last executing test programs:

7.168041574s ago: executing program 0 (id=2068):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/cgroup\x00', 0x0, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/vbi26/dev\x00', 0x5bb600, 0x0)
mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x23, 0x80805, 0x0)
getsockopt$auto(r2, 0x40000000113, 0x9, 0xfffffffffffffffc, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
syz_open_procfs$namespace(0x0, &(0x7f00000000c0))
mmap$auto(0x3, 0x2, 0x4000000000df, 0x10, 0x401, 0x6)
socket(0x29, 0x2, 0x2)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80802, 0x0)
mmap$auto(0x2, 0x20009, 0x4000000000df, 0xfffffffffffffff9, r0, 0x8000)
socket(0xa, 0x3, 0x3b)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x1, 0x9, 0x3, 0x1a, 0x940, 0x1ffe0, 0x7f, 0x6, 0x2, 0x7f, 0x5, 0xfff, 0x6, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x20, 0x0, 0x0, 0x202, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, [0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x478, 0x0, 0x5, 0xff, 0x0, 0x1, 0x3, 0x1, 0xfffffffffffffe01, 0x1, 0x0, 0x7ffd, 0x0, 0x9, 0xffffffffffffffff, 0x0, 0xb, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xff]}, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
close_range$auto(0x2, 0x8, 0x0)

6.854789031s ago: executing program 3 (id=2070):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xffffffffffffffff, 0xfffe0000)
socket(0xa, 0x801, 0x84)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0x2b, 0x1, 0x1)
getsockopt$auto(r0, 0x0, 0x80, 0x0, 0x0)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/smaps_rollup\x00', 0x0, 0x0)
lseek$auto(r1, 0x7fd, 0x1)
process_mrelease$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x0)
getsockopt$auto_SO_BUSY_POLL(r0, 0x29, 0x3a, 0x0, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
syz_clone3(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
r2 = socketcall$auto(0x3, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x1c1643, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto(0x3, 0x4020ae76, r2)
r4 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r4, &(0x7f00000006c0)={{&(0x7f0000000000), 0x2, &(0x7f00000000c0)={&(0x7f0000000280)="4c030000b3794f81270dd23dfb588d5b94050f6b35214e000400894b6997aebc42cd93dc0a3966287faff80dbfab36a43a7e9df012b22c6d44dafb1b4be55a92c3dfb921c91c00883f747e22e814f3592ee3b9307b4c8cfd696ae11c770a67422f34e529f2365892c7afa0740d42a547806fdc0dcfb8b40080f97379f4cb4041b74f7293ee71be91f97a8ffac388aef3e16ef544791f3dc7ecc7ccc2a9a6b1ddfcf161c2d0ee64fb8295d1e1bedc29fbf3dc275ffa78f659953eafb4b4dfde014d37423509f660f226e9358ddb6c88195006ee715debba493d19ea852b06e92a60830871768e78d71d2c26bec66676eaaa834c7b26496cbdc35f402211054ee24d8436c6a0e9a42b8c0e4527b054f1e3403de09879c23bada2ee9b1d8103d5c92391f9490bb0ec50ed76bd1b96d3423b5f0209d2fa23830e70976119b245ec7e53e5caea9cd339872cb79f1c5f9db815f023d9911d85f6151fc1739a", 0x49}, 0x4, &(0x7f0000000100), 0x5, 0x1}, 0x5}, 0x3, 0x100)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000)
madvise$auto(0x0, 0x200007, 0x19)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@buf=0x0, 0x8ab0, 0x6c0000c000, 0xc000}, 0x4)
kill$auto(0x0, 0x11)

6.649091372s ago: executing program 0 (id=2071):
acct$auto(0x0)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, 0x0, 0x4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x20100, 0x0)
r2 = dup$auto(0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = socket(0xa, 0x6, 0xffffffff)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x13, &(0x7f00000000c0)={0x0, 0xc98}, 0x7, 0x0, 0x2, 0x2}, 0xfff}, 0x739618ce, 0x311)
close_range$auto(r3, r2, 0x8)
unshare$auto(0x40000080)
fstatfs$auto(r0, 0x0)
open(0x0, 0x22240, 0x154)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0)
futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005)
ioctl$auto_SNDRV_TIMER_IOCTL_CONTINUE_OLD(r4, 0x5422, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, 0x0)
open(0x0, 0x161342, 0x1b9)
openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x341040, 0x0)
acct$auto(0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card0\x00', 0x20100, 0x0)

6.542247815s ago: executing program 1 (id=2072):
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x102, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

6.176875707s ago: executing program 1 (id=2073):
sendmsg$auto_HWSIM_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x10c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0xf8, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x2c, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xdd2}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x7ff}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x7d}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0x5}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x81}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x5}, @NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x80, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5, 0x8, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xffffffc1}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xd}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0xe}]}]}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae8a, &(0x7f00000000c0)={0xfc})

5.756552843s ago: executing program 1 (id=2074):
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
io_uring_setup$auto(0x2, &(0x7f0000000180)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0x7, 0x29f, 0x100, 0x2, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x81, 0xc189, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
getpid()
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
mprotect$auto(0x0, 0x806121, 0x6)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
r0 = socket(0xa, 0x5, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/erofs/features/fragments\x00', 0x115801, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000002980)=""/4075, 0xfeb)
setsockopt$auto(r0, 0x10000000084, 0x80, 0x0, 0xa)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01032cb57000fbdbdf250a00000f0600010018"], 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000040), r2)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f0000000a80)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000600)={0x35c, 0x0, 0x401, 0x70bd27, 0x25dfdbfd, {}, [@NBD_ATTR_DEVICE_LIST={0x4}, @NBD_ATTR_DEVICE_LIST={0x324, 0x9, 0x0, 0x1, [@typed={0x8, 0xb9, 0x0, 0x0, @uid}, @typed={0xc, 0x152, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x2a, 0x0, 0x0, @u32=0x9}, @nested={0x304, 0x37, 0x0, 0x1, [@generic="0a454ec4c94126a5dd4e0ce72f59334b5e55d5b485d48e7fb4444bd4dd17d7fea564bf08da700bdc678a10a3a102b7baddd9be96648654da050aacb6acee1885506afe931462480cce5be8ae6e14a1f110c3dc769aeb817ba7e8ef879afd620c7d0788b19ea4db287610bd4e0bd82afcfb14317820f4aabd158f45f4302e700c26e3c0714a917fd2bc69f971510d94a259cd72162a624575da2dd7c5f367462526d7c8b188ac84681fa27e45135ba8b6dc753de8bf57acc1b93bc828f4", @typed={0xea, 0x36, 0x0, 0x0, @binary="3e3476b91e67720e796b48fdd9dcab4f556336c51fb2b364b2ff2be47dfcb7ddf10575dedf01c5bfb79937193dc87417567eafa1f031818eda222721e7cc98e87f63186f02b9617fa71c78b2a6b23a0e6b22b5f6539ba764a842e3375719534a761d629248d8549672dc2adac4013caab713a063abcc26e3da02d11ea233534a9f62e14f527166558882ce9feb33ac193bb1b63862cd5ef0bd55d7afcfc1d2ff77d0c6cb78be2cc89d8e18117b81b5d4f82e6f7e7b66121f7be3e4094871169f3f255585a6a1d97b58c956725565e9c71b8b1ecb9feb1e34944ec972e0b5b9f0334bc3591270"}, @typed={0x14, 0xc, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}}, @typed={0x14, 0xe3, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @generic="33302aa756f6371d7bc8fe3770225b06f58d037b8c9f2741a2433f6c09a78927c2e5a8300358471c2610e768482acc75f191c3b42cb6d64e451e2b532d012aa60dd0607b695d32f311a5", @generic="ce331c0f337cabcb11f798dad4baaaa020efa1c6cfe88fab41c53388cc0df6f25f2db3c5316d1ea24ab995e00f0c5cb6b51952c4f544c981b8016a0aea83c12233a5422a662e83051dd455e89ec91e22ebd177ff23eee30bc5789a3026395940d0b5e06a38e44d7bc356ec146d0af60cd70e6c2b9e7e24c1d2768a9fbfbdb0aefbaa2f3a4bed879da978ce4925669077d5d284ac01536d8e1fa8b238c0040bd9f49681df5ca8a0c4d306b9daaafeaab0b81b361ca34bcb3ced6cf8461f3b83a3b7159dad78a504d42ebc2a85c2ed250e38d4e4b27af5231e0be53b9d4afa1be146", @nested={0x4, 0x2}]}]}, @NBD_ATTR_BACKEND_IDENTIFIER={0x11, 0xa, '802.15.4 MAC\x00'}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x5}]}, 0x35c}, 0x1, 0x0, 0x0, 0x20040801}, 0x10)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0)
socket(0x15, 0x5, 0x0)

5.407675316s ago: executing program 2 (id=2076):
sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0x101, 0x0, 0x1c)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
prctl$auto(0x1000000003b, 0x800, 0x4, 0x9, 0x3)
mremap$auto(0x200000000000, 0x40000000004, 0xdc98, 0x3, 0x100000000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000180)='\x05\x00\x00\x00', 0x80000005)
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x7ffff000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=r2}, 0xa3)
bpf$auto(0xfffffffd, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec4\x00', 0x800, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0)
mmap$auto(0x0, 0x10000, 0xde, 0x11, r3, 0x28000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x808)
getrlimit$auto(0x3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)

5.169334229s ago: executing program 3 (id=2077):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clock_gettime$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x80001ff, 0x804, 0x13, 0x4)
keyctl$auto(0x1, 0x7, 0x100, 0x8, 0x4) (fail_nth: 1)
keyctl$auto(0x1, 0x7, 0x100, 0x8, 0x4)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
sched_rr_get_interval$auto(0x0, &(0x7f0000000240)={0x8000, 0x5})
close_range$auto(r0, r0, 0x3)
writev$auto(r0, &(0x7f0000000340)={&(0x7f0000000280)="5829d1c3b037ece3b6960588ffa112dc0e0ea0db480cb76f56e97a07d555ba04160c0330167bec0f5d48dcfc14de1631167520e82746c105a2af8ef6e349f5071941a9bf26e2a2f19501390a7583c3240d5ddad826b00bd309464ff7ab2f1d9810281cbbc9f2080ba79673afc0bc4bbfedb7a95db2e3a25e849ed14e4985985b78667a893391fe17ac596dddde3cc4bc72140a369713b140edc8eb0aeb9431a0053d8e0d674b2a5a82aa5a101a27235c", 0x8}, 0xd50)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
clone$auto(0x7fffffff, 0xfffffffffffffffa, &(0x7f0000000040)=0x7, &(0x7f0000000080)=0x3ff, 0xb00)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
sendmsg$auto_NCSI_CMD_SET_CHANNEL_MASK(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000f40)={0xe78, r2, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0xffffff7f}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x1}, @NCSI_ATTR_DATA={0x76c, 0x5, "b43762515b9eefc26fc8f43dfea134866a9f7b20c592b6389906052b92448f7c51594c3ba48a4ac8313419c3a33a94fff783e0fa151cfe0ac28a5d9b8179eefe50cba21c434042033ebe1ffaac66a44f0393cd91707228595f347c41a5af686c489cc9071a42b58449f733f6468b00e7b87c7a6997ec78d525175f15e9b93a3c7c8c4ee06ed3941819ba76122c1f86a8e7af18747d1f262a0ff0e22130c5a19c62e4c71658a17ef9477c2da002b322208a0de28380e31a5e3fb9eda7ab13f94f9ce9e400618e93517a2f669d5084ea90798ac0ec597d54cf0d5a1fbafdc5076228768e8370953f0164bb65185961fcb9ac45d1acc9149f6aa93f99f7a9ed92729e28281ffa2e393f7f3cea1bdaebb96da40c75a55564657f4c28265950822a4241191925dcdb4c3eee338159ceb9cbc38bb98c3ac95ef5b2c47cc509ee677b694a8aabf5ad683f6d0cecdbfe5ab784daa9745adeec725e4a6c49d99d094e5f862888a31084936e87d04f92d0d582f6dc1d68e63deda436911c3764f4ab99b811cc973549f9d3bc6eb04cfad6a64c2b622adc64b15677192dc4fd2bd9fad09af1c0edd52f3e3e82dec90a9cfd998299e8df04e1c06c3f6ea579c4a3f9e073061a97f91ef8cfc751c369160f24eda7445595d7f919d6af5c1aba3b66ca6f01245c2f5ec8f9d370cf9f7c10c06374ba62468adef8601cd1451799ec4f80a108517b3740db098dde5267de9ecc69b6b093cb1f5139e13fd067b0c5918a312d35c5942995d6b25048c3d2795189cd9a68e50cae92a0f2569befbb573fbc740789b9e64f2174dd66a7e72e92709aa1364534bdf109375d5ed588134ebf2417f2bd8738110cc6b57cdc34cd126086d73f3dd4c926a3a969a23bcc088ed57a241464ff47366aa38ac8376d67c536fb082f3f99b094ac924b66f8de7ef80de77b4f944b7c2eccf8a8f2997b57ebe3f7d8409f1f9d858e7e45a16797e113464c41ad01eee285a80cfb0321c3b79dacbae984e15bbe961262b6e5489d77dbc92bf9de28e4c0e1e4b767ec6bc776d5314e93e9f5a90c0b48d34519fa9bdf905f32f0291657c42b52f451019aca8c93c78c5233c428db891ac45ceda83c9220cb46777caf002fb404519b70d321e1df2c2fdab518c63f1fea812f2fa518d02d980b8793a2ca0d823d161188959c5476bc5716d50442652b20cd3df20512916e2b68438ec9b7d2e61929318c9714084f38dbff02ac2b2c4487b21b19e25b81f639bad75a698016e33fc88544ef79ba3b102e49dee0278a01c2a46de9bdea32e48b3fea6faaa9e33a3fa13fb3a565ea6bd30c4233d46ef4f188aae51b51e4e7a1c58100269f264826289f03d90fef6731a51621c4a3de0c4a6be6f9a03ab2e0ef02a166823df22756cb5c5c8aa1b64dc3d5a0d2460a8a0e9d46950dde06988c73000b486383e76af9e17711839cd965e92c5dcb72c3ff36c90c1360907040445036c16dc539dec0d4a71394243e6ba6a930f0341fc1059506ad1d274acceddc1c46f69edbda74f69de7e355a0fe4494e1eefc8041f5e955eb7b9d32e3cdad3640c63cf91f267f7aa6072a5b1b456cf0303a951ef42295d6231ffb6802f348da99d9690935c84054c11b390264ddb5d4d38006543f3f762fa884321f2033abd0faf88436d297c677ab75a00a14d1eb7ca27f2c752fa3679bed719d00143cb8b3aa8feafe00bb0d7f01b73e27c14f1ff647279cc03efa694cebd092413ea5177d3dacca2b85c4eb1476eef6ae310da27816eb0ad1a61bee87d3e816c2556820ae5bab51ef679186b9da96ef88a75a5e83706ad84be883216df9782718791b7eecab366e0acc61a584dfd50816825328ddf10b1f464e21f875d3375ef8dcc1b64770d52ace5c0382e679bd150a931142c20e6ad9df9485e6803f712dfd4f3cded4f413de259799b914a7e0cc9ecdad5940fecd186fbe480208946a63170358d88dbb76b212cef45149db75ba6b3b23d52806c8b31e21fc07603e434a69a77cade26cdf079af70a4df96cbf95bbb5bd87228d520e5a3a15fcf29778b29310266259a80ac2bb3fe6764eb517a32998294408ec858fedaa2be75106b3d258091cd1163001fef729be114c8cb455d631b860528e6cf6a80bad4eecd71a5bdf6b1b3f870355d57a7b50ff28c77528ca68bb528b8167ee84c4d5867842857b0ad98b41ff48f16affea0ecb4896987c00286883b092c25733aeab6df0f0c6cfa851343418df9372a28340484e403093e899920e791c10a770d8e7121f2d0fcbf4102b9db5c319b33d637cefe061b682b19a28a1c80151de51e996d08321ba415c0f0ef2aa76bf3adea99d08d6b0a8fe87566fff81beacaad1d3d38a58f7f99d04382900f26efd678ff895f2a5472298eb68ec118fd0695f498fe16039740af1788862f3c8e8c94b2d81ba8fa2f9c2d4ced87d1792943d29b6ddd4bd9a6db07fa51de004dee2558ec4b5eb80a96d40b53635bff1a59636563e379feeb9d0bfd47609dc895a4a12a2c83fd224f961772570b05798e2062fcb041ee3ebed9a64753d06216efc1b6c65ef40d155872f80ad3c5af8828926e5b1a8fa535ab71828d9bba53fe6c05d5cedddf799bfe3dee67400b5f4ac4b03ea6418be71c71c3657f2e951ba4069256eff0e025fa0ecb51c98734e6eaf0d"}, @NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x6}, @NCSI_ATTR_DATA={0x6d7, 0x5, "ce1ab3686621d4198bb84d1e2ec29cc0ee273889a24cae7d39e37662c54329bff01e34364ab3e04e78f02f035f31777ef59d58e2629fcb0654f6935097b8a18b6bdf597d50e7fc141b6a99ac209eb2dd7d7d4a1df815c020d5052901b97e37247abfca461edda482c923fd1790a2a22a663034b8bd0f982bfb75b9439590224df5abb231f8b07eeb574d59ef0a94330555e292e19ab8e2a8baf15838570df904fc593965d33c06bfb7b52beb22a7444fe078bc045eb24ef233ec535f38ef9bd078c6d04961dcbfcca9f5b5591e4dac3218e01c3fc5bcdd2438bb943f0b361038e1ec5b8963265717bcc0ae4dba57c0248e8291a76862fe2b15239f1b8ab405ea4d03f52a21ed7b5ee6f6f55d52286d938bf7ce54271b3fefe943692b8641557c7e6d01bb401ec0a57a796545fe2d3375f69975e0dac574db2543f003ed0389fcc8f8a7b9146cf61041a697e5b8f9d10dcd6fb1d5f71c7b7390ea9e2cd248b89a4c71ac05a013451c37c4388648d6dc438beecdcc240291027f9233f07ea5932898862adec2c540a6f547dcf18572ba24cb54df0c027e4dc52ab543bf5b2fe381571ad53c5ffdfc6f0f6c90646cebd0f2e50d6bce5fe3fe2f64ca2ca68b9709b5eac764954214e5b01094fd893b9812d3053b4bd61fa7854cd4d7c2cdaaa017442ad257cb2dca1e2ca6f42567a14ce2c209dc191a40fb833eaa00233ff575bd99a181e19f49cbfaf4a494aee4fc1d16f5d3ebdc727974f1c311cfd37b39bbd351d53bddd6da727dd72e335a039ebba9e9e0db0cd011851d20f1172d7f7d98779ecec35c3efda7b045537aaebb5762046f6829e2d093da8760986ba4775a218da02781d818f7cc35062cde08cdee6f08a6c284fa4f514e907effae27fec97196cd62bf25187f055009f3af969321f62388c6f0698d7d8dcc949c889874a927fd260324d130f3ff926930c361635d0d0d60fea138ce52201dd175396e49e2a4104bb2b05389ab0365c75362e1bd492ec16fe61f8021a4db40e126cad793195ee5077eb76d43879d93dd992dc7cd61dda56d27bcb3f1830f73d91dff2d7d749a50de1c4242ed5747ba3bf4d6eb46e739c49e125d86405197bd2de0f7f4e6d498ee8fbba3353d4f38419bb9c628f1c9e5eeec32f17aa293b896b693c373663aaff38ad53c646ff6689ddae09f65e8d73dbd05205f6bc4a0fbd3c568f39639705d4c52725d5403bd0e396e578dc8f69fc8b51997f6d5003337bc1e4996098f0e44eb8613c33f3b6e11f30bf865f4252cfce78c66d7a000ddf4e0764ce3b28396abf3ec816daa7df9739d0d3b346e506d7a34cb95b5fac84c6e732353cef034ac15a859d1aba6d8e1973c5595aebfb61fbfe79c39807c788c3d06e55a86525f63dc5659f511fe42e7e582362802bb5d05d482b15b5dc36fc1d463be92dced22fc445ffd87fcf913ef807f8246ae639969448d36ec8811a1d055771f05217d77ddf0efaf6576f3c9553748cdc1de80307fe76bf3cb067a54e5d58516737b94d291e02a18bf89bca76db1e43daab82b14b21c72fd67ef56a56a7aa748db04de5a5d95d75e8702feb48f9aef775a17d8925786521f3e4fd0ce78afd24a3d2a0801b2731a8a5475ccb072b10feb52a39aa84bb82dcc62209351c08b32e42325e471bda39ab54fc3159da78e3a34f1fb9e0ae59b1b5b16643e3d5881d43678dfabc972fb1b5c4d6ecef29482759f015c9cdea3b5bc6bdeccfaf82672163c04bcac8828b68c4a5b5e98fc7ddd46f994f01a745687641d495f9e7bcfb3791fbfc076648403fa86d52c8eb76f543e9381f4404a2f09a55e9fbfca4b330c9924bbb4f7463d799040e63f12bda5351dca81e6dfc6a59f60d5cfe59897a495186e9899719a8e64efe9aa384902f279b31f433a48f6b0374d51d5737a40b7e08b023dd7359faf03fb8f40a9dcaded25b59c1ec74ac5932233e9bc0e42504c4cc7d06e4efeac2b45160ec3738d1f06b94b8b11651bd1e6a0604c7ccf185f680967a2afc50ad4573e420308c78f8ab95e651383880ebbaf7aa9bb15ba88b6997b54a32787340f6832ed8eb96a67fb4b91ef2bc340d54b922714b252236e022950a1bf350bebaa238e3bcf2e1d07680a1a7e0fa1f8e2d8850f42f222fc5e76f05d5393dd4674b1204974e68af3dc97ee6dc1b4532d10e4dfb9cf903cd0f5da26e27791627228ed60d86276094598ace37062e7a37b6b17052516c9c062b79ffaab1b7751d34642a2fcf956e6cd27807c27cb407053f7776e11164b476ea80bd6553745fb315c453a0f34d54dce8669c13763d1b0a0719ee43d39e717524bac036544babd9c3e28b682d19860afd79887941a89aeef7e7d949638e1143dc773f48ccfbe07a638adb210b920d6397785114d46125adadabcf0ca3caaf35f6df90461a6401762e26b5086d931be146f185089f2aebaff1a8b95ba512cdd8938"}, @NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x4dcd}]}, 0xe78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = landlock_create_ruleset$auto(&(0x7f0000000140)={0x5, 0x1, 0x9}, 0xe, 0x0)
landlock_restrict_self$auto(r3, 0xb)
utimensat$auto(r3, &(0x7f0000000180)='./file0\x00', &(0x7f0000000380)={0xffffffffffffffff, 0x200}, 0x5)
renameat$auto(0x6, 0x0, 0x5, 0x0)
getpid()
ioctl$auto(r0, 0x4, r0)

4.882282368s ago: executing program 3 (id=2078):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
ioctl$auto(0xffffffffffffffff, 0x800064c1, r0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x9)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
open(&(0x7f00000002c0)='./file0\x00', 0x40a00, 0x1c7)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
pidfd_open$auto(0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0xb9, 0x9, 0xfffffffffffffffd, 0x948d, 0x1ff, 0x1, 0x8, 0x8003, 0x65, 0x8000001f, 0x10000001002, 0x100000000006d41, 0x7, 0x1, 0x9]}, 0x0)
statmount$auto(&(0x7f0000000080)={0x6, @inferred=r0, 0x7, 0x7fffffffffffffff, 0x4}, &(0x7f0000000440)={0xd8d1, 0x0, 0x4, 0x19, 0xfffffff8, 0x8, 0xfffffffd, 0x0, 0x2, 0x9, 0x2, 0xf, 0xfffffffffffffff3, 0xffffffff, 0x3, 0x9, 0x800000000000, 0x9, 0xfff, 0x7ff, 0x7, 0x7, 0x527, 0x0, 0x10001, 0x7, 0x7, 0x4aba, 0x1, 0x7ff, 0x7fff, [0x1, 0x2, 0x9, 0x6, 0x401, 0x8, 0xfffffffffffffff9, 0x401, 0xe60, 0x5, 0x9, 0x86617b3, 0xfbae, 0x2e89, 0x9, 0xe1e8, 0x7, 0x20, 0x7, 0x921d, 0xb6b4, 0x80000001, 0x9, 0x81, 0x8, 0xaa8, 0xfffffffffffffffd, 0x9, 0x3, 0x7, 0x2, 0x6, 0xd, 0x1, 0x7ff, 0x3ff, 0x9, 0x7, 0x8, 0x1, 0x4, 0xb, 0x5], "80f1079a2dc8a2ab7917570a4e87a53e7b44876873c206e4113da5ce7f190548085a57a346e95ac699524350a290311eb8c8b47e9d8551cb603d594f3545ed46013f0f11781948573f5c55e963490dab5b3ccb1b959dc8"}, 0x101, 0x3)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
fallocate$auto(r2, 0x3, 0x4e88, 0x4cbd5d)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ftruncate$auto(0x3, 0x700)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
sendmsg$auto_HWSIM_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x114, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x100, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x2c, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xdd2}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x7ff}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x7d}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0x5}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x81}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x5}, @NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x88, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5, 0x8, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x59}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xffffffc1}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xd}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0xe}]}]}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae8a, &(0x7f00000000c0)={0xfc})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="251729bd7000fcdbc754a96aab102501000000080001375d21bfd9ad8daad7c3302e43e80009000000a3f8f7539d7c6434e5325e9bafdaea12ade2183e7551bca86663fbc557544e0bbc8d0f4c0a7ecd65c0827ab822bbbdb78ee4b96f8f0dc0a04b2dcb201cdb8425cc6c15122c7f2aaef2906a5a6e40da60e42711524e807cf48798cc"], 0x1c}, 0x1, 0x0, 0x0, 0x1000}, 0x64810)

4.635582242s ago: executing program 2 (id=2079):
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x23, 0x5, 0x2009, 0x0, 0x0)
r0 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0)
read$auto_proc_pid_smaps_operations_internal(r0, &(0x7f00000002c0)=""/190, 0xfffffe39)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b881638b518dd8e24969b7fd10406fcf6eb9bb66bf56ed7568510c72b380fa6efbca84")
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
readv$auto(0x3, 0x0, 0x1)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x4)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
execve$auto(0x0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)=&(0x7f0000000340)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5', 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000180))
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
ioctl$auto(0xc8, 0x800454e1, 0x5c8d)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
write$auto(0x3, 0x0, 0x100082)

4.203530671s ago: executing program 0 (id=2080):
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x5, 0x800, 0x73) (async)
socket(0x2, 0x1, 0x84) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
io_uring_setup$auto(0x6, 0x0)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0xe2c1, 0x157)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
io_uring_setup$auto(0x59, 0x0)
socket(0xf, 0x3, 0x2) (async)
bpf$auto(0x0, &(0x7f0000000100)=@link_create={@prog_fd=0x1, @target_fd=0xa, 0x3, 0x8, @tracing={0x4, 0xffffffff}}, 0xfbf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) (async)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) (async)
socket(0x2, 0x2, 0x0) (async)
socket(0x2, 0x1, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/amidi2\x00', 0x2, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, &(0x7f0000001d00)=0x800) (async)
mmap$auto(0x0, 0x12, 0xdf, 0x15, 0xffffffffffffffff, 0x81)
remap_file_pages$auto(0x8, 0x69, 0x10001, 0x80003, 0x5) (async)
mincore$auto(0x0, 0x10000, 0x0)
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0x2020089, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) (async)
socketpair$auto(0x1e, 0x6, 0x8, 0x0)

3.754393838s ago: executing program 2 (id=2081):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram15/trace/act_mask\x00', 0x189002, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)
socket(0x2, 0x5, 0x0)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020005, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8003)
io_uring_setup$auto(0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0)
socket(0x28, 0x5, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001f9, 0x20000000007, 0x4, 0x1000000000000bc3, 0x20800, 0x3, 0xff, 0x10001, 0x400000000001, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0)
syz_clone(0x52000080, &(0x7f00000002c0)="0271bf5e4c70398cb7edd8a89e8ee339acbf0cc78f19ed8920accb8839cec476fc37ddf008a9b1bccebee4bc2b7a7ca0560fd14bf151f56fa88fe007bcfd8711c7", 0x41, &(0x7f0000000380), 0x0, &(0x7f0000000d40)="f3fc1b4476950329a50f3f0235bcd75dae3e8c6f5dff7136299dc47600c0fdee7c91d0fa26e19425572cf66b9499369b2e35ba2c17d3d89862cbc280291257dc0ac6534a96d0e414687bdf3b17386c62347c745a19a5f42d03adb4982fe39b3d35cc23c27ca5d3748a926d4b19abfaf28aeafbd58d2c085f08c4ba277125d3c08104a43d3d660c3a870143afe158a61b305be3ae15fab1454936528619b65375df616a2fa17477468a75e293761884464c8662d6eedcde5f30e9cf1a16feb0f3701185ed56178d90f7ad908b1c2faf480512d8e85ca3231c9b95e1e72f2cb489c3edf628d9dbc2e594fd281d83e2859b79aa1f16b0c76757f44fbca4e9fe9530e7d419f75b412aa0e0e9077d7ad8eb266f3cbd0713f5a4863c53dac6d4ff2a8d147976c9ca2dcdee25cf42522fc0ef8b9248278928bb5a7c967156e9b7af16b35ad0d61bcb00324867b425c62d1949e96e2995a697531c0fad70e83cfeaf4382429b3f1ebc1a24cc658e5773a91369d8c778d1330c9272419d73c3096355b0dbf6f961c1ed7d1878dd06d72c7b2e2964d8c49a8dd5917f7a8a5ae195814e33d01b18fdd6e44c905477df479c926b11f4e7c81a7f9be6f8edac3797da19bf58fdb78d49f9d85f9c3caca1225cd204d75892fff5bf9a15245520119a1aabc9fb3782d3d74ee49380142545479db5ed1170b43e6a967fe8ad0dd7e5f397c613c28d57773130de33d93db2d108ed646b45c924c24b54beb8dd749330c469d7d7ca9e99370c19150b27eaed624629087914f98f10aa1a5f27f1d813407c75344fb2e2693b40e4f73773ce7335d4557540481f980750cd6d6850634318300eaf7a893de58a6d0c3b9b7cc11eec731df9d60df1c0cf0a9d1d2e504e6a29045834a601e6699873f814a1b7c96d93df57a29af1de10b1257995c5167a44a086013ed20b332a2c0f305eb9a6e7f66995f8ceeeb0674d9073167cd87994012c77767f2da847c10b8b96246f5a827f1a83b08614b1e3e8b262d725e1bfa50067c89482a6c4585d363c3226a64fab5763c17c7251e52b936682ec4996d8ca4a77cb60540862f0d21f6d0b0af62e3783ba7969af4a590e13ba4d200dbc93092781ec1eec145fb6daaab0a16c4c48d52123bbe198861fcfb0712068bd3927c37fce497656bc02d8e6863984f6210c85d53c5eff57baea2c8d8952f0ac5e8e671e30d9be540b712ff3b1feac0e9809304d4b95abe79ba0f979a2928102e022b914f9b3481d2363216b3798d5caeb1c751dac7b33182332942f91219bb46e1d4d3bc47c9606b84d4caee7cdf179c70e7d2e6966b41a87bc795cbfd2a7847ac95458dea694a81170f3038dae2f31a0a5de22599f2189e90670c0923e972996b1f8f64323e60636efa8dd497450543d5a9dacd89343c3ab0a9c1df7c412c4a521d90538f843caa6220043903c6638daeb50a991135ecb66fd4ab9ec9e09f102e3db6f1a9493290848119c5db32680aaf93fab4adebe22c36df1b6cf694ab790a168e7bc3d66aa93bea2a388bf05fb3e4d4d09c66cff64672cb716501cb86ca32fe36bc8d424131a4742a3beba3023859c4039261d3d299ad495f23f06bd64eb0c9c6111b46d82b139393185bca78c29ca101c5b22bbc2321df2321651f8fcbbc330b69a22b083ca069bcf6f7518d2273c9183101af2d74fd7e553ffb43a59c92b51955f78162fa4c4a103cacc0e43003be841ccfca06ab50331c30d2acc5e82ef100727b1d3c78bcf7008338a5339e1601f8bd69bc580f815ff5903c309166ab89e3d32d9d116cedf34c92d2822cb6a8d17439b31c7317b0d6f90b6a6b83fb16eed7c2108938b74adbe564483c3784c8563f5f2cb1aa7daec30c3fe34d8074050faa773df6064e71bca27f2028ff0063bf9cba838b0b88fbe51082574099bd40898c4d527c008c758ffd6845c27ae9adbb39de532836e6c295afcf0dfc8edb78fc3c2254509528851af40a2e1730aadc12ec01cf24cf4a280eaab51ed79e1b4ed4adf65d27877c50a03796b9a47190841996c149a7a6a6df69325215f2177618f5ac15cce6ffe497ecb9752abc2d362fa799c2b0a5fb1cf9e3e44964bceef66ba50e1f41519c4cdd76e695ce3f5b77af80dbd835bc9f7fa20fe0129cf3ec2572e9be3086ca27dce44c4e626f43dd024e7e608a4e7f459d2473bf49cd4ac9d95bfe6f5ea2fdad9a26f10fd3fe6d859e59090461b42927c92e46d5195dcac5a29457ca718d8d1519683ca7a384f891662ddfcd33bb7a20c6f8338c2eb05c63511e04131c4ec0357db9002e1448bade38724b22ad833f227061111ec758d4e2a92764ace32785b8cb77dc5b8af165f73e7f73a0da1e468ccbf79077ea9ec9803ab16a8eafe839de0b24424726b57e9b72f01f6104b6536e0a47c2054962406eb49ecac624038ad94b2af9a52df5283a713a2c981de9af709d2de700b9e0f10aee0ff5b8a51988d10eb09cfc3003ed8f8b976d6ac04b0d74be1c00985ba54dfb17aabaea7df33de94fd96ef6d7641a266fee8b2abfefa44f155b398c49b614e07fc767d4580ba16991e734b05c1aa18add97d00b3f18a9990dcd4321e280b445a48f597b7f7ef0a1d4c02eca1dce8158dba49d05242dd59c96696dccd3d4166f4ce011b2fac0dcd70eba44d65eb0ed131c22823dc638b1e7f644b20b988fdcb5e5174a0d3326bbf67d4c568567039069ab0f66b3d994d1f3679e741c4ed881e9fc3e29eaeec01494fe88aa1fa8038dd9f3fa5e15122af3b2c9e044c49e774f3bdc0c7c6cb370c6efd38a453a4b1bed3a1c6fc8a9294c4a71abe0dac8a31a7403a36d764eec7e8ec7f5b811f13ec1119bd6f0ebf787d9d8c2f91d6b421b1791f8de503553c7e7d289d55e439751f026ee8f21317c241599e4c8b91bb11cd98b903f559a90e796ef88d70214bea6f5e34b1017513a850e06ce6375cb7e1518f997e672a5ff5c80a4e67674b3d8f011dc2bf5256b21b13c1e6043d4b0315701aab6cbc562cd8bfe45b270e2a7d03c17b128adcb509c016a1669fb82798e93a98ac66f0a91e0e0c3e64c0ee754860a06057b0efe2babb16c4e8514b4216fe321c9330e02c9d83156b9fb5ba43617a14769f817dbfb5d9658e0eb8d3204d8dff476eee7f80d7a63d260617bda1e691d594577ae272f19efe2a33740f4a90c932ffe8651711cabd0af0515e9884c55ca1911a273171e505d32fb5acf96200c8ff8514c5d318f8bdfb1a7d3f74b5491f789b314e8edc14a1a1b45ecd197639d09926eeb7d59f7558fbefee50fc25e39b64503fcda6bfdb88a97178cb6ce12ce9fa800c14b05d006440ddf057ef0720b81f2a8753f43ed664a6a0562f2771d0f8e3e1ce3d6a01fd914ff155e49a2db97a571381a9556e012bd303d6b0dba7ee186410820e0059fb8a7b2d3a8513032d5a94534585e4f05c0f98a6ce41952194706ce4baa0a5879ab2aa20e2355338e3f2e748aa4e79b07fe0616f35054c96109fbb7a6a6d8299ef62e632fffa5c2086389bd0783117a35d3a315ba56a62de5a6e8fa0f3a9ee8246240abd91083977a00002389a995c834e640b2927ca45da49b2e4bf30de09d01fd2071c7f9d379a5d8101dc24546ab5691b6c37471c44c1fe30946b59f11555a74cad10b296716d1aea8e6dc7b5b45f310a1da209ac5da8b01542a48b76a40baea27196f0d34d8bf418fa143e7c236fd57d02cd0d822da428d2313fb76d56497a54e2ce3dac1461e7f0fb51c9c15182c33febed3ee176563e861310177703fe7d7b99cb9046d126915e7699c1838414014b6ae71372e2cbe57fe92dd1adaf44e6251ae70d368dd2b0968e2fa40df658a2ad7391241f80574d540d92b567a4a6893ec4bc964330c999d21acd0447238c5905034dd2b721f50ac1d1473668da36b16a79961c93e0aa3efacfe750e28ba93e5ce8f30edd4a4f75d31d95697ac6fa0764cfaadfe10ea7545d298340ae9dbfa9856116d552be85275cc86fcba4d5415ca741724e05be2a53d4c4ebe53b6307f3a677e184c1e102364dea77d3dfc67e1d3bfb6f01a131230551a65dcbbce78a1081d22643ea364d53f39e0fd911951c2dd098800d823776c4a06d638d46496bea1c09409c57224e318116e9089e60c7dbbf2ed93e3a0659f1a3d753ddbd36df8727ec1297fc27fd108cdf83ae71e1847842295b3f0379038305a97080c6eb85a98cc6711635a85ecb93775c6c0f0ef4eaf19fc976bf4d39d2a5678e3c0ad6a6d25c419a6d72eb1fe1fee29ddc05a01e16d5333dd3e6bb4e4f9e1417cd1b5937464a1048d7b1b5741aaadf8a88f669255be97ccb2862152d425c1bc8e3e22b45da68d304af2b781f470fd794f1c3478c2190b76010327345bdc32c40a0e348337c8e02e6ddb0e31898e374b895d4bda92bfd6409e9bd398103388584102f6215e32865233a477b7ad5e911d73cd58c075c189e52c37a8593cf54d0c26444c7fe389a08e09d514436a7580bc654a39bf1b7982cbbd70ec43d38c0eede9ebcfe92d1f96238869ce3b66f344762c982c8e482f8bddde5e4871c160ba01d00d1e1b6027b1036dd6da7a1d5b54461ded70f65da8b5b041d2b978f4ec6e5411ebe91d234d5dfddaaec168cc0e5b57e053f0954216c28d2e13e987c7e5797a320601aa26a81bc46afb6b1a0cd39cbe6c47c5f3f5d60311e7e6584650aa8d984977e4e0cd3ce7aa1eaa8b963814fefd1308889b4839f256a48e0f412f161dddcdb144fa19224de8a1731277e068f0b63a97a19f99df5241f7abd5a211368cac59a207dfc0614f073e6340daf5521cdeffed6296979b2d2450548eed0d7ff6d5285d995368cbd2f73a581ffadef97c49c67398623a5790c56e55b7b970a6b44f102b8aa8f972f7ab07cb811fa8a2337c1be653b1bcecd6863dab7bfe8081592131eb10cd965551e00c81b31db0fb41a7a2f95ed0f879afb1db915e36c414318d2a82743fa82e4ccf85b3f79c91165afeee07f856d9262ae1d17b146072f9738933b3c1f907b0e7ebfce083ca9095ddb451502e493e593dcfc4a29b934a677a94cacb00208cc23d2485327c34ff982054693a67338fd7298f06137e28b08e9de2bdb072e5b11c53992dd3300d610d3feb9e17b336676c562b170d280771c1ba6d87f02b25f44ad3dfcd12f3275ccf3f253bc0446d9e583df18d5fc614f0b70e9b1d1291c04d24db782717d6735dfaf935f15cd66b6c6441e3fa518c6bd701cd8647faf6c02b2a860ea06c874147b7f24d9c5c062d58cfb38646eb53a143310a747f1217a1e4433f0a2aa563295d119edcee9abb868f204a7e27a4dae0030e0777fbef69326a98f7b996ffd4b8ac44d0a6c754418fa93ae9fa306207db289ff444eaade115766f49b34b9fa68")
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x2)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000140), r1)
sendmsg$auto_SMC_NETLINK_GET_LGR_SMCD(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x8800)
socket(0x25, 0x5, 0x73)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
semctl$auto_IPC_STAT(0xf7, 0x140, 0x2, 0xd3c7)
ioctl$auto(0xc8, 0x400454d0, 0x73)

3.594232711s ago: executing program 3 (id=2082):
unshare$auto(0x40000080)
r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r0, 0x0, 0x5, 0x9)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x68000, 0x0)
io_uring_setup$auto(0x7, 0x0)
readv$auto(0x3, &(0x7f0000001100)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0x4a541, 0x0)

3.518850475s ago: executing program 1 (id=2083):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram15/trace/act_mask\x00', 0x189002, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)
socket(0x2, 0x5, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, 0x0, 0x7, 0x0, 0xc004, 0xb}, 0xfff}, 0x5, 0x311)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020005, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8003)
io_uring_setup$auto(0x6, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0)
socket(0x28, 0x5, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xf, 0x3, 0x1, 0x948b, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001f9, 0x20000000007, 0x4, 0x1000000000000bc3, 0x20800, 0x3, 0xff, 0x10001, 0x400000000001, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0)
syz_clone(0x52000080, 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000d40)="f3fc1b4476950329a50f3f0235bcd75dae3e8c6f5dff7136299dc47600c0fdee7c91d0fa26e19425572cf66b9499369b2e35ba2c17d3d89862cbc280291257dc0ac6534a96d0e414687bdf3b17386c62347c745a19a5f42d03adb4982fe39b3d35cc23c27ca5d3748a926d4b19abfaf28aeafbd58d2c085f08c4ba277125d3c08104a43d3d660c3a870143afe158a61b305be3ae15fab1454936528619b65375df616a2fa17477468a75e293761884464c8662d6eedcde5f30e9cf1a16feb0f3701185ed56178d90f7ad908b1c2faf480512d8e85ca3231c9b95e1e72f2cb489c3edf628d9dbc2e594fd281d83e2859b79aa1f16b0c76757f44fbca4e9fe9530e7d419f75b412aa0e0e9077d7ad8eb266f3cbd0713f5a4863c53dac6d4ff2a8d147976c9ca2dcdee25cf42522fc0ef8b9248278928bb5a7c967156e9b7af16b35ad0d61bcb00324867b425c62d1949e96e2995a697531c0fad70e83cfeaf4382429b3f1ebc1a24cc658e5773a91369d8c778d1330c9272419d73c3096355b0dbf6f961c1ed7d1878dd06d72c7b2e2964d8c49a8dd5917f7a8a5ae195814e33d01b18fdd6e44c905477df479c926b11f4e7c81a7f9be6f8edac3797da19bf58fdb78d49f9d85f9c3caca1225cd204d75892fff5bf9a15245520119a1aabc9fb3782d3d74ee49380142545479db5ed1170b43e6a967fe8ad0dd7e5f397c613c28d57773130de33d93db2d108ed646b45c924c24b54beb8dd749330c469d7d7ca9e99370c19150b27eaed624629087914f98f10aa1a5f27f1d813407c75344fb2e2693b40e4f73773ce7335d4557540481f980750cd6d6850634318300eaf7a893de58a6d0c3b9b7cc11eec731df9d60df1c0cf0a9d1d2e504e6a29045834a601e6699873f814a1b7c96d93df57a29af1de10b1257995c5167a44a086013ed20b332a2c0f305eb9a6e7f66995f8ceeeb0674d9073167cd87994012c77767f2da847c10b8b96246f5a827f1a83b08614b1e3e8b262d725e1bfa50067c89482a6c4585d363c3226a64fab5763c17c7251e52b936682ec4996d8ca4a77cb60540862f0d21f6d0b0af62e3783ba7969af4a590e13ba4d200dbc93092781ec1eec145fb6daaab0a16c4c48d52123bbe198861fcfb0712068bd3927c37fce497656bc02d8e6863984f6210c85d53c5eff57baea2c8d8952f0ac5e8e671e30d9be540b712ff3b1feac0e9809304d4b95abe79ba0f979a2928102e022b914f9b3481d2363216b3798d5caeb1c751dac7b33182332942f91219bb46e1d4d3bc47c9606b84d4caee7cdf179c70e7d2e6966b41a87bc795cbfd2a7847ac95458dea694a81170f3038dae2f31a0a5de22599f2189e90670c0923e972996b1f8f64323e60636efa8dd497450543d5a9dacd89343c3ab0a9c1df7c412c4a521d90538f843caa6220043903c6638daeb50a991135ecb66fd4ab9ec9e09f102e3db6f1a9493290848119c5db32680aaf93fab4adebe22c36df1b6cf694ab790a168e7bc3d66aa93bea2a388bf05fb3e4d4d09c66cff64672cb716501cb86ca32fe36bc8d424131a4742a3beba3023859c4039261d3d299ad495f23f06bd64eb0c9c6111b46d82b139393185bca78c29ca101c5b22bbc2321df2321651f8fcbbc330b69a22b083ca069bcf6f7518d2273c9183101af2d74fd7e553ffb43a59c92b51955f78162fa4c4a103cacc0e43003be841ccfca06ab50331c30d2acc5e82ef100727b1d3c78bcf7008338a5339e1601f8bd69bc580f815ff5903c309166ab89e3d32d9d116cedf34c92d2822cb6a8d17439b31c7317b0d6f90b6a6b83fb16eed7c2108938b74adbe564483c3784c8563f5f2cb1aa7daec30c3fe34d8074050faa773df6064e71bca27f2028ff0063bf9cba838b0b88fbe51082574099bd40898c4d527c008c758ffd6845c27ae9adbb39de532836e6c295afcf0dfc8edb78fc3c2254509528851af40a2e1730aadc12ec01cf24cf4a280eaab51ed79e1b4ed4adf65d27877c50a03796b9a47190841996c149a7a6a6df69325215f2177618f5ac15cce6ffe497ecb9752abc2d362fa799c2b0a5fb1cf9e3e44964bceef66ba50e1f41519c4cdd76e695ce3f5b77af80dbd835bc9f7fa20fe0129cf3ec2572e9be3086ca27dce44c4e626f43dd024e7e608a4e7f459d2473bf49cd4ac9d95bfe6f5ea2fdad9a26f10fd3fe6d859e59090461b42927c92e46d5195dcac5a29457ca718d8d1519683ca7a384f891662ddfcd33bb7a20c6f8338c2eb05c63511e04131c4ec0357db9002e1448bade38724b22ad833f227061111ec758d4e2a92764ace32785b8cb77dc5b8af165f73e7f73a0da1e468ccbf79077ea9ec9803ab16a8eafe839de0b24424726b57e9b72f01f6104b6536e0a47c2054962406eb49ecac624038ad94b2af9a52df5283a713a2c981de9af709d2de700b9e0f10aee0ff5b8a51988d10eb09cfc3003ed8f8b976d6ac04b0d74be1c00985ba54dfb17aabaea7df33de94fd96ef6d7641a266fee8b2abfefa44f155b398c49b614e07fc767d4580ba16991e734b05c1aa18add97d00b3f18a9990dcd4321e280b445a48f597b7f7ef0a1d4c02eca1dce8158dba49d05242dd59c96696dccd3d4166f4ce011b2fac0dcd70eba44d65eb0ed131c22823dc638b1e7f644b20b988fdcb5e5174a0d3326bbf67d4c568567039069ab0f66b3d994d1f3679e741c4ed881e9fc3e29eaeec01494fe88aa1fa8038dd9f3fa5e15122af3b2c9e044c49e774f3bdc0c7c6cb370c6efd38a453a4b1bed3a1c6fc8a9294c4a71abe0dac8a31a7403a36d764eec7e8ec7f5b811f13ec1119bd6f0ebf787d9d8c2f91d6b421b1791f8de503553c7e7d289d55e439751f026ee8f21317c241599e4c8b91bb11cd98b903f559a90e796ef88d70214bea6f5e34b1017513a850e06ce6375cb7e1518f997e672a5ff5c80a4e67674b3d8f011dc2bf5256b21b13c1e6043d4b0315701aab6cbc562cd8bfe45b270e2a7d03c17b128adcb509c016a1669fb82798e93a98ac66f0a91e0e0c3e64c0ee754860a06057b0efe2babb16c4e8514b4216fe321c9330e02c9d83156b9fb5ba43617a14769f817dbfb5d9658e0eb8d3204d8dff476eee7f80d7a63d260617bda1e691d594577ae272f19efe2a33740f4a90c932ffe8651711cabd0af0515e9884c55ca1911a273171e505d32fb5acf96200c8ff8514c5d318f8bdfb1a7d3f74b5491f789b314e8edc14a1a1b45ecd197639d09926eeb7d59f7558fbefee50fc25e39b64503fcda6bfdb88a97178cb6ce12ce9fa800c14b05d006440ddf057ef0720b81f2a8753f43ed664a6a0562f2771d0f8e3e1ce3d6a01fd914ff155e49a2db97a571381a9556e012bd303d6b0dba7ee186410820e0059fb8a7b2d3a8513032d5a94534585e4f05c0f98a6ce41952194706ce4baa0a5879ab2aa20e2355338e3f2e748aa4e79b07fe0616f35054c96109fbb7a6a6d8299ef62e632fffa5c2086389bd0783117a35d3a315ba56a62de5a6e8fa0f3a9ee8246240abd91083977a00002389a995c834e640b2927ca45da49b2e4bf30de09d01fd2071c7f9d379a5d8101dc24546ab5691b6c37471c44c1fe30946b59f11555a74cad10b296716d1aea8e6dc7b5b45f310a1da209ac5da8b01542a48b76a40baea27196f0d34d8bf418fa143e7c236fd57d02cd0d822da428d2313fb76d56497a54e2ce3dac1461e7f0fb51c9c15182c33febed3ee176563e861310177703fe7d7b99cb9046d126915e7699c1838414014b6ae71372e2cbe57fe92dd1adaf44e6251ae70d368dd2b0968e2fa40df658a2ad7391241f80574d540d92b567a4a6893ec4bc964330c999d21acd0447238c5905034dd2b721f50ac1d1473668da36b16a79961c93e0aa3efacfe750e28ba93e5ce8f30edd4a4f75d31d95697ac6fa0764cfaadfe10ea7545d298340ae9dbfa9856116d552be85275cc86fcba4d5415ca741724e05be2a53d4c4ebe53b6307f3a677e184c1e102364dea77d3dfc67e1d3bfb6f01a131230551a65dcbbce78a1081d22643ea364d53f39e0fd911951c2dd098800d823776c4a06d638d46496bea1c09409c57224e318116e9089e60c7dbbf2ed93e3a0659f1a3d753ddbd36df8727ec1297fc27fd108cdf83ae71e1847842295b3f0379038305a97080c6eb85a98cc6711635a85ecb93775c6c0f0ef4eaf19fc976bf4d39d2a5678e3c0ad6a6d25c419a6d72eb1fe1fee29ddc05a01e16d5333dd3e6bb4e4f9e1417cd1b5937464a1048d7b1b5741aaadf8a88f669255be97ccb2862152d425c1bc8e3e22b45da68d304af2b781f470fd794f1c3478c2190b76010327345bdc32c40a0e348337c8e02e6ddb0e31898e374b895d4bda92bfd6409e9bd398103388584102f6215e32865233a477b7ad5e911d73cd58c075c189e52c37a8593cf54d0c26444c7fe389a08e09d514436a7580bc654a39bf1b7982cbbd70ec43d38c0eede9ebcfe92d1f96238869ce3b66f344762c982c8e482f8bddde5e4871c160ba01d00d1e1b6027b1036dd6da7a1d5b54461ded70f65da8b5b041d2b978f4ec6e5411ebe91d234d5dfddaaec168cc0e5b57e053f0954216c28d2e13e987c7e5797a320601aa26a81bc46afb6b1a0cd39cbe6c47c5f3f5d60311e7e6584650aa8d984977e4e0cd3ce7aa1eaa8b963814fefd1308889b4839f256a48e0f412f161dddcdb144fa19224de8a1731277e068f0b63a97a19f99df5241f7abd5a211368cac59a207dfc0614f073e6340daf5521cdeffed6296979b2d2450548eed0d7ff6d5285d995368cbd2f73a581ffadef97c49c67398623a5790c56e55b7b970a6b44f102b8aa8f972f7ab07cb811fa8a2337c1be653b1bcecd6863dab7bfe8081592131eb10cd965551e00c81b31db0fb41a7a2f95ed0f879afb1db915e36c414318d2a82743fa82e4ccf85b3f79c91165afeee07f856d9262ae1d17b146072f9738933b3c1f907b0e7ebfce083ca9095ddb451502e493e593dcfc4a29b934a677a94cacb00208cc23d2485327c34ff982054693a67338fd7298f06137e28b08e9de2bdb072e5b11c53992dd3300d610d3feb9e17b336676c562b170d280771c1ba6d87f02b25f44ad3dfcd12f3275ccf3f253bc0446d9e583df18d5fc614f0b70e9b1d1291c04d24db782717d6735dfaf935f15cd66b6c6441e3fa518c6bd701cd8647faf6c02b2a860ea06c874147b7f24d9c5c062d58cfb38646eb53a143310a747f1217a1e4433f0a2aa563295d119edcee9abb868f204a7e27a4dae0030e0777fbef69326a98f7b996ffd4b8ac44d0a6c754418fa93ae9fa306207db289ff444eaade115766f49b34b9fa68")
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x2)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000140), r1)
sendmsg$auto_SMC_NETLINK_GET_LGR_SMCD(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x8800)
socket(0x25, 0x5, 0x73)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0)
semctl$auto_IPC_STAT(0xf7, 0x140, 0x2, 0xd3c7)
ioctl$auto(0xc8, 0x400454d0, 0x73)

3.323689615s ago: executing program 0 (id=2084):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r1, 0x0, 0x0)
openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x80680, 0x0)
readv$auto(0x3, 0x0, 0x1)
timer_create$auto(0x2, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
r2 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x1a3)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x8, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
msync$auto(0xffffffffffff7fff, 0x4, 0x1000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r0, 0x1, &(0x7f0000000000)="14040000000000001b")
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

2.401774084s ago: executing program 3 (id=2085):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x92, &(0x7f0000000100)={0x0, 0x3, 0x2fff, 0x6, 0x6, 0x400a, 0xffffffffffffffff, [], {0x6, 0x3, 0x0, 0x800029f, 0x3, 0x7f, 0x0, 0x4}, {0xe63c, 0x4, 0x100004e, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x8000c, 0x100000000}})
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffbfffd}, 0xffff}, 0x4000, 0x20000043)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x3, 0x2020009, 0x3, 0xeb1, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketcall$auto(0x5, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r3, r3, 0x0, 0x3)
mmap$auto(0x0, 0x8000000000000000, 0x3edc2ecf, 0x9b72, 0x2, 0x8000)
socket(0x27, 0x800, 0x84)
ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
msync$auto(0x200000, 0x2000000005, 0x6)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)

2.136342413s ago: executing program 1 (id=2086):
r0 = gettid()
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
rt_sigtimedwait$auto(&(0x7f0000000100)={0xfffffffffffffbff}, 0x0, 0x0, 0x8)
kill$auto(r0, 0x14)
mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5)
unshare$auto(0x40000080)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r1)

1.901493577s ago: executing program 0 (id=2087):
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/ax88179_178a/remove_id\x00', 0x488081, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x82001, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964", 0x236)
ioctl$auto_SNDCTL_SEQ_SYNC(r0, 0x5101, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/arp_tables_targets\x00', 0x0, 0x0)
pread64$auto(r1, &(0x7f0000000100)='/proc/self/net/arp_tables_targets\x00', 0x8, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
timer_create$auto(0x0, 0x0, 0x0)
timer_gettime$auto(0x0, 0x0)
write$auto(0x3, 0x0, 0xfdef)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x4e0041, 0x0)
ioctl$auto_UI_SET_PROPBIT(r2, 0x4004556e, &(0x7f00000000c0)=0x9)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x5, 0x0)
pipe$auto(0x0)

1.711767194s ago: executing program 2 (id=2088):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/cgroup\x00', 0x0, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x7)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vivid.0/video4linux/vbi26/dev\x00', 0x5bb600, 0x0)
mmap$auto(0x0, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x23, 0x80805, 0x0)
getsockopt$auto(r2, 0x40000000113, 0x9, 0xfffffffffffffffc, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
syz_open_procfs$namespace(0x0, &(0x7f00000000c0))
mmap$auto(0x3, 0x2, 0x4000000000df, 0x10, 0x401, 0x6)
socket(0x29, 0x2, 0x2)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x2, 0x80802, 0x0)
mmap$auto(0x2, 0x20009, 0x4000000000df, 0xfffffffffffffff9, r0, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(r3, &(0x7f0000000040)=@generic={0x8, "00010100"}, 0x5c)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, 0x0, 0x1fe, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.19102129s ago: executing program 2 (id=2089):
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x23, 0x5, 0x2009, 0x0, 0x0)
r0 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0)
read$auto_proc_pid_smaps_operations_internal(r0, &(0x7f00000002c0)=""/190, 0xfffffe39)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b881638b518dd8e24969b7fd10406fcf6eb9bb66bf56ed7568510c72b380fa6efbca84")
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
readv$auto(0x3, 0x0, 0x1)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x4)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
execve$auto(0x0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)=&(0x7f0000000340)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5', 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000180))
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
ioctl$auto(0xc8, 0x800454e1, 0x5c8d)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
write$auto(0x3, 0x0, 0x100082)

663.302165ms ago: executing program 1 (id=2090):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x92, &(0x7f0000000100)={0x0, 0x3, 0x2fff, 0x6, 0x6, 0x400a, 0xffffffffffffffff, [], {0x6, 0x3, 0x0, 0x800029f, 0x3, 0x7f, 0x0, 0x4}, {0xe63c, 0x4, 0x100004e, 0x85, 0x2, 0x1a7b870a, 0x76c2, 0x8000c, 0x100000000}})
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffbfffd}, 0xffff}, 0x4000, 0x20000043)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x3, 0x2020009, 0x3, 0xeb1, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketcall$auto(0x5, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r3, r3, 0x0, 0x3)
mmap$auto(0x0, 0x8000000000000000, 0x3edc2ecf, 0x9b72, 0x2, 0x8000)
socket(0x27, 0x800, 0x84)
ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
msync$auto(0x200000, 0x2000000005, 0x6)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)

568.155681ms ago: executing program 2 (id=2091):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
ioctl$auto(0xffffffffffffffff, 0x800064c1, r0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x9)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
open(&(0x7f00000002c0)='./file0\x00', 0x40a00, 0x1c7)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
pidfd_open$auto(0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0xb9, 0x9, 0xfffffffffffffffd, 0x948d, 0x1ff, 0x1, 0x8, 0x8003, 0x65, 0x8000001f, 0x10000001002, 0x100000000006d41, 0x7, 0x1, 0x9]}, 0x0)
statmount$auto(&(0x7f0000000080)={0x6, @inferred=r0, 0x7, 0x7fffffffffffffff, 0x4}, &(0x7f0000000440)={0xd8d1, 0x0, 0x4, 0x19, 0xfffffff8, 0x8, 0xfffffffd, 0x0, 0x2, 0x9, 0x2, 0xf, 0xfffffffffffffff3, 0xffffffff, 0x3, 0x9, 0x800000000000, 0x9, 0xfff, 0x7ff, 0x7, 0x7, 0x527, 0x0, 0x10001, 0x7, 0x7, 0x4aba, 0x1, 0x7ff, 0x7fff, [0x1, 0x2, 0x9, 0x6, 0x401, 0x8, 0xfffffffffffffff9, 0x401, 0xe60, 0x5, 0x9, 0x86617b3, 0xfbae, 0x2e89, 0x9, 0xe1e8, 0x7, 0x20, 0x7, 0x921d, 0xb6b4, 0x80000001, 0x9, 0x81, 0x8, 0xaa8, 0xfffffffffffffffd, 0x9, 0x3, 0x7, 0x2, 0x6, 0xd, 0x1, 0x7ff, 0x3ff, 0x9, 0x7, 0x8, 0x1, 0x4, 0xb, 0x5], "80f1079a2dc8a2ab7917570a4e87a53e7b44876873c206e4113da5ce7f190548085a57a346e95ac699524350a290311eb8c8b47e9d8551cb603d594f3545ed46013f0f11781948573f5c55e963490dab5b3ccb1b959dc8"}, 0x101, 0x3)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
fallocate$auto(r2, 0x3, 0x4e88, 0x4cbd5d)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
ftruncate$auto(0x3, 0x700)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
sendmsg$auto_HWSIM_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x114, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x100, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x2c, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xdd2}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x7ff}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x7d}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0x5}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x81}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT={0x5, 0x7, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}]}]}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x5}, @NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR={0x4}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_TYPE_CAPA={0x88, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x8, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_ASAP={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI={0x4}]}, @NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC={0x4}, @NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5, 0x8, 0x2}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0x59}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xffffffc1}, @NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES={0x8, 0x5, 0xd}, @NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS={0x8, 0x6, 0xe}]}]}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae8a, &(0x7f00000000c0)={0xfc})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="251729bd7000fcdbc754a96aab102501000000080001375d21bfd9ad8daad7c3302e43e80009000000a3f8f7539d7c6434e5325e9bafdaea12ade2183e7551bca86663fbc557544e0bbc8d0f4c0a7ecd65c0827ab822bbbdb78ee4b96f8f0dc0a04b2dcb201cdb8425cc6c15122c7f2aaef2906a5a6e40da60e42711524e807cf48798cc"], 0x1c}, 0x1, 0x0, 0x0, 0x1000}, 0x64810)

543.995149ms ago: executing program 0 (id=2092):
fsconfig$auto_SHMEM_HUGE_DENY(0xffffffffffffffff, 0x0, &(0x7f0000000140)='\\!:\x00', 0x0, 0xffffffffffffffff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000020c0), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f00000031c0)={0x0, 0x0, &(0x7f0000003180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010028087000fcdbdf2504000000040007000800fc24d866df3d3604000002000004000e000400070004001200"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$auto_TIPC_NL_SOCK_GET(r1, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="8d4329bdffdbdf25060000000000"], 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
openat$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, 0x0, 0x440002, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
fanotify_mark$auto(0xffffffffffffffff, 0x209, 0xa, 0xffffffffffffffff, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x3}, 0x0, 0x10000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5)
mmap$auto(0x0, 0x400008, 0x4, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x20000a, 0x4)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)

0s ago: executing program 3 (id=2093):
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
sendfile$auto(r0, r0, 0x0, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(0xca, 0x0, 0x7f)
mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x28000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x6)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/amidi2\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x1, 0x6, 0x8, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c47, 0x4, 0x100, 0x7ffffffb, 0x101, 0x800, 0x1}, {0x8, 0xe0e9, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/ocfs2/max_locking_protocol\x00', 0xa2500, 0x0)
r1 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x181080, 0x98)
r2 = open_by_handle_at$auto(r1, &(0x7f0000000140)={0x4, 0x20002, "01000000"}, 0xc)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
io_uring_enter$auto(0xffffffffffffffff, 0x2, 0xffffffff, 0x3, 0x0, 0x6)
getsockopt$auto_SO_NO_CHECK(r2, 0x8, 0xb, &(0x7f0000000000)='\x00', &(0x7f0000000180)=0xff)
mmap$auto(0x400, 0x100000005, 0x100000008, 0x16, 0x2, 0x8)
madvise$auto(0x0, 0x2003f2, 0x15)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x10200007, 0x1c)

kernel console output (not intermixed with test programs):

000000080 RDI: ffffffffffffff9c
[  276.136004][ T8332] RBP: 00007fef82e32e6f R08: 0000000000000000 R09: 0000000000000000
[  276.136018][ T8332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.136040][ T8332] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  276.136071][ T8332]  </TASK>
[  276.890236][ T8315] ima: policy update failed
[  276.914481][   T30] audit: type=1802 audit(1782555826.981:26): pid=8315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.541" res=0 errno=0
[  278.861514][ T8346] ima: policy update failed
[  278.879941][   T30] audit: type=1802 audit(1782555828.971:27): pid=8346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.549" res=0 errno=0
[  280.332802][ T8378] FAULT_INJECTION: forcing a failure.
[  280.332802][ T8378] name failslab, interval 1, probability 0, space 0, times 0
[  280.414394][ T8378] CPU: 0 UID: 0 PID: 8378 Comm: syz.0.556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  280.414433][ T8378] Tainted: [L]=SOFTLOCKUP
[  280.414442][ T8378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  280.414456][ T8378] Call Trace:
[  280.414464][ T8378]  <TASK>
[  280.414475][ T8378]  dump_stack_lvl+0x100/0x190
[  280.414511][ T8378]  should_fail_ex.cold+0x5/0xa
[  280.414542][ T8378]  should_failslab+0xc2/0x120
[  280.414584][ T8378]  __kmalloc_cache_noprof+0x91/0x6c0
[  280.414611][ T8378]  ? kobject_uevent_env+0x263/0x18b0
[  280.414650][ T8378]  kobject_uevent_env+0x263/0x18b0
[  280.414687][ T8378]  ? bus_to_subsys+0x114/0x150
[  280.414716][ T8378]  device_add+0x1173/0x1970
[  280.414756][ T8378]  ? __pfx_device_add+0x10/0x10
[  280.414791][ T8378]  ? lockdep_init_map_type+0x5c/0x250
[  280.414817][ T8378]  ? __init_waitqueue_head+0xca/0x150
[  280.414852][ T8378]  rfkill_register+0x1ad/0xb30
[  280.414890][ T8378]  nfc_register_device+0x11f/0x3e0
[  280.414916][ T8378]  nci_register_device+0x7f1/0xb80
[  280.414952][ T8378]  ? __pfx_nci_register_device+0x10/0x10
[  280.414990][ T8378]  ? lockdep_init_map_type+0x5c/0x250
[  280.415019][ T8378]  virtual_ncidev_open+0x141/0x220
[  280.415057][ T8378]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  280.415094][ T8378]  misc_open+0x26d/0x450
[  280.415119][ T8378]  ? __pfx_misc_open+0x10/0x10
[  280.415143][ T8378]  chrdev_open+0x234/0x6a0
[  280.415167][ T8378]  ? __pfx_apparmor_file_open+0x10/0x10
[  280.415194][ T8378]  ? __pfx_chrdev_open+0x10/0x10
[  280.415221][ T8378]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  280.415255][ T8378]  do_dentry_open+0x6ab/0x14d0
[  280.415279][ T8378]  ? __pfx_chrdev_open+0x10/0x10
[  280.415311][ T8378]  vfs_open+0x82/0x3f0
[  280.415347][ T8378]  path_openat+0x2873/0x4280
[  280.415384][ T8378]  ? __pfx_path_openat+0x10/0x10
[  280.415441][ T8378]  do_file_open+0x20e/0x430
[  280.415468][ T8378]  ? __pfx_do_file_open+0x10/0x10
[  280.415516][ T8378]  ? alloc_fd+0x471/0x7a0
[  280.415542][ T8378]  ? do_getname+0x191/0x390
[  280.415581][ T8378]  do_sys_openat2+0x10f/0x1e0
[  280.415614][ T8378]  ? __pfx_do_sys_openat2+0x10/0x10
[  280.415650][ T8378]  ? do_handle_open+0x2ca/0xf10
[  280.415686][ T8378]  __x64_sys_openat+0x12d/0x210
[  280.415721][ T8378]  ? __pfx___x64_sys_openat+0x10/0x10
[  280.415765][ T8378]  do_syscall_64+0x115/0x840
[  280.415786][ T8378]  ? clear_bhb_loop+0x40/0x90
[  280.415816][ T8378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.415841][ T8378] RIP: 0033:0x7fc5ead9ce59
[  280.415861][ T8378] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.415885][ T8378] RSP: 002b:00007fc5ebc9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  280.415908][ T8378] RAX: ffffffffffffffda RBX: 00007fc5eb015fa0 RCX: 00007fc5ead9ce59
[  280.415925][ T8378] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  280.415940][ T8378] RBP: 00007fc5eae32e6f R08: 0000000000000000 R09: 0000000000000000
[  280.415954][ T8378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.415969][ T8378] R13: 00007fc5eb016038 R14: 00007fc5eb015fa0 R15: 00007fff61f6aa28
[  280.416000][ T8378]  </TASK>
[  281.499970][ T8394] input: f�
 as /devices/virtual/input/input40
[  281.527227][ T5635] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  282.443744][ T8404] netlink: 12 bytes leftover after parsing attributes in process `syz.2.563'.
[  283.229637][ T8419] netlink: 12 bytes leftover after parsing attributes in process `syz.0.568'.
[  283.310530][ T8422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.566'.
[  283.762324][ T8424] netlink: 342 bytes leftover after parsing attributes in process `syz.2.566'.
[  285.213798][ T8440] FAULT_INJECTION: forcing a failure.
[  285.213798][ T8440] name failslab, interval 1, probability 0, space 0, times 0
[  285.239259][ T8455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.575'.
[  285.364210][ T8455] netlink: 342 bytes leftover after parsing attributes in process `syz.1.575'.
[  285.402604][ T8440] CPU: 0 UID: 0 PID: 8440 Comm: syz.3.571 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  285.402644][ T8440] Tainted: [L]=SOFTLOCKUP
[  285.402652][ T8440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  285.402666][ T8440] Call Trace:
[  285.402674][ T8440]  <TASK>
[  285.402684][ T8440]  dump_stack_lvl+0x100/0x190
[  285.402721][ T8440]  should_fail_ex.cold+0x5/0xa
[  285.402752][ T8440]  should_failslab+0xc2/0x120
[  285.402788][ T8440]  kmem_cache_alloc_noprof+0x91/0x6a0
[  285.402820][ T8440]  ? __kernfs_new_node+0xd2/0xa10
[  285.402849][ T8440]  __kernfs_new_node+0xd2/0xa10
[  285.402876][ T8440]  ? __pfx___kernfs_new_node+0x10/0x10
[  285.402906][ T8440]  ? find_held_lock+0x2b/0x80
[  285.402936][ T8440]  ? kernfs_root+0xee/0x2a0
[  285.402971][ T8440]  ? kernfs_root+0xee/0x2a0
[  285.403013][ T8440]  kernfs_new_node+0x117/0x150
[  285.403042][ T8440]  __kernfs_create_file+0x53/0x350
[  285.403077][ T8440]  sysfs_add_file_mode_ns+0x207/0x3c0
[  285.403119][ T8440]  sysfs_merge_group+0x194/0x340
[  285.403160][ T8440]  ? __pfx_sysfs_merge_group+0x10/0x10
[  285.403199][ T8440]  ? bus_add_device+0x2e2/0x6c0
[  285.403250][ T8440]  ? __pfx_bus_add_device+0x10/0x10
[  285.403277][ T8440]  ? __pfx_dev_add_physical_location+0x10/0x10
[  285.403321][ T8440]  dpm_sysfs_add+0x237/0x280
[  285.403366][ T8440]  device_add+0x9f4/0x1970
[  285.403406][ T8440]  ? __pfx_device_add+0x10/0x10
[  285.403442][ T8440]  ? lockdep_init_map_type+0x5c/0x250
[  285.403468][ T8440]  ? __init_waitqueue_head+0xca/0x150
[  285.403502][ T8440]  rfkill_register+0x1ad/0xb30
[  285.403541][ T8440]  nfc_register_device+0x11f/0x3e0
[  285.403567][ T8440]  nci_register_device+0x7f1/0xb80
[  285.403603][ T8440]  ? __pfx_nci_register_device+0x10/0x10
[  285.403641][ T8440]  ? lockdep_init_map_type+0x5c/0x250
[  285.403671][ T8440]  virtual_ncidev_open+0x141/0x220
[  285.403709][ T8440]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  285.403746][ T8440]  misc_open+0x26d/0x450
[  285.403770][ T8440]  ? __pfx_misc_open+0x10/0x10
[  285.403794][ T8440]  chrdev_open+0x234/0x6a0
[  285.403819][ T8440]  ? __pfx_apparmor_file_open+0x10/0x10
[  285.403849][ T8440]  ? __pfx_chrdev_open+0x10/0x10
[  285.403875][ T8440]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  285.403910][ T8440]  do_dentry_open+0x6ab/0x14d0
[  285.403934][ T8440]  ? __pfx_chrdev_open+0x10/0x10
[  285.403966][ T8440]  vfs_open+0x82/0x3f0
[  285.404001][ T8440]  path_openat+0x2873/0x4280
[  285.404038][ T8440]  ? __pfx_path_openat+0x10/0x10
[  285.404072][ T8440]  do_file_open+0x20e/0x430
[  285.404102][ T8440]  ? __pfx_do_file_open+0x10/0x10
[  285.404153][ T8440]  ? alloc_fd+0x471/0x7a0
[  285.404182][ T8440]  ? do_getname+0x191/0x390
[  285.404217][ T8440]  do_sys_openat2+0x10f/0x1e0
[  285.404249][ T8440]  ? __pfx_do_sys_openat2+0x10/0x10
[  285.404285][ T8440]  ? do_handle_open+0x2ca/0xf10
[  285.404321][ T8440]  __x64_sys_openat+0x12d/0x210
[  285.404362][ T8440]  ? __pfx___x64_sys_openat+0x10/0x10
[  285.404407][ T8440]  do_syscall_64+0x115/0x840
[  285.404429][ T8440]  ? clear_bhb_loop+0x40/0x90
[  285.404458][ T8440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.404483][ T8440] RIP: 0033:0x7fef82d9ce59
[  285.404503][ T8440] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  285.404527][ T8440] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  285.404550][ T8440] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  285.404567][ T8440] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  285.404582][ T8440] RBP: 00007fef82e32e6f R08: 0000000000000000 R09: 0000000000000000
[  285.404596][ T8440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  285.404611][ T8440] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  285.404641][ T8440]  </TASK>
[  288.671450][ T8483] netlink: 28 bytes leftover after parsing attributes in process `syz.1.579'.
[  288.797784][ T8487] netlink: 342 bytes leftover after parsing attributes in process `syz.1.579'.
[  289.185802][ T8485] Process accounting resumed
[  290.573848][ T8492] ima: policy update failed
[  290.672665][   T30] audit: type=1802 audit(1782555840.761:28): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.582" res=0 errno=0
[  292.323109][ T8510] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  292.380547][ T8510] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  292.473350][ T8510] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  292.560062][ T8510] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  293.198514][ T5635] Bluetooth: hci3: unexpected event 0x1d length: 6 > 5
[  293.646736][ T5635] Bluetooth: hci1: command 0x0406 tx timeout
[  294.446179][ T5635] Bluetooth: hci0: command 0x0406 tx timeout
[  294.526139][ T5635] Bluetooth: hci2: command 0x0406 tx timeout
[  294.579048][ T8552] netlink: 28 bytes leftover after parsing attributes in process `syz.0.594'.
[  294.606491][ T5635] Bluetooth: hci3: command 0x0406 tx timeout
[  294.884891][ T8554] netlink: 342 bytes leftover after parsing attributes in process `syz.0.594'.
[  295.145812][ T8543] kexec: Could not allocate control_code_buffer
[  295.960500][ T8567] netlink: 12 bytes leftover after parsing attributes in process `syz.0.598'.
[  296.080331][ T8569] FAULT_INJECTION: forcing a failure.
[  296.080331][ T8569] name failslab, interval 1, probability 0, space 0, times 0
[  296.149814][ T8569] CPU: 0 UID: 0 PID: 8569 Comm: syz.2.599 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  296.149854][ T8569] Tainted: [L]=SOFTLOCKUP
[  296.149863][ T8569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  296.149878][ T8569] Call Trace:
[  296.149885][ T8569]  <TASK>
[  296.149894][ T8569]  dump_stack_lvl+0x100/0x190
[  296.149930][ T8569]  should_fail_ex.cold+0x5/0xa
[  296.149962][ T8569]  should_failslab+0xc2/0x120
[  296.149997][ T8569]  kmem_cache_alloc_noprof+0x91/0x6a0
[  296.150029][ T8569]  ? __kernfs_new_node+0xd2/0xa10
[  296.150058][ T8569]  __kernfs_new_node+0xd2/0xa10
[  296.150089][ T8569]  ? __pfx___kernfs_new_node+0x10/0x10
[  296.150120][ T8569]  ? find_held_lock+0x2b/0x80
[  296.150151][ T8569]  ? kernfs_root+0xee/0x2a0
[  296.150186][ T8569]  ? kernfs_root+0xee/0x2a0
[  296.150237][ T8569]  kernfs_new_node+0x117/0x150
[  296.150265][ T8569]  __kernfs_create_file+0x53/0x350
[  296.150300][ T8569]  sysfs_add_file_mode_ns+0x207/0x3c0
[  296.150343][ T8569]  sysfs_merge_group+0x194/0x340
[  296.150383][ T8569]  ? __pfx_sysfs_merge_group+0x10/0x10
[  296.150421][ T8569]  ? bus_add_device+0x2e2/0x6c0
[  296.150451][ T8569]  ? __pfx_bus_add_device+0x10/0x10
[  296.150477][ T8569]  ? __pfx_dev_add_physical_location+0x10/0x10
[  296.150522][ T8569]  dpm_sysfs_add+0x237/0x280
[  296.150561][ T8569]  device_add+0x9f4/0x1970
[  296.150601][ T8569]  ? __pfx_device_add+0x10/0x10
[  296.150636][ T8569]  ? lockdep_init_map_type+0x5c/0x250
[  296.150661][ T8569]  ? __init_waitqueue_head+0xca/0x150
[  296.150696][ T8569]  rfkill_register+0x1ad/0xb30
[  296.150734][ T8569]  nfc_register_device+0x11f/0x3e0
[  296.150760][ T8569]  nci_register_device+0x7f1/0xb80
[  296.150796][ T8569]  ? __pfx_nci_register_device+0x10/0x10
[  296.150835][ T8569]  ? lockdep_init_map_type+0x5c/0x250
[  296.150864][ T8569]  virtual_ncidev_open+0x141/0x220
[  296.150902][ T8569]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  296.150939][ T8569]  misc_open+0x26d/0x450
[  296.150964][ T8569]  ? __pfx_misc_open+0x10/0x10
[  296.150987][ T8569]  chrdev_open+0x234/0x6a0
[  296.151012][ T8569]  ? __pfx_apparmor_file_open+0x10/0x10
[  296.151039][ T8569]  ? __pfx_chrdev_open+0x10/0x10
[  296.151065][ T8569]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  296.151100][ T8569]  do_dentry_open+0x6ab/0x14d0
[  296.151124][ T8569]  ? __pfx_chrdev_open+0x10/0x10
[  296.151156][ T8569]  vfs_open+0x82/0x3f0
[  296.151191][ T8569]  path_openat+0x2873/0x4280
[  296.151236][ T8569]  ? __pfx_path_openat+0x10/0x10
[  296.151270][ T8569]  do_file_open+0x20e/0x430
[  296.151297][ T8569]  ? __pfx_do_file_open+0x10/0x10
[  296.151344][ T8569]  ? alloc_fd+0x471/0x7a0
[  296.151371][ T8569]  ? do_getname+0x191/0x390
[  296.151405][ T8569]  do_sys_openat2+0x10f/0x1e0
[  296.151439][ T8569]  ? __pfx_do_sys_openat2+0x10/0x10
[  296.151474][ T8569]  ? do_handle_open+0x2ca/0xf10
[  296.151510][ T8569]  __x64_sys_openat+0x12d/0x210
[  296.151544][ T8569]  ? __pfx___x64_sys_openat+0x10/0x10
[  296.151589][ T8569]  do_syscall_64+0x115/0x840
[  296.151610][ T8569]  ? clear_bhb_loop+0x40/0x90
[  296.151640][ T8569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.151665][ T8569] RIP: 0033:0x7f54bdb9ce59
[  296.151684][ T8569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  296.151708][ T8569] RSP: 002b:00007f54beb3d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  296.151731][ T8569] RAX: ffffffffffffffda RBX: 00007f54bde15fa0 RCX: 00007f54bdb9ce59
[  296.151747][ T8569] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  296.151763][ T8569] RBP: 00007f54bdc32e6f R08: 0000000000000000 R09: 0000000000000000
[  296.151777][ T8569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  296.151792][ T8569] R13: 00007f54bde16038 R14: 00007f54bde15fa0 R15: 00007ffeb158a098
[  296.151823][ T8569]  </TASK>
[  297.424120][ T8581] netlink: 12 bytes leftover after parsing attributes in process `syz.2.600'.
[  297.725548][ T8586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.601'.
[  297.890820][ T8587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.601'.
[  297.959042][ T8589] netlink: 12 bytes leftover after parsing attributes in process `syz.2.602'.
[  298.464341][ T8591] FAULT_INJECTION: forcing a failure.
[  298.464341][ T8591] name failslab, interval 1, probability 0, space 0, times 0
[  298.567474][ T8591] CPU: 0 UID: 0 PID: 8591 Comm: syz.3.603 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  298.567513][ T8591] Tainted: [L]=SOFTLOCKUP
[  298.567521][ T8591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  298.567536][ T8591] Call Trace:
[  298.567543][ T8591]  <TASK>
[  298.567552][ T8591]  dump_stack_lvl+0x100/0x190
[  298.567586][ T8591]  should_fail_ex.cold+0x5/0xa
[  298.567618][ T8591]  should_failslab+0xc2/0x120
[  298.567654][ T8591]  kmem_cache_alloc_noprof+0x91/0x6a0
[  298.567686][ T8591]  ? __kernfs_new_node+0xd2/0xa10
[  298.567715][ T8591]  __kernfs_new_node+0xd2/0xa10
[  298.567742][ T8591]  ? __pfx___kernfs_new_node+0x10/0x10
[  298.567772][ T8591]  ? find_held_lock+0x2b/0x80
[  298.567803][ T8591]  ? kernfs_root+0xee/0x2a0
[  298.567838][ T8591]  ? kernfs_root+0xee/0x2a0
[  298.567881][ T8591]  kernfs_new_node+0x117/0x150
[  298.567909][ T8591]  __kernfs_create_file+0x53/0x350
[  298.567943][ T8591]  sysfs_add_file_mode_ns+0x207/0x3c0
[  298.567985][ T8591]  sysfs_merge_group+0x194/0x340
[  298.568025][ T8591]  ? __pfx_sysfs_merge_group+0x10/0x10
[  298.568065][ T8591]  ? bus_add_device+0x2e2/0x6c0
[  298.568096][ T8591]  ? __pfx_bus_add_device+0x10/0x10
[  298.568122][ T8591]  ? __pfx_dev_add_physical_location+0x10/0x10
[  298.568174][ T8591]  dpm_sysfs_add+0x237/0x280
[  298.568213][ T8591]  device_add+0x9f4/0x1970
[  298.568253][ T8591]  ? __pfx_device_add+0x10/0x10
[  298.568289][ T8591]  ? lockdep_init_map_type+0x5c/0x250
[  298.568314][ T8591]  ? __init_waitqueue_head+0xca/0x150
[  298.568350][ T8591]  rfkill_register+0x1ad/0xb30
[  298.568388][ T8591]  nfc_register_device+0x11f/0x3e0
[  298.568415][ T8591]  nci_register_device+0x7f1/0xb80
[  298.568452][ T8591]  ? __pfx_nci_register_device+0x10/0x10
[  298.568491][ T8591]  ? lockdep_init_map_type+0x5c/0x250
[  298.568521][ T8591]  virtual_ncidev_open+0x141/0x220
[  298.568559][ T8591]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  298.568596][ T8591]  misc_open+0x26d/0x450
[  298.568621][ T8591]  ? __pfx_misc_open+0x10/0x10
[  298.568644][ T8591]  chrdev_open+0x234/0x6a0
[  298.568669][ T8591]  ? __pfx_apparmor_file_open+0x10/0x10
[  298.568696][ T8591]  ? __pfx_chrdev_open+0x10/0x10
[  298.568723][ T8591]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  298.568757][ T8591]  do_dentry_open+0x6ab/0x14d0
[  298.568782][ T8591]  ? __pfx_chrdev_open+0x10/0x10
[  298.568813][ T8591]  vfs_open+0x82/0x3f0
[  298.568848][ T8591]  path_openat+0x2873/0x4280
[  298.568885][ T8591]  ? __pfx_path_openat+0x10/0x10
[  298.568918][ T8591]  do_file_open+0x20e/0x430
[  298.568946][ T8591]  ? __pfx_do_file_open+0x10/0x10
[  298.568992][ T8591]  ? alloc_fd+0x471/0x7a0
[  298.569018][ T8591]  ? do_getname+0x191/0x390
[  298.569052][ T8591]  do_sys_openat2+0x10f/0x1e0
[  298.569084][ T8591]  ? __pfx_do_sys_openat2+0x10/0x10
[  298.569120][ T8591]  ? do_handle_open+0x2ca/0xf10
[  298.569161][ T8591]  __x64_sys_openat+0x12d/0x210
[  298.569195][ T8591]  ? __pfx___x64_sys_openat+0x10/0x10
[  298.569240][ T8591]  do_syscall_64+0x115/0x840
[  298.569262][ T8591]  ? clear_bhb_loop+0x40/0x90
[  298.569292][ T8591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.569316][ T8591] RIP: 0033:0x7fef82d9ce59
[  298.569337][ T8591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  298.569361][ T8591] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  298.569384][ T8591] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  298.569400][ T8591] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  298.569415][ T8591] RBP: 00007fef82e32e6f R08: 0000000000000000 R09: 0000000000000000
[  298.569430][ T8591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.569444][ T8591] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  298.569474][ T8591]  </TASK>
[  299.571638][ T8606] netlink: 12 bytes leftover after parsing attributes in process `syz.2.606'.
[  300.257549][ T8617] netlink: 28 bytes leftover after parsing attributes in process `syz.3.607'.
[  300.428895][ T8620] netlink: 342 bytes leftover after parsing attributes in process `syz.3.607'.
[  300.522576][ T8622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.609'.
[  301.963288][ T8570] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  302.115519][ T8629] ima: policy update failed
[  302.194184][   T30] audit: type=1802 audit(1782555852.281:29): pid=8629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.610" res=0 errno=0
[  304.583773][ T8655] kexec: Could not allocate control_code_buffer
[  305.871797][ T8681] FAULT_INJECTION: forcing a failure.
[  305.871797][ T8681] name fail_futex, interval 1, probability 0, space 0, times 0
[  306.051550][ T8677] Invalid ELF header magic: != ELF
[  306.122042][ T8681] CPU: 0 UID: 0 PID: 8681 Comm: syz.0.620 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  306.122081][ T8681] Tainted: [L]=SOFTLOCKUP
[  306.122089][ T8681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  306.122104][ T8681] Call Trace:
[  306.122112][ T8681]  <TASK>
[  306.122120][ T8681]  dump_stack_lvl+0x100/0x190
[  306.122156][ T8681]  should_fail_ex.cold+0x5/0xa
[  306.122188][ T8681]  get_futex_key+0x1d2/0x14f0
[  306.122216][ T8681]  ? __pfx_get_futex_key+0x10/0x10
[  306.122240][ T8681]  ? __lock_acquire+0x49f/0x1a40
[  306.122266][ T8681]  ? putname+0xb1/0x110
[  306.122292][ T8681]  ? kasan_save_stack+0x3f/0x50
[  306.122321][ T8681]  ? kasan_save_stack+0x30/0x50
[  306.122349][ T8681]  ? kasan_save_track+0x14/0x30
[  306.122391][ T8681]  futex_wake+0xf4/0x5e0
[  306.122429][ T8681]  ? __pfx_futex_wake+0x10/0x10
[  306.122474][ T8681]  do_futex+0x2b2/0x440
[  306.122502][ T8681]  ? __pfx_do_futex+0x10/0x10
[  306.122537][ T8681]  __x64_sys_futex+0x34f/0x4d0
[  306.122569][ T8681]  ? __pfx___x64_sys_futex+0x10/0x10
[  306.122596][ T8681]  ? kmem_cache_free+0x127/0x6b0
[  306.122630][ T8681]  do_syscall_64+0x115/0x840
[  306.122654][ T8681]  ? clear_bhb_loop+0x40/0x90
[  306.122683][ T8681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  306.122708][ T8681] RIP: 0033:0x7fc5ead9ce59
[  306.122728][ T8681] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  306.122752][ T8681] RSP: 002b:00007fc5ebc5a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  306.122775][ T8681] RAX: ffffffffffffffda RBX: 00007fc5eb016188 RCX: 00007fc5ead9ce59
[  306.122791][ T8681] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc5eb01618c
[  306.122806][ T8681] RBP: 00007fc5eb016180 R08: 0000000000000001 R09: 0000000000000000
[  306.122820][ T8681] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  306.122835][ T8681] R13: 00007fc5eb016218 R14: 00007fff61f6a940 R15: 00007fff61f6aa28
[  306.122865][ T8681]  </TASK>
[  306.675551][ T5635] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  308.455008][ T8707] netlink: 20 bytes leftover after parsing attributes in process `syz.1.625'.
[  309.168913][ T8720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.630'.
[  310.381587][ T8734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.632'.
[  311.798798][ T8754] netlink: 12 bytes leftover after parsing attributes in process `syz.2.637'.
[  312.964105][ T8761] hub 1-0:1.0: USB hub found
[  313.092681][ T8761] hub 1-0:1.0: 1 port detected
[  313.567734][ T5635] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  314.231776][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.2.644'.
[  314.393112][ T8786] FAULT_INJECTION: forcing a failure.
[  314.393112][ T8786] name failslab, interval 1, probability 0, space 0, times 0
[  314.473213][ T8786] CPU: 0 UID: 0 PID: 8786 Comm: syz.3.643 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  314.473253][ T8786] Tainted: [L]=SOFTLOCKUP
[  314.473261][ T8786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  314.473276][ T8786] Call Trace:
[  314.473283][ T8786]  <TASK>
[  314.473292][ T8786]  dump_stack_lvl+0x100/0x190
[  314.473333][ T8786]  should_fail_ex.cold+0x5/0xa
[  314.473365][ T8786]  should_failslab+0xc2/0x120
[  314.473403][ T8786]  kmem_cache_alloc_noprof+0x91/0x6a0
[  314.473453][ T8786]  ? __kernfs_new_node+0xd2/0xa10
[  314.473482][ T8786]  __kernfs_new_node+0xd2/0xa10
[  314.473510][ T8786]  ? __pfx___kernfs_new_node+0x10/0x10
[  314.473553][ T8786]  ? find_held_lock+0x2b/0x80
[  314.473587][ T8786]  ? kernfs_root+0xee/0x2a0
[  314.473622][ T8786]  ? kernfs_root+0xee/0x2a0
[  314.473664][ T8786]  kernfs_new_node+0x117/0x150
[  314.473692][ T8786]  __kernfs_create_file+0x53/0x350
[  314.473726][ T8786]  sysfs_add_file_mode_ns+0x207/0x3c0
[  314.473768][ T8786]  sysfs_merge_group+0x194/0x340
[  314.473815][ T8786]  ? __pfx_sysfs_merge_group+0x10/0x10
[  314.473853][ T8786]  ? bus_add_device+0x2e2/0x6c0
[  314.473883][ T8786]  ? __pfx_bus_add_device+0x10/0x10
[  314.473909][ T8786]  ? __pfx_dev_add_physical_location+0x10/0x10
[  314.473953][ T8786]  dpm_sysfs_add+0x237/0x280
[  314.473990][ T8786]  device_add+0x9f4/0x1970
[  314.474030][ T8786]  ? __pfx_device_add+0x10/0x10
[  314.474066][ T8786]  ? lockdep_init_map_type+0x5c/0x250
[  314.474091][ T8786]  ? __init_waitqueue_head+0xca/0x150
[  314.474136][ T8786]  rfkill_register+0x1ad/0xb30
[  314.474179][ T8786]  nfc_register_device+0x11f/0x3e0
[  314.474205][ T8786]  nci_register_device+0x7f1/0xb80
[  314.474242][ T8786]  ? __pfx_nci_register_device+0x10/0x10
[  314.474280][ T8786]  ? lockdep_init_map_type+0x5c/0x250
[  314.474311][ T8786]  virtual_ncidev_open+0x141/0x220
[  314.474349][ T8786]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  314.474387][ T8786]  misc_open+0x26d/0x450
[  314.474411][ T8786]  ? __pfx_misc_open+0x10/0x10
[  314.474435][ T8786]  chrdev_open+0x234/0x6a0
[  314.474459][ T8786]  ? __pfx_apparmor_file_open+0x10/0x10
[  314.474485][ T8786]  ? __pfx_chrdev_open+0x10/0x10
[  314.474513][ T8786]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  314.474547][ T8786]  do_dentry_open+0x6ab/0x14d0
[  314.474571][ T8786]  ? __pfx_chrdev_open+0x10/0x10
[  314.474602][ T8786]  vfs_open+0x82/0x3f0
[  314.474637][ T8786]  path_openat+0x2873/0x4280
[  314.474674][ T8786]  ? __pfx_path_openat+0x10/0x10
[  314.474707][ T8786]  do_file_open+0x20e/0x430
[  314.474735][ T8786]  ? __pfx_do_file_open+0x10/0x10
[  314.474781][ T8786]  ? alloc_fd+0x471/0x7a0
[  314.474812][ T8786]  ? do_getname+0x191/0x390
[  314.474846][ T8786]  do_sys_openat2+0x10f/0x1e0
[  314.474879][ T8786]  ? __pfx_do_sys_openat2+0x10/0x10
[  314.474915][ T8786]  ? do_handle_open+0x2ca/0xf10
[  314.474951][ T8786]  __x64_sys_openat+0x12d/0x210
[  314.474984][ T8786]  ? __pfx___x64_sys_openat+0x10/0x10
[  314.475029][ T8786]  do_syscall_64+0x115/0x840
[  314.475050][ T8786]  ? clear_bhb_loop+0x40/0x90
[  314.475080][ T8786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.475104][ T8786] RIP: 0033:0x7fef82d9ce59
[  314.475124][ T8786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  314.475148][ T8786] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  314.475172][ T8786] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  314.475188][ T8786] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  314.475203][ T8786] RBP: 00007fef82e32e6f R08: 0000000000000000 R09: 0000000000000000
[  314.475218][ T8786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  314.475238][ T8786] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  314.475270][ T8786]  </TASK>
[  315.533388][ T8797] netlink: 338 bytes leftover after parsing attributes in process `syz.2.645'.
[  316.015963][ T8802] sock: sock_set_timeout: `syz.3.647' (pid 8802) tries to set negative timeout
[  317.334409][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  317.341224][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  317.942891][ T8826] hub 1-0:1.0: USB hub found
[  317.977929][ T8826] hub 1-0:1.0: 1 port detected
[  320.973113][ T8862] FAULT_INJECTION: forcing a failure.
[  320.973113][ T8862] name failslab, interval 1, probability 0, space 0, times 0
[  321.054128][ T8862] CPU: 0 UID: 0 PID: 8862 Comm: syz.0.661 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  321.054165][ T8862] Tainted: [L]=SOFTLOCKUP
[  321.054173][ T8862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  321.054187][ T8862] Call Trace:
[  321.054194][ T8862]  <TASK>
[  321.054202][ T8862]  dump_stack_lvl+0x100/0x190
[  321.054237][ T8862]  should_fail_ex.cold+0x5/0xa
[  321.054268][ T8862]  should_failslab+0xc2/0x120
[  321.054302][ T8862]  kmem_cache_alloc_noprof+0x91/0x6a0
[  321.054334][ T8862]  ? __anon_vma_prepare+0xae/0x5e0
[  321.054362][ T8862]  __anon_vma_prepare+0xae/0x5e0
[  321.054384][ T8862]  ? __pfx___pte_alloc+0x10/0x10
[  321.054419][ T8862]  __vmf_anon_prepare+0x11f/0x250
[  321.054455][ T8862]  do_anonymous_page+0x51b/0x2080
[  321.054488][ T8862]  __handle_mm_fault+0x1d2c/0x2a00
[  321.054517][ T8862]  ? mt_find+0x45e/0x8e0
[  321.054544][ T8862]  ? __pfx___handle_mm_fault+0x10/0x10
[  321.054566][ T8862]  ? __pfx_mt_find+0x10/0x10
[  321.054613][ T8862]  handle_mm_fault+0x37b/0xa30
[  321.054643][ T8862]  __get_user_pages+0x1178/0x32a0
[  321.054688][ T8862]  ? __pfx___get_user_pages+0x10/0x10
[  321.054730][ T8862]  populate_vma_page_range+0x267/0x3f0
[  321.054768][ T8862]  ? __pfx_populate_vma_page_range+0x10/0x10
[  321.054804][ T8862]  ? __pfx_find_vma_intersection+0x10/0x10
[  321.054838][ T8862]  ? do_mmap+0x93f/0x12f0
[  321.054874][ T8862]  __mm_populate+0x107/0x3a0
[  321.054911][ T8862]  ? __pfx___mm_populate+0x10/0x10
[  321.054950][ T8862]  ? up_write+0x2e5/0x5c0
[  321.054978][ T8862]  vm_mmap_pgoff+0x37f/0x470
[  321.055015][ T8862]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  321.055051][ T8862]  ? __mutex_unlock_slowpath+0x35d/0x930
[  321.055098][ T8862]  ksys_mmap_pgoff+0xe4/0x610
[  321.055140][ T8862]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  321.055170][ T8862]  ? fput+0x79/0x100
[  321.055198][ T8862]  ? ksys_write+0x1ac/0x250
[  321.055222][ T8862]  ? __pfx_ksys_write+0x10/0x10
[  321.055247][ T8862]  __x64_sys_mmap+0x125/0x190
[  321.055281][ T8862]  do_syscall_64+0x115/0x840
[  321.055301][ T8862]  ? clear_bhb_loop+0x40/0x90
[  321.055330][ T8862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.055354][ T8862] RIP: 0033:0x7fc5ead9ce59
[  321.055373][ T8862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.055396][ T8862] RSP: 002b:00007fc5ebc9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  321.055418][ T8862] RAX: ffffffffffffffda RBX: 00007fc5eb015fa0 RCX: 00007fc5ead9ce59
[  321.055434][ T8862] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  321.055448][ T8862] RBP: 00007fc5ebc9c090 R08: 0000000000000002 R09: 0000000000008000
[  321.055462][ T8862] R10: 0000100000009b72 R11: 0000000000000246 R12: 0000000000000001
[  321.055476][ T8862] R13: 00007fc5eb016038 R14: 00007fc5eb015fa0 R15: 00007fff61f6aa28
[  321.055505][ T8862]  </TASK>
[  321.793567][ T8854] Process accounting paused
[  322.085745][ T8875] netlink: 8 bytes leftover after parsing attributes in process `syz.2.664'.
[  324.553581][ T8905] zswap: compressor Z�u��~���^��8��a��cu0���|��,a����Rr�qP������'��)��ޱ`�*�]���T]�X��؃(ۂ�TN�>�_��r$�������z��&�[+x[DPx�e?��m��3Q�z not available
[  325.552316][ T8924] netlink: 338 bytes leftover after parsing attributes in process `syz.1.678'.
[  326.938868][ T8935] netlink: 12 bytes leftover after parsing attributes in process `syz.1.681'.
[  328.249129][ T8942] ima: policy update failed
[  328.300913][   T30] audit: type=1802 audit(1782555878.391:30): pid=8942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.684" res=0 errno=0
[  328.453022][ T8955] input: f�
 as /devices/virtual/input/input43
[  329.327335][ T8971] netlink: 28 bytes leftover after parsing attributes in process `syz.1.689'.
[  329.645167][ T8975] netlink: 342 bytes leftover after parsing attributes in process `syz.1.689'.
[  329.967998][ T8959] kexec: Could not allocate control_code_buffer
[  330.855403][ T9003] netlink: 338 bytes leftover after parsing attributes in process `syz.3.694'.
[  331.005116][ T9003] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.012787][ T9003] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.390325][ T9010] netlink: 326 bytes leftover after parsing attributes in process `syz.3.696'.
[  332.805870][ T9028] input: f�
 as /devices/virtual/input/input44
[  332.875709][ T5635] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5
[  336.679025][ T9071] netlink: 20 bytes leftover after parsing attributes in process `syz.0.710'.
[  337.978250][ T9094] netlink: 12 bytes leftover after parsing attributes in process `syz.2.714'.
[  339.383201][ T9107] netlink: 'syz.0.715': attribute type 1 has an invalid length.
[  339.561823][ T9107] netlink: 322 bytes leftover after parsing attributes in process `syz.0.715'.
[  340.826240][ T9131] netlink: 28 bytes leftover after parsing attributes in process `syz.0.722'.
[  340.991132][ T9123] ima: policy update failed
[  341.022590][   T30] audit: type=1802 audit(1782555891.111:31): pid=9123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.721" res=0 errno=0
[  341.131236][ T9139] netlink: 20 bytes leftover after parsing attributes in process `syz.2.724'.
[  341.282819][ T9140] netlink: 342 bytes leftover after parsing attributes in process `syz.0.722'.
[  341.668330][ T9152] netlink: 28 bytes leftover after parsing attributes in process `syz.1.725'.
[  342.171882][ T9154] netlink: 342 bytes leftover after parsing attributes in process `syz.1.725'.
[  342.472241][ T9165] netlink: 326 bytes leftover after parsing attributes in process `syz.3.728'.
[  342.917594][ T9155] ima: policy update failed
[  342.941540][   T30] audit: type=1802 audit(1782555893.031:32): pid=9155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.726" res=0 errno=0
[  344.858405][ T9193] netlink: 12 bytes leftover after parsing attributes in process `syz.3.734'.
[  344.909006][ T9190] netlink: 28 bytes leftover after parsing attributes in process `syz.0.733'.
[  345.195992][ T9197] netlink: 20 bytes leftover after parsing attributes in process `syz.2.735'.
[  345.361076][ T9198] netlink: 342 bytes leftover after parsing attributes in process `syz.0.733'.
[  346.996518][ T9216] netlink: 4 bytes leftover after parsing attributes in process `syz.1.738'.
[  347.482172][ T9225] netlink: 20 bytes leftover after parsing attributes in process `syz.1.740'.
[  347.537075][ T9210] kexec: Could not allocate control_code_buffer
[  351.558324][ T9266] netlink: 12 bytes leftover after parsing attributes in process `syz.3.751'.
[  351.613890][ T9264] netlink: 20 bytes leftover after parsing attributes in process `syz.0.750'.
[  352.204498][ T9249] Process accounting resumed
[  352.330072][ T9276] netlink: 28 bytes leftover after parsing attributes in process `syz.1.753'.
[  352.470826][ T9278] netlink: 342 bytes leftover after parsing attributes in process `syz.1.753'.
[  353.177774][ T9289] netlink: 28 bytes leftover after parsing attributes in process `syz.2.755'.
[  353.372095][ T9291] netlink: 342 bytes leftover after parsing attributes in process `syz.2.755'.
[  353.797597][ T9296] netlink: 12 bytes leftover after parsing attributes in process `syz.1.757'.
[  355.892877][ T9307] kexec: Could not allocate control_code_buffer
[  356.252568][ T9338] netlink: 20 bytes leftover after parsing attributes in process `syz.0.767'.
[  356.435768][ T9325] ima: policy update failed
[  356.466002][   T30] audit: type=1802 audit(1782555906.551:33): pid=9325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.764" res=0 errno=0
[  357.711352][ T9356] netlink: 20 bytes leftover after parsing attributes in process `syz.0.771'.
[  358.443221][ T9369] netlink: 12 bytes leftover after parsing attributes in process `syz.3.775'.
[  360.639837][ T9404] FAULT_INJECTION: forcing a failure.
[  360.639837][ T9404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.763668][ T9404] CPU: 0 UID: 0 PID: 9404 Comm: syz.1.783 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  360.763707][ T9404] Tainted: [L]=SOFTLOCKUP
[  360.763715][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  360.763738][ T9404] Call Trace:
[  360.763746][ T9404]  <TASK>
[  360.763756][ T9404]  dump_stack_lvl+0x100/0x190
[  360.763853][ T9404]  should_fail_ex.cold+0x5/0xa
[  360.763909][ T9404]  _copy_to_user+0x32/0xd0
[  360.764011][ T9404]  simple_read_from_buffer+0xcb/0x170
[  360.764069][ T9404]  proc_fail_nth_read+0x1af/0x230
[  360.764110][ T9404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  360.764144][ T9404]  ? rw_verify_area+0xce/0x6d0
[  360.764182][ T9404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  360.764214][ T9404]  vfs_read+0x1e4/0xb40
[  360.764239][ T9404]  ? __pfx_vfs_read+0x10/0x10
[  360.764260][ T9404]  ? __fget_files+0x215/0x3d0
[  360.764288][ T9404]  ? __fget_files+0x21f/0x3d0
[  360.764316][ T9404]  ksys_read+0x12a/0x250
[  360.764337][ T9404]  ? __pfx_ksys_read+0x10/0x10
[  360.764367][ T9404]  do_syscall_64+0x115/0x840
[  360.764447][ T9404]  ? clear_bhb_loop+0x40/0x90
[  360.764486][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.764511][ T9404] RIP: 0033:0x7f99dbf5d68e
[  360.764530][ T9404] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  360.764553][ T9404] RSP: 002b:00007f99dcef0fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  360.764598][ T9404] RAX: ffffffffffffffda RBX: 00007f99dcef16c0 RCX: 00007f99dbf5d68e
[  360.764616][ T9404] RDX: 000000000000000f RSI: 00007f99dcef10a0 RDI: 0000000000000003
[  360.764630][ T9404] RBP: 00007f99dcef1090 R08: 0000000000000000 R09: 0000000000000000
[  360.764644][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.764658][ T9404] R13: 00007f99dc216038 R14: 00007f99dc215fa0 R15: 00007ffcad0dda18
[  360.764688][ T9404]  </TASK>
[  364.114794][ T9445] netlink: 28 bytes leftover after parsing attributes in process `syz.1.793'.
[  364.317356][ T9452] netlink: 342 bytes leftover after parsing attributes in process `syz.1.793'.
[  364.523298][ T9455] netlink: 28 bytes leftover after parsing attributes in process `syz.3.794'.
[  364.798232][ T9462] netlink: 342 bytes leftover after parsing attributes in process `syz.3.794'.
[  370.028384][ T9515] kexec: Could not allocate control_code_buffer
[  375.128380][ T9585] kexec: Could not allocate control_code_buffer
[  376.985408][ T9626] FAULT_INJECTION: forcing a failure.
[  376.985408][ T9626] name failslab, interval 1, probability 0, space 0, times 0
[  377.080066][ T9626] CPU: 0 UID: 0 PID: 9626 Comm: syz.0.834 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  377.080105][ T9626] Tainted: [L]=SOFTLOCKUP
[  377.080113][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  377.080128][ T9626] Call Trace:
[  377.080136][ T9626]  <TASK>
[  377.080146][ T9626]  dump_stack_lvl+0x100/0x190
[  377.080180][ T9626]  should_fail_ex.cold+0x5/0xa
[  377.080236][ T9626]  should_failslab+0xc2/0x120
[  377.080300][ T9626]  __kmalloc_cache_noprof+0x91/0x6c0
[  377.080332][ T9626]  ? virtual_ncidev_open+0x49/0x220
[  377.080467][ T9626]  virtual_ncidev_open+0x49/0x220
[  377.080505][ T9626]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  377.080543][ T9626]  misc_open+0x26d/0x450
[  377.080603][ T9626]  ? __pfx_misc_open+0x10/0x10
[  377.080627][ T9626]  chrdev_open+0x234/0x6a0
[  377.080652][ T9626]  ? __pfx_apparmor_file_open+0x10/0x10
[  377.080715][ T9626]  ? __pfx_chrdev_open+0x10/0x10
[  377.080743][ T9626]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  377.080786][ T9626]  do_dentry_open+0x6ab/0x14d0
[  377.080810][ T9626]  ? __pfx_chrdev_open+0x10/0x10
[  377.080841][ T9626]  vfs_open+0x82/0x3f0
[  377.080876][ T9626]  path_openat+0x2873/0x4280
[  377.080913][ T9626]  ? __pfx_path_openat+0x10/0x10
[  377.080946][ T9626]  do_file_open+0x20e/0x430
[  377.080974][ T9626]  ? __pfx_do_file_open+0x10/0x10
[  377.081020][ T9626]  ? alloc_fd+0x471/0x7a0
[  377.081046][ T9626]  ? do_getname+0x191/0x390
[  377.081079][ T9626]  do_sys_openat2+0x10f/0x1e0
[  377.081113][ T9626]  ? __pfx_do_sys_openat2+0x10/0x10
[  377.081147][ T9626]  ? find_held_lock+0x2b/0x80
[  377.081199][ T9626]  __x64_sys_openat+0x12d/0x210
[  377.081233][ T9626]  ? __pfx___x64_sys_openat+0x10/0x10
[  377.081278][ T9626]  do_syscall_64+0x115/0x840
[  377.081300][ T9626]  ? clear_bhb_loop+0x40/0x90
[  377.081330][ T9626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.081354][ T9626] RIP: 0033:0x7fc5ead9ce59
[  377.081379][ T9626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.081404][ T9626] RSP: 002b:00007fc5ebc9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  377.081428][ T9626] RAX: ffffffffffffffda RBX: 00007fc5eb015fa0 RCX: 00007fc5ead9ce59
[  377.081445][ T9626] RDX: 0000000000000200 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  377.081460][ T9626] RBP: 00007fc5eae32e6f R08: 0000000000000000 R09: 0000000000000000
[  377.081475][ T9626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  377.081489][ T9626] R13: 00007fc5eb016038 R14: 00007fc5eb015fa0 R15: 00007fff61f6aa28
[  377.081520][ T9626]  </TASK>
[  377.403675][ T9610] kexec: Could not allocate control_code_buffer

getty: ttyS0: read error: Resource temporarily unavailable
[  378.125186][ T9650] random: crng reseeded on system resumption
[  378.404191][ T9658] netlink: 28 bytes leftover after parsing attributes in process `syz.2.839'.
[  378.680585][ T9661] netlink: 342 bytes leftover after parsing attributes in process `syz.2.839'.
[  378.778620][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  378.778708][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  381.972931][ T9701] netlink: 28 bytes leftover after parsing attributes in process `syz.2.848'.
[  382.151296][ T9706] netlink: 342 bytes leftover after parsing attributes in process `syz.2.848'.
[  383.175141][ T9693] Process accounting paused
[  383.393970][ T9724] netlink: 28 bytes leftover after parsing attributes in process `syz.3.852'.
[  383.686755][ T9724] netlink: 342 bytes leftover after parsing attributes in process `syz.3.852'.
[  384.402552][ T9722] ima: policy update failed
[  384.423563][   T30] audit: type=1802 audit(1782555934.511:34): pid=9722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.853" res=0 errno=0
[  385.656406][ T9759] netlink: 28 bytes leftover after parsing attributes in process `syz.2.859'.
[  385.814892][ T9751] usbip-vudc usbip-vudc.0: gadget not bound
[  386.113689][ T9760] netlink: 342 bytes leftover after parsing attributes in process `syz.2.859'.

syzkaller
syzkaller login: [  389.668910][ T9793] kexec: Could not allocate control_code_buffer
[  393.914836][   T14] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.242753][ T9883] kexec: Could not allocate control_code_buffer
[  396.172591][ T9917] WARNING! power/level is deprecated; use power/control instead
[  399.061928][ T9949] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  399.125662][ T9949] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  399.184006][ T9949] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  399.262840][ T9949] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  400.678498][ T9946] Process accounting resumed
[  400.718422][ T9961] kexec: Could not allocate control_code_buffer
[  401.006312][ T5635] Bluetooth: hci1: command 0x0406 tx timeout
[  401.166128][ T5635] Bluetooth: hci0: command 0x0406 tx timeout
[  401.246272][ T5635] Bluetooth: hci2: command 0x0406 tx timeout
[  401.326568][ T5635] Bluetooth: hci3: command 0x0406 tx timeout
[  402.205361][T10000] netlink: 28 bytes leftover after parsing attributes in process `syz.1.914'.
[  403.106442][T10012] FAULT_INJECTION: forcing a failure.
[  403.106442][T10012] name failslab, interval 1, probability 0, space 0, times 0
[  403.272172][T10012] CPU: 0 UID: 0 PID: 10012 Comm: syz.1.918 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  403.272219][T10012] Tainted: [L]=SOFTLOCKUP
[  403.272228][T10012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  403.272243][T10012] Call Trace:
[  403.272251][T10012]  <TASK>
[  403.272260][T10012]  dump_stack_lvl+0x100/0x190
[  403.272295][T10012]  should_fail_ex.cold+0x5/0xa
[  403.272327][T10012]  should_failslab+0xc2/0x120
[  403.272369][T10012]  __kmalloc_node_track_caller_noprof+0xf9/0x830
[  403.272404][T10012]  ? x509_get_sig_params+0xf5/0x6c0
[  403.272568][T10012]  kmemdup_noprof+0x29/0x60
[  403.272605][T10012]  x509_get_sig_params+0xf5/0x6c0
[  403.272643][T10012]  ? __asan_memcpy+0x3c/0x60
[  403.272672][T10012]  x509_cert_parse+0x4e9/0x910
[  403.272705][T10012]  ? ___sys_sendmsg+0x190/0x1e0
[  403.272799][T10012]  ? __sys_sendmsg+0x160/0x210
[  403.272825][T10012]  ? do_syscall_64+0x115/0x840
[  403.272849][T10012]  pkcs7_extract_cert+0xa4/0x380
[  403.272893][T10012]  asn1_ber_decoder+0x12b3/0x2170
[  403.272984][T10012]  ? __pfx_asn1_ber_decoder+0x10/0x10
[  403.273030][T10012]  ? kasan_save_track+0x14/0x30
[  403.273061][T10012]  ? __kasan_kmalloc+0xaa/0xb0
[  403.273097][T10012]  ? __kmalloc_cache_noprof+0x2e5/0x6c0
[  403.273123][T10012]  ? pkcs7_parse_message+0x15f/0x870
[  403.273166][T10012]  pkcs7_parse_message+0x289/0x870
[  403.273216][T10012]  verify_pkcs7_signature+0x30/0xa0
[  403.273247][T10012]  valid_regdb+0x211/0x590
[  403.273331][T10012]  ? __pfx_valid_regdb+0x10/0x10
[  403.273359][T10012]  ? __kasan_kmalloc+0xaa/0xb0
[  403.273396][T10012]  reg_reload_regdb+0x11a/0x460
[  403.273430][T10012]  ? __pfx_reg_reload_regdb+0x10/0x10
[  403.273466][T10012]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  403.273518][T10012]  ? nl80211_pre_doit+0x19a/0xae0
[  403.273545][T10012]  genl_family_rcv_msg_doit+0x214/0x300
[  403.273606][T10012]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  403.273632][T10012]  ? genl_get_cmd+0x3e7/0x760
[  403.273662][T10012]  ? bpf_lsm_capable+0x9/0x10
[  403.273695][T10012]  ? security_capable+0x80/0x260
[  403.273798][T10012]  genl_rcv_msg+0x560/0x800
[  403.273827][T10012]  ? __pfx_genl_rcv_msg+0x10/0x10
[  403.273853][T10012]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  403.273876][T10012]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  403.273950][T10012]  ? __pfx_nl80211_post_doit+0x10/0x10
[  403.273985][T10012]  netlink_rcv_skb+0x159/0x420
[  403.274054][T10012]  ? __pfx_genl_rcv_msg+0x10/0x10
[  403.274082][T10012]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  403.274132][T10012]  ? netlink_deliver_tap+0x1ae/0xcc0
[  403.274172][T10012]  genl_rcv+0x28/0x40
[  403.274200][T10012]  netlink_unicast+0x585/0x850
[  403.274242][T10012]  ? __pfx_netlink_unicast+0x10/0x10
[  403.274290][T10012]  netlink_sendmsg+0x8b0/0xda0
[  403.274333][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  403.274376][T10012]  ? apparmor_socket_sendmsg+0x15b/0x270
[  403.274405][T10012]  ____sys_sendmsg+0xa4d/0xbe0
[  403.274439][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  403.274480][T10012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  403.274530][T10012]  ___sys_sendmsg+0x190/0x1e0
[  403.274568][T10012]  ? __pfx____sys_sendmsg+0x10/0x10
[  403.274604][T10012]  ? __lock_acquire+0x49f/0x1a40
[  403.274670][T10012]  __sys_sendmsg+0x160/0x210
[  403.274700][T10012]  ? __pfx___sys_sendmsg+0x10/0x10
[  403.274746][T10012]  do_syscall_64+0x115/0x840
[  403.274767][T10012]  ? clear_bhb_loop+0x40/0x90
[  403.274797][T10012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.274822][T10012] RIP: 0033:0x7f99dbf9ce59
[  403.274842][T10012] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  403.274866][T10012] RSP: 002b:00007f99dced0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  403.274889][T10012] RAX: ffffffffffffffda RBX: 00007f99dc216090 RCX: 00007f99dbf9ce59
[  403.274905][T10012] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[  403.274920][T10012] RBP: 00007f99dc032e6f R08: 0000000000000000 R09: 0000000000000000
[  403.274935][T10012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  403.274949][T10012] R13: 00007f99dc216128 R14: 00007f99dc216090 R15: 00007ffcad0dda18
[  403.274980][T10012]  </TASK>
[  407.405560][T10080] netlink: 28 bytes leftover after parsing attributes in process `syz.1.931'.
[  409.552498][T10112] netlink: 12 bytes leftover after parsing attributes in process `syz.1.940'.
[  409.600972][T10114] netlink: 12 bytes leftover after parsing attributes in process `syz.0.941'.
[  412.989173][T10145] kexec: Could not allocate control_code_buffer
[  413.380353][T10170] vivid-007: =================  START STATUS  =================
[  413.422556][T10170] vivid-007: Generate PTS: true
[  413.475452][T10170] vivid-007: Generate SCR: true
[  413.536655][T10170] tpg source WxH: 320x240 (Y'CbCr)
[  413.593883][T10170] tpg field: 1
[  413.683404][T10170] tpg crop: (0,0)/320x240
[  413.775298][T10170] tpg compose: (0,0)/320x240
[  413.849805][T10170] tpg colorspace: 8
[  413.927720][T10170] tpg transfer function: 0/0
[  413.981585][T10170] tpg Y'CbCr encoding: 0/0
[  414.039170][T10170] tpg quantization: 0/0
[  414.082133][T10170] tpg RGB range: 0/2
[  414.113716][T10170] vivid-007: ==================  END STATUS  ==================
[  415.074714][T10195] netlink: 186 bytes leftover after parsing attributes in process `syz.3.960'.
[  415.100577][T10197] netlink: 28 bytes leftover after parsing attributes in process `syz.0.959'.
[  415.377185][T10200] netlink: 12 bytes leftover after parsing attributes in process `syz.3.961'.
[  415.388331][T10171] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  416.199480][T10188] ima: policy update failed
[  416.225540][   T30] audit: type=1802 audit(1782555966.311:35): pid=10188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.958" res=0 errno=0
[  416.311577][T10221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.965'.
[  418.862654][T10261] netlink: 12 bytes leftover after parsing attributes in process `syz.2.975'.
[  419.381312][T10269] netlink: 28 bytes leftover after parsing attributes in process `syz.2.976'.
[  420.490004][T10258] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  420.529669][T10258] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  420.571487][T10258] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  420.604423][T10258] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  421.406194][ T5635] Bluetooth: hci1: command 0x0406 tx timeout
[  422.139976][T10300] FAULT_INJECTION: forcing a failure.
[  422.139976][T10300] name failslab, interval 1, probability 0, space 0, times 0
[  422.303623][T10300] CPU: 0 UID: 0 PID: 10300 Comm: syz.0.983 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  422.303661][T10300] Tainted: [L]=SOFTLOCKUP
[  422.303672][T10300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  422.303686][T10300] Call Trace:
[  422.303694][T10300]  <TASK>
[  422.303702][T10300]  dump_stack_lvl+0x100/0x190
[  422.303737][T10300]  should_fail_ex.cold+0x5/0xa
[  422.303767][T10300]  should_failslab+0xc2/0x120
[  422.303801][T10300]  kmem_cache_alloc_noprof+0x91/0x6a0
[  422.303831][T10300]  ? __lock_acquire+0x49f/0x1a40
[  422.303852][T10300]  ? vm_area_dup+0x27/0x8e0
[  422.303879][T10300]  vm_area_dup+0x27/0x8e0
[  422.303904][T10300]  __split_vma+0x18c/0xda0
[  422.303929][T10300]  ? page_table_check_set+0x477/0x920
[  422.303962][T10300]  ? __pfx___split_vma+0x10/0x10
[  422.304001][T10300]  vma_modify+0x12ad/0x25c0
[  422.304036][T10300]  ? __pfx_vma_modify+0x10/0x10
[  422.304078][T10300]  vma_modify_flags+0x257/0x3d0
[  422.304105][T10300]  ? __pfx_vma_modify_flags+0x10/0x10
[  422.304129][T10300]  ? __lock_acquire+0x49f/0x1a40
[  422.304163][T10300]  ? __pfx_ima_file_mprotect+0x10/0x10
[  422.304276][T10300]  ? aa_file_perm+0x7e4/0x14d0
[  422.304310][T10300]  ? aa_file_perm+0x7e4/0x14d0
[  422.304348][T10300]  mprotect_fixup+0x27a/0xe30
[  422.304378][T10300]  ? __pfx_mprotect_fixup+0x10/0x10
[  422.304427][T10300]  do_mprotect_pkey+0xa4b/0xef0
[  422.304460][T10300]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  422.304483][T10300]  ? ksys_write+0x190/0x250
[  422.304515][T10300]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  422.304601][T10300]  ? __fget_files+0x21f/0x3d0
[  422.304633][T10300]  ? __pfx_ksys_write+0x10/0x10
[  422.304661][T10300]  __x64_sys_mprotect+0x78/0xc0
[  422.304684][T10300]  ? lockdep_hardirqs_on+0x78/0x100
[  422.304721][T10300]  do_syscall_64+0x115/0x840
[  422.304741][T10300]  ? clear_bhb_loop+0x40/0x90
[  422.304770][T10300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.304794][T10300] RIP: 0033:0x7fc5ead9ce59
[  422.304813][T10300] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  422.304836][T10300] RSP: 002b:00007fc5ebc5a028 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  422.304858][T10300] RAX: ffffffffffffffda RBX: 00007fc5eb016180 RCX: 00007fc5ead9ce59
[  422.304874][T10300] RDX: 0000000000000006 RSI: 0000000000806121 RDI: 0000000000000000
[  422.304888][T10300] RBP: 00007fc5ebc5a090 R08: 0000000000000000 R09: 0000000000000000
[  422.304902][T10300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  422.304915][T10300] R13: 00007fc5eb016218 R14: 00007fc5eb016180 R15: 00007fff61f6aa28
[  422.304945][T10300]  </TASK>
[  422.973731][ T5635] Bluetooth: hci3: command 0x0406 tx timeout
[  422.980831][ T5635] Bluetooth: hci2: command 0x0406 tx timeout
[  422.990521][ T5635] Bluetooth: hci0: command 0x0406 tx timeout
[  423.248668][T10312] FAULT_INJECTION: forcing a failure.
[  423.248668][T10312] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  423.278368][T10312] CPU: 0 UID: 0 PID: 10312 Comm: syz.0.986 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  423.278406][T10312] Tainted: [L]=SOFTLOCKUP
[  423.278414][T10312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  423.278427][T10312] Call Trace:
[  423.278434][T10312]  <TASK>
[  423.278443][T10312]  dump_stack_lvl+0x100/0x190
[  423.278481][T10312]  should_fail_ex.cold+0x5/0xa
[  423.278511][T10312]  _copy_from_user+0x2e/0xd0
[  423.278547][T10312]  generic_map_update_batch+0x4bb/0x800
[  423.278616][T10312]  ? __pfx_generic_map_update_batch+0x10/0x10
[  423.278647][T10312]  ? __pfx_generic_map_update_batch+0x10/0x10
[  423.278673][T10312]  bpf_map_do_batch+0x66f/0x6d0
[  423.278715][T10312]  __sys_bpf+0x4ce/0x4e80
[  423.278749][T10312]  ? __pfx___sys_bpf+0x10/0x10
[  423.278773][T10312]  ? find_held_lock+0x2b/0x80
[  423.278804][T10312]  ? get_pid_task+0xfc/0x250
[  423.278841][T10312]  ? get_pid_task+0xfc/0x250
[  423.278880][T10312]  ? find_held_lock+0x2b/0x80
[  423.278915][T10312]  ? rcu_read_lock_any_held+0x6a/0xa0
[  423.278947][T10312]  ? find_held_lock+0x2b/0x80
[  423.278975][T10312]  ? ksys_write+0x190/0x250
[  423.278997][T10312]  ? ksys_write+0x190/0x250
[  423.279037][T10312]  ? fput+0x79/0x100
[  423.279069][T10312]  ? __x64_sys_bpf+0xce/0x140
[  423.279122][T10312]  __x64_sys_bpf+0xce/0x140
[  423.279156][T10312]  ? do_syscall_64+0x90/0x840
[  423.279179][T10312]  do_syscall_64+0x115/0x840
[  423.279199][T10312]  ? clear_bhb_loop+0x40/0x90
[  423.279228][T10312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  423.279252][T10312] RIP: 0033:0x7fc5ead9ce59
[  423.279271][T10312] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  423.279293][T10312] RSP: 002b:00007fc5ebc5a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  423.279316][T10312] RAX: ffffffffffffffda RBX: 00007fc5eb016180 RCX: 00007fc5ead9ce59
[  423.279331][T10312] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001a
[  423.279345][T10312] RBP: 00007fc5ebc5a090 R08: 0000000000000000 R09: 0000000000000000
[  423.279359][T10312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  423.279375][T10312] R13: 00007fc5eb016218 R14: 00007fc5eb016180 R15: 00007fff61f6aa28
[  423.279405][T10312]  </TASK>
[  425.674000][T10317] ima: policy update failed
[  425.699501][   T30] audit: type=1802 audit(1782555975.791:36): pid=10317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.988" res=0 errno=0
[  425.984706][T10345] smc: net device dummy0 applied user defined pnetid DUMMY0
[  427.640732][T10350] kexec: Could not allocate control_code_buffer
[  428.040214][T10377] netlink: 28 bytes leftover after parsing attributes in process `syz.3.999'.
[  429.301897][T10396] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1006'.
[  429.381069][T10396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1006'.
[  430.423631][T10413] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1009'.
[  430.457997][T10405] hub 1-0:1.0: USB hub found
[  430.494058][T10388] ima: policy update failed
[  430.522085][T10405] hub 1-0:1.0: 1 port detected
[  430.533348][   T30] audit: type=1802 audit(1782555980.621:37): pid=10388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1004" res=0 errno=0
[  430.824002][T10417] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1010'.
[  431.965018][T10415] Process accounting paused
[  432.289570][T10425] kexec: Could not allocate control_code_buffer
[  438.843034][T10521] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1033'.
[  440.213536][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  440.221477][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  440.357066][T10545] FAULT_INJECTION: forcing a failure.
[  440.357066][T10545] name failslab, interval 1, probability 0, space 0, times 0
[  440.494823][T10545] CPU: 0 UID: 0 PID: 10545 Comm: syz.2.1038 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  440.494862][T10545] Tainted: [L]=SOFTLOCKUP
[  440.494871][T10545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  440.494886][T10545] Call Trace:
[  440.494894][T10545]  <TASK>
[  440.494903][T10545]  dump_stack_lvl+0x100/0x190
[  440.494942][T10545]  should_fail_ex.cold+0x5/0xa
[  440.494974][T10545]  should_failslab+0xc2/0x120
[  440.495010][T10545]  __kmalloc_cache_noprof+0x91/0x6c0
[  440.495036][T10545]  ? proc_self_get_link+0x189/0x1f0
[  440.495085][T10545]  proc_self_get_link+0x189/0x1f0
[  440.495123][T10545]  pick_link+0xac2/0x13c0
[  440.495159][T10545]  ? __pfx_proc_self_get_link+0x10/0x10
[  440.495200][T10545]  step_into_slowpath+0x9ba/0xf90
[  440.495243][T10545]  ? __pfx_step_into_slowpath+0x10/0x10
[  440.495285][T10545]  ? lookup_fast+0x2da/0x600
[  440.495318][T10545]  ? inode_permission+0x374/0x620
[  440.495355][T10545]  link_path_walk+0xf28/0x1cc0
[  440.495402][T10545]  path_openat+0x1c9/0x4280
[  440.495426][T10545]  ? __kasan_slab_alloc+0x89/0x90
[  440.495457][T10545]  ? kmem_cache_alloc_noprof+0x26b/0x6a0
[  440.495486][T10545]  ? do_getname+0x35/0x390
[  440.495515][T10545]  ? __x64_sys_openat+0x12d/0x210
[  440.495558][T10545]  ? __pfx_path_openat+0x10/0x10
[  440.495591][T10545]  do_file_open+0x20e/0x430
[  440.495619][T10545]  ? __pfx_do_file_open+0x10/0x10
[  440.495664][T10545]  ? alloc_fd+0x471/0x7a0
[  440.495691][T10545]  ? do_getname+0x191/0x390
[  440.495724][T10545]  do_sys_openat2+0x10f/0x1e0
[  440.495757][T10545]  ? __pfx_do_sys_openat2+0x10/0x10
[  440.495791][T10545]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  440.495841][T10545]  __x64_sys_openat+0x12d/0x210
[  440.495875][T10545]  ? __pfx___x64_sys_openat+0x10/0x10
[  440.495920][T10545]  do_syscall_64+0x115/0x840
[  440.495941][T10545]  ? clear_bhb_loop+0x40/0x90
[  440.495970][T10545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  440.495996][T10545] RIP: 0033:0x7f54bdb9ce59
[  440.496015][T10545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  440.496044][T10545] RSP: 002b:00007f54beb1c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  440.496068][T10545] RAX: ffffffffffffffda RBX: 00007f54bde16090 RCX: 00007f54bdb9ce59
[  440.496084][T10545] RDX: 0000000000000401 RSI: 0000200000001640 RDI: ffffffffffffff9c
[  440.496099][T10545] RBP: 00007f54bdc32e6f R08: 0000000000000000 R09: 0000000000000000
[  440.496113][T10545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  440.496127][T10545] R13: 00007f54bde16128 R14: 00007f54bde16090 R15: 00007ffeb158a098
[  440.496158][T10545]  </TASK>
[  445.465199][T10614] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'.
[  446.474082][T10636] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1060'.
[  448.167414][T10630] kexec: Could not allocate control_code_buffer
[  450.026849][T10685] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1069'.
[  451.144798][T10680] ima: policy update failed
[  451.162593][   T30] audit: type=1802 audit(1782556001.251:38): pid=10680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1068" res=0 errno=0
[  453.303412][T10723] ima: policy update failed
[  453.303710][   T30] audit: type=1802 audit(1782556003.391:39): pid=10723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1077" res=0 errno=0
[  454.574280][T10750] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1082'.
[  456.114311][T10748] kexec: Could not allocate control_code_buffer
[  457.375556][T10787] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1091'.
[  457.535315][T10775] ima: policy update failed
[  457.559052][   T30] audit: type=1802 audit(1782556007.641:40): pid=10775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1089" res=0 errno=0
[  457.624603][T10792] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1092'.
[  459.634641][T10814] FAULT_INJECTION: forcing a failure.
[  459.634641][T10814] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  459.731022][T10814] CPU: 0 UID: 0 PID: 10814 Comm: syz.3.1097 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  459.731061][T10814] Tainted: [L]=SOFTLOCKUP
[  459.731068][T10814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  459.731082][T10814] Call Trace:
[  459.731090][T10814]  <TASK>
[  459.731098][T10814]  dump_stack_lvl+0x100/0x190
[  459.731135][T10814]  should_fail_ex.cold+0x5/0xa
[  459.731166][T10814]  _copy_from_user+0x2e/0xd0
[  459.731204][T10814]  cec_ioctl+0x34d/0x29b0
[  459.731356][T10814]  ? __pfx_cec_ioctl+0x10/0x10
[  459.731382][T10814]  ? tomoyo_path_number_perm+0x188/0x580
[  459.731454][T10814]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  459.731492][T10814]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  459.731546][T10814]  ? do_vfs_ioctl+0x226/0x13e0
[  459.731582][T10814]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  459.731623][T10814]  ? find_held_lock+0x2b/0x80
[  459.731654][T10814]  ? __fget_files+0x215/0x3d0
[  459.731675][T10814]  ? hook_file_ioctl_common+0x140/0x440
[  459.731729][T10814]  ? __fget_files+0x21f/0x3d0
[  459.731754][T10814]  ? __pfx_cec_ioctl+0x10/0x10
[  459.731783][T10814]  __x64_sys_ioctl+0x18e/0x210
[  459.731819][T10814]  do_syscall_64+0x115/0x840
[  459.731842][T10814]  ? clear_bhb_loop+0x40/0x90
[  459.731871][T10814]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  459.731896][T10814] RIP: 0033:0x7fef82d9ce59
[  459.731915][T10814] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  459.731938][T10814] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  459.731961][T10814] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  459.731976][T10814] RDX: 00002000000003c0 RSI: 0000000040046109 RDI: 0000000000000003
[  459.731990][T10814] RBP: 00007fef80ff6090 R08: 0000000000000000 R09: 0000000000000000
[  459.732004][T10814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  459.732018][T10814] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  459.732047][T10814]  </TASK>
[  460.420335][T10817] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1098'.
[  462.086748][T10809] Process accounting resumed
[  462.925947][T10804] kexec: Could not allocate control_code_buffer
[  463.205251][T10842] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1103'.
[  463.509256][T10830] ima: policy update failed
[  463.527890][   T30] audit: type=1802 audit(1782556013.621:41): pid=10830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1101" res=0 errno=0
[  466.517190][T10870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1110'.
[  469.032052][T10911] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1119'.
[  472.509904][T10931] kexec: Could not allocate control_code_buffer
[  474.662725][T10961] ima: policy update failed
[  474.725580][   T30] audit: type=1802 audit(1782556024.811:42): pid=10961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1131" res=0 errno=0
[  474.912278][T10966] kexec: Could not allocate control_code_buffer
[  479.024239][T11014] kexec: Could not allocate control_code_buffer
[  480.044736][T11024] ima: policy update failed
[  480.099480][   T30] audit: type=1802 audit(1782556030.191:43): pid=11024 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1146" res=0 errno=0
[  480.201035][T11041] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1149'.
[  480.230999][T11042] random: crng reseeded on system resumption
[  484.693371][T11084] kexec: Could not allocate control_code_buffer
[  485.287474][T11098] ima: policy update failed
[  485.298274][   T30] audit: type=1802 audit(1782556035.391:44): pid=11098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1161" res=0 errno=0
[  486.119400][T11123] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1167'.
[  486.197498][ T5630] Bluetooth: hci0: Malformed HCI Event
[  486.972139][T11140] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1169'.
[  488.095393][T11159] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1174'.
[  488.512307][T11168] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1177'.
[  488.593070][T11172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1176'.
[  488.826906][T11174] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1178'.
[  488.957622][T11177] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1179'.
[  491.336206][T11216] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1188'.
[  492.765550][T11224] Process accounting paused
[  493.373498][T11204] Process accounting resumed
[  494.118206][T11260] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1198'.
[  496.268067][T11274] ima: policy update failed
[  496.314424][   T30] audit: type=1802 audit(1782556046.401:45): pid=11274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1203" res=0 errno=0
[  496.553107][T11297] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1208'.
[  498.701411][ T5630] Bluetooth: hci1: unexpected event 0x02 length: 1021 > 260
[  499.345650][T11348] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1216'.
[  499.582722][T11350] FAULT_INJECTION: forcing a failure.
[  499.582722][T11350] name failslab, interval 1, probability 0, space 0, times 0
[  499.643654][T11350] CPU: 0 UID: 0 PID: 11350 Comm: syz.3.1217 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  499.643691][T11350] Tainted: [L]=SOFTLOCKUP
[  499.643699][T11350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  499.643713][T11350] Call Trace:
[  499.643720][T11350]  <TASK>
[  499.643729][T11350]  dump_stack_lvl+0x100/0x190
[  499.643763][T11350]  should_fail_ex.cold+0x5/0xa
[  499.643793][T11350]  should_failslab+0xc2/0x120
[  499.643828][T11350]  __kmalloc_noprof+0xfc/0x820
[  499.643857][T11350]  ? rcu_is_watching+0x12/0xc0
[  499.643887][T11350]  ? tomoyo_realpath_from_path+0xb6/0x690
[  499.643929][T11350]  tomoyo_realpath_from_path+0xb6/0x690
[  499.643970][T11350]  tomoyo_path_number_perm+0x23c/0x580
[  499.643998][T11350]  ? tomoyo_path_number_perm+0x22e/0x580
[  499.644029][T11350]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  499.644086][T11350]  ? find_held_lock+0x2b/0x80
[  499.644116][T11350]  ? __fget_files+0x215/0x3d0
[  499.644142][T11350]  ? hook_file_ioctl_common+0x140/0x440
[  499.644171][T11350]  ? __fget_files+0x215/0x3d0
[  499.644197][T11350]  ? __fget_files+0x21f/0x3d0
[  499.644224][T11350]  security_file_ioctl+0xd3/0x230
[  499.644353][T11350]  __x64_sys_ioctl+0xb7/0x210
[  499.644389][T11350]  do_syscall_64+0x115/0x840
[  499.644410][T11350]  ? clear_bhb_loop+0x40/0x90
[  499.644438][T11350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.644462][T11350] RIP: 0033:0x7fef82d9ce59
[  499.644481][T11350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  499.644505][T11350] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  499.644527][T11350] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  499.644542][T11350] RDX: 0000000000000000 RSI: 0000000000005425 RDI: 0000000000000003
[  499.644556][T11350] RBP: 00007fef80ff6090 R08: 0000000000000000 R09: 0000000000000000
[  499.644570][T11350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.644584][T11350] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  499.644613][T11350]  </TASK>
[  499.644623][T11350] ERROR: Out of memory at tomoyo_realpath_from_path.
[  501.647162][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  501.681458][T11376] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1223'.
[  501.692145][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  504.373888][T11389] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1226'.
[  507.257076][T11410] FAULT_INJECTION: forcing a failure.
[  507.257076][T11410] name failslab, interval 1, probability 0, space 0, times 0
[  507.304929][T11410] CPU: 0 UID: 0 PID: 11410 Comm: syz.3.1230 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  507.304969][T11410] Tainted: [L]=SOFTLOCKUP
[  507.304977][T11410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  507.304992][T11410] Call Trace:
[  507.305000][T11410]  <TASK>
[  507.305009][T11410]  dump_stack_lvl+0x100/0x190
[  507.305045][T11410]  should_fail_ex.cold+0x5/0xa
[  507.305077][T11410]  should_failslab+0xc2/0x120
[  507.305112][T11410]  __kmalloc_noprof+0xfc/0x820
[  507.305143][T11410]  ? security_inode_init_security+0x113/0x370
[  507.305189][T11410]  security_inode_init_security+0x113/0x370
[  507.305229][T11410]  ? __pfx_shmem_initxattrs+0x10/0x10
[  507.305265][T11410]  ? __pfx_security_inode_init_security+0x10/0x10
[  507.305306][T11410]  ? __pfx_make_vfsuid+0x10/0x10
[  507.305347][T11410]  shmem_symlink+0x163/0xa00
[  507.305375][T11410]  ? generic_permission+0xae/0x800
[  507.305413][T11410]  ? __pfx_shmem_symlink+0x10/0x10
[  507.305440][T11410]  ? security_inode_permission+0xbf/0x250
[  507.305540][T11410]  ? inode_permission+0x374/0x620
[  507.305572][T11410]  ? tomoyo_path_symlink+0x97/0xe0
[  507.305618][T11410]  vfs_symlink+0x178/0x4d0
[  507.305655][T11410]  filename_symlinkat+0x2a6/0x560
[  507.305688][T11410]  ? __pfx_filename_symlinkat+0x10/0x10
[  507.305717][T11410]  ? strncpy_from_user+0x19d/0x2d0
[  507.305754][T11410]  ? do_getname+0x191/0x390
[  507.305787][T11410]  __x64_sys_symlink+0x79/0xb0
[  507.305816][T11410]  do_syscall_64+0x115/0x840
[  507.305839][T11410]  ? clear_bhb_loop+0x40/0x90
[  507.305868][T11410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.305893][T11410] RIP: 0033:0x7fef82d9ce59
[  507.305916][T11410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  507.305940][T11410] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  507.305964][T11410] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  507.305980][T11410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000140
[  507.305995][T11410] RBP: 00007fef82e32e6f R08: 0000000000000000 R09: 0000000000000000
[  507.306009][T11410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.306024][T11410] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  507.306054][T11410]  </TASK>
[  507.813534][T11360] ima: policy update failed
[  507.941767][   T30] audit: type=1802 audit(1782556057.941:46): pid=11360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1219" res=0 errno=0
[  508.059099][T11384] Process accounting resumed
[  508.568941][T11419] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1232'.
[  508.904251][T11428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1235'.
[  509.837783][T11444] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1239'.
[  510.307618][T11449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1241'.
[  510.639696][T11453] =======================================================
[  510.639696][T11453] WARNING: The mand mount option has been deprecated and
[  510.639696][T11453]          and is ignored by this kernel. Remove the mand
[  510.639696][T11453]          option from the mount to silence this warning.
[  510.639696][T11453] =======================================================
[  511.090420][T11465] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1242'.
[  511.851692][T11465] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  511.909821][T11465] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  511.958614][T11465] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  514.105656][T11450] ima: policy update failed
[  514.134561][T11496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1249'.
[  514.247156][   T30] audit: type=1802 audit(1782556064.341:47): pid=11450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1240" res=0 errno=0
[  517.879882][T11517] kexec: Could not allocate control_code_buffer
[  518.306362][T11532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1257'.
[  518.796349][T11536] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1258'.
[  519.736501][T11553] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1262'.
[  523.267275][T11567] Process accounting resumed
[  523.702509][T11527] Process accounting paused
[  526.125632][T11620] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1276'.
[  528.112752][T11638] kexec: Could not allocate control_code_buffer
[  528.379958][T11659] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1280'.
[  530.830231][T11674] kexec: Could not allocate control_code_buffer
[  531.148658][T11697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1290'.
[  531.530616][T11702] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1294'.
[  533.643161][T11736] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1300'.
[  535.177670][T11738] kexec: Could not allocate control_code_buffer
[  535.308825][T11757] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1304'.
[  535.331008][T11764] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1306'.
[  535.529030][T11770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1307'.
[  535.572757][T11770] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  535.600681][T11770] batman_adv: batadv0: Removing interface: batadv_slave_0
[  535.630383][T11770] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  535.653827][T11770] batman_adv: batadv0: Removing interface: batadv_slave_1
[  537.171735][T11787] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1311'.
[  537.944099][T11795] random: crng reseeded on system resumption
[  539.303514][T11797] Process accounting paused
[  541.372888][T11850] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input45
[  544.197727][T11895] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1333'.
[  544.365853][T11898] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1333'.
[  547.861437][T11936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1343'.
[  552.254443][T12005] netlink: 'syz.3.1355': attribute type 1 has an invalid length.
[  552.488157][T11993] kexec: Could not allocate control_code_buffer
[  554.261204][T12014] Process accounting resumed
[  554.651595][T12019] Process accounting paused
[  556.940436][T12066] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1368'.
[  557.321501][T12051] kexec: Could not allocate control_code_buffer
[  557.733125][T12082] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1372'.
[  559.111899][T12104] kernel read not supported for file /�D� (pid: 12104 comm: syz.0.1376)
[  559.194461][   T30] audit: type=1800 audit(1782556109.281:48): pid=12104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1376" name=12E644089E dev="mqueue" ino=50360 res=0 errno=0
[  560.064184][T12114] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1380'.
[  562.782762][T12157] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1391'.
[  563.092869][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  563.099305][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  564.217300][T12179] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1396'.
[  564.373372][T12184] FAULT_INJECTION: forcing a failure.
[  564.373372][T12184] name failslab, interval 1, probability 0, space 0, times 0
[  564.452162][T12184] CPU: 0 UID: 0 PID: 12184 Comm: syz.3.1397 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  564.452199][T12184] Tainted: [L]=SOFTLOCKUP
[  564.452207][T12184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  564.452221][T12184] Call Trace:
[  564.452228][T12184]  <TASK>
[  564.452236][T12184]  dump_stack_lvl+0x100/0x190
[  564.452272][T12184]  should_fail_ex.cold+0x5/0xa
[  564.452303][T12184]  should_failslab+0xc2/0x120
[  564.452336][T12184]  kmem_cache_alloc_lru_noprof+0x8d/0x6a0
[  564.452367][T12184]  ? find_held_lock+0x2b/0x80
[  564.452399][T12184]  ? alloc_inode+0x183/0x250
[  564.452434][T12184]  alloc_inode+0x183/0x250
[  564.452466][T12184]  path_from_stashed+0x25b/0x750
[  564.452499][T12184]  open_namespace+0x93/0x1c0
[  564.452525][T12184]  ? __pfx_open_namespace+0x10/0x10
[  564.452567][T12184]  ns_ioctl+0x178/0xf80
[  564.452593][T12184]  ? __pfx_ns_ioctl+0x10/0x10
[  564.452619][T12184]  ? __fget_files+0x21f/0x3d0
[  564.452644][T12184]  ? __pfx_ns_ioctl+0x10/0x10
[  564.452671][T12184]  __x64_sys_ioctl+0x18e/0x210
[  564.452708][T12184]  do_syscall_64+0x115/0x840
[  564.452730][T12184]  ? clear_bhb_loop+0x40/0x90
[  564.452758][T12184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.452782][T12184] RIP: 0033:0x7fef82d9ce59
[  564.452801][T12184] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  564.452825][T12184] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  564.452846][T12184] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  564.452862][T12184] RDX: 0000000000000000 RSI: 000000000000b701 RDI: 0000000000000004
[  564.452876][T12184] RBP: 00007fef80ff6090 R08: 0000000000000000 R09: 0000000000000000
[  564.452890][T12184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  564.452903][T12184] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  564.452933][T12184]  </TASK>
[  565.060872][T12188] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1398'.
[  565.710888][T12202] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1401'.
[  567.438882][T12208] kexec: Could not allocate control_code_buffer
[  567.957744][T12234] zero sized request
[  568.341784][T12237] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1411'.
[  569.214719][T12254] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1416'.
[  570.337480][T12240] Process accounting resumed
[  573.003043][T12283] kexec: Could not allocate control_code_buffer
[  573.065132][T12299] netlink: 'syz.3.1425': attribute type 1 has an invalid length.
[  573.098880][T12299] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1425'.
[  573.705398][T12316] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1430'.
[  574.749278][T12336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1435'.
[  574.815374][T12338] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1436'.
[  575.407159][T12323] kexec: Could not allocate control_code_buffer
[  575.843427][T12358] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1441'.
[  576.043120][T12363] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1442'.
[  581.413804][T12434] FAULT_INJECTION: forcing a failure.
[  581.413804][T12434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.476878][T12434] CPU: 0 UID: 0 PID: 12434 Comm: syz.2.1457 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  581.476915][T12434] Tainted: [L]=SOFTLOCKUP
[  581.476923][T12434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  581.476937][T12434] Call Trace:
[  581.476944][T12434]  <TASK>
[  581.476952][T12434]  dump_stack_lvl+0x100/0x190
[  581.476989][T12434]  should_fail_ex.cold+0x5/0xa
[  581.477021][T12434]  _copy_to_user+0x32/0xd0
[  581.477067][T12434]  simple_read_from_buffer+0xcb/0x170
[  581.477110][T12434]  proc_fail_nth_read+0x1af/0x230
[  581.477144][T12434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  581.477178][T12434]  ? rw_verify_area+0xce/0x6d0
[  581.477212][T12434]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  581.477244][T12434]  vfs_read+0x1e4/0xb40
[  581.477269][T12434]  ? __pfx_vfs_read+0x10/0x10
[  581.477290][T12434]  ? __fget_files+0x215/0x3d0
[  581.477317][T12434]  ? __fget_files+0x21f/0x3d0
[  581.477347][T12434]  ksys_read+0x12a/0x250
[  581.477368][T12434]  ? __pfx_ksys_read+0x10/0x10
[  581.477398][T12434]  do_syscall_64+0x115/0x840
[  581.477420][T12434]  ? clear_bhb_loop+0x40/0x90
[  581.477450][T12434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.477474][T12434] RIP: 0033:0x7f54bdb5d68e
[  581.477492][T12434] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  581.477515][T12434] RSP: 002b:00007f54beb3cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  581.477537][T12434] RAX: ffffffffffffffda RBX: 00007f54beb3d6c0 RCX: 00007f54bdb5d68e
[  581.477552][T12434] RDX: 000000000000000f RSI: 00007f54beb3d0a0 RDI: 0000000000000005
[  581.477566][T12434] RBP: 00007f54beb3d090 R08: 0000000000000000 R09: 0000000000000000
[  581.477580][T12434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  581.477594][T12434] R13: 00007f54bde16038 R14: 00007f54bde15fa0 R15: 00007ffeb158a098
[  581.477624][T12434]  </TASK>
[  582.522220][T12449] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1462'.
[  582.819692][T12457] capability: warning: `syz.0.1464' uses 32-bit capabilities (legacy support in use)
[  582.883365][T12457] mmap: syz.0.1464 (12457) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  584.045630][T12459] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  584.073964][T12459] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  584.099443][T12459] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  584.126215][T12459] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  584.265534][T12459] Process accounting paused
[  584.881759][T12474] Process accounting resumed
[  585.886127][ T5630] Bluetooth: hci1: command 0x0406 tx timeout
[  586.120905][T12505] random: crng reseeded on system resumption
[  586.127599][ T5630] Bluetooth: hci2: command 0x0406 tx timeout
[  586.133683][ T5630] Bluetooth: hci0: command 0x0406 tx timeout
[  586.208505][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  587.564741][T12521] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1477'.
[  587.778008][T12524] usbip-vudc usbip-vudc.0: gadget not bound
[  588.157228][T12532] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1480'.
[  589.445756][T12541] Process accounting resumed
[  591.773285][T12587] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1492'.
[  593.517178][   T30] audit: type=1800 audit(1782556143.611:49): pid=12610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1499" name="dbroot" dev="configfs" ino=53846 res=0 errno=0
[  593.930319][T12613] usbcore.quirks: string doesn't fit in 127 chars.
[  595.353310][T12630] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1503'.
[  596.875901][T12654] __vm_enough_memory: pid: 12654, comm: syz.0.1510, bytes: 4398046457856 not enough memory for the allocation
[  597.008781][T12634] kexec: Could not allocate control_code_buffer
[  597.372984][T12661] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1512'.
[  597.757398][T12669] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1513'.
[  599.134340][T12659] kexec: Could not allocate control_code_buffer
[  599.539510][T12687] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1518'.
[  600.452000][T12691] Process accounting paused
[  600.555252][T12703] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1523'.
[  600.648678][T12705] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1524'.
[  600.662726][T12703] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1523'.
[  600.789428][T12707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1525'.
[  600.825668][T12695] kexec: Could not allocate control_code_buffer
[  600.832838][T12707] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1525'.
[  602.749247][T12717] kexec: Could not allocate control_code_buffer
[  603.989980][T12752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1536'.
[  604.307188][T12755] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1537'.
[  606.457910][T12789] FAULT_INJECTION: forcing a failure.
[  606.457910][T12789] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  606.531952][T12789] CPU: 0 UID: 0 PID: 12789 Comm: syz.2.1545 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  606.531996][T12789] Tainted: [L]=SOFTLOCKUP
[  606.532004][T12789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  606.532018][T12789] Call Trace:
[  606.532025][T12789]  <TASK>
[  606.532034][T12789]  dump_stack_lvl+0x100/0x190
[  606.532067][T12789]  should_fail_ex.cold+0x5/0xa
[  606.532098][T12789]  _copy_from_user+0x2e/0xd0
[  606.532134][T12789]  generic_map_update_batch+0x452/0x800
[  606.532171][T12789]  ? __pfx_generic_map_update_batch+0x10/0x10
[  606.532203][T12789]  ? __pfx_generic_map_update_batch+0x10/0x10
[  606.532229][T12789]  bpf_map_do_batch+0x66f/0x6d0
[  606.532268][T12789]  __sys_bpf+0x4ce/0x4e80
[  606.532301][T12789]  ? __pfx___sys_bpf+0x10/0x10
[  606.532326][T12789]  ? find_held_lock+0x2b/0x80
[  606.532358][T12789]  ? get_pid_task+0xfc/0x250
[  606.532388][T12789]  ? get_pid_task+0xfc/0x250
[  606.532428][T12789]  ? find_held_lock+0x2b/0x80
[  606.532464][T12789]  ? rcu_read_lock_any_held+0x6a/0xa0
[  606.532497][T12789]  ? find_held_lock+0x2b/0x80
[  606.532526][T12789]  ? ksys_write+0x190/0x250
[  606.532548][T12789]  ? ksys_write+0x190/0x250
[  606.532589][T12789]  ? fput+0x79/0x100
[  606.532621][T12789]  ? __x64_sys_bpf+0xce/0x140
[  606.532647][T12789]  __x64_sys_bpf+0xce/0x140
[  606.532674][T12789]  ? do_syscall_64+0x90/0x840
[  606.532697][T12789]  do_syscall_64+0x115/0x840
[  606.532717][T12789]  ? clear_bhb_loop+0x40/0x90
[  606.532746][T12789]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.532770][T12789] RIP: 0033:0x7f54bdb9ce59
[  606.532788][T12789] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  606.532815][T12789] RSP: 002b:00007f54beafb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  606.532837][T12789] RAX: ffffffffffffffda RBX: 00007f54bde16180 RCX: 00007f54bdb9ce59
[  606.532853][T12789] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001a
[  606.532867][T12789] RBP: 00007f54beafb090 R08: 0000000000000000 R09: 0000000000000000
[  606.532881][T12789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  606.532894][T12789] R13: 00007f54bde16218 R14: 00007f54bde16180 R15: 00007ffeb158a098
[  606.532924][T12789]  </TASK>
[  607.485312][T12797] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1547'.
[  608.259309][T12810] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1552'.
[  609.312013][T12820] hub 1-0:1.0: USB hub found
[  609.374598][T12820] hub 1-0:1.0: 1 port detected
[  610.860064][T12841] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1558'.
[  611.343507][T12845] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1560'.
[  611.434081][T12845] ipvlan1: entered promiscuous mode
[  611.470828][T12845] ipvlan1: entered allmulticast mode
[  611.515727][T12845] veth0_vlan: entered allmulticast mode
[  611.912562][T12859] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  612.114666][T12861] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1562'.
[  612.463262][T12868] : Can't lookup blockdev
[  612.819194][T12878] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  612.949879][T12882] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1568'.
[  613.324829][T12884] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1569'.
[  613.950969][T12871] kexec: Could not allocate control_code_buffer
[  614.222200][T12900] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1573'.
[  614.968264][T12911] binder_alloc: binder_alloc_mmap_handler: 12908 0-4001000 already mapped failed -16
[  615.016964][T12905] Process accounting paused
[  615.592267][T12922] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1578'.
[  616.686164][T12928] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  617.516516][T12949] usb usb3: usbfs: process 12949 (syz.2.1585) did not claim interface 0 before use
[  619.848318][T12973] Process accounting paused
[  623.300980][T13029] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1602'.
[  624.530111][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  624.537413][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  625.761455][T13062] __vm_enough_memory: pid: 13062, comm: syz.1.1610, bytes: 4398046457856 not enough memory for the allocation
[  628.600984][T13103] __vm_enough_memory: pid: 13103, comm: syz.1.1620, bytes: 4398046457856 not enough memory for the allocation
[  628.829661][T13110] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1621'.
[  629.705523][T13126] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  629.841358][T13128] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1627'.
[  630.111598][T13111] kexec: Could not allocate control_code_buffer
[  630.285476][T13137] FAULT_INJECTION: forcing a failure.
[  630.285476][T13137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  630.349473][T13137] CPU: 0 UID: 0 PID: 13137 Comm: syz.3.1629 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  630.349509][T13137] Tainted: [L]=SOFTLOCKUP
[  630.349518][T13137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  630.349531][T13137] Call Trace:
[  630.349540][T13137]  <TASK>
[  630.349551][T13137]  dump_stack_lvl+0x100/0x190
[  630.349588][T13137]  should_fail_ex.cold+0x5/0xa
[  630.349619][T13137]  _copy_to_iter+0x5a4/0x1720
[  630.349657][T13137]  ? p_stop+0x31/0x100
[  630.349691][T13137]  ? __pfx__copy_to_iter+0x10/0x10
[  630.349727][T13137]  ? traverse.part.0.constprop.0+0x2c5/0x650
[  630.349775][T13137]  seq_read_iter+0x691/0x1270
[  630.349811][T13137]  ? mark_held_locks+0x40/0x70
[  630.349850][T13137]  ? lockdep_hardirqs_on+0x78/0x100
[  630.349897][T13137]  seq_read+0x344/0x4d0
[  630.349940][T13137]  ? __pfx_seq_read+0x10/0x10
[  630.349974][T13137]  ? __pfx___might_resched+0x10/0x10
[  630.350013][T13137]  ? import_ubuf+0x1b6/0x220
[  630.350056][T13137]  ? rw_verify_area+0xce/0x6d0
[  630.350093][T13137]  ? __pfx_seq_read+0x10/0x10
[  630.350127][T13137]  vfs_readv+0x5d8/0x8d0
[  630.350163][T13137]  ? mark_held_locks+0x40/0x70
[  630.350206][T13137]  ? __pfx_vfs_readv+0x10/0x10
[  630.350262][T13137]  ? __fget_files+0x21f/0x3d0
[  630.350290][T13137]  ? do_readv+0x13e/0x340
[  630.350323][T13137]  do_readv+0x13e/0x340
[  630.350359][T13137]  ? __pfx_do_readv+0x10/0x10
[  630.350402][T13137]  do_syscall_64+0x115/0x840
[  630.350422][T13137]  ? clear_bhb_loop+0x40/0x90
[  630.350455][T13137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.350478][T13137] RIP: 0033:0x7fef82d9ce59
[  630.350497][T13137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  630.350520][T13137] RSP: 002b:00007fef80fd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  630.350541][T13137] RAX: ffffffffffffffda RBX: 00007fef83016090 RCX: 00007fef82d9ce59
[  630.350557][T13137] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003
[  630.350571][T13137] RBP: 00007fef80fd5090 R08: 0000000000000000 R09: 0000000000000000
[  630.350585][T13137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  630.350599][T13137] R13: 00007fef83016128 R14: 00007fef83016090 R15: 00007fff18615f88
[  630.350629][T13137]  </TASK>
[  631.707941][T13157] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1634'.
[  632.013487][T13141] Process accounting resumed
[  632.169538][T13160] __vm_enough_memory: pid: 13160, comm: syz.0.1635, bytes: 4398046457856 not enough memory for the allocation
[  634.383620][T13200] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1644'.
[  634.522417][T13163] futex_wake_op: syz.1.1636 tries to shift op by -2048; fix this program
[  635.109841][T13209] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1646'.
[  635.543919][T13218] __vm_enough_memory: pid: 13218, comm: syz.3.1648, bytes: 4398046457856 not enough memory for the allocation
[  636.400190][T12506] Bluetooth: hci0: Malformed HCI Event
[  636.417567][T13233] FAULT_INJECTION: forcing a failure.
[  636.417567][T13233] name failslab, interval 1, probability 0, space 0, times 0
[  636.495525][T13233] CPU: 0 UID: 0 PID: 13233 Comm: syz.0.1651 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  636.495562][T13233] Tainted: [L]=SOFTLOCKUP
[  636.495571][T13233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  636.495584][T13233] Call Trace:
[  636.495591][T13233]  <TASK>
[  636.495600][T13233]  dump_stack_lvl+0x100/0x190
[  636.495633][T13233]  should_fail_ex.cold+0x5/0xa
[  636.495665][T13233]  should_failslab+0xc2/0x120
[  636.495700][T13233]  __kmalloc_noprof+0xfc/0x820
[  636.495730][T13233]  ? iovec_from_user+0x8d/0x140
[  636.495770][T13233]  iovec_from_user+0x8d/0x140
[  636.495808][T13233]  __import_iovec+0x81/0x640
[  636.495842][T13233]  ? recalc_sigpending+0x1f9/0x280
[  636.495878][T13233]  ? dequeue_signal+0x216/0x500
[  636.495918][T13233]  import_iovec+0x82/0xb0
[  636.495956][T13233]  vfs_writev+0x197/0xdd0
[  636.496000][T13233]  ? __pfx_vfs_writev+0x10/0x10
[  636.496055][T13233]  ? __fget_files+0x21f/0x3d0
[  636.496085][T13233]  ? do_pwritev+0x1ac/0x270
[  636.496119][T13233]  do_pwritev+0x1ac/0x270
[  636.496157][T13233]  ? __pfx_do_pwritev+0x10/0x10
[  636.496193][T13233]  ? trace_hardirqs_off+0x70/0x170
[  636.496223][T13233]  do_syscall_64+0x115/0x840
[  636.496244][T13233]  ? clear_bhb_loop+0x40/0x90
[  636.496272][T13233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.496296][T13233] RIP: 0033:0x7fc5ead9ce59
[  636.496315][T13233] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  636.496337][T13233] RSP: 002b:00007fc5ebc5a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
[  636.496359][T13233] RAX: ffffffffffffffda RBX: 00007fc5eb016180 RCX: 00007fc5ead9ce59
[  636.496375][T13233] RDX: 0000000000000009 RSI: 0000200000000040 RDI: 0000000000000006
[  636.496389][T13233] RBP: 00007fc5ebc5a090 R08: 000000000000d3b8 R09: 0000000000000000
[  636.496409][T13233] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  636.496423][T13233] R13: 00007fc5eb016218 R14: 00007fc5eb016180 R15: 00007fff61f6aa28
[  636.496451][T13233]  </TASK>
[  637.552172][T13242] FAULT_INJECTION: forcing a failure.
[  637.552172][T13242] name failslab, interval 1, probability 0, space 0, times 0
[  637.628141][T13242] CPU: 0 UID: 0 PID: 13242 Comm: syz.1.1654 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  637.628178][T13242] Tainted: [L]=SOFTLOCKUP
[  637.628186][T13242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  637.628200][T13242] Call Trace:
[  637.628207][T13242]  <TASK>
[  637.628216][T13242]  dump_stack_lvl+0x100/0x190
[  637.628250][T13242]  should_fail_ex.cold+0x5/0xa
[  637.628280][T13242]  should_failslab+0xc2/0x120
[  637.628320][T13242]  __kmalloc_noprof+0xfc/0x820
[  637.628349][T13242]  ? rcu_is_watching+0x12/0xc0
[  637.628379][T13242]  ? tomoyo_realpath_from_path+0xb6/0x690
[  637.628422][T13242]  tomoyo_realpath_from_path+0xb6/0x690
[  637.628463][T13242]  tomoyo_path_number_perm+0x23c/0x580
[  637.628490][T13242]  ? tomoyo_path_number_perm+0x22e/0x580
[  637.628521][T13242]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  637.628578][T13242]  ? find_held_lock+0x2b/0x80
[  637.628608][T13242]  ? __fget_files+0x215/0x3d0
[  637.628628][T13242]  ? hook_file_ioctl_common+0x140/0x440
[  637.628657][T13242]  ? __fget_files+0x215/0x3d0
[  637.628683][T13242]  ? __fget_files+0x21f/0x3d0
[  637.628709][T13242]  security_file_ioctl+0xd3/0x230
[  637.628740][T13242]  __x64_sys_ioctl+0xb7/0x210
[  637.628776][T13242]  do_syscall_64+0x115/0x840
[  637.628797][T13242]  ? clear_bhb_loop+0x40/0x90
[  637.628825][T13242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.628849][T13242] RIP: 0033:0x7f99dbf9ce59
[  637.628867][T13242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  637.628890][T13242] RSP: 002b:00007f99dcef1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  637.628912][T13242] RAX: ffffffffffffffda RBX: 00007f99dc215fa0 RCX: 00007f99dbf9ce59
[  637.628928][T13242] RDX: 0000000000000001 RSI: 0000000000004b67 RDI: 0000000000000003
[  637.628941][T13242] RBP: 00007f99dcef1090 R08: 0000000000000000 R09: 0000000000000000
[  637.628955][T13242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.628969][T13242] R13: 00007f99dc216038 R14: 00007f99dc215fa0 R15: 00007ffcad0dda18
[  637.628998][T13242]  </TASK>
[  637.629007][T13242] ERROR: Out of memory at tomoyo_realpath_from_path.
[  637.922951][T13245] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1655'.
[  639.062495][T13266] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1660'.
[  639.763976][T13279] netlink: 'syz.2.1663': attribute type 3 has an invalid length.
[  639.948783][T13254] kexec: Could not allocate control_code_buffer
[  640.705554][T11622] netdevsim netdevsim1335 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  643.734883][T13341] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  643.901596][T13345] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1679'.
[  644.373110][T13320] kexec: Could not allocate control_code_buffer
[  645.046649][T13342] Process accounting resumed
[  645.354840][T13360] bridge0: port 3(batadv0) entered blocking state
[  645.381939][T13360] bridge0: port 3(batadv0) entered disabled state
[  645.407346][T13360] batadv0: entered allmulticast mode
[  645.529407][T13360] batadv0: entered promiscuous mode
[  645.578458][T11621] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  645.588347][T11621] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  646.601428][T13388] FAULT_INJECTION: forcing a failure.
[  646.601428][T13388] name failslab, interval 1, probability 0, space 0, times 0
[  646.698672][T13388] CPU: 0 UID: 0 PID: 13388 Comm: syz.1.1691 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  646.698711][T13388] Tainted: [L]=SOFTLOCKUP
[  646.698719][T13388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  646.698734][T13388] Call Trace:
[  646.698741][T13388]  <TASK>
[  646.698750][T13388]  dump_stack_lvl+0x100/0x190
[  646.698785][T13388]  should_fail_ex.cold+0x5/0xa
[  646.698817][T13388]  should_failslab+0xc2/0x120
[  646.698852][T13388]  kmem_cache_alloc_noprof+0x91/0x6a0
[  646.698884][T13388]  ? __kernfs_new_node+0xd2/0xa10
[  646.698915][T13388]  __kernfs_new_node+0xd2/0xa10
[  646.698943][T13388]  ? __pfx___kernfs_new_node+0x10/0x10
[  646.698973][T13388]  ? find_held_lock+0x2b/0x80
[  646.699004][T13388]  ? kernfs_root+0xee/0x2a0
[  646.699039][T13388]  ? kernfs_root+0xee/0x2a0
[  646.699081][T13388]  kernfs_new_node+0x117/0x150
[  646.699110][T13388]  __kernfs_create_file+0x53/0x350
[  646.699144][T13388]  sysfs_add_file_mode_ns+0x207/0x3c0
[  646.699186][T13388]  internal_create_group+0x593/0xfb0
[  646.699232][T13388]  ? __pfx_internal_create_group+0x10/0x10
[  646.699301][T13388]  ? kernfs_create_link+0x1bd/0x240
[  646.699337][T13388]  internal_create_groups+0x9d/0x150
[  646.699378][T13388]  device_add+0x71a/0x1970
[  646.699520][T13388]  ? __pfx_device_add+0x10/0x10
[  646.699562][T13388]  ? lockdep_init_map_type+0x5c/0x250
[  646.699588][T13388]  ? __init_waitqueue_head+0xca/0x150
[  646.699624][T13388]  rfkill_register+0x1ad/0xb30
[  646.699717][T13388]  nfc_register_device+0x11f/0x3e0
[  646.699771][T13388]  nci_register_device+0x7f1/0xb80
[  646.699848][T13388]  ? __pfx_nci_register_device+0x10/0x10
[  646.699886][T13388]  ? lockdep_init_map_type+0x5c/0x250
[  646.699917][T13388]  virtual_ncidev_open+0x141/0x220
[  646.699956][T13388]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  646.699994][T13388]  misc_open+0x26d/0x450
[  646.700020][T13388]  ? __pfx_misc_open+0x10/0x10
[  646.700044][T13388]  chrdev_open+0x234/0x6a0
[  646.700068][T13388]  ? __pfx_apparmor_file_open+0x10/0x10
[  646.700096][T13388]  ? __pfx_chrdev_open+0x10/0x10
[  646.700122][T13388]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  646.700157][T13388]  do_dentry_open+0x6ab/0x14d0
[  646.700181][T13388]  ? __pfx_chrdev_open+0x10/0x10
[  646.700213][T13388]  vfs_open+0x82/0x3f0
[  646.700248][T13388]  path_openat+0x2873/0x4280
[  646.700286][T13388]  ? __pfx_path_openat+0x10/0x10
[  646.700319][T13388]  do_file_open+0x20e/0x430
[  646.700347][T13388]  ? __pfx_do_file_open+0x10/0x10
[  646.700393][T13388]  ? alloc_fd+0x471/0x7a0
[  646.700419][T13388]  ? do_getname+0x191/0x390
[  646.700465][T13388]  do_sys_openat2+0x10f/0x1e0
[  646.700497][T13388]  ? __pfx_do_sys_openat2+0x10/0x10
[  646.700531][T13388]  ? __fget_files+0x21f/0x3d0
[  646.700563][T13388]  __x64_sys_openat+0x12d/0x210
[  646.700597][T13388]  ? __pfx___x64_sys_openat+0x10/0x10
[  646.700641][T13388]  do_syscall_64+0x115/0x840
[  646.700661][T13388]  ? clear_bhb_loop+0x40/0x90
[  646.700710][T13388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.700734][T13388] RIP: 0033:0x7f99dbf9ce59
[  646.700754][T13388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  646.700778][T13388] RSP: 002b:00007f99dced0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  646.700801][T13388] RAX: ffffffffffffffda RBX: 00007f99dc216090 RCX: 00007f99dbf9ce59
[  646.700817][T13388] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  646.700833][T13388] RBP: 00007f99dc032e6f R08: 0000000000000000 R09: 0000000000000000
[  646.700847][T13388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  646.700861][T13388] R13: 00007f99dc216128 R14: 00007f99dc216090 R15: 00007ffcad0dda18
[  646.700892][T13388]  </TASK>
[  647.342021][T13379] futex_wake_op: syz.0.1690 tries to shift op by -2048; fix this program
[  647.782231][T13397] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  647.884449][T13399] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1692'.
[  648.069672][T13401] __vm_enough_memory: pid: 13401, comm: syz.2.1693, bytes: 4398046457856 not enough memory for the allocation
[  650.195256][T13435] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead.
[  652.275461][T13465] FAULT_INJECTION: forcing a failure.
[  652.275461][T13465] name failslab, interval 1, probability 0, space 0, times 0
[  652.412372][T13465] CPU: 0 UID: 0 PID: 13465 Comm: syz.1.1710 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  652.412412][T13465] Tainted: [L]=SOFTLOCKUP
[  652.412420][T13465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  652.412435][T13465] Call Trace:
[  652.412443][T13465]  <TASK>
[  652.412452][T13465]  dump_stack_lvl+0x100/0x190
[  652.412488][T13465]  should_fail_ex.cold+0x5/0xa
[  652.412520][T13465]  should_failslab+0xc2/0x120
[  652.412556][T13465]  kmem_cache_alloc_lru_noprof+0x8d/0x6a0
[  652.412590][T13465]  ? alloc_inode+0x183/0x250
[  652.412627][T13465]  alloc_inode+0x183/0x250
[  652.412659][T13465]  new_inode+0x22/0x1c0
[  652.412694][T13465]  devpts_fill_super+0x3bb/0x620
[  652.412729][T13465]  ? __pfx_devpts_fill_super+0x10/0x10
[  652.412762][T13465]  get_tree_nodev+0xdd/0x190
[  652.412802][T13465]  vfs_get_tree+0x92/0x320
[  652.412837][T13465]  vfs_cmd_create+0xd7/0x2a0
[  652.412871][T13465]  __do_sys_fsconfig+0x55a/0xcb0
[  652.412912][T13465]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  652.412960][T13465]  do_syscall_64+0x115/0x840
[  652.412982][T13465]  ? clear_bhb_loop+0x40/0x90
[  652.413012][T13465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.413037][T13465] RIP: 0033:0x7f99dbf9ce59
[  652.413056][T13465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  652.413080][T13465] RSP: 002b:00007f99dcef1028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  652.413103][T13465] RAX: ffffffffffffffda RBX: 00007f99dc215fa0 RCX: 00007f99dbf9ce59
[  652.413119][T13465] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000009
[  652.413133][T13465] RBP: 00007f99dc032e6f R08: 0000000000000000 R09: 0000000000000000
[  652.413147][T13465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  652.413161][T13465] R13: 00007f99dc216038 R14: 00007f99dc215fa0 R15: 00007ffcad0dda18
[  652.413191][T13465]  </TASK>
[  652.725037][T13465] devpts: Unable to alloc inode for ptmx node
[  654.560357][T13501] __vm_enough_memory: pid: 13501, comm: syz.2.1718, bytes: 4398046457856 not enough memory for the allocation
[  656.138935][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1722'.
[  656.198176][T13524] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1723'.
[  656.835797][T13533] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  656.943462][T13536] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1726'.
[  659.540173][T13549] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  659.604980][T13549] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  659.688103][T13549] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  659.782301][T13549] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  661.490559][T13597] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  661.566290][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  661.646706][T12506] Bluetooth: hci0: command 0x0406 tx timeout
[  661.670375][T13602] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1738'.
[  661.727571][T12506] Bluetooth: hci2: command 0x0406 tx timeout
[  661.806188][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  663.992836][T13636] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  664.163075][T13643] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1745'.
[  665.468864][T13674] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1752'.
[  666.828941][T13691] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1756'.
[  667.384980][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1759'.
[  670.045150][T13751] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1767'.
[  670.559270][T13753] bridge0: port 3(batadv0) entered blocking state
[  670.575602][T13759] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1770'.
[  670.602329][T13753] bridge0: port 3(batadv0) entered disabled state
[  670.643080][T13753] batadv0: entered allmulticast mode
[  670.701842][T13753] batadv0: entered promiscuous mode
[  670.784574][T13759] bond0: (slave bond_slave_0): Releasing backup interface
[  670.813623][T13768] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1772'.
[  670.867522][T11623] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  670.876898][T11623] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  672.631503][T13792] __vm_enough_memory: pid: 13792, comm: syz.3.1777, bytes: 4398046457856 not enough memory for the allocation
[  672.799871][T13797] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1778'.
[  674.872245][T13810] kexec: Could not allocate control_code_buffer
[  674.981968][T13820] ima: policy update failed
[  675.013049][T13835] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1786'.
[  675.040966][   T30] audit: type=1802 audit(1782556225.121:50): pid=13820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1784" res=0 errno=0
[  675.263584][T13835] Process accounting paused
[  684.552500][T13976] __vm_enough_memory: pid: 13976, comm: syz.0.1817, bytes: 4398046457856 not enough memory for the allocation
[  685.000073][T13984] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  685.126951][T13984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1819'.
[  685.967926][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  685.976869][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  686.742202][T13992] kexec: Could not allocate control_code_buffer
[  687.812880][T14001] futex_wake_op: syz.2.1822 tries to shift op by -2048; fix this program
[  688.562739][T14025] __vm_enough_memory: pid: 14025, comm: syz.3.1827, bytes: 4398046457856 not enough memory for the allocation
[  690.143992][T14022] futex_wake_op: syz.1.1826 tries to shift op by -2048; fix this program
[  691.249771][T14071] kafs: addr_prefs: Invalid Command
[  691.753419][T14078] futex_wake_op: syz.0.1836 tries to shift op by -2048; fix this program
[  691.811037][T14078] futex_wake_op: syz.0.1836 tries to shift op by -2048; fix this program
[  692.021785][T14073] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.681537][T14073] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.732537][T14081] futex_wake_op: syz.3.1837 tries to shift op by -2048; fix this program
[  693.003540][T14073] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.125361][T14086] warning: `syz.1.1838' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  693.264190][T14073] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.429617][T14073] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.761469][T14119] sg_write: data in/out 124/2 bytes for SCSI command 0x61-- guessing data in;
[  694.761469][T14119]    program syz.1.1845 not setting count and/or reply_len properly
[  695.035665][T14127] __vm_enough_memory: pid: 14127, comm: syz.2.1848, bytes: 4398046457856 not enough memory for the allocation
[  697.844281][T14171] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1858'.
[  702.971021][T14211] futex_wake_op: syz.1.1867 tries to shift op by -2048; fix this program
[  702.995365][T14217] kexec: Could not allocate control_code_buffer
[  704.865462][T14232] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  704.921133][T14232] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  704.972490][T14232] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  705.024043][T14232] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  705.914019][T14263] kexec: Could not allocate control_code_buffer
[  706.046288][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  706.927622][T12506] Bluetooth: hci0: command 0x0406 tx timeout
[  707.007322][T12506] Bluetooth: hci2: command 0x0406 tx timeout
[  707.086138][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  707.377113][T14282] kexec: Could not allocate control_code_buffer
[  708.285790][T14315] __vm_enough_memory: pid: 14315, comm: syz.2.1888, bytes: 4398046457856 not enough memory for the allocation
[  709.193726][T14329] program syz.2.1890 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  709.308514][T14332] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1892'.
[  709.346943][T14329] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  711.159073][T14343] futex_wake_op: syz.0.1894 tries to shift op by -2048; fix this program
[  711.773655][T14369] __vm_enough_memory: pid: 14369, comm: syz.3.1900, bytes: 4398046457856 not enough memory for the allocation
[  712.580616][T14376] FAULT_INJECTION: forcing a failure.
[  712.580616][T14376] name failslab, interval 1, probability 0, space 0, times 0
[  712.648381][T14376] CPU: 0 UID: 0 PID: 14376 Comm: syz.3.1902 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  712.648419][T14376] Tainted: [L]=SOFTLOCKUP
[  712.648427][T14376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  712.648441][T14376] Call Trace:
[  712.648448][T14376]  <TASK>
[  712.648457][T14376]  dump_stack_lvl+0x100/0x190
[  712.648494][T14376]  should_fail_ex.cold+0x5/0xa
[  712.648525][T14376]  should_failslab+0xc2/0x120
[  712.648560][T14376]  kmem_cache_alloc_noprof+0x91/0x6a0
[  712.648592][T14376]  ? key_alloc+0xc0f/0x1310
[  712.648700][T14376]  key_alloc+0xc0f/0x1310
[  712.648740][T14376]  ? __pfx_key_alloc+0x10/0x10
[  712.648771][T14376]  ? find_held_lock+0x2b/0x80
[  712.648807][T14376]  keyring_alloc+0x44/0xc0
[  712.648843][T14376]  keyctl_get_persistent+0x6c7/0x8b0
[  712.648881][T14376]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  712.648919][T14376]  ? __x64_sys_futex+0x34f/0x4d0
[  712.648977][T14376]  ? __x64_sys_futex+0x358/0x4d0
[  712.649007][T14376]  ? xfd_validate_state+0x129/0x190
[  712.649055][T14376]  __do_sys_keyctl+0x3b2/0x5a0
[  712.649081][T14376]  do_syscall_64+0x115/0x840
[  712.649105][T14376]  ? clear_bhb_loop+0x40/0x90
[  712.649134][T14376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  712.649157][T14376] RIP: 0033:0x7fef82d9ce59
[  712.649177][T14376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  712.649201][T14376] RSP: 002b:00007fef80ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  712.649223][T14376] RAX: ffffffffffffffda RBX: 00007fef83015fa0 RCX: 00007fef82d9ce59
[  712.649239][T14376] RDX: 00000000fffffffe RSI: ffffffffffffffff RDI: 2000000000000016
[  712.649254][T14376] RBP: 00007fef82e32e6f R08: 0000000000001000 R09: 0000000000000000
[  712.649268][T14376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  712.649282][T14376] R13: 00007fef83016038 R14: 00007fef83015fa0 R15: 00007fff18615f88
[  712.649312][T14376]  </TASK>
[  715.650322][T14418] sg_write: data in/out 124/2 bytes for SCSI command 0x61-- guessing data in;
[  715.650322][T14418]    program syz.3.1912 not setting count and/or reply_len properly
[  716.181664][T14428] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1914'.
[  718.768705][T14455] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  719.012967][T14448] kexec: Could not allocate control_code_buffer
[  719.460342][T14478] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1926'.
[  721.368647][T14467] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  721.440180][T14467] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  721.493266][T14467] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  721.515316][T14502] __vm_enough_memory: pid: 14502, comm: syz.0.1931, bytes: 4398046457856 not enough memory for the allocation
[  721.554142][T14467] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  722.266225][T14511] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1932'.
[  722.686180][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  722.814187][T14497] futex_wake_op: syz.3.1930 tries to shift op by -2048; fix this program
[  723.487446][T12506] Bluetooth: hci0: command 0x0406 tx timeout
[  723.572226][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  723.578499][T12506] Bluetooth: hci2: command 0x0406 tx timeout
[  723.619389][T14542] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1939'.
[  724.054359][T14550] __vm_enough_memory: pid: 14550, comm: syz.2.1941, bytes: 4398046457856 not enough memory for the allocation
[  725.168730][T14564] bridge0: port 3(batadv0) entered blocking state
[  725.202945][T14564] bridge0: port 3(batadv0) entered disabled state
[  725.234857][T14564] batadv0: entered allmulticast mode
[  725.292034][T14564] batadv0: entered promiscuous mode
[  725.673065][   T36] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  725.683450][   T36] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  725.944918][T14579] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1947'.
[  727.325869][T14600] __vm_enough_memory: pid: 14600, comm: syz.0.1953, bytes: 4398046457856 not enough memory for the allocation
[  729.111384][T14628] FAULT_INJECTION: forcing a failure.
[  729.111384][T14628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  729.177632][T14628] CPU: 0 UID: 0 PID: 14628 Comm: syz.0.1961 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  729.177670][T14628] Tainted: [L]=SOFTLOCKUP
[  729.177678][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  729.177692][T14628] Call Trace:
[  729.177700][T14628]  <TASK>
[  729.177708][T14628]  dump_stack_lvl+0x100/0x190
[  729.177744][T14628]  should_fail_ex.cold+0x5/0xa
[  729.177774][T14628]  _copy_from_iter+0x1f4/0x1690
[  729.177817][T14628]  ? __pfx__copy_from_iter+0x10/0x10
[  729.177850][T14628]  ? trace_kmalloc+0xeb/0x110
[  729.177887][T14628]  ? __kasan_kmalloc+0xaa/0xb0
[  729.177919][T14628]  ? __kmalloc_noprof+0x343/0x820
[  729.177948][T14628]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  729.177982][T14628]  kernfs_fop_write_iter+0x186/0x5f0
[  729.178014][T14628]  vfs_write+0x6ac/0x1050
[  729.178037][T14628]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  729.178068][T14628]  ? __pfx_vfs_write+0x10/0x10
[  729.178108][T14628]  ksys_write+0x12a/0x250
[  729.178130][T14628]  ? __pfx_ksys_write+0x10/0x10
[  729.178160][T14628]  do_syscall_64+0x115/0x840
[  729.178181][T14628]  ? clear_bhb_loop+0x40/0x90
[  729.178210][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.178234][T14628] RIP: 0033:0x7fc5ead9ce59
[  729.178253][T14628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  729.178276][T14628] RSP: 002b:00007fc5ebc9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  729.178298][T14628] RAX: ffffffffffffffda RBX: 00007fc5eb015fa0 RCX: 00007fc5ead9ce59
[  729.178314][T14628] RDX: 0000000000800004 RSI: 0000200000000340 RDI: 0000000000000003
[  729.178328][T14628] RBP: 00007fc5ebc9c090 R08: 0000000000000000 R09: 0000000000000000
[  729.178342][T14628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  729.178356][T14628] R13: 00007fc5eb016038 R14: 00007fc5eb015fa0 R15: 00007fff61f6aa28
[  729.178387][T14628]  </TASK>
[  730.277885][T14644] __vm_enough_memory: pid: 14644, comm: syz.2.1964, bytes: 4398046457856 not enough memory for the allocation
[  731.148368][T14662] vivid-007: =================  START STATUS  =================
[  731.209219][T14662] vivid-007: Generate PTS: true
[  731.299207][T14662] vivid-007: Generate SCR: true
[  731.375840][T14662] tpg source WxH: 320x240 (Y'CbCr)
[  731.439195][T14662] tpg field: 1
[  731.488887][T14662] tpg crop: (0,0)/320x240
[  731.529885][T14662] tpg compose: (0,0)/320x240
[  731.586529][T14662] tpg colorspace: 8
[  731.632875][T14662] tpg transfer function: 0/0
[  731.673458][T14662] tpg Y'CbCr encoding: 0/0
[  731.738516][T14662] tpg quantization: 0/0
[  731.786541][T14662] tpg RGB range: 0/2
[  731.858930][T14662] vivid-007: ==================  END STATUS  ==================
[  732.831164][T14660] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  732.888657][T14660] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  732.956747][T14660] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  733.003883][T14660] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  733.977437][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  734.932301][T12506] Bluetooth: hci0: command 0x0406 tx timeout
[  735.016332][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  735.022448][ T5635] Bluetooth: hci2: command 0x0406 tx timeout
[  735.840300][T14715] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  735.901277][T14715] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  735.966734][T14715] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  736.020637][T14715] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  736.122022][T14718] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1982'.
[  736.359103][T14718] veth0_macvtap: left promiscuous mode
[  736.385925][T14718] macvtap0: entered promiscuous mode
[  736.410743][T14718] macvtap0: entered allmulticast mode
[  737.141534][T14729] usbip-vudc usbip-vudc.0: gadget not bound
[  737.180826][T14729] usbip-vudc usbip-vudc.0: gadget not bound
[  737.652199][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  737.971958][T12506] Bluetooth: hci2: command 0x0406 tx timeout
[  737.978769][ T5635] Bluetooth: hci0: command 0x0406 tx timeout
[  738.052442][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  738.443233][T14734] futex_wake_op: syz.2.1986 tries to shift op by -2048; fix this program
[  738.979658][T14763] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1992'.
[  741.785421][T14778] kexec: Could not allocate control_code_buffer
[  743.753558][T14809] futex_wake_op: syz.3.2003 tries to shift op by -2048; fix this program
[  746.392563][T14851] __vm_enough_memory: pid: 14851, comm: syz.2.2013, bytes: 4398046457856 not enough memory for the allocation
[  747.409049][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  747.417766][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  748.828839][T14865] futex_wake_op: syz.2.2017 tries to shift op by -2048; fix this program
[  749.135605][T14862] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  749.229071][T14862] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  749.310896][T14862] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  749.381260][T14862] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  750.239133][T14897] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2023'.
[  750.287260][T12506] Bluetooth: hci1: command 0x0406 tx timeout
[  751.245332][T12506] Bluetooth: hci0: command 0x0406 tx timeout
[  751.325271][T12506] Bluetooth: hci2: command 0x0406 tx timeout
[  751.405053][T12506] Bluetooth: hci3: command 0x0406 tx timeout
[  753.711359][T14944] __vm_enough_memory: pid: 14944, comm: syz.2.2037, bytes: 4398046457856 not enough memory for the allocation
[  754.724597][T14935] kexec: Could not allocate control_code_buffer
[  755.188212][T14964] vivid-007: =================  START STATUS  =================
[  755.247524][T14964] vivid-007: Generate PTS: true
[  755.313591][T14964] vivid-007: Generate SCR: true
[  755.392375][T14964] tpg source WxH: 320x240 (Y'CbCr)
[  755.437786][T14964] tpg field: 1
[  755.454909][T14964] tpg crop: (0,0)/320x240
[  755.479497][T14964] tpg compose: (0,0)/320x240
[  755.502343][T14964] tpg colorspace: 8
[  755.528677][T14964] tpg transfer function: 0/0
[  755.552268][T14964] tpg Y'CbCr encoding: 0/0
[  755.577254][T14964] tpg quantization: 0/0
[  755.599386][T14964] tpg RGB range: 0/2
[  755.622560][T14964] vivid-007: ==================  END STATUS  ==================
[  757.132694][T14993] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2047'.
[  757.249461][T14995] __vm_enough_memory: pid: 14995, comm: syz.3.2048, bytes: 4398046457856 not enough memory for the allocation
[  757.997440][T15011] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2051'.
[  759.740505][T15014] futex_wake_op: syz.3.2054 tries to shift op by -2048; fix this program
[  760.004590][T15039] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2059'.
[  763.438650][T15072] kexec: Could not allocate control_code_buffer
[  763.470979][T15092] __vm_enough_memory: pid: 15092, comm: syz.2.2076, bytes: 4398046457856 not enough memory for the allocation
[  764.084417][T15077] futex_wake_op: syz.0.2071 tries to shift op by -2048; fix this program
[  767.285562][T15162] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2088'.
[  768.505424][T15179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2092'.
[  769.429639][   T11] ==================================================================
[  769.429684][   T11] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  769.429825][   T11] Write of size 8 at addr ffffc90004bc9000 by task kworker/0:1/11
[  769.429845][   T11] 
[  769.429858][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  769.429890][   T11] Tainted: [L]=SOFTLOCKUP
[  769.429898][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  769.429915][   T11] Workqueue: events_power_efficient fb_flashcursor
[  769.429968][   T11] Call Trace:
[  769.429985][   T11]  <TASK>
[  769.429994][   T11]  dump_stack_lvl+0x100/0x190
[  769.430023][   T11]  print_report+0x13d/0x4b0
[  769.430055][   T11]  ? _raw_spin_lock_irqsave+0x52/0x60
[  769.430093][   T11]  ? sys_imageblit+0x19fb/0x1d60
[  769.430125][   T11]  kasan_report+0xdf/0x1c0
[  769.430166][   T11]  ? sys_imageblit+0x19fb/0x1d60
[  769.430199][   T11]  sys_imageblit+0x19fb/0x1d60
[  769.430237][   T11]  ? __pfx_sys_imageblit+0x10/0x10
[  769.430271][   T11]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  769.430360][   T11]  soft_cursor+0x524/0xa10
[  769.430388][   T11]  bit_cursor+0xca1/0x1490
[  769.430414][   T11]  ? __pfx_bit_cursor+0x10/0x10
[  769.430441][   T11]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  769.430477][   T11]  ? get_color+0x1da/0x450
[  769.430512][   T11]  ? __pfx_bit_cursor+0x10/0x10
[  769.430534][   T11]  fb_flashcursor+0x338/0x430
[  769.430568][   T11]  process_one_work+0xa23/0x1940
[  769.430610][   T11]  ? __pfx_process_one_work+0x10/0x10
[  769.430650][   T11]  ? __pfx_fb_flashcursor+0x10/0x10
[  769.430685][   T11]  worker_thread+0x5ef/0xe50
[  769.430722][   T11]  ? __pfx_worker_thread+0x10/0x10
[  769.430758][   T11]  ? kthread+0x13a/0x450
[  769.430788][   T11]  ? __pfx_worker_thread+0x10/0x10
[  769.430822][   T11]  kthread+0x370/0x450
[  769.430853][   T11]  ? __pfx_kthread+0x10/0x10
[  769.430886][   T11]  ret_from_fork+0x72b/0xd50
[  769.430916][   T11]  ? __pfx_ret_from_fork+0x10/0x10
[  769.430946][   T11]  ? __switch_to+0x800/0x10f0
[  769.430971][   T11]  ? __switch_to_asm+0x39/0x70
[  769.431006][   T11]  ? __pfx_kthread+0x10/0x10
[  769.431038][   T11]  ret_from_fork_asm+0x1a/0x30
[  769.431080][   T11]  </TASK>
[  769.431089][   T11] 
[  769.431095][   T11] The buggy address belongs to a vmalloc virtual mapping
[  769.431112][   T11] Memory state around the buggy address:
[  769.431129][   T11]  ffffc90004bc8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  769.431156][   T11]  ffffc90004bc8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  769.431173][   T11] >ffffc90004bc9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  769.431185][   T11]                    ^
[  769.431197][   T11]  ffffc90004bc9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  769.431213][   T11]  ffffc90004bc9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  769.431226][   T11] ==================================================================
[  769.439191][   T11] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  769.439214][   T11] CPU: 0 UID: 0 PID: 11 Comm: kworker/0:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  769.439246][   T11] Tainted: [L]=SOFTLOCKUP
[  769.439255][   T11] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  769.439271][   T11] Workqueue: events_power_efficient fb_flashcursor
[  769.439313][   T11] Call Trace:
[  769.439321][   T11]  <TASK>
[  769.439329][   T11]  dump_stack_lvl+0x100/0x190
[  769.439359][   T11]  vpanic+0x552/0x970
[  769.439380][   T11]  ? __pfx_vpanic+0x10/0x10
[  769.439402][   T11]  ? mark_held_locks+0x40/0x70
[  769.439448][   T11]  ? sys_imageblit+0x19fb/0x1d60
[  769.439477][   T11]  panic+0xd1/0xe0
[  769.439504][   T11]  ? __pfx_panic+0x10/0x10
[  769.439527][   T11]  ? sys_imageblit+0x19fb/0x1d60
[  769.439555][   T11]  ? preempt_schedule_common+0x42/0xc0
[  769.439593][   T11]  ? check_panic_on_warn+0x1f/0x90
[  769.439643][   T11]  check_panic_on_warn.cold+0x19/0x34
[  769.439668][   T11]  end_report.part.0+0x3a/0x90
[  769.439700][   T11]  kasan_report.cold+0xe/0x18
[  769.439734][   T11]  ? sys_imageblit+0x19fb/0x1d60
[  769.439765][   T11]  sys_imageblit+0x19fb/0x1d60
[  769.439797][   T11]  ? __pfx_sys_imageblit+0x10/0x10
[  769.439831][   T11]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  769.439872][   T11]  soft_cursor+0x524/0xa10
[  769.439899][   T11]  bit_cursor+0xca1/0x1490
[  769.439925][   T11]  ? __pfx_bit_cursor+0x10/0x10
[  769.439951][   T11]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  769.439987][   T11]  ? get_color+0x1da/0x450
[  769.440020][   T11]  ? __pfx_bit_cursor+0x10/0x10
[  769.440041][   T11]  fb_flashcursor+0x338/0x430
[  769.440075][   T11]  process_one_work+0xa23/0x1940
[  769.440117][   T11]  ? __pfx_process_one_work+0x10/0x10
[  769.440163][   T11]  ? __pfx_fb_flashcursor+0x10/0x10
[  769.440198][   T11]  worker_thread+0x5ef/0xe50
[  769.440236][   T11]  ? __pfx_worker_thread+0x10/0x10
[  769.440271][   T11]  ? kthread+0x13a/0x450
[  769.440302][   T11]  ? __pfx_worker_thread+0x10/0x10
[  769.440335][   T11]  kthread+0x370/0x450
[  769.440365][   T11]  ? __pfx_kthread+0x10/0x10
[  769.440397][   T11]  ret_from_fork+0x72b/0xd50
[  769.440427][   T11]  ? __pfx_ret_from_fork+0x10/0x10
[  769.440459][   T11]  ? __switch_to+0x800/0x10f0
[  769.440481][   T11]  ? __switch_to_asm+0x39/0x70
[  769.440515][   T11]  ? __pfx_kthread+0x10/0x10
[  769.440547][   T11]  ret_from_fork_asm+0x1a/0x30
[  769.440588][   T11]  </TASK>
[  769.440662][   T11] Kernel Offset: disabled