last executing test programs:

7.873145923s ago: executing program 0 (id=2537):
mmap$auto(0xd06, 0x400008, 0x9, 0x9b72, 0x2, 0x8003)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x9)
mmap$auto(0x3, 0xffffffffffffffff, 0x10000000000e0, 0xab0, 0x401, 0x7fff)
r0 = socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x40814}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRESOCT, @ANYBLOB="180027", @ANYRES8=r0], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSCOMPRESS(r1, 0x4010744d, &(0x7f0000000000)={&(0x7f00000000c0)='\x18\x04\x8f~\xa7 \xcf\x1fg7\n\xd8\xbd\xd3&\xa7\xa6_\xaa\xe2;\xb5\x82\x9dA\x8f|\xf3\xd7\xc6X\xdf\xdaC\x9aoqM2\x10\xb1\xd1\xbd\xca0\x9f\xe7\x00\x00\x00\x00\x00\x00\x00\x00T\r\xbfZO\x7f\xbd\x91\xf2\xbd\xc6.\xa2*\xdb\xd7\f\xebM\xba\x15P\as\x82\x17\xa3\xf5\xf6\xcd\x19P&\x88*\xf9\xdd\xc3t[`\xf3h\xc0\"\xd2\xa5\x81\xd6l\xc2k|\rX]XP\xfe\xc9\xe3\xea\xa4P\x95!3\xce\x9f\x9f<\x1eI\xfd\x80\x1c\xf9~\x06\x1b{K\x04\x85\xfa\x14\xbf\t\xc0T\xb2i\n\x15\x0e\xdcG9\'}^B=\xfc\x11\xfa\x0f\x0fd4^`\xc2\xb0\xaf\\\x1duPu\x02\xce:`c\xb0\xd0\xde\x13\xb4\xe0\xfcn\x98%\x1d\xff(\xa3\x10d\x89\x00\x00\x00\x00\x00\x00\x00', 0xa})
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x7f)
close_range$auto(0x2, 0x8, 0x0)
r3 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
r4 = pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
write$auto(0x6, 0x0, 0x100000001)
sysfs$auto(0x2, 0x2e, 0x0)
setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9)
recvfrom$auto(0x3, 0x0, 0x80000000002, 0x6, 0x0, 0x0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80)
statmount$auto(0x0, &(0x7f0000000180)={0x7fffffff, 0x1, 0x1ff, 0x7, 0x8, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x4, 0x1ffffffffffc, 0xb4, 0x9, 0x80000001, 0x10007, 0xb, 0xffffffff, 0x0, 0xa, 0x21ffd, 0x201, 0xffffffff, 0x1c5, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x1fa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffffffffffc, 0x20000000, 0x40000000, 0xb49, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xffffffffffffffff, 0x0, 0x3, 0xfffffffffffffffe, 0x3, 0x4, 0x0, 0x0, 0x101, 0x0, 0x0, 0x200, 0x0, 0x1000000000, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x40]}, 0x100000000, 0xd)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
setsockopt$auto_SO_INCOMING_CPU(r3, 0x2, 0x31, &(0x7f0000000000)='\\\\#\x00', 0x5)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd09, &(0x7f0000000380)="aa488b462af22d4d0ed42b0ad07e7d5f6ab5d23eb1c07fa5711b6c044a124e76311111e071a7f3485c66e07fad98ca527c509fbc4c1c0b76beea422799cdf4dd15363c89b3a1660f7eddee78f8f85401f3574d58550b2fd079343b8801671e9ef07c22f68b354ba288e1f2873d40b518ac5dd2048fab2e174ae876c28b15a88463252ef948544b287142a9aa76d5a3196239c1bea6d2c8a6e5218c920a8158d652")

6.849218645s ago: executing program 0 (id=2541):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
close_range$auto(0x2, 0x8, 0x0)
finit_module$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x147602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x20009, 0x80df, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
ioctl$auto(0xc8, 0x800454d7, 0x5c8d)
writev$auto(0xffffffffffffffff, 0x0, 0x3)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x3, 0x4020009, 0xdf, 0xeb1, r0, 0x46f5)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)
close_range$auto(0x2, 0xa, 0x0)
ioctl$auto_BLKBSZGET(r1, 0x80081270, &(0x7f0000000040)=0x3)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x68a80, 0x0)
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0xffffffffffffffff, 0x8000)

6.575192468s ago: executing program 3 (id=2543):
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='.\x00', 0x22240, 0x1d1)
r0 = socket(0x2a, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x80001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pwrite64$auto(r0, &(0x7f0000000080)='/sys/kernel/debug/tracing/dynamic_events\x00', 0xffff, 0x6)
socket(0x15, 0x5, 0x0)
socket(0xa, 0x3, 0x5)
mmap$auto(0x8001, 0x20000020009, 0xdf, 0x10, 0xffffffffffffffff, 0x7fff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x44080)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0xfffffffffffffffc, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
getsockopt$auto(r1, 0x1, 0x4c, 0x0, 0x0)
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x40802, 0x0)
r2 = fanotify_init$auto(0x5, 0x0)
lseek$auto(r1, 0x10000, 0x8)
fanotify_mark$auto(r2, 0x205, 0x100000a, 0x4, 0x0)
socket(0x2d, 0x2, 0x2)
getsockopt$auto(0x3, 0x11d, 0xb, 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2ac41, 0x0)
keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8)
write$auto(0xca, &(0x7f0000000180)='\x04>2\v\x00\x00\tO\xfdf\xb4\xad\x95\x03\xd66\xca\x96\x18a\x80\xea\xf4\xffo', 0x7e)
r3 = geteuid()
setreuid$auto(r3, 0x0)

6.43550602s ago: executing program 3 (id=2544):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x0, 0xa, 0x2, 0x9, 0x3, 0x9, 0x4, 0xb4, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xadd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd]}, 0x1fe, 0x200d)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="720100", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c090}, 0x20020040)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6.340736948s ago: executing program 1 (id=2545):
r0 = socket(0x2, 0x3, 0xa)
open(0x0, 0x149443, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@OVS_METER_ATTR_STATS={0x14, 0x3, {0x7, 0xd}}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffeff}, @OVS_METER_ATTR_KBPS={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008000}, 0x404c0c0)
ioperm$auto(0x3b, 0xf99b, 0x6)
close_range$auto(0x0, 0xffffffffffffefff, 0x4000000000002)
fanotify_init$auto(0x5, 0x2)
open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x3e1)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r3 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1020, 0x202, 0x10001, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x4, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x10000008, 0x52, 0x1, 0x1, 0x40, 0x76c4, 0x80008, 0x5}})
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0xa, 0xe983, 0xdf, 0xeb1, r3, 0x8000)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0)
socket(0xa, 0x801, 0x84)
sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x1)

5.999138569s ago: executing program 0 (id=2547):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfsd\x00', 0x88080, 0x0)
mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0xff08, 0x0)
select$auto(0x4, &(0x7f0000000180)={[0xffffffff, 0xc, 0x5, 0x2, 0x69, 0xc3, 0x3ff, 0xa, 0x6, 0x0, 0x6, 0x2, 0x3, 0xfff, 0x9, 0x9]}, &(0x7f0000000200)={[0xf00, 0x6, 0x2, 0x45a3, 0xfff, 0x97, 0x6, 0x6, 0x550a6490, 0x3, 0x5, 0x9, 0x6, 0x3e9, 0x5, 0xfffffffffffffffc]}, &(0x7f0000000280)={[0x0, 0x401, 0x4, 0x9, 0x3, 0xdc0, 0xe, 0x3, 0x200000, 0x7fffffff, 0x0, 0xd1b, 0x7bf, 0x11d3, 0x4, 0x1]}, &(0x7f0000000000)={0xf1})
bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0xffffffffffffffff, 0x2004, 0x8, 0x8, 0xae85, 0x66b, 0x5, 0x7ff}, 0x6f4)
pread64$auto(r0, &(0x7f0000000040)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\x8d\xa8\xcfM9\\\xd6\xcfUq\x05#\xed\x1c\xd1G\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94p\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xbasG\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1', 0x10fd42, 0x9)

5.988387294s ago: executing program 2 (id=2548):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x7115c3, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socketpair$auto(0x11f, 0x1, 0x3, 0x0)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40103d0b, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0xec315366f6b76f2e, 0x3, 0x1}}, 0x54)
openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x100800, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
socket(0x2, 0x2, 0x1)
socket(0x25, 0x5, 0x9)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
ioctl$auto(0xffffffffffffffff, 0x4b4b, 0xffffffffffffffff)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2a, 0x3, 0x2)
getsockopt$auto(r3, 0x107, 0x1, 0x0, 0x0)
setuid$auto(0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)

5.898092116s ago: executing program 3 (id=2549):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x7115c3, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socketpair$auto(0x11f, 0x1, 0x3, 0x0)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40103d0b, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0xec315366f6b76f2e, 0x3, 0x1}}, 0x54)
openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x100800, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
socket(0x2, 0x2, 0x1)
socket(0x25, 0x5, 0x9)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
ioctl$auto(0xffffffffffffffff, 0x4b4b, 0xffffffffffffffff)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
r3 = socket(0x2a, 0x3, 0x2)
getsockopt$auto(r3, 0x107, 0x1, 0x0, 0x0)
setuid$auto(0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)

5.497323243s ago: executing program 3 (id=2550):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x800, 0x0)
syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2a19c3, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
fanotify_mark$auto(0x0, 0x451, 0xa, r1, 0x0)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
read$auto_snd_pcm_f_ops_pcm1(r2, 0x0, 0x0)
read$auto(0x3, 0x0, 0x7)
write$auto(0xffffffffffffffff, 0x0, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000)
clone$auto(0x6, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2400, 0x0)
clone$auto(0x1, 0x27, 0x0, 0x0, 0x2)
madvise$auto(0x0, 0x200007, 0x19)

5.338218542s ago: executing program 2 (id=2551):
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000001c0)={0x14, 0x0, 0xdb589d63fce79fc7, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc031}, 0x44)
mmap$auto(0x4021000, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86)

5.241222566s ago: executing program 1 (id=2552):
r0 = socket(0x2, 0x3, 0xa)
open(0x0, 0x149443, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@OVS_METER_ATTR_STATS={0x14, 0x3, {0x7, 0xd}}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffeff}, @OVS_METER_ATTR_KBPS={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008000}, 0x404c0c0)
ioperm$auto(0x3b, 0xf99b, 0x6)
close_range$auto(0x0, 0xffffffffffffefff, 0x4000000000002)
fanotify_init$auto(0x5, 0x2)
open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x3e1)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1020, 0x202, 0x10001, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x4, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x10000008, 0x52, 0x1, 0x1, 0x40, 0x76c4, 0x80008, 0x5}})
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/disable_ipv6\x00', 0x82002, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0)
socket(0xa, 0x801, 0x84)
sendfile$auto(r3, r4, 0x0, 0x1)

5.106968153s ago: executing program 2 (id=2553):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/hotplug/fail\x00', 0x100, 0x0)
r1 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r1)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0)
sendmsg$auto_NL802154_CMD_SET_TX_POWER(r0, &(0x7f0000000900)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000008c0)={&(0x7f00000004c0)={0x304, 0x0, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x8}, @NL802154_ATTR_SEC_DEVICE={0x2e8, 0x2e, 0x0, 0x1, [@typed={0x8, 0x14a, 0x0, 0x0, @u32=0x41}, @typed={0x8, 0x0, 0x0, 0x0, @uid}, @generic, @nested={0xa5, 0xd2, 0x0, 0x1, [@nested={0x4, 0x69}, @generic="c4ba5e3327c69a810b3a70d04d911b41ce34752a26206f2e405e7391a6145ac4b0090d3ba2702575fd6ff24e2218aa94578aed6c52a34b2300dfe9fc290dde7e03bd2dff0f434df1aff5f342642ec3f6c50b011ea6af054168", @nested={0x4, 0xb1}, @nested={0x4, 0x10d}, @nested={0x4, 0x124}, @nested={0x4, 0x117}, @nested={0x4, 0x7}, @typed={0x8, 0x10d, 0x0, 0x0, @u32=0x2}, @typed={0x14, 0x11f, 0x0, 0x0, @ipv6=@local}, @typed={0x14, 0x14c, 0x0, 0x0, @ipv6=@loopback}]}, @generic="f9d16199a1bfcf13a23a49569038ed7a0169dcdf35d1a56d6f036b489485f0bb203be8f4a828a4f3c964e51b9d6f4a7c788d6ac6c7218c681c07a50924602ee2688431e26542ca5e07e4ad712a156ee90c7654ffa4db7fd25b77f3b6b11080a4898c1b1c9d1320286a8f3430dbe2fe22b7d530871f12b32625c39e59506c17b183b25b5e88ea97c2e3da9d56a2220f99", @generic="cb8817d7bd77516dc42fa07847a24760dd06bb05811cde6121c25c4d75d7001b210c0f4c05f823471c4d4a2d9f77da07e192941f7ce25cc7760faa0c1325db363c3a048cc9f61fc41a66", @generic="b14972ff8d00022813278f7f25d453c48cbb97b9a3b2e8bd246023bad25663686f51532350b2379d6515fd9f3641e377c6e729787338512ac7b9a5333496800e48fcc8982c3b7fe7c07d019456e69ade2c903aa297f854e475f33e00291a71680f28f8cdf7de21266a2980f9d1f9d1788a013af198ef65e56f790eca9a3b91b280b46adfefc77451e777047ad6e43105d2b275a2ea7d298238329fa47a04ce4b07beb8aa50682e7de05f14be0897ceb7b8247605dddfbc5eeece0409b067dc6dccd8d2e54d9451488ec4e28905fed4ed71c967d00c47", @nested={0x79, 0x14c, 0x0, 0x1, [@generic="4196097e3e541b3cf2b1a5d41b0bca7e5205937308790c6aa5f412673a12341e832ee9f97f0c5b4d88112b1452f558f97740f58f7be1d35347a8aace969ee8d6a334c96044c453463a1096e76bfe6ac2f4b92555c09a56fb41d00a4df4d50681ebed2367cbba6850616ee2cb4920735ac8", @nested={0x4, 0x143}]}]}]}, 0x304}, 0x1, 0x0, 0x0, 0x4000000}, 0x14)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x88001, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r3, &(0x7f00000002c0)="f618de", 0x3)
sysfs$auto(0x2, 0x4d, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x6, 0x0, 0x0, 0x0)
mmap$auto(0x100, 0x400008, 0x3, 0x10, 0x2, 0xfffffffffffffffb)
kexec_load$auto(0x80000100008, 0x0, 0x0, 0x200)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@isdn={0x22, 0xf3, 0x6, 0xf9, 0x4}, 0x10)
unshare$auto(0x40000080)
io_uring_setup$auto(0x4c2, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)
ioctl$auto_FIFREEZE(0xffffffffffffffff, 0xc0045878, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/crash_hotplug\x00', 0x8a080, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001100)=""/4105, 0x1009)
pwrite64$auto(0xffffffffffffffff, 0x0, 0x1, 0x27)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40a00, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x3, 0x2000001f, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb7, 0x9, 0x8, 0x10003, 0x80, 0x4, 0x0, 0x1, 0x22000, 0x200, 0x0, 0x5, 0x0, 0x0, 0x0, 0x800, 0x0, [0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000400000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x8000000000000001, 0x0, 0x0, 0xfff, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xe2c3, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6]}, 0x20001fe, 0x10)

5.087781963s ago: executing program 0 (id=2554):
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/radio29\x00', 0x28002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x40000006, 0x0)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
shmctl$auto_SHM_UNLOCK(0x200, 0xc, &(0x7f00000006c0)={{0x10000, <r1=>0x0, <r2=>0x0, 0x6, 0x9, 0x1f6, 0x7}, 0x117, 0x801f3, 0x7, 0x6, @inferred=<r3=>0x0, @raw=0x4360, 0x9, 0x0, &(0x7f00000003c0)="037bcd16d9beadedae477b6c80df29904b8330d8fd51886f95b084d04608810dc2696f1a927786681d4aac337ff6bebb14af90d1ca6de6ada26ad4e4cb9f266899f180490ff92fa0ece2158e27bede9175e449c113137bafca34dacef1827755dc2ca81f95a0f3ad50b25da816dcbeff245be116bd2e31011a12ce210528a4441da420cf3926f65ee6a661a67a5dbf", &(0x7f0000000480)="487127672eec969c2e13b7c74929d6d795b5da86e57786a035528caa022f5b2e95db04b92dbe46df29c68edd90f61bfa79472fca54f222e1acaca5663d573d92510ba617b087a2fbb1a5f065793be0b9f37c1fd7da7bb69415869f74c79c035334fdfc165d590099e2e339f6ec5a15563414631f1462b504e2fc20f5004a8a87599bf1965289c9ab277f14b2e0b5949246495885bfe5372629f3dab9c3171cecd438a509020e8edf41cc3bd85c5db1bb8c22e6dd751a8b39256d1e299a0f334fa3f33c3bd70868a1969b6c0b7901bc00b665ed2a16b41a0024c6bc2d894f456aa9fa256ee29bc93cec0fa5f7fdc8d07df4e62c020a4c38b9030236fb60"})
r4 = io_uring_setup$auto(0x86, 0x0)
r5 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6)
socket(0x28, 0x4, 0xffffffc0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1, 0x100000007, 0xbc45, 0x1f82, 0x19488, 0x3, 0x2, 0x7f, 0x5, 0xffffffffffffffff, 0xdfe, 0x6, 0x1, 0x9, 0x1, 0x200]}, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x1ac}}, 0x40000)
shmctl$auto_SHM_INFO(0x7fe, 0xe, &(0x7f0000000340)={{0x80000000, r1, <r8=>r2, 0x15c, 0x8, 0x9, 0x18}, 0x9, 0x5, 0x6, 0x8, @inferred=r3, @inferred=r3, 0x200, 0x0, &(0x7f00000002c0)="ddfe821e019eb75fbcfd038fa06f278414bc88d8af9e1a56f764dace4a8c1fb2e0b99ff8883ee04db4b8b314a7b9f9c87c0f9eb84399bc20e5f165c375db882a2767bef3c70c5dbdbbad7aed120f7873d04182ce47933afff5045241445569abf167fe8340d2a6ef60e2e00c07d18614f113cfe4914822", &(0x7f0000000740)="43f6b121e73e8beae5bf6c3ea7de2292dec8331b256e6e5a278dc80f96fa6d16a5df9ca8754688684c95c753ce4d114f210f28dd1e9a6c3e4562c9705fe8687ea27206ee6bd8df7507f624a026ee652a3abe4ff8b2e241f26588924b4f7292b4ce45e320f9590a4fd932b9928fc38da50a882f15f249ab7366ad1acb5d19b627e179e2cadb302306b559b04aeec40c339a4cf884cd918a4d0f331aa560809a3704a30c7c8d79ec32b00d96a9349dc859dacfb813d2417c2ea5375a712a72b770eafb78b991693d13ef688555fc026248143c05b0333bbf4bf038cf2510c1c9f37930f5bb26867654f2cf2040580e5ab7d7d222"})
statx$auto(r4, &(0x7f00000001c0)='./file0\x00', 0x4, 0x0, &(0x7f0000000840)={0x1, 0x8, 0x81, 0xf8bd, r1, r8, 0xf2, 0x8, 0x0, 0x5, 0x6, 0x3, {0xe, 0x6}, {0x0, 0x34}, {0x6, 0xff}, {0x4, 0x8}, 0x3, 0x3, 0x8, 0x2, 0x0, 0x3, 0x4, 0x96, 0xc, 0x4, 0x9, 0x2, [0x8000000000000000, 0xffffffffffc00000, 0x1, 0x9, 0xfffffffffffffff7, 0x178, 0x101, 0x7f, 0x9]})
recvmmsg$auto(r7, 0x0, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, 0x0, 0x40000)
r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x128e2, 0x0)
write$auto(r9, 0x0, 0x81)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r10 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r10, 0xc0045516, 0x0)
r11 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r11, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0xfffffffffffffffb, 0x2, 0x6}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
close_range$auto(0x2, 0x8, 0x0)
poll$auto(&(0x7f00000001c0)={r0, 0xffff, 0x29}, 0x6, 0x5)

4.456328669s ago: executing program 3 (id=2555):
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x800, 0x0)
r0 = openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x20000, 0x0)
read$auto_transactions_fops_(r0, &(0x7f0000000080)=""/18, 0x12)
mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
socket(0x2, 0x1, 0x106)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
close_range$auto(0x2, 0x8000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xa, 0x801, 0x106)
socket(0x2c, 0x80000, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/oom_adj\x00', 0x2bc540, 0x0)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MM_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, r4, 0x301, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'ip_vti0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r6=>0x0})
r7 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x3c, r10, 0x1b, 0x70bc26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @fd=r9}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r8, 0xfd}, 0x6a)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xb8, r4, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_LINKINFO_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x4}, 0x810)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)={0xb5c, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x10}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0xc}, @NL802154_ATTR_SEC_OUT_KEY_ID={0xb38, 0x2b, 0x0, 0x1, [@nested={0xb33, 0x24, 0x0, 0x1, [@nested={0x4, 0x80}, @generic="ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b981", @generic="86d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec99", @nested={0x4, 0x6d}, @nested={0xa46, 0x8e, 0x0, 0x1, [@generic="b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed5", @generic="48e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41c8e4d5018fca6b1643fc"]}]}]}]}, 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)

4.447392714s ago: executing program 1 (id=2556):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
close_range$auto(0x2, 0x8, 0x0)
finit_module$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x147602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x20009, 0x80df, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
ioctl$auto(0xc8, 0x800454d7, 0x5c8d)
writev$auto(0xffffffffffffffff, 0x0, 0x3)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x3, 0x4020009, 0xdf, 0xeb1, r0, 0x46f5)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)
close_range$auto(0x2, 0xa, 0x0)
ioctl$auto_BLKBSZGET(r1, 0x80081270, &(0x7f0000000040)=0x3)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x68a80, 0x0)
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0xffffffffffffffff, 0x8000)

3.984054078s ago: executing program 0 (id=2557):
r0 = socket(0x2, 0x3, 0xa)
open(0x0, 0x149443, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x24c802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, 0x0, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@OVS_METER_ATTR_STATS={0x14, 0x3, {0x7, 0xd}}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffeff}, @OVS_METER_ATTR_KBPS={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008000}, 0x404c0c0)
ioperm$auto(0x3b, 0xf99b, 0x6)
close_range$auto(0x0, 0xffffffffffffefff, 0x4000000000002)
fanotify_init$auto(0x5, 0x2)
open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x3e1)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1020, 0x202, 0x10001, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x4, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x10000008, 0x52, 0x1, 0x1, 0x40, 0x76c4, 0x80008, 0x5}})
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/disable_ipv6\x00', 0x82002, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0)
socket(0xa, 0x801, 0x84)
sendfile$auto(r3, r4, 0x0, 0x1)

3.3662752s ago: executing program 3 (id=2558):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
fchown$auto(0xffffffffffffffff, 0x0, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
setresgid$auto(0x81, 0x800000a0, 0x8)
setgroups$auto(0xc00000000, 0xfffffffffffffffc)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x10, 0x2, 0x14)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0)
socket(0x2, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_create$auto(0x0, 0x6)
r0 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)
setresuid$auto(0x0, 0x8, 0x8000)
shmget$auto(0x8, 0x10563, 0x568d1af2)

1.866949276s ago: executing program 0 (id=2559):
mmap$auto(0x0, 0x2000c, 0x5f, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO2(r0, 0x80184132, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), 0xffffffffffffffff)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D1p\x00', 0x101000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
syz_clone3(&(0x7f0000000880)={0x0, &(0x7f0000000640)=<r3=>0xffffffffffffffff, &(0x7f0000000680), &(0x7f00000006c0), {0x8}, &(0x7f0000000700)=""/231, 0xe7, &(0x7f0000000800)=""/40, &(0x7f0000000840)=[0x0, 0x0, 0xffffffffffffffff], 0x3, {r2}}, 0x58)
waitid$auto_P_PIDFD(0x3, r3, &(0x7f0000000380)={@siginfo_0_0={0x6, 0x7f, 0x0, @_timer={0x0, 0xffff, @sival_int=0x6, 0x5}}}, 0xf4, &(0x7f0000000440)={{0xfffffffffffffffb, 0x403}, {0x8000000000000000, 0x4}, 0x2511, 0x64e67bf5, 0x1, 0x3, 0x7, 0xcbeb, 0x4, 0x3, 0x9, 0x7fffffff, 0x80, 0x6072, 0x3, 0x6})
waitid$auto(0x400, r2, &(0x7f0000000500)={@_si_pad}, 0x54a9, &(0x7f0000000580)={{0x7, 0x2}, {0xb, 0x7}, 0xe5b5, 0x7f, 0x2, 0x3, 0x28f42a7d, 0x7, 0x2, 0x8, 0x3a4b2cca, 0x5, 0x4, 0xff, 0x1, 0x4})
getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0x6, 0x6, &(0x7f00000000c0)='~-,}\x00', &(0x7f0000000140)=0xc0000000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
madvise$auto(0x0, 0x20499d, 0x9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
ioctl$auto_BLKRRPART(r4, 0x125f, 0x700000000000000)
open(0x0, 0x161342, 0x100)
open(0x0, 0xecc00, 0x31)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cec23\x00', 0x4700, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000900)='/dev/ram7\x00', 0x14f602, 0x0)
bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000340)=@bpf_attr_0={0x0, 0x1, 0x1, 0x5, 0x4, 0xffffffffffffffff, 0x9, "38b7bbd1f7965a807264335b76c22027", 0x0, 0xffffffffffffffff, 0x22, 0x10, 0x7, 0x748}, 0x400)
r5 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3b, 0x4909b6fb, 0x1ffde, 0x4007, 0x6, 0x2, 0x9, 0x3, 0x406, 0x4, 0xb4, 0x9, 0xffff, 0x10000, 0x80, 0x7, 0x6422, 0x7, 0x2000, 0x200, 0x0, 0x84, 0xffffffff, 0x0, 0x0, 0x7f, 0x0, [0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0x202, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

1.866784947s ago: executing program 1 (id=2560):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x7115c3, 0x0)
pread64$auto(r0, 0x0, 0x7ff, 0x400)
socketpair$auto(0x11f, 0x1, 0x3, 0x0)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x40103d0b, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0xec315366f6b76f2e, 0x3, 0x1}}, 0x54)
openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x100800, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
socket(0x2, 0x2, 0x1)
socket(0x25, 0x5, 0x9)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
ioctl$auto(0xffffffffffffffff, 0x4b4b, 0xffffffffffffffff)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2a, 0x3, 0x2)
getsockopt$auto(r3, 0x107, 0x1, 0x0, 0x0)
setuid$auto(0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)

1.866713472s ago: executing program 2 (id=2561):
socket(0x2, 0x3, 0x2)
setsockopt$auto(0x3, 0x0, 0x88, 0xfffffffffffffffc, 0x4)
ioctl$auto_FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000000)="a56c3a37fee2cd27bd4250811a0ef572d2f6e98c7be50322db797ded81af41beedfcac85f3cb7444e43b1182f7f6900b914ebdf2bbff42b5f304173c10344f4507509ae6d49b9c6eeb953dc15fc0e99895e294f8a1f414a39e6c80f1e971709556bf16c7674bd1994af0c6fbe5e4cab5de4e6c87c43361caadb53dc558cdae33c750e444fe10cfbe0472b979fc7fc2404285a54fa9bd0488b036434fddd3e02904e122fe65159716c33e14478e40cb17aa13bf96236697d74da400055f6fb195230cea4f50d79ee06a06a9a71bb47c09bd638605c2d5e906413a36bc8f00767b1948dbe44189f82d3760091132af61aca7baba996bad53330f5e31d94fe348d5")

1.754788344s ago: executing program 2 (id=2562):
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x80302, 0x0)
sendfile$auto(r1, r1, 0x0, 0x43)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)

801.279915ms ago: executing program 1 (id=2563):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x16002, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socketcall$auto(0x8000, 0x0)
ioctl$auto(0x3, 0xae41, r1)
write$auto_proc_projid_map_operations_base(r1, &(0x7f00000001c0)="a7dafc958170dcbf852388d05e5af99bd64bb8bb96c7aed080849e3eb32bbc12f1ee6434aad4f75fbe50bcbaf76f283055113651c37921f0cc1e71f88e96c77a9025094e128045848d5cbd3b4cdb11e9852219f4b94306f0668e28618a988fbfdd10f3c5b5ef1064c189f40bd65b80663c62e2f73954f07df428c5a7a8f023782a254845f8637bd20d77ed5d6350c3e5a2202567ab7b8ca16a58811475ca0d890e9a97fe5695e62288e68e1fb62e121935f6be91a37d6075e9c33d1419f35269b7b1f89ac3aad447fc53f77be42c357be44c8a9fe12a42a67cd7aecc88", 0xdd)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x8301, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyv0/uevent\x00', 0xa0002, 0x0)
unshare$auto(0x40000080)

577.352198ms ago: executing program 2 (id=2564):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = open(&(0x7f00000000c0)='}[,&*}\x00', 0x121000, 0x408)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sda\x00', 0x8001, 0x0)
write$auto_debugfs_full_proxy_file_operations_internal(r0, &(0x7f0000000180)="88d07d18a0562fe143109fe834e3901fda1bbbf6f70f4e6594dabf0693ec63f54d3d9a5b2f358bb1d778deaef39ebc7a362246ac7e9d73a4c1fc3ee434789b538124fe6fc2b112771f306a39fdaf6ea4aed6", 0x52)
r2 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
ioctl$auto(r2, 0x4005391, r1)
lseek$auto(0x0, 0xf, 0x3)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv6/conf/ipvlan0/ioam6_enabled\x00', 0x68803, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptyq9\x00', 0x700, 0x0)
socket(0x2, 0x1, 0x106)
writev$auto(0x3, 0x0, 0x8009)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_DEL(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="00dc049ac1800000e96fb0fddb0000000000"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)
mmap$auto(0x0, 0x4020009, 0xdf, 0x3a, 0x401, 0x8000)
mmap$auto(0x6, 0x58b, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mmap$auto(0x3, 0x6, 0x2000005, 0x14, r3, 0x80000000fff)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sg0\x00', 0x20002, 0x0)

0s ago: executing program 1 (id=2565):
ioperm$auto(0x7, 0x5ad2, 0x8)
ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000001240)="9ab50f4ecf847be05f351e6488b61b974daa95047bb74b315eed6dca52dbdae0242fcfb571a66c97616937dd93b97753a5af8eadde84d075a946b81cdc6c72bd40aad677442d78a9994343e93dbf7822b41297f10050e625de61812235419b61ca6e1cf512102bf572750799aa3964739a05ea21d618836df2cf96ebcc6d292f0545e1eb5e66f83ca5b02974f6e1cd2acedee5d3b4ffdafe41befaaf1e517f633ea0e3d67782d4189bdf2c6a65f72859659a9ab103b7813b1630bb6f2fb4863586abb50472130ea12c4b4aba1e6bc7bac83382aa3bba6fc507788cd0b19beec49ae5b89b5a91aa0048f0d058daad9b1f0a396c35595d66e0ca73bd85830896d61370d97956eed87e06c4199bb2afa4338793b007e67835158c000971ca880dc7ee66113cf14495b0f4339cef5ac32c775d7db142f0a63d7fe953177f2ef74fbe6791a0dbbeddb2060899962e8a45a9fa8f07c39e260873330d84b00875d18b79e1c773918de40b9d457e92aa8cb305e4d88c10e8e27e7452362269216617b6688155473a8ce9850ba6627d1dc13f6b12679cb1a2c292ec5f4179b5f3b3375ad86b07e9d0ce7b00aa9ed5ca064645dc63be31d980f23257e30f76da5b7c7b9288b1f9201526113dc5a1bb6868da8c4097911a19863753cab06714d88848a93cfb183d2fc04ef62292aca7030578e9deb86077d38502dffc31e5eba12846f302793061d70cd92f6e8dcea38a4d51e9d96e20e49b70fab676aa1e69ce4ad9350001eaa3dd7f9af5aedf664876fe6fdac17799b2046f62fe5052ed5f3408fe2f1c716e9e9a1f5ba039a39db432c6dab2ec3a720a0415baca171e6e611c14bb511444af9e559223a1e9d2692ce839be9168d82477cbef48d915698ab249e58667942914a841828f4e15d5bb6d00fddbdd6b5b170f0326be5d5e2f515e7e5a8933fcacbd3d14f5d03a3b85a28462f3b22c5a0fea03f8ea21b5a0de0b1ff8ff47e2a6a7d2da26ec901d27ca5816108494e1ee2d8e9c1af62daa7e2f9437a735d504bb46dd720578ed308f70609188ce6a15d30bd9fe10e4c028f46450a7572256f84d1d59444e4a08d6f79811115506206e4d6714cb12dac45a6a85be8913ba01d71e5f19d6e90d830958a3f56923edb5a0efc8346d4d193a0abbb658f219279a5d9f5c5d524e5f000cfe9943beb70eb5994e26aadbd3f47dc18003165b39b5cf718900ab4b845a0493481ee388fccfc460859bd85fa63c0b58b775d3729db3c1cc58573e36b3bd33dd890a9d26a2a3a8b2def1a7c6eb3129cdceff29d3ec2ff52b9bd2ecb7ebc103706366c9e88c089f332d8bb380dc3afe436e490a538cd8c43ea63bd65e9486ce2c52e55d9eca84b24cc77f33e2c3096a04705dedc238779c4a497082d6d6a7dfb3b5259112546874411622e28e15c70ad98fd1e916843b06c4ee3f13c3cfdf5fc0d393391bad9d68335c0b4e32c4407c60ba070eeb6dd282b2f7ff6134e039eb011f0b4026f2ed46426fb07a335c21614dbabfb7cef26b96f29b0805642e9b0f5d9c675d5cf89111791600d330d8503efd3ee384e5e7fe02b8137f8881e8ac23eb4f4fa6a1a88a9fa8dfa9e446bb7f117a3d6687b2d2d505c461703eb5df4032b9371ebe49710c8e8244f10943a516bb84307769d12ea0d2c5244d8f41e646d162706cb35b9ac6e2e1650eddf1cca58c1a8fd2c8e6fc485ab478dd2a0913ffdce715d775f38c4b692d16cab3a24edc5fe496dc98a68451eb4776db277465525780d92bcaeebf145408a6607f86fc94043ee30683106cde9c71edd460f783e602465f32554c09376860d3d9420badf095ff9fdfb3311af5800eda2ee5741e555ea42b121d1f7001b471df869b7b2b0de36a31b443e75bc8f101884c227fab4951f0bd1b503f9d5c816afe75061648eec404c1ed0eb57e4f8a5e966f45227be127369550f5daec076d5020274a9a5bac078e700dd9b95ba961be08f97fcd543f88691e32d0aa9f8776f58c96de8cce194aee6f9010d7710b692ddfa24457a3a623b91d743521dfe43a21ecce2863356308526687c7ed1169386be11059614cd138d439725ac4b5c0a9e04f503dd1461e57935de94a12a64d18c1845500665f81bae9ef33033a4a2d04ca381da212a68e1f267f03ffb71db53ff0da93176b47ff0568a5acee10190c12c9fda1543c318229708f6985e224ce750e9ca937d6927c1de7e5fd7e7db6cd42478e0d11a97e8959ce0118d556960d4cfde1625c72220ac1988fc3c69850d00a08246bda3846b623e0c1a731d47ba3216fa91139d5f5a8af9897fb08bc53e682e669e4a20962f841e13da43b62ad6eba654f815c2ad347ae279ab134cca6a1ebd06e822cdceeb58d4329d501c216357a12fd92fa0c27de77e756cdec09698284802eb2d21ca7e1a3619da2591c1fe29d4da0744f1110594f57a20c286f78b1111814c55715e05e4c753bc0242c9abb850b508e061c1179d88fb11b33bb1f34d05cb38e99a57d1a06ea61590431db1cf22817c85f885978f08f92335e997eff96a5feb784e410d41a953a6d92eb5973c08aa728ab673c0e693f47055c112d8efc8bd84f4c85b2f160b4c47da302cfa214b822b68276fbd50933facc06956aea16f35e61e859072749a49f13d33376ec41f7dc85625e1e48fc821317f43b0be304f448eb1de7c68ba84e774a2d22b1d3f55c144f59c15fc19c6df45ac3ac6461df9aebebfc8738b7b2e0dbdd99909498a3741d9101d82540a64b5e7a149e1f98a0788704a843faece338d465826b58f3e11aef73d44efdce1739b1927c45248d32be74ea0fabbe17e7c0657cc68419d96f19119493ab5569c86aa80b6bc4b410b011a12e1ad5365c674720c2f2a4c78962affef7e63c4ca0d4235f977ae416153edef6402b95ec61cb561759217002b66a78b65819d1b649a85308943148ac025410dbe4f9f18694a1c7289118035f454f81e1d9b6ab076ddb50e8c7b8ed2fd36d4dd6c5c928041afc8936fa83244aa9dbf08676cc30580d8fee518e24ed4089b63f9930c194e048b88cec98f9190a81f1a09e80c2af63e4738d4bf6c8e4eff41a846a25f8d74ab88f9d85c9b059bab15fc1fc485e1f92fa4f41a3a275e9609ea0c7dff7c9488f482067f38f4e8f424007498ac1da9eeba9857b34dc21d552dada4aff917d37463fb054ddedf52ab3def2813fd115e3f36c3f82719a486d2605aadd9c3e708261e2acf13fa9cd81fa2f23aea49b3a42b3ad43bd140ccb5c274c099062d1148d1def0171c5b8b49ac6b462de5246523cee3bb96d6340c8992114ce7f3d0d6ef92f02bfe3142dc1cc03310ea49fe1000b6a5e2353e25b4d373830a2030f7a7f33c60d583ca9ecf9930a22fb8415364d22a1f5aa8ebd95930123e04edaa80b5bdd0473a2c95be3797d6100145d674498fea24a87009149aa27a7060ccaf0ea0675a0c498370beff8978604ac3d3aec9cf3ad53ec8a698c5e1a44d0a4be22e5a16547db9eef5577d6ecd5a2967c4d4255e8908ccb347fe7cb5a7246345035a7a8a12993f8fdc661ffd3a84736ee9a5852dcf8e3aca4afa19a598c9379dd6d3c594e9aa54c1b5f0a2add05c979c76f9d1796c2072e0a6b5348ec199aa7abb34cde352f97e61823977723500867f803371f115c3528b30442fdd828f872d7c962f21053d6fb1fea2ac4e273902edf14d1b9c362f76c67ee7ff175ddb443afd3bab63767d2a64416d50015c09ae0a0faf5b6cbd39a31b7d324d110a84800f2c541cb39836c4cc2e7de0596b78e580533c1dc1126acc7aa5e8d2c2680b511ef4160351e924411b092a94c0a6df787eea3a6960ee27c1480ffc3dd286af35183020315a00ea9dc2384edb0a9c420c12a35ef16fa73d6caf07d796416768be12fad0fd636304918b7cc7901d5db64e6d3d1f7560b859c2044f38e46eec7c2cca01492309c948880326e60fb540bec547626cb5ceb48eae7f0bdd5f38b7ca69159bf39e5a6dee36f2199bae38a2d21e3316c8debcadfb4121af4446cc9fe2a536689816f66510d8906a1f96db1b71a7ab1a9de45e67d93586db93397eae71e6eca1e84531ba50ee9ab11bc01eba40063e74b0efd6ae4ab90bb50e2312861c92b43720e83d3bad50bf66f87be98c40b275339177dba753ddab002b07827ab860e9613a1bb0c13e690dbd71f5a30578e5ab1d1426ca07cb698f30cdfe1853a10fa976822da5c1b3ab8bd6df956e74a667867b94f26b696b9379ab818eed48a13fa6a3590cc1b6e159f25d3f7f7c5178ae84974460d7880b84aa90077a0a8dce82fd6bed76df7cf1dd42b33ec26cdf374ff068db186ddf08112eabfcd7b3f25afaa765bc831a3c7e7d93d6794c2c92d1223de9b15217632aa17ee09651556d0617219d9142f155dd8b1d87cf31715113519edbfdc5d6849feb239a73b53f94430f8e7ee022cdf8cc9aeb877e4109db461e6dd68351a1522d41854ff59a91b854cab163329442c01cbc3b352c8068131c8c22f7b9220e009e3890f396d5fe69137e2f0b52b27d190705cc4dac692ebb7d9662268cc641d03804d7f5bc99437e49a3e2e6b8879d37322faaec90df4a1201bb1f58d1eedadf74df18be13e0aff304b583da98589aa22e27b1f78beaea663e3182d2b12a2f3c835c0feb3001d787b297a2aaaaa649fbd9269dc534c810ea064d6d27d54e54f73e39ed4ef101491c144f7010aa2519587cda497d770763f60e6d9df6672c3a47991d757b7ccaa38550f42d0ed724b52c04a61e3670a3af1bab73543112f20b4b17e1ca567c2e2dfd8ded52e80ef79f2f0ca312099a2905ee699a61eb34aee75c974ba6c8e6b6f8d4346baa5164edbf9f892f5b20fe2e4d63d697e17a41ff323e114e5b8f8bf9204ac842e4cb0eaf872ed92e92a09a61e17010be88bcffa11a464e9dd15f772b17a0a26a384a6bbe80a2bed2c5f3c5db439384781893c68f35e7f04dd4b90fb35566b4b5e230410f2a88302436113a0d7ce0a589e9155273ffee7fc927dd0f1e5592c727a2bcfe61eb5d95811981d0d307406d5da4c6c164be156558675bc34d2bb1e9bfb3ff557b101892ba10bce45f85ff739acb1513058e74ebf675dafc64501525b510f70338d31ba19b7ab4eae92c2c33d59b616fbeacb0b0af4615a08b316d9ea8ef31b7e27f0d286aa4f918d8fd553d8e463df06cd6a7303b5f0ee14e2b60e910f02e7e4eeb55ca3b1210050359d9f662556ba38c50ea31080fe172438b438af83572cd33451fb92ec62ab10d4a439c571ee290d524270a0cc90665c9f6347f9f3d78efcda9e6e13a255f9080f66dbf0030cb9c1d10ade44412bb9e5783a86e35eb5b28095f52942b83013967d661e2e7bd9b525f1fb8b0d127dce73876805ed4954bd7cf9cf6f43c06c4463dc9d339394e2f83304223627d76d61b245140f440446d4e6eabe0450034f82b1d6f2d6d090895de305a84e7bb7824ad84429aa50775536dbda7bcacadfe01b5d6ca8e46b897c21122655677a176bab6b260deb3d6803607b9aa85d74e748aedc17537bb0bd0b4800cd9ad3705b9960a61f501a4bdaee05309c5537189a8d616554429de7717674aa88674733fb68eeab898aade23712c8058a855904f4e7085115f36b6df394864d88e6cf183753248eefad820ff3f1dda2ff430da2c16633f7bb86fced18a6217c71a412287f31c1699553ad9695195a95baca9cd3f6510d9dbcb5a404fb02d4a6a476090ffab0efa6")
mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x4, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x8000012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x8001)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000080)={&(0x7f0000000000), 0x8}, 0xf, 0x8, 0x0)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(r1, 0x0, 0xe)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty45\x00', 0x88702, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r3)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r6, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040)
sendmsg$auto_WG_CMD_GET_DEVICE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x14, r4, 0x703, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x985}, 0x4)
write$auto_tty_fops_tty_io(r2, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebde1fcfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef)
modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94)
r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/029/001\x00', 0xa002, 0x0)
ioctl$auto_USBDEVFS_CLAIMINTERFACE(r7, 0x8004550f, &(0x7f0000000400)=0xfffff000)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x141000, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r0, &(0x7f0000000600)='/Eev7audio1\x00VI\xa3\xaa\x01\x00\x00\x00\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\x8eZ|\xffGP\x97)\xcf\a\xfb\\nD\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbb\xd9\xce\xb3\xfa\xcd(\xa6\x9c\xc7I\xb65T\xa4Y8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4\x06k\xa2\xc2\xa7n\xf8>\"\xfd@\xee\xf9\xa4\xf4\xb4\x90\x95\f\xc2\xb6\x15\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xda\xe4\x15\xcbx\x01w\xeb\xf4R\x9663\x840\tL\xd2r\xf7\f#\xccR\xfc\xc0e~b\x99`S_\xba\a%Ta\xdf\xbc\x85\x99\xfe\xf8\x05n\xfa\xb9-ph\xf2\x87\x92\x9d\x10!\x83\xecV\x19\xd2\x96W\x9d\x8b\xd6bt\xea\xe4\x9c\xbf\x01t@\x85/D\xba\x14.w\xf57\xbe\x804\f\xeep\x9f\xa7\xc25\\\xe9m0\xcf\xbe;\x83E\x17C\xda||A\xe6R;\x00\x00', 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statx$auto(0xffffffffffffffff, 0x0, 0x1000, 0x8, 0x0)

kernel console output (not intermixed with test programs):

[  840.725852][T15210]  ? lockdep_init_map_type+0x5c/0x280
[  840.725904][T15210]  ops_init+0x77/0x5f0
[  840.725958][T15210]  setup_net+0x10f/0x380
[  840.725997][T15210]  ? lockdep_init_map_type+0x5c/0x280
[  840.726040][T15210]  ? __pfx_setup_net+0x10/0x10
[  840.726085][T15210]  ? debug_mutex_init+0x37/0x70
[  840.726122][T15210]  copy_net_ns+0x2a6/0x5f0
[  840.726171][T15210]  create_new_namespaces+0x3ea/0xa90
[  840.726215][T15210]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  840.726251][T15210]  ksys_unshare+0x45b/0xa40
[  840.726291][T15210]  ? __pfx_ksys_unshare+0x10/0x10
[  840.726332][T15210]  ? xfd_validate_state+0x61/0x180
[  840.726390][T15210]  __x64_sys_unshare+0x31/0x40
[  840.726431][T15210]  do_syscall_64+0xcd/0x490
[  840.726475][T15210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.726505][T15210] RIP: 0033:0x7f9c7a78ebe9
[  840.726533][T15210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.726563][T15210] RSP: 002b:00007f9c7b596038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  840.726594][T15210] RAX: ffffffffffffffda RBX: 00007f9c7a9b6090 RCX: 00007f9c7a78ebe9
[  840.726613][T15210] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  840.726632][T15210] RBP: 00007f9c7a811e19 R08: 0000000000000000 R09: 0000000000000000
[  840.726650][T15210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  840.726667][T15210] R13: 00007f9c7a9b6128 R14: 00007f9c7a9b6090 R15: 00007fffe71033c8
[  840.726705][T15210]  </TASK>
[  841.283214][T15213] random: crng reseeded on system resumption
[  845.400895][T15232] random: crng reseeded on system resumption
[  846.879254][T15250] random: crng reseeded on system resumption
[  848.201425][T15266] FAULT_INJECTION: forcing a failure.
[  848.201425][T15266] name failslab, interval 1, probability 0, space 0, times 0
[  848.214623][T15266] CPU: 0 UID: 0 PID: 15266 Comm: syz.3.1912 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  848.214669][T15266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  848.214688][T15266] Call Trace:
[  848.214700][T15266]  <TASK>
[  848.214712][T15266]  dump_stack_lvl+0x16c/0x1f0
[  848.214758][T15266]  should_fail_ex+0x512/0x640
[  848.214800][T15266]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  848.214838][T15266]  should_failslab+0xc2/0x120
[  848.214879][T15266]  __kmalloc_cache_noprof+0x6a/0x3e0
[  848.214914][T15266]  ? sctp_datamsg_from_user+0x8d/0x1320
[  848.214969][T15266]  sctp_datamsg_from_user+0x8d/0x1320
[  848.215018][T15266]  ? __sk_mem_raise_allocated+0x94d/0x1670
[  848.215072][T15266]  ? sctp_primitive_ASSOCIATE+0x9c/0xd0
[  848.215123][T15266]  sctp_sendmsg_to_asoc+0xaf5/0x1bf0
[  848.215163][T15266]  ? sctp_assoc_set_primary+0x177/0x300
[  848.215204][T15266]  ? sctp_assoc_add_peer+0x252/0x1550
[  848.215254][T15266]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[  848.215290][T15266]  ? sctp_connect_new_asoc+0x41e/0x770
[  848.215338][T15266]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  848.215392][T15266]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  848.215444][T15266]  sctp_sendmsg+0xea2/0x1e10
[  848.215500][T15266]  ? __pfx_sctp_sendmsg+0x10/0x10
[  848.215541][T15266]  ? __pfx___might_resched+0x10/0x10
[  848.215582][T15266]  ? aa_sk_perm+0x2f4/0xb10
[  848.215637][T15266]  ? __pfx_aa_sk_perm+0x10/0x10
[  848.215688][T15266]  ? __pfx_sctp_sendmsg+0x10/0x10
[  848.215732][T15266]  inet_sendmsg+0x119/0x140
[  848.215764][T15266]  ____sys_sendmsg+0x973/0xc70
[  848.215816][T15266]  ? __pfx_____sys_sendmsg+0x10/0x10
[  848.215883][T15266]  ___sys_sendmsg+0x134/0x1d0
[  848.215925][T15266]  ? __pfx____sys_sendmsg+0x10/0x10
[  848.215986][T15266]  ? find_held_lock+0x2b/0x80
[  848.216044][T15266]  __sys_sendmmsg+0x200/0x420
[  848.216091][T15266]  ? __pfx___sys_sendmmsg+0x10/0x10
[  848.216143][T15266]  ? __pfx_do_futex+0x10/0x10
[  848.216207][T15266]  ? xfd_validate_state+0x61/0x180
[  848.216252][T15266]  ? __pfx___do_sys_close_range+0x10/0x10
[  848.216299][T15266]  __x64_sys_sendmmsg+0x9c/0x100
[  848.216339][T15266]  ? lockdep_hardirqs_on+0x7c/0x110
[  848.216377][T15266]  do_syscall_64+0xcd/0x490
[  848.216420][T15266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.216453][T15266] RIP: 0033:0x7f655438ebe9
[  848.216479][T15266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.216510][T15266] RSP: 002b:00007f6555131038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  848.216541][T15266] RAX: ffffffffffffffda RBX: 00007f65545b6270 RCX: 00007f655438ebe9
[  848.216562][T15266] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000002
[  848.216581][T15266] RBP: 00007f6554411e19 R08: 0000000000000000 R09: 0000000000000000
[  848.216628][T15266] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000
[  848.216647][T15266] R13: 00007f65545b6308 R14: 00007f65545b6270 R15: 00007fff6e3afbe8
[  848.216690][T15266]  </TASK>
[  849.214196][T15269] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1915'.
[  849.254688][T15269] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1915'.
[  849.518202][T15274] netlink: 'syz.0.1916': attribute type 11 has an invalid length.
[  851.824654][T15296] FAULT_INJECTION: forcing a failure.
[  851.824654][T15296] name failslab, interval 1, probability 0, space 0, times 0
[  851.837773][T15296] CPU: 1 UID: 0 PID: 15296 Comm: syz.2.1920 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  851.837826][T15296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  851.837845][T15296] Call Trace:
[  851.837856][T15296]  <TASK>
[  851.837868][T15296]  dump_stack_lvl+0x16c/0x1f0
[  851.837913][T15296]  should_fail_ex+0x512/0x640
[  851.837963][T15296]  should_failslab+0xc2/0x120
[  851.838005][T15296]  __kmalloc_cache_noprof+0x6a/0x3e0
[  851.838040][T15296]  ? sctp_add_bind_addr+0xae/0x3f0
[  851.838078][T15296]  sctp_add_bind_addr+0xae/0x3f0
[  851.838114][T15296]  sctp_copy_local_addr_list+0x349/0x550
[  851.838157][T15296]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  851.838198][T15296]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[  851.838238][T15296]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  851.838289][T15296]  sctp_bind_addr_copy+0xe0/0x530
[  851.838329][T15296]  sctp_connect_new_asoc+0x1c9/0x770
[  851.838375][T15296]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  851.838428][T15296]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  851.838479][T15296]  sctp_sendmsg+0x1560/0x1e10
[  851.838536][T15296]  ? __pfx_sctp_sendmsg+0x10/0x10
[  851.838572][T15296]  ? __pfx___might_resched+0x10/0x10
[  851.838615][T15296]  ? aa_sk_perm+0x2f4/0xb10
[  851.838660][T15296]  ? __pfx_aa_sk_perm+0x10/0x10
[  851.838711][T15296]  ? __pfx_sctp_sendmsg+0x10/0x10
[  851.838756][T15296]  inet_sendmsg+0x119/0x140
[  851.838788][T15296]  ____sys_sendmsg+0x973/0xc70
[  851.838853][T15296]  ? __pfx_____sys_sendmsg+0x10/0x10
[  851.838921][T15296]  ___sys_sendmsg+0x134/0x1d0
[  851.838966][T15296]  ? __pfx____sys_sendmsg+0x10/0x10
[  851.839027][T15296]  ? find_held_lock+0x2b/0x80
[  851.839087][T15296]  __sys_sendmmsg+0x200/0x420
[  851.839133][T15296]  ? __pfx___sys_sendmmsg+0x10/0x10
[  851.839186][T15296]  ? __pfx_do_futex+0x10/0x10
[  851.839251][T15296]  ? xfd_validate_state+0x61/0x180
[  851.839294][T15296]  ? __pfx___do_sys_close_range+0x10/0x10
[  851.839342][T15296]  __x64_sys_sendmmsg+0x9c/0x100
[  851.839381][T15296]  ? lockdep_hardirqs_on+0x7c/0x110
[  851.839418][T15296]  do_syscall_64+0xcd/0x490
[  851.839458][T15296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.839488][T15296] RIP: 0033:0x7f9c7a78ebe9
[  851.839514][T15296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  851.839544][T15296] RSP: 002b:00007f9c7b554038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  851.839574][T15296] RAX: ffffffffffffffda RBX: 00007f9c7a9b6270 RCX: 00007f9c7a78ebe9
[  851.839596][T15296] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000002
[  851.839616][T15296] RBP: 00007f9c7a811e19 R08: 0000000000000000 R09: 0000000000000000
[  851.839636][T15296] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000
[  851.839656][T15296] R13: 00007f9c7a9b6308 R14: 00007f9c7a9b6270 R15: 00007fffe71033c8
[  851.839699][T15296]  </TASK>
[  852.483328][T15297] random: crng reseeded on system resumption
[  853.489473][T15308] blktrace: Concurrent blktraces are not allowed on loop2
[  856.198528][T15308] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  856.204225][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  856.221417][T15308] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  856.234536][T15308] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  856.263557][T15308] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  856.285321][T15308] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  857.373275][T15352] random: crng reseeded on system resumption
[  858.295095][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  858.301141][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  858.373042][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  859.683081][T15368] random: crng reseeded on system resumption
[  859.812154][T15374] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1938'.
[  859.879851][T15374] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1938'.
[  860.362411][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  860.673339][T15383] random: crng reseeded on system resumption
[  861.566159][T15394] blktrace: Concurrent blktraces are not allowed on loop2
[  863.898643][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  863.908252][T15394] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  863.937170][T15394] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  863.946580][T15394] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  863.953667][T15394] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  865.963000][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  865.963068][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  865.969278][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  866.664065][T15442] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1948'.
[  866.695384][T15442] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1948'.
[  867.469158][T15458] netlink: 'syz.2.1951': attribute type 11 has an invalid length.
[  872.300557][T15495] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1961'.
[  872.420218][T15495] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1961'.
[  872.629705][T15504] blktrace: Concurrent blktraces are not allowed on loop2
[  874.482205][T15504] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  874.489723][T15504] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  874.524058][T15504] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  874.632035][T15504] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  874.915335][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  875.321697][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  875.328713][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  876.514306][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  876.593928][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  876.674169][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  877.284049][T15542] random: crng reseeded on system resumption
[  878.512142][T15552] blktrace: Concurrent blktraces are not allowed on loop2
[  878.981950][T15559] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1972'.
[  880.672174][T15552] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  880.682634][T15552] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  880.724760][T15552] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  880.733953][T15552] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  880.993409][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  881.161450][T15575] blktrace: Concurrent blktraces are not allowed on loop2
[  881.267355][T15578] blktrace: Concurrent blktraces are not allowed on loop2
[  881.765389][T15585] netlink: 'syz.3.1976': attribute type 11 has an invalid length.
[  882.764600][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  882.770793][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  882.770827][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  883.311562][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  883.319138][T15575] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  883.598113][T15575] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  883.606129][T15575] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  883.614519][T15575] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  884.538012][T15618] random: crng reseeded on system resumption
[  885.399533][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  885.629446][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  885.633731][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  885.965067][T15629] random: crng reseeded on system resumption
[  888.432726][T15648] netlink: 'syz.1.1987': attribute type 11 has an invalid length.
[  890.921649][T15671] blktrace: Concurrent blktraces are not allowed on loop2
[  891.001604][T15672] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1992'.
[  891.592493][T15683] blktrace: Concurrent blktraces are not allowed on loop2
[  893.315750][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  893.381337][T15671] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  893.703773][T15671] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  893.710312][T15671] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  893.716386][T15671] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  894.080591][T15707] binder: 15705:15707 ioctl c018620c 0 returned -1
[  894.183663][T15709] blktrace: Concurrent blktraces are not allowed on loop2
[  895.545872][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  895.784333][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  895.797994][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  896.344044][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  896.350156][T15711] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  896.790219][T15711] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  896.810559][T15711] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  896.852019][T15711] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  897.435486][T15750] blktrace: Concurrent blktraces are not allowed on loop2
[  897.571419][T15752] blktrace: Concurrent blktraces are not allowed on loop2
[  898.423094][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  898.822841][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  898.902791][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  899.507643][T15750] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  899.532074][T15750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  899.552417][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  899.572579][T15750] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  899.642855][T15750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  900.215243][T15768] blktrace: Concurrent blktraces are not allowed on loop2
[  901.290024][T15787] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2010'.
[  901.558343][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  901.621462][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  901.701399][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  901.811481][T15805] blktrace: Concurrent blktraces are not allowed on loop2
[  902.421651][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  902.429359][T15768] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  902.593257][T15768] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  902.622030][T15768] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  902.628473][T15768] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  904.346238][T15839] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2024'.
[  904.660150][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  904.666368][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  904.672779][ T5874] Bluetooth: hci1: command 0x0406 tx timeout
[  904.773383][T15845] FAULT_INJECTION: forcing a failure.
[  904.773383][T15845] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  904.790680][T15845] CPU: 0 UID: 0 PID: 15845 Comm: syz.3.2026 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  904.790709][T15845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  904.790721][T15845] Call Trace:
[  904.790727][T15845]  <TASK>
[  904.790735][T15845]  dump_stack_lvl+0x16c/0x1f0
[  904.790764][T15845]  should_fail_ex+0x512/0x640
[  904.790794][T15845]  _copy_to_user+0x32/0xd0
[  904.790824][T15845]  simple_read_from_buffer+0xcb/0x170
[  904.790859][T15845]  proc_fail_nth_read+0x197/0x240
[  904.790879][T15845]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  904.790901][T15845]  ? rw_verify_area+0xcf/0x6c0
[  904.790920][T15845]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  904.790940][T15845]  vfs_read+0x1e4/0xcf0
[  904.790963][T15845]  ? __pfx___mutex_lock+0x10/0x10
[  904.790987][T15845]  ? __pfx_vfs_read+0x10/0x10
[  904.791014][T15845]  ? __fget_files+0x20e/0x3c0
[  904.791048][T15845]  ksys_read+0x12a/0x250
[  904.791069][T15845]  ? __pfx_ksys_read+0x10/0x10
[  904.791088][T15845]  ? syscall_user_dispatch+0x78/0x140
[  904.791119][T15845]  ? __might_fault+0x154/0x190
[  904.791147][T15845]  do_syscall_64+0xcd/0x490
[  904.791173][T15845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  904.791192][T15845] RIP: 0033:0x7f655438d5fc
[  904.791208][T15845] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  904.791227][T15845] RSP: 002b:00007f6555194030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  904.791246][T15845] RAX: ffffffffffffffda RBX: 00007f65545b5fa0 RCX: 00007f655438d5fc
[  904.791258][T15845] RDX: 000000000000000f RSI: 00007f65551940a0 RDI: 0000000000000003
[  904.791269][T15845] RBP: 00007f6555194090 R08: 0000000000000000 R09: 0000000000000000
[  904.791281][T15845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  904.791292][T15845] R13: 00007f65545b6038 R14: 00007f65545b5fa0 R15: 00007fff6e3afbe8
[  904.791315][T15845]  </TASK>
[  906.911833][T15854] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2028'.
[  907.874348][T15865] blktrace: Concurrent blktraces are not allowed on loop2
[  909.124213][T15891] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2034'.
[  909.158142][T15892] FAULT_INJECTION: forcing a failure.
[  909.158142][T15892] name failslab, interval 1, probability 0, space 0, times 0
[  909.170906][T15892] CPU: 0 UID: 0 PID: 15892 Comm: syz.2.2033 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  909.170961][T15892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  909.170978][T15892] Call Trace:
[  909.170989][T15892]  <TASK>
[  909.171001][T15892]  dump_stack_lvl+0x16c/0x1f0
[  909.171044][T15892]  should_fail_ex+0x512/0x640
[  909.171083][T15892]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  909.171124][T15892]  should_failslab+0xc2/0x120
[  909.171163][T15892]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  909.171198][T15892]  ? fcntl_dirnotify+0x23b/0xb60
[  909.171242][T15892]  fcntl_dirnotify+0x23b/0xb60
[  909.171290][T15892]  do_fcntl+0xe62/0x15a0
[  909.171333][T15892]  ? __pfx_do_fcntl+0x10/0x10
[  909.171386][T15892]  ? tomoyo_file_fcntl+0x6c/0xc0
[  909.171420][T15892]  __x64_sys_fcntl+0x163/0x200
[  909.171476][T15892]  do_syscall_64+0xcd/0x490
[  909.171517][T15892]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  909.171548][T15892] RIP: 0033:0x7f9c7a78ebe9
[  909.171580][T15892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  909.171608][T15892] RSP: 002b:00007f9c7b533038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  909.171638][T15892] RAX: ffffffffffffffda RBX: 00007f9c7a9b6360 RCX: 00007f9c7a78ebe9
[  909.171666][T15892] RDX: 008000007fffffdf RSI: 0000000000000402 RDI: 0000000000000006
[  909.171685][T15892] RBP: 00007f9c7b533090 R08: 0000000000000000 R09: 0000000000000000
[  909.171703][T15892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  909.171722][T15892] R13: 00007f9c7a9b63f8 R14: 00007f9c7a9b6360 R15: 00007fffe71033c8
[  909.171762][T15892]  </TASK>
[  909.615530][T15891] netlink: 298 bytes leftover after parsing attributes in process `syz.0.2034'.
[  909.866421][T15903] openvswitch: netlink: Message has 4 unknown bytes.
[  909.881239][T15897] FAULT_INJECTION: forcing a failure.
[  909.881239][T15897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  909.920173][T15897] CPU: 0 UID: 0 PID: 15897 Comm: syz.2.2036 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  909.920227][T15897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  909.920244][T15897] Call Trace:
[  909.920254][T15897]  <TASK>
[  909.920266][T15897]  dump_stack_lvl+0x16c/0x1f0
[  909.920306][T15897]  should_fail_ex+0x512/0x640
[  909.920350][T15897]  _copy_from_user+0x2e/0xd0
[  909.920393][T15897]  do_sock_getsockopt+0x3ca/0x440
[  909.920436][T15897]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  909.920476][T15897]  ? __fget_files+0x204/0x3c0
[  909.920525][T15897]  __sys_getsockopt+0x123/0x1b0
[  909.920568][T15897]  __x64_sys_getsockopt+0xbd/0x160
[  909.920600][T15897]  ? do_syscall_64+0x91/0x490
[  909.920634][T15897]  ? lockdep_hardirqs_on+0x7c/0x110
[  909.920666][T15897]  do_syscall_64+0xcd/0x490
[  909.920704][T15897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  909.920733][T15897] RIP: 0033:0x7f9c7a78ebe9
[  909.920757][T15897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  909.920784][T15897] RSP: 002b:00007f9c7b5b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  909.920813][T15897] RAX: ffffffffffffffda RBX: 00007f9c7a9b5fa0 RCX: 00007f9c7a78ebe9
[  909.920832][T15897] RDX: 0000000000000008 RSI: 000000000000011b RDI: 0000000000000003
[  909.920856][T15897] RBP: 00007f9c7b5b7090 R08: 0000000000000000 R09: 0000000000000000
[  909.920873][T15897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  909.920890][T15897] R13: 00007f9c7a9b6038 R14: 00007f9c7a9b5fa0 R15: 00007fffe71033c8
[  909.920929][T15897]  </TASK>
[  910.091279][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  910.275496][T15865] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  910.742643][T15865] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  910.751315][T15865] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  910.769369][T15865] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  912.039398][T15923] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2041'.
[  912.117146][T15918] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2042'.
[  912.336148][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  912.585965][T15918] syz.2.2042 (15918) used greatest stack depth: 17752 bytes left
[  912.816174][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  912.816175][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  913.246218][T15936] random: crng reseeded on system resumption
[  913.659845][T15940] FAULT_INJECTION: forcing a failure.
[  913.659845][T15940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  913.727842][T15940] CPU: 0 UID: 0 PID: 15940 Comm: syz.1.2047 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  913.727884][T15940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  913.727901][T15940] Call Trace:
[  913.727918][T15940]  <TASK>
[  913.727929][T15940]  dump_stack_lvl+0x16c/0x1f0
[  913.727970][T15940]  should_fail_ex+0x512/0x640
[  913.728012][T15940]  _copy_to_user+0x32/0xd0
[  913.728057][T15940]  simple_read_from_buffer+0xcb/0x170
[  913.728105][T15940]  proc_fail_nth_read+0x197/0x240
[  913.728139][T15940]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  913.728170][T15940]  ? rw_verify_area+0xcf/0x6c0
[  913.728196][T15940]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  913.728226][T15940]  vfs_read+0x1e4/0xcf0
[  913.728264][T15940]  ? __pfx___mutex_lock+0x10/0x10
[  913.728299][T15940]  ? __pfx_vfs_read+0x10/0x10
[  913.728342][T15940]  ? __fget_files+0x20e/0x3c0
[  913.728384][T15940]  ksys_read+0x12a/0x250
[  913.728415][T15940]  ? __pfx_ksys_read+0x10/0x10
[  913.728458][T15940]  do_syscall_64+0xcd/0x490
[  913.728495][T15940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.728522][T15940] RIP: 0033:0x7f9a6758d5fc
[  913.728545][T15940] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  913.728572][T15940] RSP: 002b:00007f9a683a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  913.728600][T15940] RAX: ffffffffffffffda RBX: 00007f9a677b5fa0 RCX: 00007f9a6758d5fc
[  913.728619][T15940] RDX: 000000000000000f RSI: 00007f9a683a70a0 RDI: 0000000000000005
[  913.728636][T15940] RBP: 00007f9a683a7090 R08: 0000000000000000 R09: 0000000000000000
[  913.728654][T15940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  913.728671][T15940] R13: 00007f9a677b6038 R14: 00007f9a677b5fa0 R15: 00007ffd9e38cf98
[  913.728710][T15940]  </TASK>
[  914.399977][T15943] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input9
[  914.940698][T15956] ima: policy update failed
[  914.949319][   T30] audit: type=1802 audit(1754906064.714:9): pid=15956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2051" res=0 errno=0
[  915.200221][   T30] audit: type=1800 audit(1754906064.954:10): pid=15962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2053" name="members" dev="configfs" ino=56469 res=0 errno=0
[  916.364544][T15994] blktrace: Concurrent blktraces are not allowed on loop2
[  916.406134][T15975] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  916.559469][T15975] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  916.606271][T15975] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  916.612496][T15975] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  916.784869][T15978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2054'.
[  918.173152][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  918.576050][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  918.654809][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  918.665985][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  919.423933][T16040] FAULT_INJECTION: forcing a failure.
[  919.423933][T16040] name failslab, interval 1, probability 0, space 0, times 0
[  919.444584][T16036] random: crng reseeded on system resumption
[  919.463600][T16040] CPU: 0 UID: 0 PID: 16040 Comm: syz.2.2062 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  919.463639][T16040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  919.463657][T16040] Call Trace:
[  919.463667][T16040]  <TASK>
[  919.463680][T16040]  dump_stack_lvl+0x16c/0x1f0
[  919.463722][T16040]  should_fail_ex+0x512/0x640
[  919.463761][T16040]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  919.463803][T16040]  should_failslab+0xc2/0x120
[  919.463843][T16040]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  919.463877][T16040]  ? __alloc_skb+0x2b2/0x380
[  919.463919][T16040]  __alloc_skb+0x2b2/0x380
[  919.463953][T16040]  ? __pfx___alloc_skb+0x10/0x10
[  919.463991][T16040]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  919.464027][T16040]  ? __lock_acquire+0xb97/0x1ce0
[  919.464073][T16040]  netlink_alloc_large_skb+0x69/0x130
[  919.464114][T16040]  netlink_sendmsg+0x6a1/0xdd0
[  919.464169][T16040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  919.464212][T16040]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  919.464250][T16040]  ____sys_sendmsg+0xa95/0xc70
[  919.464296][T16040]  ? copy_msghdr_from_user+0x10a/0x160
[  919.464333][T16040]  ? __pfx_____sys_sendmsg+0x10/0x10
[  919.464384][T16040]  ? __pfx__kstrtoull+0x10/0x10
[  919.464427][T16040]  ___sys_sendmsg+0x134/0x1d0
[  919.464467][T16040]  ? __pfx____sys_sendmsg+0x10/0x10
[  919.464524][T16040]  ? find_held_lock+0x2b/0x80
[  919.464581][T16040]  __sys_sendmmsg+0x200/0x420
[  919.464623][T16040]  ? __pfx___sys_sendmmsg+0x10/0x10
[  919.464675][T16040]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  919.464731][T16040]  ? fput+0x9b/0xd0
[  919.464773][T16040]  ? ksys_write+0x1ac/0x250
[  919.464806][T16040]  ? __pfx_ksys_write+0x10/0x10
[  919.464848][T16040]  __x64_sys_sendmmsg+0x9c/0x100
[  919.464884][T16040]  ? lockdep_hardirqs_on+0x7c/0x110
[  919.464919][T16040]  do_syscall_64+0xcd/0x490
[  919.464960][T16040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.464990][T16040] RIP: 0033:0x7f9c7a78ebe9
[  919.465015][T16040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  919.465044][T16040] RSP: 002b:00007f9c7b5b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  919.465073][T16040] RAX: ffffffffffffffda RBX: 00007f9c7a9b5fa0 RCX: 00007f9c7a78ebe9
[  919.465093][T16040] RDX: 0000000000000100 RSI: 0000200000000080 RDI: 0000000000000003
[  919.465112][T16040] RBP: 00007f9c7b5b7090 R08: 0000000000000000 R09: 0000000000000000
[  919.465139][T16040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  919.465157][T16040] R13: 00007f9c7a9b6038 R14: 00007f9c7a9b5fa0 R15: 00007fffe71033c8
[  919.465197][T16040]  </TASK>
[  919.731318][    C0] vkms_vblank_simulate: vblank timer overrun
[  921.038593][T16061] netlink: 93 bytes leftover after parsing attributes in process `syz.2.2070'.
[  921.120288][T16066] blktrace: Concurrent blktraces are not allowed on loop2
[  921.697919][T16082] blktrace: Concurrent blktraces are not allowed on loop2
[  923.033788][T16066] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  923.071038][T16066] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  923.085689][T16066] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  923.128445][T16066] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  923.210840][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  923.923396][T16110] random: crng reseeded on system resumption
[  925.022713][T16122] device-mapper: ioctl: Invalid ioctl structure: name , dev b00010007
[  925.130017][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  925.130037][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  925.139617][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  926.458727][T16143] Invalid ELF header magic: != ELF
[  926.827250][T16154] blktrace: Concurrent blktraces are not allowed on loop2
[  928.113315][T16173] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  928.878263][T16154] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  928.896866][T16154] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  928.907738][T16154] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  928.914782][T16154] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  929.047716][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  929.196608][T16184] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2091'.
[  929.227058][T16184] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2091'.
[  929.957947][T16207] blktrace: Concurrent blktraces are not allowed on loop2
[  929.979964][T16206] blktrace: Concurrent blktraces are not allowed on loop2
[  930.896766][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  930.977599][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  930.977909][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  931.588879][T16207] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  931.602008][T16207] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  931.629360][T16207] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  931.652255][T16207] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  932.050465][T16229] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2103'.
[  932.090272][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  932.097143][T16229] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2103'.
[  932.368061][T16234] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2112'.
[  932.380177][T16234] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2112'.
[  933.051269][T16246] sd 0:0:1:0: PR command failed: 1026
[  933.086944][T16246] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  933.140035][T16246] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  933.607457][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  933.685821][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  933.685831][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  933.770398][T16271] blktrace: Concurrent blktraces are not allowed on loop2
[  935.420538][T16295] blktrace: Concurrent blktraces are not allowed on loop2
[  935.538277][T16297] FAULT_INJECTION: forcing a failure.
[  935.538277][T16297] name failslab, interval 1, probability 0, space 0, times 0
[  935.592971][T16297] CPU: 0 UID: 0 PID: 16297 Comm: syz.0.2118 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  935.593014][T16297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  935.593032][T16297] Call Trace:
[  935.593043][T16297]  <TASK>
[  935.593055][T16297]  dump_stack_lvl+0x16c/0x1f0
[  935.593097][T16297]  should_fail_ex+0x512/0x640
[  935.593137][T16297]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  935.593165][T16297]  should_failslab+0xc2/0x120
[  935.593190][T16297]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  935.593214][T16297]  ? mqueue_alloc_inode+0x25/0x50
[  935.593248][T16297]  ? __pfx_mqueue_alloc_inode+0x10/0x10
[  935.593275][T16297]  mqueue_alloc_inode+0x25/0x50
[  935.593303][T16297]  alloc_inode+0x61/0x240
[  935.593330][T16297]  new_inode+0x22/0x1c0
[  935.593358][T16297]  mqueue_get_inode+0x2e/0xdd0
[  935.593391][T16297]  mqueue_create_attr+0x261/0x440
[  935.593413][T16297]  vfs_mkobj+0x3d8/0x620
[  935.593429][T16297]  ? __pfx_mqueue_create_attr+0x10/0x10
[  935.593450][T16297]  do_mq_open+0x71e/0x8c0
[  935.593470][T16297]  ? __pfx_do_mq_open+0x10/0x10
[  935.593505][T16297]  __x64_sys_mq_open+0x155/0x1e0
[  935.593523][T16297]  ? __pfx___x64_sys_mq_open+0x10/0x10
[  935.593553][T16297]  do_syscall_64+0xcd/0x490
[  935.593578][T16297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  935.593597][T16297] RIP: 0033:0x7fdb87d8ebe9
[  935.593612][T16297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  935.593631][T16297] RSP: 002b:00007fdb88b31038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  935.593649][T16297] RAX: ffffffffffffffda RBX: 00007fdb87fb5fa0 RCX: 00007fdb87d8ebe9
[  935.593661][T16297] RDX: 000000000000b9fb RSI: 00000000000061df RDI: 0000200000000040
[  935.593672][T16297] RBP: 00007fdb87e11e19 R08: 0000000000000000 R09: 0000000000000000
[  935.593683][T16297] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000000
[  935.593694][T16297] R13: 00007fdb87fb6038 R14: 00007fdb87fb5fa0 R15: 00007ffc97ebb958
[  935.593726][T16297]  </TASK>
[  935.795546][    C0] vkms_vblank_simulate: vblank timer overrun
[  935.924457][T16271] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  935.955732][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  935.964841][T16297] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2118'.
[  936.227272][T16271] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  936.242384][T16271] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  936.256789][T16271] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  936.554453][T16304] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  936.731141][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  936.731212][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  937.493570][T16316] [U] 
[  937.496665][T16316] [U] 
[  937.499378][T16316] [U] 
[  937.502073][T16316] [U] 
[  937.533611][T16316] [U] 
[  937.536400][T16316] [U] 
[  937.539144][T16316] [U] 
[  937.541862][T16316] [U] 
[  937.603890][T16316] [U] 
[  937.606666][T16316] [U] 
[  937.609383][T16316] [U] 
[  937.612099][T16316] [U] 
[  937.615130][T16316] [U] 
[  937.617873][T16316] [U] 
[  937.620618][T16316] [U] 
[  937.623345][T16316] [U] 
[  937.626393][T16316] [U] 
[  937.629122][T16316] [U] 
[  937.631815][T16316] [U] 
[  937.634599][T16316] [U] 
[  937.639905][T16316] [U] 
[  937.642708][T16316] [U] 
[  937.645419][T16316] [U] 
[  937.648125][T16316] [U] 
[  937.713606][T16316] [U] 
[  938.005537][ T5873] Bluetooth: hci1: command 0x0406 tx timeout
[  938.240874][T16328] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2126'.
[  938.250811][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  938.257626][T16328] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2126'.
[  938.323229][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  938.404501][T16330] random: crng reseeded on system resumption
[  939.366219][T16341] random: crng reseeded on system resumption
[  940.313774][T16349] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  941.579295][T16370] blktrace: Concurrent blktraces are not allowed on loop2
[  942.948177][T16391] blktrace: Concurrent blktraces are not allowed on loop2
[  943.386355][T16370] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  943.442709][T16370] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  943.466102][T16370] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  943.480646][T16370] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  943.760293][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  945.243534][T16424] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2150'.
[  945.300336][T16424] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2150'.
[  945.519696][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  945.525765][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  945.531841][ T5874] Bluetooth: hci1: command 0x0406 tx timeout
[  946.440191][T16432] blktrace: Concurrent blktraces are not allowed on loop2
[  948.112781][T16432] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  948.119442][T16432] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  948.125476][T16432] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  948.168266][T16432] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  948.224869][T16446] blktrace: Concurrent blktraces are not allowed on loop2
[  948.245733][T16447] blktrace: Concurrent blktraces are not allowed on loop2
[  948.469078][T16449] random: crng reseeded on system resumption
[  948.557898][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  948.903491][T16460] blktrace: Concurrent blktraces are not allowed on loop2
[  949.769277][T16472] FAULT_INJECTION: forcing a failure.
[  949.769277][T16472] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  949.802977][T16472] CPU: 0 UID: 0 PID: 16472 Comm: syz.3.2160 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  949.803025][T16472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  949.803044][T16472] Call Trace:
[  949.803055][T16472]  <TASK>
[  949.803068][T16472]  dump_stack_lvl+0x16c/0x1f0
[  949.803112][T16472]  should_fail_ex+0x512/0x640
[  949.803159][T16472]  _copy_to_user+0x32/0xd0
[  949.803208][T16472]  simple_read_from_buffer+0xcb/0x170
[  949.803262][T16472]  proc_fail_nth_read+0x197/0x240
[  949.803298][T16472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  949.803334][T16472]  ? rw_verify_area+0xcf/0x6c0
[  949.803365][T16472]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  949.803398][T16472]  vfs_read+0x1e4/0xcf0
[  949.803438][T16472]  ? __pfx___mutex_lock+0x10/0x10
[  949.803476][T16472]  ? __pfx_vfs_read+0x10/0x10
[  949.803521][T16472]  ? __fget_files+0x20e/0x3c0
[  949.803576][T16472]  ksys_read+0x12a/0x250
[  949.803610][T16472]  ? __pfx_ksys_read+0x10/0x10
[  949.803657][T16472]  do_syscall_64+0xcd/0x490
[  949.803698][T16472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.803729][T16472] RIP: 0033:0x7f655438d5fc
[  949.803754][T16472] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  949.803782][T16472] RSP: 002b:00007f6555173030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  949.803811][T16472] RAX: ffffffffffffffda RBX: 00007f65545b6090 RCX: 00007f655438d5fc
[  949.803831][T16472] RDX: 000000000000000f RSI: 00007f65551730a0 RDI: 0000000000000006
[  949.803850][T16472] RBP: 00007f6555173090 R08: 0000000000000000 R09: 0000000000000000
[  949.803869][T16472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  949.803887][T16472] R13: 00007f65545b6128 R14: 00007f65545b6090 R15: 00007fff6e3afbe8
[  949.803928][T16472]  </TASK>
[  950.177161][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  950.183260][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  950.241334][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  950.408064][T16471] random: crng reseeded on system resumption
[  952.829956][T16503] random: crng reseeded on system resumption
[  952.841192][T16505] blktrace: Concurrent blktraces are not allowed on loop2
[  954.267928][T16518] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2171'.
[  954.305016][T16518] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2171'.
[  954.511166][T16520] FAULT_INJECTION: forcing a failure.
[  954.511166][T16520] name failslab, interval 1, probability 0, space 0, times 0
[  954.605001][T16520] CPU: 1 UID: 0 PID: 16520 Comm: syz.0.2173 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  954.605046][T16520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  954.605064][T16520] Call Trace:
[  954.605075][T16520]  <TASK>
[  954.605088][T16520]  dump_stack_lvl+0x16c/0x1f0
[  954.605131][T16520]  should_fail_ex+0x512/0x640
[  954.605171][T16520]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  954.605208][T16520]  should_failslab+0xc2/0x120
[  954.605250][T16520]  __kmalloc_cache_noprof+0x6a/0x3e0
[  954.605284][T16520]  ? copy_mount_options+0x55/0x190
[  954.605326][T16520]  ? _copy_from_user+0x59/0xd0
[  954.605373][T16520]  copy_mount_options+0x55/0x190
[  954.605418][T16520]  __x64_sys_mount+0x1ac/0x310
[  954.605456][T16520]  ? __pfx___x64_sys_mount+0x10/0x10
[  954.605502][T16520]  do_syscall_64+0xcd/0x490
[  954.605538][T16520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  954.605569][T16520] RIP: 0033:0x7fdb87d8ebe9
[  954.605594][T16520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  954.605623][T16520] RSP: 002b:00007fdb88b31038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  954.605654][T16520] RAX: ffffffffffffffda RBX: 00007fdb87fb5fa0 RCX: 00007fdb87d8ebe9
[  954.605675][T16520] RDX: 0000200000000380 RSI: 0000000000000000 RDI: 00002000000002c0
[  954.605695][T16520] RBP: 00007fdb87e11e19 R08: 00002000000003c0 R09: 0000000000000000
[  954.605714][T16520] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000
[  954.605733][T16520] R13: 00007fdb87fb6038 R14: 00007fdb87fb5fa0 R15: 00007ffc97ebb958
[  954.605785][T16520]  </TASK>
[  956.261173][T16542] random: crng reseeded on system resumption
[  957.198477][T16554] blktrace: Concurrent blktraces are not allowed on loop2
[  958.266091][T16576] FAULT_INJECTION: forcing a failure.
[  958.266091][T16576] name failslab, interval 1, probability 0, space 0, times 0
[  958.424343][T16576] CPU: 1 UID: 0 PID: 16576 Comm: syz.0.2184 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  958.424386][T16576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  958.424413][T16576] Call Trace:
[  958.424424][T16576]  <TASK>
[  958.424436][T16576]  dump_stack_lvl+0x16c/0x1f0
[  958.424477][T16576]  should_fail_ex+0x512/0x640
[  958.424518][T16576]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  958.424557][T16576]  should_failslab+0xc2/0x120
[  958.424597][T16576]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  958.424634][T16576]  ? __kernfs_new_node+0xd2/0x8e0
[  958.424677][T16576]  __kernfs_new_node+0xd2/0x8e0
[  958.424721][T16576]  ? __pfx___kernfs_new_node+0x10/0x10
[  958.424772][T16576]  ? find_held_lock+0x2b/0x80
[  958.424806][T16576]  ? kernfs_root+0xee/0x2a0
[  958.424854][T16576]  kernfs_new_node+0x13c/0x1e0
[  958.424906][T16576]  __kernfs_create_file+0x53/0x350
[  958.424943][T16576]  sysfs_add_file_mode_ns+0x207/0x3c0
[  958.424992][T16576]  internal_create_group+0x578/0xf30
[  958.425046][T16576]  ? __pfx_internal_create_group+0x10/0x10
[  958.425089][T16576]  ? sysfs_create_dir_ns+0x14c/0x2b0
[  958.425129][T16576]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  958.425164][T16576]  ? find_held_lock+0x2b/0x80
[  958.425202][T16576]  internal_create_groups+0x9d/0x150
[  958.425249][T16576]  kobject_add_internal+0x311/0x9b0
[  958.425301][T16576]  kobject_init_and_add+0x11b/0x190
[  958.425347][T16576]  ? __pfx_kobject_init_and_add+0x10/0x10
[  958.425427][T16576]  rpc_sysfs_client_setup+0x190/0x320
[  958.425466][T16576]  ? __pfx_rpc_sysfs_client_setup+0x10/0x10
[  958.425503][T16576]  ? rpc_net_ns+0xe8/0x2a0
[  958.425552][T16576]  rpc_new_client+0x948/0x1320
[  958.425608][T16576]  rpc_create_xprt+0xd9/0x440
[  958.425657][T16576]  rpc_create+0x469/0x7f0
[  958.425703][T16576]  ? bpf_ksym_find+0x124/0x1c0
[  958.425733][T16576]  ? __pfx_rpc_create+0x10/0x10
[  958.425795][T16576]  ? arch_stack_walk+0xa6/0x100
[  958.425866][T16576]  ? save_trace+0x4e/0x380
[  958.425901][T16576]  ? add_lock_to_list+0x9d/0x130
[  958.425943][T16576]  rpcb_create_af_local+0x11b/0x310
[  958.425984][T16576]  ? __pfx_rpcb_create_af_local+0x10/0x10
[  958.426045][T16576]  ? find_held_lock+0x2b/0x80
[  958.426079][T16576]  ? rpcb_create_local+0x1da/0x270
[  958.426128][T16576]  rpcb_create_local+0x1ee/0x270
[  958.426171][T16576]  svc_bind+0x1e8/0x260
[  958.426219][T16576]  nfsd_create_serv+0x2d2/0x480
[  958.426252][T16576]  ? __pfx_nfsd_create_serv+0x10/0x10
[  958.426289][T16576]  ? __nla_validate_parse+0x600/0x2880
[  958.426329][T16576]  nfsd_nl_listener_set_doit+0xdd/0x1b10
[  958.426390][T16576]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  958.426442][T16576]  ? __nla_parse+0x40/0x60
[  958.426478][T16576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  958.426527][T16576]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  958.426586][T16576]  genl_family_rcv_msg_doit+0x209/0x2f0
[  958.426636][T16576]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  958.426680][T16576]  ? rcu_is_watching+0x12/0xc0
[  958.426728][T16576]  ? bpf_lsm_capable+0x9/0x10
[  958.426757][T16576]  ? security_capable+0x7e/0x260
[  958.426798][T16576]  genl_rcv_msg+0x55c/0x800
[  958.426849][T16576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.426896][T16576]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  958.426955][T16576]  netlink_rcv_skb+0x158/0x420
[  958.426997][T16576]  ? __pfx_genl_rcv_msg+0x10/0x10
[  958.427045][T16576]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  958.427105][T16576]  ? netlink_deliver_tap+0x1ae/0xd30
[  958.427152][T16576]  genl_rcv+0x28/0x40
[  958.427193][T16576]  netlink_unicast+0x5a7/0x870
[  958.427241][T16576]  ? __pfx_netlink_unicast+0x10/0x10
[  958.427284][T16576]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  958.427322][T16576]  ? __lock_acquire+0xb97/0x1ce0
[  958.427376][T16576]  netlink_sendmsg+0x8d1/0xdd0
[  958.427432][T16576]  ? __pfx_netlink_sendmsg+0x10/0x10
[  958.427479][T16576]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  958.427520][T16576]  ____sys_sendmsg+0xa95/0xc70
[  958.427570][T16576]  ? copy_msghdr_from_user+0x10a/0x160
[  958.427609][T16576]  ? __pfx_____sys_sendmsg+0x10/0x10
[  958.427667][T16576]  ? __pfx_futex_wake_mark+0x10/0x10
[  958.427722][T16576]  ___sys_sendmsg+0x134/0x1d0
[  958.427765][T16576]  ? __pfx____sys_sendmsg+0x10/0x10
[  958.427862][T16576]  __sys_sendmsg+0x16d/0x220
[  958.427903][T16576]  ? __pfx___sys_sendmsg+0x10/0x10
[  958.427938][T16576]  ? __x64_sys_futex+0x1e0/0x4c0
[  958.428000][T16576]  do_syscall_64+0xcd/0x490
[  958.428041][T16576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.428071][T16576] RIP: 0033:0x7fdb87d8ebe9
[  958.428096][T16576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  958.428125][T16576] RSP: 002b:00007fdb85bd3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  958.428156][T16576] RAX: ffffffffffffffda RBX: 00007fdb87fb6270 RCX: 00007fdb87d8ebe9
[  958.428176][T16576] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000002
[  958.428196][T16576] RBP: 00007fdb87e11e19 R08: 0000000000000000 R09: 0000000000000000
[  958.428214][T16576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  958.428232][T16576] R13: 00007fdb87fb6308 R14: 00007fdb87fb6270 R15: 00007ffc97ebb958
[  958.428272][T16576]  </TASK>
[  959.042979][T16576] kobject: kobject_add_internal failed for clnt-0 (error: -12 parent: rpc-clients)
[  959.352561][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  959.358911][T16554] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  959.448429][T16554] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  959.553961][T16554] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  959.560042][T16554] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  959.865724][T13949] Bluetooth: hci0: Malformed Event: 0x02
[  960.176318][T16592] random: crng reseeded on system resumption
[  961.431473][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  961.595185][T13949] Bluetooth: hci3: command 0x0406 tx timeout
[  961.595185][ T5873] Bluetooth: hci2: command 0x0406 tx timeout
[  962.141206][T16609] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2198'.
[  962.152922][T16609] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2198'.
[  962.191708][T16609] netlink: 290 bytes leftover after parsing attributes in process `syz.0.2198'.
[  962.411521][T16612] binder: 16611:16612 ioctl c00c6211 0 returned -14
[  963.361214][T16623] FAULT_INJECTION: forcing a failure.
[  963.361214][T16623] name failslab, interval 1, probability 0, space 0, times 0
[  963.436556][T16623] CPU: 0 UID: 0 PID: 16623 Comm: syz.3.2194 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  963.436601][T16623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  963.436619][T16623] Call Trace:
[  963.436630][T16623]  <TASK>
[  963.436642][T16623]  dump_stack_lvl+0x16c/0x1f0
[  963.436687][T16623]  should_fail_ex+0x512/0x640
[  963.436727][T16623]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  963.436769][T16623]  should_failslab+0xc2/0x120
[  963.436809][T16623]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  963.436846][T16623]  ? __alloc_skb+0x2b2/0x380
[  963.436888][T16623]  __alloc_skb+0x2b2/0x380
[  963.436923][T16623]  ? __pfx___alloc_skb+0x10/0x10
[  963.436963][T16623]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  963.437010][T16623]  netlink_alloc_large_skb+0x69/0x130
[  963.437052][T16623]  netlink_sendmsg+0x6a1/0xdd0
[  963.437099][T16623]  ? __pfx_netlink_sendmsg+0x10/0x10
[  963.437143][T16623]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  963.437183][T16623]  sock_write_iter+0x4ff/0x5b0
[  963.437230][T16623]  ? __pfx_sock_write_iter+0x10/0x10
[  963.437291][T16623]  ? bpf_lsm_file_permission+0x9/0x10
[  963.437333][T16623]  ? security_file_permission+0x71/0x210
[  963.437374][T16623]  ? rw_verify_area+0xcf/0x6c0
[  963.437420][T16623]  vfs_write+0x7d0/0x11d0
[  963.437456][T16623]  ? __pfx_sock_write_iter+0x10/0x10
[  963.437505][T16623]  ? __pfx_vfs_write+0x10/0x10
[  963.437537][T16623]  ? find_held_lock+0x2b/0x80
[  963.437594][T16623]  ksys_write+0x1f8/0x250
[  963.437629][T16623]  ? __pfx_ksys_write+0x10/0x10
[  963.437673][T16623]  do_syscall_64+0xcd/0x490
[  963.437715][T16623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.437746][T16623] RIP: 0033:0x7f655438ebe9
[  963.437771][T16623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  963.437800][T16623] RSP: 002b:00007f6555194038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  963.437830][T16623] RAX: ffffffffffffffda RBX: 00007f65545b5fa0 RCX: 00007f655438ebe9
[  963.437851][T16623] RDX: 00000000000002fb RSI: 0000200000000000 RDI: 0000000000000003
[  963.437870][T16623] RBP: 00007f6555194090 R08: 0000000000000000 R09: 0000000000000000
[  963.437889][T16623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  963.437907][T16623] R13: 00007f65545b6038 R14: 00007f65545b5fa0 R15: 00007fff6e3afbe8
[  963.437947][T16623]  </TASK>
[  963.999649][T16631] blktrace: Concurrent blktraces are not allowed on loop2
[  964.864382][T16640] FAULT_INJECTION: forcing a failure.
[  964.864382][T16640] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  964.889103][T16640] CPU: 1 UID: 0 PID: 16640 Comm: syz.3.2199 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  964.889132][T16640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  964.889142][T16640] Call Trace:
[  964.889150][T16640]  <TASK>
[  964.889157][T16640]  dump_stack_lvl+0x16c/0x1f0
[  964.889186][T16640]  should_fail_ex+0x512/0x640
[  964.889214][T16640]  should_fail_alloc_page+0xe7/0x130
[  964.889241][T16640]  prepare_alloc_pages+0x3c2/0x610
[  964.889269][T16640]  ? rcu_is_watching+0x12/0xc0
[  964.889291][T16640]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  964.889315][T16640]  ? __lock_acquire+0xb97/0x1ce0
[  964.889348][T16640]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  964.889373][T16640]  ? do_raw_spin_lock+0x12c/0x2b0
[  964.889402][T16640]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  964.889430][T16640]  ? find_held_lock+0x2b/0x80
[  964.889453][T16640]  ? __lock_acquire+0xb97/0x1ce0
[  964.889477][T16640]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  964.889506][T16640]  ? policy_nodemask+0xea/0x4e0
[  964.889532][T16640]  alloc_pages_mpol+0x1fb/0x550
[  964.889557][T16640]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  964.889596][T16640]  folio_alloc_mpol_noprof+0x36/0x2f0
[  964.889652][T16640]  shmem_alloc_folio+0x135/0x160
[  964.889692][T16640]  shmem_alloc_and_add_folio+0x499/0xc20
[  964.889719][T16640]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  964.889743][T16640]  ? shmem_allowable_huge_orders+0xcb/0x2f0
[  964.889768][T16640]  shmem_get_folio_gfp+0x67f/0x1600
[  964.889794][T16640]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  964.889817][T16640]  ? __pfx_timestamp_truncate+0x10/0x10
[  964.889843][T16640]  shmem_fault+0x1fe/0xa30
[  964.889865][T16640]  ? __pfx_shmem_fault+0x10/0x10
[  964.889885][T16640]  ? __lock_acquire+0x62e/0x1ce0
[  964.889911][T16640]  ? __pfx___up_read+0x10/0x10
[  964.889936][T16640]  ? inode_to_bdi+0x9e/0x160
[  964.889964][T16640]  ? __pfx_filemap_map_pages+0x10/0x10
[  964.889985][T16640]  __do_fault+0x10a/0x490
[  964.890008][T16640]  ? __pfx_filemap_map_pages+0x10/0x10
[  964.890029][T16640]  do_pte_missing+0x1a6/0x3ba0
[  964.890048][T16640]  ? find_held_lock+0x2b/0x80
[  964.890066][T16640]  ? __handle_mm_fault+0x14fd/0x2a50
[  964.890088][T16640]  __handle_mm_fault+0x152a/0x2a50
[  964.890113][T16640]  ? __pfx___handle_mm_fault+0x10/0x10
[  964.890134][T16640]  ? __pte_offset_map_lock+0x174/0x310
[  964.890160][T16640]  ? find_held_lock+0x2b/0x80
[  964.890184][T16640]  ? follow_page_pte.constprop.0+0x5cf/0x1390
[  964.890217][T16640]  handle_mm_fault+0x589/0xd10
[  964.890240][T16640]  __get_user_pages+0x551/0x34a0
[  964.890274][T16640]  ? down_read_killable+0x220/0x4b0
[  964.890301][T16640]  ? __pfx___get_user_pages+0x10/0x10
[  964.890335][T16640]  faultin_page_range+0x338/0x940
[  964.890372][T16640]  madvise_do_behavior+0x34c/0x530
[  964.890401][T16640]  ? __pfx_madvise_do_behavior+0x10/0x10
[  964.890429][T16640]  ? down_read+0x13d/0x480
[  964.890465][T16640]  do_madvise+0x176/0x240
[  964.890490][T16640]  ? __pfx_do_madvise+0x10/0x10
[  964.890515][T16640]  ? do_futex+0x122/0x350
[  964.890554][T16640]  ? xfd_validate_state+0x61/0x180
[  964.890579][T16640]  ? __pfx_do_writev+0x10/0x10
[  964.890603][T16640]  __x64_sys_madvise+0xa9/0x110
[  964.890635][T16640]  ? lockdep_hardirqs_on+0x7c/0x110
[  964.890656][T16640]  do_syscall_64+0xcd/0x490
[  964.890682][T16640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  964.890701][T16640] RIP: 0033:0x7f655438ebe9
[  964.890716][T16640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  964.890736][T16640] RSP: 002b:00007f6555194038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  964.890754][T16640] RAX: ffffffffffffffda RBX: 00007f65545b5fa0 RCX: 00007f655438ebe9
[  964.890766][T16640] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[  964.890778][T16640] RBP: 00007f6554411e19 R08: 0000000000000000 R09: 0000000000000000
[  964.890789][T16640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  964.890799][T16640] R13: 00007f65545b6038 R14: 00007f65545b5fa0 R15: 00007fff6e3afbe8
[  964.890822][T16640]  </TASK>
[  966.682180][T16631] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  966.691584][T16631] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  966.698993][T16631] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  966.705926][T16631] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  966.712100][T13949] Bluetooth: hci0: command 0x0406 tx timeout
[  968.047649][T16662] FAULT_INJECTION: forcing a failure.
[  968.047649][T16662] name failslab, interval 1, probability 0, space 0, times 0
[  968.064394][T16662] CPU: 0 UID: 0 PID: 16662 Comm: syz.0.2205 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  968.064440][T16662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  968.064460][T16662] Call Trace:
[  968.064469][T16662]  <TASK>
[  968.064481][T16662]  dump_stack_lvl+0x16c/0x1f0
[  968.064525][T16662]  should_fail_ex+0x512/0x640
[  968.064565][T16662]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  968.064603][T16662]  should_failslab+0xc2/0x120
[  968.064643][T16662]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  968.064679][T16662]  ? __alloc_skb+0x2b2/0x380
[  968.064722][T16662]  __alloc_skb+0x2b2/0x380
[  968.064756][T16662]  ? __pfx___alloc_skb+0x10/0x10
[  968.064797][T16662]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  968.064845][T16662]  netlink_alloc_large_skb+0x69/0x130
[  968.064887][T16662]  netlink_sendmsg+0x6a1/0xdd0
[  968.064933][T16662]  ? __pfx_netlink_sendmsg+0x10/0x10
[  968.064979][T16662]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  968.065019][T16662]  sock_write_iter+0x4ff/0x5b0
[  968.065066][T16662]  ? __pfx_sock_write_iter+0x10/0x10
[  968.065125][T16662]  ? bpf_lsm_file_permission+0x9/0x10
[  968.065167][T16662]  ? security_file_permission+0x71/0x210
[  968.065207][T16662]  ? rw_verify_area+0xcf/0x6c0
[  968.065241][T16662]  vfs_write+0x7d0/0x11d0
[  968.065276][T16662]  ? __pfx_sock_write_iter+0x10/0x10
[  968.065334][T16662]  ? __pfx_vfs_write+0x10/0x10
[  968.065365][T16662]  ? find_held_lock+0x2b/0x80
[  968.065427][T16662]  ksys_write+0x1f8/0x250
[  968.065461][T16662]  ? __pfx_ksys_write+0x10/0x10
[  968.065505][T16662]  do_syscall_64+0xcd/0x490
[  968.065551][T16662]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  968.065580][T16662] RIP: 0033:0x7fdb87d8ebe9
[  968.065604][T16662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  968.065632][T16662] RSP: 002b:00007fdb88b31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  968.065660][T16662] RAX: ffffffffffffffda RBX: 00007fdb87fb5fa0 RCX: 00007fdb87d8ebe9
[  968.065680][T16662] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003
[  968.065698][T16662] RBP: 00007fdb88b31090 R08: 0000000000000000 R09: 0000000000000000
[  968.065716][T16662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  968.065734][T16662] R13: 00007fdb87fb6038 R14: 00007fdb87fb5fa0 R15: 00007ffc97ebb958
[  968.065774][T16662]  </TASK>
[  968.302211][    C0] vkms_vblank_simulate: vblank timer overrun
[  968.707946][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  968.717844][T13949] Bluetooth: hci2: command 0x0406 tx timeout
[  968.723979][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  969.706500][T16690] blktrace: Concurrent blktraces are not allowed on loop2
[  970.282904][T16694] openvswitch: netlink: IP tunnel dst address not specified
[  970.946519][T16708] nbd: nbd7 already in use
[  970.984123][T16708] FAULT_INJECTION: forcing a failure.
[  970.984123][T16708] name failslab, interval 1, probability 0, space 0, times 0
[  971.067958][T16708] CPU: 0 UID: 0 PID: 16708 Comm: syz.2.2216 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  971.067986][T16708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  971.067997][T16708] Call Trace:
[  971.068004][T16708]  <TASK>
[  971.068012][T16708]  dump_stack_lvl+0x16c/0x1f0
[  971.068040][T16708]  should_fail_ex+0x512/0x640
[  971.068065][T16708]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  971.068091][T16708]  should_failslab+0xc2/0x120
[  971.068116][T16708]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  971.068139][T16708]  ? __alloc_skb+0x2b2/0x380
[  971.068164][T16708]  __alloc_skb+0x2b2/0x380
[  971.068186][T16708]  ? __pfx___alloc_skb+0x10/0x10
[  971.068208][T16708]  ? genl_rcv_msg+0x4bb/0x800
[  971.068241][T16708]  netlink_ack+0x15d/0xb80
[  971.068272][T16708]  netlink_rcv_skb+0x332/0x420
[  971.068297][T16708]  ? __pfx_genl_rcv_msg+0x10/0x10
[  971.068326][T16708]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  971.068360][T16708]  ? netlink_deliver_tap+0x1ae/0xd30
[  971.068386][T16708]  genl_rcv+0x28/0x40
[  971.068411][T16708]  netlink_unicast+0x5a7/0x870
[  971.068438][T16708]  ? __pfx_netlink_unicast+0x10/0x10
[  971.068463][T16708]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  971.068485][T16708]  ? __lock_acquire+0xb97/0x1ce0
[  971.068516][T16708]  netlink_sendmsg+0x8d1/0xdd0
[  971.068544][T16708]  ? __pfx_netlink_sendmsg+0x10/0x10
[  971.068571][T16708]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  971.068603][T16708]  ____sys_sendmsg+0xa95/0xc70
[  971.068633][T16708]  ? copy_msghdr_from_user+0x10a/0x160
[  971.068657][T16708]  ? __pfx_____sys_sendmsg+0x10/0x10
[  971.068696][T16708]  ___sys_sendmsg+0x134/0x1d0
[  971.068721][T16708]  ? __pfx____sys_sendmsg+0x10/0x10
[  971.068764][T16708]  ? __mutex_unlock_slowpath+0x140/0x800
[  971.068795][T16708]  __sys_sendmsg+0x16d/0x220
[  971.068819][T16708]  ? __pfx___sys_sendmsg+0x10/0x10
[  971.068856][T16708]  do_syscall_64+0xcd/0x490
[  971.068882][T16708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.068901][T16708] RIP: 0033:0x7f9c7a78ebe9
[  971.068917][T16708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.068935][T16708] RSP: 002b:00007f9c7b5b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  971.068954][T16708] RAX: ffffffffffffffda RBX: 00007f9c7a9b5fa0 RCX: 00007f9c7a78ebe9
[  971.068966][T16708] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000007
[  971.068977][T16708] RBP: 00007f9c7b5b7090 R08: 0000000000000000 R09: 0000000000000000
[  971.068988][T16708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.069000][T16708] R13: 00007f9c7a9b6038 R14: 00007f9c7a9b5fa0 R15: 00007fffe71033c8
[  971.069022][T16708]  </TASK>
[  971.339809][    C0] vkms_vblank_simulate: vblank timer overrun
[  971.359612][T16706] random: crng reseeded on system resumption
[  971.456943][T16708] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2216'.
[  972.448836][T16718] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2217'.
[  973.462952][T16729] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2221'.
[  973.478451][T16729] netlink: 298 bytes leftover after parsing attributes in process `syz.0.2221'.
[  973.686237][T16732] sp0: Synchronizing with TNC
[  975.765795][T16761] random: crng reseeded on system resumption
[  976.779919][T16781] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2232'.
[  976.941829][T16781] netlink: 222 bytes leftover after parsing attributes in process `syz.1.2232'.
[  977.728811][T16796] blktrace: Concurrent blktraces are not allowed on loop2
[  977.836599][T16798] nbd: nbd7 already in use
[  978.401221][T16798] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2238'.
[  979.072373][T16812] binder: 16811:16812 unknown command 4
[  979.102714][T16812] binder: 16811:16812 ioctl c0306201 0 returned -22
[  979.982281][ T5874] Bluetooth: hci0: command 0x0406 tx timeout
[  980.001159][T16796] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  980.047484][T16796] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  980.061518][T16796] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  980.084387][T16796] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  980.517107][T16822] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2242'.
[  981.266045][T16837] FAULT_INJECTION: forcing a failure.
[  981.266045][T16837] name fail_futex, interval 1, probability 0, space 0, times 0
[  981.317229][T16839] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2246'.
[  981.340137][T16839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2246'.
[  981.358340][T16837] CPU: 1 UID: 0 PID: 16837 Comm: syz.1.2245 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[  981.358388][T16837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  981.358407][T16837] Call Trace:
[  981.358418][T16837]  <TASK>
[  981.358431][T16837]  dump_stack_lvl+0x16c/0x1f0
[  981.358470][T16837]  should_fail_ex+0x512/0x640
[  981.358507][T16837]  get_futex_key+0x1d0/0x1560
[  981.358542][T16837]  ? __pfx_get_futex_key+0x10/0x10
[  981.358583][T16837]  futex_wake+0xea/0x530
[  981.358615][T16837]  ? __might_fault+0xe3/0x190
[  981.358676][T16837]  ? __might_fault+0x13b/0x190
[  981.358706][T16837]  ? __pfx_futex_wake+0x10/0x10
[  981.358749][T16837]  ? poll_select_finish+0x377/0x6b0
[  981.358779][T16837]  do_futex+0x1e3/0x350
[  981.358810][T16837]  ? __pfx_do_futex+0x10/0x10
[  981.358848][T16837]  __x64_sys_futex+0x1e0/0x4c0
[  981.358884][T16837]  ? __pfx___x64_sys_futex+0x10/0x10
[  981.358915][T16837]  ? xfd_validate_state+0x61/0x180
[  981.358949][T16837]  ? __pfx_ksys_write+0x10/0x10
[  981.358986][T16837]  do_syscall_64+0xcd/0x490
[  981.359018][T16837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.359042][T16837] RIP: 0033:0x7f9a6758ebe9
[  981.359062][T16837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  981.359085][T16837] RSP: 002b:00007f9a683a70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  981.359108][T16837] RAX: ffffffffffffffda RBX: 00007f9a677b5fa8 RCX: 00007f9a6758ebe9
[  981.359124][T16837] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9a677b5fac
[  981.359139][T16837] RBP: 00007f9a677b5fa0 R08: 00007f9a683a8000 R09: 0000000000000000
[  981.359154][T16837] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  981.359169][T16837] R13: 00007f9a677b6038 R14: 00007ffd9e38ceb0 R15: 00007ffd9e38cf98
[  981.359208][T16837]  </TASK>
[  981.370713][T16839] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2246'.
[  982.061177][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  982.061242][ T5874] Bluetooth: hci1: command 0x0406 tx timeout
[  982.142201][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  982.538645][T16850] random: crng reseeded on system resumption
[  982.622347][T16852] nbd: nbd7 already in use
[  982.812345][T16854] synth uevent: /devices/platform/dummy_hcd.3/usb4/ep_00: unknown uevent action string
[  982.956041][T16854]  ep_00: uevent: failed to send synthetic uevent: -22
[  983.064001][T16855] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2248'.
[  983.620019][T16868] blktrace: Concurrent blktraces are not allowed on loop2
[  983.743413][T16871] blktrace: Concurrent blktraces are not allowed on loop2
[  985.846283][T16868] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  985.864901][T16868] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  985.878792][T16868] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  985.899874][T16868] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  986.059538][ T5873] Bluetooth: hci0: command 0x0406 tx timeout
[  986.270655][T16897] random: crng reseeded on system resumption
[  986.524252][T16904] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2261'.
[  987.641029][T16913] nbd: nbd7 already in use
[  987.899011][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  987.905134][T13949] Bluetooth: hci1: command 0x0406 tx timeout
[  987.911391][ T5873] Bluetooth: hci3: command 0x0406 tx timeout
[  988.030016][T16918] random: crng reseeded on system resumption
[  988.211070][T16917] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2263'.
[  989.288500][T16941] blktrace: Concurrent blktraces are not allowed on loop2
[  992.135111][T16962] random: crng reseeded on system resumption
[  992.228136][T16961] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2270'.
[  993.105285][T16977] random: crng reseeded on system resumption
[  993.872438][T16982] ubi: mtd0 is already attached to ubi0
[  996.087703][T17010] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2284'.
[  996.118797][T17010] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2284'.
[  996.516969][T17020] random: crng reseeded on system resumption
[  998.149476][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  998.156176][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  998.371456][T17043] random: crng reseeded on system resumption
[ 1000.755464][   T30] audit: type=1800 audit(1754906150.557:11): pid=17086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2299" name="discovery_nqn" dev="configfs" ino=61640 res=0 errno=0
[ 1000.858431][T17084] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2298'.
[ 1002.343405][T17124] random: crng reseeded on system resumption
[ 1005.197464][T17157] random: crng reseeded on system resumption
[ 1006.157003][T17165] random: crng reseeded on system resumption
[ 1008.010052][T17193] random: crng reseeded on system resumption
[ 1008.317701][ T5873] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[ 1008.325440][ T5873] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff
[ 1009.786643][ T5873] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1009.802563][ T5873] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1009.817921][ T5873] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1009.827690][ T5873] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1009.835237][ T5873] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1010.118469][T17219] random: crng reseeded on system resumption
[ 1010.503199][ T1315] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1010.771695][ T1315] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1010.899513][ T1315] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1011.046339][   T30] audit: type=1800 audit(1754906160.852:12): pid=17234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2331" name="discovery_nqn" dev="configfs" ino=63140 res=0 errno=0
[ 1011.103651][ T1315] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1011.328712][T17230] rtc_cmos 00:00: Alarms can be up to one day in the future
[ 1011.621100][T17218] chnl_net:caif_netlink_parms(): no params data found
[ 1011.967066][ T5873] Bluetooth: hci4: command tx timeout
[ 1012.482024][ T1315] bridge_slave_1: left allmulticast mode
[ 1012.504123][ T1315] bridge_slave_1: left promiscuous mode
[ 1012.511884][ T1315] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1012.554037][ T1315] bridge_slave_0: left allmulticast mode
[ 1012.565948][ T1315] bridge_slave_0: left promiscuous mode
[ 1012.582466][ T1315] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1013.649143][ T1315] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1013.676654][ T1315] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1013.701875][ T1315] bond0 (unregistering): Released all slaves
[ 1014.045209][ T5873] Bluetooth: hci4: command tx timeout
[ 1014.329718][T17218] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1014.341518][T17218] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1014.351892][T17218] bridge_slave_0: entered allmulticast mode
[ 1014.362687][T17280] FAULT_INJECTION: forcing a failure.
[ 1014.362687][T17280] name failslab, interval 1, probability 0, space 0, times 0
[ 1014.363916][T17218] bridge_slave_0: entered promiscuous mode
[ 1014.381290][T17280] CPU: 1 UID: 0 PID: 17280 Comm: syz.1.2338 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1014.381328][T17280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1014.381344][T17280] Call Trace:
[ 1014.381354][T17280]  <TASK>
[ 1014.381364][T17280]  dump_stack_lvl+0x16c/0x1f0
[ 1014.381404][T17280]  should_fail_ex+0x512/0x640
[ 1014.381446][T17280]  should_failslab+0xc2/0x120
[ 1014.381482][T17280]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1014.381515][T17280]  ? skb_clone+0x190/0x3f0
[ 1014.381555][T17280]  skb_clone+0x190/0x3f0
[ 1014.381592][T17280]  netlink_deliver_tap+0xabd/0xd30
[ 1014.381634][T17280]  netlink_unicast+0x64c/0x870
[ 1014.381674][T17280]  ? __pfx_netlink_unicast+0x10/0x10
[ 1014.381731][T17280]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1014.381763][T17280]  ? __lock_acquire+0xb97/0x1ce0
[ 1014.381809][T17280]  netlink_sendmsg+0x8d1/0xdd0
[ 1014.381859][T17280]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1014.381898][T17280]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1014.381933][T17280]  ____sys_sendmsg+0xa95/0xc70
[ 1014.381974][T17280]  ? copy_msghdr_from_user+0x10a/0x160
[ 1014.382007][T17280]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1014.382066][T17280]  ___sys_sendmsg+0x134/0x1d0
[ 1014.382102][T17280]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1014.382172][T17280]  ? __mutex_unlock_slowpath+0x140/0x800
[ 1014.382217][T17280]  __sys_sendmsg+0x16d/0x220
[ 1014.382251][T17280]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1014.382311][T17280]  do_syscall_64+0xcd/0x490
[ 1014.382348][T17280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1014.382375][T17280] RIP: 0033:0x7f9a6758ebe9
[ 1014.382397][T17280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1014.382424][T17280] RSP: 002b:00007f9a683a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1014.382450][T17280] RAX: ffffffffffffffda RBX: 00007f9a677b5fa0 RCX: 00007f9a6758ebe9
[ 1014.382469][T17280] RDX: 0000000000000084 RSI: 0000200000000c40 RDI: 0000000000000003
[ 1014.382486][T17280] RBP: 00007f9a683a7090 R08: 0000000000000000 R09: 0000000000000000
[ 1014.382503][T17280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1014.382520][T17280] R13: 00007f9a677b6038 R14: 00007f9a677b5fa0 R15: 00007ffd9e38cf98
[ 1014.382557][T17280]  </TASK>
[ 1014.642227][T17218] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1014.663189][T17218] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1014.680845][T17218] bridge_slave_1: entered allmulticast mode
[ 1014.693728][T17218] bridge_slave_1: entered promiscuous mode
[ 1014.947960][T17218] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1015.014447][T17218] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1015.278619][T17218] team0: Port device team_slave_0 added
[ 1015.325686][T17218] team0: Port device team_slave_1 added
[ 1015.598447][T17218] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1015.625090][T17218] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1015.694621][T17218] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1015.771771][T17218] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1015.814270][T17218] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1015.904369][T17218] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1016.124107][ T5873] Bluetooth: hci4: command tx timeout
[ 1016.381442][T17218] hsr_slave_0: entered promiscuous mode
[ 1016.402655][T17218] hsr_slave_1: entered promiscuous mode
[ 1016.414442][T17218] debugfs: 'hsr0' already exists in 'hsr'
[ 1016.423571][T17218] Cannot create hsr debugfs directory
[ 1016.465846][T17305] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2340'.
[ 1017.290456][T17316] random: crng reseeded on system resumption
[ 1017.329684][ T1315] hsr_slave_0: left promiscuous mode
[ 1017.335764][ T1315] hsr_slave_1: left promiscuous mode
[ 1017.344556][ T1315] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1017.352065][ T1315] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1017.389190][ T1315] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1017.450734][ T1315] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1017.591867][ T1315] veth1_macvtap: left promiscuous mode
[ 1017.597960][ T1315] veth0_macvtap: left promiscuous mode
[ 1017.604861][ T1315] veth1_vlan: left promiscuous mode
[ 1017.611024][ T1315] veth0_vlan: left promiscuous mode
[ 1018.204657][ T5873] Bluetooth: hci4: command tx timeout
[ 1018.586576][ T1315] team0 (unregistering): Port device team_slave_1 removed
[ 1018.639747][ T1315] team0 (unregistering): Port device team_slave_0 removed
[ 1020.767958][T17348] random: crng reseeded on system resumption
[ 1021.302940][T17218] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1021.374689][T17218] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1021.450742][T17218] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1021.482417][T17218] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1021.808055][T17218] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1021.894967][T17218] 8021q: adding VLAN 0 to HW filter on device team0
[ 1021.950773][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1021.958056][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1022.029990][ T7809] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1022.038052][ T7809] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1022.408457][T17379] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2349'.
[ 1022.544084][T17372] random: crng reseeded on system resumption
[ 1023.749704][T17218] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1024.034225][T17218] veth0_vlan: entered promiscuous mode
[ 1024.100947][T17218] veth1_vlan: entered promiscuous mode
[ 1024.356480][T17218] veth0_macvtap: entered promiscuous mode
[ 1024.424095][T17218] veth1_macvtap: entered promiscuous mode
[ 1024.447409][T17408] random: crng reseeded on system resumption
[ 1024.477542][T17412] blktrace: Concurrent blktraces are not allowed on loop2
[ 1024.538622][T17218] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1024.687831][T17218] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1025.049050][ T1315] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.109919][ T1315] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.145271][ T1315] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.174129][ T1315] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1025.807874][ T7809] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1025.864915][ T7809] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1026.053481][ T1315] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1026.072327][ T1315] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1027.790641][T17460] aoe: invalid device specification 
[ 1027.797640][T17460] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2357'.
[ 1027.877356][T17462] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2359'.
[ 1028.662477][T17497] FAULT_INJECTION: forcing a failure.
[ 1028.662477][T17497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1028.686672][T17497] CPU: 1 UID: 0 PID: 17497 Comm: syz.1.2366 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1028.686711][T17497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1028.686730][T17497] Call Trace:
[ 1028.686737][T17497]  <TASK>
[ 1028.686745][T17497]  dump_stack_lvl+0x16c/0x1f0
[ 1028.686773][T17497]  should_fail_ex+0x512/0x640
[ 1028.686802][T17497]  _copy_to_user+0x32/0xd0
[ 1028.686833][T17497]  poll_select_finish+0x33a/0x6b0
[ 1028.686854][T17497]  ? __pfx_poll_select_finish+0x10/0x10
[ 1028.686876][T17497]  ? read_tsc+0x9/0x20
[ 1028.686896][T17497]  ? ktime_get_ts64+0x256/0x400
[ 1028.686925][T17497]  kern_select+0x16e/0x1e0
[ 1028.686943][T17497]  ? __pfx_kern_select+0x10/0x10
[ 1028.686967][T17497]  ? xfd_validate_state+0x61/0x180
[ 1028.686996][T17497]  ? __pfx_ksys_write+0x10/0x10
[ 1028.687021][T17497]  __x64_sys_select+0xbd/0x160
[ 1028.687039][T17497]  ? do_syscall_64+0x91/0x490
[ 1028.687061][T17497]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1028.687082][T17497]  do_syscall_64+0xcd/0x490
[ 1028.687106][T17497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1028.687125][T17497] RIP: 0033:0x7f9a6758ebe9
[ 1028.687140][T17497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1028.687159][T17497] RSP: 002b:00007f9a683a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 1028.687176][T17497] RAX: ffffffffffffffda RBX: 00007f9a677b5fa0 RCX: 00007f9a6758ebe9
[ 1028.687189][T17497] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000005
[ 1028.687200][T17497] RBP: 00007f9a67611e19 R08: 00002000000001c0 R09: 0000000000000000
[ 1028.687211][T17497] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000000
[ 1028.687222][T17497] R13: 00007f9a677b6038 R14: 00007f9a677b5fa0 R15: 00007ffd9e38cf98
[ 1028.687244][T17497]  </TASK>

syzkaller
syzkaller login: [ 1029.908850][T17515] random: crng reseeded on system resumption
[ 1030.206682][T17530] blktrace: Concurrent blktraces are not allowed on loop2
[ 1030.859084][T17539] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2370'.
[ 1030.870682][T17545] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1030.906353][T17546] ICMPv6: process `syz.0.2371' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[ 1031.098498][T17547] FAULT_INJECTION: forcing a failure.
[ 1031.098498][T17547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1031.135802][T17547] CPU: 0 UID: 0 PID: 17547 Comm: syz.0.2371 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1031.135843][T17547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1031.135860][T17547] Call Trace:
[ 1031.135869][T17547]  <TASK>
[ 1031.135878][T17547]  dump_stack_lvl+0x16c/0x1f0
[ 1031.135907][T17547]  should_fail_ex+0x512/0x640
[ 1031.135936][T17547]  _copy_from_user+0x2e/0xd0
[ 1031.135969][T17547]  snd_rawmidi_kernel_write1+0x50a/0x8a0
[ 1031.136010][T17547]  snd_rawmidi_write+0x26e/0xc10
[ 1031.136034][T17547]  ? __pfx_snd_rawmidi_write+0x10/0x10
[ 1031.136055][T17547]  ? __pfx_default_wake_function+0x10/0x10
[ 1031.136077][T17547]  ? bpf_lsm_file_permission+0x9/0x10
[ 1031.136104][T17547]  ? security_file_permission+0x71/0x210
[ 1031.136130][T17547]  ? rw_verify_area+0xcf/0x6c0
[ 1031.136150][T17547]  ? __pfx_snd_rawmidi_write+0x10/0x10
[ 1031.136169][T17547]  vfs_write+0x29d/0x11d0
[ 1031.136194][T17547]  ? __pfx_vfs_write+0x10/0x10
[ 1031.136214][T17547]  ? find_held_lock+0x2b/0x80
[ 1031.136233][T17547]  ? __fget_files+0x204/0x3c0
[ 1031.136256][T17547]  ? __fget_files+0x20e/0x3c0
[ 1031.136281][T17547]  ksys_write+0x1f8/0x250
[ 1031.136302][T17547]  ? __pfx_ksys_write+0x10/0x10
[ 1031.136330][T17547]  do_syscall_64+0xcd/0x490
[ 1031.136356][T17547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1031.136374][T17547] RIP: 0033:0x7fdb87d8ebe9
[ 1031.136390][T17547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1031.136409][T17547] RSP: 002b:00007fdb85ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1031.136427][T17547] RAX: ffffffffffffffda RBX: 00007fdb87fb6180 RCX: 00007fdb87d8ebe9
[ 1031.136449][T17547] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 0000000000000008
[ 1031.136466][T17547] RBP: 00007fdb85ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1031.136484][T17547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1031.136501][T17547] R13: 00007fdb87fb6218 R14: 00007fdb87fb6180 R15: 00007ffc97ebb958
[ 1031.136529][T17547]  </TASK>
[ 1031.338255][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1032.291117][T17573] aoe: invalid device specification 
[ 1032.308141][T17573] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2377'.
[ 1033.512542][T17596] random: crng reseeded on system resumption
[ 1035.158247][T17614] blktrace: Concurrent blktraces are not allowed on loop2
[ 1035.895629][T17619] random: crng reseeded on system resumption
[ 1036.181210][ T5874] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1036.190349][ T5874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1036.200475][ T5874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1036.210474][ T5874] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1036.222836][ T5874] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1037.220209][T17642] FAULT_INJECTION: forcing a failure.
[ 1037.220209][T17642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1037.243933][T17642] CPU: 0 UID: 0 PID: 17642 Comm: syz.3.2393 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1037.243975][T17642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1037.243994][T17642] Call Trace:
[ 1037.244002][T17642]  <TASK>
[ 1037.244010][T17642]  dump_stack_lvl+0x16c/0x1f0
[ 1037.244038][T17642]  should_fail_ex+0x512/0x640
[ 1037.244067][T17642]  core_sys_select+0x4c5/0xc10
[ 1037.244093][T17642]  ? __pfx_core_sys_select+0x10/0x10
[ 1037.244135][T17642]  ? read_tsc+0x9/0x20
[ 1037.244156][T17642]  ? ktime_get_ts64+0x256/0x400
[ 1037.244184][T17642]  kern_select+0x15d/0x1e0
[ 1037.244204][T17642]  ? __pfx_kern_select+0x10/0x10
[ 1037.244225][T17642]  ? xfd_validate_state+0x61/0x180
[ 1037.244252][T17642]  ? __pfx_ksys_write+0x10/0x10
[ 1037.244277][T17642]  __x64_sys_select+0xbd/0x160
[ 1037.244296][T17642]  ? do_syscall_64+0x91/0x490
[ 1037.244318][T17642]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1037.244339][T17642]  do_syscall_64+0xcd/0x490
[ 1037.244363][T17642]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1037.244382][T17642] RIP: 0033:0x7f4c9318ebe9
[ 1037.244397][T17642] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1037.244415][T17642] RSP: 002b:00007f4c9408a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 1037.244433][T17642] RAX: ffffffffffffffda RBX: 00007f4c933b5fa0 RCX: 00007f4c9318ebe9
[ 1037.244450][T17642] RDX: 00002000000005c0 RSI: 0000000000000000 RDI: 0000000000000005
[ 1037.244462][T17642] RBP: 00007f4c93211e19 R08: 00002000000001c0 R09: 0000000000000000
[ 1037.244473][T17642] R10: 00002000000006c0 R11: 0000000000000246 R12: 0000000000000000
[ 1037.244484][T17642] R13: 00007f4c933b6038 R14: 00007f4c933b5fa0 R15: 00007ffd9f4782e8
[ 1037.244507][T17642]  </TASK>
[ 1037.427839][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1037.492211][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.128793][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.247185][T17624] chnl_net:caif_netlink_parms(): no params data found
[ 1038.282263][ T5874] Bluetooth: hci2: command tx timeout
[ 1038.447379][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.670304][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.896324][T17624] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1038.905236][T17624] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1038.909676][T17661] FAULT_INJECTION: forcing a failure.
[ 1038.909676][T17661] name failslab, interval 1, probability 0, space 0, times 0
[ 1038.912471][T17624] bridge_slave_0: entered allmulticast mode

syzkaller
syzkaller login: [ 1038.940028][T17624] bridge_slave_0: entered promiscuous mode
[ 1038.945195][T17661] CPU: 0 UID: 0 PID: 17661 Comm: syz.3.2395 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1038.945235][T17661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1038.945252][T17661] Call Trace:
[ 1038.945262][T17661]  <TASK>
[ 1038.945273][T17661]  dump_stack_lvl+0x16c/0x1f0
[ 1038.945312][T17661]  should_fail_ex+0x512/0x640
[ 1038.945347][T17661]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1038.945387][T17661]  should_failslab+0xc2/0x120
[ 1038.945422][T17661]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1038.945455][T17661]  ? __register_sysctl_table+0x73b/0x1900
[ 1038.945495][T17661]  ? register_ip_vs_app+0x17a/0x370
[ 1038.945535][T17661]  kmemdup_noprof+0x29/0x60
[ 1038.945568][T17661]  register_ip_vs_app+0x17a/0x370
[ 1038.945604][T17661]  __ip_vs_ftp_init+0x60/0x220
[ 1038.945644][T17661]  ? __ip_vs_lblcr_init+0x189/0x330
[ 1038.945674][T17661]  ? __pfx___ip_vs_ftp_init+0x10/0x10
[ 1038.945706][T17661]  ops_init+0x1e2/0x5f0
[ 1038.945745][T17661]  setup_net+0x10f/0x380
[ 1038.945777][T17661]  ? lockdep_init_map_type+0x5c/0x280
[ 1038.945814][T17661]  ? __pfx_setup_net+0x10/0x10
[ 1038.945850][T17661]  ? debug_mutex_init+0x37/0x70
[ 1038.945882][T17661]  copy_net_ns+0x2a6/0x5f0
[ 1038.945925][T17661]  create_new_namespaces+0x3ea/0xa90
[ 1038.945970][T17661]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1038.946007][T17661]  ksys_unshare+0x45b/0xa40
[ 1038.946051][T17661]  ? __pfx_ksys_unshare+0x10/0x10
[ 1038.946094][T17661]  ? xfd_validate_state+0x61/0x180
[ 1038.946158][T17661]  __x64_sys_unshare+0x31/0x40
[ 1038.946201][T17661]  do_syscall_64+0xcd/0x490
[ 1038.946244][T17661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.946273][T17661] RIP: 0033:0x7f4c9318ebe9
[ 1038.946296][T17661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1038.946322][T17661] RSP: 002b:00007f4c9408a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1038.946349][T17661] RAX: ffffffffffffffda RBX: 00007f4c933b5fa0 RCX: 00007f4c9318ebe9
[ 1038.946369][T17661] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1038.946385][T17661] RBP: 00007f4c93211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1038.946402][T17661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1038.946418][T17661] R13: 00007f4c933b6038 R14: 00007f4c933b5fa0 R15: 00007ffd9f4782e8
[ 1038.946455][T17661]  </TASK>
[ 1039.232835][T17624] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1039.241860][T17624] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1039.249251][T17624] bridge_slave_1: entered allmulticast mode
[ 1039.259860][T17624] bridge_slave_1: entered promiscuous mode
[ 1039.483806][T17624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1039.538980][   T49] bridge_slave_1: left allmulticast mode
[ 1039.550985][   T49] bridge_slave_1: left promiscuous mode
[ 1039.557977][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1039.571986][   T49] bridge_slave_0: left allmulticast mode
[ 1039.579042][   T49] bridge_slave_0: left promiscuous mode
[ 1039.585234][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1040.176307][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1040.190603][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1040.201762][   T49] bond0 (unregistering): Released all slaves
[ 1040.220846][T17624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1040.352845][ T5874] Bluetooth: hci2: command tx timeout
[ 1040.388212][T17624] team0: Port device team_slave_0 added
[ 1040.420961][T17624] team0: Port device team_slave_1 added
[ 1040.477196][T17624] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1040.485127][T17624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1040.518155][T17624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1040.589891][T17624] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1040.597558][T17624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1040.626538][T17624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1040.824090][T17624] hsr_slave_0: entered promiscuous mode
[ 1040.842922][T17624] hsr_slave_1: entered promiscuous mode
[ 1041.455106][T17694] random: crng reseeded on system resumption
[ 1041.881735][T17703] blktrace: Concurrent blktraces are not allowed on loop2
[ 1042.435520][ T5874] Bluetooth: hci2: command tx timeout
[ 1042.508712][T17712] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2401'.
[ 1042.829847][T17716] kafs: addr_prefs: Too many elements in string
[ 1043.825269][T17624] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1043.897969][T17624] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1044.101967][T17624] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1044.160307][   T49] hsr_slave_0: left promiscuous mode
[ 1044.170471][   T49] hsr_slave_1: left promiscuous mode
[ 1044.188082][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1044.218206][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1044.293821][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1044.319948][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1044.367666][   T49] veth1_macvtap: left promiscuous mode
[ 1044.390008][   T49] veth0_macvtap: left promiscuous mode
[ 1044.404903][   T49] veth1_vlan: left promiscuous mode
[ 1044.418083][   T49] veth0_vlan: left promiscuous mode
[ 1044.513120][ T5874] Bluetooth: hci2: command tx timeout
[ 1045.504826][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 1045.618438][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 1046.672951][T17624] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1047.093486][T17624] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1047.152445][T17624] 8021q: adding VLAN 0 to HW filter on device team0
[ 1047.205573][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1047.212823][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1047.255444][T17790] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2410'.
[ 1047.285662][ T1315] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1047.292910][ T1315] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1047.718546][T17800] blktrace: Concurrent blktraces are not allowed on loop2
[ 1048.366711][T17624] 8021q: adding VLAN 0 to HW filter on device batadv0

syzkaller
syzkaller login: [ 1049.115195][T17624] veth0_vlan: entered promiscuous mode
[ 1049.209728][T17624] veth1_vlan: entered promiscuous mode
[ 1049.453188][T17624] veth0_macvtap: entered promiscuous mode
[ 1049.497386][T17624] veth1_macvtap: entered promiscuous mode
[ 1049.542782][T17624] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1049.573741][T17624] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1049.621700][ T1315] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.667981][ T1315] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.694814][ T1315] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.735362][ T1315] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1049.961900][ T1315] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1050.000367][ T1315] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1050.001036][T17837] FAULT_INJECTION: forcing a failure.
[ 1050.001036][T17837] name failslab, interval 1, probability 0, space 0, times 0
[ 1050.038040][T17837] CPU: 0 UID: 0 PID: 17837 Comm: syz.3.2418 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1050.038078][T17837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1050.038096][T17837] Call Trace:
[ 1050.038107][T17837]  <TASK>
[ 1050.038120][T17837]  dump_stack_lvl+0x16c/0x1f0
[ 1050.038161][T17837]  should_fail_ex+0x512/0x640
[ 1050.038199][T17837]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1050.038237][T17837]  should_failslab+0xc2/0x120
[ 1050.038276][T17837]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1050.038313][T17837]  ? __d_alloc+0x32/0xae0
[ 1050.038355][T17837]  __d_alloc+0x32/0xae0
[ 1050.038396][T17837]  d_alloc_parallel+0x111/0x1480
[ 1050.038457][T17837]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1050.038503][T17837]  ? register_lock_class+0x41/0x4c0
[ 1050.038545][T17837]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1050.038596][T17837]  ? lockdep_init_map_type+0x5c/0x280
[ 1050.038639][T17837]  ? lockdep_init_map_type+0x5c/0x280
[ 1050.038687][T17837]  __lookup_slow+0x193/0x460
[ 1050.038734][T17837]  ? __pfx___lookup_slow+0x10/0x10
[ 1050.038809][T17837]  ? lookup_fast+0x156/0x610
[ 1050.038846][T17837]  walk_component+0x353/0x5b0
[ 1050.038879][T17837]  path_lookupat+0x142/0x6d0
[ 1050.038917][T17837]  filename_lookup+0x224/0x5f0
[ 1050.038955][T17837]  ? __pfx_filename_lookup+0x10/0x10
[ 1050.039010][T17837]  ? __pfx_kfree_link+0x10/0x10
[ 1050.039063][T17837]  ? getname_kernel+0x52/0x370
[ 1050.039104][T17837]  ? __asan_memcpy+0x3c/0x60
[ 1050.039141][T17837]  kern_path+0x35/0x50
[ 1050.039173][T17837]  tomoyo_realpath_nofollow+0x87/0xf0
[ 1050.039216][T17837]  ? __pfx_tomoyo_realpath_nofollow+0x10/0x10
[ 1050.039256][T17837]  ? tomoyo_domain+0xbb/0x150
[ 1050.039284][T17837]  ? tomoyo_init_request_info+0x101/0x370
[ 1050.039319][T17837]  tomoyo_find_next_domain+0x2a8/0x20b0
[ 1050.039368][T17837]  ? __pfx_tomoyo_find_next_domain+0x10/0x10
[ 1050.039418][T17837]  tomoyo_bprm_check_security+0x12e/0x1d0
[ 1050.039472][T17837]  ? tomoyo_bprm_check_security+0x120/0x1d0
[ 1050.039522][T17837]  security_bprm_check+0x1b9/0x1e0
[ 1050.039553][T17837]  bprm_execve+0x81a/0x1640
[ 1050.039594][T17837]  ? __pfx_bprm_execve+0x10/0x10
[ 1050.039624][T17837]  ? copy_string_kernel+0x460/0x520
[ 1050.039665][T17837]  do_execveat_common.isra.0+0x4a5/0x610
[ 1050.039709][T17837]  __x64_sys_execveat+0xda/0x120
[ 1050.039746][T17837]  do_syscall_64+0xcd/0x490
[ 1050.039786][T17837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1050.039816][T17837] RIP: 0033:0x7f4c9318ebe9
[ 1050.039842][T17837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1050.039870][T17837] RSP: 002b:00007f4c94069038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[ 1050.039899][T17837] RAX: ffffffffffffffda RBX: 00007f4c933b6090 RCX: 00007f4c9318ebe9
[ 1050.039919][T17837] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000b
[ 1050.039937][T17837] RBP: 00007f4c94069090 R08: 0000000000001000 R09: 0000000000000000
[ 1050.039955][T17837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1050.039973][T17837] R13: 00007f4c933b6128 R14: 00007f4c933b6090 R15: 00007ffd9f4782e8
[ 1050.040016][T17837]  </TASK>
[ 1050.506160][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1050.514322][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1050.682257][T17842] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2420'.
[ 1051.440727][T17851] random: crng reseeded on system resumption
[ 1051.777971][T17865] FAULT_INJECTION: forcing a failure.
[ 1051.777971][T17865] name failslab, interval 1, probability 0, space 0, times 0
[ 1051.811070][T17865] CPU: 0 UID: 0 PID: 17865 Comm: syz.3.2426 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1051.811113][T17865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1051.811130][T17865] Call Trace:
[ 1051.811141][T17865]  <TASK>
[ 1051.811154][T17865]  dump_stack_lvl+0x16c/0x1f0
[ 1051.811195][T17865]  should_fail_ex+0x512/0x640
[ 1051.811234][T17865]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1051.811272][T17865]  should_failslab+0xc2/0x120
[ 1051.811313][T17865]  __kvmalloc_node_noprof+0x137/0x620
[ 1051.811349][T17865]  ? seq_read_iter+0x826/0x12c0
[ 1051.811387][T17865]  ? seq_read_iter+0x826/0x12c0
[ 1051.811414][T17865]  seq_read_iter+0x826/0x12c0
[ 1051.811461][T17865]  seq_read+0x3a3/0x570
[ 1051.811491][T17865]  ? __pfx_seq_read+0x10/0x10
[ 1051.811552][T17865]  full_proxy_read+0x12e/0x1a0
[ 1051.811597][T17865]  ? __pfx_full_proxy_read+0x10/0x10
[ 1051.811643][T17865]  vfs_read+0x1e4/0xcf0
[ 1051.811684][T17865]  ? __pfx___mutex_lock+0x10/0x10
[ 1051.811742][T17865]  ? __pfx_vfs_read+0x10/0x10
[ 1051.811788][T17865]  ? __fget_files+0x20e/0x3c0
[ 1051.811835][T17865]  ksys_read+0x12a/0x250
[ 1051.811868][T17865]  ? __pfx_ksys_read+0x10/0x10
[ 1051.811914][T17865]  do_syscall_64+0xcd/0x490
[ 1051.811954][T17865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.811984][T17865] RIP: 0033:0x7f4c9318ebe9
[ 1051.812015][T17865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1051.812043][T17865] RSP: 002b:00007f4c9408a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1051.812071][T17865] RAX: ffffffffffffffda RBX: 00007f4c933b5fa0 RCX: 00007f4c9318ebe9
[ 1051.812091][T17865] RDX: 0000000000000012 RSI: 0000200000000080 RDI: 0000000000000004
[ 1051.812109][T17865] RBP: 00007f4c9408a090 R08: 0000000000000000 R09: 0000000000000000
[ 1051.812128][T17865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1051.812147][T17865] R13: 00007f4c933b6038 R14: 00007f4c933b5fa0 R15: 00007ffd9f4782e8
[ 1051.812188][T17865]  </TASK>
[ 1052.071498][ T5873] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1052.097916][ T5873] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1052.107268][ T5873] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1052.119381][ T5873] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1052.174053][ T5873] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1052.335266][T17873] blktrace: Concurrent blktraces are not allowed on loop2
[ 1052.398815][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0

syzkaller
syzkaller login: [ 1052.701832][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.894429][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1053.022975][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1053.224793][T17888] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2430'.
[ 1053.388885][T17867] chnl_net:caif_netlink_parms(): no params data found
[ 1053.919981][   T12] bridge_slave_1: left allmulticast mode
[ 1053.950995][   T12] bridge_slave_1: left promiscuous mode
[ 1053.968150][T17903] random: crng reseeded on system resumption
[ 1053.974562][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1054.003199][   T12] bridge_slave_0: left allmulticast mode
[ 1054.022469][   T12] bridge_slave_0: left promiscuous mode
[ 1054.082488][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1054.276549][ T5873] Bluetooth: hci3: command tx timeout
[ 1055.228154][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1055.247732][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1055.268864][   T12] bond0 (unregistering): Released all slaves
[ 1055.542742][T17867] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1055.556216][T17867] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1055.563615][T17867] bridge_slave_0: entered allmulticast mode
[ 1055.571323][T17867] bridge_slave_0: entered promiscuous mode
[ 1055.636112][T17867] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1055.643239][T17867] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1055.661736][T17867] bridge_slave_1: entered allmulticast mode
[ 1055.669811][T17867] bridge_slave_1: entered promiscuous mode
[ 1055.890581][T17867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1056.007208][T17867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1056.313750][T17867] team0: Port device team_slave_0 added
[ 1056.354755][ T5873] Bluetooth: hci3: command tx timeout
[ 1056.407304][T17939] FAULT_INJECTION: forcing a failure.
[ 1056.407304][T17939] name failslab, interval 1, probability 0, space 0, times 0
[ 1056.420180][T17939] CPU: 0 UID: 0 PID: 17939 Comm: syz.3.2436 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1056.420221][T17939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1056.420238][T17939] Call Trace:
[ 1056.420249][T17939]  <TASK>
[ 1056.420260][T17939]  dump_stack_lvl+0x16c/0x1f0
[ 1056.420299][T17939]  should_fail_ex+0x512/0x640
[ 1056.420337][T17939]  ? fs_reclaim_acquire+0xae/0x150
[ 1056.420441][T17939]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1056.420481][T17939]  should_failslab+0xc2/0x120
[ 1056.420519][T17939]  __kmalloc_noprof+0xd2/0x510
[ 1056.420563][T17939]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1056.420608][T17939]  ? tomoyo_profile+0x47/0x60
[ 1056.420654][T17939]  tomoyo_path_number_perm+0x245/0x580
[ 1056.420688][T17939]  ? tomoyo_path_number_perm+0x237/0x580
[ 1056.420727][T17939]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1056.420764][T17939]  ? find_held_lock+0x2b/0x80
[ 1056.420830][T17939]  ? find_held_lock+0x2b/0x80
[ 1056.420860][T17939]  ? hook_file_ioctl_common+0x145/0x410
[ 1056.420906][T17939]  ? __fget_files+0x20e/0x3c0
[ 1056.420947][T17939]  security_file_ioctl+0x9b/0x240
[ 1056.420983][T17939]  __x64_sys_ioctl+0xb7/0x210
[ 1056.421030][T17939]  do_syscall_64+0xcd/0x490
[ 1056.421070][T17939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1056.421101][T17939] RIP: 0033:0x7f4c9318ebe9
[ 1056.421132][T17939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1056.421161][T17939] RSP: 002b:00007f4c9408a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1056.421197][T17939] RAX: ffffffffffffffda RBX: 00007f4c933b5fa0 RCX: 00007f4c9318ebe9
[ 1056.421219][T17939] RDX: 0000000000000003 RSI: 000000004068aea3 RDI: 0000000000000003
[ 1056.421237][T17939] RBP: 00007f4c9408a090 R08: 0000000000000000 R09: 0000000000000000
[ 1056.421255][T17939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1056.421273][T17939] R13: 00007f4c933b6038 R14: 00007f4c933b5fa0 R15: 00007ffd9f4782e8
[ 1056.421312][T17939]  </TASK>
[ 1056.421426][T17939] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1056.725781][T17867] team0: Port device team_slave_1 added
[ 1056.842661][T17867] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1056.873999][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1056.961252][T17867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1057.015238][T17867] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1057.048633][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1057.084110][T17867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1057.235135][T17954] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1057.553132][T17867] hsr_slave_0: entered promiscuous mode
[ 1057.580854][T17867] hsr_slave_1: entered promiscuous mode
[ 1057.600893][T17867] debugfs: 'hsr0' already exists in 'hsr'
[ 1057.607222][T17867] Cannot create hsr debugfs directory
[ 1057.701260][T17955] random: crng reseeded on system resumption
[ 1057.750747][T17962] netlink: 266 bytes leftover after parsing attributes in process `syz.1.2439'.
[ 1058.079087][   T12] hsr_slave_0: left promiscuous mode
[ 1058.079875][   T12] hsr_slave_1: left promiscuous mode
[ 1058.080556][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1058.139313][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1058.168567][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1058.176243][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1058.201657][   T12] veth1_macvtap: left promiscuous mode
[ 1058.208730][   T12] veth0_macvtap: left promiscuous mode
[ 1058.214783][   T12] veth1_vlan: left promiscuous mode
[ 1058.220494][   T12] veth0_vlan: left promiscuous mode
[ 1058.423408][ T5873] Bluetooth: hci3: command tx timeout
[ 1058.930786][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1059.016133][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1059.558035][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.564484][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.502325][ T5873] Bluetooth: hci3: command tx timeout
[ 1062.181829][T17867] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1062.297904][T17867] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1062.336471][T17867] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1062.458047][T18027] tipc: Can't bind to reserved service type 1
[ 1062.491187][T17867] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1062.646991][T18035] netlink: 266 bytes leftover after parsing attributes in process `syz.3.2451'.
[ 1063.028015][T17867] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1063.344985][T17867] 8021q: adding VLAN 0 to HW filter on device team0
[ 1063.868467][T18064] FAULT_INJECTION: forcing a failure.
[ 1063.868467][T18064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1063.887322][T14330] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1063.894542][T14330] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1063.906179][T18065] blktrace: Concurrent blktraces are not allowed on loop2
[ 1063.915051][T18064] CPU: 1 UID: 0 PID: 18064 Comm: syz.1.2457 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1063.915098][T18064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1063.915115][T18064] Call Trace:
[ 1063.915127][T18064]  <TASK>
[ 1063.915139][T18064]  dump_stack_lvl+0x16c/0x1f0
[ 1063.915182][T18064]  should_fail_ex+0x512/0x640
[ 1063.915230][T18064]  _copy_to_iter+0x29f/0x16f0
[ 1063.915285][T18064]  ? __pfx__copy_to_iter+0x10/0x10
[ 1063.915329][T18064]  ? softnet_seq_show+0x2eb/0x510
[ 1063.915374][T18064]  ? softnet_get_online+0x161/0x230
[ 1063.915409][T18064]  seq_read_iter+0xcf8/0x12c0
[ 1063.915459][T18064]  proc_reg_read_iter+0x220/0x310
[ 1063.915503][T18064]  vfs_read+0x8bf/0xcf0
[ 1063.915575][T18064]  ? __pfx___mutex_lock+0x10/0x10
[ 1063.915622][T18064]  ? __pfx_vfs_read+0x10/0x10
[ 1063.915683][T18064]  ksys_read+0x12a/0x250
[ 1063.915715][T18064]  ? __pfx_ksys_read+0x10/0x10
[ 1063.915759][T18064]  do_syscall_64+0xcd/0x490
[ 1063.915798][T18064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1063.915826][T18064] RIP: 0033:0x7feb17b8ebe9
[ 1063.915850][T18064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1063.915876][T18064] RSP: 002b:00007feb18a0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1063.915902][T18064] RAX: ffffffffffffffda RBX: 00007feb17db5fa0 RCX: 00007feb17b8ebe9
[ 1063.915921][T18064] RDX: 000000000000c9e3 RSI: 0000200000000000 RDI: 0000000000000003
[ 1063.915938][T18064] RBP: 00007feb18a0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1063.915956][T18064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1063.915972][T18064] R13: 00007feb17db6038 R14: 00007feb17db5fa0 R15: 00007ffee5f2ab98
[ 1063.916013][T18064]  </TASK>
[ 1064.092180][T14330] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1064.102729][T14330] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1064.978880][T18082] blktrace: Concurrent blktraces are not allowed on loop2
[ 1065.593056][T17867] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1065.781099][T18102] FAULT_INJECTION: forcing a failure.
[ 1065.781099][T18102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1065.794738][T18102] CPU: 1 UID: 0 PID: 18102 Comm: syz.3.2459 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1065.794771][T18102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1065.794782][T18102] Call Trace:
[ 1065.794789][T18102]  <TASK>
[ 1065.794796][T18102]  dump_stack_lvl+0x16c/0x1f0
[ 1065.794825][T18102]  should_fail_ex+0x512/0x640
[ 1065.794854][T18102]  strncpy_from_user+0x3b/0x2e0
[ 1065.794880][T18102]  getname_flags.part.0+0x8f/0x550
[ 1065.794911][T18102]  getname_flags+0x93/0xf0
[ 1065.794932][T18102]  do_sys_openat2+0xb8/0x1d0
[ 1065.794960][T18102]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1065.794991][T18102]  ? __fget_files+0x20e/0x3c0
[ 1065.795015][T18102]  __x64_sys_openat+0x174/0x210
[ 1065.795045][T18102]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1065.795073][T18102]  ? ksys_write+0x1ac/0x250
[ 1065.795102][T18102]  do_syscall_64+0xcd/0x490
[ 1065.795127][T18102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.795147][T18102] RIP: 0033:0x7f4c9318ebe9
[ 1065.795163][T18102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1065.795181][T18102] RSP: 002b:00007f4c94048038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1065.795199][T18102] RAX: ffffffffffffffda RBX: 00007f4c933b6180 RCX: 00007f4c9318ebe9
[ 1065.795211][T18102] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1065.795223][T18102] RBP: 00007f4c94048090 R08: 0000000000000000 R09: 0000000000000000
[ 1065.795234][T18102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1065.795246][T18102] R13: 00007f4c933b6218 R14: 00007f4c933b6180 R15: 00007ffd9f4782e8
[ 1065.795276][T18102]  </TASK>
[ 1066.031461][T17867] veth0_vlan: entered promiscuous mode
[ 1066.071620][T17867] veth1_vlan: entered promiscuous mode
[ 1066.170668][T17867] veth0_macvtap: entered promiscuous mode
[ 1066.213777][T17867] veth1_macvtap: entered promiscuous mode
[ 1066.266048][T17867] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1066.296154][T17867] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1066.319570][   T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.333103][   T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.409029][ T3541] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.427507][ T3541] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.474383][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1066.539814][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1066.641188][ T3541] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1066.678335][ T3541] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1068.164700][T18140] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2467'.
[ 1069.528977][ T5874] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1069.602873][ T5874] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1069.634230][ T5874] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1069.645044][ T5874] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1069.655472][ T5874] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1069.979600][T14330] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.143970][T14330] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.284570][T14330] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1070.301808][T18180] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[ 1070.425843][T14330] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1071.097966][T14330] bridge_slave_1: left allmulticast mode
[ 1071.117604][T14330] bridge_slave_1: left promiscuous mode
[ 1071.127008][T14330] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1071.164972][T14330] bridge_slave_0: left allmulticast mode
[ 1071.173255][T14330] bridge_slave_0: left promiscuous mode
[ 1071.179598][T14330] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1071.701096][ T5873] Bluetooth: hci5: command tx timeout
[ 1071.740333][T14330] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1071.753706][T14330] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1071.769023][T14330] bond0 (unregistering): Released all slaves
[ 1071.793509][T18194] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2478'.
[ 1071.861767][T18170] chnl_net:caif_netlink_parms(): no params data found
[ 1072.342621][T18170] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1072.360046][T18170] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1072.375531][T18170] bridge_slave_0: entered allmulticast mode
[ 1072.386576][T18170] bridge_slave_0: entered promiscuous mode
[ 1072.439929][T18170] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1072.447666][T18170] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1072.454912][T18170] bridge_slave_1: entered allmulticast mode
[ 1072.472265][T18170] bridge_slave_1: entered promiscuous mode
[ 1072.739922][T18170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1072.834139][T18170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1073.289179][T18233] random: crng reseeded on system resumption
[ 1073.462609][T18170] team0: Port device team_slave_0 added
[ 1073.529667][T18170] team0: Port device team_slave_1 added
[ 1073.777518][ T5874] Bluetooth: hci5: command tx timeout
[ 1073.882985][T18170] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1073.901464][T18170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1073.992366][T18170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1074.027910][T18170] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1074.059825][T18170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1074.135076][T18170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1074.436677][T18170] hsr_slave_0: entered promiscuous mode
[ 1074.473758][T18170] hsr_slave_1: entered promiscuous mode
[ 1074.503406][T18170] debugfs: 'hsr0' already exists in 'hsr'
[ 1074.516176][T18170] Cannot create hsr debugfs directory
[ 1075.854864][ T5874] Bluetooth: hci5: command tx timeout
[ 1075.906417][T14330] hsr_slave_0: left promiscuous mode
[ 1075.918463][T14330] hsr_slave_1: left promiscuous mode
[ 1075.928133][T14330] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1075.941063][T14330] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1075.952022][T14330] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1075.963191][T14330] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1075.983154][T14330] veth1_macvtap: left promiscuous mode
[ 1075.988948][T14330] veth1_vlan: left promiscuous mode
[ 1075.994496][T14330] veth0_vlan: left promiscuous mode
[ 1076.162116][   T30] audit: type=1804 audit(1754906226.004:13): pid=18262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2488" name="/newroot/22/file0" dev="tmpfs" ino=133 res=1 errno=0
[ 1076.833268][T14330] team0 (unregistering): Port device team_slave_1 removed
[ 1076.891374][T14330] team0 (unregistering): Port device team_slave_0 removed
[ 1077.338324][T18269] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2489'.
[ 1077.724542][T18275] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1077.934483][ T5874] Bluetooth: hci5: command tx timeout
[ 1078.842316][T18170] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1078.859584][T18170] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1078.896062][T18298] random: crng reseeded on system resumption
[ 1078.956231][T18170] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1078.971676][T18170] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1079.268513][T18170] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1079.316492][T18170] 8021q: adding VLAN 0 to HW filter on device team0
[ 1079.329883][T17907] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1079.337034][T17907] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1079.408936][T17907] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1079.416205][T17907] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1080.037914][T18170] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1080.095969][T18326] blktrace: Concurrent blktraces are not allowed on loop2
[ 1080.342610][T18332] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2498'.
[ 1080.370083][T18170] veth0_vlan: entered promiscuous mode
[ 1080.438792][T18170] veth1_vlan: entered promiscuous mode
[ 1080.598437][T18170] veth0_macvtap: entered promiscuous mode
[ 1080.619590][T18170] veth1_macvtap: entered promiscuous mode
[ 1080.712011][T18170] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1080.830219][T18170] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1080.885770][ T3541] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.910677][T18339] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2499'.
[ 1080.942181][T18339] ipvlan0: entered allmulticast mode
[ 1080.954094][T18339] veth0_vlan: entered allmulticast mode
[ 1081.047338][ T3541] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.102289][ T3541] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.123315][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1081.647678][T17907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.677908][T17907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.750383][T17907] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1081.775403][T17907] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1082.488563][T18374] syz.0.2470 (18374): /proc/18363/oom_adj is deprecated, please use /proc/18363/oom_score_adj instead.
[ 1082.805891][T18370] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1082.903193][T18382] random: crng reseeded on system resumption
[ 1086.997510][T18454] blktrace: Concurrent blktraces are not allowed on loop2
[ 1087.129632][T18458] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2515'.
[ 1087.515344][T18468] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2516'.
[ 1087.792216][T18425] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2508'.
[ 1088.248449][T18477] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2517'.
[ 1088.894976][T18493] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2520'.
[ 1089.999369][T18500] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2523'.
[ 1090.078005][T18500] ipvlan0: entered allmulticast mode
[ 1090.111922][T18500] veth0_vlan: entered allmulticast mode
[ 1090.316523][T18532] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2529'.
[ 1091.001272][T18545] random: crng reseeded on system resumption
[ 1091.261433][T18562] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2534'.
[ 1093.654710][T18618] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2544'.
[ 1095.164627][T18655] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2554'.
[ 1095.231925][T18656] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2554'.
[ 1095.404857][T18659] random: crng reseeded on system resumption
[ 1098.603840][T18709] zswap: compressor  not available
[ 1099.264074][T18710] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2559'.
[ 1099.416492][T18710] ipvlan0: entered allmulticast mode
[ 1099.422098][T18710] veth0_vlan: entered allmulticast mode
[ 1099.975319][T18738] ==================================================================
[ 1099.983427][T18738] BUG: KASAN: global-out-of-bounds in __mutex_lock+0xcb2/0x10b0
[ 1099.991080][T18738] Read of size 8 at addr ffffffff8bf38cb0 by task syz.1.2565/18738
[ 1099.998994][T18738] 
[ 1100.001323][T18738] CPU: 0 UID: 0 PID: 18738 Comm: syz.1.2565 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1100.001349][T18738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1100.001360][T18738] Call Trace:
[ 1100.001369][T18738]  <TASK>
[ 1100.001377][T18738]  dump_stack_lvl+0x116/0x1f0
[ 1100.001403][T18738]  print_report+0xcd/0x630
[ 1100.001427][T18738]  ? __virt_addr_valid+0x81/0x610
[ 1100.001450][T18738]  ? __phys_addr+0xe8/0x180
[ 1100.001473][T18738]  ? __mutex_lock+0xcb2/0x10b0
[ 1100.001495][T18738]  kasan_report+0xe0/0x110
[ 1100.001519][T18738]  ? __mutex_lock+0xcb2/0x10b0
[ 1100.001544][T18738]  ? hci_devcd_register+0x47/0x170
[ 1100.001571][T18738]  __mutex_lock+0xcb2/0x10b0
[ 1100.001593][T18738]  ? rcu_is_watching+0x12/0xc0
[ 1100.001612][T18738]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1100.001638][T18738]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[ 1100.001660][T18738]  ? kmalloc_reserve+0x18b/0x2c0
[ 1100.001687][T18738]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.001709][T18738]  ? __asan_memset+0x23/0x50
[ 1100.001726][T18738]  ? __build_skb_around+0x278/0x3b0
[ 1100.001743][T18738]  ? __alloc_skb+0x200/0x380
[ 1100.001768][T18738]  ? __pfx___alloc_skb+0x10/0x10
[ 1100.001789][T18738]  ? __pfx_vhci_coredump_hdr+0x10/0x10
[ 1100.001814][T18738]  ? __pfx_vhci_coredump+0x10/0x10
[ 1100.001834][T18738]  ? hci_devcd_register+0x47/0x170
[ 1100.001860][T18738]  hci_devcd_register+0x47/0x170
[ 1100.001887][T18738]  force_devcd_write+0x16c/0x340
[ 1100.001916][T18738]  ? __pfx_force_devcd_write+0x10/0x10
[ 1100.001943][T18738]  full_proxy_write+0x12e/0x1a0
[ 1100.001971][T18738]  ? __pfx_full_proxy_write+0x10/0x10
[ 1100.002005][T18738]  vfs_write+0x29d/0x11d0
[ 1100.002038][T18738]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.002071][T18738]  ? __pfx_vfs_write+0x10/0x10
[ 1100.002107][T18738]  ? __fget_files+0x20e/0x3c0
[ 1100.002143][T18738]  ksys_write+0x12a/0x250
[ 1100.002174][T18738]  ? __pfx_ksys_write+0x10/0x10
[ 1100.002210][T18738]  do_syscall_64+0xcd/0x490
[ 1100.002247][T18738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.002277][T18738] RIP: 0033:0x7feb17b8ebe9
[ 1100.002301][T18738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1100.002324][T18738] RSP: 002b:00007feb18a0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1100.002343][T18738] RAX: ffffffffffffffda RBX: 00007feb17db5fa0 RCX: 00007feb17b8ebe9
[ 1100.002357][T18738] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005
[ 1100.002369][T18738] RBP: 00007feb17c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1100.002381][T18738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1100.002392][T18738] R13: 00007feb17db6038 R14: 00007feb17db5fa0 R15: 00007ffee5f2ab98
[ 1100.002409][T18738]  </TASK>
[ 1100.002416][T18738] 
[ 1100.274711][T18738] The buggy address belongs to the variable:
[ 1100.280687][T18738]  afs_rxrpc_callback_ops+0x50/0x1560
[ 1100.286078][T18738] 
[ 1100.288406][T18738] The buggy address belongs to the physical page:
[ 1100.294821][T18738] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xbf38
[ 1100.303514][T18738] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[ 1100.311512][T18738] raw: 00fff00000002000 ffffea00002fce08 ffffea00002fce08 0000000000000000
[ 1100.320190][T18738] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[ 1100.328775][T18738] page dumped because: kasan: bad access detected
[ 1100.335193][T18738] page_owner info is not present (never set?)
[ 1100.341255][T18738] 
[ 1100.343578][T18738] Memory state around the buggy address:
[ 1100.349295][T18738]  ffffffff8bf38b80: 00 00 00 00 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
[ 1100.357365][T18738]  ffffffff8bf38c00: 00 00 00 00 00 00 00 00 f9 f9 f9 f9 00 00 00 00
[ 1100.365442][T18738] >ffffffff8bf38c80: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 00 00
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1100.373681][T18738]                                      ^
[ 1100.379325][T18738]  ffffffff8bf38d00: 00 05 f9 f9 f9 f9 f9 f9 00 00 00 00 00 02 f9 f9
[ 1100.387479][T18738]  ffffffff8bf38d80: f9 f9 f9 f9 00 00 00 03 f9 f9 f9 f9 00 00 00 00
[ 1100.395553][T18738] ==================================================================
[ 1100.672291][T18738] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1100.679560][T18738] CPU: 1 UID: 0 PID: 18738 Comm: syz.1.2565 Not tainted 6.17.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1100.689938][T18738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1100.700209][T18738] Call Trace:
[ 1100.703524][T18738]  <TASK>
[ 1100.706484][T18738]  dump_stack_lvl+0x3d/0x1f0
[ 1100.711138][T18738]  vpanic+0x6e8/0x7a0
[ 1100.715185][T18738]  ? __pfx_vpanic+0x10/0x10
[ 1100.719747][T18738]  ? __pfx_vprintk_emit+0x10/0x10
[ 1100.724828][T18738]  ? __mutex_lock+0xcb2/0x10b0
[ 1100.729819][T18738]  panic+0xca/0xd0
[ 1100.733609][T18738]  ? __pfx_panic+0x10/0x10
[ 1100.738174][T18738]  ? __mutex_lock+0xcb2/0x10b0
[ 1100.742995][T18738]  ? preempt_schedule_common+0x44/0xc0
[ 1100.748591][T18738]  ? preempt_schedule_thunk+0x16/0x30
[ 1100.754045][T18738]  check_panic_on_warn+0xab/0xb0
[ 1100.759308][T18738]  end_report+0x107/0x170
[ 1100.763688][T18738]  kasan_report+0xee/0x110
[ 1100.768161][T18738]  ? __mutex_lock+0xcb2/0x10b0
[ 1100.773069][T18738]  ? hci_devcd_register+0x47/0x170
[ 1100.778328][T18738]  __mutex_lock+0xcb2/0x10b0
[ 1100.783056][T18738]  ? rcu_is_watching+0x12/0xc0
[ 1100.787860][T18738]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1100.793364][T18738]  ? kmem_cache_alloc_node_noprof+0x225/0x3b0
[ 1100.799470][T18738]  ? kmalloc_reserve+0x18b/0x2c0
[ 1100.804440][T18738]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.809473][T18738]  ? __asan_memset+0x23/0x50
[ 1100.814069][T18738]  ? __build_skb_around+0x278/0x3b0
[ 1100.819298][T18738]  ? __alloc_skb+0x200/0x380
[ 1100.823900][T18738]  ? __pfx___alloc_skb+0x10/0x10
[ 1100.828900][T18738]  ? __pfx_vhci_coredump_hdr+0x10/0x10
[ 1100.834385][T18738]  ? __pfx_vhci_coredump+0x10/0x10
[ 1100.839511][T18738]  ? hci_devcd_register+0x47/0x170
[ 1100.844659][T18738]  hci_devcd_register+0x47/0x170
[ 1100.849638][T18738]  force_devcd_write+0x16c/0x340
[ 1100.854599][T18738]  ? __pfx_force_devcd_write+0x10/0x10
[ 1100.860101][T18738]  full_proxy_write+0x12e/0x1a0
[ 1100.864972][T18738]  ? __pfx_full_proxy_write+0x10/0x10
[ 1100.870378][T18738]  vfs_write+0x29d/0x11d0
[ 1100.874724][T18738]  ? __pfx___mutex_lock+0x10/0x10
[ 1100.879792][T18738]  ? __pfx_vfs_write+0x10/0x10
[ 1100.884614][T18738]  ? __fget_files+0x20e/0x3c0
[ 1100.889462][T18738]  ksys_write+0x12a/0x250
[ 1100.893846][T18738]  ? __pfx_ksys_write+0x10/0x10
[ 1100.898873][T18738]  do_syscall_64+0xcd/0x490
[ 1100.903433][T18738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.909366][T18738] RIP: 0033:0x7feb17b8ebe9
[ 1100.913824][T18738] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1100.933501][T18738] RSP: 002b:00007feb18a0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1100.941958][T18738] RAX: ffffffffffffffda RBX: 00007feb17db5fa0 RCX: 00007feb17b8ebe9
[ 1100.949968][T18738] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005
[ 1100.957979][T18738] RBP: 00007feb17c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1100.966020][T18738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1100.974057][T18738] R13: 00007feb17db6038 R14: 00007feb17db5fa0 R15: 00007ffee5f2ab98
[ 1100.982084][T18738]  </TASK>
[ 1100.985411][T18738] Kernel Offset: disabled
[ 1100.989743][T18738] Rebooting in 86400 seconds..