x50a/0x650
[  238.117195][ T8053]  ? __pfx___might_resched+0x10/0x10
[  238.117242][ T8053]  should_fail_alloc_page+0xe7/0x130
[  238.117270][ T8053]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  238.117312][ T8053]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  238.117370][ T8053]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  238.117421][ T8053]  ? find_held_lock+0x2d/0x110
[  238.117458][ T8053]  ? page_ext_put+0x3e/0xd0
[  238.117492][ T8053]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  238.117534][ T8053]  ? policy_nodemask+0xea/0x4e0
[  238.117577][ T8053]  alloc_pages_mpol+0x1fc/0x540
[  238.117603][ T8053]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  238.117625][ T8053]  ? page_ext_put+0x48/0xd0
[  238.117657][ T8053]  ? page_table_check_set.part.0+0x3b8/0x550
[  238.117694][ T8053]  ? find_held_lock+0x2d/0x110
[  238.117725][ T8053]  folio_alloc_mpol_noprof+0x36/0x2f0
[  238.117755][ T8053]  vma_alloc_folio_noprof+0xee/0x1b0
[  238.117783][ T8053]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  238.117812][ T8053]  ? __pfx___might_resched+0x10/0x10
[  238.117855][ T8053]  copy_page_range+0x3dac/0x5690
[  238.117926][ T8053]  ? __pfx_copy_page_range+0x10/0x10
[  238.117957][ T8053]  ? mas_store+0x941/0x10d0
[  238.117999][ T8053]  ? __pfx_mas_store+0x10/0x10
[  238.118030][ T8053]  ? lock_acquire+0x2f/0xb0
[  238.118060][ T8053]  ? copy_process+0x79c4/0x8c50
[  238.118096][ T8053]  ? up_write+0x1b2/0x520
[  238.118135][ T8053]  copy_process+0x7ccb/0x8c50
[  238.118181][ T8053]  ? __pfx_copy_process+0x10/0x10
[  238.118201][ T8053]  ? __pfx___futex_wait+0x10/0x10
[  238.118235][ T8053]  ? try_to_wake_up+0x158/0x1490
[  238.118294][ T8053]  kernel_clone+0xfd/0x960
[  238.118320][ T8053]  ? __pfx_kernel_clone+0x10/0x10
[  238.118363][ T8053]  ? 0xffffffffff600000
[  238.118382][ T8053]  __do_sys_clone+0xcf/0x120
[  238.118405][ T8053]  ? __pfx___do_sys_clone+0x10/0x10
[  238.118431][ T8053]  ? 0xffffffffff600000
[  238.118468][ T8053]  ? rcu_is_watching+0x12/0xc0
[  238.118506][ T8053]  do_syscall_64+0xcd/0x250
[  238.118541][ T8053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.118573][ T8053] RIP: 0033:0x7f080098d169
[  238.118592][ T8053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.118616][ T8053] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  238.118640][ T8053] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  238.118656][ T8053] RDX: ffffffffffffffff RSI: 0000000000002100 RDI: 0000000000008004
[  238.118671][ T8053] RBP: 00007f0800a0e2a0 R08: 0000000000000006 R09: 0000000000000000
[  238.118686][ T8053] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  238.118701][ T8053] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  238.118722][ T8053]  ? 0xffffffffff600000
[  238.118750][ T8053]  </TASK>
[  238.460858][ T5836] Bluetooth: hci2: Malformed LE Event: 0x1d
[  238.612359][ T8064] Invalid ELF header magic: != ELF
[  239.181025][ T8064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.562'.
[  239.267353][ T8064] geneve1: entered allmulticast mode
[  239.702548][ T8080] ovs_: entered promiscuous mode
[  239.933292][ T8092] : Can't lookup blockdev
[  240.156024][ T8105] FAULT_INJECTION: forcing a failure.
[  240.156024][ T8105] name fail_futex, interval 1, probability 0, space 0, times 1
[  240.200378][ T8105] CPU: 0 UID: 0 PID: 8105 Comm: syz.3.573 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  240.200425][ T8105] Tainted: [U]=USER
[  240.200434][ T8105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.200449][ T8105] Call Trace:
[  240.200457][ T8105]  <TASK>
[  240.200467][ T8105]  dump_stack_lvl+0x16c/0x1f0
[  240.200507][ T8105]  should_fail_ex+0x50a/0x650
[  240.200552][ T8105]  get_futex_key+0x4a3/0x1000
[  240.200588][ T8105]  ? __pfx_get_futex_key+0x10/0x10
[  240.200621][ T8105]  ? find_vma_prev+0xdb/0x160
[  240.200662][ T8105]  futex_wake+0xe8/0x4e0
[  240.200698][ T8105]  ? find_held_lock+0x2d/0x110
[  240.200726][ T8105]  ? __pfx_futex_wake+0x10/0x10
[  240.200768][ T8105]  ? __up_read+0x1fb/0x760
[  240.200801][ T8105]  ? __pfx___blk_flush_plug+0x10/0x10
[  240.200828][ T8105]  ? __pfx___up_read+0x10/0x10
[  240.200867][ T8105]  do_futex+0x1e5/0x350
[  240.200895][ T8105]  ? __pfx_do_futex+0x10/0x10
[  240.200933][ T8105]  __x64_sys_futex+0x1e1/0x4c0
[  240.200969][ T8105]  ? __pfx___x64_sys_futex+0x10/0x10
[  240.201002][ T8105]  ? rcu_is_watching+0x12/0xc0
[  240.201041][ T8105]  do_syscall_64+0xcd/0x250
[  240.201076][ T8105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.201111][ T8105] RIP: 0033:0x7f080098d169
[  240.201131][ T8105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.201166][ T8105] RSP: 002b:00007f08017ca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  240.201190][ T8105] RAX: ffffffffffffffda RBX: 00007f0800ba5fa8 RCX: 00007f080098d169
[  240.201207][ T8105] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0800ba5fac
[  240.201223][ T8105] RBP: 00007f0800ba5fa0 R08: 00007f08017cb000 R09: 0000000000000000
[  240.201240][ T8105] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0800ba5fac
[  240.201256][ T8105] R13: 0000000000000000 R14: 00007ffee6cf69d0 R15: 00007ffee6cf6ab8
[  240.201288][ T8105]  </TASK>
[  240.803069][ T8113] FAULT_INJECTION: forcing a failure.
[  240.803069][ T8113] name failslab, interval 1, probability 0, space 0, times 0
[  240.900945][ T8113] CPU: 1 UID: 0 PID: 8113 Comm: syz.3.577 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  240.900983][ T8113] Tainted: [U]=USER
[  240.900991][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.901003][ T8113] Call Trace:
[  240.901009][ T8113]  <TASK>
[  240.901018][ T8113]  dump_stack_lvl+0x16c/0x1f0
[  240.901050][ T8113]  should_fail_ex+0x50a/0x650
[  240.901083][ T8113]  ? fs_reclaim_acquire+0xae/0x150
[  240.901119][ T8113]  ? tomoyo_realpath_from_path+0xb9/0x720
[  240.901149][ T8113]  should_failslab+0xc2/0x120
[  240.901172][ T8113]  __kmalloc_noprof+0xcb/0x510
[  240.901207][ T8113]  ? get_mm_exe_file+0x8a/0x1a0
[  240.901243][ T8113]  ? trace_lock_acquire+0x14e/0x1f0
[  240.901274][ T8113]  tomoyo_realpath_from_path+0xb9/0x720
[  240.901303][ T8113]  ? lock_acquire+0x2f/0xb0
[  240.901341][ T8113]  tomoyo_get_exe+0x63/0xa0
[  240.901365][ T8113]  tomoyo_write_control+0x67c/0x13e0
[  240.901410][ T8113]  ? rcu_is_watching+0x12/0xc0
[  240.901436][ T8113]  ? __pfx_tomoyo_write_control+0x10/0x10
[  240.901470][ T8113]  ? ksys_write+0x12b/0x250
[  240.901507][ T8113]  ? __pfx_tomoyo_write+0x10/0x10
[  240.901536][ T8113]  vfs_write+0x24c/0x1150
[  240.901567][ T8113]  ? __fget_files+0x1fc/0x3a0
[  240.901599][ T8113]  ? __pfx___mutex_lock+0x10/0x10
[  240.901628][ T8113]  ? __pfx_vfs_write+0x10/0x10
[  240.901666][ T8113]  ? __fget_files+0x206/0x3a0
[  240.901705][ T8113]  ksys_write+0x12b/0x250
[  240.901733][ T8113]  ? __pfx_ksys_write+0x10/0x10
[  240.901772][ T8113]  do_syscall_64+0xcd/0x250
[  240.901802][ T8113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.901831][ T8113] RIP: 0033:0x7f080098d169
[  240.901849][ T8113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.901869][ T8113] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  240.901891][ T8113] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  240.901911][ T8113] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  240.901927][ T8113] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  240.901941][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.901954][ T8113] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  240.901986][ T8113]  </TASK>
[  240.907856][ T8113] ERROR: Out of memory at tomoyo_realpath_from_path.
[  241.181776][ T8120] FAULT_INJECTION: forcing a failure.
[  241.181776][ T8120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  241.230849][ T8120] CPU: 1 UID: 0 PID: 8120 Comm: syz.1.580 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  241.230896][ T8120] Tainted: [U]=USER
[  241.230903][ T8120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  241.230916][ T8120] Call Trace:
[  241.230923][ T8120]  <TASK>
[  241.230933][ T8120]  dump_stack_lvl+0x16c/0x1f0
[  241.230966][ T8120]  should_fail_ex+0x50a/0x650
[  241.231004][ T8120]  _copy_from_iter+0x2a1/0x1560
[  241.231029][ T8120]  ? trace_lock_acquire+0x14e/0x1f0
[  241.231055][ T8120]  ? __alloc_skb+0x1fe/0x380
[  241.231085][ T8120]  ? __pfx__copy_from_iter+0x10/0x10
[  241.231106][ T8120]  ? __virt_addr_valid+0x1a4/0x590
[  241.231134][ T8120]  ? __virt_addr_valid+0x5e/0x590
[  241.231157][ T8120]  ? __phys_addr_symbol+0x30/0x80
[  241.231179][ T8120]  ? __check_object_size+0x488/0x710
[  241.231207][ T8120]  netlink_sendmsg+0x813/0xd70
[  241.231242][ T8120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.231282][ T8120]  __sys_sendto+0x488/0x4f0
[  241.231311][ T8120]  ? __pfx___sys_sendto+0x10/0x10
[  241.231337][ T8120]  ? reacquire_held_locks+0x20b/0x4c0
[  241.231367][ T8120]  ? do_user_addr_fault+0xdc7/0x13f0
[  241.231430][ T8120]  __x64_sys_sendto+0xe0/0x1c0
[  241.231456][ T8120]  ? do_syscall_64+0x91/0x250
[  241.231488][ T8120]  ? lockdep_hardirqs_on+0x7c/0x110
[  241.231515][ T8120]  do_syscall_64+0xcd/0x250
[  241.231544][ T8120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.231574][ T8120] RIP: 0033:0x7f80b598effc
[  241.231592][ T8120] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  241.231612][ T8120] RSP: 002b:00007f80b670aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  241.231632][ T8120] RAX: ffffffffffffffda RBX: 00007f80b670afc0 RCX: 00007f80b598effc
[  241.231646][ T8120] RDX: 0000000000000020 RSI: 00007f80b670b010 RDI: 0000000000000004
[  241.231660][ T8120] RBP: 0000000000000000 R08: 00007f80b670af14 R09: 000000000000000c
[  241.231672][ T8120] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  241.231685][ T8120] R13: 00007f80b670af68 R14: 00007f80b670b010 R15: 0000000000000000
[  241.231714][ T8120]  </TASK>
[  241.452894][    C1] vkms_vblank_simulate: vblank timer overrun
[  242.483464][   T29] audit: type=1800 audit(4294967316.240:7): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.590" name="trace_pipe" dev="tracefs" ino=179 res=0 errno=0
[  244.412725][ T8187] mmap: syz.1.599 (8187): VmData 41664512 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data.
[  247.261049][ T8230] block nbd8: NBD_DISCONNECT
[  250.342557][ T8293] FAULT_INJECTION: forcing a failure.
[  250.342557][ T8293] name failslab, interval 1, probability 0, space 0, times 0
[  250.394511][ T8293] CPU: 1 UID: 0 PID: 8293 Comm: syz.3.631 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  250.394550][ T8293] Tainted: [U]=USER
[  250.394558][ T8293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  250.394571][ T8293] Call Trace:
[  250.394578][ T8293]  <TASK>
[  250.394587][ T8293]  dump_stack_lvl+0x16c/0x1f0
[  250.394621][ T8293]  should_fail_ex+0x50a/0x650
[  250.394654][ T8293]  ? fs_reclaim_acquire+0xae/0x150
[  250.394685][ T8293]  should_failslab+0xc2/0x120
[  250.394709][ T8293]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  250.394739][ T8293]  ? hlock_class+0x4e/0x130
[  250.394763][ T8293]  ? __alloc_skb+0x2b1/0x380
[  250.394797][ T8293]  __alloc_skb+0x2b1/0x380
[  250.394826][ T8293]  ? __pfx___alloc_skb+0x10/0x10
[  250.394859][ T8293]  ? register_lock_class+0xb1/0x1240
[  250.394890][ T8293]  ? is_dynamic_key+0x260/0x280
[  250.394918][ T8293]  ? __pfx_lock_release+0x10/0x10
[  250.394956][ T8293]  tipc_buf_acquire+0x26/0xe0
[  250.394988][ T8293]  tipc_msg_build+0x10c/0x1120
[  250.395023][ T8293]  ? __lock_acquire+0x15a9/0x3c40
[  250.395055][ T8293]  ? __pfx_tipc_msg_build+0x10/0x10
[  250.395095][ T8293]  ? hlock_class+0x4e/0x130
[  250.395124][ T8293]  __tipc_sendstream+0x6fa/0x1190
[  250.395168][ T8293]  ? __pfx___tipc_sendstream+0x10/0x10
[  250.395198][ T8293]  ? tipc_sendstream+0x41/0x70
[  250.395227][ T8293]  ? __pfx_lock_release+0x10/0x10
[  250.395257][ T8293]  ? __pfx_woken_wake_function+0x10/0x10
[  250.395284][ T8293]  ? mark_held_locks+0x9f/0xe0
[  250.395315][ T8293]  ? __local_bh_enable_ip+0xa4/0x120
[  250.395353][ T8293]  tipc_sendstream+0x4f/0x70
[  250.395383][ T8293]  sock_write_iter+0x4fe/0x5b0
[  250.395410][ T8293]  ? __pfx_sock_write_iter+0x10/0x10
[  250.395447][ T8293]  ? bpf_lsm_file_permission+0x9/0x10
[  250.395479][ T8293]  ? security_file_permission+0x71/0x210
[  250.395509][ T8293]  ? rw_verify_area+0xcf/0x680
[  250.395540][ T8293]  vfs_write+0x5ae/0x1150
[  250.395570][ T8293]  ? __pfx_sock_write_iter+0x10/0x10
[  250.395599][ T8293]  ? __pfx_vfs_write+0x10/0x10
[  250.395630][ T8293]  ? __fget_files+0x40/0x3a0
[  250.395693][ T8293]  ksys_write+0x207/0x250
[  250.395722][ T8293]  ? __pfx_ksys_write+0x10/0x10
[  250.395761][ T8293]  do_syscall_64+0xcd/0x250
[  250.395792][ T8293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.395823][ T8293] RIP: 0033:0x7f080098d169
[  250.395847][ T8293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.395869][ T8293] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  250.395892][ T8293] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  250.395908][ T8293] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000004
[  250.395922][ T8293] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  250.395936][ T8293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.395950][ T8293] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  250.395981][ T8293]  </TASK>
[  251.389438][ T8312] FAULT_INJECTION: forcing a failure.
[  251.389438][ T8312] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.455740][ T8312] CPU: 1 UID: 0 PID: 8312 Comm: syz.3.636 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  251.455780][ T8312] Tainted: [U]=USER
[  251.455787][ T8312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.455799][ T8312] Call Trace:
[  251.455805][ T8312]  <TASK>
[  251.455815][ T8312]  dump_stack_lvl+0x16c/0x1f0
[  251.455847][ T8312]  should_fail_ex+0x50a/0x650
[  251.455886][ T8312]  _copy_from_user+0x2e/0xd0
[  251.455910][ T8312]  do_sock_getsockopt+0x5f6/0x800
[  251.455933][ T8312]  ? trace_lock_acquire+0xf0/0x1f0
[  251.455961][ T8312]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  251.455983][ T8312]  ? lock_acquire+0x2f/0xb0
[  251.456011][ T8312]  ? __fget_files+0x40/0x3a0
[  251.456045][ T8312]  ? __fget_files+0x206/0x3a0
[  251.456082][ T8312]  __sys_getsockopt+0x12f/0x260
[  251.456119][ T8312]  __x64_sys_getsockopt+0xbd/0x160
[  251.456146][ T8312]  ? do_syscall_64+0x91/0x250
[  251.456174][ T8312]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.456200][ T8312]  do_syscall_64+0xcd/0x250
[  251.456229][ T8312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.456259][ T8312] RIP: 0033:0x7f080098d169
[  251.456278][ T8312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.456300][ T8312] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  251.456322][ T8312] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  251.456337][ T8312] RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
[  251.456350][ T8312] RBP: 00007f08017ca090 R08: 00004000000000c0 R09: 0000000000000000
[  251.456365][ T8312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.456378][ T8312] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  251.456406][ T8312]  </TASK>
[  253.505859][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  253.516631][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  253.540869][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  253.577329][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  253.601050][   T55] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  253.611108][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  254.485990][ T8342] FAULT_INJECTION: forcing a failure.
[  254.485990][ T8342] name failslab, interval 1, probability 0, space 0, times 0
[  254.710832][ T8342] CPU: 0 UID: 0 PID: 8342 Comm: syz.2.643 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  254.710873][ T8342] Tainted: [U]=USER
[  254.710879][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.710891][ T8342] Call Trace:
[  254.710897][ T8342]  <TASK>
[  254.710907][ T8342]  dump_stack_lvl+0x16c/0x1f0
[  254.710941][ T8342]  should_fail_ex+0x50a/0x650
[  254.710974][ T8342]  ? fs_reclaim_acquire+0xae/0x150
[  254.711005][ T8342]  should_failslab+0xc2/0x120
[  254.711028][ T8342]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  254.711062][ T8342]  ? alloc_empty_file+0x73/0x1e0
[  254.711091][ T8342]  alloc_empty_file+0x73/0x1e0
[  254.711116][ T8342]  path_openat+0xe1/0x2d80
[  254.711145][ T8342]  ? hlock_class+0x4e/0x130
[  254.711170][ T8342]  ? __lock_acquire+0x15a9/0x3c40
[  254.711209][ T8342]  ? __pfx_path_openat+0x10/0x10
[  254.711240][ T8342]  ? __pfx___lock_acquire+0x10/0x10
[  254.711268][ T8342]  ? lock_acquire.part.0+0x11b/0x380
[  254.711297][ T8342]  ? find_held_lock+0x2d/0x110
[  254.711326][ T8342]  do_filp_open+0x20c/0x470
[  254.711357][ T8342]  ? __pfx_do_filp_open+0x10/0x10
[  254.711386][ T8342]  ? find_held_lock+0x2d/0x110
[  254.711431][ T8342]  ? alloc_fd+0x41f/0x760
[  254.711466][ T8342]  do_sys_openat2+0x17a/0x1e0
[  254.711490][ T8342]  ? __pfx_do_sys_openat2+0x10/0x10
[  254.711518][ T8342]  ? __fget_files+0x206/0x3a0
[  254.711554][ T8342]  __x64_sys_openat+0x175/0x210
[  254.711579][ T8342]  ? __pfx___x64_sys_openat+0x10/0x10
[  254.711602][ T8342]  ? ksys_write+0x1ba/0x250
[  254.711642][ T8342]  do_syscall_64+0xcd/0x250
[  254.711673][ T8342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.711709][ T8342] RIP: 0033:0x7f589b98d169
[  254.711727][ T8342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.711749][ T8342] RSP: 002b:00007f589c796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  254.711771][ T8342] RAX: ffffffffffffffda RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  254.711786][ T8342] RDX: 0000000000101e81 RSI: 0000400000000400 RDI: ffffffffffffff9c
[  254.711801][ T8342] RBP: 00007f589c796090 R08: 0000000000000000 R09: 0000000000000000
[  254.711815][ T8342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.711829][ T8342] R13: 0000000000000001 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  254.711859][ T8342]  </TASK>
[  255.741010][ T5836] Bluetooth: hci0: command tx timeout
[  255.824867][ T3506] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.032298][ T8357] netlink: 'syz.3.651': attribute type 11 has an invalid length.
[  256.045424][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  256.051890][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  256.178516][ T3506] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.246077][ T8331] chnl_net:caif_netlink_parms(): no params data found
[  256.612230][ T3506] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.922995][ T3506] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.958783][ T8331] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.977502][ T8331] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.001001][ T8331] bridge_slave_0: entered allmulticast mode
[  257.008186][ T8331] bridge_slave_0: entered promiscuous mode
[  257.033164][ T8331] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.040286][ T8331] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.048645][ T8331] bridge_slave_1: entered allmulticast mode
[  257.062032][ T8331] bridge_slave_1: entered promiscuous mode
[  257.110334][ T8331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  257.132670][ T8331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  257.218205][ T8331] team0: Port device team_slave_0 added
[  257.233141][ T8331] team0: Port device team_slave_1 added
[  257.304921][ T8331] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.320862][ T8331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.373861][ T8331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.420892][ T8331] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.428021][ T8331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.487679][ T8331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.613578][ T8331] hsr_slave_0: entered promiscuous mode
[  257.619902][ T8331] hsr_slave_1: entered promiscuous mode
[  257.640480][ T8331] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  257.660804][ T8331] Cannot create hsr debugfs directory
[  257.816936][ T5836] Bluetooth: hci0: command tx timeout
[  258.363581][ T8375] FAULT_INJECTION: forcing a failure.
[  258.363581][ T8375] name failslab, interval 1, probability 0, space 0, times 0
[  258.411628][ T8375] CPU: 1 UID: 0 PID: 8375 Comm: syz.3.655 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  258.411667][ T8375] Tainted: [U]=USER
[  258.411675][ T8375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.411688][ T8375] Call Trace:
[  258.411695][ T8375]  <TASK>
[  258.411704][ T8375]  dump_stack_lvl+0x16c/0x1f0
[  258.411738][ T8375]  should_fail_ex+0x50a/0x650
[  258.411771][ T8375]  ? fs_reclaim_acquire+0xae/0x150
[  258.411802][ T8375]  ? lsm_blob_alloc+0x68/0x90
[  258.411832][ T8375]  should_failslab+0xc2/0x120
[  258.411856][ T8375]  __kmalloc_noprof+0xcb/0x510
[  258.411888][ T8375]  ? down_write_nested+0x152/0x210
[  258.411916][ T8375]  lsm_blob_alloc+0x68/0x90
[  258.411948][ T8375]  security_sb_alloc+0x28/0x230
[  258.411971][ T8375]  alloc_super+0x245/0xbd0
[  258.411999][ T8375]  ? lock_acquire+0x2f/0xb0
[  258.412034][ T8375]  ? __pfx_test_keyed_super+0x10/0x10
[  258.412059][ T8375]  sget_fc+0x116/0xc20
[  258.412088][ T8375]  ? __pfx_set_anon_super_fc+0x10/0x10
[  258.412117][ T8375]  ? __pfx_nfsd_fill_super+0x10/0x10
[  258.412147][ T8375]  get_tree_keyed+0x59/0x1d0
[  258.412178][ T8375]  vfs_get_tree+0x8b/0x340
[  258.412204][ T8375]  path_mount+0x14e6/0x1f10
[  258.412245][ T8375]  ? kmem_cache_free+0x2e2/0x4d0
[  258.412276][ T8375]  ? __pfx_path_mount+0x10/0x10
[  258.412314][ T8375]  ? putname+0x13c/0x180
[  258.412342][ T8375]  __x64_sys_mount+0x28f/0x310
[  258.412375][ T8375]  ? __pfx___x64_sys_mount+0x10/0x10
[  258.412419][ T8375]  do_syscall_64+0xcd/0x250
[  258.412450][ T8375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.412480][ T8375] RIP: 0033:0x7f080098d169
[  258.412499][ T8375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.412521][ T8375] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  258.412544][ T8375] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  258.412560][ T8375] RDX: 0000400000000140 RSI: 00004000000000c0 RDI: 0000000000000000
[  258.412575][ T8375] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  258.412589][ T8375] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002
[  258.412603][ T8375] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  258.412634][ T8375]  </TASK>
[  259.530902][ T8380] block nbd8: NBD_DISCONNECT
[  259.897052][ T5836] Bluetooth: hci0: command tx timeout
[  260.052223][ T8384] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  260.621106][ T5836] Bluetooth: hci1: Malformed LE Event: 0x1d
[  260.632885][ T8390] Invalid ELF header magic: != ELF
[  261.845757][ T8392] netlink: 28 bytes leftover after parsing attributes in process `syz.3.661'.
[  261.973047][ T5836] Bluetooth: hci0: command tx timeout
[  264.073860][ T8405] syz.2.664 (8405) used greatest stack depth: 20672 bytes left
[  264.128442][ T8431] FAULT_INJECTION: forcing a failure.
[  264.128442][ T8431] name failslab, interval 1, probability 0, space 0, times 0
[  264.158846][ T8431] CPU: 0 UID: 0 PID: 8431 Comm: syz.3.668 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  264.158884][ T8431] Tainted: [U]=USER
[  264.158892][ T8431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.158903][ T8431] Call Trace:
[  264.158910][ T8431]  <TASK>
[  264.158919][ T8431]  dump_stack_lvl+0x16c/0x1f0
[  264.158953][ T8431]  should_fail_ex+0x50a/0x650
[  264.158987][ T8431]  ? fs_reclaim_acquire+0xae/0x150
[  264.159018][ T8431]  should_failslab+0xc2/0x120
[  264.159042][ T8431]  __kmalloc_node_noprof+0xd1/0x510
[  264.159075][ T8431]  ? down_write+0x14e/0x200
[  264.159103][ T8431]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  264.159140][ T8431]  __kvmalloc_node_noprof+0xad/0x1a0
[  264.159170][ T8431]  ? __pfx_cache_write_procfs+0x10/0x10
[  264.159203][ T8431]  cache_write_procfs+0xd2/0x160
[  264.159236][ T8431]  ? __pfx_cache_write_procfs+0x10/0x10
[  264.159268][ T8431]  proc_reg_write+0x23d/0x330
[  264.159303][ T8431]  ? __pfx_proc_reg_write+0x10/0x10
[  264.159332][ T8431]  vfs_write+0x24c/0x1150
[  264.159364][ T8431]  ? __fget_files+0x1fc/0x3a0
[  264.159396][ T8431]  ? __pfx___mutex_lock+0x10/0x10
[  264.159424][ T8431]  ? __pfx_vfs_write+0x10/0x10
[  264.159464][ T8431]  ? __fget_files+0x206/0x3a0
[  264.159505][ T8431]  ksys_write+0x12b/0x250
[  264.159533][ T8431]  ? __pfx_ksys_write+0x10/0x10
[  264.159574][ T8431]  do_syscall_64+0xcd/0x250
[  264.159613][ T8431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.159643][ T8431] RIP: 0033:0x7f080098d169
[  264.159662][ T8431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.159684][ T8431] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  264.159709][ T8431] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  264.159725][ T8431] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000003
[  264.159739][ T8431] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  264.159753][ T8431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.159766][ T8431] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  264.159799][ T8431]  </TASK>
[  264.429907][ T8435] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582)
[  265.753530][ T8447] netlink: 'syz.3.673': attribute type 29 has an invalid length.
[  265.767630][ T8447] netlink: 334 bytes leftover after parsing attributes in process `syz.3.673'.
[  268.146093][ T8467] FAULT_INJECTION: forcing a failure.
[  268.146093][ T8467] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  268.171457][ T8467] CPU: 0 UID: 0 PID: 8467 Comm: syz.3.678 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  268.171494][ T8467] Tainted: [U]=USER
[  268.171501][ T8467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.171514][ T8467] Call Trace:
[  268.171521][ T8467]  <TASK>
[  268.171531][ T8467]  dump_stack_lvl+0x16c/0x1f0
[  268.171564][ T8467]  should_fail_ex+0x50a/0x650
[  268.171594][ T8467]  ? __pfx___might_resched+0x10/0x10
[  268.171630][ T8467]  should_fail_alloc_page+0xe7/0x130
[  268.171654][ T8467]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  268.171689][ T8467]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  268.171731][ T8467]  ? __pfx_register_lock_class+0x10/0x10
[  268.171771][ T8467]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  268.171815][ T8467]  ? hlock_class+0x4e/0x130
[  268.171839][ T8467]  ? __pfx___lock_acquire+0x10/0x10
[  268.171870][ T8467]  ? __pfx_mark_lock+0x10/0x10
[  268.171896][ T8467]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  268.171933][ T8467]  ? policy_nodemask+0xea/0x4e0
[  268.171968][ T8467]  alloc_pages_mpol+0x1fc/0x540
[  268.171993][ T8467]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  268.172012][ T8467]  ? __pfx_lock_release+0x10/0x10
[  268.172042][ T8467]  ? do_raw_spin_lock+0x12d/0x2c0
[  268.172064][ T8467]  ? __pti_set_user_pgtbl+0xf2/0x1a0
[  268.172097][ T8467]  alloc_pages_noprof+0x131/0x390
[  268.172120][ T8467]  __pmd_alloc+0x3f/0x870
[  268.172154][ T8467]  __handle_mm_fault+0x9fb/0x2c60
[  268.172195][ T8467]  ? __pfx___handle_mm_fault+0x10/0x10
[  268.172263][ T8467]  handle_mm_fault+0x3fa/0xaa0
[  268.172302][ T8467]  __get_user_pages+0x773/0x36f0
[  268.172346][ T8467]  ? __pfx___get_user_pages+0x10/0x10
[  268.172377][ T8467]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  268.172419][ T8467]  get_user_pages_remote+0x25e/0xb30
[  268.172458][ T8467]  ? __pfx_get_user_pages_remote+0x10/0x10
[  268.172504][ T8467]  get_arg_page+0xf3/0x310
[  268.172533][ T8467]  ? __pfx_get_arg_page+0x10/0x10
[  268.172564][ T8467]  ? up_write+0x1b2/0x520
[  268.172600][ T8467]  copy_string_kernel+0x197/0x250
[  268.172629][ T8467]  ? count.constprop.0.isra.0+0xf4/0x170
[  268.172663][ T8467]  do_execveat_common.isra.0+0x2eb/0x610
[  268.172701][ T8467]  __x64_sys_execve+0x8c/0xb0
[  268.172733][ T8467]  do_syscall_64+0xcd/0x250
[  268.172764][ T8467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.172794][ T8467] RIP: 0033:0x7f080098d169
[  268.172814][ T8467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.172836][ T8467] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  268.172858][ T8467] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  268.172874][ T8467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000400000000000
[  268.172888][ T8467] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  268.172903][ T8467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.172916][ T8467] R13: 0000000000000000 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  268.172949][ T8467]  </TASK>
[  268.695653][ T8469] FAULT_INJECTION: forcing a failure.
[  268.695653][ T8469] name failslab, interval 1, probability 0, space 0, times 0
[  268.708570][ T8469] CPU: 0 UID: 0 PID: 8469 Comm: syz.3.679 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  268.708605][ T8469] Tainted: [U]=USER
[  268.708613][ T8469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.708625][ T8469] Call Trace:
[  268.708632][ T8469]  <TASK>
[  268.708642][ T8469]  dump_stack_lvl+0x16c/0x1f0
[  268.708675][ T8469]  should_fail_ex+0x50a/0x650
[  268.708714][ T8469]  ? fs_reclaim_acquire+0xae/0x150
[  268.708745][ T8469]  ? rfkill_fop_open+0x1ad/0x750
[  268.708774][ T8469]  should_failslab+0xc2/0x120
[  268.708797][ T8469]  __kmalloc_cache_noprof+0x68/0x410
[  268.708835][ T8469]  rfkill_fop_open+0x1ad/0x750
[  268.708872][ T8469]  ? __pfx_rfkill_fop_open+0x10/0x10
[  268.708904][ T8469]  misc_open+0x35a/0x420
[  268.708928][ T8469]  ? __pfx_misc_open+0x10/0x10
[  268.708950][ T8469]  chrdev_open+0x237/0x6a0
[  268.708982][ T8469]  ? __pfx_apparmor_file_open+0x10/0x10
[  268.709010][ T8469]  ? __pfx_chrdev_open+0x10/0x10
[  268.709046][ T8469]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  268.709088][ T8469]  do_dentry_open+0x735/0x1c40
[  268.709119][ T8469]  ? __pfx_chrdev_open+0x10/0x10
[  268.709152][ T8469]  ? inode_permission+0xdd/0x5f0
[  268.709180][ T8469]  vfs_open+0x82/0x3f0
[  268.709202][ T8469]  ? may_open+0x1f2/0x400
[  268.709230][ T8469]  path_openat+0x1e88/0x2d80
[  268.709275][ T8469]  ? __pfx_path_openat+0x10/0x10
[  268.709307][ T8469]  ? __pfx___lock_acquire+0x10/0x10
[  268.709334][ T8469]  ? lock_acquire.part.0+0x11b/0x380
[  268.709362][ T8469]  ? find_held_lock+0x2d/0x110
[  268.709391][ T8469]  do_filp_open+0x20c/0x470
[  268.709423][ T8469]  ? __pfx_do_filp_open+0x10/0x10
[  268.709452][ T8469]  ? find_held_lock+0x2d/0x110
[  268.709500][ T8469]  ? alloc_fd+0x41f/0x760
[  268.709541][ T8469]  do_sys_openat2+0x17a/0x1e0
[  268.709564][ T8469]  ? __pfx_do_sys_openat2+0x10/0x10
[  268.709593][ T8469]  ? __fget_files+0x206/0x3a0
[  268.709629][ T8469]  __x64_sys_openat+0x175/0x210
[  268.709653][ T8469]  ? __pfx___x64_sys_openat+0x10/0x10
[  268.709676][ T8469]  ? ksys_write+0x1ba/0x250
[  268.709718][ T8469]  do_syscall_64+0xcd/0x250
[  268.709748][ T8469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.709778][ T8469] RIP: 0033:0x7f080098d169
[  268.709797][ T8469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.709819][ T8469] RSP: 002b:00007f08017ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  268.709841][ T8469] RAX: ffffffffffffffda RBX: 00007f0800ba5fa0 RCX: 00007f080098d169
[  268.709856][ T8469] RDX: 0000000000080d02 RSI: 0000400000000e40 RDI: ffffffffffffff9c
[  268.709871][ T8469] RBP: 00007f08017ca090 R08: 0000000000000000 R09: 0000000000000000
[  268.709885][ T8469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  268.709899][ T8469] R13: 0000000000000001 R14: 00007f0800ba5fa0 R15: 00007ffee6cf6ab8
[  268.709931][ T8469]  </TASK>
[  269.451919][ T8444] syz.2.671 (8444) used greatest stack depth: 20256 bytes left
[  271.311332][   T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  271.321868][   T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  271.330994][   T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  271.360936][   T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  271.368879][   T55] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  271.377533][   T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  271.732797][ T8491] chnl_net:caif_netlink_parms(): no params data found
[  271.862194][ T8491] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.872467][ T8491] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.879691][ T8491] bridge_slave_0: entered allmulticast mode
[  271.912054][ T8491] bridge_slave_0: entered promiscuous mode
[  271.932664][ T8491] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.939788][ T8491] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.971854][ T8491] bridge_slave_1: entered allmulticast mode
[  271.978932][ T8491] bridge_slave_1: entered promiscuous mode
[  272.036603][ T8491] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.051438][ T8491] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.129376][ T8491] team0: Port device team_slave_0 added
[  272.143422][ T8491] team0: Port device team_slave_1 added
[  272.230306][ T8491] batman_adv: batadv0: Adding interface: batadv_slave_0
[  272.242215][ T8491] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.287490][ T8491] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  272.310498][ T8491] batman_adv: batadv0: Adding interface: batadv_slave_1
[  272.327993][ T8491] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.371121][ T8491] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  272.476342][ T8491] hsr_slave_0: entered promiscuous mode
[  272.482796][ T8491] hsr_slave_1: entered promiscuous mode
[  272.489042][ T8491] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  272.502215][ T8491] Cannot create hsr debugfs directory
[  273.401663][   T55] Bluetooth: hci4: command tx timeout
[  275.494921][   T55] Bluetooth: hci4: command tx timeout
[  277.570931][   T55] Bluetooth: hci4: command tx timeout
[  279.651198][   T55] Bluetooth: hci4: command tx timeout
[  285.183016][ T8549] FAULT_INJECTION: forcing a failure.
[  285.183016][ T8549] name failslab, interval 1, probability 0, space 0, times 0
[  285.231516][ T8549] CPU: 1 UID: 0 PID: 8549 Comm: syz.2.703 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  285.231554][ T8549] Tainted: [U]=USER
[  285.231562][ T8549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.231575][ T8549] Call Trace:
[  285.231581][ T8549]  <TASK>
[  285.231590][ T8549]  dump_stack_lvl+0x16c/0x1f0
[  285.231623][ T8549]  should_fail_ex+0x50a/0x650
[  285.231655][ T8549]  ? fs_reclaim_acquire+0xae/0x150
[  285.231686][ T8549]  should_failslab+0xc2/0x120
[  285.231707][ T8549]  __kmalloc_node_noprof+0xd1/0x510
[  285.231742][ T8549]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  285.231777][ T8549]  __kvmalloc_node_noprof+0xad/0x1a0
[  285.231808][ T8549]  io_alloc_cache_init+0x33/0x170
[  285.231839][ T8549]  io_uring_setup+0x5d6/0x2200
[  285.231867][ T8549]  ? __pfx_io_uring_setup+0x10/0x10
[  285.231911][ T8549]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  285.231945][ T8549]  ? __fget_files+0x206/0x3a0
[  285.231984][ T8549]  ? ksys_write+0x1ba/0x250
[  285.232013][ T8549]  ? __pfx_ksys_write+0x10/0x10
[  285.232047][ T8549]  __x64_sys_io_uring_setup+0x98/0x140
[  285.232073][ T8549]  do_syscall_64+0xcd/0x250
[  285.232103][ T8549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.232134][ T8549] RIP: 0033:0x7f589b98d169
[  285.232153][ T8549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.232174][ T8549] RSP: 002b:00007f589c796038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  285.232198][ T8549] RAX: ffffffffffffffda RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  285.232213][ T8549] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  285.232226][ T8549] RBP: 00007f589c796090 R08: 0000000000000000 R09: 0000000000000000
[  285.232241][ T8549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  285.232254][ T8549] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  285.232285][ T8549]  </TASK>
[  288.239712][ T8227] syz.2.607 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  288.301101][ T8227] CPU: 1 UID: 0 PID: 8227 Comm: syz.2.607 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  288.301139][ T8227] Tainted: [U]=USER
[  288.301147][ T8227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.301159][ T8227] Call Trace:
[  288.301166][ T8227]  <TASK>
[  288.301175][ T8227]  dump_stack_lvl+0x16c/0x1f0
[  288.301209][ T8227]  dump_header+0x101/0x930
[  288.301242][ T8227]  oom_kill_process+0x270/0xa60
[  288.301275][ T8227]  out_of_memory+0x351/0x1700
[  288.301313][ T8227]  ? __pfx_out_of_memory+0x10/0x10
[  288.301338][ T8227]  ? rcu_read_unlock+0x17/0x60
[  288.301361][ T8227]  ? find_held_lock+0x2d/0x110
[  288.301393][ T8227]  mem_cgroup_out_of_memory+0x207/0x270
[  288.301421][ T8227]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  288.301458][ T8227]  ? do_raw_spin_unlock+0x172/0x230
[  288.301488][ T8227]  try_charge_memcg+0x54c/0xaf0
[  288.301527][ T8227]  ? __pfx_try_charge_memcg+0x10/0x10
[  288.301560][ T8227]  ? trace_lock_acquire+0x14e/0x1f0
[  288.301586][ T8227]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  288.301616][ T8227]  ? lock_acquire+0x2f/0xb0
[  288.301643][ T8227]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  288.301677][ T8227]  charge_memcg+0x8a/0x310
[  288.301710][ T8227]  __mem_cgroup_charge+0x2b/0x1e0
[  288.301742][ T8227]  shmem_alloc_and_add_folio+0x50a/0xc10
[  288.301775][ T8227]  ? shmem_huge_global_enabled+0x72/0x6b0
[  288.301800][ T8227]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  288.301830][ T8227]  ? shmem_allowable_huge_orders+0xd0/0x410
[  288.301865][ T8227]  shmem_get_folio_gfp+0x689/0x1530
[  288.301901][ T8227]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  288.301927][ T8227]  ? find_held_lock+0x2d/0x110
[  288.301959][ T8227]  shmem_write_begin+0x161/0x300
[  288.301990][ T8227]  ? __pfx_shmem_write_begin+0x10/0x10
[  288.302014][ T8227]  ? timestamp_truncate+0x21f/0x2e0
[  288.302049][ T8227]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  288.302091][ T8227]  generic_perform_write+0x2ba/0x920
[  288.302128][ T8227]  ? __pfx_generic_perform_write+0x10/0x10
[  288.302157][ T8227]  ? inode_needs_update_time.part.0+0x191/0x270
[  288.302201][ T8227]  shmem_file_write_iter+0x10e/0x140
[  288.302233][ T8227]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  288.302262][ T8227]  __kernel_write_iter+0x318/0xa90
[  288.302296][ T8227]  ? __pfx___kernel_write_iter+0x10/0x10
[  288.302326][ T8227]  ? get_dump_page+0x15b/0x230
[  288.302364][ T8227]  ? __pfx___might_resched+0x10/0x10
[  288.302406][ T8227]  dump_user_range+0x389/0x8c0
[  288.302441][ T8227]  ? __pfx_dump_user_range+0x10/0x10
[  288.302470][ T8227]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  288.302511][ T8227]  ? __pfx_writenote+0x10/0x10
[  288.302548][ T8227]  elf_core_dump+0x287c/0x3a50
[  288.302596][ T8227]  ? __pfx_elf_core_dump+0x10/0x10
[  288.302622][ T8227]  ? kasan_save_stack+0x33/0x60
[  288.302650][ T8227]  ? kasan_save_track+0x14/0x30
[  288.302678][ T8227]  ? __kasan_kmalloc+0xaa/0xb0
[  288.302706][ T8227]  ? __kmalloc_node_noprof+0x21f/0x510
[  288.302743][ T8227]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  288.302772][ T8227]  ? get_signal+0x230b/0x26c0
[  288.302802][ T8227]  ? arch_do_signal_or_restart+0x90/0x7e0
[  288.302826][ T8227]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  288.302911][ T8227]  ? rcu_is_watching+0x12/0xc0
[  288.302936][ T8227]  ? trace_lock_acquire+0x14e/0x1f0
[  288.302960][ T8227]  ? __pfx_sort+0x10/0x10
[  288.302982][ T8227]  ? get_signal+0x230b/0x26c0
[  288.303023][ T8227]  ? do_coredump+0x3134/0x4400
[  288.303047][ T8227]  do_coredump+0x3134/0x4400
[  288.303086][ T8227]  ? __pfx_do_coredump+0x10/0x10
[  288.303114][ T8227]  ? stack_trace_save+0x95/0xd0
[  288.303140][ T8227]  ? __pfx_stack_trace_save+0x10/0x10
[  288.303164][ T8227]  ? hlock_class+0x4e/0x130
[  288.303187][ T8227]  ? stack_depot_save_flags+0x28/0x9c0
[  288.303234][ T8227]  ? kmem_cache_free+0x2e2/0x4d0
[  288.303262][ T8227]  ? __sigqueue_free+0xba/0x2a0
[  288.303285][ T8227]  ? get_signal+0xcbc/0x26c0
[  288.303314][ T8227]  ? arch_do_signal_or_restart+0x90/0x7e0
[  288.303338][ T8227]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  288.303409][ T8227]  ? find_held_lock+0x2d/0x110
[  288.303438][ T8227]  ? proc_coredump_connector+0x2d2/0x4f0
[  288.303471][ T8227]  ? __pfx_proc_coredump_connector+0x10/0x10
[  288.303520][ T8227]  get_signal+0x230b/0x26c0
[  288.303565][ T8227]  ? __pfx_get_signal+0x10/0x10
[  288.303609][ T8227]  arch_do_signal_or_restart+0x90/0x7e0
[  288.303637][ T8227]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  288.303672][ T8227]  ? exc_general_protection+0x1bc/0x230
[  288.303714][ T8227]  irqentry_exit_to_user_mode+0x13f/0x280
[  288.303750][ T8227]  asm_exc_general_protection+0x26/0x30
[  288.303779][ T8227] RIP: 0033:0x7f589b98d171
[  288.303799][ T8227] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  288.303822][ T8227] RSP: 002b:0000000000000002 EFLAGS: 00010217
[  288.303840][ T8227] RAX: 0000000000000000 RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  288.303855][ T8227] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  288.303868][ T8227] RBP: 00007f589ba0e2a0 R08: 0002000000000a1c R09: 0000000000000000
[  288.303883][ T8227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  288.303896][ T8227] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  288.303930][ T8227]  </TASK>
[  288.303939][ T8227] memory: usage 307200kB, limit 307200kB, failcnt 17324
[  288.838081][ T8227] memory+swap: usage 432156kB, limit 9007199254740988kB, failcnt 0
[  288.846803][ T8227] kmem: usage 5028kB, limit 9007199254740988kB, failcnt 0
[  288.854015][ T8227] Memory cgroup stats for /syz2:
[  288.854362][ T8227] cache 298647552
[  288.863295][ T8227] rss 10776576
[  288.866687][ T8227] rss_huge 0
[  288.869885][ T8227] shmem 298643456
[  288.873593][ T8227] mapped_file 24387584
[  288.877665][ T8227] dirty 0
[  288.880588][ T8227] writeback 0
[  288.883967][ T8227] workingset_refault_anon 1196
[  288.888742][ T8227] workingset_refault_file 48
[  288.893408][ T8227] swap 127954944
[  288.896956][ T8227] swapcached 40960
[  288.900660][ T8227] pgpgin 584324
[  288.904191][ T8227] pgpgout 508781
[  288.907745][ T8227] pgfault 197170
[  288.911367][ T8227] pgmajfault 239
[  288.914918][ T8227] inactive_anon 135426048
[  288.919229][ T8227] active_anon 173993984
[  288.923709][ T8227] inactive_file 4096
[  288.927627][ T8227] active_file 0
[  288.931303][ T8227] unevictable 0
[  288.934771][ T8227] hierarchical_memory_limit 314572800
[  288.940124][ T8227] hierarchical_memsw_limit 9223372036854771712
[  288.946376][ T8227] total_cache 298647552
[  288.950616][ T8227] total_rss 10776576
[  288.954644][ T8227] total_rss_huge 0
[  288.958713][ T8227] total_shmem 298643456
[  288.962940][ T8227] total_mapped_file 24387584
[  288.967540][ T8227] total_dirty 0
[  288.971098][ T8227] total_writeback 0
[  288.974918][ T8227] total_workingset_refault_anon 1196
[  288.980215][ T8227] total_workingset_refault_file 48
[  288.985407][ T8227] total_swap 127954944
[  288.989480][ T8227] total_swapcached 40960
[  288.993808][ T8227] total_pgpgin 584324
[  288.997817][ T8227] total_pgpgout 508781
[  289.001980][ T8227] total_pgfault 197170
[  289.006056][ T8227] total_pgmajfault 239
[  289.010147][ T8227] total_inactive_anon 135426048
[  289.015063][ T8227] total_active_anon 173993984
[  289.019745][ T8227] total_inactive_file 4096
[  289.024247][ T8227] total_active_file 0
[  289.028229][ T8227] total_unevictable 0
[  289.032290][ T8227] anon_cost 0
[  289.035594][ T8227] file_cost 0
[  289.038892][ T8227] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.596,pid=8177,uid=0
[  289.054239][ T8227] Memory cgroup out of memory: Killed process 8177 (syz.2.596) total-vm:136856kB, anon-rss:5208kB, file-rss:26844kB, shmem-rss:23808kB, UID:0 pgtables:216kB oom_score_adj:1000
[  289.805545][ T8240] syz.2.607 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  289.863077][ T8240] CPU: 1 UID: 0 PID: 8240 Comm: syz.2.607 Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  289.863113][ T8240] Tainted: [U]=USER
[  289.863120][ T8240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  289.863132][ T8240] Call Trace:
[  289.863139][ T8240]  <TASK>
[  289.863148][ T8240]  dump_stack_lvl+0x16c/0x1f0
[  289.863180][ T8240]  dump_header+0x101/0x930
[  289.863210][ T8240]  oom_kill_process+0x270/0xa60
[  289.863242][ T8240]  out_of_memory+0x351/0x1700
[  289.863278][ T8240]  ? __pfx_out_of_memory+0x10/0x10
[  289.863303][ T8240]  ? rcu_read_unlock+0x17/0x60
[  289.863325][ T8240]  ? find_held_lock+0x2d/0x110
[  289.863358][ T8240]  mem_cgroup_out_of_memory+0x207/0x270
[  289.863386][ T8240]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  289.863423][ T8240]  ? do_raw_spin_unlock+0x172/0x230
[  289.863453][ T8240]  try_charge_memcg+0x54c/0xaf0
[  289.863492][ T8240]  ? __pfx_try_charge_memcg+0x10/0x10
[  289.863523][ T8240]  ? trace_lock_acquire+0x14e/0x1f0
[  289.863550][ T8240]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  289.863580][ T8240]  ? lock_acquire+0x2f/0xb0
[  289.863607][ T8240]  ? get_mem_cgroup_from_mm+0x7f/0x5f0
[  289.863644][ T8240]  charge_memcg+0x8a/0x310
[  289.863677][ T8240]  __mem_cgroup_charge+0x2b/0x1e0
[  289.863702][ T8240]  shmem_alloc_and_add_folio+0x50a/0xc10
[  289.863735][ T8240]  ? shmem_huge_global_enabled+0x72/0x6b0
[  289.863760][ T8240]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  289.863798][ T8240]  ? shmem_allowable_huge_orders+0xd0/0x410
[  289.863833][ T8240]  shmem_get_folio_gfp+0x689/0x1530
[  289.863869][ T8240]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  289.863896][ T8240]  ? find_held_lock+0x2d/0x110
[  289.863929][ T8240]  shmem_write_begin+0x161/0x300
[  289.863959][ T8240]  ? __pfx_shmem_write_begin+0x10/0x10
[  289.863984][ T8240]  ? timestamp_truncate+0x21f/0x2e0
[  289.864020][ T8240]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1270
[  289.864062][ T8240]  generic_perform_write+0x2ba/0x920
[  289.864117][ T8240]  ? __pfx_generic_perform_write+0x10/0x10
[  289.864146][ T8240]  ? inode_needs_update_time.part.0+0x191/0x270
[  289.864191][ T8240]  shmem_file_write_iter+0x10e/0x140
[  289.864224][ T8240]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  289.864253][ T8240]  __kernel_write_iter+0x318/0xa90
[  289.864288][ T8240]  ? __pfx___kernel_write_iter+0x10/0x10
[  289.864318][ T8240]  ? get_dump_page+0x15b/0x230
[  289.864356][ T8240]  ? __pfx___might_resched+0x10/0x10
[  289.864390][ T8240]  ? copy_mc_enhanced_fast_string+0xa/0x13
[  289.864430][ T8240]  dump_user_range+0x389/0x8c0
[  289.864466][ T8240]  ? __pfx_dump_user_range+0x10/0x10
[  289.864495][ T8240]  ? elf_coredump_extra_notes_write+0xbe/0x430
[  289.864533][ T8240]  ? __pfx_writenote+0x10/0x10
[  289.864572][ T8240]  elf_core_dump+0x287c/0x3a50
[  289.864620][ T8240]  ? __pfx_elf_core_dump+0x10/0x10
[  289.864647][ T8240]  ? kasan_save_stack+0x33/0x60
[  289.864677][ T8240]  ? kasan_save_track+0x14/0x30
[  289.864705][ T8240]  ? __kasan_kmalloc+0xaa/0xb0
[  289.864734][ T8240]  ? __kmalloc_node_noprof+0x21f/0x510
[  289.864765][ T8240]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  289.864801][ T8240]  ? get_signal+0x230b/0x26c0
[  289.864831][ T8240]  ? arch_do_signal_or_restart+0x90/0x7e0
[  289.864855][ T8240]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  289.864941][ T8240]  ? rcu_is_watching+0x12/0xc0
[  289.864967][ T8240]  ? trace_lock_acquire+0x14e/0x1f0
[  289.864991][ T8240]  ? __pfx_sort+0x10/0x10
[  289.865013][ T8240]  ? get_signal+0x230b/0x26c0
[  289.865054][ T8240]  ? do_coredump+0x3134/0x4400
[  289.865078][ T8240]  do_coredump+0x3134/0x4400
[  289.865118][ T8240]  ? __pfx_do_coredump+0x10/0x10
[  289.865146][ T8240]  ? stack_trace_save+0x95/0xd0
[  289.865172][ T8240]  ? __pfx_stack_trace_save+0x10/0x10
[  289.865196][ T8240]  ? hlock_class+0x4e/0x130
[  289.865220][ T8240]  ? stack_depot_save_flags+0x28/0x9c0
[  289.865266][ T8240]  ? kmem_cache_free+0x2e2/0x4d0
[  289.865296][ T8240]  ? __sigqueue_free+0xba/0x2a0
[  289.865318][ T8240]  ? get_signal+0xcbc/0x26c0
[  289.865348][ T8240]  ? arch_do_signal_or_restart+0x90/0x7e0
[  289.865373][ T8240]  ? irqentry_exit_to_user_mode+0x13f/0x280
[  289.865444][ T8240]  ? find_held_lock+0x2d/0x110
[  289.865474][ T8240]  ? proc_coredump_connector+0x2d2/0x4f0
[  289.865509][ T8240]  ? __pfx_proc_coredump_connector+0x10/0x10
[  289.865559][ T8240]  get_signal+0x230b/0x26c0
[  289.865600][ T8240]  ? force_sig_fault+0xc5/0x110
[  289.865634][ T8240]  ? __pfx_get_signal+0x10/0x10
[  289.865678][ T8240]  arch_do_signal_or_restart+0x90/0x7e0
[  289.865711][ T8240]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  289.865736][ T8240]  ? __bad_area_nosemaphore+0x334/0x6a0
[  289.865784][ T8240]  ? do_user_addr_fault+0x920/0x13f0
[  289.865824][ T8240]  irqentry_exit_to_user_mode+0x13f/0x280
[  289.865855][ T8240]  asm_exc_page_fault+0x26/0x30
[  289.865883][ T8240] RIP: 0033:0x401000
[  289.865908][ T8240] Code: Unable to access opcode bytes at 0x400fd6.
[  289.865918][ T8240] RSP: 002b:000000000000000a EFLAGS: 00010246
[  289.865937][ T8240] RAX: 0000000000000000 RBX: 00007f589bba5fa0 RCX: 00007f589b98d169
[  289.865952][ T8240] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000004
[  289.865966][ T8240] RBP: 00007f589ba0e2a0 R08: 0002000000000a1c R09: 0000000000000000
[  289.865981][ T8240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  289.865994][ T8240] R13: 0000000000000000 R14: 00007f589bba5fa0 R15: 00007ffdb7b627a8
[  289.866029][ T8240]  </TASK>
[  290.537104][ T8240] memory: usage 291536kB, limit 307200kB, failcnt 18415
[  290.690213][ T8240] memory+swap: usage 401824kB, limit 9007199254740988kB, failcnt 0
[  290.698634][ T8240] kmem: usage 4740kB, limit 9007199254740988kB, failcnt 0
[  290.706672][ T8240] Memory cgroup stats for /syz2:
[  290.706851][ T8240] cache 291614720
[  290.715553][ T8240] rss 4321280
[  290.718861][ T8240] rss_huge 0
[  290.722171][ T8240] shmem 290144256
[  290.725822][ T8240] mapped_file 1597440
[  290.729815][ T8240] dirty 0
[  290.733098][ T8240] writeback 0
[  290.736408][ T8240] workingset_refault_anon 1196
[  290.741430][ T8240] workingset_refault_file 628
[  290.746129][ T8240] swap 110878720
[  290.749691][ T8240] swapcached 40960
[  290.753513][ T8240] pgpgin 588900
[  290.757155][ T8240] pgpgout 516616
[  290.760712][ T8240] pgfault 197585
[  290.764455][ T8240] pgmajfault 246
[  290.768022][ T8240] inactive_anon 131313664
[  290.772409][ T8240] active_anon 163254272
[  290.776590][ T8240] inactive_file 712704
[  290.780675][ T8240] active_file 757760
[  290.784687][ T8240] unevictable 0
[  290.788160][ T8240] hierarchical_memory_limit 314572800
[  290.793785][ T8240] hierarchical_memsw_limit 9223372036854771712
[  290.799953][ T8240] total_cache 291614720
[  290.804532][ T8240] total_rss 4321280
[  290.808356][ T8240] total_rss_huge 0
[  290.812150][ T8240] total_shmem 290144256
[  290.816318][ T8240] total_mapped_file 1597440
[  290.820916][ T8240] total_dirty 0
[  290.824385][ T8240] total_writeback 0
[  290.828203][ T8240] total_workingset_refault_anon 1196
[  290.833545][ T8240] total_workingset_refault_file 628
[  290.838752][ T8240] total_swap 110878720
[  290.842911][ T8240] total_swapcached 40960
[  290.847168][ T8240] total_pgpgin 588900
[  290.851239][ T8240] total_pgpgout 516616
[  290.855334][ T8240] total_pgfault 197585
[  290.859413][ T8240] total_pgmajfault 246
[  290.867719][ T8240] total_inactive_anon 131313664
[  290.872724][ T8240] total_active_anon 163254272
[  290.877423][ T8240] total_inactive_file 712704
[  290.882133][ T8240] total_active_file 757760
[  290.886565][ T8240] total_unevictable 0
[  290.890570][ T8240] anon_cost 0
[  290.893919][ T8240] file_cost 0
[  290.897222][ T8240] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.607,pid=8219,uid=0
[  290.912650][ T8240] Memory cgroup out of memory: OOM victim 8219 (syz.2.607) is already exiting. Skip killing the task
[  291.258709][ T5836] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  291.268197][ T5836] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  291.276800][ T5836] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  291.284698][ T5836] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  291.293346][ T5836] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  291.301548][ T5836] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  291.593226][ T8564] chnl_net:caif_netlink_parms(): no params data found
[  291.746214][ T8564] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.755805][ T8564] bridge0: port 1(bridge_slave_0) entered disabled state
[  291.771747][ T8564] bridge_slave_0: entered allmulticast mode
[  291.779169][ T8564] bridge_slave_0: entered promiscuous mode
[  291.801778][ T8564] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.809372][ T8564] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.825464][ T8564] bridge_slave_1: entered allmulticast mode
[  291.885172][ T8564] bridge_slave_1: entered promiscuous mode
[  291.935020][ T8564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.954190][ T8564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.008397][ T8564] team0: Port device team_slave_0 added
[  292.027542][ T8564] team0: Port device team_slave_1 added
[  292.104902][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.112326][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.160860][ T8564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.175219][ T8564] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.190795][ T8564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.227200][ T8564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.455420][ T8564] hsr_slave_0: entered promiscuous mode
[  292.462044][ T8564] hsr_slave_1: entered promiscuous mode
[  292.468122][ T8564] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  292.490829][ T8564] Cannot create hsr debugfs directory
[  292.732389][ T8177] syz.2.596 (8177) used greatest stack depth: 17872 bytes left
[  293.401013][   T55] Bluetooth: hci5: command tx timeout
[  295.490956][   T55] Bluetooth: hci5: command tx timeout
[  296.800105][ T8240] syz.2.607 (8240) used greatest stack depth: 17504 bytes left
[  297.450165][ T8587] bridge0: port 3(syz_tun) entered blocking state
[  297.457112][ T8587] bridge0: port 3(syz_tun) entered disabled state
[  297.463848][ T8587] syz_tun: entered allmulticast mode
[  297.469886][ T8587] syz_tun: entered promiscuous mode
[  297.476507][ T8587] bridge0: port 3(syz_tun) entered blocking state
[  297.483374][ T8587] bridge0: port 3(syz_tun) entered forwarding state
[  297.562636][   T55] Bluetooth: hci5: command tx timeout
[  297.640335][ T8586] ima: policy update failed
[  297.650828][   T29] audit: type=1802 audit(4294967371.410:8): pid=8586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.712" res=0 errno=0
[  299.052953][ T8638] program syz.2.717 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  299.247971][ T8638] cougar: G6 mapped to space
[  299.640940][   T55] Bluetooth: hci5: command tx timeout
[  299.926073][ T8641] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input9
[  300.679183][   T29] audit: type=1800 audit(4294967374.440:9): pid=8645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.719" name="dbroot" dev="configfs" ino=19476 res=0 errno=0
[  300.686456][ T5872] Process accounting resumed
[  301.559943][ T8649] ecryptfs_miscdev_write: Invalid packet size [105]
[  302.526174][ T8657] syz.2.722 uses obsolete (PF_INET,SOCK_PACKET)
[  302.539881][ T8657] netlink: 342 bytes leftover after parsing attributes in process `syz.2.722'.
[  314.040320][ T5836] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  314.050895][ T5836] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  314.059265][ T5836] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  314.069246][ T5836] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  314.077194][ T5836] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  314.084625][ T5836] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  314.209986][ T8659] chnl_net:caif_netlink_parms(): no params data found
[  314.259772][ T8659] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.267051][ T8659] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.274481][ T8659] bridge_slave_0: entered allmulticast mode
[  314.291237][ T8659] bridge_slave_0: entered promiscuous mode
[  314.298435][ T8659] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.305795][ T8659] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.313142][ T8659] bridge_slave_1: entered allmulticast mode
[  314.319752][ T8659] bridge_slave_1: entered promiscuous mode
[  314.341542][ T8659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.353819][ T8659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.383439][ T8659] team0: Port device team_slave_0 added
[  314.392280][ T8659] team0: Port device team_slave_1 added
[  314.415404][ T8659] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.423044][ T8659] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.449345][ T8659] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.462131][ T8659] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.469096][ T8659] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.495081][ T8659] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.530912][ T8659] hsr_slave_0: entered promiscuous mode
[  314.537002][ T8659] hsr_slave_1: entered promiscuous mode
[  314.543124][ T8659] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  314.550689][ T8659] Cannot create hsr debugfs directory
[  316.121089][   T55] Bluetooth: hci6: command tx timeout
[  317.493507][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  317.499872][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  318.200958][   T55] Bluetooth: hci6: command tx timeout
[  320.280916][   T55] Bluetooth: hci6: command tx timeout
[  322.360885][   T55] Bluetooth: hci6: command tx timeout
[  331.569747][ T5836] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  331.580517][ T5836] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  331.589116][ T5836] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  331.598287][ T5836] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  331.606671][ T5836] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  331.614618][ T5836] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  331.735760][ T8669] chnl_net:caif_netlink_parms(): no params data found
[  331.786293][ T8669] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.793922][ T8669] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.801439][ T8669] bridge_slave_0: entered allmulticast mode
[  331.808270][ T8669] bridge_slave_0: entered promiscuous mode
[  331.816301][ T8669] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.823760][ T8669] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.831882][ T8669] bridge_slave_1: entered allmulticast mode
[  331.838516][ T8669] bridge_slave_1: entered promiscuous mode
[  331.865443][ T8669] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.876401][ T8669] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.908146][ T8669] team0: Port device team_slave_0 added
[  331.917611][ T8669] team0: Port device team_slave_1 added
[  331.938147][ T8669] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.945573][ T8669] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.980979][ T8669] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.993673][ T8669] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.000628][ T8669] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.026640][ T8669] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.063578][ T8669] hsr_slave_0: entered promiscuous mode
[  332.069938][ T8669] hsr_slave_1: entered promiscuous mode
[  332.076134][ T8669] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  332.083996][ T8669] Cannot create hsr debugfs directory
[  333.641095][ T5836] Bluetooth: hci7: command tx timeout
[  335.720920][ T5836] Bluetooth: hci7: command tx timeout
[  337.800893][ T5836] Bluetooth: hci7: command tx timeout
[  339.891060][ T5836] Bluetooth: hci7: command tx timeout
[  351.593093][   T55] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  351.602357][   T55] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  351.612170][   T55] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  351.621820][   T55] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  351.630224][   T55] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  351.637694][   T55] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  351.769613][ T8679] chnl_net:caif_netlink_parms(): no params data found
[  351.830569][ T8679] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.838238][ T8679] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.846365][ T8679] bridge_slave_0: entered allmulticast mode
[  351.853910][ T8679] bridge_slave_0: entered promiscuous mode
[  351.861622][ T8679] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.868691][ T8679] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.876112][ T8679] bridge_slave_1: entered allmulticast mode
[  351.883238][ T8679] bridge_slave_1: entered promiscuous mode
[  351.907871][ T8679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.918990][ T8679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.948432][ T8679] team0: Port device team_slave_0 added
[  351.958300][ T8679] team0: Port device team_slave_1 added
[  351.980380][ T8679] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.987527][ T8679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.013467][ T8679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.025882][ T8679] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.033015][ T8679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.059380][ T8679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.096301][ T8679] hsr_slave_0: entered promiscuous mode
[  352.103219][ T8679] hsr_slave_1: entered promiscuous mode
[  352.109156][ T8679] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  352.116780][ T8679] Cannot create hsr debugfs directory
[  353.720988][   T55] Bluetooth: hci8: command tx timeout
[  355.801081][   T55] Bluetooth: hci8: command tx timeout
[  357.881031][   T55] Bluetooth: hci8: command tx timeout
[  359.961008][   T55] Bluetooth: hci8: command tx timeout
[  374.133684][ T5834] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  374.142739][ T5834] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  374.151166][ T5834] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  374.159346][ T5834] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  374.167863][ T5834] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  374.175256][ T5834] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  374.333966][ T8694] chnl_net:caif_netlink_parms(): no params data found
[  374.392898][ T8694] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.400035][ T8694] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.407332][ T8694] bridge_slave_0: entered allmulticast mode
[  374.414675][ T8694] bridge_slave_0: entered promiscuous mode
[  374.422992][ T8694] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.430184][ T8694] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.437795][ T8694] bridge_slave_1: entered allmulticast mode
[  374.445844][ T8694] bridge_slave_1: entered promiscuous mode
[  374.475409][ T8694] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  374.486546][ T8694] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  374.518354][ T8694] team0: Port device team_slave_0 added
[  374.526730][ T8694] team0: Port device team_slave_1 added
[  374.550956][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_0
[  374.557936][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.584526][ T8694] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  374.597542][ T8694] batman_adv: batadv0: Adding interface: batadv_slave_1
[  374.605152][ T8694] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  374.631253][ T8694] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  374.668451][ T8694] hsr_slave_0: entered promiscuous mode
[  374.674947][ T8694] hsr_slave_1: entered promiscuous mode
[  374.681145][ T8694] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  374.688731][ T8694] Cannot create hsr debugfs directory
[  375.881107][ T5834] Bluetooth: hci0: command 0x0406 tx timeout
[  376.200992][ T5836] Bluetooth: hci9: command tx timeout
[  378.291574][ T5836] Bluetooth: hci9: command tx timeout
[  378.924092][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  378.930515][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  380.361096][ T5836] Bluetooth: hci9: command tx timeout
[  382.440999][ T5836] Bluetooth: hci9: command tx timeout
[  392.153011][ T5834] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  392.163845][ T5834] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  392.171718][ T5834] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  392.180377][ T5834] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  392.189560][ T5834] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  392.198261][ T5834] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  392.338061][ T8707] chnl_net:caif_netlink_parms(): no params data found
[  392.404705][ T8707] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.411996][ T8707] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.419355][ T8707] bridge_slave_0: entered allmulticast mode
[  392.426532][ T8707] bridge_slave_0: entered promiscuous mode
[  392.435275][ T8707] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.442916][ T8707] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.450170][ T8707] bridge_slave_1: entered allmulticast mode
[  392.457699][ T8707] bridge_slave_1: entered promiscuous mode
[  392.482507][ T8707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  392.495057][ T8707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  392.525703][ T8707] team0: Port device team_slave_0 added
[  392.535202][ T8707] team0: Port device team_slave_1 added
[  392.559780][ T8707] batman_adv: batadv0: Adding interface: batadv_slave_0
[  392.567432][ T8707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.594553][ T8707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.607920][ T8707] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.615231][ T8707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.641589][ T8707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  392.679353][ T8707] hsr_slave_0: entered promiscuous mode
[  392.686182][ T8707] hsr_slave_1: entered promiscuous mode
[  392.693110][ T8707] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  392.701338][ T8707] Cannot create hsr debugfs directory
[  394.283618][ T5836] Bluetooth: hci10: command tx timeout
[  396.363666][ T5834] Bluetooth: hci4: command 0x0406 tx timeout
[  396.370562][   T55] Bluetooth: hci10: command tx timeout
[  398.441956][ T5836] Bluetooth: hci10: command tx timeout
[  400.521196][ T5836] Bluetooth: hci10: command tx timeout
[  411.686950][   T55] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  411.697125][   T55] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  411.705637][   T55] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  411.717000][   T55] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  411.725229][   T55] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  411.733151][   T55] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  411.861763][ T8719] chnl_net:caif_netlink_parms(): no params data found
[  411.931581][ T8719] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.938769][ T8719] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.946706][ T8719] bridge_slave_0: entered allmulticast mode
[  411.954777][ T8719] bridge_slave_0: entered promiscuous mode
[  411.963196][ T8719] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.970265][ T8719] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.978703][ T8719] bridge_slave_1: entered allmulticast mode
[  411.986243][ T8719] bridge_slave_1: entered promiscuous mode
[  412.012864][ T8719] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.024949][ T8719] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.062668][ T8719] team0: Port device team_slave_0 added
[  412.070050][ T8719] team0: Port device team_slave_1 added
[  412.096604][ T8719] batman_adv: batadv0: Adding interface: batadv_slave_0
[  412.103666][ T8719] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.130058][ T8719] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  412.142852][ T8719] batman_adv: batadv0: Adding interface: batadv_slave_1
[  412.150166][ T8719] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  412.176664][ T8719] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  412.213479][ T8719] hsr_slave_0: entered promiscuous mode
[  412.221365][ T8719] hsr_slave_1: entered promiscuous mode
[  412.227353][ T8719] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  412.236076][ T8719] Cannot create hsr debugfs directory
[  413.810866][   T55] Bluetooth: hci11: command tx timeout
[  415.401007][   T30] INFO: task kworker/u8:6:3506 blocked for more than 143 seconds.
[  415.408872][   T30]       Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  415.418993][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  415.428275][   T30] task:kworker/u8:6    state:D stack:22208 pid:3506  tgid:3506  ppid:2      task_flags:0x4208060 flags:0x00004000
[  415.440554][   T30] Workqueue: netns cleanup_net
[  415.445425][   T30] Call Trace:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  415.448715][   T30]  <TASK>
[  415.451763][   T30]  __schedule+0xf43/0x5890
[  415.456219][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  415.461528][   T30]  ? add_lock_to_list+0x17d/0x390
[  415.466600][   T30]  ? __pfx___schedule+0x10/0x10
[  415.471663][   T30]  ? schedule+0x298/0x350
[  415.476019][   T30]  ? __pfx_lock_release+0x10/0x10
[  415.481260][   T30]  ? lock_acquire+0x2f/0xb0
[  415.485792][   T30]  ? schedule+0x1fd/0x350
[  415.490147][   T30]  schedule+0xe7/0x350
[  415.494518][   T30]  schedule_timeout+0x244/0x280
[  415.499410][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  415.505117][   T30]  ? mark_held_locks+0x9f/0xe0
[  415.509923][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  415.515399][   T30]  __wait_for_common+0x3e1/0x600
[  415.520367][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  415.526456][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  415.532825][   T30]  remove_one+0x30f/0x420
[  415.537207][   T30]  ? __pfx_remove_one+0x10/0x10
[  415.542369][   T30]  simple_recursive_removal+0x4e2/0x8e0
[  415.547945][   T30]  ? __pfx_remove_one+0x10/0x10
[  415.553153][   T30]  debugfs_remove+0x5d/0x80
[  415.557692][   T30]  nsim_dev_health_exit+0x3b/0xe0
[  415.563089][   T30]  nsim_dev_reload_destroy+0x143/0x4d0
[  415.568613][   T30]  nsim_dev_reload_down+0x6e/0xd0
[  415.573926][   T30]  devlink_reload+0x19a/0x7c0
[  415.578645][   T30]  ? __pfx_devlink_reload+0x10/0x10
[  415.590737][   T30]  ? devlinks_xa_find_get+0x39/0x260
[  415.596073][   T30]  devlink_pernet_pre_exit+0x1a1/0x2b0
[  415.618465][   T30]  ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[  415.624703][   T30]  ? up_write+0x1b2/0x520
[  415.642208][   T30]  ? kobject_put+0xab/0x5a0
[  415.647161][   T30]  ? __pfx_devlink_pernet_pre_exit+0x10/0x10
[  415.660789][   T30]  cleanup_net+0x497/0xb30
[  415.665266][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  415.670237][   T30]  ? lock_acquire+0x2f/0xb0
[  415.710795][   T30]  ? process_one_work+0x921/0x1ba0
[  415.716408][   T30]  process_one_work+0x9c5/0x1ba0
[  415.740872][   T30]  ? __pfx_batadv_nc_worker+0x10/0x10
[  415.746308][   T30]  ? __pfx_process_one_work+0x10/0x10
[  415.760796][   T30]  ? assign_work+0x1a0/0x250
[  415.765442][   T30]  worker_thread+0x6c8/0xf00
[  415.770074][   T30]  ? __pfx_worker_thread+0x10/0x10
[  415.790849][   T30]  kthread+0x3af/0x750
[  415.794983][   T30]  ? __pfx_kthread+0x10/0x10
[  415.799597][   T30]  ? lock_acquire+0x2f/0xb0
[  415.819476][   T30]  ? __pfx_kthread+0x10/0x10
[  415.824275][   T30]  ret_from_fork+0x45/0x80
[  415.828721][   T30]  ? __pfx_kthread+0x10/0x10
[  415.835704][   T30]  ret_from_fork_asm+0x1a/0x30
[  415.840526][   T30]  </TASK>
[  415.843773][   T30] INFO: task syz-executor:8331 blocked for more than 143 seconds.
[  415.851720][   T30]       Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  415.876131][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  415.883796][ T5836] Bluetooth: hci11: command tx timeout
[  415.902388][   T30] task:syz-executor    state:D stack:24400 pid:8331  tgid:8331  ppid:1      task_flags:0x400140 flags:0x00000004
[  415.930257][   T30] Call Trace:
[  415.934202][   T30]  <TASK>
[  415.937170][   T30]  __schedule+0xf43/0x5890
[  415.941820][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  415.947777][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  415.953399][   T30]  ? __pfx___schedule+0x10/0x10
[  415.958279][   T30]  ? schedule+0x298/0x350
[  415.963041][   T30]  ? __pfx_lock_release+0x10/0x10
[  415.968103][   T30]  ? __mutex_trylock_common+0x78/0x250
[  415.973686][   T30]  ? lock_acquire+0x2f/0xb0
[  415.978231][   T30]  ? schedule+0x1fd/0x350
[  415.982664][   T30]  schedule+0xe7/0x350
[  415.986770][   T30]  schedule_preempt_disabled+0x13/0x30
[  415.992291][   T30]  __mutex_lock+0x6bd/0xb10
[  415.996823][   T30]  ? device_del+0xa1/0x9f0
[  416.001352][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  416.006398][   T30]  ? __pfx_lock_release+0x10/0x10
[  416.011515][   T30]  ? mark_held_locks+0x9f/0xe0
[  416.016491][   T30]  ? device_del+0xa1/0x9f0
[  416.021129][   T30]  ? ida_free+0x204/0x2f0
[  416.025485][   T30]  device_del+0xa1/0x9f0
[  416.029742][   T30]  ? __pfx_ida_free+0x10/0x10
[  416.034493][   T30]  ? __pfx_device_del+0x10/0x10
[  416.039558][   T30]  device_unregister+0x1d/0xc0
[  416.044580][   T30]  del_device_store+0x346/0x4b0
[  416.049465][   T30]  ? __pfx_del_device_store+0x10/0x10
[  416.054983][   T30]  ? rcu_is_watching+0x12/0xc0
[  416.059780][   T30]  ? __pfx_del_device_store+0x10/0x10
[  416.065274][   T30]  bus_attr_store+0x71/0xb0
[  416.069815][   T30]  ? __pfx_bus_attr_store+0x10/0x10
[  416.075097][   T30]  sysfs_kf_write+0x117/0x170
[  416.079800][   T30]  kernfs_fop_write_iter+0x33d/0x500
[  416.085171][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  416.090387][   T30]  vfs_write+0x5ae/0x1150
[  416.094788][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  416.100609][   T30]  ? __pfx_vfs_write+0x10/0x10
[  416.105462][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  416.110725][   T30]  ksys_write+0x12b/0x250
[  416.115084][   T30]  ? __pfx_ksys_write+0x10/0x10
[  416.119972][   T30]  do_syscall_64+0xcd/0x250
[  416.125149][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.131676][   T30] RIP: 0033:0x7f124c58bc1f
[  416.136121][   T30] RSP: 002b:00007fff93362ad0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  416.145108][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f124c58bc1f
[  416.153258][   T30] RDX: 0000000000000001 RSI: 00007fff93362b20 RDI: 0000000000000005
[  416.161331][   T30] RBP: 00007f124c60f4fd R08: 0000000000000000 R09: 00007fff93362927
[  416.169311][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  416.177400][   T30] R13: 00007fff93362b20 R14: 00007f124d2d4620 R15: 0000000000000003
[  416.186278][   T30]  </TASK>
[  416.189379][   T30] INFO: task syz.0.650:8353 blocked for more than 144 seconds.
[  416.197755][   T30]       Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  416.207173][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  416.215930][   T30] task:syz.0.650       state:D stack:27040 pid:8353  tgid:8351  ppid:5829   task_flags:0x400140 flags:0x00000004
[  416.228299][   T30] Call Trace:
[  416.231649][   T30]  <TASK>
[  416.234598][   T30]  __schedule+0xf43/0x5890
[  416.239068][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  416.244757][   T30]  ? __pfx___schedule+0x10/0x10
[  416.249648][   T30]  ? schedule+0x298/0x350
[  416.254074][   T30]  ? __pfx_lock_release+0x10/0x10
[  416.259129][   T30]  ? __mutex_trylock_common+0x78/0x250
[  416.264685][   T30]  ? lock_acquire+0x2f/0xb0
[  416.269222][   T30]  ? schedule+0x1fd/0x350
[  416.273672][   T30]  schedule+0xe7/0x350
[  416.277757][   T30]  schedule_preempt_disabled+0x13/0x30
[  416.283330][   T30]  __mutex_lock+0x6bd/0xb10
[  416.287872][   T30]  ? devlink_health_report+0x3c5/0x9d0
[  416.294688][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  416.299755][   T30]  ? find_held_lock+0x2d/0x110
[  416.304895][   T30]  ? __might_fault+0x13b/0x190
[  416.309677][   T30]  ? __pfx_lock_release+0x10/0x10
[  416.315007][   T30]  ? devlink_health_report+0x3c5/0x9d0
[  416.320494][   T30]  devlink_health_report+0x3c5/0x9d0
[  416.326089][   T30]  ? __pfx_devlink_health_report+0x10/0x10
[  416.332003][   T30]  ? _copy_from_user+0x59/0xd0
[  416.336790][   T30]  nsim_dev_health_break_write+0x167/0x210
[  416.342731][   T30]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  416.349304][   T30]  ? rcu_is_watching+0x12/0xc0
[  416.354273][   T30]  ? trace_lock_acquire+0x14e/0x1f0
[  416.359500][   T30]  full_proxy_write+0x13c/0x200
[  416.364557][   T30]  ? __pfx_full_proxy_write+0x10/0x10
[  416.369957][   T30]  vfs_write+0x24c/0x1150
[  416.374836][   T30]  ? __fget_files+0x1fc/0x3a0
[  416.379539][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  416.384707][   T30]  ? __pfx_vfs_write+0x10/0x10
[  416.389498][   T30]  ? __fget_files+0x206/0x3a0
[  416.394329][   T30]  ksys_write+0x12b/0x250
[  416.398683][   T30]  ? __pfx_ksys_write+0x10/0x10
[  416.403714][   T30]  do_syscall_64+0xcd/0x250
[  416.409074][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.415109][   T30] RIP: 0033:0x7fa041d8d169
[  416.419546][   T30] RSP: 002b:00007fa042c10038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  416.428100][   T30] RAX: ffffffffffffffda RBX: 00007fa041fa5fa0 RCX: 00007fa041d8d169
[  416.436156][   T30] RDX: 00000000000000ef RSI: 0000000000000000 RDI: 0000000000000009
[  416.444322][   T30] RBP: 00007fa041e0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  416.452695][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  416.460979][   T30] R13: 0000000000000000 R14: 00007fa041fa5fa0 R15: 00007fff301d78c8
[  416.469001][   T30]  </TASK>
[  416.472136][   T30] 
[  416.472136][   T30] Showing all locks held in the system:
[  416.479936][   T30] 1 lock held by khungtaskd/30:
[  416.484552][ T5831] bridge0: port 3(syz_tun) entered disabled state
[  416.486279][   T30]  #0: ffffffff8e1bcc80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390
[  416.503754][   T30] 3 locks held by kworker/u9:0/55:
[  416.508876][   T30]  #0: ffff88802942b148 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  416.520638][   T30]  #1: ffffc9000120fd18 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  416.534528][   T30]  #2: ffff888057c44d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x170/0x410
[  416.544565][   T30] 6 locks held by kworker/u8:6/3506:
[  416.550154][   T30]  #0: ffff88801bef5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  416.560766][   T30]  #1: ffffc9000d307d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  416.570936][   T30]  #2: ffffffff8fee3150 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xca/0xb30
[  416.580392][   T30]  #3: ffff8880653fd0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12d/0x2b0
[  416.590484][   T30]  #4: ffff8880653fe250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x137/0x2b0
[  416.601382][   T30]  #5: ffff888055973438 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: simple_recursive_removal+0x2f5/0x8e0
[  416.612882][   T30] 2 locks held by klogd/5196:
[  416.617570][   T30]  #0: ffff8880b863ed58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  416.627684][   T30]  #1: ffffffff8e1c7998 (rcu_node_0){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[  416.637598][   T30] 2 locks held by syz-executor/5831:
[  416.642996][   T30]  #0: ffffffff8fef8de8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  416.653262][   T30]  #1: ffffffff8e1c80f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0
[  416.663442][   T30] 2 locks held by getty/6231:
[  416.668128][   T30]  #0: ffff888031cec0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  416.677975][   T30]  #1: ffffc900054bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480
[  416.688451][   T30] 2 locks held by kworker/u8:8/6959:
[  416.693872][   T30] 5 locks held by syz-executor/8331:
[  416.699169][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  416.708308][   T30]  #1: ffff888030537488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  416.718152][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  416.730587][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  416.741390][   T30]  #4: ffff8880653fd0e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa1/0x9f0
[  416.750289][   T30] 3 locks held by syz.0.650/8353:
[  416.755691][   T30]  #0: ffff8880223df0b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x267/0x390
[  416.765018][   T30]  #1: ffff8881412ec420 (sb_writers#9){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  416.774149][   T30]  #2: ffff8880653fe250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_health_report+0x3c5/0x9d0
[  416.784904][   T30] 3 locks held by kworker/u8:22/8421:
[  416.790274][   T30]  #0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  416.801597][   T30]  #1: ffffc9000cfffd18 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  416.812085][   T30]  #2: ffffffff8fef8de8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  416.821318][   T30] 5 locks held by kworker/u8:24/8424:
[  416.826706][   T30] 4 locks held by syz-executor/8491:
[  416.832063][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  416.841337][ T5836] Bluetooth: hci5: command 0x0406 tx timeout
[  416.847677][   T30]  #1: ffff8880333b8488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  416.859397][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  416.870152][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  416.880579][   T30] 2 locks held by syz.3.696/8527:
[  416.885705][   T30]  #0: ffff8881412ec420 (sb_writers#9){.+.+}-{0:0}, at: path_openat+0x1f64/0x2d80
[  416.895084][   T30]  #1: ffff888055973438 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x88a/0x2d80
[  416.905598][   T30] 4 locks held by syz-executor/8564:
[  416.911080][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  416.920122][   T30]  #1: ffff88808e7dfc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  416.930081][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  416.940214][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  416.950605][   T30] 4 locks held by syz-executor/8659:
[  416.955917][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  416.965316][   T30]  #1: ffff88808eeef888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  416.975169][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  416.985319][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  416.995726][   T30] 4 locks held by syz-executor/8669:
[  417.001110][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  417.010138][   T30]  #1: ffff88809293c888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  417.019955][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  417.030149][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  417.040504][   T30] 4 locks held by syz-executor/8679:
[  417.045845][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  417.054935][   T30]  #1: ffff888084c29088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  417.065090][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  417.075248][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  417.085739][   T30] 4 locks held by syz-executor/8694:
[  417.091121][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  417.100152][   T30]  #1: ffff88808f5fcc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  417.109986][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  417.120110][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  417.130528][   T30] 4 locks held by syz-executor/8707:
[  417.135993][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  417.145381][   T30]  #1: ffff8880258e9888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  417.155541][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  417.166442][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  417.177228][   T30] 4 locks held by syz-executor/8719:
[  417.182858][   T30]  #0: ffff8880369a0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12b/0x250
[  417.192178][   T30]  #1: ffff88808afcdc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x27b/0x500
[  417.202306][   T30]  #2: ffff888144bb7d28 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x29e/0x500
[  417.212678][   T30]  #3: ffffffff8f4a3a28 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd2/0x4b0
[  417.231552][   T30] 
[  417.233965][   T30] =============================================
[  417.233965][   T30] 
[  417.245712][   T30] NMI backtrace for cpu 0
[  417.245729][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  417.245759][   T30] Tainted: [U]=USER
[  417.245766][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  417.245779][   T30] Call Trace:
[  417.245786][   T30]  <TASK>
[  417.245794][   T30]  dump_stack_lvl+0x116/0x1f0
[  417.245828][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  417.245863][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  417.245894][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  417.245931][   T30]  watchdog+0xf62/0x12b0
[  417.245969][   T30]  ? __pfx_watchdog+0x10/0x10
[  417.246004][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.246033][   T30]  ? __kthread_parkme+0x148/0x220
[  417.246057][   T30]  ? __pfx_watchdog+0x10/0x10
[  417.246090][   T30]  kthread+0x3af/0x750
[  417.246117][   T30]  ? __pfx_kthread+0x10/0x10
[  417.246148][   T30]  ? __pfx_kthread+0x10/0x10
[  417.246175][   T30]  ret_from_fork+0x45/0x80
[  417.246202][   T30]  ? __pfx_kthread+0x10/0x10
[  417.246229][   T30]  ret_from_fork_asm+0x1a/0x30
[  417.246268][   T30]  </TASK>
[  417.246276][   T30] Sending NMI from CPU 0 to CPUs 1:
[  417.284841][ T5831] syz_tun (unregistering): left allmulticast mode
[  417.288218][    C1] NMI backtrace for cpu 1
[  417.288232][    C1] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  417.288259][    C1] Tainted: [U]=USER
[  417.288265][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  417.288276][    C1] RIP: 0010:lock_acquire.part.0+0x94/0x380
[  417.288307][    C1] Code: 65 48 8b 04 25 28 00 00 00 48 89 84 24 a0 00 00 00 31 c0 65 8b 05 94 db 6b 7e 85 c0 0f 85 12 01 00 00 65 48 8b 2d 3c 2a 6d 7e <48> 8d bd ec 0a 00 00 48 89 f8 48 c1 e8 03 0f b6 14 10 48 89 f8 83
[  417.288325][    C1] RSP: 0018:ffffc90003f8f278 EFLAGS: 00000046
[  417.288340][    C1] RAX: 0000000000000000 RBX: 1ffff920007f1e50 RCX: 0000000000000000
[  417.288352][    C1] RDX: dffffc0000000000 RSI: 0000000000000000 RDI: ffffffff8e0ca140
[  417.288365][    C1] RBP: ffff88807ed98000 R08: 0000000000000001 R09: 0000000000000000
[  417.288377][    C1] R10: ffffffff90627717 R11: 0000000000000003 R12: 0000000000000000
[  417.288388][    C1] R13: ffffffff8e0ca140 R14: 0000000000000000 R15: 0000000000000000
[  417.288400][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  417.288418][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  417.288431][    C1] CR2: 00007ffc13ed4b38 CR3: 0000000034cb6000 CR4: 00000000003526f0
[  417.288443][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  417.288454][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  417.288466][    C1] Call Trace:
[  417.288472][    C1]  <NMI>
[  417.288478][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  417.288509][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  417.288533][    C1]  ? nmi_handle+0x1ac/0x5d0
[  417.288558][    C1]  ? lock_acquire.part.0+0x94/0x380
[  417.288582][    C1]  ? default_do_nmi+0x6a/0x160
[  417.288610][    C1]  ? exc_nmi+0x170/0x1e0
[  417.288636][    C1]  ? end_repeat_nmi+0xf/0x53
[  417.288665][    C1]  ? lock_acquire.part.0+0x94/0x380
[  417.288691][    C1]  ? lock_acquire.part.0+0x94/0x380
[  417.288716][    C1]  ? lock_acquire.part.0+0x94/0x380
[  417.288783][    C1]  </NMI>
[  417.288789][    C1]  <TASK>
[  417.288797][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  417.288821][    C1]  ? rcu_is_watching+0x12/0xc0
[  417.288841][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  417.288862][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  417.288878][    C1]  ? console_lock_spinning_enable+0x9f/0xd0
[  417.288898][    C1]  ? lock_acquire+0x2f/0xb0
[  417.288920][    C1]  ? console_lock_spinning_enable+0x9f/0xd0
[  417.288941][    C1]  console_lock_spinning_enable+0xb0/0xd0
[  417.288959][    C1]  ? console_lock_spinning_enable+0x9f/0xd0
[  417.288977][    C1]  console_flush_all+0x7ac/0xc60
[  417.288999][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  417.289018][    C1]  ? __pfx_mark_lock+0x10/0x10
[  417.289044][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  417.289067][    C1]  console_unlock+0xd9/0x210
[  417.289085][    C1]  ? __pfx_console_unlock+0x10/0x10
[  417.289105][    C1]  ? lock_acquire+0x2f/0xb0
[  417.289127][    C1]  ? vprintk_emit+0x638/0x6f0
[  417.289147][    C1]  vprintk_emit+0x424/0x6f0
[  417.289166][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  417.289184][    C1]  ? kernfs_put+0x47/0x50
[  417.289208][    C1]  ? del_nbp+0x8c/0xd30
[  417.289232][    C1]  ? br_del_if+0xe0/0x270
[  417.289256][    C1]  ? br_device_event+0x4e4/0xa00
[  417.289274][    C1]  ? notifier_call_chain+0xb7/0x410
[  417.289294][    C1]  ? call_netdevice_notifiers_info+0xbe/0x140
[  417.289313][    C1]  ? unregister_netdevice_many_notify+0xc8a/0x1f30
[  417.289343][    C1]  _printk+0xc8/0x100
[  417.289366][    C1]  ? __pfx__printk+0x10/0x10
[  417.289390][    C1]  ? __pfx_mark_lock+0x10/0x10
[  417.289417][    C1]  __netdev_printk+0x376/0x500
[  417.289445][    C1]  netdev_info+0xe5/0x120
[  417.289469][    C1]  ? __pfx_netdev_info+0x10/0x10
[  417.289494][    C1]  ? __call_rcu_common.constprop.0+0x3ea/0x870
[  417.289526][    C1]  ? __dev_set_allmulti+0x17a/0x3d0
[  417.289550][    C1]  __dev_set_allmulti+0x1a5/0x3d0
[  417.289575][    C1]  del_nbp+0xb5/0xd30
[  417.289602][    C1]  br_del_if+0xe0/0x270
[  417.289627][    C1]  br_device_event+0x4e4/0xa00
[  417.289646][    C1]  ? __pfx_br_device_event+0x10/0x10
[  417.289666][    C1]  ? packet_notifier+0x1b7/0x8d0
[  417.289689][    C1]  ? lockdep_rtnl_is_held+0x26/0x40
[  417.289710][    C1]  notifier_call_chain+0xb7/0x410
[  417.289735][    C1]  ? __pfx_br_device_event+0x10/0x10
[  417.289756][    C1]  call_netdevice_notifiers_info+0xbe/0x140
[  417.289776][    C1]  unregister_netdevice_many_notify+0xc8a/0x1f30
[  417.289804][    C1]  ? __pfx_mark_lock+0x10/0x10
[  417.289829][    C1]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  417.289859][    C1]  ? __queue_work+0x43b/0x1080
[  417.289885][    C1]  ? mark_held_locks+0x9f/0xe0
[  417.289912][    C1]  unregister_netdevice_queue+0x307/0x3f0
[  417.289939][    C1]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  417.289965][    C1]  ? linkwatch_schedule_work+0x181/0x1c0
[  417.289994][    C1]  ? linkwatch_fire_event+0x6f/0x270
[  417.290023][    C1]  __tun_detach+0x1241/0x1530
[  417.290051][    C1]  ? __pfx_tun_chr_close+0x10/0x10
[  417.290075][    C1]  tun_chr_close+0xc2/0x230
[  417.290100][    C1]  __fput+0x3ff/0xb70
[  417.290122][    C1]  task_work_run+0x14e/0x250
[  417.290146][    C1]  ? __pfx_task_work_run+0x10/0x10
[  417.290172][    C1]  do_exit+0xad8/0x2d70
[  417.290191][    C1]  ? do_group_exit+0x1c3/0x2a0
[  417.290211][    C1]  ? __pfx_lock_release+0x10/0x10
[  417.290234][    C1]  ? do_raw_spin_lock+0x12d/0x2c0
[  417.290251][    C1]  ? __pfx_do_exit+0x10/0x10
[  417.290269][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  417.290291][    C1]  do_group_exit+0xd3/0x2a0
[  417.290311][    C1]  __x64_sys_exit_group+0x3e/0x50
[  417.290330][    C1]  x64_sys_call+0x151f/0x1720
[  417.290351][    C1]  do_syscall_64+0xcd/0x250
[  417.290374][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.290398][    C1] RIP: 0033:0x7f589b98d169
[  417.290412][    C1] Code: Unable to access opcode bytes at 0x7f589b98d13f.
[  417.290421][    C1] RSP: 002b:00007ffdb7b62a18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  417.290438][    C1] RAX: ffffffffffffffda RBX: 00007f589ba0fa8f RCX: 00007f589b98d169
[  417.290451][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  417.290462][    C1] RBP: 00007f589ba0faa1 R08: 00007ffdb7b607b7 R09: 00000000000927c0
[  417.290475][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006
[  417.290486][    C1] R13: 00000000000927c0 R14: 0000000000049db7 R15: 00007ffdb7b62bc0
[  417.290504][    C1]  </TASK>
[  417.292854][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  417.292872][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G     U             6.14.0-rc3-syzkaller-00293-g5cf80612d3f7 #0
[  417.292904][   T30] Tainted: [U]=USER
[  417.292912][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  417.292925][   T30] Call Trace:
[  417.292933][   T30]  <TASK>
[  417.292942][   T30]  dump_stack_lvl+0x3d/0x1f0
[  417.292973][   T30]  panic+0x71d/0x800
[  417.293006][   T30]  ? __pfx_panic+0x10/0x10
[  417.293029][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  417.293063][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  417.293092][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  417.293121][   T30]  ? watchdog+0xdcc/0x12b0
[  417.293152][   T30]  ? watchdog+0xdbf/0x12b0
[  417.293186][   T30]  watchdog+0xddd/0x12b0
[  417.293222][   T30]  ? __pfx_watchdog+0x10/0x10
[  417.293252][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  417.293279][   T30]  ? __kthread_parkme+0x148/0x220
[  417.293303][   T30]  ? __pfx_watchdog+0x10/0x10
[  417.293336][   T30]  kthread+0x3af/0x750
[  417.293362][   T30]  ? __pfx_kthread+0x10/0x10
[  417.293393][   T30]  ? __pfx_kthread+0x10/0x10
[  417.293420][   T30]  ret_from_fork+0x45/0x80
[  417.293447][   T30]  ? __pfx_kthread+0x10/0x10
[  417.293473][   T30]  ret_from_fork_asm+0x1a/0x30
[  417.293509][   T30]  </TASK>
[  417.295658][   T30] Kernel Offset: disabled