last executing test programs:

6m58.479750401s ago: executing program 3 (id=3617):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000)
setsockopt$auto(r0, 0x6, 0x22, 0x0, 0x6)

6m57.953984743s ago: executing program 3 (id=3620):
mmap$auto(0x0, 0x402200d, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c0000000869f110107fbe95a83efdf117893a7545e564abd4e38e4372b45b61fe9c0ec6780b49a5058152b9bc3e4446f8c8f6330c2b0994846b8c643a5ad191defe7d78b4a6db8b9026b0b73c0dc21191fd1e66119b7834241edc513b5db1b98324b66b56e4a83ad3b3d0129bac4d340abcf21b84b428293cce5262eb92d1613e179607c61ee6f656f58999fc9f36f695ac75bcc81de02e2de5d5d44d04e8f24e30d99aa95e5f644e9a143d02637e27fdaf8fe154573d0141322ad15c222b36ad", @ANYRES16=0x0, @ANYBLOB="010329bd700002dcdf25050000000c00010005000000000000000c0001000000010000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
close_range$auto(0x2, 0xa, 0x0)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000ffdbdf25050000000c00010002000000000000000c00010004"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0xd0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getrusage$auto(0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0)
r0 = socket(0x11, 0x4, 0x300)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
socket(0xa, 0x801, 0x80)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = socket(0x2b, 0x1, 0x1)
getsockopt$auto(r1, 0x0, 0x80, 0x0, 0x0)
setsockopt$auto(0x3, 0x6, 0xc, 0x0, 0xfb3)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24084005)
ioctl$auto(0x3, 0x4020aeb2, 0x38)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)

6m57.047922969s ago: executing program 3 (id=3626):
setitimer$auto(0x1, &(0x7f0000000000)={{0x2, 0x4}, {0x5, 0x6}}, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/0000:00:04.0/enable\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000840)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x9c\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2\x96\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf0L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb\xe4\xe2\xf4(\x05\xf6g5\x1f\xa0\x8e\xeb\xc0\x84\x80^\xff\x99m\x99\x1b\xd0\xf3\x00Z\xf3}\xc4\xb0_\xde\f\xfeR=\x88\xbe\xeda\xfc\x17\x85\x107u\x00\x00\x00\x00\x00\x00\x00', 0x5f5)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
socket(0xa, 0x2, 0x0)
r1 = socket(0x18, 0x5, 0x1)
connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a)

6m56.004685478s ago: executing program 3 (id=3627):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_KSMBD_EVENT_SHARE_CONFIG_REQUEST(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r1, 0x609d6a47fc5a377, 0x70bd2b, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x4000800)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/028/001\x00', 0x400, 0x0)
read$auto_usbdev_file_operations_usb(r2, &(0x7f0000000180)=""/38, 0x26)
r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$auto_VHOST_SET_LOG_FD2(r3, 0x4004af07, &(0x7f0000000080))
shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0x7)

6m55.7897377s ago: executing program 3 (id=3628):
r0 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x12b002, 0x0)
write$auto(r0, 0x0, 0x1a)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
shmctl$auto_IPC_INFO(0x0, 0x3, &(0x7f0000000800)={{0x3, <r2=>0xffffffffffffffff, <r3=>0xee01, 0x80000001, 0xfffffffd, 0x7fffffff, 0x46}, 0x101, 0x9, 0x9, 0x6, @raw=0x7, @raw=0x7ff, 0x100, 0x0, &(0x7f0000000600)="112313300344730339baab1c197412c5819a36ccbf0a050016cfb1976a51106549c29f7476b266155076b44318730e93922d11dde80d9feffe91a75372367cb16bede07716ec3a6659f5fbacfcf69e69f88ef7126e94cf64b4cbb8e81e1252f2c9065956523cad0223430f60d83a7e497af5d81ef34e8a60d50e2073b7321dc5cea98ee9d8e5c3c3b617436085e9c20e105bb5f18a90a139737eb9c3373687518cbc5de873429e18ed2cad75f10aa67b31597b505cd16465fd7fb2de7b9ebf2b3ea5545ca369e7288cfc746358caeac028cef1a9", &(0x7f0000000700)="5667086c0daea99e9e2c4829813d7de765055195482a0a3f27ab8680862421aa477e5fc1f5e2270269eb751b4eae57f4da6357cd5ce9050b7619989476d42ad5018146eab6717bec6b778f1c66c829ff6036bf83b38382a23f9fb398a3b384fee644f03731b4c03f59a8cb6da9110820c5f07f9d1050b49afb80160664a1f4c7f6d397dfc1c2ec085d19161ca7ac188cc15aa06330fafccc6e9e76225218cc2606201202b4110f55f28fa9d2301c032ae668eded876ea8274ba1bf921b4f18ef95d000f1a6a4820d01"})
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg1\x00', 0x2000, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d00)=ANY=[@ANYBLOB="7c040000", @ANYRES8, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="1400c100fe8000000000000000000000000000bb040002808f01028097b786072666f45411770b9d8908000a00e00000010800448004007b808d003680639864502b25c9223825da2b02fb6d32c1e46910db98ba8c416a3ceb815c27d25e282b9db5d399e0ff22bd5a908a2bdf6c0048952466941e8d77add3cc885b1144b1d1dd505b6ea06514b3266a55b99bf8b0fe53d114c1e934847c329145d4bbaab16fd37aae3a4f60a0cbd7319c96e38c0dbee6e256b6c775cf7583840c00d0000600000000000000000000dd852fda44009c027fe14a5523868174a7862ac825550741d83b9280cd23280d38d05c941bb5c7c87d491fdac1c0641476455069484c0665710982ca447801963d31c450a2c0b613b45ac1f89e133baa53ffab1930cad5bfc3320118191d0f77b10f72f94a1748cf55c67ab257bbf6b5150572bf5ed45721d4e0fb6d2cc6d9d95be8c8dd1a0405b78c4e1c6422bebf13b1ac211e442e9afd926867963365e9fb4b6a9062e731e337be8d055d63c570ad70eabfe03d8bf5bf0aee11b08185dd41c3f35d99c7fe91c37413c3e40c68eb6dd5a252ed7b61dbebcf7ff7fd633f00a40203800c0055000800000000000000960147801afa849f88c2cf4ebdfbe56beed4d427e4555c1b7242e720fa608bf7002c5f8ecb2b5fd8a43691c4fb8d9241c57e2f8cf4e6632f5fbb252c2332450f41cc04f9d7930d32fa752b629baa907529fb41338b210d57a2bdd624880dbad7eea477c709a1410ec10db2221afcfd662565c30660301b3599ad4be2e2a424c7aed09bc324b3b1f08981c9d78422769dacbf9991a58b5acac4b2ca92574a45fffd44716508c38af729db01297487b219964bb4b7e343507979ee7b49587b973b23bf31f130693099c459b6e2db46684388892a7327ae73c2f2b5e0c5af8d85bb0f8a28b170e4a01a2d2fe884645bbfd6dcb9f0025a3970a0ce377c50e3be033ce553e6e90604e338b4b941f1431e1f8f314c0776e67a74924e46ba5e24fdfabdad110c8f2c81471462c4652476ea34f173162df7ff6eede8b39fd87d2ee25f5db02f53520066ff5f6f0fa6e5acce27241549f29f9d70035d6b9e552991d0a3a5472f06c8780d2621532308005a00ac1414bb07000000407b00001c009c800800ec00", @ANYRES32=r2, @ANYBLOB="10003d800400b88008009000e0000002000008002d00008000000d0039007bcc233911eb555c5b00000008005a00", @ANYRES32=r1, @ANYBLOB="70893738429e35969e16cd2fa7045dfac651b92674a8b9c8315d72ac8151556ceea88799ac6159e8029b7bfee9f58cedb4c6963ef7ac0c2558fa4535d8fa223ba5c0514cc010c6d2e99247dad860d9e04ead395e915f620e2fd26e157cc229d78970154692f9722a00eff2075f56322be1edccc05696ca40dfe00cac62f9d45a5e9f959fb17183f1a521cda7695d0d6b7549e5d609678c1695bfa12993bee14585c87579c6058f2e9358b74d5c48f75256268edd47df82b9e84af72af65efd5b106b0b85179a593215d8787262d10d32208fc179f2f54d21087320c4"], 0x47c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_BATADV_CMD_TP_METER(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000326bd7017fddbdf250200000008002700080000001800aaaa8aaaaabb0000"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
madvise$auto(0x0, 0xff7fffffffff0001, 0x15)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0)
semctl$auto_GETALL(0x2, 0x1, 0xd, 0x4)

6m52.231088089s ago: executing program 3 (id=3649):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40401, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d04, 0x0)
r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0)
r2 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
pread64$auto(r2, 0x0, 0xf8b, 0x4)
read$auto_dvb_dvr_fops_dmxdev(r1, 0x0, 0x0)
r3 = getpid()
r4 = gettid()
rt_tgsigqueueinfo$auto(r3, r4, 0x21, 0x0)
r5 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000000)={@siginfo_0_0={0x5, 0xcac, 0x100, @_kill={0xffffffffffffffff, 0xee00}}}, 0x400, &(0x7f0000000080)={{0x10000, 0x24}, {0x0, 0x298}, 0x1, 0x5, 0x1000, 0x3, 0x4f22, 0x1, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0, 0x100000000})
rt_tgsigqueueinfo$auto(r4, r5, 0x8001, &(0x7f0000000140)={@_si_pad})

6m37.223966798s ago: executing program 32 (id=3649):
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40401, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x40043d04, 0x0)
r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0)
r2 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
pread64$auto(r2, 0x0, 0xf8b, 0x4)
read$auto_dvb_dvr_fops_dmxdev(r1, 0x0, 0x0)
r3 = getpid()
r4 = gettid()
rt_tgsigqueueinfo$auto(r3, r4, 0x21, 0x0)
r5 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000000)={@siginfo_0_0={0x5, 0xcac, 0x100, @_kill={0xffffffffffffffff, 0xee00}}}, 0x400, &(0x7f0000000080)={{0x10000, 0x24}, {0x0, 0x298}, 0x1, 0x5, 0x1000, 0x3, 0x4f22, 0x1, 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0, 0x100000000})
rt_tgsigqueueinfo$auto(r4, r5, 0x8001, &(0x7f0000000140)={@_si_pad})

3m2.450201304s ago: executing program 0 (id=4347):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x848000000015, 0x805, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55)
keyctl$auto(0x5, 0xffffffffffffffff, 0x5, 0x5, 0x8)
r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r3, &(0x7f0000000380)='/proc/scsi/sg/devices\x00', 0x100000001, 0x100)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, 0x0, 0x0)
sendmmsg$auto(r1, &(0x7f0000000440)={{&(0x7f0000000100)="01cc93c62f3fcc1783b2a0d95a1ef299307e4736d7132e415d1742a1ef8e7dc261320b10cd72f3799946868aef41df85eda9d6d05e0146a3333120ab99c91f965d7096e6cd2c094b147a608e08345b7ff0c7d7a61d9eb9935cd1de42f1a7a37250affa0073a347bf52878bb851df9c48dd4bae533f", 0x8, &(0x7f00000003c0)={&(0x7f0000000180)="a533a87d80fbcdf6026fa82e6f211b265550c6b29259291d39e99275ce4851cb4c049efaa5000da0dfb4691182b0dda083307bd5719af796a70288c2709d6487936a4e5f5875b2c4c6a4509e86fa40e1d22bfce992af2910b287f00b57a18e06511bfc95", 0xc4a}, 0x7ede4b9a, &(0x7f0000000400), 0xa, 0x1}, 0xfb}, 0x0, 0x3)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x1, 0x106)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={r2, &(0x7f0000000100), 0xffffffff, &(0x7f0000000000)="0c54893d92c8e14117e7c244a0e9219e586449e72bdc6a0bfb01a1f634512364b048e46d75c95f7795f96638335e65b4cd218823f9da2b006f7fd5a6af69cada86dfdeffac550e0945263002a823b78b424ff4a3f6d591f36f73e0cc9f398b7b8f3b1379c0", 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0d1849a1cadfb21967ba4c681dbcd241d57", &(0x7f0000000240)=0x4})

3m2.22282697s ago: executing program 0 (id=4348):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x2, 0x7, 0x48, 0x7ff, 0x5, 0x7, 0x4, 0x6, 0x8, 0x3, 0x5, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x800000, 0x7, 0x8, 0x200, 0xfffffffd, 0x84, 0x0, 0x6, 0x2, 0x0, 0x0, [0x0, 0x1ff, 0x1, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x8003, 0x4000000, 0x0, 0x0, 0x0, 0x10000000000000, 0x0, 0x0, 0x0, 0x20000000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xec4e, 0x0, 0x8000000000000001, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9a]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x24, 0x4008)
sched_getscheduler$auto(0x0)

3m1.795695245s ago: executing program 0 (id=4351):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000004300)=""/108, 0x6c)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
r1 = io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x4, 0x5, 0x8, 0xffffffffffffffff, [0x4000000], {0xd74c, 0x10000, 0x1, 0x29f, 0x100, 0x1003, 0x101, 0x6, 0x2}, {0xfb, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x176c5, 0x480005, 0x100000005}})
io_uring_enter$auto(r1, 0x9, 0x820e, 0x6, 0x0, 0x18)
r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x40043d14, 0x0)
keyctl$auto_KEY_REQKEY_DEFL_NO_CHANGE(0x5, 0xffffffffffffffff, 0x0, 0x0, 0x2)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/snmp6\x00', 0x400, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
io_uring_register$auto(r3, 0x2, &(0x7f0000000180)="67b7765ceb471f5baaad68977f10ce6c3af58e227d742e28d3900fdbdede02c2aff6ff4c2f797f25ec78356641cfbf25f18597a8ca2bcc93818a3617b28d083aa31a428e133029c665aee4f35bba714f918f0722b50892677bfd346eef6d70c6965c8c2dc7644abf65cab205c96b1dca271979eaae2fd2eb94de7fedc54b42e481e6372345ba5590bbb55a13de517e0b091cdc0d9a5f5b71d5c60477e342764a112ba8f7fdbbe6a58d7082e9ec753456af6f", 0x2)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x82802, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x4802, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x3)
mlock$auto(0x112, 0x80006)
mlockall$auto(0x800000000000005)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
statx$auto(0xffffffffffffffff, 0x0, 0x2, 0x8001, &(0x7f0000000300)={0x7, 0x1, 0xfffffffffffffff9, 0x7, 0x0, 0xffffffffffffffff, 0x6, 0x0, 0x80000403, 0x1, 0x5, 0x1fc, {0x8001, 0xfb44}, {0x5, 0x28}, {0xffffffffffffffff, 0x1ff}, {0xffffffffffffff60, 0x9}, 0x2, 0x5, 0x80000000, 0x17e9, 0x709c, 0x101, 0x6, 0x4000000004, 0x8, 0x5, 0xb6a, 0xdfc, [0xe33, 0x2, 0x10000080000001, 0x4, 0xffffffff, 0x1c9fb31b, 0xfffffffffffffffa, 0xe, 0x3]})
setpriority$auto(0x4, 0x0, 0x5)
mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x5, 0x4)
get_robust_list$auto(0x0, 0x0, 0x0)

3m0.513332396s ago: executing program 0 (id=4355):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1000200)
fsync$auto(r0)

3m0.216405361s ago: executing program 0 (id=4356):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0)
socket(0x1, 0x5, 0x0)
bind$auto(0x3, 0x0, 0x6b)
bind$auto(0x3, 0x0, 0x6a)

2m59.951076937s ago: executing program 0 (id=4358):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
msgctl$auto_MSG_STAT(0x8001, 0xb, &(0x7f0000001600)={{0x2, 0xee01, 0x0, 0x3, 0xb, 0x3, 0xcd8e}, &(0x7f00000001c0)=0xfb, &(0x7f00000002c0), 0x8, 0x356, 0x3, 0x800000000000000, 0x2, 0x3, 0xffff, 0x1000, @raw=0x389})
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
ioctl$auto_FS_IOC_GET_ENCRYPTION_NONCE2(r1, 0x8010661b, &(0x7f0000000180)="7791c0b8356eb4d039d95f9059f20f56")
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x11, 0x80003, 0x300)

2m45.422367511s ago: executing program 4 (id=4403):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x40881, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/memfd_noexec\x00', 0x2, 0x0)
read$auto_proc_sys_file_operations_proc_sysctl(r0, &(0x7f0000000000)=""/39, 0x27)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$auto(r1, 0x80a86f3d, 0x38)

2m44.703043719s ago: executing program 33 (id=4358):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r4 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
msgctl$auto_MSG_STAT(0x8001, 0xb, &(0x7f0000001600)={{0x2, 0xee01, 0x0, 0x3, 0xb, 0x3, 0xcd8e}, &(0x7f00000001c0)=0xfb, &(0x7f00000002c0), 0x8, 0x356, 0x3, 0x800000000000000, 0x2, 0x3, 0xffff, 0x1000, @raw=0x389})
write$auto_proc_uid_map_operations_base(r4, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/free_buffer\x00', 0x24001, 0x0)
socket(0x2, 0x3, 0xa)
ioctl$auto_FS_IOC_GET_ENCRYPTION_NONCE2(r1, 0x8010661b, &(0x7f0000000180)="7791c0b8356eb4d039d95f9059f20f56")
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x11, 0x80003, 0x300)

2m43.948047677s ago: executing program 4 (id=4406):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x7f, 0x8000) (async)
getcwd$auto(0x0, 0xffffffffffffffff) (async)
mount_setattr$auto(0x5, 0x0, 0x0, &(0x7f0000000640)={0x1, 0x9, 0x80000, @inferred=<r0=>0xffffffffffffffff}, 0x283)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ifb0/dev_id\x00', 0x80400, 0x0)
r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0)
ioctl$auto(r2, 0x400454d4, 0xffffffffffffffff) (async, rerun: 64)
write$auto(r1, &(0x7f0000000280)='\adev/audio\x921\r$D\xa8g\xe8$n\xeep\xd9\xdbU\x87M\xe3}\x1a\xdf\xec\x94Y\xc3\xcf\xb0\xa4\x90\xdat\x16\x03\xf16\x16W\xff\x03\xd2^\x00p\xb3\xfc\x9e&FZ\x1b\aFr\xc6\x92', 0x2) (async, rerun: 64)
ioctl$auto_MEMGETREGIONINFO(r0, 0xc0104d08, &(0x7f0000000080)={0xa9, 0x6, 0x9480, 0x2})

2m43.647649441s ago: executing program 4 (id=4408):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x802, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
sendfile$auto(0x1, r1, 0x0, 0x8fb5)
dup2$auto(0x0, 0x3)
ioctl$auto(0x3, 0x5760, 0x10000000000402)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3)
prctl$auto(0x4, 0x2, 0x0, 0x7fffffff, 0x0)
madvise$auto(0x110d230000, 0x1, 0x9)
write$auto(0xffffffffffffffff, 0x0, 0x80000000000)
listen$auto(0x3, 0x81)

2m43.017695255s ago: executing program 4 (id=4410):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x20340, 0x0)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmstat\x00', 0x20000, 0x0)
pread64$auto(r0, &(0x7f00000002c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x00\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\x11\x04\x8b?$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq', 0x100003ffd, 0x6)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001480)='/proc/self/net/rxrpc/locals\x00', 0x40, 0x0)
pread64$auto(r1, 0x0, 0x200000000003, 0x8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
rseq$auto(&(0x7f0000000240)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2, "a33e00ea8dd52198dcc7ad8c35dee4f83c6409b4d3bb1e77263f1a399cef7c0acb24df40817ad357a1f6fc59a5d77374c2cfec2f05eee078ba"}, 0x8000, 0x0, 0x8000006)
sysfs$auto(0x2d, 0x261, 0x4009)
mmap$auto(0x3, 0x20004, 0x200, 0x13, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyed\x00', 0x400, 0x0)
ioctl$auto(r3, 0x545c, r0)
socketcall$auto_SYS_ACCEPT(0x5, &(0x7f0000000000)=0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'wg0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, 0x0, 0x4000080)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r4, 0x0, 0x6044805)
ioctl$auto_TIOCMSET2(r3, 0x5418, &(0x7f0000000100)="d1e5e2067b00d5")
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2m42.506740578s ago: executing program 4 (id=4412):
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
syz_clone(0x40000000, 0x0, 0x25, 0x0, 0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
mkdir$auto(&(0x7f0000000280)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0)
utime$auto(&(0x7f0000000100)='}[,&*}\x00', 0x0)
r0 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0x1000b5, 0x4010, 0x8, 0x4, <r1=>0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x1, 0x7, 0xe5, 0x3}, 0x10)
prctl$auto(0x3e, 0x3, 0x0, 0x1, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r2, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r3, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020)
read$auto(0xffffffffffffffff, 0x0, 0x7f)
mprotect$auto(0x8000, 0x8, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYRES32=r1, @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
read$auto(r2, 0x0, 0x3)
bpf$auto(0x18, &(0x7f0000000380)=@bpf_attr_11={0x0, 0x9, 0x7, 0x100005, 0x80000009, 0xfffffe01, 0x8, r0}, 0x92)
kill$auto(0x0, 0x11)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(r5, 0x81785501, &(0x7f0000000340)={0x5, 0x0, "ea1d1beef7ce7f434284e5aafde366c4", "c4aac3b7fa4ecaccf9a0e6a53f24c9a5", "24a6cea16b99db9502663a727184cb123f8e6609f42ae6618556feb86ee3ca62", "d0c51aa9e1c6a082a266dcd602feaf006c8e2c7b18b74d51c2b393f6c9f87b49be3e9eb9cf7d26d1f46c8afe6d2953ac2c37e1725c7e29ca6289af4afbe8818e56e1a068e2bdfa26c02e5393ee67f0bd", "a7c56ad9ef0eb94abee021309516ed2d", "482ec250849953c6ac03b2ed803eb9f521b8a32165cac5bba746c073e0a51c2fb18a6acf4d4f43a3712899aec1dd07881c3360277ae14384268100f2f921e472b3e6e84cc76b6761cb7c2ae76bad2a37", "c7c783ca75d3eaa36c744cc2e7286cdcf6916b495d4d12cb7d52c6c64e522619609862b92a4cfa5359ed0c5c8b21c66014facd3337a30a6998b4b56a28fbb0e53486e508727ddd725c4503358f3faf6ac002d744bb4ebdf844b25b3fda752907e149f7c5f3346da63649b0c1b1c3f0ce743813468f801df81bbec3c7d72bf9d8"})
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/002/001\x00', 0x4a901, 0x0)

2m41.070525707s ago: executing program 4 (id=4413):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(r0, 0x0, 0x58)
close_range$auto(r0, r0, 0xfffffffd)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_VHOST_SET_VRING_CALL2(0xffffffffffffffff, 0x4008af21, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/fail_io_timeout/times\x00', 0x4001, 0x0)
mmap$auto(0x59e, 0xffffffff80000001, 0x8000000000000001, 0x80000010, r2, 0xd)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5)

2m25.91490962s ago: executing program 34 (id=4413):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(r0, 0x0, 0x58)
close_range$auto(r0, r0, 0xfffffffd)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_VHOST_SET_VRING_CALL2(0xffffffffffffffff, 0x4008af21, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, 0x0, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/fail_io_timeout/times\x00', 0x4001, 0x0)
mmap$auto(0x59e, 0xffffffff80000001, 0x8000000000000001, 0x80000010, r2, 0xd)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5)

1m55.935322201s ago: executing program 6 (id=4538):
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x0, 0x0)
ioctl$auto(r0, 0x64c7, 0xffffffffffffffff)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0x8000016, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
getrandom$auto(0x0, 0x3, 0x80000001)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd0c, 0x0)
remap_file_pages$auto(0x0, 0x1000, 0x10000000000, 0xb74, 0x66a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
userfaultfd$auto(0x1)
msync$auto(0x110c230000, 0x200001, 0x6)

1m54.771618375s ago: executing program 6 (id=4544):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x80045432, &(0x7f0000000040)=0xddc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0x8000000000000010, r1, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup/cgroup.freeze\x00', 0xb02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x5)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/macsec0/proxy_delay\x00', 0x2000, 0x0)
read$auto(r3, 0x0, 0x1ff)
writev$auto(0x3, &(0x7f00000000c0)={0x0, 0x710d}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r4 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x28080, 0x0)
r5 = io_uring_setup$auto(0x86, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/v4l-touch5\x00', 0xc0340, 0x0)
read$auto_nvram_misc_fops_nvram(r5, &(0x7f00000002c0)=""/228, 0xe4)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
setsockopt$auto(r4, 0xbe6, 0xa, 0x0, 0x1f)
getpgid(0xffffffffffffffff)

1m53.469433536s ago: executing program 6 (id=4546):
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, 0xffffffffffffffff, 0x1) (async)
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, 0xffffffffffffffff, 0x1)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) (async)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x200204, 0x15) (async)
madvise$auto(0x0, 0x200204, 0x15)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008) (async)
sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/loop0\x00', 0x14be02, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000600)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5')
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/modules\x00', 0xc0000, 0x0)
ioctl$auto(0x3, 0x400c4d05, r1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.7/usb8/authorized_default\x00', 0x20582, 0x0)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cpu/1/msr\x00', 0x40, 0x0) (async)
r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cpu/1/msr\x00', 0x40, 0x0)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2c080, 0x0)
read$auto_msr_fops_msr(r2, &(0x7f0000000300)=""/184, 0xb8)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) (async)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
io_uring_setup$auto(0xa, 0x0) (async)
r4 = io_uring_setup$auto(0xa, 0x0)
io_uring_register$auto_IORING_REGISTER_ENABLE_RINGS(r0, 0xc, &(0x7f0000000040)="676dad5e2075540ad2a0f9810aaeb5af8bb93a849665255664b4c41bf8", 0x8)
ioctl$auto_BTRFS_IOC_SCAN_DEV(r4, 0x50009404, &(0x7f00000023c0)={@raw=0xffffffffffffffff, "256d6826e2656428632fae777f4cb16bbcf76a7e80e8e89f548323200176e8175bbf1f379400ac820dc5b614d16d50a062041ce6e94a9c27eabf47c0393ebd64ff8fe682fe47db916b152b766357224d52daa93c3e50f71b86d39694987c00ba8dffb1bc1f38f65c8814ae46b15b7bc77f6a76d9ccf3650df8866db25e1c5ec58d0cbd52887cad0e082b123fcc0d74b02953da74b45297d089317f05953cdc3d7e86b19915913a007de20785350ad5fbc75398cec22d59424754b31f4707a602d82b984e130795ed75698d10ca96dcfc2a0442d092a7d53bb1b3296940be80d37bb695f36de165d196f2dfe2f6b67da2d135badf5f084f9dd8f25f9c29d14125ae250eb636937ced6b24fbf8f51c8896cf293f0d30b61e94c8a334b45a4fbcff5098ca49f31334df9d9b1c53eec6099d896c9a172a316211d2dbc2301abb254766c604512b6c8dcb76fd31c26e87d3641f418d4d268a3b6ec86bcf2ff26da0154f84da8cd7ef116953d20c41083eb0995fc78f78fc59f25ba399886dadeb98a58a50d3fb59f175782b371ed4635d3b5a2e90e146022a766a5cfa34d99f5d781e9940abf82fe6a186d6e1a548fa80f648ade88c1c6054f4ff3fe948bc51921b3533363f8eb7d7950e0fce8bdd472fe39c0df3ed2b2530f0d0b63bdbfd95a88913440d6398fca2c3f243be7262771dad02737f84dd7f00bda28f6dcf13fb2932dac5225ce2fe818edf6e61b272fad91a326fb5321683938cc22c4b31866a0d89a59e190e412f47d549144ae6504b1336fe0f9c6b604669d32270b4347c5ff67132760f640f403a24930dce0a4fb60a845607946e480c297b66e7bc12331103e5f9d1876770b38bb29e9e77e34e7ba4d85c0dba025a74c08e65ec77f30eb8f0550c587eff2479a8db002059ae5adbfe8cfbaaa637bd45f5195f3872f8581320c13bea1513df8dddbce27f88719730c2aacaf9427dea492601285a6d753ec4fa3b84485fa4ab5457b17c14ed2ff917cd599a6ba9100c811de58e947c80e9f9a5f471a8cb4675a7d33ef8fcc97aa80b0959b3661e8118ea94724c24c3c4089e545b2c882419996fba013a8597f2051dd124f92e5df01e0f58c3d6342181f979a0dbf35d0703451d1981022cba5bfc1d4609b3aae1e9a0e8048286fd3eb4260fcce7b1b5a590d942ac3a6a1550972b33dd99426731efc41890d8fc866c6a3421f830337b154aa5db8816e78be3b5084f9a9ab52311959826d2207b42d22c3d9e38a429f5d703f66ea99f2c0009cae1d4c18ede78f2962956dbb9aedbe389c9160145f2c1aff76329d3c18f5d693566dfe785e17d7763396ac84c840000000005d1d8fa4ed4cf54da5a8f54fb66af7d7c75939b4cd8d8a00446b254169d5bdce5b073e3eb73a469fef79510c5b350e44635002301891148a01e3d9bf330a21a058328f2f41217b1fe8b1a492dc90cbe88959c0915144079ee63b94024ce534397390658306eeca8f6a466d2a4bfffc8295c3ce9e64a3329750eea373e08b8f0a5a65a4ec10d79e643abf6c5446fa02b44bdce5a3139830fda004fc9d7e463925465b85f64c313ed45a76f465e38df650d3b2aa0e8ad2bce38684b4333bd6a1f15d83f39cf3252c4dffb1b34c528237851d436b4c660384a5f42cb10e135852ad845f305eedd02d7647b6fc77ce63340d39b574c8630f8038ca53aa84c6f9c476ac5e05768e4e716c51d67ebfc319d3208de2de6b4512f431568bf7cccee74676ed281ec1a4bfc5149e046d3adc4f837db71ab1d8a2230ea5f1757cd83bd0b64050871ea3814689f265c00bc2364c8d3ddb04e223571fc60d7ffb475b6a207d1b8c41ae568bac095d0a0e0ce2e53c86a11f1d4a601407b6dc6db32fb4f25a8f96e1ecee4b52cbfdafcb407e601b9b0c3fafe5ac06c4225637ab5f81b8908773f7f9fe9567f4ad3f2c9db3bd560c9ea8163795ee7bc55e22245097da468df325805e92f88a7ecf349e7b96b77fe8fb987661f8ce91ab9d23bc961821872794f32443885eb59563a7bf79aade1607860b90872885b36dda11b673d77f534e71a543904ced262d0d6d38ca38cc58c0178ece1047b0369fe7d0ee8e598a9be296f3c6bac0722beb8489dedb595c08596d04828fcb1fadfb075532d038e22b6378d0e3820646dcc82855abe20a6b437b924eb4b8ae9ee629c4ed36872e14f0bdbc8cea4b6aa9df604c6d7bb6754afdb652083464c5f66bd415bc4db82f4f66b8930ad1a84d5bf1aa6a979655becf8aea009ef2e6f41cf6ec67560f9394ffa17a4d4b54723f14ed383f423ef95ff25e495c700d51ca8ff6bbfc4c256831b5fa3b40d81ba6ad18e55a8fed9c6acdc226368a85bb542d316d2db156957d1f1aa7fb67f5f2ec06d4df6949f15e7c027c78713a593ef1393b725dd65147c466485c5c40bb51ec0d1ed1f49cbe7c2d783d62d134c289064a5b7808e9e0e3cd7e7bf82f7218dc4203d4a35bcc25d0a041a5dd2e1a1c110a160cd83f702a7e0b9c576f50bc0a98e1c019fd7e288d9ce9cca0b08e97861a98f6dea9ec58612fff8c9f324d4008eb12be252d349b213f0cf5ddd81a90dd0acd19c5fee2548db407ae4209e50cc8e56c8387ab2ba92a4a52256a2bb63c00b1fc6a160e14b900990bc296fb6ba040e77786299e4d7669bbcfaf5735ee077b165964526c0d0e4cb23a30bb5c8eb6680c4ef0211b92b559462365149b36b1e1e738f11d3ced016c4b5f9a72b470c6117798327884392b5111d5eb7f2632f7a7a5e8980da901bf71acbdfdbb1d0fe532532d96a1201f9cf2fefb71bc44faf466f2f7da78d43016b11f1407becb6606c5212bfec4da473d886c8a84ee64e3c7e87ac5109580408f78cbf8c1c8cd72113e6f9968cba24bd72f9428e9a26ef56c4c81b1777387d79fdef174691fff2233eb1667862d0bb749812b58bbd56f49cc0e2932d2f4b5050589bf988791c07f1e5787cb4f45b1736c33690d53b6ab76f99f58b07c2182b270dc0a734450dda4971f92c83336ee267a54f2a37716028daa54f99e08ebc1633aace0e9d49014e26ae1b6810333c2b87a79f337853e61ae96fadcc2455bf5215f03117572cbcd3e31939a3484e2b7978497c20a1f255cc51fc8f86bb53954fb8f2ae4b6d59cf9737e5c29e4fd8535d843fe7b0ca05bf4697ff2841dbd8d5d2c6bb25b20a17be785d3100d9000cfd3641db32bdce62df545ebb2294e5d5bf28badd2f57ba52ce9dce9bac471a9f00eca31ede4ce654a4a07cb403fa8c4eb1978ad2ef3fa61360ebfa0be389ec0497824860c0c79a1cbf133f4bce150b30e25e5a83d5ea9d4b404d16298502d177640713ae62a013e64bfda8b2f61add82785219dea4ef564c3075771827128da79afab301dc5c723f4df752aa1b889a6ed2336979a447f42a95342969577b7b336106c9479a9e6c7bcaaa5bf75bed046f21627362e71a1799f237e777c575059e077ae5b995536efae81f94ef39ff45a830770a82da394910a80fd060f330e035386cb554afa840e0b7af0ee94a58e47698244250628bbb80cdabad17c31744ec9200275b1e5c0354ca2a977ca490ebd3dbce4d06902c65faa9ecb57535a6bb6d1952ddccfb8e0fadb5fe1749f936c8f42f1ce4beeabe279724a3f3a1e7dc649e50ab67b9c1a65b6b631031693a60317a4898ee5a52004387d21f7f915d8d0258d45637e04b7d39839a7ccc9dd6d60c297b6dff9f6deebda0be6c118fab8da698a636c51320328a7d3b863a40333f8ac52413f8a31822ee71317135031194ea6a2946cc7c2f30054a1f32f40bfd84aac783b25e654023178882bc90d4740fe25f865825a9f3bd55815061d0dd02cd381dc92f88a561c9997bd431918d1bbc33b38b981c59ac12aaa93983b520f9d4be9c4c6b1783624cf2422ede5d2a515b8b20a11fcbe283dadea29bb61a5be4e76d033ea7f158737689bf28ae44d01fedde174d5418ca26311ebac6fae845fbf0fa51bcd1448c1768e7df44ede3dae8490e1c52b45bcb6fb4c3e6debba21be3c2b5397116668d6bccbd1ae4c04132433b6d2eb18a742017206223dc30dba1264363c1808f34673806d00720691879e5f1750d161f8bdeeb534261403a21148938db582f3008b453c745ea6936921ec91f4421476d74b86ab33eae8471bc03191cc4cdc983c9a266cd7c4598355c7a0ecefc0fce9761c005530a63852b6e87ef51915bb2a037c9994a0985f7c779f8ef9075d2187c316402d309e67226dcac15b52b05e7f511c1a0a13c40de62ec0c9b750720a215b2b221cec8bdec8ad6b91855caad821582b2fc9b73d1d9822ee0d0e986747e236186ace17071dfbc9d7dd064960f8e57d6f2037042c7ca975bdc75db2632be7225f43558489f8e52d62e32ccbfa6409405bd572a3590928cd3663327ae483a987185ea6e2188447b3ce6c22e0f48fcff90044d7c1a0c1092a61148e2b07c135e5b2ff547b3860638b212afade5a529fade769c13eb670534dc08f1edd72b0397e9ca5aae32a8fb9a9fcd7efa9a8cba35c7c6b8ae3a10ce04021a901b759924006415209f5016c264d332501bf8777dce37ceafc2f3c8d097bb191495e9379177b458fb23c7450c3208ac37795599e510204986f1453b57a72aed400020544bb47141f1a6ec5c72d26de990463c8bd3007af2d639574a797d5f4ac8fab55106a8bf766f511cc332aa6031ae090750a406c9c250455c45a2704ab93a031822a7aab18304ae197b4a80b754b13478729ed5f58840289a767eec7d278abded60c60c77899836cdd047ace7b74ea02bedf02cf0e4fb732e4936894c5bd3a1455c9c14c9b7356c37e007f8d7a20242336d4e58eb7297dd27f773e9129a5bbdc9375a84c64d2a5ff9ca22a74fbfcaa72748426a25549618c916693ccde309eb294b162e56dfe71bd11741a9a6285df4dcf62858679c1bf0a7717fdbdeb823c6280e9708ac2222f1243403f1ac4452f0ee19689a2b081f410e317b9f50d1cc7c9b9d075ac88afdc49fcaac14aa430a05ceead81557d70e6deb8491ce4d7cb88c560b2334c08046e09cdd76e7044e9c595567f23d7258c079d7138baba34fc123db1fccd56acb965a2ccf6c7e205f6f65080017b96c522441eef7dd368c53cab8551a885087175708e5870154a5957d546b707649be73240c07a752758db8a0d415a91152b39dc66ce40d06d4071cc06ab1d4b47307cc277833027862d54d7d2874f2df744c21cae07db54a491844671b640acc5f421d7860f08b56f50d83e779f062e1b3f00fc3b8a10d91a52390111834254aa632a45c0127e1a9e7bbee0a0e71f05584875de4cf76ada932ed8d65096c5108767f48350d592968dffa9d322a1cf2b1526486b651ea09cb1b6dcecc670855d3cf20813938d56dceae2f3b5f809ef2ea3c2a77775f84aee964019d97b004d3da5a026f4239a96d74310119e38691e7dfa6966e7c88bfe4469458dac916bdc1300f1ff1bcdb958476966b5d608fba53b488fa5df8109e60ca4b201d9a0744281b03435e51ae535e04609f6d8f32a5711835bf2ec541d03952b2a63bc1a824b9b0da1503e222b1867d508d421fd88c587f65f60c7a40f37d822fb78682f69b12c8d5fc8c496457fca2c771a202547c2a1644e9db53463037383dad5b231267e08ed198eb82f102d797de01e7315775d13a145e681093e22eda818abd313e7cbf4840f71e3b0bc7ea97bccd494b2f41c6d6cfc4aaa82fd87bd1b89fc54559735e5dd7a7fb9f80675346"})
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)

1m51.792036175s ago: executing program 6 (id=4551):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = fanotify_init$auto(0x5, 0x2000000000002)
r1 = open(&(0x7f0000000000)='.\x00', 0x40c41, 0x0)
fanotify_mark$auto(0x1000000000000, 0x65, 0x9, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r2, 0x0, 0x20000000)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_hwflags_ops_debugfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
unshare$auto(0x40000080)
syz_clone3(&(0x7f000000dd80)={0x100000, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
read$auto(0x3, 0x0, 0x80)
rseq$auto(0x0, 0x10008000, 0x20003, 0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r3 = socket(0xa, 0xa, 0x3a)
ioctl$auto(r3, 0x8916, 0x1)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r4 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0xa0)
fanotify_mark$auto(r0, 0x61, 0x7, r4, &(0x7f0000000100)='./file0\x00')
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
sendmsg$auto_NL80211_CMD_ASSOCIATE(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="00012cbd7000fcdbb3bf32a62b821657dd0004004400"], 0x1c}, 0x1, 0x0, 0x0, 0x8004}, 0x20000001)

1m49.293610751s ago: executing program 6 (id=4555):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x8000000000000001, 0x15)
r1 = timerfd_create$auto_CLOCK_REALTIME(0x0, 0x5)
r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NCSI_CMD_PKG_INFO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="020025bd7000fbdbdf2501000000080003000500000008000100", @ANYRES32=0x0, @ANYBLOB="b06ba7f4840319141c8425a81c01a48608a805000000793d95e9a82295cfa84fbc240a8fbce3dc740757fc45af0722b6e312cbab26e254ffaad1e1458f9457834274b922f93fb3388ac340fbd3c213746300af8970436fe669a8cad0749dbde450e2c56fced5a5a884ab27cb73c9c14075669de5cd18595a"], 0x24}}, 0x40840)
r3 = setfsuid$auto(0xee01)
setresuid$auto(0x0, r3, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
mkdir$auto(&(0x7f0000000280)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0)
utime$auto(&(0x7f0000000100)='}[,&*}\x00', 0x0)
sendmsg$auto_NCSI_CMD_SET_INTERFACE(r1, &(0x7f0000000e00)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000140)={0xc50, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x7f}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x2}, @NCSI_ATTR_DATA={0x7c2, 0x5, "e1eed61aa5e03650977b02304550e6457dba3364c07dc3a7cb9c3d21ffb69e5f81298ad13f5784c53e0c670a8299ed31e2b80c9088de4557479a313277493d066d2338f53d7fc681e1ab220eb29a82180c39c069ecc4b0b47fbd49aa9edf653678104f5fa02cd1159acb23781130f601c59b38a1b62564390432cd274320a319bbfc1e00f6506b57a68fef66e71d2e1d5a4bfb4b1f06bd36fd0c133d01bda35cd3a088ba1df794149cf78c2c15bf6c690c1dbf1b63a0ef0c947759f3e56320cf052b1bc770bef4bc90d0616c6f849bbe7389fadc069ec4651de0c8d65479e54610bc5193496c8559d80ab0085574c0fe7f9243029dd14cfa283df6ccde88dbfcba0361721c7c4ffd142f2c09a0f3734cb8bfd4560c09948e06ca705450209d36b87df3d280d4a3fd81d8c621417026df78f31b320bbbdc54b8c1efba0a0efc6b61710b5c1c4603afdaa968f9dc7ad1be4d5d21221c8635d29fd8c8c5651204c51614986ec4f35fc1969d33da39e8a6c698506dfb0ea39aeea1c8b93cc766f2433302e8da7f97fd4a07d0f89311ef490e206d9d43b5ed032066d59ffa436287436a689b4e40700ec000c2f1fc3a6d49ddf2701177238ce18228872de7bdb5a17f29c91c5d5b8dc45cb8d249b34b2cade085ec20c7a43e23c8ea37400996a64d6455be9513dbd042c91d3fd61af64993510ca98ab4261e46b44950d2076dd35050978e60840e4b404764ff56714f6d709973aa6757985c7350a9f77967696d4af2fc61ca018eddca5531d36b4e2d1db49a9696c7c4188921870edfe9ee56b0752bb63d1376f74f69958733ff511042c5b54279958f997de917a7b5249de15afeb3ac2378c60253d6cc4da2090e154c57817f497959eb879a2a5ed4bf3390d74827f02221ac539268d9fb08d23bd6b598d5fc409270b8c4ee45e5390370dd4ef6b6325963dbc27c6ee5cb88e35295c57b937d2ad28812f0258e7d496d90db9fa3c1ed42d0b1a3f5a27b4e4cff3e18b4b6661b616bd383bfc6c98e85f98cd3ee4669dda4ed16180f95c958d99d2727c4c4a8b0510ab51998063fd6307dd8d899a567f19463a7abba32e2acd57ce7c7d93d5d6d56aac425fd58d5bfbdf23cd4703c75c58e72d7168c1803210b63e9eb042cbd7bf73dd0a05343e835faaabfc81263c457e72a11309ee3f992bee83e6316aef5bef93fb148444a91d37dffdddaeb3f7fb8a3ecb20be97bfe47d3bfc59054a7b772817984cf97e2dd97bef7592eb3830fff731bfa2d8f851b0225f501a4b7b6c01a0b542d6730e7219aeac2dd4ad321fa46079dafb6bc74c8ee4d33e0eaaf0d4314537b8061f84e0ebd944e4964998a92a81699977b72b2bb2cb124a67881663b115a3edf543ee443440789c7a50af8ea68033bea6a800ace9a87190b7c1cfd67d67ae7a3031c30fc9ef8d4e18aae082e114b9f4b2528580702c72cb745217698d7020c87348c3d5b6ad9bd3a9c6859662689b30551ea5a10a708703d688251c162e55616163955033b6114fa903969827c110a18a1e31d60280c15a0095b64706ee19c502f77522c4a64c65512b36645841f7d4efd888bae9129ef4f4b4a85b3291ffb840e7e3924f5c13a2833da47a4183d8208629aed14b0020c2476e24e19a6c63734834f1794fbec134bb11ae26cfd2e824b7cd1c56e54993cd21f10886373db97372ca0d31b7e12eb143be862ba668c1a7ed438c49cb0c7a26495bc1b0adb216f841e159c118febe5b57dc1a9565e33079272bc17df4b1743607c3ee0f42afa73f4af58c6ef089ef7f65a73d32fc03a55aa1f7101fb84824b69a605428559e4d3b13c4bb6d6516f580757e9e364dba8b4b07cd6088ba86918d5ee53cf74c8915c36c518b3e995a195442cafeb2e664ffb6e26ab03aeddd8883bbe54e219d386c723b1a722f390a5e5ee3aaec35605d289480b625afe02c64b8e2f4f10d39b2ee3a34b555d4a6b8365c3bf87bf4a429bf7111127825a2f59aa262d5f98c39b560d235ba683230f5bc1d537daa7a501d0d868d26749a953e32b77625f0fa0653de0ca90c66398ec547716be5f8f41075f8ea220a79e1bef3dd87c68e3a0d53bdf11e915b6155b5aa820d11818cc1a7df71b9d14a3319f3685ec896c3482c462b3606ec259ddb2ca0ef48e339d3826fcc7aa2ab02321b43d3b7ee2a567b6e7833bbab7a26e80bf90d3cbaf033198ea9bf27b4e23ee06e2877615d189bd25f5be198708ef611a4c933231bde0e73d3877047cc7b7cfe64e70afac12612916c2a94ef3ff8a56a8a2a6b1ba13eac683f36472d2ed4c09af24bbbd5c2a0fb1479a581159bdd549bec4d8c001e8f788b6375d4f33348da6650553dcc1ce461049223099b20d4b672abdbc44533b5f96e114d4a56fae067906ab2f24fcca319c4a15869d2108e02593930d19393d2ac9a493bfe38bdd531b75f4c2dba3c2604413b96102e49c215acc93dc2a660b57af87b812bee8738402cac65d67cc97b3663272e1b52b9fec2b372c8b4ad19da34fa07ff3e4ffdd4088c8324b06e1149ebb00ab0293fed6cb843f9fc7284fbacb08211d749dba8ef0670b31863238616c1e3b730c0b779964c0ff96cd6d2b939232148329c5acf9c506406663d792adfbc1db6832ebf82b207dbeeeec68a606853459d7fcfff813718c512d24f11b60182c4cddd738230e3802df019413c4b314f31522430cc2d694ddd5672ef096f03bc6fd7fc9ba86f84d418ffba6e921ed7d313fb0722c07d8b94e150796447f129041b0b49b9cc92056296c975015123679f4"}, @NCSI_ATTR_CHANNEL_MASK={0x8, 0x8, 0x7}, @NCSI_ATTR_PACKAGE_LIST={0x460, 0x2, 0x0, 0x1, [@typed={0xb5, 0x5f, 0x0, 0x0, @binary="66e077279f634a208f56555814f6c3a4b4fced8750946aef73220f20e143190726da211f3c04715b0b3343b91dfe0636d48a10b7c133fdb2f006bdd3af8fa3a320b587c21c9f732efd070b90361f7e699f2edc9fa4b79d6bdd5cfc8587cf4406c366d9a703507a3838b86b28a88b3d955f351bbaf698c714f6763789346e53a3b90a745765c54b33e7d82fdc16a94e4132fb296b4a4c6e3b1cdc12b6b79b81f14be200f0a11e92b017e8cf538647fc3ee4"}, @nested={0x395, 0x75, 0x0, 0x1, [@typed={0x8, 0x154, 0x0, 0x0, @u32}, @typed={0x8, 0xad, 0x0, 0x0, @uid=r3}, @typed={0xc, 0xfd, 0x0, 0x0, @u64=0x7}, @generic="4fa1af0d3fadfb6f89bd9b3356f0ed290060330d9f11c55b5b24e6b327e627de502cce8662ef538e4a143ab4df639398cea30b156cbbcf83ae7e34d41b661a9734932530bda31d8a9da7165e856e6675384f65789e1b3030807f9266e0b6d381f1d199990a611f7c44c9eee194689b494fb3937a764cf43313c79a0f7c1dbf3e90a4130903232f1438f983fcccbf88ed53dc3bd7f33f80ec85561df8b864d1490ecfc19cd67f472981d894f6154baab7ffe83cc00218775d85dc086e9a04e4b51c5ef5a808", @generic="6c4e2e89e729ba307c95dad908327295953fc7ba7c844a6b5c15582ffdfa71f31b47a4f93ce5064222ee0c5f1e827a6c67c260838105c0ac20b3b533182b330aa0124a470fc0b5edd954b263877c5d9f297366a09175c5d0f8db9ff20f9a2df659597b4bfca00f8532d2465edef3f76878d97695cdcd9a0358b065b0c0de56455b7c647073313e841451266e572940474ef49b28d19b3a91d15a60fa6a93586c80dc57b07cd6de426163e750de9a4c458bee1a07fdfe28e1d735aba16c9622837812bd1f99d1aa3935876ea5aea1cd92f641921620bfabf9b68647968ce158f1a5074bb500dcc4d321f43215bf7d319623c0b49abbc2d7c60641fcc335b8", @generic="cade92c50feda69a80da000fc28fd1b3c151c33397436d82532ac9e4383af6081af63c9bc9ba3c91298fb05feca6241ba23b5d871e5821739fe1351dd327985fac2ce48151377d5c718d35b2a8ede5ba63a61f71d0dec0d5cb29dccd2d21addb4dd5d31c1bc761021f924c10bd24e950c0aa0b814dbee413eee9d870f46974d77df2af1b08402ead391852e08daaf988c3a355b26bf68d26c35e651b5299ca05e927f118bec53af10567000b30eeb49066907f96a3b52f6e30ea4a403128965ac6a3fa6a9097f684", @nested={0x4, 0xaa}, @generic="cc5bb72b49cc2c6b3a0da017858735e4491cfee5b1bc12d970376e2c6bd45db5a4bb8d3c76defa756011a24802570b267a9abb720f2aec12bc62da5baf854e7e4aae8ade243ed7c8ca37bd1e82bc84964abe2b1e096425bf4d2512aea16d12c90c52c56530a71628fdaf9951a931d6580ab060e34e9430ad75671bc7e9650754db521a96a260a65934e8ed8e482c015a55b0a4310f3fc2b6eda2085257678623775a4e904681b03f30f5bae6f08890e1d3204e075aea61d137380074b4dcb460e2636d317d14984a0cd20bb2166759d0e2d826e6e179f2c23d6c8ab866dd", @typed={0x8, 0xe5, 0x0, 0x0, @u32=0x3000}]}, @typed={0x8, 0x100, 0x0, 0x0, @ipv4=@private=0xa010102}, @typed={0x4, 0xfe}]}]}, 0xc50}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
unshare$auto(0x40000080)
rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00')
write$auto(r0, &(0x7f0000000000)='7\x81=\xa2\xad\xff\x8d\xf9\xac\xa6\xad\xfbi\xa3^}\x91\xa3}\x85\xfaP\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb\x05\x00\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x7fff)

1m47.487043474s ago: executing program 6 (id=4560):
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5401b0060c100", "70d9a9a3af9f39d000000001", "ef5a00", '\x00\a\x00']})
socket(0x10, 0x2, 0x0)
r0 = gettid()
prctl$auto(0x80003e, 0xfffffffffffffffd, r0, 0x3, 0x1000)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x981, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f00000001c0)={@inferred=r0, 0xd, 0x1, 0x7, "5e01404cf406ff7bc42f54d6a13914aed1dfa93db6d741e0214f63231859b35939f9c2c506589a74f233c35e", @inferred=r0})
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0xa, 0x2, 0x0)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_CREATE_VM(r5, 0x4048aecb, 0x0)
setresuid$auto(r2, r3, r2)

1m32.415878857s ago: executing program 35 (id=4560):
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5401b0060c100", "70d9a9a3af9f39d000000001", "ef5a00", '\x00\a\x00']})
socket(0x10, 0x2, 0x0)
r0 = gettid()
prctl$auto(0x80003e, 0xfffffffffffffffd, r0, 0x3, 0x1000)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x981, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f00000001c0)={@inferred=r0, 0xd, 0x1, 0x7, "5e01404cf406ff7bc42f54d6a13914aed1dfa93db6d741e0214f63231859b35939f9c2c506589a74f233c35e", @inferred=r0})
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0xa, 0x2, 0x0)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_CREATE_VM(r5, 0x4048aecb, 0x0)
setresuid$auto(r2, r3, r2)

1m20.131885504s ago: executing program 5 (id=4645):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x20340, 0x0)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x20000, 0x0)
pread64$auto(r1, &(0x7f00000002c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\xf5\x00\x00\x00\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\x11\x04\x8b?$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq', 0x100003ffd, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r3, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x18b1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x74}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x200}]}, 0x34}, 0x1, 0x0, 0x0, 0x2002001}, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
semget$auto(0x0, 0x13c, 0x1ff)
semctl$auto(0x0, 0x9, 0x1, 0x2)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001140)=""/4093, 0xffd)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)

1m19.805665285s ago: executing program 5 (id=4646):
r0 = fcntl$auto_F_GETOWN(0xffffffffffffffff, 0x9, 0x4)
kill$auto_SIGCONT(r0, 0x12)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x1000000)
r1 = socketpair$auto(0x1, 0x2, 0x7, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(r1, 0x0, 0x9a6, 0x6)
r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0x121980, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x2, 0x1ffde, 0x7, 0x83, 0x20000002, 0xd, 0x3, 0x1, 0x242, 0x8, 0x9, 0x1, 0x6, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0xfffffffc, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0xa)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060800020000000000000000", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x94)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040)
r3 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0c/sub6/sw_params\x00', 0x6b0f03, 0x0)
socket(0x2, 0x3, 0xa)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto(0x1fffffffe000, 0x400005, 0x0, 0x13, r4, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket(0x2, 0x3, 0xa)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x406, 0x0)
r6 = socket(0xa, 0x2, 0x0)
mprotect$auto(0x0, 0x806121, 0x6)
getsockopt$auto(r5, 0x29, 0x4b, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000100), r6)

1m18.754043388s ago: executing program 5 (id=4650):
r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0\x00', 0x30000, 0x0)
io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000040)="c2a87febb71e80da4e805a3de84a2e63780ca847ca2a3b14a8dd075ab75c9ccfe928b5cc739cd6524d1d12fd6830b529c6fd735223ee7a4063bc8e8212c73e1af015dadb8f9ee1df742def8c5a92b8ab5c62cf421e6d4c0a5c6e1ece38393e60c694153a83aafa36d87ed7e0b006b73258060dac", 0x2)
r1 = fsopen$auto(&(0x7f00000000c0)='-/.\'%\xb9\x00', 0x3ff)
r2 = pipe$auto(&(0x7f0000000100)=<r3=>r0)
r4 = getpid()
r5 = waitid$auto_P_PID(0x1, 0xffffffffffffffff, &(0x7f0000000140)={@_si_pad}, 0xb, &(0x7f00000001c0)={{0x26, 0x5}, {0x7f, 0x554eaa85}, 0x3, 0xd0b8, 0x9, 0xffffffffffffff35, 0xffd, 0x7, 0xc45, 0x2, 0xd9a, 0x9, 0x7fff, 0x1, 0xde, 0x100000000})
kcmp$auto_KCMP_EPOLL_TFD(r4, r5, 0x7, r1, 0xae4d)
setsockopt$auto_SO_SNDBUFFORCE(r3, 0x7fffffff, 0x20, &(0x7f0000000280)='{-\x00', 0x5)
r6 = fcntl$auto_F_GETOWN(r2, 0x9, 0x7)
r7 = prctl$auto_PR_SYS_DISPATCH_ON(0x0, 0x1, r6, 0xd, 0x8000000000000001)
ioctl$auto_BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f00000002c0)={0x3, 0x190718ee, [0x6d, 0x2, 0x7fff, 0x7, 0x6, 0x9]})
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000300), 0x200080, 0x0)
socket(0x5, 0x3, 0x0)
r8 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000380), r2)
sendmsg$auto_NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r8, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY_NAME={0x6, 0x2, '-\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x800)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000480), 0xc0642, 0x0)
sched_get_priority_min$auto_SCHED_RR(0x2)
mmap$auto_proc_reg_file_ops_compat_inode(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x5, 0x10, r3, 0xfffffffffffffffe)
timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f0000000600)={@sival_int, @inferred=<r9=>r2, 0xf23f, @_sigev_thread={&(0x7f0000000500)=&(0x7f00000004c0)=0x5b, &(0x7f0000000540)="4a8b1655b6ca2d63f9c091e6e5c4fc3d3e8aede879fc3531cb6623ca952c54c70dad8940420f41ac0f15771325710669248f96aabc7ce6f52765bbc425c0307423650e69d92350e830acdd952a9d4d3ba0c1960183a13f3aab6e86e3c1a4a548e32d231a4db965c64bca9b60d929eecf1a667bcb854bce02064ff264962d11c7797bbd016a7a4e847f16bac790861e5226611d892039f97cfd73803711cb8bd2"}}, &(0x7f0000000640)=0x5)
r10 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000006c0), r9)
sendmsg$auto_GTP_CMD_NEWPDP(r7, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r10, 0x800, 0x70bd29, 0x25dfdbfd, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @loopback}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44001}, 0x8000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000800)={'vcan0\x00', <r11=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000840)={'dvmrp0\x00', <r12=>0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000880)={'batadv_slave_0\x00', <r13=>0x0})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000008c0)={'vlan1\x00', <r14=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000900)={'bond_slave_1\x00', <r15=>0x0})
sendmsg$auto_ETHTOOL_MSG_EEE_SET(r7, &(0x7f0000000e00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000940)={0x46c, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@ETHTOOL_A_EEE_MODES_OURS={0xc2, 0x2, 0x0, 0x1, [@generic="8df957211e559f4b34e6aeddf748b7e3c1c2222ce3fe12d325a2ad977af33e72bd9d797cb2a8e113561406c46eb41727781b9a0627ca", @nested={0x1c, 0xe3, 0x0, 0x1, [@typed={0x14, 0x51, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x4, 0x5b}]}, @nested={0x6c, 0xe6, 0x0, 0x1, [@generic="01a415fde508a7aa9171a579382fb4714ac3aed7d0674583e77c790550eb9aa60ef86342ae1d51dcfffc75b8c3b5bdad3587f0d837679240e25040a9579aa26fdee1748f80552bf22bcecf649051e037ad41ad7698b59bf74b7f00632718e9bec643779c3f6dd839"]}]}, @ETHTOOL_A_EEE_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffff8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x9}, @ETHTOOL_A_EEE_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @ETHTOOL_A_EEE_MODES_OURS={0x2cb, 0x2, 0x0, 0x1, [@nested={0x68, 0xf7, 0x0, 0x1, [@typed={0x8, 0x28, 0x0, 0x0, @u32=0x1}, @generic="afe4fa7b2ce530f61020a2169edea0a83b5b10d305635516c9ca499c5d0d6b7effea0883a132fd2b41633985c93dac1412e5b3e39e3a550b68531fb495699e3436decc9bb63606e8215212c984cda8854743bac904af12cc", @nested={0x4, 0x100}]}, @nested={0x168, 0xc2, 0x0, 0x1, [@generic="e18dc5616fbe0d384926e803148f3e8d33c76912491a908c3d5418c821a3254d3a28faa25ef4d0d0f72429abae0c7b560e9a637fa53d3c209781a676df017360e32c8d201930136b98d3b311a46874c980ea46bc297e2fed7e55f13adb6960c191c2d26447542f31af640b7278a7e857447f50adc84127f5bb3188983d0a781c1a685b7306e2a3cf12f2468bff0240596f8bd0c7dc9442cda4c96df2c077a3e3cba859242de7d9d2e3c44282dcb37b60febd6a7f5694898667c21810b64c9256fe0f470fe61553b9", @generic="f107a5ae8f76367e144facb6a678024baa094182a2f63ab887d5212212615abf6f8c1ca0f3e3625af6b8aca02efa9fb2872bdb6c1e84833fb1014c6c4d9c885249b921c540f895ff0f241d96dea08faad07f8d958e79ce6e780aac5c3ea98e3118c4975ce902f8d5302a4fcc073889650cfcefb6d2f0b00a416119cdbd75c274d244ae6503b2c3643a62c6a7", @typed={0x8, 0x3a, 0x0, 0x0, @ipv4=@remote}, @typed={0x8, 0xce, 0x0, 0x0, @u32=0x8}]}, @generic="3aa6351d9d2a353f4e666fccffbcf648fc826bc35a3ca4b22a0109b93d53418e69d48c7947655a00ba42a9f30bc40bde6a2ca55bb464004cc9717d8e8d3ea7d072a1cb351884d83f831e239c8e9052ea79295b09a6d3a7f2636029b970255a7c93ced37ad76cdde41f8f5728f24c6d2303b8257c1e2320e97ee641c429ff385f17c778b0c6e8c5af0d8176e9cb57ac1e052ac575a226b63ddd42b0a5d366c5fe5dcc07782497d0541b8d70b69235f84804b66b622a300575612cff6f072e5cd99d0bdb16b307a8e7fce0516db71bd9a658c77fe5a9a10d40b1c9acae642d0af01e4c7747917724d3f970fff1d10937", @typed={0x8, 0xb3, 0x0, 0x0, @u32=0x3c0}]}, @ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}]}, @ETHTOOL_A_EEE_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x5}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x8fc7}, @ETHTOOL_A_EEE_TX_LPI_TIMER={0x8, 0x7, 0x8}]}, 0x46c}, 0x1, 0x0, 0x0, 0x44804}, 0x20000001)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000001000)={{&(0x7f0000000e40)="0c5b7daea3ab1f00d133e9b8dee0018a8758619de3b7db96833f60cac69ee8f63effbe790dfe60939c0e4b0c69a30582c5e60468e9530f8d1d174936b676c412e38c6fdc908749f08f4ea0807cd9b76c245dadcfd3c2869e84cdd6e7f58be348de19395ffedaf344a3cbcb6e4a6fe4e5b389edf4c2420bf44a47fcc9c1787784af7495135421c0848be98dd657eff68cc37a7f760c9b20239a598b7dd8da09d074cb9c5d", 0x1, &(0x7f0000000f40)={&(0x7f0000000f00), 0x4}, 0x9, &(0x7f0000000f80)="07ef77139bc35f251260b4a0b316b472afddc06d8eed461b2e0a4d70a961a8effd225568c1fc3ea85a4002505525c310bf4ee64763303bf3b6ddc840fb4770eb3b6732966efdcee18cc6a127982cdd98fd7be96d56d3dceb9b778732ea8c87caaf57f926352501e3bab0047785bdcc36c1d84768600226b6af6eefc5a73ebc0b", 0x0, 0x9}, 0x4}, 0x2, 0x5, &(0x7f0000001040)={0x7, 0x4})
r16 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000010c0), r1)
sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r1, &(0x7f00000011c0)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)={0x48, r16, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x34, 0xcd, "847dbb960e367dc5bfc4decaf2ffc3b050f31dff9c895c3906dbf44625a7407e9c739f3f512e86a2c3f03197e3c4250b"}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000005}, 0x40)

1m18.323902767s ago: executing program 5 (id=4654):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/lapb4/carrier\x00', 0x20340, 0x0)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmstat\x00', 0x20000, 0x0)
pread64$auto(r1, &(0x7f00000002c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x00\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\x11\x04\x8b?$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq', 0x100003ffd, 0x6)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
mmap$auto(0x0, 0x0, 0xdf, 0x100000010, 0xffffffffffffffff, 0x20000)
socketpair$auto(0x1, 0x2, 0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x32740, 0x0)
socket(0xa, 0x3, 0x3b)
setsockopt$auto(0x3, 0x1, 0x7ea4b7a0, 0x0, 0x9)
io_uring_setup$auto(0x54fa, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
r2 = bpf$auto(0xfffffffd, &(0x7f0000000100)=@bpf_attr_11={0x6, 0x0, 0x1, 0x3, 0x7, 0x0, 0xe1, r0}, 0x96)
bpf$auto(0x5, &(0x7f00000002c0)=@bpf_attr_0={0x0, 0x10, 0x0, 0x6, 0x8, r2, 0x400, "432a8091dac3bd4a0411088194f19cb8", 0x0, 0xffffffffffffffff, 0x400, 0x400, 0xff, 0x64, 0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x9)
prctl$auto(0x2, 0xfffffffffffffffd, 0x0, 0x100000001, 0x6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
ioctl$auto(r5, 0x9000643b, 0xcd)
r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r4, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00'/15, @ANYRES16=r6, @ANYBLOB="00022cbd7000fddbdf2507000000080004000600000008000500b118000008000400740000000800050000020000"], 0x34}, 0x1, 0x0, 0x0, 0x2002001}, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r3)
sendmsg$auto_NL80211_CMD_SET_PMKSA(r2, &(0x7f0000000280)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="080528bd7000000400b8000400bf00"], 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
semget$auto(0x0, 0x13c, 0x1ff)
semctl$auto(0x0, 0x9, 0x1, 0x2)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001140)=""/4093, 0xffd)
socket(0x2, 0x80002, 0x73)
bind$auto(r1, &(0x7f0000000100)=@ethernet={0x6, @remote}, 0x6)

1m17.290986893s ago: executing program 5 (id=4658):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r3=>0x0}) (async)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd11/queue/iostats_passthrough\x00', 0x2a001, 0x0)
write$auto(r4, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="28e4304a", @ANYRES8=r0, @ANYBLOB="2f212dbd7000fcdbdf252100000008000300", @ANYRES32=r3, @ANYRES16=r2], 0x28}}, 0x4000000) (async)
r5 = socket(0xa, 0x80407, 0x88)
getsockopt$auto(r5, 0x1, 0x40, &(0x7f00000000c0)='\x05/\xc3:\x00', &(0x7f0000000100)=0x7)
r6 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x1000, 0x4000000000df, 0x16, r6, 0x0)
mkdir$auto(&(0x7f00000000c0)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', 0x8001) (async)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000240)='nfsd\x00', 0x10400, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00') (async)
r7 = open(&(0x7f0000000100)='.\x00', 0x0, 0x1)
getdents$auto(r7, 0x0, 0x62d4) (async)
getpgid(0x0)

1m16.645323906s ago: executing program 5 (id=4661):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x15, 0x7, 0x28000)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
r2 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
move_mount$auto(r2, 0x0, r1, 0x0, 0x9)
write$auto(0xca, &(0x7f0000000040)='\x04\xff\x7f\x00\x00\x00\x00\x00\x00\xc8\xbe\x94\xf3\xa2\x00\x00', 0x3)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x22003, 0x0)

1m1.516863194s ago: executing program 36 (id=4661):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x8000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x15, 0x7, 0x28000)
madvise$auto(0x0, 0xfffffffffffeffff, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
r2 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
move_mount$auto(r2, 0x0, r1, 0x0, 0x9)
write$auto(0xca, &(0x7f0000000040)='\x04\xff\x7f\x00\x00\x00\x00\x00\x00\xc8\xbe\x94\xf3\xa2\x00\x00', 0x3)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x22003, 0x0)

9.630285668s ago: executing program 2 (id=4876):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/advisor_mode\x00', 0xa0340, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001140)=""/4093, 0xffd)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_TDLS_OPER(0xffffffffffffffff, 0x0, 0x20000000)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyw6\x00', 0x63e201, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000040), 0x20401, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00')
r5 = socket(0x2b, 0x1, 0x1)
getsockopt$auto(r5, 0x11e, 0x4, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
fstat$auto(0x2, 0x0)
socket(0xa, 0x2, 0x73)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x13, 0x0, 0x1ff)
ioctl$auto_LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xfffffffffffffffd)
read$auto(r0, 0x0, 0x5)
sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x5c, r2, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_VHT_CAPABILITY={0x45, 0x9d, "ac9ae115f5c0b523a7e87659e724f28b40887ffe06e05d18ea188e818ff9a0928ccf02402a32e64689c08694fdbb19d31d50577b124b7acda8d7e4c3af7b9d50eb"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4004004}, 0x40801)

8.505360025s ago: executing program 8 (id=4880):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, 0x0, 0x55)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x100)
r1 = socket(0x2, 0x1, 0x106)
getsockopt$auto(r1, 0x29, 0x4b, 0x0, 0x0)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0xffffffff, &(0x7f0000000000), 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0", &(0x7f0000000240)=0x4})

8.188154068s ago: executing program 8 (id=4882):
pipe$auto(&(0x7f0000000000))
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
ioctl$auto(r0, 0x4b3d, 0xffffffffffffffff)
ioctl$auto(0x3, 0x5411, 0x10000000000402)
socket(0xa, 0x2, 0x3a)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0)
socket(0x29, 0x2, 0x0)
r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/smps\x00', 0x40140, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r1, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x102, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x2, 0x14)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
r5 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r5, 0x29, 0x1f, 0x0, 0x1ff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfc7c, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40c0}, 0x48050)
sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

7.787571491s ago: executing program 2 (id=4884):
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
socketpair$auto(0x409, 0x5, 0xffffffff, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x123002, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x2f399d0, 0xffff, 0x6}, 0x18, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x880)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
r0 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r0, 0x0, 0x20000000001, 0x7fff)
socketpair$auto(0x1e, 0x5, 0x9, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/afs/rootcell\x00', 0x8f3b7a51b8043d01, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)="205c2078027e0dc0023a", 0xa)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r2, 0x5412, &(0x7f0000000300)="dc")

7.537938741s ago: executing program 8 (id=4885):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r0, 0x80045006, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
clock_getres$auto(0x10, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0)
write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000000)=' ', 0x1)
write$auto(r1, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00'/101, 0x9)
ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(0xffffffffffffffff, 0xc1004110, &(0x7f00000004c0)={0x9, [0x39, 0x5, 0x5], [{0xb, 0x8000, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x0, 0x0, 0x0, 0x1}, {0x7, 0xa, 0x0, 0x1, 0x1}, {0x5, 0xe, 0x1, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x1, 0x1, 0x0, 0x1}, {0x8f30, 0x4, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x4, 0x0, 0x1, 0x1, 0x1}, {0x1d210000, 0x8, 0x0, 0x0, 0x0, 0x1}, {0xffff, 0x7, 0x0, 0x1}, {0xd, 0x3, 0x0, 0x0, 0x1}, {0x2, 0x5, 0x0, 0x0, 0x1, 0x1}, {0x1, 0xfff, 0x0, 0x0, 0x1, 0x1}], 0x7, 0xd, 0x6, 0x8000, 0x8, 0x8000, 0x1, "26452892137ae732fd0bac8a704f8fb73b896bc5d6aa24770ba3f237e6da3d78267505bbca6407e87b33cf998ef7e1cf5ff367d2f4cd5148b3dec718f7511846"})
openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000100)=""/92, 0x5c)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x200007, 0x8)
mmap$auto(0x0, 0x20009, 0xdf, 0x1000eb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x5)
memfd_create$auto(0x0, 0x40)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0xc, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
futex$auto(&(0x7f0000000080)=0x1, 0xd, 0x1, 0x0, 0x0, 0xfffffffa)
futex$auto(0x0, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x4000000)

6.216910918s ago: executing program 2 (id=4886):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video6\x00', 0x682, 0x0)
ioctl$auto(r0, 0xc0285629, r0) (fail_nth: 2)

5.474450011s ago: executing program 8 (id=4887):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/if_inet6\x00', 0x0, 0x0)
preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0xc)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0xc)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x3, 0x0, [{0x48, 0x10, 0x1}]})

5.444276534s ago: executing program 1 (id=4888):
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x42000, 0x0)
ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0xffffffffffffff95})
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)

4.838087834s ago: executing program 8 (id=4890):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
unlinkat$auto(r0, 0x0, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)=@batch={0xc0cb, 0x5, 0xd3f, 0x80000000, 0x2, 0xffffffffffffffff, 0xe5a6, 0xfc}, 0x4)
r3 = io_uring_setup$auto(0x5, 0x0)
mknod$auto(&(0x7f0000000580)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1<w\xd3:\x835\xac\r\x06\xc9\xc1HG\x1c\xd4J\x8aZ%+\xe6/~\xd6\xe1[+Z\xb1\x8d\xc5\x9b\xcfhb\'\x80\xeb7%>\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_', 0x1081, 0x9)
acct$auto(&(0x7f0000000140)='u[,&*}\x00\a\x00\x00\x00?\xa4\xb2(#\x90~\xfdN[#}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0\x04\x00\x00\x00-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x01\x00\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x12{\'<\x86\xfc \xdc\x85\xc0c\xe0\"\x7f|rG\xf7m0\xdc\x05\x12\xb7\xa6\x96!Q')
open(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x880c2, 0x95)
close_range$auto(0x2, r3, 0x0)
acct$auto(&(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/size\x00')
process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f00000002c0)={&(0x7f0000000240)="ab6bc7428f3ebb1169a335f5962aa8173ce5cc1a56a2174c2ee690939ef301bb67cf493c5ae22b223125e3694a"}, 0x6, 0x8, 0x146)
socket(0x2, 0x80000, 0x100)
socket(0x1e, 0x4, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_NET_SET(r4, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x2)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1f7c8f9e2e9b9a5f481baee4ba180000e5", @ANYRES16=r2, @ANYBLOB="01002abd700001dcdf251000000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x90}, 0x80000)
r6 = socket(0x23, 0x2, 0x0)
ioctl$auto(r6, 0x89ef, 0x74)

4.681078185s ago: executing program 1 (id=4891):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, 0x0, 0x55)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x100)
r1 = socket(0x2, 0x1, 0x106)
getsockopt$auto(r1, 0x29, 0x4b, 0x0, 0x0)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0xffffffff, &(0x7f0000000000), 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0", &(0x7f0000000240)=0x4})

4.436104155s ago: executing program 2 (id=4892):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
socket(0xa, 0x3, 0x3b) (async)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
unshare$auto(0x40000080) (async)
mmap$auto(0x3, 0x4, 0x4000000020df, 0x40eb1, 0x401, 0x300000000000)
recvmmsg$auto(0x3, 0x0, 0x10081, 0x0, 0x0)
unshare$auto(0x40000080) (async)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time\x00')
setns(r0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x141002, 0x0) (async)
syslog$auto(0x3, 0x0, 0x208) (async)
r1 = syz_open_procfs$namespace(0x0, 0x0) (async, rerun: 32)
r2 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x420380, 0x0) (async, rerun: 32)
open(0x0, 0x20400, 0x408)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r3 = socket(0x2, 0x80002, 0x6dcb) (async)
connect$auto(0xffffffffffffffff, 0x0, 0x51)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
unshare$auto(0x40000080) (async)
socket(0x0, 0x2, 0x4) (async)
capset$auto(0x0, &(0x7f0000000000)={0x21, 0x57, 0x4a})
sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000040)="3adc2f99bfb1040310e28ffa4c4a5c3e6459d681", 0x5ae, &(0x7f0000000100)={&(0x7f0000000200)="9158338918bae7", 0x5ea}, 0x5, 0x0, 0xa, 0x1001}, 0x5}, 0x1006, 0x80140)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, 0x0, 0x1a6b75d63882a712, 0x0) (async)
getdents$auto(r1, 0x0, 0x5)
prctl$auto(0x1000000003b, 0x2, 0xffffffffffffffff, 0x8, 0x7) (async)
mmap$auto(0x19, 0x8, 0x7, 0xfffffffffffffffe, 0xffffffffffffffff, 0x7867) (async)
fsconfig$auto(0xffffffffffffffff, 0x200001, &(0x7f0000000080)='\x98 \x84nf8\xe6Gd0\x84@t\x8d%\xd1\xb5\xcfb\xd1*\xdbY\xd6', &(0x7f0000000280), 0x0) (async)
lremovexattr$auto(&(0x7f0000000440)='}[,&*}\x00', &(0x7f0000000300)='/de~/bus\x87\xb7\xc2\x95R\x00\xd9-\xe7>{\xbf\xe5i\xd7\xc7\xc5\x9c-\xe7\xc8\x033a\x9c\xfd\x84\x9f\x8f\xc1G\x8c\xff\x11\x96\xe9Z\xc2k\xe1\x04\x8a\xb8\x81\xcc\xf2FS\xaa\xa4\\F6\x929\xec77\xb8\x93\x10\xaf~c\xe1\xb9\x9c\xebq\x85\xdb\xc4\x0f\x8bL\xff\"\xcdr\x8b\xd7\xa1l\xbf\x9d\x1au\x11\xdf\x17\xce3\xbca\xdf\tD\xec9\x8a\x81\xc7\xf2)\xabl\xb5)-:\xd0p\xaf\x86\xdf\x8e\x1c&d\x18L\xf2\xd6s\xa2wA\x1cK\x0fj\xc5(\x97\xd0\xd2j\x03\xdf=\x83\x98&\xed\xb1\xff\"\xb9H\x9e&\x1f\x8e\xd3\xe7Vb\xb4\xa6\x18\x7fa\x9d\x9b\xf0p\xbc\xdc~0I\xbd\x0f\x87\v\xcb\x89\xcc\xcf\x1dYI\xd8\x90O \x8e\x16rS|\xce\x13\x00H\x9b\xe4\x85\x10\xd2\xd8K\xa1&\x82\x87\x90\x9c\v\xdd!\x9c\xdf\xb90{g\xbc\x1d\xa4\xd3I\xc4\x84\xe5JqIcU\x91\x10\x8b\xa1\xa9\x9c\xb6Q\x02\xf8\n\"\t\xa1\xaeN') (async)
close_range$auto(r3, r2, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)

4.362523215s ago: executing program 1 (id=4893):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x14)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x1d, 0x2, 0x7)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000040)=ANY=[@ANYBLOB="010027bd7000ffdb"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x0)
memfd_secret$auto(0x1)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x20008041)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x186, 0x400, 0x9}]})
pwrite64$auto(0xc8, 0x0, 0xfdef, 0x0)
sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000140)="4b8a2fa634f3c13fb113d99c2635", 0x0, &(0x7f0000000180)={&(0x7f0000000300)="5b791e3ee3c605601b7b3a000c16c30314899367755cd0abd8bf40373c22fc4684e3671f53055e77cd7d7340c5439f1b858e7a3e74a1eeda9f31297979e255f1162c006fc302b67c666bf61483fd1785f159a755c1ba919b8595e17da51a2755b1668e105246b08fd608fc9e5691df7aa6b445af55ddd62f535aff8ce37c67134a77236562639c8b32f52c36e3938e9a3ab3ed48d67f01350a0f6b2f5acf2e14e9a526643ee9991e9b6bddf905f31045f426862cf64b19f086a8a07f3cb0d8d09afa5547cdb738d2856131d0d3ceee67060739e5a4d208d62677221dba456e87e44a8fb0315671", 0x6}, 0xdc31, &(0x7f0000000400)="71ff3b7a8035742ef5ecd8a0468477b9ecd0fddfa7561ff67de2b8db4f7ea37b952579948335aa570a6fdcaabfc86298e94f8ca841176851565ddc2dc5fc8d20eeb40a7ee08d012bd4771ac2597bf2dd80b2f455d8af0baf7657906b00afa0d9cb5251153a7dbe296de86cc83b0cb9330897a53675e023b88b80ae740bfe69c40eef6748c8414df1", 0x7, 0x3}, 0xfffffffd}, 0x7fff, 0x8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0)

3.996873077s ago: executing program 7 (id=4894):
mmap$auto(0x100000000000, 0x400008, 0x6, 0x9b76, 0x2, 0x8000)
r0 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=0x2048, 0x6, 0x7})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket(0x2, 0x801, 0x106)
open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154)
r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi18\x00', 0x400, 0x0)
ioctl$auto(0x3, 0xc058565d, r1)
getsockopt$auto(r0, 0x8, 0x7, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', &(0x7f0000000100)=0x8)

3.246054532s ago: executing program 7 (id=4895):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, 0x0, 0x55)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x100)
r1 = socket(0x2, 0x1, 0x106)
getsockopt$auto(r1, 0x29, 0x4b, 0x0, 0x0)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0xffffffff, &(0x7f0000000000), 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0", &(0x7f0000000240)=0x4})

3.244871682s ago: executing program 1 (id=4903):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/fs/bcache/pendings_cleanup\x00', 0xc0481, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x39db00, 0x0)
io_uring_setup$auto(0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bpf$auto(0x8000000, 0x0, 0x0)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/mem\x00', 0x40, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x194)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054)
write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x202003, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x2, 0x0)
io_uring_register$auto(0x2, 0xe, 0x0, 0x20)
mmap$auto(0xfffffffffffffffb, 0x1, 0xdf, 0xdb74, 0xffffffffffffffff, 0x10001)
io_uring_setup$auto(0x8008, 0x0)
close_range$auto(0x2, 0x8, 0x0)
clock_nanosleep$auto(0x2, 0x6, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
close_range$auto(0x2, 0x8, 0x0)

2.60026912s ago: executing program 7 (id=4896):
openat$auto_transaction_log_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x101, 0x0)

1.947382613s ago: executing program 7 (id=4897):
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x10000000000002e, 0x8)
fsopen$auto(0x0, 0x1)

1.747556848s ago: executing program 1 (id=4898):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
madvise$auto(0x0, 0x200007, 0x19) (rerun: 32)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) (async)
bpf$auto(0x1, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x81, 0xffffffffffffffff, 0x2, 0x8}, 0x100000cf)
r0 = socket(0x29, 0x2, 0x0)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}}, 0x40000) (async)
recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000001c0), r0)
msgctl$auto_MSG_STAT(0x8, 0xb, &(0x7f00000002c0)={{0x9, <r3=>0x0, 0xee01, 0x8, 0x2, 0x8, 0x2}, &(0x7f0000000200)=0x9, &(0x7f0000000580)=0xff, 0x2, 0x3, 0xb, 0xc, 0x5, 0x8001, 0xdcde, 0x101, @raw=0x9, @raw}) (async)
prctl$auto_PR_SET_MM_START_DATA(0x407, 0x3, 0xffffffffffffffff, 0x3ff, 0x401) (async)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x2001, 0x8)
bpf$auto(0x0, &(0x7f0000000300)=@bpf_attr_0={0x22, 0x538, 0x80, 0x10000, 0x4, 0xffffffffffffffff, 0x21000, "72fea04183dce563f03f2a25077b3383", 0x0, 0xffffffffffffffff, 0x7, 0x6, 0x101, 0x1000000000001}, 0x4) (async)
r5 = getuid()
r6 = getegid()
setregid$auto(r6, r6) (async)
statx$auto(r4, &(0x7f0000001100)='./file0\x00', 0x0, 0x10001, &(0x7f0000001140)={0x3, 0x6, 0x9, 0x8, r5, r6, 0x5, 0x1, 0x3, 0xffff, 0xb, 0xb6, {0x10, 0xfffffffa}, {0x1, 0x2}, {0x5, 0x8001}, {0x8, 0x101}, 0x7e05b10d, 0x7, 0x7b6, 0x1, 0xb, 0x7, 0xa, 0x2, 0x5, 0x3, 0x3, 0x1c5, [0x3ff, 0x2, 0x80000001, 0x8, 0x96, 0x0, 0x20, 0x0, 0xffffffffffff0000]}) (async)
syz_clone(0x2000200, &(0x7f0000000340)="7586b63cdcc6f47b1801438f3472c8ac2b4c0089cf812f306c5c0977e4a035b2fa6c2ad3caa31ec2640b8dbb12f9303ef0958517efe1cf9d8395124d429a54985fe1c942e2689a0341", 0x49, &(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)="7ead04ccbda5e7e2e23793e616dfc1e2b4b228fd50fa5e8544f3965f8cd7af88255f5247de0b758d7a12cc9806af850b5668ede2aebfd6cff955a0649e9ec1cc54e1653f1ef1fc676e2b63d457ec947959ca9b602ebeb19db5890bce6c644e0767281bafba256f5e6968c5ae2618812bb8db7e3335b70638a8ebfe3303a3e3c41f5a18256d4a47270745ba41817d3cb7b4bdba0b65b839944b5ff3f7669ea59a290dcec196b9acd70991dcc9642d6775538edecd4b2a0078") (async)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000500)={&(0x7f0000000740)={0x278, r2, 0x800, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x16c, 0x5, 0x0, 0x1, [@nested={0xc, 0x42, 0x0, 0x1, [@nested={0x4, 0x9b}, @nested={0x4, 0x5c}]}, @nested={0x158, 0x20f0, 0x0, 0x1, [@generic="e3adc2c09d5bf698c9e9f0afd3e419bba69489e9e52e744eca1050e7ab79adf7f382dc72da62badb34d5ae446ffaa3c07ba2856a4c24d253b28de9c916bb42bb4fb597cc063fabcd79e92c1787f995caf656cdb0d21461a9072ee31d4c2416f55a379e6aa2bc03f089199426f97a4e75750479acdfbd1242212896a264fc79cfd478cc568ed9be87387e6455", @nested={0x4, 0xb4}, @typed={0xc2, 0x14e, 0x0, 0x0, @binary="023b0e93f69fdb6210133d62569f17f316567c3b08c3be8e91d753819290933991051314b1c9fee981b34bec0243dd1ab380fa85273307f74e5df350b5a6b14372c9ea3d2b405b120e512d1dab545cd3dacd2088e81231f988d9329801a605c9aceba753193383f9889183fba1d6f702198a5803772147b20d6da6b28e0451dff299866271e51140e994e0b0a16113457cf1f289b88028d437f40b9837bee238fa428106c573fd7a9aa2e138989ba5b081d749a541e7bddae338d5f54b9a"}]}, @typed={0x4, 0x9}]}, @TIPC_NLA_PUBL={0x8b, 0x3, 0x0, 0x1, [@typed={0x8, 0xb2, 0x0, 0x0, @uid=r3}, @generic="27ed02cdb336296c3d51288daa0792481cddb9dd4be791293107bdef3915ddc8d0aa025bd086e868d44bb1fedc77713a2b397780ede371f5b8d28fb0c7f05aa3e4e26715eca659c5229ca5d5201a7ddb9a13b9459a9ca1cfdc3aec210082176ef2164f95769d7baab01122682949524e37a5b99ec8b955", @typed={0x5, 0xbe, 0x0, 0x0, @str='\x00'}]}, @TIPC_NLA_PUBL={0x20, 0x3, 0x0, 0x1, [@typed={0x8, 0x155, 0x0, 0x0, @fd=r1}, @nested={0x14, 0x9c, 0x0, 0x1, [@typed={0x4, 0x8}, @typed={0x8, 0x58, 0x0, 0x0, @u32=0x4}, @nested={0x4, 0x51}]}]}, @TIPC_NLA_SOCK={0x4c, 0x2, 0x0, 0x1, [@typed={0x8, 0x149, 0x0, 0x0, @fd}, @generic="ad8dc471ce33955b9600c644100bae4a7ccb38569ff57cc4", @typed={0x14, 0x36, 0x0, 0x0, @ipv6=@private1}, @typed={0x14, 0xb0, 0x0, 0x0, @ipv6=@mcast2}]}]}, 0x278}, 0x1, 0x0, 0x0, 0x68881}, 0x2c000010) (async)
r7 = setfsuid$auto(0xee00) (async)
r8 = setfsuid$auto(0xee01)
setresuid$auto(r7, r8, r7) (async, rerun: 32)
ioctl$auto(r0, 0x89f2, 0x24) (rerun: 32)

1.480916684s ago: executing program 8 (id=4899):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0xb, 0x0)
r1 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x3, 0x6)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth0_to_bond\x00', <r3=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x50, r2, 0x4, 0x70bd2b, 0x6, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r3}, @MACSEC_ATTR_SA_CONFIG={0x31, 0x3, 0x0, 0x1, [@typed={0x8, 0xee, 0x0, 0x0, @fd=r1}, @generic="2ba39586d3e819138c82ef158e3215c964e3c19ae6d09da3840176350cba10ad6d0536f53e"]}]}, 0x50}, 0x1, 0x0, 0x0, 0x891}, 0x4001)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
socket(0x2, 0x5, 0x3)
setsockopt$auto(0x3, 0x10000000084, 0x17, 0x0, 0x3ff)

1.195765649s ago: executing program 2 (id=4900):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video6\x00', 0x682, 0x0)
ioctl$auto(r0, 0xc0285629, r0) (fail_nth: 3)

1.13920109s ago: executing program 7 (id=4901):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
connect$auto(0x3, 0x0, 0x55)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0)
pread64$auto(r0, 0x0, 0x100000001, 0x100)
r1 = socket(0x2, 0x1, 0x106)
getsockopt$auto(r1, 0x29, 0x4b, 0x0, 0x0)
ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0xffffffff, &(0x7f0000000000), 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0d184", &(0x7f0000000240)=0x4})

252.60848ms ago: executing program 1 (id=4902):
socket$nl_generic(0x10, 0x3, 0x10)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233de", 0x148)
socket(0x10, 0x2, 0x0)
connect$auto(0xffffffffffffffff, 0x0, 0x54)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff)
r0 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_IPVS_CMD_GET_SERVICE(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, 0x0, 0x4, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x0)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sda\x00', 0xa0102, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r3 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
getsockopt$auto(r3, 0x84, 0x83, 0x0, &(0x7f0000000000)=0x7ffe)
ioctl$auto_IOC_PR_RELEASE(r2, 0x401070ca, 0x0)
pread64$auto(r0, 0x0, 0x20000000001, 0x7fff)
r4 = socket(0x2a, 0x2, 0x0)
syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, r4)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x40c0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4)
unshare$auto(0x40000080)
socket(0xa, 0x5, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x2, r5, 0x401)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f00000000c0)=0x52a8, &(0x7f0000000140)=0x2)
mmap$auto(0x0, 0x100000000, 0x4000000000de, 0x40eb1, r5, 0x5)

151.924935ms ago: executing program 2 (id=4904):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x801, 0x8000, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
r2 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x8)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x1c3000, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6})
ioctl$auto(r3, 0xc01070ce, r3)
read$auto(r0, 0x0, 0x5)

0s ago: executing program 7 (id=4905):
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5401b0060c100", "70d9a9a3af9f39d000000001", "ef5a00", '\x00\a\x00']})
socket(0x10, 0x2, 0x0)
r0 = gettid()
prctl$auto(0x80003e, 0xfffffffffffffffd, r0, 0x3, 0x1000)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x981, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f00000001c0)={@inferred=r0, 0xd, 0x1, 0x7, "5e01404cf406ff7bc42f54d6a13914aed1dfa93db6d741e0214f63231859b35939f9c2c506589a74f233c35e", @inferred=r0})
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0xa, 0x2, 0x0)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_CREATE_VM(r5, 0x4048aecb, 0x0)
setresuid$auto(r2, r3, r2)

kernel console output (not intermixed with test programs):

7][T24913] total_pgfault 854130
[ 1540.196698][T24913] total_pgmajfault 1052
[ 1540.196708][T24913] total_inactive_anon 215941120
[ 1540.196718][T24913] total_active_anon 93777920
[ 1540.196729][T24913] total_inactive_file 4096
[ 1540.196747][T24913] total_active_file 0
[ 1540.196757][T24913] total_unevictable 0
[ 1540.196767][T24913] anon_cost 0
[ 1540.196776][T24913] file_cost 0
[ 1540.196787][T24913] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4058,pid=24919,uid=0
[ 1540.196961][T24913] Memory cgroup out of memory: Killed process 24919 (syz.0.4058) total-vm:131948kB, anon-rss:1528kB, file-rss:53844kB, shmem-rss:32640kB, UID:0 pgtables:276kB oom_score_adj:1000
[ 1540.830281][T24902] syz.0.4058 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1540.830348][T24902] CPU: 0 UID: 0 PID: 24902 Comm: syz.0.4058 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1540.830384][T24902] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1540.830393][T24902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1540.830409][T24902] Call Trace:
[ 1540.830416][T24902]  <TASK>
[ 1540.830426][T24902]  dump_stack_lvl+0x100/0x190
[ 1540.830467][T24902]  dump_header+0xfb/0x606
[ 1540.830494][T24902]  oom_kill_process.cold+0xd/0x330
[ 1540.830523][T24902]  out_of_memory+0x340/0x14f0
[ 1540.830567][T24902]  ? __pfx_out_of_memory+0x10/0x10
[ 1540.830734][T24902]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1540.830772][T24902]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1540.830807][T24902]  ? find_held_lock+0x2b/0x80
[ 1540.830836][T24902]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1540.830875][T24902]  ? _raw_spin_unlock+0x28/0x50
[ 1540.830913][T24902]  try_charge_memcg+0x652/0xc90
[ 1540.830947][T24902]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1540.830974][T24902]  ? find_held_lock+0x2b/0x80
[ 1540.830997][T24902]  ? rcu_read_unlock+0x17/0x60
[ 1540.831025][T24902]  ? rcu_read_unlock+0x17/0x60
[ 1540.831062][T24902]  charge_memcg+0xa6/0x280
[ 1540.831089][T24902]  __mem_cgroup_charge+0x2b/0x1e0
[ 1540.831121][T24902]  shmem_alloc_and_add_folio+0x451/0xd40
[ 1540.831167][T24902]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1540.831209][T24902]  ? shmem_allowable_huge_orders+0x2bd/0x400
[ 1540.831257][T24902]  shmem_get_folio_gfp+0x6ab/0x1900
[ 1540.831301][T24902]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1540.831348][T24902]  shmem_write_begin+0x1a4/0x420
[ 1540.831389][T24902]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1540.831429][T24902]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[ 1540.831459][T24902]  ? lockdep_hardirqs_on+0x78/0x100
[ 1540.831500][T24902]  generic_perform_write+0x292/0xa40
[ 1540.831546][T24902]  ? __pfx_generic_perform_write+0x10/0x10
[ 1540.831587][T24902]  ? file_update_time_flags+0x373/0x500
[ 1540.831629][T24902]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1540.831656][T24902]  shmem_file_write_iter+0x10e/0x140
[ 1540.831685][T24902]  __kernel_write_iter+0x2ac/0x920
[ 1540.831712][T24902]  ? __pfx___kernel_write_iter+0x10/0x10
[ 1540.831736][T24902]  ? __up_read+0x2c5/0x700
[ 1540.831775][T24902]  ? dump_user_range+0x73b/0xb50
[ 1540.831809][T24902]  dump_user_range+0x3f9/0xb50
[ 1540.831843][T24902]  ? __pfx_dump_user_range+0x10/0x10
[ 1540.831881][T24902]  ? __pfx_writenote+0x10/0x10
[ 1540.831918][T24902]  elf_core_dump+0x2d5f/0x3d10
[ 1540.831965][T24902]  ? __pfx_elf_core_dump+0x10/0x10
[ 1540.831996][T24902]  ? kasan_save_stack+0x3f/0x50
[ 1540.832017][T24902]  ? kasan_save_stack+0x30/0x50
[ 1540.832038][T24902]  ? __kasan_kmalloc+0xaa/0xb0
[ 1540.832075][T24902]  ? __kvmalloc_node_noprof+0x360/0xa00
[ 1540.832114][T24902]  ? vfs_coredump+0x2105/0x5570
[ 1540.832142][T24902]  ? asm_exc_page_fault+0x26/0x30
[ 1540.832170][T24902]  ? 0xffffffffff600000
[ 1540.832235][T24902]  ? vfs_coredump+0x27bc/0x5570
[ 1540.832261][T24902]  vfs_coredump+0x27bc/0x5570
[ 1540.832300][T24902]  ? __pfx_vfs_coredump+0x10/0x10
[ 1540.832329][T24902]  ? __lock_acquire+0x4a5/0x2630
[ 1540.832372][T24902]  ? lock_acquire+0x1cf/0x380
[ 1540.832416][T24902]  ? is_bpf_text_address+0x8a/0x1a0
[ 1540.832455][T24902]  ? bpf_ksym_find+0x124/0x1c0
[ 1540.832492][T24902]  ? __kernel_text_address+0xd/0x30
[ 1540.832529][T24902]  ? unwind_get_return_address+0x59/0xa0
[ 1540.832556][T24902]  ? arch_stack_walk+0xa6/0xf0
[ 1540.832590][T24902]  ? __sigqueue_free+0xbe/0x2a0
[ 1540.832627][T24902]  ? stack_trace_save+0x8e/0xc0
[ 1540.832651][T24902]  ? __pfx_stack_trace_save+0x10/0x10
[ 1540.832677][T24902]  ? stack_depot_save_flags+0x27/0x9d0
[ 1540.832710][T24902]  ? __lock_acquire+0x4a5/0x2630
[ 1540.832788][T24902]  ? proc_coredump_connector+0x2d3/0x4f0
[ 1540.832825][T24902]  ? __pfx_proc_coredump_connector+0x10/0x10
[ 1540.832867][T24902]  ? rcu_is_watching+0x12/0xc0
[ 1540.832910][T24902]  get_signal+0x1f2a/0x21e0
[ 1540.832948][T24902]  ? __pfx_get_signal+0x10/0x10
[ 1540.832972][T24902]  ? find_held_lock+0x2b/0x80
[ 1540.832994][T24902]  ? bad_area_access_error+0xab/0x1d0
[ 1540.833017][T24902]  ? fixup_vdso_exception+0x2d1/0x370
[ 1540.833054][T24902]  arch_do_signal_or_restart+0x91/0x770
[ 1540.833086][T24902]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1540.833125][T24902]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1540.833156][T24902]  irqentry_exit+0x1f8/0x670
[ 1540.833196][T24902]  asm_exc_page_fault+0x26/0x30
[ 1540.833220][T24902] RIP: 0033:0x0
[ 1540.833236][T24902] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 1540.833248][T24902] RSP: 002b:000000000000000b EFLAGS: 00010217
[ 1540.833266][T24902] RAX: 0000000000000000 RBX: 00007fd66b616270 RCX: 00007fd66b39c799
[ 1540.833281][T24902] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000200000000400
[ 1540.833296][T24902] RBP: 00007fd66b432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1540.833311][T24902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1540.833325][T24902] R13: 00007fd66b616308 R14: 00007fd66b616270 R15: 00007ffcd574a1a8
[ 1540.833356][T24902]  </TASK>
[ 1541.044843][T24902] memory: usage 307200kB, limit 307200kB, failcnt 21996
[ 1541.044867][T24902] memory+swap: usage 431588kB, limit 9007199254740988kB, failcnt 0
[ 1541.044884][T24902] kmem: usage 4600kB, limit 9007199254740988kB, failcnt 0
[ 1541.044899][T24902] Memory cgroup stats for /syz0:
[ 1541.045042][T24902] cache 309043200
[ 1541.045054][T24902] rss 409600
[ 1541.045063][T24902] rss_huge 0
[ 1541.045073][T24902] shmem 309014528
[ 1541.045083][T24902] mapped_file 53006336
[ 1541.045094][T24902] dirty 0
[ 1541.045103][T24902] writeback 0
[ 1541.045113][T24902] workingset_refault_anon 8783
[ 1541.045124][T24902] workingset_refault_file 2310
[ 1541.045135][T24902] swap 127373312
[ 1541.045145][T24902] swapcached 164274176
[ 1541.045156][T24902] pgpgin 1138799
[ 1541.045166][T24902] pgpgout 1097650
[ 1541.045176][T24902] pgfault 854130
[ 1541.045186][T24902] pgmajfault 1052
[ 1541.045196][T24902] inactive_anon 93777920
[ 1541.045206][T24902] active_anon 215941120
[ 1541.045217][T24902] inactive_file 4096
[ 1541.045227][T24902] active_file 4096
[ 1541.045238][T24902] unevictable 0
[ 1541.045248][T24902] hierarchical_memory_limit 314572800
[ 1541.045259][T24902] hierarchical_memsw_limit 9223372036854771712
[ 1541.045280][T24902] total_cache 309043200
[ 1541.045290][T24902] total_rss 409600
[ 1541.045301][T24902] total_rss_huge 0
[ 1541.045311][T24902] total_shmem 309014528
[ 1541.045321][T24902] total_mapped_file 53006336
[ 1541.045332][T24902] total_dirty 0
[ 1541.045342][T24902] total_writeback 0
[ 1541.045352][T24902] total_workingset_refault_anon 8783
[ 1541.045364][T24902] total_workingset_refault_file 2310
[ 1541.045375][T24902] total_swap 127373312
[ 1541.045385][T24902] total_swapcached 164274176
[ 1541.045396][T24902] total_pgpgin 1138799
[ 1541.045407][T24902] total_pgpgout 1097650
[ 1541.045417][T24902] total_pgfault 854130
[ 1541.045427][T24902] total_pgmajfault 1052
[ 1541.045438][T24902] total_inactive_anon 93777920
[ 1541.045449][T24902] total_active_anon 215941120
[ 1541.045460][T24902] total_inactive_file 4096
[ 1541.045471][T24902] total_active_file 4096
[ 1541.045481][T24902] total_unevictable 0
[ 1541.045491][T24902] anon_cost 0
[ 1541.045501][T24902] file_cost 0
[ 1541.045511][T24902] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4058,pid=24913,uid=0
[ 1541.045621][T24902] Memory cgroup out of memory: Killed process 24913 (syz.0.4058) total-vm:131948kB, anon-rss:1528kB, file-rss:53844kB, shmem-rss:32640kB, UID:0 pgtables:276kB oom_score_adj:1000
[ 1541.385474][T24902] syz.0.4058 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1541.385517][T24902] CPU: 0 UID: 0 PID: 24902 Comm: syz.0.4058 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1541.385554][T24902] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1541.385563][T24902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1541.385577][T24902] Call Trace:
[ 1541.385585][T24902]  <TASK>
[ 1541.385595][T24902]  dump_stack_lvl+0x100/0x190
[ 1541.385636][T24902]  dump_header+0xfb/0x606
[ 1541.385669][T24902]  oom_kill_process.cold+0xd/0x330
[ 1541.385697][T24902]  out_of_memory+0x340/0x14f0
[ 1541.385741][T24902]  ? __pfx_out_of_memory+0x10/0x10
[ 1541.385786][T24902]  mem_cgroup_out_of_memory+0xc6/0x130
[ 1541.385822][T24902]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[ 1541.385856][T24902]  ? find_held_lock+0x2b/0x80
[ 1541.385886][T24902]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1541.385924][T24902]  ? _raw_spin_unlock+0x28/0x50
[ 1541.385962][T24902]  try_charge_memcg+0x652/0xc90
[ 1541.385995][T24902]  ? __pfx_try_charge_memcg+0x10/0x10
[ 1541.386021][T24902]  ? find_held_lock+0x2b/0x80
[ 1541.386044][T24902]  ? rcu_read_unlock+0x17/0x60
[ 1541.386071][T24902]  ? rcu_read_unlock+0x17/0x60
[ 1541.386108][T24902]  charge_memcg+0xa6/0x280
[ 1541.386134][T24902]  __mem_cgroup_charge+0x2b/0x1e0
[ 1541.386166][T24902]  shmem_alloc_and_add_folio+0x451/0xd40
[ 1541.386211][T24902]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1541.386252][T24902]  ? shmem_allowable_huge_orders+0x2bd/0x400
[ 1541.386298][T24902]  shmem_get_folio_gfp+0x6ab/0x1900
[ 1541.386343][T24902]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1541.386391][T24902]  shmem_write_begin+0x1a4/0x420
[ 1541.386432][T24902]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1541.386473][T24902]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[ 1541.386504][T24902]  ? lockdep_hardirqs_on+0x78/0x100
[ 1541.386546][T24902]  generic_perform_write+0x292/0xa40
[ 1541.386592][T24902]  ? __pfx_generic_perform_write+0x10/0x10
[ 1541.386634][T24902]  ? file_update_time_flags+0x373/0x500
[ 1541.386675][T24902]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1541.386705][T24902]  shmem_file_write_iter+0x10e/0x140
[ 1541.386734][T24902]  __kernel_write_iter+0x2ac/0x920
[ 1541.386760][T24902]  ? __pfx___kernel_write_iter+0x10/0x10
[ 1541.386784][T24902]  ? __up_read+0x2c5/0x700
[ 1541.386823][T24902]  ? dump_user_range+0x73b/0xb50
[ 1541.386859][T24902]  dump_user_range+0x3f9/0xb50
[ 1541.386893][T24902]  ? __pfx_dump_user_range+0x10/0x10
[ 1541.386931][T24902]  ? __pfx_writenote+0x10/0x10
[ 1541.386969][T24902]  elf_core_dump+0x2d5f/0x3d10
[ 1541.387016][T24902]  ? __pfx_elf_core_dump+0x10/0x10
[ 1541.387048][T24902]  ? kasan_save_stack+0x3f/0x50
[ 1541.387069][T24902]  ? kasan_save_stack+0x30/0x50
[ 1541.387091][T24902]  ? __kasan_kmalloc+0xaa/0xb0
[ 1541.387128][T24902]  ? __kvmalloc_node_noprof+0x360/0xa00
[ 1541.387167][T24902]  ? vfs_coredump+0x2105/0x5570
[ 1541.387195][T24902]  ? asm_exc_page_fault+0x26/0x30
[ 1541.387222][T24902]  ? 0xffffffffff600000
[ 1541.387288][T24902]  ? vfs_coredump+0x27bc/0x5570
[ 1541.387314][T24902]  vfs_coredump+0x27bc/0x5570
[ 1541.387354][T24902]  ? __pfx_vfs_coredump+0x10/0x10
[ 1541.387383][T24902]  ? __lock_acquire+0x4a5/0x2630
[ 1541.387426][T24902]  ? lock_acquire+0x1cf/0x380
[ 1541.387469][T24902]  ? is_bpf_text_address+0x8a/0x1a0
[ 1541.387507][T24902]  ? bpf_ksym_find+0x124/0x1c0
[ 1541.387545][T24902]  ? __kernel_text_address+0xd/0x30
[ 1541.387581][T24902]  ? unwind_get_return_address+0x59/0xa0
[ 1541.387609][T24902]  ? arch_stack_walk+0xa6/0xf0
[ 1541.387643][T24902]  ? __sigqueue_free+0xbe/0x2a0
[ 1541.387680][T24902]  ? stack_trace_save+0x8e/0xc0
[ 1541.387705][T24902]  ? __pfx_stack_trace_save+0x10/0x10
[ 1541.387731][T24902]  ? stack_depot_save_flags+0x27/0x9d0
[ 1541.387764][T24902]  ? __lock_acquire+0x4a5/0x2630
[ 1541.387842][T24902]  ? proc_coredump_connector+0x2d3/0x4f0
[ 1541.387879][T24902]  ? __pfx_proc_coredump_connector+0x10/0x10
[ 1541.387922][T24902]  ? rcu_is_watching+0x12/0xc0
[ 1541.387965][T24902]  get_signal+0x1f2a/0x21e0
[ 1541.388002][T24902]  ? __pfx_get_signal+0x10/0x10
[ 1541.388027][T24902]  ? find_held_lock+0x2b/0x80
[ 1541.388049][T24902]  ? bad_area_access_error+0xab/0x1d0
[ 1541.388072][T24902]  ? fixup_vdso_exception+0x2d1/0x370
[ 1541.388108][T24902]  arch_do_signal_or_restart+0x91/0x770
[ 1541.388140][T24902]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1541.388180][T24902]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1541.388210][T24902]  irqentry_exit+0x1f8/0x670
[ 1541.388251][T24902]  asm_exc_page_fault+0x26/0x30
[ 1541.388275][T24902] RIP: 0033:0x0
[ 1541.388291][T24902] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[ 1541.388303][T24902] RSP: 002b:000000000000000b EFLAGS: 00010217
[ 1541.388321][T24902] RAX: 0000000000000000 RBX: 00007fd66b616270 RCX: 00007fd66b39c799
[ 1541.388337][T24902] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000200000000400
[ 1541.388352][T24902] RBP: 00007fd66b432c99 R08: 0000000000000000 R09: 0000000000000000
[ 1541.388367][T24902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1541.388381][T24902] R13: 00007fd66b616308 R14: 00007fd66b616270 R15: 00007ffcd574a1a8
[ 1541.388415][T24902]  </TASK>
[ 1541.617367][T24902] memory: usage 307200kB, limit 307200kB, failcnt 22093
[ 1541.617394][T24902] memory+swap: usage 431580kB, limit 9007199254740988kB, failcnt 0
[ 1541.617411][T24902] kmem: usage 4664kB, limit 9007199254740988kB, failcnt 0
[ 1541.617427][T24902] Memory cgroup stats for /syz0:
[ 1541.617582][T24902] cache 309039104
[ 1541.617594][T24902] rss 200704
[ 1541.617604][T24902] rss_huge 0
[ 1541.617614][T24902] shmem 309014528
[ 1541.617630][T24902] mapped_file 33636352
[ 1541.617640][T24902] dirty 0
[ 1541.617650][T24902] writeback 0
[ 1541.617659][T24902] workingset_refault_anon 8783
[ 1541.617670][T24902] workingset_refault_file 2310
[ 1541.617681][T24902] swap 127365120
[ 1541.617691][T24902] swapcached 164274176
[ 1541.617701][T24902] pgpgin 1138812
[ 1541.617711][T24902] pgpgout 1097679
[ 1541.617721][T24902] pgfault 854147
[ 1541.617731][T24902] pgmajfault 1052
[ 1541.617740][T24902] inactive_anon 233996288
[ 1541.617751][T24902] active_anon 75776000
[ 1541.617761][T24902] inactive_file 24576
[ 1541.617771][T24902] active_file 0
[ 1541.617781][T24902] unevictable 0
[ 1541.617791][T24902] hierarchical_memory_limit 314572800
[ 1541.617803][T24902] hierarchical_memsw_limit 9223372036854771712
[ 1541.617815][T24902] total_cache 309039104
[ 1541.617826][T24902] total_rss 200704
[ 1541.617835][T24902] total_rss_huge 0
[ 1541.617845][T24902] total_shmem 309014528
[ 1541.617855][T24902] total_mapped_file 33636352
[ 1541.617865][T24902] total_dirty 0
[ 1541.617875][T24902] total_writeback 0
[ 1541.617885][T24902] total_workingset_refault_anon 8783
[ 1541.617896][T24902] total_workingset_refault_file 2310
[ 1541.617908][T24902] total_swap 127365120
[ 1541.617917][T24902] total_swapcached 164274176
[ 1541.617928][T24902] total_pgpgin 1138812
[ 1541.617939][T24902] total_pgpgout 1097679
[ 1541.617949][T24902] total_pgfault 854147
[ 1541.617959][T24902] total_pgmajfault 1052
[ 1541.617969][T24902] total_inactive_anon 233996288
[ 1541.617980][T24902] total_active_anon 75776000
[ 1541.617990][T24902] total_inactive_file 24576
[ 1541.618001][T24902] total_active_file 0
[ 1541.618011][T24902] total_unevictable 0
[ 1541.618021][T24902] anon_cost 0
[ 1541.618031][T24902] file_cost 0
[ 1541.618041][T24902] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.4058,pid=24905,uid=0
[ 1541.618168][T24902] Memory cgroup out of memory: Killed process 24905 (syz.0.4058) total-vm:131816kB, anon-rss:1260kB, file-rss:53840kB, shmem-rss:10172kB, UID:0 pgtables:272kB oom_score_adj:1000
[ 1542.112254][T25354] FAULT_INJECTION: forcing a failure.
[ 1542.112254][T25354] name failslab, interval 1, probability 0, space 0, times 0
[ 1542.112389][T25354] CPU: 0 UID: 0 PID: 25354 Comm: syz.4.4152 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1542.112429][T25354] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1542.112439][T25354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1542.112460][T25354] Call Trace:
[ 1542.112469][T25354]  <TASK>
[ 1542.112479][T25354]  dump_stack_lvl+0x100/0x190
[ 1542.112530][T25354]  should_fail_ex.cold+0x5/0xa
[ 1542.112561][T25354]  should_failslab+0xc2/0x120
[ 1542.112590][T25354]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1542.112631][T25354]  ? ptlock_alloc+0x1f/0x70
[ 1542.112672][T25354]  ptlock_alloc+0x1f/0x70
[ 1542.112707][T25354]  pte_alloc_one+0x82/0x3d0
[ 1542.112737][T25354]  __pte_alloc+0x6d/0x3e0
[ 1542.112764][T25354]  ? __pfx___pte_alloc+0x10/0x10
[ 1542.112791][T25354]  ? find_held_lock+0x2b/0x80
[ 1542.112816][T25354]  ? find_held_lock+0x2b/0x80
[ 1542.112839][T25354]  ? walk_to_pmd+0x302/0x4c0
[ 1542.112873][T25354]  get_locked_pte+0xa1/0xc0
[ 1542.112905][T25354]  insert_page+0xcc/0x220
[ 1542.112938][T25354]  ? __pfx_insert_page+0x10/0x10
[ 1542.112967][T25354]  ? __pfx_down_read_trylock+0x10/0x10
[ 1542.113014][T25354]  vm_insert_page+0x2c0/0x400
[ 1542.113049][T25354]  kcov_mmap+0xca/0x130
[ 1542.113075][T25354]  __mmap_region+0x1443/0x29e0
[ 1542.113118][T25354]  ? __pfx___mmap_region+0x10/0x10
[ 1542.113163][T25354]  ? ima_match_policy+0x8c4/0x2350
[ 1542.113227][T25354]  ? find_held_lock+0x2b/0x80
[ 1542.113252][T25354]  ? process_measurement+0x4c8/0x2350
[ 1542.113293][T25354]  ? process_measurement+0x4c8/0x2350
[ 1542.113346][T25354]  ? process_measurement+0x1f4/0x2350
[ 1542.113437][T25354]  mmap_region+0x30a/0x3e0
[ 1542.113481][T25354]  do_mmap+0xc63/0x12f0
[ 1542.113521][T25354]  ? __pfx_do_mmap+0x10/0x10
[ 1542.113551][T25354]  ? __pfx_down_write_killable+0x10/0x10
[ 1542.113586][T25354]  vm_mmap_pgoff+0x29e/0x470
[ 1542.113622][T25354]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1542.113650][T25354]  ? __fget_files+0x215/0x3d0
[ 1542.113681][T25354]  ? __fget_files+0x21f/0x3d0
[ 1542.113712][T25354]  ksys_mmap_pgoff+0x3c8/0x650
[ 1542.113740][T25354]  ? __x64_sys_futex+0x34f/0x4d0
[ 1542.113774][T25354]  ? __x64_sys_futex+0x358/0x4d0
[ 1542.113809][T25354]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1542.113838][T25354]  ? xfd_validate_state+0x129/0x190
[ 1542.113882][T25354]  __x64_sys_mmap+0x125/0x190
[ 1542.113924][T25354]  do_syscall_64+0x106/0xf80
[ 1542.113963][T25354]  ? clear_bhb_loop+0x40/0x90
[ 1542.113995][T25354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1542.114021][T25354] RIP: 0033:0x7fd9ad39c799
[ 1542.114042][T25354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1542.114067][T25354] RSP: 002b:00007fd9ae23e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1542.114093][T25354] RAX: ffffffffffffffda RBX: 00007fd9ad616090 RCX: 00007fd9ad39c799
[ 1542.114110][T25354] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000009000
[ 1542.114126][T25354] RBP: 00007fd9ad432c99 R08: 00000000000000dd R09: 0000000000000000
[ 1542.114143][T25354] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[ 1542.114159][T25354] R13: 00007fd9ad616128 R14: 00007fd9ad616090 R15: 00007ffcca12a798
[ 1542.114192][T25354]  </TASK>
[ 1542.246386][   T32] oom_reaper: reaped process 24919 (syz.0.4058), now anon-rss:0kB, file-rss:7608kB, shmem-rss:0kB
[ 1544.886130][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1544.886187][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1553.120055][T25395] Unable to find swap-space signature
[ 1557.047600][T25437] random: crng reseeded on system resumption
[ 1558.161047][T25451] Unable to find swap-space signature
[ 1562.113764][T25497] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.4.4180: bg 3: bad block bitmap checksum
[ 1562.422586][T25497] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2503 with max blocks 1 with error 74
[ 1562.481421][   T30] audit: type=1804 audit(4294967393.105:41): pid=25494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4181" name="/newroot/454/file0" dev="tmpfs" ino=2378 res=1 errno=0
[ 1562.526021][T25497] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1562.526021][T25497] 
[ 1562.600925][   T30] audit: type=1804 audit(4294967393.176:42): pid=25496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4181" name="/newroot/454/file0" dev="tmpfs" ino=2378 res=1 errno=0
[ 1563.196854][T16140] Bluetooth: hci4: unexpected event 0x3e length: 505 > 260
[ 1563.196889][T16140] Bluetooth: hci4: unexpected subevent 0x02 length: 504 > 260
[ 1563.214221][T16140] Bluetooth: hci4: Dropping invalid advertising data
[ 1563.224139][T16140] Bluetooth: hci4: unknown advertising packet type: 0xe9
[ 1563.259706][T22960] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1563.766086][T25512] random: crng reseeded on system resumption
[ 1564.066470][T25519] FAULT_INJECTION: forcing a failure.
[ 1564.066470][T25519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1564.115693][T24527] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2528 with max blocks 1 with error 117
[ 1564.134832][T25519] CPU: 0 UID: 0 PID: 25519 Comm: syz.4.4185 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1564.134873][T25519] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1564.134882][T25519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1564.134897][T25519] Call Trace:
[ 1564.134905][T25519]  <TASK>
[ 1564.134915][T25519]  dump_stack_lvl+0x100/0x190
[ 1564.134958][T25519]  should_fail_ex.cold+0x5/0xa
[ 1564.134987][T25519]  _copy_to_user+0x32/0xd0
[ 1564.135020][T25519]  simple_read_from_buffer+0xcb/0x170
[ 1564.135061][T25519]  proc_fail_nth_read+0x1af/0x230
[ 1564.135094][T25519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1564.135126][T25519]  ? rw_verify_area+0xce/0x6d0
[ 1564.135162][T25519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1564.135193][T25519]  vfs_read+0x1e4/0xb30
[ 1564.135219][T25519]  ? __pfx_vfs_read+0x10/0x10
[ 1564.135241][T25519]  ? __fget_files+0x215/0x3d0
[ 1564.135277][T25519]  ? __fget_files+0x21f/0x3d0
[ 1564.135309][T25519]  ksys_read+0x12a/0x250
[ 1564.135331][T25519]  ? __pfx_ksys_read+0x10/0x10
[ 1564.135362][T25519]  do_syscall_64+0x106/0xf80
[ 1564.135401][T25519]  ? clear_bhb_loop+0x40/0x90
[ 1564.135438][T25519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1564.135462][T25519] RIP: 0033:0x7fd9ad35cfce
[ 1564.135481][T25519] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1564.135505][T25519] RSP: 002b:00007fd9ae21cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1564.135527][T25519] RAX: ffffffffffffffda RBX: 00007fd9ae21d6c0 RCX: 00007fd9ad35cfce
[ 1564.135543][T25519] RDX: 000000000000000f RSI: 00007fd9ae21d0a0 RDI: 0000000000000003
[ 1564.135558][T25519] RBP: 00007fd9ae21d090 R08: 0000000000000000 R09: 0000000000000000
[ 1564.135572][T25519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1564.135587][T25519] R13: 00007fd9ad616218 R14: 00007fd9ad616180 R15: 00007ffcca12a798
[ 1564.135618][T25519]  </TASK>
[ 1564.550782][T24527] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1564.550782][T24527] 
[ 1564.607718][T24517] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2532 with max blocks 1 with error 117
[ 1564.630419][T24517] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1564.630419][T24517] 
[ 1565.260919][T25539] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[ 1565.278416][T25539] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[ 1567.041618][T25568] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2505 with max blocks 1 with error 117
[ 1567.175245][T25568] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1567.175245][T25568] 
[ 1569.033400][T25623] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[ 1569.374525][T25627] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2526 with max blocks 1 with error 117
[ 1569.514616][T25627] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1569.514616][T25627] 
[ 1573.445289][T25766] FAULT_INJECTION: forcing a failure.
[ 1573.445289][T25766] name failslab, interval 1, probability 0, space 0, times 0
[ 1573.535882][T25766] CPU: 0 UID: 0 PID: 25766 Comm: syz.1.4236 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1573.535922][T25766] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1573.535932][T25766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1573.535946][T25766] Call Trace:
[ 1573.535954][T25766]  <TASK>
[ 1573.535964][T25766]  dump_stack_lvl+0x100/0x190
[ 1573.536007][T25766]  should_fail_ex.cold+0x5/0xa
[ 1573.536036][T25766]  should_failslab+0xc2/0x120
[ 1573.536063][T25766]  __kvmalloc_node_noprof+0xfa/0xa00
[ 1573.536102][T25766]  ? seq_read_iter+0x819/0x1270
[ 1573.536148][T25766]  seq_read_iter+0x819/0x1270
[ 1573.536188][T25766]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1573.536236][T25766]  kernfs_fop_read_iter+0x46c/0x610
[ 1573.536271][T25766]  copy_splice_read+0x4ba/0xb90
[ 1573.536302][T25766]  ? __pfx_copy_splice_read+0x10/0x10
[ 1573.536329][T25766]  ? look_up_lock_class+0x55/0x120
[ 1573.536374][T25766]  ? lockdep_init_map_type+0x5c/0x250
[ 1573.536409][T25766]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1573.536435][T25766]  ? __pfx_copy_splice_read+0x10/0x10
[ 1573.536459][T25766]  do_splice_read+0x285/0x370
[ 1573.536487][T25766]  splice_direct_to_actor+0x2a1/0xa30
[ 1573.536516][T25766]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1573.536546][T25766]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1573.536586][T25766]  do_splice_direct+0x174/0x240
[ 1573.536613][T25766]  ? __pfx_do_splice_direct+0x10/0x10
[ 1573.536639][T25766]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1573.536685][T25766]  ? rw_verify_area+0xce/0x6d0
[ 1573.536727][T25766]  do_sendfile+0xadc/0xe20
[ 1573.536771][T25766]  ? __pfx_do_sendfile+0x10/0x10
[ 1573.536810][T25766]  ? __fget_files+0x21f/0x3d0
[ 1573.536842][T25766]  __x64_sys_sendfile64+0x1d8/0x220
[ 1573.536869][T25766]  ? ksys_write+0x1ac/0x250
[ 1573.536892][T25766]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1573.536930][T25766]  do_syscall_64+0x106/0xf80
[ 1573.536968][T25766]  ? clear_bhb_loop+0x40/0x90
[ 1573.536998][T25766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1573.537023][T25766] RIP: 0033:0x7f6fbf59c799
[ 1573.537043][T25766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1573.537067][T25766] RSP: 002b:00007f6fc03cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1573.537090][T25766] RAX: ffffffffffffffda RBX: 00007f6fbf815fa0 RCX: 00007f6fbf59c799
[ 1573.537106][T25766] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1573.537121][T25766] RBP: 00007f6fc03cc090 R08: 0000000000000000 R09: 0000000000000000
[ 1573.537135][T25766] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001
[ 1573.537150][T25766] R13: 00007f6fbf816038 R14: 00007f6fbf815fa0 R15: 00007fff515abb68
[ 1573.537180][T25766]  </TASK>
[ 1576.714595][T25817] FAULT_INJECTION: forcing a failure.
[ 1576.714595][T25817] name failslab, interval 1, probability 0, space 0, times 0
[ 1576.778726][T25817] CPU: 0 UID: 0 PID: 25817 Comm: syz.4.4248 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1576.778766][T25817] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1576.778776][T25817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1576.778790][T25817] Call Trace:
[ 1576.778799][T25817]  <TASK>
[ 1576.778808][T25817]  dump_stack_lvl+0x100/0x190
[ 1576.778849][T25817]  should_fail_ex.cold+0x5/0xa
[ 1576.778878][T25817]  ? iter_file_splice_write+0x1d8/0x10a0
[ 1576.778903][T25817]  should_failslab+0xc2/0x120
[ 1576.778931][T25817]  __kmalloc_noprof+0xe0/0x850
[ 1576.778974][T25817]  iter_file_splice_write+0x1d8/0x10a0
[ 1576.778999][T25817]  ? lockdep_hardirqs_on+0x78/0x100
[ 1576.779042][T25817]  ? copy_splice_read+0x734/0xb90
[ 1576.779064][T25817]  ? kfree+0x1f6/0x6b0
[ 1576.779102][T25817]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1576.779128][T25817]  ? __lock_acquire+0x4a5/0x2630
[ 1576.779163][T25817]  ? __pfx_copy_splice_read+0x10/0x10
[ 1576.779203][T25817]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1576.779231][T25817]  direct_splice_actor+0x192/0x6c0
[ 1576.779260][T25817]  splice_direct_to_actor+0x345/0xa30
[ 1576.779287][T25817]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1576.779323][T25817]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1576.779358][T25817]  do_splice_direct+0x174/0x240
[ 1576.779383][T25817]  ? __pfx_do_splice_direct+0x10/0x10
[ 1576.779410][T25817]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1576.779455][T25817]  ? rw_verify_area+0xce/0x6d0
[ 1576.779494][T25817]  do_sendfile+0xadc/0xe20
[ 1576.779538][T25817]  ? __pfx_do_sendfile+0x10/0x10
[ 1576.779577][T25817]  ? __fget_files+0x21f/0x3d0
[ 1576.779608][T25817]  __x64_sys_sendfile64+0x1d8/0x220
[ 1576.779635][T25817]  ? ksys_write+0x1ac/0x250
[ 1576.779658][T25817]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1576.779695][T25817]  do_syscall_64+0x106/0xf80
[ 1576.779732][T25817]  ? clear_bhb_loop+0x40/0x90
[ 1576.779762][T25817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1576.779786][T25817] RIP: 0033:0x7fd9ad39c799
[ 1576.779805][T25817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1576.779828][T25817] RSP: 002b:00007fd9ae25f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1576.779851][T25817] RAX: ffffffffffffffda RBX: 00007fd9ad615fa0 RCX: 00007fd9ad39c799
[ 1576.779868][T25817] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1576.779882][T25817] RBP: 00007fd9ae25f090 R08: 0000000000000000 R09: 0000000000000000
[ 1576.779896][T25817] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001
[ 1576.779911][T25817] R13: 00007fd9ad616038 R14: 00007fd9ad615fa0 R15: 00007ffcca12a798
[ 1576.779941][T25817]  </TASK>
[ 1579.242517][T25840] nvme_fabrics: missing parameter 'transport=%s'
[ 1579.318438][T25840] nvme_fabrics: missing parameter 'nqn=%s'
[ 1580.659003][T25869] netlink: 326 bytes leftover after parsing attributes in process `syz.2.4261'.
[ 1582.753301][T25908] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[ 1583.174983][T25910] zswap: compressor  not available
[ 1583.501536][T25917] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4270'.
[ 1583.591809][T25922] random: crng reseeded on system resumption
[ 1583.801210][T25925] FAULT_INJECTION: forcing a failure.
[ 1583.801210][T25925] name failslab, interval 1, probability 0, space 0, times 0
[ 1583.861216][T25925] CPU: 0 UID: 0 PID: 25925 Comm: syz.0.4272 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1583.861257][T25925] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1583.861266][T25925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1583.861281][T25925] Call Trace:
[ 1583.861290][T25925]  <TASK>
[ 1583.861300][T25925]  dump_stack_lvl+0x100/0x190
[ 1583.861342][T25925]  should_fail_ex.cold+0x5/0xa
[ 1583.861371][T25925]  ? kernfs_fop_write_iter+0x26a/0x5f0
[ 1583.861398][T25925]  should_failslab+0xc2/0x120
[ 1583.861426][T25925]  __kmalloc_noprof+0xe0/0x850
[ 1583.861463][T25925]  ? __pfx_aa_file_perm+0x10/0x10
[ 1583.861503][T25925]  kernfs_fop_write_iter+0x26a/0x5f0
[ 1583.861534][T25925]  do_iter_readv_writev+0x6ee/0x920
[ 1583.861574][T25925]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1583.861626][T25925]  vfs_writev+0x360/0xe10
[ 1583.861663][T25925]  ? rcu_is_watching+0x12/0xc0
[ 1583.861708][T25925]  ? __pfx_vfs_writev+0x10/0x10
[ 1583.861751][T25925]  ? fdget_pos+0x2aa/0x380
[ 1583.861779][T25925]  ? find_held_lock+0x2b/0x80
[ 1583.861821][T25925]  ? __fget_files+0x21f/0x3d0
[ 1583.861851][T25925]  ? do_writev+0x13e/0x340
[ 1583.861887][T25925]  do_writev+0x13e/0x340
[ 1583.861926][T25925]  ? __pfx_do_writev+0x10/0x10
[ 1583.861972][T25925]  do_syscall_64+0x106/0xf80
[ 1583.862011][T25925]  ? clear_bhb_loop+0x40/0x90
[ 1583.862041][T25925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1583.862066][T25925] RIP: 0033:0x7fd66b39c799
[ 1583.862085][T25925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1583.862108][T25925] RSP: 002b:00007fd66c1e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1583.862131][T25925] RAX: ffffffffffffffda RBX: 00007fd66b616090 RCX: 00007fd66b39c799
[ 1583.862147][T25925] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 1583.862162][T25925] RBP: 00007fd66c1e6090 R08: 0000000000000000 R09: 0000000000000000
[ 1583.862177][T25925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1583.862191][T25925] R13: 00007fd66b616128 R14: 00007fd66b616090 R15: 00007ffcd574a1a8
[ 1583.862222][T25925]  </TASK>
[ 1585.195472][T25944] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0
[ 1585.893524][T25959] FAULT_INJECTION: forcing a failure.
[ 1585.893524][T25959] name failslab, interval 1, probability 0, space 0, times 0
[ 1585.934345][T25952] nvme_fabrics: missing parameter 'transport=%s'
[ 1586.035052][T25952] nvme_fabrics: missing parameter 'nqn=%s'
[ 1586.082680][T25959] CPU: 0 UID: 0 PID: 25959 Comm: syz.0.4281 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1586.082724][T25959] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1586.082735][T25959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1586.082756][T25959] Call Trace:
[ 1586.082765][T25959]  <TASK>
[ 1586.082775][T25959]  dump_stack_lvl+0x100/0x190
[ 1586.082823][T25959]  should_fail_ex.cold+0x5/0xa
[ 1586.082854][T25959]  should_failslab+0xc2/0x120
[ 1586.082882][T25959]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1586.082925][T25959]  ? __alloc_skb+0x140/0x710
[ 1586.082968][T25959]  __alloc_skb+0x140/0x710
[ 1586.083003][T25959]  ? __alloc_skb+0x5b7/0x710
[ 1586.083038][T25959]  ? __pfx___alloc_skb+0x10/0x10
[ 1586.083083][T25959]  netlink_alloc_large_skb+0x69/0x150
[ 1586.083112][T25959]  netlink_sendmsg+0x680/0xda0
[ 1586.083141][T25959]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1586.083170][T25959]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1586.083224][T25959]  __sys_sendto+0x468/0x4b0
[ 1586.083258][T25959]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1586.083284][T25959]  ? __pfx___sys_sendto+0x10/0x10
[ 1586.083329][T25959]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1586.083358][T25959]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[ 1586.083413][T25959]  __x64_sys_sendto+0xe0/0x1c0
[ 1586.083449][T25959]  ? do_syscall_64+0x95/0xf80
[ 1586.083493][T25959]  ? lockdep_hardirqs_on+0x78/0x100
[ 1586.083535][T25959]  do_syscall_64+0x106/0xf80
[ 1586.083574][T25959]  ? clear_bhb_loop+0x40/0x90
[ 1586.083606][T25959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1586.083632][T25959] RIP: 0033:0x7fd66b35cfce
[ 1586.083653][T25959] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1586.083679][T25959] RSP: 002b:00007fd66c1a2e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1586.083704][T25959] RAX: ffffffffffffffda RBX: 00007fd66c1a46c0 RCX: 00007fd66b35cfce
[ 1586.083722][T25959] RDX: 0000000000000020 RSI: 00007fd66c1a3000 RDI: 0000000000000004
[ 1586.083738][T25959] RBP: 0000000000000000 R08: 00007fd66c1a2f04 R09: 000000000000000c
[ 1586.083754][T25959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[ 1586.083770][T25959] R13: 00007fd66c1a2f58 R14: 00007fd66c1a3000 R15: 0000000000000000
[ 1586.083805][T25959]  </TASK>
[ 1588.002412][T25988] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2332 with max blocks 1 with error 117
[ 1588.158797][T25988] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1588.158797][T25988] 
[ 1591.314854][T26020] nvme_fabrics: missing parameter 'transport=%s'
[ 1591.435934][T26020] nvme_fabrics: missing parameter 'nqn=%s'
[ 1592.586012][T26034] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1592.632074][T26034] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1592.645149][T26034] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1592.652869][T26029] zswap: compressor  not available
[ 1592.664830][T26034] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1593.034165][T26056] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4299'.
[ 1593.125423][T26059] vivid-003: =================  START STATUS  =================
[ 1593.155467][T26056] veth1_macvtap: left promiscuous mode
[ 1593.176652][T26059] vivid-003: Radio HW Seek Mode: Bounded
[ 1593.254776][T26059] vivid-003: Radio Programmable HW Seek: false
[ 1593.307044][T26059] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1593.343901][T26059] vivid-003: Generate RBDS Instead of RDS: false
[ 1593.394961][T26059] vivid-003: RDS Reception: true
[ 1593.481152][T26059] vivid-003: RDS Program Type: 0 inactive
[ 1593.526251][T26059] vivid-003: RDS PS Name:  inactive
[ 1593.552332][T26059] vivid-003: RDS Radio Text:  inactive
[ 1593.590488][T26059] vivid-003: RDS Traffic Announcement: false inactive
[ 1593.615908][T26059] vivid-003: RDS Traffic Program: false inactive
[ 1593.640625][T26059] vivid-003: RDS Music: false inactive
[ 1593.656174][T26059] vivid-003: ==================  END STATUS  ==================
[ 1594.010006][   T30] audit: type=1800 audit(4294986791.798:43): pid=26073 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4303" name="SYSV00004000" dev="tmpfs" ino=0 res=0 errno=0
[ 1594.222139][T22960] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1594.523390][T24512] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2533 with max blocks 2 with error 117
[ 1594.599894][T24512] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1594.599894][T24512] 
[ 1594.698869][T22960] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1594.705147][T16140] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1594.711396][T16140] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1595.127994][T26099] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4307'.
[ 1596.686970][T26131] random: crng reseeded on system resumption
[ 1598.316026][   T30] audit: type=1804 audit(4294986796.108:44): pid=26157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.4322" name="/newroot/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw" dev="tracefs" ino=1557 res=1 errno=0
[ 1601.313567][T26206] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1601.346549][T26206] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1601.368131][T26206] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1601.399482][T26206] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1603.047450][T26230] netlink: 5 bytes leftover after parsing attributes in process `syz.2.4338'.
[ 1603.094672][T26230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4338'.
[ 1603.220703][T26093] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1603.392492][T26093] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1603.399275][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1603.405333][T16140] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1603.473401][T26234] zswap: compressor  not available
[ 1604.705386][T26269] random: crng reseeded on system resumption
[ 1605.594817][T26277] bridge0: port 3(gretap0) entered blocking state
[ 1605.649994][T26277] bridge0: port 3(gretap0) entered disabled state
[ 1605.707453][T26277] gretap0: entered allmulticast mode
[ 1605.797648][T26277] bridge0: port 3(gretap0) entered blocking state
[ 1605.804249][T26277] bridge0: port 3(gretap0) entered forwarding state
[ 1605.897590][T26285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4348'.
[ 1605.985113][T26285] mac80211_hwsim hwsim23 wlan1: entered promiscuous mode
[ 1606.012855][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1606.027579][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1606.037920][T26285] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode
[ 1607.234101][T26304] futex_wake_op: syz.2.4353 tries to shift op by -2048; fix this program
[ 1607.313377][T26304] futex_wake_op: syz.2.4353 tries to shift op by -2048; fix this program
[ 1607.517293][T26308] block2mtd: illegal erase size
[ 1607.680537][T26308] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2344 with max blocks 1 with error 117
[ 1607.971801][T26308] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1607.971801][T26308] 
[ 1612.477135][T26364] futex_wake_op: syz.1.4368 tries to shift op by -2048; fix this program
[ 1612.643704][T26372] futex_wake_op: syz.4.4369 tries to shift op by -2048; fix this program
[ 1612.835160][T26375] block2mtd: illegal erase size
[ 1612.895409][T26375] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2334 with max blocks 1 with error 117
[ 1613.027479][T26375] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1613.027479][T26375] 
[ 1615.966373][T26414] futex_wake_op: syz.2.4379 tries to shift op by -2048; fix this program
[ 1616.765558][T26426] Invalid ELF header magic: != ELF
[ 1617.489979][T26437] block nbd0: NBD_DISCONNECT
[ 1617.527405][T26437] block nbd0: Send disconnect failed -32
[ 1621.783596][T26498] sysfs_service_op_store: Client not running :-5:
[ 1622.205236][T26502] random: crng reseeded on system resumption
[ 1622.441644][T26502] hub 1-0:1.0: USB hub found
[ 1622.509838][T26502] hub 1-0:1.0: 1 port detected
[ 1622.661460][T26505] FAULT_INJECTION: forcing a failure.
[ 1622.661460][T26505] name failslab, interval 1, probability 0, space 0, times 0
[ 1622.735207][T26505] CPU: 0 UID: 0 PID: 26505 Comm: syz.1.4400 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1622.735247][T26505] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1622.735257][T26505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1622.735272][T26505] Call Trace:
[ 1622.735280][T26505]  <TASK>
[ 1622.735289][T26505]  dump_stack_lvl+0x100/0x190
[ 1622.735331][T26505]  should_fail_ex.cold+0x5/0xa
[ 1622.735360][T26505]  should_failslab+0xc2/0x120
[ 1622.735388][T26505]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1622.735426][T26505]  ? taskstats_exit+0x650/0xbd0
[ 1622.735455][T26505]  taskstats_exit+0x650/0xbd0
[ 1622.735477][T26505]  ? __pfx_acct_update_integrals+0x10/0x10
[ 1622.735503][T26505]  ? __pfx_taskstats_exit+0x10/0x10
[ 1622.735529][T26505]  ? rcu_read_lock_any_held+0x6a/0xa0
[ 1622.735553][T26505]  ? exit_signals+0x395/0xaf0
[ 1622.735583][T26505]  do_exit+0x659/0x2b60
[ 1622.735620][T26505]  ? __pfx_do_exit+0x10/0x10
[ 1622.735652][T26505]  ? do_raw_spin_lock+0x128/0x260
[ 1622.735689][T26505]  ? find_held_lock+0x2b/0x80
[ 1622.735712][T26505]  ? get_signal+0x7e0/0x21e0
[ 1622.735740][T26505]  do_group_exit+0xd5/0x2a0
[ 1622.735775][T26505]  get_signal+0x1ec7/0x21e0
[ 1622.735811][T26505]  ? __pfx_get_signal+0x10/0x10
[ 1622.735839][T26505]  ? do_futex+0x192/0x350
[ 1622.735875][T26505]  arch_do_signal_or_restart+0x91/0x770
[ 1622.735916][T26505]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1622.735956][T26505]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1622.735995][T26505]  exit_to_user_mode_loop+0x86/0x4a0
[ 1622.736031][T26505]  do_syscall_64+0x668/0xf80
[ 1622.736070][T26505]  ? clear_bhb_loop+0x40/0x90
[ 1622.736100][T26505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1622.736124][T26505] RIP: 0033:0x7f6fbf59c799
[ 1622.736144][T26505] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1622.736167][T26505] RSP: 002b:00007f6fc03ab0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1622.736190][T26505] RAX: fffffffffffffe00 RBX: 00007f6fbf816098 RCX: 00007f6fbf59c799
[ 1622.736206][T26505] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6fbf816098
[ 1622.736221][T26505] RBP: 00007f6fbf816090 R08: 0000000000000000 R09: 0000000000000000
[ 1622.736236][T26505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1622.736250][T26505] R13: 00007f6fbf816128 R14: 00007fff515aba80 R15: 00007fff515abb68
[ 1622.736280][T26505]  </TASK>
[ 1623.435071][T26516] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139
[ 1623.505344][T26516] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 4: bad block bitmap checksum
[ 1623.706098][T26519] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 5: bad block bitmap checksum
[ 1624.442332][T26093] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1624.445680][T26093] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1624.446414][T26093] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1624.447484][T26093] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1624.459750][T26093] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1624.559063][T24518] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 2535 with max blocks 1 with error 117
[ 1624.559189][T24518] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1624.559189][T24518] 
[ 1624.668384][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1624.668640][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1624.668708][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1624.670110][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1624.670183][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1624.670302][T26537] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.4.4408: Error -117 reading block bitmap for 3
[ 1625.123828][T26531] chnl_net:caif_netlink_parms(): no params data found
[ 1626.009807][   T30] audit: type=1800 audit(4294987846.947:45): pid=26556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4411" name="sr0" dev="devtmpfs" ino=3010 res=0 errno=0
[ 1626.273024][T26531] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1626.296519][T26531] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1626.331579][T26531] bridge_slave_0: entered allmulticast mode
[ 1626.356610][T26531] bridge_slave_0: entered promiscuous mode
[ 1626.470095][T26093] Bluetooth: hci0: command tx timeout
[ 1626.492611][T26531] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1626.532443][T26531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1626.564983][T26531] bridge_slave_1: entered allmulticast mode
[ 1626.600683][T26531] bridge_slave_1: entered promiscuous mode
[ 1626.985682][T26531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1627.050271][T26531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1627.210335][T26531] team0: Port device team_slave_0 added
[ 1627.240237][T26531] team0: Port device team_slave_1 added
[ 1627.355314][T26531] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1627.362287][T26531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1627.485038][T26531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1627.524633][T26531] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1627.531614][T26531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1627.630711][T26531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1627.916418][T26531] hsr_slave_0: entered promiscuous mode
[ 1627.938912][T26531] hsr_slave_1: entered promiscuous mode
[ 1627.967079][T26531] debugfs: 'hsr0' already exists in 'hsr'
[ 1627.986673][T26531] Cannot create hsr debugfs directory
[ 1628.539888][T26093] Bluetooth: hci0: command tx timeout
[ 1628.963155][T26531] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1629.000531][T26531] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1629.064323][T26531] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1629.109004][T26531] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1629.354128][T26531] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1629.426318][T26531] 8021q: adding VLAN 0 to HW filter on device team0
[ 1629.468426][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1629.475646][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1629.551584][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1629.558797][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1629.672871][T26531] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1630.245611][T26531] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1630.610252][T26093] Bluetooth: hci0: command tx timeout
[ 1630.963250][T26614] zswap: compressor  not available
[ 1631.143655][T26531] veth0_vlan: entered promiscuous mode
[ 1631.210593][T26531] veth1_vlan: entered promiscuous mode
[ 1631.301063][T26616] zswap: compressor ߯���̚ not available
[ 1631.319927][T26531] veth0_macvtap: entered promiscuous mode
[ 1631.370499][T26531] veth1_macvtap: entered promiscuous mode
[ 1631.440451][T26531] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1631.478458][T26531] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1631.558029][T24526] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.584336][T24526] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.628914][T24526] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.657320][T24526] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1632.070997][T24523] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1632.079304][T26631] bond0: no command found in slaves file - use +ifname or -ifname
[ 1632.107371][T24523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1632.246258][T24523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1632.268730][T24523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1632.680363][T26093] Bluetooth: hci0: command tx timeout
[ 1632.789116][T26647] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4404'.
[ 1636.377028][T26714] can: request_module (can-proto-4) failed.
[ 1638.387505][T26735] zswap: compressor  not available
[ 1638.680635][T26738] zswap: compressor ߯���̚ not available
[ 1639.152276][T26750] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1639.275811][T26752] bond0: option slaves: interface -�� does not exist!
[ 1642.761509][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1642.780152][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1642.793047][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1642.801422][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1642.825358][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1643.832758][T26808] chnl_net:caif_netlink_parms(): no params data found
[ 1644.517568][T26830] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52
[ 1644.637339][T26808] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1644.667791][T26808] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1644.718094][T26808] bridge_slave_0: entered allmulticast mode
[ 1644.779484][T26808] bridge_slave_0: entered promiscuous mode
[ 1644.820920][T26808] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1644.859481][T26808] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1644.870540][ T5830] Bluetooth: hci3: command tx timeout
[ 1644.915500][T26832] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53
[ 1644.946472][T26808] bridge_slave_1: entered allmulticast mode
[ 1644.982532][T26808] bridge_slave_1: entered promiscuous mode
[ 1645.265803][T26808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1645.300918][T26808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1645.597098][T26808] team0: Port device team_slave_0 added
[ 1645.628179][T26808] team0: Port device team_slave_1 added
[ 1645.787068][T26808] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1645.819332][T26808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1645.906715][T26808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1645.954903][T26808] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1645.970514][T26808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1646.074597][T26808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1646.320921][T26845] FAULT_INJECTION: forcing a failure.
[ 1646.320921][T26845] name failslab, interval 1, probability 0, space 0, times 0
[ 1646.361039][T26845] CPU: 0 UID: 0 PID: 26845 Comm: syz.2.4459 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1646.361081][T26845] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1646.361091][T26845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1646.361106][T26845] Call Trace:
[ 1646.361114][T26845]  <TASK>
[ 1646.361123][T26845]  dump_stack_lvl+0x100/0x190
[ 1646.361166][T26845]  should_fail_ex.cold+0x5/0xa
[ 1646.361196][T26845]  should_failslab+0xc2/0x120
[ 1646.361223][T26845]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1646.361257][T26845]  ? vmstat_start+0xe3/0x560
[ 1646.361295][T26845]  vmstat_start+0xe3/0x560
[ 1646.361334][T26845]  seq_read_iter+0x2c1/0x1270
[ 1646.361385][T26845]  proc_reg_read_iter+0x220/0x310
[ 1646.361424][T26845]  ? __pfx_proc_reg_read_iter+0x10/0x10
[ 1646.361462][T26845]  vfs_read+0x825/0xb30
[ 1646.361488][T26845]  ? __pfx_vfs_read+0x10/0x10
[ 1646.361509][T26845]  ? find_held_lock+0x2b/0x80
[ 1646.361552][T26845]  __x64_sys_pread64+0x1eb/0x250
[ 1646.361578][T26845]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 1646.361612][T26845]  do_syscall_64+0x106/0xf80
[ 1646.361661][T26845]  ? clear_bhb_loop+0x40/0x90
[ 1646.361691][T26845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1646.361715][T26845] RIP: 0033:0x7fb08a19c799
[ 1646.361735][T26845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1646.361759][T26845] RSP: 002b:00007fb08b04a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 1646.361782][T26845] RAX: ffffffffffffffda RBX: 00007fb08a415fa0 RCX: 00007fb08a19c799
[ 1646.361799][T26845] RDX: 0000000100003ffd RSI: 00002000000002c0 RDI: 0000000000000003
[ 1646.361817][T26845] RBP: 00007fb08b04a090 R08: 0000000000000000 R09: 0000000000000000
[ 1646.361831][T26845] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[ 1646.361846][T26845] R13: 00007fb08a416038 R14: 00007fb08a415fa0 R15: 00007fff580568a8
[ 1646.361876][T26845]  </TASK>
[ 1646.968813][ T5830] Bluetooth: hci3: command tx timeout
[ 1647.065524][T26808] hsr_slave_0: entered promiscuous mode
[ 1647.129097][T26808] hsr_slave_1: entered promiscuous mode
[ 1647.144317][T26808] debugfs: 'hsr0' already exists in 'hsr'
[ 1647.158521][T26808] Cannot create hsr debugfs directory
[ 1648.056806][T26808] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1648.114487][T26808] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1648.165586][T26808] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1648.245679][T26808] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1648.889243][T26808] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1648.910995][T26884] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input54
[ 1649.001368][ T5830] Bluetooth: hci3: command tx timeout
[ 1649.234865][T26808] 8021q: adding VLAN 0 to HW filter on device team0
[ 1649.328491][T26889] FAULT_INJECTION: forcing a failure.
[ 1649.328491][T26889] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1649.392808][T26596] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1649.400053][T26596] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1649.420466][T26889] CPU: 0 UID: 0 PID: 26889 Comm: syz.1.4469 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1649.420510][T26889] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1649.420520][T26889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1649.420536][T26889] Call Trace:
[ 1649.420545][T26889]  <TASK>
[ 1649.420556][T26889]  dump_stack_lvl+0x100/0x190
[ 1649.420603][T26889]  should_fail_ex.cold+0x5/0xa
[ 1649.420629][T26889]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1649.420662][T26889]  should_fail_alloc_page+0xeb/0x140
[ 1649.420692][T26889]  prepare_alloc_pages+0x1f0/0x5f0
[ 1649.420728][T26889]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1649.420773][T26889]  ? __lock_acquire+0x4a5/0x2630
[ 1649.420819][T26889]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1649.420872][T26889]  ? find_held_lock+0x2b/0x80
[ 1649.420896][T26889]  ? is_bpf_text_address+0x8a/0x1a0
[ 1649.420938][T26889]  ? is_bpf_text_address+0x8a/0x1a0
[ 1649.420979][T26889]  ? bpf_ksym_find+0x124/0x1c0
[ 1649.421018][T26889]  ? __lock_acquire+0x4a5/0x2630
[ 1649.421054][T26889]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1649.421082][T26889]  ? policy_nodemask+0xed/0x4f0
[ 1649.421113][T26889]  alloc_pages_mpol+0x1fb/0x550
[ 1649.421143][T26889]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1649.421180][T26889]  alloc_pages_noprof+0x131/0x390
[ 1649.421210][T26889]  pte_alloc_one+0x1c/0x3d0
[ 1649.421240][T26889]  __do_fault+0x359/0x550
[ 1649.421268][T26889]  do_fault+0xabb/0x1990
[ 1649.421303][T26889]  __handle_mm_fault+0x180f/0x2b60
[ 1649.421344][T26889]  ? mt_find+0x45e/0x8e0
[ 1649.421371][T26889]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1649.421406][T26889]  ? __pfx_mt_find+0x10/0x10
[ 1649.421447][T26889]  ? find_vma+0xbf/0x140
[ 1649.421471][T26889]  ? __pfx_find_vma+0x10/0x10
[ 1649.421500][T26889]  handle_mm_fault+0x36d/0xa20
[ 1649.421542][T26889]  do_user_addr_fault+0x74c/0x12f0
[ 1649.421575][T26889]  exc_page_fault+0x6f/0xd0
[ 1649.421617][T26889]  asm_exc_page_fault+0x26/0x30
[ 1649.421642][T26889] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1649.421675][T26889] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1649.421701][T26889] RSP: 0018:ffffc90003aafde8 EFLAGS: 00050206
[ 1649.421722][T26889] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000001000
[ 1649.421738][T26889] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88807a1b4000
[ 1649.421754][T26889] RBP: 0000000000001000 R08: 0000000000000001 R09: ffffed100f4369ff
[ 1649.421770][T26889] R10: ffff88807a1b4fff R11: 0000000000000000 R12: 0000000000000000
[ 1649.421786][T26889] R13: ffff88807a1b4000 R14: 0000000050009404 R15: 0000000000000000
[ 1649.421817][T26889]  _copy_from_user+0x98/0xd0
[ 1649.421856][T26889]  memdup_user+0x6b/0xe0
[ 1649.421882][T26889]  btrfs_control_ioctl+0x9f/0x390
[ 1649.421909][T26889]  ? __pfx_btrfs_control_ioctl+0x10/0x10
[ 1649.421940][T26889]  ? __pfx_btrfs_control_ioctl+0x10/0x10
[ 1649.421968][T26889]  __x64_sys_ioctl+0x18e/0x210
[ 1649.422009][T26889]  do_syscall_64+0x106/0xf80
[ 1649.422050][T26889]  ? clear_bhb_loop+0x40/0x90
[ 1649.422081][T26889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1649.422107][T26889] RIP: 0033:0x7f6fbf59c799
[ 1649.422129][T26889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1649.422154][T26889] RSP: 002b:00007f6fc03cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1649.422177][T26889] RAX: ffffffffffffffda RBX: 00007f6fbf815fa0 RCX: 00007f6fbf59c799
[ 1649.422194][T26889] RDX: 0000000000000000 RSI: 0000000050009404 RDI: 0000000000000004
[ 1649.422210][T26889] RBP: 00007f6fbf632c99 R08: 0000000000000000 R09: 0000000000000000
[ 1649.422226][T26889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1649.422241][T26889] R13: 00007f6fbf816038 R14: 00007f6fbf815fa0 R15: 00007fff515abb68
[ 1649.422273][T26889]  </TASK>
[ 1650.156407][T26596] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1650.163637][T26596] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1650.493221][T26898] FAULT_INJECTION: forcing a failure.
[ 1650.493221][T26898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1650.527867][T26898] CPU: 0 UID: 0 PID: 26898 Comm: syz.1.4471 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1650.527908][T26898] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1650.527917][T26898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1650.527932][T26898] Call Trace:
[ 1650.527940][T26898]  <TASK>
[ 1650.527950][T26898]  dump_stack_lvl+0x100/0x190
[ 1650.527993][T26898]  should_fail_ex.cold+0x5/0xa
[ 1650.528022][T26898]  _copy_to_user+0x32/0xd0
[ 1650.528054][T26898]  simple_read_from_buffer+0xcb/0x170
[ 1650.528097][T26898]  proc_fail_nth_read+0x1af/0x230
[ 1650.528129][T26898]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1650.528162][T26898]  ? rw_verify_area+0xce/0x6d0
[ 1650.528198][T26898]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1650.528229][T26898]  vfs_read+0x1e4/0xb30
[ 1650.528255][T26898]  ? __pfx_vfs_read+0x10/0x10
[ 1650.528277][T26898]  ? __fget_files+0x215/0x3d0
[ 1650.528313][T26898]  ? __fget_files+0x21f/0x3d0
[ 1650.528345][T26898]  ksys_read+0x12a/0x250
[ 1650.528367][T26898]  ? __pfx_ksys_read+0x10/0x10
[ 1650.528398][T26898]  do_syscall_64+0x106/0xf80
[ 1650.528437][T26898]  ? clear_bhb_loop+0x40/0x90
[ 1650.528467][T26898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1650.528492][T26898] RIP: 0033:0x7f6fbf55cfce
[ 1650.528512][T26898] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1650.528536][T26898] RSP: 002b:00007f6fc03cbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1650.528559][T26898] RAX: ffffffffffffffda RBX: 00007f6fc03cc6c0 RCX: 00007f6fbf55cfce
[ 1650.528576][T26898] RDX: 000000000000000f RSI: 00007f6fc03cc0a0 RDI: 0000000000000004
[ 1650.528591][T26898] RBP: 00007f6fc03cc090 R08: 0000000000000000 R09: 0000000000000000
[ 1650.528606][T26898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1650.528621][T26898] R13: 00007f6fbf816038 R14: 00007f6fbf815fa0 R15: 00007fff515abb68
[ 1650.528652][T26898]  </TASK>
[ 1651.080051][ T5830] Bluetooth: hci3: command tx timeout
[ 1651.126925][T26808] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1651.157189][T26808] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1651.417488][T26887] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4468: iget: checksum invalid
[ 1651.516437][T26887] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1651.610735][T26887] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4468: iget: checksum invalid
[ 1651.684769][T26887] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1651.724771][T26887] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4468: iget: checksum invalid
[ 1651.758880][T26808] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1651.780112][T26887] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1651.814592][T26887] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4468: iget: checksum invalid
[ 1651.854755][T26887] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1651.944135][T26887] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1652.086556][T26887] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1653.182765][T26808] veth0_vlan: entered promiscuous mode
[ 1653.242484][T26808] veth1_vlan: entered promiscuous mode
[ 1653.394866][T26808] veth0_macvtap: entered promiscuous mode
[ 1653.447763][T26808] veth1_macvtap: entered promiscuous mode
[ 1653.561229][T26808] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1653.611840][T26808] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1653.744877][T26604] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1653.777406][T26604] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1653.869756][T26604] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1653.925175][T26604] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1654.148946][T26604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1654.194224][T26604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1654.355744][T24526] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1654.431295][T24526] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1655.413669][T26957] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input55
[ 1660.285701][T27003] netlink: 322 bytes leftover after parsing attributes in process `syz.1.4495'.
[ 1661.159009][T27021] FAULT_INJECTION: forcing a failure.
[ 1661.159009][T27021] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1661.223942][T27021] CPU: 0 UID: 0 PID: 27021 Comm: syz.1.4499 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1661.223982][T27021] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1661.223992][T27021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1661.224006][T27021] Call Trace:
[ 1661.224014][T27021]  <TASK>
[ 1661.224023][T27021]  dump_stack_lvl+0x100/0x190
[ 1661.224067][T27021]  should_fail_ex.cold+0x5/0xa
[ 1661.224097][T27021]  get_futex_key+0x295/0x1620
[ 1661.224134][T27021]  ? __pfx_get_futex_key+0x10/0x10
[ 1661.224161][T27021]  ? lock_acquire+0x1cf/0x380
[ 1661.224205][T27021]  futex_wake+0xea/0x530
[ 1661.224244][T27021]  ? __pfx_futex_wake+0x10/0x10
[ 1661.224281][T27021]  ? exit_mm_release+0x19/0x30
[ 1661.224323][T27021]  do_futex+0x32b/0x350
[ 1661.224356][T27021]  ? __pfx_do_futex+0x10/0x10
[ 1661.224386][T27021]  ? __might_fault+0xc5/0x140
[ 1661.224431][T27021]  mm_release+0x24a/0x2f0
[ 1661.224457][T27021]  do_exit+0x704/0x2b60
[ 1661.224494][T27021]  ? __pfx_do_exit+0x10/0x10
[ 1661.224525][T27021]  ? do_raw_spin_lock+0x128/0x260
[ 1661.224562][T27021]  ? find_held_lock+0x2b/0x80
[ 1661.224585][T27021]  ? get_signal+0x7e0/0x21e0
[ 1661.224614][T27021]  do_group_exit+0xd5/0x2a0
[ 1661.224650][T27021]  get_signal+0x1ec7/0x21e0
[ 1661.224682][T27021]  ? ksys_write+0x190/0x250
[ 1661.224709][T27021]  ? __pfx_get_signal+0x10/0x10
[ 1661.224736][T27021]  ? do_futex+0x192/0x350
[ 1661.224771][T27021]  arch_do_signal_or_restart+0x91/0x770
[ 1661.224810][T27021]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1661.224849][T27021]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1661.224881][T27021]  ? ksys_write+0x1ac/0x250
[ 1661.224910][T27021]  exit_to_user_mode_loop+0x86/0x4a0
[ 1661.224946][T27021]  do_syscall_64+0x668/0xf80
[ 1661.224987][T27021]  ? clear_bhb_loop+0x40/0x90
[ 1661.225018][T27021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1661.225042][T27021] RIP: 0033:0x7f6fbf59c799
[ 1661.225062][T27021] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1661.225085][T27021] RSP: 002b:00007f6fc03cc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1661.225108][T27021] RAX: fffffffffffffe00 RBX: 00007f6fbf815fa8 RCX: 00007f6fbf59c799
[ 1661.225124][T27021] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6fbf815fa8
[ 1661.225139][T27021] RBP: 00007f6fbf815fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1661.225154][T27021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1661.225168][T27021] R13: 00007f6fbf816038 R14: 00007fff515aba80 R15: 00007fff515abb68
[ 1661.225198][T27021]  </TASK>
[ 1662.920769][T27030] netlink: 326 bytes leftover after parsing attributes in process `syz.6.4502'.
[ 1664.737465][T27066] FAULT_INJECTION: forcing a failure.
[ 1664.737465][T27066] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1664.803073][T27066] CPU: 0 UID: 0 PID: 27066 Comm: syz.6.4513 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1664.803113][T27066] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1664.803123][T27066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1664.803138][T27066] Call Trace:
[ 1664.803146][T27066]  <TASK>
[ 1664.803155][T27066]  dump_stack_lvl+0x100/0x190
[ 1664.803197][T27066]  should_fail_ex.cold+0x5/0xa
[ 1664.803226][T27066]  get_futex_key+0x295/0x1620
[ 1664.803260][T27066]  ? __pfx_get_futex_key+0x10/0x10
[ 1664.803287][T27066]  ? lock_acquire+0x1cf/0x380
[ 1664.803329][T27066]  futex_wake+0xea/0x530
[ 1664.803368][T27066]  ? __pfx_futex_wake+0x10/0x10
[ 1664.803406][T27066]  ? exit_mm_release+0x19/0x30
[ 1664.803445][T27066]  do_futex+0x32b/0x350
[ 1664.803478][T27066]  ? __pfx_do_futex+0x10/0x10
[ 1664.803508][T27066]  ? __might_fault+0xc5/0x140
[ 1664.803552][T27066]  mm_release+0x24a/0x2f0
[ 1664.803578][T27066]  do_exit+0x704/0x2b60
[ 1664.803614][T27066]  ? __pfx_do_exit+0x10/0x10
[ 1664.803646][T27066]  ? do_raw_spin_lock+0x128/0x260
[ 1664.803682][T27066]  ? find_held_lock+0x2b/0x80
[ 1664.803705][T27066]  ? get_signal+0x7e0/0x21e0
[ 1664.803734][T27066]  do_group_exit+0xd5/0x2a0
[ 1664.803770][T27066]  get_signal+0x1ec7/0x21e0
[ 1664.803802][T27066]  ? ksys_write+0x190/0x250
[ 1664.803828][T27066]  ? __pfx_get_signal+0x10/0x10
[ 1664.803855][T27066]  ? do_futex+0x192/0x350
[ 1664.803897][T27066]  arch_do_signal_or_restart+0x91/0x770
[ 1664.803930][T27066]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1664.803969][T27066]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1664.804001][T27066]  ? ksys_write+0x1ac/0x250
[ 1664.804029][T27066]  exit_to_user_mode_loop+0x86/0x4a0
[ 1664.804066][T27066]  do_syscall_64+0x668/0xf80
[ 1664.804105][T27066]  ? clear_bhb_loop+0x40/0x90
[ 1664.804135][T27066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1664.804159][T27066] RIP: 0033:0x7f331079c799
[ 1664.804179][T27066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1664.804202][T27066] RSP: 002b:00007f33115d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1664.804225][T27066] RAX: fffffffffffffe00 RBX: 00007f3310a15fa8 RCX: 00007f331079c799
[ 1664.804241][T27066] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3310a15fa8
[ 1664.804256][T27066] RBP: 00007f3310a15fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1664.804270][T27066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1664.804284][T27066] R13: 00007f3310a16038 R14: 00007ffdfde36940 R15: 00007ffdfde36a28
[ 1664.804315][T27066]  </TASK>
[ 1666.758222][T27093] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1667.155525][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1667.161888][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1667.486970][T27073] kexec: Could not allocate control_code_buffer
[ 1670.848889][T27171] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1671.502175][T27181] ERROR: Out of memory at tomoyo_memory_ok.
[ 1671.574487][T27180] ERROR: Out of memory at tomoyo_memory_ok.
[ 1672.303923][T27188] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.16.0), cmd(12)
[ 1673.343496][T27205] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4542'.
[ 1673.634723][ T5830] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260
[ 1673.634759][ T5830] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260
[ 1673.650474][ T5830] Bluetooth: hci0: Dropping invalid advertising data
[ 1673.657648][ T5830] Bluetooth: hci0: unknown advertising packet type: 0xe9
[ 1673.657682][ T5830] Bluetooth: hci0: Dropping invalid advertising data
[ 1673.677184][ T5830] Bluetooth: hci0: Malformed LE Event: 0x02
[ 1674.815872][T27227] ERROR: Out of memory at tomoyo_memory_ok.
[ 1676.844028][T27255] random: crng reseeded on system resumption
[ 1679.354431][ T5830] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260
[ 1679.354475][ T5830] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260
[ 1679.370833][ T5830] Bluetooth: hci1: Dropping invalid advertising data
[ 1679.379641][ T5830] Bluetooth: hci1: unknown advertising packet type: 0xe9
[ 1679.379676][ T5830] Bluetooth: hci1: Dropping invalid advertising data
[ 1679.394875][ T5830] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1679.523300][T27292] netlink: 'syz.2.4557': attribute type 1 has an invalid length.
[ 1679.579569][T27292] nbd: error processing sock list
[ 1680.458005][T27300] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4559'.
[ 1681.087673][T27312] [U] 
[ 1681.212205][T27312] mtrr: base(0xd00000) is not aligned on a size(0x4000000000) boundary
[ 1684.229689][T27358] netlink: 'syz.2.4575': attribute type 4 has an invalid length.
[ 1684.295963][T27357] netlink: 'syz.1.4576': attribute type 29 has an invalid length.
[ 1685.015860][T27373] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4579'.
[ 1685.967521][T27392] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.16.0), cmd(12)
[ 1686.363499][T27395] FAULT_INJECTION: forcing a failure.
[ 1686.363499][T27395] name failslab, interval 1, probability 0, space 0, times 0
[ 1686.565330][T27395] CPU: 0 UID: 0 PID: 27395 Comm: syz.5.4586 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1686.565373][T27395] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1686.565384][T27395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1686.565400][T27395] Call Trace:
[ 1686.565408][T27395]  <TASK>
[ 1686.565418][T27395]  dump_stack_lvl+0x100/0x190
[ 1686.565463][T27395]  should_fail_ex.cold+0x5/0xa
[ 1686.565495][T27395]  should_failslab+0xc2/0x120
[ 1686.565525][T27395]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1686.565561][T27395]  ? create_filter_start.constprop.0+0x81/0x310
[ 1686.565611][T27395]  create_filter_start.constprop.0+0x81/0x310
[ 1686.565658][T27395]  apply_subsystem_event_filter+0x188/0x17d0
[ 1686.565711][T27395]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[ 1686.565761][T27395]  ? _copy_from_user+0x59/0xd0
[ 1686.565796][T27395]  ? __pfx_subsystem_filter_write+0x10/0x10
[ 1686.565844][T27395]  subsystem_filter_write+0x95/0x120
[ 1686.565888][T27395]  vfs_writev+0x5ea/0xe10
[ 1686.565929][T27395]  ? rcu_is_watching+0x12/0xc0
[ 1686.565977][T27395]  ? __pfx_vfs_writev+0x10/0x10
[ 1686.566016][T27395]  ? fdget_pos+0x2aa/0x380
[ 1686.566065][T27395]  ? __fget_files+0x21f/0x3d0
[ 1686.566097][T27395]  ? do_writev+0x13e/0x340
[ 1686.566136][T27395]  do_writev+0x13e/0x340
[ 1686.566177][T27395]  ? __pfx_do_writev+0x10/0x10
[ 1686.566226][T27395]  do_syscall_64+0x106/0xf80
[ 1686.566267][T27395]  ? clear_bhb_loop+0x40/0x90
[ 1686.566298][T27395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.566325][T27395] RIP: 0033:0x7fe509d9c799
[ 1686.566345][T27395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1686.566371][T27395] RSP: 002b:00007fe50abfe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1686.566396][T27395] RAX: ffffffffffffffda RBX: 00007fe50a016090 RCX: 00007fe509d9c799
[ 1686.566413][T27395] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000006
[ 1686.566429][T27395] RBP: 00007fe509e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1686.566445][T27395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1686.566460][T27395] R13: 00007fe50a016128 R14: 00007fe50a016090 R15: 00007ffc3f3d7978
[ 1686.566493][T27395]  </TASK>
[ 1688.366126][T27418] [U] 
[ 1688.437569][T27418] mtrr: base(0xd00000) is not aligned on a size(0x4000000000) boundary
[ 1689.197947][T26093] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1689.212395][T26093] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1689.226193][T26093] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1689.235236][T26093] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1689.243340][T26093] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1691.258545][T26093] Bluetooth: hci5: command tx timeout
[ 1691.436717][T27432] chnl_net:caif_netlink_parms(): no params data found
[ 1691.945735][T27432] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1691.952936][T27432] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1691.986072][T27432] bridge_slave_0: entered allmulticast mode
[ 1692.021595][T27432] bridge_slave_0: entered promiscuous mode
[ 1692.242908][T27432] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1692.272244][T27432] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1692.294741][T27432] bridge_slave_1: entered allmulticast mode
[ 1692.302713][T27432] bridge_slave_1: entered promiscuous mode
[ 1692.410665][T27432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1692.438920][T27432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1692.567834][T27432] team0: Port device team_slave_0 added
[ 1692.595362][T27432] team0: Port device team_slave_1 added
[ 1692.703006][T27432] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1692.710097][T27432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1692.814370][T27432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1693.007778][T27432] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1693.029373][T27432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1693.132947][T27432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1693.330964][T26093] Bluetooth: hci5: command tx timeout
[ 1693.396524][T27432] hsr_slave_0: entered promiscuous mode
[ 1693.433945][T27432] hsr_slave_1: entered promiscuous mode
[ 1693.462478][T27432] debugfs: 'hsr0' already exists in 'hsr'
[ 1693.485779][T27432] Cannot create hsr debugfs directory
[ 1694.335657][T27432] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.656918][T27432] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.787221][T27432] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1694.914343][T27432] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1695.032419][T27432] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1695.251423][T27465] zswap: compressor  not available
[ 1695.397012][T26093] Bluetooth: hci5: command tx timeout
[ 1695.457581][T27472] netlink: 'syz.5.4603': attribute type 1 has an invalid length.
[ 1695.492346][T27472] nbd: error processing sock list
[ 1695.876065][T27432] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1695.936145][T27432] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1696.027739][T27432] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1696.100886][T27432] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1696.189474][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1696.205264][ T5830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1696.214225][ T5830] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1696.221982][ T5830] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1696.236790][ T5830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1696.947490][T27432] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1697.076169][T27432] 8021q: adding VLAN 0 to HW filter on device team0
[ 1697.094059][T27495] futex_wake_op: syz.5.4608 tries to shift op by -2048; fix this program
[ 1697.152247][T27495] futex_wake_op: syz.5.4608 tries to shift op by -2048; fix this program
[ 1697.175464][T24519] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1697.182670][T24519] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1697.206466][T27495] 0x000000000001-0x000000020000 : ""
[ 1697.243029][T24519] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1697.250285][T24519] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1697.265321][T27495] ftl_cs: FTL header corrupt!
[ 1697.468051][ T5830] Bluetooth: hci5: command tx timeout
[ 1697.532395][T27502] ERROR: Out of memory at tomoyo_memory_ok.
[ 1697.544164][T27432] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1697.831610][T27482] chnl_net:caif_netlink_parms(): no params data found
[ 1697.921954][T27508] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4610'.
[ 1698.211674][T27482] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1698.235132][T27482] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1698.253368][T27482] bridge_slave_0: entered allmulticast mode
[ 1698.269317][T27482] bridge_slave_0: entered promiscuous mode
[ 1698.303216][T27482] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1698.319198][T27482] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1698.335400][T27482] bridge_slave_1: entered allmulticast mode
[ 1698.342382][ T5830] Bluetooth: hci4: command tx timeout
[ 1698.366512][T27482] bridge_slave_1: entered promiscuous mode
[ 1698.470274][T27432] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1698.499423][T27482] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1698.536022][T27482] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1698.635897][T27482] team0: Port device team_slave_0 added
[ 1698.657150][T27482] team0: Port device team_slave_1 added
[ 1698.792598][T27523] Unable to find swap-space signature
[ 1698.884373][ T5830] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9
[ 1698.890583][T27482] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1698.950951][T27482] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1699.006773][T27482] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1699.102932][T27482] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1699.139133][T27482] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1699.262497][T27482] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1699.342727][T27432] veth0_vlan: entered promiscuous mode
[ 1699.463585][T27432] veth1_vlan: entered promiscuous mode
[ 1699.609200][T27482] hsr_slave_0: entered promiscuous mode
[ 1699.656797][T27482] hsr_slave_1: entered promiscuous mode
[ 1699.663246][T27482] debugfs: 'hsr0' already exists in 'hsr'
[ 1699.736917][T27482] Cannot create hsr debugfs directory
[ 1699.870872][T27432] veth0_macvtap: entered promiscuous mode
[ 1699.953029][T27432] veth1_macvtap: entered promiscuous mode
[ 1700.287096][T27432] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1700.411442][ T5830] Bluetooth: hci4: command tx timeout
[ 1700.433699][T27432] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1700.587171][T24514] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.622679][T24514] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.778754][T24514] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1700.833395][T24514] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1701.339301][T24528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1701.389892][T24528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1701.701052][T27482] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1701.767844][T27482] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1701.889732][T24528] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1701.900650][T27482] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1701.936112][T24528] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1701.977117][T27482] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1702.480929][ T5830] Bluetooth: hci4: command tx timeout
[ 1703.035114][T27482] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1703.238839][T27482] 8021q: adding VLAN 0 to HW filter on device team0
[ 1703.319763][T24519] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1703.327013][T24519] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1703.408228][T24529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1703.415516][T24529] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1703.727539][T27608] bond0: invalid ARP target specified
[ 1703.777320][T27611] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4629'.
[ 1703.827775][T27611] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1703.877641][T27611] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1703.977900][T27611] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1704.008968][T27611] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1704.139398][T27482] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1704.550510][ T5830] Bluetooth: hci4: command tx timeout
[ 1705.676204][T27482] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1705.831605][T27638] FAULT_INJECTION: forcing a failure.
[ 1705.831605][T27638] name failslab, interval 1, probability 0, space 0, times 0
[ 1705.881536][T27638] CPU: 0 UID: 0 PID: 27638 Comm: syz.2.4635 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1705.881583][T27638] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1705.881592][T27638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1705.881609][T27638] Call Trace:
[ 1705.881618][T27638]  <TASK>
[ 1705.881629][T27638]  dump_stack_lvl+0x100/0x190
[ 1705.881673][T27638]  should_fail_ex.cold+0x5/0xa
[ 1705.881704][T27638]  ? tomoyo_encode2+0xfb/0x3c0
[ 1705.881738][T27638]  should_failslab+0xc2/0x120
[ 1705.881767][T27638]  __kmalloc_noprof+0xe0/0x850
[ 1705.881806][T27638]  ? d_absolute_path+0x136/0x1b0
[ 1705.881847][T27638]  tomoyo_encode2+0xfb/0x3c0
[ 1705.881886][T27638]  tomoyo_encode+0x29/0x50
[ 1705.881920][T27638]  tomoyo_realpath_from_path+0x18c/0x690
[ 1705.881963][T27638]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1705.881996][T27638]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1705.882062][T27638]  ? do_raw_spin_lock+0x128/0x260
[ 1705.882104][T27638]  ? path_get+0x61/0x80
[ 1705.882137][T27638]  tomoyo_file_open+0x6b/0x90
[ 1705.882178][T27638]  security_file_open+0xb5/0x1e0
[ 1705.882212][T27638]  do_dentry_open+0x5aa/0x1660
[ 1705.882241][T27638]  ? security_inode_permission+0xbf/0x250
[ 1705.882276][T27638]  vfs_open+0x82/0x3f0
[ 1705.882312][T27638]  path_openat+0x208c/0x31a0
[ 1705.882350][T27638]  ? __pfx_path_openat+0x10/0x10
[ 1705.882388][T27638]  do_file_open+0x20e/0x430
[ 1705.882418][T27638]  ? __pfx_do_file_open+0x10/0x10
[ 1705.882467][T27638]  ? alloc_fd+0x476/0x790
[ 1705.882496][T27638]  ? do_getname+0x191/0x390
[ 1705.882532][T27638]  do_sys_openat2+0x10d/0x1e0
[ 1705.882567][T27638]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1705.882613][T27638]  __x64_sys_openat+0x12d/0x210
[ 1705.882650][T27638]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1705.882697][T27638]  do_syscall_64+0x106/0xf80
[ 1705.882738][T27638]  ? clear_bhb_loop+0x40/0x90
[ 1705.882769][T27638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1705.882796][T27638] RIP: 0033:0x7f302c99c799
[ 1705.882816][T27638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1705.882842][T27638] RSP: 002b:00007f302d84f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1705.882866][T27638] RAX: ffffffffffffffda RBX: 00007f302cc15fa0 RCX: 00007f302c99c799
[ 1705.882883][T27638] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1705.882900][T27638] RBP: 00007f302ca32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1705.882916][T27638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1705.882931][T27638] R13: 00007f302cc16038 R14: 00007f302cc15fa0 R15: 00007ffddc7cb388
[ 1705.882964][T27638]  </TASK>
[ 1706.764408][T27638] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1707.098803][T27482] veth0_vlan: entered promiscuous mode
[ 1707.217173][T27482] veth1_vlan: entered promiscuous mode
[ 1707.446527][T27482] veth0_macvtap: entered promiscuous mode
[ 1707.724731][T27482] veth1_macvtap: entered promiscuous mode
[ 1707.884910][T27482] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1708.018520][T27482] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1708.094543][T24510] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.138912][T24510] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.203200][T24510] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.243604][T24510] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1708.628841][T27689] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4647'.
[ 1708.649644][T24528] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.682576][T24528] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1708.833376][T24529] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.865106][T24529] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1710.659077][T27727] bond0: invalid ARP target specified
[ 1710.725390][T27727] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4657'.
[ 1710.767187][T27727] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1710.816899][T27727] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1710.958366][T27727] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1710.993447][T27727] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1711.983235][T27759] Unable to find swap-space signature
[ 1712.029902][ T5830] Bluetooth: hci5: unexpected event 0x32 length: 727 > 9
[ 1712.405359][T27770] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1713.546263][T27794] FAULT_INJECTION: forcing a failure.
[ 1713.546263][T27794] name failslab, interval 1, probability 0, space 0, times 0
[ 1713.593613][T27794] CPU: 0 UID: 0 PID: 27794 Comm: syz.7.4673 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1713.593657][T27794] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1713.593668][T27794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1713.593684][T27794] Call Trace:
[ 1713.593693][T27794]  <TASK>
[ 1713.593703][T27794]  dump_stack_lvl+0x100/0x190
[ 1713.593748][T27794]  should_fail_ex.cold+0x5/0xa
[ 1713.593779][T27794]  ? __register_sysctl_table+0xac/0x1650
[ 1713.593806][T27794]  should_failslab+0xc2/0x120
[ 1713.593834][T27794]  __kmalloc_noprof+0xe0/0x850
[ 1713.593882][T27794]  __register_sysctl_table+0xac/0x1650
[ 1713.593907][T27794]  ? is_module_address+0x5f/0xf0
[ 1713.593952][T27794]  ? __pfx___register_sysctl_table+0x10/0x10
[ 1713.593977][T27794]  ? is_module_address+0x69/0xf0
[ 1713.594010][T27794]  ? register_net_sysctl_sz+0x222/0x430
[ 1713.594076][T27794]  ? __asan_memcpy+0x3c/0x60
[ 1713.594118][T27794]  xfrm4_net_init+0xf0/0x1c0
[ 1713.594152][T27794]  ? __pfx_xfrm4_net_init+0x10/0x10
[ 1713.594179][T27794]  ops_init+0x1e2/0x5f0
[ 1713.594247][T27794]  setup_net+0x118/0x3a0
[ 1713.594271][T27794]  ? __pfx_setup_net+0x10/0x10
[ 1713.594292][T27794]  ? lockdep_init_map_type+0x5c/0x250
[ 1713.594329][T27794]  ? mutex_init_lockep+0x110/0x150
[ 1713.594370][T27794]  copy_net_ns+0x46f/0x7c0
[ 1713.594399][T27794]  create_new_namespaces+0x3ea/0xac0
[ 1713.594434][T27794]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1713.594466][T27794]  ksys_unshare+0x473/0xad0
[ 1713.594501][T27794]  ? __pfx_ksys_unshare+0x10/0x10
[ 1713.594546][T27794]  __x64_sys_unshare+0x31/0x40
[ 1713.594579][T27794]  do_syscall_64+0x106/0xf80
[ 1713.594619][T27794]  ? clear_bhb_loop+0x40/0x90
[ 1713.594650][T27794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.594677][T27794] RIP: 0033:0x7f5505d9c799
[ 1713.594698][T27794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1713.594723][T27794] RSP: 002b:00007f5506cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1713.594748][T27794] RAX: ffffffffffffffda RBX: 00007f5506015fa0 RCX: 00007f5505d9c799
[ 1713.594766][T27794] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1713.594782][T27794] RBP: 00007f5505e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1713.594798][T27794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1713.594814][T27794] R13: 00007f5506016038 R14: 00007f5506015fa0 R15: 00007ffcc548b348
[ 1713.594846][T27794]  </TASK>
[ 1718.441511][T27828] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4679'.
[ 1718.606737][T27829] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4679'.
[ 1718.677395][T27828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4679'.
[ 1722.973576][T24510] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 922 with max blocks 6 with error 117
[ 1723.025111][T24510] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1723.025111][T24510] 
[ 1724.387607][T27867] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4689'.
[ 1725.084564][   T30] audit: type=1806 audit(4295006290.530:46):  res=-14
[ 1727.003253][T26093] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1727.017723][T26093] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1727.032559][T26093] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1727.042084][T26093] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1727.050163][T26093] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1727.115939][T27910] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4700'.
[ 1727.265892][T27916] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4700'.
[ 1727.819095][T27926] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4703'.
[ 1727.864386][T27909] chnl_net:caif_netlink_parms(): no params data found
[ 1728.287493][T27909] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1728.296476][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1728.302806][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1728.344940][T27909] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1728.378195][T27909] bridge_slave_0: entered allmulticast mode
[ 1728.421101][T27909] bridge_slave_0: entered promiscuous mode
[ 1728.460786][T27909] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1728.494869][T27909] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1728.534841][T27909] bridge_slave_1: entered allmulticast mode
[ 1728.575169][T27909] bridge_slave_1: entered promiscuous mode
[ 1728.730209][T27909] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1728.786412][T27909] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1729.005183][T27909] team0: Port device team_slave_0 added
[ 1729.056683][T27909] team0: Port device team_slave_1 added
[ 1729.064230][ T5830] Bluetooth: hci6: command tx timeout
[ 1729.237563][T27909] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1729.280714][T27909] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1729.390120][T27909] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1729.433051][T27909] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1729.467781][T27909] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1729.602167][T27909] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1729.621553][ T5830] Bluetooth: hci7: command 0x1003 tx timeout
[ 1729.628392][T26093] Bluetooth: hci7: Opcode 0x1003 failed: -110
[ 1729.863941][T27909] hsr_slave_0: entered promiscuous mode
[ 1729.892466][T27909] hsr_slave_1: entered promiscuous mode
[ 1729.907618][T27958] ima: policy update failed
[ 1729.924394][   T30] audit: type=1802 audit(4295006295.405:47): pid=27958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4708" res=0 errno=0
[ 1729.954965][T27909] debugfs: 'hsr0' already exists in 'hsr'
[ 1729.989291][T27909] Cannot create hsr debugfs directory
[ 1730.231573][T27965] futex_wake_op: syz.1.4710 tries to shift op by -2048; fix this program
[ 1730.261599][T27965] futex_wake_op: syz.1.4710 tries to shift op by -2048; fix this program
[ 1730.291804][T27967] 0x000000000001-0x000000020000 : ""
[ 1730.321479][T27967] ftl_cs: FTL header corrupt!
[ 1730.378698][T27965] misc userio: No port type given on /dev/userio
[ 1730.603313][T27969] ERROR: Out of memory at tomoyo_memory_ok.
[ 1731.131319][T26093] Bluetooth: hci6: command tx timeout
[ 1732.035197][T27909] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1732.075562][T27909] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1732.223580][T27909] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1732.282232][T27909] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1732.498414][T27989] openvswitch: netlink: IP tunnel dst address not specified
[ 1732.539653][T27993] random: crng reseeded on system resumption
[ 1732.597102][T27990] hub 1-0:1.0: USB hub found
[ 1732.675890][T27990] hub 1-0:1.0: 1 port detected
[ 1733.005449][T27909] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1733.104537][T27909] 8021q: adding VLAN 0 to HW filter on device team0
[ 1733.165039][T24514] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1733.172278][T24514] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1733.201459][T26093] Bluetooth: hci6: command tx timeout
[ 1733.242965][T24514] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1733.250191][T24514] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1734.307422][T26093] Bluetooth: hci1: unexpected event for opcode 0x7c89
[ 1734.858217][T27909] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1735.271787][T26093] Bluetooth: hci6: command tx timeout
[ 1736.295037][T27909] veth0_vlan: entered promiscuous mode
[ 1736.350955][T27909] veth1_vlan: entered promiscuous mode
[ 1736.513973][T27909] veth0_macvtap: entered promiscuous mode
[ 1736.566546][T27909] veth1_macvtap: entered promiscuous mode
[ 1736.645326][T28057] openvswitch: netlink: Message has 85 unknown bytes.
[ 1736.664367][T27909] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1736.726132][T27909] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1736.792717][T24507] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1736.826551][T24507] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1736.871938][T24507] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1736.880746][T24507] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1737.321199][T24507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1737.387827][T24507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1737.534856][ T9076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1737.579313][ T9076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1737.693133][T28073] FAULT_INJECTION: forcing a failure.
[ 1737.693133][T28073] name failslab, interval 1, probability 0, space 0, times 0
[ 1737.782224][T28073] CPU: 0 UID: 0 PID: 28073 Comm: syz.7.4731 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1737.782267][T28073] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1737.782278][T28073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1737.782295][T28073] Call Trace:
[ 1737.782304][T28073]  <TASK>
[ 1737.782313][T28073]  dump_stack_lvl+0x100/0x190
[ 1737.782358][T28073]  should_fail_ex.cold+0x5/0xa
[ 1737.782388][T28073]  ? constrain_params_by_rules+0x175/0xcc0
[ 1737.782426][T28073]  should_failslab+0xc2/0x120
[ 1737.782456][T28073]  __kmalloc_noprof+0xe0/0x850
[ 1737.782495][T28073]  ? unwind_get_return_address+0x59/0xa0
[ 1737.782539][T28073]  constrain_params_by_rules+0x175/0xcc0
[ 1737.782582][T28073]  ? stack_trace_save+0x8e/0xc0
[ 1737.782613][T28073]  ? __pfx_constrain_params_by_rules+0x10/0x10
[ 1737.782657][T28073]  ? __kasan_kmalloc+0xaa/0xb0
[ 1737.782696][T28073]  ? snd_pcm_oss_change_params_locked+0x81c/0x39f0
[ 1737.782730][T28073]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1737.782762][T28073]  ? snd_pcm_oss_sync+0x265/0x840
[ 1737.782803][T28073]  ? snd_interval_refine+0x2d0/0x580
[ 1737.782849][T28073]  snd_pcm_hw_refine+0x7e7/0xad0
[ 1737.782890][T28073]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[ 1737.782940][T28073]  ? snd_interval_refine+0x2d0/0x580
[ 1737.782985][T28073]  snd_pcm_oss_change_params_locked+0xdb3/0x39f0
[ 1737.783030][T28073]  ? snd_pcm_oss_sync+0x243/0x840
[ 1737.783062][T28073]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1737.783103][T28073]  ? task_work_add+0x201/0x3b0
[ 1737.783150][T28073]  ? __pfx___mutex_lock+0x10/0x10
[ 1737.783193][T28073]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[ 1737.783229][T28073]  snd_pcm_oss_sync+0x265/0x840
[ 1737.783265][T28073]  snd_pcm_oss_release+0x238/0x300
[ 1737.783298][T28073]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[ 1737.783332][T28073]  __fput+0x3ff/0xb40
[ 1737.783370][T28073]  task_work_run+0x150/0x240
[ 1737.783410][T28073]  ? __pfx_task_work_run+0x10/0x10
[ 1737.783457][T28073]  exit_to_user_mode_loop+0x100/0x4a0
[ 1737.783495][T28073]  do_syscall_64+0x668/0xf80
[ 1737.783535][T28073]  ? clear_bhb_loop+0x40/0x90
[ 1737.783567][T28073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1737.783594][T28073] RIP: 0033:0x7f5505d9c799
[ 1737.783615][T28073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1737.783640][T28073] RSP: 002b:00007f5506ca6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1737.783664][T28073] RAX: 0000000000000000 RBX: 00007f5506016090 RCX: 00007f5505d9c799
[ 1737.783681][T28073] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1737.783697][T28073] RBP: 00007f5505e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1737.783713][T28073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1737.783729][T28073] R13: 00007f5506016128 R14: 00007f5506016090 R15: 00007ffcc548b348
[ 1737.783761][T28073]  </TASK>
[ 1738.628082][T28078] FAULT_INJECTION: forcing a failure.
[ 1738.628082][T28078] name failslab, interval 1, probability 0, space 0, times 0
[ 1738.661065][T28078] CPU: 0 UID: 0 PID: 28078 Comm: syz.2.4733 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1738.661109][T28078] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1738.661120][T28078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1738.661136][T28078] Call Trace:
[ 1738.661145][T28078]  <TASK>
[ 1738.661155][T28078]  dump_stack_lvl+0x100/0x190
[ 1738.661200][T28078]  should_fail_ex.cold+0x5/0xa
[ 1738.661231][T28078]  should_failslab+0xc2/0x120
[ 1738.661260][T28078]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1738.661300][T28078]  ? __pmd_alloc+0xbf/0x950
[ 1738.661337][T28078]  __pmd_alloc+0xbf/0x950
[ 1738.661370][T28078]  move_page_tables+0x3224/0x4500
[ 1738.661411][T28078]  ? __pfx_copy_vma+0x10/0x10
[ 1738.661461][T28078]  ? __pfx_move_page_tables+0x10/0x10
[ 1738.661516][T28078]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1738.661550][T28078]  copy_vma_and_data+0x25c/0x7c0
[ 1738.661592][T28078]  ? __pfx_copy_vma_and_data+0x10/0x10
[ 1738.661644][T28078]  ? __vma_start_write+0x17f/0x280
[ 1738.661678][T28078]  ? __pfx___vma_start_write+0x10/0x10
[ 1738.661721][T28078]  move_vma+0x51b/0x1890
[ 1738.661768][T28078]  ? __pfx_move_vma+0x10/0x10
[ 1738.661810][T28078]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[ 1738.661842][T28078]  ? cap_mmap_addr+0x4b/0x120
[ 1738.661866][T28078]  ? bpf_lsm_mmap_addr+0x9/0x30
[ 1738.661891][T28078]  ? security_mmap_addr+0x71/0x1e0
[ 1738.661924][T28078]  ? __get_unmapped_area+0x255/0x3e0
[ 1738.661957][T28078]  ? vrm_set_new_addr+0x204/0x290
[ 1738.661997][T28078]  mremap_to+0x1b7/0x450
[ 1738.662043][T28078]  do_mremap+0xb76/0x2130
[ 1738.662094][T28078]  ? __pfx_do_mremap+0x10/0x10
[ 1738.662140][T28078]  ? ksys_write+0x190/0x250
[ 1738.662172][T28078]  __do_sys_mremap+0x126/0x170
[ 1738.662212][T28078]  ? __pfx___do_sys_mremap+0x10/0x10
[ 1738.662259][T28078]  ? __x64_sys_futex+0x34f/0x4d0
[ 1738.662312][T28078]  do_syscall_64+0x106/0xf80
[ 1738.662352][T28078]  ? clear_bhb_loop+0x40/0x90
[ 1738.662383][T28078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1738.662410][T28078] RIP: 0033:0x7f302c99c799
[ 1738.662431][T28078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1738.662457][T28078] RSP: 002b:00007f302d84f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[ 1738.662481][T28078] RAX: ffffffffffffffda RBX: 00007f302cc15fa0 RCX: 00007f302c99c799
[ 1738.662498][T28078] RDX: 0000000000000013 RSI: 0000000000000004 RDI: 0000200000000000
[ 1738.662514][T28078] RBP: 00007f302ca32c99 R08: 0000000100000000 R09: 0000000000000000
[ 1738.662531][T28078] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[ 1738.662547][T28078] R13: 00007f302cc16038 R14: 00007f302cc15fa0 R15: 00007ffddc7cb388
[ 1738.662580][T28078]  </TASK>
[ 1739.646319][T28092] .^: entered promiscuous mode
[ 1742.111994][T28132] program syz.1.4752 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1745.014288][T28161] sd 0:0:1:0: PR command failed: 1026
[ 1745.109205][T28161] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1745.117429][T28169] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4758'.
[ 1745.267917][T28161] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1748.025298][T28203] ima: policy update failed
[ 1748.029968][   T30] audit: type=1802 audit(4295006313.599:48): pid=28203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.7.4766" res=0 errno=0
[ 1749.418482][T28224] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4772'.
[ 1750.713941][T26093] Bluetooth: hci0: command 0x0406 tx timeout
[ 1751.128958][T28256] openvswitch: netlink: IP tunnel attribute has 24 unknown bytes.
[ 1752.528283][T28273] bridge0: port 2(gretap0) entered blocking state
[ 1752.549888][T28273] bridge0: port 2(gretap0) entered disabled state
[ 1752.567115][T28273] gretap0: entered allmulticast mode
[ 1752.586917][T28273] gretap0: entered promiscuous mode
[ 1752.599051][T28273] bridge0: port 2(gretap0) entered blocking state
[ 1752.605670][T28273] bridge0: port 2(gretap0) entered forwarding state
[ 1752.971278][T24510] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 922 with max blocks 6 with error 117
[ 1753.056213][T24510] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1753.056213][T24510] 
[ 1754.533687][T28307] vivid-007: =================  START STATUS  =================
[ 1754.574233][T28307] vivid-007: Enable Output Cropping: true
[ 1754.593960][T28307] vivid-007: Enable Output Composing: true
[ 1754.652163][T28307] vivid-007: Enable Output Scaler: true
[ 1754.668976][T28307] vivid-007: Tx RGB Quantization Range: Automatic
[ 1754.695882][T28307] vivid-007: Transmit Mode: HDMI
[ 1754.729327][T28307] vivid-007: Hotplug Present: 0x00000000
[ 1754.769409][T28307] vivid-007: RxSense Present: 0x00000000
[ 1754.794005][T28307] vivid-007: EDID Present: 0x00000000
[ 1754.822888][T28307] vivid-007: ==================  END STATUS  ==================
[ 1755.712268][T28333] ubi31: attaching mtd0
[ 1755.747731][T28333] ubi31: scanning is finished
[ 1755.786752][T28333] ubi31 error: ubi_read_volume_table: the layout volume was not found
[ 1755.841820][T28336] nfs4: Unknown parameter 'EC�H�];^��Y�ى��ZL�`�~^g��'
[ 1756.114391][T28333] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1756.232515][T28342] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4800'.
[ 1756.428277][T28342] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1756.486437][T28342] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1757.877227][   T30] audit: type=1807 audit(4295006323.500:49): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[ 1757.891420][T28363] ima: policy update failed
[ 1757.941853][   T30] audit: type=1802 audit(4295006323.520:50): pid=28363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.4807" res=0 errno=0
[ 1758.058130][   T30] audit: type=1802 audit(4295006323.540:51): pid=28363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4807" res=0 errno=0
[ 1764.165419][T28453] can: request_module (can-proto-0) failed.
[ 1764.680692][T28464] FAULT_INJECTION: forcing a failure.
[ 1764.680692][T28464] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.783681][T28464] CPU: 0 UID: 0 PID: 28464 Comm: syz.7.4831 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1764.783729][T28464] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1764.783741][T28464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1764.783757][T28464] Call Trace:
[ 1764.783766][T28464]  <TASK>
[ 1764.783775][T28464]  dump_stack_lvl+0x100/0x190
[ 1764.783825][T28464]  should_fail_ex.cold+0x5/0xa
[ 1764.783855][T28464]  should_failslab+0xc2/0x120
[ 1764.783884][T28464]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1764.783927][T28464]  ? __d_alloc+0x34/0xa80
[ 1764.783962][T28464]  __d_alloc+0x34/0xa80
[ 1764.783994][T28464]  d_alloc_pseudo+0x1c/0xc0
[ 1764.784033][T28464]  alloc_file_pseudo+0xcf/0x230
[ 1764.784069][T28464]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1764.784104][T28464]  ? alloc_fd+0x476/0x790
[ 1764.784134][T28464]  sock_alloc_file+0x50/0x210
[ 1764.784178][T28464]  __sys_socket+0x1c0/0x260
[ 1764.784210][T28464]  ? __pfx___sys_socket+0x10/0x10
[ 1764.784249][T28464]  __x64_sys_socket+0x72/0xb0
[ 1764.784280][T28464]  ? lockdep_hardirqs_on+0x78/0x100
[ 1764.784321][T28464]  do_syscall_64+0x106/0xf80
[ 1764.784362][T28464]  ? clear_bhb_loop+0x40/0x90
[ 1764.784394][T28464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1764.784428][T28464] RIP: 0033:0x7f5505d9c799
[ 1764.784448][T28464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1764.784474][T28464] RSP: 002b:00007f5506ca6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1764.784499][T28464] RAX: ffffffffffffffda RBX: 00007f5506016090 RCX: 00007f5505d9c799
[ 1764.784517][T28464] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021
[ 1764.784533][T28464] RBP: 00007f5505e32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1764.784549][T28464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1764.784565][T28464] R13: 00007f5506016128 R14: 00007f5506016090 R15: 00007ffcc548b348
[ 1764.784597][T28464]  </TASK>
[ 1765.966020][T28483] random: crng reseeded on system resumption
[ 1765.989858][T26093] Bluetooth: hci3: command 0x0406 tx timeout
[ 1769.242285][T28500] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1774.449567][T28594] vivid-003: =================  START STATUS  =================
[ 1774.465832][T28594] vivid-003: Radio HW Seek Mode: Bounded
[ 1774.486623][T28594] vivid-003: Radio Programmable HW Seek: false
[ 1774.499900][T28594] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1774.514326][T28594] vivid-003: Generate RBDS Instead of RDS: false
[ 1774.529923][T28594] vivid-003: RDS Reception: true
[ 1774.541842][T28594] vivid-003: RDS Program Type: 0 inactive
[ 1774.556689][T28594] vivid-003: RDS PS Name:  inactive
[ 1774.567807][T28594] vivid-003: RDS Radio Text:  inactive
[ 1774.603787][T28594] vivid-003: RDS Traffic Announcement: false inactive
[ 1774.656838][T28594] vivid-003: RDS Traffic Program: false inactive
[ 1774.690874][T28594] vivid-003: RDS Music: false inactive
[ 1774.765403][T28594] vivid-003: ==================  END STATUS  ==================
[ 1776.035560][T28616] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4866'.
[ 1776.247657][T28619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1776.582633][T28625] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4868: iget: checksum invalid
[ 1776.736231][T28625] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[ 1776.931656][T28625] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4868: iget: checksum invalid
[ 1777.107537][T28625] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[ 1777.355188][T28625] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4868: iget: checksum invalid
[ 1777.462638][T28638] sp0: Synchronizing with TNC
[ 1777.520034][T28625] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[ 1777.731890][T28625] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.4868: iget: checksum invalid
[ 1777.932645][T28625] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[ 1778.003259][T28625] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[ 1778.027265][T28642] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1778.034395][T28642] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1778.126890][T28625] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1778.154743][T28642] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1778.206446][T28642] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1778.297271][T28642] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1778.317575][T28642] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1778.437916][T28642] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1778.446076][T28642] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1778.537987][T28642] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1778.585383][T28642] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1778.609649][T28642] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1778.640421][T28650] FAULT_INJECTION: forcing a failure.
[ 1778.640421][T28650] name failslab, interval 1, probability 0, space 0, times 0
[ 1778.679053][T28642] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1778.710414][T28642] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1778.744214][T28650] CPU: 0 UID: 0 PID: 28650 Comm: syz.2.4876 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1778.744258][T28650] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1778.744277][T28650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1778.744293][T28650] Call Trace:
[ 1778.744301][T28650]  <TASK>
[ 1778.744312][T28650]  dump_stack_lvl+0x100/0x190
[ 1778.744357][T28650]  should_fail_ex.cold+0x5/0xa
[ 1778.744388][T28650]  should_failslab+0xc2/0x120
[ 1778.744418][T28650]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1778.744460][T28650]  ? security_inode_alloc+0x3b/0x2c0
[ 1778.744489][T28650]  ? lockdep_init_map_type+0x5c/0x250
[ 1778.744530][T28650]  security_inode_alloc+0x3b/0x2c0
[ 1778.744558][T28650]  inode_init_always_gfp+0xced/0x1040
[ 1778.744591][T28650]  alloc_inode+0x8e/0x250
[ 1778.744626][T28650]  sock_alloc+0x44/0x280
[ 1778.744650][T28650]  ? security_socket_create+0x7f/0x250
[ 1778.744694][T28650]  __sock_create+0xc2/0x860
[ 1778.744729][T28650]  __sys_socket+0x14d/0x260
[ 1778.744761][T28650]  ? __pfx___sys_socket+0x10/0x10
[ 1778.744801][T28650]  __x64_sys_socket+0x72/0xb0
[ 1778.744832][T28650]  ? lockdep_hardirqs_on+0x78/0x100
[ 1778.744874][T28650]  do_syscall_64+0x106/0xf80
[ 1778.744913][T28650]  ? clear_bhb_loop+0x40/0x90
[ 1778.744944][T28650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1778.744971][T28650] RIP: 0033:0x7f302c99c799
[ 1778.744991][T28650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1778.745016][T28650] RSP: 002b:00007f302d84f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1778.745040][T28650] RAX: ffffffffffffffda RBX: 00007f302cc15fa0 RCX: 00007f302c99c799
[ 1778.745058][T28650] RDX: 0000000000000073 RSI: 0000000000000002 RDI: 000000000000000a
[ 1778.745074][T28650] RBP: 00007f302ca32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1778.745089][T28650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1778.745105][T28650] R13: 00007f302cc16038 R14: 00007f302cc15fa0 R15: 00007ffddc7cb388
[ 1778.745137][T28650]  </TASK>
[ 1778.745184][T28650] socket: no more sockets
[ 1778.986624][T28642] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1779.204477][T28642] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1780.085594][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1780.091814][T26093] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1780.161576][ T5830] Bluetooth: hci0: command 0x0406 tx timeout
[ 1780.227363][T28671] netlink: 354 bytes leftover after parsing attributes in process `syz.8.4882'.
[ 1780.317111][ T5830] Bluetooth: hci3: command 0x0406 tx timeout
[ 1780.475097][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1780.635397][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1780.714296][ T5830] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1781.012418][T28664] random: crng reseeded on system resumption
[ 1781.248760][T28688] sp0: Synchronizing with TNC
[ 1781.892584][T28696] FAULT_INJECTION: forcing a failure.
[ 1781.892584][T28696] name failslab, interval 1, probability 0, space 0, times 0
[ 1781.978795][T28696] CPU: 0 UID: 0 PID: 28696 Comm: syz.2.4886 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1781.978836][T28696] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1781.978846][T28696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1781.978861][T28696] Call Trace:
[ 1781.978869][T28696]  <TASK>
[ 1781.978878][T28696]  dump_stack_lvl+0x100/0x190
[ 1781.978925][T28696]  should_fail_ex.cold+0x5/0xa
[ 1781.978953][T28696]  ? tomoyo_encode2+0xfb/0x3c0
[ 1781.978987][T28696]  should_failslab+0xc2/0x120
[ 1781.979015][T28696]  __kmalloc_noprof+0xe0/0x850
[ 1781.979052][T28696]  ? d_absolute_path+0x136/0x1b0
[ 1781.979091][T28696]  tomoyo_encode2+0xfb/0x3c0
[ 1781.979128][T28696]  tomoyo_encode+0x29/0x50
[ 1781.979160][T28696]  tomoyo_realpath_from_path+0x18c/0x690
[ 1781.979201][T28696]  tomoyo_path_number_perm+0x23c/0x580
[ 1781.979228][T28696]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1781.979259][T28696]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1781.979322][T28696]  ? find_held_lock+0x2b/0x80
[ 1781.979345][T28696]  ? __fget_files+0x215/0x3d0
[ 1781.979368][T28696]  ? hook_file_ioctl_common+0x146/0x410
[ 1781.979402][T28696]  ? __fget_files+0x21f/0x3d0
[ 1781.979430][T28696]  security_file_ioctl+0xd3/0x230
[ 1781.979461][T28696]  __x64_sys_ioctl+0xb7/0x210
[ 1781.979501][T28696]  do_syscall_64+0x106/0xf80
[ 1781.979541][T28696]  ? clear_bhb_loop+0x40/0x90
[ 1781.979571][T28696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1781.979597][T28696] RIP: 0033:0x7f302c99c799
[ 1781.979616][T28696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1781.979640][T28696] RSP: 002b:00007f302d84f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1781.979663][T28696] RAX: ffffffffffffffda RBX: 00007f302cc15fa0 RCX: 00007f302c99c799
[ 1781.979679][T28696] RDX: 0000000000000003 RSI: 00000000c0285629 RDI: 0000000000000003
[ 1781.979695][T28696] RBP: 00007f302d84f090 R08: 0000000000000000 R09: 0000000000000000
[ 1781.979711][T28696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1781.979725][T28696] R13: 00007f302cc16038 R14: 00007f302cc15fa0 R15: 00007ffddc7cb388
[ 1781.979756][T28696]  </TASK>
[ 1781.982033][T28696] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1782.329510][ T5830] Bluetooth: hci0: command 0x0406 tx timeout
[ 1782.547118][ T5830] Bluetooth: hci3: command 0x0406 tx timeout
[ 1782.553179][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1782.762760][T26093] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1782.873461][T26093] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1783.004786][T24514] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 919 with max blocks 3 with error 117
[ 1783.078024][T24514] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1783.078024][T24514] 
[ 1784.613157][T26093] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1784.772674][T26093] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1784.913775][T28731] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58
[ 1784.932679][T26093] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1785.619131][T28733] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59
[ 1786.920211][T28760] FAULT_INJECTION: forcing a failure.
[ 1786.920211][T28760] name failslab, interval 1, probability 0, space 0, times 0
[ 1787.028566][T28760] CPU: 0 UID: 0 PID: 28760 Comm: syz.2.4900 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1787.028607][T28760] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1787.028617][T28760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1787.028631][T28760] Call Trace:
[ 1787.028639][T28760]  <TASK>
[ 1787.028649][T28760]  dump_stack_lvl+0x100/0x190
[ 1787.028691][T28760]  should_fail_ex.cold+0x5/0xa
[ 1787.028721][T28760]  should_failslab+0xc2/0x120
[ 1787.028748][T28760]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1787.028782][T28760]  ? tomoyo_init_log+0x1a0/0x20c0
[ 1787.028822][T28760]  tomoyo_init_log+0x1a0/0x20c0
[ 1787.028854][T28760]  ? __pfx_format_decode+0x10/0x10
[ 1787.028887][T28760]  ? number+0x983/0xc90
[ 1787.028915][T28760]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1787.028946][T28760]  ? __pfx_tomoyo_init_log+0x10/0x10
[ 1787.028986][T28760]  tomoyo_write_log2+0x2ed/0xbc0
[ 1787.029023][T28760]  tomoyo_supervisor+0x15e/0x1340
[ 1787.029066][T28760]  ? __pfx_tomoyo_supervisor+0x10/0x10
[ 1787.029107][T28760]  ? tomoyo_realpath_from_path+0x19c/0x690
[ 1787.029149][T28760]  ? tomoyo_realpath_from_path+0x19c/0x690
[ 1787.029182][T28760]  ? kfree+0x1f6/0x6b0
[ 1787.029216][T28760]  ? tomoyo_check_path_number_acl+0x1e6/0x2f0
[ 1787.029253][T28760]  tomoyo_path_number_perm+0x445/0x580
[ 1787.029290][T28760]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1787.029347][T28760]  ? find_held_lock+0x2b/0x80
[ 1787.029371][T28760]  ? __fget_files+0x215/0x3d0
[ 1787.029393][T28760]  ? hook_file_ioctl_common+0x146/0x410
[ 1787.029428][T28760]  ? __fget_files+0x21f/0x3d0
[ 1787.029456][T28760]  security_file_ioctl+0xd3/0x230
[ 1787.029486][T28760]  __x64_sys_ioctl+0xb7/0x210
[ 1787.029524][T28760]  do_syscall_64+0x106/0xf80
[ 1787.029562][T28760]  ? clear_bhb_loop+0x40/0x90
[ 1787.029595][T28760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1787.029620][T28760] RIP: 0033:0x7f302c99c799
[ 1787.029639][T28760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1787.029662][T28760] RSP: 002b:00007f302d84f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1787.029685][T28760] RAX: ffffffffffffffda RBX: 00007f302cc15fa0 RCX: 00007f302c99c799
[ 1787.029701][T28760] RDX: 0000000000000003 RSI: 00000000c0285629 RDI: 0000000000000003
[ 1787.029716][T28760] RBP: 00007f302d84f090 R08: 0000000000000000 R09: 0000000000000000
[ 1787.029731][T28760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1787.029745][T28760] R13: 00007f302cc16038 R14: 00007f302cc15fa0 R15: 00007ffddc7cb388
[ 1787.029776][T28760]  </TASK>
[ 1788.037586][T28766] sd 0:0:1:0: PR command failed: 1026
[ 1788.043052][T28766] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1788.096094][T28766] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1788.106288][T28767] sd 0:0:1:0: PR command failed: 1026
[ 1788.111746][T28767] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1788.143683][   T31] INFO: task syz-executor:22959 blocked for more than 143 seconds.
[ 1788.176204][   T31]       Tainted: G     U       L      syzkaller #0
[ 1788.214273][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1788.261820][   T31] task:syz-executor    state:D stack:23360 pid:22959 tgid:22959 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1788.305660][   T31] Call Trace:
[ 1788.313864][T28767] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1788.323693][   T31]  <TASK>
[ 1788.337948][   T31]  __schedule+0xfee/0x6120
[ 1788.342450][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1788.389674][   T31]  ? __pfx___schedule+0x10/0x10
[ 1788.405416][   T31]  ? find_held_lock+0x2b/0x80
[ 1788.433230][   T31]  ? schedule+0x2bf/0x390
[ 1788.452013][   T31]  schedule+0xdd/0x390
[ 1788.478832][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1788.513623][   T31]  __mutex_lock+0xc9a/0x1b90
[ 1788.532559][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[ 1788.562639][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1788.587656][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1788.613243][   T31]  ? net_generic+0xea/0x2a0
[ 1788.632018][   T31]  ? net_generic+0xea/0x2a0
[ 1788.651562][   T31]  ? nfsd_shutdown_threads+0x5b/0xf0
[ 1788.681503][   T31]  nfsd_shutdown_threads+0x5b/0xf0
[ 1788.716677][   T31]  nfsd_umount+0x3b/0x60
[ 1788.744450][   T31]  deactivate_locked_super+0xc1/0x1b0
[ 1788.810246][   T31]  deactivate_super+0xe7/0x110
[ 1788.853092][   T31]  cleanup_mnt+0x21f/0x450
[ 1788.883020][   T31]  task_work_run+0x150/0x240
[ 1788.923558][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1788.962455][   T31]  exit_to_user_mode_loop+0x100/0x4a0
[ 1788.990156][   T31]  do_syscall_64+0x668/0xf80
[ 1789.016965][   T31]  ? clear_bhb_loop+0x40/0x90
[ 1789.050792][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1789.086730][   T31] RIP: 0033:0x7fd9ad39d9d7
[ 1789.109748][   T31] RSP: 002b:00007ffcca129a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1789.168234][   T31] RAX: 0000000000000000 RBX: 00007fd9ad432050 RCX: 00007fd9ad39d9d7
[ 1789.243756][   T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcca129ac0
[ 1789.297375][   T31] RBP: 00007ffcca129ac0 R08: 00007ffcca12aac0 R09: 00000000ffffffff
[ 1789.400566][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1789.407079][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1789.416500][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcca12ab50
[ 1789.456279][   T31] R13: 00007fd9ad432050 R14: 000000000018d7c0 R15: 00007ffcca12ab90
[ 1789.504133][   T31]  </TASK>
[ 1789.527473][   T31] 
[ 1789.527473][   T31] Showing all locks held in the system:
[ 1789.628338][   T31] 1 lock held by khungtaskd/31:
[ 1789.678678][   T31]  #0: ffffffff8e7e7760 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[ 1789.783410][   T31] 2 locks held by getty/14701:
[ 1789.827386][   T31]  #0: ffff888038e920a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1789.928321][   T31]  #1: ffffc900030102f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[ 1789.994979][   T31] 2 locks held by syz-executor/22959:
[ 1790.016994][   T31]  #0: ffff88805b5a00e0 (&type->s_umount_key#56){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[ 1790.095674][   T31]  #1: ffffffff8ec589a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1790.172561][   T31] 5 locks held by kworker/u8:13/24514:
[ 1790.206280][   T31]  #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[ 1790.286746][   T31]  #1: ffffc9000486fd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[ 1790.358907][   T31]  #2: ffffffff905fd0d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[ 1790.423121][   T31]  #3: ffffffff90615928 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0
[ 1790.484635][   T31]  #4: ffffffff8e7f32b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0
[ 1790.539031][   T31] 2 locks held by syz.0.4358/26321:
[ 1790.578903][   T31]  #0: ffffffff906c1c50 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1790.630550][   T31]  #1: ffffffff8ec589a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[ 1790.694298][   T31] 2 locks held by syz-executor/26531:
[ 1790.722784][   T31]  #0: ffff88805f1c60e0 (&type->s_umount_key#56){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[ 1790.769217][   T31]  #1: ffffffff8ec589a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1790.827805][   T31] 2 locks held by syz-executor/26808:
[ 1790.882499][   T31]  #0: ffff888037dd40e0 (&type->s_umount_key#56){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[ 1790.922606][   T31]  #1: ffffffff8ec589a8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1790.989751][   T31] 2 locks held by syz.7.4889/28703:
[ 1791.015211][   T31] 2 locks held by syz.8.4899/28754:
[ 1791.042980][   T31] 2 locks held by syz.1.4898/28757:
[ 1791.076434][   T31] 
[ 1791.148156][   T31] =============================================
[ 1791.148156][   T31] 
[ 1791.193287][   T31] NMI backtrace for cpu 0
[ 1791.193311][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1791.193347][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1791.193357][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1791.193371][   T31] Call Trace:
[ 1791.193379][   T31]  <TASK>
[ 1791.193389][   T31]  dump_stack_lvl+0x100/0x190
[ 1791.193433][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[ 1791.193474][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1791.193514][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[ 1791.193550][   T31]  sys_info+0x141/0x190
[ 1791.193575][   T31]  watchdog+0xd25/0x1050
[ 1791.193643][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1791.193668][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1791.193699][   T31]  ? kthread+0x13a/0x450
[ 1791.193730][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1791.193752][   T31]  kthread+0x370/0x450
[ 1791.193783][   T31]  ? __pfx_kthread+0x10/0x10
[ 1791.193817][   T31]  ret_from_fork+0x754/0xd80
[ 1791.193856][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1791.193985][   T31]  ? __switch_to+0x7b4/0x1120
[ 1791.194021][   T31]  ? __pfx_kthread+0x10/0x10
[ 1791.194057][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1791.194105][   T31]  </TASK>
[ 1791.930197][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1791.937109][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1791.947812][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1791.953041][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1791.963230][   T31] Call Trace:
[ 1791.966620][   T31]  <TASK>
[ 1791.969566][   T31]  dump_stack_lvl+0x100/0x190
[ 1791.974313][   T31]  vpanic+0x552/0x970
[ 1791.978317][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1791.982841][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 1791.989039][   T31]  panic+0xd1/0xe0
[ 1791.992821][   T31]  ? __pfx_panic+0x10/0x10
[ 1791.997317][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[ 1792.003511][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[ 1792.009705][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[ 1792.015898][   T31]  ? watchdog.cold+0x198/0x1ca
[ 1792.020693][   T31]  ? watchdog+0xd35/0x1050
[ 1792.025133][   T31]  watchdog.cold+0x1a9/0x1ca
[ 1792.029756][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1792.034456][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1792.039505][   T31]  ? kthread+0x13a/0x450
[ 1792.043790][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1792.048481][   T31]  kthread+0x370/0x450
[ 1792.052578][   T31]  ? __pfx_kthread+0x10/0x10
[ 1792.057200][   T31]  ret_from_fork+0x754/0xd80
[ 1792.061837][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1792.067001][   T31]  ? __switch_to+0x7b4/0x1120
[ 1792.071720][   T31]  ? __pfx_kthread+0x10/0x10
[ 1792.076354][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1792.081196][   T31]  </TASK>
[ 1792.084303][   T31] Kernel Offset: disabled
[ 1792.088734][   T31] Rebooting in 86400 seconds..