last executing test programs:

12.645665607s ago: executing program 3 (id=4439):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000000240)={0x18, r1, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0x3000000, 0x0, 0x20000800}, 0x14)

12.558452604s ago: executing program 3 (id=4443):
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5o\x91p\xe6\x1eRN8\x99\x00\b\xaa\x1c?\x00\x00\x00c\x14\xaf\r\x94\x1a\xd3\xd3\x1d\xf8\xbebR\xddL\'\x03\xf1`\x9f5\xf9\xa4\xf8\x15\xdd\xac\x00\x00\x00\x06\x00\x00\"\x01\x0e\xa4\xdf\xdav\x1cC\xff\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\x9d*\xd1\x14^\xbe\xa2\x00\x00\x00\x01\x00\x00\x00\x00\x00\xe8\xff\x00\x00\x00\x00\x00', 0xfdef, 0x500000000000)

12.478645739s ago: executing program 3 (id=4447):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffffffffffe11, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200440c4}, 0x40048c5)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x3b, 0x2, 0x10009, 0x0, 0x0, 0x0, 0x1000000009, 0x10001, 0x6, 0x400, 0x7ffffffb, 0x5, 0xdd79, 0x5, 0x61, 0x104})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0xa, 0x2, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_NEW_KEY(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000024c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="13042bbd7000fbdbdf650600000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x80)
sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r5, 0x290, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x480000}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
ioctl$auto(r2, 0xae44, r2)

12.4772404s ago: executing program 3 (id=4450):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_TSTAMP(0xffffffffffffffff, 0x40044102, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000002c0)={{0x0, 0x5, &(0x7f00000000c0)={&(0x7f0000000300), 0xe5f}, 0x2, 0x0, 0x8, 0x8000}, 0x10}, 0xd561, 0x2)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
writev$auto(r0, &(0x7f0000000180)={&(0x7f00000000c0), 0x101}, 0x1)
syz_clone(0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.294498155s ago: executing program 2 (id=4903):
r0 = socket(0xa, 0x5, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)
lseek$auto(0x3, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0_to_hsr\x00'})
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000001e80)='/dev/snd/pcmC0D0p\x00', 0x82800, 0x0)
r2 = openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/kernel/debug/bluetooth/hci2/msft_opcode\x00', 0x802, 0x0)
read$auto_msft_opcode_fops_(r2, &(0x7f0000000800)=""/93, 0x5d)
ioctl$auto_PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f00000001c0)=0x5)
ioctl$auto_SNDRV_PCM_IOCTL_UNLINK(r1, 0x4161, 0x0)
r3 = io_uring_setup$auto(0x86, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r7=>0x0})
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000005c0), r3)
sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r6, &(0x7f0000000780)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000740)={&(0x7f0000000d00)={0x1074, r8, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x5}, @NL80211_ATTR_SUPPORT_MESH_AUTH={0x4}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xd}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x5}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0xfff}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x1028, 0x84, 0x0, 0x1, [@nested={0x8, 0x20, 0x0, 0x1, [@nested={0x4, 0x84}]}, @nested={0x1019, 0x68, 0x0, 0x1, [@generic="373a1b790e28c44e9f486233d80772e43581b734564fb1931c901f85d51167b7c8a048824eb9dd7e2e6eddc2a8e72d55d9257e46692548ec4d61bb088278cfc92ebf12b2e987f4635b8f1f12e8b49ef3f198eba2d42d4fe22e2ad0b0b02231d03c3a8e5fc6d8b07de3329799f16b67aed454009ea46adfeac2a6f6c4b626a6b4977cb27b766b294b238c6c1fbebafbc9cd9fd183a32a42eba431e607ae82e50813f55ec0f88a1edda369e62885206e3cd1a69fb1108203ad723ac80448f11906755a4f95bbdfeb8a990735c6db56d6c7f433c0d29036ff0b2bc9db6bd9a6671256d96deb386d70654644e552e2c8d6c1d6523907a5ef1d39e11f983026afcfba0e8889591c37e44f1aeb8bd5075279c3433d06f376b3900b44193f1f7efdecc9f8bce720dba6dc6c1191e5d19995221f5bbd0101f350439580b98606516937e73ce05a24a55313e8c44a64a6975dc506f7f60c93b6fce82abf3123cd6b61ef817c71826015af64277b7b36c9d838e90bfb09f299db70966780e9c2e221e2544ce09b386d425e0411771430f7a68fa158eef7ed9df1fa8e2e19794a076015c3618e4d3e52ee0666facd2afce1aafeda24d4d4bc2361bbaf96dfd212c9033e876301679984bb23439fac127c3cac3cf4269107e11ed5b110836aa96e9787dc3d49b898f96d05b8fe50920e02d4b05f054e73d52f638ca220daae028496cd3c635d6c912622d1a536481c08708fe53324a364bb8628eceb048b66d9b563da917afa4577ad5491e0bbab421eb22aeb7a8ec0b6175eed7b97ca37c3b7a2c52f77c42ca1d0c227f3ad523d7367dfe4bed692bdc4e9f88c6736ca0902b7d76f6d8debfd4113701bbc7a4a87732165fbd4dd46240334a5d9afc74281b89b010bda3ff0b2ac438b4053b8eec4d65eab6bca4f372e715ee2a1938b4a5272321db3707558d01700a9d624e65de9bd398b32bcfe09b4f97aef13803de894249ddaad03dcce175e623383fb123993c8766c03356aec5cb801063dee9b0d0545a2d7336253f08ca34383588afffd330fd6c92c5182a60ae98a1c9c9847a4a2817916b15795681843d19528edaa7fc344952b0ab63c7835030b4237a4d553a883e50cb880fe3a9afdb3514208d7759e939b9f91bab1596f2d06493e8a91ebe7751d8a8cd0538de4992302975aebfc117ba80a848d06389b7fdad7671611e7345d0c9805948e90a0464e4314c44c85e5f58d8cdec1e6502f3a4706e7ce4d868fa1b241e4f9c1a73ee1ea55807f8b3354129d6d9aa1fd5f4b6fae447f91964e6e7d5c65fdd50236740ecb8287f4a6730f9dd7d8b510357c50c723935fd30d111d1ae106f694ab8086257cda05c3e56564105a67b2e5ede8ca2051fc0ff39279b97c8b598de589b6ccf8f16f489bf3ac841a76997dc204abde8390e17552182e16ac59de294215e3345827dc0aa2fe4271cc7e5ac0af32ba3ced00f5f7e39d415f95565e2e483e9f799c9c8ffe5ae774ffbb0021b9f47425cca2ded227f4185adf470233266df8fa120727744ff688e17ef578f23bebd5a100bac9878f397ac5aa13003ed7c1f163a42ca6fda80d4c5a033cce9b7d39b931f55ccc762f00c9d8ecbeaaf1676f3ce196a6e89b98c789f8c8ae54dd2d5e88815d563fd7d0184ac3f60cb5639c126629011c31d5382de4d4c2d65d4024d367bffb5d0758eabebfb075c775464542fc33bd64373f50da1e95853f7fdddbd3dad083bacb5589cc05661dff126642f2d5a0940eab924fc8e2564f1828f724dc1db7282bda9302d4e6461fb637290af31bd4c2df2c67055cb001ec4f388c9a274bc9ddae473b5d488b93660fa62b5e9d7e49189e2183f1091c300ad601599398359b587ba3da7d9967ecbaa29233840ce500c91025375c27f14c6ab6102f84a91302e39c23c30c969b2a63f70b2949d053eee5d150f17439b83e0a3f3e0af513392667af6fdda17d61f5dee849861b7c74532fa9ae0f7f0775676c885d3bac18c9ab0e9cf0262629b3706de639e1ae81eb6d1b8158d732bb145b3f9e163af0a34a02a8dbf499eb4a141831ce6e62d4b264080649a01c1d3744a4a5035453082c932b6d056a1f0d9d60ad37388063d79c7a19b26e0f4cd515ff5a79bb6cac073f52210f42522a23e61651d4ac7d26cd271391c6f4ad6288a947f6e3f78fed3a3f6f6c9be6738c3b136dcd1ccd562e2046a8d1ef5a884dfe42adefa3c07659114c8548696a9b30778383d6ad952f8e3f1c4f019349eaec767046eb07303c10f688b7c4835af19b89745508f8c3943971998c475b0b792e660bd80df7e252ccd97b8a90dbe5c647d5117a17d3609e6d5334b3b2c3043f6e3789f260b0de0a027b8fa240f50e7bd503976154af6fbb83a9a413dbb235103f1daf0b3166e5d874cd8423ec27e408e710ad81bf6e3fddeefbe106ef2f4fd99da738a51755ff69eb9c8de45965d3c0d01ce610306350f5bbc3440d29d256a103e69796295c8b15aec25f1ed86ff146e0641fd8f6672e1f09bf6e68533e41188b5707bad82731eca1f935e70eefcd4c98204759bdbd583ed53036732dd0d325c36659a8f20d9cab3102fb172c8cbaaf121904a9cbeeb526b94be7ec1a5614fcebf85adad3efd68d546b5cd4772c6ddcedc05cb666a23f5a4603125d7aa4b0c2f7f739754157314f2f61bd636af6a346d676f19e3f1d9d0db06a57c4a32ffc69b850f24184edd5b9310588cf0b2e66debc089f76ad0343128e0f61906b511b45d7fcf4e4cb0ac09e402dbca7f777d6f91dd6b9d96e29720f2245217208bd78d67d21c9eb8bffad4ad30234086d9f9e2c7a1b082d83009f86846810e1130313e23fd7914e7cb9c08ca1d48cef1cc5c27cc72c9907030f956dc32faecc395ac8c9789b797a17957d690fac0a70112f32db03d66c20eba69694c1545e3ded5890e96acf64ecffc111ac4601c361e1323bf23361c706df2a8d0082ce7d15c99a9c068427195e22875b622ef89e08fc5da93f1fd10fabae7f6dfc5a7b7eee9b6bdacf649608539a5d322c9486737ef961173dfd0a6507910fae6070750a8f52c47ef0451824e142ff94f61ffdf0a02e0dca2de03bd4c9ee1a1d64f94d558a62541853552d4e8b7dde3f540817c72514c542b6ce4b52fcdd8f9ff910dab9040202f0056028afc6d1507b3fe89ed0b14eed84bfab8e9ce1bfeb9d1a9e07b5e7cb72de0d64030d69de610aa202140a51d7217ee9e5d738e6fdeb75443546e767a252d6029a7638cb6ee9e80a3a47529af41d63b0d9261d38e957726c64f1b3f99f6008d0823c7b8476eb0f82304f38b7a3c019600551e0954f50b6cc708a0fec3437d33ed9caf7f0636b403cc3e1ec5585bbe17c6ba4ff0fc551a664219d61f1473d753597278be7d3e06c0ff590628dde68b872f0abf0c610f39b075ccbf9a04fcc87dba456b357142ebadf626c8d361b0d74910a49c1f0d0f8264d4206e90af7430ab5263b16a7b8c4a872cf5522ccb7d0310513b1e3b42dbc3885571b7441c9c5883aae08c193540edece5bcd3d24faa549c67c51c7eee36e5e2ca9406373e04a563d109dd020cf94a5ce2026d6c11532509b15037abb6c227498b163a576a2f26656e6dabb04f1bd8ab671f1eddedf794bf4d95350a6f5e0f90b4f5bba5a586cf3e0d2a211a83897a1466e99fa21993e8d83eb8a69fe84157294ea41304cbbb7a25837979f5c4e0fdc58a0fc792bb2f6b49b6b73d1fafff8d8046c71ae25b04d845918e41e17a443bab6112c0d72207918790b0348778e69742e6353cd50e66f5223425498f087219fe109202ddad28bbfba3c6b5d9282a22e3daee08156d1b714f9b823a8e4772b5b5545e10ee568a182298735e6c52725c103ee4e44bd3891a0959c1c057e125fe9cc0cca996ea3e1028544131053a3026e4f44655d90e979968edfa0330aee78657d2999e19181ab783778e467bf3bedf89e1c75b138162e85a5c8638ef799ac767db07889b93ce5a935a238d7989490b79a902bf6f0e1cf7eac1d881921f7701fe2a91f0d0848dd2b9f6e6e84d094d5b23f4d2480c593774cf287f9f448608eb774a9f593076e3aa08830707d9d48c454119e88641c7e88f94e12a33f3fe4e802134bbe0ca34313fe5d80351d086e17af1fa8c425add328499ab58787be639eeba57d9c0b7110ffcf587422e9e7403eee0f6c190c6112a6ca9984335bc0fdc3dff11f9a350611b2347f9eb8336e351e8f7df2a6d25523ded61a51121db9a59335b69351dc2226f10490418ce21571ad674697056be93a2abca7dcf76b24815ee2d1bbd29c789d5e0aa0d8a191030215c5a88412a4d9d48b619e728e8b1f83e35fc8f43f42680947349957ac18bcb3d132ce9825ba537fc41f583e63cc2ba6735f1368ce4ff0962a96fafee477fd90569dc9230c93ee539e1a3c3d3f8f53653aa4d26623e596f8e41261f501b4606ad42769d84e6b36fad4908662eb756e5bd27ac5038b664395ca7dd2a2634a3420ddf3516e0619650f37f3d00091de559f0f5e1eb8a2e6beec61ac35251f860cd4d533d6e7aee9c728b35807ef137f38f71c968f0ce545be58c741360c562e5bb9d6c74b63cec0e554960c4c64bccfd8b2f0d4a1a90019f3cf3b57e21e9989ac231ac1980a60a1c391791447e4d97c6a37118f7166c4e03d74fae4f812398aeec7b09b90b13c286d30b157c3c48085082e5d6a0a8992f80c7a57b5e8d35853b24545e64d1738fc7bfaa9dcd0b55d2a2a1c9d9e3e9932935d348149646b4eb66f2e15c2a479c55e396a2cb9759b31ee6575f6d4c663049e1599cbd59320a4feca405dd8c148175cfcc47d8adbc584f84d0de051d8e16108a71ba40a32bf3a8409fe136c0af1f97c481314769a5abc8442a440bf9d717c0e61433bd6623f8562722a514fab42386779363853332e1967e79b8c4adccb7ab65701c83b89786cb1c8fc4c2d34177102c347511654da4b961244bbe91209707104f953f48c8281c53ef0610f7d66ceaded1c19d60d69a658ec4b0fc03f3516d2b1c361d1886acec1bca82621fb8a7226f3e43e93682c6efa88b1a6a1bb2be7433a206530f67bf7efbb27beda5db15ce81bea507206faf112f9467afb799ef35b236dfe391e5d98729cd884e33643041bce87f128255cd67338ce11e67d76153efc9775cd92162c34f17b3b9f58d907dd73a0fa694822acc482ada026cd008b806543f817e287de41ac1f3fafeafd9bb5876b3bfc49968b662b7d5e26d4d940ea1273a90f747ed2b915994109e2aa046a61005d7713a1ced8c8accf24b6cf28cf605e499a4934e27ad1bbc3f5222a37b0b12c924f9e75eedb0c9a761131c07eb4978dc423b8b7247fb6f0380d581923d5803bec23f51e60d6654e4e80c81f4c8d9a4ec84efc2df0b22dc27ee5a7ed1eddfa641c69c19cea06b9d93fb52ee1cf317eba2574a0bf5acab35e78f10589ebcd97d02cb295b24bcfa1abfc60845dca4fb856423390a0849d3614071306da3fb7ed9c81461ef8d903aaad67f549fb244290c86be93b5fe7c43be86aa198ba9f836eadef3891129c35634fe64629ebd11357cb56e23da1765f09c793ed3d05fc067a0f20c8cc3fb1085d49bd7d481c90f9e909b5a067974cfb94403f029f99377a543f2c1faaa56d382f0c6d086de74819032cd6f197b79f98192585906cce2c2493dde8245fce2d3087b20d9bd78432decc5537c50ed8f9f8d91f0781022b3cc7c8ab035e7e743c6724f7b0d57fd4278519bc114f637a80d301b69df9c30187c6c4d2a2", @generic="94d74eb90c5ab122a476dfc3a0a5e22e4db2030507"]}]}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x58}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xe6}]}, 0x1074}, 0x1, 0x0, 0x0, 0x4880}, 0x24008007)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
fsconfig$auto(r9, 0x1, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', 0x0, 0x0)
sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x1c, r5, 0x305, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40008}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r10, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x2c, r11, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1021}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x2c}, 0x1, 0xffff000000000000, 0x0, 0x40080}, 0x20040000)
openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r12 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(r12, 0x3, 0x0, 0xa0ec)
r13 = syz_genetlink_get_family_id$auto_802_15_4_mac(0x0, r3)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x54, r13, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_SRC_PAN_ID={0x6, 0xd, 0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x6}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x2b}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x4}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x2}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xc}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000001}, 0x40054)
sendmsg$auto_IEEE802154_ADD_IFACE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="200029bd7000fbdbdf25210000000500120008000000050020000e00000005002907010000000c000900030000000000000006000600310c00000c000900ff010000000000000500190001000000"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x34000889)
read$auto_ima_measurements_ops_ima_fs(r3, &(0x7f00000004c0)=""/148, 0x94)

1.207147489s ago: executing program 2 (id=4906):
setresuid$auto(0x8, 0x8, 0x0) (async)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)={0x20, 0x0, 0x101, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) (async)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf25010000000c000600100000000000000008000100feffffff"], 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80)
write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef)
r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000001c80)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x100e01, 0x0) (async)
getsockopt$auto_SO_SNDTIMEO_NEW(r3, 0xffffff58, 0x43, &(0x7f00000000c0)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', &(0x7f00000001c0)=0x8)
ioctl$auto_FS_IOC_RESVSP64(r4, 0x4030582a, 0xfffffffffffffff9) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000700), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000020", @ANYRES16=r6, @ANYBLOB="010028bd7000fedbdf250c0000000800050000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040804)

1.126630737s ago: executing program 2 (id=4909):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x8000001, 0x835, 0xfffffffc, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/unbind\x00', 0x0, 0x0)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x228000, 0x0)
mmap$auto(0xd69, 0x68a, 0x0, 0x17, r1, 0xffffffff80000000)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000240)="39198cef1711315e181bccd25f6fcce87acaeb8f3914f768048b3b3ac82bbf289a87b0a673974522d41fca7ec508dca7b76ce8b6dda2064daf5bc834aff359f6e84b4e8790088d3d085dcd9bd632ca1c5d2879aaed8511d7ba520f73dd18363ecb6ce5b80abfd2728c8179a0409bca8cd22056793124498eddfafcff41ff1bafbfed6ee5d0f70a6da2a91977c2c51a13b240b1b53592edb74b787631279f63eec284c9a7486070f36f8c150f094231953e812a2185de60ee753d2a3ad2d12da09d0000efd5374cc2a9566fca3a9e797dadb7841e1a449508de0cc3d800f81735c09fcd54382219cddad3f3d81ec7aa40b68a42fcf4b48e66497ef1", 0x200084c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x4}, 0xdfffffff, 0xc5c)
mbind$auto(0x8000002000, 0x100000004, 0x1, 0x0, 0xffffffffffffff39, 0x800001)
write$auto(0xffffffffffffffff, 0x0, 0x8587)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7112}, 0x8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001c00)=""/4111, 0x100f)
getgroups$auto(0xffffffff, 0x0)
shutdown$auto(0x200000003, 0x2)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
connect$auto(0x4, 0x0, 0x10)

1.02423325s ago: executing program 2 (id=4912):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r0)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x1e5c, 0x0, 0x20000000}, 0x20008050)

998.159748ms ago: executing program 2 (id=4915):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x1d, 0x2, 0x2)
connect$auto(0x5, 0x0, 0x9)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYRESHEX, @ANYRES16=r0, @ANYRESOCT, @ANYBLOB="fc959fc988"], 0x38}, 0x1, 0x0, 0x0, 0x2c050811}, 0x10)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers_autoprobe\x00', 0x141000, 0x0)
socket(0x15, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0)
ioctl$auto_RTC_PIE_ON(r3, 0x7005, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000500)=""/4096, 0x1000)
ioctl$sock_SIOCGIFINDEX(r1, 0x3b70, 0x0)
close_range$auto(0x2, r0, 0x0)

898.288783ms ago: executing program 2 (id=4917):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000000240)={0x18, r1, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0xffffe000, 0x0, 0x20000800}, 0x14)

861.437081ms ago: executing program 3 (id=4453):
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r0, 0x29, 0x48, 0x0, 0x2)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000000, 0xd, 0x1fc0, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x100006, 0x8, 0x29f, 0x100, 0x7f, 0x105, 0x6, 0x7f}, {0x100, 0x1, 0xb, 0x7, 0x1, 0x40, 0x3, 0x8, 0x100000000}})

634.701751ms ago: executing program 1 (id=4925):
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x15, 0x5, 0x7) (async)
r0 = socket(0x15, 0x5, 0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
getrandom$auto(0x0, 0x3, 0x80000001) (async)
getrandom$auto(0x0, 0x3, 0x80000001)
statmount$auto(0x0, &(0x7f0000000b00)={0x9, 0xfffffffe, 0x44f, 0xa, 0x10, 0x1007181, 0x0, 0x60, 0x1, 0x801, 0x0, 0x26, 0x4, 0x200003fffffe, 0xfffffffffffffff5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0xf, 0x22002, 0x200, 0x0, 0x62f, 0x6, 0x0, 0x0, 0x0, 0xb626, [0xfffffffffffffffe, 0xffffffffffff04ef, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e, 0x0, 0x8, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x40, 0x81, 0x8a0, 0xb, 0x81, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd, 0x1000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x400, 0x3, 0x2, 0x0, 0x0, 0x0, 0x4000000000000], "bc420c90bf57a2a2bc4f858622760128a530e1a3260cf63253122d2d1ad85dfd61a19d33004528c2af90339d9be6e7045fa3bbef07840a35551078991114413f98c71a67623fd169a6c833404b4da404def5a8caa0b26ea7d71d3556087f2d593db272ab2c9b121da2c6d5a2f930bd9217ac67b2fef6d8bba4c5f325684d1f7e35d2ab79493bb8cd2fc3f6db67079997113b42b15040a9a2d0d922d217fb853550b4b0b193a3ffc234dd5fdd22cc10a036d511c91e79ce4c0e4bae8cb55e14428395e2f04883"}, 0x800000000000b, 0xbc) (async)
statmount$auto(0x0, &(0x7f0000000b00)={0x9, 0xfffffffe, 0x44f, 0xa, 0x10, 0x1007181, 0x0, 0x60, 0x1, 0x801, 0x0, 0x26, 0x4, 0x200003fffffe, 0xfffffffffffffff5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0xf, 0x22002, 0x200, 0x0, 0x62f, 0x6, 0x0, 0x0, 0x0, 0xb626, [0xfffffffffffffffe, 0xffffffffffff04ef, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e, 0x0, 0x8, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x40, 0x81, 0x8a0, 0xb, 0x81, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd, 0x1000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x400, 0x3, 0x2, 0x0, 0x0, 0x0, 0x4000000000000], "bc420c90bf57a2a2bc4f858622760128a530e1a3260cf63253122d2d1ad85dfd61a19d33004528c2af90339d9be6e7045fa3bbef07840a35551078991114413f98c71a67623fd169a6c833404b4da404def5a8caa0b26ea7d71d3556087f2d593db272ab2c9b121da2c6d5a2f930bd9217ac67b2fef6d8bba4c5f325684d1f7e35d2ab79493bb8cd2fc3f6db67079997113b42b15040a9a2d0d922d217fb853550b4b0b193a3ffc234dd5fdd22cc10a036d511c91e79ce4c0e4bae8cb55e14428395e2f04883"}, 0x800000000000b, 0xbc)
r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x200, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.3/usb4/power/wakeup_last_time_ms\x00', 0x200, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x6)
ioctl$auto__ctl_fops_dm_ioctl(r3, 0xfffffff7effffd0c, &(0x7f0000000840)="343e58301f7f4dc2447f0c97ebf9f3742901b9b2e33ec407baadb315ed4bf65d27eb8f64af2220bb6ed892e7abb480ab0987744d617ce483676279abfe6a9ef676a5390614155af194b58225bf5effdeae58598920d6fc6d7150e1a6758f97fa79f18977098731ea9006a3f1f5531fb4b918cf0910696c88f23b679db7d296e333bd148ef164a2cb57a614e3ead5723cdc5a5599fc0a2e1a8d8b91ab8e3628ed6701360528da36828aa1c81bdd590ab3d318f5de51bbf2a698c313ed4e593a57f31fe6850e")
accept$auto(r1, &(0x7f0000000580)=@l2={0x1f, 0x4, @none, 0x1}, &(0x7f00000005c0)=0xad)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
shmctl$auto_SHM_STAT_ANY(0xfffff6a3, 0xf, &(0x7f00000006c0)={{0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffd93c, 0x809, 0x7, 0x8}, 0x8, 0x8000000000000000, 0x9, 0x9db9, @inferred, @raw=0x6, 0xfffb, 0x0, &(0x7f0000000600)="557647ff6f42d947b714e1c80542cc975a83aca4f6c6bb84af19c7c0c233e1dc7f1a067a78b9179bb54f33e777e5c7365d5f33f3f3fc1ccf823a632a56c735f78ed9716f46acee3a1d6b3b57c10eece7f398cb790df382fa679f2907427982c6b7dd", 0x0})
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/kexec_crash_loaded\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000240)=""/140, 0x8c) (async)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000240)=""/140, 0x8c)
sendmsg$auto_IPVS_CMD_ZERO(r0, &(0x7f0000000ac0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x24000091)
sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[@ANYBLOB='?\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000fbdbdf251000000008000300aab1000008000300ff070000180014002f6465762f6d61707065722f636f6e74726f6c000800010001010000"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x4004)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x80002, 0x73) (async)
socket(0x2, 0x80002, 0x73)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000100), r0)
socket(0xa, 0x1, 0x84) (async)
socket(0xa, 0x1, 0x84)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@nfc={0x27, 0x0, 0xffffffffffffffff, 0x4}, 0x6a)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000380)=""/86, 0x56)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x0)
read$auto_posix_clock_file_operations_posix_clock(r2, &(0x7f0000000740)=""/212, 0xd4)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x8}, 0x3, 0x0)
msync$auto(0x110c230000, 0x200001, 0x6)

633.313973ms ago: executing program 3 (id=4926):
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r1 = io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x8400, 0x0)
ioctl$auto_UI_END_FF_ERASE(r2, 0x400c55cb, &(0x7f0000000100)={0x8, 0x0, 0x695c831f})
setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3)
write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6)
write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000180)="c2108606765397e60326f64eb9ec368c72d04e34306cc56aff31f9129c1506e40584e7589791de937f9c31e41c2e3672710a52883fb43f6b4e17e71ec80c5f3a275cbf87c18281b4997d9cfe7a8fd19de6c4544668cbe55cffb6519d", 0x5c)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
landlock_restrict_self$auto(r3, 0x8)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={<r4=>0xa, @new_map_fd=r1, 0x4007, @old_prog_fd=0x13b}, 0xa3)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r4)
sendmsg$auto_NL80211_CMD_TDLS_OPER(r4, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)={0x1e8, r5, 0x4, 0xe8f1, 0x25dfdbff, {}, [@NL80211_ATTR_HE_BSS_COLOR={0x18, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0xa1}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}, @NL80211_ATTR_AUTH_DATA={0xde, 0x9c, "2f219098a03a544f95ed4bc6ded0d7382b82ded7f8bd0b9adaa952b8654334257ec167290b9d0c98cf359793b0692d2565c67c6f9e4418d62191494ded5479ba5902b3cb9604d5b3721457edbc75de53f42e5f890f73d924a8ec2b6ffef70f3c2dd5715cfa77a5fc4f578b43e859bddb6438bb933066d7a59d5ea6d7043c1c4e0f7c8985176f2bbaafb8ef68ccef91c62e689aadbb26f1da9f6e48959a986112c014aa73ae32182c05b98335f9bcca73e82f7900985e8b1573500a287eb305bb4a282b9494277fc365898d84282a63e661604baba5bd9d53ab67"}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_PREV_BSSID={0xd1, 0x4f, "350cf50056585e0fca3275cf16f3a0a3e6fded6b8d2e0972f0b07972846660f8b4bc377bd08e9de09b50fb8123bff987b95cfec46139794ab0b037f813eb637eee819ffe6c74fb068ec126ef322ae0f896f3a76228065b75ee64f101960b7d0ca7aacfdd81b24da2feeae2baaa9d16fa21ec60ee0b27260571492ed84caf720cd06b8bf0a7d452d6e5189e15bbe70132e5fdda854429fc12fcb953b9385d2b0d10cc2690883e430a36867818d6091364d9c4b2b27853f6081ac64e9dd3b175aac6d6fbbb65e9cd927e860ebc0f"}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x80}, 0x4000)

514.708785ms ago: executing program 0 (id=4927):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000000240)={0x18, r1, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0xfffff000, 0x0, 0x20000800}, 0x14)

514.444106ms ago: executing program 1 (id=4928):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020029, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:00.0/enable\x00', 0x18b042, 0x0)
write$auto(r1, 0x0, 0x9)
semctl$auto_IPC_INFO(0x3, 0x3, 0x3, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x80800, 0x0)
read$auto(r2, 0x0, 0x39b8)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/notify_on_release\x00', 0x20000, 0x0)
pread64$auto(r3, 0x0, 0xb, 0x5c8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x250800, 0x0)
r4 = socket(0x23, 0x80805, 0x0)
listen$auto(r4, 0x4)
poll$auto(&(0x7f0000000000)={<r5=>r4, 0x1963, 0x81}, 0x5, 0x10001)
ioctl$auto_PROCMAP_QUERY(r5, 0xc0686611, &(0x7f0000000040)={0x761f, 0x4, 0x8000000000000000, 0x7, 0xb5b, 0x270b, 0x1, 0x100000000, 0x5, 0x0, 0x7, 0x200, 0x58f, 0x9, 0x5})
r6 = socket(0x25, 0x1, 0x2)
setsockopt$auto(r6, 0x119, 0x80, 0xfffffffffffffffd, 0x10004)
setsockopt$auto(r5, 0x113, 0x3, 0x0, 0x79ad226b)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0)
r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/kernel/bpf_stats_enabled\x00', 0x20200, 0x0)
preadv$auto(r8, &(0x7f0000000240)={0x0, 0x9}, 0xc, 0x9, 0x402)
write$auto(r0, &(0x7f0000000000)='/sys/bus/netdevsim/new_device\x00', 0x792fe55c)
writev$auto(r7, &(0x7f0000000200)={0x0, 0x9}, 0x7)

479.750514ms ago: executing program 0 (id=4929):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x80002, 0x73)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async)
memfd_create$auto(0x0, 0x2) (async)
r1 = fcntl$auto(0xff80000000000000, 0x409, 0x3f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r2) (async)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001a80)={'wg2\x00', <r4=>0x0})
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r2, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)={0x2c, r3, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CABLE_TEST_TDR_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_CABLE_TEST_TDR_CFG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) (async)
fallocate$auto(r1, 0x1, 0xd, 0x5)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x0, 0x0)
ioctl$auto(0x3, 0xc0205647, 0x38)
r6 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x100401, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r7 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r7, 0x0, 0x26, 0x0, 0xc) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000300), r1)
sendmsg$auto_TCP_METRICS_CMD_GET(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="010027bd7000fedbdf2501000000ceb95a74137160835f8461fc8404943555c6ef24b567a653d914cfe05a9154a9818b22f1f8c6ac51941e2522e428f2e21cc8f619227c187c5f6ad0b06d3cd194ce5eb4ba65460fa1a44ce1ed4d8aaa79ef3d65f47654721e1605a6885a18e8c4a81a960d6d8346e7413ad78dd7b64398248358dafbe42d2e8901d8aadab8a93690212d44ba020ad821b61966dfd0a2628d2b44cf170609f6d13eeae6191bf6ffebfeb589c5174a80aabbb4e3f6df00cfe0cf21d4ef083e0f770692b18b97c22fed1687ff1d574b1024aaece0d3b5f7898f5a5d47f599abf23223494f0e89a855ca91ec40b4"], 0x14}, 0x1, 0x0, 0x0, 0x4004055}, 0x400c0c0) (async)
write$auto_evm_xattr_ops_evm_secfs(r6, &(0x7f00000000c0)='.', 0x1) (async)
getsockopt$auto_SO_NO_CHECK(r6, 0x7, 0xb, &(0x7f0000000280)='/dev/video2\x00', &(0x7f00000002c0)=0xe5a3) (async)
r10 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0)
getpgid(0x0)
sendmsg$auto_NL802154_CMD_STOP_BEACONS(r5, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r10, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40100) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x8000, 0x8, 0x8) (async)
syz_clone(0x4001000, 0x0, 0x1b, 0x0, 0x0, 0x0) (async)
mmap$auto(0x0, 0x4000c, 0xdf, 0xbb72, 0x7, 0x28000)

469.093091ms ago: executing program 1 (id=4930):
bpf$auto(0x21, 0x0, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D3\x00', 0x20c00, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
socket(0xa, 0x1, 0x100)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000700)={0x18, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x48000}, 0x4000)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
wait4$auto(0x80000000, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/loop10/queue/add_random\x00', 0x80302, 0x0)
socket(0x10, 0x2, 0x4)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
bpf$auto(0x3, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x8, 0x10017, 0x8020000000a, 0x2, 0x5f, 0x20000000000803, 0x3}, 0x6f0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)

370.498321ms ago: executing program 0 (id=4931):
mmap$auto(0x0, 0x3, 0x80000000000df, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={"e108b5b2d8806e401f4a253b07289954e89f94d4d52da6b2a86bda85babdfd83", 0xf4e0, 0x9, 0x3ff, 0x8000000000000001, 0x50e7})
prctl$auto(0x80003b, 0x4, 0xffffffffffffffff, 0x7fff, 0x9)
mmap$auto(0x0, 0x2020009, 0x283, 0x15, 0xfffffffffffffffa, 0x8000)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130)
futex$auto(&(0x7f0000000080)=0x1, 0x9, 0x1, 0x0, 0x0, 0xfffffffa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8)
ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc)
syz_clone3(&(0x7f000000dd80)={0x80100000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
syz_clone3(&(0x7f000000dd80)={0xa04400, 0x0, 0x0, 0x0, {0x12}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = fsopen$auto(0x0, 0x1)
syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400d0}, 0x800)
fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0)
socketpair$auto(0x800, 0xa, 0x401, 0x0)
futex$auto(&(0x7f0000000080)=0x2, 0xa, 0xf3b, 0x0, 0x0, 0x440a48ce)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
close_range$auto(0x0, 0xfffffffffffff000, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x40000075, 0x400, 0xfffffffffffffffa, 0xeb1, r3, 0x8000)
io_uring_setup$auto(0x1, 0x0)
ioctl$auto(0x3, 0x40086203, 0xffffffffffffffff)
r4 = signalfd$auto(r3, &(0x7f0000000100)={0x3ad1}, 0x0)
poll$auto(&(0x7f0000000140)={r4, 0x9b3, 0x7f}, 0x9, 0x1)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
unlink$auto(&(0x7f0000000380)='./file0\x00')

356.288161ms ago: executing program 1 (id=4932):
socket(0xa, 0x80000, 0x0)
clock_gettime$auto(0x1, 0x0)
ioctl$auto_I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd15\x00', 0x6d88c0, 0x0)
mmap$auto(0x0, 0x1, 0x4, 0x8000000008011, 0x3, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event2\x00', 0xaa402, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
clock_nanosleep$auto(0x2, 0x6, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x1)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x80c2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x80000006, 0x1, 0x9, 0x7, 0x7, 0x8, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xb3, 0x6, 0x8, 0x3, 0xa, 0x7, 0xbd, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x100000, 0x0, [0x2, 0x2, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0xcd1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffff5, 0x4, 0x0, 0xfdffffffffffff81, 0x7, 0x4, 0x0, 0x0, 0x200000000000000, 0x1, 0x200, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x5fffffd, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000380), 0x9, 0xa505}, 0x800}, 0x7, 0x4008)
openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_options\x00', 0x123040, 0x0)
r3 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
inotify_init1$auto(0x3000000000000)
io_uring_setup$auto(0x1d48, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x1e, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(r4, r3)
write$auto(r0, 0x0, 0x100000001)

294.199718ms ago: executing program 0 (id=4933):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = open(0x0, 0x163340, 0x2a)
socket(0x2, 0x3, 0x2)
modify_ldt$auto(0x2, 0xfffffffffffffffc, 0x23b94)
r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r3=>r2, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$auto(r3, 0xaf01, 0xe)
socket(0x2a, 0x2, 0x1)
ioctl$auto(0x3, 0x10, 0xfffffffffffff4e0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
r7 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop4/hctx0/tags_bitmap\x00', 0x101800, 0x0)
r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0)
sendfile$auto(r8, r8, 0x0, 0xd)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r7, &(0x7f00000001c0)=""/70, 0x46)
sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f0000000240)=ANY=[@ANYBLOB="0801", @ANYRES16=r6, @ANYBLOB="080027bd7000fddbdf2569000000060065000900000006004f01090000001700130013c366f9244357d432f6e44cc4bf4e5878fe5d00080002002f247b0005006000080000000500a3000200000045001f00ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e90000005c007580ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b08003800000400000800e600", @ANYRES32=r4, @ANYBLOB="05008a00080042000500f600071a0000000bc38e66a8950ee3ab259a4dffde2016f61a9d1a71fdd267b60e8be22f016b650bbcaa453fb002bcf118f0e96d4b6248efe1352050bde81bcec7d7d37591a1304ff17feb"], 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10)
r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001ec0)='/sys/power/mem_sleep\x00', 0x2402, 0x0)
write$auto(r9, &(0x7f0000000cc0)='\x00\xad\xe8\xc7.\xf0\xb0f\xd2\x02\x00>\x00\xae\x1a\x13I_{\xe8\n\xd4n\x9f\xae\xed\xcd6\x9f\xf6\x01\x00s\xa6\x03y\x97\x0eR\xb8\xb7\xcc\x83\xb8O\xe5\b_\xd0\xd7\xc0+:\x17\x8d\xf4\t\x00\x00\x00`\xdb\x80E|X\xc3\xa4H\xb9\xd8\x03*\x9c\x00\x00\x00\x00\x00\x00\x00[\x1a\fX[\xb8\x91M\xdb\xe7\xdc6w\xb1\x8b9\x9a\x9a\xf9c\x95)b\xff\x80\xd5\xbb\xc9+Ed\xa16?\xab<\xee\x8b\x18\xe6\xf3a]1OZ\x9e\xa9\xb2;H\xbcn}n\xca\x0e\x0e\xd8\xce_2\xe2\xb1@\x8dy\v\xc3\xacH\x9a\t\x8e\xa1g\xa2?\x89\x01\xb9\xf1\xbb%[\xf1L<\xd8\x8c\xd9\x1f\x9e\xfe\xbf\xb2\x95\xb6Y\xba\xaf\'a\xe2\xc3\x9a$c\xad\x82\x13\x1e\xbc\xf3\x1f.\xef\x1es\xb0\xf2I$\x02\x0e\xc8\xf0\x8b\xc7\xd8\x9c\x04\xa6[\xe2Q\xd6\x13\xa8[\xbcP,\xadS\x7f}/>\x13\xbe\\\x8cq(\x06\xdb4', 0x4)
sendmsg$auto_NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={&(0x7f00000029c0)={0xb4c, r6, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_REKEY_DATA={0x2b1, 0x7a, 0x0, 0x1, [@generic="f8bf7da670828cc89e5fcf20a05571af5eb22b42cfd13ab6b0fa9df83d70a979996091ccd74bd34616", @generic="c3bce308d171c90cba8bb672", @nested={0xc3, 0x62, 0x0, 0x1, [@generic="38761d17319d795f75c39a8c340322eb4b9aefd2423f6b9bc498d5b3c9f488102ed6607a2e6631e8b9346f36a75b2cdcd834e79f513d3757e56c431fd42eb1a689b56081774a690dad153b9c5562509acece94207ca9bbbcb7979096ce205b224be06f02473355397f1b27a1876fb3edaf9119aea84423cb2f9f14a903f91e50ce086904831d1fe516edafb08ec928984697b12c163873c1de24c34a43baffce336277b7f75abe8b4acdb64e50be091a2e6ba0c3dd3c19e8029ce57f7d4152"]}, @nested={0x5f, 0x86, 0x0, 0x1, [@nested={0x4, 0x71}, @typed={0x4, 0xa4}, @generic, @generic="155a149570f6", @typed={0x8, 0x2d, 0x0, 0x0, @fd=r9}, @generic="4d5a05afd97f83266003d552dfa209a2a51fffc26850451c16caac930023f4504f3e590eedc32d950a7af5a8d8dfdda53fad16ee8442a432c96e1a04649b985f29", @nested={0x4, 0x7a}]}, @nested={0x154, 0xac, 0x0, 0x1, [@nested={0x4, 0x11}, @nested={0x14b, 0x19, 0x0, 0x1, [@typed={0x14, 0x78, 0x0, 0x0, @ipv6=@remote}, @generic="f4804701c9c8d5f673062fe1ea48006dfe223bfb512f51b9fff85b7b38c902451d7f75c98cbe70e0f083bae1399dad166f6098b8d54258029038dce6474fa7771d0b4d3dec08b61968cfa119cb44ce1e154f7e6357a6308d59e3448d035c1beb2d17fe86ac73756b55d7b54c2a4c7e3ef4ac9a0dc3240dce8c607116176baa", @typed={0x8, 0x126, 0x0, 0x0, @ipv4=@remote}, @typed={0xc, 0x75, 0x0, 0x0, @u64=0x9}, @typed={0xc, 0x3e, 0x0, 0x0, @str='nl80211\x00'}, @generic="2c93", @nested={0x49, 0x1b, 0x0, 0x1, [@generic="e8d246cf88cb3c2d2c54934083d2d0b34c8dc1cc7b9155f8c1e7bdf74d1d9602410604bbbefaee281532f00e4e24d73aa841583ec1ab3d5687ae23c8c1", @nested={0x4, 0x4d}, @nested={0x4, 0x78}]}, @generic="99602ae5c78bb56187be25745a54d2930031b81499a6bde49055fd62b0a55355db5e621bf5f791283178846a091a8a427d8f50e3dde7956a7759a4ba4a9eae36b265020162c2"]}]}]}, @NL80211_ATTR_PMKID={0xb1, 0x55, "44dfa66f5f9962ee10e36b21b5b913763a6dcb3428d3d74257be4d47e3b657f7c6a36391fcccddf3c28f526e1a213b8970b1b77172d31611094fc50b057629690b396ff6fcd5ad2ca77baec09c660fc70183242717590d1ebe29895ff4da34a44858569b5c73365227cc9edf7d68d8d2d1e4b52a7cb5a0786600aef08550bc94674bba7492a0164f871fd90da7bb5c8e7779dff3431028577c67fa10b4e4206fdaf2e6d27306b2ea0fba2ac7a7"}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_KEY_DATA={0x7, 0x7, "97c78a"}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x9}, @NL80211_ATTR_BSS_DUMP_INCLUDE_USE_DATA={0x4}, @NL80211_ATTR_IE={0x781, 0x2a, "ca6579d55f2dc413ced595499a735fce766f6bea10a2750df2887c2bc269f72249283e28ea22768d495a109e63b06e3aad657cf4efaf8b12fca9dfb5898f98531e0f644b2d24e3b2ef005773eceb5ab86c98b1bec0fb49c0837613ba8ca350587a0660b8edb686ea2b3250f8d95b4d0ac4da39d9a02103942d8246a2647bf83ab7dbcbd1af8adebf3d0f1af5f39e3b6bdc703d33bdda869b7d74a4e1bdb72d010a4457accfa4b8193fafbf471defa79ef0b9946aba688c935ebe2a68e0c38d3434213d2b52fc437b9a7adbaf69a4d76da9ea336747d0dec738b2150f55902fb9ed30f7810475d4f300451464d1c9b8daca858bb75dc28c7e8e83bbefb4d59caa5e6d6f10d9345860855c30122b911ef84f30499e55656c7eb37872904c35d747d3e8b05e00df6e0607b0676a787bded36077f17e6f9162b7dabf1b4b69de118b777d70ec0b097639d293a2281aa52e22f4bf88f1bd03bb6062cc57acfe8cb1249aa148d3bc8385c48f99fde05c4c9cdec8d45d62b2d044244333056b98f3ad903cd85ae71e7fc773f3c7e435b347e61aef71ee410c1d5613e711e75c4cb1ec834e92c734f9613e17984a5197a44d099b1b2b80e11d815c2a8b13c5d0516db5b3a467e2fd75f3d7838f346b570f5b714dd19a30042dd5206a93f488fa6d932e3662831ed8af9f277924ace96836212f0e375508ca52e82afe6fb6e68dcad177a8601a42201fa97d01112f9a0b76d3afa95119cafd8852134ca39684888e938b2fad3350b878484c3ff1b92b5d9f06609eee0fd00f67474cb3f87731e0e4fa37769bea3fa991f8780d93ecceb23bfd4efab8e423dbd6518a6ecf4c600ba8271cf9876d94e71f81178936f815f1205e5b2893068b58753191784d0cc5bf49536fe60607fc4785285d8e7f53d2681b072d5af6b9cc4997aa92c41cd37c6dc54c9a052954bc1c66efd045143f85d347a769581b005188304221c28dab04dd3bf5a584a27ce46d97a36b885cdb0b9f2c9e77798ddd40821f79880505d6d6cfd2079529289c6ce08f0c955e79ade97b98a9fe0ba79fb6dcb3353aa4edc98ea71f642339538f02d86f0b016aae2ffd037d71706862f484fc88ac3cdbbf3c977ace0308e3cb8e451dfacbceaec67e45ee2d66013519e09a9889561084f106c980edcec04dcfe691d5843b3b4df90ddb03aa9cd501fb26a29d6c1e7706904fdb8288d7a7ac6828f4fd102eb110cbff5e8b9cc71f6c29d10bea4d8b00cb02a8886227f7a52e1044648c38e4389828b4763e3b2827cf5df7866bd9e8df374d9b9f3b472d93a5d767a5d8530ee36458befb9613f36e8ec4b2467a1f215032126bec8360f9cb04fa64d30e0bb607b15b8b8b6129d7d36d5800df963ddcc8afbb6146a492d92fb452e7c55e02e6ec7bccea0b8a16b821859a17de79fee6207d6f6009362d842c4d9e6ed4b03df24cd3ee3f6132f429003e65d3701f5acc358d7d73ff4e70322414cf44f2faf05f30cc0f2b93a7d64051d97dfc9372f31a3562a24f79b2815c9d63b938b94a37b0d03531da6e00a11cddf8a3d8b1e4beaf3aab03e09aa6d52145351b3d46c246e91f89362a5b51563781f8c532267d4f237a54a64f88ed1e28f6cc9f7a8a843299caf1852d0628698796933ee153ccd3859730105a955a38729ec2ba9da1176451f573241b4dda3896274c89fb427c29de7cb2b0b8caa4be30edf6fc589965fc37ab872b275d0ce2bb215f0b85bd49409c2e54bd214bd5b498beda75554765be9b6a47028eca62acc033256d1f315c0894ab084f4857d1d6b1bd4bd957334469ce2c34bcf43351de97dd484eeff605f25fb4da7ef31c9c2899ada2bb494008c3c655916889122cece8acb2f110c71173786536a3e6fa65af6c6a7976eadd227f8878ae0f8cca115b8067440370146c7f7254befec0828e64c4563187a5b021efbf19e8da00e31818458aa729a039ce6e83c5dfc5cea52a555f1a4d870a4f20481ed241d3eb3eb553205d10ad3a1213db431ebcf84eadf3f72ad4657acfb6d7080ed2913eec5d3ff60d739ae95c3b0d35dc5885c3ff9ed6b2df4290747ef853aadaee48b20f43666cdd9c17c70843e7f0fc02ad2fb48a850487ea31a37012f52d79355709345f86fddc681cd1fbc1204d9ed3b8e2a1c9128f3f650b8c13f7846aecf903c74adf6bc4454081fd1fd15365b9013ea0a978944aaa9bd7ad22fe02bcfa1110660a554674fb0706a39ae07ee58b7510f3af2da5051c9cfe99b76fc9f85ff43120ae71111dd1f104915463dc099f05e80f19c3f89688ce05b3d820525fcc4543fd60f276b76403bb04f8c50aed254d965cda4f544b3d595aec1b9b2a2e9e4fd50b58757b6aa638984a1a7d423b7d8074904c9dc012f184174866844ac3ac795097674e4f10d422773d2bb3748742bad571d99233613c428fd82f1f81f755658eb01e51f50d34d808c29bfb4876252e94983afc628f63aa3b91518d7681bbee87da36dcf30c9b1b2812f73ce57bc5a945b29f8e97f89c9e22b9721225714212f7d4307c01a8b78bee06cf902063e79eaabb91ef9d9bb13b3cda9785cd8a10402c66feb55a4f6c0aa65d6a6b3f9fea4ece31b1df09de32d67c5beaff9f1950d3779ebd12d96639410a1eca13775ea368437a788048c3da1dcb5cc498ccaa35d4c2dd436ba18f74d11cf5a9de13b213a7c4371afd1b10"}, @NL80211_ATTR_MAC_MASK={0x2f, 0xd7, "94d655f1aa78ece36c3012fe8d04bd352b5c5548a6542882601312bc43664967017fd6f04f82ed735776a4"}]}, 0xb4c}, 0x1, 0x0, 0x0, 0xc800}, 0x40000)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
recvmmsg$auto(r0, &(0x7f0000000300)={{0x0, 0x6, &(0x7f0000000280)={0x0, 0x1ff}, 0xc, &(0x7f00000001c0), 0xc, 0xa}, 0x5a57}, 0xd, 0x5, 0x0)
syz_genetlink_get_family_id$auto_ila(0x0, r0)

98.251845ms ago: executing program 1 (id=4934):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0)
close_range$auto(0xffffffffffffffff, r0, 0x1)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x3, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000d00), r1)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fdfffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00"}, 0x4, 0x966, 0x3, @raw=0x3, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
sendmsg$auto_SMC_PNETID_DEL(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010027bd7000fedbdf250300000006000100a90000007b791027cde695b9c61224542e8b213ec6a51f5ff646c624516c56ddb317474ec82b6df4cee573577737bb7fa77b5a69f92b81f6b3fc67ec135af5d4cd0fc2a6ffab901c38142b55bd84bf4a2a"], 0x1c}, 0x1, 0x0, 0x60, 0x40091}, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x6)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/eql/ifalias\x00', 0xb02, 0x0)
r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000280), 0x94001, 0x0)
ioctl$auto_UI_SET_ABSBIT(r5, 0x40045567, &(0x7f0000000300)=0x81)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000000c0)=""/226, 0xe2)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250af4"], 0x1c}}, 0x20008810)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x101002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
open(&(0x7f0000001bc0)='./file0\x00', 0x4142, 0x1)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty57\x00', 0x40741, 0x0)
ioctl$auto(0x3, 0x402c542d, r6)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

97.955264ms ago: executing program 0 (id=4935):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x18, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_0\x00'})
r1 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x100000, 0x0)
pread64$auto(r1, &(0x7f0000000040)='],{(@&&\x00', 0xa1fb, 0x1)
ioctl$auto(0xffffffffffffffff, 0x8004551a, 0xffffffffffffffff)
r2 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000080), 0x404002, 0x0)
r3 = setfsuid$auto(0xee00)
r4 = setfsuid$auto(0xee01)
setresuid$auto(r3, r4, r3)
msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, r4, 0xffffffffffffffff, 0x2, 0x287f, 0xe, 0x3}, 0x0, 0x0, 0x7fffffff, 0x80, 0x1ff, 0x27, 0xfffffffffffffffe, 0x7fff, 0x3, 0x27f, @raw, @raw=0x9})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x2001, 0x8)
r6 = getuid()
r7 = getegid()
r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/radio2\x00', 0x0, 0x0)
ioctl$auto(r8, 0x5646, r8)
read$auto_v4l2_fops_v4l2_dev(r8, &(0x7f0000000280)=""/40, 0x28)
ioctl$auto(0x3, 0x894b, 0x38)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
getsockname$auto(0xffffffffffffffff, 0x0, 0x0)
setregid$auto(r7, r7)
statx$auto(r5, &(0x7f0000001100)='./file0\x00', 0x0, 0x10001, &(0x7f0000001140)={0x3, 0x6, 0x9, 0x8, r6, r7, 0x5, 0x1, 0x3, 0xffff, 0xb, 0xb6, {0x10, 0xfffffffa}, {0x1, 0x2}, {0x5, 0x8001}, {0x8, 0x101}, 0x7e05b10d, 0x7, 0x7b6, 0x1, 0xb, 0x7, 0xa, 0x2, 0x5, 0x3, 0x3, 0x1c5, [0x3ff, 0x2, 0x80000001, 0x8, 0x96, 0x0, 0x20, 0x0, 0xffffffffffff0000]})
fchown$auto(r2, r4, r7)

16.473766ms ago: executing program 1 (id=4936):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DEST(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004f40)={&(0x7f0000000240)={0x18, r1, 0x8574a35e83815fa9, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x4}]}, 0x18}, 0x1, 0xffffff7f, 0x0, 0x20000800}, 0x14)

0s ago: executing program 0 (id=4937):
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
read$auto(0x3, 0x0, 0x80)
r0 = io_uring_setup$auto(0x400, 0x0)
readv$auto(r0, 0x0, 0xfffffffffffffffe)
ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r0, 0x40184150, &(0x7f0000000000)={0x400, &(0x7f0000000080)="343c34f4f67943f8c5a6d2711d70652fee4313d3c1f329685b6b8f550343455f918e27b0ae3b990a62503f6b1b79485b703e972258fd30fd3f816e0224769469ae0e95e67d7bec24093e0401f8d6ddb149aa9b5f3608b78be0181c8e2cdc893887305a16808fb07872887ff1bd5ddef3e00131df8691ad34be8c67c2f273fc0d54a26b7fa4cd627da1600bcac89b6d671c23bbfd8be94856d4718fb18b913e084d7c38ce4b8d", 0x4})
read$auto_lowpan_enable_fops_(r0, &(0x7f0000000100)=""/203, 0xcb)

kernel console output (not intermixed with test programs):

 an up link
[  521.456058][T14578] team0: Port device team_slave_0 added
[  521.503579][T14578] team0: Port device team_slave_1 added
[  521.580304][   T51] Bluetooth: hci3: command tx timeout
[  521.611135][T14578] batman_adv: batadv0: Adding interface: batadv_slave_0
[  521.618087][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  521.721609][T14578] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  521.761632][T14578] batman_adv: batadv0: Adding interface: batadv_slave_1
[  521.768587][T14578] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  521.870412][T14578] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  521.905307][   T74] bridge_slave_1: left allmulticast mode
[  521.913327][   T74] bridge_slave_1: left promiscuous mode
[  521.944143][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.971176][   T74] bridge_slave_0: left allmulticast mode
[  521.976833][   T74] bridge_slave_0: left promiscuous mode
[  522.017736][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  522.295982][   T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  522.322055][   T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  522.337970][   T74] bond0 (unregistering): Released all slaves
[  522.519533][T14578] hsr_slave_0: entered promiscuous mode
[  522.533491][T14578] hsr_slave_1: entered promiscuous mode
[  522.557328][T14578] debugfs: 'hsr0' already exists in 'hsr'
[  522.565093][T14578] Cannot create hsr debugfs directory
[  522.676193][   T74] hsr_slave_0: left promiscuous mode
[  522.692538][   T74] hsr_slave_1: left promiscuous mode
[  522.704442][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  522.727812][   T74] batman_adv: batadv0: Removing interface: batadv_slave_0
[  522.750606][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  522.758004][   T74] batman_adv: batadv0: Removing interface: batadv_slave_1
[  522.783987][   T74] veth1_macvtap: left promiscuous mode
[  522.789484][   T74] veth0_macvtap: left promiscuous mode
[  522.817015][   T74] veth1_vlan: left promiscuous mode
[  522.830205][   T74] veth0_vlan: left promiscuous mode
[  523.162544][   T74] team0 (unregistering): Port device team_slave_1 removed
[  523.178367][   T74] team0 (unregistering): Port device team_slave_0 removed
[  523.662572][   T51] Bluetooth: hci3: command tx timeout
[  523.931743][T14578] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  523.961693][T14578] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  523.986645][T14578] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  524.017028][T14578] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  524.154529][T14578] 8021q: adding VLAN 0 to HW filter on device bond0
[  524.189506][T14578] 8021q: adding VLAN 0 to HW filter on device team0
[  524.214763][   T74] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.221910][   T74] bridge0: port 1(bridge_slave_0) entered forwarding state
[  524.262789][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.269963][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[  524.584487][T14578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  524.662980][T14578] veth0_vlan: entered promiscuous mode
[  524.690565][T14578] veth1_vlan: entered promiscuous mode
[  524.744082][T14578] veth0_macvtap: entered promiscuous mode
[  524.764945][T14578] veth1_macvtap: entered promiscuous mode
[  524.803764][T14578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.840669][T14578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.873084][   T74] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.888208][   T74] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.914446][   T74] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.944334][   T74] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  525.078510][   T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.111373][   T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.128525][ T1157] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  525.150884][ T1157] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  525.271480][T14685] tc_dump_action: action bad kind
[  525.504301][T14694] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  525.563865][T14694] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  525.641491][T14694] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  525.686248][T14694] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  525.739327][T14694] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  525.747695][   T51] Bluetooth: hci3: command tx timeout
[  525.796618][T14694] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  525.820709][T14694] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  525.833076][T14694] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  526.491321][T14717] FAULT_INJECTION: forcing a failure.
[  526.491321][T14717] name failslab, interval 1, probability 0, space 0, times 0
[  526.578477][T14717] CPU: 0 UID: 0 PID: 14717 Comm: syz.3.2266 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  526.578506][T14717] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  526.578513][T14717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  526.578522][T14717] Call Trace:
[  526.578528][T14717]  <TASK>
[  526.578534][T14717]  dump_stack_lvl+0x100/0x190
[  526.578563][T14717]  should_fail_ex.cold+0x5/0xa
[  526.578589][T14717]  should_failslab+0xc2/0x120
[  526.578605][T14717]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  526.578631][T14717]  ? kstrdup_const+0x63/0x80
[  526.578659][T14717]  kstrdup+0x51/0xe0
[  526.578682][T14717]  kstrdup_const+0x63/0x80
[  526.578705][T14717]  alloc_vfsmnt+0xe5/0x6a0
[  526.578752][T14717]  ? __pfx___might_resched+0x10/0x10
[  526.578775][T14717]  clone_mnt+0x4b/0x930
[  526.578798][T14717]  copy_tree+0xfc/0xbf0
[  526.578812][T14717]  ? __pfx_down_write+0x10/0x10
[  526.578892][T14717]  copy_mnt_ns+0x2bd/0xc30
[  526.578911][T14717]  ? create_new_namespaces+0x30/0xac0
[  526.578927][T14717]  ? rcu_is_watching+0x12/0xc0
[  526.578951][T14717]  create_new_namespaces+0xd3/0xac0
[  526.578966][T14717]  ? bpf_lsm_capable+0x9/0x10
[  526.578981][T14717]  ? security_capable+0x80/0x260
[  526.579005][T14717]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  526.579023][T14717]  ksys_unshare+0x473/0xad0
[  526.579042][T14717]  ? __pfx_ksys_unshare+0x10/0x10
[  526.579067][T14717]  __x64_sys_unshare+0x31/0x40
[  526.579085][T14717]  do_syscall_64+0x106/0xf80
[  526.579102][T14717]  ? clear_bhb_loop+0x40/0x90
[  526.579120][T14717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.579135][T14717] RIP: 0033:0x7fe0dab9c799
[  526.579150][T14717] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  526.579171][T14717] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  526.579187][T14717] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  526.579198][T14717] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000
[  526.579206][T14717] RBP: 00007fe0dac32c99 R08: 0000000000000000 R09: 0000000000000000
[  526.579216][T14717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  526.579225][T14717] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  526.579246][T14717]  </TASK>
[  527.039208][T14741] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2271'.
[  527.600589][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  527.606627][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  527.664728][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  527.820007][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  528.260535][T14770] vivid-007: =================  START STATUS  =================
[  528.296005][T14770] vivid-007: Generate PTS: true
[  528.325519][T14770] vivid-007: Generate SCR: true
[  528.355176][T14770] tpg source WxH: 320x240 (Y'CbCr)
[  528.377898][T14770] tpg field: 1
[  528.398420][T14770] tpg crop: (0,0)/320x240
[  528.459350][T14770] tpg compose: (0,0)/320x240
[  528.521507][T14770] tpg colorspace: 8
[  528.525334][T14770] tpg transfer function: 0/0
[  528.574814][T14770] tpg Y'CbCr encoding: 0/0
[  528.602848][T14770] tpg quantization: 0/0
[  528.619579][T14770] tpg RGB range: 0/2
[  528.665652][T14770] vivid-007: ==================  END STATUS  ==================
[  528.741809][T14783] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2284'.
[  529.740276][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  529.900728][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  529.998413][T14803] binder: 14802:14803 ioctl 40085400 5 returned -22
[  530.501402][T14816] tc_dump_action: action bad kind
[  530.901849][T14830] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  531.009628][T14827] zswap: compressor  not available
[  531.411546][T14845] vivid-007: =================  START STATUS  =================
[  531.467855][T14845] vivid-007: Generate PTS: true
[  531.529209][T14845] vivid-007: Generate SCR: true
[  531.584943][T14845] tpg source WxH: 320x240 (Y'CbCr)
[  531.624401][T14845] tpg field: 1
[  531.694546][T14845] tpg crop: (0,0)/320x240
[  531.719939][T14845] tpg compose: (0,0)/320x240
[  531.771602][T14845] tpg colorspace: 8
[  531.804435][T14845] tpg transfer function: 0/0
[  531.821449][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  531.876300][T14845] tpg Y'CbCr encoding: 0/0
[  531.979968][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  532.025213][T14845] tpg quantization: 0/0
[  532.087794][T14845] tpg RGB range: 0/2
[  532.123790][T14845] vivid-007: ==================  END STATUS  ==================
[  532.393914][T14861] FAULT_INJECTION: forcing a failure.
[  532.393914][T14861] name failslab, interval 1, probability 0, space 0, times 0
[  532.448758][T14861] CPU: 0 UID: 0 PID: 14861 Comm: syz.1.2300 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  532.448787][T14861] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  532.448792][T14861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  532.448802][T14861] Call Trace:
[  532.448808][T14861]  <TASK>
[  532.448814][T14861]  dump_stack_lvl+0x100/0x190
[  532.448843][T14861]  should_fail_ex.cold+0x5/0xa
[  532.448862][T14861]  should_failslab+0xc2/0x120
[  532.448878][T14861]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  532.448903][T14861]  ? kstrdup_const+0x63/0x80
[  532.448928][T14861]  kstrdup+0x51/0xe0
[  532.448951][T14861]  kstrdup_const+0x63/0x80
[  532.448972][T14861]  alloc_vfsmnt+0xe5/0x6a0
[  532.448990][T14861]  ? __pfx___might_resched+0x10/0x10
[  532.449012][T14861]  clone_mnt+0x4b/0x930
[  532.449035][T14861]  copy_tree+0xfc/0xbf0
[  532.449049][T14861]  ? __pfx_down_write+0x10/0x10
[  532.449074][T14861]  copy_mnt_ns+0x2bd/0xc30
[  532.449091][T14861]  ? create_new_namespaces+0x30/0xac0
[  532.449106][T14861]  ? rcu_is_watching+0x12/0xc0
[  532.449131][T14861]  create_new_namespaces+0xd3/0xac0
[  532.449145][T14861]  ? bpf_lsm_capable+0x9/0x10
[  532.449169][T14861]  ? security_capable+0x80/0x260
[  532.449194][T14861]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  532.449212][T14861]  ksys_unshare+0x473/0xad0
[  532.449233][T14861]  ? __pfx_ksys_unshare+0x10/0x10
[  532.449259][T14861]  __x64_sys_unshare+0x31/0x40
[  532.449278][T14861]  do_syscall_64+0x106/0xf80
[  532.449295][T14861]  ? clear_bhb_loop+0x40/0x90
[  532.449314][T14861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.449329][T14861] RIP: 0033:0x7fcdee59c799
[  532.449343][T14861] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  532.449358][T14861] RSP: 002b:00007fcdef486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  532.449373][T14861] RAX: ffffffffffffffda RBX: 00007fcdee815fa0 RCX: 00007fcdee59c799
[  532.449384][T14861] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000
[  532.449392][T14861] RBP: 00007fcdee632c99 R08: 0000000000000000 R09: 0000000000000000
[  532.449402][T14861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  532.449411][T14861] R13: 00007fcdee816038 R14: 00007fcdee815fa0 R15: 00007ffd3578c858
[  532.449431][T14861]  </TASK>
[  533.751585][T14881] netlink: 'syz.2.2306': attribute type 11 has an invalid length.
[  533.892532][T14883] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  534.393031][T14873] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  534.421684][T14873] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  534.448111][T14873] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  534.497660][T14873] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  534.588026][T14888] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2309'.
[  534.850574][T14890] netlink: 'syz.2.2310': attribute type 11 has an invalid length.
[  535.026671][T14901] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  535.145211][T14899] zswap: compressor  not available
[  535.901149][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  536.084833][T14925] openvswitch: netlink: Duplicate or invalid key (type 0).
[  536.186715][   T74] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  536.459918][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  536.465990][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  536.540749][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  536.873354][T14919] kexec: Could not allocate control_code_buffer
[  536.952203][T14931] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  536.976653][T14931] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  537.006617][T14931] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  537.025725][T14931] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  537.885146][T14964] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.2328'.
[  538.301250][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  538.604086][T14988] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  538.745686][T14985] zswap: compressor  not available
[  539.020089][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  539.026262][ T5833] Bluetooth: hci2: command 0x0c1a tx timeout
[  539.049486][T15004] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  539.100146][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  539.187071][T15002] zswap: compressor  not available
[  539.344761][T15014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2343'.
[  539.779183][T15029] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  539.938569][T15025] zswap: compressor  not available
[  540.237240][T15048] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.2354'.
[  540.440162][T15055] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2355'.
[  541.943853][T15089] netlink: 'syz.2.2367': attribute type 1 has an invalid length.
[  542.031666][T15092] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2368'.
[  542.948313][T15124] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2379'.
[  544.514551][T15164] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2389'.
[  545.754071][T15193] netlink: 206 bytes leftover after parsing attributes in process `syz.1.2398'.
[  546.756612][T15213] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  546.899107][T15210] zswap: compressor  not available
[  548.629981][   T51] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5
[  548.800559][   T51] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  548.807674][   T51] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  548.824486][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  548.824525][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x74
[  548.832754][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x1c
[  548.839776][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x5f
[  548.848100][   T51] Bluetooth: hci3: Malformed LE Event: 0x0d
[  548.950159][T15250] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2415'.
[  550.348527][T15286] netlink: 'syz.0.2433': attribute type 27 has an invalid length.
[  550.393713][T15286] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2433'.
[  550.404968][T15290] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2426'.
[  550.670125][   T51] Bluetooth: hci4: unexpected event 0x1c length: 725 > 5
[  550.851343][T15300] netlink: 472 bytes leftover after parsing attributes in process `syz.0.2430'.
[  550.895485][   T51] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  550.895511][   T51] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260
[  550.910707][   T51] Bluetooth: hci4: Unknown advertising packet type: 0x7f
[  550.910745][   T51] Bluetooth: hci4: adv larger than maximum supported
[  550.918192][   T51] Bluetooth: hci4: Unknown advertising packet type: 0x1e
[  550.928353][   T51] Bluetooth: hci4: adv larger than maximum supported
[  550.935625][   T51] Bluetooth: hci4: Malformed LE Event: 0x0d
[  551.537426][T15315] netlink: 206 bytes leftover after parsing attributes in process `syz.0.2436'.
[  551.844671][T15324] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2439'.
[  552.266906][T15337] netlink: 'syz.2.2444': attribute type 11 has an invalid length.
[  553.301926][   T51] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5
[  553.444352][   T51] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  553.454079][   T51] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  553.469963][   T51] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  553.469982][   T51] Bluetooth: hci2: Unknown advertising packet type: 0x3f
[  553.477014][   T51] Bluetooth: hci2: Malformed LE Event: 0x0d
[  554.201408][T15369] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2450'.
[  554.609250][T15375] netlink: 206 bytes leftover after parsing attributes in process `syz.3.2454'.
[  554.895375][T15385] kexec: Could not allocate control_code_buffer
[  555.097440][T15394] netlink: 'syz.2.2460': attribute type 11 has an invalid length.
[  555.117224][T15396] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2461'.
[  557.651908][T15462] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  557.813015][T15458] zswap: compressor  not available
[  558.394458][T15478] zswap: compressor  not available
[  558.740535][T15492] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2486'.
[  559.041173][T15496] FAULT_INJECTION: forcing a failure.
[  559.041173][T15496] name fail_futex, interval 1, probability 0, space 0, times 0
[  559.111642][T15496] CPU: 0 UID: 0 PID: 15496 Comm: syz.1.2487 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  559.111687][T15496] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  559.111698][T15496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  559.111714][T15496] Call Trace:
[  559.111720][T15496]  <TASK>
[  559.111726][T15496]  dump_stack_lvl+0x100/0x190
[  559.111755][T15496]  should_fail_ex.cold+0x5/0xa
[  559.111774][T15496]  get_futex_key+0x295/0x1620
[  559.111795][T15496]  ? __pfx_get_futex_key+0x10/0x10
[  559.111819][T15496]  futex_wake_op+0x16a/0xdc0
[  559.111839][T15496]  ? get_pid_task+0xfc/0x250
[  559.111862][T15496]  ? __pfx_futex_wake_op+0x10/0x10
[  559.111882][T15496]  ? proc_fail_nth_write+0x9f/0x220
[  559.111901][T15496]  ? find_held_lock+0x2b/0x80
[  559.111920][T15496]  ? ksys_write+0x190/0x250
[  559.111934][T15496]  ? ksys_write+0x190/0x250
[  559.111951][T15496]  do_futex+0x2f1/0x350
[  559.111970][T15496]  ? __pfx_do_futex+0x10/0x10
[  559.111993][T15496]  __x64_sys_futex+0x34f/0x4d0
[  559.112013][T15496]  ? fput+0x79/0x100
[  559.112029][T15496]  ? __pfx___x64_sys_futex+0x10/0x10
[  559.112047][T15496]  ? ksys_write+0x1ac/0x250
[  559.112059][T15496]  ? __pfx_ksys_write+0x10/0x10
[  559.112078][T15496]  do_syscall_64+0x106/0xf80
[  559.112098][T15496]  ? clear_bhb_loop+0x40/0x90
[  559.112117][T15496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.112132][T15496] RIP: 0033:0x7fcdee59c799
[  559.112144][T15496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  559.112159][T15496] RSP: 002b:00007fcdef486028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  559.112173][T15496] RAX: ffffffffffffffda RBX: 00007fcdee815fa0 RCX: 00007fcdee59c799
[  559.112183][T15496] RDX: 0000000000000007 RSI: 0000000000000005 RDI: 0000200000001d00
[  559.112192][T15496] RBP: 00007fcdef486090 R08: 0000200000001d80 R09: 0000000000000401
[  559.112201][T15496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  559.112210][T15496] R13: 00007fcdee816038 R14: 00007fcdee815fa0 R15: 00007ffd3578c858
[  559.112228][T15496]  </TASK>
[  559.567135][T15500] tc_dump_action: action bad kind
[  560.884523][T15516] kexec: Could not allocate control_code_buffer
[  561.736285][T15562] nbd: must specify at least one socket
[  561.980776][T15567] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2511'.
[  562.950462][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  562.957831][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  563.416017][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  563.430274][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  563.438376][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  563.446396][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  563.469890][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  563.692640][T15606] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2522'.
[  564.223486][T10146] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.393791][T15598] chnl_net:caif_netlink_parms(): no params data found
[  564.637992][T10146] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  564.662161][T15607] zswap: compressor û not available
[  564.937583][T10146] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.118958][T10146] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.438483][T10146] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.496615][T15598] bridge0: port 1(bridge_slave_0) entered blocking state
[  565.505426][ T5833] Bluetooth: hci0: command tx timeout
[  565.531794][T15598] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.567381][T15598] bridge_slave_0: entered allmulticast mode
[  565.597878][T15598] bridge_slave_0: entered promiscuous mode
[  565.635803][T15598] bridge0: port 2(bridge_slave_1) entered blocking state
[  565.669491][T15598] bridge0: port 2(bridge_slave_1) entered disabled state
[  565.697468][T15598] bridge_slave_1: entered allmulticast mode
[  565.721233][T15598] bridge_slave_1: entered promiscuous mode
[  565.912777][T15598] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  565.967094][T15598] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  566.156633][T15598] team0: Port device team_slave_0 added
[  566.190604][T15598] team0: Port device team_slave_1 added
[  566.350842][T15598] batman_adv: batadv0: Adding interface: batadv_slave_0
[  566.369328][T15651] zswap: compressor  not available
[  566.385495][T15598] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  566.456469][ T5833] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5
[  566.472430][T15598] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  566.567526][T10146] team0: left allmulticast mode
[  566.575607][T10146] team_slave_0: left allmulticast mode
[  566.583885][ T5833] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  566.583933][ T5833] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  566.600123][ T5833] bt_err_ratelimited: 2 callbacks suppressed
[  566.600136][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  566.606174][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x51
[  566.613438][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x50
[  566.620695][ T5833] Bluetooth: hci2: adv larger than maximum supported
[  566.628263][ T5833] Bluetooth: hci2: adv larger than maximum supported
[  566.635110][ T5833] Bluetooth: hci2: Malformed LE Event: 0x0d
[  566.661372][T10146] team_slave_1: left allmulticast mode
[  566.678186][T10146] team0: left promiscuous mode
[  566.697957][T10146] team_slave_0: left promiscuous mode
[  566.715722][T10146] team_slave_1: left promiscuous mode
[  566.735085][T10146] bridge0: port 3(team0) entered disabled state
[  566.821153][T10146] bridge_slave_1: left allmulticast mode
[  566.842593][T10146] bridge_slave_1: left promiscuous mode
[  566.848381][T10146] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.904332][T10146] bridge_slave_0: left allmulticast mode
[  566.916902][T10146] bridge_slave_0: left promiscuous mode
[  566.936152][T10146] bridge0: port 1(bridge_slave_0) entered disabled state
[  567.579959][ T5833] Bluetooth: hci0: command tx timeout
[  567.657620][T10146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  567.792251][T10146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  567.864121][T10146] bond0 (unregistering): Released all slaves
[  567.908115][T15598] batman_adv: batadv0: Adding interface: batadv_slave_1
[  567.935945][T15598] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  568.040247][T15598] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  568.077409][T10146] HfR: left promiscuous mode
[  568.339164][T15598] hsr_slave_0: entered promiscuous mode
[  568.379538][T15598] hsr_slave_1: entered promiscuous mode
[  568.397550][T15598] debugfs: 'hsr0' already exists in 'hsr'
[  568.424448][T15598] Cannot create hsr debugfs directory
[  568.459678][T10146] i: left promiscuous mode
[  569.279736][T10146] hsr_slave_0: left promiscuous mode
[  569.314646][T10146] hsr_slave_1: left promiscuous mode
[  569.336451][T10146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  569.372057][T10146] batman_adv: batadv0: Removing interface: batadv_slave_0
[  569.409739][T10146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.438664][T10146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  569.476127][T10146] veth1_macvtap: left promiscuous mode
[  569.493583][T10146] veth0_macvtap: left promiscuous mode
[  569.662539][ T5833] Bluetooth: hci0: command tx timeout
[  569.825637][T15696] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  570.014600][T10146] team0 (unregistering): Port device team_slave_1 removed
[  570.067061][T10146] team0 (unregistering): Port device team_slave_0 removed
[  571.238790][T15713] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2543'.
[  571.745120][ T5833] Bluetooth: hci0: command tx timeout
[  572.015389][T15598] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  572.097268][T15598] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  572.231745][T15734] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  572.554294][T15598] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  572.798673][T15598] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  573.684654][ T5833] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5
[  573.809173][T15763] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2552'.
[  573.851243][T15598] 8021q: adding VLAN 0 to HW filter on device bond0
[  573.863415][ T5833] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  573.863440][ T5833] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  573.881404][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  573.881426][ T5833] Bluetooth: hci2: Unknown advertising packet type: 0x5b
[  573.888515][ T5833] Bluetooth: hci2: adv larger than maximum supported
[  573.896000][ T5833] Bluetooth: hci2: Malformed LE Event: 0x0d
[  573.977302][T15598] 8021q: adding VLAN 0 to HW filter on device team0
[  574.044800][  T150] bridge0: port 1(bridge_slave_0) entered blocking state
[  574.051953][  T150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  574.215320][   T74] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.222480][   T74] bridge0: port 2(bridge_slave_1) entered forwarding state
[  574.872188][T15598] 8021q: adding VLAN 0 to HW filter on device batadv0
[  575.016166][T15598] veth0_vlan: entered promiscuous mode
[  575.075278][T15598] veth1_vlan: entered promiscuous mode
[  575.216825][T15598] veth0_macvtap: entered promiscuous mode
[  575.263491][T15598] veth1_macvtap: entered promiscuous mode
[  575.345077][T15806] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  575.354275][T15598] batman_adv: batadv0: Interface activated: batadv_slave_0
[  575.415979][T15598] batman_adv: batadv0: Interface activated: batadv_slave_1
[  575.585565][T10146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  575.630291][T10146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  575.706798][T10146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  575.745403][T10146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  576.115366][  T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.158273][  T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  576.268592][   T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  576.322824][   T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  576.770172][T15837] nbd: must specify a size in bytes for the device
[  577.062637][T15841] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2563'.
[  577.083147][ T5833] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5
[  577.267496][ T5833] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  577.279890][ T5833] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  577.295208][ T5833] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  577.295225][ T5833] Bluetooth: hci3: Unknown advertising packet type: 0x39
[  577.302549][ T5833] Bluetooth: hci3: Unknown advertising packet type: 0x75
[  577.309573][ T5833] Bluetooth: hci3: Malformed LE Event: 0x0d
[  577.716187][T15860] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  578.487393][T15876] nbd: must specify a size in bytes for the device
[  579.311316][T15894] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2575'.
[  580.309432][T15916] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  580.660605][T15925] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  580.797463][T15928] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2584'.
[  581.687086][T15953] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2590'.
[  581.934035][T15961] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  582.157765][T15967] nbd: must specify at least one socket
[  583.322664][T16000] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.2602'.
[  583.576026][T16004] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2603'.
[  583.857322][T15995] zswap: compressor û not available
[  583.882357][T16013] nbd: must specify at least one socket
[  584.248407][T16018] zswap: compressor  not available
[  584.799093][T16044] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2615'.
[  585.541799][T16049] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  585.693666][T16062] zswap: compressor  not available
[  585.714059][T16045] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2614'.
[  586.251451][T16063] FAULT_INJECTION: forcing a failure.
[  586.251451][T16063] name fail_futex, interval 1, probability 0, space 0, times 0
[  586.304504][T16063] CPU: 0 UID: 0 PID: 16063 Comm: syz.3.2619 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  586.304531][T16063] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  586.304537][T16063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  586.304546][T16063] Call Trace:
[  586.304551][T16063]  <TASK>
[  586.304557][T16063]  dump_stack_lvl+0x100/0x190
[  586.304584][T16063]  should_fail_ex.cold+0x5/0xa
[  586.304602][T16063]  get_futex_key+0x107c/0x1620
[  586.304622][T16063]  ? __pfx_get_futex_key+0x10/0x10
[  586.304638][T16063]  ? lock_acquire+0x1cf/0x380
[  586.304663][T16063]  futex_wake+0xea/0x530
[  586.304685][T16063]  ? __pfx_futex_wake+0x10/0x10
[  586.304707][T16063]  ? exit_mm_release+0x19/0x30
[  586.304730][T16063]  do_futex+0x32b/0x350
[  586.304749][T16063]  ? __pfx_do_futex+0x10/0x10
[  586.304766][T16063]  ? __might_fault+0xc5/0x140
[  586.304792][T16063]  mm_release+0x24a/0x2f0
[  586.304807][T16063]  do_exit+0x704/0x2b60
[  586.304829][T16063]  ? __pfx_do_exit+0x10/0x10
[  586.304847][T16063]  ? do_raw_spin_lock+0x128/0x260
[  586.304867][T16063]  ? find_held_lock+0x2b/0x80
[  586.304880][T16063]  ? get_signal+0x7e0/0x21e0
[  586.304897][T16063]  do_group_exit+0xd5/0x2a0
[  586.304917][T16063]  get_signal+0x1ec7/0x21e0
[  586.304939][T16063]  ? __pfx_get_signal+0x10/0x10
[  586.304955][T16063]  ? do_futex+0x192/0x350
[  586.304975][T16063]  arch_do_signal_or_restart+0x91/0x770
[  586.304996][T16063]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  586.305019][T16063]  ? __pfx___x64_sys_futex+0x10/0x10
[  586.305041][T16063]  exit_to_user_mode_loop+0x86/0x4a0
[  586.305063][T16063]  do_syscall_64+0x668/0xf80
[  586.305081][T16063]  ? clear_bhb_loop+0x40/0x90
[  586.305099][T16063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.305114][T16063] RIP: 0033:0x7fe0dab9c799
[  586.305127][T16063] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  586.305142][T16063] RSP: 002b:00007fe0d8dcd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  586.305157][T16063] RAX: fffffffffffffe00 RBX: 00007fe0dae16098 RCX: 00007fe0dab9c799
[  586.305166][T16063] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe0dae16098
[  586.305175][T16063] RBP: 00007fe0dae16090 R08: 0000000000000000 R09: 0000000000000000
[  586.305184][T16063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  586.305192][T16063] R13: 00007fe0dae16128 R14: 00007ffd71a0d310 R15: 00007ffd71a0d3f8
[  586.305211][T16063]  </TASK>
[  589.154692][T16119] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  589.686326][T16111] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2632'.
[  590.010756][T16148] FAULT_INJECTION: forcing a failure.
[  590.010756][T16148] name failslab, interval 1, probability 0, space 0, times 0
[  590.080255][T16148] CPU: 0 UID: 0 PID: 16148 Comm: syz.1.2640 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  590.080282][T16148] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  590.080288][T16148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  590.080297][T16148] Call Trace:
[  590.080302][T16148]  <TASK>
[  590.080308][T16148]  dump_stack_lvl+0x100/0x190
[  590.080335][T16148]  should_fail_ex.cold+0x5/0xa
[  590.080353][T16148]  should_failslab+0xc2/0x120
[  590.080369][T16148]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  590.080391][T16148]  ? taskstats_exit+0x650/0xbd0
[  590.080419][T16148]  taskstats_exit+0x650/0xbd0
[  590.080441][T16148]  ? __pfx_acct_update_integrals+0x10/0x10
[  590.080465][T16148]  ? __pfx_taskstats_exit+0x10/0x10
[  590.080488][T16148]  ? rcu_read_lock_any_held+0x6a/0xa0
[  590.080503][T16148]  ? exit_signals+0x395/0xaf0
[  590.080520][T16148]  do_exit+0x659/0x2b60
[  590.080542][T16148]  ? __pfx_do_exit+0x10/0x10
[  590.080560][T16148]  ? do_raw_spin_lock+0x128/0x260
[  590.080581][T16148]  ? find_held_lock+0x2b/0x80
[  590.080594][T16148]  ? get_signal+0x7e0/0x21e0
[  590.080610][T16148]  do_group_exit+0xd5/0x2a0
[  590.080630][T16148]  get_signal+0x1ec7/0x21e0
[  590.080652][T16148]  ? __pfx_get_signal+0x10/0x10
[  590.080668][T16148]  ? do_futex+0x192/0x350
[  590.080689][T16148]  arch_do_signal_or_restart+0x91/0x770
[  590.080708][T16148]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  590.080731][T16148]  ? __pfx___x64_sys_futex+0x10/0x10
[  590.080754][T16148]  exit_to_user_mode_loop+0x86/0x4a0
[  590.080775][T16148]  do_syscall_64+0x668/0xf80
[  590.080793][T16148]  ? clear_bhb_loop+0x40/0x90
[  590.080811][T16148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  590.080826][T16148] RIP: 0033:0x7fcdee59c799
[  590.080839][T16148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  590.080853][T16148] RSP: 002b:00007fcdef4860e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  590.080868][T16148] RAX: fffffffffffffe00 RBX: 00007fcdee815fa8 RCX: 00007fcdee59c799
[  590.080877][T16148] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcdee815fa8
[  590.080886][T16148] RBP: 00007fcdee815fa0 R08: 0000000000000000 R09: 0000000000000000
[  590.080895][T16148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  590.080903][T16148] R13: 00007fcdee816038 R14: 00007ffd3578c770 R15: 00007ffd3578c858
[  590.080922][T16148]  </TASK>
[  592.419484][T16187] FAULT_INJECTION: forcing a failure.
[  592.419484][T16187] name failslab, interval 1, probability 0, space 0, times 0
[  592.589529][T16187] CPU: 0 UID: 0 PID: 16187 Comm: syz.0.2652 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  592.589559][T16187] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  592.589565][T16187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  592.589574][T16187] Call Trace:
[  592.589579][T16187]  <TASK>
[  592.589585][T16187]  dump_stack_lvl+0x100/0x190
[  592.589612][T16187]  should_fail_ex.cold+0x5/0xa
[  592.589632][T16187]  should_failslab+0xc2/0x120
[  592.589650][T16187]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  592.589672][T16187]  ? security_inode_alloc+0x3b/0x2c0
[  592.589696][T16187]  ? lockdep_init_map_type+0x5c/0x250
[  592.589718][T16187]  security_inode_alloc+0x3b/0x2c0
[  592.589740][T16187]  inode_init_always_gfp+0xced/0x1040
[  592.589759][T16187]  alloc_inode+0x8e/0x250
[  592.589778][T16187]  new_inode+0x22/0x1c0
[  592.589801][T16187]  configfs_new_inode+0x24/0x4a0
[  592.589825][T16187]  configfs_create+0xd9/0x370
[  592.589848][T16187]  configfs_lookup+0x38f/0x780
[  592.589866][T16187]  lookup_open.isra.0+0x631/0x11b0
[  592.589891][T16187]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  592.589927][T16187]  ? mnt_get_write_access+0x1e9/0x2f0
[  592.589950][T16187]  path_openat+0xa98/0x31a0
[  592.589972][T16187]  ? __pfx_path_openat+0x10/0x10
[  592.589994][T16187]  do_file_open+0x20e/0x430
[  592.590011][T16187]  ? __pfx_do_file_open+0x10/0x10
[  592.590040][T16187]  ? alloc_fd+0x476/0x790
[  592.590063][T16187]  ? do_getname+0x191/0x390
[  592.590084][T16187]  do_sys_openat2+0x10d/0x1e0
[  592.590103][T16187]  ? __pfx_do_sys_openat2+0x10/0x10
[  592.590124][T16187]  ? __x64_sys_close_range+0x2d9/0x5d0
[  592.590145][T16187]  __x64_sys_openat+0x12d/0x210
[  592.590165][T16187]  ? __pfx___x64_sys_openat+0x10/0x10
[  592.590192][T16187]  do_syscall_64+0x106/0xf80
[  592.590209][T16187]  ? clear_bhb_loop+0x40/0x90
[  592.590227][T16187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.590243][T16187] RIP: 0033:0x7f950739c799
[  592.590257][T16187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  592.590271][T16187] RSP: 002b:00007f95082f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  592.590285][T16187] RAX: ffffffffffffffda RBX: 00007f9507615fa0 RCX: 00007f950739c799
[  592.590295][T16187] RDX: 0000000000109103 RSI: 0000200000001280 RDI: ffffffffffffff9c
[  592.590305][T16187] RBP: 00007f9507432c99 R08: 0000000000000000 R09: 0000000000000000
[  592.590314][T16187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  592.590322][T16187] R13: 00007f9507616038 R14: 00007f9507615fa0 R15: 00007ffe39e509a8
[  592.590342][T16187]  </TASK>
[  593.580669][T16194] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  594.104009][T16194] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  596.807053][ T5833] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  597.130434][ T5833] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  597.137526][ T5833] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  597.152660][ T5833] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  597.152695][ T5833] Bluetooth: hci0: Unknown advertising packet type: 0x78
[  597.161100][ T5833] Bluetooth: hci0: adv larger than maximum supported
[  597.168272][ T5833] Bluetooth: hci0: Malformed LE Event: 0x0d
[  597.913312][T16270] FAULT_INJECTION: forcing a failure.
[  597.913312][T16270] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  598.001339][T16270] CPU: 0 UID: 0 PID: 16270 Comm: syz.3.2672 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  598.001367][T16270] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  598.001372][T16270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  598.001382][T16270] Call Trace:
[  598.001387][T16270]  <TASK>
[  598.001393][T16270]  dump_stack_lvl+0x100/0x190
[  598.001420][T16270]  should_fail_ex.cold+0x5/0xa
[  598.001438][T16270]  _copy_to_iter+0x5a4/0x1720
[  598.001571][T16270]  ? find_held_lock+0x2b/0x80
[  598.001593][T16270]  ? __pfx__copy_to_iter+0x10/0x10
[  598.001618][T16270]  ? do_raw_read_unlock+0x3f/0x70
[  598.001639][T16270]  ? _raw_read_unlock+0x28/0x50
[  598.001656][T16270]  ? l2cap_debugfs_show+0x229/0x3d0
[  598.001719][T16270]  seq_read_iter+0xdab/0x1270
[  598.001751][T16270]  seq_read+0x33b/0x4c0
[  598.001773][T16270]  ? __pfx_seq_read+0x10/0x10
[  598.001808][T16270]  full_proxy_read+0x135/0x1a0
[  598.001865][T16270]  ? __pfx_full_proxy_read+0x10/0x10
[  598.001883][T16270]  vfs_read+0x1e4/0xb30
[  598.001909][T16270]  ? __pfx_vfs_read+0x10/0x10
[  598.001931][T16270]  ? __fget_files+0x215/0x3d0
[  598.001948][T16270]  ? __fget_files+0x21f/0x3d0
[  598.001967][T16270]  ksys_read+0x12a/0x250
[  598.001989][T16270]  ? __pfx_ksys_read+0x10/0x10
[  598.002016][T16270]  do_syscall_64+0x106/0xf80
[  598.002034][T16270]  ? clear_bhb_loop+0x40/0x90
[  598.002053][T16270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  598.002069][T16270] RIP: 0033:0x7fe0dab9c799
[  598.002082][T16270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  598.002096][T16270] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  598.002111][T16270] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  598.002121][T16270] RDX: 0000000000000007 RSI: 00002000000001c0 RDI: 0000000000000003
[  598.002130][T16270] RBP: 00007fe0d8dee090 R08: 0000000000000000 R09: 0000000000000000
[  598.002138][T16270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  598.002147][T16270] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  598.002167][T16270]  </TASK>
[  600.436840][T16324] zswap: compressor  not available
[  601.035788][T16357] FAULT_INJECTION: forcing a failure.
[  601.035788][T16357] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  601.089005][T16357] CPU: 0 UID: 0 PID: 16357 Comm: syz.0.2696 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  601.089032][T16357] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  601.089038][T16357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  601.089047][T16357] Call Trace:
[  601.089052][T16357]  <TASK>
[  601.089058][T16357]  dump_stack_lvl+0x100/0x190
[  601.089086][T16357]  should_fail_ex.cold+0x5/0xa
[  601.089104][T16357]  _copy_to_iter+0x1f3/0x1720
[  601.089131][T16357]  ? show_trace_dev_match+0x1d1/0x2e0
[  601.089238][T16357]  ? __pfx__copy_to_iter+0x10/0x10
[  601.089261][T16357]  ? kernfs_seq_stop+0xcd/0x120
[  601.089280][T16357]  ? kernfs_put_active+0x93/0xe0
[  601.089305][T16357]  seq_read_iter+0xdab/0x1270
[  601.089336][T16357]  kernfs_fop_read_iter+0x46c/0x610
[  601.089352][T16357]  ? rw_verify_area+0xce/0x6d0
[  601.089380][T16357]  ? __pfx_kernfs_fop_read_iter+0x10/0x10
[  601.089398][T16357]  vfs_read+0x825/0xb30
[  601.089423][T16357]  ? __pfx_vfs_read+0x10/0x10
[  601.089457][T16357]  ksys_read+0x12a/0x250
[  601.089479][T16357]  ? __pfx_ksys_read+0x10/0x10
[  601.089511][T16357]  do_syscall_64+0x106/0xf80
[  601.089528][T16357]  ? clear_bhb_loop+0x40/0x90
[  601.089547][T16357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.089562][T16357] RIP: 0033:0x7f950739c799
[  601.089575][T16357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  601.089590][T16357] RSP: 002b:00007f95082f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  601.089604][T16357] RAX: ffffffffffffffda RBX: 00007f9507615fa0 RCX: 00007f950739c799
[  601.089614][T16357] RDX: 00000000000000af RSI: 0000200000000280 RDI: 0000000000000003
[  601.089623][T16357] RBP: 00007f95082f4090 R08: 0000000000000000 R09: 0000000000000000
[  601.089632][T16357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.089640][T16357] R13: 00007f9507616038 R14: 00007f9507615fa0 R15: 00007ffe39e509a8
[  601.089662][T16357]  </TASK>
[  602.439110][T16381] zswap: compressor  not available
[  604.392118][ T5833] Bluetooth: hci4: unexpected event 0x1c length: 725 > 5
[  604.412592][T16431] zswap: compressor  not available
[  604.570626][ T5833] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  604.570651][ T5833] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260
[  604.586965][ T5833] Bluetooth: hci4: Unknown advertising packet type: 0x7f
[  604.586985][ T5833] Bluetooth: hci4: adv larger than maximum supported
[  604.594301][ T5833] Bluetooth: hci4: adv larger than maximum supported
[  604.601190][ T5833] Bluetooth: hci4: Unknown advertising packet type: 0x3c
[  604.607908][ T5833] Bluetooth: hci4: Unknown advertising packet type: 0x30
[  604.615933][ T5833] Bluetooth: hci4: Malformed LE Event: 0x0d
[  605.529243][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  605.541124][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  605.549975][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  605.557964][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  605.565536][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  606.607434][T16461] chnl_net:caif_netlink_parms(): no params data found
[  606.928029][T10146] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.134230][T10146] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.214944][T16461] bridge0: port 1(bridge_slave_0) entered blocking state
[  607.259990][T16461] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.287519][T16461] bridge_slave_0: entered allmulticast mode
[  607.316756][T16461] bridge_slave_0: entered promiscuous mode
[  607.347217][T16461] bridge0: port 2(bridge_slave_1) entered blocking state
[  607.380177][T16461] bridge0: port 2(bridge_slave_1) entered disabled state
[  607.415336][T16461] bridge_slave_1: entered allmulticast mode
[  607.443050][T16461] bridge_slave_1: entered promiscuous mode
[  607.535097][T10146] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.580913][   T51] Bluetooth: hci1: command tx timeout
[  607.731607][T10146] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  607.816006][T16461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  607.881383][T16461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  608.016954][T16461] team0: Port device team_slave_0 added
[  608.108286][T16461] team0: Port device team_slave_1 added
[  608.260710][T16461] batman_adv: batadv0: Adding interface: batadv_slave_0
[  608.296510][T16461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  608.396457][T16461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  608.467255][T16461] batman_adv: batadv0: Adding interface: batadv_slave_1
[  608.505030][T16461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  608.610925][T16461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  608.682781][T10146] bridge_slave_1: left allmulticast mode
[  608.698715][T10146] bridge_slave_1: left promiscuous mode
[  608.720619][T10146] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.761082][T10146] bridge_slave_0: left allmulticast mode
[  608.779162][T10146] bridge_slave_0: left promiscuous mode
[  608.804218][T10146] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.206943][T10146] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  609.249322][T10146] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  609.282076][T10146] bond0 (unregistering): Released all slaves
[  609.470026][T10146] HfR: left promiscuous mode
[  609.511150][T16461] hsr_slave_0: entered promiscuous mode
[  609.532215][T16461] hsr_slave_1: entered promiscuous mode
[  609.564740][T10146] i: left promiscuous mode
[  609.664582][   T51] Bluetooth: hci1: command tx timeout
[  610.039526][T10146] hsr_slave_0: left promiscuous mode
[  610.065310][T10146] hsr_slave_1: left promiscuous mode
[  610.089152][T10146] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  610.123588][T10146] batman_adv: batadv0: Removing interface: batadv_slave_0
[  610.150518][T10146] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  610.183581][T10146] batman_adv: batadv0: Removing interface: batadv_slave_1
[  610.236451][T10146] veth1_macvtap: left promiscuous mode
[  610.269909][T10146] veth0_macvtap: left promiscuous mode
[  610.286512][T10146] veth1_vlan: left promiscuous mode
[  610.312873][T10146] veth0_vlan: left promiscuous mode
[  611.013262][T10146] team0 (unregistering): Port device team_slave_1 removed
[  611.502011][T16561] zswap: compressor û not available
[  611.523955][T16556] Setting dangerous option i915.mitigations - tainting kernel
[  611.741395][   T51] Bluetooth: hci1: command tx timeout
[  613.066921][T16461] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  613.080786][   T51] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  613.094155][T16593] ecryptfs_miscdev_write: Invalid packet size [192]
[  613.466270][T16461] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  613.539313][T16461] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  613.705047][T16461] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  613.820226][ T5833] Bluetooth: hci1: command tx timeout
[  614.105169][T16461] 8021q: adding VLAN 0 to HW filter on device bond0
[  614.192850][T16461] 8021q: adding VLAN 0 to HW filter on device team0
[  614.252310][  T150] bridge0: port 1(bridge_slave_0) entered blocking state
[  614.259558][  T150] bridge0: port 1(bridge_slave_0) entered forwarding state
[  614.371910][  T150] bridge0: port 2(bridge_slave_1) entered blocking state
[  614.379058][  T150] bridge0: port 2(bridge_slave_1) entered forwarding state
[  615.089563][T16461] 8021q: adding VLAN 0 to HW filter on device batadv0
[  615.256064][T16461] veth0_vlan: entered promiscuous mode
[  615.321808][T16461] veth1_vlan: entered promiscuous mode
[  615.417072][T16461] veth0_macvtap: entered promiscuous mode
[  615.505607][T16461] veth1_macvtap: entered promiscuous mode
[  615.584659][T16461] batman_adv: batadv0: Interface activated: batadv_slave_0
[  615.674571][T16461] batman_adv: batadv0: Interface activated: batadv_slave_1
[  615.739926][   T74] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  615.806126][  T150] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  615.850798][  T150] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  615.859540][  T150] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  615.891885][T16663] FAULT_INJECTION: forcing a failure.
[  615.891885][T16663] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  615.962563][T16663] CPU: 0 UID: 0 PID: 16663 Comm: syz.3.2755 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  615.962591][T16663] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  615.962596][T16663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  615.962605][T16663] Call Trace:
[  615.962611][T16663]  <TASK>
[  615.962616][T16663]  dump_stack_lvl+0x100/0x190
[  615.962644][T16663]  should_fail_ex.cold+0x5/0xa
[  615.962662][T16663]  _copy_from_user+0x2e/0xd0
[  615.962751][T16663]  move_addr_to_kernel+0x65/0x170
[  615.962777][T16663]  __sys_bind+0x11d/0x260
[  615.962792][T16663]  ? __pfx___sys_bind+0x10/0x10
[  615.962804][T16663]  ? __fget_files+0x21f/0x3d0
[  615.962825][T16663]  ? __pfx_ksys_write+0x10/0x10
[  615.962843][T16663]  __x64_sys_bind+0x72/0xb0
[  615.962856][T16663]  ? lockdep_hardirqs_on+0x78/0x100
[  615.962875][T16663]  do_syscall_64+0x106/0xf80
[  615.962891][T16663]  ? clear_bhb_loop+0x40/0x90
[  615.962910][T16663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  615.962925][T16663] RIP: 0033:0x7fe0dab9c799
[  615.962944][T16663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  615.962959][T16663] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  615.962975][T16663] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  615.962985][T16663] RDX: 000000000000006b RSI: 0000200000000080 RDI: 0000000000000003
[  615.962994][T16663] RBP: 00007fe0d8dee090 R08: 0000000000000000 R09: 0000000000000000
[  615.963002][T16663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  615.963011][T16663] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  615.963030][T16663]  </TASK>
[  616.176413][T16611] kexec: Could not allocate control_code_buffer
[  616.782447][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  616.798136][T16639] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  616.825205][T16639] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  616.869669][T16639] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  616.915678][T16639] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  616.973791][T16639] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  617.026560][T16639] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  617.071542][T16639] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  617.116880][T16639] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  617.188495][  T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  617.197278][  T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  617.340683][T10146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  617.370208][T10146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  617.646636][T16694] FAULT_INJECTION: forcing a failure.
[  617.646636][T16694] name failslab, interval 1, probability 0, space 0, times 0
[  617.723373][T16694] CPU: 0 UID: 0 PID: 16694 Comm: syz.1.2758 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  617.723401][T16694] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  617.723407][T16694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  617.723416][T16694] Call Trace:
[  617.723421][T16694]  <TASK>
[  617.723427][T16694]  dump_stack_lvl+0x100/0x190
[  617.723453][T16694]  should_fail_ex.cold+0x5/0xa
[  617.723471][T16694]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  617.723487][T16694]  should_failslab+0xc2/0x120
[  617.723503][T16694]  __kmalloc_noprof+0xe0/0x850
[  617.723529][T16694]  kernfs_fop_write_iter+0x26a/0x5f0
[  617.723547][T16694]  vfs_write+0x6ac/0x1070
[  617.723571][T16694]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  617.723589][T16694]  ? __pfx_vfs_write+0x10/0x10
[  617.723623][T16694]  ksys_write+0x12a/0x250
[  617.723637][T16694]  ? __pfx_ksys_write+0x10/0x10
[  617.723656][T16694]  do_syscall_64+0x106/0xf80
[  617.723674][T16694]  ? clear_bhb_loop+0x40/0x90
[  617.723693][T16694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  617.723708][T16694] RIP: 0033:0x7fcdee59c799
[  617.723720][T16694] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  617.723735][T16694] RSP: 002b:00007fcdef444028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  617.723750][T16694] RAX: ffffffffffffffda RBX: 00007fcdee816180 RCX: 00007fcdee59c799
[  617.723759][T16694] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000007
[  617.723768][T16694] RBP: 00007fcdef444090 R08: 0000000000000000 R09: 0000000000000000
[  617.723776][T16694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  617.723785][T16694] R13: 00007fcdee816218 R14: 00007fcdee816180 R15: 00007ffd3578c858
[  617.723804][T16694]  </TASK>
[  617.987369][T16700] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2760'.
[  618.104701][T16703] FAULT_INJECTION: forcing a failure.
[  618.104701][T16703] name failslab, interval 1, probability 0, space 0, times 0
[  618.132249][T16703] CPU: 0 UID: 0 PID: 16703 Comm: syz.3.2761 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  618.132287][T16703] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  618.132293][T16703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  618.132303][T16703] Call Trace:
[  618.132308][T16703]  <TASK>
[  618.132314][T16703]  dump_stack_lvl+0x100/0x190
[  618.132343][T16703]  should_fail_ex.cold+0x5/0xa
[  618.132362][T16703]  should_failslab+0xc2/0x120
[  618.132380][T16703]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  618.132401][T16703]  ? security_inode_alloc+0x3b/0x2c0
[  618.132424][T16703]  ? lockdep_init_map_type+0x5c/0x250
[  618.132446][T16703]  security_inode_alloc+0x3b/0x2c0
[  618.132468][T16703]  inode_init_always_gfp+0xced/0x1040
[  618.132487][T16703]  alloc_inode+0x8e/0x250
[  618.132506][T16703]  new_inode+0x22/0x1c0
[  618.132526][T16703]  configfs_new_inode+0x24/0x4a0
[  618.132550][T16703]  configfs_create+0xd9/0x370
[  618.132574][T16703]  configfs_lookup+0x38f/0x780
[  618.132592][T16703]  lookup_open.isra.0+0x631/0x11b0
[  618.132618][T16703]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  618.132650][T16703]  ? mnt_get_write_access+0x1e9/0x2f0
[  618.132672][T16703]  path_openat+0xa98/0x31a0
[  618.132694][T16703]  ? __pfx_path_openat+0x10/0x10
[  618.132716][T16703]  do_file_open+0x20e/0x430
[  618.132733][T16703]  ? __pfx_do_file_open+0x10/0x10
[  618.132762][T16703]  ? alloc_fd+0x476/0x790
[  618.132778][T16703]  ? do_getname+0x191/0x390
[  618.132798][T16703]  do_sys_openat2+0x10d/0x1e0
[  618.132817][T16703]  ? __pfx_do_sys_openat2+0x10/0x10
[  618.132837][T16703]  ? __x64_sys_close_range+0x2d9/0x5d0
[  618.132857][T16703]  __x64_sys_openat+0x12d/0x210
[  618.132877][T16703]  ? __pfx___x64_sys_openat+0x10/0x10
[  618.132903][T16703]  do_syscall_64+0x106/0xf80
[  618.132921][T16703]  ? clear_bhb_loop+0x40/0x90
[  618.132939][T16703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.132954][T16703] RIP: 0033:0x7fe0dab9c799
[  618.132967][T16703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  618.132982][T16703] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  618.132996][T16703] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  618.133006][T16703] RDX: 0000000000109103 RSI: 0000200000001280 RDI: ffffffffffffff9c
[  618.133016][T16703] RBP: 00007fe0dac32c99 R08: 0000000000000000 R09: 0000000000000000
[  618.133024][T16703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  618.133033][T16703] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  618.133053][T16703]  </TASK>
[  618.714506][T16695] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  618.738713][T16695] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  618.782764][T16695] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  618.861843][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  618.867929][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  618.940214][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  619.107152][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  620.133103][T16744] Â: entered promiscuous mode
[  620.215442][T16746] FAULT_INJECTION: forcing a failure.
[  620.215442][T16746] name failslab, interval 1, probability 0, space 0, times 0
[  620.317049][T16746] CPU: 0 UID: 0 PID: 16746 Comm: syz.3.2769 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  620.317088][T16746] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  620.317094][T16746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  620.317104][T16746] Call Trace:
[  620.317110][T16746]  <TASK>
[  620.317116][T16746]  dump_stack_lvl+0x100/0x190
[  620.317146][T16746]  should_fail_ex.cold+0x5/0xa
[  620.317165][T16746]  should_failslab+0xc2/0x120
[  620.317181][T16746]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  620.317203][T16746]  ? anon_vma_clone+0x2bd/0xc70
[  620.317225][T16746]  anon_vma_clone+0x2bd/0xc70
[  620.317250][T16746]  __split_vma+0x51f/0xd90
[  620.317273][T16746]  ? __pfx___split_vma+0x10/0x10
[  620.317297][T16746]  ? find_vma+0xbf/0x140
[  620.317316][T16746]  vma_modify+0x1121/0x2250
[  620.317340][T16746]  ? __pfx_vma_modify+0x10/0x10
[  620.317365][T16746]  vma_modify_policy+0x238/0x300
[  620.317387][T16746]  ? __pfx_vma_modify_policy+0x10/0x10
[  620.317419][T16746]  ? mas_walk+0x6ef/0x9b0
[  620.317521][T16746]  mbind_range+0x175/0x550
[  620.317542][T16746]  do_mbind+0x7de/0xfd0
[  620.317565][T16746]  ? __pfx_do_mbind+0x10/0x10
[  620.317583][T16746]  ? __lock_acquire+0x4a5/0x2630
[  620.317611][T16746]  ? __pfx_get_nodes+0x10/0x10
[  620.317631][T16746]  ? find_held_lock+0x2b/0x80
[  620.317650][T16746]  kernel_mbind+0x1b7/0x200
[  620.317669][T16746]  ? __pfx_kernel_mbind+0x10/0x10
[  620.317693][T16746]  do_syscall_64+0x106/0xf80
[  620.317710][T16746]  ? clear_bhb_loop+0x40/0x90
[  620.317728][T16746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.317743][T16746] RIP: 0033:0x7fe0dab9c799
[  620.317757][T16746] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  620.317771][T16746] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  620.317786][T16746] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  620.317796][T16746] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000
[  620.317805][T16746] RBP: 00007fe0dac32c99 R08: 0000002000000006 R09: 0000000000000002
[  620.317813][T16746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  620.317822][T16746] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  620.317842][T16746]  </TASK>
[  621.035841][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  621.181134][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  622.492293][T16798] FAULT_INJECTION: forcing a failure.
[  622.492293][T16798] name failslab, interval 1, probability 0, space 0, times 0
[  622.548249][T16798] CPU: 0 UID: 0 PID: 16798 Comm: syz.3.2776 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  622.548283][T16798] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  622.548289][T16798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  622.548298][T16798] Call Trace:
[  622.548303][T16798]  <TASK>
[  622.548310][T16798]  dump_stack_lvl+0x100/0x190
[  622.548337][T16798]  should_fail_ex.cold+0x5/0xa
[  622.548355][T16798]  should_failslab+0xc2/0x120
[  622.548370][T16798]  __kmalloc_cache_noprof+0x7a/0x6f0
[  622.548390][T16798]  ? alloc_pipe_info+0x10e/0x590
[  622.548405][T16798]  ? find_held_lock+0x2b/0x80
[  622.548421][T16798]  alloc_pipe_info+0x10e/0x590
[  622.548438][T16798]  splice_direct_to_actor+0x78f/0xa30
[  622.548454][T16798]  ? __lock_acquire+0x4a5/0x2630
[  622.548471][T16798]  ? __pfx_direct_splice_actor+0x10/0x10
[  622.548496][T16798]  ? __pfx_aa_file_perm+0x10/0x10
[  622.548603][T16798]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  622.548623][T16798]  do_splice_direct+0x174/0x240
[  622.548638][T16798]  ? __pfx_do_splice_direct+0x10/0x10
[  622.548653][T16798]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  622.548679][T16798]  ? rw_verify_area+0xce/0x6d0
[  622.548702][T16798]  do_sendfile+0xadc/0xe20
[  622.548728][T16798]  ? __pfx_do_sendfile+0x10/0x10
[  622.548749][T16798]  ? __fget_files+0x21f/0x3d0
[  622.548767][T16798]  __x64_sys_sendfile64+0x1d8/0x220
[  622.548783][T16798]  ? ksys_write+0x1ac/0x250
[  622.548795][T16798]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  622.548830][T16798]  do_syscall_64+0x106/0xf80
[  622.548848][T16798]  ? clear_bhb_loop+0x40/0x90
[  622.548866][T16798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  622.548881][T16798] RIP: 0033:0x7fe0dab9c799
[  622.548895][T16798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  622.548909][T16798] RSP: 002b:00007fe0d8dcd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  622.548924][T16798] RAX: ffffffffffffffda RBX: 00007fe0dae16090 RCX: 00007fe0dab9c799
[  622.548933][T16798] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  622.548942][T16798] RBP: 00007fe0d8dcd090 R08: 0000000000000000 R09: 0000000000000000
[  622.548955][T16798] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  622.548963][T16798] R13: 00007fe0dae16128 R14: 00007fe0dae16090 R15: 00007ffd71a0d3f8
[  622.548983][T16798]  </TASK>
[  623.118243][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  623.234026][T16796] zswap: compressor  not available
[  623.260810][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  624.384638][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  624.391088][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  625.467887][T16863] ubi31: attaching mtd0
[  625.694918][T16863] ubi31: scanning is finished
[  625.774137][T16863] ubi31 error: ubi_read_volume_table: the layout volume was not found
[  626.375678][   T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  626.413848][T16876] ecryptfs_miscdev_write: Invalid packet size [192]
[  626.515950][T16863] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  626.561708][T16879] FAULT_INJECTION: forcing a failure.
[  626.561708][T16879] name failslab, interval 1, probability 0, space 0, times 0
[  626.617223][T16858] kexec: Could not allocate control_code_buffer
[  626.632652][T16879] CPU: 0 UID: 0 PID: 16879 Comm: syz.1.2793 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  626.632679][T16879] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  626.632685][T16879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  626.632695][T16879] Call Trace:
[  626.632701][T16879]  <TASK>
[  626.632707][T16879]  dump_stack_lvl+0x100/0x190
[  626.632735][T16879]  should_fail_ex.cold+0x5/0xa
[  626.632753][T16879]  should_failslab+0xc2/0x120
[  626.632770][T16879]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  626.632793][T16879]  ? zswap_store+0xc42/0x29d0
[  626.632814][T16879]  zswap_store+0xc42/0x29d0
[  626.632835][T16879]  ? __pfx___up_read+0x10/0x10
[  626.632856][T16879]  ? rmap_walk_anon+0x561/0x870
[  626.632876][T16879]  ? __pfx_zswap_store+0x10/0x10
[  626.632893][T16879]  ? do_raw_spin_lock+0x128/0x260
[  626.632914][T16879]  ? find_held_lock+0x2b/0x80
[  626.632927][T16879]  ? folio_free_swap+0x3d9/0xb50
[  626.632941][T16879]  ? folio_free_swap+0x3d9/0xb50
[  626.632957][T16879]  ? do_raw_spin_unlock+0x145/0x1e0
[  626.632978][T16879]  ? _raw_spin_unlock+0x28/0x50
[  626.632994][T16879]  ? folio_free_swap+0x39/0xb50
[  626.633009][T16879]  ? __pfx_try_to_unmap+0x10/0x10
[  626.633031][T16879]  swap_writeout+0x49d/0x12b0
[  626.633055][T16879]  shrink_folio_list+0x5c4a/0x6000
[  626.633084][T16879]  ? __pfx_shrink_folio_list+0x10/0x10
[  626.633102][T16879]  ? update_cfs_rq_load_avg+0x51/0x550
[  626.633126][T16879]  ? set_next_entity+0x11e/0x9c0
[  626.633156][T16879]  ? __lock_acquire+0x4a5/0x2630
[  626.633188][T16879]  ? finish_task_switch.isra.0+0x205/0xb80
[  626.633204][T16879]  ? lockdep_hardirqs_on+0x78/0x100
[  626.633222][T16879]  ? finish_task_switch.isra.0+0x205/0xb80
[  626.633241][T16879]  reclaim_folio_list+0xdc/0x600
[  626.633264][T16879]  ? __pfx_reclaim_folio_list+0x10/0x10
[  626.633291][T16879]  ? lru_gen_update_size+0x431/0xe40
[  626.633315][T16879]  ? lru_gen_del_folio+0x382/0x5f0
[  626.633335][T16879]  reclaim_pages+0x428/0x5e0
[  626.633357][T16879]  ? __pfx_reclaim_pages+0x10/0x10
[  626.633376][T16879]  ? find_held_lock+0x2b/0x80
[  626.633390][T16879]  ? madvise_cold_or_pageout_pte_range+0xb49/0x2720
[  626.633417][T16879]  madvise_cold_or_pageout_pte_range+0x1635/0x2720
[  626.633444][T16879]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  626.633462][T16879]  ? rcu_is_watching+0x12/0xc0
[  626.633484][T16879]  ? free_pcppages_bulk+0x330/0x6b0
[  626.633508][T16879]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  626.633527][T16879]  walk_pgd_range+0xc04/0x1eb0
[  626.633554][T16879]  ? do_raw_spin_unlock+0x145/0x1e0
[  626.633582][T16879]  ? __pfx_walk_pgd_range+0x10/0x10
[  626.633615][T16879]  __walk_page_range+0x163/0x820
[  626.633638][T16879]  ? __mod_zone_page_state+0xe2/0x190
[  626.633657][T16879]  ? __pfx_css_rstat_updated+0x10/0x10
[  626.633680][T16879]  walk_page_range_vma_unsafe+0x209/0x8f0
[  626.633706][T16879]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  626.633732][T16879]  ? find_held_lock+0x2b/0x80
[  626.633745][T16879]  ? mlock_drain_local+0x254/0x4e0
[  626.633766][T16879]  ? mlock_drain_local+0x254/0x4e0
[  626.633789][T16879]  walk_page_range_vma+0x63/0x90
[  626.633813][T16879]  madvise_pageout+0x259/0x540
[  626.633830][T16879]  ? __pfx_madvise_pageout+0x10/0x10
[  626.633861][T16879]  madvise_vma_behavior+0x3e6/0x3050
[  626.633879][T16879]  ? mt_find+0x687/0x8e0
[  626.633897][T16879]  ? mt_find+0x687/0x8e0
[  626.633914][T16879]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  626.633934][T16879]  ? mt_find+0x45e/0x8e0
[  626.633953][T16879]  ? __pfx_mt_find+0x10/0x10
[  626.633975][T16879]  ? find_vma_prev+0xd8/0x150
[  626.633996][T16879]  ? find_vma+0xbf/0x140
[  626.634009][T16879]  ? __pfx_find_vma+0x10/0x10
[  626.634027][T16879]  madvise_walk_vmas+0x2fe/0xa90
[  626.634048][T16879]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  626.634071][T16879]  madvise_do_behavior+0x1ea/0x510
[  626.634087][T16879]  ? futex_private_hash_put+0x107/0x1c0
[  626.634107][T16879]  ? __pfx_madvise_do_behavior+0x10/0x10
[  626.634124][T16879]  ? down_read+0x13b/0x460
[  626.634153][T16879]  do_madvise+0x195/0x240
[  626.634170][T16879]  ? __pfx_do_madvise+0x10/0x10
[  626.634187][T16879]  ? do_futex+0x192/0x350
[  626.634223][T16879]  __x64_sys_madvise+0xa9/0x110
[  626.634240][T16879]  ? lockdep_hardirqs_on+0x78/0x100
[  626.634257][T16879]  do_syscall_64+0x106/0xf80
[  626.634274][T16879]  ? clear_bhb_loop+0x40/0x90
[  626.634293][T16879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.634308][T16879] RIP: 0033:0x7fcdee59c799
[  626.634322][T16879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  626.634337][T16879] RSP: 002b:00007fcdef465028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  626.634352][T16879] RAX: ffffffffffffffda RBX: 00007fcdee816090 RCX: 00007fcdee59c799
[  626.634362][T16879] RDX: 0000000000000015 RSI: ff7fffffffff003f RDI: 0000000000000000
[  626.634371][T16879] RBP: 00007fcdee632c99 R08: 0000000000000000 R09: 0000000000000000
[  626.634381][T16879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  626.634389][T16879] R13: 00007fcdee816128 R14: 00007fcdee816090 R15: 00007ffd3578c858
[  626.634409][T16879]  </TASK>
[  627.705389][T16886] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.2795'.
[  628.459926][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[  628.596914][T16899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2799'.
[  630.454626][   T51] Bluetooth: hci1: Malformed LE Event: 0x0b
[  630.541857][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  631.122969][T16950] FAULT_INJECTION: forcing a failure.
[  631.122969][T16950] name failslab, interval 1, probability 0, space 0, times 0
[  631.164755][T16957] FAULT_INJECTION: forcing a failure.
[  631.164755][T16957] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  631.249972][T16957] CPU: 0 UID: 0 PID: 16957 Comm: syz.0.2812 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  631.250000][T16957] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  631.250006][T16957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  631.250015][T16957] Call Trace:
[  631.250021][T16957]  <TASK>
[  631.250027][T16957]  dump_stack_lvl+0x100/0x190
[  631.250055][T16957]  should_fail_ex.cold+0x5/0xa
[  631.250072][T16957]  _copy_to_user+0x32/0xd0
[  631.250089][T16957]  simple_read_from_buffer+0xcb/0x170
[  631.250114][T16957]  proc_fail_nth_read+0x1af/0x230
[  631.250132][T16957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  631.250151][T16957]  ? rw_verify_area+0xce/0x6d0
[  631.250172][T16957]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  631.250190][T16957]  vfs_read+0x1e4/0xb30
[  631.250215][T16957]  ? __pfx_vfs_read+0x10/0x10
[  631.250236][T16957]  ? __fget_files+0x215/0x3d0
[  631.250254][T16957]  ? __fget_files+0x21f/0x3d0
[  631.250272][T16957]  ksys_read+0x12a/0x250
[  631.250295][T16957]  ? __pfx_ksys_read+0x10/0x10
[  631.250322][T16957]  do_syscall_64+0x106/0xf80
[  631.250340][T16957]  ? clear_bhb_loop+0x40/0x90
[  631.250358][T16957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.250374][T16957] RIP: 0033:0x7fdbd3f5cfce
[  631.250387][T16957] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  631.250401][T16957] RSP: 002b:00007fdbd21f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  631.250416][T16957] RAX: ffffffffffffffda RBX: 00007fdbd21f66c0 RCX: 00007fdbd3f5cfce
[  631.250426][T16957] RDX: 000000000000000f RSI: 00007fdbd21f60a0 RDI: 0000000000000006
[  631.250435][T16957] RBP: 00007fdbd21f6090 R08: 0000000000000000 R09: 0000000000000000
[  631.250444][T16957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  631.250452][T16957] R13: 00007fdbd4216038 R14: 00007fdbd4215fa0 R15: 00007ffe393d27f8
[  631.250472][T16957]  </TASK>
[  631.660435][T16950] CPU: 0 UID: 0 PID: 16950 Comm: syz.1.2811 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  631.660464][T16950] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  631.660470][T16950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  631.660479][T16950] Call Trace:
[  631.660484][T16950]  <TASK>
[  631.660491][T16950]  dump_stack_lvl+0x100/0x190
[  631.660519][T16950]  should_fail_ex.cold+0x5/0xa
[  631.660537][T16950]  should_failslab+0xc2/0x120
[  631.660552][T16950]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  631.660577][T16950]  ? cache_create_net+0x2b/0x1f0
[  631.660680][T16950]  ? __pfx_nfsd_net_init+0x10/0x10
[  631.660714][T16950]  kmemdup_noprof+0x29/0x60
[  631.660738][T16950]  cache_create_net+0x2b/0x1f0
[  631.660755][T16950]  ? __pfx_nfsd_net_init+0x10/0x10
[  631.660777][T16950]  nfsd_export_init+0x62/0x250
[  631.660806][T16950]  ? __pfx_nfsd_net_init+0x10/0x10
[  631.660827][T16950]  nfsd_net_init+0x33/0x3d0
[  631.660849][T16950]  ? __pfx_nfsd_net_init+0x10/0x10
[  631.660871][T16950]  ops_init+0x1e2/0x5f0
[  631.660893][T16950]  setup_net+0x118/0x3a0
[  631.660912][T16950]  ? __pfx_setup_net+0x10/0x10
[  631.660929][T16950]  ? lockdep_init_map_type+0x5c/0x250
[  631.660949][T16950]  ? mutex_init_lockep+0x110/0x150
[  631.660972][T16950]  copy_net_ns+0x46f/0x7c0
[  631.660994][T16950]  create_new_namespaces+0x3ea/0xac0
[  631.661015][T16950]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  631.661032][T16950]  ksys_unshare+0x473/0xad0
[  631.661052][T16950]  ? __pfx_ksys_unshare+0x10/0x10
[  631.661077][T16950]  __x64_sys_unshare+0x31/0x40
[  631.661094][T16950]  do_syscall_64+0x106/0xf80
[  631.661112][T16950]  ? clear_bhb_loop+0x40/0x90
[  631.661131][T16950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.661146][T16950] RIP: 0033:0x7fcdee59c799
[  631.661159][T16950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  631.661174][T16950] RSP: 002b:00007fcdef486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  631.661189][T16950] RAX: ffffffffffffffda RBX: 00007fcdee815fa0 RCX: 00007fcdee59c799
[  631.661198][T16950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  631.661207][T16950] RBP: 00007fcdee632c99 R08: 0000000000000000 R09: 0000000000000000
[  631.661215][T16950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  631.661223][T16950] R13: 00007fcdee816038 R14: 00007fcdee815fa0 R15: 00007ffd3578c858
[  631.661249][T16950]  </TASK>
[  632.413845][T16927] kexec: Could not allocate control_code_buffer
[  633.282036][T16976] program syz.3.2817 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  633.406237][T16986] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  633.683156][T16998] FAULT_INJECTION: forcing a failure.
[  633.683156][T16998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  633.758911][T16998] CPU: 0 UID: 0 PID: 16998 Comm: syz.3.2821 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  633.758939][T16998] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  633.758944][T16998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  633.758953][T16998] Call Trace:
[  633.758959][T16998]  <TASK>
[  633.758965][T16998]  dump_stack_lvl+0x100/0x190
[  633.758993][T16998]  should_fail_ex.cold+0x5/0xa
[  633.759011][T16998]  _copy_from_iter+0x1f4/0x1690
[  633.759031][T16998]  ? __pfx__copy_from_iter+0x10/0x10
[  633.759045][T16998]  ? rcu_is_watching+0x12/0xc0
[  633.759075][T16998]  ? trace_kmalloc+0x101/0x130
[  633.759091][T16998]  ? __kasan_kmalloc+0xaa/0xb0
[  633.759114][T16998]  ? __kmalloc_noprof+0x320/0x850
[  633.759139][T16998]  kernfs_fop_write_iter+0x186/0x5f0
[  633.759158][T16998]  vfs_write+0x6ac/0x1070
[  633.759182][T16998]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  633.759199][T16998]  ? __pfx_vfs_write+0x10/0x10
[  633.759233][T16998]  ksys_write+0x12a/0x250
[  633.759247][T16998]  ? __pfx_ksys_write+0x10/0x10
[  633.759265][T16998]  do_syscall_64+0x106/0xf80
[  633.759284][T16998]  ? clear_bhb_loop+0x40/0x90
[  633.759302][T16998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.759317][T16998] RIP: 0033:0x7fe0dab9c799
[  633.759330][T16998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  633.759343][T16998] RSP: 002b:00007fe0d8dac028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  633.759358][T16998] RAX: ffffffffffffffda RBX: 00007fe0dae16180 RCX: 00007fe0dab9c799
[  633.759368][T16998] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000007
[  633.759376][T16998] RBP: 00007fe0d8dac090 R08: 0000000000000000 R09: 0000000000000000
[  633.759385][T16998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  633.759393][T16998] R13: 00007fe0dae16218 R14: 00007fe0dae16180 R15: 00007ffd71a0d3f8
[  633.759413][T16998]  </TASK>
[  634.544165][T17018] tc_dump_action: action bad kind
[  634.966703][T17025] zswap: compressor  not available
[  635.475560][   T30] audit: type=1800 audit(758.740:28): pid=17044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2833" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  637.432447][ T5833] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  637.658722][ T5833] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  637.666874][ T5833] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  637.682187][ T5833] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  637.682206][ T5833] Bluetooth: hci0: Unknown advertising packet type: 0x5c
[  637.690120][ T5833] Bluetooth: hci0: Unknown advertising packet type: 0x7e
[  637.697191][ T5833] Bluetooth: hci0: adv larger than maximum supported
[  637.704658][ T5833] Bluetooth: hci0: Malformed LE Event: 0x0d
[  640.206262][T17145] zswap: compressor û not available
[  640.863823][T17175] FAULT_INJECTION: forcing a failure.
[  640.863823][T17175] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  640.917881][T17175] CPU: 0 UID: 0 PID: 17175 Comm: syz.3.2864 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  640.917909][T17175] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  640.917915][T17175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  640.917924][T17175] Call Trace:
[  640.917929][T17175]  <TASK>
[  640.917935][T17175]  dump_stack_lvl+0x100/0x190
[  640.917963][T17175]  should_fail_ex.cold+0x5/0xa
[  640.917981][T17175]  _copy_from_iter+0x1f4/0x1690
[  640.917998][T17175]  ? __asan_memset+0x23/0x50
[  640.918020][T17175]  ? __pfx__copy_from_iter+0x10/0x10
[  640.918033][T17175]  ? __pfx___alloc_skb+0x10/0x10
[  640.918129][T17175]  netlink_sendmsg+0x808/0xda0
[  640.918188][T17175]  ? __pfx_netlink_sendmsg+0x10/0x10
[  640.918206][T17175]  ? __import_iovec+0x1d2/0x640
[  640.918222][T17175]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  640.918246][T17175]  ____sys_sendmsg+0x9e1/0xb70
[  640.918267][T17175]  ? __pfx_netlink_sendmsg+0x10/0x10
[  640.918288][T17175]  ? __pfx_____sys_sendmsg+0x10/0x10
[  640.918318][T17175]  ___sys_sendmsg+0x190/0x1e0
[  640.918341][T17175]  ? __pfx____sys_sendmsg+0x10/0x10
[  640.918385][T17175]  __sys_sendmsg+0x170/0x220
[  640.918404][T17175]  ? __pfx___sys_sendmsg+0x10/0x10
[  640.918433][T17175]  do_syscall_64+0x106/0xf80
[  640.918450][T17175]  ? clear_bhb_loop+0x40/0x90
[  640.918469][T17175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.918483][T17175] RIP: 0033:0x7fe0dab9c799
[  640.918497][T17175] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  640.918511][T17175] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  640.918526][T17175] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  640.918536][T17175] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000003
[  640.918545][T17175] RBP: 00007fe0d8dee090 R08: 0000000000000000 R09: 0000000000000000
[  640.918553][T17175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  640.918562][T17175] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  640.918581][T17175]  </TASK>
[  641.714857][   T30] audit: type=1800 audit(764.980:29): pid=17199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2865" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  642.389358][T17211] binder: 17210:17211 ioctl c0306201 200000000000 returned -14
[  642.825288][T17218] netlink: 346 bytes leftover after parsing attributes in process `syz.3.2874'.
[  643.770395][T17244] binder: 17243:17244 ioctl c0306201 200000000000 returned -14
[  643.985651][T17229] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  644.010311][T17229] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  644.038721][T17229] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  644.066592][T17229] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  644.213845][T17256] FAULT_INJECTION: forcing a failure.
[  644.213845][T17256] name failslab, interval 1, probability 0, space 0, times 0
[  644.262117][T17256] CPU: 0 UID: 0 PID: 17256 Comm: syz.2.2885 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  644.262148][T17256] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  644.262154][T17256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  644.262163][T17256] Call Trace:
[  644.262169][T17256]  <TASK>
[  644.262175][T17256]  dump_stack_lvl+0x100/0x190
[  644.262203][T17256]  should_fail_ex.cold+0x5/0xa
[  644.262222][T17256]  should_failslab+0xc2/0x120
[  644.262238][T17256]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  644.262260][T17256]  ? security_inode_alloc+0x3b/0x2c0
[  644.262282][T17256]  ? lockdep_init_map_type+0x5c/0x250
[  644.262304][T17256]  security_inode_alloc+0x3b/0x2c0
[  644.262328][T17256]  inode_init_always_gfp+0xced/0x1040
[  644.262346][T17256]  alloc_inode+0x8e/0x250
[  644.262365][T17256]  new_inode+0x22/0x1c0
[  644.262386][T17256]  configfs_new_inode+0x24/0x4a0
[  644.262409][T17256]  configfs_create+0xd9/0x370
[  644.262432][T17256]  configfs_lookup+0x38f/0x780
[  644.262450][T17256]  lookup_open.isra.0+0x631/0x11b0
[  644.262475][T17256]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  644.262516][T17256]  ? mnt_get_write_access+0x1e9/0x2f0
[  644.262541][T17256]  path_openat+0xa98/0x31a0
[  644.262563][T17256]  ? __pfx_path_openat+0x10/0x10
[  644.262585][T17256]  do_file_open+0x20e/0x430
[  644.262601][T17256]  ? __pfx_do_file_open+0x10/0x10
[  644.262636][T17256]  ? alloc_fd+0x476/0x790
[  644.262652][T17256]  ? do_getname+0x191/0x390
[  644.262671][T17256]  do_sys_openat2+0x10d/0x1e0
[  644.262691][T17256]  ? __pfx_do_sys_openat2+0x10/0x10
[  644.262712][T17256]  ? __x64_sys_close_range+0x2d9/0x5d0
[  644.262733][T17256]  __x64_sys_openat+0x12d/0x210
[  644.262753][T17256]  ? __pfx___x64_sys_openat+0x10/0x10
[  644.262779][T17256]  do_syscall_64+0x106/0xf80
[  644.262797][T17256]  ? clear_bhb_loop+0x40/0x90
[  644.262817][T17256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  644.262834][T17256] RIP: 0033:0x7fdb90f9c799
[  644.262847][T17256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  644.262862][T17256] RSP: 002b:00007fdb91d89028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  644.262877][T17256] RAX: ffffffffffffffda RBX: 00007fdb91215fa0 RCX: 00007fdb90f9c799
[  644.262887][T17256] RDX: 0000000000109103 RSI: 0000200000001280 RDI: ffffffffffffff9c
[  644.262897][T17256] RBP: 00007fdb91032c99 R08: 0000000000000000 R09: 0000000000000000
[  644.262906][T17256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  644.262915][T17256] R13: 00007fdb91216038 R14: 00007fdb91215fa0 R15: 00007ffe078ad918
[  644.262935][T17256]  </TASK>
[  645.421198][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  646.059983][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  646.066041][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  646.142696][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[  646.283195][ T5833] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  647.161412][ T5833] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5
[  647.287763][ T5833] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260
[  647.294934][ T5833] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  647.309836][ T5833] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  647.309873][ T5833] Bluetooth: hci1: Unknown advertising packet type: 0x5f
[  647.318115][ T5833] Bluetooth: hci1: Unknown advertising packet type: 0x57
[  647.325624][ T5833] Bluetooth: hci1: Unknown advertising packet type: 0x3d
[  647.332726][ T5833] Bluetooth: hci1: Malformed LE Event: 0x0d
[  648.204575][T17340] hub 1-0:1.0: USB hub found
[  648.221364][T17340] hub 1-0:1.0: 1 port detected
[  648.418906][T17325] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  648.458442][T17325] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  648.488173][T17325] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  648.526070][T17325] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  649.389013][T17382] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.2914'.
[  649.527536][T17377] zswap: compressor û not available
[  649.580976][ T5833] Bluetooth: hci4: command 0x0c1a tx timeout
[  649.613271][T17383] Setting dangerous option i915.mitigations - tainting kernel
[  650.031116][T17399] FAULT_INJECTION: forcing a failure.
[  650.031116][T17399] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.225358][T17399] CPU: 0 UID: 0 PID: 17399 Comm: syz.3.2918 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  650.225386][T17399] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  650.225392][T17399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  650.225401][T17399] Call Trace:
[  650.225406][T17399]  <TASK>
[  650.225412][T17399]  dump_stack_lvl+0x100/0x190
[  650.225439][T17399]  should_fail_ex.cold+0x5/0xa
[  650.225457][T17399]  _copy_from_user+0x2e/0xd0
[  650.225472][T17399]  __x64_sys_epoll_ctl+0x131/0x1e0
[  650.225521][T17399]  ? __pfx___x64_sys_epoll_ctl+0x10/0x10
[  650.225542][T17399]  do_syscall_64+0x106/0xf80
[  650.225560][T17399]  ? clear_bhb_loop+0x40/0x90
[  650.225578][T17399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.225593][T17399] RIP: 0033:0x7fe0dab9c799
[  650.225606][T17399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  650.225621][T17399] RSP: 002b:00007fe0d8dac028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  650.225636][T17399] RAX: ffffffffffffffda RBX: 00007fe0dae16180 RCX: 00007fe0dab9c799
[  650.225645][T17399] RDX: 0000000000000004 RSI: 0000000000000001 RDI: 0000000000000005
[  650.225654][T17399] RBP: 00007fe0d8dac090 R08: 0000000000000000 R09: 0000000000000000
[  650.225662][T17399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  650.225671][T17399] R13: 00007fe0dae16218 R14: 00007fe0dae16180 R15: 00007ffd71a0d3f8
[  650.225689][T17399]  </TASK>
[  650.591843][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  650.597863][ T5833] Bluetooth: hci1: command 0x0c1a tx timeout
[  650.606178][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  650.863956][T17398] kexec: Could not allocate control_code_buffer
[  651.224487][T17418] cougar: G6 mapped to F18
[  651.300718][T17417] bond0: option lp_interval: invalid value (0)
[  651.338767][T17417] bond0: option lp_interval: allowed values 1 - 2147483647
[  651.676176][T17416] ima: policy update failed
[  651.710555][   T30] audit: type=1802 audit(774.970:30): pid=17416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2922" res=0 errno=0
[  651.925430][T17436] netlink: 10745 bytes leftover after parsing attributes in process `syz.3.2927'.
[  653.250610][T17472] cougar: G6 mapped to F18
[  653.311313][T17471] bond0: option lp_interval: invalid value (0)
[  653.343898][T17471] bond0: option lp_interval: allowed values 1 - 2147483647
[  653.612279][T17469] ima: policy update failed
[  653.636308][   T30] audit: type=1802 audit(776.900:31): pid=17469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2935" res=0 errno=0
[  653.845474][T17484] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2938'.
[  653.896551][T17487] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2938'.
[  654.101930][   T51] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5
[  654.323915][   T51] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  654.331316][   T51] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  654.347705][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  654.347725][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x18
[  654.355086][   T51] Bluetooth: hci3: Unknown advertising packet type: 0x79
[  654.362408][   T51] Bluetooth: hci3: adv larger than maximum supported
[  654.369489][   T51] Bluetooth: hci3: adv larger than maximum supported
[  654.376532][   T51] Bluetooth: hci3: Malformed LE Event: 0x0d
[  654.978149][T17516] cougar: G6 mapped to F18
[  655.020194][T17514] bond0: option lp_interval: invalid value (0)
[  655.039945][T17514] bond0: option lp_interval: allowed values 1 - 2147483647
[  655.358513][T17512] ima: policy update failed
[  655.377575][   T30] audit: type=1802 audit(778.640:32): pid=17512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2947" res=0 errno=0
[  655.597874][T17538] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2954'.
[  655.932342][T17550] FAULT_INJECTION: forcing a failure.
[  655.932342][T17550] name failslab, interval 1, probability 0, space 0, times 0
[  655.961953][T17550] CPU: 0 UID: 0 PID: 17550 Comm: syz.0.2956 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  655.961981][T17550] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  655.961987][T17550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  655.961996][T17550] Call Trace:
[  655.962001][T17550]  <TASK>
[  655.962008][T17550]  dump_stack_lvl+0x100/0x190
[  655.962035][T17550]  should_fail_ex.cold+0x5/0xa
[  655.962053][T17550]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  655.962076][T17550]  should_failslab+0xc2/0x120
[  655.962092][T17550]  __kmalloc_noprof+0xe0/0x850
[  655.962114][T17550]  ? rcu_is_watching+0x12/0xc0
[  655.962140][T17550]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  655.962167][T17550]  genl_family_rcv_msg_doit+0xc7/0x300
[  655.962190][T17550]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  655.962212][T17550]  ? genl_get_cmd+0x3ef/0x720
[  655.962237][T17550]  ? __dev_queue_xmit+0x5af/0x4800
[  655.962347][T17550]  ? __radix_tree_lookup+0x217/0x2b0
[  655.962395][T17550]  genl_rcv_msg+0x560/0x800
[  655.962419][T17550]  ? __pfx_genl_rcv_msg+0x10/0x10
[  655.962441][T17550]  ? __pfx_nbd_genl_connect+0x10/0x10
[  655.962524][T17550]  netlink_rcv_skb+0x159/0x420
[  655.962544][T17550]  ? __pfx_genl_rcv_msg+0x10/0x10
[  655.962566][T17550]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  655.962593][T17550]  ? netlink_deliver_tap+0x1ae/0xcc0
[  655.962614][T17550]  genl_rcv+0x28/0x40
[  655.962633][T17550]  netlink_unicast+0x5aa/0x870
[  655.962656][T17550]  ? __pfx_netlink_unicast+0x10/0x10
[  655.962682][T17550]  netlink_sendmsg+0x8b0/0xda0
[  655.962710][T17550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.962729][T17550]  ? __import_iovec+0x1d2/0x640
[  655.962746][T17550]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  655.962770][T17550]  ____sys_sendmsg+0x9e1/0xb70
[  655.962791][T17550]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.962813][T17550]  ? __pfx_____sys_sendmsg+0x10/0x10
[  655.962843][T17550]  ___sys_sendmsg+0x190/0x1e0
[  655.962867][T17550]  ? __pfx____sys_sendmsg+0x10/0x10
[  655.962913][T17550]  __sys_sendmsg+0x170/0x220
[  655.962934][T17550]  ? __pfx___sys_sendmsg+0x10/0x10
[  655.962972][T17550]  do_syscall_64+0x106/0xf80
[  655.962994][T17550]  ? clear_bhb_loop+0x40/0x90
[  655.963013][T17550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.963028][T17550] RIP: 0033:0x7fdbd3f9c799
[  655.963042][T17550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  655.963057][T17550] RSP: 002b:00007fdbd21f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  655.963071][T17550] RAX: ffffffffffffffda RBX: 00007fdbd4215fa0 RCX: 00007fdbd3f9c799
[  655.963081][T17550] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000003
[  655.963090][T17550] RBP: 00007fdbd21f6090 R08: 0000000000000000 R09: 0000000000000000
[  655.963099][T17550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.963107][T17550] R13: 00007fdbd4216038 R14: 00007fdbd4215fa0 R15: 00007ffe393d27f8
[  655.963127][T17550]  </TASK>
[  657.163532][T17571] FAULT_INJECTION: forcing a failure.
[  657.163532][T17571] name fail_futex, interval 1, probability 0, space 0, times 0
[  657.192157][T17571] CPU: 0 UID: 0 PID: 17571 Comm: syz.2.2964 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  657.192186][T17571] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  657.192192][T17571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  657.192202][T17571] Call Trace:
[  657.192207][T17571]  <TASK>
[  657.192214][T17571]  dump_stack_lvl+0x100/0x190
[  657.192242][T17571]  should_fail_ex.cold+0x5/0xa
[  657.192261][T17571]  get_futex_key+0x1d2/0x1620
[  657.192281][T17571]  ? __pfx_get_futex_key+0x10/0x10
[  657.192298][T17571]  ? find_held_lock+0x2b/0x80
[  657.192312][T17571]  ? get_pid_task+0xfc/0x250
[  657.192330][T17571]  ? get_pid_task+0xfc/0x250
[  657.192351][T17571]  futex_wake+0xea/0x530
[  657.192372][T17571]  ? proc_fail_nth_write+0x9f/0x220
[  657.192390][T17571]  ? find_held_lock+0x2b/0x80
[  657.192404][T17571]  ? __pfx_futex_wake+0x10/0x10
[  657.192428][T17571]  ? ksys_write+0x190/0x250
[  657.192442][T17571]  ? ksys_write+0x190/0x250
[  657.192459][T17571]  do_futex+0x32b/0x350
[  657.192478][T17571]  ? __pfx_do_futex+0x10/0x10
[  657.192502][T17571]  __x64_sys_futex+0x34f/0x4d0
[  657.192523][T17571]  ? fput+0x79/0x100
[  657.192539][T17571]  ? __pfx___x64_sys_futex+0x10/0x10
[  657.192556][T17571]  ? ksys_write+0x1ac/0x250
[  657.192569][T17571]  ? __pfx_ksys_write+0x10/0x10
[  657.192587][T17571]  do_syscall_64+0x106/0xf80
[  657.192605][T17571]  ? clear_bhb_loop+0x40/0x90
[  657.192631][T17571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.192646][T17571] RIP: 0033:0x7fdb90f9c799
[  657.192665][T17571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  657.192690][T17571] RSP: 002b:00007fdb91d890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  657.192711][T17571] RAX: ffffffffffffffda RBX: 00007fdb91215fa8 RCX: 00007fdb90f9c799
[  657.192721][T17571] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdb91215fac
[  657.192730][T17571] RBP: 00007fdb91215fa0 R08: 0000000000000000 R09: 0000000000000000
[  657.192740][T17571] R10: 000000000000fdef R11: 0000000000000246 R12: 0000000000000000
[  657.192749][T17571] R13: 00007fdb91216038 R14: 00007ffe078ad830 R15: 00007ffe078ad918
[  657.192769][T17571]  </TASK>
[  657.637116][T17571] FAULT_INJECTION: forcing a failure.
[  657.637116][T17571] name fail_futex, interval 1, probability 0, space 0, times 0
[  657.652941][T17571] CPU: 0 UID: 0 PID: 17571 Comm: syz.2.2964 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  657.652972][T17571] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  657.652978][T17571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  657.652987][T17571] Call Trace:
[  657.652993][T17571]  <TASK>
[  657.652999][T17571]  dump_stack_lvl+0x100/0x190
[  657.653027][T17571]  should_fail_ex.cold+0x5/0xa
[  657.653046][T17571]  get_futex_key+0x1d2/0x1620
[  657.653067][T17571]  ? __pfx_get_futex_key+0x10/0x10
[  657.653084][T17571]  ? find_held_lock+0x2b/0x80
[  657.653098][T17571]  ? get_pid_task+0xfc/0x250
[  657.653116][T17571]  ? get_pid_task+0xfc/0x250
[  657.653137][T17571]  futex_wake+0xea/0x530
[  657.653157][T17571]  ? proc_fail_nth_write+0x9f/0x220
[  657.653176][T17571]  ? find_held_lock+0x2b/0x80
[  657.653190][T17571]  ? __pfx_futex_wake+0x10/0x10
[  657.653213][T17571]  ? ksys_write+0x190/0x250
[  657.653226][T17571]  ? ksys_write+0x190/0x250
[  657.653243][T17571]  do_futex+0x32b/0x350
[  657.653262][T17571]  ? __pfx_do_futex+0x10/0x10
[  657.653286][T17571]  __x64_sys_futex+0x34f/0x4d0
[  657.653306][T17571]  ? fput+0x79/0x100
[  657.653321][T17571]  ? __pfx___x64_sys_futex+0x10/0x10
[  657.653339][T17571]  ? ksys_write+0x1ac/0x250
[  657.653361][T17571]  ? __pfx_ksys_write+0x10/0x10
[  657.653381][T17571]  do_syscall_64+0x106/0xf80
[  657.653399][T17571]  ? clear_bhb_loop+0x40/0x90
[  657.653417][T17571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.653433][T17571] RIP: 0033:0x7fdb90f9c799
[  657.653448][T17571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  657.653463][T17571] RSP: 002b:00007fdb91d890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  657.653478][T17571] RAX: ffffffffffffffda RBX: 00007fdb91215fa8 RCX: 00007fdb90f9c799
[  657.653489][T17571] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdb91215fac
[  657.653498][T17571] RBP: 00007fdb91215fa0 R08: 0000000000000000 R09: 0000000000000000
[  657.653507][T17571] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000
[  657.653516][T17571] R13: 00007fdb91216038 R14: 00007ffe078ad830 R15: 00007ffe078ad918
[  657.653537][T17571]  </TASK>
[  658.142178][   T51] Bluetooth: hci4: unexpected event 0x3c length: 254 > 7
[  659.278711][T17602] FAULT_INJECTION: forcing a failure.
[  659.278711][T17602] name failslab, interval 1, probability 0, space 0, times 0
[  659.424122][T17602] CPU: 0 UID: 0 PID: 17602 Comm: syz.1.2970 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  659.424152][T17602] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  659.424158][T17602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  659.424168][T17602] Call Trace:
[  659.424174][T17602]  <TASK>
[  659.424181][T17602]  dump_stack_lvl+0x100/0x190
[  659.424209][T17602]  should_fail_ex.cold+0x5/0xa
[  659.424228][T17602]  ? handler_new_ref+0x1ab/0xc60
[  659.424362][T17602]  should_failslab+0xc2/0x120
[  659.424379][T17602]  __kmalloc_noprof+0xe0/0x850
[  659.424407][T17602]  handler_new_ref+0x1ab/0xc60
[  659.424433][T17602]  v4l2_ctrl_new+0xe67/0x23a0
[  659.424460][T17602]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[  659.424489][T17602]  v4l2_ctrl_new_std+0x1bb/0x290
[  659.424519][T17602]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[  659.424542][T17602]  ? trace_kmalloc+0x101/0x130
[  659.424561][T17602]  ? __kasan_kmalloc+0xaa/0xb0
[  659.424585][T17602]  ? v4l2_ctrl_handler_init_class+0x201/0x350
[  659.424606][T17602]  ? lockdep_set_lock_cmp_fn+0xa0/0xe0
[  659.424629][T17602]  ? media_request_object_init+0x105/0x180
[  659.424673][T17602]  vim2m_open+0x140/0x830
[  659.424731][T17602]  v4l2_open+0x1d2/0x490
[  659.424772][T17602]  ? __pfx_v4l2_open+0x10/0x10
[  659.424792][T17602]  chrdev_open+0x234/0x6a0
[  659.424809][T17602]  ? __pfx_apparmor_file_open+0x10/0x10
[  659.424831][T17602]  ? __pfx_chrdev_open+0x10/0x10
[  659.424847][T17602]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  659.424868][T17602]  do_dentry_open+0x6d8/0x1660
[  659.424883][T17602]  ? __pfx_chrdev_open+0x10/0x10
[  659.424902][T17602]  vfs_open+0x82/0x3f0
[  659.424923][T17602]  path_openat+0x208c/0x31a0
[  659.424945][T17602]  ? __pfx_path_openat+0x10/0x10
[  659.424968][T17602]  do_file_open+0x20e/0x430
[  659.424985][T17602]  ? __pfx_do_file_open+0x10/0x10
[  659.425015][T17602]  ? alloc_fd+0x476/0x790
[  659.425032][T17602]  ? do_getname+0x191/0x390
[  659.425052][T17602]  do_sys_openat2+0x10d/0x1e0
[  659.425071][T17602]  ? __pfx_do_sys_openat2+0x10/0x10
[  659.425097][T17602]  __x64_sys_openat+0x12d/0x210
[  659.425117][T17602]  ? __pfx___x64_sys_openat+0x10/0x10
[  659.425140][T17602]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  659.425160][T17602]  ? syscall_user_dispatch+0x76/0x130
[  659.425184][T17602]  do_syscall_64+0x106/0xf80
[  659.425202][T17602]  ? clear_bhb_loop+0x40/0x90
[  659.425221][T17602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.425237][T17602] RIP: 0033:0x7fcdee59c799
[  659.425252][T17602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  659.425268][T17602] RSP: 002b:00007fcdef465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  659.425284][T17602] RAX: ffffffffffffffda RBX: 00007fcdee816090 RCX: 00007fcdee59c799
[  659.425295][T17602] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  659.425306][T17602] RBP: 00007fcdee632c99 R08: 0000000000000000 R09: 0000000000000000
[  659.425315][T17602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  659.425325][T17602] R13: 00007fcdee816128 R14: 00007fcdee816090 R15: 00007ffd3578c858
[  659.425354][T17602]  </TASK>
[  659.859716][T17578] openvswitch: netlink: Multiple metadata blocks provided
[  660.487298][T17613] tc_dump_action: action bad kind
[  661.414796][   T30] audit: type=1326 audit(784.670:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17636 comm="syz.1.2981" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcdee59c799 code=0x0
[  662.121709][T17662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2986'.
[  662.706521][T17674] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2990'.
[  662.794595][T17686] FAULT_INJECTION: forcing a failure.
[  662.794595][T17686] name fail_futex, interval 1, probability 0, space 0, times 0
[  662.880861][T17686] CPU: 0 UID: 0 PID: 17686 Comm: syz.0.2993 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  662.880888][T17686] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  662.880894][T17686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  662.880904][T17686] Call Trace:
[  662.880910][T17686]  <TASK>
[  662.880916][T17686]  dump_stack_lvl+0x100/0x190
[  662.880943][T17686]  should_fail_ex.cold+0x5/0xa
[  662.880962][T17686]  get_futex_key+0x1d2/0x1620
[  662.880997][T17686]  ? __pfx_get_futex_key+0x10/0x10
[  662.881014][T17686]  ? lock_acquire+0x1cf/0x380
[  662.881039][T17686]  futex_wake+0xea/0x530
[  662.881062][T17686]  ? __pfx_futex_wake+0x10/0x10
[  662.881084][T17686]  ? exit_mm_release+0x19/0x30
[  662.881108][T17686]  do_futex+0x32b/0x350
[  662.881127][T17686]  ? __pfx_do_futex+0x10/0x10
[  662.881145][T17686]  ? __might_fault+0xc5/0x140
[  662.881170][T17686]  mm_release+0x24a/0x2f0
[  662.881186][T17686]  do_exit+0x704/0x2b60
[  662.881207][T17686]  ? __pfx_do_exit+0x10/0x10
[  662.881226][T17686]  ? do_raw_spin_lock+0x128/0x260
[  662.881247][T17686]  ? find_held_lock+0x2b/0x80
[  662.881261][T17686]  ? get_signal+0x7e0/0x21e0
[  662.881278][T17686]  do_group_exit+0xd5/0x2a0
[  662.881299][T17686]  get_signal+0x1ec7/0x21e0
[  662.881321][T17686]  ? __pfx_get_signal+0x10/0x10
[  662.881338][T17686]  ? do_futex+0x192/0x350
[  662.881359][T17686]  arch_do_signal_or_restart+0x91/0x770
[  662.881380][T17686]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  662.881403][T17686]  ? __pfx___x64_sys_futex+0x10/0x10
[  662.881426][T17686]  exit_to_user_mode_loop+0x86/0x4a0
[  662.881449][T17686]  do_syscall_64+0x668/0xf80
[  662.881467][T17686]  ? clear_bhb_loop+0x40/0x90
[  662.881486][T17686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.881501][T17686] RIP: 0033:0x7fdbd3f9c799
[  662.881515][T17686] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  662.881530][T17686] RSP: 002b:00007fdbd21f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  662.881545][T17686] RAX: fffffffffffffe00 RBX: 00007fdbd4215fa8 RCX: 00007fdbd3f9c799
[  662.881556][T17686] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdbd4215fa8
[  662.881565][T17686] RBP: 00007fdbd4215fa0 R08: 0000000000000000 R09: 0000000000000000
[  662.881575][T17686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  662.881583][T17686] R13: 00007fdbd4216038 R14: 00007ffe393d2710 R15: 00007ffe393d27f8
[  662.881603][T17686]  </TASK>
[  663.405266][T17694] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  665.224904][T17724] bond0: invalid ARP target specified
[  665.282488][T17724] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3002'.
[  665.345907][T17724] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  665.378999][T17724] batman_adv: batadv0: Removing interface: batadv_slave_0
[  665.437368][T17724] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  665.468712][T17724] batman_adv: batadv0: Removing interface: batadv_slave_1
[  667.002649][T17765] tc_dump_action: action bad kind
[  667.192937][T17771] futex_wake_op: syz.3.3015 tries to shift op by -2048; fix this program
[  667.222963][T17771] futex_wake_op: syz.3.3015 tries to shift op by -2048; fix this program
[  667.261646][T17771] 0x000000000001-0x000000020000 : ""
[  667.301880][T17771] ftl_cs: FTL header corrupt!
[  667.616842][T17778] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3016'.
[  668.011731][T17784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3018'.
[  668.062589][T17784] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3018'.
[  668.507031][   T51] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5
[  668.521400][T17796] Invalid ELF header magic: != ELF
[  668.537946][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.538007][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.546876][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.554214][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.562501][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.569653][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.577940][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.586649][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.593980][   T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9
[  668.647544][   T51] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260
[  668.663954][   T51] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  668.663974][   T51] Bluetooth: hci1: adv larger than maximum supported
[  668.671656][   T51] Bluetooth: hci1: adv larger than maximum supported
[  668.678525][   T51] Bluetooth: hci1: adv larger than maximum supported
[  668.686789][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  670.912467][T17841] zswap: compressor  not available
[  673.855939][T17910] netlink: 2468 bytes leftover after parsing attributes in process `syz.2.3049'.
[  674.942303][T17934] zswap: compressor  not available
[  676.541563][T17973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3064'.
[  676.983667][T17980] FAULT_INJECTION: forcing a failure.
[  676.983667][T17980] name failslab, interval 1, probability 0, space 0, times 0
[  677.039882][T17980] CPU: 0 UID: 0 PID: 17980 Comm: syz.1.3068 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  677.039918][T17980] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  677.039925][T17980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  677.039935][T17980] Call Trace:
[  677.039941][T17980]  <TASK>
[  677.039948][T17980]  dump_stack_lvl+0x100/0x190
[  677.039979][T17980]  should_fail_ex.cold+0x5/0xa
[  677.040000][T17980]  ? tomoyo_realpath_from_path+0xb6/0x690
[  677.040094][T17980]  should_failslab+0xc2/0x120
[  677.040113][T17980]  __kmalloc_noprof+0xe0/0x850
[  677.040140][T17980]  tomoyo_realpath_from_path+0xb6/0x690
[  677.040163][T17980]  tomoyo_check_open_permission+0x2af/0x3c0
[  677.040212][T17980]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  677.040256][T17980]  ? do_raw_spin_lock+0x128/0x260
[  677.040280][T17980]  ? path_get+0x61/0x80
[  677.040302][T17980]  tomoyo_file_open+0x6b/0x90
[  677.040322][T17980]  security_file_open+0xb5/0x1e0
[  677.040339][T17980]  do_dentry_open+0x5aa/0x1660
[  677.040356][T17980]  ? security_inode_permission+0xbf/0x250
[  677.040383][T17980]  vfs_open+0x82/0x3f0
[  677.040404][T17980]  path_openat+0x208c/0x31a0
[  677.040426][T17980]  ? __pfx_path_openat+0x10/0x10
[  677.040448][T17980]  do_file_open+0x20e/0x430
[  677.040465][T17980]  ? __pfx_do_file_open+0x10/0x10
[  677.040494][T17980]  ? alloc_fd+0x476/0x790
[  677.040512][T17980]  ? do_getname+0x191/0x390
[  677.040532][T17980]  do_sys_openat2+0x10d/0x1e0
[  677.040551][T17980]  ? __pfx_do_sys_openat2+0x10/0x10
[  677.040585][T17980]  __x64_sys_openat+0x12d/0x210
[  677.040606][T17980]  ? __pfx___x64_sys_openat+0x10/0x10
[  677.040634][T17980]  do_syscall_64+0x106/0xf80
[  677.040654][T17980]  ? clear_bhb_loop+0x40/0x90
[  677.040673][T17980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.040688][T17980] RIP: 0033:0x7fcdee59c799
[  677.040704][T17980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  677.040719][T17980] RSP: 002b:00007fcdef486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  677.040735][T17980] RAX: ffffffffffffffda RBX: 00007fcdee815fa0 RCX: 00007fcdee59c799
[  677.040746][T17980] RDX: 0000000000068b81 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  677.040757][T17980] RBP: 00007fcdee632c99 R08: 0000000000000000 R09: 0000000000000000
[  677.040767][T17980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  677.040776][T17980] R13: 00007fcdee816038 R14: 00007fcdee815fa0 R15: 00007ffd3578c858
[  677.040796][T17980]  </TASK>
[  677.048078][T17980] ERROR: Out of memory at tomoyo_realpath_from_path.
[  677.847067][T17939] kexec: Could not allocate control_code_buffer
[  678.202029][T17989] tc_dump_action: action bad kind
[  678.372290][T17992] nbd: illegal input index 37139
[  680.414432][T18029] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3081'.
[  680.453159][T18028] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3077'.
[  681.883262][T18057] FAULT_INJECTION: forcing a failure.
[  681.883262][T18057] name failslab, interval 1, probability 0, space 0, times 0
[  681.956469][T18057] CPU: 0 UID: 0 PID: 18057 Comm: syz.3.3085 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  681.956497][T18057] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  681.956503][T18057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  681.956513][T18057] Call Trace:
[  681.956519][T18057]  <TASK>
[  681.956525][T18057]  dump_stack_lvl+0x100/0x190
[  681.956552][T18057]  should_fail_ex.cold+0x5/0xa
[  681.956570][T18057]  should_failslab+0xc2/0x120
[  681.956587][T18057]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  681.956610][T18057]  ? __alloc_skb+0x140/0x710
[  681.956632][T18057]  __alloc_skb+0x140/0x710
[  681.956647][T18057]  ? __alloc_skb+0x5b7/0x710
[  681.956663][T18057]  ? __pfx___alloc_skb+0x10/0x10
[  681.956679][T18057]  ? genl_rcv_msg+0x4be/0x800
[  681.956707][T18057]  netlink_ack+0x117/0xb80
[  681.956732][T18057]  netlink_rcv_skb+0x333/0x420
[  681.956752][T18057]  ? __pfx_genl_rcv_msg+0x10/0x10
[  681.956781][T18057]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  681.956809][T18057]  ? netlink_deliver_tap+0x1ae/0xcc0
[  681.956830][T18057]  genl_rcv+0x28/0x40
[  681.956850][T18057]  netlink_unicast+0x5aa/0x870
[  681.956873][T18057]  ? __pfx_netlink_unicast+0x10/0x10
[  681.956899][T18057]  netlink_sendmsg+0x8b0/0xda0
[  681.956922][T18057]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.956941][T18057]  ? __import_iovec+0x1d2/0x640
[  681.956959][T18057]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  681.956983][T18057]  ____sys_sendmsg+0x9e1/0xb70
[  681.957004][T18057]  ? __pfx_netlink_sendmsg+0x10/0x10
[  681.957025][T18057]  ? __pfx_____sys_sendmsg+0x10/0x10
[  681.957056][T18057]  ___sys_sendmsg+0x190/0x1e0
[  681.957080][T18057]  ? __pfx____sys_sendmsg+0x10/0x10
[  681.957126][T18057]  __sys_sendmsg+0x170/0x220
[  681.957145][T18057]  ? __pfx___sys_sendmsg+0x10/0x10
[  681.957175][T18057]  do_syscall_64+0x106/0xf80
[  681.957194][T18057]  ? clear_bhb_loop+0x40/0x90
[  681.957213][T18057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.957229][T18057] RIP: 0033:0x7fe0dab9c799
[  681.957242][T18057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  681.957257][T18057] RSP: 002b:00007fe0d8dee028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  681.957273][T18057] RAX: ffffffffffffffda RBX: 00007fe0dae15fa0 RCX: 00007fe0dab9c799
[  681.957283][T18057] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000003
[  681.957293][T18057] RBP: 00007fe0d8dee090 R08: 0000000000000000 R09: 0000000000000000
[  681.957302][T18057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.957311][T18057] R13: 00007fe0dae16038 R14: 00007fe0dae15fa0 R15: 00007ffd71a0d3f8
[  681.957331][T18057]  </TASK>
[  682.850187][T18067] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  682.856314][T18067] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  682.901689][T18067] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  682.936997][T18067] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  683.078230][T18074] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.3092'.
[  683.332444][T18083] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3096'.
[  683.403598][T18083] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3096'.
[  683.710483][T18096] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3098'.
[  684.418935][T18110] misc userio: Invalid payload size
[  684.614610][ T5833] bt_warn_ratelimited: 57 callbacks suppressed
[  684.614626][ T5833] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  684.786770][T18097] kexec: Could not allocate control_code_buffer
[  684.858978][T18123] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3103'.
[  684.943288][ T5833] Bluetooth: hci0: command 0x0c1a tx timeout
[  684.949435][ T5833] Bluetooth: hci3: command 0x0c1a tx timeout
[  684.955847][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  685.025531][T18126] Bluetooth: hci1: command 0x0c1a tx timeout
[  685.118515][T18128] netlink: 'syz.1.3104': attribute type 2 has an invalid length.
[  685.275311][T18133] bonding: no command found in bonding_masters - use +ifname or -ifname
[  685.824343][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  685.830777][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  712.703222][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  712.715630][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  712.726454][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  712.738791][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  712.746863][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  713.327436][   T74] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  713.496106][   T74] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  713.648607][   T74] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  713.813085][   T74] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  713.890106][T19683] chnl_net:caif_netlink_parms(): no params data found
[  714.370511][   T74] bridge_slave_1: left allmulticast mode
[  714.402300][   T74] bridge_slave_1: left promiscuous mode
[  714.436301][   T74] bridge0: port 2(bridge_slave_1) entered disabled state
[  714.498559][   T74] bridge_slave_0: left allmulticast mode
[  714.504224][   T74] bridge_slave_0: left promiscuous mode
[  714.574345][   T74] bridge0: port 1(bridge_slave_0) entered disabled state
[  714.796299][ T5840] Bluetooth: hci2: command tx timeout
[  715.270141][   T74] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  715.377419][   T74] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  715.442326][   T74] bond0 (unregistering): Released all slaves
[  715.502484][T19683] bridge0: port 1(bridge_slave_0) entered blocking state
[  715.549885][T19683] bridge0: port 1(bridge_slave_0) entered disabled state
[  715.612288][T19683] bridge_slave_0: entered allmulticast mode
[  715.653404][T19683] bridge_slave_0: entered promiscuous mode
[  715.794433][T19683] bridge0: port 2(bridge_slave_1) entered blocking state
[  715.835045][T19683] bridge0: port 2(bridge_slave_1) entered disabled state
[  715.864925][T19683] bridge_slave_1: entered allmulticast mode
[  715.894833][T19683] bridge_slave_1: entered promiscuous mode
[  716.080890][T19683] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  716.151834][T19683] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  716.395358][   T74] hsr_slave_0: left promiscuous mode
[  716.428016][   T74] hsr_slave_1: left promiscuous mode
[  716.451322][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  716.502653][   T74] batman_adv: batadv0: Removing interface: batadv_slave_0
[  716.547012][   T74] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  716.554417][   T74] batman_adv: batadv0: Removing interface: batadv_slave_1
[  716.662880][   T74] veth1_macvtap: left promiscuous mode
[  716.701767][   T74] veth0_macvtap: left promiscuous mode
[  716.738762][   T74] veth1_vlan: left promiscuous mode
[  716.773055][   T74] veth0_vlan: left promiscuous mode
[  716.877318][ T5840] Bluetooth: hci2: command tx timeout
[  717.657325][   T74] team0 (unregistering): Port device team_slave_1 removed
[  717.730421][   T74] team0 (unregistering): Port device team_slave_0 removed
[  718.145704][T19683] team0: Port device team_slave_0 added
[  718.208116][T19683] team0: Port device team_slave_1 added
[  718.376881][T19683] batman_adv: batadv0: Adding interface: batadv_slave_0
[  718.427372][T19683] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.614562][T19683] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  718.724309][T19683] batman_adv: batadv0: Adding interface: batadv_slave_1
[  718.763362][T19683] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  718.918783][T19683] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  718.963881][ T5840] Bluetooth: hci2: command tx timeout
[  719.176023][T19683] hsr_slave_0: entered promiscuous mode
[  719.199161][T19683] hsr_slave_1: entered promiscuous mode
[  719.237245][T19683] debugfs: 'hsr0' already exists in 'hsr'
[  719.276248][T19683] Cannot create hsr debugfs directory
[  720.633242][T19683] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  720.693456][T19683] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  720.772657][T19683] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  720.841794][T19683] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  721.039099][ T5840] Bluetooth: hci2: command tx timeout
[  721.233623][T19683] 8021q: adding VLAN 0 to HW filter on device bond0
[  721.336378][T19683] 8021q: adding VLAN 0 to HW filter on device team0
[  721.398423][T10146] bridge0: port 1(bridge_slave_0) entered blocking state
[  721.405662][T10146] bridge0: port 1(bridge_slave_0) entered forwarding state
[  721.507103][T10146] bridge0: port 2(bridge_slave_1) entered blocking state
[  721.514260][T10146] bridge0: port 2(bridge_slave_1) entered forwarding state
[  722.222647][T19683] 8021q: adding VLAN 0 to HW filter on device batadv0
[  722.407178][T19683] veth0_vlan: entered promiscuous mode
[  722.467696][T19683] veth1_vlan: entered promiscuous mode
[  722.622217][T19683] veth0_macvtap: entered promiscuous mode
[  722.676468][T19683] veth1_macvtap: entered promiscuous mode
[  722.773288][T19683] batman_adv: batadv0: Interface activated: batadv_slave_0
[  722.852591][T19683] batman_adv: batadv0: Interface activated: batadv_slave_1
[  722.963177][T10132] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  723.001563][T10132] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  723.065395][T10132] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  723.118857][T10132] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  723.352645][  T150] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  723.391120][  T150] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  723.542027][  T150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  723.582869][  T150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  724.383053][T18126] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  724.395268][T18126] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  724.403880][T18126] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  724.415821][T18126] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  724.432793][T18126] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  724.619581][T15598] ------------[ cut here ]------------
[  724.625149][T15598] ODEBUG: free active (active state 0) object: ffff888048099460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[  724.638013][T15598] WARNING: lib/debugobjects.c:629 at debug_print_object+0x18e/0x2a0, CPU#0: syz-executor/15598
[  724.648542][T15598] Modules linked in:
[  724.652726][T15598] CPU: 0 UID: 0 PID: 15598 Comm: syz-executor Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  724.664023][T15598] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  724.669210][T15598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  724.679320][T15598] RIP: 0010:debug_print_object+0x19b/0x2a0
[  724.685307][T15598] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 12 70 e8 0b 41 56 48 8b 14 dd 60 0b 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 0f de 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  724.705264][T15598] RSP: 0018:ffffc9000637f708 EFLAGS: 00010246
[  724.711659][T15598] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  724.720373][T15598] RDX: ffffffff8c1b0aa0 RSI: ffffffff8c1b06c0 RDI: ffffffff90e442a0
[  724.728335][T15598] RBP: 0000000000000001 R08: ffff888048099460 R09: ffffffff8bb2b8a0
[  724.737063][T15598] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b06c0
[  724.745143][T15598] R13: ffffffff8bb2b8e0 R14: ffffffff8a95d7c0 R15: ffffc9000637f808
[  724.753174][T15598] FS:  0000000000000000(0000) GS:ffff88812434d000(0000) knlGS:0000000000000000
[  724.762130][T15598] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  724.768722][T15598] CR2: 00007fcdef3456b8 CR3: 0000000038e8e000 CR4: 00000000003526f0
[  724.776752][T15598] Call Trace:
[  724.780020][T15598]  <TASK>
[  724.782972][T15598]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  724.788450][T15598]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  724.794578][T15598]  debug_check_no_obj_freed+0x4da/0x630
[  724.800136][T15598]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  724.806473][T15598]  ? __page_table_check_zero+0x333/0x410
[  724.812132][T15598]  ? __page_table_check_zero+0x338/0x410
[  724.818461][T15598]  __free_frozen_pages+0x392/0x10d0
[  724.824162][T15598]  hci_release_dev+0x4ef/0x630
[  724.829020][T15598]  ? __pfx_hci_release_dev+0x10/0x10
[  724.834356][T15598]  ? device_release+0x69/0x240
[  724.839169][T15598]  ? rcu_is_watching+0x12/0xc0
[  724.844004][T15598]  ? device_release+0x69/0x240
[  724.848768][T15598]  ? kfree+0x2ec/0x6b0
[  724.852915][T15598]  bt_host_release+0x6a/0xb0
[  724.857502][T15598]  ? __pfx_bt_host_release+0x10/0x10
[  724.862818][T15598]  device_release+0xa4/0x240
[  724.867420][T15598]  kobject_put+0x1f7/0x640
[  724.871987][T15598]  put_device+0x1f/0x30
[  724.876177][T15598]  vhci_release+0x185/0x230
[  724.880890][T15598]  ? __pfx_vhci_release+0x10/0x10
[  724.885905][T15598]  __fput+0x3ff/0xb40
[  724.889881][T15598]  task_work_run+0x150/0x240
[  724.894523][T15598]  ? __pfx_task_work_run+0x10/0x10
[  724.899920][T15598]  do_exit+0x8b8/0x2b60
[  724.904291][T15598]  ? __pfx_do_exit+0x10/0x10
[  724.908883][T15598]  ? do_raw_spin_lock+0x128/0x260
[  724.913959][T15598]  ? find_held_lock+0x2b/0x80
[  724.918621][T15598]  ? get_signal+0x7e0/0x21e0
[  724.923966][T15598]  do_group_exit+0xd5/0x2a0
[  724.928490][T15598]  get_signal+0x1ec7/0x21e0
[  724.933534][T15598]  ? security_file_permission+0x76/0x210
[  724.939180][T15598]  ? rw_verify_area+0xce/0x6d0
[  724.944020][T15598]  ? __pfx_get_signal+0x10/0x10
[  724.948871][T15598]  ? __pfx_vfs_write+0x10/0x10
[  724.953729][T15598]  arch_do_signal_or_restart+0x91/0x770
[  724.959323][T15598]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  724.965687][T15598]  ? ksys_write+0x1ac/0x250
[  724.970189][T15598]  exit_to_user_mode_loop+0x86/0x4a0
[  724.975525][T15598]  do_syscall_64+0x668/0xf80
[  724.980108][T15598]  ? clear_bhb_loop+0x40/0x90
[  724.984926][T15598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.990882][T15598] RIP: 0033:0x7fdb90f5cfce
[  724.995347][T15598] Code: Unable to access opcode bytes at 0x7fdb90f5cfa4.
[  725.002684][T15598] RSP: 002b:00007ffe078adc18 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  725.011351][T15598] RAX: 0000000000000004 RBX: 000055558a68f500 RCX: 00007fdb90f5cfce
[  725.019320][T15598] RDX: 0000000000000004 RSI: 00007ffe078add10 RDI: 00000000000000f8
[  725.028036][T15598] RBP: 00007ffe078adcbc R08: 0000000000000000 R09: 0000000000000000
[  725.036503][T15598] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000025b
[  725.045089][T15598] R13: 00000000000927c0 R14: 00000000000b0ab4 R15: 00007ffe078add10
[  725.053239][T15598]  </TASK>
[  725.056278][T15598] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  725.063544][T15598] CPU: 0 UID: 0 PID: 15598 Comm: syz-executor Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  725.074640][T15598] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  725.079816][T15598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  725.089854][T15598] Call Trace:
[  725.093116][T15598]  <TASK>
[  725.096035][T15598]  dump_stack_lvl+0x100/0x190
[  725.100707][T15598]  vpanic+0x552/0x970
[  725.104672][T15598]  ? __pfx_vpanic+0x10/0x10
[  725.109181][T15598]  panic+0xd1/0xe0
[  725.112885][T15598]  ? __pfx_panic+0x10/0x10
[  725.117300][T15598]  ? check_panic_on_warn+0x1f/0x90
[  725.122407][T15598]  check_panic_on_warn.cold+0x19/0x34
[  725.127772][T15598]  ? debug_print_object+0x18e/0x2a0
[  725.133132][T15598]  __warn.cold+0x191/0x348
[  725.137537][T15598]  __report_bug+0x296/0x3d0
[  725.142112][T15598]  ? debug_print_object+0x18e/0x2a0
[  725.147327][T15598]  ? __pfx___report_bug+0x10/0x10
[  725.152344][T15598]  ? unwind_next_frame+0x3c8/0x1ea0
[  725.157552][T15598]  report_bug_entry+0xe1/0x290
[  725.162326][T15598]  ? debug_print_object+0x19b/0x2a0
[  725.167529][T15598]  handle_bug+0x1cd/0x2a0
[  725.171855][T15598]  exc_invalid_op+0x17/0x50
[  725.176363][T15598]  asm_exc_invalid_op+0x1a/0x20
[  725.181202][T15598] RIP: 0010:debug_print_object+0x19b/0x2a0
[  725.187001][T15598] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 12 70 e8 0b 41 56 48 8b 14 dd 60 0b 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 0f de 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  725.206611][T15598] RSP: 0018:ffffc9000637f708 EFLAGS: 00010246
[  725.212663][T15598] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  725.220616][T15598] RDX: ffffffff8c1b0aa0 RSI: ffffffff8c1b06c0 RDI: ffffffff90e442a0
[  725.228592][T15598] RBP: 0000000000000001 R08: ffff888048099460 R09: ffffffff8bb2b8a0
[  725.236549][T15598] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b06c0
[  725.244506][T15598] R13: ffffffff8bb2b8e0 R14: ffffffff8a95d7c0 R15: ffffc9000637f808
[  725.252466][T15598]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  725.257929][T15598]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  725.263390][T15598]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  725.269216][T15598]  debug_check_no_obj_freed+0x4da/0x630
[  725.274770][T15598]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  725.280846][T15598]  ? __page_table_check_zero+0x333/0x410
[  725.286470][T15598]  ? __page_table_check_zero+0x338/0x410
[  725.292115][T15598]  __free_frozen_pages+0x392/0x10d0
[  725.297310][T15598]  hci_release_dev+0x4ef/0x630
[  725.302081][T15598]  ? __pfx_hci_release_dev+0x10/0x10
[  725.307360][T15598]  ? device_release+0x69/0x240
[  725.312112][T15598]  ? rcu_is_watching+0x12/0xc0
[  725.316868][T15598]  ? device_release+0x69/0x240
[  725.321621][T15598]  ? kfree+0x2ec/0x6b0
[  725.325715][T15598]  bt_host_release+0x6a/0xb0
[  725.330309][T15598]  ? __pfx_bt_host_release+0x10/0x10
[  725.335626][T15598]  device_release+0xa4/0x240
[  725.340203][T15598]  kobject_put+0x1f7/0x640
[  725.344615][T15598]  put_device+0x1f/0x30
[  725.348764][T15598]  vhci_release+0x185/0x230
[  725.353252][T15598]  ? __pfx_vhci_release+0x10/0x10
[  725.358262][T15598]  __fput+0x3ff/0xb40
[  725.362252][T15598]  task_work_run+0x150/0x240
[  725.366837][T15598]  ? __pfx_task_work_run+0x10/0x10
[  725.371942][T15598]  do_exit+0x8b8/0x2b60
[  725.376092][T15598]  ? __pfx_do_exit+0x10/0x10
[  725.380670][T15598]  ? do_raw_spin_lock+0x128/0x260
[  725.385686][T15598]  ? find_held_lock+0x2b/0x80
[  725.390347][T15598]  ? get_signal+0x7e0/0x21e0
[  725.395042][T15598]  do_group_exit+0xd5/0x2a0
[  725.399554][T15598]  get_signal+0x1ec7/0x21e0
[  725.404050][T15598]  ? security_file_permission+0x76/0x210
[  725.409768][T15598]  ? rw_verify_area+0xce/0x6d0
[  725.414532][T15598]  ? __pfx_get_signal+0x10/0x10
[  725.419369][T15598]  ? __pfx_vfs_write+0x10/0x10
[  725.424133][T15598]  arch_do_signal_or_restart+0x91/0x770
[  725.429668][T15598]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  725.435914][T15598]  ? ksys_write+0x1ac/0x250
[  725.440404][T15598]  exit_to_user_mode_loop+0x86/0x4a0
[  725.445695][T15598]  do_syscall_64+0x668/0xf80
[  725.450337][T15598]  ? clear_bhb_loop+0x40/0x90
[  725.455017][T15598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.460923][T15598] RIP: 0033:0x7fdb90f5cfce
[  725.465337][T15598] Code: Unable to access opcode bytes at 0x7fdb90f5cfa4.
[  725.472340][T15598] RSP: 002b:00007ffe078adc18 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  725.480742][T15598] RAX: 0000000000000004 RBX: 000055558a68f500 RCX: 00007fdb90f5cfce
[  725.488700][T15598] RDX: 0000000000000004 RSI: 00007ffe078add10 RDI: 00000000000000f8
[  725.496663][T15598] RBP: 00007ffe078adcbc R08: 0000000000000000 R09: 0000000000000000
[  725.504622][T15598] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000025b
[  725.512583][T15598] R13: 00000000000927c0 R14: 00000000000b0ab4 R15: 00007ffe078add10
[  725.520573][T15598]  </TASK>
[  725.523705][T15598] Kernel Offset: disabled
[  725.528028][T15598] Rebooting in 86400 seconds..