last executing test programs:

1.309671442s ago: executing program 3 (id=52):
sched_setparam(0x0, &(0x7f0000000000))

1.235049342s ago: executing program 3 (id=57):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb1', 0x800, 0x0)

1.175835062s ago: executing program 3 (id=61):
rt_sigtimedwait(&(0x7f0000000000), 0x0, &(0x7f0000000000), 0x0)

1.175630666s ago: executing program 3 (id=63):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/current', 0x2, 0x0)

1.146889509s ago: executing program 3 (id=67):
personality(0x0)

1.091893424s ago: executing program 3 (id=71):
rt_sigreturn()

527.515788ms ago: executing program 1 (id=109):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/virtual_nci', 0x2, 0x0)

431.802938ms ago: executing program 4 (id=113):
eventfd(0x0)

417.396569ms ago: executing program 4 (id=115):
tgkill(0x0, 0x0, 0x0)

327.889783ms ago: executing program 4 (id=117):
lchown(&(0x7f0000000000), 0x0, 0x0)

312.721944ms ago: executing program 4 (id=121):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/md0', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/md0', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0', 0x800, 0x0)

284.844585ms ago: executing program 0 (id=122):
stat(&(0x7f0000000000), &(0x7f0000000000))

215.912313ms ago: executing program 1 (id=123):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)

215.550466ms ago: executing program 4 (id=124):
socket$nl_audit(0x10, 0x3, 0x9)

215.452252ms ago: executing program 0 (id=125):
syz_init_net_socket$ax25(0x3, 0x2, 0x0)

215.340251ms ago: executing program 2 (id=126):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs', 0x800, 0x0)

214.247041ms ago: executing program 4 (id=127):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio1', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio1', 0x800, 0x0)

176.478355ms ago: executing program 2 (id=128):
rt_sigprocmask(0x0, &(0x7f0000000000), 0x0, 0x0)

156.886497ms ago: executing program 0 (id=129):
request_key(&(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000000), 0x0)

85.922627ms ago: executing program 1 (id=130):
socket(0x1, 0x1, 0x0)

85.410439ms ago: executing program 2 (id=131):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/context', 0x2, 0x0)

85.324157ms ago: executing program 0 (id=132):
socket(0x1e, 0x2, 0x0)

85.272884ms ago: executing program 2 (id=133):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/relabel-self', 0x2, 0x0)

72.232034ms ago: executing program 1 (id=134):
move_pages(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000000), 0x0)

56.377082ms ago: executing program 0 (id=135):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/uverbs0', 0x2, 0x0)

7.753238ms ago: executing program 2 (id=136):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom', 0x800, 0x0)

7.259892ms ago: executing program 1 (id=137):
ustat(0x0, &(0x7f0000000000))

7.127249ms ago: executing program 0 (id=138):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/direct', 0x2, 0x0)

2.990842ms ago: executing program 2 (id=139):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse', 0x2, 0x0)

0s ago: executing program 1 (id=140):
openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem', 0x1, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem', 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem', 0x800, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.60' (ED25519) to the list of known hosts.
[   70.178688][ T5824] cgroup: Unknown subsys name 'net'
[   70.419515][ T5824] cgroup: Unknown subsys name 'cpuset'
[   70.475519][ T5824] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   71.496184][ T1339] ieee802154 phy0 wpan0: encryption failed: -22
[   71.496302][ T1339] ieee802154 phy1 wpan1: encryption failed: -22
[   72.172187][ T5824] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.682096][ T5994] ------------[ cut here ]------------
[   76.682108][ T5994] fud->pq.processing
[   76.682122][ T5994] WARNING: fs/fuse/dev.c:482 at fuse_dev_install_with_pq+0x23b/0x270, CPU#1: syz.2.139/5994
[   76.682161][ T5994] Modules linked in:
[   76.682203][ T5994] CPU: 1 UID: 0 PID: 5994 Comm: syz.2.139 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[   76.682222][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   76.682236][ T5994] RIP: 0010:fuse_dev_install_with_pq+0x23b/0x270
[   76.682261][ T5994] Code: 85 6d fe ff ff e8 55 84 84 fe 4d 85 ed 0f 94 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 36 84 84 fe 90 <0f> 0b 90 41 80 3c 2e 00 0f 85 8a fe ff ff e9 8d fe ff ff 44 89 f1
[   76.682275][ T5994] RSP: 0018:ffffc90004557660 EFLAGS: 00010293
[   76.682290][ T5994] RAX: ffffffff83401a0a RBX: ffff8880360ad000 RCX: ffff88802c8fbd80
[   76.682302][ T5994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.682312][ T5994] RBP: dffffc0000000000 R08: ffff88802ba5820f R09: 1ffff1100574b041
[   76.682325][ T5994] R10: dffffc0000000000 R11: ffffed100574b042 R12: ffff88803f9da000
[   76.682338][ T5994] R13: ffff88802ba58298 R14: 1ffff1100574b053 R15: ffff88802ba58200
[   76.682351][ T5994] FS:  0000555576c48500(0000) GS:ffff888125fbc000(0000) knlGS:0000000000000000
[   76.682366][ T5994] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   76.682378][ T5994] CR2: 00007fde48b2ba40 CR3: 00000000122b8000 CR4: 00000000003526f0
[   76.682393][ T5994] Call Trace:
[   76.682405][ T5994]  <TASK>
[   76.682418][ T5994]  fuse_dev_alloc_install+0x61/0x80
[   76.682443][ T5994]  cuse_channel_open+0x124/0x7b0
[   76.682468][ T5994]  ? __pfx_cuse_channel_open+0x10/0x10
[   76.682485][ T5994]  misc_open+0x2de/0x350
[   76.682514][ T5994]  chrdev_open+0x4d0/0x5f0
[   76.682534][ T5994]  ? __pfx_chrdev_open+0x10/0x10
[   76.682553][ T5994]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[   76.682583][ T5994]  ? __pfx_chrdev_open+0x10/0x10
[   76.682600][ T5994]  do_dentry_open+0x83d/0x13e0
[   76.682633][ T5994]  vfs_open+0x3b/0x350
[   76.682650][ T5994]  ? path_openat+0x2e2b/0x38a0
[   76.682676][ T5994]  path_openat+0x2e43/0x38a0
[   76.682727][ T5994]  ? __pfx_path_openat+0x10/0x10
[   76.682752][ T5994]  ? kasan_save_track+0x4f/0x80
[   76.682772][ T5994]  ? kasan_save_track+0x3e/0x80
[   76.682791][ T5994]  ? __kasan_slab_alloc+0x6c/0x80
[   76.682813][ T5994]  ? kmem_cache_alloc_noprof+0x33b/0x680
[   76.682844][ T5994]  ? do_raw_spin_lock+0x12b/0x2f0
[   76.682874][ T5994]  do_file_open+0x23e/0x4a0
[   76.682897][ T5994]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   76.682927][ T5994]  ? __pfx_do_file_open+0x10/0x10
[   76.682949][ T5994]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[   76.683002][ T5994]  ? alloc_fd+0x64e/0x6c0
[   76.683033][ T5994]  do_sys_openat2+0x113/0x200
[   76.683057][ T5994]  ? __pfx_do_sys_openat2+0x10/0x10
[   76.683079][ T5994]  ? exc_page_fault+0x6a/0xc0
[   76.683109][ T5994]  ? do_user_addr_fault+0xc6f/0x1340
[   76.683131][ T5994]  __x64_sys_openat+0x138/0x170
[   76.683155][ T5994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.683175][ T5994]  do_syscall_64+0x15f/0xf80
[   76.683191][ T5994]  ? trace_irq_disable+0x3b/0x140
[   76.683211][ T5994]  ? clear_bhb_loop+0x40/0x90
[   76.683234][ T5994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.683252][ T5994] RIP: 0033:0x7fde48b9c819
[   76.683274][ T5994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.683287][ T5994] RSP: 002b:00007ffdd60e89f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   76.683306][ T5994] RAX: ffffffffffffffda RBX: 00007fde48e15fa0 RCX: 00007fde48b9c819
[   76.683319][ T5994] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[   76.683332][ T5994] RBP: 00007fde48c32c91 R08: 0000000000000000 R09: 0000000000000000
[   76.683343][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.683354][ T5994] R13: 00007fde48e15fac R14: 00007fde48e15fa0 R15: 00007fde48e15fa0
[   76.683384][ T5994]  </TASK>
[   76.683397][ T5994] Kernel panic - not syncing: kernel: panic_on_warn set ...
[   76.683410][ T5994] CPU: 1 UID: 0 PID: 5994 Comm: syz.2.139 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[   76.683430][ T5994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[   76.683439][ T5994] Call Trace:
[   76.683446][ T5994]  <TASK>
[   76.683454][ T5994]  vpanic+0x56c/0xa60
[   76.683475][ T5994]  ? __pfx__printk+0x10/0x10
[   76.683502][ T5994]  ? __pfx_vpanic+0x10/0x10
[   76.683520][ T5994]  ? is_bpf_text_address+0x292/0x2b0
[   76.683542][ T5994]  ? is_bpf_text_address+0x26/0x2b0
[   76.683573][ T5994]  panic+0xc5/0xd0
[   76.683593][ T5994]  ? __pfx_panic+0x10/0x10
[   76.683630][ T5994]  __warn+0x315/0x4c0
[   76.683648][ T5994]  ? fuse_dev_install_with_pq+0x23b/0x270
[   76.683674][ T5994]  ? fuse_dev_install_with_pq+0x23b/0x270
[   76.683699][ T5994]  __report_bug+0x29a/0x540
[   76.683731][ T5994]  ? fuse_dev_install_with_pq+0x23b/0x270
[   76.683756][ T5994]  ? __pfx___report_bug+0x10/0x10
[   76.683784][ T5994]  ? __pfx_rtlock_slowlock_locked+0x10/0x10
[   76.683810][ T5994]  ? rt_spin_lock+0x1e0/0x400
[   76.683833][ T5994]  ? rt_spin_lock+0x1e0/0x400
[   76.683858][ T5994]  ? fuse_dev_install_with_pq+0x23b/0x270
[   76.683881][ T5994]  report_bug+0x16a/0x220
[   76.683907][ T5994]  ? fuse_dev_install_with_pq+0x23b/0x270
[   76.683929][ T5994]  ? fuse_dev_install_with_pq+0x23d/0x270
[   76.683952][ T5994]  handle_bug+0x9c/0x200
[   76.683979][ T5994]  exc_invalid_op+0x1a/0x50
[   76.683999][ T5994]  asm_exc_invalid_op+0x1a/0x20
[   76.684016][ T5994] RIP: 0010:fuse_dev_install_with_pq+0x23b/0x270
[   76.684039][ T5994] Code: 85 6d fe ff ff e8 55 84 84 fe 4d 85 ed 0f 94 c0 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 36 84 84 fe 90 <0f> 0b 90 41 80 3c 2e 00 0f 85 8a fe ff ff e9 8d fe ff ff 44 89 f1
[   76.684053][ T5994] RSP: 0018:ffffc90004557660 EFLAGS: 00010293
[   76.684068][ T5994] RAX: ffffffff83401a0a RBX: ffff8880360ad000 RCX: ffff88802c8fbd80
[   76.684082][ T5994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   76.684092][ T5994] RBP: dffffc0000000000 R08: ffff88802ba5820f R09: 1ffff1100574b041
[   76.684106][ T5994] R10: dffffc0000000000 R11: ffffed100574b042 R12: ffff88803f9da000
[   76.684119][ T5994] R13: ffff88802ba58298 R14: 1ffff1100574b053 R15: ffff88802ba58200
[   76.684140][ T5994]  ? fuse_dev_install_with_pq+0x23a/0x270
[   76.684175][ T5994]  fuse_dev_alloc_install+0x61/0x80
[   76.684199][ T5994]  cuse_channel_open+0x124/0x7b0
[   76.684221][ T5994]  ? __pfx_cuse_channel_open+0x10/0x10
[   76.684239][ T5994]  misc_open+0x2de/0x350
[   76.684268][ T5994]  chrdev_open+0x4d0/0x5f0
[   76.684288][ T5994]  ? __pfx_chrdev_open+0x10/0x10
[   76.684307][ T5994]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[   76.684337][ T5994]  ? __pfx_chrdev_open+0x10/0x10
[   76.684354][ T5994]  do_dentry_open+0x83d/0x13e0
[   76.684384][ T5994]  vfs_open+0x3b/0x350
[   76.684401][ T5994]  ? path_openat+0x2e2b/0x38a0
[   76.684427][ T5994]  path_openat+0x2e43/0x38a0
[   76.684482][ T5994]  ? __pfx_path_openat+0x10/0x10
[   76.684508][ T5994]  ? kasan_save_track+0x4f/0x80
[   76.684525][ T5994]  ? kasan_save_track+0x3e/0x80
[   76.684544][ T5994]  ? __kasan_slab_alloc+0x6c/0x80
[   76.684565][ T5994]  ? kmem_cache_alloc_noprof+0x33b/0x680
[   76.684595][ T5994]  ? do_raw_spin_lock+0x12b/0x2f0
[   76.684619][ T5994]  do_file_open+0x23e/0x4a0
[   76.684640][ T5994]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[   76.684666][ T5994]  ? __pfx_do_file_open+0x10/0x10
[   76.684686][ T5994]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[   76.684730][ T5994]  ? alloc_fd+0x64e/0x6c0
[   76.684760][ T5994]  do_sys_openat2+0x113/0x200
[   76.684783][ T5994]  ? __pfx_do_sys_openat2+0x10/0x10
[   76.684804][ T5994]  ? exc_page_fault+0x6a/0xc0
[   76.684833][ T5994]  ? do_user_addr_fault+0xc6f/0x1340
[   76.684856][ T5994]  __x64_sys_openat+0x138/0x170
[   76.684880][ T5994]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.684899][ T5994]  do_syscall_64+0x15f/0xf80
[   76.684915][ T5994]  ? trace_irq_disable+0x3b/0x140
[   76.684935][ T5994]  ? clear_bhb_loop+0x40/0x90
[   76.684965][ T5994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.684983][ T5994] RIP: 0033:0x7fde48b9c819
[   76.684997][ T5994] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   76.685009][ T5994] RSP: 002b:00007ffdd60e89f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   76.685026][ T5994] RAX: ffffffffffffffda RBX: 00007fde48e15fa0 RCX: 00007fde48b9c819
[   76.685038][ T5994] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[   76.685049][ T5994] RBP: 00007fde48c32c91 R08: 0000000000000000 R09: 0000000000000000
[   76.685060][ T5994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   76.685070][ T5994] R13: 00007fde48e15fac R14: 00007fde48e15fa0 R15: 00007fde48e15fa0
[   76.685101][ T5994]  </TASK>
[   76.685541][ T5994] Kernel Offset: disabled