last executing test programs:

7m12.234339623s ago: executing program 2 (id=937):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
clock_gettime$auto(0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x14}}, 0x6a)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socket(0x2, 0x1, 0x0)
socket(0x23, 0x80805, 0x0)
ioctl$auto(0x8000000000000001, 0x89ef, 0x9)

7m11.231097306s ago: executing program 2 (id=940):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(r0, &(0x7f0000000080)=@l2tp={0x2, 0x0, @rand_addr=0x64010102, 0x2}, 0x54)
mmap$auto(0x0, 0x2021009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
ioctl$auto_CEC_RECEIVE(r1, 0xc0386106, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x4)

7m10.194507797s ago: executing program 2 (id=944):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000002c40)=0xd0)
ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, 0x0)
ioctl$auto_CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000280)={0x4, 0x3, 0xa, @state_change={0xc, 0x6, 0x8}})
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0))
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb)
prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x2000000, 0x417, 0x3, 0x6a37)
write$auto(0xffffffffffffffff, 0x0, 0x7)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value=[0x4, 0x8, 0x9, 0x40000, 0x1, 0x8000000000000000, 0x4, 0x6, 0x2, 0xb79b, 0x70b, 0xfd78, 0xeabf, 0x401, 0x5, 0x8, 0x9, 0x5, 0x6, 0x9, 0x0, 0x1000, 0x10000, 0xc78c, 0x33, 0x3, 0x0, 0x0, 0x4, 0x1, 0x5, 0x401, 0x9, 0x7, 0x8000000000000000, 0x2, 0x0, 0x8, 0x5, 0x3, 0x1, 0x80000001, 0x4, 0x8001, 0x8ddc, 0x0, 0xfffffffffffffffc, 0x2, 0x4, 0xffffffffffffffff, 0x0, 0xe4d, 0x2, 0x0, 0xc000000000000000, 0x5, 0x9, 0x2, 0x1, 0x7d, 0x2, 0x7, 0x161], "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x201, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x1000000003, 0x9, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x200]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010329bd700002dcdf2524"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40044010)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000fddbdf3a04000000050011002e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4044820)

7m8.509591335s ago: executing program 2 (id=953):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff)
sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_CEC_G_MODE(0xffffffffffffffff, 0x80046108, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
setreuid$auto(0x2, 0x87)
r1 = timerfd_create$auto(0x9, 0x0)
futimesat$auto(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x40, 0xffffffffffffffff})
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r2 = socket(0x1d, 0x2, 0x6)
r3 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), r2)
sendmsg$auto_HSR_C_GET_NODE_LIST(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c00000095e2a9004d31021e8c12e0b48c331f34db08e8d6914f6c9331695310522f34d39b0065c830f42a5a4da9599bda62aaa856051455040185a4a984c257db6cbbda3b023bc719ef6e545c2e3b8dc197ea7a1e2d00000000000000bcd73ef2bf70532fb807bd6dae74f1a612096d2b5308310399687b4623b274da33fb1d5b1d8e36daf42acd78ddc6f173caeae3c8f974005f334f45a43f89079e10b17df39dd96e041f3acee19d7a6c4d285e88e449eed278f83d965c12fc636f2a941440dea20e9ff54136cce38a9c4458633b7cf102c68ef585af1cb3cd87924fc2b186dbbc226ad275a4d80158b61f97b4f91a8253a5883515e81800000000000000000000000000001ef5ec4e3d07c5258c81de7b0f71db9c8d98d39babd85db94aa636db1e670f66558870de2cd5bc23ac28a7f05010615547acbdd6106c837aa0a539a198d4ec9895ac4a7c12c9e74fe6686cc9b3a7db428a2f55bf5d17ccda6dea3de1214d31b4c5d3bc5beffb95605f24", @ANYRES16=r3, @ANYBLOB="200027bd7000fcdbdf250500000008000300f8ffffff"], 0x1c}}, 0x4010)
bind$auto(r2, &(0x7f0000000040)=@qipcrtr={0x2a, 0x3, 0x1}, 0x8)
socket(0xa, 0x3, 0x2c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
write$auto(0xffffffffffffffff, 0x0, 0x2)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000280), 0x18002, 0x0)
ioctl$auto_PPPIOCGDEBUG(r5, 0x80047441, &(0x7f00000002c0)=0x9)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x1, 0xf1, 0xb0, @raw=0x68e8}})

7m7.2743068s ago: executing program 2 (id=964):
r0 = socket(0x2, 0x1, 0x106)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54)
setsockopt$auto(r0, 0x6, 0x1, &(0x7f0000000040)='l2tp\x00', 0x7)
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(0xffffffffffffffff, 0x80585414, &(0x7f00000000c0)={0xab0, 0x6d, 0x400, 0x10000, 0x2f9, 0x9, "2117d3c529a8d200be0915c430730d456ae499b43cab76b41b6c0f702deaf420c7ca2ba7e31b84cec9c263827456dfa65dbf9e99417dc792a35f48036e080345"})

7m7.097386387s ago: executing program 2 (id=965):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c)
socketpair$auto(0x1, 0x400, 0x8000000000000000, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
sendfile$auto(r1, r2, 0x0, 0x7)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x68082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0)
mmap$auto(0x0, 0xd309, 0xdf, 0x7b5, 0xffffffffffffffff, 0x3)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
memfd_create$auto(0x0, 0x7)
r4 = socket(0x2, 0x1, 0x4)
socket(0x2b, 0x1, 0x1)
sendmsg$auto_NL80211_CMD_SET_CQM(r4, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cc000000", @ANYRES16=0x0, @ANYBLOB="00012dbd7075db5fce382a00fcdbdf253f000000040046007e00480189bc10f4b067d1d869d60a0f22ff2b00e2865f7f39c4b1cc363d7a23b7720189080e37136f2fdcc3cd94400f8ab89d4add2f8f3368ddd315890d3b2ae61cee7c65287e1c2d02bade3c67b0936a5f83af7a5847e91291bae39897d323f276b59c813db4dd4777ee96023b02da37e69b883fd6638c221e9cecaf99000006004f01550d000008009a000500000008b2b445d563e8c60481fd8293b3005d0004000000080009000300000015000d00010000"], 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
listen$auto(r3, 0x81)
ioctl$auto(0x3, 0x800005411, 0x38)
setresgid$auto(0xffffffffffffffff, 0xee01, 0xee00)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x8900, 0x0)
write$auto(0x3, 0x0, 0x5c8)
close_range$auto(0x0, r4, 0x6)
socket(0x2, 0x1, 0x0)
socket(0x23, 0x80805, 0x0)
lsm_set_self_attr$auto(0x1, &(0x7f0000000100)={0x2, 0x8, 0x6, 0xe8, "9ce2ed52e83fce5a3790f95ca624695372e920cb4e912b0ae04a92a1cf8feeef91bdc839da01048101af0aad2c9fed5010379470e9fda7c02e261d7dc4b79aa4a01925bd6631b1d41563a55886175d9d3c1b1fa5dbd11773385c0b7593436c2982275f27553f39b1247214f7e8cb1e86751e351dfa68d13e735ce46b0bb65a616fa842bc5aeb060594afaa002262b2bf1c74501ec28d6638e1ef88bb5eafe05c34c80562cb4dc8624f6540432cc8352a1b4e7e05ebc0d93ba456d095d5e776527428e8360914db9660eb54d83110a560aaa8e9a5be52673b9b5aac5c13a3281e97024d1eec5e575c"}, 0xd65, 0x40)
ioctl$auto(0x8000000000000001, 0x89ef, 0x9)

6m51.819046408s ago: executing program 32 (id=965):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, r0, 0x4000807c)
socketpair$auto(0x1, 0x400, 0x8000000000000000, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
sendfile$auto(r1, r2, 0x0, 0x7)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x68082, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0)
mmap$auto(0x0, 0xd309, 0xdf, 0x7b5, 0xffffffffffffffff, 0x3)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
memfd_create$auto(0x0, 0x7)
r4 = socket(0x2, 0x1, 0x4)
socket(0x2b, 0x1, 0x1)
sendmsg$auto_NL80211_CMD_SET_CQM(r4, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cc000000", @ANYRES16=0x0, @ANYBLOB="00012dbd7075db5fce382a00fcdbdf253f000000040046007e00480189bc10f4b067d1d869d60a0f22ff2b00e2865f7f39c4b1cc363d7a23b7720189080e37136f2fdcc3cd94400f8ab89d4add2f8f3368ddd315890d3b2ae61cee7c65287e1c2d02bade3c67b0936a5f83af7a5847e91291bae39897d323f276b59c813db4dd4777ee96023b02da37e69b883fd6638c221e9cecaf99000006004f01550d000008009a000500000008b2b445d563e8c60481fd8293b3005d0004000000080009000300000015000d00010000"], 0xcc}, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
listen$auto(r3, 0x81)
ioctl$auto(0x3, 0x800005411, 0x38)
setresgid$auto(0xffffffffffffffff, 0xee01, 0xee00)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x8900, 0x0)
write$auto(0x3, 0x0, 0x5c8)
close_range$auto(0x0, r4, 0x6)
socket(0x2, 0x1, 0x0)
socket(0x23, 0x80805, 0x0)
lsm_set_self_attr$auto(0x1, &(0x7f0000000100)={0x2, 0x8, 0x6, 0xe8, "9ce2ed52e83fce5a3790f95ca624695372e920cb4e912b0ae04a92a1cf8feeef91bdc839da01048101af0aad2c9fed5010379470e9fda7c02e261d7dc4b79aa4a01925bd6631b1d41563a55886175d9d3c1b1fa5dbd11773385c0b7593436c2982275f27553f39b1247214f7e8cb1e86751e351dfa68d13e735ce46b0bb65a616fa842bc5aeb060594afaa002262b2bf1c74501ec28d6638e1ef88bb5eafe05c34c80562cb4dc8624f6540432cc8352a1b4e7e05ebc0d93ba456d095d5e776527428e8360914db9660eb54d83110a560aaa8e9a5be52673b9b5aac5c13a3281e97024d1eec5e575c"}, 0xd65, 0x40)
ioctl$auto(0x8000000000000001, 0x89ef, 0x9)

13.218191479s ago: executing program 3 (id=2590):
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
r0 = socket(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000044}, 0x40000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x1f00)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_NEW(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000bb76710e736c244e10c0bb110daa3af2dbb82dbfb00ab0e405c9c5882e3f2b86f6069ff78ab4620fc9c129832b276002f34823bc34655621f1821ae06ee9e8485e4e8ef014ff0ad8c23428f9ae3234c8e521bf78445520a233da27df46b6f6d152bbeb8ec0d1cfa2acacd17d9b281840f46f3d6908869372d5795b131908cbe9663f119229506e64fc5c0041014e27298d04f245b199e8119466697a6b314c09b38d49e36c68ded92dd7072e1cfb1b4b15b7e0db117d091b135eb4", @ANYRES16=r2, @ANYBLOB="010026bd7000fddbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40810}, 0x800)

12.720652036s ago: executing program 3 (id=2592):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000740), 0x101000, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async)
capget$auto(0x0, 0xfffffffffffffffe) (async)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) (async)
setdomainname$auto(0x0, 0x551)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0)
pread64$auto(r1, 0x0, 0x10001, 0x830) (async)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd11/sched/queued\x00', 0xa000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x400800, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f0000000040)=""/124, 0x7c)
mmap$auto(0x0, 0x2020009, 0xaa, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
ioctl$auto_USB_RAW_IOCTL_RUN(r0, 0x5501, 0x0) (async)
socket(0xa, 0x3, 0x3a) (async)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566) (async)
r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execveat$auto(r3, 0x0, 0x0, 0x0, 0x1000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
socket(0xa, 0x2, 0x73) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async)
r4 = socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000080), 0x6b) (async)
connect$auto(r4, &(0x7f00000000c0)=@in={0x2, 0x1}, 0x55)

8.714208241s ago: executing program 3 (id=2606):
socket(0x2, 0x1, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/input/event2\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
munmap$auto(0x20001000, 0x7)
poll$auto(0x0, 0x5, 0x108)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000000), r0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24044011}, 0x800)
sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.675100575s ago: executing program 4 (id=2620):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
r3 = socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sysfs$auto(0x2, 0x9, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
mmap$auto(0x0, 0x2000a, 0x30000000000df, 0xeb2, 0x401, 0x8000)
bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000200)=@bpf_attr_7={@map_id=0x3, 0x319, 0x2, r2}, 0x8)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000034c0), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000ffdbdf2506000000ceefce4611c2f298a7619efda0ffcc4c7e28ef086991dd609e516a08c288d9fce1525b3a8f98d45560517b5b42140248f101d7cb3955b4e4572b8ffba61b93ed53e26f79ccd5e82509d54a30aed391891d88685e5688c0679aba"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
ioctl$auto(0x3, 0x541b, 0x38)
socket(0x26, 0x4, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
socket(0x2, 0x3, 0x6)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)

3.976510072s ago: executing program 1 (id=2623):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async)
setresgid$auto(0x800, 0xee01, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram2\x00', 0x60742, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mbind$auto(0x0, 0x2, 0x2, 0x0, 0x7, 0x0) (async)
write$auto(0x3, 0x0, 0x7fffffff) (async)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x400008, 0xc645, 0x9b72, 0x2, 0x8000)
syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
kill$auto(0x0, 0x21) (async)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xe, 0xd9, 0x9b72, 0x96ab, 0x800000008000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
memfd_create$auto(0x0, 0xa)
fcntl$auto(0xff80000000000000, 0x409, 0x3f) (async)
writev$auto(0x0, &(0x7f0000000000)={0x0, 0x202}, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf46", 0x3) (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/transparent_hugepage/hugepages-512kB/enabled\x00', 0x129302, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
init_module$auto(0x0, 0xfffff, 0x0) (async)
madvise$auto(0x0, 0x8000000000000000, 0x15) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
capget$auto(0x0, 0xfffffffffffffffe) (async)
capset$auto(0x0, 0x0)

3.649704678s ago: executing program 4 (id=2624):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/vmcoreinfo\x00', 0x20000, 0x0)
unshare$auto(0x8000000)
shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000008c0)=""/61, 0x3d)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/scsi/scsi\x00', 0x604400, 0x0)
mmap$auto(0x8, 0x20009, 0xdf, 0x800000000000eb1, 0x401, 0x8000)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x7fffffe}, 0x3, 0x3, 0x9)
r1 = socket(0x23, 0xa, 0x10000002)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x4070aea0, 0x38)
close_range$auto(r1, r0, 0x2)

3.202634286s ago: executing program 4 (id=2625):
socket(0x25, 0x1, 0x4) (async, rerun: 64)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) (async, rerun: 64)
socket(0x10, 0x2, 0xf)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
socket(0xa, 0x801, 0x106)
socket(0x2b, 0x1, 0x1) (async)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x2000, 0x0) (async)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv6/neigh/veth1/unres_qlen\x00', 0x382, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (rerun: 64)
unshare$auto(0x40000080)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0) (async)
close_range$auto(0xffffffffffffffff, 0x8, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0)
sendfile$auto(r0, r0, 0x0, 0x23f)
setns(0xffffffffffffffff, 0x8000000)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/sctp/rto_min\x00', 0xba45a641e375b9f1, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
r2 = socket(0xa, 0x5, 0x84) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) (rerun: 64)
r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r2)
sendmsg$auto_GTP_CMD_DELPDP(r2, &(0x7f00000001c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="7f001b09bc73d4c8ae9b88e44c4c005fac", @ANYRES16=r3, @ANYBLOB="000125bd7000fcdbdf2501000000080002000500000008000200080000000c0003000000000000000c0006000600040000000c00030003000000000000000c000300ff7f0000000000000800080080000000"], 0x58}, 0x1, 0x0, 0x0, 0x400}, 0x4040000) (async)
io_uring_setup$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x10, 0x80000, 0xc)

3.197257197s ago: executing program 3 (id=2626):
r0 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000040)=0x9)
io_uring_enter$auto(r0, 0x4, 0x0, 0x1a, &(0x7f0000000100)="f98616d4daf0eaf2875b6ed6d4046fac9ed3f78472adcbf28620afc8929f223ad70a3dd2b8fa3ca1570b296933417d95569e7015a6447e75c35f98450e938bd578ebd29cfc0635ca3a88", 0x100)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty61\x00', 0x40200, 0x0)
mmap$auto(0x4, 0x9, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0x1, 0x1, 0x0)
bind$auto(0x3, 0x0, 0x6b)
listen$auto(0x3, 0x81)
shutdown$auto(0x200000003, 0x2)
poll$auto(&(0x7f0000000d40)={0x3, 0x1, 0xa}, 0x5, 0x400)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x189181, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
connect$auto(0x3, 0xfffffffffffffffe, 0x0)
pipe$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r1)
ioctl$auto_BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000180)={0x0, 0x5, 0x9, 0x9, {0xffffffffffffc1f0, 0x80, 0xd, 0xfffffffffffffff1, 0xd, 0x1ff, 0xde9b, 0xa1, 0x5c, 0x40, 0x10001, 0x2, 0x8, 0x1d4, 0xa7b}})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3)
ioctl$auto(0x3, 0x4b44, 0x10000000000402)

3.086273883s ago: executing program 1 (id=2627):
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
r0 = socket(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000044}, 0x40000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x1f00)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_NEW(r1, 0x0, 0x800)

2.831012579s ago: executing program 1 (id=2628):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0)
pread64$auto(r0, 0x0, 0x40000000f42c, 0x2)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x132, 0x0, 0xfffffffffffffffd)
write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, 0x0, 0x0)
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r2 = socket(0x10, 0x2, 0x6)
read$auto(0x3, 0x0, 0xf3c)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
write$auto(0x3, 0x0, 0xfffffdef)

2.737680898s ago: executing program 4 (id=2629):
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$auto(r0, 0x5425, 0x5)
r1 = socket(0x2, 0x1, 0x106) (async)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) (async)
capget$auto(0x0, 0xfffffffffffffffe) (async)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, 0x0, 0x200080c0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000300), r1) (async)
madvise$auto(0xfffffffffffffffe, 0xffffffffffff0002, 0x80000001)
ioperm$auto(0xaa, 0x1, 0x4000005) (async)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x902, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a19b5dde", 0x36) (async)
munlock$auto(0x9, 0x29b9)
r3 = socket(0x10, 0x2, 0x0)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r3)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000002c0), r1) (async)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0004009661a0c71058ec01dc9e54f85f0f2e4c7e42094a129f3af538888811c6ff8537b3c5fd3e73b793d7c6e65e5b0928162978b47c010f26ae801a27b0601e1e86d1e7c968c3327fe4c4e1cdbb54d76605c98ba625b76480f5f42990d6f5c5b4244581def32d27be69e633eb8470363f5ceca9456deddf3c49e78343689e6cdd909001c17b35f0bf6e386acf0d9be4d8afa6e630602793f8c338fd751e3768112cd420c11300f5967bb6c99d04b65548a4544ad20f5fb221c6b7ca82318b5b9e476c2db7e5a41835edf137142c4fbc2a23327416a2faf9c754ecb0dba384234f147cea8cd9866d9aaadc4b163ecec315cad660c516bd1acf7db911d7181091af1da301bfb1295786f4fb", @ANYRES16=r4, @ANYBLOB="000829bd7000fedbdf251f000000050008009100000008000b00010000000e0002004025242c5d2e212b7d0000000500240000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x404000c}, 0x10)
r5 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) (async)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010026bd7020f8dbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="080001b40f44310048265200"], 0x24}, 0x1, 0x0, 0x0, 0x801}, 0x80) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_FRAME(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="030426d472000a000100197588149b0c000008000500056017b79f000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) (async)
sendmsg$auto_SEG6_CMD_GET_TUNSRC(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYRES16=r3, @ANYRES16=r5, @ANYBLOB="018119382ecf0c551e5d47df0000140001"], 0x28}, 0x1, 0x0, 0x0, 0x20000088}, 0x20000000)
r8 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/cec31\x00', 0x42, 0x0)
poll$auto(&(0x7f0000000c00)={r8, 0x200, 0x9}, 0x6, 0x8) (async)
rseq$auto(0x0, 0xfffffff9, 0x4, 0x2) (async)
read$auto(0xffffffffffffffff, 0x0, 0x1ff) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/ieee80211/phy14/short_retry_limit\x00', 0x210000, 0x0)

2.572845317s ago: executing program 1 (id=2630):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vkms/graphics/fb0/modes\x00', 0x129102, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(r0, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x10000003}, 0x1, 0x0}, 0x7}, 0x80000000, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto(0x3, 0x0, 0xffd8)

2.299196003s ago: executing program 3 (id=2632):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) (async)
bpf$auto(0x800000000000001c, 0xfffffffffffffffe, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0) (async, rerun: 64)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (async, rerun: 64)
msgctl$auto_IPC_RMID(0x800, 0x0, &(0x7f00000000c0)={{0x5, <r1=>0xffffffffffffffff, 0xee01, 0xc, 0x0, 0x3, 0x1}, &(0x7f0000000040)=0xff, &(0x7f0000000080)=0x8, 0x4, 0x2, 0x0, 0xc2, 0xffffffffffffff7f, 0xfffb, 0x399, 0x7, @inferred=0xffffffffffffffff})
setresuid$auto(r1, 0xffffffffffffffff, 0xee01)
socket(0x23, 0x5, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) (async)
r3 = socket(0x10, 0x2, 0x0) (async, rerun: 64)
unlink$auto(&(0x7f0000000140)='./file0\x00') (rerun: 64)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) (async, rerun: 64)
ioctl$auto(0x3, 0x4018aebd, 0x38)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async)
ioctl$auto(0x3, 0x800005411, 0x38)

2.1262267s ago: executing program 4 (id=2634):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r0 = io_uring_setup$auto(0x85, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, r2, 0x5, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000c000}, 0x4000024)
r3 = clone$auto(0xad8c, 0xfffffffffffffdbc, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9)
rt_sigqueueinfo$auto(r3, 0x9ff, &(0x7f0000000000)={@siginfo_0_0={0x3717, 0x7ff, 0x2, @_sigpoll={0x8, r1}}})
r4 = gettid()
kill$auto(r4, 0x11)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', <r5=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, r2, 0x8, 0x70bd29, 0x25dfdbfc, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r3}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r4}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r5}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x8}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0xffffffffffffffff}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x800)
ioctl$auto(0x4000000000000c8, 0x400454d1, 0x3)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/eql/testing\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000001100)=""/4106, 0x100a)

1.979389235s ago: executing program 4 (id=2635):
socket(0x2, 0x1, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2, 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000300)='/dev/input/event2\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
munmap$auto(0x20001000, 0x7)
poll$auto(0x0, 0x5, 0x108)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000000), r0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24044011}, 0x800)
sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.906370872s ago: executing program 0 (id=2636):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x3, 0x5411, 0x38)
mmap$auto(0x59ff, 0x40, 0x7, 0x15, r0, 0x80000001)

1.829611447s ago: executing program 0 (id=2637):
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder0\x00', 0x200, 0x0)
ioctl$auto_BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000000)="028d08e3e9a6a08fc440e94f6a4b9158abe5fc3ad1dd99a110cc80396700129108d41f7035fd6f5261760eaec0a80743c780cfb8605543aef338307187520900000000000000000000000000000000bae7a1c04e44420ba56964f5025ce28170536a7031b97060bd319079ddffaff9849f791a73004a47e0a2cf999d8f98c75afb3418bd0a9f513a477761d916f0c88a0f99f04687e4cb5ebe4f328e73a40cedd9160f2b1592c34fa5ef7ab74c7655b9e052872300000000000000000000000000f8ff")

1.738177099s ago: executing program 0 (id=2638):
unshare$auto(0x8000000)
shmget$auto(0x0, 0x2, 0x8)
socket(0x2, 0x1, 0x106)
r0 = socket(0x2b, 0x807, 0x5)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/fb0\x00', 0x0, 0x0)
mmap$auto_fb_fops_fb_chrdev(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7, 0x12, r1, 0x80000000000000)
r2 = openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x40000, 0x0)
read$auto_tk_debug_sleep_time_fops_(r2, &(0x7f00000000c0)=""/124, 0x7c)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/trace_pipe\x00', 0x0, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r3, 0x0, 0x39b8)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
mq_open$auto(0x0, 0xfe4, 0x400, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/midiC2D3\x00', 0x2001, 0x0)
r5 = socket(0x1d, 0x2, 0x2)
sendmsg$auto_NL80211_CMD_DISASSOCIATE(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f0000000480)=ANY=[@ANYBLOB="d801", @ANYRES16=0x0], 0x1d8}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000000)={[0x1ff, 0xd5b, 0xc, 0x37, 0x948a, 0x2, 0x15f4da0d, 0x1f, 0x2, 0x300000000000604, 0x40080000001, 0x7, 0x6d3c, 0xc, 0xc8c, 0xffffffffffffffff]}, 0x0)

1.616405298s ago: executing program 1 (id=2639):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0)
pread64$auto(r1, 0x0, 0x40000000f42c, 0x2)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x132, 0x0, 0xfffffffffffffffd)
write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, 0x0, 0x0)
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r3 = socket(0x10, 0x2, 0x6)
read$auto(0x3, 0x0, 0xf3c)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004)
write$auto(0x3, 0x0, 0xfffffdef)

1.46701487s ago: executing program 1 (id=2640):
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x3e38a2, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010102}, 0x6a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
sysfs$auto(0x2, 0x2, 0x0)
unshare$auto(0x40000080)
mbind$auto(0x200, 0x10000100000003, 0x2000000000005, &(0x7f0000000000)=0xc4f5, 0x7fffffffffffffff, 0xe)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
mmap$auto(0x6, 0x0, 0xdf, 0xeb1, 0x3fd, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
pivot_root$auto(0x0, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20b42, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b4e, 0xffffffffffffffff)
openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
ioctl$auto_SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000980), r1)
sendmsg$auto_TIPC_NL_MEDIA_SET(r1, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f000000a480)={&(0x7f0000009800)={0x20, r4, 0x1, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000048)
write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x03\x00\x00\x00I}\xe8N\x94\xf2\xa2\x00\x00\f\x15\xd8a\xed\x84\xb7\f\x00\x00\x80\x00\x00\x00\x001.\xb0`W\xd3M\x00\xbf\xe9\x83\xea8\xd1\xda\xcf9\x02u@\xeb\xcd\xb2\tBAh\xf8', 0x3ff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/iscsi_transport/iser/handle\x00', 0x123640, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0xa, 0x6, 0x0)
setsockopt$auto(0x4, 0x1, 0xf, &(0x7f00000002c0)='\x05\x00\x06J\xd4~&\xe3a\xe9\x14\x01\xdc\x85\r\x00\x00\x00\x00\x00\xee\xcc8\xe2\x7fi\x01\xaf\x06E\xff\xff\xff\xff\xff\xff\xff\xff\tL\xb9\x8dv\xf2\x93\x7f\xe18\b\x00\x00\x00\x00\x00\x00\x00\xbd\x94\x06\xc3\xac\xc0\xd9\xa1J2_\xe3\xae\x00\x00\x00\x00a\x93d$\x05\x8a\a\x00R\b\x0e\xfd\x06\xca`\xf6\xfc\x91 g\xa5m\x1a9H\x14\x14\x97\xc1\xc5\x94\x91 \x968C\xc1v!w\x0f\xcc\xf5\xb5!F$\xa4\x9e\xf7\x98~\x98\x88\x06\x14@N\xddM*\xfd\x85R\xb6koe\xe8\xfaF\xf0\\\x9c\x85\xc7+\x81\xa4+\x9f-\x00\xedS\xeb\x1c2\xffy\xaa\x14n#\x1f\xde\x02\xd4\x87I\xb5V(\x00\xa9E\x14\xe3\xf8*\xfd\xcc\x0e\xe4\xbc\xa0\nv\xd9n\xf3\xf9\xed\xc5\x95\fT\xe4\xd6\xfa\x99I\x81\xb4\xb2\xff\xa2\xb3BL\xc1\x9c\x80U\x88\xdb\xcap\xcf\v\x00\x00\x00\x00\x00\x9f\xcf\xa4?\x86\x8d\x10\\\xc7\xb6\x93\t\x98\x8f\xb9B\xdb\x11\xae\xef/\xd5f7ok\x84\xcbddf\xe3\x9c\x1b\x13\xf3\xbdv\x83\xa3\x95o@\xe6\xb8B\x06k\x83\xd4\xad\'\x8b\xa9\xb2\xd38\xe3\xb6\xfb\xa0x\x06\xc7B4\x9e12\\\xd6\xecD\x8bV7D\x8a\x97\xa5\x17\xf6HC\xe0\x03\x00\x00\x00\"S\xc9\x01&\xb0S+\xa0\xf4\xb07o\x12{Q\xe5\xeb\x9b\x9d\xc2\xee0\xa7Y\x12\x1d\xcd\xfb', 0xd)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
listen$auto(r5, 0x26da)

958.200741ms ago: executing program 3 (id=2641):
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x3, 0x0)
chdir$auto(&(0x7f0000000280)='}[,&*}\x00')
rename$auto(&(0x7f0000000140)='}[,&*}\x00', &(0x7f0000000180)='./file0\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f00000000c0)={0x14, r1, 0x59e638bc4fbb3f7d, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x48018}, 0x400c880)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x23, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r2, 0x0, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

321.996071ms ago: executing program 0 (id=2642):
lstat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x6, 0x3, 0xfffffffffffffc01, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x5, 0x5, 0x400, 0x8000000000000, 0x1, 0x1, 0xffff, 0xc}) (async)
lstat$auto(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x6, 0x3, 0xfffffffffffffc01, 0x8, <r0=>0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x5, 0x5, 0x400, 0x8000000000000, 0x1, 0x1, 0xffff, 0xc})
keyctl$auto_KEYCTL_GET_PERSISTENT(0x16, r0, 0xfffffffffffffffc, 0x7678, 0x1ff)

229.856058ms ago: executing program 0 (id=2643):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x4, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socketpair$auto(0x402, 0x0, 0x1, 0x0)
r1 = open(0x0, 0x163340, 0x2a)
r2 = socket(0x2a, 0x2, 0x1)
connect$auto(r2, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r0, &(0x7f0000000000)=""/254, 0xfe)
mmap$auto(0x0, 0x9e, 0x1, 0xf58, r1, 0x6e)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0)

0s ago: executing program 0 (id=2644):
mmap$auto(0x0, 0x80000000, 0xdd, 0x9b72, 0x2, 0x8000)
madvise$auto(0x2, 0xffffffffffff0004, 0x10417) (async, rerun: 32)
rseq$auto(&(0x7f0000000300)={0x2, 0x401, 0x327e, 0x2, 0xffffffff, 0x2}, 0x20007ffe, 0x0, 0x2) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x5, 0x800, 0x5) (async)
mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5<y\xa5\x97\x13\xef\xc4g\xc3\xa4&\x81I6\v\xcc\x00\x00', 0x62, 0xfffc, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 32)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
madvise$auto(0x0, 0x2003ec, 0x14) (async, rerun: 32)
unshare$auto(0x400) (rerun: 32)
select$auto(0xd, 0x0, &(0x7f0000000040)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x2b9c, 0xff, 0x6, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0xe, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) (async)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async)
getsockopt$auto(0x6, 0x29, 0x7, 0xfffffffffffffffe, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000340), 0x1a1041, 0x0) (async)
close_range$auto(0x6, 0xeffff000, 0x6) (async)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004)
r0 = socket(0x2, 0x1, 0x84)
recvfrom$auto(r0, 0x0, 0xfffffffffffffffe, 0xfffffff9, 0x0, 0xfffffffffffffffd) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000140), r1)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r2, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x1}, @HANDSHAKE_A_ACCEPT_HANDLER_CLASS={0x8, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x4080) (async)
r3 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
eventfd$auto(0x9)
execveat$auto(r3, 0x0, 0x0, 0x0, 0x11000)

kernel console output (not intermixed with test programs):

02 audit(4368879649.232:31): pid=13468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1504" res=0 errno=0
[  449.413817][T13447] ptrace attach of "./syz-executor exec"[10702] was attempted by "./syz-executor exec"[13447]
[  450.053028][T13494] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[  451.768783][T13538] ubi: mtd0 is already attached to ubi0
[  453.092410][T13558] block2mtd: illegal erase size
[  459.337219][T13667] Invalid ELF header magic: != ELF
[  462.318382][T13708] input: isc as /devices/virtual/input/input15
[  462.714226][T13717] FAULT_INJECTION: forcing a failure.
[  462.714226][T13717] name failslab, interval 1, probability 0, space 0, times 0
[  462.867303][T13717] CPU: 1 UID: 0 PID: 13717 Comm: syz.1.1558 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  462.867326][T13717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  462.867334][T13717] Call Trace:
[  462.867339][T13717]  <TASK>
[  462.867344][T13717]  dump_stack_lvl+0x16c/0x1f0
[  462.867367][T13717]  should_fail_ex+0x512/0x640
[  462.867386][T13717]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  462.867404][T13717]  should_failslab+0xc2/0x120
[  462.867420][T13717]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  462.867436][T13717]  ? sock_alloc_inode+0x25/0x1c0
[  462.867456][T13717]  ? __pfx_sock_alloc_inode+0x10/0x10
[  462.867471][T13717]  sock_alloc_inode+0x25/0x1c0
[  462.867487][T13717]  alloc_inode+0x61/0x240
[  462.867504][T13717]  sock_alloc+0x40/0x280
[  462.867519][T13717]  __sock_create+0xc1/0x8d0
[  462.867541][T13717]  __sys_socket+0x14d/0x260
[  462.867559][T13717]  ? __pfx___sys_socket+0x10/0x10
[  462.867577][T13717]  ? rcu_is_watching+0x12/0xc0
[  462.867594][T13717]  __x64_sys_socket+0x72/0xb0
[  462.867611][T13717]  ? lockdep_hardirqs_on+0x7c/0x110
[  462.867628][T13717]  do_syscall_64+0xcd/0x230
[  462.867647][T13717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  462.867661][T13717] RIP: 0033:0x7f230e78e969
[  462.867672][T13717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.867684][T13717] RSP: 002b:00007f230f5e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  462.867697][T13717] RAX: ffffffffffffffda RBX: 00007f230e9b5fa0 RCX: 00007f230e78e969
[  462.867706][T13717] RDX: 0000000000000007 RSI: 0000000000080000 RDI: 000000000000001d
[  462.867714][T13717] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  462.867722][T13717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  462.867729][T13717] R13: 0000000000000000 R14: 00007f230e9b5fa0 R15: 00007fff557fb0e8
[  462.867746][T13717]  </TASK>
[  462.867753][T13717] socket: no more sockets
[  465.220028][T13085] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  465.228839][T13085] Bluetooth: hci0: Invalid handle: 0xe200 > 0x0eff
[  466.340329][T13778] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1572'.
[  467.807252][T13837] ptrace attach of "./syz-executor exec"[5830] was attempted by ""[13837]
[  468.343474][T13824] Invalid ELF header magic: != ELF
[  468.401002][T13845] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1585'.
[  468.634876][T13847] ima: policy update failed
[  468.667918][   T30] audit: type=1802 audit(4368879668.592:32): pid=13847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1585" res=0 errno=0
[  470.179210][T13872] bridge0: port 3(team0) entered blocking state
[  470.246023][T13886] random: crng reseeded on system resumption
[  470.255580][T13872] bridge0: port 3(team0) entered disabled state
[  470.311959][T13872] team0: entered allmulticast mode
[  470.370967][T13872] team_slave_1: entered allmulticast mode
[  470.423212][T13872] team0: entered promiscuous mode
[  470.458574][T13872] team_slave_1: entered promiscuous mode
[  470.522689][T13872] bridge0: port 3(team0) entered blocking state
[  470.529066][T13872] bridge0: port 3(team0) entered forwarding state
[  470.797559][T13886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1592'.
[  471.226018][T13907] futex_wake_op: syz.1.1597 tries to shift op by 64; fix this program
[  471.595357][T13928] FAULT_INJECTION: forcing a failure.
[  471.595357][T13928] name failslab, interval 1, probability 0, space 0, times 0
[  471.637359][T13928] CPU: 1 UID: 0 PID: 13928 Comm: syz.4.1602 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  471.637382][T13928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  471.637391][T13928] Call Trace:
[  471.637396][T13928]  <TASK>
[  471.637401][T13928]  dump_stack_lvl+0x16c/0x1f0
[  471.637426][T13928]  should_fail_ex+0x512/0x640
[  471.637446][T13928]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  471.637464][T13928]  should_failslab+0xc2/0x120
[  471.637480][T13928]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  471.637494][T13928]  ? __pfx___schedule+0x10/0x10
[  471.637509][T13928]  ? do_raw_spin_unlock+0x172/0x230
[  471.637528][T13928]  ? alloc_empty_file+0x55/0x1e0
[  471.637546][T13928]  alloc_empty_file+0x55/0x1e0
[  471.637563][T13928]  path_openat+0xe0/0x2d40
[  471.637574][T13928]  ? __x64_sys_openat+0x174/0x210
[  471.637590][T13928]  ? do_syscall_64+0xcd/0x230
[  471.637610][T13928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.637629][T13928]  ? __pfx_path_openat+0x10/0x10
[  471.637646][T13928]  do_filp_open+0x20b/0x470
[  471.637659][T13928]  ? __pfx_do_filp_open+0x10/0x10
[  471.637683][T13928]  ? alloc_fd+0x471/0x7d0
[  471.637707][T13928]  do_sys_openat2+0x11b/0x1d0
[  471.637723][T13928]  ? __pfx_do_sys_openat2+0x10/0x10
[  471.637746][T13928]  __x64_sys_openat+0x174/0x210
[  471.637763][T13928]  ? __pfx___x64_sys_openat+0x10/0x10
[  471.637781][T13928]  ? rcu_is_watching+0x12/0xc0
[  471.637798][T13928]  do_syscall_64+0xcd/0x230
[  471.637816][T13928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  471.637829][T13928] RIP: 0033:0x7f098518e969
[  471.637841][T13928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  471.637853][T13928] RSP: 002b:00007f0985f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  471.637865][T13928] RAX: ffffffffffffffda RBX: 00007f09853b5fa0 RCX: 00007f098518e969
[  471.637874][T13928] RDX: 0000000000103000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  471.637883][T13928] RBP: 00007f0985210ab1 R08: 0000000000000000 R09: 0000000000000000
[  471.637891][T13928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  471.637899][T13928] R13: 0000000000000000 R14: 00007f09853b5fa0 R15: 00007fffd048ba88
[  471.637916][T13928]  </TASK>
[  471.863133][    C1] vkms_vblank_simulate: vblank timer overrun
[  475.063164][T13996] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1613'.
[  475.405083][T13997] ima: policy update failed
[  475.427480][   T30] audit: type=1802 audit(4368879675.352:33): pid=13997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1613" res=0 errno=0
[  476.194926][T14029] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1619'.
[  476.303274][T14033] random: crng reseeded on system resumption
[  476.920762][T14038] Process accounting resumed
[  478.336077][T14087] kernel read not supported for file /set_event_notrace_pid (pid: 14087 comm: syz.0.1634)
[  478.373547][   T30] audit: type=1800 audit(4368879678.302:34): pid=14087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1634" name="set_event_notrace_pid" dev="tracefs" ino=13 res=0 errno=0
[  482.507854][T14160] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1648'.
[  482.623544][T14160] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1648'.
[  483.157777][T14181] sctp: [Deprecated]: syz.0.1649 (pid 14181) Use of int in maxseg socket option.
[  483.157777][T14181] Use struct sctp_assoc_value instead
[  486.108842][T14235] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1666'.
[  486.448588][T14238] ima: policy update failed
[  486.524731][   T30] audit: type=1802 audit(4368879686.422:35): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.1666" res=0 errno=0
[  487.107390][T14266] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1673'.
[  487.128298][T14269] scsi_strcpy_devinfo: vendor string '��/&c��~n]	�|
[  487.128298][T14269] M�' is too long
[  487.172786][T14269] scsi_strcpy_devinfo: model string '�Dd5��K�2b�
[  487.172786][T14269] ���W����� ��' is too long
[  487.246983][T14264] netlink: 'syz.4.1673': attribute type 1 has an invalid length.
[  487.298446][T14266] usb usb38: usbfs: process 14266 (syz.4.1673) did not claim interface 48 before use
[  488.466658][T14304] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  488.990641][T14315] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1683'.
[  491.675256][T14366] Invalid ELF header magic: != ELF
[  493.182080][T14381] kexec: Could not allocate control_code_buffer
[  493.625756][T14415] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input16
[  495.137805][T14448] FAULT_INJECTION: forcing a failure.
[  495.137805][T14448] name fail_futex, interval 1, probability 0, space 0, times 0
[  495.267031][T14448] CPU: 1 UID: 0 PID: 14448 Comm: syz.0.1715 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  495.267053][T14448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  495.267062][T14448] Call Trace:
[  495.267067][T14448]  <TASK>
[  495.267072][T14448]  dump_stack_lvl+0x16c/0x1f0
[  495.267095][T14448]  should_fail_ex+0x512/0x640
[  495.267116][T14448]  get_futex_key+0x49e/0x1000
[  495.267132][T14448]  ? __pfx_get_futex_key+0x10/0x10
[  495.267151][T14448]  futex_wake+0xe7/0x4e0
[  495.267166][T14448]  ? rcu_is_watching+0x12/0xc0
[  495.267181][T14448]  ? __pfx_futex_wake+0x10/0x10
[  495.267205][T14448]  do_futex+0x1e3/0x350
[  495.267219][T14448]  ? __pfx_do_futex+0x10/0x10
[  495.267232][T14448]  ? __might_fault+0xe3/0x190
[  495.267252][T14448]  mm_release+0x24e/0x300
[  495.267267][T14448]  do_exit+0x898/0x2c30
[  495.267284][T14448]  ? __pfx_futex_wake_mark+0x10/0x10
[  495.267303][T14448]  ? __pfx_do_exit+0x10/0x10
[  495.267319][T14448]  ? do_raw_spin_lock+0x12c/0x2b0
[  495.267338][T14448]  ? find_held_lock+0x2b/0x80
[  495.267353][T14448]  do_group_exit+0xd3/0x2a0
[  495.267372][T14448]  get_signal+0x2673/0x26d0
[  495.267393][T14448]  ? __pfx_get_signal+0x10/0x10
[  495.267407][T14448]  ? do_futex+0x122/0x350
[  495.267421][T14448]  ? __pfx_do_futex+0x10/0x10
[  495.267436][T14448]  arch_do_signal_or_restart+0x8f/0x7a0
[  495.267456][T14448]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  495.267484][T14448]  syscall_exit_to_user_mode+0x150/0x2a0
[  495.267503][T14448]  do_syscall_64+0xda/0x230
[  495.267522][T14448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  495.267536][T14448] RIP: 0033:0x7f19d878e969
[  495.267548][T14448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  495.267560][T14448] RSP: 002b:00007f19d959e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  495.267573][T14448] RAX: fffffffffffffe00 RBX: 00007f19d89b6088 RCX: 00007f19d878e969
[  495.267582][T14448] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f19d89b6088
[  495.267590][T14448] RBP: 00007f19d89b6080 R08: 0000000000000000 R09: 0000000000000000
[  495.267597][T14448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f19d89b608c
[  495.267605][T14448] R13: 0000000000000000 R14: 00007fff00a327d0 R15: 00007fff00a328b8
[  495.267622][T14448]  </TASK>
[  495.537741][T14452] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1716'.
[  496.752573][T14462] FAULT_INJECTION: forcing a failure.
[  496.752573][T14462] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  496.985126][T14462] CPU: 1 UID: 0 PID: 14462 Comm: syz.1.1718 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  496.985150][T14462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  496.985159][T14462] Call Trace:
[  496.985164][T14462]  <TASK>
[  496.985169][T14462]  dump_stack_lvl+0x16c/0x1f0
[  496.985194][T14462]  should_fail_ex+0x512/0x640
[  496.985217][T14462]  should_fail_alloc_page+0xe7/0x130
[  496.985236][T14462]  prepare_alloc_pages+0x3c2/0x610
[  496.985255][T14462]  ? rcu_is_watching+0x12/0xc0
[  496.985270][T14462]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  496.985285][T14462]  ? __kernel_text_address+0xd/0x40
[  496.985304][T14462]  ? unwind_get_return_address+0x59/0xa0
[  496.985320][T14462]  ? arch_stack_walk+0xa6/0x100
[  496.985342][T14462]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  496.985356][T14462]  ? stack_trace_save+0x8e/0xc0
[  496.985370][T14462]  ? __pfx_stack_trace_save+0x10/0x10
[  496.985382][T14462]  ? stack_depot_save_flags+0x28/0xa50
[  496.985400][T14462]  ? find_held_lock+0x2b/0x80
[  496.985415][T14462]  ? kasan_save_stack+0x42/0x60
[  496.985430][T14462]  ? __lock_acquire+0xaa4/0x1ba0
[  496.985445][T14462]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  496.985463][T14462]  ? policy_nodemask+0xea/0x4e0
[  496.985481][T14462]  alloc_pages_mpol+0x1fb/0x550
[  496.985506][T14462]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  496.985521][T14462]  ? __page_table_check_ptes_set+0x1ae/0x420
[  496.985538][T14462]  ? find_held_lock+0x2b/0x80
[  496.985554][T14462]  alloc_pages_noprof+0x131/0x390
[  496.985571][T14462]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  496.985585][T14462]  get_free_pages_noprof+0xc/0x40
[  496.985602][T14462]  kasan_populate_vmalloc_pte+0x2d/0x160
[  496.985616][T14462]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  496.985628][T14462]  __apply_to_page_range+0x617/0xd60
[  496.985649][T14462]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  496.985665][T14462]  ? __pfx___apply_to_page_range+0x10/0x10
[  496.985684][T14462]  ? alloc_vmap_area+0x872/0x2970
[  496.985705][T14462]  alloc_vmap_area+0x919/0x2970
[  496.985729][T14462]  ? __pfx_alloc_vmap_area+0x10/0x10
[  496.985752][T14462]  __get_vm_area_node+0x1a7/0x300
[  496.985773][T14462]  __vmalloc_node_range_noprof+0x277/0x1540
[  496.985793][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  496.985816][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  496.985837][T14462]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  496.985864][T14462]  __kvmalloc_node_noprof+0x2ff/0x600
[  496.985878][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  496.985896][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  496.985917][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  496.985933][T14462]  __do_sys_listmount+0x1c2/0xed0
[  496.985954][T14462]  ? __x64_sys_futex+0x1e0/0x4c0
[  496.985967][T14462]  ? __x64_sys_futex+0x1e9/0x4c0
[  496.985980][T14462]  ? __pfx___do_sys_listmount+0x10/0x10
[  496.985998][T14462]  ? xfd_validate_state+0x5d/0x180
[  496.986025][T14462]  do_syscall_64+0xcd/0x230
[  496.986045][T14462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.986059][T14462] RIP: 0033:0x7f230e78e969
[  496.986071][T14462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.986083][T14462] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  496.986096][T14462] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  496.986105][T14462] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  496.986113][T14462] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  496.986122][T14462] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  496.986129][T14462] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  496.986146][T14462]  </TASK>
[  496.986201][T14462] syz.1.1718: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  498.481777][T14462] CPU: 1 UID: 0 PID: 14462 Comm: syz.1.1718 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  498.481799][T14462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  498.481807][T14462] Call Trace:
[  498.481812][T14462]  <TASK>
[  498.481817][T14462]  dump_stack_lvl+0x16c/0x1f0
[  498.481840][T14462]  warn_alloc+0x248/0x3a0
[  498.481857][T14462]  ? __pfx_warn_alloc+0x10/0x10
[  498.481873][T14462]  ? kfree+0x2b6/0x4d0
[  498.481897][T14462]  ? __get_vm_area_node+0x1e5/0x300
[  498.481921][T14462]  __vmalloc_node_range_noprof+0xd31/0x1540
[  498.481948][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  498.481971][T14462]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  498.481999][T14462]  __kvmalloc_node_noprof+0x2ff/0x600
[  498.482013][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  498.482032][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  498.482053][T14462]  ? __do_sys_listmount+0x1c2/0xed0
[  498.482070][T14462]  __do_sys_listmount+0x1c2/0xed0
[  498.482091][T14462]  ? __x64_sys_futex+0x1e0/0x4c0
[  498.482105][T14462]  ? __x64_sys_futex+0x1e9/0x4c0
[  498.482120][T14462]  ? __pfx___do_sys_listmount+0x10/0x10
[  498.482138][T14462]  ? xfd_validate_state+0x5d/0x180
[  498.482167][T14462]  do_syscall_64+0xcd/0x230
[  498.482187][T14462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.482201][T14462] RIP: 0033:0x7f230e78e969
[  498.482213][T14462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.482226][T14462] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  498.482239][T14462] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  498.482248][T14462] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  498.482257][T14462] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  498.482264][T14462] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  498.482272][T14462] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  498.482289][T14462]  </TASK>
[  498.482294][T14462] Mem-Info:
[  498.886447][ T6376] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow.
[  499.352846][T14462] active_anon:64249 inactive_anon:52 isolated_anon:0
[  499.352846][T14462]  active_file:16215 inactive_file:40488 isolated_file:0
[  499.352846][T14462]  unevictable:768 dirty:37 writeback:0
[  499.352846][T14462]  slab_reclaimable:11292 slab_unreclaimable:96401
[  499.352846][T14462]  mapped:45919 shmem:48494 pagetables:1123
[  499.352846][T14462]  sec_pagetables:0 bounce:0
[  499.352846][T14462]  kernel_misc_reclaimable:0
[  499.352846][T14462]  free:1266476 free_pcp:13409 free_cma:0
[  499.398365][    C1] vkms_vblank_simulate: vblank timer overrun
[  499.595404][T14462] Node 0 active_anon:243744kB inactive_anon:208kB active_file:64860kB inactive_file:161880kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:176240kB dirty:148kB writeback:0kB shmem:180392kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11536kB pagetables:4388kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  499.629192][    C1] vkms_vblank_simulate: vblank timer overrun
[  499.752741][T14462] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  499.783911][    C1] vkms_vblank_simulate: vblank timer overrun
[  500.189616][T14462] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  500.216731][    C1] vkms_vblank_simulate: vblank timer overrun
[  500.380581][T14462] lowmem_reserve[]: 0 2484 2486 2486 2486
[  500.412306][T14462] Node 0 DMA32 free:1170956kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:242796kB inactive_anon:208kB active_file:64860kB inactive_file:160052kB unevictable:1536kB writepending:292kB present:3129332kB managed:2544172kB mlocked:0kB bounce:0kB free_pcp:29124kB local_pcp:29124kB free_cma:0kB
[  500.573318][T14462] lowmem_reserve[]: 0 0 1 1 1
[  500.714758][T14462] Node 0 Normal free:24kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1828kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  500.909896][T14462] lowmem_reserve[]: 0 0 0 0 0
[  500.943409][T14462] Node 1 Normal free:3902868kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:13980kB local_pcp:13980kB free_cma:0kB
[  500.972854][    C1] vkms_vblank_simulate: vblank timer overrun
[  501.112052][T14462] lowmem_reserve[]: 0 0 0 0 0
[  501.134741][T14462] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  501.210096][T14462] Node 0 DMA32: 3111*4kB (UME) 1909*8kB (UME) 1077*16kB (UME) 806*32kB (UME) 593*64kB (UME) 281*128kB (UME) 103*256kB (UME) 43*512kB (UME) 41*1024kB (UME) 12*2048kB (UM) 226*4096kB (UM) = 1185300kB
[  501.229705][    C1] vkms_vblank_simulate: vblank timer overrun
[  501.357701][T14462] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  501.450366][T14462] Node 1 Normal: 4*4kB (UME) 6*8kB (UME) 29*16kB (UE) 200*32kB (UE) 94*64kB (UE) 28*128kB (UME) 14*256kB (UM) 8*512kB (UME) 6*1024kB (UE) 5*2048kB (UME) 943*4096kB (M) = 3903120kB
[  501.537936][T14462] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  501.614566][T14462] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB
[  501.673869][T14462] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  501.715366][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.723839][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  501.743221][T14462] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  501.786902][T14462] 104700 total pagecache pages
[  501.808323][T14462] 91 pages in swap cache
[  501.832014][T14462] Free swap  = 123880kB
[  501.855166][T14462] Total swap = 124996kB
[  501.860790][T14523] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1729'.
[  501.876108][T14462] 2097051 pages RAM
[  501.896050][T14462] 0 pages HighMem/MovableOnly
[  501.919860][T14462] 428902 pages reserved
[  501.930447][T14462] 0 pages cma reserved
[  502.207109][T14523] team0: Port device team_slave_0 removed
[  503.089458][T14541] Invalid ELF header magic: != ELF
[  503.513086][T14558] kernel read not supported for file /set_event_notrace_pid (pid: 14558 comm: syz.1.1739)
[  503.574616][   T30] audit: type=1800 audit(4368879703.502:36): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1739" name="set_event_notrace_pid" dev="tracefs" ino=13 res=0 errno=0
[  503.595736][    C1] vkms_vblank_simulate: vblank timer overrun
[  503.672706][T14561] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  503.866240][T14558] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  506.465352][T14638] netlink: 504 bytes leftover after parsing attributes in process `syz.4.1754'.
[  507.168077][T14656] netlink: 'syz.1.1759': attribute type 19 has an invalid length.
[  507.210395][T14656] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1759'.
[  511.325184][T14727] vivid-003: =================  START STATUS  =================
[  511.471372][T14727] vivid-003: Radio HW Seek Mode: Bounded
[  511.562904][T14727] vivid-003: Radio Programmable HW Seek: false
[  511.569171][T14727] vivid-003: RDS Rx I/O Mode: Block I/O
[  511.739997][T14727] vivid-003: Generate RBDS Instead of RDS: false
[  511.848903][T14727] vivid-003: RDS Reception: true
[  511.955059][T14727] vivid-003: RDS Program Type: 0 inactive
[  511.977161][T14727] vivid-003: RDS PS Name:  inactive
[  512.091771][T14727] vivid-003: RDS Radio Text:  inactive
[  512.129335][T14727] vivid-003: RDS Traffic Announcement: false inactive
[  512.261869][T14727] vivid-003: RDS Traffic Program: false inactive
[  512.318699][T14727] vivid-003: RDS Music: false inactive
[  512.401646][T14727] vivid-003: ==================  END STATUS  ==================
[  517.621843][T14839] can: request_module (can-proto-4) failed.
[  519.839162][   T30] audit: type=1800 audit(4294967313.820:37): pid=14871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1800" name="version" dev="configfs" ino=49026 res=0 errno=0
[  521.135055][T14894] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  521.466244][T14894] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  522.894847][   T30] audit: type=1800 audit(4294967316.880:38): pid=14918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1813" name="discovery_nqn" dev="configfs" ino=49198 res=0 errno=0
[  522.915656][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.484612][T14966] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1820'.
[  525.871592][T13085] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  526.910743][T14990] netlink: 'syz.3.1827': attribute type 19 has an invalid length.
[  526.988748][T14990] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1827'.
[  528.004260][   T30] audit: type=1806 audit(4294967321.990:39): xattr="0" res=-22
[  528.892687][T15035] FAULT_INJECTION: forcing a failure.
[  528.892687][T15035] name failslab, interval 1, probability 0, space 0, times 0
[  528.986135][T15035] CPU: 1 UID: 0 PID: 15035 Comm: syz.0.1838 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  528.986159][T15035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  528.986169][T15035] Call Trace:
[  528.986176][T15035]  <TASK>
[  528.986182][T15035]  dump_stack_lvl+0x16c/0x1f0
[  528.986207][T15035]  should_fail_ex+0x512/0x640
[  528.986227][T15035]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  528.986251][T15035]  should_failslab+0xc2/0x120
[  528.986268][T15035]  __kmalloc_cache_noprof+0x6a/0x3e0
[  528.986288][T15035]  ? snd_pcm_oss_change_params_locked+0x211/0x3b40
[  528.986308][T15035]  ? kasan_save_track+0x14/0x30
[  528.986323][T15035]  snd_pcm_oss_change_params_locked+0x211/0x3b40
[  528.986343][T15035]  ? rcu_is_watching+0x12/0xc0
[  528.986358][T15035]  ? __mutex_lock+0x1ca/0xb90
[  528.986374][T15035]  ? __lock_acquire+0xaa4/0x1ba0
[  528.986392][T15035]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  528.986412][T15035]  ? __pfx___mutex_lock+0x10/0x10
[  528.986429][T15035]  ? __lock_acquire+0xaa4/0x1ba0
[  528.986450][T15035]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  528.986476][T15035]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  528.986496][T15035]  snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0
[  528.986514][T15035]  ? lockdep_hardirqs_on+0x7c/0x110
[  528.986539][T15035]  snd_pcm_oss_poll+0x549/0xaf0
[  528.986560][T15035]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  528.986581][T15035]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  528.986600][T15035]  ? do_raw_spin_lock+0x12c/0x2b0
[  528.986619][T15035]  ? find_held_lock+0x2b/0x80
[  528.986632][T15035]  ? __pfx_snd_pcm_oss_poll+0x10/0x10
[  528.986650][T15035]  ep_item_poll+0x13e/0x1f0
[  528.986669][T15035]  do_epoll_ctl+0x1db8/0x3590
[  528.986695][T15035]  ? __pfx_do_epoll_ctl+0x10/0x10
[  528.986713][T15035]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  528.986732][T15035]  ? rep_movs_alternative+0x30/0x90
[  528.986749][T15035]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  528.986766][T15035]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  528.986784][T15035]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  528.986802][T15035]  ? rcu_is_watching+0x12/0xc0
[  528.986819][T15035]  do_syscall_64+0xcd/0x230
[  528.986837][T15035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.986852][T15035] RIP: 0033:0x7f19d878e969
[  528.986863][T15035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  528.986876][T15035] RSP: 002b:00007f19d95bf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  528.986889][T15035] RAX: ffffffffffffffda RBX: 00007f19d89b5fa0 RCX: 00007f19d878e969
[  528.986897][T15035] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  528.986905][T15035] RBP: 00007f19d8810ab1 R08: 0000000000000000 R09: 0000000000000000
[  528.986913][T15035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  528.986920][T15035] R13: 0000000000000000 R14: 00007f19d89b5fa0 R15: 00007fff00a328b8
[  528.986938][T15035]  </TASK>
[  530.429040][T15051] ima: policy update failed
[  530.512528][   T30] audit: type=1802 audit(4294967324.480:40): pid=15051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1840" res=0 errno=0
[  532.204445][T15079] FAULT_INJECTION: forcing a failure.
[  532.204445][T15079] name failslab, interval 1, probability 0, space 0, times 0
[  532.317739][T15069] IPVS: length: 150994944 != 15703474184
[  532.391733][T15079] CPU: 1 UID: 0 PID: 15079 Comm: syz.0.1846 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  532.391758][T15079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  532.391766][T15079] Call Trace:
[  532.391771][T15079]  <TASK>
[  532.391778][T15079]  dump_stack_lvl+0x16c/0x1f0
[  532.391800][T15079]  should_fail_ex+0x512/0x640
[  532.391820][T15079]  ? fs_reclaim_acquire+0xae/0x150
[  532.391841][T15079]  ? tomoyo_supervisor+0x45b/0x13b0
[  532.391860][T15079]  should_failslab+0xc2/0x120
[  532.391877][T15079]  __kmalloc_noprof+0xd2/0x510
[  532.391890][T15079]  ? tomoyo_profile+0x47/0x60
[  532.391913][T15079]  tomoyo_supervisor+0x45b/0x13b0
[  532.391936][T15079]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  532.391953][T15079]  ? __pfx_vsnprintf+0x10/0x10
[  532.391978][T15079]  ? tomoyo_encode2+0x329/0x3e0
[  532.392004][T15079]  tomoyo_path_number_perm+0x448/0x580
[  532.392021][T15079]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  532.392054][T15079]  ? find_held_lock+0x2b/0x80
[  532.392067][T15079]  ? hook_file_ioctl_common+0x145/0x410
[  532.392085][T15079]  ? __fget_files+0x20e/0x3c0
[  532.392107][T15079]  security_file_ioctl+0x9b/0x240
[  532.392124][T15079]  __x64_sys_ioctl+0xb7/0x200
[  532.392143][T15079]  do_syscall_64+0xcd/0x230
[  532.392162][T15079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.392175][T15079] RIP: 0033:0x7f19d878e969
[  532.392187][T15079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.392200][T15079] RSP: 002b:00007f19d957d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  532.392213][T15079] RAX: ffffffffffffffda RBX: 00007f19d89b6160 RCX: 00007f19d878e969
[  532.392222][T15079] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000006
[  532.392231][T15079] RBP: 00007f19d8810ab1 R08: 0000000000000000 R09: 0000000000000000
[  532.392239][T15079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  532.392246][T15079] R13: 0000000000000000 R14: 00007f19d89b6160 R15: 00007fff00a328b8
[  532.392263][T15079]  </TASK>
[  532.967771][T13085] Bluetooth: hci3: unexpected event 0x3e length: 1020 > 260
[  532.967797][T13085] Bluetooth: hci3: unexpected subevent 0x01 length: 1019 > 18
[  534.281627][T15100] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations!
[  535.549628][T15132] FAULT_INJECTION: forcing a failure.
[  535.549628][T15132] name failslab, interval 1, probability 0, space 0, times 0
[  535.702179][T15132] CPU: 1 UID: 0 PID: 15132 Comm: syz.1.1854 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  535.702203][T15132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  535.702211][T15132] Call Trace:
[  535.702216][T15132]  <TASK>
[  535.702222][T15132]  dump_stack_lvl+0x16c/0x1f0
[  535.702244][T15132]  should_fail_ex+0x512/0x640
[  535.702263][T15132]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  535.702281][T15132]  should_failslab+0xc2/0x120
[  535.702297][T15132]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  535.702312][T15132]  ? __d_alloc+0x31/0xaa0
[  535.702328][T15132]  __d_alloc+0x31/0xaa0
[  535.702344][T15132]  d_alloc_pseudo+0x1c/0xc0
[  535.702361][T15132]  alloc_file_pseudo+0xcf/0x230
[  535.702379][T15132]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  535.702395][T15132]  ? alloc_fd+0x471/0x7d0
[  535.702418][T15132]  sock_alloc_file+0x50/0x210
[  535.702435][T15132]  __sys_socket+0x1c0/0x260
[  535.702453][T15132]  ? __pfx___sys_socket+0x10/0x10
[  535.702472][T15132]  ? rcu_is_watching+0x12/0xc0
[  535.702488][T15132]  __x64_sys_socket+0x72/0xb0
[  535.702505][T15132]  ? lockdep_hardirqs_on+0x7c/0x110
[  535.702522][T15132]  do_syscall_64+0xcd/0x230
[  535.702542][T15132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  535.702556][T15132] RIP: 0033:0x7f230e78e969
[  535.702568][T15132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  535.702581][T15132] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  535.702593][T15132] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  535.702602][T15132] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000011
[  535.702610][T15132] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  535.702617][T15132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  535.702625][T15132] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  535.702641][T15132]  </TASK>
[  536.210350][ T5837] Bluetooth: hci0: Unable to find connection for big 0xd2
[  537.226609][T15157] zram: Added device: zram3
[  539.854979][T15223] TCP: TCP_TX_DELAY enabled
[  540.708880][T15261] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1877'.
[  540.946468][T15261] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  541.422217][T15274] can: request_module (can-proto-3) failed.
[  541.523050][T15280] usb usb8: usbfs: interface 0 claimed by hub while 'syz.1.1883' sets config #0
[  541.998523][T15281] ima: policy update failed
[  542.039155][   T30] audit: type=1802 audit(4294967336.010:41): pid=15281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1882" res=0 errno=0
[  542.075994][T15288] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  542.460716][T15289] WARNING! power/level is deprecated; use power/control instead
[  542.645051][T15303] lo: entered allmulticast mode
[  542.757492][T15306] lo: left allmulticast mode
[  542.845251][T15306] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  542.851903][T15306] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  543.795160][T15312] CIFS mount error: No usable UNC path provided in device string!
[  543.795160][T15312] 
[  543.968675][T15312] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  544.528719][T15349] mkiss: ax0: crc mode is auto.
[  547.176379][T15412] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  547.260080][T15412] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  547.736253][T15427] FAULT_INJECTION: forcing a failure.
[  547.736253][T15427] name failslab, interval 1, probability 0, space 0, times 0
[  547.768176][   T30] audit: type=1800 audit(4294967341.740:42): pid=15425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1911" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  547.808111][T15427] CPU: 1 UID: 0 PID: 15427 Comm: syz.4.1912 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  547.808136][T15427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  547.808145][T15427] Call Trace:
[  547.808150][T15427]  <TASK>
[  547.808156][T15427]  dump_stack_lvl+0x16c/0x1f0
[  547.808179][T15427]  should_fail_ex+0x512/0x640
[  547.808198][T15427]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  547.808216][T15427]  should_failslab+0xc2/0x120
[  547.808233][T15427]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  547.808247][T15427]  ? __kernfs_new_node+0xd2/0x8a0
[  547.808271][T15427]  __kernfs_new_node+0xd2/0x8a0
[  547.808293][T15427]  ? __pfx___kernfs_new_node+0x10/0x10
[  547.808321][T15427]  ? find_held_lock+0x2b/0x80
[  547.808336][T15427]  ? kernfs_root+0xee/0x2a0
[  547.808360][T15427]  kernfs_new_node+0x13c/0x1e0
[  547.808379][T15427]  kernfs_create_dir_ns+0x4c/0x1a0
[  547.808397][T15427]  sysfs_create_dir_ns+0x13a/0x2b0
[  547.808417][T15427]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  547.808436][T15427]  ? sysfs_create_dir_ns+0x14c/0x2b0
[  547.808456][T15427]  ? kfree+0x252/0x4d0
[  547.808477][T15427]  kobject_add_internal+0x2c4/0x9b0
[  547.808500][T15427]  kobject_add+0x16e/0x240
[  547.808518][T15427]  ? __pfx_kobject_add+0x10/0x10
[  547.808538][T15427]  ? __pfx_kobject_add+0x10/0x10
[  547.808565][T15427]  blk_register_queue+0x98/0x560
[  547.808582][T15427]  add_disk_fwnode+0x911/0x13a0
[  547.808605][T15427]  zram_add+0x494/0x6c0
[  547.808623][T15427]  ? __pfx_zram_add+0x10/0x10
[  547.808661][T15427]  ? find_held_lock+0x2b/0x80
[  547.808678][T15427]  ? __pfx_hot_add_show+0x10/0x10
[  547.808695][T15427]  ? __pfx_class_attr_show+0x10/0x10
[  547.808712][T15427]  hot_add_show+0x21/0x80
[  547.808730][T15427]  class_attr_show+0x6f/0xa0
[  547.808747][T15427]  sysfs_kf_seq_show+0x213/0x3e0
[  547.808769][T15427]  seq_read_iter+0x506/0x12c0
[  547.808796][T15427]  kernfs_fop_read_iter+0x40f/0x5a0
[  547.808811][T15427]  ? rw_verify_area+0xcf/0x680
[  547.808832][T15427]  vfs_read+0x8c8/0xc70
[  547.808847][T15427]  ? __pfx___mutex_lock+0x10/0x10
[  547.808865][T15427]  ? __pfx_vfs_read+0x10/0x10
[  547.808890][T15427]  ksys_read+0x12a/0x240
[  547.808902][T15427]  ? __pfx_ksys_read+0x10/0x10
[  547.808912][T15427]  ? rcu_is_watching+0x12/0xc0
[  547.808930][T15427]  do_syscall_64+0xcd/0x230
[  547.808949][T15427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  547.808963][T15427] RIP: 0033:0x7f098518e969
[  547.808976][T15427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  547.808988][T15427] RSP: 002b:00007f0985f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  547.809001][T15427] RAX: ffffffffffffffda RBX: 00007f09853b5fa0 RCX: 00007f098518e969
[  547.809010][T15427] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000008
[  547.809017][T15427] RBP: 00007f0985210ab1 R08: 0000000000000000 R09: 0000000000000000
[  547.809025][T15427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  547.809032][T15427] R13: 0000000000000000 R14: 00007f09853b5fa0 R15: 00007fffd048ba88
[  547.809051][T15427]  </TASK>
[  548.131570][T15427] kobject: kobject_add_internal failed for queue (error: -12 parent: zram4)
[  550.063850][T15451] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1918'.
[  550.379464][T15455] Invalid ELF header magic: != ELF
[  554.215293][T15522] Invalid ELF header magic: != ELF
[  554.278554][T15525] Invalid ELF header magic: != ELF
[  555.656972][T15536] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1938'.
[  555.684259][T15566] FAULT_INJECTION: forcing a failure.
[  555.684259][T15566] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  555.759434][T15566] CPU: 1 UID: 0 PID: 15566 Comm: syz.1.1944 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  555.759456][T15566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  555.759465][T15566] Call Trace:
[  555.759470][T15566]  <TASK>
[  555.759476][T15566]  dump_stack_lvl+0x16c/0x1f0
[  555.759499][T15566]  should_fail_ex+0x512/0x640
[  555.759521][T15566]  should_fail_alloc_page+0xe7/0x130
[  555.759539][T15566]  prepare_alloc_pages+0x3c2/0x610
[  555.759560][T15566]  ? rcu_is_watching+0x12/0xc0
[  555.759574][T15566]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  555.759589][T15566]  ? __kernel_text_address+0xd/0x40
[  555.759608][T15566]  ? unwind_get_return_address+0x59/0xa0
[  555.759623][T15566]  ? arch_stack_walk+0xa6/0x100
[  555.759643][T15566]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  555.759658][T15566]  ? stack_trace_save+0x8e/0xc0
[  555.759671][T15566]  ? __pfx_stack_trace_save+0x10/0x10
[  555.759683][T15566]  ? stack_depot_save_flags+0x28/0xa50
[  555.759702][T15566]  ? find_held_lock+0x2b/0x80
[  555.759717][T15566]  ? kasan_save_stack+0x42/0x60
[  555.759732][T15566]  ? __lock_acquire+0xaa4/0x1ba0
[  555.759747][T15566]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  555.759765][T15566]  ? policy_nodemask+0xea/0x4e0
[  555.759782][T15566]  alloc_pages_mpol+0x1fb/0x550
[  555.759798][T15566]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  555.759811][T15566]  ? __page_table_check_ptes_set+0x1ae/0x420
[  555.759827][T15566]  ? find_held_lock+0x2b/0x80
[  555.759842][T15566]  alloc_pages_noprof+0x131/0x390
[  555.759858][T15566]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  555.759870][T15566]  get_free_pages_noprof+0xc/0x40
[  555.759942][T15566]  kasan_populate_vmalloc_pte+0x2d/0x160
[  555.759956][T15566]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  555.759970][T15566]  __apply_to_page_range+0x617/0xd60
[  555.759993][T15566]  ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10
[  555.760009][T15566]  ? __pfx___apply_to_page_range+0x10/0x10
[  555.760029][T15566]  ? alloc_vmap_area+0x872/0x2970
[  555.760050][T15566]  alloc_vmap_area+0x919/0x2970
[  555.760074][T15566]  ? __pfx_alloc_vmap_area+0x10/0x10
[  555.760097][T15566]  __get_vm_area_node+0x1a7/0x300
[  555.760118][T15566]  __vmalloc_node_range_noprof+0x277/0x1540
[  555.760138][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  555.760161][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  555.760183][T15566]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  555.760209][T15566]  __kvmalloc_node_noprof+0x2ff/0x600
[  555.760223][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  555.760241][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  555.760261][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  555.760278][T15566]  __do_sys_listmount+0x1c2/0xed0
[  555.760298][T15566]  ? __x64_sys_futex+0x1e0/0x4c0
[  555.760312][T15566]  ? __x64_sys_futex+0x1e9/0x4c0
[  555.760325][T15566]  ? __pfx___do_sys_listmount+0x10/0x10
[  555.760343][T15566]  ? xfd_validate_state+0x5d/0x180
[  555.760370][T15566]  do_syscall_64+0xcd/0x230
[  555.760389][T15566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.760403][T15566] RIP: 0033:0x7f230e78e969
[  555.760415][T15566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.760428][T15566] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  555.760441][T15566] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  555.760450][T15566] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  555.760461][T15566] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  555.760469][T15566] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  555.760476][T15566] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  555.760493][T15566]  </TASK>
[  556.176613][T15566] warn_alloc: 1 callbacks suppressed
[  556.176628][T15566] syz.1.1944: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  556.197479][T15566] CPU: 1 UID: 0 PID: 15566 Comm: syz.1.1944 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  556.197499][T15566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  556.197508][T15566] Call Trace:
[  556.197513][T15566]  <TASK>
[  556.197519][T15566]  dump_stack_lvl+0x16c/0x1f0
[  556.197541][T15566]  warn_alloc+0x248/0x3a0
[  556.197558][T15566]  ? __pfx_warn_alloc+0x10/0x10
[  556.197574][T15566]  ? kfree+0x2b6/0x4d0
[  556.197598][T15566]  ? __get_vm_area_node+0x1e5/0x300
[  556.197622][T15566]  __vmalloc_node_range_noprof+0xd31/0x1540
[  556.197648][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  556.197670][T15566]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  556.197696][T15566]  __kvmalloc_node_noprof+0x2ff/0x600
[  556.197710][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  556.197728][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  556.197748][T15566]  ? __do_sys_listmount+0x1c2/0xed0
[  556.197764][T15566]  __do_sys_listmount+0x1c2/0xed0
[  556.197785][T15566]  ? __x64_sys_futex+0x1e0/0x4c0
[  556.197798][T15566]  ? __x64_sys_futex+0x1e9/0x4c0
[  556.197812][T15566]  ? __pfx___do_sys_listmount+0x10/0x10
[  556.197830][T15566]  ? xfd_validate_state+0x5d/0x180
[  556.197857][T15566]  do_syscall_64+0xcd/0x230
[  556.197875][T15566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.197889][T15566] RIP: 0033:0x7f230e78e969
[  556.197907][T15566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.197921][T15566] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca
[  556.197934][T15566] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  556.197943][T15566] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100
[  556.197951][T15566] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  556.197960][T15566] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  556.197968][T15566] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  556.197985][T15566]  </TASK>
[  556.197991][T15566] Mem-Info:
[  556.411017][T15566] active_anon:63322 inactive_anon:52 isolated_anon:0
[  556.411017][T15566]  active_file:6681 inactive_file:48014 isolated_file:0
[  556.411017][T15566]  unevictable:768 dirty:129 writeback:0
[  556.411017][T15566]  slab_reclaimable:11511 slab_unreclaimable:97591
[  556.411017][T15566]  mapped:43202 shmem:44350 pagetables:1179
[  556.411017][T15566]  sec_pagetables:0 bounce:0
[  556.411017][T15566]  kernel_misc_reclaimable:0
[  556.411017][T15566]  free:1278551 free_pcp:2257 free_cma:0
[  556.456720][T15566] Node 0 active_anon:253288kB inactive_anon:208kB active_file:26724kB inactive_file:192052kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:172808kB dirty:516kB writeback:0kB shmem:175864kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11824kB pagetables:4716kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  556.490788][T15566] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  556.522328][T15566] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  556.549746][T15566] lowmem_reserve[]: 0 2484 2486 2486 2486
[  556.555573][T15566] Node 0 DMA32 free:1181712kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:253240kB inactive_anon:208kB active_file:26724kB inactive_file:190228kB unevictable:1536kB writepending:516kB present:3129332kB managed:2544172kB mlocked:24kB bounce:0kB free_pcp:9008kB local_pcp:9008kB free_cma:0kB
[  556.681501][T15566] lowmem_reserve[]: 0 0 1 1 1
[  556.708424][T15566] Node 0 Normal free:24kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1824kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  556.804850][T15566] lowmem_reserve[]: 0 0 0 0 0
[  556.814298][T15566] Node 1 Normal free:3917108kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  556.916731][T15566] lowmem_reserve[]: 0 0 0 0 0
[  556.927566][T15566] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  556.952228][T15566] Node 0 DMA32: 3460*4kB (UME) 1559*8kB (UM) 1304*16kB (UME) 772*32kB (UME) 614*64kB (UME) 282*128kB (UM) 120*256kB (UM) 56*512kB (UME) 55*1024kB (UME) 11*2048kB (UM) 217*4096kB (UM) = 1174344kB
[  557.031249][T15566] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[  557.064687][T15566] Node 1 Normal: 225*4kB (UME) 54*8kB (UME) 44*16kB (UME) 204*32kB (UME) 93*64kB (UME) 27*128kB (UME) 15*256kB (UM) 8*512kB (UME) 8*1024kB (UME) 6*2048kB (UME) 945*4096kB (M) = 3917108kB
[  557.122048][T15566] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  557.152186][T15566] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB
[  557.188892][T15566] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  557.220235][T15566] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  557.249693][T15566] 104344 total pagecache pages
[  557.269183][T15566] 105 pages in swap cache
[  557.281201][T15566] Free swap  = 124576kB
[  557.296954][T15566] Total swap = 124996kB
[  557.312925][T15566] 2097051 pages RAM
[  557.323021][T15566] 0 pages HighMem/MovableOnly
[  557.345780][T15566] 428902 pages reserved
[  557.349968][T15566] 0 pages cma reserved
[  558.253578][T15603] EXT4-fs error (device sda1): ext4_lookup:1789: inode #248: comm syz.0.1955: iget: checksum invalid
[  558.334484][T15603] platform regulatory.0: loading /lib/firmware/updates/6.15.0-rc4-syzkaller-00256-g95d3481af6dc/regulatory.db failed with error -74
[  558.487509][T15603] EXT4-fs error (device sda1): ext4_lookup:1789: inode #248: comm syz.0.1955: iget: checksum invalid
[  558.535770][T15603] platform regulatory.0: loading /lib/firmware/updates/regulatory.db failed with error -74
[  558.607373][T15603] EXT4-fs error (device sda1): ext4_lookup:1789: inode #248: comm syz.0.1955: iget: checksum invalid
[  558.664597][T15603] platform regulatory.0: loading /lib/firmware/6.15.0-rc4-syzkaller-00256-g95d3481af6dc/regulatory.db failed with error -74
[  558.743298][T15603] EXT4-fs error (device sda1): ext4_lookup:1789: inode #248: comm syz.0.1955: iget: checksum invalid
[  558.808802][T15603] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -74
[  558.886533][T15603] platform regulatory.0: Direct firmware load for regulatory.db failed with error -74
[  558.957699][T15611] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  558.985696][T15611] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  559.028734][T15603] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  559.080659][T15611] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  559.160096][T15611] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  559.197078][T15611] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  559.227189][T15611] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  559.270348][T15611] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  559.293954][T15611] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  559.346955][T15611] CPU0 is offline.
[  560.027852][T15632] block2mtd: illegal erase size
[  560.671386][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  561.042619][T15647] ERROR: Out of memory at tomoyo_memory_ok.
[  561.048771][T15647] ERROR: Domain '<kernel> /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /usr/sbin/sshd /usr/sbin/sshd /bin/sh /root/syz-executor /root/syz-executor /newroot/463/:,' not defined.
[  561.151206][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  561.231207][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  561.311211][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  562.006039][T15660] nvme_fabrics: missing parameter 'transport=%s'
[  562.023923][T15660] nvme_fabrics: missing parameter 'nqn=%s'
[  562.751718][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  563.161709][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  563.169609][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  563.231258][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  563.311210][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  563.391184][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  564.129717][T15716] ptrace attach of "./syz-executor exec"[10702] was attempted by "./syz-executor exec"[15716]
[  564.690175][T15739] ubi: mtd0 is already attached to ubi0
[  564.838638][T15739] Invalid ELF header magic: != ELF
[  564.869834][T15740] Invalid ELF header magic: != ELF
[  567.318465][T15800] Invalid ELF header magic: != ELF
[  569.530644][T15857] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2008'.
[  569.561243][T15856] netlink: 72 bytes leftover after parsing attributes in process `syz.0.2009'.
[  573.171654][T15923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2023'.
[  574.617051][T15952] FAULT_INJECTION: forcing a failure.
[  574.617051][T15952] name failslab, interval 1, probability 0, space 0, times 0
[  574.894851][T15952] CPU: 1 UID: 0 PID: 15952 Comm: syz.1.2030 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  574.894875][T15952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  574.894884][T15952] Call Trace:
[  574.894889][T15952]  <TASK>
[  574.894895][T15952]  dump_stack_lvl+0x16c/0x1f0
[  574.894920][T15952]  should_fail_ex+0x512/0x640
[  574.894940][T15952]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  574.894958][T15952]  should_failslab+0xc2/0x120
[  574.894975][T15952]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  574.894989][T15952]  ? ep_ptable_queue_proc+0x5b/0x280
[  574.895009][T15952]  ep_ptable_queue_proc+0x5b/0x280
[  574.895027][T15952]  pipe_poll+0x239/0x660
[  574.895039][T15952]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  574.895056][T15952]  ? __pfx_pipe_poll+0x10/0x10
[  574.895067][T15952]  ep_item_poll+0x13e/0x1f0
[  574.895085][T15952]  do_epoll_ctl+0x1db8/0x3590
[  574.895111][T15952]  ? __pfx_do_epoll_ctl+0x10/0x10
[  574.895133][T15952]  ? find_held_lock+0x2b/0x80
[  574.895147][T15952]  ? __might_fault+0xe3/0x190
[  574.895162][T15952]  ? __might_fault+0xe3/0x190
[  574.895176][T15952]  ? __pfx_ep_ptable_queue_proc+0x10/0x10
[  574.895200][T15952]  ? __x64_sys_epoll_ctl+0x15c/0x1e0
[  574.895218][T15952]  __x64_sys_epoll_ctl+0x15c/0x1e0
[  574.895237][T15952]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  574.895255][T15952]  ? rcu_is_watching+0x12/0xc0
[  574.895272][T15952]  do_syscall_64+0xcd/0x230
[  574.895291][T15952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.895305][T15952] RIP: 0033:0x7f230e78e969
[  574.895317][T15952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.895329][T15952] RSP: 002b:00007f230f5c4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  574.895342][T15952] RAX: ffffffffffffffda RBX: 00007f230e9b6080 RCX: 00007f230e78e969
[  574.895351][T15952] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 000000000000000c
[  574.895359][T15952] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  574.895366][T15952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  574.895373][T15952] R13: 0000000000000000 R14: 00007f230e9b6080 R15: 00007fff557fb0e8
[  574.895391][T15952]  </TASK>
[  575.421451][T15962] netlink: 'syz.4.2032': attribute type 11 has an invalid length.
[  576.795895][T15995] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  576.859495][T15995] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  576.933176][T15995] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  577.061234][T16006] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum
[  577.146599][T16005] ubi: mtd0 is already attached to ubi0
[  577.214152][T16007] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2043'.
[  577.249652][T16008] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 2: bad block bitmap checksum
[  577.327043][T16007] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  577.371373][T16007] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.379133][T16007] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.454069][T16012] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 3: bad block bitmap checksum
[  578.027920][T16018] bridge0: port 3(gretap0) entered blocking state
[  578.067112][T16018] bridge0: port 3(gretap0) entered disabled state
[  578.643917][T16018] gretap0: entered allmulticast mode
[  578.710944][T16018] gretap0: entered promiscuous mode
[  578.764974][T16018] bridge0: port 3(gretap0) entered blocking state
[  578.771570][T16018] bridge0: port 3(gretap0) entered forwarding state
[  579.276002][T13085] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  579.285501][T13085] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  579.293808][T13085] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  579.305355][T13085] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  579.322880][T13085] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  579.998984][T16047] chnl_net:caif_netlink_parms(): no params data found
[  580.515113][T16047] bridge0: port 1(bridge_slave_0) entered blocking state
[  580.530207][T16047] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.557883][T16047] bridge_slave_0: entered allmulticast mode
[  580.584138][T16047] bridge_slave_0: entered promiscuous mode
[  580.609981][T16047] bridge0: port 2(bridge_slave_1) entered blocking state
[  580.628177][T16047] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.646140][T16047] bridge_slave_1: entered allmulticast mode
[  580.666111][T16047] bridge_slave_1: entered promiscuous mode
[  580.790651][T16090] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2055'.
[  580.857481][T16047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  581.190890][T16047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  581.283133][T16103] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  581.317268][T16090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.317296][T16090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  581.324400][T16090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.324421][T16090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  581.392474][T13085] Bluetooth: hci0: command tx timeout
[  581.569834][T16047] team0: Port device team_slave_0 added
[  581.674384][T16047] team0: Port device team_slave_1 added
[  581.809808][T16047] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.809823][T16047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.809839][T16047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.811033][T16047] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.811044][T16047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  581.811060][T16047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  582.014039][T16047] hsr_slave_0: entered promiscuous mode
[  582.015430][T16047] hsr_slave_1: entered promiscuous mode
[  582.015799][T16047] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  582.015887][T16047] Cannot create hsr debugfs directory
[  582.575227][T16047] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.740593][T16047] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.877425][T16047] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.997042][T16047] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  583.217182][T16121] can: request_module (can-proto-0) failed.
[  583.371778][T16047] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  583.443650][T16047] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  583.471200][T13085] Bluetooth: hci0: command tx timeout
[  583.528936][T16047] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  583.594438][T16047] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  583.622475][T16136] FAULT_INJECTION: forcing a failure.
[  583.622475][T16136] name failslab, interval 1, probability 0, space 0, times 0
[  583.721951][T16136] CPU: 1 UID: 0 PID: 16136 Comm: syz.1.2068 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  583.721974][T16136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  583.721983][T16136] Call Trace:
[  583.721988][T16136]  <TASK>
[  583.721994][T16136]  dump_stack_lvl+0x16c/0x1f0
[  583.722018][T16136]  should_fail_ex+0x512/0x640
[  583.722037][T16136]  ? __kmalloc_noprof+0xbf/0x510
[  583.722053][T16136]  ? xfrm_hash_alloc+0xd1/0x100
[  583.722070][T16136]  should_failslab+0xc2/0x120
[  583.722087][T16136]  __kmalloc_noprof+0xd2/0x510
[  583.722100][T16136]  ? proc_create_reg+0xe3/0x180
[  583.722119][T16136]  xfrm_hash_alloc+0xd1/0x100
[  583.722137][T16136]  xfrm_state_init+0x11e/0x630
[  583.722157][T16136]  ? __pfx_xfrm_net_init+0x10/0x10
[  583.722175][T16136]  xfrm_net_init+0x210/0xcc0
[  583.722196][T16136]  ? __pfx_xfrm_net_init+0x10/0x10
[  583.722215][T16136]  ops_init+0x1df/0x5f0
[  583.722233][T16136]  setup_net+0x21e/0x850
[  583.722250][T16136]  ? __pfx_setup_net+0x10/0x10
[  583.722272][T16136]  ? lockdep_init_map_type+0x5c/0x280
[  583.722290][T16136]  ? __pfx_down_read_killable+0x10/0x10
[  583.722313][T16136]  ? debug_mutex_init+0x37/0x70
[  583.722336][T16136]  copy_net_ns+0x2a6/0x5f0
[  583.722355][T16136]  create_new_namespaces+0x3ea/0xad0
[  583.722375][T16136]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  583.722391][T16136]  ksys_unshare+0x45b/0xa40
[  583.722408][T16136]  ? __pfx_ksys_unshare+0x10/0x10
[  583.722424][T16136]  ? xfd_validate_state+0x5d/0x180
[  583.722445][T16136]  ? rcu_is_watching+0x12/0xc0
[  583.722462][T16136]  __x64_sys_unshare+0x31/0x40
[  583.722479][T16136]  do_syscall_64+0xcd/0x230
[  583.722497][T16136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.722511][T16136] RIP: 0033:0x7f230e78e969
[  583.722522][T16136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  583.722535][T16136] RSP: 002b:00007f230f5e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  583.722549][T16136] RAX: ffffffffffffffda RBX: 00007f230e9b5fa0 RCX: 00007f230e78e969
[  583.722557][T16136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  583.722565][T16136] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  583.722572][T16136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  583.722580][T16136] R13: 0000000000000000 R14: 00007f230e9b5fa0 R15: 00007fff557fb0e8
[  583.722597][T16136]  </TASK>
[  585.270270][T16047] 8021q: adding VLAN 0 to HW filter on device bond0
[  585.367989][T16047] 8021q: adding VLAN 0 to HW filter on device team0
[  585.449749][ T7905] bridge0: port 1(bridge_slave_0) entered blocking state
[  585.456919][ T7905] bridge0: port 1(bridge_slave_0) entered forwarding state
[  585.511438][ T7905] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.518564][ T7905] bridge0: port 2(bridge_slave_1) entered forwarding state
[  585.555611][T13085] Bluetooth: hci0: command tx timeout
[  586.359333][T16047] 8021q: adding VLAN 0 to HW filter on device batadv0
[  586.504697][T16047] veth0_vlan: entered promiscuous mode
[  586.577274][T16047] veth1_vlan: entered promiscuous mode
[  586.703381][T16174] Invalid ELF header magic: != ELF
[  586.837119][T16047] veth0_macvtap: entered promiscuous mode
[  586.885508][T16047] veth1_macvtap: entered promiscuous mode
[  586.897060][T16181] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2077'.
[  586.978076][T16047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  587.019754][T16047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.059488][T16047] batman_adv: batadv0: Interface activated: batadv_slave_0
[  587.106630][T16047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.145986][T16047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.180232][T16047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  587.236335][T16047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  587.268769][T16047] batman_adv: batadv0: Interface activated: batadv_slave_1
[  587.328015][T16047] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  587.367207][T16047] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  587.416900][T16047] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  587.450130][T16047] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  587.631867][T13085] Bluetooth: hci0: command tx timeout
[  587.828374][ T6384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.858751][ T6384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.992855][ T6384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  588.032062][ T6384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.337344][T16208] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2084'.
[  588.465569][T16208] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2084'.
[  589.146408][T16227] openvswitch: netlink: IPv6 tunnel dst address is zero
[  590.414442][T16248] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string
[  591.007187][T16264] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2098'.
[  591.045662][T16264] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  591.203172][T16267] hub 8-0:1.0: USB hub found
[  591.226966][T16267] hub 8-0:1.0: 1 port detected
[  591.309084][T16276] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2099'.
[  591.407304][T16279] vivid-003: =================  START STATUS  =================
[  591.530456][T16279] vivid-003: Radio HW Seek Mode: Bounded
[  591.618333][T16279] vivid-003: Radio Programmable HW Seek: false
[  591.692623][T16279] vivid-003: RDS Rx I/O Mode: Block I/O
[  591.895926][T16279] vivid-003: Generate RBDS Instead of RDS: false
[  592.132315][T16279] vivid-003: RDS Reception: true
[  592.215908][T16288] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[16288]
[  592.228295][T16279] vivid-003: RDS Program Type: 0 inactive
[  592.273340][T16279] vivid-003: RDS PS Name:  inactive
[  592.278602][T16279] vivid-003: RDS Radio Text:  inactive
[  592.398601][T16279] vivid-003: RDS Traffic Announcement: false inactive
[  592.496497][T16279] vivid-003: RDS Traffic Program: false inactive
[  592.585400][T16279] vivid-003: RDS Music: false inactive
[  592.590997][T16279] vivid-003: ==================  END STATUS  ==================
[  592.870881][T16293] FAULT_INJECTION: forcing a failure.
[  592.870881][T16293] name failslab, interval 1, probability 0, space 0, times 0
[  592.937880][T16293] CPU: 1 UID: 0 PID: 16293 Comm: syz.4.2102 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  592.937903][T16293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  592.937913][T16293] Call Trace:
[  592.937918][T16293]  <TASK>
[  592.937924][T16293]  dump_stack_lvl+0x16c/0x1f0
[  592.937948][T16293]  should_fail_ex+0x512/0x640
[  592.937968][T16293]  ? __kmalloc_noprof+0xbf/0x510
[  592.937985][T16293]  ? acpi_ns_get_normalized_pathname+0x75/0xd0
[  592.938003][T16293]  should_failslab+0xc2/0x120
[  592.938020][T16293]  __kmalloc_noprof+0xd2/0x510
[  592.938039][T16293]  acpi_ns_get_normalized_pathname+0x75/0xd0
[  592.938059][T16293]  acpi_ex_start_trace_method+0x30/0x480
[  592.938080][T16293]  acpi_ds_begin_method_execution+0x3c/0x980
[  592.938102][T16293]  ? acpi_tb_check_dsdt_header+0x187/0x3e0
[  592.938124][T16293]  acpi_ps_execute_method+0x94/0xb30
[  592.938141][T16293]  ? acpi_ut_acquire_mutex+0x125/0x1d0
[  592.938161][T16293]  acpi_ns_evaluate+0x76c/0xca0
[  592.938179][T16293]  ? kasan_save_track+0x14/0x30
[  592.938194][T16293]  acpi_evaluate_object+0x1fa/0xa90
[  592.938209][T16293]  ? do_syscall_64+0xcd/0x230
[  592.938226][T16293]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.938240][T16293]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  592.938255][T16293]  ? __mutex_trylock_common+0xe9/0x250
[  592.938275][T16293]  acpi_evaluate_integer+0xdd/0x200
[  592.938296][T16293]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  592.938325][T16293]  ? __pfx_status_show+0x10/0x10
[  592.938338][T16293]  status_show+0xa0/0x120
[  592.938353][T16293]  ? __pfx_status_show+0x10/0x10
[  592.938372][T16293]  dev_attr_show+0x53/0xe0
[  592.938389][T16293]  ? __pfx_dev_attr_show+0x10/0x10
[  592.938413][T16293]  sysfs_kf_seq_show+0x213/0x3e0
[  592.938438][T16293]  seq_read_iter+0x506/0x12c0
[  592.938465][T16293]  kernfs_fop_read_iter+0x40f/0x5a0
[  592.938481][T16293]  ? rw_verify_area+0xcf/0x680
[  592.938502][T16293]  vfs_read+0x8c8/0xc70
[  592.938517][T16293]  ? __pfx___mutex_lock+0x10/0x10
[  592.938535][T16293]  ? __pfx_vfs_read+0x10/0x10
[  592.938559][T16293]  ksys_read+0x12a/0x240
[  592.938571][T16293]  ? __pfx_ksys_read+0x10/0x10
[  592.938582][T16293]  ? rcu_is_watching+0x12/0xc0
[  592.938600][T16293]  do_syscall_64+0xcd/0x230
[  592.938618][T16293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.938631][T16293] RIP: 0033:0x7f098518e969
[  592.938644][T16293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.938656][T16293] RSP: 002b:00007f0985f7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  592.938669][T16293] RAX: ffffffffffffffda RBX: 00007f09853b5fa0 RCX: 00007f098518e969
[  592.938678][T16293] RDX: 0000000000000070 RSI: 0000200000000000 RDI: 000000000000000b
[  592.938685][T16293] RBP: 00007f0985210ab1 R08: 0000000000000000 R09: 0000000000000000
[  592.938693][T16293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  592.938701][T16293] R13: 0000000000000000 R14: 00007f09853b5fa0 R15: 00007fffd048ba88
[  592.938720][T16293]  </TASK>
[  592.938742][T16293] ACPI Error: Could not allocate 15 bytes (20240827/nsnames-308)
[  594.668979][T16320] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2108'.
[  594.818423][   T30] audit: type=1800 audit(4294967388.800:43): pid=16316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2107" name="SYSV00000014" dev="hugetlbfs" ino=0 res=0 errno=0
[  596.647755][T16353] Invalid ELF header magic: != ELF
[  600.152157][T16420] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2127'.
[  601.476037][T16439] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2133'.
[  602.104096][T16441] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2133'.
[  604.350019][T16477] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2143'.
[  604.573259][T16484] netlink: zone id is out of range
[  604.613454][T13085] Bluetooth: hci0: unexpected event 0x35 length: 13 > 6
[  604.691210][T16484] netlink: zone id is out of range
[  604.796670][T16477] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.840627][T16484] netlink: zone id is out of range
[  604.912252][T16484] netlink: zone id is out of range
[  604.945318][T16484] netlink: zone id is out of range
[  605.001354][T16484] netlink: zone id is out of range
[  605.031165][T16484] netlink: zone id is out of range
[  605.083063][T16484] netlink: zone id is out of range
[  605.121312][T16484] netlink: zone id is out of range
[  605.133446][T16506] FAULT_INJECTION: forcing a failure.
[  605.133446][T16506] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  605.133485][T16506] CPU: 1 UID: 0 PID: 16506 Comm: syz.3.2146 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  605.133504][T16506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  605.133512][T16506] Call Trace:
[  605.133517][T16506]  <TASK>
[  605.133523][T16506]  dump_stack_lvl+0x16c/0x1f0
[  605.133544][T16506]  should_fail_ex+0x512/0x640
[  605.133567][T16506]  should_fail_alloc_page+0xe7/0x130
[  605.133585][T16506]  prepare_alloc_pages+0x3c2/0x610
[  605.133608][T16506]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  605.133625][T16506]  ? stack_trace_save+0x8e/0xc0
[  605.133643][T16506]  ? __lock_acquire+0xaa4/0x1ba0
[  605.133660][T16506]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  605.133676][T16506]  ? fb_var_to_videomode+0x4c9/0x690
[  605.133698][T16506]  ? __pfx_fb_match_mode+0x10/0x10
[  605.133718][T16506]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  605.133733][T16506]  ? lockdep_hardirqs_on+0x7c/0x110
[  605.133752][T16506]  ? vc_allocate+0x489/0x880
[  605.133766][T16506]  __alloc_pages_noprof+0xb/0x1b0
[  605.133780][T16506]  ___kmalloc_large_node+0x82/0x1e0
[  605.133797][T16506]  ? con_is_visible+0x65/0x150
[  605.133818][T16506]  __kmalloc_large_node_noprof+0x1c/0x70
[  605.133837][T16506]  __kmalloc_noprof.cold+0xc/0x61
[  605.133860][T16506]  vc_allocate+0x489/0x880
[  605.133874][T16506]  ? __pfx_vc_allocate+0x10/0x10
[  605.133894][T16506]  con_install+0xa1/0x600
[  605.133910][T16506]  ? __pfx_con_install+0x10/0x10
[  605.133927][T16506]  ? __pfx_con_install+0x10/0x10
[  605.133942][T16506]  tty_init_dev.part.0+0x99/0x500
[  605.133959][T16506]  tty_open+0xa50/0xf90
[  605.133979][T16506]  ? __pfx_tty_open+0x10/0x10
[  605.133994][T16506]  ? chrdev_open+0x58c/0x6a0
[  605.134011][T16506]  ? __pfx_tty_open+0x10/0x10
[  605.134026][T16506]  chrdev_open+0x231/0x6a0
[  605.134040][T16506]  ? __pfx_chrdev_open+0x10/0x10
[  605.134055][T16506]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  605.134077][T16506]  do_dentry_open+0x741/0x1c10
[  605.134090][T16506]  ? __pfx_chrdev_open+0x10/0x10
[  605.134108][T16506]  vfs_open+0x82/0x3f0
[  605.134126][T16506]  path_openat+0x1e5e/0x2d40
[  605.134146][T16506]  ? __pfx_path_openat+0x10/0x10
[  605.134163][T16506]  do_filp_open+0x20b/0x470
[  605.134176][T16506]  ? __pfx_do_filp_open+0x10/0x10
[  605.134213][T16506]  ? alloc_fd+0x471/0x7d0
[  605.134240][T16506]  do_sys_openat2+0x11b/0x1d0
[  605.134257][T16506]  ? __pfx_do_sys_openat2+0x10/0x10
[  605.134281][T16506]  __x64_sys_openat+0x174/0x210
[  605.134298][T16506]  ? __pfx___x64_sys_openat+0x10/0x10
[  605.134316][T16506]  ? rcu_is_watching+0x12/0xc0
[  605.134334][T16506]  do_syscall_64+0xcd/0x230
[  605.134353][T16506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.134366][T16506] RIP: 0033:0x7f7b4d38e969
[  605.134378][T16506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.134390][T16506] RSP: 002b:00007f7b4e222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  605.134402][T16506] RAX: ffffffffffffffda RBX: 00007f7b4d5b6080 RCX: 00007f7b4d38e969
[  605.134411][T16506] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  605.134421][T16506] RBP: 00007f7b4d410ab1 R08: 0000000000000000 R09: 0000000000000000
[  605.134429][T16506] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  605.134437][T16506] R13: 0000000000000000 R14: 00007f7b4d5b6080 R15: 00007fff3a633508
[  605.134456][T16506]  </TASK>
[  605.152722][T16477] bridge_slave_1 (unregistering): left allmulticast mode
[  605.152740][T16477] bridge_slave_1 (unregistering): left promiscuous mode
[  605.152784][T16477] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.165666][T16484] netlink: zone id is out of range
[  608.698050][T16515] tty tty12: ldisc open failed (-12), clearing slot 11
[  608.715495][T16532] tty tty12: ldisc open failed (-12), clearing slot 11
[  608.953142][T16544] : renamed from gre0 (while UP)
[  609.269739][T16547] Invalid ELF header magic: != ELF
[  611.096009][T16580] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2163'.
[  611.363326][T16584] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  611.439781][T16590] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[16590]
[  611.490199][T16584] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  611.522253][T16584] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  611.528285][T16584] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  611.796168][T16584] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  611.861887][T16584] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  611.864973][T16584] CPU0 is offline.
[  612.673284][T13085] Bluetooth: hci1: command 0x0c1a tx timeout
[  612.714676][T16614] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  613.120073][T16617] Process accounting resumed
[  613.438996][T16633] netlink: 98 bytes leftover after parsing attributes in process `syz.0.2175'.
[  613.501296][T16633] netlink: 50 bytes leftover after parsing attributes in process `syz.0.2175'.
[  613.552798][T13085] Bluetooth: hci0: command 0x0c1a tx timeout
[  613.558844][T13085] Bluetooth: hci4: command 0x0406 tx timeout
[  613.567204][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  613.657049][T16598] kexec: Could not allocate control_code_buffer
[  614.702736][T16662] input: f�
 as /devices/virtual/input/input18
[  615.432968][T16676] smc: net device syz_tun applied user defined pnetid ETHTOOL
[  615.631463][T16634] Bluetooth: hci0: command 0x0c1a tx timeout
[  617.688221][T16719] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE�r��҄y�*�"�l-���y–��
[  617.712550][T16634] Bluetooth: hci0: command 0x0c1a tx timeout
[  618.775411][T16736] netlink: 'syz.4.2199': attribute type 5 has an invalid length.
[  619.314741][T16749] netlink: 98 bytes leftover after parsing attributes in process `syz.4.2201'.
[  620.999403][T16784] netlink: 98 bytes leftover after parsing attributes in process `syz.0.2209'.
[  624.598557][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  624.605070][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  624.953847][   T30] audit: type=1804 audit(4294967418.940:44): pid=16864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2228" name="/newroot/287/file0" dev="tmpfs" ino=1521 res=1 errno=0
[  625.088015][   T30] audit: type=1800 audit(4294967419.020:45): pid=16864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2228" name="file0" dev="tmpfs" ino=1521 res=0 errno=0
[  625.399620][T16634] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18
[  626.133523][T16892] netlink: 98 bytes leftover after parsing attributes in process `syz.4.2235'.
[  627.931984][T16926] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2244'.
[  628.176290][T16932] HfR: entered promiscuous mode
[  628.264299][T16932] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(0.0.0), cmd(5)
[  628.474699][T16898] ima: policy update failed
[  628.545487][   T30] audit: type=1802 audit(4294967422.530:46): pid=16898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2236" res=0 errno=0
[  628.768670][T16947] random: crng reseeded on system resumption
[  628.902994][T16952] FAULT_INJECTION: forcing a failure.
[  628.902994][T16952] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  629.045818][T16952] CPU: 1 UID: 0 PID: 16952 Comm: syz.4.2249 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  629.045841][T16952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  629.045849][T16952] Call Trace:
[  629.045854][T16952]  <TASK>
[  629.045859][T16952]  dump_stack_lvl+0x16c/0x1f0
[  629.045883][T16952]  should_fail_ex+0x512/0x640
[  629.045904][T16952]  _copy_from_iter+0x2a4/0x15b0
[  629.045925][T16952]  ? __alloc_skb+0x200/0x380
[  629.045940][T16952]  ? __pfx__copy_from_iter+0x10/0x10
[  629.045960][T16952]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  629.045983][T16952]  ? __lock_acquire+0xaa4/0x1ba0
[  629.046004][T16952]  netlink_sendmsg+0x829/0xdd0
[  629.046023][T16952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  629.046045][T16952]  ____sys_sendmsg+0xa95/0xc70
[  629.046064][T16952]  ? copy_msghdr_from_user+0x10a/0x160
[  629.046078][T16952]  ? __pfx_____sys_sendmsg+0x10/0x10
[  629.046104][T16952]  ___sys_sendmsg+0x134/0x1d0
[  629.046119][T16952]  ? __pfx____sys_sendmsg+0x10/0x10
[  629.046154][T16952]  __sys_sendmsg+0x16d/0x220
[  629.046173][T16952]  ? __pfx___sys_sendmsg+0x10/0x10
[  629.046192][T16952]  ? rcu_is_watching+0x12/0xc0
[  629.046210][T16952]  do_syscall_64+0xcd/0x230
[  629.046229][T16952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.046243][T16952] RIP: 0033:0x7f098518e969
[  629.046255][T16952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.046267][T16952] RSP: 002b:00007f0985f7c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  629.046280][T16952] RAX: ffffffffffffffda RBX: 00007f09853b5fa0 RCX: 00007f098518e969
[  629.046289][T16952] RDX: 0000000000000000 RSI: 0000200000007b00 RDI: 0000000000000003
[  629.046297][T16952] RBP: 00007f0985f7c090 R08: 0000000000000000 R09: 0000000000000000
[  629.046305][T16952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  629.046313][T16952] R13: 0000000000000000 R14: 00007f09853b5fa0 R15: 00007fffd048ba88
[  629.046329][T16952]  </TASK>
[  631.171839][T16983] netlink: 226 bytes leftover after parsing attributes in process `syz.4.2256'.
[  631.240401][T16983] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2256'.
[  631.310384][T16983] net_ratelimit: 10 callbacks suppressed
[  631.310396][T16983] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  631.780560][T16997] HfR: entered promiscuous mode
[  632.380570][T17004] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2260'.
[  633.142727][T17032] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  633.375996][T17041] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2266'.
[  633.611342][T17047] futex_wake_op: syz.3.2269 tries to shift op by 64; fix this program
[  634.890785][T17090] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  635.128853][T17097] ERROR: Out of memory at tomoyo_memory_ok.
[  635.257659][T16634] Bluetooth: hci0: unexpected event 0x3e length: 1020 > 260
[  635.257686][T16634] Bluetooth: hci0: unexpected subevent 0x01 length: 1019 > 18
[  635.332708][T17105] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2280'.
[  637.140623][T17166] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2292'.
[  637.204894][   T30] audit: type=1800 audit(4294967440.189:47): pid=17165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2293" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  637.897383][T17164] kexec: Could not allocate control_code_buffer
[  640.168732][T17220] blktrace: Concurrent blktraces are not allowed on ram7
[  640.553645][T17230] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2306'.
[  641.179570][T17235] CIFS: VFS: Invalid SecurityFlags: Linux
[  641.561787][T17245] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  642.979399][T17278] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2318'.
[  643.158860][T17258] Process accounting paused
[  643.875989][T17320] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2323'.
[  645.106711][T17321] kexec: Could not allocate control_code_buffer
[  645.964936][T17350] busy
[  646.740446][T17353] FAULT_INJECTION: forcing a failure.
[  646.740446][T17353] name failslab, interval 1, probability 0, space 0, times 0
[  646.791319][T17353] CPU: 1 UID: 0 PID: 17353 Comm: syz.3.2330 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  646.791342][T17353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  646.791351][T17353] Call Trace:
[  646.791357][T17353]  <TASK>
[  646.791363][T17353]  dump_stack_lvl+0x16c/0x1f0
[  646.791386][T17353]  should_fail_ex+0x512/0x640
[  646.791405][T17353]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  646.791423][T17353]  should_failslab+0xc2/0x120
[  646.791439][T17353]  __kmalloc_cache_node_noprof+0x6d/0x420
[  646.791453][T17353]  ? sbitmap_init_node+0x2ca/0x770
[  646.791466][T17353]  ? sbitmap_queue_init_node+0x341/0x560
[  646.791482][T17353]  sbitmap_queue_init_node+0x341/0x560
[  646.791499][T17353]  blk_mq_init_tags+0x12d/0x2b0
[  646.791520][T17353]  blk_mq_alloc_map_and_rqs+0x237/0xf10
[  646.791539][T17353]  ? blk_mq_map_queues+0x211/0x410
[  646.791557][T17353]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  646.791578][T17353]  blk_mq_alloc_tag_set+0x75e/0x1250
[  646.791602][T17353]  loop_add+0x3b7/0xb70
[  646.791619][T17353]  ? do_vfs_ioctl+0x512/0x1990
[  646.791637][T17353]  ? __pfx_loop_add+0x10/0x10
[  646.791652][T17353]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  646.791682][T17353]  ? find_held_lock+0x2b/0x80
[  646.791697][T17353]  loop_control_ioctl+0x13c/0x630
[  646.791715][T17353]  ? __pfx_loop_control_ioctl+0x10/0x10
[  646.791734][T17353]  ? __pfx_loop_control_ioctl+0x10/0x10
[  646.791752][T17353]  __x64_sys_ioctl+0x190/0x200
[  646.791770][T17353]  do_syscall_64+0xcd/0x230
[  646.791790][T17353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.791803][T17353] RIP: 0033:0x7f7b4d38e969
[  646.791815][T17353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.791827][T17353] RSP: 002b:00007f7b4e243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  646.791841][T17353] RAX: ffffffffffffffda RBX: 00007f7b4d5b5fa0 RCX: 00007f7b4d38e969
[  646.791850][T17353] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000d
[  646.791859][T17353] RBP: 00007f7b4d410ab1 R08: 0000000000000000 R09: 0000000000000000
[  646.791867][T17353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  646.791875][T17353] R13: 0000000000000000 R14: 00007f7b4d5b5fa0 R15: 00007fff3a633508
[  646.791892][T17353]  </TASK>
[  646.792002][T17353] blk-mq: reduced tag depth (128 -> 64)
[  647.158289][T17378] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2332'.
[  649.006446][T17391] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2335'.
[  649.107883][T17398] Malformed UNC in devname
[  649.107883][T17398] 
[  649.165615][T17398] CIFS: VFS: Malformed UNC in devname
[  649.752621][T17429] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2342'.
[  649.844415][T17427] Invalid ELF header magic: != ELF
[  650.205810][T17302] team0: left allmulticast mode
[  650.220641][T17302] team_slave_1: left allmulticast mode
[  650.242663][T17302] team0: left promiscuous mode
[  650.259926][T17302] team_slave_1: left promiscuous mode
[  650.311467][T17302] bridge0: port 3(team0) entered disabled state
[  650.348453][T17302] bridge_slave_1: left allmulticast mode
[  650.385014][T17302] bridge_slave_1: left promiscuous mode
[  650.418766][T17302] bridge0: port 2(bridge_slave_1) entered disabled state
[  650.498918][T17302] bridge_slave_0: left allmulticast mode
[  650.526796][T17302] bridge_slave_0: left promiscuous mode
[  650.563063][T17302] bridge0: port 1(bridge_slave_0) entered disabled state
[  651.950025][T17495] binder: 17494:17495 ioctl 400c620e 200000000400 returned -22
[  652.268364][T17302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  652.288107][T17302] bond0 (unregistering): Released all slaves
[  652.418470][T17302] ovs_: left promiscuous mode
[  653.118288][T17302] hsr_slave_0: left promiscuous mode
[  653.184586][T17302] hsr_slave_1: left promiscuous mode
[  653.259350][T17302] veth1_macvtap: left promiscuous mode
[  653.284981][T17302] veth0_macvtap: left promiscuous mode
[  653.335255][T17302] veth1_vlan: left promiscuous mode
[  653.359446][T17302] veth0_vlan: left promiscuous mode
[  655.273848][T17302] team0 (unregistering): Port device team_slave_1 removed
[  655.485547][T17554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2369'.
[  655.917687][T17563] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2370'.
[  658.196189][T17589] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input19
[  659.807262][T17611] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2381'.
[  659.908275][T17611] netlink: 'syz.0.2381': attribute type 1 has an invalid length.
[  660.237543][T17623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2384'.
[  662.052595][T17652] FAULT_INJECTION: forcing a failure.
[  662.052595][T17652] name failslab, interval 1, probability 0, space 0, times 0
[  662.106269][T17669] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2391'.
[  662.144067][T17652] CPU: 1 UID: 0 PID: 17652 Comm: syz.3.2389 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  662.144091][T17652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  662.144100][T17652] Call Trace:
[  662.144105][T17652]  <TASK>
[  662.144110][T17652]  dump_stack_lvl+0x16c/0x1f0
[  662.144133][T17652]  should_fail_ex+0x512/0x640
[  662.144153][T17652]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  662.144177][T17652]  should_failslab+0xc2/0x120
[  662.144194][T17652]  __kmalloc_cache_noprof+0x6a/0x3e0
[  662.144215][T17652]  ? fqdir_init+0x4f/0x1f0
[  662.144232][T17652]  fqdir_init+0x4f/0x1f0
[  662.144248][T17652]  lowpan_frags_init_net+0x2d/0x3a0
[  662.144268][T17652]  ? __pfx_lowpan_frags_init_net+0x10/0x10
[  662.144286][T17652]  ops_init+0x1df/0x5f0
[  662.144305][T17652]  setup_net+0x21e/0x850
[  662.144321][T17652]  ? __pfx_setup_net+0x10/0x10
[  662.144335][T17652]  ? lockdep_init_map_type+0x5c/0x280
[  662.144353][T17652]  ? __pfx_down_read_killable+0x10/0x10
[  662.144375][T17652]  ? debug_mutex_init+0x37/0x70
[  662.144397][T17652]  copy_net_ns+0x2a6/0x5f0
[  662.144415][T17652]  create_new_namespaces+0x3ea/0xad0
[  662.144434][T17652]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  662.144450][T17652]  ksys_unshare+0x45b/0xa40
[  662.144467][T17652]  ? __pfx_ksys_unshare+0x10/0x10
[  662.144483][T17652]  ? xfd_validate_state+0x5d/0x180
[  662.144504][T17652]  ? rcu_is_watching+0x12/0xc0
[  662.144521][T17652]  __x64_sys_unshare+0x31/0x40
[  662.144537][T17652]  do_syscall_64+0xcd/0x230
[  662.144556][T17652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.144569][T17652] RIP: 0033:0x7f7b4d38e969
[  662.144580][T17652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  662.144593][T17652] RSP: 002b:00007f7b4e243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  662.144606][T17652] RAX: ffffffffffffffda RBX: 00007f7b4d5b5fa0 RCX: 00007f7b4d38e969
[  662.144614][T17652] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  662.144622][T17652] RBP: 00007f7b4d410ab1 R08: 0000000000000000 R09: 0000000000000000
[  662.144629][T17652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  662.144637][T17652] R13: 0000000000000000 R14: 00007f7b4d5b5fa0 R15: 00007fff3a633508
[  662.144654][T17652]  </TASK>
[  665.096575][T17716] Invalid ELF header magic: != ELF
[  665.307787][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025581400: rx timeout, send abort
[  665.817057][    C1] vcan0: j1939_tp_rxtimer: 0xffff888025581400: abort rx timeout. Force session deactivation
[  666.020431][T17731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2405'.
[  666.266512][T17731] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode
[  666.424837][T17698] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  669.204282][T17796] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2416'.
[  670.066891][T17817] rnbd_client L202: map_device: Unknown parameter or missing value '('
[  670.583481][T17820] Invalid ELF header magic: != ELF
[  672.416743][T17540] syz.1.2364 (17540) used greatest stack depth: 21240 bytes left
[  673.157683][T17867] ptrace attach of "./syz-executor exec"[5830] was attempted by "o������e�\x22țoy��҇e�*Ji�\x09��\x0d�o�0��f�,%N���.:BW1SXz �J�P�Zi�l�Ax��.�F~ \x0a���9�ٮ���$��~� \x09�d� �7P�Gn �4�\x22�_Ǧ���AaZ�RiKK
hB&����qI �z�{�a`����}�(��G-��������U�&���:�:��nQg�>2<5N����\x09d\x0c�����ϯȅ��oh�^�|<����Ȩ@{\x5cX�IoZ��3�δ�x�Goúy*tn�X�T���c�l��z�o�UKܓ����\x1b�b���[�1}\x09^MKR�����05j����#�8d��D�Ũǽ�El�ȈV)ӻ0r-��\x0b��>�a��rN\x0d���V��)Ex\x0b5�V+�I2d���ӊe�r7�0g�!�x} >C�X�^�$�w}E�{
��⡺_����<2k��J���ފg���`��H���J*�l �q܌��)��\x5c�{^r�\x0cQ\x22s��F���P\x0d�@@ñ�\x0d�qC���!�7ǰ���B����_�
qk3�\x09�(��omp��_B@�0[��,DX�ϋ?;��Z�[����\x5c��Z���9t�U;k� ;J�N�iڿ����aV\x09�.-�Z��`\x07����\x0a4�H\x0b�CD\x09E��v6� �MJ�x{C�XI*Z�D{���ӾN^+FM�/C�`��
Y0�������B4�zB�,���G�8H�Jx\x09�>ELҺ��S��@R㓤�l�,��~���RNP��6]���IiP$�p����W�_��5
&`_g�d�k.\x07�!A��XN�+��C�,���%�%f͆��^wS�\x0c �K�������d��bm���+.���3��Hqչ���vZ�[�4��\x0c�y
\x5c�'\x0c�!KT�,VH
[  673.158531][T17867] ptrace attach of "./syz-executor exec"[5830] was attempted by "o������e�\x22țoy��҇e�*Ji�\x09��\x0d�o�0��f�,%N���.:BW1SXz �J�P�Zi�l�Ax��.�F~ \x0a���9�ٮ���$��~� \x09�d� �7P�Gn �4�\x22�_Ǧ���AaZ�RiKK
hB&����qI �z�{�a`����}�(��G-��������U�&���:�:��nQg�>2<5N����\x09d\x0c�����ϯȅ��oh�^�|<����Ȩ@{\x5cX�IoZ��3�δ�x�Goúy*tn�X�T���c�l��z�o�UKܓ����\x1b�b���[�1}\x09^MKR�����05j����#�8d��D�Ũǽ�El�ȈV)ӻ0r-��\x0b��>�a��rN\x0d���V��)Ex\x0b5�V+�I2d���ӊe�r7�0g�!�x} >C�X�^�$�w}E�{
��⡺_����<2k��J���ފg���`��H���J*�l �q܌��)��\x5c�{^r�\x0cQ\x22s��F���P\x0d�@@ñ�\x0d�qC���!�7ǰ���B����_�
qk3�\x09�(��omp��_B@�0[��,DX�ϋ?;��Z�[����\x5c��Z���9t�U;k� ;J�N�iڿ����aV\x09�.-�Z��`\x07����\x0a4�H\x0b�CD\x09E��v6� �MJ�x{C�XI*Z�D{���ӾN^+FM�/C�`��
Y0�������B4�zB�,���G�8H�Jx\x09�>ELҺ��S��@R㓤�l�,��~���RNP��6]���IiP$�p����W�_��5
&`_g�d�k.\x07�!A��XN�+��C�,���%�%f͆��^wS�\x0c �K�������d��bm���+.���3��Hqչ���vZ�[�4��\x0c�y
\x5c�'\x0c�!KT�,VH
[  673.249755][    C1] vkms_vblank_simulate: vblank timer overrun
[  673.341482][    C1] vkms_vblank_simulate: vblank timer overrun
[  673.454548][T17868] Process accounting resumed
[  674.225680][T17545] syz.1.2364 (17545) used greatest stack depth: 18104 bytes left
[  674.402371][T17892] CIFS mount error: No usable UNC path provided in device string!
[  674.402371][T17892] 
[  674.475760][T17892] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  674.497913][T17895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2442'.
[  675.293966][T17911] random: crng reseeded on system resumption
[  677.432689][T17944] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  678.334267][T17956] random: crng reseeded on system resumption
[  679.856733][T17999] Invalid ELF header magic: != ELF
[  680.322377][T18006] misc userio: The device must be registered before sending interrupts
[  680.403492][T18009] FAULT_INJECTION: forcing a failure.
[  680.403492][T18009] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  680.482641][T18009] CPU: 1 UID: 0 PID: 18009 Comm: syz.1.2468 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  680.482667][T18009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  680.482676][T18009] Call Trace:
[  680.482681][T18009]  <TASK>
[  680.482687][T18009]  dump_stack_lvl+0x16c/0x1f0
[  680.482710][T18009]  should_fail_ex+0x512/0x640
[  680.482731][T18009]  should_fail_alloc_page+0xe7/0x130
[  680.482750][T18009]  prepare_alloc_pages+0x3c2/0x610
[  680.482773][T18009]  __alloc_frozen_pages_noprof+0x18f/0x23a0
[  680.482792][T18009]  ? futex_wait+0x120/0x380
[  680.482810][T18009]  ? __pfx_futex_wait+0x10/0x10
[  680.482828][T18009]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  680.482843][T18009]  ? kmem_cache_free+0x2d4/0x4d0
[  680.482856][T18009]  ? fd_install+0x225/0x750
[  680.482874][T18009]  ? putname+0x154/0x1a0
[  680.482891][T18009]  ? do_futex+0x122/0x350
[  680.482904][T18009]  ? aa_get_newest_label+0x375/0x680
[  680.482917][T18009]  ? __pfx_do_futex+0x10/0x10
[  680.482931][T18009]  ? __pfx_aa_get_newest_label+0x10/0x10
[  680.482944][T18009]  ? rcu_is_watching+0x12/0xc0
[  680.482957][T18009]  ? trace_cap_capable+0x18d/0x200
[  680.482972][T18009]  __alloc_pages_noprof+0xb/0x1b0
[  680.482987][T18009]  ___kmalloc_large_node+0x82/0x1e0
[  680.483007][T18009]  __kmalloc_large_noprof+0x1c/0x70
[  680.483024][T18009]  ? bpf_lsm_locked_down+0x9/0x10
[  680.483039][T18009]  ksys_ioperm+0x3c9/0x4f0
[  680.483061][T18009]  do_syscall_64+0xcd/0x230
[  680.483089][T18009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.483104][T18009] RIP: 0033:0x7f230e78e969
[  680.483116][T18009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.483130][T18009] RSP: 002b:00007f230f5e5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[  680.483143][T18009] RAX: ffffffffffffffda RBX: 00007f230e9b5fa0 RCX: 00007f230e78e969
[  680.483152][T18009] RDX: 0000000000000002 RSI: 0000000000000006 RDI: 0000000000000007
[  680.483160][T18009] RBP: 00007f230e810ab1 R08: 0000000000000000 R09: 0000000000000000
[  680.483168][T18009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  680.483175][T18009] R13: 0000000000000000 R14: 00007f230e9b5fa0 R15: 00007fff557fb0e8
[  680.483191][T18009]  </TASK>
[  680.714278][    C1] vkms_vblank_simulate: vblank timer overrun
[  680.963212][T17987] random: crng reseeded on system resumption
[  681.112004][T18026] FAULT_INJECTION: forcing a failure.
[  681.112004][T18026] name failslab, interval 1, probability 0, space 0, times 0
[  681.155781][T18026] CPU: 1 UID: 0 PID: 18026 Comm: syz.0.2470 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  681.155819][T18026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  681.155835][T18026] Call Trace:
[  681.155843][T18026]  <TASK>
[  681.155854][T18026]  dump_stack_lvl+0x16c/0x1f0
[  681.155894][T18026]  should_fail_ex+0x512/0x640
[  681.155930][T18026]  ? fs_reclaim_acquire+0xae/0x150
[  681.155973][T18026]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  681.155994][T18026]  should_failslab+0xc2/0x120
[  681.156019][T18026]  __kmalloc_noprof+0xd2/0x510
[  681.156037][T18026]  tomoyo_realpath_from_path+0xc2/0x6e0
[  681.156057][T18026]  ? tomoyo_profile+0x47/0x60
[  681.156078][T18026]  tomoyo_path_number_perm+0x245/0x580
[  681.156093][T18026]  ? tomoyo_path_number_perm+0x237/0x580
[  681.156109][T18026]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  681.156126][T18026]  ? find_held_lock+0x2b/0x80
[  681.156159][T18026]  ? find_held_lock+0x2b/0x80
[  681.156173][T18026]  ? hook_file_ioctl_common+0x145/0x410
[  681.156195][T18026]  ? __fget_files+0x20e/0x3c0
[  681.156220][T18026]  security_file_ioctl+0x9b/0x240
[  681.156237][T18026]  __x64_sys_ioctl+0xb7/0x200
[  681.156257][T18026]  do_syscall_64+0xcd/0x230
[  681.156276][T18026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.156290][T18026] RIP: 0033:0x7f19d878e969
[  681.156301][T18026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.156313][T18026] RSP: 002b:00007f19d95bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  681.156326][T18026] RAX: ffffffffffffffda RBX: 00007f19d89b5fa0 RCX: 00007f19d878e969
[  681.156335][T18026] RDX: 0000200000000400 RSI: 00000000400c620e RDI: 0000000000000003
[  681.156343][T18026] RBP: 00007f19d95bf090 R08: 0000000000000000 R09: 0000000000000000
[  681.156353][T18026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.156360][T18026] R13: 0000000000000000 R14: 00007f19d89b5fa0 R15: 00007fff00a328b8
[  681.156377][T18026]  </TASK>
[  681.156382][T18026] ERROR: Out of memory at tomoyo_realpath_from_path.
[  681.807631][T18031] binder: 18030:18031 ioctl 40103e05 ffffffffffffffff returned -22
[  681.860284][T18031] binder: 18030:18031 ioctl 400c620e 200000000400 returned -22
[  681.915680][T18033] syz.1.2473 (18033): drop_caches: 0
[  682.029936][T18026] binder: 18025:18026 ioctl 400c620e 200000000400 returned -22
[  683.515010][T18068] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2482'.
[  683.612948][T18070] binder: 18069:18070 ioctl 400c620e 200000000400 returned -22
[  683.646035][T18070] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007
[  683.709677][T18073] FAULT_INJECTION: forcing a failure.
[  683.709677][T18073] name failslab, interval 1, probability 0, space 0, times 0
[  683.738145][T18073] CPU: 1 UID: 0 PID: 18073 Comm: syz.3.2484 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  683.738168][T18073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  683.738176][T18073] Call Trace:
[  683.738181][T18073]  <TASK>
[  683.738187][T18073]  dump_stack_lvl+0x16c/0x1f0
[  683.738210][T18073]  should_fail_ex+0x512/0x640
[  683.738228][T18073]  ? fs_reclaim_acquire+0xae/0x150
[  683.738249][T18073]  ? tomoyo_encode2+0x100/0x3e0
[  683.738266][T18073]  should_failslab+0xc2/0x120
[  683.738282][T18073]  __kmalloc_noprof+0xd2/0x510
[  683.738296][T18073]  ? d_absolute_path+0x136/0x1a0
[  683.738315][T18073]  tomoyo_encode2+0x100/0x3e0
[  683.738335][T18073]  tomoyo_encode+0x29/0x50
[  683.738351][T18073]  tomoyo_realpath_from_path+0x18f/0x6e0
[  683.738374][T18073]  tomoyo_path_number_perm+0x245/0x580
[  683.738389][T18073]  ? tomoyo_path_number_perm+0x237/0x580
[  683.738405][T18073]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  683.738422][T18073]  ? find_held_lock+0x2b/0x80
[  683.738451][T18073]  ? find_held_lock+0x2b/0x80
[  683.738462][T18073]  ? hook_file_ioctl_common+0x145/0x410
[  683.738481][T18073]  ? __fget_files+0x20e/0x3c0
[  683.738504][T18073]  security_file_ioctl+0x9b/0x240
[  683.738521][T18073]  __x64_sys_ioctl+0xb7/0x200
[  683.738541][T18073]  do_syscall_64+0xcd/0x230
[  683.738561][T18073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.738574][T18073] RIP: 0033:0x7f7b4d38e969
[  683.738587][T18073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.738599][T18073] RSP: 002b:00007f7b4e243038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  683.738612][T18073] RAX: ffffffffffffffda RBX: 00007f7b4d5b5fa0 RCX: 00007f7b4d38e969
[  683.738621][T18073] RDX: 0000200000000400 RSI: 00000000400c620e RDI: 0000000000000003
[  683.738628][T18073] RBP: 00007f7b4e243090 R08: 0000000000000000 R09: 0000000000000000
[  683.738637][T18073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.738644][T18073] R13: 0000000000000000 R14: 00007f7b4d5b5fa0 R15: 00007fff3a633508
[  683.738661][T18073]  </TASK>
[  683.738675][T18073] ERROR: Out of memory at tomoyo_realpath_from_path.
[  684.260556][T18073] binder: 18071:18073 ioctl 400c620e 200000000400 returned -22
[  684.543266][T18087] lo: entered allmulticast mode
[  685.213720][T18081] lo: left allmulticast mode
[  685.769051][T18114] binder: 18113:18114 ioctl 400c620e 200000000400 returned -22
[  685.971192][T18119] FAULT_INJECTION: forcing a failure.
[  685.971192][T18119] name failslab, interval 1, probability 0, space 0, times 0
[  686.004142][T18119] CPU: 1 UID: 0 PID: 18119 Comm: syz.0.2495 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  686.004164][T18119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  686.004172][T18119] Call Trace:
[  686.004178][T18119]  <TASK>
[  686.004183][T18119]  dump_stack_lvl+0x16c/0x1f0
[  686.004209][T18119]  should_fail_ex+0x512/0x640
[  686.004228][T18119]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  686.004251][T18119]  should_failslab+0xc2/0x120
[  686.004267][T18119]  __kmalloc_cache_noprof+0x6a/0x3e0
[  686.004286][T18119]  ? binder_get_thread+0x1eb/0x8c0
[  686.004304][T18119]  ? binder_get_thread+0x225/0x8c0
[  686.004322][T18119]  binder_get_thread+0x225/0x8c0
[  686.004339][T18119]  ? rcu_is_watching+0x12/0xc0
[  686.004353][T18119]  binder_ioctl+0x20f/0x7300
[  686.004374][T18119]  ? tomoyo_path_number_perm+0x295/0x580
[  686.004393][T18119]  ? tomoyo_path_number_perm+0x18d/0x580
[  686.004409][T18119]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  686.004424][T18119]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  686.004443][T18119]  ? __pfx_binder_ioctl+0x10/0x10
[  686.004461][T18119]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  686.004490][T18119]  ? find_held_lock+0x2b/0x80
[  686.004502][T18119]  ? hook_file_ioctl_common+0x145/0x410
[  686.004520][T18119]  ? __fget_files+0x20e/0x3c0
[  686.004541][T18119]  ? __pfx_binder_ioctl+0x10/0x10
[  686.004560][T18119]  __x64_sys_ioctl+0x190/0x200
[  686.004578][T18119]  do_syscall_64+0xcd/0x230
[  686.004597][T18119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.004611][T18119] RIP: 0033:0x7f19d878e969
[  686.004624][T18119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.004636][T18119] RSP: 002b:00007f19d95bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  686.004648][T18119] RAX: ffffffffffffffda RBX: 00007f19d89b5fa0 RCX: 00007f19d878e969
[  686.004657][T18119] RDX: 0000200000000400 RSI: 00000000400c620e RDI: 0000000000000003
[  686.004665][T18119] RBP: 00007f19d95bf090 R08: 0000000000000000 R09: 0000000000000000
[  686.004673][T18119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  686.004680][T18119] R13: 0000000000000000 R14: 00007f19d89b5fa0 R15: 00007fff00a328b8
[  686.004696][T18119]  </TASK>
[  686.004746][T18119] binder: 18118:18119 ioctl 400c620e 200000000400 returned -12
[  686.259300][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  686.265669][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  686.549131][T18128] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2498'.
[  686.618805][T18128] netlink: 346 bytes leftover after parsing attributes in process `syz.1.2498'.
[  687.240810][T18156] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2502'.
[  687.290990][T18155] Invalid ELF header magic: != ELF
[  687.780776][T18155] snd_aloop snd_aloop.0: control 16781581:65535:6:�'x?F���/��zF˷fC���:8 is already present
[  688.511698][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  688.522102][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  688.530424][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  688.540918][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  688.578358][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  689.215999][T18183] FAULT_INJECTION: forcing a failure.
[  689.215999][T18183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  689.278402][ T7301] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  689.298546][T18183] CPU: 1 UID: 0 PID: 18183 Comm: syz.0.2509 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  689.298568][T18183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  689.298576][T18183] Call Trace:
[  689.298580][T18183]  <TASK>
[  689.298586][T18183]  dump_stack_lvl+0x16c/0x1f0
[  689.298608][T18183]  should_fail_ex+0x512/0x640
[  689.298630][T18183]  _copy_from_user+0x2e/0xd0
[  689.298651][T18183]  binder_ioctl+0x17e4/0x7300
[  689.298674][T18183]  ? tomoyo_path_number_perm+0x295/0x580
[  689.298693][T18183]  ? tomoyo_path_number_perm+0x18d/0x580
[  689.298709][T18183]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  689.298723][T18183]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  689.298743][T18183]  ? __pfx_binder_ioctl+0x10/0x10
[  689.298761][T18183]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  689.298790][T18183]  ? find_held_lock+0x2b/0x80
[  689.298803][T18183]  ? hook_file_ioctl_common+0x145/0x410
[  689.298821][T18183]  ? __fget_files+0x20e/0x3c0
[  689.298843][T18183]  ? __pfx_binder_ioctl+0x10/0x10
[  689.298861][T18183]  __x64_sys_ioctl+0x190/0x200
[  689.298879][T18183]  do_syscall_64+0xcd/0x230
[  689.298898][T18183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.298912][T18183] RIP: 0033:0x7f19d878e969
[  689.298923][T18183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.298936][T18183] RSP: 002b:00007f19d95bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  689.298949][T18183] RAX: ffffffffffffffda RBX: 00007f19d89b5fa0 RCX: 00007f19d878e969
[  689.298957][T18183] RDX: 0000200000000400 RSI: 00000000400c620e RDI: 0000000000000003
[  689.298965][T18183] RBP: 00007f19d95bf090 R08: 0000000000000000 R09: 0000000000000000
[  689.298973][T18183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  689.298980][T18183] R13: 0000000000000000 R14: 00007f19d89b5fa0 R15: 00007fff00a328b8
[  689.298997][T18183]  </TASK>
[  689.299003][T18183] binder: 18182:18183 ioctl 400c620e 200000000400 returned -14
[  689.807753][T18172] chnl_net:caif_netlink_parms(): no params data found
[  690.224365][T18172] bridge0: port 1(bridge_slave_0) entered blocking state
[  690.271598][T18172] bridge0: port 1(bridge_slave_0) entered disabled state
[  690.278801][T18172] bridge_slave_0: entered allmulticast mode
[  690.300812][T18205] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2511'.
[  690.337225][T18172] bridge_slave_0: entered promiscuous mode
[  690.345475][T18203] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2511'.
[  690.389682][T18172] bridge0: port 2(bridge_slave_1) entered blocking state
[  690.427578][T18172] bridge0: port 2(bridge_slave_1) entered disabled state
[  690.466201][T18172] bridge_slave_1: entered allmulticast mode
[  690.523379][T18172] bridge_slave_1: entered promiscuous mode
[  690.671909][T16634] Bluetooth: hci2: command tx timeout
[  690.765605][T18172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  690.823849][T18172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.965003][T18172] team0: Port device team_slave_0 added
[  691.004267][T18172] team0: Port device team_slave_1 added
[  691.078387][T18172] batman_adv: batadv0: Adding interface: batadv_slave_0
[  691.090954][T18172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  691.158351][T18172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  691.195509][T18222] ptrace attach of "./syz-executor exec"[10702] was attempted by "./syz-executor exec"[18222]
[  691.246775][T18172] batman_adv: batadv0: Adding interface: batadv_slave_1
[  691.277057][T18172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  691.368640][T18172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  691.550936][T18172] hsr_slave_0: entered promiscuous mode
[  691.574570][T18172] hsr_slave_1: entered promiscuous mode
[  691.588617][T18172] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  691.608425][T18172] Cannot create hsr debugfs directory
[  692.076792][T18257] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2522'.
[  692.362850][T18172] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.486371][T18172] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.617041][T18172] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.715393][T18172] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.751170][T16634] Bluetooth: hci2: command tx timeout
[  692.880828][T18271] random: crng reseeded on system resumption
[  693.065240][T18172] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  693.109162][T18172] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  693.149048][T18172] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  693.180324][T18172] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  693.382477][T18277] FAULT_INJECTION: forcing a failure.
[  693.382477][T18277] name fail_futex, interval 1, probability 0, space 0, times 0
[  693.470015][T18277] CPU: 1 UID: 0 PID: 18277 Comm: syz.3.2527 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  693.470038][T18277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  693.470047][T18277] Call Trace:
[  693.470052][T18277]  <TASK>
[  693.470058][T18277]  dump_stack_lvl+0x16c/0x1f0
[  693.470083][T18277]  should_fail_ex+0x512/0x640
[  693.470105][T18277]  get_futex_key+0x49e/0x1000
[  693.470123][T18277]  ? __pfx_get_futex_key+0x10/0x10
[  693.470143][T18277]  futex_wake+0xe7/0x4e0
[  693.470161][T18277]  ? __pfx_futex_wake+0x10/0x10
[  693.470176][T18277]  ? rcu_is_watching+0x12/0xc0
[  693.470195][T18277]  do_futex+0x1e3/0x350
[  693.470209][T18277]  ? __pfx_do_futex+0x10/0x10
[  693.470225][T18277]  ? __pfx___might_resched+0x10/0x10
[  693.470242][T18277]  __x64_sys_futex+0x1e0/0x4c0
[  693.470258][T18277]  ? __pfx___x64_sys_futex+0x10/0x10
[  693.470272][T18277]  ? rcu_is_watching+0x12/0xc0
[  693.470289][T18277]  do_syscall_64+0xcd/0x230
[  693.470308][T18277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.470322][T18277] RIP: 0033:0x7f7b4d38e969
[  693.470333][T18277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  693.470346][T18277] RSP: 002b:00007f7b4e2430e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  693.470358][T18277] RAX: ffffffffffffffda RBX: 00007f7b4d5b5fa8 RCX: 00007f7b4d38e969
[  693.470367][T18277] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f7b4d5b5fac
[  693.470375][T18277] RBP: 00007f7b4d5b5fa0 R08: 00007f7b4e244000 R09: 0000000000000000
[  693.470383][T18277] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f7b4d5b5fac
[  693.470390][T18277] R13: 0000000000000000 R14: 00007fff3a633420 R15: 00007fff3a633508
[  693.470406][T18277]  </TASK>
[  693.682492][T18172] 8021q: adding VLAN 0 to HW filter on device bond0
[  693.696498][T18172] 8021q: adding VLAN 0 to HW filter on device team0
[  693.723339][T18172] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  693.733752][T18172] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  693.878364][ T6376] bridge0: port 1(bridge_slave_0) entered blocking state
[  693.885552][ T6376] bridge0: port 1(bridge_slave_0) entered forwarding state
[  693.940244][ T6376] bridge0: port 2(bridge_slave_1) entered blocking state
[  693.947455][ T6376] bridge0: port 2(bridge_slave_1) entered forwarding state
[  693.993290][T18280] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2528'.
[  694.315410][T18172] 8021q: adding VLAN 0 to HW filter on device batadv0
[  694.507453][T16634] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260
[  694.507477][T16634] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260
[  694.526268][T16634] Bluetooth: hci0: Dropping invalid advertising data
[  694.534484][T16634] Bluetooth: hci0: unknown advertising packet type: 0xe9
[  694.618417][T18172] veth0_vlan: entered promiscuous mode
[  694.718587][T18172] veth1_vlan: entered promiscuous mode
[  694.758162][T18296] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2531'.
[  694.832498][T16634] Bluetooth: hci2: command tx timeout
[  694.943943][T18172] veth0_macvtap: entered promiscuous mode
[  694.984570][T18172] veth1_macvtap: entered promiscuous mode
[  695.066831][T18172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  695.138710][T18172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.174110][T18172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  695.243076][T18172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.314462][T18172] batman_adv: batadv0: Interface activated: batadv_slave_0
[  695.428985][T18172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  695.488018][T18172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.548227][T18172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  695.611221][T18172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.663483][T18172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  695.717742][T18172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  695.776014][T18172] batman_adv: batadv0: Interface activated: batadv_slave_1
[  695.887639][T18172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  695.928877][T18172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  695.966071][T18172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  695.999602][T18172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  696.352749][ T7899] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.431816][ T7899] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.518628][ T7899] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  696.564185][ T7899] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  696.780237][T18342] Console: switching to colour VGA+ 80x25
[  696.912613][T16634] Bluetooth: hci2: command tx timeout
[  698.864579][T18372] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  698.891694][T18372] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  698.910742][T18372] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  698.937185][T18372] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  698.959166][T18372] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  698.995130][T18372] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  699.053444][T18372] CPU0 is offline.
[  700.116533][T16634] Bluetooth: hci3: command 0x0406 tx timeout
[  700.616987][T18438] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2558'.
[  700.911420][T16634] Bluetooth: hci0: command 0x0c1a tx timeout
[  700.918292][ T5833] Bluetooth: hci4: command 0x0406 tx timeout
[  700.991672][T16634] Bluetooth: hci2: command 0x0c1a tx timeout
[  703.071258][T16634] Bluetooth: hci2: command 0x0c1a tx timeout
[  704.008979][T18502] Invalid ELF header magic: != ELF
[  704.066996][T18485] Process accounting paused
[  705.151282][T16634] Bluetooth: hci2: command 0x0c1a tx timeout
[  706.162146][T18535] netlink: 4124 bytes leftover after parsing attributes in process `syz.3.2573'.
[  707.902453][T18573] netlink: 2468 bytes leftover after parsing attributes in process `syz.4.2579'.
[  708.136258][T18579] openvswitch: HfR: Dropping previously announced user features
[  708.810586][T18599] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2583'.
[  709.179884][T16634] Bluetooth: hci4: unexpected subevent 0x01 length: 4 < 18
[  709.546745][T18618] netlink: 98 bytes leftover after parsing attributes in process `syz.1.2586'.
[  710.154826][T18642] netlink: 98 bytes leftover after parsing attributes in process `syz.3.2590'.
[  711.586284][T18675] perf: Dynamic interrupt throttling disabled, can hang your system!
[  712.858956][T18687] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2599'.
[  713.231057][T16634] Bluetooth: hci2: command 0x0c1a tx timeout
[  713.237218][   T47] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  714.774133][T18715] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2607'.
[  714.843441][T18718] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2609'.
[  718.387293][T18761] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2618'.
[  718.445915][T18763] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2619'.
[  720.447908][T18804] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2628'.
[  720.663691][T18808] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2629'.
[  721.118849][T18830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2634'.
[  721.394097][T18841] binder: 18840:18841 ioctl 400c620e 200000000000 returned -22
[  721.637448][T18848] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2639'.
[  722.045940][T17314] gretap0: left allmulticast mode
[  722.070633][T17314] gretap0: left promiscuous mode
[  722.083242][T18851] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[  722.108154][T17314] bridge0: port 3(gretap0) entered disabled state
[  722.133231][T17314] bridge_slave_1: left allmulticast mode
[  722.166915][T17314] bridge_slave_1: left promiscuous mode
[  722.190192][T17314] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.229826][T17314] bridge_slave_0: left allmulticast mode
[  722.255078][T17314] bridge_slave_0: left promiscuous mode
[  722.292899][T17314] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.300578][T18855] FAULT_INJECTION: forcing a failure.
[  722.300578][T18855] name failslab, interval 1, probability 0, space 0, times 0
[  722.362616][T18855] CPU: 1 UID: 0 PID: 18855 Comm: syz.1.2640 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  722.362639][T18855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  722.362648][T18855] Call Trace:
[  722.362654][T18855]  <TASK>
[  722.362660][T18855]  dump_stack_lvl+0x16c/0x1f0
[  722.362686][T18855]  should_fail_ex+0x512/0x640
[  722.362706][T18855]  ? fs_reclaim_acquire+0xae/0x150
[  722.362728][T18855]  ? tomoyo_supervisor+0x45b/0x13b0
[  722.362747][T18855]  should_failslab+0xc2/0x120
[  722.362764][T18855]  __kmalloc_noprof+0xd2/0x510
[  722.362778][T18855]  ? tomoyo_profile+0x47/0x60
[  722.362801][T18855]  tomoyo_supervisor+0x45b/0x13b0
[  722.362823][T18855]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  722.362847][T18855]  ? __pfx_vsnprintf+0x10/0x10
[  722.362873][T18855]  ? tomoyo_encode2+0x329/0x3e0
[  722.362901][T18855]  tomoyo_path_number_perm+0x448/0x580
[  722.362919][T18855]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  722.362955][T18855]  ? find_held_lock+0x2b/0x80
[  722.362968][T18855]  ? hook_file_ioctl_common+0x145/0x410
[  722.362986][T18855]  ? __fget_files+0x20e/0x3c0
[  722.363009][T18855]  security_file_ioctl+0x9b/0x240
[  722.363034][T18855]  __x64_sys_ioctl+0xb7/0x200
[  722.363056][T18855]  do_syscall_64+0xcd/0x230
[  722.363077][T18855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.363091][T18855] RIP: 0033:0x7f0fc578e969
[  722.363103][T18855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.363116][T18855] RSP: 002b:00007f0fc6522038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  722.363130][T18855] RAX: ffffffffffffffda RBX: 00007f0fc59b6160 RCX: 00007f0fc578e969
[  722.363139][T18855] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000006
[  722.363148][T18855] RBP: 00007f0fc5810ab1 R08: 0000000000000000 R09: 0000000000000000
[  722.363155][T18855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  722.363163][T18855] R13: 0000000000000000 R14: 00007f0fc59b6160 R15: 00007ffc46df9888
[  722.363180][T18855]  </TASK>
[  723.450305][T16634] Bluetooth: hci2: unexpected event 0x3e length: 1020 > 260
[  723.450333][T16634] Bluetooth: hci2: unexpected subevent 0x01 length: 1019 > 18
[  723.576588][T18869] VFS_BUG_ON_INODE(1) encountered for inode ffff888023c83758
[  723.576752][T18869] ------------[ cut here ]------------
[  723.589778][T18869] kernel BUG at fs/namei.c:3467!
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  723.808459][T18869] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  723.814748][T18869] CPU: 1 UID: 0 PID: 18869 Comm: syz.0.2644 Not tainted 6.15.0-rc4-syzkaller-00256-g95d3481af6dc #0 PREEMPT(full) 
[  723.826805][T18869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  723.836854][T18869] RIP: 0010:may_open+0x1e3/0x400
[  723.841790][T18869] Code: cc cc cc 66 81 fd 00 10 74 29 66 81 fd 00 20 0f 84 0d ff ff ff e8 7d cd 86 ff 48 c7 c6 00 24 9f 8b 4c 89 e7 e8 fe b8 04 00 90 <0f> 0b 66 81 fd 00 c0 75 e2 e8 5f cd 86 ff 44 89 fb 31 ff 83 e3 01
[  723.861387][T18869] RSP: 0018:ffffc900034c7a68 EFLAGS: 00010286
[  723.867443][T18869] RAX: 000000000000003a RBX: ffffc900034c7c00 RCX: ffffffff819a29a9
[  723.875400][T18869] RDX: 0000000000000000 RSI: ffffffff819aa836 RDI: 0000000000000005
[  723.883357][T18869] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  723.891397][T18869] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888023c83758
[  723.899354][T18869] R13: 0000000000008020 R14: ffffffff8e5e4080 R15: 0000000000000001
[  723.907310][T18869] FS:  00007f19d955c6c0(0000) GS:ffff888124aec000(0000) knlGS:0000000000000000
[  723.916231][T18869] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  723.922800][T18869] CR2: 00007f19d957d650 CR3: 000000006d1fe000 CR4: 00000000003526f0
[  723.930758][T18869] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  723.938714][T18869] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  723.946676][T18869] Call Trace:
[  723.949943][T18869]  <TASK>
[  723.952860][T18869]  path_openat+0x13d1/0x2d40
[  723.957438][T18869]  ? __pfx_path_openat+0x10/0x10
[  723.962357][T18869]  ? stack_trace_save+0x8e/0xc0
[  723.967190][T18869]  ? __pfx_stack_trace_save+0x10/0x10
[  723.972544][T18869]  ? stack_depot_save_flags+0x28/0xa50
[  723.977998][T18869]  do_filp_open+0x20b/0x470
[  723.982492][T18869]  ? __pfx_do_filp_open+0x10/0x10
[  723.987500][T18869]  ? __kasan_slab_alloc+0x89/0x90
[  723.992508][T18869]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  723.998139][T18869]  ? getname_flags.part.0+0x4c/0x550
[  724.003421][T18869]  do_open_execat+0xf9/0x450
[  724.008003][T18869]  ? __pfx_do_open_execat+0x10/0x10
[  724.013192][T18869]  ? find_held_lock+0x2b/0x80
[  724.017852][T18869]  ? __might_fault+0xe3/0x190
[  724.022516][T18869]  ? __might_fault+0x13b/0x190
[  724.027265][T18869]  alloc_bprm+0x2d/0xdd0
[  724.031499][T18869]  ? strncpy_from_user+0x203/0x2e0
[  724.036605][T18869]  do_execveat_common.isra.0+0x1ce/0x610
[  724.042317][T18869]  __x64_sys_execveat+0xda/0x120
[  724.047248][T18869]  do_syscall_64+0xcd/0x230
[  724.051744][T18869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.057622][T18869] RIP: 0033:0x7f19d878e969
[  724.062040][T18869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.081723][T18869] RSP: 002b:00007f19d955c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  724.090125][T18869] RAX: ffffffffffffffda RBX: 00007f19d89b6240 RCX: 00007f19d878e969
[  724.098080][T18869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000021
[  724.106041][T18869] RBP: 00007f19d8810ab1 R08: 0000000000011000 R09: 0000000000000000
[  724.113999][T18869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.121952][T18869] R13: 0000000000000000 R14: 00007f19d89b6240 R15: 00007fff00a328b8
[  724.129916][T18869]  </TASK>
[  724.132923][T18869] Modules linked in:
[  724.137803][T18869] ---[ end trace 0000000000000000 ]---
[  724.693022][T17314] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  724.712708][T17314] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  724.732352][T17314] bond0 (unregistering): Released all slaves
[  724.761845][T18854] bridge0: port 3(team0) entered blocking state
[  724.768965][T18854] bridge0: port 3(team0) entered disabled state
[  724.777336][T18854] team0: entered allmulticast mode
[  724.783196][T18854] team_slave_0: entered allmulticast mode
[  724.788922][T18854] team_slave_1: entered allmulticast mode
[  724.821632][T18854] team0: entered promiscuous mode
[  724.826683][T18854] team_slave_0: entered promiscuous mode
[  724.842060][T18854] team_slave_1: entered promiscuous mode
[  724.858857][T18854] bridge0: port 3(team0) entered blocking state
[  724.865194][T18854] bridge0: port 3(team0) entered forwarding state
[  724.877336][T18869] RIP: 0010:may_open+0x1e3/0x400
[  724.897091][T17314] HfR: left promiscuous mode
[  724.932047][T18869] Code: cc cc cc 66 81 fd 00 10 74 29 66 81 fd 00 20 0f 84 0d ff ff ff e8 7d cd 86 ff 48 c7 c6 00 24 9f 8b 4c 89 e7 e8 fe b8 04 00 90 <0f> 0b 66 81 fd 00 c0 75 e2 e8 5f cd 86 ff 44 89 fb 31 ff 83 e3 01
[  725.025465][T18869] RSP: 0018:ffffc900034c7a68 EFLAGS: 00010286
[  725.055160][T18869] RAX: 000000000000003a RBX: ffffc900034c7c00 RCX: ffffffff819a29a9
[  725.083672][T17314] tipc: Left network mode
[  725.112032][T18869] RDX: 0000000000000000 RSI: ffffffff819aa836 RDI: 0000000000000005
[  725.120050][T18869] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  725.161081][T18869] R10: 0000000080000000 R11: 0000000000000001 R12: ffff888023c83758
[  725.169085][T18869] R13: 0000000000008020 R14: ffffffff8e5e4080 R15: 0000000000000001
[  725.219683][T18869] FS:  00007f19d955c6c0(0000) GS:ffff888124aec000(0000) knlGS:0000000000000000
[  725.245007][T18869] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  725.275148][T18869] CR2: 00007f19d959e990 CR3: 000000006d1fe000 CR4: 00000000003526f0
[  725.303807][T18869] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  725.341661][T18869] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  725.349789][T18869] Kernel panic - not syncing: Fatal exception
[  725.355894][T18869] Kernel Offset: disabled
[  725.360198][T18869] Rebooting in 86400 seconds..