last executing test programs:

3m21.12769666s ago: executing program 3 (id=1916):
r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
getsockopt$auto_SO_GET_FILTER(r0, 0x7, 0x1a, &(0x7f0000000040)='&}\x00', &(0x7f0000000080)=0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0xa, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f0000000000), 0x55}, 0x6, 0x66, 0x0)
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf258c00000008000300", @ANYRES32=0x0, @ANYBLOB="0e0099000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x400c080}, 0x0)
sendmsg$auto_NL80211_CMD_EPCS_CFG(r0, &(0x7f0000001a00)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000019c0)={&(0x7f0000001a40)=ANY=[@ANYBLOB="f08717ef35b88c7de7464c4842cfc11170200bb0d34905ae9809f92807a5d79b135cab42e4358e8b740afbdc83b84417826ea3da2bcf6d31f18536a264fabcc40d3e4e34307adb4778fef759c1b2b30def179bf8068f1111a8bc", @ANYRES16=r3, @ANYBLOB="00082abd7000fddbdf259d000000b60043002ba8e5e419dfce3d28e9d53451c7f3208ffb116aa4101cd488c49e56ab184683e45f66c0f19ca95a6053032d7e5b89a2f7977d9d241febe6be65a26aba8711f46b77d64da87c255b3cc5b30e8fcc8d45a5212ebd4c2f4f9e6a1ee760b395aeb69d7121cfa70a37c26b0a941872daf820edd3933c2a1cfe4ebb926aa9ff76eb399fb2f2ee85a2a2bdacec2520c2b43ac7e906356eb25521103f5a372d1052dc7d5729d7dd732fb611cac48d7e704276bffea4000004008b0039000d01a0ba0d971661a161ac72cfbfdea1585f29d9019b37c5a5dd9dabc5a6c042ec0c803dd74ce581bc397a1cbc48c54911cdf07903d37d00000061009c00ec31f3d059a5327a13dd50222b43f205ee7938ab260009bcbfd75b791ec4f16719bf123e3cf1c8121814247e685c6dcc2b1e339e1c333820b0de581fa46c26bac7973b6e243593561a1f7c6da0cb4585d94a85d9aca53b71496ea42c650000000410d700ff5bfd4ac86cb1724d1163060d5981582493716bb2389cec69bc6d4c67cfa4429a992f8d7217d8e90b13a8d286391ede7d021475a8c16901fe2b1bd311fe1902341f685183bbd6a6f9c18210756443d01092840908e99f7fca37b2092309b1f25971170aee869ec25f9123d73ad9600c552b5b129250a801146cfe9803903e15d678596cdda53e94c65af279248bdc668f00e0204fcb19c436383c936e7a54000de638d80637d11d2d506cb94b92e238e6115684978fd26f8cd1a715127231399d0e3db8cd0f01862e67a7a0799d3b283f0d4a143f1b1fdffdc34bd4e362747c82727cb53a592aedb56006fc73c96ae3ee844f021f4919ec5deb321dec70623c3705548a1f8a283ce1554f9359d9466f268f570fb56d7cce47d5d6025db972c7dc09f3d82ba4d44646ca0f707ae52b2de59230ad2a9737c3cfc9794b3c41c030d3e87aeac3513e8e5c3bf1cfe2a0cba648d940960fcfea264463e06a7029f9f287ad04a5d9aff3d6413642462196e4a9124644aa4719a39c101a248e8139504b45f5de4d0017f24abec15923b8c64579ddc07f8fda90fa60a505b52aa635ddb9e3e729b8fec2fad0d601fcc911dfbdcabf0b8b5baecc94e6591bc43cdceb1917ce87cb641badf174d0394376d4f1148999c7e83f5405d5a763cb136d4739df2734bf4b2160249ddb1878df071ca9ac864972ec8088b8cb7ef4d7a064e9a4bd3a3d94b7c916fc9a3b18a1dd380c66a90d62380f104af7e6a15aa646b6ad18eb84ac18576a28c991fb37a343a22d7cec11e40f4213890afdf4eab2f1ca37122199521b2687c84a13a5649b0efe2587c69adc7823ec3331f56af41a5f784e5ea6ca0245240902c0423738a76aedc4f1811d86f819b7de769c5d93ae83a916c6d97e4342d4b6c22003aeb0b9edaac8a017cd4e5a6b870e6918f075da956a22d2c879984512024ab136f42128162a8eea06ed4c68f132a19d41c508880a1fd2c3d1163bd61679e14d8ff3777df3fe153cf76f4229995eb4c3ae05e0ced147071207eb02f333c6e5939a9c01564538f824a06f2815e09aec7ae9d413540b4d8270a9b96c824af3b75ad5f9cf6090ecf6cbdca34c94194e58e96b270cbfb6f0ab3da0471ca0f0dc204b7d15090247bf54e9412b92f62c968647a88fbe82782605a2f86e8460c47d6db3f7b254f1ae6494a2f5101da11d45d1e136719097b9fb6f87c3fea0310243765c6ed7bf43aeb85194cecd595954d9777f8e890d0ea9c8a637b95d2779d1455bb3bce227a31ffd8e41f4be1074effe4ef9e3d277290529eb88d0ebb6c9442ed84df8752b67a9770aed781053d9db21d234d77a580293875387dc8d9b500dcae1947483fb4acf2bb5b66de45d7f815e9384ea9f0d9b0c753765883d6520769975a60e6cc739f28a0d4d8ce4ab81820e56e0f33fa2b680eb6ed5dd835751cdde5ce64bbfd50f1e1d2d3f3b69c5f7ddf9c04b402f15939c6cd80fe2ab2a18f834fb4a5d3c604f368ae2bfc7390e04e044e2f6f2e1e11d6f8ff9331075eadd178dbb2422c1079d8a95d0b22842e171e14d353932eb8af556970852dd33a4d46b34416c1c4f136ed0c56219952636af424d3b5dfec97e05fa5bd13d187ae5b1c47ca3087ac52d50b1d74493499d6c698d5a5058a7a795186d560fafda46d936fbb749629e486e86282ab0b123ac63dab57860ceb7ec8f8bdff7d5b1b87a5677e3dee1146c0f22c2f05879d5a56286b507ec417ef107327ff3e5f28f35b0263136437e96329a59fa46d4154f33d698d0a885028d9784465ca3145cd5c6242abd84cdc08cd41568b8e10ed674c329ec48836f7c9dac5348df2ff0e0ff567640dc71be464f3eb8ac0991b2a9cf7f25d5c376acf8a9503d0a32963d9de9aaca2d42cac5d77c92f437265568b399a3388bcb770408a5f8361613eb0c067a6b95c42b6498a80b32014c1ae24c63e4f529c7bd23c41dac93290ec95e7b030260b1c7268c6299b87208ccc6c54e441268ab7012484ac44c983947a676b67a3d02cdfe31e6fa0d480bfc99447c02f905c0f8e7f77bcd9980d42edf278298b274afc3dd651d2cd5cea5772f3d44318ca47e12d4ab515a5d709e791ecc8a968f3333cddb57fa62a0fd6019aa517c8126e64d46241530843c6269aac45e24315de53ae99fdcff80d3fb02c3ebf0d4ae02d4e61afe06de560197072c17fb403596b2015e79fa136504f021a79d180be5a74ee3b3f6c13a044330ef4c54b97ec817310de4464c5deb5307161776fdbca48a2ace564bb05121a6cbbc34abb812c33d901dfa8a59a9d4ea5465cd463430184c41e3318ca12524e4e93a4894e887ba5c46902041bff21e0e7ae8f4794554413bcb3c6fb6a76b6e598c9a53253c55be825588538888a0036ee70da0d7d13b4768a37fe33fdf7f1c333f3395f2efdc8454d63864cd532cbd39b5cfe79cafede4b1479ae5731fb35989d397247d2a99156ea41e63c39827f463d835cbcacfa4cf2ad8d1a03668b14abb48a5f63118a78c31012c277c20cd79e6daaad731ec88d4e380929dc354555f4e8ae7924ecbe8aa5fbb4f3d91e1e4c06b6ea72aef0753b90a3c15871381e654e4f5f7532690fdfd74ddfe09e42d04b99a75cb48479a8d94184b07a5b5eed26079ea8c5d741a12187a514ff813d07d11ae7ae125ed8dc7e83700ba09430ec8267297a7adad75251117a2b8240dfe606b7423a1e751259a308adb6b65e4b76cebc85eb7f3261082f22ae69569b1816d43ebeb80d17a7ba40858258e141f008ca8a9671d24b4c2de41c1d438440fa3782827664180afd43b3f6949ff0022f0174969ccdfdeb1fb2bf0e711f8610cff824c12fbdc63ea4378de28d74f8f750be2ec40fb127d7240861e0c2da6cfd11d63bf92c7443e3aad1aa192f1f9141ff8ed66fabb0989ffb4853a4893446f03e1802b2df40217d092fc744edecd23e8e33b42300ae8c6f6799ee3ed3d09f1de0ee38652440ea2a4a31224e4c223231f14b1411b03208fa66cccea7a5234a782b46fa55b7cad774d49c914ed616b4dfef1277fa8b5a6f9202dc25d9b395f34035774cd16933e45c5b95bcd5ffb55aee54802a39c6370f6a0cfeeb26198c0b2b242a2c0f2de752ef0e2b40d1cf83ce11902a2130ea7202c8a8c3fe1997520186dc8d477fc0e346358e5db2a83a406c5e635c85d1162aed568368e9885fa6a40c0140e25c452c15823063c67bc2381af09776ddbd8ac4f029f4001fa33b02bd817150f51d34e9ce94fad87efc18c11e5af513996ffc65c372d16326e77cb56c7674bb5261ccaa2a638ec993682e379b88fb63a0affc518804169a86b196d4191bb10d79f1b66d6b2969a49c9bbbede405a90599fcef73b40ba4c30442610eaa043ed8e981cc5db517c2f41b06b0cf0f7fcd814bd30430efc4335f328cf3c9efd2fe3b192ed50e0950074e7cd9ab0c073b5e9ac58c20de665d5c3b6d0aa5e053adbea019d1967abb8912e6406fd693e75a184a21cab7f3bea4902fb2e5e6bf150b19714508eefcd0dba517477e1537e642736ee460ea4bce2d97ef7f3cc3bc813c346a03c80b34afffa03671973f1604ff72d00d6837c46e768a6f8674e518c323077ba59c6597ec97d43485a20c2c54ad8a3beb9b8f07250ac2eee49c4f9d02189287961fc40460c0b69569cb876cb78b77e951ff3fca853a164dd80487b4586b711034c06db2803c3ba47d14369fcb79d9efc189a2de448f31cb956f6628eaf5dbd4fec66133575edd4edc33520250a9831548853254eda06016a8a44b07cf4d97d0342b2325ade8f40aa42079d6086e06a26e29cd616d60f9f57d40ba4a19f819970fe9dd1b08a09e8e89b92cd81244f8d2b1ca139f752245e18de593111c1291029fe9859f689331217e98fcab9ef42d816bd0635e8ed3b7caf10b0418881bb9b0305d94de9829b354b56ef22eaae5cc5ea3d9ff1a9ebcfe8b5c9b133a412919aedf2b5f9ab37ca1db315608a33a635d28bc901e7860856bd25e1cf41da3213ad1abbc7ed54cb35875872edcabfb65651858bc3ab15af439a01dc9622b78c8dc6a35a72b454cc59decb99a3c92a4ffd25ecdbf955ddc843c5b57b826e4113cdacf0cf66371633f57b0c7ae307473d0197534fb3c34b638c2042648e8ce78c554e587052f6cb87c79f38ec6dbd680caa14870207cab39c4837abc3af482e1c97b80941487388ac7159691393e9e4fb30db393ff6d8116ad73a2c0eac7d6ec512dd2647e17c8b7381650e84eb49290d993dce5a41a7553abf273be7262ec8e8d3f36b040de6cae962234a49c071b43e6b68f3c613c0b3bf465205f6b5f45dc6995d6303a44ba93b1933efb233efa8459633b69871f1e3f439c64c128151dbe53e4a2219b9cef44059cb3507354ea5016902f3295f84cf2e4a2c7b25adb6de82fdf78e063e0daa10b2aab375cdf671afb98d9d27d6b89cbd73524519eb30fc5ac7b87eb334771f5b0c8b1fd53d47b81ab78b65a9c0d988c261e4c4d074b328d0667bf8508ffacf56cce3bcfadb5a059e0beb6e4b6cfb4a6deca41f8067b343201dae608ede30ce76569009ee2cab00cbbb93d0a46e2cbb7bc92aaf5f75219942b97fc79f532c4eff3ec4fd622ed18707f766667a6d30579275ecef5234683d038b9d7f808c9b86e47a6969428486b4a953f9d508db24bcda89b9f855ee621135d7dc669097c34bbca72eed98c43719ac53c47a043d9c9dce99321148e444b0d255c0314ff1687a170751afdbdd3a411dbe5507284fa1bc30bc09dbe548bdd0619d6c07cd7649066b6395836a4797653a48e7342ef7e8f879f9677465a871080349a680522081ef66db2667a5a41fd6322d5282809aba807519316dee171879cbc7d2462d9715a5be4aba56b19a336a7e22eb06bbfba5a913f1cdbf531d92e69265af45e000c1c7a34bb73ec34a910241450a895ae3bcf8113b0b0b8b5d6dbfcd78ab6337dc8560b0f6d5a59267bd5f9ad90dcf7b639e90da2081298cee165edd554fd7b87138b81e31add85d109d74e81712a0874b4037ce1c252c198bb3a34b615d3a1e7b63d12e34f2cd8b3ed25e4110101c5d69a92d22f6d33c991532fd2b897a0c5b81c90f1f33a7b6fd920e524910241a72f647a2393e4338d60aa5221511295a140f1a8b1e5307529c57fcfb3cc990321a8d29084dbd698b395ea45dfe97abead979a02311ace81aa75451b69f36003ff2430376292d2739e9f77f04147c506c3b4e8ffad9404e38a23dbd1ae3cdbbfba6b26644efebc6df036878b66876b1f145c9a6b55cbea5438c4a8f419f2002d61b999c7f3bf691d12af346ecc9fac4bdbdd10318059d5ae149d216887758de5524116448c195bba51a46908dc516d25d5e7533f55cbddd7c05e6f3b469c8c39b44b3bba6a4c2512d401054bd919677a07eb719b68e5f251458c58b7e5edf3202a94a36df9a58e35242acd81417c1d8b06f8ab7a96ce7f4366b6a9d39f492eff5798cd85b840b23faeb65d011dde78fa4a70e7d2b1da3a886bd5dbf4e760ee6323538cbf414d84c5c40fe6931d3183021caddd9e5af7baa0150717851b1c311b02875176ebc44be31ffec04240c5f6850315bbd1b7d7add031623399cc26a8379bbdd0abfb7e21c3480600d1fb74fd58971efb9d1a8856f30279bcdb2fe4faadfe92dc21fafc4320aebfe52928b46a054f69d88035a615e377649ca791a1c7d445878517931360a49f9614ce150499f0cec3ab722927ceb6d404db10fb0b01d8e59041f46e72a7c309a98cd8619"], 0x1174}, 0x1, 0x0, 0x0, 0x1}, 0x80)
mmap$auto(0x3, 0x20009, 0xdb, 0xeb1, r0, 0x7fff)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
writev$auto(r0, &(0x7f0000000180)={&(0x7f0000000140)="426ade2faae7d570fe76", 0x2}, 0x4)
sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x7}, 0x1000000000028, 0x0, 0xc4}, 0x800}, 0x4, 0x4005)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x5, 0x2, 0x1, 0x2, 0x4, 0x7, 0x8, 0x9, 0x100000000000000a, 0x2, 0xa, 0x2000fca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
mmap$auto(0x0, 0x40009, 0xfff, 0x9b72, 0xffffffffffffffff, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='-\x00', @ANYBLOB=']'], 0x1ac}}, 0x40000)

3m20.04076214s ago: executing program 3 (id=1922):
r0 = socket(0x15, 0x5, 0x0)
syz_genetlink_get_family_id$auto_vdpa(0x0, r0)
sendmsg$auto_VDPA_CMD_DEV_DEL(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0xc1}, 0x4008050)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8)
ustat$auto(0x801, 0x0)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x10001)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
nanosleep$auto(&(0x7f0000000100)={0x8, 0xfffffffffffffffa}, &(0x7f0000000200)={0x2})
writev$auto(r2, &(0x7f0000000240)={0x0, 0x7}, 0x2)
r3 = setfsuid$auto(0xee00)
setreuid$auto(r3, 0x0)
msgctl$auto_MSG_INFO(0x875, 0xc, &(0x7f0000000180)={{0x2, 0xee00, <r4=>0x0, 0x9, 0x401, 0x0, 0x1}, 0x0, 0x0, 0x9, 0x7, 0x4, 0x5, 0x9, 0x200, 0x8, 0x5, @inferred=0xffffffffffffffff, @raw=0xcb})
fchown$auto(0xffffffffffffffff, r3, r4)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000440)='/dev/bus/usb/024/001\x00', 0x25ea03, 0x0)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r0, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x60, r6, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_PLCA_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x631}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_PLCA_BURST_CNT={0x8, 0x8, 0x1}, @ETHTOOL_A_PLCA_BURST_CNT={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x80080}, 0x10)
ioctl$auto(r5, 0x5522, 0xf15)
ioctl$auto_USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000000c0)={0x0, 0x4, 0x0, 0xfffe, 0xb1, 0x8, 0x0})
timer_settime$auto(0x0, 0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)

3m18.106299846s ago: executing program 3 (id=1928):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x2)
socketcall$auto(0x9, 0x0)
waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000100)={@_si_pad}, 0x76, &(0x7f0000000280)={{0x50b6c263, 0x3}, {0x8000, 0xfffffffffffffff6}, 0xd, 0x6, 0x0, 0x8000000000000001, 0x1, 0x1, 0x6326, 0x6, 0x8, 0xbd29, 0x3, 0x9, 0x9, 0x5})
ioperm$auto(0x7, 0x6, 0x80)
syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getxattrat$auto(0xffffffffffffffff, 0x0, 0xeb, &(0x7f0000000340)='/sys/kernel/debug/check_wx_pages\x00', 0x0, 0xffffffff)
memfd_create$auto(&(0x7f0000000040)='/sys/kernel/debug/check_wx_pages\x00', 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x10001, 0xc0000000, 0xffffffffffffffff, 0x7, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0xb, 0xe5, 0x3}, 0x10)

3m17.628125722s ago: executing program 3 (id=1930):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000000), r0)
sendmsg$auto_OVS_DP_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010028bd70007ddbdf250400000008000900", @ANYRES32=0x0, @ANYBLOB="8ace14796a85799e24a8c26f5df20c3fc8e14f87ada0d444f1ca09629a4c86e0e854181b60d783065a0ce44b0936bb9e121d37ab2223893491c1567d6d952e6e93b785543154af3ddd21ac00be58dbbffd8a0851578fcae8a20841c89d49bbb4f91999384e4c508f77cd9a100270ef00b479dcad5c16da5b56db72bcd4cc8c6cfcce4fa3ce30d3e1d61db010e74f1d05edd6eb92c28ac67c0de53cc90e9f2efd00ffde8f13aeae75d5b7"], 0x1c}}, 0x0)

3m17.428875717s ago: executing program 3 (id=1932):
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
r0 = socket(0xa, 0x801, 0x106)
setsockopt$auto(0x3, 0x1, 0x45, 0x0, 0x9)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0x28}, 0x5c)
r2 = prctl$auto(0x42, 0x1, 0x0, 0x1, 0x2)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r2, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7fff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f00000000c0)=@batch={0x0, 0x80000000, 0x8001, 0x7, 0x8, r1, 0x5, 0x3ff}, 0x6)
madvise$auto(0x0, 0x200007, 0x8)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x214, 0x7c, 0x4000000000df, 0x240eb1, 0x401, 0x300000000001)
process_vm_readv$auto(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x100000000000006, 0x3)
r4 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000200), r0)
getrandom$auto(&(0x7f0000000380)='!\x00', 0x7, 0x4)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
ioctl$auto(r5, 0x0, 0xffffffffffffffff)
sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYRES8=r0, @ANYRES16=r4, @ANYBLOB="00f728bd7000fbdbdf25857300000000055f000d004800000008000900e60000000800040064010100080009000900"], 0x34}, 0x1, 0x0, 0x0, 0x4040040}, 0xc020)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/workqueue/parameters/watchdog_thresh\x00', 0x1e2142, 0x0)
sendfile$auto(r6, r6, 0x0, 0x7fff)
pwrite64$auto(r1, &(0x7f0000000040)='\x00', 0x8, 0x5)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000180), r7)
sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES16=r8, @ANYBLOB="10002cb57000fbdbdf250a0000000600010008000000"], 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)

3m17.308868153s ago: executing program 3 (id=1934):
close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xe, 0x10, 0xffffffff, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8d46b36c83ce63f", 0x0, <r0=>0xffffffffffffffff, 0x7e0bcf1c, 0x7, 0x7, 0x6, <r1=>0xffffffffffffffff}, 0xf) (async)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nbd9/sched/write0_next_rq\x00', 0x100, 0x0) (async)
lseek$auto(0x3, 0x40, 0x1) (async, rerun: 64)
socket(0x2, 0x80802, 0x0) (async, rerun: 64)
shutdown$auto(0x200000003, 0x2)
r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r3 = openat$auto_fops_u8_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/nfcsim/nfc0/dropframe\x00', 0x80102, 0x0) (async)
r4 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
r5 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000180)={@siginfo_0_0={0x6, 0x14c, 0x9, @_sigsys={&(0x7f0000000100)="2acd1b398b7b96b5a560f9c41c277cbfff4d8881ef0a0e08ab43c54c346a477fda52407f591ca640c69a3e62d3ec8261a405f68f002589fc9a658cb774fea3c531ae9e8966f7ebaa8105be5bf31fa0263388df52662d547337823567d452944185b04e58ae328c", 0xfffffbff, 0x9f}}}, 0x2, &(0x7f0000000200)={{0x4c, 0x3}, {0x1000, 0xfffffffffffffff9}, 0x4, 0xff, 0x100, 0x0, 0x0, 0xff, 0x3, 0x1, 0x4, 0x368, 0x3, 0x7}) (async)
lstat$auto(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x3, 0x7, 0x4c, 0xfff, <r6=>0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x8, 0x642c8d80, 0x2f48, 0x0, 0x0, 0x6, 0x4, 0x2})
sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5a8, r2, 0x400, 0x70bd29, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x4b8, 0x2, 0x0, 0x1, [@nested={0x111, 0x13d, 0x0, 0x1, [@generic="3110198828600f2370de07fdfe386444a449881676ecbe2bed8bdcb297887744b29db8ad733f013895b4f916178920e2f4d64b717586af99a885fc95f7e17e79c169495a2e72ec9a0d6d8e38bb642f9196d21f4aab72a52f6ef7cb1af0154fa2a6989dcd88511e813e3df61b5beeba6954acaacaaeb4d42ae41de16a6713d56bbb19ddda865bd0cf3cc85887086061084363e070133e6292bd77f0a601c1e4dcd86313196b54426dba9c6011fb92e490766c648dbc919cc52c4daddd6a4f1f2ba97d5b240fa43fd023c181f68929d99fa9ffc7ff5cfc2fcaf48920c64ca1cf4d7cb9450f0ac9abc79c6171cd6beb82b1a4", @nested={0x4, 0x39}, @nested={0x4, 0x3b}, @typed={0x8, 0xc2, 0x0, 0x0, @fd=r3}, @nested={0x4, 0x10f}, @typed={0x8, 0x155, 0x0, 0x0, @fd=r4}]}, @nested={0x24, 0x83, 0x0, 0x1, [@nested={0x4, 0xdd}, @typed={0x14, 0x108, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x3a}, @typed={0x4, 0x10d}]}, @generic="8f227f09cb407186597570de20c9220e6538cba8f0fe81c986c25ff3c468", @typed={0x8, 0xb0, 0x0, 0x0, @pid=r5}, @generic="5f84b909e5e71adcb7402bb39f6e32485a18830a5edc281cf38f6495a9e07cea838528d279aac9c91a0cbf80ba8a785abaa044cfdf1b741cfb70576e19b97a65185e94365b605f8414d39a85740fd182ded03073cd872faace78474fbd22bf4e0613bca62326fc7fb8d9c533fb6265e8b3a3c9974f5174eb2a35456763c715c8259fe73c87a4554b3ee9dff9ff49b4c61f0e31278dee8ff5d777c43ae52d5382110d174c613b9a1d8a5b", @nested={0x1a1, 0x10e, 0x0, 0x1, [@nested={0x4, 0x8a}, @typed={0x8, 0xed, 0x0, 0x0, @u32=0x8}, @typed={0xc, 0x52, 0x0, 0x0, @u64=0x400}, @typed={0x9, 0x90, 0x0, 0x0, @str=',@(.\x00'}, @generic="e8a4ee11a40a6546834c03cf8211772d8a61b7bf15f3f9c582c9e887dcd2677b9d97c18ffb717529f15bb3dc275526e2121c6b713731aa9f8323dd2b9f60054ba8087d39a9101050a2cd926b4e78373bc7df9de4068535dd2ae64673c75eee0fb514db04112b318268e9a3a8094bf1224a74a79dc40ee9e4e0a737f5306e3b43dda39bc50bf3656a8bff66c1ebebc85d8b31efa15fe68a0f2644554df18a3dc595e930678d0b79ce6de811", @nested={0x4, 0x119}, @generic="9a4314584f615426b5fc7449ecdcbee50b41693563bebd0ace91054e95a42346e6cb859be45fd9acbd7bbe00520db6554d83d34d50529e6049ea9991477acbc0332cc748573e583fe03e77ed3624b6f5561c0647fb396468fc37cd7f9f9f8f22f8b5e8b4f8c28657942efcb55c26ffbca799d74b4ec38dcc53aad46c645b76ebe70cc3862a8f114ab7aa876c57caba7fc0ac83d20421d5883a3dcf26aaa76bb23f77aa82c636cee5276357edec6c4fb9e126722666cd21580f2c5f0e70075a9e5c78073db22b6d0ccefa"]}, @generic="fbb4f776eaf9b39d9743df95eb0fd987866fbe3004a442c2a49084d8ba46ea933b18efd365990e4774b960da5b93a8783b6059cd75ad9472963a2b3b91e24ed78374084754b1c73dd959c50c983e50a90f4186d0992bd386306d7842d53af96e85cfab7f9b2d149fcccbace68d419cac2cc4480d337da521715601e6f38315e94b8ee1c311c67e551064f9a50c92c9ff73e1ffbf46aa13d6cd2499e9c3921e2d532062c5583dabae8153fb591e", @typed={0x8, 0x6, 0x0, 0x0, @uid=r6}, @generic="577c36a1bb1bd0ecf0a53bb1a719f2be36683f6c21608896090d9770d0d9aedf4ec2754e222378cb8b0cddfb921be469a4be98f8081934fe392476c3f60e79a47782978e6ad89e65b97103ca5010d12c7198f7"]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x10, 0x3, 0x0, 0x1, [@nested={0x8, 0xad, 0x0, 0x1, [@nested={0x4, 0x148}]}, @typed={0x4, 0x63}]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xfffffffd}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xfffffffe}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0xb2, 0x3, 0x0, 0x1, [@typed={0x14, 0x104, 0x0, 0x0, @ipv6=@private2}, @generic="a0c52c00bdbe01f92efbb6e01c9bf64d5d1eb6d4487d59fc3bd8f7c5e7311806b144ca81791c12226e9ec2f17e7f4a555e9a9dd571e66d95b27ab551081cafbe63ee0c8c2bfb84e0c215becaeb76dff634ffac8acbd55dfc830ef8587951bedcf9eaf7969811eef11ec375846d36259385b87683755c5152f74cd5461ce4cd5e4f82873b93667c570b23211cd02ca5c603e8a43cf2d8", @typed={0x4, 0x6b}]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x9}]}, 0x5a8}, 0x1, 0x0, 0x0, 0x4c800}, 0x4000)
sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8804}, 0x40000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x5, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x5, 0x3, 0x4000000000008, 0xfffffffffffffffa, 0xab, 0x0, 0x9]}, &(0x7f0000000040)={0x0, 0x3}) (async)
bpf$auto(0x1a, &(0x7f0000000380)=@token_create={0x8, r1}, 0x92)

3m2.204408068s ago: executing program 32 (id=1934):
close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xe, 0x10, 0xffffffff, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8d46b36c83ce63f", 0x0, <r0=>0xffffffffffffffff, 0x7e0bcf1c, 0x7, 0x7, 0x6, <r1=>0xffffffffffffffff}, 0xf) (async)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nbd9/sched/write0_next_rq\x00', 0x100, 0x0) (async)
lseek$auto(0x3, 0x40, 0x1) (async, rerun: 64)
socket(0x2, 0x80802, 0x0) (async, rerun: 64)
shutdown$auto(0x200000003, 0x2)
r2 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r3 = openat$auto_fops_u8_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/nfcsim/nfc0/dropframe\x00', 0x80102, 0x0) (async)
r4 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
r5 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000180)={@siginfo_0_0={0x6, 0x14c, 0x9, @_sigsys={&(0x7f0000000100)="2acd1b398b7b96b5a560f9c41c277cbfff4d8881ef0a0e08ab43c54c346a477fda52407f591ca640c69a3e62d3ec8261a405f68f002589fc9a658cb774fea3c531ae9e8966f7ebaa8105be5bf31fa0263388df52662d547337823567d452944185b04e58ae328c", 0xfffffbff, 0x9f}}}, 0x2, &(0x7f0000000200)={{0x4c, 0x3}, {0x1000, 0xfffffffffffffff9}, 0x4, 0xff, 0x100, 0x0, 0x0, 0xff, 0x3, 0x1, 0x4, 0x368, 0x3, 0x7}) (async)
lstat$auto(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x3, 0x7, 0x4c, 0xfff, <r6=>0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x8, 0x642c8d80, 0x2f48, 0x0, 0x0, 0x6, 0x4, 0x2})
sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(0xffffffffffffffff, &(0x7f00000009c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000980)={&(0x7f00000003c0)={0x5a8, r2, 0x400, 0x70bd29, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x4b8, 0x2, 0x0, 0x1, [@nested={0x111, 0x13d, 0x0, 0x1, [@generic="3110198828600f2370de07fdfe386444a449881676ecbe2bed8bdcb297887744b29db8ad733f013895b4f916178920e2f4d64b717586af99a885fc95f7e17e79c169495a2e72ec9a0d6d8e38bb642f9196d21f4aab72a52f6ef7cb1af0154fa2a6989dcd88511e813e3df61b5beeba6954acaacaaeb4d42ae41de16a6713d56bbb19ddda865bd0cf3cc85887086061084363e070133e6292bd77f0a601c1e4dcd86313196b54426dba9c6011fb92e490766c648dbc919cc52c4daddd6a4f1f2ba97d5b240fa43fd023c181f68929d99fa9ffc7ff5cfc2fcaf48920c64ca1cf4d7cb9450f0ac9abc79c6171cd6beb82b1a4", @nested={0x4, 0x39}, @nested={0x4, 0x3b}, @typed={0x8, 0xc2, 0x0, 0x0, @fd=r3}, @nested={0x4, 0x10f}, @typed={0x8, 0x155, 0x0, 0x0, @fd=r4}]}, @nested={0x24, 0x83, 0x0, 0x1, [@nested={0x4, 0xdd}, @typed={0x14, 0x108, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x3a}, @typed={0x4, 0x10d}]}, @generic="8f227f09cb407186597570de20c9220e6538cba8f0fe81c986c25ff3c468", @typed={0x8, 0xb0, 0x0, 0x0, @pid=r5}, @generic="5f84b909e5e71adcb7402bb39f6e32485a18830a5edc281cf38f6495a9e07cea838528d279aac9c91a0cbf80ba8a785abaa044cfdf1b741cfb70576e19b97a65185e94365b605f8414d39a85740fd182ded03073cd872faace78474fbd22bf4e0613bca62326fc7fb8d9c533fb6265e8b3a3c9974f5174eb2a35456763c715c8259fe73c87a4554b3ee9dff9ff49b4c61f0e31278dee8ff5d777c43ae52d5382110d174c613b9a1d8a5b", @nested={0x1a1, 0x10e, 0x0, 0x1, [@nested={0x4, 0x8a}, @typed={0x8, 0xed, 0x0, 0x0, @u32=0x8}, @typed={0xc, 0x52, 0x0, 0x0, @u64=0x400}, @typed={0x9, 0x90, 0x0, 0x0, @str=',@(.\x00'}, @generic="e8a4ee11a40a6546834c03cf8211772d8a61b7bf15f3f9c582c9e887dcd2677b9d97c18ffb717529f15bb3dc275526e2121c6b713731aa9f8323dd2b9f60054ba8087d39a9101050a2cd926b4e78373bc7df9de4068535dd2ae64673c75eee0fb514db04112b318268e9a3a8094bf1224a74a79dc40ee9e4e0a737f5306e3b43dda39bc50bf3656a8bff66c1ebebc85d8b31efa15fe68a0f2644554df18a3dc595e930678d0b79ce6de811", @nested={0x4, 0x119}, @generic="9a4314584f615426b5fc7449ecdcbee50b41693563bebd0ace91054e95a42346e6cb859be45fd9acbd7bbe00520db6554d83d34d50529e6049ea9991477acbc0332cc748573e583fe03e77ed3624b6f5561c0647fb396468fc37cd7f9f9f8f22f8b5e8b4f8c28657942efcb55c26ffbca799d74b4ec38dcc53aad46c645b76ebe70cc3862a8f114ab7aa876c57caba7fc0ac83d20421d5883a3dcf26aaa76bb23f77aa82c636cee5276357edec6c4fb9e126722666cd21580f2c5f0e70075a9e5c78073db22b6d0ccefa"]}, @generic="fbb4f776eaf9b39d9743df95eb0fd987866fbe3004a442c2a49084d8ba46ea933b18efd365990e4774b960da5b93a8783b6059cd75ad9472963a2b3b91e24ed78374084754b1c73dd959c50c983e50a90f4186d0992bd386306d7842d53af96e85cfab7f9b2d149fcccbace68d419cac2cc4480d337da521715601e6f38315e94b8ee1c311c67e551064f9a50c92c9ff73e1ffbf46aa13d6cd2499e9c3921e2d532062c5583dabae8153fb591e", @typed={0x8, 0x6, 0x0, 0x0, @uid=r6}, @generic="577c36a1bb1bd0ecf0a53bb1a719f2be36683f6c21608896090d9770d0d9aedf4ec2754e222378cb8b0cddfb921be469a4be98f8081934fe392476c3f60e79a47782978e6ad89e65b97103ca5010d12c7198f7"]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x10, 0x3, 0x0, 0x1, [@nested={0x8, 0xad, 0x0, 0x1, [@nested={0x4, 0x148}]}, @typed={0x4, 0x63}]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xfffffffd}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xfffffffe}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0xb2, 0x3, 0x0, 0x1, [@typed={0x14, 0x104, 0x0, 0x0, @ipv6=@private2}, @generic="a0c52c00bdbe01f92efbb6e01c9bf64d5d1eb6d4487d59fc3bd8f7c5e7311806b144ca81791c12226e9ec2f17e7f4a555e9a9dd571e66d95b27ab551081cafbe63ee0c8c2bfb84e0c215becaeb76dff634ffac8acbd55dfc830ef8587951bedcf9eaf7969811eef11ec375846d36259385b87683755c5152f74cd5461ce4cd5e4f82873b93667c570b23211cd02ca5c603e8a43cf2d8", @typed={0x4, 0x6b}]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x9}]}, 0x5a8}, 0x1, 0x0, 0x0, 0x4c800}, 0x4000)
sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8804}, 0x40000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x5, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x5, 0x3, 0x4000000000008, 0xfffffffffffffffa, 0xab, 0x0, 0x9]}, &(0x7f0000000040)={0x0, 0x3}) (async)
bpf$auto(0x1a, &(0x7f0000000380)=@token_create={0x8, r1}, 0x92)

2m38.399291804s ago: executing program 4 (id=2072):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000b80)='/proc/sys/kernel/kptr_restrict\x00', 0x202, 0x0)
openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x248880, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto_ecryptfs_miscdev_fops_miscdev(r2, 0x0, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000000c0)=ANY=[@ANYBLOB="f77777d9d5288d11dc8c19d04bd0822000009c", @ANYRES16=r1, @ANYBLOB="036c25bd7000fedbdf2504000000080017000200000004001d00"], 0x20}, 0x1, 0x0, 0x0, 0x404c884}, 0x64004890)

2m38.158214087s ago: executing program 4 (id=2076):
r0 = prctl$auto(0x23, 0xc, 0x2008, 0x0, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x402800, 0x0)
mmap$auto(0x0, 0x42020009, 0x3, 0x10010, 0xfffffffffffffffa, 0x3)
mmap$auto(0x200000000, 0x5, 0x8, 0x40009b72, 0x2, 0x8000)
ioctl$auto_VHOST_SET_VRING_KICK2(r0, 0x4008af20, &(0x7f0000000000)={0x9, <r1=>r0})
socketcall$auto(0x9, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000)
r2 = openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/cec/cec23/status\x00', 0x6380, 0x0)
read$auto_debugfs_devm_entry_ops_file(r2, &(0x7f00000001c0)=""/27, 0x1b)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401c2, 0x2081, 0x3f, 0x7ffc, 0x1ffde, 0x8001, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x200000003004, 0x9, 0x6, 0x10002, 0x80, 0x400, 0xa9, 0x1000, 0x401ffc, 0x8203, 0x400, 0x2, 0x1, 0x0, 0x40, 0x4, 0x2, [0x7249, 0xa9d, 0x0, 0x1000000000000000, 0x0, 0x7, 0x2, 0x0, 0x0, 0x200000000000000, 0xfc6a, 0x1000000, 0x10000, 0x40000000000, 0x0, 0x500000000000, 0x80000000000000, 0x0, 0xffffffffff7ffffc, 0x5, 0x0, 0x2, 0xfff, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0xb, 0xfffffffffffffffc, 0x400000000000002, 0xfffffffffffffffc, 0x3, 0x1, 0x5, 0xfffffffffffffffc, 0x4]}, 0x3, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
socket(0x200000000000011, 0x2, 0x0)
r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_UI_BEGIN_FF_ERASE(r3, 0xc00c55ca, &(0x7f0000000000)={0x8, 0x5, 0x5})
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0x5}, 0x2, 0x0, 0x7, 0xa505}, 0x2}, 0x7, 0x4008)
mmap$auto(0x0, 0x40000c, 0xdf, 0x9b76, r1, 0x0)
write$auto(0x1, 0x0, 0x80000000)
munmap$auto(0x8000, 0xffffffff)

2m37.835665074s ago: executing program 4 (id=2078):
r0 = socket(0x10, 0x2, 0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFC_CMD_DEACTIVATE_TARGET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="000429bd7000ffdbdf253400007e"], 0x14}, 0x1, 0x0, 0x0, 0x40000000}, 0x4)
close_range$auto(0x0, 0x5, 0x0)
fanotify_init$auto(0x6, 0x2000000000002)
io_uring_setup$auto(0x100006, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
setresuid$auto(0x8, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001800), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_RECONFIGURE(r2, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRESHEX=r2, @ANYRES32], 0x14}, 0x1, 0x0, 0x0, 0x11}, 0x40000)
write$auto(r1, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC<s\xbf\xf4\xf37o\xec\f\xf4\xde\x06\xb4x\xcep|\xa1\xd5\xc3r\x8d\xe5\xda#\f\xa7-\xaf@\xc3x\xa2\"h\xec\xa0\x9ay\'\x99\xca\x9a\xa6\xda6\xb3E\xe1-\x17I!J\xf0\xb7\xc9O\xe9f\x93~\xce\x0e\x8c\xfa\xe3\x89\xca\xf5\xa2\xd2t\x84\xf8`e\x16\xf49\x9aVBa~i\xb9s\x00\x00\x00\x00\x00\x00\x00\x00\n\x04>=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5)
getsockopt$auto_SO_SNDTIMEO_NEW(r1, 0x8, 0x43, 0x0, 0x0)
keyctl$auto(0x19, 0x0, 0x0, 0x0, 0x9)
write$auto(0x0, &(0x7f00000000c0)='vlan1\x00', 0x10001)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0)
madvise$auto(0xcf, 0xffffffffffff0003, 0x16)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x9, 0x0)
r4 = prctl$auto(0x3f, 0x1, r3, 0x80000, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
r5 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
move_mount$auto(r5, 0x0, r4, 0x0, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0x200eb1, 0xfffffffffffffffa, 0x4)
sysfs$auto(0x2, 0x1e, 0x0)
r6 = fsopen$auto(0x0, 0x1)
fsconfig$auto_SHMEM_HUGE_ADVISE(r6, 0x2, &(0x7f0000000040)=',%!/-%,\x00', &(0x7f0000000080), 0x3)

2m36.742394803s ago: executing program 4 (id=2080):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0)
write$auto(r0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m36.655000253s ago: executing program 4 (id=2081):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x8000, 0x0)
read$auto(r0, &(0x7f0000000000)='veth1\x00', 0x10)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="cf5728bd7000fedbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020)
read$auto(0xffffffffffffffff, 0x0, 0x7f)
mprotect$auto(0x8000, 0x8, 0x8)
mmap$auto(0x3, 0x400008, 0xdf, 0x10009b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0xf7374674b920089e)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10000, 0x0)
r3 = socket(0x29, 0x2, 0x0)
ioctl$auto(r3, 0x8993, 0x24)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)

2m35.021443759s ago: executing program 4 (id=2086):
r0 = socket(0x8, 0xa, 0xc71b)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syzkaller1\x00'})
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
r2 = ioctl$auto_TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000140)=0x6)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r1)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x148, r3, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "e0300d968ce1c1279685ea96c3b0147e1e8618b9c3530a554f97"}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_STA_FLAGS2={0x30, 0x43, "6cd917b486151b826e62a739b89e7ef6cec39eadc8df7db1baf62a26f41e2bbcfc21d622b5315dd8e528d33d"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0xfff}, @NL80211_ATTR_BSSID={0xcb, 0xf5, "a2a141e7cf951da39aa73953aa5057cd19dd3a3b07f19eca90bee5815f45449dc7b29cdb6e27325f4a4113ac3e1e5f51dff723bd1f4ff16151f5dd53d06f95aa441ab1ef6633770483cc46232a2c2d46ac85316cdb235e4e1029aa0a2f4a8306ff2b96978c5d0c2e973ee6314fff8ced4a55181efaf78d7eaecdad1421f8443203a21070a9eb2c1476d268bcf7720655e4b11585766b77e6ca7fb4c822da100cc37a05bdb98f0117faca9db4a01d2ec5ccd157301647bffb06fac3de9c19ef32007d25507069ea"}]}, 0x148}, 0x1, 0x0, 0x0, 0x8000011}, 0x6)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/008/001\x00', 0x402, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x0, 0x841002, 0x0, &(0x7f0000001140), 0x0, 0x2)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x7ff, 0x3, 0x101, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/memory.force_empty\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)

2m19.448530832s ago: executing program 33 (id=2086):
r0 = socket(0x8, 0xa, 0xc71b)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syzkaller1\x00'})
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
r2 = ioctl$auto_TUNSETDEBUG(r1, 0x400454c9, &(0x7f0000000140)=0x6)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), r1)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x148, r3, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "e0300d968ce1c1279685ea96c3b0147e1e8618b9c3530a554f97"}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_STA_FLAGS2={0x30, 0x43, "6cd917b486151b826e62a739b89e7ef6cec39eadc8df7db1baf62a26f41e2bbcfc21d622b5315dd8e528d33d"}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, 0xfff}, @NL80211_ATTR_BSSID={0xcb, 0xf5, "a2a141e7cf951da39aa73953aa5057cd19dd3a3b07f19eca90bee5815f45449dc7b29cdb6e27325f4a4113ac3e1e5f51dff723bd1f4ff16151f5dd53d06f95aa441ab1ef6633770483cc46232a2c2d46ac85316cdb235e4e1029aa0a2f4a8306ff2b96978c5d0c2e973ee6314fff8ced4a55181efaf78d7eaecdad1421f8443203a21070a9eb2c1476d268bcf7720655e4b11585766b77e6ca7fb4c822da100cc37a05bdb98f0117faca9db4a01d2ec5ccd157301647bffb06fac3de9c19ef32007d25507069ea"}]}, 0x148}, 0x1, 0x0, 0x0, 0x8000011}, 0x6)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/008/001\x00', 0x402, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x0, 0x841002, 0x0, &(0x7f0000001140), 0x0, 0x2)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x7ff, 0x3, 0x101, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/memory.force_empty\x00', 0xa001, 0x0)
write$auto(r4, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)

30.597504904s ago: executing program 1 (id=2428):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/kcore\x00', 0x28000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
r0 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop0\x00', 0xe0801, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
mremap$auto(0x9, 0x8, 0xb7, 0x103b8, 0x81)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r0, 0xa, 0x0, 0x9)
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
open(&(0x7f00000000c0)='./file0\x00', 0x40040, 0xd9)
move_pages$auto(0x0, 0x1001, 0x0, 0x0, 0x0, 0x0)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x5393, r1)

29.961833036s ago: executing program 1 (id=2429):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x486c41, 0x0)
socket(0xa, 0x3, 0x3b) (async, rerun: 64)
connect$auto(0x3, 0x0, 0x58) (async, rerun: 64)
mmap$auto(0x0, 0x4, 0x7, 0x40eb2, 0x401, 0x300000000000)
set_mempolicy$auto(0x6, 0x0, 0x9) (async, rerun: 32)
process_vm_readv$auto(0x0, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000480)="354687e289152900d9305d6bed5fb1d49ebb983f5d0079346ccae0495f9be98ef3f78985f72034ef27ccb20736399ea2e758d8a4a0d74a462d54f138a2dabfc0513f4dc1b20efd2df73d243338161d5804e3017b0608a62932d1f28db52427bfeae3dc1d5e22f2edb0a179bf09195a80b111d1e049b028eb49be44e71507a4d8ed119da000e3ad88efd318bd7790ad1b16fed0bded22e7bb8461439a4de578d1d7d6441f4b1f6ccdc35d160000000000000000ce36c992ece6c840bc2d4108601d0eb63e5dc3c88ceb5dedaa7b728620d183b35aa6f2db1c0d5d11beb07331b45e8d5999d459ca55dd8af16941043e0bc9146ba1a51574c9875473c475f13a9730b74458710bff75ddaac4121d3b72ca121f010801abcc776f835203", 0x41}, 0x100, 0x0) (rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow\x00', 0x40, 0x0) (async)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/fail-nth\x00', 0x2a02, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0)
pread64$auto(r1, 0x0, 0x10001, 0x830) (async)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7e}, 0x40000000000009) (async, rerun: 32)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) (rerun: 32)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0003, 0x17) (async, rerun: 64)
prctl$auto(0x1000000003b, 0x5, 0x4, 0x5, 0x18) (rerun: 64)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async, rerun: 64)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
open(0x0, 0x163340, 0x16e)
socket(0x2, 0x80802, 0x0)
capset$auto(0x0, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async, rerun: 32)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @loopback}, 0x50)

29.604975296s ago: executing program 1 (id=2430):
clone3$auto(0x0, 0x1) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_freeze_timeout\x00', 0x8242, 0x0)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
unshare$auto(0x40000080) (async)
pselect6$auto(0x5, 0x0, &(0x7f0000000180)={[0x2, 0x8, 0x9, 0x3, 0x80000000101, 0x1c00000, 0xa1, 0x400000008, 0xfffffffffffffffe, 0x8, 0x1, 0x4, 0x1, 0x0, 0x80e, 0x9]}, 0x0, 0x0, &(0x7f0000001040)) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async)
setgroups$auto(0xebeb, &(0x7f00000000c0)=0x7) (async)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) (async)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x4000006, 0x4, 0x0, 0x4, 0x0) (async)
write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3a, 0x20, 0x89687, 0x100000000000003, 0x3c2a19d5, 0x6, 0xfffffffffffffff5, 0x65, 0xf6, 0x7, 0x6d3f, 0x6, 0xa, 0x7]}, 0x0) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x800, 0xfffffffffffffffb, 0x1, 0x4, 0xb6c, 0x100000000, 0x6, 0x4, 0x100000003, 0x9, 0x3, 0x6d3c, 0x2, 0x2, 0x8000000000000006]}, 0x0) (async)
keyctl$auto_KEYCTL_NEGATE(0xd, 0x0, 0x0, 0x0, 0x2) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/iforce/bind\x00', 0x0, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TIOCGDEV2(r1, 0x542f, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socketpair$auto(0x3, 0x5, 0x8000000000000000, 0x0) (async)
openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x181441, 0x0)

28.654766614s ago: executing program 1 (id=2434):
socket(0x1d, 0x2, 0x6)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x1, 0x401bf, 0x734f, 0x37, 0x67f, 0xfffffff8, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x8, 0x84, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x400000, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, 0x1fe, 0xd)
io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1)
r1 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000001a00), 0x801, 0x0)
write$auto_nvmf_dev_fops_fabrics(r1, &(0x7f0000001a40)="fb40e8", 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x1, 0x0, 0x10000000000000, 0x2}, 0x895}, 0x3, 0x0)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1018}, 0x1, 0x0, 0x0, 0xefb7e034ab6a1498}, 0x24000084)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0)
bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000500)={0x7, 0x0, [{0x40000020, 0x2, 0x6}]})
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r4, 0x1, 0x7ff)
ptrace$auto_PTRACE_GETSIGINFO(0x4202, r4, 0x5, 0x2)
r5 = socket(0x2, 0x1, 0x106)
bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
ioctl$auto(0x3, 0x541b, 0x38)
mprotect$auto(0x0, 0x2, 0x1000002)
sendfile$auto(0x3, r0, 0x0, 0x400000000006)

7.617903789s ago: executing program 2 (id=2483):
mmap$auto(0x0, 0x2020008, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
getsockopt$auto_SO_SNDTIMEO_NEW(r0, 0xa, 0x43, &(0x7f00000000c0)='\']\x00', &(0x7f0000000100)=0x2)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
statmount$auto(0x0, &(0x7f0000000180)={0x407, 0xffffffff, 0xd29e, 0xd, 0x1, 0x8000001007182, 0x2, 0x7, 0x6, 0x7, 0x89, 0x8, 0x4, 0x200000000001, 0x3, 0xfffffffffffffffa, 0x500000000000000, 0x0, 0x30, 0x0, 0x862, 0xe, 0x2, 0x9, 0x4, 0x83, 0xfffffffffffffffc, 0xfffffffe, 0x0, 0x80000000, 0x0, [0x0, 0x0, 0x0, 0x71, 0x0, 0x40000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x2000000000000, 0x0, 0x0, 0x0, 0xf, 0x20000004, 0x800, 0xfffffffffffffffc, 0x0, 0x4000000010001, 0x1000000000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x40000000000000, 0x0, 0x0, 0x2, 0xcc, 0x0, 0x3, 0xfffffffffffffffc, 0x1]}, 0x8, 0x9) (async, rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32)
r1 = openat$auto_binder_features_fops_(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/features/freeze_notification\x00', 0x40000, 0x0)
pread64$auto(r1, 0x0, 0x2, 0x7a)
r2 = socketcall$auto(0x75845b89, &(0x7f0000000140)=0x7bf)
r3 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f00000000c0)=0x3b)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, r3, 0x1) (async, rerun: 64)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r2, &(0x7f0000000b80)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000b40)={&(0x7f00000003c0)={0x768, 0x0, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x6}, @NL802154_ATTR_SEC_KEY={0x149, 0x30, 0x0, 0x1, [@generic="f524cf89e59acdcdf0ebfc9dffe1566eee5b42eb303f37858b1bd8993fe811d5abf50ddd95c64aaa411bcc9b24d20054326a27a2d027e42757d4de2eb2e6134e7e7917778eff514b280321910aceb733fe4af55691f6d81cd782b35b6f119b6fd737e80a24dc1a2ded39eadc0387fa1d3ac5cb1e87a86db9dac366e3adaf42c6b9123f18be5971a47515907ce6afad5a6926ba7be14d66ee2c6e", @generic="b23bbc4318cefe075e585f4b373293f3f8a846927bab3e9c9800ab4606a50e6505d99ea125af0edd13a431a21f7530cb01a8f7dc53cb16bec8d7d0a3d855b8ff96c8cd9a3f92ac2dafd85badb8270aad5e3ec8c55ddaf9ccdb1b1907fd5ea8d918b6db851b8e52d20d493f46ec9f07d90b9a43bfcaf5f42360734ce9444ab4ade664a5eb29ca12a7a78ba0b11d4515d8b2f3119f3ae8c0ca9764d21ace5bda5c8c0a54d7769fc066781e7a"]}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x8}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r3}, @NL802154_ATTR_SEC_KEY={0x5db, 0x30, 0x0, 0x1, [@typed={0x8, 0x3b, 0x0, 0x0, @u32=0x73d}, @nested={0x18c, 0x15, 0x0, 0x1, [@generic="477f4d29ef32ebc5b27752170e3ef316875f1b42d1406c7ea5e8660259da923c2e8fa6f512ff8a6778f46c5e8aa44eb6a8481284f727e4ce627272cdf66d9f5d41a8131b6b2fa3ed4d7bb1bb88a624ade0b87b4932c98aee947050944e3d0710f5c35e00f8e6e0d3bcb1e4188f16f95cbc04254fd8d15a8ea42806e55b99e2788f9e315b8549c22df9fdf51df855a79d", @generic="695fc252c2f8b556add10cc983c3e0c09d8cf2cb80989e9f0e9cd748dc349885a97e1cd921114a11c99aa541ce139cf8713ff8405988568fdbfa6bc2bfe53931bd2e3f05c1f88dd55dbcbba6e0ac9219093db6345e665585d531a4deb6a8573794685e459f2e8e5254894ef5fb403cf3ab66f6535cb75ac2557e3bf035fe3ab18a70333627e05bd5901f189c157932b41192407e4a7750637b888e5e09ace443c78bc623874315cba5e533875ab24b1778210fe8c2b5edae6c420e669f63a10ccac0bdc5e6a50b1fd2e6bc9704073928b5cba23c7a7bec70d6740d4cd73eb3877982f5228f55490de0fa325113e0d07d2a0ff44bb67d12ed"]}, @generic="5b8d72daa86d099d3ddf949b1a522582b6ab58a93d8d6dd84198b15e552ff6fa04db55af450b88467a38ac5c7bb56eed2e66a4beb8022156872e2d2c958eaddb66b3cf44dcbe38df96", @generic="989daa7e3fc73bbba91b4704f33189b3dd0746a5c14fd14b4188434819b49ce493d79f18daed5f60a5dacbb799521b22867285b95e40875f103ddf4f8499af87285cc47fd634aedbc3f231d80f966558c8492e03b72bed6165f29a2e553a01555062d8f04b6e5d9494179098e7b641a6a0a088508000c6edad799d36fd68578cb59eae1eb0cbfbfcab82785ef7222d10dad31e63227bfaf53720e163e2efcab1", @typed={0x8, 0x14d, 0x0, 0x0, @u32=0x2}, @nested={0x228, 0xd2, 0x0, 0x1, [@generic="ad28efdfe30d1a06dd6a5c77f8a17e95ba844ef9673abfc833ddfe00dd21332c21dd29d6e6ee666525b95904d33c8f18c7392b93c7c355d77272127d3e761946a6495d6c89c70f0d1d4b0cc138180709b735d5b425dc47364f1c77a926fe0e6b13fd5ba102967d61ca27665fdbc417c220e1e82751732d6f0c379d836b7b3ac6ec16c963edc163558622b2cf807f9f6ac535df5f941b4ae742fdb19362eee184eabeae6d5321ffa8f6c11dc169a495c358efb32a6ba533070a3028e0d6bcda34461eeb", @nested={0x4, 0x155}, @generic="f953e7927cea9de8d03b3b2f33d363d333884245adef4d5118340d3a74819832c75e78590f10f75faaac34609c94a0b04e678dca0da39b45746c76833ab6789bd75c22f274b96a7e762737b567653ac6a321df24d2c4cf6c06b4cb805daea80e4e004af43b3da4d841d387c95f1f6e10460c8dfa1469b842f03d8d33c2cfc4b937fde73262d25678d87f9ce08510a6f5156a50402f6cb905c8cf52648c7b4455950cff58c5735ccf02bc0f21cf9f099b1a9484cc299c5d3a9e4142247e5c1d7344f790834f1130ecd581135c3dd8495c6265ff2db8f46681c4ed4f0b092989def037203028454eb711ee0cab2cd80c72a4500ffe7dd21fe4", @generic="7c97a6ece071065fc60321553f05cb8b78fa2059b592a8db10ef416a731c7f17fe2165ab726a99e10b8fdcf3047d0595732d0eb0ee6cc8b3c8bbe80143ce0841c9", @typed={0x20, 0x100, 0x0, 0x0, @binary="463a5a24fdd8ed76042ee9d89122d81b497224e237dfc332e9d132ba"}, @nested={0x4, 0x58}]}, @generic="82db4c9426faa230b8dd92d6e30fc5ab96648f81f670f8b4991b0b01393f3cb3f0d1211b754094f5ee7da41008624ab706a6f18690ae586e2c7cfb65bdea2db5d3d6f89f3996d8352ee257d9a49b0f6fb8dcb85b6b25a67ae0cdbe9f916d5d3dae0e9a1b66f50e1f11874147630811de2bebeb5d771d26e47ff2ce9e91f36db417edb2246d4dbaf499f5", @nested={0x4, 0xd}, @nested={0x91, 0x114, 0x0, 0x1, [@typed={0x8, 0x9d, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x11}}, @generic="235adfbdbae1b3859d10c6e6", @generic="85fe6418d76de7d0c6182923a5c41bfebf4b18c4a720aac84c5a3848adf79b2e2ed0e6c9ecc166c22e0aa85684a158b59ab3f7bb2b16df", @generic="4026f53b1e853971d8e97772c16236164f36b73ce929c7aaf19745a8a07a7f5439180de8c9376f0bd010bb0d7fbba3beb3da27868980b0063817cea177d5d8ce516b"]}, @typed={0x8, 0x156, 0x0, 0x0, @fd=r1}]}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'dvmrp0\x00'}]}, 0x768}, 0x1, 0x0, 0x0, 0x4008804}, 0x8004) (async, rerun: 64)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4], 0x20}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) (async, rerun: 32)
r5 = socket(0x10, 0x2, 0x0) (rerun: 32)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xb, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='*'], 0x1ac}}, 0x40000) (async)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa509}, 0x800}, 0x7, 0x4008)

6.595157286s ago: executing program 0 (id=2486):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
mremap$auto(0x200000, 0x2, 0x2, 0x7, 0x9)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000340)="f687ed881836f44da908035dfd113e1e9a4ae9b45de6b7f7bc7bae6091e791f7c9b90bcd037a74d7ecf97f4c892a04071c985eb9177fccdfee1bfaf1ad00000000b7ffffff7f25bb3de375f94a33b7e751ef9e62cd1212098adaa8334a77a89d8fbf3cc84da8929f95887e606d183298cb396550a8238184e8a329a7a4adb236a25473fccfdf358eab70ab9cb7bd6d6731b428115cccbac2f6358f2ac01f55ea9246a88efd9de4328954bc4acb92f4dfaf8a072751e4e6c476441fdc97ee72e07c0900a0169dc3c42d646e2ea6b6be59bc667b88202d1628a9a76c4273ecf151a4a5973c3978b4ba10017c29d7c4b2771a628aae92001c98d9f4f49e80076cba9e44d26b2ef66590fb9aa452640e30ac3c530bada5b63c2fecada0079137476e4c07e7730004f71da8c6dd67d3e849174f670e9509f4fe81045cffab0b6564866b9433d32a41f758536581")
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x1f40)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/mnt\x00')
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880)
mmap$auto(0x6b0b, 0xe983, 0x9, 0x13, 0xffffffffffffffff, 0x8000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe01c0, 0x0)
r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r4, 0x4040ae79, r5)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
socket(0xa, 0x1, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b)
process_mrelease$auto(0xffffffffffffffff, 0xa)
write$auto(0x3, 0x0, 0x100082)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/bus/usb/drivers/smsc95xx/new_id\x00', 0x412000, 0x0)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
semctl$auto_SETALL(0x9, 0xd, 0x11, 0x8)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)

6.480835086s ago: executing program 2 (id=2488):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x20000, 0x0)
ioctl$auto_ECCGETSTATS(r0, 0x80104d12, &(0x7f0000000100)={0x8001, 0x8, 0x7ff, 0x4})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0xa, 0x1)
r1 = getpgid$auto(0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x3, 0x1)
getsockopt$auto_SO_DEBUG(r2, 0x9, 0x1, 0x0, 0x0)
getpgrp(r1)
r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x281901, 0x0)
ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r3, 0x80083314, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
io_uring_setup$auto(0x40000002c55, 0x0)
socket(0x21, 0x2, 0xa)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0xc, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)

5.342285122s ago: executing program 0 (id=2489):
r0 = inotify_init1$auto(0x3000000000000)
read$auto(r0, 0x0, 0x7)
ioctl$auto_UBI_IOCDET(r0, 0x40046f41, &(0x7f0000000000)=0x280)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x44eb2, 0xffffffffffffffff, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x40000000)

5.031796085s ago: executing program 2 (id=2490):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/sys/net/sctp/rto_alpha_exp_divisor\x00', 0x900, 0x0)
read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='0\x00\\9(\xba\xea\x99\xfc|U\x1c\xc7k', 0x81)

4.806746526s ago: executing program 2 (id=2492):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x485, 0x7, 0xe08}]})
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$auto(r1, 0x5522, 0xf15)
ioctl$auto(r1, 0x5523, r1)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a0000000800", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)
r2 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/devices\x00', 0x0, 0x0)
preadv$auto(r2, &(0x7f0000009180)={&(0x7f0000008180), 0x80000001}, 0x26, 0x80, 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
r3 = timerfd_create$auto(0x0, 0x800)
timerfd_settime$auto(r3, 0x2, &(0x7f0000000040)={{0x8, 0x7}, {0x0, 0xa2b}}, 0x0)
read$auto(0x3, 0x0, 0x80)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/cable#1\x00', 0xc0f02, 0x0)
pread64$auto(r4, 0x0, 0x3, 0x5ef6)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.394559429s ago: executing program 0 (id=2495):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x20d00, 0x0)
read$auto_proc_oom_adj_operations_base(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00'})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@id={0x1e, 0x3, 0x2, {0x4e20, 0x3}}, 0x0)
sysfs$auto(0x2, 0x1f, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x1e, 0x4, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(r2, 0x5, 0x87, 0x0, 0x14)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/watchdog_cpumask\x00', 0x141241, 0x0)
write$auto(r4, 0x0, 0x0)
futex_wait$auto(&(0x7f0000000000)="97c5331471d17ede0e68263c06be27061fe0b1affd1e7c", 0x0, 0x6, 0x4, &(0x7f0000000040)={0xc3, 0x2}, 0xffffff51)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0x0, 0x5, 0x84)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000940)={'batadv0\x00', <r6=>0x0})
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3b3d2ab57000fedbdf0100000007000040", @ANYRES32=r6, @ANYBLOB='\n\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x28}}, 0x80)
sendto$auto(r4, 0x0, 0x5, 0x101, &(0x7f0000000000)=@generic={0xa, "000000000000fe8000"}, 0x1f)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)

4.255715021s ago: executing program 2 (id=2496):
keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a9, 0x7)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/vulnerabilities/tsx_async_abort\x00', 0xa000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
statmount$auto(0x0, 0x0, 0xffff, 0x7d)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0)

3.635067553s ago: executing program 0 (id=2498):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x20000, 0x0)
ioctl$auto_ECCGETSTATS(r0, 0x80104d12, &(0x7f0000000100)={0x8001, 0x8, 0x7ff, 0x4})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0xa, 0x1)
r1 = getpgid$auto(0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x3, 0x1)
getsockopt$auto_SO_DEBUG(r2, 0x9, 0x1, 0x0, 0x0)
getpgrp(r1)
r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x281901, 0x0)
ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r3, 0x80083314, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
io_uring_setup$auto(0x40000002c55, 0x0)
socket(0x21, 0x2, 0xa)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0xc, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)

3.412866438s ago: executing program 5 (id=2499):
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x10, 0x2, 0xc) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/damon_reclaim/parameters/enabled\x00', 0x1eb842, 0x0) (rerun: 32)
getcwd$auto(&(0x7f0000000000)='\x00', 0xc0000000000000)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab83, 0x0) (async, rerun: 32)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/input/event0\x00', 0x325d42, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101042, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4138ae84, &(0x7f0000000000)={0x7, 0x179})
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r3) (async)
ioctl$auto_KVM_GET_MSRS(r2, 0xc080aebe, &(0x7f00000000c0)={0x2})

3.316303686s ago: executing program 0 (id=2500):
r0 = socket(0x1f, 0x3, 0x3)
connect$auto(0x3, &(0x7f00000018c0)=@nl=@proc={0x10, 0x0, 0x25dfdbfb, 0x1000000}, 0x55)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
mmap$auto(0x800000000000, 0xfffffffffffeffff, 0x10000001c, 0x2000000000000eb1, r0, 0x4)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x2, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
socket(0x18, 0x1, 0x106)
r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/dynamic_events\x00', 0x821c2, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(r1, 0x0, 0x0)
r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x2001, 0x0)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0)
read$auto(r3, 0x0, 0x4)
r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execveat$auto(r2, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0xffc)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x103341, 0x0)
write$auto(r5, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@l2={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7}, 0x68)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1, 0x20000000)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
bind$auto(r6, &(0x7f0000000240)=@generic={0x11, "0000000000000000d29e006300"}, 0x80)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r7)
ioctl$auto_EVIOCGID(r4, 0x80084502, &(0x7f0000000040)={0x0, 0x4, 0x0, 0x7})
r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r8, &(0x7f0000000200)={0x0, 0x5}, 0x3)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x141000, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r9 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
writev$auto(r9, 0x0, 0x8)

3.129066135s ago: executing program 5 (id=2501):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0)
write$auto(r0, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
rt_sigqueueinfo$auto(0x0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0x200, 0x5, 0x5, @_sigsys={0x0, 0x9, 0x2}}})
mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff030}})
setsockopt$auto_SO_RCVPRIORITY(r0, 0x7, 0x52, &(0x7f0000000480)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x7)
r2 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x101, 0x0)
ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r2, 0x7b9, 0x0)
r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)=@token_create={0x5, <r4=>r3}, 0x4)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/fs/cifs/DebugData\x00', 0x2000, 0x0)
read$auto(r5, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0xc9e3)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000340), r4)
ioctl$auto_USB_RAW_IOCTL_EP_ENABLE(r4, 0x40095505, &(0x7f0000000580)={0x3, 0x9, 0xc, 0x6, 0x4, 0x7f, 0x5})
read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000020c0)=""/4093, 0xffd)
socket(0x6, 0x3, 0x9)

3.128824418s ago: executing program 1 (id=2439):
r0 = socket(0x2, 0x1, 0x0)
r1 = socket(0x2, 0x1, 0x84)
setsockopt$auto(r1, 0x84, 0x13, &(0x7f0000000180)='$+l\x00', 0xd4)
mmap$auto(0x0, 0x80000001, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socket(0x1f, 0x1, 0x5)
mmap$auto(0x0, 0xb00e, 0x4000000000df, 0x40000000000eb1, r2, 0x56)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff, 0x2}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, 0x0, 0x800, 0x70bd38, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x2004c804}, 0x20040810)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
recvmmsg$auto(r2, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x400002)
mlockall$auto(0x1)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r0)
r4 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b7e, r4, 0x8000)
r5 = io_uring_setup$auto(0x406, 0x0)
io_uring_register$auto_IORING_REGISTER_PBUF_RING(r5, 0x16, 0x0, 0x7)
clock_adjtime$auto(0x10, &(0x7f0000000640)={0xb7, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x6, 0x3, 0x0, 0x7, 0x6, 0x8, {0x0, 0x5}, 0xfffffffffffffff8, 0x3, 0x5, 0x7fffffff, 0x0, 0x16, 0x1, 0xaac, 0x5, 0x2, 0x4})

2.638711081s ago: executing program 2 (id=2502):
unshare$auto(0x40000080)
mmap$auto(0x9, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r0 = gettid()
socket(0x1e, 0x1, 0x0)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
kill$auto(r0, 0x11)

2.383443871s ago: executing program 5 (id=2503):
r0 = socket(0x21, 0x5, 0xc)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)
setrlimit$auto(0x8, 0x0)
mmap$auto(0x7fffffffe000, 0x61, 0x100001000000004, 0xfa31, 0x403, 0x8000)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
setrlimit$auto(0x7ff, &(0x7f0000000080)={0x0, 0x5})
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x40, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000280)={{@raw=0x8, 0xfffffffb, 0xffff7fff, 0x76e, "d63c7ffb100ee52a74f48f4ca27fcdac2e3b77d33856c3ecaaee706deb88e88696c3a45038ea15cd8a6adb08", @inferred=0xffffffffffffffff}, 0x2cfb, 0x6, 0xffffffff, @raw=0x6c, @integer={0x8, 0x3, 0xbf08}, "d1ec134c4dedbec46488ba98f4048ffab7658312d9af8e7c4b68b8cbef7b9061ee5bc2298355694ff90ee3d02e8bc5b8555fc3637395bc9d46da693616ac5713"})
landlock_add_rule$auto(r0, 0x3, 0x0, 0x4)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f00000001c0)="9a8c332b7bb007011be5022337ea3747fb9ab0e347111246671188bfe757460c28d30d1f0959f288e6efd624cca7a31ae688d64e08a0be8ac7d4635926095160c009184b5f7a8fad4a32df4414d68e5026ac56a1b2dddcb60e1d299b5f17a14b35a1664caffd533eaa5c68da3b970f099774fa8a49741379b878b054ad5a91d2589672d14278fccc245ff16637249a32", 0xd, &(0x7f00000000c0)={0x0, 0x1fff8}, 0xa, 0x0, 0x7, 0xa}, 0xfff}, 0x1002, 0x311)
ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0)
bpf$auto(0x95b3, &(0x7f00000003c0)=@test={r1, 0x1, 0xfffffffa, 0x6, 0x3fffffffc00000, 0x0, 0xf, 0x4, 0x5, 0x9, 0x9, 0x4, 0x0, 0x8, 0x4}, 0x4)
setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14)
socket(0x21, 0x5, 0xc) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) (async)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) (async)
setrlimit$auto(0x8, 0x0) (async)
mmap$auto(0x7fffffffe000, 0x61, 0x100001000000004, 0xfa31, 0x403, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
setrlimit$auto(0x7ff, &(0x7f0000000080)={0x0, 0x5}) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x40, 0x0) (async)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000280)={{@raw=0x8, 0xfffffffb, 0xffff7fff, 0x76e, "d63c7ffb100ee52a74f48f4ca27fcdac2e3b77d33856c3ecaaee706deb88e88696c3a45038ea15cd8a6adb08", @inferred=0xffffffffffffffff}, 0x2cfb, 0x6, 0xffffffff, @raw=0x6c, @integer={0x8, 0x3, 0xbf08}, "d1ec134c4dedbec46488ba98f4048ffab7658312d9af8e7c4b68b8cbef7b9061ee5bc2298355694ff90ee3d02e8bc5b8555fc3637395bc9d46da693616ac5713"}) (async)
landlock_add_rule$auto(r0, 0x3, 0x0, 0x4) (async)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f00000001c0)="9a8c332b7bb007011be5022337ea3747fb9ab0e347111246671188bfe757460c28d30d1f0959f288e6efd624cca7a31ae688d64e08a0be8ac7d4635926095160c009184b5f7a8fad4a32df4414d68e5026ac56a1b2dddcb60e1d299b5f17a14b35a1664caffd533eaa5c68da3b970f099774fa8a49741379b878b054ad5a91d2589672d14278fccc245ff16637249a32", 0xd, &(0x7f00000000c0)={0x0, 0x1fff8}, 0xa, 0x0, 0x7, 0xa}, 0xfff}, 0x1002, 0x311) (async)
ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) (async)
bpf$auto(0x95b3, &(0x7f00000003c0)=@test={r1, 0x1, 0xfffffffa, 0x6, 0x3fffffffc00000, 0x0, 0xf, 0x4, 0x5, 0x9, 0x9, 0x4, 0x0, 0x8, 0x4}, 0x4) (async)
setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) (async)

2.128932434s ago: executing program 5 (id=2504):
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xfffffffffffffff4}, 0xe)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcsa1\x00', 0x101041, 0x0)
write$auto(r0, 0x0, 0x5)
write$auto(0x3, 0x0, 0x81)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/amidi2\x00', 0x202, 0x0)
ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f0000000540)={r1, &(0x7f0000000580)="358c8f211f40ff51fab543f54f073002000000a5cb15fb32a11ac375c184523ecc2f00705b93f940a762e24e3f3b34ba370a7a62e09ba5844e19d90a9e2e7cf89b14b92be30a3103008970549617bf23fa94cb391dac209487f2bee0fbf90e3c6e9eb88add5b435263955bf65a0c9f9a79d04780adc91f17a834efa36910f73191a91a817c454d4924648a98c9398b5e2778172030a503ba986b414aa94749eb80ea39ca39052b8df2cfc61340850ebbaccf6339d8c14a0000000000479cc7b9639201000000000000007d9d816d7c9dc36e8e5e64fc961aa5208701a577c4459be18089653b098b36aa6951ba5c13aabd9e921aa46c618c7d53e616fa3853d39130093a40e381b951a540dafb220af50363f784fa0faf954c20eed41023f7a342827a2de941ccd65fbd7fa4d60a8f9692084d2ddf2cc6d8fe06d6cc49d82dbc127aa44fcc776c60768e02ba4c9afff777afb42f88f9f692d4f1ae46212b43a8d70ced7bf9ee23588e88ec70517b58f94e2c96c2700de46df7d093a56df17af1803e2c6f968f611d09a9f76c0ad277cad15dbb6f1d5fed642339ba7b12e43083d6a9b244b85091ef82623d825c9373c8fa485bf7b2dd948561f698a52a1cfe1795cb3cf876ef759c09ce15cc0003a9ada4eb8a691aa43e7d1834a7fcd9d7bcf0de08b80794a296361f9a5df9d84ce838bc8d1c3c03b4800ca7e9bf911bee5000de94c954a39c40e4b3693e09359e98257bafba071613db682291e36a377ee893a28d37dd9999dfab7f4a4fcc8729302312fc3db3975070bf388e79e2548925a80940db443acf05ed5db31eb4d5cd90c0a18c0457d59abfdd9000dc3951ba914955d76920c97025b3b0f5eab779d15959bd", 0x1, &(0x7f0000000380)="bf96542eb6484cab51bb59c88120d1c9eb8e83d533c3ee0e7f4c68e9ed948c57e966bd3caeeb11d0fc09c4b1b5040285d51322221f4d29cdfd58fec73ab0d7599682c06c74aeb7374dcd303849451a0688a5f885d51bd69b96268f5d39f9824faa530afd87f1159898b78214074c573b03b700f92949623e980535084492624c7a25e74210c391cc5344bc90af2e18c49afde44bdda5348f73928c25f06783741552beb97e5f70ea34247ba081386b86c69399ae7ee1c50c0b79fe43bc97fea14b904bb1cc538477ce815264da39cf81a01dab21f2c122186bc6876b5b6f41e4cc8a1ad66464bc8c", 0x8001, &(0x7f0000000480)="c9ac44e3a1dc83abc8cd21f8da7e6fd29cda6342a2107cc0a93eb3eccbf9f785ad5fc42b86ea99aa54696d4d5d2d38e93aafd12d4959e50d95cd1b2fc0ec02fa0fb5581e885d5f7d82b445b9c81edb15a1aaab943585f244348708a0987e961a67d919d15d583c12425057f907722deb472c2a7514ba6e1228f69cf67fbf4b86", &(0x7f0000000500)=0x3})
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffd, &(0x7f0000000080)={0x0, 0x1}, 0xa, 0x0, 0x4, 0x401}, 0xed7138c}, 0xfffffffd, 0x0)
r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/wlan1/forwarding\x00', 0x202, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7fffe000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18)
fremovexattr$auto(r4, &(0x7f0000000000)='system.posix_acl_access\x00')
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r5 = open(0x0, 0x22240, 0x155)
socket(0x2, 0x80802, 0x0)
ioctl$auto_VHOST_SET_VRING_CALL(r5, 0x4008af21, &(0x7f0000000240)={0xfffffffe, r2})
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/bdi/7:4/stats\x00', 0x2000, 0x0)
getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/wlan1/forwarding\x00', &(0x7f00000001c0)=0x1)
connect$auto(0x3, 0x0, 0x55)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x5ac, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r6, 0x0, 0x400000000006)

1.841156089s ago: executing program 5 (id=2505):
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/sctp/assocs\x00', 0x101080, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0x3)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40942, 0x0)
mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000340), r2)
sendmsg$auto_NETDEV_CMD_NAPI_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01000abd7040fddbffff0f"], 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x20000004)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/orangefs/op_timeout_secs\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)="b2", 0x1)
socketpair$auto(0x1e, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x0, 0xdc, 0x9b72, 0x2, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
epoll_ctl$auto(r1, 0x1, 0xffffffffffffffff, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x40006)
arch_prctl$auto_ARCH_MAP_VDSO_64(0x2003, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2ac842, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x220805, 0x0)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xd17d7845b8089d8, 0x0)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(0xffffffffffffffff, 0x0, 0x30004850)

91.835002ms ago: executing program 0 (id=2506):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2d, 0x2, 0x0)
ioctl$auto(0x3, 0x9, 0x91)
move_pages$auto(0xffffffffffffffff, 0x5, &(0x7f0000000080)=&(0x7f0000000040)="0eb86c41c71546258d8133da72104167ba0475dea67a28a16aaa437cc34ce0e560c3a8f1da8375170e3591081223b16504130d99a7aa", &(0x7f00000000c0)=0x4, &(0x7f0000000100)=0x6, 0x80000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x10000000000000b, 0x0)
r1 = socket(0x28, 0x1, 0x0)
r2 = getsockopt$auto(r1, 0x28, 0x8, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0xd, 0x6e9)
close_range$auto(0x2, 0x8, 0x0)
pwrite64$auto(r0, 0x0, 0x4e, 0x3)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r3, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xedKW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1\x1f\xf7uw\a\xd0\x83{_>/\xff', 0x100000001)
r4 = socket(0x23, 0x2, 0x0)
getdents64$auto(r2, &(0x7f0000000140)={0x7, 0xaba, 0x8, 0x9, "291f3cc8074ab9d7755e1c3cd33cd173c695794637826e532d9a2f56eb22aa92795c20fd8bacd2f8c8140574c217c4f78612ca6c1215e1fe14297451493e31d17bcc85d6a1e81ec27634005b1af4c396de51b5a68b8fbc7841b69b539f2d2afd509b08ff9267d3c33911b088b8c763694977360919527c0c45708c65e822a4195b7e2856ddca44dbf9b870a36506e18094397d36a7c196ab6278737605808f704b7d091412bfa4dbaed6db4aa67c091b1c3fa9e3dee88a"}, 0x2)
sendto$auto(r4, 0x0, 0x8000000008000, 0x0, &(0x7f0000000100)=@l2tp={0x2, 0x0, @local, 0x1}, 0x80)
waitid$auto_P_ALL(0x0, 0xffffffff, 0x0, 0x4005, &(0x7f0000000b40)={{0xffffffffffffffff}, {0xfffffffffffff4c5, 0x2}, 0x21, 0x10000, 0x0, 0xdd0, 0x7, 0x400000000000010, 0x0, 0x4, 0x7, 0x3, 0x100000, 0x96bd, 0x10000000000007ff, 0x6})
write$auto(r3, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/yama/ptrace_scope\x00', 0x88c42, 0x0)

91.584024ms ago: executing program 5 (id=2507):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x20000, 0x0)
ioctl$auto_ECCGETSTATS(r0, 0x80104d12, &(0x7f0000000100)={0x8001, 0x8, 0x7ff, 0x4})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0xa, 0x1)
r1 = getpgid$auto(0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x3, 0x1)
getsockopt$auto_SO_DEBUG(r2, 0x9, 0x1, 0x0, 0x0)
getpgrp(r1)
r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x281901, 0x0)
ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r3, 0x80083314, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
io_uring_setup$auto(0x40000002c55, 0x0)
socket(0x21, 0x2, 0xa)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0xc, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)

0s ago: executing program 1 (id=2508):
mkdir$auto(&(0x7f0000000240)='}[,&*}\x00', 0x7) (async)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10003, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
writev$auto(r0, 0x0, 0x2) (async)
write$auto(r0, &(0x7f00000000c0)='7\x00\\\x1c\xe7k\x00\x00\x00\x00\x00\x00\x00\x00', 0x8083a)
r1 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_ON(0x1000, 0x1, 0x0, 0x6, 0x4)
ioctl$auto_XFS_IOC_PATH_TO_HANDLE(r1, 0xc0385869, &(0x7f0000000480)={r0, &(0x7f0000000180)="e245526462fdd9025ac42131c7ee524ae74d55d607d62af44fd2204d4d28d0479e48c04988f0df91f41e8bb2867c5c61024341fcaa75ad2a0603398e0cbd5ddddc", 0x9bce, &(0x7f0000000280)="787d0e7102d6d6c27306ce6bc7623924c1570eed43d8b753ec81ca76560b9a5a6dbb1f7f2e9627396b7b661528ef147e563097a1b3e365da48dccd9f7a3bb7ed87f8de4a66671c8bc417b4a6e12ea8a0cfb1cd5e72a78af5f982977041f39c9c4b6fe24a64fb90d224f39fe00b8e7625a9f692d1ff3785a6a912ee409993422dd597ff7a4e85acf527dd66fbc3466b59094512771582c45e446d149b79919429adf82a028ee43aa2ee73a9033a", 0x7, &(0x7f0000000340)="662d117fb30f5cf8b8e5a22168ba3b96d8300a0b21305fc8f94ae512030cb7e49a2b51e5a75477d2142e826f54e1f0ec7a27b58dab4cadecefe7a51283f6184b0645c208ff24bb85e9c0f0ba44210911d3ee1602f437cbc086335bdb83a4b9ce8245dc1b49caa24ba2f18b94c03d5e1498b5fc4b7889de0116b91f6ff09d14f5689fcc9e1ceb15fc6692e87bb90014adf020061833a71517f996a38f13a8dfd2932b8a4e335f45ff2d2064b03afd86b11cf57a504dbbd485930d92ce0decbccfabbb8a3d2b4309", &(0x7f0000000440)=0x7f50}) (async)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', 0x0, 0x80) (async, rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0) (async, rerun: 32)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/smt/control\x00', 0xab42, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7fffeffd) (async, rerun: 64)
sendfile$auto(r2, r2, 0x0, 0x1) (rerun: 64)

kernel console output (not intermixed with test programs):

4205]  should_failslab+0xc2/0x120
[  492.831648][T14205]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  492.831671][T14205]  ? skb_clone+0x190/0x400
[  492.831691][T14205]  skb_clone+0x190/0x400
[  492.831707][T14205]  netlink_deliver_tap+0xaed/0xcc0
[  492.831731][T14205]  netlink_unicast+0x6a5/0x850
[  492.831753][T14205]  ? __pfx_netlink_unicast+0x10/0x10
[  492.831777][T14205]  ctrl_getfamily+0x417/0x550
[  492.831800][T14205]  ? __pfx_ctrl_getfamily+0x10/0x10
[  492.831823][T14205]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0
[  492.831844][T14205]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0
[  492.831878][T14205]  genl_family_rcv_msg_doit+0x214/0x300
[  492.831904][T14205]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  492.831926][T14205]  ? genl_get_cmd+0x3e7/0x760
[  492.831952][T14205]  ? __dev_queue_xmit+0xa10/0x4950
[  492.831973][T14205]  ? __radix_tree_lookup+0x217/0x2b0
[  492.831994][T14205]  genl_rcv_msg+0x560/0x800
[  492.832017][T14205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  492.832039][T14205]  ? __pfx_ctrl_getfamily+0x10/0x10
[  492.832068][T14205]  netlink_rcv_skb+0x159/0x420
[  492.832087][T14205]  ? __pfx_genl_rcv_msg+0x10/0x10
[  492.832111][T14205]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  492.832139][T14205]  ? netlink_deliver_tap+0x1ae/0xcc0
[  492.832161][T14205]  genl_rcv+0x28/0x40
[  492.832180][T14205]  netlink_unicast+0x585/0x850
[  492.832202][T14205]  ? __pfx_netlink_unicast+0x10/0x10
[  492.832226][T14205]  netlink_sendmsg+0x8b0/0xda0
[  492.832249][T14205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.832270][T14205]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  492.832296][T14205]  __sys_sendto+0x468/0x4b0
[  492.832309][T14205]  ? __pfx_netlink_sendmsg+0x10/0x10
[  492.832328][T14205]  ? __pfx___sys_sendto+0x10/0x10
[  492.832348][T14205]  ? fd_install+0x223/0x580
[  492.832374][T14205]  ? __pfx___sys_socket+0x10/0x10
[  492.832398][T14205]  __x64_sys_sendto+0xe0/0x1c0
[  492.832412][T14205]  ? do_syscall_64+0x90/0xf80
[  492.832431][T14205]  ? lockdep_hardirqs_on+0x78/0x100
[  492.832450][T14205]  do_syscall_64+0x10b/0xf80
[  492.832468][T14205]  ? clear_bhb_loop+0x40/0x90
[  492.832486][T14205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.832501][T14205] RIP: 0033:0x7f00d715d60e
[  492.832515][T14205] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  492.832530][T14205] RSP: 002b:00007f00d8108e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  492.832545][T14205] RAX: ffffffffffffffda RBX: 00007f00d810a6c0 RCX: 00007f00d715d60e
[  492.832556][T14205] RDX: 0000000000000020 RSI: 00007f00d8109000 RDI: 000000000000000b
[  492.832565][T14205] RBP: 0000000000000000 R08: 00007f00d8108f04 R09: 000000000000000c
[  492.832574][T14205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b
[  492.832584][T14205] R13: 00007f00d8108f58 R14: 00007f00d8109000 R15: 0000000000000000
[  492.832603][T14205]  </TASK>
[  493.277229][T14211] zram: Added device: zram1
[  494.926276][T14169] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260
[  494.926301][T14169] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260
[  494.941764][T14169] Bluetooth: hci1: Dropping invalid advertising data
[  494.951158][T14169] Bluetooth: hci1: unknown advertising packet type: 0xe9
[  494.951184][T14169] Bluetooth: hci1: unknown advertising packet type: 0x8b
[  494.958508][T14169] Bluetooth: hci1: unknown advertising packet type: 0xee
[  495.052698][T14256] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1692'.
[  497.999761][T14350] netlink: 198 bytes leftover after parsing attributes in process `syz.0.1709'.
[  501.059537][T14416] zswap: compressor  not available
[  501.526211][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  501.532573][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  501.731231][T14454] ubi: mtd0 is already attached to ubi0
[  503.710537][T14475] program syz.3.1732 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  505.448125][T14525] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1741'.
[  505.841761][T14527] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  507.061637][T14550] netlink: 'syz.3.1745': attribute type 11 has an invalid length.
[  507.951378][T14557] FAULT_INJECTION: forcing a failure.
[  507.951378][T14557] name failslab, interval 1, probability 0, space 0, times 0
[  508.051064][T14557] CPU: 0 UID: 0 PID: 14557 Comm: syz.2.1748 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  508.051089][T14557] Tainted: [L]=SOFTLOCKUP
[  508.051095][T14557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  508.051105][T14557] Call Trace:
[  508.051111][T14557]  <TASK>
[  508.051117][T14557]  dump_stack_lvl+0x100/0x190
[  508.051140][T14557]  should_fail_ex.cold+0x5/0xa
[  508.051161][T14557]  should_failslab+0xc2/0x120
[  508.051218][T14557]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  508.051244][T14557]  ? sk_prot_alloc+0x60/0x2a0
[  508.051267][T14557]  sk_prot_alloc+0x60/0x2a0
[  508.051286][T14557]  sk_alloc+0x36/0xe80
[  508.051301][T14557]  inet_create+0x3a0/0x1060
[  508.051325][T14557]  ? inet_create+0x94/0x1060
[  508.051349][T14557]  __sock_create+0x339/0x860
[  508.051372][T14557]  __sys_socket+0x14d/0x260
[  508.051392][T14557]  ? __pfx___sys_socket+0x10/0x10
[  508.051411][T14557]  ? ksys_write+0x1ac/0x250
[  508.051432][T14557]  __x64_sys_socket+0x72/0xb0
[  508.051452][T14557]  ? lockdep_hardirqs_on+0x78/0x100
[  508.051471][T14557]  do_syscall_64+0x10b/0xf80
[  508.051488][T14557]  ? clear_bhb_loop+0x40/0x90
[  508.051507][T14557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.051522][T14557] RIP: 0033:0x7f00d719cdd9
[  508.051536][T14557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  508.051551][T14557] RSP: 002b:00007f00d810a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  508.051566][T14557] RAX: ffffffffffffffda RBX: 00007f00d7416090 RCX: 00007f00d719cdd9
[  508.051576][T14557] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  508.051585][T14557] RBP: 00007f00d7232d69 R08: 0000000000000000 R09: 0000000000000000
[  508.051593][T14557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  508.051602][T14557] R13: 00007f00d7416128 R14: 00007f00d7416090 R15: 00007ffda82a1128
[  508.051628][T14557]  </TASK>
[  509.735604][T14583] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1754'.
[  509.874915][T14585] netlink: 11788 bytes leftover after parsing attributes in process `syz.2.1754'.
[  509.922816][T14583] gretap0: refused to change device tx_queue_len
[  509.961540][T14583] netlink: 11788 bytes leftover after parsing attributes in process `syz.2.1754'.
[  510.214258][T14600] random: crng reseeded on system resumption
[  510.648878][T14624] netlink: zone id is out of range
[  510.690072][T14624] netlink: zone id is out of range
[  510.738326][T14624] netlink: zone id is out of range
[  510.822819][T14624] netlink: set zone limit has 8 unknown bytes
[  512.060132][T14648] NFSD: Failed to start, no listeners configured.
[  514.770809][T14693] bridge0: port 4(team0) entered blocking state
[  514.797237][T14693] bridge0: port 4(team0) entered disabled state
[  514.824173][T14693] team0: entered allmulticast mode
[  514.843305][T14693] team_slave_1: entered allmulticast mode
[  514.871719][T14693] team0: entered promiscuous mode
[  514.891539][T14693] team_slave_1: entered promiscuous mode
[  514.912016][T14693] bridge0: port 4(team0) entered blocking state
[  514.918422][T14693] bridge0: port 4(team0) entered forwarding state
[  516.257567][T14711] Process accounting resumed
[  517.613942][T14741] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1785'.
[  517.847039][T14753] blktrace: Concurrent blktraces are not allowed on sda1
[  518.071705][   T30] audit: type=1800 audit(1843112665.003:52): pid=14757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1789" name="discovery_nqn" dev="configfs" ino=54844 res=0 errno=0
[  522.127873][T14793] Process accounting resumed
[  525.778435][T14914] netlink: Setting conntrack mark requires 'commit' flag.
[  525.793757][T14169] Bluetooth: hci3: Malformed HCI Event
[  525.816059][T14924] netlink: Setting conntrack mark requires 'commit' flag.
[  528.058564][T14977] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1829'.
[  529.450200][T15017] FAULT_INJECTION: forcing a failure.
[  529.450200][T15017] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  529.515357][T15020] random: crng reseeded on system resumption
[  529.567048][T15017] CPU: 0 UID: 0 PID: 15017 Comm: syz.1.1837 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  529.567073][T15017] Tainted: [L]=SOFTLOCKUP
[  529.567079][T15017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  529.567088][T15017] Call Trace:
[  529.567093][T15017]  <TASK>
[  529.567099][T15017]  dump_stack_lvl+0x100/0x190
[  529.567121][T15017]  should_fail_ex.cold+0x5/0xa
[  529.567139][T15017]  ? prepare_alloc_pages+0x16d/0x5f0
[  529.567159][T15017]  should_fail_alloc_page+0xeb/0x140
[  529.567181][T15017]  prepare_alloc_pages+0x1f0/0x5f0
[  529.567202][T15017]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  529.567225][T15017]  ? __pfx_is_bpf_text_address+0x1/0x10
[  529.567247][T15017]  ? is_bpf_text_address+0x8a/0x1a0
[  529.567267][T15017]  ? bpf_ksym_find+0x124/0x1c0
[  529.567282][T15017]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  529.567304][T15017]  ? is_bpf_text_address+0x94/0x1a0
[  529.567324][T15017]  ? kernel_text_address+0x8d/0x100
[  529.567339][T15017]  ? __kernel_text_address+0xd/0x30
[  529.567354][T15017]  ? unwind_get_return_address+0x59/0xa0
[  529.567374][T15017]  ? arch_stack_walk+0xa6/0xf0
[  529.567392][T15017]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  529.567424][T15017]  ? stack_depot_save_flags+0x27/0x9d0
[  529.567441][T15017]  ? stack_trace_save+0x8e/0xc0
[  529.567462][T15017]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  529.567484][T15017]  ? policy_nodemask+0xed/0x4f0
[  529.567502][T15017]  alloc_pages_mpol+0x1fb/0x540
[  529.567521][T15017]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  529.567543][T15017]  alloc_pages_noprof+0x1a/0x160
[  529.567562][T15017]  kimage_alloc_pages+0x72/0x380
[  529.567585][T15017]  kimage_alloc_control_pages+0x157/0xa20
[  529.567612][T15017]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  529.567639][T15017]  do_kexec_load+0x275/0x810
[  529.567662][T15017]  ? __pfx_do_kexec_load+0x10/0x10
[  529.567686][T15017]  ? _copy_from_user+0x59/0xd0
[  529.567710][T15017]  __x64_sys_kexec_load+0x1bf/0x230
[  529.567734][T15017]  do_syscall_64+0x10b/0xf80
[  529.567753][T15017]  ? clear_bhb_loop+0x40/0x90
[  529.567772][T15017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.567789][T15017] RIP: 0033:0x7f7ace79cdd9
[  529.567802][T15017] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  529.567817][T15017] RSP: 002b:00007f7acf6fd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  529.567831][T15017] RAX: ffffffffffffffda RBX: 00007f7acea15fa0 RCX: 00007f7ace79cdd9
[  529.567841][T15017] RDX: 0000200000000100 RSI: 0000000000000002 RDI: 0000000000000005
[  529.567858][T15017] RBP: 00007f7ace832d69 R08: 0000000000000000 R09: 0000000000000000
[  529.567867][T15017] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  529.567877][T15017] R13: 00007f7acea16038 R14: 00007f7acea15fa0 R15: 00007ffdc3e19cf8
[  529.567897][T15017]  </TASK>
[  529.856444][T15017] kexec: Could not allocate control_code_buffer
[  530.345387][T15021] zswap: compressor  not available
[  531.040798][T15035] random: crng reseeded on system resumption
[  537.185363][T15129] program syz.3.1859 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  537.201412][T15128] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1861'.
[  538.652143][T15150] ubi: mtd0 is already attached to ubi0
[  540.164699][T14169] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  540.268748][T15181] FAULT_INJECTION: forcing a failure.
[  540.268748][T15181] name failslab, interval 1, probability 0, space 0, times 0
[  540.436195][T15189] futex_wake_op: syz.1.1873 tries to shift op by -2048; fix this program
[  540.536547][T15181] CPU: 0 UID: 0 PID: 15181 Comm: syz.1.1873 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  540.536575][T15181] Tainted: [L]=SOFTLOCKUP
[  540.536581][T15181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  540.536596][T15181] Call Trace:
[  540.536602][T15181]  <TASK>
[  540.536608][T15181]  dump_stack_lvl+0x100/0x190
[  540.536631][T15181]  should_fail_ex.cold+0x5/0xa
[  540.536652][T15181]  should_failslab+0xc2/0x120
[  540.536670][T15181]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  540.536693][T15181]  ? __kernfs_new_node+0xd2/0x9f0
[  540.536714][T15181]  __kernfs_new_node+0xd2/0x9f0
[  540.536732][T15181]  ? __pfx___kernfs_new_node+0x10/0x10
[  540.536753][T15181]  ? find_held_lock+0x2b/0x80
[  540.536771][T15181]  ? kernfs_root+0xee/0x2a0
[  540.536786][T15181]  ? kernfs_root+0xee/0x2a0
[  540.536806][T15181]  kernfs_new_node+0x11b/0x1a0
[  540.536827][T15181]  __kernfs_create_file+0x53/0x350
[  540.536852][T15181]  sysfs_add_file_mode_ns+0x207/0x3c0
[  540.536871][T15181]  sysfs_merge_group+0x194/0x340
[  540.536889][T15181]  ? __pfx_sysfs_merge_group+0x10/0x10
[  540.536905][T15181]  ? bus_add_device+0x368/0x6b0
[  540.536929][T15181]  ? __pfx_bus_add_device+0x10/0x10
[  540.536950][T15181]  ? __pfx_dev_add_physical_location+0x10/0x10
[  540.536972][T15181]  dpm_sysfs_add+0x237/0x280
[  540.536992][T15181]  device_add+0x9ef/0x1950
[  540.537012][T15181]  ? __pfx_device_add+0x10/0x10
[  540.537029][T15181]  ? lockdep_init_map_type+0x5c/0x250
[  540.537045][T15181]  ? __init_waitqueue_head+0xca/0x150
[  540.537067][T15181]  rfkill_register+0x1ad/0xb30
[  540.537085][T15181]  nfc_register_device+0x11f/0x3e0
[  540.537107][T15181]  nci_register_device+0x7f1/0xb80
[  540.537123][T15181]  ? __pfx_nci_register_device+0x10/0x10
[  540.537142][T15181]  ? lockdep_init_map_type+0x5c/0x250
[  540.537160][T15181]  virtual_ncidev_open+0x141/0x220
[  540.537183][T15181]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  540.537204][T15181]  misc_open+0x26d/0x450
[  540.537223][T15181]  ? __pfx_misc_open+0x10/0x10
[  540.537239][T15181]  chrdev_open+0x234/0x6a0
[  540.537257][T15181]  ? __pfx_apparmor_file_open+0x10/0x10
[  540.537280][T15181]  ? __pfx_chrdev_open+0x10/0x10
[  540.537299][T15181]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  540.537322][T15181]  do_dentry_open+0x6d8/0x1660
[  540.537340][T15181]  ? __pfx_chrdev_open+0x10/0x10
[  540.537363][T15181]  vfs_open+0x82/0x3f0
[  540.537386][T15181]  path_openat+0x208c/0x31a0
[  540.537411][T15181]  ? __pfx_path_openat+0x10/0x10
[  540.537437][T15181]  do_file_open+0x20e/0x430
[  540.537457][T15181]  ? __pfx_do_file_open+0x10/0x10
[  540.537489][T15181]  ? alloc_fd+0x476/0x790
[  540.537508][T15181]  ? do_getname+0x191/0x390
[  540.537531][T15181]  do_sys_openat2+0x10d/0x1e0
[  540.537553][T15181]  ? __pfx_do_sys_openat2+0x10/0x10
[  540.537580][T15181]  ? __fget_files+0x21f/0x3d0
[  540.537609][T15181]  __x64_sys_openat+0x12d/0x210
[  540.537633][T15181]  ? __pfx___x64_sys_openat+0x10/0x10
[  540.537660][T15181]  ? rcu_is_watching+0x12/0xc0
[  540.537681][T15181]  do_syscall_64+0x10b/0xf80
[  540.537699][T15181]  ? clear_bhb_loop+0x40/0x90
[  540.537718][T15181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.537733][T15181] RIP: 0033:0x7f7ace79cdd9
[  540.537747][T15181] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  540.537762][T15181] RSP: 002b:00007f7acf6fd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  540.537777][T15181] RAX: ffffffffffffffda RBX: 00007f7acea15fa0 RCX: 00007f7ace79cdd9
[  540.537788][T15181] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  540.537798][T15181] RBP: 00007f7ace832d69 R08: 0000000000000000 R09: 0000000000000000
[  540.537807][T15181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  540.537816][T15181] R13: 00007f7acea16038 R14: 00007f7acea15fa0 R15: 00007ffdc3e19cf8
[  540.537837][T15181]  </TASK>
[  541.340790][T15189] futex_wake_op: syz.1.1873 tries to shift op by -2048; fix this program
[  541.580281][   T30] audit: type=1804 audit(1843112688.203:53): pid=15194 uid=2 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1875" name="/newroot/442/file0" dev="tmpfs" ino=2358 res=1 errno=0
[  541.733125][   T30] audit: type=1804 audit(1843112688.223:54): pid=15194 uid=2 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1875" name="/newroot/442/file0" dev="tmpfs" ino=2358 res=1 errno=0
[  543.201026][T15226] tipc: Started in network mode
[  543.207831][T15226] tipc: Node identity ee00, cluster identity 4711
[  543.230609][T15226] tipc: Node number set to 60928
[  543.490413][T15232] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1882'.
[  543.920515][T15240] netlink: 'syz.0.1884': attribute type 33 has an invalid length.
[  546.345352][T15284] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-1)
[  546.416004][T15284] ima: policy update failed
[  546.489329][   T30] audit: type=1802 audit(1843112693.423:55): pid=15284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1893" res=0 errno=0
[  546.552166][T15289] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  546.909231][T15299] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1896'.
[  546.929492][T15289] Process accounting paused
[  548.418269][T15332] netlink: 'syz.0.1902': attribute type 11 has an invalid length.
[  548.469439][T15333] netlink: 'syz.0.1902': attribute type 11 has an invalid length.
[  548.549074][T15335] FAULT_INJECTION: forcing a failure.
[  548.549074][T15335] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  548.761590][T15335] CPU: 0 UID: 0 PID: 15335 Comm: syz.2.1898 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  548.761616][T15335] Tainted: [L]=SOFTLOCKUP
[  548.761622][T15335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  548.761632][T15335] Call Trace:
[  548.761637][T15335]  <TASK>
[  548.761643][T15335]  dump_stack_lvl+0x100/0x190
[  548.761666][T15335]  should_fail_ex.cold+0x5/0xa
[  548.761683][T15335]  ? prepare_alloc_pages+0x16d/0x5f0
[  548.761712][T15335]  should_fail_alloc_page+0xeb/0x140
[  548.761731][T15335]  prepare_alloc_pages+0x1f0/0x5f0
[  548.761753][T15335]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  548.761778][T15335]  ? find_held_lock+0x2b/0x80
[  548.761797][T15335]  ? is_bpf_text_address+0x8a/0x1a0
[  548.761819][T15335]  ? __lock_acquire+0x4a5/0x2630
[  548.761838][T15335]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  548.761863][T15335]  ? lock_acquire+0x1b1/0x370
[  548.761877][T15335]  ? find_held_lock+0x2b/0x80
[  548.761900][T15335]  ? find_held_lock+0x2b/0x80
[  548.761918][T15335]  ? debug_check_no_obj_freed+0x31f/0x630
[  548.761943][T15335]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  548.761966][T15335]  ? policy_nodemask+0xed/0x4f0
[  548.761985][T15335]  alloc_pages_mpol+0x1fb/0x540
[  548.762006][T15335]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  548.762028][T15335]  folio_alloc_mpol_noprof+0x36/0x260
[  548.762048][T15335]  shmem_alloc_folio+0x135/0x160
[  548.762070][T15335]  shmem_alloc_and_add_folio+0x371/0xd40
[  548.762098][T15335]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  548.762123][T15335]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  548.762151][T15335]  shmem_get_folio_gfp+0x6ab/0x1900
[  548.762170][T15335]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  548.762184][T15335]  ? filemap_map_pages+0x9c1/0x2140
[  548.762211][T15335]  shmem_fault+0x1f9/0xa20
[  548.762227][T15335]  ? __pfx_shmem_fault+0x10/0x10
[  548.762243][T15335]  ? __pfx_filemap_map_pages+0x10/0x10
[  548.762268][T15335]  ? find_held_lock+0x2b/0x80
[  548.762289][T15335]  __do_fault+0x10b/0x440
[  548.762305][T15335]  do_fault+0xa99/0x1750
[  548.762327][T15335]  __handle_mm_fault+0x187d/0x2a00
[  548.762351][T15335]  ? mt_find+0x45e/0x8e0
[  548.762372][T15335]  ? __pfx___handle_mm_fault+0x10/0x10
[  548.762392][T15335]  ? __pfx_mt_find+0x10/0x10
[  548.762421][T15335]  ? find_vma+0xbf/0x140
[  548.762436][T15335]  ? __pfx_find_vma+0x10/0x10
[  548.762454][T15335]  handle_mm_fault+0x36d/0xa20
[  548.762479][T15335]  do_user_addr_fault+0x74c/0x12f0
[  548.762500][T15335]  ? trace_page_fault_kernel+0x7a/0x200
[  548.762519][T15335]  exc_page_fault+0x6f/0xd0
[  548.762538][T15335]  asm_exc_page_fault+0x26/0x30
[  548.762552][T15335] RIP: 0010:__get_user_8+0x14/0x30
[  548.762568][T15335] Code: ca e9 00 94 04 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <48> 8b 10 31 c0 0f 01 ca e9 cf 93 04 00 66 66 2e 0f 1f 84 00 00 00
[  548.762583][T15335] RSP: 0018:ffffc90003cb7d38 EFLAGS: 00050287
[  548.762596][T15335] RAX: 0000000000001000 RBX: 0000000000000000 RCX: ffffc9000f6e1000
[  548.762606][T15335] RDX: 00007ffffffff000 RSI: ffffffff8257af21 RDI: ffffffff8c1c2480
[  548.762616][T15335] RBP: 0000000000000200 R08: 0000000000000001 R09: 00000000000001c5
[  548.762625][T15335] R10: 0000000000000200 R11: 0000000000000000 R12: 00000000ffffffff
[  548.762634][T15335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  548.762648][T15335]  ? __might_fault+0x111/0x140
[  548.762672][T15335]  kernel_move_pages+0x325/0x13f0
[  548.762703][T15335]  ? __pfx_kernel_move_pages+0x10/0x10
[  548.762732][T15335]  ? ksys_write+0x1ac/0x250
[  548.762753][T15335]  __x64_sys_move_pages+0xe0/0x1c0
[  548.762772][T15335]  ? do_syscall_64+0x90/0xf80
[  548.762791][T15335]  ? lockdep_hardirqs_on+0x78/0x100
[  548.762809][T15335]  do_syscall_64+0x10b/0xf80
[  548.762827][T15335]  ? clear_bhb_loop+0x40/0x90
[  548.762845][T15335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.762859][T15335] RIP: 0033:0x7f00d719cdd9
[  548.762872][T15335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  548.762886][T15335] RSP: 002b:00007f00d80e9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  548.762899][T15335] RAX: ffffffffffffffda RBX: 00007f00d7416180 RCX: 00007f00d719cdd9
[  548.762909][T15335] RDX: 0000000000000000 RSI: 0000000000001002 RDI: 0000000000000000
[  548.762918][T15335] RBP: 00007f00d7232d69 R08: 0000000000000000 R09: 0000000000000002
[  548.762926][T15335] R10: 0000200000001140 R11: 0000000000000246 R12: 0000000000000000
[  548.762935][T15335] R13: 00007f00d7416218 R14: 00007f00d7416180 R15: 00007ffda82a1128
[  548.762955][T15335]  </TASK>
[  549.811070][T15182] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  549.878503][T15348] FAULT_INJECTION: forcing a failure.
[  549.878503][T15348] name failslab, interval 1, probability 0, space 0, times 0
[  550.009721][T15352] futex_wake_op: syz.3.1906 tries to shift op by -2048; fix this program
[  550.053606][T15348] CPU: 0 UID: 0 PID: 15348 Comm: syz.3.1906 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  550.053633][T15348] Tainted: [L]=SOFTLOCKUP
[  550.053639][T15348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  550.053648][T15348] Call Trace:
[  550.053654][T15348]  <TASK>
[  550.053660][T15348]  dump_stack_lvl+0x100/0x190
[  550.053682][T15348]  should_fail_ex.cold+0x5/0xa
[  550.053703][T15348]  should_failslab+0xc2/0x120
[  550.053721][T15348]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  550.053743][T15348]  ? __kernfs_new_node+0xd2/0x9f0
[  550.053763][T15348]  __kernfs_new_node+0xd2/0x9f0
[  550.053780][T15348]  ? kernfs_add_one+0x214/0x850
[  550.053799][T15348]  ? __pfx___kernfs_new_node+0x10/0x10
[  550.053819][T15348]  ? find_held_lock+0x2b/0x80
[  550.053838][T15348]  ? kernfs_root+0xee/0x2a0
[  550.053852][T15348]  ? kernfs_root+0xee/0x2a0
[  550.053872][T15348]  kernfs_new_node+0x11b/0x1a0
[  550.053893][T15348]  kernfs_create_link+0xcc/0x240
[  550.053917][T15348]  sysfs_do_create_link_sd+0x90/0x140
[  550.053935][T15348]  sysfs_create_link+0x61/0xc0
[  550.053950][T15348]  device_add+0x553/0x1950
[  550.053971][T15348]  ? __pfx_device_add+0x10/0x10
[  550.053988][T15348]  ? lockdep_init_map_type+0x5c/0x250
[  550.054004][T15348]  ? __init_waitqueue_head+0xca/0x150
[  550.054028][T15348]  rfkill_register+0x1ad/0xb30
[  550.054046][T15348]  nfc_register_device+0x11f/0x3e0
[  550.054067][T15348]  nci_register_device+0x7f1/0xb80
[  550.054083][T15348]  ? __pfx_nci_register_device+0x10/0x10
[  550.054101][T15348]  ? lockdep_init_map_type+0x5c/0x250
[  550.054120][T15348]  virtual_ncidev_open+0x141/0x220
[  550.054143][T15348]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  550.054163][T15348]  misc_open+0x26d/0x450
[  550.054182][T15348]  ? __pfx_misc_open+0x10/0x10
[  550.054198][T15348]  chrdev_open+0x234/0x6a0
[  550.054216][T15348]  ? __pfx_apparmor_file_open+0x10/0x10
[  550.054239][T15348]  ? __pfx_chrdev_open+0x10/0x10
[  550.054258][T15348]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  550.054281][T15348]  do_dentry_open+0x6d8/0x1660
[  550.054298][T15348]  ? __pfx_chrdev_open+0x10/0x10
[  550.054321][T15348]  vfs_open+0x82/0x3f0
[  550.054348][T15348]  path_openat+0x208c/0x31a0
[  550.054373][T15348]  ? __pfx_path_openat+0x10/0x10
[  550.054398][T15348]  do_file_open+0x20e/0x430
[  550.054418][T15348]  ? __pfx_do_file_open+0x10/0x10
[  550.054450][T15348]  ? alloc_fd+0x476/0x790
[  550.054470][T15348]  ? do_getname+0x191/0x390
[  550.054492][T15348]  do_sys_openat2+0x10d/0x1e0
[  550.054518][T15348]  ? __pfx_do_sys_openat2+0x10/0x10
[  550.054542][T15348]  ? __fget_files+0x21f/0x3d0
[  550.054570][T15348]  __x64_sys_openat+0x12d/0x210
[  550.054594][T15348]  ? __pfx___x64_sys_openat+0x10/0x10
[  550.054621][T15348]  ? rcu_is_watching+0x12/0xc0
[  550.054643][T15348]  do_syscall_64+0x10b/0xf80
[  550.054661][T15348]  ? clear_bhb_loop+0x40/0x90
[  550.054680][T15348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.054695][T15348] RIP: 0033:0x7f7bfc79cdd9
[  550.054709][T15348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  550.054723][T15348] RSP: 002b:00007f7bfd61b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  550.054738][T15348] RAX: ffffffffffffffda RBX: 00007f7bfca16180 RCX: 00007f7bfc79cdd9
[  550.054749][T15348] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  550.054759][T15348] RBP: 00007f7bfc832d69 R08: 0000000000000000 R09: 0000000000000000
[  550.054769][T15348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  550.054778][T15348] R13: 00007f7bfca16218 R14: 00007f7bfca16180 R15: 00007ffc36d23e58
[  550.054798][T15348]  </TASK>
[  550.797313][T15352] futex_wake_op: syz.3.1906 tries to shift op by -2048; fix this program
[  551.053799][T15369] netlink: 'syz.0.1910': attribute type 2 has an invalid length.
[  551.954446][T14191] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5
[  552.465945][T15392] Process accounting paused
[  552.640098][T15416] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  552.792473][T15416] CIFS mount error: No usable UNC path provided in device string!
[  552.792473][T15416] 
[  552.865164][T15416] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  553.346668][T15431] FAULT_INJECTION: forcing a failure.
[  553.346668][T15431] name fail_futex, interval 1, probability 0, space 0, times 0
[  553.552027][T15431] CPU: 0 UID: 0 PID: 15431 Comm: syz.2.1924 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  553.552056][T15431] Tainted: [L]=SOFTLOCKUP
[  553.552061][T15431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  553.552071][T15431] Call Trace:
[  553.552076][T15431]  <TASK>
[  553.552082][T15431]  dump_stack_lvl+0x100/0x190
[  553.552105][T15431]  should_fail_ex.cold+0x5/0xa
[  553.552129][T15431]  get_futex_key+0x1d2/0x1510
[  553.552148][T15431]  ? __pfx_get_futex_key+0x10/0x10
[  553.552163][T15431]  ? trace_ignore_this_task+0xbc/0x100
[  553.552183][T15431]  ? trace_ignore_this_task+0xbc/0x100
[  553.552213][T15431]  futex_wait_setup+0x83/0x510
[  553.552237][T15431]  __futex_wait+0x19f/0x300
[  553.552258][T15431]  ? __pfx___futex_wait+0x10/0x10
[  553.552277][T15431]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  553.552298][T15431]  ? __pfx_futex_wake_mark+0x10/0x10
[  553.552320][T15431]  ? find_held_lock+0x2b/0x80
[  553.552338][T15431]  ? futex_wake+0x456/0x530
[  553.552364][T15431]  futex_wait+0xe6/0x370
[  553.552383][T15431]  ? __pfx_futex_wait+0x10/0x10
[  553.552406][T15431]  ? __fget_files+0x215/0x3d0
[  553.552427][T15431]  do_futex+0x1ef/0x350
[  553.552443][T15431]  ? __pfx_do_futex+0x10/0x10
[  553.552459][T15431]  ? fdget+0x18b/0x210
[  553.552475][T15431]  ? __sys_sendmsg+0x18f/0x220
[  553.552492][T15431]  __x64_sys_futex+0x34f/0x4d0
[  553.552511][T15431]  ? __pfx___x64_sys_futex+0x10/0x10
[  553.552530][T15431]  ? rcu_is_watching+0x12/0xc0
[  553.552550][T15431]  do_syscall_64+0x10b/0xf80
[  553.552569][T15431]  ? clear_bhb_loop+0x40/0x90
[  553.552586][T15431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.552602][T15431] RIP: 0033:0x7f00d719cdd9
[  553.552615][T15431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  553.552630][T15431] RSP: 002b:00007f00d810a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  553.552644][T15431] RAX: ffffffffffffffda RBX: 00007f00d7416098 RCX: 00007f00d719cdd9
[  553.552654][T15431] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f00d7416098
[  553.552664][T15431] RBP: 00007f00d7416090 R08: 0000000000000000 R09: 0000000000000000
[  553.552673][T15431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  553.552682][T15431] R13: 00007f00d7416128 R14: 00007ffda82a1040 R15: 00007ffda82a1128
[  553.552701][T15431]  </TASK>
[  554.736350][T15443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1927'.
[  554.872996][T15449] FAULT_INJECTION: forcing a failure.
[  554.872996][T15449] name failslab, interval 1, probability 0, space 0, times 0
[  554.930729][T15449] CPU: 0 UID: 0 PID: 15449 Comm: syz.3.1928 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  554.930757][T15449] Tainted: [L]=SOFTLOCKUP
[  554.930763][T15449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  554.930772][T15449] Call Trace:
[  554.930778][T15449]  <TASK>
[  554.930784][T15449]  dump_stack_lvl+0x100/0x190
[  554.930806][T15449]  should_fail_ex.cold+0x5/0xa
[  554.930826][T15449]  ? lsm_blob_alloc+0x68/0x90
[  554.930845][T15449]  should_failslab+0xc2/0x120
[  554.930863][T15449]  __kmalloc_noprof+0xe0/0x850
[  554.930885][T15449]  ? audit_alloc+0xa2/0x7b0
[  554.930910][T15449]  lsm_blob_alloc+0x68/0x90
[  554.930929][T15449]  security_task_alloc+0x2a/0x260
[  554.930947][T15449]  copy_process+0x2865/0x7e00
[  554.930968][T15449]  ? futex_unqueue+0x133/0x2c0
[  554.930982][T15449]  ? futex_unqueue+0x133/0x2c0
[  554.931004][T15449]  ? __pfx_copy_process+0x10/0x10
[  554.931029][T15449]  ? _copy_from_user+0x59/0xd0
[  554.931055][T15449]  kernel_clone+0x12e/0x9c0
[  554.931083][T15449]  ? futex_hash+0x141/0x370
[  554.931097][T15449]  ? __pfx_kernel_clone+0x10/0x10
[  554.931122][T15449]  ? __pfx_futex_wait+0x10/0x10
[  554.931141][T15449]  ? __pfx_kernel_waitid+0x10/0x10
[  554.931160][T15449]  __do_sys_clone3+0x214/0x290
[  554.931181][T15449]  ? __pfx___do_sys_clone3+0x10/0x10
[  554.931208][T15449]  ? rcu_read_unlock+0x17/0x60
[  554.931226][T15449]  ? rcu_read_unlock+0x17/0x60
[  554.931253][T15449]  ? rcu_is_watching+0x12/0xc0
[  554.931273][T15449]  do_syscall_64+0x10b/0xf80
[  554.931291][T15449]  ? clear_bhb_loop+0x40/0x90
[  554.931309][T15449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.931324][T15449] RIP: 0033:0x7f7bfc79cdd9
[  554.931338][T15449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  554.931352][T15449] RSP: 002b:00007f7bfd65cef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  554.931367][T15449] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f7bfc79cdd9
[  554.931377][T15449] RDX: 00007f7bfd65cf10 RSI: 0000000000000058 RDI: 00007f7bfd65cf10
[  554.931387][T15449] RBP: 00007f7bfc832d69 R08: 0000000000000000 R09: 0000000000000058
[  554.931396][T15449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  554.931405][T15449] R13: 00007f7bfca16038 R14: 00007f7bfca15fa0 R15: 00007ffc36d23e58
[  554.931425][T15449]  </TASK>
[  555.283423][T15456] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1930'.
[  559.609329][T15531] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input14
[  559.763393][T15537] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1950'.
[  562.968318][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  562.980156][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  563.357204][T15607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1965'.
[  565.734168][T15651] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[  567.974552][T15697] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1986'.
[  568.331775][T15687] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  568.982211][T15717] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1991'.
[  569.625104][T15732] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  570.846237][T15754] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  570.983160][T15754] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  571.066944][T15754] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  571.317939][T15768] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum
[  571.939041][T15182] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  571.955420][T15182] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  571.963532][T15182] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  571.973333][T15182] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  571.983165][T15182] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  574.089468][T15182] Bluetooth: hci4: command tx timeout
[  574.541804][T15182] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  574.549323][T15182] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff
[  575.013750][T15772] bridge0: port 1(bridge_slave_0) entered blocking state
[  575.035509][T15772] bridge0: port 1(bridge_slave_0) entered disabled state
[  575.059435][T15772] bridge_slave_0: entered allmulticast mode
[  575.083069][T15772] bridge_slave_0: entered promiscuous mode
[  575.137460][T15772] bridge0: port 2(bridge_slave_1) entered blocking state
[  575.158799][T15772] bridge0: port 2(bridge_slave_1) entered disabled state
[  575.184046][T15772] bridge_slave_1: entered allmulticast mode
[  575.207180][T15772] bridge_slave_1: entered promiscuous mode
[  575.532678][T15772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.582688][T15772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.763502][T15772] team0: Port device team_slave_0 added
[  575.807529][T15772] team0: Port device team_slave_1 added
[  575.977838][T15772] batman_adv: batadv0: Adding interface: batadv_slave_0
[  576.037437][T15772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  576.171914][T15182] Bluetooth: hci4: command tx timeout
[  576.193993][T15772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  576.271006][T15772] batman_adv: batadv0: Adding interface: batadv_slave_1
[  576.317573][T15772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  576.493178][T15772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  576.694190][ T5774] Process accounting resumed
[  576.857018][T15772] hsr_slave_0: entered promiscuous mode
[  576.898861][T15772] hsr_slave_1: entered promiscuous mode
[  576.914190][T15818] Process accounting resumed
[  576.935856][T15772] debugfs: 'hsr0' already exists in 'hsr'
[  576.974820][T15772] Cannot create hsr debugfs directory
[  577.972646][T15953] Process accounting resumed
[  578.251677][T15182] Bluetooth: hci4: command tx timeout
[  578.937440][T15993] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  578.983102][T15993] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  579.028931][T15993] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  579.551739][T15772] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  579.594902][T16005] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.2028'.
[  579.705465][T15772] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  579.750077][T15772] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  579.837939][T15772] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  579.882779][T15772] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  579.937426][T15772] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  579.986158][T15772] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  580.023918][T16007] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2029'.
[  580.117399][T15772] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  580.205082][T16007] hsr_slave_1 (unregistering): left promiscuous mode
[  580.332603][T15182] Bluetooth: hci4: command tx timeout
[  580.899766][T16039] lo: entered allmulticast mode
[  580.960382][T15182] Bluetooth: hci1: unexpected event 0x01 length: 124 > 1
[  581.176277][T16048] lo: left allmulticast mode
[  581.529725][T15772] 8021q: adding VLAN 0 to HW filter on device bond0
[  581.958763][T15772] 8021q: adding VLAN 0 to HW filter on device team0
[  582.220935][T14816] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.228151][T14816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.361913][T14816] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.369227][T14816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  584.816491][T15772] 8021q: adding VLAN 0 to HW filter on device batadv0
[  586.005487][T15772] veth0_vlan: entered promiscuous mode
[  586.072674][T15772] veth1_vlan: entered promiscuous mode
[  586.254988][T15772] veth0_macvtap: entered promiscuous mode
[  586.318252][T15772] veth1_macvtap: entered promiscuous mode
[  586.421709][T15772] batman_adv: batadv0: Interface activated: batadv_slave_0
[  586.503204][T15772] batman_adv: batadv0: Interface activated: batadv_slave_1
[  586.578173][T14443] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.624804][T14443] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.679025][T14443] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.723638][T14443] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  587.111574][T16176] __vm_enough_memory: pid: 16176, comm: syz.1.2048, bytes: 4398046511104 not enough memory for the allocation
[  587.331985][T14443] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.386424][T14443] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  587.664661][T14813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  587.722104][T14813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  588.036268][T15182] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  588.044179][T15182] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:0'
[  588.055177][T15182] CPU: 0 UID: 0 PID: 15182 Comm: kworker/u12:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.055204][T15182] Tainted: [L]=SOFTLOCKUP
[  588.055210][T15182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  588.055232][T15182] Workqueue: hci0 hci_rx_work
[  588.055255][T15182] Call Trace:
[  588.055261][T15182]  <TASK>
[  588.055267][T15182]  dump_stack_lvl+0x100/0x190
[  588.055287][T15182]  sysfs_warn_dup.cold+0x1c/0x28
[  588.055312][T15182]  sysfs_create_dir_ns+0x24b/0x2b0
[  588.055330][T15182]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  588.055345][T15182]  ? find_held_lock+0x2b/0x80
[  588.055365][T15182]  ? kobject_add_internal+0x25f/0x930
[  588.055387][T15182]  ? kobject_add_internal+0x25f/0x930
[  588.055418][T15182]  ? do_raw_spin_unlock+0x145/0x1e0
[  588.055437][T15182]  kobject_add_internal+0x2c8/0x930
[  588.055463][T15182]  kobject_add+0x16a/0x1e0
[  588.055486][T15182]  ? __pfx_kobject_add+0x10/0x10
[  588.055508][T15182]  ? class_to_subsys+0x10f/0x150
[  588.055534][T15182]  ? kobject_put+0xb9/0x640
[  588.055553][T15182]  ? _raw_spin_unlock+0x28/0x50
[  588.055574][T15182]  device_add+0x294/0x1950
[  588.055593][T15182]  ? __pfx_dev_set_name+0x10/0x10
[  588.055614][T15182]  ? __pfx_device_add+0x10/0x10
[  588.055632][T15182]  ? mgmt_send_event_skb+0x2fb/0x460
[  588.055655][T15182]  hci_conn_add_sysfs+0x1a3/0x260
[  588.055676][T15182]  le_conn_complete_evt+0x11eb/0x1f60
[  588.055700][T15182]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  588.055716][T15182]  ? __pfx_bt_warn+0x10/0x10
[  588.055743][T15182]  hci_le_conn_complete_evt+0x23c/0x3a0
[  588.055762][T15182]  ? skb_pull_data+0x15f/0x1e0
[  588.055784][T15182]  hci_le_meta_evt+0x34a/0x5f0
[  588.055803][T15182]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  588.055825][T15182]  hci_event_packet+0x51c/0xcd0
[  588.055843][T15182]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  588.055863][T15182]  ? __pfx_hci_event_packet+0x10/0x10
[  588.055883][T15182]  ? kcov_remote_start+0x374/0x660
[  588.055903][T15182]  ? lockdep_hardirqs_on+0x78/0x100
[  588.055926][T15182]  hci_rx_work+0x451/0xfc0
[  588.055947][T15182]  process_one_work+0xa0e/0x1980
[  588.055971][T15182]  ? __pfx_process_one_work+0x10/0x10
[  588.055992][T15182]  ? __pfx_hci_rx_work+0x10/0x10
[  588.056010][T15182]  worker_thread+0x5ef/0xe50
[  588.056030][T15182]  ? __pfx_worker_thread+0x10/0x10
[  588.056046][T15182]  ? kthread+0x13a/0x450
[  588.056059][T15182]  ? __pfx_worker_thread+0x10/0x10
[  588.056073][T15182]  kthread+0x370/0x450
[  588.056086][T15182]  ? __pfx_kthread+0x10/0x10
[  588.056100][T15182]  ret_from_fork+0x72b/0xd50
[  588.056118][T15182]  ? __pfx_ret_from_fork+0x10/0x10
[  588.056135][T15182]  ? __switch_to+0x800/0x1100
[  588.056155][T15182]  ? __switch_to_asm+0x39/0x70
[  588.056173][T15182]  ? __pfx_kthread+0x10/0x10
[  588.056188][T15182]  ret_from_fork_asm+0x1a/0x30
[  588.056217][T15182]  </TASK>
[  588.657200][T15182] kobject: kobject_add_internal failed for hci0:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  588.671209][T15182] Bluetooth: hci0: failed to register connection device
[  589.535960][T14191] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  589.535986][T14191] Bluetooth: hci4: unexpected subevent 0x06 length: 725 > 10
[  590.740597][T15182] Bluetooth: hci0: command 0x0c1a tx timeout
[  591.582241][T16242] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2062'.
[  591.618692][T15182] Bluetooth: hci4: command tx timeout
[  591.671854][T16246] binder_alloc: binder_alloc_mmap_handler: 16240 0-1000 already mapped failed -16
[  592.820531][T14191] Bluetooth: hci0: command 0x0c1a tx timeout
[  593.808138][T16274] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  593.857963][T16274] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  593.911855][T16274] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  593.971611][T16274] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  594.095593][T16274] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  594.163411][T16274] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  594.196621][T16274] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  594.234016][T16281] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  594.346170][T16274] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  594.394986][T16287] device-mapper: ioctl: Invalid data size in the ioctl structure: 0
[  594.822928][T16309] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2076'.
[  594.868719][T16309] veth1_macvtap: left promiscuous mode
[  594.889445][T16309] macsec0: entered promiscuous mode
[  594.915742][T16309] macsec0: entered allmulticast mode
[  595.210055][T16317] FAULT_INJECTION: forcing a failure.
[  595.210055][T16317] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  595.276859][T16317] CPU: 0 UID: 8 PID: 16317 Comm: syz.4.2078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  595.276887][T16317] Tainted: [L]=SOFTLOCKUP
[  595.276893][T16317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  595.276902][T16317] Call Trace:
[  595.276908][T16317]  <TASK>
[  595.276914][T16317]  dump_stack_lvl+0x100/0x190
[  595.276936][T16317]  should_fail_ex.cold+0x5/0xa
[  595.276956][T16317]  _copy_from_user+0x2e/0xd0
[  595.276981][T16317]  memdup_user+0x6b/0xe0
[  595.276999][T16317]  strndup_user+0x78/0xe0
[  595.277016][T16317]  keyctl_pkey_params_get+0xd5/0x4b0
[  595.277038][T16317]  ? __pfx_keyctl_pkey_params_get+0x10/0x10
[  595.277058][T16317]  ? find_held_lock+0x2b/0x80
[  595.277077][T16317]  ? __might_fault+0xc5/0x140
[  595.277102][T16317]  ? __might_fault+0xc5/0x140
[  595.277131][T16317]  keyctl_pkey_params_get_2+0x12f/0x3f0
[  595.277150][T16317]  ? __pfx_keyctl_pkey_params_get_2+0x10/0x10
[  595.277173][T16317]  ? do_futex+0x192/0x350
[  595.277190][T16317]  ? __pfx_do_futex+0x10/0x10
[  595.277209][T16317]  keyctl_pkey_e_d_s+0xac/0x370
[  595.277228][T16317]  ? __pfx_keyctl_pkey_e_d_s+0x10/0x10
[  595.277245][T16317]  ? __x64_sys_futex+0x34f/0x4d0
[  595.277261][T16317]  ? __x64_sys_futex+0x358/0x4d0
[  595.277280][T16317]  ? ksys_write+0x1ac/0x250
[  595.277300][T16317]  __do_sys_keyctl+0x336/0x5a0
[  595.277325][T16317]  do_syscall_64+0x10b/0xf80
[  595.277344][T16317]  ? clear_bhb_loop+0x40/0x90
[  595.277362][T16317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.277378][T16317] RIP: 0033:0x7f25b799cdd9
[  595.277392][T16317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  595.277407][T16317] RSP: 002b:00007f25b8803028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  595.277423][T16317] RAX: ffffffffffffffda RBX: 00007f25b7c16090 RCX: 00007f25b799cdd9
[  595.277434][T16317] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000019
[  595.277442][T16317] RBP: 00007f25b7a32d69 R08: 0000000000000009 R09: 0000000000000000
[  595.277451][T16317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  595.277460][T16317] R13: 00007f25b7c16128 R14: 00007f25b7c16090 R15: 00007fff714b1498
[  595.277480][T16317]  </TASK>
[  595.856502][T14191] Bluetooth: hci1: command 0x0c1a tx timeout
[  595.862907][T14191] Bluetooth: hci3: command 0x0c1a tx timeout
[  595.952856][T15182] Bluetooth: hci0: command 0x0c1a tx timeout
[  596.231501][T14191] Bluetooth: hci4: command 0x0c1a tx timeout
[  596.912460][T16331] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2081'.
[  597.680178][T16346] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  597.725482][T16346] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  597.945474][T14813] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  598.023857][T14191] Bluetooth: hci0: command 0x0c1a tx timeout
[  598.262049][T14191] Bluetooth: hci4: command 0x0c1a tx timeout
[  598.515219][T14813] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  598.622426][T14444] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u11:15: bg 4: bad block bitmap checksum
[  598.704193][T14444] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 74
[  598.787737][T14444] EXT4-fs (sda1): This should not happen!! Data will be lost
[  598.787737][T14444] 
[  598.904482][T14813] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  599.264844][T14813] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  600.103328][T14191] Bluetooth: hci0: command 0x0c1a tx timeout
[  600.303618][T16376] FAULT_INJECTION: forcing a failure.
[  600.303618][T16376] name failslab, interval 1, probability 0, space 0, times 0
[  600.342956][T14191] Bluetooth: hci4: command 0x0c1a tx timeout
[  600.362375][T14191] Bluetooth: hci3: unexpected event 0x14 length: 16 > 6
[  600.570073][T16376] CPU: 0 UID: 0 PID: 16376 Comm: syz.1.2090 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.570099][T16376] Tainted: [L]=SOFTLOCKUP
[  600.570105][T16376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  600.570114][T16376] Call Trace:
[  600.570119][T16376]  <TASK>
[  600.570125][T16376]  dump_stack_lvl+0x100/0x190
[  600.570147][T16376]  should_fail_ex.cold+0x5/0xa
[  600.570167][T16376]  should_failslab+0xc2/0x120
[  600.570185][T16376]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  600.570208][T16376]  ? ext4_mb_new_blocks+0x85d/0x4c60
[  600.570235][T16376]  ext4_mb_new_blocks+0x85d/0x4c60
[  600.570265][T16376]  ? trace_kmalloc+0xe3/0x110
[  600.570282][T16376]  ? bh_uptodate_or_lock+0x3c/0x140
[  600.570305][T16376]  ? __read_extent_tree_block+0x2cd/0x650
[  600.570329][T16376]  ? __pfx_ext4_mb_new_blocks+0x10/0x10
[  600.570353][T16376]  ? ext4_ext_search_right+0x2cc/0xd60
[  600.570374][T16376]  ext4_ext_map_blocks+0x1c74/0x5930
[  600.570398][T16376]  ? stack_trace_save+0x8e/0xc0
[  600.570419][T16376]  ? __pfx_stack_trace_save+0x10/0x10
[  600.570439][T16376]  ? stack_depot_save_flags+0x27/0x9d0
[  600.570459][T16376]  ? __pfx_ext4_ext_map_blocks+0x10/0x10
[  600.570478][T16376]  ? __lock_acquire+0x4a5/0x2630
[  600.570494][T16376]  ? filemap_writeback+0x22d/0x2e0
[  600.570512][T16376]  ? file_write_and_wait_range+0xcd/0x140
[  600.570533][T16376]  ? ext4_sync_file+0x358/0xb90
[  600.570545][T16376]  ? vfs_fsync_range+0x9b/0x190
[  600.570564][T16376]  ? __do_sys_msync+0x3ca/0x590
[  600.570577][T16376]  ? do_syscall_64+0x10b/0xf80
[  600.570595][T16376]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.570625][T16376]  ext4_map_create_blocks+0xec/0x5e0
[  600.570652][T16376]  ext4_map_blocks+0x46b/0xd30
[  600.570676][T16376]  ? __pfx_ext4_map_blocks+0x10/0x10
[  600.570698][T16376]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  600.570724][T16376]  ? ext4_ext_index_trans_blocks+0x167/0x1a0
[  600.570742][T16376]  ? __ext4_journal_ensure_credits+0x265/0x2f0
[  600.570760][T16376]  ext4_do_writepages+0x2313/0x3f20
[  600.570790][T16376]  ? __pfx_ext4_do_writepages+0x10/0x10
[  600.570815][T16376]  ? ext4_writepages+0x347/0x790
[  600.570829][T16376]  ext4_writepages+0x347/0x790
[  600.570846][T16376]  ? __pfx_ext4_writepages+0x10/0x10
[  600.570867][T16376]  ? do_writepages+0x4b5/0x600
[  600.570885][T16376]  ? do_writepages+0x4b5/0x600
[  600.570905][T16376]  ? __pfx_ext4_writepages+0x10/0x10
[  600.570921][T16376]  do_writepages+0x278/0x600
[  600.570941][T16376]  ? __pfx_do_writepages+0x10/0x10
[  600.570958][T16376]  ? do_raw_spin_unlock+0x145/0x1e0
[  600.570976][T16376]  ? _raw_spin_unlock+0x28/0x50
[  600.570994][T16376]  filemap_writeback+0x22d/0x2e0
[  600.571014][T16376]  ? __pfx_filemap_writeback+0x10/0x10
[  600.571057][T16376]  ? wake_up_q+0xae/0x130
[  600.571078][T16376]  file_write_and_wait_range+0xcd/0x140
[  600.571105][T16376]  ext4_sync_file+0x358/0xb90
[  600.571121][T16376]  ? __pfx_ext4_sync_file+0x10/0x10
[  600.571134][T16376]  ? __up_read+0x1f0/0x6e0
[  600.571151][T16376]  ? __pfx___up_read+0x10/0x10
[  600.571166][T16376]  ? __do_sys_msync+0x39b/0x590
[  600.571180][T16376]  ? __pfx_ext4_sync_file+0x10/0x10
[  600.571193][T16376]  vfs_fsync_range+0x9b/0x190
[  600.571215][T16376]  __do_sys_msync+0x3ca/0x590
[  600.571232][T16376]  do_syscall_64+0x10b/0xf80
[  600.571250][T16376]  ? clear_bhb_loop+0x40/0x90
[  600.571269][T16376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.571284][T16376] RIP: 0033:0x7f7ace79cdd9
[  600.571296][T16376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.571310][T16376] RSP: 002b:00007f7acf69a028 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  600.571330][T16376] RAX: ffffffffffffffda RBX: 00007f7acea16270 RCX: 00007f7ace79cdd9
[  600.571340][T16376] RDX: 0000000400000004 RSI: 01800000000000fe RDI: 000000001ffff000
[  600.571349][T16376] RBP: 00007f7ace832d69 R08: 0000000000000000 R09: 0000000000000000
[  600.571358][T16376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  600.571367][T16376] R13: 00007f7acea16308 R14: 00007f7acea16270 R15: 00007ffdc3e19cf8
[  600.571386][T16376]  </TASK>
[  601.399304][T16381] kexec: Could not allocate control_code_buffer
[  601.518442][T16376] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  601.550240][T16376] EXT4-fs (sda1): This should not happen!! Data will be lost
[  601.550240][T16376] 
[  602.154661][T16413] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2097'.
[  603.100201][T16437] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  603.270845][T16437] EXT4-fs (sda1): This should not happen!! Data will be lost
[  603.270845][T16437] 
[  603.799407][T14813] batadv0: left allmulticast mode
[  603.825100][T14813] batadv0: left promiscuous mode
[  603.862785][T14813] bridge0: port 4(batadv0) entered disabled state
[  603.968195][T14813] dummy0: left allmulticast mode
[  604.045398][T14813] dummy0: left promiscuous mode
[  604.075666][T14813] bridge0: port 3(dummy0) entered disabled state
[  604.145690][T14813] bridge_slave_1: left allmulticast mode
[  604.184468][T14813] bridge_slave_1: left promiscuous mode
[  604.217327][T14813] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.252381][T14813] bridge_slave_0: left allmulticast mode
[  604.281495][T14813] bridge_slave_0: left promiscuous mode
[  604.311689][T14813] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.153437][ T5289] 8021q: adding VLAN 0 to HW filter on device eth1
[  607.079346][T14813] hsr_slave_0: left promiscuous mode
[  607.123712][T14813] hsr_slave_1: left promiscuous mode
[  607.161029][T14813] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  607.213056][T14813] batman_adv: batadv0: Removing interface: batadv_slave_0
[  607.264749][T14813] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  607.318779][T14813] batman_adv: batadv0: Removing interface: batadv_slave_1
[  607.487603][T14813] veth1_vlan: left promiscuous mode
[  607.515098][T14813] veth0_vlan: left promiscuous mode
[  608.069914][T16489] Process accounting paused
[  608.453167][T14813] team0 (unregistering): Port device team_slave_1 removed
[  608.554486][T16493] netlink: 236 bytes leftover after parsing attributes in process `syz.1.2107'.
[  608.603803][T14813] team0 (unregistering): Port device team_slave_0 removed
[  609.091853][ T5289] 8021q: adding VLAN 0 to HW filter on device eth2
[  609.182155][T16499] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  609.255309][T16483] Process accounting paused
[  609.266259][T16499] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.266259][T16499] 
[  609.991720][T16519] FAULT_INJECTION: forcing a failure.
[  609.991720][T16519] name failslab, interval 1, probability 0, space 0, times 0
[  610.063280][T16519] CPU: 0 UID: 0 PID: 16519 Comm: syz.2.2112 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  610.063308][T16519] Tainted: [L]=SOFTLOCKUP
[  610.063313][T16519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  610.063323][T16519] Call Trace:
[  610.063328][T16519]  <TASK>
[  610.063335][T16519]  dump_stack_lvl+0x100/0x190
[  610.063356][T16519]  should_fail_ex.cold+0x5/0xa
[  610.063377][T16519]  should_failslab+0xc2/0x120
[  610.063395][T16519]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  610.063418][T16519]  ? key_alloc+0x3c5/0x1310
[  610.063438][T16519]  key_alloc+0x3c5/0x1310
[  610.063460][T16519]  ? __pfx_key_alloc+0x10/0x10
[  610.063481][T16519]  keyring_alloc+0x44/0xc0
[  610.063501][T16519]  lookup_user_key+0x9b8/0x1300
[  610.063519][T16519]  ? __pfx_lookup_user_key+0x10/0x10
[  610.063535][T16519]  ? __pfx_futex_wait+0x10/0x10
[  610.063557][T16519]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  610.063589][T16519]  keyctl_get_persistent+0x197/0x8b0
[  610.063608][T16519]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  610.063628][T16519]  ? __x64_sys_futex+0x34f/0x4d0
[  610.063643][T16519]  ? __x64_sys_futex+0x358/0x4d0
[  610.063664][T16519]  ? xfd_validate_state+0x129/0x190
[  610.063679][T16519]  ? ksys_write+0x1ac/0x250
[  610.063700][T16519]  __do_sys_keyctl+0x3b2/0x5a0
[  610.063722][T16519]  do_syscall_64+0x10b/0xf80
[  610.063741][T16519]  ? clear_bhb_loop+0x40/0x90
[  610.063759][T16519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.063775][T16519] RIP: 0033:0x7f00d719cdd9
[  610.063788][T16519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  610.063803][T16519] RSP: 002b:00007f00d812b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  610.063817][T16519] RAX: ffffffffffffffda RBX: 00007f00d7415fa0 RCX: 00007f00d719cdd9
[  610.063827][T16519] RDX: 7fffffffffffffff RSI: 0000000000000000 RDI: 0000000000000016
[  610.063836][T16519] RBP: 00007f00d7232d69 R08: 0000000000000002 R09: 0000000000000000
[  610.063845][T16519] R10: ffffffffffffe6d6 R11: 0000000000000246 R12: 0000000000000000
[  610.063855][T16519] R13: 00007f00d7416038 R14: 00007f00d7415fa0 R15: 00007ffda82a1128
[  610.063879][T16519]  </TASK>
[  611.731210][ T5289] 8021q: adding VLAN 0 to HW filter on device eth3
[  614.092464][ T5289] 8021q: adding VLAN 0 to HW filter on device eth4
[  614.122235][T15182] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  614.139941][T15182] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  614.151869][T15182] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  614.162757][T15182] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  614.186458][T15182] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  616.272249][T15182] Bluetooth: hci2: command tx timeout
[  616.932806][T16634] random: crng reseeded on system resumption
[  617.322952][T16635] hub 1-0:1.0: USB hub found
[  617.400009][T16635] hub 1-0:1.0: 1 port detected
[  618.351519][T15182] Bluetooth: hci2: command tx timeout
[  618.829391][T16588] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.865619][T16588] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.898913][T16588] bridge_slave_0: entered allmulticast mode
[  618.928846][T16588] bridge_slave_0: entered promiscuous mode
[  618.970724][T16588] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.999907][T16588] bridge0: port 2(bridge_slave_1) entered disabled state
[  619.035413][T16588] bridge_slave_1: entered allmulticast mode
[  619.072334][T16588] bridge_slave_1: entered promiscuous mode
[  619.186423][T16679] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2135'.
[  619.223361][T16588] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  619.305992][T16588] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  619.524087][T16679] bond0: (slave bond_slave_0): Releasing backup interface
[  620.075642][T16588] team0: Port device team_slave_0 added
[  620.121664][T16588] team0: Port device team_slave_1 added
[  620.341660][T16588] batman_adv: batadv0: Adding interface: batadv_slave_0
[  620.383141][T16588] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  620.441137][T15182] Bluetooth: hci2: command tx timeout
[  620.506764][T16588] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  620.590735][T16588] batman_adv: batadv0: Adding interface: batadv_slave_1
[  620.625545][T16588] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  620.741285][T16588] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  620.981018][T16588] hsr_slave_0: entered promiscuous mode
[  621.026204][T16588] hsr_slave_1: entered promiscuous mode
[  621.058027][T16588] debugfs: 'hsr0' already exists in 'hsr'
[  621.090337][T16588] Cannot create hsr debugfs directory
[  622.054557][T15182] block nbd1: Receive control failed (result -32)
[  622.513911][T15182] Bluetooth: hci2: command tx timeout
[  623.044448][T16588] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  623.119029][T16588] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  623.175135][T16588] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  623.236795][T16588] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  623.284234][T16746] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  623.382971][T16588] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  623.468492][T16588] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  623.524234][T16588] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  623.596038][T16588] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  623.615618][T16746] EXT4-fs (sda1): This should not happen!! Data will be lost
[  623.615618][T16746] 
[  624.440041][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  624.451989][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  624.615395][T16588] 8021q: adding VLAN 0 to HW filter on device bond0
[  624.710804][T16588] 8021q: adding VLAN 0 to HW filter on device team0
[  624.791390][T14816] bridge0: port 1(bridge_slave_0) entered blocking state
[  624.798569][T14816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  624.896368][T14816] bridge0: port 2(bridge_slave_1) entered blocking state
[  624.903531][T14816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  626.696790][T16588] 8021q: adding VLAN 0 to HW filter on device batadv0
[  628.322267][T16843] NFSD: Failed to start, no listeners configured.
[  628.984520][T16588] veth0_vlan: entered promiscuous mode
[  629.122047][T16588] veth1_vlan: entered promiscuous mode
[  629.397192][T14448] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  629.478147][T16588] veth0_macvtap: entered promiscuous mode
[  629.490603][T14448] EXT4-fs (sda1): This should not happen!! Data will be lost
[  629.490603][T14448] 
[  629.850436][T16588] veth1_macvtap: entered promiscuous mode
[  630.081545][T16588] batman_adv: batadv0: Interface activated: batadv_slave_0
[  630.162610][T16588] batman_adv: batadv0: Interface activated: batadv_slave_1
[  630.340164][T14446] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  630.433972][T14446] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  630.936237][T14446] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  631.027751][T14446] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  632.334080][T14813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.396863][T14813] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.609666][T14811] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.663180][T14811] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.275874][T16934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2170'.
[  633.561177][T16944] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  633.682235][T16944] EXT4-fs (sda1): This should not happen!! Data will be lost
[  633.682235][T16944] 
[  634.225101][T16942] futex_wake_op: syz.5.2121 tries to shift op by -2048; fix this program
[  634.563284][T14191] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  634.580630][T14191] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  634.603520][T14191] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  634.612047][T14191] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  634.626487][T14191] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  636.681110][T14191] Bluetooth: hci5: command tx timeout
[  637.910443][T17006] FAULT_INJECTION: forcing a failure.
[  637.910443][T17006] name failslab, interval 1, probability 0, space 0, times 0
[  638.207944][T17006] CPU: 0 UID: 0 PID: 17006 Comm: syz.1.2178 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  638.207972][T17006] Tainted: [L]=SOFTLOCKUP
[  638.207978][T17006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  638.207988][T17006] Call Trace:
[  638.207994][T17006]  <TASK>
[  638.208000][T17006]  dump_stack_lvl+0x100/0x190
[  638.208022][T17006]  should_fail_ex.cold+0x5/0xa
[  638.208043][T17006]  ? cgroup_mkdir+0x277/0x1310
[  638.208063][T17006]  should_failslab+0xc2/0x120
[  638.208081][T17006]  __kmalloc_noprof+0xe0/0x850
[  638.208108][T17006]  cgroup_mkdir+0x277/0x1310
[  638.208131][T17006]  ? __pfx_cgroup_mkdir+0x10/0x10
[  638.208152][T17006]  kernfs_iop_mkdir+0x111/0x190
[  638.208170][T17006]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  638.208192][T17006]  vfs_mkdir+0x361/0x850
[  638.208219][T17006]  filename_mkdirat+0x48b/0x5e0
[  638.208240][T17006]  ? __pfx_filename_mkdirat+0x10/0x10
[  638.208259][T17006]  ? strncpy_from_user+0x19d/0x2d0
[  638.208277][T17006]  ? do_getname+0x191/0x390
[  638.208300][T17006]  __x64_sys_mkdir+0x6b/0x90
[  638.208319][T17006]  do_syscall_64+0x10b/0xf80
[  638.208339][T17006]  ? clear_bhb_loop+0x40/0x90
[  638.208358][T17006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.208374][T17006] RIP: 0033:0x7f7ace79cdd9
[  638.208387][T17006] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  638.208403][T17006] RSP: 002b:00007f7acf6dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  638.208418][T17006] RAX: ffffffffffffffda RBX: 00007f7acea16090 RCX: 00007f7ace79cdd9
[  638.208429][T17006] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000040
[  638.208437][T17006] RBP: 00007f7ace832d69 R08: 0000000000000000 R09: 0000000000000000
[  638.208446][T17006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  638.208456][T17006] R13: 00007f7acea16128 R14: 00007f7acea16090 R15: 00007ffdc3e19cf8
[  638.208477][T17006]  </TASK>
[  638.577410][T16692] Process accounting resumed
[  638.772693][T14191] Bluetooth: hci5: command tx timeout
[  639.189108][T16963] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.209832][T16963] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.238051][T16963] bridge_slave_0: entered allmulticast mode
[  639.270619][T16963] bridge_slave_0: entered promiscuous mode
[  639.317948][T16963] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.349447][T16963] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.381434][T16963] bridge_slave_1: entered allmulticast mode
[  639.421943][T16963] bridge_slave_1: entered promiscuous mode
[  639.790865][T16963] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  639.865255][T16963] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  640.137665][T16963] team0: Port device team_slave_0 added
[  640.195881][T16963] team0: Port device team_slave_1 added
[  640.401619][T17021] Process accounting resumed
[  640.648482][T16963] batman_adv: batadv0: Adding interface: batadv_slave_0
[  640.687239][T16963] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  640.828390][T16963] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  640.843723][T14191] Bluetooth: hci5: command tx timeout
[  641.230033][T16963] batman_adv: batadv0: Adding interface: batadv_slave_1
[  641.289544][T16963] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  641.455809][T16963] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  641.735020][T16963] hsr_slave_0: entered promiscuous mode
[  641.763977][T16963] hsr_slave_1: entered promiscuous mode
[  641.796114][T16963] debugfs: 'hsr0' already exists in 'hsr'
[  641.821594][T16963] Cannot create hsr debugfs directory
[  642.926150][T14191] Bluetooth: hci5: command tx timeout
[  643.185659][T16963] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.768284][T16963] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  643.933978][T17068] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  644.150637][T16963] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.479359][T17076] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2191'.
[  644.504555][T16963] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.514458][T17086] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  646.003706][T16963] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  646.088963][T16963] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  646.127789][T16963] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  646.201154][T16963] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  646.279022][T16963] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  646.335838][T16963] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  646.374186][T16963] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  646.384361][T17102] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  646.430251][T16963] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  646.847785][T16963] 8021q: adding VLAN 0 to HW filter on device bond0
[  646.940202][T16963] 8021q: adding VLAN 0 to HW filter on device team0
[  647.021258][T14811] bridge0: port 1(bridge_slave_0) entered blocking state
[  647.028483][T14811] bridge0: port 1(bridge_slave_0) entered forwarding state
[  647.072486][T17121] random: crng reseeded on system resumption
[  647.089791][T17124] openvswitch: netlink: Key 15 has unexpected len 16 expected 4
[  647.120623][T14444] bridge0: port 2(bridge_slave_1) entered blocking state
[  647.127861][T14444] bridge0: port 2(bridge_slave_1) entered forwarding state
[  649.050816][T16963] 8021q: adding VLAN 0 to HW filter on device batadv0
[  649.520820][T16963] veth0_vlan: entered promiscuous mode
[  649.612133][T16963] veth1_vlan: entered promiscuous mode
[  650.301594][T16963] veth0_macvtap: entered promiscuous mode
[  650.376111][T16963] veth1_macvtap: entered promiscuous mode
[  650.752957][T16963] batman_adv: batadv0: Interface activated: batadv_slave_0
[  650.905678][T16963] batman_adv: batadv0: Interface activated: batadv_slave_1
[  651.042358][T14811] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  651.109013][T14811] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  651.179860][T14811] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  651.255226][T14811] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  652.091475][T14445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.166099][T14445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  652.343068][T14813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  652.372683][   T30] audit: type=1800 audit(2147483647.279:56): pid=17197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2214" name="discovery_nqn" dev="configfs" ino=67194 res=0 errno=0
[  652.447824][T14813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  652.594147][T17201] tc_dump_action: action bad kind
[  654.289996][T17198] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  654.403980][T17198] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  654.493959][T17198] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  654.587725][T17198] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  654.671181][T17198] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  654.752017][T17198] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  654.841265][T17198] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  654.912568][T17198] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  654.994301][T17198] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  655.577204][T17242] FAULT_INJECTION: forcing a failure.
[  655.577204][T17242] name failslab, interval 1, probability 0, space 0, times 0
[  655.577314][T17242] CPU: 0 UID: 0 PID: 17242 Comm: syz.5.2223 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  655.577337][T17242] Tainted: [L]=SOFTLOCKUP
[  655.577342][T17242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  655.577352][T17242] Call Trace:
[  655.577357][T17242]  <TASK>
[  655.577364][T17242]  dump_stack_lvl+0x100/0x190
[  655.577386][T17242]  should_fail_ex.cold+0x5/0xa
[  655.577407][T17242]  should_failslab+0xc2/0x120
[  655.577424][T17242]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  655.577447][T17242]  ? vm_area_dup+0x27/0x8e0
[  655.577473][T17242]  vm_area_dup+0x27/0x8e0
[  655.577495][T17242]  __split_vma+0x18c/0xd90
[  655.577518][T17242]  ? __mpol_equal+0xaf/0x340
[  655.577537][T17242]  ? __pfx___split_vma+0x10/0x10
[  655.577568][T17242]  vma_modify+0x12ad/0x25c0
[  655.577594][T17242]  ? __lock_acquire+0x400/0x2630
[  655.577610][T17242]  ? __pfx_vma_modify+0x10/0x10
[  655.577631][T17242]  ? register_lock_class+0x40/0x560
[  655.577656][T17242]  vma_modify_policy+0x238/0x300
[  655.577679][T17242]  ? __pfx_vma_modify_policy+0x10/0x10
[  655.577717][T17242]  mbind_range+0x175/0x550
[  655.577738][T17242]  do_mbind+0x7dc/0xfd0
[  655.577761][T17242]  ? __might_fault+0xc5/0x140
[  655.577786][T17242]  ? __pfx_do_mbind+0x10/0x10
[  655.577809][T17242]  ? _copy_from_user+0x59/0xd0
[  655.577837][T17242]  ? __pfx_get_nodes+0x10/0x10
[  655.577856][T17242]  kernel_mbind+0x1b7/0x200
[  655.577877][T17242]  ? __pfx_kernel_mbind+0x10/0x10
[  655.577898][T17242]  ? rcu_is_watching+0x12/0xc0
[  655.577919][T17242]  do_syscall_64+0x10b/0xf80
[  655.577937][T17242]  ? clear_bhb_loop+0x40/0x90
[  655.577955][T17242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.577971][T17242] RIP: 0033:0x7f706499cdd9
[  655.577984][T17242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  655.577999][T17242] RSP: 002b:00007f7065905028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  655.578013][T17242] RAX: ffffffffffffffda RBX: 00007f7064c15fa0 RCX: 00007f706499cdd9
[  655.578024][T17242] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000
[  655.578040][T17242] RBP: 00007f7064a32d69 R08: 0000000000000003 R09: 0000000000000003
[  655.578049][T17242] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000
[  655.578059][T17242] R13: 00007f7064c16038 R14: 00007f7064c15fa0 R15: 00007ffd12281e18
[  655.578080][T17242]  </TASK>
[  656.210559][T14191] Bluetooth: hci3: command 0x0c1a tx timeout
[  656.455222][T14191] Bluetooth: hci0: command 0x0c1a tx timeout
[  656.530925][T14191] Bluetooth: hci4: command 0x0c1a tx timeout
[  656.614176][T14191] Bluetooth: hci2: command 0x0c1a tx timeout
[  656.852501][T14191] Bluetooth: hci5: command 0x0c1a tx timeout
[  657.447119][T17286] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  657.554444][T17286] EXT4-fs (sda1): This should not happen!! Data will be lost
[  657.554444][T17286] 
[  657.756859][T17298] program syz.0.2235 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  658.390832][T17300] zswap: compressor  not available
[  658.536342][T17325] syz_tun: tun_chr_ioctl cmd 1074025673
[  658.691600][T14191] Bluetooth: hci2: command 0x0c1a tx timeout
[  658.931924][T14191] Bluetooth: hci5: command 0x0c1a tx timeout
[  659.896327][T14813] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  660.002312][T14813] EXT4-fs (sda1): This should not happen!! Data will be lost
[  660.002312][T14813] 
[  660.181636][T17362] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2245'.
[  660.773227][T14191] Bluetooth: hci2: command 0x0c1a tx timeout
[  660.967614][T17369] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  661.012863][T14191] Bluetooth: hci5: command 0x0c1a tx timeout
[  661.238791][T17378] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2252'.
[  661.289169][T17378] netlink: 29 bytes leftover after parsing attributes in process `syz.2.2252'.
[  661.404876][T17373] futex_wake_op: syz.1.2249 tries to shift op by -2048; fix this program
[  661.636689][T17373] futex_wake_op: syz.1.2249 tries to shift op by -2048; fix this program
[  661.762236][T17384] 0x000000000001-0x000000020000 : ""
[  661.769800][T17386] ubi: mtd0 is already attached to ubi0
[  662.029564][T17384] ftl_cs: FTL header corrupt!
[  662.176767][T17392] EXT4-fs (sda1): Delayed block allocation failed for inode 2022 at logical offset 0 with max blocks 1 with error 117
[  662.381771][T17392] EXT4-fs (sda1): This should not happen!! Data will be lost
[  662.381771][T17392] 
[  662.478413][T17393] FAULT_INJECTION: forcing a failure.
[  662.478413][T17393] name failslab, interval 1, probability 0, space 0, times 0
[  662.491513][T17393] CPU: 0 UID: 0 PID: 17393 Comm: syz.5.2254 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  662.491539][T17393] Tainted: [L]=SOFTLOCKUP
[  662.491545][T17393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  662.491553][T17393] Call Trace:
[  662.491560][T17393]  <TASK>
[  662.491567][T17393]  dump_stack_lvl+0x100/0x190
[  662.491588][T17393]  should_fail_ex.cold+0x5/0xa
[  662.491608][T17393]  should_failslab+0xc2/0x120
[  662.491627][T17393]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  662.491652][T17393]  ? alloc_io_context+0x21/0x2f0
[  662.491674][T17393]  ? set_task_ioprio+0x48f/0x670
[  662.491690][T17393]  alloc_io_context+0x21/0x2f0
[  662.491712][T17393]  set_task_ioprio+0x49e/0x670
[  662.491728][T17393]  __do_sys_ioprio_set+0x74c/0xb40
[  662.491751][T17393]  ? rcu_is_watching+0x12/0xc0
[  662.491771][T17393]  do_syscall_64+0x10b/0xf80
[  662.491790][T17393]  ? clear_bhb_loop+0x40/0x90
[  662.491807][T17393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.491823][T17393] RIP: 0033:0x7f706499cdd9
[  662.491837][T17393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  662.491852][T17393] RSP: 002b:00007f70658e4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fb
[  662.491866][T17393] RAX: ffffffffffffffda RBX: 00007f7064c16090 RCX: 00007f706499cdd9
[  662.491876][T17393] RDX: 0000000000000008 RSI: 0000000800000000 RDI: 0000000000000002
[  662.491885][T17393] RBP: 00007f7064a32d69 R08: 0000000000000000 R09: 0000000000000000
[  662.491894][T17393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  662.491903][T17393] R13: 00007f7064c16128 R14: 00007f7064c16090 R15: 00007ffd12281e18
[  662.491923][T17393]  </TASK>
[  662.924338][T17387] kexec: Could not allocate control_code_buffer
[  664.703089][T14191] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  664.716813][T17424] vivid-008: =================  START STATUS  =================
[  664.783601][T17424] vivid-008: ==================  END STATUS  ==================
[  666.307820][T17423] random: crng reseeded on system resumption
[  666.323821][T17448] MTRR 3 not used
[  666.778026][T15182] Bluetooth: hci5: command 0x0c1a tx timeout
[  668.862177][T15182] Bluetooth: hci5: command 0x0c1a tx timeout
[  669.050774][T17502] EXT4-fs error (device sda1): ext4_discard_preallocations:5696: comm syz.2.2269: Error -117 reading block bitmap for 4
[  670.473111][T17514] netlink: 226 bytes leftover after parsing attributes in process `syz.2.2277'.
[  670.505561][T17512] Process accounting paused
[  670.582158][T17514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2277'.
[  670.711488][T17514] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[  671.014579][T17514] Process accounting paused
[  671.655339][T17500] netlink: 2468 bytes leftover after parsing attributes in process `syz.5.2275'.
[  671.862488][T17500] netlink: 2468 bytes leftover after parsing attributes in process `syz.5.2275'.
[  674.403932][T17576] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5626] was attempted by ""[17576]
[  678.540914][T17630] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2301'.
[  680.077549][T17652] FAULT_INJECTION: forcing a failure.
[  680.077549][T17652] name fail_futex, interval 1, probability 0, space 0, times 0
[  680.090562][T17652] CPU: 0 UID: 0 PID: 17652 Comm: syz.1.2308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  680.090588][T17652] Tainted: [L]=SOFTLOCKUP
[  680.090594][T17652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  680.090604][T17652] Call Trace:
[  680.090609][T17652]  <TASK>
[  680.090615][T17652]  dump_stack_lvl+0x100/0x190
[  680.090636][T17652]  should_fail_ex.cold+0x5/0xa
[  680.090656][T17652]  should_fail_futex+0x4c/0x60
[  680.090681][T17652]  futex_lock_pi_atomic+0x12d/0xaf0
[  680.090701][T17652]  ? futex_hash+0x141/0x370
[  680.090717][T17652]  futex_lock_pi+0x245/0x7a0
[  680.090738][T17652]  ? __pfx_futex_lock_pi+0x10/0x10
[  680.090759][T17652]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  680.090792][T17652]  ? __pfx_futex_wake_mark+0x10/0x10
[  680.090815][T17652]  ? ksys_write+0x190/0x250
[  680.090832][T17652]  ? ksys_write+0x190/0x250
[  680.090852][T17652]  do_futex+0x18a/0x350
[  680.090869][T17652]  ? __pfx_do_futex+0x10/0x10
[  680.090890][T17652]  __x64_sys_futex+0x34f/0x4d0
[  680.090909][T17652]  ? __pfx___x64_sys_futex+0x10/0x10
[  680.090924][T17652]  ? ksys_write+0x1ac/0x250
[  680.090943][T17652]  ? rcu_is_watching+0x12/0xc0
[  680.090964][T17652]  do_syscall_64+0x10b/0xf80
[  680.090981][T17652]  ? clear_bhb_loop+0x40/0x90
[  680.090999][T17652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.091014][T17652] RIP: 0033:0x7f7ace79cdd9
[  680.091028][T17652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  680.091042][T17652] RSP: 002b:00007f7acf6bb028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  680.091057][T17652] RAX: ffffffffffffffda RBX: 00007f7acea16180 RCX: 00007f7ace79cdd9
[  680.091067][T17652] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000
[  680.091076][T17652] RBP: 00007f7ace832d69 R08: 0000000000000000 R09: 000000008000fff5
[  680.091085][T17652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  680.091094][T17652] R13: 00007f7acea16218 R14: 00007f7acea16180 R15: 00007ffdc3e19cf8
[  680.091114][T17652]  </TASK>
[  681.397573][T17656] zram: Added device: zram2
[  682.741231][T15182] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  682.756631][T15182] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  682.766404][T15182] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  682.776728][T15182] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  682.791248][T15182] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  683.370731][T14446] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  683.852657][T14446] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.255696][T14446] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.529496][T14446] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.866942][T14191] Bluetooth: hci1: command tx timeout
[  685.480014][T17709] HfR: entered promiscuous mode
[  685.823274][T14446] bridge_slave_1: left allmulticast mode
[  685.851536][T14446] bridge_slave_1: left promiscuous mode
[  685.879914][T14446] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.922902][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  685.930981][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  685.970462][T14446] bridge_slave_0: left allmulticast mode
[  686.004000][T14446] bridge_slave_0: left promiscuous mode
[  686.040303][T14446] bridge0: port 1(bridge_slave_0) entered disabled state
[  686.950598][T14191] Bluetooth: hci1: command tx timeout
[  687.032829][T14446] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  687.090887][T14446] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  687.142421][T14446] bond0 (unregistering): Released all slaves
[  687.344056][ T5289] 8021q: adding VLAN 0 to HW filter on device eth5
[  687.682540][T14191] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  687.928713][T17673] bridge0: port 1(bridge_slave_0) entered blocking state
[  688.014468][T17673] bridge0: port 1(bridge_slave_0) entered disabled state
[  688.051835][T17673] bridge_slave_0: entered allmulticast mode
[  688.094210][T17673] bridge_slave_0: entered promiscuous mode
[  688.404805][T17673] bridge0: port 2(bridge_slave_1) entered blocking state
[  688.443571][T17673] bridge0: port 2(bridge_slave_1) entered disabled state
[  688.473042][T17673] bridge_slave_1: entered allmulticast mode
[  688.500686][T17673] bridge_slave_1: entered promiscuous mode
[  688.950865][T17673] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  688.999545][T14446] hsr_slave_0: left promiscuous mode
[  689.015753][T14446] hsr_slave_1: left promiscuous mode
[  689.025933][T14446] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  689.036207][T14191] Bluetooth: hci1: command tx timeout
[  689.056878][T14446] batman_adv: batadv0: Removing interface: batadv_slave_0
[  689.072946][T14446] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  689.088950][T14446] batman_adv: batadv0: Removing interface: batadv_slave_1
[  689.115255][T14446] veth0_macvtap: left promiscuous mode
[  689.128717][T14446] veth1_vlan: left promiscuous mode
[  689.141231][T14446] veth0_vlan: left promiscuous mode
[  689.556716][T14446] team0 (unregistering): Port device team_slave_1 removed
[  689.591135][T14446] team0 (unregistering): Port device team_slave_0 removed
[  689.814296][T17673] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  689.853056][ T5289] 8021q: adding VLAN 0 to HW filter on device eth6
[  690.042510][T17673] team0: Port device team_slave_0 added
[  690.101888][T17673] team0: Port device team_slave_1 added
[  690.296916][T17673] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.354895][T17673] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.525588][T17673] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.622905][T17673] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.668462][T17673] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  690.879174][T17673] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  691.107998][T14191] Bluetooth: hci1: command tx timeout
[  691.322412][T17673] hsr_slave_0: entered promiscuous mode
[  691.365483][T17673] hsr_slave_1: entered promiscuous mode
[  691.427044][T17673] debugfs: 'hsr0' already exists in 'hsr'
[  691.476683][T17673] Cannot create hsr debugfs directory
[  692.056000][T14816] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.300136][ T5289] 8021q: adding VLAN 0 to HW filter on device eth7
[  692.575981][T14816] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.908330][T14816] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.149747][T14816] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.500281][T17835] random: crng reseeded on system resumption
[  694.591445][T14816] bridge_slave_1: left allmulticast mode
[  694.615043][T14816] bridge_slave_1: left promiscuous mode
[  694.648203][T14816] bridge0: port 2(bridge_slave_1) entered disabled state
[  694.730841][T14816] bridge_slave_0: left allmulticast mode
[  694.770745][T14816] bridge_slave_0: left promiscuous mode
[  694.790320][T14191] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  694.843984][T14816] bridge0: port 1(bridge_slave_0) entered disabled state
[  695.678239][ T5289] 8021q: adding VLAN 0 to HW filter on device eth8
[  697.037836][T14816] hsr_slave_0: left promiscuous mode
[  697.063669][T14816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  697.107363][T14816] batman_adv: batadv0: Removing interface: batadv_slave_0
[  697.153260][T14816] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  697.194230][T14816] batman_adv: batadv0: Removing interface: batadv_slave_1
[  697.288005][T14816] veth1_vlan: left promiscuous mode
[  697.323769][T14816] veth0_vlan: left promiscuous mode
[  697.989962][T14816] team0 (unregistering): Port device team_slave_1 removed
[  698.074747][T14816] team0 (unregistering): Port device team_slave_0 removed
[  698.213743][T17903] random: crng reseeded on system resumption
[  700.144177][T17673] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  700.205981][T17673] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  700.390254][T17673] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  700.475983][T17673] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  700.515906][T17673] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  700.571353][T17673] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  700.661310][T17673] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  700.724920][T17673] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  701.150186][T17930] Process accounting resumed
[  701.166924][T17673] 8021q: adding VLAN 0 to HW filter on device bond0
[  701.305392][T17673] 8021q: adding VLAN 0 to HW filter on device team0
[  701.389020][T14816] bridge0: port 1(bridge_slave_0) entered blocking state
[  701.396184][T14816] bridge0: port 1(bridge_slave_0) entered forwarding state
[  701.622002][T14816] bridge0: port 2(bridge_slave_1) entered blocking state
[  701.629182][T14816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  703.775637][T18029] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5627] was attempted by "ci-qemu-gce-upstream-auto/syz-executor exec"[18029]
[  703.918044][T17673] 8021q: adding VLAN 0 to HW filter on device batadv0
[  703.974543][T18019] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  704.687823][T17673] veth0_vlan: entered promiscuous mode
[  704.758477][T17673] veth1_vlan: entered promiscuous mode
[  704.890124][T17673] veth0_macvtap: entered promiscuous mode
[  704.933214][T17673] veth1_macvtap: entered promiscuous mode
[  705.168342][T17673] batman_adv: batadv0: Interface activated: batadv_slave_0
[  705.284969][T17673] batman_adv: batadv0: Interface activated: batadv_slave_1
[  705.353414][T14813] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  705.430386][T14813] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  705.483006][T14813] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  705.523807][T14813] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  705.689186][   T30] audit: type=1804 audit(2147483700.573:57): pid=18068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2366" name="/newroot/55/file0" dev="tmpfs" ino=309 res=1 errno=0
[  705.902060][T18068] usb usb35: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  706.000638][T18068] vhci_hcd vhci_hcd.1: invalid port number 47
[  706.058772][T18068] vhci_hcd vhci_hcd.1: SetHubDepth req not supported for USB 2.0 roothub
[  706.501251][T14445] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.534466][T14445] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  706.658476][T14813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  706.684220][T14813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  707.011356][T18089] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2311'.
[  709.024591][T14191] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  709.139167][T18154] futex_wake_op: syz.0.2382 tries to shift op by -2048; fix this program
[  709.778506][T18171] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  711.466833][T18192] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2390'.
[  711.615826][T18192] nbd: must specify at least one socket
[  714.557547][T18256] FAULT_INJECTION: forcing a failure.
[  714.557547][T18256] name failslab, interval 1, probability 0, space 0, times 0
[  714.941861][T18256] CPU: 0 UID: 0 PID: 18256 Comm: syz.2.2395 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  714.941889][T18256] Tainted: [L]=SOFTLOCKUP
[  714.941896][T18256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  714.941905][T18256] Call Trace:
[  714.941911][T18256]  <TASK>
[  714.941918][T18256]  dump_stack_lvl+0x100/0x190
[  714.941940][T18256]  should_fail_ex.cold+0x5/0xa
[  714.941960][T18256]  should_failslab+0xc2/0x120
[  714.941979][T18256]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  714.942003][T18256]  ? create_new_namespaces+0x30/0xac0
[  714.942022][T18256]  ? rcu_is_watching+0x12/0xc0
[  714.942042][T18256]  create_new_namespaces+0x30/0xac0
[  714.942060][T18256]  ? bpf_lsm_capable+0x9/0x10
[  714.942076][T18256]  ? security_capable+0x80/0x260
[  714.942100][T18256]  unshare_nsproxy_namespaces+0xf2/0x220
[  714.942121][T18256]  ksys_unshare+0x438/0xab0
[  714.942144][T18256]  ? __pfx_ksys_unshare+0x10/0x10
[  714.942164][T18256]  ? xfd_validate_state+0x129/0x190
[  714.942185][T18256]  __x64_sys_unshare+0x31/0x40
[  714.942206][T18256]  do_syscall_64+0x10b/0xf80
[  714.942225][T18256]  ? clear_bhb_loop+0x40/0x90
[  714.942243][T18256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.942259][T18256] RIP: 0033:0x7f3cc459cdd9
[  714.942273][T18256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  714.942287][T18256] RSP: 002b:00007f3cc54a9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  714.942302][T18256] RAX: ffffffffffffffda RBX: 00007f3cc4816180 RCX: 00007f3cc459cdd9
[  714.942312][T18256] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  714.942321][T18256] RBP: 00007f3cc4632d69 R08: 0000000000000000 R09: 0000000000000000
[  714.942329][T18256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  714.942338][T18256] R13: 00007f3cc4816218 R14: 00007f3cc4816180 R15: 00007ffc0c3de758
[  714.942357][T18256]  </TASK>
[  715.746016][T18257] kexec: Could not allocate control_code_buffer
[  715.847654][T18285] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  715.876520][T18285] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  715.912224][T18285] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  715.926973][T18285] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  716.066170][T18285] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  716.116838][T18285] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  716.162909][T18285] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  716.960035][T18313] random: crng reseeded on system resumption
[  717.229124][T18313] hub 1-0:1.0: USB hub found
[  717.313323][T18313] hub 1-0:1.0: 1 port detected
[  717.640259][T18313] netlink: 'syz.1.2406': attribute type 33 has an invalid length.
[  717.922709][T15182] Bluetooth: hci5: command 0x0c1a tx timeout
[  717.929700][T14191] Bluetooth: hci2: command 0x0c1a tx timeout
[  717.936122][T15182] Bluetooth: hci0: command 0x0c1a tx timeout
[  718.081851][T15182] Bluetooth: hci1: command 0x0c1a tx timeout
[  719.945763][T18391] netlink: 326 bytes leftover after parsing attributes in process `syz.5.2418'.
[  720.001732][T18393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2419'.
[  720.014777][T15182] Bluetooth: hci5: command 0x0c1a tx timeout
[  720.149801][T18395] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2415'.
[  720.163677][T15182] Bluetooth: hci1: command 0x0c1a tx timeout
[  721.397901][T18407] .^: entered promiscuous mode
[  721.410701][T18410] nbd: must specify at least one socket
[  722.243477][T15182] Bluetooth: hci1: command 0x0c1a tx timeout
[  723.747171][T18456] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2432'.
[  723.927777][T18456] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  723.985042][T18456] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  724.021640][T18456] bond0 (unregistering): Released all slaves
[  724.299657][T18468] nvme_fabrics: unknown parameter or missing value 'û@è' in ctrl creation request
[  724.360152][T18374] kexec: Could not allocate control_code_buffer
[  724.650498][T18379] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  726.148057][T14169] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  726.170062][T14169] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  726.185359][T14169] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  726.202862][T14169] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  726.210406][T14169] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  726.563445][T18505] FAULT_INJECTION: forcing a failure.
[  726.563445][T18505] name failslab, interval 1, probability 0, space 0, times 0
[  726.749360][T18505] CPU: 0 UID: 0 PID: 18505 Comm: syz.5.2442 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  726.749386][T18505] Tainted: [L]=SOFTLOCKUP
[  726.749391][T18505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  726.749400][T18505] Call Trace:
[  726.749406][T18505]  <TASK>
[  726.749413][T18505]  dump_stack_lvl+0x100/0x190
[  726.749435][T18505]  should_fail_ex.cold+0x5/0xa
[  726.749457][T18505]  ? acpi_ex_allocate_name_string+0x8c/0x340
[  726.749477][T18505]  should_failslab+0xc2/0x120
[  726.749494][T18505]  __kmalloc_noprof+0xe0/0x850
[  726.749522][T18505]  acpi_ex_allocate_name_string+0x8c/0x340
[  726.749545][T18505]  acpi_ex_get_name_string+0x322/0xb90
[  726.749567][T18505]  ? __pfx_acpi_ex_get_name_string+0x10/0x10
[  726.749593][T18505]  acpi_ds_create_operand+0x3fd/0xc20
[  726.749610][T18505]  ? __pfx_acpi_ds_create_operand+0x10/0x10
[  726.749626][T18505]  ? acpi_ut_trace_ptr+0x1d2/0x2a0
[  726.749645][T18505]  ? __pfx_acpi_ut_trace_ptr+0x10/0x10
[  726.749662][T18505]  ? __pfx_acpi_ns_lookup+0x10/0x10
[  726.749681][T18505]  ? acpi_ut_track_stack_ptr+0x114/0x180
[  726.749702][T18505]  acpi_ds_evaluate_name_path+0x158/0x4a0
[  726.749719][T18505]  ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10
[  726.749737][T18505]  ? acpi_ps_get_next_namepath+0x1f6/0xa10
[  726.749753][T18505]  ? acpi_ut_trace_ptr+0x1d1/0x2a0
[  726.749773][T18505]  acpi_ds_exec_end_op+0xb78/0x1e60
[  726.749792][T18505]  ? __pfx_acpi_ds_exec_end_op+0x10/0x10
[  726.749808][T18505]  acpi_ps_parse_loop+0x5dd/0x24a0
[  726.749830][T18505]  ? __pfx_acpi_ps_parse_loop+0x10/0x10
[  726.749846][T18505]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  726.749868][T18505]  ? acpi_ut_create_thread_state+0x6d/0x170
[  726.749891][T18505]  acpi_ps_parse_aml+0x81e/0x1120
[  726.749912][T18505]  acpi_ps_execute_method+0x5c4/0xe90
[  726.749935][T18505]  acpi_ns_evaluate+0x640/0x1670
[  726.749959][T18505]  acpi_evaluate_object+0x420/0xe00
[  726.749974][T18505]  ? kasan_save_stack+0x30/0x50
[  726.749988][T18505]  ? kasan_save_track+0x14/0x30
[  726.750001][T18505]  ? __kasan_kmalloc+0xaa/0xb0
[  726.750014][T18505]  ? __kvmalloc_node_noprof+0x360/0xa00
[  726.750031][T18505]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  726.750046][T18505]  ? lock_acquire+0x1b1/0x370
[  726.750065][T18505]  acpi_evaluate_integer+0xdf/0x220
[  726.750087][T18505]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  726.750125][T18505]  ? __pfx_status_show+0x10/0x10
[  726.750140][T18505]  status_show+0xa0/0x120
[  726.750156][T18505]  ? __pfx_status_show+0x10/0x10
[  726.750176][T18505]  dev_attr_show+0x52/0xa0
[  726.750195][T18505]  ? __pfx_dev_attr_show+0x10/0x10
[  726.750213][T18505]  sysfs_kf_seq_show+0x217/0x3a0
[  726.750231][T18505]  seq_read_iter+0x32f/0x1270
[  726.750246][T18505]  ? lock_acquire+0x1b1/0x370
[  726.750268][T18505]  kernfs_fop_read_iter+0x46c/0x610
[  726.750290][T18505]  ? rw_verify_area+0xce/0x6d0
[  726.750304][T18505]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  726.750330][T18505]  vfs_read+0x825/0xb30
[  726.750349][T18505]  ? __pfx_vfs_read+0x10/0x10
[  726.750378][T18505]  ksys_read+0x12a/0x250
[  726.750394][T18505]  ? __pfx_ksys_read+0x10/0x10
[  726.750412][T18505]  ? rcu_is_watching+0x12/0xc0
[  726.750433][T18505]  do_syscall_64+0x10b/0xf80
[  726.750452][T18505]  ? clear_bhb_loop+0x40/0x90
[  726.750471][T18505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.750487][T18505] RIP: 0033:0x7f706499cdd9
[  726.750501][T18505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  726.750516][T18505] RSP: 002b:00007f70658e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  726.750531][T18505] RAX: ffffffffffffffda RBX: 00007f7064c16090 RCX: 00007f706499cdd9
[  726.750542][T18505] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[  726.750552][T18505] RBP: 00007f7064a32d69 R08: 0000000000000000 R09: 0000000000000000
[  726.750561][T18505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  726.750571][T18505] R13: 00007f7064c16128 R14: 00007f7064c16090 R15: 00007ffd12281e18
[  726.750591][T18505]  </TASK>
[  726.750625][T18505] ACPI Error: Could not allocate size 7 (20251212/exnames-68)
[  728.326379][T14169] Bluetooth: hci3: command tx timeout
[  728.650203][T18505] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529)
[  729.929456][T14444] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  730.211072][T14444] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  730.409135][T14169] Bluetooth: hci3: command tx timeout
[  730.446231][T14444] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  730.612950][T14444] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  731.023689][   T30] audit: type=1804 audit(2147483725.900:58): pid=18545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2451" name="/newroot/86/file0" dev="tmpfs" ino=472 res=1 errno=0
[  731.149531][   T30] audit: type=1804 audit(2147483725.950:59): pid=18548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2451" name="/newroot/86/file0" dev="tmpfs" ino=472 res=1 errno=0
[  732.061538][T18566] zswap: compressor  not available
[  732.244413][T18499] bridge0: port 1(bridge_slave_0) entered blocking state
[  732.290615][T18499] bridge0: port 1(bridge_slave_0) entered disabled state
[  732.330551][T18499] bridge_slave_0: entered allmulticast mode
[  732.366460][T18499] bridge_slave_0: entered promiscuous mode
[  732.435595][T14444] bridge_slave_1: left allmulticast mode
[  732.462871][T14444] bridge_slave_1: left promiscuous mode
[  732.489627][T14169] Bluetooth: hci3: command tx timeout
[  732.505908][T14444] bridge0: port 2(bridge_slave_1) entered disabled state
[  732.562952][T14444] bridge_slave_0: left allmulticast mode
[  732.591446][T14444] bridge_slave_0: left promiscuous mode
[  732.624627][T14444] bridge0: port 1(bridge_slave_0) entered disabled state
[  733.477887][T14444] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  733.533968][T14444] bond0 (unregistering): Released all slaves
[  733.625509][T18499] bridge0: port 2(bridge_slave_1) entered blocking state
[  733.681509][T18499] bridge0: port 2(bridge_slave_1) entered disabled state
[  733.715517][T18499] bridge_slave_1: entered allmulticast mode
[  733.744837][T18499] bridge_slave_1: entered promiscuous mode
[  733.775215][ T5289] 8021q: adding VLAN 0 to HW filter on device eth9
[  733.823735][T14444] HfR: left promiscuous mode
[  733.920644][T18590] kexec: Could not allocate control_code_buffer
[  734.212571][T18499] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  734.359138][T14444] i: left promiscuous mode
[  734.563463][T18499] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  734.574069][T14169] Bluetooth: hci3: command tx timeout
[  735.192491][T18610] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2460'.
[  735.286877][T18613] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2460'.
[  735.702370][T18499] team0: Port device team_slave_0 added
[  735.755944][T18499] team0: Port device team_slave_1 added
[  736.288482][T18499] batman_adv: batadv0: Adding interface: batadv_slave_0
[  736.319412][T18499] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  736.443326][T18499] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  736.485597][ T5289] 8021q: adding VLAN 0 to HW filter on device eth10
[  736.586113][T18499] batman_adv: batadv0: Adding interface: batadv_slave_1
[  736.628189][T18499] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  736.733920][T18499] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  736.806932][T18625] FAULT_INJECTION: forcing a failure.
[  736.806932][T18625] name failslab, interval 1, probability 0, space 0, times 0
[  737.036688][T18625] CPU: 0 UID: 0 PID: 18625 Comm: syz.0.2461 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  737.036715][T18625] Tainted: [L]=SOFTLOCKUP
[  737.036721][T18625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  737.036730][T18625] Call Trace:
[  737.036735][T18625]  <TASK>
[  737.036742][T18625]  dump_stack_lvl+0x100/0x190
[  737.036764][T18625]  should_fail_ex.cold+0x5/0xa
[  737.036784][T18625]  should_failslab+0xc2/0x120
[  737.036802][T18625]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  737.036825][T18625]  ? jbd2__journal_start+0x194/0x6a0
[  737.036849][T18625]  jbd2__journal_start+0x194/0x6a0
[  737.036871][T18625]  __ext4_journal_start_sb+0x36d/0x670
[  737.036887][T18625]  ? ext4_do_writepages+0xc21/0x3f20
[  737.036905][T18625]  ext4_do_writepages+0xc21/0x3f20
[  737.036920][T18625]  ? do_raw_spin_lock+0x128/0x260
[  737.036939][T18625]  ? find_held_lock+0x2b/0x80
[  737.036963][T18625]  ? hrtimer_start_range_ns+0x860/0x1a50
[  737.036992][T18625]  ? __pfx_ext4_do_writepages+0x10/0x10
[  737.037018][T18625]  ? ext4_writepages+0x347/0x790
[  737.037033][T18625]  ext4_writepages+0x347/0x790
[  737.037049][T18625]  ? __pfx_ext4_writepages+0x10/0x10
[  737.037076][T18625]  ? __pfx_ext4_writepages+0x10/0x10
[  737.037092][T18625]  do_writepages+0x278/0x600
[  737.037113][T18625]  ? __pfx_do_writepages+0x10/0x10
[  737.037130][T18625]  ? do_raw_spin_unlock+0x145/0x1e0
[  737.037147][T18625]  ? _raw_spin_unlock+0x28/0x50
[  737.037166][T18625]  filemap_writeback+0x22d/0x2e0
[  737.037186][T18625]  ? __pfx_filemap_writeback+0x10/0x10
[  737.037226][T18625]  ? mt_find+0x45e/0x8e0
[  737.037247][T18625]  ? __pfx_mt_find+0x10/0x10
[  737.037268][T18625]  file_write_and_wait_range+0xcd/0x140
[  737.037292][T18625]  ext4_sync_file+0x358/0xb90
[  737.037308][T18625]  ? __pfx_ext4_sync_file+0x10/0x10
[  737.037321][T18625]  ? __up_read+0x1f0/0x6e0
[  737.037338][T18625]  ? __pfx___up_read+0x10/0x10
[  737.037356][T18625]  ? __do_sys_msync+0x39b/0x590
[  737.037370][T18625]  ? __pfx_ext4_sync_file+0x10/0x10
[  737.037384][T18625]  vfs_fsync_range+0x9b/0x190
[  737.037406][T18625]  __do_sys_msync+0x3ca/0x590
[  737.037423][T18625]  do_syscall_64+0x10b/0xf80
[  737.037441][T18625]  ? clear_bhb_loop+0x40/0x90
[  737.037460][T18625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.037475][T18625] RIP: 0033:0x7fcf4919cdd9
[  737.037489][T18625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  737.037504][T18625] RSP: 002b:00007fcf473b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  737.037519][T18625] RAX: ffffffffffffffda RBX: 00007fcf49416180 RCX: 00007fcf4919cdd9
[  737.037530][T18625] RDX: 0000000400000004 RSI: 01800000000000fe RDI: 000000001ffff000
[  737.037540][T18625] RBP: 00007fcf49232d69 R08: 0000000000000000 R09: 0000000000000000
[  737.037550][T18625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  737.037559][T18625] R13: 00007fcf49416218 R14: 00007fcf49416180 R15: 00007fff18227aa8
[  737.037579][T18625]  </TASK>
[  737.633685][T18625] EXT4-fs (sda1): ext4_do_writepages: jbd2_start: 9223372036854775806 pages, ino 2022; err -12
[  737.989644][T18499] hsr_slave_0: entered promiscuous mode
[  737.998896][T18499] hsr_slave_1: entered promiscuous mode
[  738.764564][T14444] hsr_slave_0: left promiscuous mode
[  738.795883][T14444] hsr_slave_1: left promiscuous mode
[  738.834997][T14444] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  738.894630][T14444] batman_adv: batadv0: Removing interface: batadv_slave_0
[  738.910081][T18647] FAULT_INJECTION: forcing a failure.
[  738.910081][T18647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.925644][T18648] futex_wake_op: syz.0.2465 tries to shift op by -1; fix this program
[  738.959012][T14444] veth1_vlan: left promiscuous mode
[  738.986443][T14444] veth0_vlan: left promiscuous mode
[  739.029492][T18647] CPU: 0 UID: 0 PID: 18647 Comm: syz.2.2466 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  739.029520][T18647] Tainted: [L]=SOFTLOCKUP
[  739.029526][T18647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  739.029536][T18647] Call Trace:
[  739.029541][T18647]  <TASK>
[  739.029548][T18647]  dump_stack_lvl+0x100/0x190
[  739.029570][T18647]  should_fail_ex.cold+0x5/0xa
[  739.029590][T18647]  _copy_from_user+0x2e/0xd0
[  739.029614][T18647]  snd_rawmidi_kernel_write1+0x390/0x7c0
[  739.029646][T18647]  snd_rawmidi_write+0x2dc/0xc60
[  739.029675][T18647]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  739.029698][T18647]  ? __pfx_default_wake_function+0x10/0x10
[  739.029720][T18647]  ? bpf_lsm_file_permission+0x9/0x10
[  739.029734][T18647]  ? security_file_permission+0x76/0x210
[  739.029752][T18647]  ? rw_verify_area+0xce/0x6d0
[  739.029769][T18647]  vfs_write+0x2aa/0x1070
[  739.029785][T18647]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  739.029813][T18647]  ? __pfx_vfs_write+0x10/0x10
[  739.029828][T18647]  ? find_held_lock+0x2b/0x80
[  739.029854][T18647]  ? __fget_files+0x215/0x3d0
[  739.029871][T18647]  ? __fget_files+0x215/0x3d0
[  739.029892][T18647]  ? __fget_files+0x21f/0x3d0
[  739.029914][T18647]  ksys_write+0x1f8/0x250
[  739.029931][T18647]  ? __pfx_ksys_write+0x10/0x10
[  739.029950][T18647]  ? rcu_is_watching+0x12/0xc0
[  739.029969][T18647]  do_syscall_64+0x10b/0xf80
[  739.029989][T18647]  ? clear_bhb_loop+0x40/0x90
[  739.030006][T18647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  739.030022][T18647] RIP: 0033:0x7f3cc459cdd9
[  739.030036][T18647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  739.030051][T18647] RSP: 002b:00007f3cc54eb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  739.030067][T18647] RAX: ffffffffffffffda RBX: 00007f3cc4815fa0 RCX: 00007f3cc459cdd9
[  739.030077][T18647] RDX: 000000100000a3da RSI: 00002000000003c0 RDI: 0000000000000004
[  739.030086][T18647] RBP: 00007f3cc4632d69 R08: 0000000000000000 R09: 0000000000000000
[  739.030095][T18647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  739.030105][T18647] R13: 00007f3cc4816038 R14: 00007f3cc4815fa0 R15: 00007ffc0c3de758
[  739.030124][T18647]  </TASK>
[  739.691205][T18660] zram0: detected capacity change from 0 to 16
[  740.012578][T14444] team0 (unregistering): Port device team_slave_1 removed
[  740.090849][T14444] team0 (unregistering): Port device team_slave_0 removed
[  740.138814][T18660] zswap: compressor  not available
[  740.466890][T14444] smc: removing net device dummy0 with user defined pnetid DUMMY0
[  741.097933][T18688] FAULT_INJECTION: forcing a failure.
[  741.097933][T18688] name failslab, interval 1, probability 0, space 0, times 0
[  741.186035][T18688] CPU: 0 UID: 0 PID: 18688 Comm: syz.5.2471 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  741.186061][T18688] Tainted: [L]=SOFTLOCKUP
[  741.186067][T18688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  741.186077][T18688] Call Trace:
[  741.186083][T18688]  <TASK>
[  741.186089][T18688]  dump_stack_lvl+0x100/0x190
[  741.186112][T18688]  should_fail_ex.cold+0x5/0xa
[  741.186132][T18688]  ? tomoyo_encode2+0xfb/0x3c0
[  741.186149][T18688]  should_failslab+0xc2/0x120
[  741.186167][T18688]  __kmalloc_noprof+0xe0/0x850
[  741.186190][T18688]  ? d_absolute_path+0x136/0x1b0
[  741.186208][T18688]  tomoyo_encode2+0xfb/0x3c0
[  741.186229][T18688]  tomoyo_encode+0x29/0x50
[  741.186246][T18688]  tomoyo_realpath_from_path+0x18c/0x690
[  741.186269][T18688]  tomoyo_path_number_perm+0x23c/0x580
[  741.186284][T18688]  ? tomoyo_path_number_perm+0x22e/0x580
[  741.186301][T18688]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  741.186324][T18688]  ? do_raw_spin_lock+0x128/0x260
[  741.186350][T18688]  ? find_held_lock+0x2b/0x80
[  741.186369][T18688]  ? current_check_access_path+0x269/0x430
[  741.186388][T18688]  ? __pfx_current_check_access_path+0x10/0x10
[  741.186405][T18688]  ? do_raw_spin_unlock+0x145/0x1e0
[  741.186424][T18688]  ? simple_lookup+0x105/0x1d0
[  741.186448][T18688]  tomoyo_path_mknod+0x164/0x190
[  741.186469][T18688]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  741.186491][T18688]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  741.186515][T18688]  security_path_mknod+0x161/0x300
[  741.186535][T18688]  filename_mknodat+0x241/0x7f0
[  741.186565][T18688]  ? __pfx_filename_mknodat+0x10/0x10
[  741.186585][T18688]  ? strncpy_from_user+0x19d/0x2d0
[  741.186603][T18688]  ? do_getname+0x191/0x390
[  741.186627][T18688]  __x64_sys_mknod+0x8f/0xc0
[  741.186647][T18688]  do_syscall_64+0x10b/0xf80
[  741.186666][T18688]  ? clear_bhb_loop+0x40/0x90
[  741.186685][T18688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  741.186700][T18688] RIP: 0033:0x7f706499cdd9
[  741.186714][T18688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  741.186729][T18688] RSP: 002b:00007f7065905028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  741.186744][T18688] RAX: ffffffffffffffda RBX: 00007f7064c15fa0 RCX: 00007f706499cdd9
[  741.186754][T18688] RDX: 0000000000000044 RSI: 0000000000001001 RDI: 0000200000000040
[  741.186763][T18688] RBP: 00007f7064a32d69 R08: 0000000000000000 R09: 0000000000000000
[  741.186773][T18688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  741.186783][T18688] R13: 00007f7064c16038 R14: 00007f7064c15fa0 R15: 00007ffd12281e18
[  741.186804][T18688]  </TASK>
[  741.186820][T18688] ERROR: Out of memory at tomoyo_realpath_from_path.
[  741.821220][ T5289] 8021q: adding VLAN 0 to HW filter on device eth11
[  744.346634][T18499] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  744.396167][T18499] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  744.507486][T18499] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  744.555411][T18499] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  744.657397][T18499] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  744.695980][T18499] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  744.751913][T18499] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  744.802844][T18499] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  745.499414][T18499] 8021q: adding VLAN 0 to HW filter on device bond0
[  745.594669][T18499] 8021q: adding VLAN 0 to HW filter on device team0
[  745.679161][T14813] bridge0: port 1(bridge_slave_0) entered blocking state
[  745.686482][T14813] bridge0: port 1(bridge_slave_0) entered forwarding state
[  745.773489][T14813] bridge0: port 2(bridge_slave_1) entered blocking state
[  745.780706][T14813] bridge0: port 2(bridge_slave_1) entered forwarding state
[  746.582030][T18805] FAULT_INJECTION: forcing a failure.
[  746.582030][T18805] name failslab, interval 1, probability 0, space 0, times 0
[  746.638757][T18805] CPU: 0 UID: 0 PID: 18805 Comm: syz.0.2486 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  746.638785][T18805] Tainted: [L]=SOFTLOCKUP
[  746.638791][T18805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  746.638800][T18805] Call Trace:
[  746.638806][T18805]  <TASK>
[  746.638812][T18805]  dump_stack_lvl+0x100/0x190
[  746.638834][T18805]  should_fail_ex.cold+0x5/0xa
[  746.638854][T18805]  should_failslab+0xc2/0x120
[  746.638873][T18805]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  746.638896][T18805]  ? security_inode_alloc+0x3b/0x2c0
[  746.638919][T18805]  ? lockdep_init_map_type+0x5c/0x250
[  746.638937][T18805]  security_inode_alloc+0x3b/0x2c0
[  746.638969][T18805]  inode_init_always_gfp+0xcc0/0x1000
[  746.638992][T18805]  alloc_inode+0x8e/0x250
[  746.639016][T18805]  path_from_stashed+0x25b/0x750
[  746.639036][T18805]  ? do_raw_spin_unlock+0x145/0x1e0
[  746.639056][T18805]  ns_get_path+0x60/0x80
[  746.639075][T18805]  proc_ns_get_link+0x121/0x230
[  746.639092][T18805]  ? __pfx_proc_ns_get_link+0x10/0x10
[  746.639110][T18805]  ? atime_needs_update+0x8b/0x6b0
[  746.639126][T18805]  pick_link+0xd17/0x13c0
[  746.639140][T18805]  ? __pfx_proc_ns_get_link+0x10/0x10
[  746.639159][T18805]  step_into_slowpath+0x9ba/0xf90
[  746.639178][T18805]  ? __pfx_step_into_slowpath+0x10/0x10
[  746.639193][T18805]  ? find_held_lock+0x2b/0x80
[  746.639217][T18805]  path_openat+0xf95/0x31a0
[  746.639242][T18805]  ? __pfx_path_openat+0x10/0x10
[  746.639266][T18805]  do_file_open+0x20e/0x430
[  746.639286][T18805]  ? __pfx_do_file_open+0x10/0x10
[  746.639316][T18805]  ? alloc_fd+0x476/0x790
[  746.639335][T18805]  ? do_getname+0x191/0x390
[  746.639358][T18805]  do_sys_openat2+0x10d/0x1e0
[  746.639380][T18805]  ? __pfx_do_sys_openat2+0x10/0x10
[  746.639403][T18805]  ? __fget_files+0x21f/0x3d0
[  746.639423][T18805]  __x64_sys_openat+0x12d/0x210
[  746.639446][T18805]  ? __pfx___x64_sys_openat+0x10/0x10
[  746.639471][T18805]  ? rcu_is_watching+0x12/0xc0
[  746.639491][T18805]  do_syscall_64+0x10b/0xf80
[  746.639509][T18805]  ? clear_bhb_loop+0x40/0x90
[  746.639529][T18805]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.639545][T18805] RIP: 0033:0x7fcf4915d60e
[  746.639558][T18805] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  746.639574][T18805] RSP: 002b:00007fcf473f5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  746.639589][T18805] RAX: ffffffffffffffda RBX: 00007fcf473f66c0 RCX: 00007fcf4915d60e
[  746.639599][T18805] RDX: 0000000000000002 RSI: 00007fcf473f5f90 RDI: ffffffffffffff9c
[  746.639609][T18805] RBP: 00007fcf49232d69 R08: 0000000000000000 R09: 0000000000000000
[  746.639618][T18805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  746.639627][T18805] R13: 00007fcf49416038 R14: 00007fcf49415fa0 R15: 00007fff18227aa8
[  746.639650][T18805]  </TASK>
[  747.139438][T18808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78024
[  747.148366][T18808] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  747.156961][T18808] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  747.164520][T18808] page_type: f5(slab)
[  747.168632][T18808] raw: 00fff00000000040 ffff88801ce938c0 dead000000000100 dead000000000122
[  747.177370][T18808] raw: 0000000000000000 00000008000d000d 00000000f5000000 0000000000000000
[  747.186452][T18808] head: 00fff00000000040 ffff88801ce938c0 dead000000000100 dead000000000122
[  747.195149][T18808] head: 0000000000000000 00000008000d000d 00000000f5000000 0000000000000000
[  747.203942][T18808] head: 00fff00000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  747.212679][T18808] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  747.221520][T18808] page dumped because: unmovable page
[  747.226993][T18808] page_owner tracks the page as allocated
[  747.233266][T18808] page last allocated via order 2, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4995, tgid 4995 (udevadm), ts 32806150297, free_ts 26984040560
[  747.326820][T18808]  post_alloc_hook+0x153/0x170
[  747.331991][T18808]  get_page_from_freelist+0x11a6/0x33b0
[  747.339147][T18808]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  747.345268][T18808]  new_slab+0xa6/0x6c0
[  747.352325][T18808]  refill_objects+0x277/0x420
[  747.362410][T18808]  __pcs_replace_empty_main+0x375/0x650
[  747.393258][T18808]  kmem_cache_alloc_lru_noprof+0x485/0x6e0
[  747.403051][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  747.411050][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  747.423099][T18808]  alloc_inode+0x183/0x250
[  747.441393][T18808]  iget_locked+0x1d9/0x6d0
[  747.457583][T18808]  kernfs_get_inode+0x46/0x470
[  747.473475][T18808]  kernfs_iop_lookup+0x1a7/0x2d0
[  747.492298][T18808]  lookup_open.isra.0+0x631/0x11b0
[  747.520493][T18808]  path_openat+0xa98/0x31a0
[  747.535769][T18808]  do_file_open+0x20e/0x430
[  747.556187][T18808]  do_sys_openat2+0x10d/0x1e0
[  747.579433][T18808]  __x64_sys_openat+0x12d/0x210
[  747.597775][T18808] page last free pid 1 tgid 1 stack trace:
[  747.612650][T18499] 8021q: adding VLAN 0 to HW filter on device batadv0
[  747.636113][T18808]  __free_frozen_pages+0x747/0x1040
[  747.655061][T18808]  free_contig_range+0xda/0x140
[  747.674059][T18808]  destroy_args+0xa8/0x7a0
[  747.688519][T18808]  debug_vm_pgtable+0x1d69/0x3490
[  747.718355][T18808]  do_one_initcall+0x121/0x750
[  747.724039][T18499] veth0_vlan: entered promiscuous mode
[  747.734462][T18808]  kernel_init_freeable+0x6ea/0x7b0
[  747.760807][T18808]  kernel_init+0x1f/0x1e0
[  747.767865][T18499] veth1_vlan: entered promiscuous mode
[  747.777026][T18808]  ret_from_fork+0x72b/0xd50
[  747.789952][T18808]  ret_from_fork_asm+0x1a/0x30
[  748.061098][T18499] veth0_macvtap: entered promiscuous mode
[  748.145696][T18499] veth1_macvtap: entered promiscuous mode
[  748.242446][T18499] batman_adv: batadv0: Interface activated: batadv_slave_0
[  748.318380][T18499] batman_adv: batadv0: Interface activated: batadv_slave_1
[  748.371442][T14444] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  748.404540][T14444] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  748.481616][T14444] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  748.546982][T14444] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  749.108326][T14813] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  749.161853][T14813] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  749.336423][T14813] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  749.387885][T14813] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  752.994496][T18939] ==================================================================
[  752.994514][T18939] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60
[  752.994538][T18939] Read of size 26 at addr ffff888028b9804a by task syz.1.2508/18939
[  752.994551][T18939] 
[  752.994561][T18939] CPU: 0 UID: 0 PID: 18939 Comm: syz.1.2508 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  752.994581][T18939] Tainted: [L]=SOFTLOCKUP
[  752.994586][T18939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  752.994595][T18939] Call Trace:
[  752.994600][T18939]  <TASK>
[  752.994606][T18939]  dump_stack_lvl+0x100/0x190
[  752.994622][T18939]  print_report+0x13d/0x4b0
[  752.994643][T18939]  ? __virt_addr_valid+0x239/0x430
[  752.994668][T18939]  ? fbcon_prepare_logo+0x94e/0xc60
[  752.994686][T18939]  kasan_report+0xdf/0x1d0
[  752.994703][T18939]  ? fbcon_prepare_logo+0x94e/0xc60
[  752.994720][T18939]  kasan_check_range+0x10f/0x1e0
[  752.994739][T18939]  __asan_memcpy+0x23/0x60
[  752.994760][T18939]  fbcon_prepare_logo+0x94e/0xc60
[  752.994779][T18939]  fbcon_init+0x1065/0x1830
[  752.994796][T18939]  visual_init+0x320/0x620
[  752.994814][T18939]  do_bind_con_driver.isra.0+0x636/0x9c0
[  752.994836][T18939]  store_bind+0x609/0x730
[  752.994857][T18939]  ? __pfx_store_bind+0x10/0x10
[  752.994876][T18939]  dev_attr_store+0x58/0x80
[  752.994893][T18939]  ? __pfx_dev_attr_store+0x10/0x10
[  752.994909][T18939]  sysfs_kf_write+0xf2/0x150
[  752.994933][T18939]  kernfs_fop_write_iter+0x3e0/0x5f0
[  752.994952][T18939]  ? __pfx_sysfs_kf_write+0x10/0x10
[  752.994975][T18939]  vfs_write+0x6ac/0x1070
[  752.994991][T18939]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  752.995012][T18939]  ? __pfx_vfs_write+0x10/0x10
[  752.995033][T18939]  ksys_write+0x12a/0x250
[  752.995048][T18939]  ? __pfx_ksys_write+0x10/0x10
[  752.995065][T18939]  ? rcu_is_watching+0x12/0xc0
[  752.995090][T18939]  do_syscall_64+0x10b/0xf80
[  752.995109][T18939]  ? clear_bhb_loop+0x40/0x90
[  752.995126][T18939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.995141][T18939] RIP: 0033:0x7f0ad419cdd9
[  752.995153][T18939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  752.995167][T18939] RSP: 002b:00007f0ad510b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  752.995182][T18939] RAX: ffffffffffffffda RBX: 00007f0ad4415fa0 RCX: 00007f0ad419cdd9
[  752.995197][T18939] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000003
[  752.995207][T18939] RBP: 00007f0ad4232d69 R08: 0000000000000000 R09: 0000000000000000
[  752.995216][T18939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  752.995225][T18939] R13: 00007f0ad4416038 R14: 00007f0ad4415fa0 R15: 00007fffff80c788
[  752.995238][T18939]  </TASK>
[  752.995243][T18939] 
[  752.995247][T18939] Allocated by task 5252:
[  752.995255][T18939]  kasan_save_stack+0x30/0x50
[  752.995268][T18939]  kasan_save_track+0x14/0x30
[  752.995281][T18939]  __kasan_slab_alloc+0x89/0x90
[  752.995294][T18939]  kmem_cache_alloc_noprof+0x241/0x6e0
[  752.995316][T18939]  kmem_alloc_batch+0x49/0x170
[  752.995336][T18939]  debug_objects_fill_pool+0x24d/0x5a0
[  752.995355][T18939]  debug_object_activate+0x103/0x490
[  752.995376][T18939]  __call_rcu_common.constprop.0+0x35/0x9b0
[  752.995389][T18939]  qlist_free_all+0x47/0xf0
[  752.995410][T18939]  kasan_quarantine_reduce+0x1a0/0x1f0
[  752.995422][T18939]  __kasan_slab_alloc+0x69/0x90
[  752.995436][T18939]  kmem_cache_alloc_noprof+0x241/0x6e0
[  752.995458][T18939]  alloc_empty_file+0x5b/0x1c0
[  752.995477][T18939]  path_openat+0xe8/0x31a0
[  752.995494][T18939]  do_file_open+0x20e/0x430
[  752.995510][T18939]  do_sys_openat2+0x10d/0x1e0
[  752.995530][T18939]  __x64_sys_openat+0x12d/0x210
[  752.995550][T18939]  do_syscall_64+0x10b/0xf80
[  752.995566][T18939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.995580][T18939] 
[  752.995584][T18939] The buggy address belongs to the object at ffff888028b98038
[  752.995584][T18939]  which belongs to the cache debug_objects_cache of size 40
[  752.995595][T18939] The buggy address is located 18 bytes inside of
[  752.995595][T18939]  allocated 40-byte region [ffff888028b98038, ffff888028b98060)
[  752.995609][T18939] 
[  752.995617][T18939] The buggy address belongs to the physical page:
[  752.995624][T18939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28b98
[  752.995637][T18939] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  752.995649][T18939] page_type: f5(slab)
[  752.995662][T18939] raw: 00fff00000000000 ffff88813fe4a8c0 dead000000000100 dead000000000122
[  752.995675][T18939] raw: 0000000000000000 0000000800490049 00000000f5000000 0000000000000000
[  752.995683][T18939] page dumped because: kasan: bad access detected
[  752.995690][T18939] page_owner tracks the page as allocated
[  752.995694][T18939] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5252, tgid 5252 (udevd), ts 46758193533, free_ts 46757887414
[  752.995719][T18939]  post_alloc_hook+0x153/0x170
[  752.995738][T18939]  get_page_from_freelist+0x11a6/0x33b0
[  752.995760][T18939]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  752.995783][T18939]  alloc_pages_mpol+0x1fb/0x540
[  752.995797][T18939]  new_slab+0x449/0x6c0
[  752.995815][T18939]  ___slab_alloc+0x346/0x8b0
[  752.995833][T18939]  kmem_cache_alloc_noprof+0x360/0x6e0
[  752.995854][T18939]  kmem_alloc_batch+0x49/0x170
[  752.995873][T18939]  debug_objects_fill_pool+0x24d/0x5a0
[  752.995893][T18939]  debug_object_activate+0x103/0x490
[  752.995913][T18939]  __call_rcu_common.constprop.0+0x35/0x9b0
[  752.995926][T18939]  qlist_free_all+0x47/0xf0
[  752.995947][T18939]  kasan_quarantine_reduce+0x1a0/0x1f0
[  752.995960][T18939]  __kasan_slab_alloc+0x69/0x90
[  752.995973][T18939]  kmem_cache_alloc_noprof+0x241/0x6e0
[  752.995995][T18939]  alloc_empty_file+0x5b/0x1c0
[  752.996014][T18939] page last free pid 5252 tgid 5252 stack trace:
[  752.996022][T18939]  __free_frozen_pages+0x747/0x1040
[  752.996040][T18939]  qlist_free_all+0x47/0xf0
[  752.996060][T18939]  kasan_quarantine_reduce+0x1a0/0x1f0
[  752.996073][T18939]  __kasan_slab_alloc+0x69/0x90
[  752.996086][T18939]  kmem_cache_alloc_noprof+0x241/0x6e0
[  752.996108][T18939]  alloc_empty_file+0x5b/0x1c0
[  752.996133][T18939]  path_openat+0xe8/0x31a0
[  752.996149][T18939]  do_file_open+0x20e/0x430
[  752.996164][T18939]  do_sys_openat2+0x10d/0x1e0
[  752.996207][T18939]  __x64_sys_openat+0x12d/0x210
[  752.996227][T18939]  do_syscall_64+0x10b/0xf80
[  752.996244][T18939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.996258][T18939] 
[  752.996261][T18939] Memory state around the buggy address:
[  752.996268][T18939]  ffff888028b97f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  752.996278][T18939]  ffff888028b97f80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc
[  752.996287][T18939] >ffff888028b98000: 00 00 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00
[  752.996295][T18939]                                                        ^
[  752.996303][T18939]  ffff888028b98080: 00 00 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00
[  752.996313][T18939]  ffff888028b98100: 00 fc fc 00 00 00 00 00 fc fc 00 00 00 00 00 fc
[  752.996320][T18939] ==================================================================
[  753.018328][T18939] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  753.018346][T18939] CPU: 0 UID: 0 PID: 18939 Comm: syz.1.2508 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  753.018368][T18939] Tainted: [L]=SOFTLOCKUP
[  753.018373][T18939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  753.018382][T18939] Call Trace:
[  753.018387][T18939]  <TASK>
[  753.018393][T18939]  dump_stack_lvl+0x100/0x190
[  753.018414][T18939]  vpanic+0x552/0x970
[  753.018428][T18939]  ? __pfx_vpanic+0x10/0x10
[  753.018444][T18939]  ? fbcon_prepare_logo+0x94e/0xc60
[  753.018461][T18939]  panic+0xd1/0xe0
[  753.018474][T18939]  ? __pfx_panic+0x10/0x10
[  753.018488][T18939]  ? fbcon_prepare_logo+0x94e/0xc60
[  753.018503][T18939]  ? preempt_schedule_common+0x42/0xc0
[  753.018526][T18939]  ? check_panic_on_warn+0x1f/0x90
[  753.018541][T18939]  check_panic_on_warn.cold+0x19/0x34
[  753.018557][T18939]  end_report.part.0+0x3a/0x90
[  753.018578][T18939]  kasan_report.cold+0xe/0x18
[  753.018599][T18939]  ? fbcon_prepare_logo+0x94e/0xc60
[  753.018617][T18939]  kasan_check_range+0x10f/0x1e0
[  753.018637][T18939]  __asan_memcpy+0x23/0x60
[  753.018658][T18939]  fbcon_prepare_logo+0x94e/0xc60
[  753.018678][T18939]  fbcon_init+0x1065/0x1830
[  753.018695][T18939]  visual_init+0x320/0x620
[  753.018714][T18939]  do_bind_con_driver.isra.0+0x636/0x9c0
[  753.018737][T18939]  store_bind+0x609/0x730
[  753.018758][T18939]  ? __pfx_store_bind+0x10/0x10
[  753.018776][T18939]  dev_attr_store+0x58/0x80
[  753.018794][T18939]  ? __pfx_dev_attr_store+0x10/0x10
[  753.018811][T18939]  sysfs_kf_write+0xf2/0x150
[  753.018835][T18939]  kernfs_fop_write_iter+0x3e0/0x5f0
[  753.018855][T18939]  ? __pfx_sysfs_kf_write+0x10/0x10
[  753.018878][T18939]  vfs_write+0x6ac/0x1070
[  753.018895][T18939]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  753.018916][T18939]  ? __pfx_vfs_write+0x10/0x10
[  753.018937][T18939]  ksys_write+0x12a/0x250
[  753.018953][T18939]  ? __pfx_ksys_write+0x10/0x10
[  753.018970][T18939]  ? rcu_is_watching+0x12/0xc0
[  753.018988][T18939]  do_syscall_64+0x10b/0xf80
[  753.019007][T18939]  ? clear_bhb_loop+0x40/0x90
[  753.019023][T18939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.019038][T18939] RIP: 0033:0x7f0ad419cdd9
[  753.019050][T18939] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  753.019065][T18939] RSP: 002b:00007f0ad510b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  753.019080][T18939] RAX: ffffffffffffffda RBX: 00007f0ad4415fa0 RCX: 00007f0ad419cdd9
[  753.019090][T18939] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000003
[  753.019100][T18939] RBP: 00007f0ad4232d69 R08: 0000000000000000 R09: 0000000000000000
[  753.019109][T18939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  753.019118][T18939] R13: 00007f0ad4416038 R14: 00007f0ad4415fa0 R15: 00007fffff80c788
[  753.019132][T18939]  </TASK>
[  753.019198][T18939] Kernel Offset: disabled