last executing test programs:

13.528369778s ago: executing program 1 (id=2297):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

12.647220473s ago: executing program 1 (id=2300):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0)
read$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
socketcall$auto(0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa2781, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x74)

10.75010349s ago: executing program 1 (id=2304):
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x4604, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000000)='-7', 0xfffffc49)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r1 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0)
unshare$auto(0x1)
fchdir$auto(0xffffffffffffffff)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents64$auto(r2, 0x0, 0x40002)
lseek$auto(r1, 0x7ff, 0x1)
settimeofday$auto(0x0, 0x0)

10.215122734s ago: executing program 2 (id=2305):
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x109802, 0x0)
unshare$auto(0x40000080)
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0x9, 0x0, 0x20008004)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000)
mlock$auto(0x3, 0x7fff)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=&(0x7f00000000c0)='@)\x00', &(0x7f0000000180)=&(0x7f0000000140)='\x00')
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0xb, 0x0)
futex$auto(0x0, 0x10d, 0x2, 0x0, 0x0, 0x8)
r2 = socket(0xa, 0x3, 0x3a)
getsockopt$auto(r2, 0x3a, 0x1, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/vm/dirty_background_bytes\x00', 0x81, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0x1, 0x0, 0x8004)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
close_range$auto(r4, 0x8, 0x0)

7.84271962s ago: executing program 0 (id=2306):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f2, 0x15)
openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x202, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
fchdir$auto(0xffffffffffffffff)
syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x8, 0x400008, 0x28, 0x10, 0xffffffffffffffff, 0x3fd)
mprotect$auto(0x0, 0x806121, 0x6)
socket(0x11, 0x80003, 0x300)
r1 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0)

7.84251895s ago: executing program 2 (id=2307):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
write$auto(0x3, 0x0, 0xfdef)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

7.040314855s ago: executing program 2 (id=2308):
unshare$auto(0x40000080)
lstat$auto(0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'bond_slave_1\x00'})
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_PEER_GET(r0, 0x0, 0x4000000)
r1 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0)
writev$auto(r1, &(0x7f00000000c0)={&(0x7f0000000040)='@', 0x1292}, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01009b64c23ef155546b0104000008000900", @ANYBLOB="080005000600000008000200", @ANYRES32=0x0, @ANYBLOB="0c00010069"], 0x8d}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd7020f8dbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="080001004866520008000200", @ANYRES32=0x0, @ANYBLOB="c1d47cf4e63a0fc65000bb75307ff589819b8ec346596cb1da0e380535fc87030cc6013b95156f0c6075c122f5930c96118fb7b0560f8e33a092daf065b71f9e1b320e3249"], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80)
sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x30, r5, 0x2, 0x70bd2b, 0x25dfdbfc, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0xf}, @OVS_DP_ATTR_NAME={0xc, 0x1, 'nl80211\x00'}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000680)='/sys/devices/virtual/block/nbd0/make-it-fail\x00', 0xc2681, 0x0)
write$auto(r7, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='{\\]\\#\\\x00', 0x7, 0x9)
sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="050727bd7000fbdbdf2567000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80)

5.943215735s ago: executing program 1 (id=2310):
ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x400000000000, &(0x7f0000000400))
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x14, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x1, 0x8, 0xdf, 0x7d, 0xffffffffffffffff, 0x3)
sysfs$auto(0x2, 0x24, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x1, 0x2020009, 0x3, 0xebc, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x189160, 0x0)
ioctl$auto_BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r0, 0x40046210, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x129041, 0x0)
epoll_create$auto(0x3e)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0xb, 0xd, 0x2007d48, 0x948b, 0x4, 0x0, 0x4b, 0x3, 0x0, 0x80000001, 0x7, 0x4, 0x5, 0x2, 0x1]}, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000003c0)='&\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)

4.687762529s ago: executing program 0 (id=2311):
keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a9, 0x7)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
statmount$auto(0x0, 0x0, 0xffff, 0x7d)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0)

4.687615447s ago: executing program 2 (id=2312):
socket(0xa, 0x3, 0x3a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/statistics/rx_packets\x00', 0x244100, 0x0)
write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, &(0x7f0000000300), 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
sendmsg$auto_NL80211_CMD_ADD_LINK(r1, 0x0, 0x44)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

2.789931599s ago: executing program 0 (id=2313):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0)
read$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/nbd7/power/autosuspend_delay_ms\x00', 0x22902, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
socketcall$auto(0xa, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x101600, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa2781, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x74)

2.789688922s ago: executing program 1 (id=2315):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x80a00, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = fcntl$auto(0xffffffffffffffff, 0x400, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = fsopen$auto(0x0, 0x8)
r4 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$auto_UBI_IOCDET(r1, 0x40046f41, &(0x7f0000000540)=0x6)
ioctl$auto_UBI_IOCATT(r4, 0x40186f40, &(0x7f0000000000)={0x1f, 0x0, 0x202, 0x9, 0x1})
flock$auto(r2, 0x8)
ioctl$auto(r0, 0x800064b9, 0x1e6)
r5 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r3)
r6 = socket(0x18, 0x800, 0x1)
connect$auto(r6, &(0x7f0000000000)=@in={0x2, 0x100, @rand_addr=0x4}, 0x3a)
ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000100)={"8478004171ed55479751a53bc3f192f248ff9d67e60890c7962528d94625a793", 0x7, 0x7fff, 0x3, 0x200, 0xfffffffffffffff7, 0xffffffffffffffff})
r7 = syz_clone(0x200, &(0x7f0000000000), 0x0, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000100)="d223bd5eb44ac47e6e8675b3800550d85d73825e4c2c0615d0f7de57651a5502a2de")
process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0x1001}, 0x40000000000001, &(0x7f0000000280)={&(0x7f0000000080), 0x9}, 0x6, 0x0)
ioctl$auto_PAGEMAP_SCAN(r5, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x7, 0xbfb, 0x79, 0x30, 0x3, 0x2})

2.787720927s ago: executing program 3 (id=2316):
r0 = openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/loginuid\x00', 0x109000, 0x0)
write$auto_proc_loginuid_operations_base(r0, &(0x7f0000000040)="8cd1c097c5061c121d7b05843b04347151df6a5e909cb8bc22b6d683acf63d726adb2ea87511c6466af9c085d144fdbcc00abe6cb8ab285cd879d03633c3ec379d04dc8cebd4a0d4a3500b7bb0e3363aa4a23a3b0ed0b1c5c4b9dc3c6a015749ab88374a5b34272a474898df46cc921793b04b0a382f3f67614d0166b7de5fdfb3a805794be35c5c891f8fb48765222abd1555108c36a59c21542d206dc78ad4873d5786b6aad7aaf2f7b6e9fa1a27230cf8cc50690bbefc8b5b4e", 0xbb)
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0xc01)
r1 = socket(0x2, 0x2, 0x1)
connect$auto(r1, &(0x7f00000000c0)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x55)
connect$auto(r1, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x7f)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r2, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xedKW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1\x1f\xf7uw\a\xd0\x83{_>/\xff', 0x100000001)
write$auto(r2, &(0x7f00000000c0)='\xc4\x1dR\x00\x003\x1bO\xbb\x98)\x7fTa1\xa3\xd0\x89\x1e\\\xff', 0x8587)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900)='\t', 0x1)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0xb, 0x0)
keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3)
socket(0x2, 0x3, 0x6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
readv$auto(r2, 0x0, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop14/queue/stable_writes\x00', 0x182b02, 0x0)
sendfile$auto(r3, r3, 0x0, 0x2400000)

2.443172052s ago: executing program 3 (id=2317):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

1.633729419s ago: executing program 3 (id=2318):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
write$auto(0x3, 0x0, 0xfdef)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

1.609155155s ago: executing program 2 (id=2319):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
write$auto(0x3, 0x0, 0xfdef)

1.377365598s ago: executing program 2 (id=2321):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0xc0501, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69)
listen$auto(0x3, 0x81)
r1 = accept$auto(0x3, 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000180)={{@raw=0x8, 0x7, 0x200, 0x481, "3baada912063aa08326de39b458c42c58e5697ae8758eb056ddc4a43c73a8cea18d4b45a80a1f49cedbb00f9", @raw=0x5}, 0x1, @iec958={"453c9e5773573d5a10ca31c4b0deec94b37e3ac12d8d3ee9", "a922ff7a0a491cb4d363dfd32f93c6be915f366dfb5d12993d074ca7f6e4e6060c7715b15719c67748abeb11aff0a9ddde9e6e75827c59dee29d81be296f3ad608a6488eaf1bab8dc5ead1821aacec961c7255a26382d30c73ff5c933f892c863cb840c659bf05a61e7c0397cb515a6daeadda67ce497aa9cb5444c69f6552d49168c6476c3637005321d3d36388af82d66120", 0x0, "9dcfc6e9"}, "a054e9c01cb2c8af6dc4bf831fc4b59231961a4479ad0964856da03461b2acee3c2802d94a3a45389079f564370b881309f1adae03c8ff7b3e98d461173da57cb08cc0e2021395f18adb1b333d8bc7c46c5075780ec2cc971726d532efc3f3f4daaaf56770b9cdcc5c86dc4de9ff00fcddb26b10d68199c9506e3d6ee4f38a62"})
r2 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000)

1.203850591s ago: executing program 0 (id=2322):
r0 = socket(0x2, 0x1, 0x106)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000000)="7f07d3")
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0)
socket(0x25, 0x5, 0x2)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
io_uring_setup$auto(0x946, 0x0)
select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x7, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000480)={&(0x7f0000000300)={0x154, r1, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_PROBE_RESP={0x13d, 0x91, "9d78e19aeeac4fd555ebd023b75066952d31836e7f83ce43732237cdc53946f6452b399cadca20d64980855aa6b4d599603ce62d49efc85514e8ed8e386c8775c2adbeebfeeb18ff618d5fd175b9796cdecca70ac95b1be26a84180f423a4d033094bf185e5ebf5367b009a21ea2cd88fbc53c61a4c5f9c082af8295cb89fca5aa48577e45cf4a124dbe711d8007f556ea4b21e8e3af30738297ad3ae374a2492e392a23c4df363a56c85e6489d1b60c6e9a01a60d09930511f072871d62b781fa8da5c41e81f91bee14b7d1d0ef91c04ef5fec120e69bec6ee2cd10cd8ba37fb72c896c35a603d84513d853676f56ce7a499028a7ae450d3cf1f75f28faa2318a30f577547a307cb44914fa9f89ed9bdfa8fc084738b0290d9c32e8dc9044bbddb9472fe0664c146254f0152528dc188c2713f32ef7d02e91"}]}, 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x8844)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x7, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto_SO_RESERVE_MEM(0xffffffffffffffff, 0x1, 0x49, &(0x7f0000000040)='ethtool\x00', 0x200062b)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000500)='/dev/adsp1\x00', 0x220881, 0x0)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)={0x18, r3, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4104}, 0x20044050)

1.079537654s ago: executing program 1 (id=2323):
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0)
write$auto(0xca, &(0x7f0000000140)='\x04\x0e\x06\xd5\x89|d\v\x00\x00@\x00\x81\x00\x00\x00\xf6\xf5\x00\xdf\xff\x00', 0x10)
mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
sysfs$auto(0x2, 0x3c, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040), 0x0)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(0xffffffffffffffff, 0x0, 0x40)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/query\x00', 0x42e01, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x2000c840)
madvise$auto(0x110c230000, 0x1, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000000000008000)
io_setup$auto(0x7ffe, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

908.163588ms ago: executing program 3 (id=2324):
unshare$auto(0x40000080)

718.834764ms ago: executing program 0 (id=2325):
open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.7/usb8/power/wakeup_total_time_ms\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
socket(0x11, 0x2, 0x6)
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd)
r0 = socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x6)
socket(0xa, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x0)
r1 = socket(0xa, 0x3, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=r0}, 0xa3)

422.08214ms ago: executing program 0 (id=2326):
keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a9, 0x7)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
statmount$auto(0x0, 0x0, 0xffff, 0x7d)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0)

272.446548ms ago: executing program 3 (id=2327):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, r0, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)

0s ago: executing program 3 (id=2328):
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
write$auto(r0, 0x0, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0xfdef)
shutdown$auto(0x200000003, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

kernel console output (not intermixed with test programs):

 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.999818][ T9485] RSP: 002b:00007fef1d5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  280.999844][ T9485] RAX: ffffffffffffffda RBX: 00007fef1f615fa0 RCX: 00007fef1f39c819
[  280.999863][ T9485] RDX: 0000200000000300 RSI: 0000000040045565 RDI: 0000000000000005
[  280.999880][ T9485] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  280.999897][ T9485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.999913][ T9485] R13: 00007fef1f616038 R14: 00007fef1f615fa0 R15: 00007fffff3d6ec8
[  280.999951][ T9485]  </TASK>
[  282.291795][ T9507] warning: `syz.1.931' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  283.357009][ T9524] netlink: 25 bytes leftover after parsing attributes in process `syz.2.936'.
[  285.869382][ T9546] Process accounting resumed
[  287.396228][   T29] audit: type=1800 audit(1843104569.990:7): pid=9580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.950" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  287.811572][ T9584] netlink: 318 bytes leftover after parsing attributes in process `syz.3.952'.
[  291.235247][ T9618] netlink: 202 bytes leftover after parsing attributes in process `syz.0.960'.
[  294.328598][ T9654] kexec: Could not allocate control_code_buffer
[  294.723311][ T9677] FAULT_INJECTION: forcing a failure.
[  294.723311][ T9677] name failslab, interval 1, probability 0, space 0, times 0
[  294.777946][ T9677] CPU: 0 UID: 0 PID: 9677 Comm: syz.2.972 Not tainted syzkaller #0 PREEMPT(full) 
[  294.777982][ T9677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  294.777999][ T9677] Call Trace:
[  294.778008][ T9677]  <TASK>
[  294.778019][ T9677]  dump_stack_lvl+0x100/0x190
[  294.778056][ T9677]  should_fail_ex.cold+0x5/0xa
[  294.778093][ T9677]  should_failslab+0xc2/0x120
[  294.778136][ T9677]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  294.778179][ T9677]  ? security_inode_alloc+0x3b/0x2c0
[  294.778229][ T9677]  ? lockdep_init_map_type+0x5c/0x250
[  294.778265][ T9677]  security_inode_alloc+0x3b/0x2c0
[  294.778306][ T9677]  inode_init_always_gfp+0xcc0/0x1000
[  294.778346][ T9677]  alloc_inode+0x8e/0x250
[  294.778388][ T9677]  new_inode+0x22/0x1c0
[  294.778431][ T9677]  __debugfs_create_file+0x105/0x4f0
[  294.778476][ T9677]  debugfs_create_file_full+0x41/0x60
[  294.778520][ T9677]  kvm_dev_ioctl+0x16c8/0x1a50
[  294.778573][ T9677]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  294.778621][ T9677]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  294.778658][ T9677]  __x64_sys_ioctl+0x18e/0x210
[  294.778686][ T9677]  do_syscall_64+0x10b/0xf80
[  294.778729][ T9677]  ? clear_bhb_loop+0x40/0x90
[  294.778765][ T9677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.778793][ T9677] RIP: 0033:0x7f0fe339c819
[  294.778813][ T9677] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  294.778827][ T9677] RSP: 002b:00007f0fe421f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  294.778843][ T9677] RAX: ffffffffffffffda RBX: 00007f0fe3615fa0 RCX: 00007f0fe339c819
[  294.778860][ T9677] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000006
[  294.778876][ T9677] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  294.778893][ T9677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  294.778908][ T9677] R13: 00007f0fe3616038 R14: 00007f0fe3615fa0 R15: 00007ffd275c8658
[  294.778945][ T9677]  </TASK>
[  294.779016][ T9677] debugfs: out of free dentries, can not create file 'halt_attempted_poll'
[  298.521323][ T9739] FAULT_INJECTION: forcing a failure.
[  298.521323][ T9739] name failslab, interval 1, probability 0, space 0, times 0
[  298.534209][ T9739] CPU: 0 UID: 0 PID: 9739 Comm: syz.1.985 Not tainted syzkaller #0 PREEMPT(full) 
[  298.534249][ T9739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  298.534267][ T9739] Call Trace:
[  298.534276][ T9739]  <TASK>
[  298.534287][ T9739]  dump_stack_lvl+0x100/0x190
[  298.534329][ T9739]  should_fail_ex.cold+0x5/0xa
[  298.534367][ T9739]  should_failslab+0xc2/0x120
[  298.534400][ T9739]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  298.534429][ T9739]  ? snd_pcm_hw_rule_add+0x3b3/0x510
[  298.534473][ T9739]  krealloc_node_align_noprof+0x30f/0x3e0
[  298.534509][ T9739]  snd_pcm_hw_rule_add+0x3b3/0x510
[  298.534546][ T9739]  ? __pfx_snd_pcm_hw_rule_format+0x10/0x10
[  298.534594][ T9739]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  298.534635][ T9739]  ? mutex_init_lockdep+0xf1/0x120
[  298.534666][ T9739]  ? snd_pcm_attach_substream+0x287/0xd20
[  298.534704][ T9739]  snd_pcm_open_substream+0x54a/0x1850
[  298.534738][ T9739]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  298.534768][ T9739]  ? rcu_is_watching+0x12/0xc0
[  298.534810][ T9739]  snd_pcm_open+0x2a3/0x710
[  298.534843][ T9739]  ? __pfx_snd_pcm_open+0x10/0x10
[  298.534876][ T9739]  ? __pfx_default_wake_function+0x10/0x10
[  298.534926][ T9739]  ? __pfx_snd_pcm_playback_open+0x10/0x10
[  298.534952][ T9739]  snd_pcm_playback_open+0x86/0xe0
[  298.534982][ T9739]  snd_open+0x201/0x450
[  298.535020][ T9739]  ? __pfx_snd_open+0x10/0x10
[  298.535054][ T9739]  chrdev_open+0x234/0x6a0
[  298.535086][ T9739]  ? __pfx_apparmor_file_open+0x10/0x10
[  298.535128][ T9739]  ? __pfx_chrdev_open+0x10/0x10
[  298.535166][ T9739]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  298.535219][ T9739]  do_dentry_open+0x6d8/0x1660
[  298.535253][ T9739]  ? __pfx_chrdev_open+0x10/0x10
[  298.535298][ T9739]  vfs_open+0x82/0x3f0
[  298.535343][ T9739]  path_openat+0x208c/0x31a0
[  298.535391][ T9739]  ? __pfx_path_openat+0x10/0x10
[  298.535439][ T9739]  do_file_open+0x20e/0x430
[  298.535477][ T9739]  ? __pfx_do_file_open+0x10/0x10
[  298.535540][ T9739]  ? alloc_fd+0x476/0x790
[  298.535577][ T9739]  ? do_getname+0x191/0x390
[  298.535621][ T9739]  do_sys_openat2+0x10d/0x1e0
[  298.535662][ T9739]  ? __pfx_do_sys_openat2+0x10/0x10
[  298.535719][ T9739]  __x64_sys_openat+0x12d/0x210
[  298.535761][ T9739]  ? __pfx___x64_sys_openat+0x10/0x10
[  298.535799][ T9739]  ? ksys_write+0x1ac/0x250
[  298.535829][ T9739]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  298.535873][ T9739]  ? syscall_user_dispatch+0x76/0x130
[  298.535910][ T9739]  do_syscall_64+0x10b/0xf80
[  298.535952][ T9739]  ? clear_bhb_loop+0x40/0x90
[  298.535987][ T9739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.536015][ T9739] RIP: 0033:0x7fef1f39c819
[  298.536040][ T9739] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.536068][ T9739] RSP: 002b:00007fef1d5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  298.536096][ T9739] RAX: ffffffffffffffda RBX: 00007fef1f615fa0 RCX: 00007fef1f39c819
[  298.536115][ T9739] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  298.536133][ T9739] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  298.536151][ T9739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.536169][ T9739] R13: 00007fef1f616038 R14: 00007fef1f615fa0 R15: 00007fffff3d6ec8
[  298.536214][ T9739]  </TASK>
[  301.908772][   T29] audit: type=1800 audit(1843104584.510:8): pid=9797 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1002" name="file0" dev="tmpfs" ino=1337 res=0 errno=0
[  304.445502][ T9851] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1016'.
[  307.700357][ T9913] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  310.251358][ T9948] netlink: 'syz.1.1040': attribute type 1 has an invalid length.
[  310.268513][ T9948] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1040'.
[  313.351700][T10011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1055'.
[  313.361369][T10011] dummy0: left allmulticast mode
[  313.367853][T10011] dummy0: left promiscuous mode
[  313.374623][T10011] bridge0: port 3(dummy0) entered disabled state
[  313.392380][T10011] bridge_slave_1: left allmulticast mode
[  313.399777][T10011] bridge_slave_1: left promiscuous mode
[  313.405889][T10011] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.427450][T10011] bridge_slave_0: left allmulticast mode
[  313.433363][T10011] bridge_slave_0: left promiscuous mode
[  313.439971][T10011] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.912108][   T29] audit: type=1800 audit(1843104596.510:9): pid=10023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1058" name="members" dev="configfs" ino=27406 res=0 errno=0
[  315.081600][   T29] audit: type=1800 audit(1843104597.680:10): pid=10045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1063" name="file0" dev="tmpfs" ino=1184 res=0 errno=0
[  317.161174][T10061] Process accounting paused
[  317.269882][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  317.278199][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  319.581956][T10090] hub 1-0:1.0: USB hub found
[  319.611182][T10090] hub 1-0:1.0: 1 port detected
[  328.981108][T10266] FAULT_INJECTION: forcing a failure.
[  328.981108][T10266] name failslab, interval 1, probability 0, space 0, times 0
[  328.981181][T10266] CPU: 0 UID: 0 PID: 10266 Comm: syz.0.1114 Not tainted syzkaller #0 PREEMPT(full) 
[  328.981219][T10266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  328.981235][T10266] Call Trace:
[  328.981244][T10266]  <TASK>
[  328.981254][T10266]  dump_stack_lvl+0x100/0x190
[  328.981288][T10266]  should_fail_ex.cold+0x5/0xa
[  328.981323][T10266]  should_failslab+0xc2/0x120
[  328.981355][T10266]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  328.981383][T10266]  ? kstrdup_const+0x63/0x80
[  328.981408][T10266]  ? find_held_lock+0x2b/0x80
[  328.981442][T10266]  ? is_bpf_text_address+0x8a/0x1a0
[  328.981486][T10266]  kstrdup+0x51/0xe0
[  328.981515][T10266]  kstrdup_const+0x63/0x80
[  328.981543][T10266]  __kernfs_new_node+0x9b/0x9f0
[  328.981571][T10266]  ? __kernel_text_address+0xd/0x30
[  328.981600][T10266]  ? arch_stack_walk+0xa6/0xf0
[  328.981633][T10266]  ? __pfx___kernfs_new_node+0x10/0x10
[  328.981671][T10266]  ? find_held_lock+0x2b/0x80
[  328.981702][T10266]  ? kernfs_root+0xee/0x2a0
[  328.981726][T10266]  ? kernfs_root+0xee/0x2a0
[  328.981758][T10266]  kernfs_new_node+0x11b/0x1a0
[  328.981806][T10266]  kernfs_create_dir_ns+0x4c/0x1a0
[  328.981841][T10266]  sysfs_create_dir_ns+0x13a/0x2b0
[  328.981870][T10266]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  328.981896][T10266]  ? find_held_lock+0x2b/0x80
[  328.981929][T10266]  ? kobject_add_internal+0x25f/0x930
[  328.981960][T10266]  ? kobject_add_internal+0x25f/0x930
[  328.981995][T10266]  ? class_dir_child_ns_type+0xd/0x60
[  328.982029][T10266]  kobject_add_internal+0x2c8/0x930
[  328.982065][T10266]  kobject_add+0x16a/0x1e0
[  328.982094][T10266]  ? __pfx_kobject_add+0x10/0x10
[  328.982130][T10266]  ? kobject_put+0xb9/0x640
[  328.982168][T10266]  device_add+0x294/0x1950
[  328.982203][T10266]  ? __pfx_device_add+0x10/0x10
[  328.982232][T10266]  ? kfree_const+0x5a/0x70
[  328.982255][T10266]  ? kfree+0x1dd/0x6c0
[  328.982300][T10266]  device_create_groups_vargs+0x1f8/0x270
[  328.982339][T10266]  device_create+0xed/0x130
[  328.982373][T10266]  ? __pfx_device_create+0x10/0x10
[  328.982401][T10266]  ? do_raw_spin_lock+0x128/0x260
[  328.982434][T10266]  ? is_console_locked+0x9/0x20
[  328.982474][T10266]  ? con_is_visible+0x65/0x150
[  328.982501][T10266]  ? csi_J+0x57e/0xad0
[  328.982541][T10266]  vcs_make_sysfs+0x32/0x80
[  328.982571][T10266]  vc_allocate+0x539/0x880
[  328.982607][T10266]  ? __pfx_vc_allocate+0x10/0x10
[  328.982653][T10266]  con_install+0xa1/0x620
[  328.982692][T10266]  ? __pfx_con_install+0x10/0x10
[  328.982733][T10266]  ? __pfx_con_install+0x10/0x10
[  328.982779][T10266]  tty_init_dev.part.0+0x9e/0x470
[  328.982825][T10266]  tty_open+0xa63/0xfa0
[  328.982868][T10266]  ? __pfx_tty_open+0x10/0x10
[  328.982907][T10266]  ? chrdev_open+0x589/0x6a0
[  328.982940][T10266]  ? chrdev_open+0x589/0x6a0
[  328.982979][T10266]  ? __pfx_tty_open+0x10/0x10
[  328.983015][T10266]  chrdev_open+0x234/0x6a0
[  328.983049][T10266]  ? __pfx_chrdev_open+0x10/0x10
[  328.983085][T10266]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  328.983128][T10266]  do_dentry_open+0x6d8/0x1660
[  328.983160][T10266]  ? __pfx_chrdev_open+0x10/0x10
[  328.983203][T10266]  vfs_open+0x82/0x3f0
[  328.983247][T10266]  path_openat+0x208c/0x31a0
[  328.983294][T10266]  ? __pfx_path_openat+0x10/0x10
[  328.983342][T10266]  do_file_open+0x20e/0x430
[  328.983379][T10266]  ? __pfx_do_file_open+0x10/0x10
[  328.983439][T10266]  ? alloc_fd+0x476/0x790
[  328.983470][T10266]  ? do_getname+0x191/0x390
[  328.983509][T10266]  do_sys_openat2+0x10d/0x1e0
[  328.983544][T10266]  ? __pfx_do_sys_openat2+0x10/0x10
[  328.983581][T10266]  ? __pfx_idempotent_init_module+0x10/0x10
[  328.983630][T10266]  __x64_sys_openat+0x12d/0x210
[  328.983668][T10266]  ? __pfx___x64_sys_openat+0x10/0x10
[  328.983718][T10266]  ? rcu_is_watching+0x12/0xc0
[  328.983754][T10266]  do_syscall_64+0x10b/0xf80
[  328.983788][T10266]  ? clear_bhb_loop+0x40/0x90
[  328.983806][T10266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.983821][T10266] RIP: 0033:0x7f910af9c819
[  328.983835][T10266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  328.983849][T10266] RSP: 002b:00007f91091d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  328.983864][T10266] RAX: ffffffffffffffda RBX: 00007f910b216090 RCX: 00007f910af9c819
[  328.983874][T10266] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  328.983883][T10266] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  328.983893][T10266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  328.983901][T10266] R13: 00007f910b216128 R14: 00007f910b216090 R15: 00007ffdbe4e8e08
[  328.983922][T10266]  </TASK>
[  329.015826][T10266] kobject: kobject_add_internal failed for vcs16 (error: -12 parent: vc)
[  329.766971][T10274] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1116'.
[  334.954979][   T29] audit: type=1800 audit(1843104617.550:11): pid=10363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1135" name="dbroot" dev="configfs" ino=29802 res=0 errno=0
[  335.669296][T10376] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  337.396070][ T5853] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  337.396110][ T5853] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15
[  337.411796][ T5853] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  339.067509][T10424] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1153'.
[  339.574844][T10432] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  343.475675][T10486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1169'.
[  343.553778][T10486] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1169'.
[  344.135583][   T29] audit: type=1800 audit(1843104626.730:12): pid=10493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1170" name="file0" dev="tmpfs" ino=1540 res=0 errno=0
[  346.044841][T10533] tipc: Withdrawal distribution failure
[  347.416782][T10540] random: crng reseeded on system resumption
[  347.434919][   T29] audit: type=1800 audit(1843104630.040:13): pid=10548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1182" name="file0" dev="tmpfs" ino=1830 res=0 errno=0
[  347.532247][T10547] Process accounting resumed
[  348.750299][T10569] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1192'.
[  351.478686][   T29] audit: type=1800 audit(1843104634.080:14): pid=10620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1201" name="nullb0" dev="tmpfs" ino=689 res=0 errno=0
[  352.258340][   T29] audit: type=1800 audit(1843104634.860:15): pid=10638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1205" name="dbroot" dev="configfs" ino=30961 res=0 errno=0
[  352.459791][T10642] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1204'.
[  354.348353][T10665] device-mapper: ioctl: Unable to rename non-existent device,  to uuid „
[  357.159180][   T29] audit: type=1800 audit(1843104639.760:16): pid=10715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1222" name="file0" dev="tmpfs" ino=1608 res=0 errno=0
[  358.819144][T10726] hub 1-0:1.0: USB hub found
[  358.859560][T10726] hub 1-0:1.0: 1 port detected
[  359.495001][T10755] random: crng reseeded on system resumption
[  359.749933][T10756] hub 1-0:1.0: USB hub found
[  359.774139][T10756] hub 1-0:1.0: 1 port detected
[  360.212701][T10768] FAULT_INJECTION: forcing a failure.
[  360.212701][T10768] name failslab, interval 1, probability 0, space 0, times 0
[  360.243338][T10768] CPU: 0 UID: 0 PID: 10768 Comm: syz.0.1234 Not tainted syzkaller #0 PREEMPT(full) 
[  360.243380][T10768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  360.243397][T10768] Call Trace:
[  360.243408][T10768]  <TASK>
[  360.243423][T10768]  dump_stack_lvl+0x100/0x190
[  360.243460][T10768]  should_fail_ex.cold+0x5/0xa
[  360.243500][T10768]  should_failslab+0xc2/0x120
[  360.243534][T10768]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  360.243574][T10768]  ? acpi_ut_allocate_object_desc_dbg+0x86/0x240
[  360.243617][T10768]  ? acpi_ut_trace+0x1d7/0x2a0
[  360.243660][T10768]  acpi_ut_allocate_object_desc_dbg+0x86/0x240
[  360.243707][T10768]  acpi_ut_create_internal_object_dbg+0x51/0x260
[  360.243757][T10768]  acpi_ut_create_integer_object+0x46/0xe0
[  360.243801][T10768]  acpi_ps_execute_method+0x582/0xe90
[  360.243844][T10768]  acpi_ns_evaluate+0x640/0x1670
[  360.243889][T10768]  acpi_evaluate_object+0x420/0xe00
[  360.243932][T10768]  ? kasan_save_stack+0x30/0x50
[  360.243958][T10768]  ? kasan_save_track+0x14/0x30
[  360.243984][T10768]  ? __kasan_kmalloc+0xaa/0xb0
[  360.244009][T10768]  ? __kvmalloc_node_noprof+0x360/0xa00
[  360.244042][T10768]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  360.244084][T10768]  ? lock_acquire+0x1b1/0x370
[  360.244123][T10768]  acpi_evaluate_integer+0xdf/0x220
[  360.244162][T10768]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  360.244218][T10768]  ? __pfx_status_show+0x10/0x10
[  360.244260][T10768]  status_show+0xa0/0x120
[  360.244303][T10768]  ? __pfx_status_show+0x10/0x10
[  360.244356][T10768]  dev_attr_show+0x52/0xa0
[  360.244388][T10768]  ? __pfx_dev_attr_show+0x10/0x10
[  360.244420][T10768]  sysfs_kf_seq_show+0x217/0x3a0
[  360.244473][T10768]  seq_read_iter+0x32f/0x1270
[  360.244502][T10768]  ? lock_acquire+0x1b1/0x370
[  360.244545][T10768]  kernfs_fop_read_iter+0x46c/0x610
[  360.244585][T10768]  ? rw_verify_area+0xce/0x6d0
[  360.244612][T10768]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  360.244660][T10768]  vfs_read+0x825/0xb30
[  360.244696][T10768]  ? __pfx_vfs_read+0x10/0x10
[  360.244748][T10768]  ksys_read+0x12a/0x250
[  360.244777][T10768]  ? __pfx_ksys_read+0x10/0x10
[  360.244808][T10768]  ? rcu_is_watching+0x12/0xc0
[  360.244843][T10768]  do_syscall_64+0x10b/0xf80
[  360.244880][T10768]  ? clear_bhb_loop+0x40/0x90
[  360.244911][T10768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.244937][T10768] RIP: 0033:0x7f910af9c819
[  360.244961][T10768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.244989][T10768] RSP: 002b:00007f91091f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  360.245017][T10768] RAX: ffffffffffffffda RBX: 00007f910b215fa0 RCX: 00007f910af9c819
[  360.245038][T10768] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[  360.245056][T10768] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  360.245074][T10768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.245090][T10768] R13: 00007f910b216038 R14: 00007f910b215fa0 R15: 00007ffdbe4e8e08
[  360.245127][T10768]  </TASK>
[  360.640420][T10768] ACPI Error: Could not allocate an object descriptor (20251212/utobject-180)
[  360.693319][T10774] FAULT_INJECTION: forcing a failure.
[  360.693319][T10774] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  360.792815][T10774] CPU: 1 UID: 0 PID: 10774 Comm: syz.1.1235 Not tainted syzkaller #0 PREEMPT(full) 
[  360.792856][T10774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  360.792874][T10774] Call Trace:
[  360.792884][T10774]  <TASK>
[  360.792895][T10774]  dump_stack_lvl+0x100/0x190
[  360.792933][T10774]  should_fail_ex.cold+0x5/0xa
[  360.792965][T10774]  ? prepare_alloc_pages+0x16d/0x5f0
[  360.793005][T10774]  should_fail_alloc_page+0xeb/0x140
[  360.793045][T10774]  prepare_alloc_pages+0x1f0/0x5f0
[  360.793087][T10774]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  360.793133][T10774]  ? rcu_is_watching+0x12/0xc0
[  360.793172][T10774]  ? __lock_acquire+0x4a5/0x2630
[  360.793204][T10774]  ? __lock_acquire+0x4a5/0x2630
[  360.793229][T10774]  ? css_rstat_updated+0x1ce/0x5a0
[  360.793274][T10774]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  360.793322][T10774]  ? do_raw_spin_lock+0x128/0x260
[  360.793355][T10774]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  360.793387][T10774]  ? find_held_lock+0x2b/0x80
[  360.793431][T10774]  ? __lock_acquire+0x4a5/0x2630
[  360.793452][T10774]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  360.793490][T10774]  ? policy_nodemask+0xed/0x4f0
[  360.793525][T10774]  alloc_pages_mpol+0x1fb/0x540
[  360.793558][T10774]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  360.793591][T10774]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  360.793629][T10774]  ? __folio_batch_add_and_move+0x5e5/0xc60
[  360.793664][T10774]  folio_alloc_mpol_noprof+0x36/0x260
[  360.793706][T10774]  shmem_alloc_folio+0x135/0x160
[  360.793747][T10774]  shmem_alloc_and_add_folio+0x371/0xd40
[  360.793803][T10774]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  360.793856][T10774]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  360.793901][T10774]  ? __lock_acquire+0x4a5/0x2630
[  360.793932][T10774]  shmem_get_folio_gfp+0x6ab/0x1900
[  360.793987][T10774]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  360.794044][T10774]  shmem_write_begin+0x1a4/0x420
[  360.794076][T10774]  ? __pfx_shmem_write_begin+0x10/0x10
[  360.794106][T10774]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  360.794148][T10774]  generic_perform_write+0x292/0xa40
[  360.794199][T10774]  ? __pfx_generic_perform_write+0x10/0x10
[  360.794247][T10774]  ? file_update_time_flags+0x373/0x500
[  360.794293][T10774]  shmem_file_write_iter+0x10e/0x140
[  360.794330][T10774]  vfs_write+0x6ac/0x1070
[  360.794363][T10774]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  360.794399][T10774]  ? __pfx_vfs_write+0x10/0x10
[  360.794454][T10774]  ksys_write+0x12a/0x250
[  360.794485][T10774]  ? __pfx_ksys_write+0x10/0x10
[  360.794519][T10774]  ? rcu_is_watching+0x12/0xc0
[  360.794558][T10774]  do_syscall_64+0x10b/0xf80
[  360.794599][T10774]  ? clear_bhb_loop+0x40/0x90
[  360.794642][T10774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.794672][T10774] RIP: 0033:0x7fef1f39c819
[  360.794696][T10774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.794724][T10774] RSP: 002b:00007fef1d5d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  360.794752][T10774] RAX: ffffffffffffffda RBX: 00007fef1f616090 RCX: 00007fef1f39c819
[  360.794771][T10774] RDX: 00000000fffffdf1 RSI: 0000000000000000 RDI: 0000000000000007
[  360.794789][T10774] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  360.794806][T10774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.794823][T10774] R13: 00007fef1f616128 R14: 00007fef1f616090 R15: 00007fffff3d6ec8
[  360.794862][T10774]  </TASK>
[  361.205752][T10768] ACPI Error: ffff88802a776000 walk still has a scope list (20251212/dswstate-694)
[  362.550287][T10793] hub 1-0:1.0: USB hub found
[  362.564895][T10793] hub 1-0:1.0: 1 port detected
[  362.736072][T10804] QAT: Invalid ioctl 35077
[  365.503639][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  365.711918][   T29] audit: type=1800 audit(1843104648.310:17): pid=10809 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1242" name="dbroot" dev="configfs" ino=31844 res=0 errno=0
[  366.158593][T10823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1245'.
[  366.170414][T10823] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1245'.
[  367.652418][T10852] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1254'.
[  368.832826][T10876] Falling back ldisc for ttyS2.
[  369.528697][T10892] smpboot: CPU 1 is now offline
[  370.062037][T10895] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  370.087163][T10895] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.125804][T10895] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  370.166115][T10895] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  370.430354][T10909] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1266'.
[  371.408645][   T29] audit: type=1800 audit(1843104654.010:18): pid=10935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1273" name="members" dev="configfs" ino=32881 res=0 errno=0
[  371.984156][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  372.143746][ T5849] Bluetooth: hci2: command 0x0c1a tx timeout
[  372.149850][ T5853] Bluetooth: hci3: command 0x0c1a tx timeout
[  372.225104][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  377.427033][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  377.433393][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  378.124430][T11041] Process accounting paused
[  378.509676][T11051] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1300'.
[  378.942024][T11061] netlink: 29 bytes leftover after parsing attributes in process `syz.1.1303'.
[  382.259983][T11112] netlink: 'syz.0.1319': attribute type 1 has an invalid length.
[  382.295865][T11112] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1319'.
[  382.333790][T11116] random: crng reseeded on system resumption
[  382.500647][T11121] FAULT_INJECTION: forcing a failure.
[  382.500647][T11121] name failslab, interval 1, probability 0, space 0, times 0
[  382.572820][T11121] CPU: 0 UID: 0 PID: 11121 Comm: syz.1.1320 Not tainted syzkaller #0 PREEMPT(full) 
[  382.572844][T11121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  382.572854][T11121] Call Trace:
[  382.572859][T11121]  <TASK>
[  382.572865][T11121]  dump_stack_lvl+0x100/0x190
[  382.572887][T11121]  should_fail_ex.cold+0x5/0xa
[  382.572907][T11121]  should_failslab+0xc2/0x120
[  382.572925][T11121]  __kmalloc_cache_node_noprof+0x7d/0x770
[  382.572941][T11121]  ? __alloc_workqueue+0xf73/0x19f0
[  382.572960][T11121]  ? lockdep_init_map_type+0x5c/0x250
[  382.572978][T11121]  __alloc_workqueue+0xf73/0x19f0
[  382.573001][T11121]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  382.573024][T11121]  alloc_workqueue_noprof+0xd2/0x200
[  382.573044][T11121]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  382.573070][T11121]  ? __pfx___debug_object_init+0x10/0x10
[  382.573099][T11121]  nci_register_device+0x21e/0xb80
[  382.573119][T11121]  ? __pfx_nci_register_device+0x10/0x10
[  382.573140][T11121]  ? lockdep_init_map_type+0x5c/0x250
[  382.573158][T11121]  virtual_ncidev_open+0x141/0x220
[  382.573179][T11121]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  382.573198][T11121]  misc_open+0x26d/0x450
[  382.573215][T11121]  ? __pfx_misc_open+0x10/0x10
[  382.573230][T11121]  chrdev_open+0x234/0x6a0
[  382.573247][T11121]  ? __pfx_apparmor_file_open+0x10/0x10
[  382.573269][T11121]  ? __pfx_chrdev_open+0x10/0x10
[  382.573288][T11121]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  382.573311][T11121]  do_dentry_open+0x6d8/0x1660
[  382.573327][T11121]  ? __pfx_chrdev_open+0x10/0x10
[  382.573350][T11121]  vfs_open+0x82/0x3f0
[  382.573372][T11121]  path_openat+0x208c/0x31a0
[  382.573396][T11121]  ? __pfx_path_openat+0x10/0x10
[  382.573424][T11121]  do_file_open+0x20e/0x430
[  382.573443][T11121]  ? __pfx_do_file_open+0x10/0x10
[  382.573474][T11121]  ? alloc_fd+0x476/0x790
[  382.573493][T11121]  ? do_getname+0x191/0x390
[  382.573514][T11121]  do_sys_openat2+0x10d/0x1e0
[  382.573535][T11121]  ? __pfx_do_sys_openat2+0x10/0x10
[  382.573563][T11121]  __x64_sys_openat+0x12d/0x210
[  382.573585][T11121]  ? __pfx___x64_sys_openat+0x10/0x10
[  382.573610][T11121]  ? rcu_is_watching+0x12/0xc0
[  382.573629][T11121]  do_syscall_64+0x10b/0xf80
[  382.573650][T11121]  ? clear_bhb_loop+0x40/0x90
[  382.573668][T11121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.573683][T11121] RIP: 0033:0x7fef1f39c819
[  382.573697][T11121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.573711][T11121] RSP: 002b:00007fef1d5d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  382.573726][T11121] RAX: ffffffffffffffda RBX: 00007fef1f616090 RCX: 00007fef1f39c819
[  382.573736][T11121] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  382.573746][T11121] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  382.573755][T11121] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000
[  382.573764][T11121] R13: 00007fef1f616128 R14: 00007fef1f616090 R15: 00007fffff3d6ec8
[  382.573783][T11121]  </TASK>
[  384.130503][T11141] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1324'.
[  384.866269][T11154] zram: Added device: zram1
[  387.028238][T11211] can0: slcan on ttyS2.
[  387.124037][T11208] can0 (unregistered): slcan off ttyS2.
[  389.027945][T11274] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  392.309507][T11320] can0: slcan on ttyS2.
[  392.476950][T11320] can0 (unregistered): slcan off ttyS2.
[  393.749057][T11357] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1361'.
[  394.143320][T11367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1363'.
[  394.213305][T11367] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1363'.
[  397.196971][T11420] random: crng reseeded on system resumption
[  397.399301][T11422] hub 1-0:1.0: USB hub found
[  397.470116][T11422] hub 1-0:1.0: 1 port detected
[  397.870739][T11432] FAULT_INJECTION: forcing a failure.
[  397.870739][T11432] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  397.940546][T11432] CPU: 0 UID: 0 PID: 11432 Comm: syz.1.1380 Not tainted syzkaller #0 PREEMPT(full) 
[  397.940569][T11432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  397.940578][T11432] Call Trace:
[  397.940593][T11432]  <TASK>
[  397.940599][T11432]  dump_stack_lvl+0x100/0x190
[  397.940621][T11432]  should_fail_ex.cold+0x5/0xa
[  397.940642][T11432]  _copy_from_user+0x2e/0xd0
[  397.940665][T11432]  do_handle_open+0x60e/0xce0
[  397.940688][T11432]  ? __pfx_do_handle_open+0x10/0x10
[  397.940708][T11432]  ? __x64_sys_futex+0x34f/0x4d0
[  397.940726][T11432]  ? xfd_validate_state+0x129/0x190
[  397.940741][T11432]  ? ksys_write+0x1ac/0x250
[  397.940764][T11432]  ? do_syscall_64+0x10b/0xf80
[  397.940785][T11432]  do_syscall_64+0x10b/0xf80
[  397.940805][T11432]  ? clear_bhb_loop+0x40/0x90
[  397.940823][T11432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.940838][T11432] RIP: 0033:0x7fef1f39c819
[  397.940852][T11432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  397.940866][T11432] RSP: 002b:00007fef1d5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  397.940880][T11432] RAX: ffffffffffffffda RBX: 00007fef1f615fa0 RCX: 00007fef1f39c819
[  397.940890][T11432] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000004
[  397.940899][T11432] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  397.940907][T11432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  397.940916][T11432] R13: 00007fef1f616038 R14: 00007fef1f615fa0 R15: 00007fffff3d6ec8
[  397.940934][T11432]  </TASK>
[  400.752351][T11456] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1386'.
[  401.542749][T11471] FAULT_INJECTION: forcing a failure.
[  401.542749][T11471] name fail_futex, interval 1, probability 0, space 0, times 1
[  401.620915][T11471] CPU: 0 UID: 0 PID: 11471 Comm: syz.1.1392 Not tainted syzkaller #0 PREEMPT(full) 
[  401.620937][T11471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  401.620945][T11471] Call Trace:
[  401.620950][T11471]  <TASK>
[  401.620956][T11471]  dump_stack_lvl+0x100/0x190
[  401.620976][T11471]  should_fail_ex.cold+0x5/0xa
[  401.620994][T11471]  get_futex_key+0x1d2/0x1510
[  401.621011][T11471]  ? __pfx_get_futex_key+0x10/0x10
[  401.621024][T11471]  ? lock_acquire+0x1b1/0x370
[  401.621042][T11471]  futex_wake+0xea/0x530
[  401.621062][T11471]  ? __pfx_futex_wake+0x10/0x10
[  401.621079][T11471]  ? exit_mm_release+0x19/0x30
[  401.621104][T11471]  do_futex+0x32b/0x350
[  401.621119][T11471]  ? __pfx_do_futex+0x10/0x10
[  401.621133][T11471]  ? __might_fault+0xc5/0x140
[  401.621159][T11471]  mm_release+0x24a/0x2f0
[  401.621176][T11471]  do_exit+0x707/0x2a60
[  401.621199][T11471]  ? __pfx_do_exit+0x10/0x10
[  401.621220][T11471]  ? do_raw_spin_lock+0x128/0x260
[  401.621235][T11471]  ? find_held_lock+0x2b/0x80
[  401.621252][T11471]  ? get_signal+0x7e0/0x21e0
[  401.621271][T11471]  do_group_exit+0xd5/0x2a0
[  401.621293][T11471]  get_signal+0x1ec7/0x21e0
[  401.621317][T11471]  ? __pfx_get_signal+0x10/0x10
[  401.621335][T11471]  ? do_futex+0x192/0x350
[  401.621359][T11471]  arch_do_signal_or_restart+0x91/0x770
[  401.621382][T11471]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  401.621407][T11471]  ? __pfx___x64_sys_futex+0x10/0x10
[  401.621423][T11471]  ? rcu_is_watching+0x12/0xc0
[  401.621442][T11471]  exit_to_user_mode_loop+0x86/0x4a0
[  401.621456][T11471]  ? do_syscall_64+0x519/0xf80
[  401.621481][T11471]  do_syscall_64+0x6f2/0xf80
[  401.621501][T11471]  ? clear_bhb_loop+0x40/0x90
[  401.621518][T11471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.621532][T11471] RIP: 0033:0x7fef1f39c819
[  401.621545][T11471] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  401.621558][T11471] RSP: 002b:00007fef1d5f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  401.621572][T11471] RAX: fffffffffffffe00 RBX: 00007fef1f615fa8 RCX: 00007fef1f39c819
[  401.621582][T11471] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fef1f615fa8
[  401.621591][T11471] RBP: 00007fef1f615fa0 R08: 0000000000000000 R09: 0000000000000000
[  401.621599][T11471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.621607][T11471] R13: 00007fef1f616038 R14: 00007fffff3d6de0 R15: 00007fffff3d6ec8
[  401.621625][T11471]  </TASK>
[  402.166010][T11482] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1397'.
[  402.695071][T11499] FAULT_INJECTION: forcing a failure.
[  402.695071][T11499] name failslab, interval 1, probability 0, space 0, times 0
[  402.762764][T11499] CPU: 0 UID: 0 PID: 11499 Comm: syz.2.1388 Not tainted syzkaller #0 PREEMPT(full) 
[  402.762792][T11499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  402.762802][T11499] Call Trace:
[  402.762807][T11499]  <TASK>
[  402.762814][T11499]  dump_stack_lvl+0x100/0x190
[  402.762836][T11499]  should_fail_ex.cold+0x5/0xa
[  402.762856][T11499]  should_failslab+0xc2/0x120
[  402.762873][T11499]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  402.762895][T11499]  ? acpi_ut_allocate_object_desc_dbg+0x86/0x240
[  402.762919][T11499]  ? acpi_ut_trace+0x1d7/0x2a0
[  402.762938][T11499]  acpi_ut_allocate_object_desc_dbg+0x86/0x240
[  402.762961][T11499]  acpi_ut_create_internal_object_dbg+0x51/0x260
[  402.762985][T11499]  acpi_ut_create_integer_object+0x46/0xe0
[  402.763009][T11499]  acpi_ps_execute_method+0x582/0xe90
[  402.763030][T11499]  acpi_ns_evaluate+0x640/0x1670
[  402.763053][T11499]  acpi_evaluate_object+0x420/0xe00
[  402.763074][T11499]  ? kasan_save_stack+0x30/0x50
[  402.763099][T11499]  ? kasan_save_track+0x14/0x30
[  402.763112][T11499]  ? __kasan_kmalloc+0xaa/0xb0
[  402.763125][T11499]  ? __kvmalloc_node_noprof+0x360/0xa00
[  402.763143][T11499]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  402.763165][T11499]  ? lock_acquire+0x1b1/0x370
[  402.763184][T11499]  acpi_evaluate_integer+0xdf/0x220
[  402.763204][T11499]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  402.763240][T11499]  ? __pfx_status_show+0x10/0x10
[  402.763262][T11499]  status_show+0xa0/0x120
[  402.763284][T11499]  ? __pfx_status_show+0x10/0x10
[  402.763312][T11499]  dev_attr_show+0x52/0xa0
[  402.763330][T11499]  ? __pfx_dev_attr_show+0x10/0x10
[  402.763345][T11499]  sysfs_kf_seq_show+0x217/0x3a0
[  402.763372][T11499]  seq_read_iter+0x32f/0x1270
[  402.763386][T11499]  ? lock_acquire+0x1b1/0x370
[  402.763414][T11499]  kernfs_fop_read_iter+0x46c/0x610
[  402.763435][T11499]  ? rw_verify_area+0xce/0x6d0
[  402.763450][T11499]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  402.763472][T11499]  vfs_read+0x825/0xb30
[  402.763491][T11499]  ? __pfx_vfs_read+0x10/0x10
[  402.763520][T11499]  ksys_read+0x12a/0x250
[  402.763535][T11499]  ? __pfx_ksys_read+0x10/0x10
[  402.763552][T11499]  ? rcu_is_watching+0x12/0xc0
[  402.763573][T11499]  do_syscall_64+0x10b/0xf80
[  402.763594][T11499]  ? clear_bhb_loop+0x40/0x90
[  402.763612][T11499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.763627][T11499] RIP: 0033:0x7f0fe339c819
[  402.763641][T11499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  402.763655][T11499] RSP: 002b:00007f0fe421f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  402.763670][T11499] RAX: ffffffffffffffda RBX: 00007f0fe3615fa0 RCX: 00007f0fe339c819
[  402.763680][T11499] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[  402.763689][T11499] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  402.763698][T11499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  402.763707][T11499] R13: 00007f0fe3616038 R14: 00007f0fe3615fa0 R15: 00007ffd275c8658
[  402.763728][T11499]  </TASK>
[  404.230769][T11499] ACPI Error: Could not allocate an object descriptor (20251212/utobject-180)
[  404.313237][T11499] ACPI Error: ffff888056eef000 walk still has a scope list (20251212/dswstate-694)
[  406.262157][T11552] bridge0: port 3(netdevsim2) entered blocking state
[  406.298338][T11552] bridge0: port 3(netdevsim2) entered disabled state
[  406.334004][T11552] netdevsim netdevsim3 netdevsim2: entered allmulticast mode
[  406.392124][T11552] netdevsim netdevsim3 netdevsim2: entered promiscuous mode
[  406.436226][T11552] bridge0: port 3(netdevsim2) entered blocking state
[  406.443029][T11552] bridge0: port 3(netdevsim2) entered forwarding state
[  407.809540][T11581] sd 0:0:1:0: PR command failed: 1026
[  407.839028][T11581] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  407.872169][T11581] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  409.171582][T11585] Process accounting resumed
[  409.868048][T11616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1429'.
[  415.367538][T11686] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1448'.
[  415.443320][T11686] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1448'.
[  415.929666][T11696] FAULT_INJECTION: forcing a failure.
[  415.929666][T11696] name failslab, interval 1, probability 0, space 0, times 0
[  416.007094][T11696] CPU: 0 UID: 0 PID: 11696 Comm: syz.1.1450 Not tainted syzkaller #0 PREEMPT(full) 
[  416.007118][T11696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  416.007129][T11696] Call Trace:
[  416.007135][T11696]  <TASK>
[  416.007141][T11696]  dump_stack_lvl+0x100/0x190
[  416.007164][T11696]  should_fail_ex.cold+0x5/0xa
[  416.007187][T11696]  should_failslab+0xc2/0x120
[  416.007204][T11696]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  416.007227][T11696]  ? alloc_inode+0x68/0x250
[  416.007257][T11696]  ? simple_start_creating+0xb0/0x110
[  416.007275][T11696]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  416.007298][T11696]  alloc_inode+0x68/0x250
[  416.007321][T11696]  new_inode+0x22/0x1c0
[  416.007344][T11696]  __debugfs_create_file+0x105/0x4f0
[  416.007368][T11696]  debugfs_create_file_full+0x41/0x60
[  416.007391][T11696]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  416.007407][T11696]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  416.007439][T11696]  ? lockdep_init_map_type+0x5c/0x250
[  416.007457][T11696]  preinit_net.part.0+0x43b/0x920
[  416.007476][T11696]  copy_net_ns+0x339/0x7c0
[  416.007502][T11696]  create_new_namespaces+0x3ea/0xac0
[  416.007527][T11696]  unshare_nsproxy_namespaces+0xf2/0x220
[  416.007547][T11696]  ksys_unshare+0x438/0xab0
[  416.007570][T11696]  ? __pfx_ksys_unshare+0x10/0x10
[  416.007590][T11696]  ? xfd_validate_state+0x129/0x190
[  416.007605][T11696]  ? ksys_write+0x1ac/0x250
[  416.007626][T11696]  __x64_sys_unshare+0x31/0x40
[  416.007646][T11696]  do_syscall_64+0x10b/0xf80
[  416.007668][T11696]  ? clear_bhb_loop+0x40/0x90
[  416.007686][T11696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.007702][T11696] RIP: 0033:0x7fef1f39c819
[  416.007715][T11696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  416.007730][T11696] RSP: 002b:00007fef1d5d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  416.007745][T11696] RAX: ffffffffffffffda RBX: 00007fef1f616090 RCX: 00007fef1f39c819
[  416.007755][T11696] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  416.007764][T11696] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  416.007773][T11696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  416.007782][T11696] R13: 00007fef1f616128 R14: 00007fef1f616090 R15: 00007fffff3d6ec8
[  416.007802][T11696]  </TASK>
[  416.007818][T11696] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff88802c78d078'
[  416.356962][T11699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1452'.
[  416.369856][T11699] netlink: 'syz.2.1452': attribute type 1 has an invalid length.
[  416.379419][T11699] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1452'.
[  416.792589][T11708] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1455'.
[  418.132817][T11734] vivid-007: =================  START STATUS  =================
[  418.165186][T11734] vivid-007: Generate PTS: true
[  418.173007][T11732] netlink: 270 bytes leftover after parsing attributes in process `syz.3.1462'.
[  418.195709][T11734] vivid-007: Generate SCR: true
[  418.208810][T11734] tpg source WxH: 320x240 (Y'CbCr)
[  418.233298][T11734] tpg field: 1
[  418.249752][T11734] tpg crop: (0,0)/320x240
[  418.272262][T11734] tpg compose: (0,0)/320x240
[  418.308480][T11734] tpg colorspace: 8
[  418.329108][T11734] tpg transfer function: 0/0
[  418.346877][T11734] tpg Y'CbCr encoding: 0/0
[  418.381393][T11734] tpg quantization: 0/0
[  418.419794][T11734] tpg RGB range: 0/2
[  418.453510][T11734] vivid-007: ==================  END STATUS  ==================
[  421.212152][T11780] netlink: 'syz.2.1473': attribute type 33 has an invalid length.
[  421.261408][T11780] netlink: 322 bytes leftover after parsing attributes in process `syz.2.1473'.
[  421.321930][T11780] syz_tun: refused to change device tx_queue_len
[  421.351699][T11780] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[  421.837327][T11794] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1476'.
[  421.903129][T11794] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  421.990214][T11794] batman_adv: batadv0: Removing interface: batadv_slave_0
[  422.071906][T11794] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  422.163993][T11794] batman_adv: batadv0: Removing interface: batadv_slave_1
[  422.952668][T11807] zram: Added device: zram2
[  424.289126][T11819] netlink: 'syz.1.1482': attribute type 2 has an invalid length.
[  425.445073][T11843] sp0: Synchronizing with TNC
[  429.482561][T11909] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1506'.
[  430.901245][T11935] FAULT_INJECTION: forcing a failure.
[  430.901245][T11935] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  430.976813][T11935] CPU: 0 UID: 0 PID: 11935 Comm: syz.2.1512 Not tainted syzkaller #0 PREEMPT(full) 
[  430.976836][T11935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  430.976846][T11935] Call Trace:
[  430.976852][T11935]  <TASK>
[  430.976858][T11935]  dump_stack_lvl+0x100/0x190
[  430.976879][T11935]  should_fail_ex.cold+0x5/0xa
[  430.976899][T11935]  _copy_from_user+0x2e/0xd0
[  430.976921][T11935]  copy_strings.isra.0+0x38b/0x790
[  430.976943][T11935]  do_execveat_common.isra.0+0x3de/0x580
[  430.976963][T11935]  __x64_sys_execve+0x93/0xd0
[  430.976979][T11935]  do_syscall_64+0x10b/0xf80
[  430.977002][T11935]  ? clear_bhb_loop+0x40/0x90
[  430.977020][T11935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.977036][T11935] RIP: 0033:0x7f0fe339c819
[  430.977049][T11935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  430.977064][T11935] RSP: 002b:00007f0fe421f028 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  430.977079][T11935] RAX: ffffffffffffffda RBX: 00007f0fe3615fa0 RCX: 00007f0fe339c819
[  430.977089][T11935] RDX: 0000200000000200 RSI: 00002000000000c0 RDI: 0000200000000040
[  430.977098][T11935] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  430.977107][T11935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  430.977116][T11935] R13: 00007f0fe3616038 R14: 00007f0fe3615fa0 R15: 00007ffd275c8658
[  430.977134][T11935]  </TASK>
[  432.576299][T11964] zswap: compressor  not available
[  432.853759][T11970] FAULT_INJECTION: forcing a failure.
[  432.853759][T11970] name failslab, interval 1, probability 0, space 0, times 0
[  432.946977][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1522 Not tainted syzkaller #0 PREEMPT(full) 
[  432.947010][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  432.947019][T11970] Call Trace:
[  432.947025][T11970]  <TASK>
[  432.947031][T11970]  dump_stack_lvl+0x100/0x190
[  432.947051][T11970]  should_fail_ex.cold+0x5/0xa
[  432.947072][T11970]  should_failslab+0xc2/0x120
[  432.947089][T11970]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  432.947111][T11970]  ? __kernfs_new_node+0xd2/0x9f0
[  432.947131][T11970]  __kernfs_new_node+0xd2/0x9f0
[  432.947149][T11970]  ? __pfx___kernfs_new_node+0x10/0x10
[  432.947169][T11970]  ? find_held_lock+0x2b/0x80
[  432.947187][T11970]  ? kernfs_root+0xee/0x2a0
[  432.947201][T11970]  ? kernfs_root+0xee/0x2a0
[  432.947220][T11970]  kernfs_new_node+0x11b/0x1a0
[  432.947241][T11970]  __kernfs_create_file+0x53/0x350
[  432.947264][T11970]  sysfs_add_file_mode_ns+0x207/0x3c0
[  432.947302][T11970]  internal_create_group+0x593/0xf40
[  432.947324][T11970]  ? __pfx_internal_create_group+0x10/0x10
[  432.947344][T11970]  ? kernfs_create_link+0x1bd/0x240
[  432.947368][T11970]  internal_create_groups+0x9d/0x150
[  432.947387][T11970]  device_add+0x77a/0x1950
[  432.947406][T11970]  ? __pfx_device_add+0x10/0x10
[  432.947435][T11970]  __add_disk+0x518/0xe40
[  432.947455][T11970]  ? find_held_lock+0x2b/0x80
[  432.947477][T11970]  add_disk_fwnode+0x3d4/0x5c0
[  432.947498][T11970]  zram_add+0x495/0x5d0
[  432.947518][T11970]  ? __pfx_zram_add+0x10/0x10
[  432.947549][T11970]  ? find_held_lock+0x2b/0x80
[  432.947567][T11970]  ? sysfs_file_kobj+0xe4/0x290
[  432.947590][T11970]  ? __pfx_hot_add_show+0x10/0x10
[  432.947609][T11970]  hot_add_show+0x21/0x80
[  432.947627][T11970]  class_attr_show+0x72/0xa0
[  432.947644][T11970]  ? __pfx_class_attr_show+0x10/0x10
[  432.947658][T11970]  sysfs_kf_seq_show+0x217/0x3a0
[  432.947684][T11970]  seq_read_iter+0x32f/0x1270
[  432.947699][T11970]  ? lock_acquire+0x1b1/0x370
[  432.947727][T11970]  kernfs_fop_read_iter+0x46c/0x610
[  432.947748][T11970]  ? rw_verify_area+0xce/0x6d0
[  432.947762][T11970]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  432.947784][T11970]  vfs_read+0x825/0xb30
[  432.947803][T11970]  ? __pfx_vfs_read+0x10/0x10
[  432.947836][T11970]  ksys_read+0x12a/0x250
[  432.947852][T11970]  ? __pfx_ksys_read+0x10/0x10
[  432.947870][T11970]  ? rcu_is_watching+0x12/0xc0
[  432.947891][T11970]  do_syscall_64+0x10b/0xf80
[  432.947913][T11970]  ? clear_bhb_loop+0x40/0x90
[  432.947931][T11970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.947947][T11970] RIP: 0033:0x7f0fe339c819
[  432.947961][T11970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  432.947975][T11970] RSP: 002b:00007f0fe41fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  432.947996][T11970] RAX: ffffffffffffffda RBX: 00007f0fe3616090 RCX: 00007f0fe339c819
[  432.948006][T11970] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006
[  432.948015][T11970] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  432.948024][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  432.948033][T11970] R13: 00007f0fe3616128 R14: 00007f0fe3616090 R15: 00007ffd275c8658
[  432.948053][T11970]  </TASK>
[  433.390518][T11978] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1523'.
[  433.399858][T11978] ipvlan1: entered promiscuous mode
[  433.405211][T11978] ipvlan1: entered allmulticast mode
[  434.489301][ T5853] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9
[  436.208026][T12021] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1533'.
[  436.535063][T12018] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1534'.
[  436.599142][T12018] ipvlan0: entered promiscuous mode
[  436.628128][T12018] ipvlan0: entered allmulticast mode
[  436.652451][T12018] veth0_vlan: entered allmulticast mode
[  437.344934][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  438.560004][T12057] FAULT_INJECTION: forcing a failure.
[  438.560004][T12057] name failslab, interval 1, probability 0, space 0, times 0
[  438.778151][T12057] CPU: 0 UID: 0 PID: 12057 Comm: syz.0.1543 Not tainted syzkaller #0 PREEMPT(full) 
[  438.778175][T12057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  438.778185][T12057] Call Trace:
[  438.778190][T12057]  <TASK>
[  438.778196][T12057]  dump_stack_lvl+0x100/0x190
[  438.778222][T12057]  should_fail_ex.cold+0x5/0xa
[  438.778246][T12057]  ? security_inode_init_security+0x113/0x370
[  438.778264][T12057]  should_failslab+0xc2/0x120
[  438.778281][T12057]  __kmalloc_noprof+0xe0/0x850
[  438.778312][T12057]  security_inode_init_security+0x113/0x370
[  438.778331][T12057]  ? __pfx_shmem_initxattrs+0x10/0x10
[  438.778350][T12057]  ? __pfx_security_inode_init_security+0x10/0x10
[  438.778370][T12057]  ? make_vfsgid+0xf1/0x140
[  438.778394][T12057]  shmem_mknod+0x2ce/0x480
[  438.778415][T12057]  ? __pfx_shmem_mknod+0x10/0x10
[  438.778440][T12057]  vfs_create+0x301/0x6c0
[  438.778464][T12057]  filename_mknodat+0x2de/0x7f0
[  438.778486][T12057]  ? __pfx_filename_mknodat+0x10/0x10
[  438.778504][T12057]  ? strncpy_from_user+0x19d/0x2d0
[  438.778531][T12057]  ? do_getname+0x191/0x390
[  438.778560][T12057]  __x64_sys_mknod+0x8f/0xc0
[  438.778579][T12057]  do_syscall_64+0x10b/0xf80
[  438.778601][T12057]  ? clear_bhb_loop+0x40/0x90
[  438.778620][T12057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.778635][T12057] RIP: 0033:0x7f910af9c819
[  438.778649][T12057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  438.778663][T12057] RSP: 002b:00007f91091d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  438.778678][T12057] RAX: ffffffffffffffda RBX: 00007f910b216090 RCX: 00007f910af9c819
[  438.778688][T12057] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  438.778696][T12057] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  438.778705][T12057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  438.778713][T12057] R13: 00007f910b216128 R14: 00007f910b216090 R15: 00007ffdbe4e8e08
[  438.778732][T12057]  </TASK>
[  440.146624][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  440.154242][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  440.568766][T12079] Process accounting paused
[  440.924250][T12087] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1551'.
[  441.591665][T12099] FAULT_INJECTION: forcing a failure.
[  441.591665][T12099] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  441.673200][T12099] CPU: 0 UID: 0 PID: 12099 Comm: syz.0.1554 Not tainted syzkaller #0 PREEMPT(full) 
[  441.673223][T12099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  441.673233][T12099] Call Trace:
[  441.673239][T12099]  <TASK>
[  441.673246][T12099]  dump_stack_lvl+0x100/0x190
[  441.673267][T12099]  should_fail_ex.cold+0x5/0xa
[  441.673287][T12099]  _copy_from_user+0x2e/0xd0
[  441.673311][T12099]  copy_msghdr_from_user+0x9f/0x4f0
[  441.673341][T12099]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  441.673370][T12099]  ? __pfx_futex_wake_mark+0x10/0x10
[  441.673393][T12099]  ___sys_sendmsg+0x106/0x1e0
[  441.673414][T12099]  ? __pfx____sys_sendmsg+0x10/0x10
[  441.673456][T12099]  __sys_sendmsg+0x170/0x220
[  441.673472][T12099]  ? __pfx___sys_sendmsg+0x10/0x10
[  441.673488][T12099]  ? __x64_sys_futex+0x34f/0x4d0
[  441.673511][T12099]  ? rcu_is_watching+0x12/0xc0
[  441.673530][T12099]  do_syscall_64+0x10b/0xf80
[  441.673552][T12099]  ? clear_bhb_loop+0x40/0x90
[  441.673570][T12099]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.673585][T12099] RIP: 0033:0x7f910af9c819
[  441.673599][T12099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.673614][T12099] RSP: 002b:00007f91091d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  441.673629][T12099] RAX: ffffffffffffffda RBX: 00007f910b216090 RCX: 00007f910af9c819
[  441.673639][T12099] RDX: 0000000000008084 RSI: 0000200000000580 RDI: 0000000000000006
[  441.673647][T12099] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  441.673656][T12099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.673665][T12099] R13: 00007f910b216128 R14: 00007f910b216090 R15: 00007ffdbe4e8e08
[  441.673684][T12099]  </TASK>
[  442.745012][T12115] QAT: Invalid ioctl 35077
[  442.759473][T12114] zram: Added device: zram3
[  443.620696][T12125] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1567'.
[  443.934278][T12127] FAULT_INJECTION: forcing a failure.
[  443.934278][T12127] name failslab, interval 1, probability 0, space 0, times 0
[  444.076289][T12127] CPU: 0 UID: 0 PID: 12127 Comm: syz.1.1559 Not tainted syzkaller #0 PREEMPT(full) 
[  444.076313][T12127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  444.076322][T12127] Call Trace:
[  444.076328][T12127]  <TASK>
[  444.076335][T12127]  dump_stack_lvl+0x100/0x190
[  444.076356][T12127]  should_fail_ex.cold+0x5/0xa
[  444.076376][T12127]  ? security_inode_init_security+0x113/0x370
[  444.076395][T12127]  should_failslab+0xc2/0x120
[  444.076411][T12127]  __kmalloc_noprof+0xe0/0x850
[  444.076438][T12127]  security_inode_init_security+0x113/0x370
[  444.076461][T12127]  ? __pfx_shmem_initxattrs+0x10/0x10
[  444.076479][T12127]  ? __pfx_security_inode_init_security+0x10/0x10
[  444.076500][T12127]  ? make_vfsgid+0xf1/0x140
[  444.076524][T12127]  shmem_mknod+0x2ce/0x480
[  444.076546][T12127]  ? __pfx_shmem_mknod+0x10/0x10
[  444.076570][T12127]  vfs_create+0x301/0x6c0
[  444.076595][T12127]  filename_mknodat+0x2de/0x7f0
[  444.076616][T12127]  ? __pfx_filename_mknodat+0x10/0x10
[  444.076634][T12127]  ? strncpy_from_user+0x19d/0x2d0
[  444.076658][T12127]  ? do_getname+0x191/0x390
[  444.076680][T12127]  __x64_sys_mknod+0x8f/0xc0
[  444.076699][T12127]  do_syscall_64+0x10b/0xf80
[  444.076721][T12127]  ? clear_bhb_loop+0x40/0x90
[  444.076739][T12127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.076755][T12127] RIP: 0033:0x7fef1f39c819
[  444.076769][T12127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  444.076783][T12127] RSP: 002b:00007fef1d5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  444.076798][T12127] RAX: ffffffffffffffda RBX: 00007fef1f615fa0 RCX: 00007fef1f39c819
[  444.076808][T12127] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  444.076816][T12127] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  444.076825][T12127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  444.076834][T12127] R13: 00007fef1f616038 R14: 00007fef1f615fa0 R15: 00007fffff3d6ec8
[  444.076854][T12127]  </TASK>
[  445.423558][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  445.992148][T12167] usb usb3: usbfs: process 12167 (syz.2.1566) did not claim interface 0 before use
[  447.796220][T12191] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input6
[  448.760442][T12211] FAULT_INJECTION: forcing a failure.
[  448.760442][T12211] name failslab, interval 1, probability 0, space 0, times 0
[  448.835010][T12211] CPU: 0 UID: 0 PID: 12211 Comm: syz.2.1584 Not tainted syzkaller #0 PREEMPT(full) 
[  448.835033][T12211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  448.835043][T12211] Call Trace:
[  448.835048][T12211]  <TASK>
[  448.835054][T12211]  dump_stack_lvl+0x100/0x190
[  448.835075][T12211]  should_fail_ex.cold+0x5/0xa
[  448.835095][T12211]  ? security_inode_init_security+0x113/0x370
[  448.835113][T12211]  should_failslab+0xc2/0x120
[  448.835131][T12211]  __kmalloc_noprof+0xe0/0x850
[  448.835166][T12211]  security_inode_init_security+0x113/0x370
[  448.835186][T12211]  ? __pfx_shmem_initxattrs+0x10/0x10
[  448.835206][T12211]  ? __pfx_security_inode_init_security+0x10/0x10
[  448.835227][T12211]  ? make_vfsgid+0xf1/0x140
[  448.835252][T12211]  shmem_mknod+0x2ce/0x480
[  448.835273][T12211]  ? __pfx_shmem_mknod+0x10/0x10
[  448.835297][T12211]  vfs_create+0x301/0x6c0
[  448.835323][T12211]  filename_mknodat+0x2de/0x7f0
[  448.835344][T12211]  ? __pfx_filename_mknodat+0x10/0x10
[  448.835362][T12211]  ? strncpy_from_user+0x19d/0x2d0
[  448.835386][T12211]  ? do_getname+0x191/0x390
[  448.835408][T12211]  __x64_sys_mknod+0x8f/0xc0
[  448.835427][T12211]  do_syscall_64+0x10b/0xf80
[  448.835449][T12211]  ? clear_bhb_loop+0x40/0x90
[  448.835467][T12211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.835482][T12211] RIP: 0033:0x7f0fe339c819
[  448.835496][T12211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.835510][T12211] RSP: 002b:00007f0fe41fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  448.835525][T12211] RAX: ffffffffffffffda RBX: 00007f0fe3616090 RCX: 00007f0fe339c819
[  448.835535][T12211] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  448.835543][T12211] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  448.835552][T12211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  448.835560][T12211] R13: 00007f0fe3616128 R14: 00007f0fe3616090 R15: 00007ffd275c8658
[  448.835580][T12211]  </TASK>
[  449.091062][T12216] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input7
[  449.914087][T12210] QAT: Invalid ioctl 35077
[  451.904953][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  452.815998][T12280] FAULT_INJECTION: forcing a failure.
[  452.815998][T12280] name failslab, interval 1, probability 0, space 0, times 0
[  452.911440][T12280] CPU: 0 UID: 0 PID: 12280 Comm: syz.0.1590 Not tainted syzkaller #0 PREEMPT(full) 
[  452.911463][T12280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  452.911472][T12280] Call Trace:
[  452.911479][T12280]  <TASK>
[  452.911486][T12280]  dump_stack_lvl+0x100/0x190
[  452.911544][T12280]  should_fail_ex.cold+0x5/0xa
[  452.911565][T12280]  should_failslab+0xc2/0x120
[  452.911584][T12280]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  452.911606][T12280]  ? __kernfs_new_node+0xd2/0x9f0
[  452.911626][T12280]  __kernfs_new_node+0xd2/0x9f0
[  452.911644][T12280]  ? __pfx___kernfs_new_node+0x10/0x10
[  452.911664][T12280]  ? find_held_lock+0x2b/0x80
[  452.911683][T12280]  ? kernfs_root+0xee/0x2a0
[  452.911696][T12280]  ? kernfs_root+0xee/0x2a0
[  452.911716][T12280]  kernfs_new_node+0x11b/0x1a0
[  452.911736][T12280]  __kernfs_create_file+0x53/0x350
[  452.911764][T12280]  sysfs_add_file_mode_ns+0x207/0x3c0
[  452.911793][T12280]  internal_create_group+0x593/0xf40
[  452.911815][T12280]  ? __pfx_internal_create_group+0x10/0x10
[  452.911834][T12280]  ? kernfs_create_link+0x1bd/0x240
[  452.911858][T12280]  internal_create_groups+0x9d/0x150
[  452.911876][T12280]  device_add+0x77a/0x1950
[  452.911895][T12280]  ? __pfx_device_add+0x10/0x10
[  452.911918][T12280]  __add_disk+0x518/0xe40
[  452.911937][T12280]  ? find_held_lock+0x2b/0x80
[  452.911957][T12280]  add_disk_fwnode+0x3d4/0x5c0
[  452.911978][T12280]  zram_add+0x495/0x5d0
[  452.911998][T12280]  ? __pfx_zram_add+0x10/0x10
[  452.912029][T12280]  ? find_held_lock+0x2b/0x80
[  452.912047][T12280]  ? sysfs_file_kobj+0xe4/0x290
[  452.912070][T12280]  ? __pfx_hot_add_show+0x10/0x10
[  452.912089][T12280]  hot_add_show+0x21/0x80
[  452.912108][T12280]  class_attr_show+0x72/0xa0
[  452.912124][T12280]  ? __pfx_class_attr_show+0x10/0x10
[  452.912139][T12280]  sysfs_kf_seq_show+0x217/0x3a0
[  452.912165][T12280]  seq_read_iter+0x32f/0x1270
[  452.912180][T12280]  ? lock_acquire+0x1b1/0x370
[  452.912202][T12280]  kernfs_fop_read_iter+0x46c/0x610
[  452.912222][T12280]  ? rw_verify_area+0xce/0x6d0
[  452.912236][T12280]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  452.912257][T12280]  vfs_read+0x825/0xb30
[  452.912275][T12280]  ? __pfx_vfs_read+0x10/0x10
[  452.912304][T12280]  ksys_read+0x12a/0x250
[  452.912319][T12280]  ? __pfx_ksys_read+0x10/0x10
[  452.912337][T12280]  ? rcu_is_watching+0x12/0xc0
[  452.912357][T12280]  do_syscall_64+0x10b/0xf80
[  452.912378][T12280]  ? clear_bhb_loop+0x40/0x90
[  452.912396][T12280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.912411][T12280] RIP: 0033:0x7f910af9c819
[  452.912426][T12280] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  452.912443][T12280] RSP: 002b:00007f91091d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  452.912458][T12280] RAX: ffffffffffffffda RBX: 00007f910b216090 RCX: 00007f910af9c819
[  452.912469][T12280] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006
[  452.912478][T12280] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  452.912488][T12280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  452.912497][T12280] R13: 00007f910b216128 R14: 00007f910b216090 R15: 00007ffdbe4e8e08
[  452.912524][T12280]  </TASK>
[  453.718583][T12296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1595'.
[  454.604994][T12303] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1598'.
[  454.697316][T12303] ipvlan0: entered promiscuous mode
[  454.730030][T12303] ipvlan0: entered allmulticast mode
[  454.750782][T12303] veth0_vlan: entered allmulticast mode
[  456.355210][T12330] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  456.441530][T12337] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1605'.
[  456.487067][T12330] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  456.509116][T12337] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1605'.
[  456.523764][T12330] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  456.538172][T12330] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  456.911980][T12348] FAULT_INJECTION: forcing a failure.
[  456.911980][T12348] name failslab, interval 1, probability 0, space 0, times 0
[  457.006859][T12348] CPU: 0 UID: 0 PID: 12348 Comm: syz.1.1606 Not tainted syzkaller #0 PREEMPT(full) 
[  457.006884][T12348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  457.006894][T12348] Call Trace:
[  457.006900][T12348]  <TASK>
[  457.006906][T12348]  dump_stack_lvl+0x100/0x190
[  457.006928][T12348]  should_fail_ex.cold+0x5/0xa
[  457.006948][T12348]  should_failslab+0xc2/0x120
[  457.006966][T12348]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  457.006989][T12348]  ? __kernfs_new_node+0xd2/0x9f0
[  457.007008][T12348]  __kernfs_new_node+0xd2/0x9f0
[  457.007026][T12348]  ? __pfx___kernfs_new_node+0x10/0x10
[  457.007047][T12348]  ? find_held_lock+0x2b/0x80
[  457.007065][T12348]  ? kernfs_root+0xee/0x2a0
[  457.007079][T12348]  ? kernfs_root+0xee/0x2a0
[  457.007100][T12348]  kernfs_new_node+0x11b/0x1a0
[  457.007121][T12348]  __kernfs_create_file+0x53/0x350
[  457.007144][T12348]  sysfs_add_file_mode_ns+0x207/0x3c0
[  457.007172][T12348]  internal_create_group+0x593/0xf40
[  457.007194][T12348]  ? __pfx_internal_create_group+0x10/0x10
[  457.007213][T12348]  ? kernfs_create_link+0x1bd/0x240
[  457.007237][T12348]  internal_create_groups+0x9d/0x150
[  457.007255][T12348]  device_add+0x77a/0x1950
[  457.007281][T12348]  ? __pfx_device_add+0x10/0x10
[  457.007306][T12348]  __add_disk+0x518/0xe40
[  457.007326][T12348]  ? find_held_lock+0x2b/0x80
[  457.007346][T12348]  add_disk_fwnode+0x3d4/0x5c0
[  457.007367][T12348]  zram_add+0x495/0x5d0
[  457.007386][T12348]  ? __pfx_zram_add+0x10/0x10
[  457.007417][T12348]  ? find_held_lock+0x2b/0x80
[  457.007435][T12348]  ? sysfs_file_kobj+0xe4/0x290
[  457.007459][T12348]  ? __pfx_hot_add_show+0x10/0x10
[  457.007478][T12348]  hot_add_show+0x21/0x80
[  457.007496][T12348]  class_attr_show+0x72/0xa0
[  457.007513][T12348]  ? __pfx_class_attr_show+0x10/0x10
[  457.007528][T12348]  sysfs_kf_seq_show+0x217/0x3a0
[  457.007554][T12348]  seq_read_iter+0x32f/0x1270
[  457.007569][T12348]  ? lock_acquire+0x1b1/0x370
[  457.007591][T12348]  kernfs_fop_read_iter+0x46c/0x610
[  457.007611][T12348]  ? rw_verify_area+0xce/0x6d0
[  457.007625][T12348]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  457.007646][T12348]  vfs_read+0x825/0xb30
[  457.007664][T12348]  ? __pfx_vfs_read+0x10/0x10
[  457.007693][T12348]  ksys_read+0x12a/0x250
[  457.007709][T12348]  ? __pfx_ksys_read+0x10/0x10
[  457.007726][T12348]  ? rcu_is_watching+0x12/0xc0
[  457.007747][T12348]  do_syscall_64+0x10b/0xf80
[  457.007768][T12348]  ? clear_bhb_loop+0x40/0x90
[  457.007786][T12348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  457.007801][T12348] RIP: 0033:0x7fef1f39c819
[  457.007815][T12348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  457.007829][T12348] RSP: 002b:00007fef1d5d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  457.007844][T12348] RAX: ffffffffffffffda RBX: 00007fef1f616090 RCX: 00007fef1f39c819
[  457.007854][T12348] RDX: 0000000000001000 RSI: 0000200000000ec0 RDI: 0000000000000006
[  457.007863][T12348] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  457.007872][T12348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  457.007881][T12348] R13: 00007fef1f616128 R14: 00007fef1f616090 R15: 00007fffff3d6ec8
[  457.007902][T12348]  </TASK>
[  457.910291][T12357] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1610'.
[  458.026680][ T5853] Bluetooth: hci0: command 0x0c1a tx timeout
[  458.551085][ T5853] Bluetooth: hci1: command 0x0c1a tx timeout
[  458.557353][ T5849] Bluetooth: hci3: command 0x0c1a tx timeout
[  458.563954][ T5849] Bluetooth: hci2: command 0x0c1a tx timeout
[  461.100856][T12395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1616'.
[  461.152842][T12395] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1616'.
[  462.025854][T12411] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1623'.
[  463.843184][T12437] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  463.887411][T12437] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  463.930371][T12437] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  463.972404][T12437] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  465.583951][T12368] Bluetooth: hci0: command 0x0c1a tx timeout
[  465.903588][T12368] Bluetooth: hci2: command 0x0c1a tx timeout
[  465.983504][T12368] Bluetooth: hci1: command 0x0c1a tx timeout
[  465.989557][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout
[  466.469490][T12480] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[  467.142624][T12488] random: crng reseeded on system resumption
[  470.660882][T12543] FAULT_INJECTION: forcing a failure.
[  470.660882][T12543] name fail_futex, interval 1, probability 0, space 0, times 0
[  470.755440][T12543] CPU: 0 UID: 0 PID: 12543 Comm: syz.2.1653 Not tainted syzkaller #0 PREEMPT(full) 
[  470.755464][T12543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  470.755473][T12543] Call Trace:
[  470.755478][T12543]  <TASK>
[  470.755484][T12543]  dump_stack_lvl+0x100/0x190
[  470.755505][T12543]  should_fail_ex.cold+0x5/0xa
[  470.755526][T12543]  get_futex_key+0x1d2/0x1510
[  470.755544][T12543]  ? __pfx_get_futex_key+0x10/0x10
[  470.755565][T12543]  futex_wake+0xea/0x530
[  470.755585][T12543]  ? __pfx_futex_wake+0x10/0x10
[  470.755602][T12543]  ? rcu_is_watching+0x12/0xc0
[  470.755621][T12543]  ? __call_rcu_common.constprop.0+0x3f0/0x9b0
[  470.755643][T12543]  do_futex+0x32b/0x350
[  470.755659][T12543]  ? __pfx_do_futex+0x10/0x10
[  470.755675][T12543]  ? __pfx___might_resched+0x10/0x10
[  470.755691][T12543]  ? blkcg_maybe_throttle_current+0x5e7/0xeb0
[  470.755709][T12543]  __x64_sys_futex+0x34f/0x4d0
[  470.755728][T12543]  ? __pfx___x64_sys_futex+0x10/0x10
[  470.755746][T12543]  ? rcu_is_watching+0x12/0xc0
[  470.755766][T12543]  do_syscall_64+0x10b/0xf80
[  470.755787][T12543]  ? clear_bhb_loop+0x40/0x90
[  470.755805][T12543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.755820][T12543] RIP: 0033:0x7f0fe339c819
[  470.755833][T12543] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  470.755847][T12543] RSP: 002b:00007f0fe41fe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  470.755862][T12543] RAX: ffffffffffffffda RBX: 00007f0fe3616098 RCX: 00007f0fe339c819
[  470.755872][T12543] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0fe361609c
[  470.755881][T12543] RBP: 00007f0fe3616090 R08: 0000000000000001 R09: 0000000000000000
[  470.755890][T12543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  470.755899][T12543] R13: 00007f0fe3616128 R14: 00007ffd275c8570 R15: 00007ffd275c8658
[  470.755918][T12543]  </TASK>
[  471.660126][T12551] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1664'.
[  472.288704][T12542] Process accounting resumed
[  474.203656][T12584] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  474.319242][T12584] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  474.422689][T12584] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  474.508278][T12584] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  475.466260][T12600] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1667'.
[  475.550522][T12600] ipvlan0: entered promiscuous mode
[  475.574735][T12600] ipvlan0: entered allmulticast mode
[  476.223579][T12368] Bluetooth: hci0: command 0x0c1a tx timeout
[  476.384614][T12368] Bluetooth: hci2: command 0x0c1a tx timeout
[  476.467602][T12368] Bluetooth: hci3: command 0x0c1a tx timeout
[  476.545005][T12368] Bluetooth: hci1: command 0x0c1a tx timeout
[  478.572068][T12646] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.3.1679: iget: checksum invalid
[  478.741212][T12646] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  478.821216][T12646] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  478.921071][T12646] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  483.599034][T12727] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  483.873239][T12731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1698'.
[  483.921306][T12731] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1698'.
[  489.522924][T12827] random: crng reseeded on system resumption
[  493.586077][T12880] random: crng reseeded on system resumption
[  493.708303][T12884] hub 1-0:1.0: USB hub found
[  493.720922][T12882] FAULT_INJECTION: forcing a failure.
[  493.720922][T12882] name failslab, interval 1, probability 0, space 0, times 0
[  493.747855][T12884] hub 1-0:1.0: 1 port detected
[  493.788879][T12882] CPU: 0 UID: 8 PID: 12882 Comm: syz.1.1735 Not tainted syzkaller #0 PREEMPT(full) 
[  493.788903][T12882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  493.788913][T12882] Call Trace:
[  493.788919][T12882]  <TASK>
[  493.788925][T12882]  dump_stack_lvl+0x100/0x190
[  493.788948][T12882]  should_fail_ex.cold+0x5/0xa
[  493.788968][T12882]  should_failslab+0xc2/0x120
[  493.788985][T12882]  __kmalloc_cache_noprof+0x7a/0x6f0
[  493.789005][T12882]  ? assoc_array_delete+0x101/0xd10
[  493.789023][T12882]  ? __lock_acquire+0x4a5/0x2630
[  493.789040][T12882]  assoc_array_delete+0x101/0xd10
[  493.789062][T12882]  ? __pfx_assoc_array_delete+0x10/0x10
[  493.789089][T12882]  ? __pfx_down_write+0x10/0x10
[  493.789109][T12882]  key_unlink+0xbc/0x310
[  493.789126][T12882]  ? __pfx_key_unlink+0x10/0x10
[  493.789143][T12882]  ? xfd_validate_state+0x129/0x190
[  493.789158][T12882]  ? ksys_write+0x1ac/0x250
[  493.789177][T12882]  keyctl_keyring_unlink+0xdc/0x1b0
[  493.789197][T12882]  __do_sys_keyctl+0x3dd/0x5a0
[  493.789219][T12882]  do_syscall_64+0x10b/0xf80
[  493.789240][T12882]  ? clear_bhb_loop+0x40/0x90
[  493.789258][T12882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.789273][T12882] RIP: 0033:0x7fef1f39c819
[  493.789287][T12882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.789301][T12882] RSP: 002b:00007fef1d5d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  493.789316][T12882] RAX: ffffffffffffffda RBX: 00007fef1f616090 RCX: 00007fef1f39c819
[  493.789326][T12882] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009
[  493.789335][T12882] RBP: 00007fef1f432c91 R08: 0000000000000008 R09: 0000000000000000
[  493.789344][T12882] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000
[  493.789353][T12882] R13: 00007fef1f616128 R14: 00007fef1f616090 R15: 00007fffff3d6ec8
[  493.789372][T12882]  </TASK>
[  496.801565][T12933] random: crng reseeded on system resumption
[  496.942942][T12933] hub 1-0:1.0: USB hub found
[  497.003048][T12933] hub 1-0:1.0: 1 port detected
[  498.009075][T12964] blktrace: Concurrent blktraces are not allowed on loop2
[  499.334056][T12988] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[  500.248249][T13001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1762'.
[  501.588459][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  501.597085][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  502.429599][T13023] Process accounting paused
[  503.039600][T13057] netlink: 270 bytes leftover after parsing attributes in process `syz.0.1775'.
[  504.015437][T13067] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1778'.
[  507.566278][T13125] netlink: 270 bytes leftover after parsing attributes in process `syz.1.1789'.
[  507.845136][T13133] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[  509.837730][T13169] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.3.1802: iget: checksum invalid
[  509.971259][T13169] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  510.094485][T13169] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  510.212666][T13169] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  510.900943][T13184] random: crng reseeded on system resumption
[  512.212400][T13213] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.2.1816: iget: checksum invalid
[  512.356783][T13213] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  512.447712][T13218] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1817'.
[  512.496241][T13213] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  512.640821][T13213] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  513.370741][T13231] FAULT_INJECTION: forcing a failure.
[  513.370741][T13231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  513.429888][T13231] CPU: 0 UID: 0 PID: 13231 Comm: syz.2.1820 Not tainted syzkaller #0 PREEMPT(full) 
[  513.429913][T13231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  513.429922][T13231] Call Trace:
[  513.429927][T13231]  <TASK>
[  513.429934][T13231]  dump_stack_lvl+0x100/0x190
[  513.429956][T13231]  should_fail_ex.cold+0x5/0xa
[  513.429976][T13231]  _copy_from_iter+0x1f4/0x1690
[  513.430000][T13231]  ? __asan_memset+0x23/0x50
[  513.430022][T13231]  ? __alloc_skb+0x4e9/0x710
[  513.430044][T13231]  ? __pfx__copy_from_iter+0x10/0x10
[  513.430065][T13231]  ? __pfx___alloc_skb+0x10/0x10
[  513.430079][T13231]  ? alloc_pages_noprof+0xf9/0x160
[  513.430099][T13231]  ? skb_page_frag_refill+0x309/0x4b0
[  513.430124][T13231]  ? sk_page_frag_refill+0x6c/0x340
[  513.430147][T13231]  tcp_sendmsg_locked+0xcab/0x4500
[  513.430181][T13231]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  513.430203][T13231]  ? do_raw_spin_lock+0x128/0x260
[  513.430221][T13231]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  513.430241][T13231]  ? __local_bh_enable_ip+0x9e/0x120
[  513.430262][T13231]  tcp_sendmsg+0x2e/0x50
[  513.430281][T13231]  ? __pfx_tcp_sendmsg+0x10/0x10
[  513.430302][T13231]  inet_sendmsg+0xb9/0x140
[  513.430325][T13231]  sock_write_iter+0x4ea/0x5a0
[  513.430344][T13231]  ? __pfx_inet_sendmsg+0x10/0x10
[  513.430364][T13231]  ? __pfx_sock_write_iter+0x10/0x10
[  513.430382][T13231]  ? futex_hash+0x141/0x370
[  513.430403][T13231]  ? bpf_lsm_file_permission+0x9/0x10
[  513.430417][T13231]  ? security_file_permission+0x76/0x210
[  513.430433][T13231]  ? rw_verify_area+0xce/0x6d0
[  513.430449][T13231]  vfs_write+0x6ac/0x1070
[  513.430465][T13231]  ? __pfx_sock_write_iter+0x10/0x10
[  513.430486][T13231]  ? __pfx_vfs_write+0x10/0x10
[  513.430500][T13231]  ? find_held_lock+0x2b/0x80
[  513.430531][T13231]  ksys_write+0x1f8/0x250
[  513.430546][T13231]  ? __pfx_ksys_write+0x10/0x10
[  513.430564][T13231]  ? rcu_is_watching+0x12/0xc0
[  513.430583][T13231]  do_syscall_64+0x10b/0xf80
[  513.430605][T13231]  ? clear_bhb_loop+0x40/0x90
[  513.430625][T13231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.430640][T13231] RIP: 0033:0x7f0fe339c819
[  513.430655][T13231] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  513.430670][T13231] RSP: 002b:00007f0fe421f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  513.430685][T13231] RAX: ffffffffffffffda RBX: 00007f0fe3615fa0 RCX: 00007f0fe339c819
[  513.430695][T13231] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003
[  513.430705][T13231] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  513.430714][T13231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  513.430723][T13231] R13: 00007f0fe3616038 R14: 00007f0fe3615fa0 R15: 00007ffd275c8658
[  513.430743][T13231]  </TASK>
[  514.913036][T13258] random: crng reseeded on system resumption
[  516.007813][T13273] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1827'.
[  516.058714][T13273] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  516.076362][T13273] batman_adv: batadv0: Removing interface: batadv_slave_0
[  516.110901][T13273] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  516.157035][T13273] batman_adv: batadv0: Removing interface: batadv_slave_1
[  516.555284][T13280] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1842'.
[  516.620760][T13280] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  516.657236][T13280] batman_adv: batadv0: Removing interface: batadv_slave_0
[  516.693780][T13280] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  516.718580][T13280] batman_adv: batadv0: Removing interface: batadv_slave_1
[  519.452143][T13327] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.1.1845: iget: checksum invalid
[  519.539578][T13327] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  519.651995][T13327] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  519.732679][T13327] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  522.192739][T13370] netlink: 'syz.1.1855': attribute type 1 has an invalid length.
[  522.225735][T13370] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1855'.
[  522.581382][T13378] [U]  " 
[  522.584741][T13378] [U] 
[  522.587420][T13378] [U] 
[  522.590094][T13378] [U] 
[  522.610644][T13372] FAULT_INJECTION: forcing a failure.
[  522.610644][T13372] name failslab, interval 1, probability 0, space 0, times 0
[  522.663007][T13378] [U] 
[  522.665743][T13378] [U] 
[  522.668439][T13378] [U] 
[  522.671122][T13378] [U] 
[  522.702035][T13372] CPU: 0 UID: 0 PID: 13372 Comm: syz.1.1856 Not tainted syzkaller #0 PREEMPT(full) 
[  522.702059][T13372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  522.702069][T13372] Call Trace:
[  522.702075][T13372]  <TASK>
[  522.702082][T13372]  dump_stack_lvl+0x100/0x190
[  522.702104][T13372]  should_fail_ex.cold+0x5/0xa
[  522.702126][T13372]  should_failslab+0xc2/0x120
[  522.702144][T13372]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  522.702168][T13372]  ? zswap_store+0xc6d/0x2e70
[  522.702191][T13372]  zswap_store+0xc6d/0x2e70
[  522.702218][T13372]  ? __pfx_zswap_store+0x10/0x10
[  522.702237][T13372]  ? find_held_lock+0x2b/0x80
[  522.702255][T13372]  ? folio_free_swap+0x60a/0x9f0
[  522.702271][T13372]  ? folio_free_swap+0x60a/0x9f0
[  522.702290][T13372]  ? folio_free_swap+0x3f/0x9f0
[  522.702310][T13372]  swap_writeout+0x47e/0x14f0
[  522.702332][T13372]  ? _raw_spin_unlock_irq+0x23/0x50
[  522.702354][T13372]  shmem_writeout+0xf13/0x1a90
[  522.702381][T13372]  ? __pfx_shmem_writeout+0x10/0x10
[  522.702408][T13372]  ? inode_to_bdi+0x9e/0x160
[  522.702424][T13372]  ? folio_clear_dirty_for_io+0x178/0x810
[  522.702451][T13372]  shrink_folio_list+0x3bbd/0x60c0
[  522.702483][T13372]  ? __pfx_shrink_folio_list+0x10/0x10
[  522.702504][T13372]  ? __pfx___might_resched+0x10/0x10
[  522.702532][T13372]  ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0
[  522.702579][T13372]  reclaim_folio_list+0xdc/0x5e0
[  522.702602][T13372]  ? __pfx_reclaim_folio_list+0x10/0x10
[  522.702635][T13372]  ? rcu_is_watching+0x12/0xc0
[  522.702655][T13372]  reclaim_pages+0x428/0x5e0
[  522.702678][T13372]  ? __pfx_reclaim_pages+0x10/0x10
[  522.702697][T13372]  ? find_held_lock+0x2b/0x80
[  522.702716][T13372]  ? madvise_cold_or_pageout_pte_range+0xb49/0x2620
[  522.702743][T13372]  madvise_cold_or_pageout_pte_range+0x155c/0x2620
[  522.702771][T13372]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  522.702792][T13372]  ? stack_trace_save+0x8e/0xc0
[  522.702814][T13372]  ? register_lock_class+0x40/0x560
[  522.702830][T13372]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  522.702850][T13372]  walk_pgd_range+0xc1a/0x1dd0
[  522.702869][T13372]  ? css_rstat_updated+0x1ce/0x5a0
[  522.702898][T13372]  ? __pfx_walk_pgd_range+0x10/0x10
[  522.702912][T13372]  ? rcu_is_watching+0x12/0xc0
[  522.702929][T13372]  ? folios_put_refs+0x716/0xa90
[  522.702954][T13372]  __walk_page_range+0x163/0x820
[  522.702970][T13372]  ? find_held_lock+0x2b/0x80
[  522.702994][T13372]  walk_page_range_vma_unsafe+0x209/0x8f0
[  522.703013][T13372]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  522.703031][T13372]  ? find_held_lock+0x2b/0x80
[  522.703049][T13372]  ? mlock_drain_local+0x254/0x4e0
[  522.703071][T13372]  ? mlock_drain_local+0x254/0x4e0
[  522.703099][T13372]  walk_page_range_vma+0x63/0x90
[  522.703116][T13372]  madvise_pageout+0x259/0x540
[  522.703134][T13372]  ? __pfx_madvise_pageout+0x10/0x10
[  522.703152][T13372]  ? rcu_is_watching+0x12/0xc0
[  522.703178][T13372]  ? mtree_range_walk+0x72b/0xb70
[  522.703200][T13372]  madvise_vma_behavior+0x4f7/0x2200
[  522.703222][T13372]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  522.703246][T13372]  ? find_vma_prev+0xd8/0x150
[  522.703262][T13372]  ? futex_unqueue+0x133/0x2c0
[  522.703276][T13372]  ? __pfx_find_vma_prev+0x10/0x10
[  522.703299][T13372]  ? __futex_wait+0x256/0x300
[  522.703321][T13372]  madvise_walk_vmas+0x2fe/0xa90
[  522.703343][T13372]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  522.703367][T13372]  madvise_do_behavior+0x1ea/0x510
[  522.703388][T13372]  ? __pfx_madvise_do_behavior+0x10/0x10
[  522.703407][T13372]  ? down_read+0x13b/0x450
[  522.703431][T13372]  do_madvise+0x195/0x240
[  522.703454][T13372]  ? __pfx_do_madvise+0x10/0x10
[  522.703473][T13372]  ? do_futex+0x192/0x350
[  522.703492][T13372]  ? __sys_sendmsg+0x18f/0x220
[  522.703520][T13372]  __x64_sys_madvise+0xa9/0x110
[  522.703539][T13372]  ? lockdep_hardirqs_on+0x78/0x100
[  522.703561][T13372]  do_syscall_64+0x10b/0xf80
[  522.703582][T13372]  ? clear_bhb_loop+0x40/0x90
[  522.703600][T13372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.703616][T13372] RIP: 0033:0x7fef1f39c819
[  522.703630][T13372] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  522.703644][T13372] RSP: 002b:00007fef1d5f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  522.703659][T13372] RAX: ffffffffffffffda RBX: 00007fef1f615fa0 RCX: 00007fef1f39c819
[  522.703669][T13372] RDX: 0000000000000015 RSI: 0000000000000081 RDI: 0000000000000000
[  522.703678][T13372] RBP: 00007fef1f432c91 R08: 0000000000000000 R09: 0000000000000000
[  522.703687][T13372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.703697][T13372] R13: 00007fef1f616038 R14: 00007fef1f615fa0 R15: 00007fffff3d6ec8
[  522.703721][T13372]  </TASK>
[  523.209023][T13378] [U] 
[  523.211764][T13378] [U] 
[  523.215169][T13378] [U] 
[  523.217897][T13378] [U] 
[  523.220910][T13378] [U] 
[  523.223982][T13378] [U] 
[  523.226772][T13378] [U] 
[  523.229630][T13378] [U] 
[  523.232761][T13378] [U] 
[  523.235515][T13378] [U] 
[  523.238255][T13378] [U] 
[  523.241037][T13378] [U] 
[  523.244341][T13378] [U] 
[  523.247047][T13378] [U] 
[  523.249823][T13378] [U] 
[  523.252509][T13378] [U] 
[  523.256289][T13378] [U] 
[  523.259087][T13378] [U] 
[  523.261787][T13378] [U] 
[  523.264472][T13378] [U] 
[  523.267397][T13378] [U] 
[  523.270107][T13378] [U] 
[  523.272811][T13378] [U] 
[  523.275490][T13378] [U] 
[  523.278767][T13378] [U] 
[  523.281469][T13378] [U] 
[  523.284276][T13378] [U] 
[  523.286960][T13378] [U] 
[  523.289968][T13378] [U] 
[  523.292670][T13378] [U] 
[  523.295388][T13378] [U] 
[  523.298113][T13378] [U] 
[  523.301070][T13378] [U] 
[  523.303764][T13378] [U] 
[  523.306454][T13378] [U] 
[  523.309137][T13378] [U] 
[  523.315636][T13378] [U] 
[  524.449752][T13405] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1862'.
[  525.372405][T13429] can0: slcan on pty62.
[  525.694740][T13428] can0 (unregistered): slcan off pty62.
[  526.285983][T13448] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1874'.
[  526.373064][T13452] FAULT_INJECTION: forcing a failure.
[  526.373064][T13452] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  526.515261][T13448] FAULT_INJECTION: forcing a failure.
[  526.515261][T13448] name failslab, interval 1, probability 0, space 0, times 0
[  526.657313][T13452] CPU: 0 UID: 0 PID: 13452 Comm: syz.0.1874 Not tainted syzkaller #0 PREEMPT(full) 
[  526.657337][T13452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  526.657347][T13452] Call Trace:
[  526.657352][T13452]  <TASK>
[  526.657360][T13452]  dump_stack_lvl+0x100/0x190
[  526.657381][T13452]  should_fail_ex.cold+0x5/0xa
[  526.657402][T13452]  core_sys_select+0x9b9/0xbb0
[  526.657424][T13452]  ? __pfx_core_sys_select+0x10/0x10
[  526.657462][T13452]  ? ktime_get_ts64+0x306/0x420
[  526.657485][T13452]  ? ktime_get_ts64+0x318/0x420
[  526.657505][T13452]  ? ktime_get_ts64+0x257/0x420
[  526.657529][T13452]  kern_select+0x20c/0x270
[  526.657546][T13452]  ? __pfx_kern_select+0x10/0x10
[  526.657562][T13452]  ? xfd_validate_state+0x129/0x190
[  526.657582][T13452]  __x64_sys_select+0xbd/0x160
[  526.657597][T13452]  ? do_syscall_64+0x90/0xf80
[  526.657619][T13452]  ? lockdep_hardirqs_on+0x78/0x100
[  526.657640][T13452]  do_syscall_64+0x10b/0xf80
[  526.657662][T13452]  ? clear_bhb_loop+0x40/0x90
[  526.657680][T13452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.657695][T13452] RIP: 0033:0x7f910af9c819
[  526.657709][T13452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  526.657723][T13452] RSP: 002b:00007f91091d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  526.657738][T13452] RAX: ffffffffffffffda RBX: 00007f910b216090 RCX: 00007f910af9c819
[  526.657748][T13452] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001
[  526.657757][T13452] RBP: 00007f910b032c91 R08: 00002000000001c0 R09: 0000000000000000
[  526.657766][T13452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  526.657774][T13452] R13: 00007f910b216128 R14: 00007f910b216090 R15: 00007ffdbe4e8e08
[  526.657793][T13452]  </TASK>
[  527.031106][T13448] CPU: 0 UID: 0 PID: 13448 Comm: syz.0.1874 Not tainted syzkaller #0 PREEMPT(full) 
[  527.031132][T13448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  527.031142][T13448] Call Trace:
[  527.031147][T13448]  <TASK>
[  527.031153][T13448]  dump_stack_lvl+0x100/0x190
[  527.031176][T13448]  should_fail_ex.cold+0x5/0xa
[  527.031196][T13448]  should_failslab+0xc2/0x120
[  527.031213][T13448]  __kmalloc_cache_noprof+0x7a/0x6f0
[  527.031234][T13448]  ? call_usermodehelper_setup+0xaf/0x360
[  527.031253][T13448]  ? __pfx_free_modprobe_argv+0x10/0x10
[  527.031270][T13448]  call_usermodehelper_setup+0xaf/0x360
[  527.031289][T13448]  __request_module+0x3d3/0x6c0
[  527.031306][T13448]  ? __pfx___request_module+0x10/0x10
[  527.031327][T13448]  ? __get_fs_type+0x12c/0x170
[  527.031353][T13448]  ? __get_fs_type+0x12c/0x170
[  527.031380][T13448]  get_fs_type+0xd7/0x190
[  527.031400][T13448]  __x64_sys_fsopen+0xca/0x220
[  527.031425][T13448]  do_syscall_64+0x10b/0xf80
[  527.031446][T13448]  ? clear_bhb_loop+0x40/0x90
[  527.031465][T13448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.031481][T13448] RIP: 0033:0x7f910af9c819
[  527.031495][T13448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  527.031509][T13448] RSP: 002b:00007f91091f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  527.031524][T13448] RAX: ffffffffffffffda RBX: 00007f910b215fa0 RCX: 00007f910af9c819
[  527.031534][T13448] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  527.031543][T13448] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  527.031551][T13448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  527.031560][T13448] R13: 00007f910b216038 R14: 00007f910b215fa0 R15: 00007ffdbe4e8e08
[  527.031580][T13448]  </TASK>
[  530.220143][T13484] blk-mq: reduced tag depth (128 -> 64)
[  530.899079][T13491] i2c i2c-0: delete_device: Can't find device in list
[  531.451225][T13496] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1887'.
[  531.569045][T13501] netlink: 'syz.2.1887': attribute type 1 has an invalid length.
[  531.707009][T13501] netlink: 'syz.2.1887': attribute type 6 has an invalid length.
[  532.941203][T13511] Process accounting resumed
[  533.226539][T13486] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  533.518475][T13523] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.1.1892: iget: checksum invalid
[  533.796047][T13523] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  533.988987][T13523] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  534.306200][T13523] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  535.229709][T13533] netlink: 'syz.0.1903': attribute type 1 has an invalid length.
[  535.334571][T13533] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1903'.
[  536.139192][T13537] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.0.1896: iget: checksum invalid
[  536.329435][T13537] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  536.481606][T13537] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  536.686277][T13537] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  537.515140][T13556] i2c i2c-0: delete_device: Can't find device in list
[  542.720039][T13617] vivid-007: =================  START STATUS  =================
[  542.773783][T13617] vivid-007: Generate PTS: true
[  542.801203][T13617] vivid-007: Generate SCR: true
[  542.840144][T13617] tpg source WxH: 320x240 (Y'CbCr)
[  542.877330][T13617] tpg field: 1
[  542.916755][T13617] tpg crop: (0,0)/320x240
[  542.955788][T13617] tpg compose: (0,0)/320x240
[  543.042853][T13617] tpg colorspace: 8
[  543.122109][T13617] tpg transfer function: 0/0
[  543.215532][T13617] tpg Y'CbCr encoding: 0/0
[  543.277549][T13617] tpg quantization: 0/0
[  543.331693][T13617] tpg RGB range: 0/2
[  543.391928][T13617] vivid-007: ==================  END STATUS  ==================
[  543.998103][T13631] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1916'.
[  544.060539][T13631] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1916'.
[  546.785988][T12368] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  549.039073][T13687] random: crng reseeded on system resumption
[  549.332402][T13691] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.1.1928: iget: checksum invalid
[  549.401007][T13691] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  549.490310][T13691] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  549.576481][T13691] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  553.726359][T13749] i2c i2c-0: delete_device: Can't find device in list
[  558.424180][T13807] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.2.1956: iget: checksum invalid
[  558.501817][T13807] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  558.562948][T13807] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  558.620260][T13807] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  563.044066][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  563.052624][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  563.828218][T13876] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.3.1967: iget: checksum invalid
[  564.069830][T13876] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  564.262388][T13876] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  564.491650][T13876] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  565.514003][T13862] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  565.674666][T13862] Process accounting paused
[  568.091358][T13946] FAULT_INJECTION: forcing a failure.
[  568.091358][T13946] name failslab, interval 1, probability 0, space 0, times 0
[  568.326212][T13946] CPU: 0 UID: 0 PID: 13946 Comm: syz.2.1974 Not tainted syzkaller #0 PREEMPT(full) 
[  568.326237][T13946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  568.326248][T13946] Call Trace:
[  568.326253][T13946]  <TASK>
[  568.326260][T13946]  dump_stack_lvl+0x100/0x190
[  568.326283][T13946]  should_fail_ex.cold+0x5/0xa
[  568.326304][T13946]  should_failslab+0xc2/0x120
[  568.326322][T13946]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  568.326345][T13946]  ? __d_alloc+0x34/0xa40
[  568.326368][T13946]  __d_alloc+0x34/0xa40
[  568.326389][T13946]  d_alloc+0x4a/0x1e0
[  568.326408][T13946]  lookup_one_qstr_excl+0x171/0x250
[  568.326431][T13946]  start_dirop+0x59/0xb0
[  568.326448][T13946]  simple_start_creating+0xf9/0x110
[  568.326465][T13946]  ? __pfx_simple_start_creating+0x10/0x10
[  568.326483][T13946]  ? mntput+0x70/0xa0
[  568.326497][T13946]  ? simple_pin_fs+0xa3/0x190
[  568.326513][T13946]  debugfs_start_creating.part.0+0x82/0x170
[  568.326536][T13946]  __debugfs_create_file+0xb3/0x4f0
[  568.326560][T13946]  debugfs_create_file_full+0x41/0x60
[  568.326582][T13946]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  568.326599][T13946]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  568.326614][T13946]  ? ida_alloc_range+0x70d/0x830
[  568.326652][T13946]  ? lockdep_init_map_type+0x5c/0x250
[  568.326670][T13946]  preinit_net.part.0+0x252/0x920
[  568.326688][T13946]  copy_net_ns+0x339/0x7c0
[  568.326708][T13946]  create_new_namespaces+0x3ea/0xac0
[  568.326731][T13946]  unshare_nsproxy_namespaces+0xf2/0x220
[  568.326752][T13946]  ksys_unshare+0x438/0xab0
[  568.326775][T13946]  ? __pfx_ksys_unshare+0x10/0x10
[  568.326794][T13946]  ? xfd_validate_state+0x129/0x190
[  568.326809][T13946]  ? ksys_write+0x1ac/0x250
[  568.326834][T13946]  __x64_sys_unshare+0x31/0x40
[  568.326855][T13946]  do_syscall_64+0x10b/0xf80
[  568.326876][T13946]  ? clear_bhb_loop+0x40/0x90
[  568.326894][T13946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.326909][T13946] RIP: 0033:0x7f0fe339c819
[  568.326923][T13946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  568.326938][T13946] RSP: 002b:00007f0fe41fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  568.326961][T13946] RAX: ffffffffffffffda RBX: 00007f0fe3616090 RCX: 00007f0fe339c819
[  568.326971][T13946] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  568.326981][T13946] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  568.326990][T13946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  568.326999][T13946] R13: 00007f0fe3616128 R14: 00007f0fe3616090 R15: 00007ffd275c8658
[  568.327019][T13946]  </TASK>
[  571.376860][T13970] kexec: Could not allocate control_code_buffer
[  572.030412][T13982] EXT4-fs error (device sda1): ext4_lookup:1785: inode #449: comm syz.1.1980: iget: checksum invalid
[  572.114556][T13982] faux_driver regulatory: loading /lib/firmware/regulatory.db.p7s failed with error -74
[  572.194020][T13982] faux_driver regulatory: Direct firmware load for regulatory.db.p7s failed with error -74
[  572.262546][T13982] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db.p7s
[  573.404623][T13993] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1985'.
[  573.796189][T13999] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1988'.
[  573.863072][T13999] mac80211_hwsim hwsim4 ›: renamed from wlan0 (while UP)
[  575.273454][T14023] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1992'.
[  575.390688][T14023] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1992'.
[  575.691571][T14027] FAULT_INJECTION: forcing a failure.
[  575.691571][T14027] name failslab, interval 1, probability 0, space 0, times 0
[  575.691599][T14027] CPU: 0 UID: 0 PID: 14027 Comm: syz.2.1993 Not tainted syzkaller #0 PREEMPT(full) 
[  575.691618][T14027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  575.691627][T14027] Call Trace:
[  575.691633][T14027]  <TASK>
[  575.691638][T14027]  dump_stack_lvl+0x100/0x190
[  575.691659][T14027]  should_fail_ex.cold+0x5/0xa
[  575.691680][T14027]  should_failslab+0xc2/0x120
[  575.691697][T14027]  __kmalloc_cache_noprof+0x7a/0x6f0
[  575.691718][T14027]  ? device_add+0xd3a/0x1950
[  575.691739][T14027]  device_add+0xd3a/0x1950
[  575.691757][T14027]  ? __pfx_device_add+0x10/0x10
[  575.691772][T14027]  ? kfree_const+0x5a/0x70
[  575.691787][T14027]  ? kfree+0x1dd/0x6c0
[  575.691813][T14027]  device_create_groups_vargs+0x1f8/0x270
[  575.691833][T14027]  device_create+0xed/0x130
[  575.691850][T14027]  ? __pfx_device_create+0x10/0x10
[  575.691865][T14027]  ? do_raw_spin_lock+0x128/0x260
[  575.691883][T14027]  ? is_console_locked+0x9/0x20
[  575.691904][T14027]  ? con_is_visible+0x65/0x150
[  575.691919][T14027]  ? csi_J+0x57e/0xad0
[  575.691940][T14027]  vcs_make_sysfs+0x32/0x80
[  575.691955][T14027]  vc_allocate+0x539/0x880
[  575.691974][T14027]  ? __pfx_vc_allocate+0x10/0x10
[  575.691998][T14027]  con_install+0xa1/0x620
[  575.692017][T14027]  ? __pfx_con_install+0x10/0x10
[  575.692039][T14027]  ? __pfx_con_install+0x10/0x10
[  575.692058][T14027]  tty_init_dev.part.0+0x9e/0x470
[  575.692081][T14027]  tty_open+0xa63/0xfa0
[  575.692104][T14027]  ? __pfx_tty_open+0x10/0x10
[  575.692122][T14027]  ? chrdev_open+0x589/0x6a0
[  575.692139][T14027]  ? chrdev_open+0x589/0x6a0
[  575.692159][T14027]  ? __pfx_tty_open+0x10/0x10
[  575.692178][T14027]  chrdev_open+0x234/0x6a0
[  575.692196][T14027]  ? __pfx_chrdev_open+0x10/0x10
[  575.692214][T14027]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  575.692237][T14027]  do_dentry_open+0x6d8/0x1660
[  575.692254][T14027]  ? __pfx_chrdev_open+0x10/0x10
[  575.692276][T14027]  vfs_open+0x82/0x3f0
[  575.692298][T14027]  path_openat+0x208c/0x31a0
[  575.692323][T14027]  ? __pfx_path_openat+0x10/0x10
[  575.692348][T14027]  do_file_open+0x20e/0x430
[  575.692367][T14027]  ? __pfx_do_file_open+0x10/0x10
[  575.692399][T14027]  ? alloc_fd+0x476/0x790
[  575.692417][T14027]  ? do_getname+0x191/0x390
[  575.692439][T14027]  do_sys_openat2+0x10d/0x1e0
[  575.692470][T14027]  ? __pfx_do_sys_openat2+0x10/0x10
[  575.692493][T14027]  ? __pfx_idempotent_init_module+0x10/0x10
[  575.692522][T14027]  __x64_sys_openat+0x12d/0x210
[  575.692544][T14027]  ? __pfx___x64_sys_openat+0x10/0x10
[  575.692569][T14027]  ? rcu_is_watching+0x12/0xc0
[  575.692589][T14027]  do_syscall_64+0x10b/0xf80
[  575.692610][T14027]  ? clear_bhb_loop+0x40/0x90
[  575.692629][T14027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.692645][T14027] RIP: 0033:0x7f0fe339c819
[  575.692659][T14027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  575.692674][T14027] RSP: 002b:00007f0fe41fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  575.692689][T14027] RAX: ffffffffffffffda RBX: 00007f0fe3616090 RCX: 00007f0fe339c819
[  575.692700][T14027] RDX: 0000000000044000 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[  575.692710][T14027] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  575.692719][T14027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  575.692728][T14027] R13: 00007f0fe3616128 R14: 00007f0fe3616090 R15: 00007ffd275c8658
[  575.692748][T14027]  </TASK>
[  594.242714][T14170] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2026'.
[  594.309464][T14170] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2026'.
[  595.399954][T14195] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2032'.
[  596.266518][T14197] Process accounting resumed
[  603.228832][T14303] random: crng reseeded on system resumption
[  609.741402][T14394] Process accounting resumed
[  609.882025][T14406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2073'.
[  609.983459][T14407] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2073'.
[  613.695443][T14413] kexec: Could not allocate control_code_buffer
[  614.351267][T12368] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  616.490570][T14450] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2082'.
[  616.603609][T14451] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2082'.
[  617.058544][T14456] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2085'.
[  617.124580][T14456] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2085'.
[  617.302381][T14459] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2088'.
[  617.380656][T14461] netlink: 'syz.2.2088': attribute type 1 has an invalid length.
[  617.479193][T14461] netlink: 51465 bytes leftover after parsing attributes in process `syz.2.2088'.
[  617.830289][T12368] Bluetooth: hci3: ISO packet for unknown connection handle 0
[  618.152273][T14469] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2091'.
[  618.331203][T14473] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2091'.
[  619.943097][T12368] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  620.752544][T14493] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2098'.
[  620.862877][T14495] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2098'.
[  624.511751][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  624.518381][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  626.520013][T14524] Process accounting paused
[  628.291562][T14546] kexec: Could not allocate control_code_buffer
[  628.376781][T14569] __nla_validate_parse: 1 callbacks suppressed
[  628.376798][T14569] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2116'.
[  628.829334][T14574] ubi0: attaching mtd0
[  628.875510][T14574] ubi0: scanning is finished
[  629.776477][T14574] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  629.834499][T14574] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  629.890697][T14574] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  629.937871][T14574] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  629.985900][T14574] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  630.033199][T14574] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  630.085918][T14574] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 4161801394
[  630.149719][T14574] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  630.238516][T14588] ubi0: background thread "ubi_bgt0d" started, PID 14588
[  631.104718][T14595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2123'.
[  631.221646][T14602] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2123'.
[  631.865781][T14609] random: crng reseeded on system resumption
[  632.026610][T14609] hub 1-0:1.0: USB hub found
[  632.117565][T14609] hub 1-0:1.0: 1 port detected
[  634.955332][T14637] netlink: 'syz.2.2134': attribute type 1 has an invalid length.
[  635.033480][T14637] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2134'.
[  635.297495][T14642] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2135'.
[  635.402147][T14644] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2135'.
[  636.543310][T14665] Process accounting resumed
[  640.439814][T14687] Process accounting paused
[  641.109597][T14710] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2147'.
[  643.274851][T14724] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2152'.
[  643.362054][T14724] netlink: 354 bytes leftover after parsing attributes in process `syz.3.2152'.
[  644.274931][T12368] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  649.573880][T14762] kexec: Could not allocate control_code_buffer
[  656.950036][T14841] Process accounting resumed
[  657.889934][T14861] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  659.108412][T14881] random: crng reseeded on system resumption
[  659.355140][T14884] hub 1-0:1.0: USB hub found
[  659.499670][T14884] hub 1-0:1.0: 1 port detected
[  661.729227][T14901] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  664.248042][T14912] ubi: mtd0 is already attached to ubi0
[  668.570046][T14932] Process accounting paused
[  670.649158][T14936] Process accounting resumed
[  670.843591][T14950] program syz.2.2202 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  670.943687][T14950] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  670.952839][T14954] random: crng reseeded on system resumption
[  671.152623][T14957] hub 1-0:1.0: USB hub found
[  671.413606][T14957] hub 1-0:1.0: 1 port detected
[  671.492447][T14964] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2205'.
[  671.584933][T14964] netlink: 'syz.2.2205': attribute type 1 has an invalid length.
[  671.643124][T14964] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2205'.
[  672.450370][T14976] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2207'.
[  672.996553][T14981] FAULT_INJECTION: forcing a failure.
[  672.996553][T14981] name failslab, interval 1, probability 0, space 0, times 0
[  673.102386][T14981] CPU: 0 UID: 0 PID: 14981 Comm: syz.2.2208 Not tainted syzkaller #0 PREEMPT(full) 
[  673.102409][T14981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  673.102419][T14981] Call Trace:
[  673.102426][T14981]  <TASK>
[  673.102431][T14981]  dump_stack_lvl+0x100/0x190
[  673.102453][T14981]  should_fail_ex.cold+0x5/0xa
[  673.102473][T14981]  ? tomoyo_encode2+0xfb/0x3c0
[  673.102489][T14981]  should_failslab+0xc2/0x120
[  673.102506][T14981]  __kmalloc_noprof+0xe0/0x850
[  673.102528][T14981]  ? d_absolute_path+0x136/0x1b0
[  673.102554][T14981]  tomoyo_encode2+0xfb/0x3c0
[  673.102573][T14981]  tomoyo_encode+0x29/0x50
[  673.102587][T14981]  tomoyo_realpath_from_path+0x18c/0x690
[  673.102608][T14981]  tomoyo_path_number_perm+0x23c/0x580
[  673.102629][T14981]  ? tomoyo_path_number_perm+0x22e/0x580
[  673.102653][T14981]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  673.102674][T14981]  ? futex_wait+0x11e/0x370
[  673.102710][T14981]  ? find_held_lock+0x2b/0x80
[  673.102728][T14981]  ? __fget_files+0x215/0x3d0
[  673.102743][T14981]  ? hook_file_ioctl_common+0x149/0x410
[  673.102764][T14981]  ? __fget_files+0x215/0x3d0
[  673.102783][T14981]  ? __fget_files+0x21f/0x3d0
[  673.102802][T14981]  security_file_ioctl+0xd3/0x230
[  673.102825][T14981]  __x64_sys_ioctl+0xb7/0x210
[  673.102841][T14981]  do_syscall_64+0x10b/0xf80
[  673.102863][T14981]  ? clear_bhb_loop+0x40/0x90
[  673.102881][T14981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  673.102896][T14981] RIP: 0033:0x7f0fe339c819
[  673.102910][T14981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  673.102925][T14981] RSP: 002b:00007f0fe421f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  673.102940][T14981] RAX: ffffffffffffffda RBX: 00007f0fe3615fa0 RCX: 00007f0fe339c819
[  673.102950][T14981] RDX: 0000000000000000 RSI: 000000004001af84 RDI: 0000000000000002
[  673.102959][T14981] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  673.102968][T14981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  673.102976][T14981] R13: 00007f0fe3616038 R14: 00007f0fe3615fa0 R15: 00007ffd275c8658
[  673.102995][T14981]  </TASK>
[  673.551012][T14981] ERROR: Out of memory at tomoyo_realpath_from_path.
[  673.838854][T14994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2211'.
[  673.967334][T14995] netlink: 354 bytes leftover after parsing attributes in process `syz.1.2211'.
[  674.012927][T14993] kvm: vcpu 4: requested lapic timer restore with starting count register 0x390=4294967104 (137438947328 ns) > initial count (6624 ns). Using initial count to start timer.
[  676.522299][T15036] random: crng reseeded on system resumption
[  676.680493][T15037] hub 1-0:1.0: USB hub found
[  676.748676][T15037] hub 1-0:1.0: 1 port detected
[  677.183560][T15041] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2220'.
[  682.464576][T15092] random: crng reseeded on system resumption
[  682.564214][T15092] hub 1-0:1.0: USB hub found
[  682.615988][T15092] hub 1-0:1.0: 1 port detected
[  685.666009][T15118] binder: 15116:15118 ioctl c0306201 200000001100 returned -14
[  685.996049][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  686.008074][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  686.542906][T15126] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2239'.
[  688.517023][T15111] Process accounting paused
[  690.779733][T12368] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  691.372300][T15175] netlink: 186 bytes leftover after parsing attributes in process `syz.2.2249'.
[  692.977959][T15190] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2261'.
[  693.266710][T15195] openvswitch: HfR: Dropping previously announced user features
[  695.032321][T15213] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  696.453667][T15233] vcan0: tx drop: invalid da for name 0x000000000000003f
[  697.516015][T15247] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2273'.
[  697.609321][T15247] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2273'.
[  697.845331][T15255] vivid-007: =================  START STATUS  =================
[  697.936845][T15255] vivid-007: Generate PTS: true
[  697.959257][T15255] vivid-007: Generate SCR: true
[  698.001076][T15255] tpg source WxH: 320x240 (Y'CbCr)
[  698.042950][T15255] tpg field: 1
[  698.118667][T15255] tpg crop: (0,0)/320x240
[  698.180481][T15255] tpg compose: (0,0)/320x240
[  698.214616][T15255] tpg colorspace: 8
[  698.244229][T15255] tpg transfer function: 0/0
[  698.274308][T15255] tpg Y'CbCr encoding: 0/0
[  698.306803][T15255] tpg quantization: 0/0
[  698.337695][T15255] tpg RGB range: 0/2
[  698.366296][T15255] vivid-007: ==================  END STATUS  ==================
[  698.666524][T15261] Process accounting resumed
[  698.860956][T15265] random: crng reseeded on system resumption
[  700.999653][T15264] Process accounting paused
[  701.476680][T15284] FAULT_INJECTION: forcing a failure.
[  701.476680][T15284] name failslab, interval 1, probability 0, space 0, times 0
[  701.565945][T15284] CPU: 0 UID: 0 PID: 15284 Comm: syz.0.2271 Not tainted syzkaller #0 PREEMPT(full) 
[  701.565968][T15284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  701.565979][T15284] Call Trace:
[  701.565984][T15284]  <TASK>
[  701.565991][T15284]  dump_stack_lvl+0x100/0x190
[  701.566013][T15284]  should_fail_ex.cold+0x5/0xa
[  701.566033][T15284]  should_failslab+0xc2/0x120
[  701.566050][T15284]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  701.566072][T15284]  ? security_file_alloc+0x34/0x2c0
[  701.566087][T15284]  ? trace_kmem_cache_alloc+0xd5/0x100
[  701.566107][T15284]  security_file_alloc+0x34/0x2c0
[  701.566122][T15284]  init_file+0x95/0x480
[  701.566143][T15284]  alloc_empty_file+0x79/0x1c0
[  701.566164][T15284]  path_openat+0xe8/0x31a0
[  701.566189][T15284]  ? kasan_save_stack+0x3f/0x50
[  701.566203][T15284]  ? kasan_save_stack+0x30/0x50
[  701.566216][T15284]  ? kasan_save_track+0x14/0x30
[  701.566229][T15284]  ? __kasan_slab_alloc+0x89/0x90
[  701.566243][T15284]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  701.566265][T15284]  ? do_getname+0x35/0x390
[  701.566284][T15284]  ? do_sys_openat2+0xc5/0x1e0
[  701.566304][T15284]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.566322][T15284]  ? __pfx_path_openat+0x10/0x10
[  701.566346][T15284]  do_file_open+0x20e/0x430
[  701.566364][T15284]  ? __pfx_do_file_open+0x10/0x10
[  701.566395][T15284]  ? alloc_fd+0x476/0x790
[  701.566413][T15284]  ? do_getname+0x191/0x390
[  701.566435][T15284]  do_sys_openat2+0x10d/0x1e0
[  701.566459][T15284]  ? __pfx_do_sys_openat2+0x10/0x10
[  701.566486][T15284]  __x64_sys_openat+0x12d/0x210
[  701.566508][T15284]  ? __pfx___x64_sys_openat+0x10/0x10
[  701.566533][T15284]  ? rcu_is_watching+0x12/0xc0
[  701.566552][T15284]  do_syscall_64+0x10b/0xf80
[  701.566574][T15284]  ? clear_bhb_loop+0x40/0x90
[  701.566592][T15284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.566607][T15284] RIP: 0033:0x7f910af9c819
[  701.566621][T15284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  701.566635][T15284] RSP: 002b:00007f91091f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  701.566650][T15284] RAX: ffffffffffffffda RBX: 00007f910b215fa0 RCX: 00007f910af9c819
[  701.566660][T15284] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  701.566669][T15284] RBP: 00007f910b032c91 R08: 0000000000000000 R09: 0000000000000000
[  701.566678][T15284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  701.566687][T15284] R13: 00007f910b216038 R14: 00007f910b215fa0 R15: 00007ffdbe4e8e08
[  701.566706][T15284]  </TASK>
[  703.369456][T15300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2276'.
[  704.209733][T15312] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2277'.
[  704.485992][T15312] bridge0: port 3(dummy0) entered disabled state
[  704.593972][T15312] dummy0 (unregistering): left allmulticast mode
[  704.642417][T15312] dummy0 (unregistering): left promiscuous mode
[  704.687670][T15312] bridge0: port 3(dummy0) entered disabled state
[  704.962165][T15314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2279'.
[  705.024021][T15314] netlink: 'syz.1.2279': attribute type 1 has an invalid length.
[  705.078935][T15314] netlink: 51465 bytes leftover after parsing attributes in process `syz.1.2279'.
[  705.928944][T15328] random: crng reseeded on system resumption
[  709.825850][T15347] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2286'.
[  714.832964][T15398] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2296'.
[  715.187782][T15398] i: entered promiscuous mode
[  715.392717][T15400] HfR: entered promiscuous mode
[  717.453431][T15431] FAULT_INJECTION: forcing a failure.
[  717.453431][T15431] name fail_futex, interval 1, probability 0, space 0, times 0
[  717.585020][T15431] CPU: 0 UID: 0 PID: 15431 Comm: syz.0.2301 Not tainted syzkaller #0 PREEMPT(full) 
[  717.585043][T15431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  717.585053][T15431] Call Trace:
[  717.585059][T15431]  <TASK>
[  717.585066][T15431]  dump_stack_lvl+0x100/0x190
[  717.585087][T15431]  should_fail_ex.cold+0x5/0xa
[  717.585104][T15431]  ? kasan_save_free_info+0x3b/0x70
[  717.585126][T15431]  get_futex_key+0x1d2/0x1510
[  717.585144][T15431]  ? __pfx_get_futex_key+0x10/0x10
[  717.585165][T15431]  futex_wake+0xea/0x530
[  717.585186][T15431]  ? __pfx_futex_wake+0x10/0x10
[  717.585208][T15431]  ? rcu_is_watching+0x12/0xc0
[  717.585228][T15431]  do_futex+0x32b/0x350
[  717.585244][T15431]  ? __pfx_do_futex+0x10/0x10
[  717.585264][T15431]  __x64_sys_futex+0x34f/0x4d0
[  717.585282][T15431]  ? __pfx___x64_sys_futex+0x10/0x10
[  717.585301][T15431]  ? rcu_is_watching+0x12/0xc0
[  717.585319][T15431]  do_syscall_64+0x10b/0xf80
[  717.585342][T15431]  ? clear_bhb_loop+0x40/0x90
[  717.585360][T15431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.585375][T15431] RIP: 0033:0x7f910af9c819
[  717.585388][T15431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  717.585403][T15431] RSP: 002b:00007f91091d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  717.585418][T15431] RAX: ffffffffffffffda RBX: 00007f910b216098 RCX: 00007f910af9c819
[  717.585428][T15431] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f910b21609c
[  717.585437][T15431] RBP: 00007f910b216090 R08: 0000000000000001 R09: 0000000000000000
[  717.585445][T15431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  717.585454][T15431] R13: 00007f910b216128 R14: 00007ffdbe4e8d20 R15: 00007ffdbe4e8e08
[  717.585472][T15431]  </TASK>
[  718.468247][T15438] futex_wake_op: syz.3.2302 tries to shift op by -2048; fix this program
[  719.109539][T15413] Process accounting resumed
[  722.651405][T15502] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2308'.
[  722.787959][T15505] HfR: entered promiscuous mode
[  723.014862][T15502] i: entered promiscuous mode
[  726.840450][T15545] ubi: mtd0 is already attached to ubi0
[  728.672493][T12368] Bluetooth: hci3: unexpected event for opcode 0x7c89
[  729.469836][T15580] 
[  729.472186][T15580] ======================================================
[  729.479198][T15580] WARNING: possible circular locking dependency detected
[  729.486208][T15580] syzkaller #0 Not tainted
[  729.490599][T15580] ------------------------------------------------------
[  729.497591][T15580] syz.2.2321/15580 is trying to acquire lock:
[  729.503629][T15580] ffff888053232368 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0
[  729.515102][T15580] 
[  729.515102][T15580] but task is already holding lock:
[  729.522482][T15580] ffff8880532327e0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  729.531461][T15580] 
[  729.531461][T15580] which lock already depends on the new lock.
[  729.531461][T15580] 
[  729.541842][T15580] 
[  729.541842][T15580] the existing dependency chain (in reverse order) is:
[  729.550838][T15580] 
[  729.550838][T15580] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  729.558571][T15580]        lock_sock_nested+0x41/0xf0
[  729.563767][T15580]        smc_listen_out+0x1f5/0x4b0
[  729.568982][T15580]        smc_listen_work+0x4c2/0x50e0
[  729.574350][T15580]        process_one_work+0xa0e/0x1980
[  729.579802][T15580]        worker_thread+0x5ef/0xe50
[  729.584948][T15580]        kthread+0x370/0x450
[  729.589551][T15580]        ret_from_fork+0x72b/0xd50
[  729.594655][T15580]        ret_from_fork_asm+0x1a/0x30
[  729.599951][T15580] 
[  729.599951][T15580] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  729.610119][T15580]        __lock_acquire+0x14b8/0x2630
[  729.615483][T15580]        lock_acquire+0x1b1/0x370
[  729.620494][T15580]        __flush_work+0x4de/0xcb0
[  729.625504][T15580]        cancel_work_sync+0xd1/0xf0
[  729.630691][T15580]        smc_clcsock_release+0x5f/0xe0
[  729.636137][T15580]        __smc_release+0x5c2/0x880
[  729.641238][T15580]        smc_close_non_accepted+0xda/0x200
[  729.647057][T15580]        smc_close_active+0x4ff/0x1070
[  729.652559][T15580]        __smc_release+0x634/0x880
[  729.657661][T15580]        smc_release+0x1fc/0x620
[  729.662585][T15580]        __sock_release+0xb3/0x260
[  729.667685][T15580]        sock_close+0x1c/0x30
[  729.672346][T15580]        __fput+0x3ff/0xb50
[  729.676837][T15580]        task_work_run+0x150/0x240
[  729.681930][T15580]        get_signal+0x1bd/0x21e0
[  729.686860][T15580]        arch_do_signal_or_restart+0x91/0x770
[  729.692931][T15580]        exit_to_user_mode_loop+0x86/0x4a0
[  729.698717][T15580]        do_syscall_64+0x6f2/0xf80
[  729.703816][T15580]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.710213][T15580] 
[  729.710213][T15580] other info that might help us debug this:
[  729.710213][T15580] 
[  729.720505][T15580]  Possible unsafe locking scenario:
[  729.720505][T15580] 
[  729.727935][T15580]        CPU0                    CPU1
[  729.733280][T15580]        ----                    ----
[  729.738623][T15580]   lock(sk_lock-AF_SMC/1);
[  729.743113][T15580]                                lock((work_completion)(&new_smc->smc_listen_work));
[  729.752560][T15580]                                lock(sk_lock-AF_SMC/1);
[  729.759625][T15580]   lock((work_completion)(&new_smc->smc_listen_work));
[  729.766561][T15580] 
[  729.766561][T15580]  *** DEADLOCK ***
[  729.766561][T15580] 
[  729.774689][T15580] 3 locks held by syz.2.2321/15580:
[  729.779874][T15580]  #0: ffff8880a9536e40 (&sb->s_type->i_mutex_key#13){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  729.790393][T15580]  #1: ffff8880532327e0 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620
[  729.799782][T15580]  #2: ffffffff8e7e5260 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0
[  729.808902][T15580] 
[  729.808902][T15580] stack backtrace:
[  729.814777][T15580] CPU: 0 UID: 0 PID: 15580 Comm: syz.2.2321 Not tainted syzkaller #0 PREEMPT(full) 
[  729.814795][T15580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  729.814804][T15580] Call Trace:
[  729.814810][T15580]  <TASK>
[  729.814817][T15580]  dump_stack_lvl+0x100/0x190
[  729.814833][T15580]  print_circular_bug.cold+0x178/0x1c7
[  729.814856][T15580]  check_noncircular+0x146/0x160
[  729.814879][T15580]  __lock_acquire+0x14b8/0x2630
[  729.814895][T15580]  lock_acquire+0x1b1/0x370
[  729.814907][T15580]  ? __flush_work+0x4ca/0xcb0
[  729.814923][T15580]  ? mark_held_locks+0x40/0x70
[  729.814944][T15580]  ? __flush_work+0x4ca/0xcb0
[  729.814957][T15580]  __flush_work+0x4de/0xcb0
[  729.814971][T15580]  ? __flush_work+0x4ca/0xcb0
[  729.814986][T15580]  ? __pfx___flush_work+0x10/0x10
[  729.815001][T15580]  ? __pfx_wq_barrier_func+0x10/0x10
[  729.815022][T15580]  ? __pfx___might_resched+0x10/0x10
[  729.815037][T15580]  ? __smc_release+0x5ba/0x880
[  729.815055][T15580]  cancel_work_sync+0xd1/0xf0
[  729.815072][T15580]  smc_clcsock_release+0x5f/0xe0
[  729.815096][T15580]  __smc_release+0x5c2/0x880
[  729.815113][T15580]  ? __pfx_sock_def_readable+0x10/0x10
[  729.815126][T15580]  smc_close_non_accepted+0xda/0x200
[  729.815145][T15580]  smc_close_active+0x4ff/0x1070
[  729.815164][T15580]  __smc_release+0x634/0x880
[  729.815181][T15580]  smc_release+0x1fc/0x620
[  729.815198][T15580]  __sock_release+0xb3/0x260
[  729.815213][T15580]  ? __pfx_sock_close+0x10/0x10
[  729.815227][T15580]  sock_close+0x1c/0x30
[  729.815241][T15580]  __fput+0x3ff/0xb50
[  729.815260][T15580]  ? _raw_spin_unlock_irq+0x23/0x50
[  729.815280][T15580]  task_work_run+0x150/0x240
[  729.815294][T15580]  ? __pfx_task_work_run+0x10/0x10
[  729.815310][T15580]  get_signal+0x1bd/0x21e0
[  729.815328][T15580]  ? task_work_add+0x201/0x3b0
[  729.815342][T15580]  ? __pfx_task_work_add+0x10/0x10
[  729.815356][T15580]  ? __pfx_get_signal+0x10/0x10
[  729.815373][T15580]  ? __fput_deferred+0x217/0x4a0
[  729.815392][T15580]  arch_do_signal_or_restart+0x91/0x770
[  729.815413][T15580]  ? __sys_accept4+0x1cb/0x200
[  729.815433][T15580]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  729.815456][T15580]  ? __pfx___sys_accept4+0x10/0x10
[  729.815479][T15580]  ? rcu_is_watching+0x12/0xc0
[  729.815496][T15580]  exit_to_user_mode_loop+0x86/0x4a0
[  729.815510][T15580]  ? do_syscall_64+0x519/0xf80
[  729.815531][T15580]  do_syscall_64+0x6f2/0xf80
[  729.815550][T15580]  ? clear_bhb_loop+0x40/0x90
[  729.815567][T15580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.815581][T15580] RIP: 0033:0x7f0fe339c819
[  729.815594][T15580] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  729.815608][T15580] RSP: 002b:00007f0fe41dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  729.815622][T15580] RAX: fffffffffffffe00 RBX: 00007f0fe3616180 RCX: 00007f0fe339c819
[  729.815632][T15580] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  729.815641][T15580] RBP: 00007f0fe3432c91 R08: 0000000000000000 R09: 0000000000000000
[  729.815649][T15580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  729.815658][T15580] R13: 00007f0fe3616218 R14: 00007f0fe3616180 R15: 00007ffd275c8658
[  729.815671][T15580]  </TASK>
[  731.401208][T15597] Process accounting paused
[  732.777555][T15583] Process accounting resumed