last executing test programs:

5.684254747s ago: executing program 1 (id=325):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d)
write$auto_snd_rawmidi_f_ops_rawmidi(r0, &(0x7f0000000180)="ea6a21745f5e657b94ab5e2110606940950e71f8b999a205793213b5ea12e6ddc1a904a8f36abceb06ff6a5b1440284e31acede78058c6dff054631e61ee85ebd0252345611462b36b035a9b5321cae6abc35871b642acc4538238ac34fed1d03dfd003abaa81313e95fad2c49d88a89704b5dce8efa1660be1e47009014f8e97a80063ee5495ce9234ecdf66914adf4fc518f5547847e1ae635465c00feb4fb9709949af18a66b31830db25cc2cb7e9365965573ddd6b3d85978b8983f890fbf861c6ff936d4200c5a47323bdddbc295815a4b1c2c562c815232ac6d9d79aad98bb5f62e3628640be8dfc05c44b9a5be85fd2005c5b", 0xf6)
mprotect$auto(0x1ffffffff000, 0x1000000000004, 0xa)
syz_clone(0x8008000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="8ab8")
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
r1 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x1}, 0x80000b}, 0x5, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)

5.259331238s ago: executing program 3 (id=326):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES64], 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40008c0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x53)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0xb, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x6, 0x1f00)

5.112132045s ago: executing program 1 (id=327):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0x200007, 0x19)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0}, 0x40005)
io_uring_setup$auto(0x6, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x5, 0x801, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0xffffff39)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
socket(0x23, 0x2, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x7f, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
io_uring_setup$auto(0x80000001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x10, 0x2, 0x14)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0)

4.860441193s ago: executing program 3 (id=329):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x3e, 0x0)
r0 = fsopen$auto(0x0, 0x1)
msgsnd$auto(0x3ff, &(0x7f0000000000)={0xffff, 0x9}, 0x8, 0x1) (async)
msgsnd$auto(0x3ff, &(0x7f0000000000)={0xffff, 0x9}, 0x8, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
syslog$auto(0x9, &(0x7f00000004c0)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94d\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3bd\x152\xb7\xc6s3#X\xe9\xb0SqL\x85\xea\xb2\x94Y\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b\xf6\b\xba\x86\x99\xfd;\xfdNlUR\\\xe2 \xdeM\xc5U\xaf\xb1\xc1iF\x06O\xe3q1\xe59\xf7d\xe5\n\x81\xf3hy0\xe6N\xaa=\xa7\xf5\xa5Q\xa4\x92\xb6r|\xad\xf4\xe7\xa1I\x87h\x97\xafuA\x98X\x13W\xae\xac\xb1G]\xa4\x03W\xeb\x92\xa9Q\x0f\x95\x1b@$X=\x15\xb3\xcf\x1eS@\x06{q\'\xdd\x8a\x9fII \xe8F\f\xf2lL\xeb\x83\x8bn7\'\xed:\xa1/\x97\xa8\x04\xd9\xe8\xec\xd34OQ\xa4\xf6\x15\x1b\x96\t\xecQ7\x1eB\xcd\xf5\xdc5B\x1bj)\x19\xe9O\x90\x19\xaf\xc0\x19\x9a\x86\x92#H\xaeW\xf2\xe0\xd8\xd2\xd5\xf8\xc80\x9f\x9b\x9aQ\xfd[%\x80\x96#<\x01\x8d\xecV\x9c<\xcb\xb6\xefdg\fN\'S!\xd5\x85V\xf8\xb6\x86i\xcd\x10\x1c~\x9c)t\r\xe5\xa5\xb6\xe5\x1d\xafb\xc6$\xc4\xd3%\xb3\xb9\xe0C5yS\xbc\x85\xa6\xec\aFgf\xca\x8d\x04)\xcb\x8d\xaa\xcb\f\x90=\xd1\x88:\x9b\xad\x01\xfb\xbb+#\x98\xb2A\xcb', 0x5)
r1 = getpid()
syz_open_procfs$namespace(r1, &(0x7f0000000080)) (async)
r2 = syz_open_procfs$namespace(r1, &(0x7f0000000080))
fchdir$auto(r2)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
sendfile$auto(r3, r3, 0x0, 0x1)

4.773873683s ago: executing program 0 (id=331):
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
ioctl$auto_KVM_CHECK_EXTENSION(r1, 0xae03, 0xd6)
read$auto_uinput_fops_uinput(r0, 0x0, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)

4.512173095s ago: executing program 0 (id=332):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto(0x200000, &(0x7f0000000000)=@iter_create={0xffffffffffffffff, 0x5c7}, 0x102)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/amidi2\x00', 0x4628c0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x8, 0x2020009, 0x2, 0xeb1, r1, 0x9)
mmap$auto(0x40000000000008, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x80f)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1c, 0x1, 0x6, 0xee00, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x1b, &(0x7f0000000000), 0x1)

4.408000792s ago: executing program 3 (id=333):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000000)={0xc, 0x44b0, 0x10001, 0x3, 0x9, 0xffffffffffffffff})
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010b0bbd7000fcdbff7f05"], 0x14}, 0x1, 0x0, 0x0, 0x4008010}, 0x4040084)
unshare$auto(0x40000080)
read$auto(0x3, 0x0, 0x13)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x1e, 0x0, 0x1ff)
sendmsg$auto_OVS_METER_CMD_DEL(r0, 0x0, 0x4000040)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket(0x29, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYBLOB="1200"], 0x1ac}}, 0x40000)
ioctl$auto(r2, 0x89f1, 0x24)

3.459608882s ago: executing program 1 (id=334):
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
write$auto(0xca, &(0x7f0000000040)='\x04>\x01\x01\x00\x00\x00\x00\x01_\x9e\x99:R\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc+\xc9\x18\xe3\xcae\xe6\xf2R\xa3\xab\x1b6\xfe\xe9\xfa)\xfe\xb9\xb2F\xdeU\x8fO\x97\xa1\x1fK\xee\xda\x9d\xef\xa5\xea.\xfd\x12\xc0\x00\xb4\xcf\x98\xda\xa5\xa9\x8enGt \xb8-F]\xf8\x8f\x19Q\x0f\xa1\xf5a/\x19\xf20]\xc9\xf7\xc0R\xcdiS\xd0\xeb\x0f\x84u\x1e^i\'\x1e\x84bu\xa7\xa7\x8a\xd9\x128\x16\xc1\xdcQ\xc0\x88\xd3\x9edF\xe7,\nL\x94uL\xe1\xe8\x0e\xa0$m\x959\xd7\xf8r\x96V\x91\xa8\v\x1c\x83\xf7\xff\x92t\xdb#\xf49?\xcbe\x82\xb2\xf4O\x95Q)\xb2\xecO\xc0\xf6bp\xc0\x9d=', 0x7f)
ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, &(0x7f0000000040)=0xddc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0xfffffffffffffffe, 0xe97f, 0xdf, 0x4000000eb0, r0, 0xdc)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x4a7)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20)
r1 = getpgid(0xffffffffffffffff)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000002c0)={{@inferred=0xffffffffffffffff, 0x4, 0x1, 0x0, "bfc956f7b829ea9bc64a831c54b927c5c84cdfcb6d840bf6034bbe162b339fcc0b9ad62f05f5e47256dc5c36", @raw=0x4}, 0x0, 0x5, 0xd77e, @inferred=r1, @integer={0x5, 0x2, 0x5}, "ff0931dc5a3fb879791acf380abcfd7f9f393a68114cc9d69244416e96525a166b971aae562cbc70472d48eb5f54d36edf407701d0d1c4e40409e86cafa60765"})
read$auto_proc_mountstats_operations_mnt_namespace(r0, &(0x7f0000000180)=""/171, 0xab)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x414041, 0x0)
futex_waitv$auto(&(0x7f0000000080)={0x10001, 0x1, 0x7}, 0x0, 0x10000, &(0x7f00000000c0)={0x3, 0x2}, 0x6de)
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
bind$auto(0xffffffffffffffff, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x3, 0xa3}, 0x80)
bind$auto(0xffffffffffffffff, 0x0, 0x80)

3.382463133s ago: executing program 2 (id=335):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r0, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000000)={0x40, r1, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x1}, @HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "a060292f83d9"}, @HWSIM_ATTR_COOKIE={0xc, 0x8, 0xe000000}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0xffffffcc}, @HWSIM_ATTR_TX_INFO={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)

3.05350831s ago: executing program 2 (id=336):
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x4)
pipe$auto(&(0x7f0000000000))
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
memfd_create$auto(&(0x7f00000000c0)='\xc4--:\xdd:,./-${\x00', 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd}, 0xa3)
eventfd$auto(0x8e)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r2, 0x4040ae79, r3)

2.723617419s ago: executing program 0 (id=337):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x10, 0x2, 0x4)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYRES64], 0x38}, 0x1, 0x0, 0x0, 0x41}, 0x40008c0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x53)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0xb, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x6, 0x1f00)

2.495047689s ago: executing program 3 (id=338):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
socket(0xa, 0x801, 0x84) (async)
msgctl$auto_MSG_STAT(0xffffffff, 0xb, &(0x7f0000000340)={{0x400, 0xffffffffffffffff, 0x0, 0x4, 0x447b, 0x4dc, 0x6c}, 0x0, &(0x7f00000001c0)=0xd6, 0x7, 0xdf, 0x80000001, 0x6, 0x5, 0xffd, 0x4, 0x101, @raw=0xf17})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
write$auto(0x1, 0x0, 0x80000000) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) (async)
madvise$auto(0x0, 0x2003f0, 0x15)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8) (async)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) (async)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x0, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x2, 0x1, 0x106) (async)
bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
preadv2$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) (async)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0x400000000000003, 0x29, 0xcf, 0x0, 0x4) (async)
socket(0x11, 0x80003, 0x1d12) (async)
r1 = socket(0x2, 0x1, 0x0) (async)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
recvmmsg$auto(r1, &(0x7f00000002c0)={{0x0, 0x7, &(0x7f0000000100)={0x0, 0x2}, 0x5, 0x0, 0x5, 0x7f}, 0x1ff}, 0x33, 0x1, &(0x7f0000000300)={0x2, 0x8f})

2.224178959s ago: executing program 2 (id=339):
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000040), r0)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd700000dcdf250100fffc1400020077673000000000000000000000000000ec035872773b7e17f05675f317f8c164043c9bf633a2051d7da96a111994b42dffe09bb5134cf3f9bb18f9d007bab34c1ad4c03eb5188c82c4da4e8c1504"], 0x28}}, 0xc0)

2.207386995s ago: executing program 0 (id=340):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
madvise$auto(0x0, 0xffffffffffff0005, 0x17) (rerun: 32)
mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) (async)
mmap$auto(0xfffffffffffffffe, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async)
syz_clone3(0x0, 0x0) (async, rerun: 64)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) (rerun: 64)
socket(0x2b, 0x1, 0x0)
ioctl$auto(0x3, 0x541b, 0x10000000000402)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'wlan1\x00'}) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
ioctl$auto(0x4000000000000c8, 0x400454cc, 0x6f) (async)
socket(0xa, 0x2, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x0, 0x28, 0xfffffffffffffffc, 0x70) (async, rerun: 32)
write$auto(0x3, 0x0, 0x1) (async)
lseek$auto(r1, 0x100, 0x6) (async)
write$auto(0x3, 0x0, 0xfffffdef) (async)
setresuid$auto(0x0, 0x0, 0xee01) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r2 = fanotify_init$auto(0x5, 0x0)
fanotify_mark$auto(r2, 0x205, 0xa, 0x4, 0x0) (async)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)

2.119383454s ago: executing program 1 (id=341):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (fail_nth: 4)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r1, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)
r2 = prctl$auto(0x42, 0x0, 0x0, 0x1, 0x0)
ioctl$auto_BLKROSET(r2, 0x125d, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
madvise$auto(0x6, 0x1, 0x7fffffff)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0)
msgctl$auto_MSG_INFO(0x4b, 0xc, &(0x7f00000000c0)={{0x1, 0xee01, 0xee00, 0x80, 0xc, 0x7, 0x38}, 0x0, 0x0, 0x40, 0x56, 0x5, 0xf8, 0x8, 0x1, 0x0, 0x5})

1.714280379s ago: executing program 2 (id=342):
waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055})
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x1a, 0x2, 0xffffff03)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x22002, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
write$auto(0x3, 0x0, 0x70)
r0 = socket(0xa, 0x5, 0x0)
accept$auto(r0, 0xffffffffffffffff, 0xfffffffffffffffd)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x86104, 0x0)
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
open(0x0, 0x22240, 0x55)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
ioctl$auto(0x3, 0x80286f4e, r2)
writev$auto(r1, 0x0, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r3, 0x0, 0x53, 0x0, 0x0)

955.564336ms ago: executing program 3 (id=343):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/i915/parameters/mitigations\x00', 0x80302, 0x0)
socketpair$auto(0x1, 0x800240, 0x401, &(0x7f0000000080)=0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
timer_create$auto(0x9, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl802154(0x0, r0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x3)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x2, 0x3, 0x100)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000100), r0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'ipvlan1\x00', <r5=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSA(r2, &(0x7f0000000240)={&(0x7f00000000c0), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40c0}, 0x40000)
landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f0000000280)="30396e291adcd2e000358e4ed52dc4ab8a4b68dc75e2ac2979b314e90d26c2a685a6b8fc02f6086f2110b44e5ebac53e88fa16eabe4f326884727e7213b3ecb406c19594ce8234e7f8b612d1b6c469625c83e7e4c15f919abf6f4859c54590be9597e5a1e9f6d8f85281401116a6b51102eb5b1daaad52ba30abfc4d01", 0x2)
r6 = socket(0x1d, 0x2, 0x7)
r7 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r8=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r8}, 0x6a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r9=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r9}, 0x18)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000300)="8ec272c5a0601456a09f088fa259b7a3835bff4e9bfd82fb8da0eec4af9a4607444e6dc6786cc452e4001534e3b578a13945c7e8dbe878a90be70f3372f8383a3457ca65e48294a84c8079ae671b2a28401aa1eb6ef0cb45e313ae925e3995e54f9d7489716f54918ad77f3a6f89f358a9a8e2ebbc5546525ac62f84acd1cbbc7712122ae96c47e0214b86b6c7e1dea10d7dc92ddfea89e725fe4881d905bbaf55093b40c0175ef0d61e9adbdd6fba982647b2d4e2e217248685a487bc3aafd1b308b0c191fd7c089c75fbd487e61e79e0d88165bbd50dca396e3fa84f11")
sendmmsg$auto(0x3, 0x0, 0x9a4, 0xffff)

913.778263ms ago: executing program 2 (id=344):
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci6/force_devcoredump\x00', 0x800, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x2041, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fcdbdf252100000008000300", @ANYRES32=r2], 0x28}}, 0x40480d0)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r6=>0x0})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f00000000c0)={0x0, 0x500, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7100f97bf53b7200000408000300", @ANYRES32=r6], 0x24}, 0x1, 0x300, 0x0, 0x404c0c0}, 0x80)

719.999168ms ago: executing program 1 (id=345):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x100, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
close_range$auto(0x2, 0x8, 0x0)

604.912319ms ago: executing program 0 (id=346):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/sctp/cookie_hmac_alg\x00', 0x202, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fffe000)
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci6/force_devcoredump\x00', 0x800, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x2200, 0x0)
r1 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r1, 0x6, 0x17, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x2041, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000fcdbdf252100000008000300", @ANYRES32=r4], 0x28}}, 0x40480d0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/max_active\x00', 0x1ab102, 0x0)
write$auto(r8, &(0x7f00000000c0)='\x00', 0x7)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[], 0x24}, 0x1, 0x300, 0x0, 0x40}, 0x80)

601.78582ms ago: executing program 3 (id=347):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x4000000000000083, 0xe983, 0x6, 0xeb5, 0xffffffffffffffff, 0x2)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
r0 = eventfd$auto(0x6)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0)
r2 = set_tid_address$auto(0x0)
syz_open_procfs$namespace(r2, 0x0)
r3 = openat$auto_userio_fops_userio(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
bpf$auto_BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)=@bpf_attr_1={r1, 0xffffffff, @next_key=0x3c4, 0x7}, 0x451)
mmap$auto(0x0, 0x2020009, 0x3, 0xe91, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000840)="13")
r5 = getpid()
process_vm_readv$auto(r5, &(0x7f00000001c0)={0x0, 0xfff}, 0x3, &(0x7f0000000280)={&(0x7f0000000100)="6c4bc0", 0xffffffff}, 0x6, 0x0)
ioctl$auto_TIOCSTI2(r4, 0x5412, 0x0)
kcmp$auto(0x0, r2, 0x4, r1, r3)
ioctl$auto_EVIOCGVERSION(r0, 0x80044501, &(0x7f0000000040)=0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x3b70, 0x0)
r6 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event2\x00', 0x40900, 0x0)
ioctl$auto_EVIOCGVERSION(r7, 0x80044501, &(0x7f0000000200)=0x6)
ioctl$auto(r6, 0x4040ae79, 0xffffffffffffffff)
r8 = memfd_create$auto(&(0x7f0000000140)='/dev/tty45\x00', 0x2)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f00000002c0)=@query={@target_fd=r8, 0x9, 0x7, 0x9, 0xd9, @count=0x62, 0x0, 0x80, 0x2}, 0x7ff)

569.978683ms ago: executing program 2 (id=348):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x4)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40008c0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x53)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0xb, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x6, 0x1f00)

149.103232ms ago: executing program 1 (id=349):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, 0x0, 0x1fe, 0xcde)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card1/pcm0p/sub5/sw_params\x00', 0x200001, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), r0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48004}, 0x4050)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_register$auto(0x2, 0x1, 0x0, 0x0)
pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffd8ef, 0x2b3d, &(0x7f0000001a80)={@siginfo_0_0={0x2, 0x101, 0x7fffffff, @_sigchld={0x0, 0x0, 0x6, 0x4}}}, 0x4)
stat$auto(&(0x7f0000000240)='./file0\x00', 0x0)
sendmsg$auto_TIPC_NL_KEY_FLUSH(r0, 0x0, 0x4880)
write$auto(0x3, 0x0, 0x7ffffdff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x800, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x11)
ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2902, 0x0)
read$auto(r1, 0x0, 0x20)
fanotify_init$auto(0x5, 0x0)

0s ago: executing program 0 (id=350):
set_mempolicy$auto(0x2, 0x0, 0x4)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fdfffff, 0xf0ee, 0x40020009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00"}, 0x4, 0x966, 0x3, @inferred=<r0=>0x0, @integer={0x100000000, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x8, 0x1, r0, 0x5, 0x97a)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
prctl$auto(0x29, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x7, 0x70000000)
socketpair$auto(0x1ffe, 0xffffffff, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x2, &(0x7f0000000040)={0x2, 0x3, 0xe127, 0x3ff, 0x6, 0x1, r1, [0x80000000, 0x6, 0x80], {0x8000, 0x3ff, 0x0, 0x1, 0x0, 0x1, 0x3495, 0x73, 0x100}, {0xcbf, 0x6, 0x9, 0x3, 0x390, 0x8, 0x8, 0xa, 0x3}})
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x302, 0x0)
socket(0x22, 0x3, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.94' (ED25519) to the list of known hosts.
[   83.111263][ T5809] cgroup: Unknown subsys name 'net'
[   83.254150][ T5809] cgroup: Unknown subsys name 'cpuset'
[   83.262906][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   85.085048][ T5809] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.992393][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.006004][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.014554][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.026245][ T5827] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   87.035517][ T5824] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.043686][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   87.062329][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   87.071313][ T5144] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   87.080688][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.081158][ T5144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   87.088953][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.096427][ T5144] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   87.102971][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   87.117289][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   87.130086][ T5144] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   87.161524][ T5828] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   87.174059][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   87.181933][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   87.190584][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   87.198508][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   87.869452][ T5820] chnl_net:caif_netlink_parms(): no params data found
[   87.953099][ T5825] chnl_net:caif_netlink_parms(): no params data found
[   88.019162][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   88.101612][ T5833] chnl_net:caif_netlink_parms(): no params data found
[   88.131247][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.138522][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.146694][ T5820] bridge_slave_0: entered allmulticast mode
[   88.154138][ T5820] bridge_slave_0: entered promiscuous mode
[   88.210972][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.218679][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.225940][ T5820] bridge_slave_1: entered allmulticast mode
[   88.233411][ T5820] bridge_slave_1: entered promiscuous mode
[   88.291652][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.299052][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.306498][ T5825] bridge_slave_0: entered allmulticast mode
[   88.313868][ T5825] bridge_slave_0: entered promiscuous mode
[   88.344436][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.351728][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.358891][ T5825] bridge_slave_1: entered allmulticast mode
[   88.366329][ T5825] bridge_slave_1: entered promiscuous mode
[   88.377286][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.417345][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.494095][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.502168][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.509353][ T5829] bridge_slave_0: entered allmulticast mode
[   88.517092][ T5829] bridge_slave_0: entered promiscuous mode
[   88.527463][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.540938][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.552284][ T5820] team0: Port device team_slave_0 added
[   88.558191][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.565559][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.573061][ T5833] bridge_slave_0: entered allmulticast mode
[   88.580834][ T5833] bridge_slave_0: entered promiscuous mode
[   88.588694][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.596140][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.603573][ T5829] bridge_slave_1: entered allmulticast mode
[   88.610810][ T5829] bridge_slave_1: entered promiscuous mode
[   88.629651][ T5820] team0: Port device team_slave_1 added
[   88.635502][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.642798][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.650970][ T5833] bridge_slave_1: entered allmulticast mode
[   88.658070][ T5833] bridge_slave_1: entered promiscuous mode
[   88.730072][ T5825] team0: Port device team_slave_0 added
[   88.749491][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.761984][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.774367][ T5825] team0: Port device team_slave_1 added
[   88.781444][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.788420][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.814746][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.828656][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.840495][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.879942][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.886912][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.913135][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.978385][ T5829] team0: Port device team_slave_0 added
[   88.985933][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.993104][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.019188][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.032372][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.039350][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.065548][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.078722][ T5833] team0: Port device team_slave_0 added
[   89.086291][ T5829] team0: Port device team_slave_1 added
[   89.122993][ T5833] team0: Port device team_slave_1 added
[   89.140498][   T51] Bluetooth: hci1: command tx timeout
[   89.146205][   T51] Bluetooth: hci0: command tx timeout
[   89.168836][ T5820] hsr_slave_0: entered promiscuous mode
[   89.175664][ T5820] hsr_slave_1: entered promiscuous mode
[   89.193471][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.200572][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.226697][   T51] Bluetooth: hci2: command tx timeout
[   89.232305][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.268868][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.276000][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.299715][   T51] Bluetooth: hci3: command tx timeout
[   89.302839][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.329737][ T5825] hsr_slave_0: entered promiscuous mode
[   89.336313][ T5825] hsr_slave_1: entered promiscuous mode
[   89.342877][ T5825] debugfs: 'hsr0' already exists in 'hsr'
[   89.348697][ T5825] Cannot create hsr debugfs directory
[   89.355417][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.362806][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.389750][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.429021][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.436271][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.462662][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.537184][ T5829] hsr_slave_0: entered promiscuous mode
[   89.543697][ T5829] hsr_slave_1: entered promiscuous mode
[   89.550105][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[   89.555842][ T5829] Cannot create hsr debugfs directory
[   89.649786][ T5833] hsr_slave_0: entered promiscuous mode
[   89.656249][ T5833] hsr_slave_1: entered promiscuous mode
[   89.663235][ T5833] debugfs: 'hsr0' already exists in 'hsr'
[   89.669073][ T5833] Cannot create hsr debugfs directory
[   90.063491][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   90.078083][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   90.088565][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   90.113611][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   90.184118][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   90.203548][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   90.223577][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   90.248274][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   90.330562][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   90.344317][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   90.363876][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   90.376802][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   90.476711][ T5833] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   90.490313][ T5833] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   90.503445][ T5833] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   90.516749][ T5833] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   90.623091][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.662149][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   90.695720][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.713714][ T1634] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.721048][ T1634] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.751341][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   90.774831][ T1634] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.782087][ T1634] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.792047][ T1634] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.799225][ T1634] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.836738][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.848482][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.855718][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.903794][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   90.927034][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.934357][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.994673][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.001923][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.032432][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   91.105957][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   91.147892][  T138] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.155136][  T138] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.198330][  T138] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.205602][  T138] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.220599][ T5144] Bluetooth: hci1: command tx timeout
[   91.226222][   T51] Bluetooth: hci0: command tx timeout
[   91.303900][   T51] Bluetooth: hci2: command tx timeout
[   91.385284][   T51] Bluetooth: hci3: command tx timeout
[   91.409278][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   91.483914][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.614056][ T5820] veth0_vlan: entered promiscuous mode
[   91.671148][ T5820] veth1_vlan: entered promiscuous mode
[   91.762457][ T5820] veth0_macvtap: entered promiscuous mode
[   91.799307][ T5820] veth1_macvtap: entered promiscuous mode
[   91.894072][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.908584][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.941791][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.960787][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.983640][ T2965] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.993618][ T2965] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.015638][ T2965] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.025660][ T2965] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.065344][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.107032][ T5825] veth0_vlan: entered promiscuous mode
[   92.191492][ T5829] veth0_vlan: entered promiscuous mode
[   92.198049][   T42] cfg80211: failed to load regulatory.db
[   92.213635][ T5825] veth1_vlan: entered promiscuous mode
[   92.267540][ T5833] veth0_vlan: entered promiscuous mode
[   92.287459][ T5829] veth1_vlan: entered promiscuous mode
[   92.300254][  T194] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.313253][  T194] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.335346][ T5833] veth1_vlan: entered promiscuous mode
[   92.392080][  T194] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.402091][  T194] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.404853][ T5825] veth0_macvtap: entered promiscuous mode
[   92.425908][ T5825] veth1_macvtap: entered promiscuous mode
[   92.459220][ T5829] veth0_macvtap: entered promiscuous mode
[   92.492208][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.503357][ T5829] veth1_macvtap: entered promiscuous mode
[   92.518738][ T5820] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.546236][ T5833] veth0_macvtap: entered promiscuous mode
[   92.563951][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.593453][ T5833] veth1_macvtap: entered promiscuous mode
[   92.612793][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.637661][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.652943][ T5915] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   92.676089][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.686939][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.712850][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.746504][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.762725][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.796645][ T2965] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.842728][ T2965] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.860835][ T2965] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.877559][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.893195][ T2965] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.939085][ T2965] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.948802][ T2965] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.973625][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.002276][ T2965] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.009557][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.022116][ T2965] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.031262][ T5916] program syz.1.2 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   93.116525][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.145329][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.234016][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.289561][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.304686][   T51] Bluetooth: hci0: command tx timeout
[   93.310203][ T5144] Bluetooth: hci1: command tx timeout
[   93.346418][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.354918][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.380123][   T51] Bluetooth: hci2: command tx timeout
[   93.460181][   T51] Bluetooth: hci3: command tx timeout
[   93.496992][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.535940][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.546560][  T194] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.570229][  T194] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.950168][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   94.349669][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   94.358004][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   94.359916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.367732][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   94.673565][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.690889][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   94.699813][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   94.708066][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   94.760060][    T0] NOHZ tick-stop error: local softirq work is pending, handler #342!!!
[   95.028069][ T5951] kstrtoul() returned -22 for lu_gp_id
[   95.037928][   T29] audit: type=1800 audit(1773801087.438:2): pid=5951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.9" name="lu_gp_id" dev="configfs" ino=8393 res=0 errno=0
[   95.382841][   T51] Bluetooth: hci0: command tx timeout
[   95.388294][ T5144] Bluetooth: hci1: command tx timeout
[   95.460303][ T5144] Bluetooth: hci2: command tx timeout
[   95.497676][ T5956] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11'.
[   95.551244][ T5144] Bluetooth: hci3: command tx timeout
[   97.670786][ T5981] FAULT_INJECTION: forcing a failure.
[   97.670786][ T5981] name failslab, interval 1, probability 0, space 0, times 1
[   97.690515][ T5978] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[   97.754828][ T5981] CPU: 0 UID: 0 PID: 5981 Comm: syz.3.16 Not tainted syzkaller #0 PREEMPT(full) 
[   97.754869][ T5981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   97.754886][ T5981] Call Trace:
[   97.754896][ T5981]  <TASK>
[   97.754908][ T5981]  dump_stack_lvl+0x100/0x190
[   97.754958][ T5981]  should_fail_ex.cold+0x5/0xa
[   97.754992][ T5981]  should_failslab+0xc2/0x120
[   97.755025][ T5981]  __kmalloc_cache_noprof+0x7a/0x6f0
[   97.755066][ T5981]  ? snd_seq_port_connect+0x61/0x560
[   97.755093][ T5981]  ? snd_seq_port_use_ptr+0x14d/0x1b0
[   97.755137][ T5981]  ? snd_seq_port_use_ptr+0x14d/0x1b0
[   97.755188][ T5981]  snd_seq_port_connect+0x61/0x560
[   97.755219][ T5981]  ? _raw_read_unlock+0x28/0x50
[   97.755258][ T5981]  ? check_subscription_permission.isra.0+0x146/0x240
[   97.755305][ T5981]  snd_seq_ioctl_subscribe_port+0x219/0x490
[   97.755328][ T5981]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[   97.755349][ T5981]  ? do_raw_spin_lock+0x128/0x260
[   97.755382][ T5981]  call_seq_client_ctl+0xa3/0x130
[   97.755417][ T5981]  snd_seq_kernel_client_ctl+0x77/0xd0
[   97.755448][ T5981]  snd_seq_oss_midi_open+0x5ad/0x6b0
[   97.755482][ T5981]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[   97.755505][ T5981]  ? snd_seq_oss_midi_reset+0x11a/0x4c0
[   97.755535][ T5981]  ? __mutex_lock+0x26a/0x1b90
[   97.755565][ T5981]  snd_seq_oss_synth_reset+0x439/0x8e0
[   97.755589][ T5981]  ? __pfx___mutex_lock+0x10/0x10
[   97.755615][ T5981]  ? __pfx_snd_seq_oss_synth_reset+0x10/0x10
[   97.755641][ T5981]  ? __pfx___fsnotify_parent+0x10/0x10
[   97.755666][ T5981]  snd_seq_oss_reset+0x73/0x290
[   97.755685][ T5981]  ? __pfx_odev_release+0x10/0x10
[   97.755702][ T5981]  snd_seq_oss_release+0x7c/0x180
[   97.755721][ T5981]  ? __pfx_odev_release+0x10/0x10
[   97.755736][ T5981]  odev_release+0x56/0xa0
[   97.755751][ T5981]  __fput+0x3ff/0xb40
[   97.755778][ T5981]  task_work_run+0x150/0x240
[   97.755804][ T5981]  ? __pfx_task_work_run+0x10/0x10
[   97.755836][ T5981]  exit_to_user_mode_loop+0x100/0x4a0
[   97.755863][ T5981]  do_syscall_64+0x668/0xf80
[   97.755887][ T5981]  ? clear_bhb_loop+0x40/0x90
[   97.755909][ T5981]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.755927][ T5981] RIP: 0033:0x7fd59f99c799
[   97.755943][ T5981] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.755963][ T5981] RSP: 002b:00007fd5a088c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[   97.755981][ T5981] RAX: 0000000000000000 RBX: 00007fd59fc15fa0 RCX: 00007fd59f99c799
[   97.755992][ T5981] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002
[   97.756002][ T5981] RBP: 00007fd59fa32c99 R08: 0000000000000000 R09: 0000000000000000
[   97.756012][ T5981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   97.756022][ T5981] R13: 00007fd59fc16038 R14: 00007fd59fc15fa0 R15: 00007ffe7b73b3a8
[   97.756045][ T5981]  </TASK>
[   98.763649][ T5991] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   98.880593][ T5979] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[   98.896052][ T5989] kstrtoul() returned -22 for lu_gp_id
[   98.907154][   T29] audit: type=1800 audit(1773801091.308:3): pid=5989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.18" name="lu_gp_id" dev="configfs" ino=8491 res=0 errno=0
[  100.633178][ T6011] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  100.704753][   T29] audit: type=1800 audit(1773801093.118:4): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.23" name="lu_gp_id" dev="configfs" ino=8581 res=0 errno=0
[  100.710832][ T6015] kstrtoul() returned -22 for lu_gp_id
[  100.741951][ T6011] kstrtoul() returned -22 for lu_gp_id
[  100.962395][ T6023] netlink: 12 bytes leftover after parsing attributes in process `syz.0.26'.
[  101.050750][ T6024] netlink: 16 bytes leftover after parsing attributes in process `syz.0.26'.
[  101.354596][ T6026] zswap: compressor  not available
[  102.277114][ T6048] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  102.860075][ T6058] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  103.067629][ T6052] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  103.340357][ T6064] kstrtoul() returned -22 for lu_gp_id
[  103.363971][   T29] audit: type=1800 audit(1773801095.748:5): pid=6064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.35" name="lu_gp_id" dev="configfs" ino=8676 res=0 errno=0
[  104.260240][ T6080] zswap: compressor  not available
[  104.645171][ T6094] netlink: 93 bytes leftover after parsing attributes in process `syz.3.41'.
[  104.716716][ T6091] netlink: 93 bytes leftover after parsing attributes in process `syz.3.41'.
[  105.203616][   T29] audit: type=1800 audit(1773801097.618:6): pid=6109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.44" name="lu_gp_id" dev="configfs" ino=8769 res=0 errno=0
[  105.210839][ T6109] kstrtoul() returned -22 for lu_gp_id
[  105.258565][ T6101] zswap: compressor  not available
[  107.591887][ T6139] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9
[  108.082225][ T6142] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  108.903078][ T6160] zswap: compressor  not available
[  108.964837][ T6171] netlink: 'syz.1.58': attribute type 1 has an invalid length.
[  109.383008][   T29] audit: type=1800 audit(1773801101.798:7): pid=6182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.62" name="lu_gp_id" dev="configfs" ino=8153 res=0 errno=0
[  109.383880][ T6182] kstrtoul() returned -22 for lu_gp_id
[  109.652083][ T6177] Invalid ELF header magic: != ELF
[  111.162870][ T6222] zswap: compressor  not available
[  111.214859][ T6234] kstrtoul() returned -22 for lu_gp_id
[  111.218577][   T29] audit: type=1800 audit(1773801103.628:8): pid=6234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.74" name="lu_gp_id" dev="configfs" ino=9282 res=0 errno=0
[  111.449611][   T29] audit: type=1804 audit(1773801103.848:9): pid=6232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.73" name="/newroot/16/file0" dev="tmpfs" ino=101 res=1 errno=0
[  111.509635][   T29] audit: type=1804 audit(1773801103.888:10): pid=6238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.73" name="/newroot/16/file0" dev="tmpfs" ino=101 res=1 errno=0
[  112.390240][ T6259] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  113.005982][   T29] audit: type=1800 audit(1773801105.418:11): pid=6280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.85" name="lu_gp_id" dev="configfs" ino=9054 res=0 errno=0
[  113.013944][ T6280] kstrtoul() returned -22 for lu_gp_id
[  113.533526][ T6288] zswap: compressor  not available
[  113.547318][ T6272] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  113.555242][ T6272] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  113.648712][ T6272] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  113.802449][ T6272] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  113.828252][ T6272] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  113.859317][ T6272] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  113.933581][ T6272] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  113.969704][ T6272] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  114.012928][ T6272] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  114.038906][ T6272] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  114.047927][ T6272] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  114.078048][ T6272] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  114.643141][ T6311] mmap: syz.3.90 (6311) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  114.819707][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.978960][ T6307] NFSD: Failed to start, no listeners configured.
[  115.164420][ T6327] netlink: 20 bytes leftover after parsing attributes in process `syz.2.96'.
[  115.443733][ T6329] zswap: compressor  not available
[  115.867863][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  115.878398][ T6338] netlink: 12 bytes leftover after parsing attributes in process `syz.2.98'.
[  115.940359][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  116.000316][ T6341] netlink: 8 bytes leftover after parsing attributes in process `syz.2.98'.
[  116.023191][ T6345] netlink: 16 bytes leftover after parsing attributes in process `syz.1.101'.
[  116.101291][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  116.166386][ T6348] netlink: 4 bytes leftover after parsing attributes in process `syz.1.103'.
[  116.372475][ T6354] FAULT_INJECTION: forcing a failure.
[  116.372475][ T6354] name failslab, interval 1, probability 0, space 0, times 0
[  116.393725][ T6354] CPU: 0 UID: 0 PID: 6354 Comm: syz.1.105 Not tainted syzkaller #0 PREEMPT(full) 
[  116.393764][ T6354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  116.393779][ T6354] Call Trace:
[  116.393789][ T6354]  <TASK>
[  116.393800][ T6354]  dump_stack_lvl+0x100/0x190
[  116.393855][ T6354]  should_fail_ex.cold+0x5/0xa
[  116.393888][ T6354]  ? tomoyo_realpath_from_path+0xb6/0x690
[  116.393925][ T6354]  should_failslab+0xc2/0x120
[  116.393956][ T6354]  __kmalloc_noprof+0xe0/0x850
[  116.394003][ T6354]  tomoyo_realpath_from_path+0xb6/0x690
[  116.394048][ T6354]  tomoyo_check_open_permission+0x2af/0x3c0
[  116.394082][ T6354]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  116.394151][ T6354]  ? lock_acquire+0x1cf/0x380
[  116.394188][ T6354]  ? find_held_lock+0x2b/0x80
[  116.394225][ T6354]  tomoyo_file_open+0x6b/0x90
[  116.394270][ T6354]  security_file_open+0xb5/0x1e0
[  116.394306][ T6354]  do_dentry_open+0x5aa/0x1660
[  116.394348][ T6354]  vfs_open+0x82/0x3f0
[  116.394389][ T6354]  path_openat+0x208c/0x31a0
[  116.394435][ T6354]  ? __pfx_path_openat+0x10/0x10
[  116.394480][ T6354]  do_file_open+0x20e/0x430
[  116.394514][ T6354]  ? __pfx_do_file_open+0x10/0x10
[  116.394575][ T6354]  ? alloc_fd+0x476/0x790
[  116.394609][ T6354]  ? do_getname+0x191/0x390
[  116.394650][ T6354]  do_sys_openat2+0x10d/0x1e0
[  116.394689][ T6354]  ? __pfx_do_sys_openat2+0x10/0x10
[  116.394723][ T6354]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  116.394772][ T6354]  ? __fget_files+0x21f/0x3d0
[  116.394807][ T6354]  __x64_sys_openat+0x12d/0x210
[  116.394855][ T6354]  ? __pfx___x64_sys_openat+0x10/0x10
[  116.394893][ T6354]  ? ksys_write+0x1ac/0x250
[  116.394935][ T6354]  do_syscall_64+0x106/0xf80
[  116.394975][ T6354]  ? clear_bhb_loop+0x40/0x90
[  116.395012][ T6354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.395041][ T6354] RIP: 0033:0x7f2e0cb9c799
[  116.395067][ T6354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  116.395094][ T6354] RSP: 002b:00007f2e0d97a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  116.395123][ T6354] RAX: ffffffffffffffda RBX: 00007f2e0ce15fa0 RCX: 00007f2e0cb9c799
[  116.395142][ T6354] RDX: 1a6b75d63882a792 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  116.395161][ T6354] RBP: 00007f2e0d97a090 R08: 0000000000000000 R09: 0000000000000000
[  116.395178][ T6354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.395195][ T6354] R13: 00007f2e0ce16038 R14: 00007f2e0ce15fa0 R15: 00007ffdb9c241a8
[  116.395236][ T6354]  </TASK>
[  116.395248][ T6354] ERROR: Out of memory at tomoyo_realpath_from_path.
[  116.909608][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  116.928160][ T6361] zswap: compressor  not available
[  117.143986][   T29] audit: type=1326 audit(1773801109.558:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6366 comm="syz.1.108" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2e0cb9c799 code=0x0
[  117.182747][ T5144] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[  117.364219][ T6378] FAULT_INJECTION: forcing a failure.
[  117.364219][ T6378] name failslab, interval 1, probability 0, space 0, times 0
[  117.377157][ T6378] CPU: 1 UID: 0 PID: 6378 Comm: syz.0.110 Not tainted syzkaller #0 PREEMPT(full) 
[  117.377195][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  117.377213][ T6378] Call Trace:
[  117.377223][ T6378]  <TASK>
[  117.377235][ T6378]  dump_stack_lvl+0x100/0x190
[  117.377283][ T6378]  should_fail_ex.cold+0x5/0xa
[  117.377319][ T6378]  should_failslab+0xc2/0x120
[  117.377352][ T6378]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  117.377408][ T6378]  ? __d_alloc+0x34/0xa80
[  117.377441][ T6378]  ? lockdep_init_map_type+0x5c/0x250
[  117.377488][ T6378]  __d_alloc+0x34/0xa80
[  117.377523][ T6378]  d_alloc_pseudo+0x1c/0xc0
[  117.377563][ T6378]  alloc_file_pseudo+0xcf/0x230
[  117.377603][ T6378]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  117.377641][ T6378]  ? alloc_fd+0x476/0x790
[  117.377676][ T6378]  sock_alloc_file+0x50/0x210
[  117.377722][ T6378]  __sys_socket+0x1c0/0x260
[  117.377755][ T6378]  ? __pfx___sys_socket+0x10/0x10
[  117.377799][ T6378]  __x64_sys_socket+0x72/0xb0
[  117.377831][ T6378]  ? lockdep_hardirqs_on+0x78/0x100
[  117.377869][ T6378]  do_syscall_64+0x106/0xf80
[  117.377904][ T6378]  ? clear_bhb_loop+0x40/0x90
[  117.377936][ T6378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.377964][ T6378] RIP: 0033:0x7fd53e39c799
[  117.377987][ T6378] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  117.378010][ T6378] RSP: 002b:00007fd53f2ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  117.378036][ T6378] RAX: ffffffffffffffda RBX: 00007fd53e615fa0 RCX: 00007fd53e39c799
[  117.378053][ T6378] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  117.378070][ T6378] RBP: 00007fd53e432c99 R08: 0000000000000000 R09: 0000000000000000
[  117.378086][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.378102][ T6378] R13: 00007fd53e616038 R14: 00007fd53e615fa0 R15: 00007ffd116512c8
[  117.378138][ T6378]  </TASK>
[  117.598455][ T6381] Zero length message leads to an empty skb
[  117.618524][ T6381] FAULT_INJECTION: forcing a failure.
[  117.618524][ T6381] name failslab, interval 1, probability 0, space 0, times 0
[  117.631670][ T6381] CPU: 1 UID: 0 PID: 6381 Comm: syz.2.111 Not tainted syzkaller #0 PREEMPT(full) 
[  117.631712][ T6381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  117.631731][ T6381] Call Trace:
[  117.631741][ T6381]  <TASK>
[  117.631752][ T6381]  dump_stack_lvl+0x100/0x190
[  117.631803][ T6381]  should_fail_ex.cold+0x5/0xa
[  117.631841][ T6381]  should_failslab+0xc2/0x120
[  117.631883][ T6381]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  117.631930][ T6381]  ? shmem_alloc_inode+0x25/0x50
[  117.631966][ T6381]  ? __lock_acquire+0x4a5/0x2630
[  117.632005][ T6381]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  117.632039][ T6381]  shmem_alloc_inode+0x25/0x50
[  117.632072][ T6381]  alloc_inode+0x68/0x250
[  117.632113][ T6381]  new_inode+0x22/0x1c0
[  117.632158][ T6381]  shmem_get_inode+0x212/0x1040
[  117.632201][ T6381]  ? __pfx_shmem_get_inode+0x10/0x10
[  117.632239][ T6381]  ? rcu_is_watching+0x12/0xc0
[  117.632282][ T6381]  ? percpu_counter_add_batch+0xb9/0x230
[  117.632330][ T6381]  __shmem_file_setup+0x3ac/0x490
[  117.632371][ T6381]  ? __pfx___shmem_file_setup+0x10/0x10
[  117.632420][ T6381]  ? vm_area_alloc+0x1f/0x160
[  117.632468][ T6381]  shmem_zero_setup+0x96/0x1b0
[  117.632521][ T6381]  __mmap_region+0x2198/0x29e0
[  117.632566][ T6381]  ? update_cfs_rq_load_avg+0x51/0x550
[  117.632599][ T6381]  ? __pfx___mmap_region+0x10/0x10
[  117.632656][ T6381]  ? set_next_entity+0x11e/0x9c0
[  117.632710][ T6381]  ? __lock_acquire+0x4a5/0x2630
[  117.632767][ T6381]  ? lock_acquire+0x1cf/0x380
[  117.632806][ T6381]  ? find_held_lock+0x2b/0x80
[  117.632866][ T6381]  ? trace_sched_exit_tp+0x13a/0x180
[  117.632962][ T6381]  ? rcu_is_watching+0x12/0xc0
[  117.633009][ T6381]  ? cap_capable+0x107/0x460
[  117.633066][ T6381]  mmap_region+0x180/0x3e0
[  117.633121][ T6381]  do_mmap+0xc63/0x12f0
[  117.633164][ T6381]  ? __pfx_do_mmap+0x10/0x10
[  117.633199][ T6381]  ? __pfx_down_write_killable+0x10/0x10
[  117.633260][ T6381]  vm_mmap_pgoff+0x29e/0x470
[  117.633305][ T6381]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  117.633344][ T6381]  ? do_futex+0x192/0x350
[  117.633384][ T6381]  ? __pfx_do_futex+0x10/0x10
[  117.633432][ T6381]  ksys_mmap_pgoff+0xe1/0x650
[  117.633466][ T6381]  ? __x64_sys_futex+0x34f/0x4d0
[  117.633505][ T6381]  ? __x64_sys_futex+0x358/0x4d0
[  117.633547][ T6381]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  117.633581][ T6381]  ? xfd_validate_state+0x129/0x190
[  117.633633][ T6381]  __x64_sys_mmap+0x125/0x190
[  117.633681][ T6381]  do_syscall_64+0x106/0xf80
[  117.633723][ T6381]  ? clear_bhb_loop+0x40/0x90
[  117.633762][ T6381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.633793][ T6381] RIP: 0033:0x7f5f4959c799
[  117.633821][ T6381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  117.633850][ T6381] RSP: 002b:00007f5f4a3e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  117.633888][ T6381] RAX: ffffffffffffffda RBX: 00007f5f49815fa0 RCX: 00007f5f4959c799
[  117.633908][ T6381] RDX: 00004000000000df RSI: 0000000000000101 RDI: 0000000000000000
[  117.633928][ T6381] RBP: 00007f5f49632c99 R08: 0000000200000401 R09: 0000000000008000
[  117.633945][ T6381] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  117.633962][ T6381] R13: 00007f5f49816038 R14: 00007f5f49815fa0 R15: 00007ffdc3148288
[  117.634005][ T6381]  </TASK>
[  117.764624][ T6388] netlink: 12 bytes leftover after parsing attributes in process `syz.0.113'.
[  117.980222][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  118.034349][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  118.036512][ T6393] kstrtoul() returned -22 for lu_gp_id
[  118.041310][   T29] audit: type=1800 audit(1773801110.448:13): pid=6393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.114" name="lu_gp_id" dev="configfs" ino=9979 res=0 errno=0
[  118.179675][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  118.306096][ T6396] netlink: 4 bytes leftover after parsing attributes in process `syz.3.115'.
[  118.729305][ T6405] zswap: compressor  not available
[  118.980625][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  119.501550][ T6429] netlink: 206 bytes leftover after parsing attributes in process `syz.1.123'.
[  120.019813][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  120.031949][   T29] audit: type=1800 audit(1773801112.438:14): pid=6440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.125" name="lu_gp_id" dev="configfs" ino=10143 res=0 errno=0
[  120.054421][ T6440] kstrtoul() returned -22 for lu_gp_id
[  120.099731][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  120.260497][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  120.323267][ T6447] netlink: 12 bytes leftover after parsing attributes in process `syz.3.127'.
[  121.184294][ T6468] FAULT_INJECTION: forcing a failure.
[  121.184294][ T6468] name failslab, interval 1, probability 0, space 0, times 0
[  121.198712][ T6468] CPU: 1 UID: 0 PID: 6468 Comm: syz.1.133 Not tainted syzkaller #0 PREEMPT(full) 
[  121.198754][ T6468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  121.198771][ T6468] Call Trace:
[  121.198781][ T6468]  <TASK>
[  121.198793][ T6468]  dump_stack_lvl+0x100/0x190
[  121.198844][ T6468]  should_fail_ex.cold+0x5/0xa
[  121.198880][ T6468]  should_failslab+0xc2/0x120
[  121.198912][ T6468]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  121.198958][ T6468]  ? do_getname+0x35/0x390
[  121.198997][ T6468]  ? __get_user_nocheck_8+0x20/0x20
[  121.199040][ T6468]  do_getname+0x35/0x390
[  121.199082][ T6468]  do_sys_openat2+0xc5/0x1e0
[  121.199123][ T6468]  ? __pfx_do_sys_openat2+0x10/0x10
[  121.199165][ T6468]  ? find_held_lock+0x2b/0x80
[  121.199204][ T6468]  __x64_sys_openat+0x12d/0x210
[  121.199247][ T6468]  ? __pfx___x64_sys_openat+0x10/0x10
[  121.199301][ T6468]  do_syscall_64+0x106/0xf80
[  121.199343][ T6468]  ? clear_bhb_loop+0x40/0x90
[  121.199382][ T6468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.199414][ T6468] RIP: 0033:0x7f2e0cb9c799
[  121.199440][ T6468] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  121.199468][ T6468] RSP: 002b:00007f2e0adf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  121.199502][ T6468] RAX: ffffffffffffffda RBX: 00007f2e0ce16090 RCX: 00007f2e0cb9c799
[  121.199520][ T6468] RDX: 0000000000000400 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  121.199539][ T6468] RBP: 00007f2e0cc32c99 R08: 0000000000000000 R09: 0000000000000000
[  121.199556][ T6468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.199573][ T6468] R13: 00007f2e0ce16128 R14: 00007f2e0ce16090 R15: 00007ffdb9c241a8
[  121.199621][ T6468]  </TASK>
[  121.218286][ T6470] block2mtd: error: cannot open device /sys/modu
[  121.917403][ T6479] FAULT_INJECTION: forcing a failure.
[  121.917403][ T6479] name fail_futex, interval 1, probability 0, space 0, times 1
[  121.937682][ T6479] CPU: 1 UID: 0 PID: 6479 Comm: syz.1.135 Not tainted syzkaller #0 PREEMPT(full) 
[  121.937719][ T6479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  121.937735][ T6479] Call Trace:
[  121.937745][ T6479]  <TASK>
[  121.937755][ T6479]  dump_stack_lvl+0x100/0x190
[  121.937806][ T6479]  should_fail_ex.cold+0x5/0xa
[  121.937840][ T6479]  get_futex_key+0x295/0x1620
[  121.937881][ T6479]  ? __pfx_get_futex_key+0x10/0x10
[  121.937912][ T6479]  ? lock_acquire+0x1cf/0x380
[  121.937962][ T6479]  futex_wake+0xea/0x530
[  121.938009][ T6479]  ? __pfx_futex_wake+0x10/0x10
[  121.938053][ T6479]  ? exit_mm_release+0x19/0x30
[  121.938100][ T6479]  do_futex+0x32b/0x350
[  121.938147][ T6479]  ? __pfx_do_futex+0x10/0x10
[  121.938181][ T6479]  ? __might_fault+0xc5/0x140
[  121.938233][ T6479]  mm_release+0x24a/0x2f0
[  121.938264][ T6479]  do_exit+0x704/0x2b60
[  121.938307][ T6479]  ? __pfx_do_exit+0x10/0x10
[  121.938358][ T6479]  ? do_raw_spin_lock+0x128/0x260
[  121.938398][ T6479]  ? find_held_lock+0x2b/0x80
[  121.938424][ T6479]  ? get_signal+0x7e0/0x21e0
[  121.938464][ T6479]  do_group_exit+0xd5/0x2a0
[  121.938506][ T6479]  get_signal+0x1ec7/0x21e0
[  121.938551][ T6479]  ? __pfx_get_signal+0x10/0x10
[  121.938584][ T6479]  ? do_futex+0x192/0x350
[  121.938624][ T6479]  arch_do_signal_or_restart+0x91/0x770
[  121.938662][ T6479]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  121.938709][ T6479]  ? __pfx___x64_sys_futex+0x10/0x10
[  121.938756][ T6479]  exit_to_user_mode_loop+0x86/0x4a0
[  121.938798][ T6479]  do_syscall_64+0x668/0xf80
[  121.938838][ T6479]  ? clear_bhb_loop+0x40/0x90
[  121.938874][ T6479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.938903][ T6479] RIP: 0033:0x7f2e0cb9c799
[  121.938926][ T6479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  121.938953][ T6479] RSP: 002b:00007f2e0d97a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  121.938980][ T6479] RAX: fffffffffffffe00 RBX: 00007f2e0ce15fa8 RCX: 00007f2e0cb9c799
[  121.938998][ T6479] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2e0ce15fa8
[  121.939015][ T6479] RBP: 00007f2e0ce15fa0 R08: 0000000000000000 R09: 0000000000000000
[  121.939031][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  121.939046][ T6479] R13: 00007f2e0ce16038 R14: 00007ffdb9c240c0 R15: 00007ffdb9c241a8
[  121.939083][ T6479]  </TASK>
[  122.340095][ T6483] netlink: 12 bytes leftover after parsing attributes in process `syz.1.137'.
[  122.478260][ T6481] kstrtoul() returned -22 for lu_gp_id
[  122.483949][   T29] audit: type=1800 audit(1773801114.888:15): pid=6481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.136" name="lu_gp_id" dev="configfs" ino=10535 res=0 errno=0
[  122.916251][ T6503] FAULT_INJECTION: forcing a failure.
[  122.916251][ T6503] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  122.934608][ T6506] netlink: 93 bytes leftover after parsing attributes in process `syz.0.141'.
[  123.004831][ T6503] CPU: 1 UID: 0 PID: 6503 Comm: syz.2.142 Not tainted syzkaller #0 PREEMPT(full) 
[  123.004867][ T6503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  123.004881][ T6503] Call Trace:
[  123.004890][ T6503]  <TASK>
[  123.004908][ T6503]  dump_stack_lvl+0x100/0x190
[  123.004955][ T6503]  should_fail_ex.cold+0x5/0xa
[  123.004989][ T6503]  _copy_to_user+0x32/0xd0
[  123.005025][ T6503]  simple_read_from_buffer+0xcb/0x170
[  123.005068][ T6503]  proc_fail_nth_read+0x1af/0x230
[  123.005104][ T6503]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.005142][ T6503]  ? rw_verify_area+0xce/0x6d0
[  123.005181][ T6503]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  123.005215][ T6503]  vfs_read+0x1e4/0xb30
[  123.005264][ T6503]  ? __pfx_vfs_read+0x10/0x10
[  123.005308][ T6503]  ? __fget_files+0x215/0x3d0
[  123.005345][ T6503]  ? __fget_files+0x21f/0x3d0
[  123.005384][ T6503]  ksys_read+0x12a/0x250
[  123.005410][ T6503]  ? __pfx_ksys_read+0x10/0x10
[  123.005449][ T6503]  do_syscall_64+0x106/0xf80
[  123.005488][ T6503]  ? clear_bhb_loop+0x40/0x90
[  123.005526][ T6503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.005556][ T6503] RIP: 0033:0x7f5f4955cfce
[  123.005579][ T6503] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  123.005605][ T6503] RSP: 002b:00007f5f4a3e1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  123.005632][ T6503] RAX: ffffffffffffffda RBX: 00007f5f4a3e26c0 RCX: 00007f5f4955cfce
[  123.005650][ T6503] RDX: 000000000000000f RSI: 00007f5f4a3e20a0 RDI: 0000000000000007
[  123.005666][ T6503] RBP: 00007f5f4a3e2090 R08: 0000000000000000 R09: 0000000000000000
[  123.005749][ T6503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.005765][ T6503] R13: 00007f5f49816038 R14: 00007f5f49815fa0 R15: 00007ffdc3148288
[  123.005803][ T6503]  </TASK>
[  123.230742][ T6508] netlink: 408 bytes leftover after parsing attributes in process `syz.3.143'.
[  123.864598][ T6516] zswap: compressor  not available
[  124.381998][ T6532] Invalid ELF header magic: != ELF
[  125.068011][ T6543] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  125.888513][ T6561] zswap: compressor  not available
[  126.150640][ T6572] netlink: 12 bytes leftover after parsing attributes in process `syz.1.160'.
[  127.008997][ T6592] NFSD: Failed to start, no listeners configured.
[  127.053668][ T6597] process 'syz.0.167' launched '/dev/fd/3' with NULL argv: empty string added
[  127.252074][ T6595] zswap: compressor  not available
[  127.288559][ T6601] netlink: 'syz.1.169': attribute type 11 has an invalid length.
[  127.311742][ T6601] netlink: 'syz.1.169': attribute type 11 has an invalid length.
[  127.331984][ T6601] netlink: 'syz.1.169': attribute type 11 has an invalid length.
[  127.539322][ T6604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.170'.
[  128.186940][   T29] audit: type=1804 audit(1773801120.598:16): pid=6621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.174" name="/newroot/42/file0" dev="tmpfs" ino=235 res=1 errno=0
[  128.256805][   T29] audit: type=1804 audit(1773801120.638:17): pid=6622 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.174" name="/newroot/42/file0" dev="tmpfs" ino=235 res=1 errno=0
[  128.643213][ T6635] FAULT_INJECTION: forcing a failure.
[  128.643213][ T6635] name failslab, interval 1, probability 0, space 0, times 0
[  128.718872][ T6635] CPU: 0 UID: 0 PID: 6635 Comm: syz.0.178 Not tainted syzkaller #0 PREEMPT(full) 
[  128.718915][ T6635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  128.718930][ T6635] Call Trace:
[  128.718939][ T6635]  <TASK>
[  128.718949][ T6635]  dump_stack_lvl+0x100/0x190
[  128.718991][ T6635]  should_fail_ex.cold+0x5/0xa
[  128.719019][ T6635]  ? tomoyo_realpath_from_path+0xb6/0x690
[  128.719051][ T6635]  should_failslab+0xc2/0x120
[  128.719078][ T6635]  __kmalloc_noprof+0xe0/0x850
[  128.719120][ T6635]  tomoyo_realpath_from_path+0xb6/0x690
[  128.719159][ T6635]  tomoyo_check_open_permission+0x2af/0x3c0
[  128.719187][ T6635]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  128.719245][ T6635]  ? lock_acquire+0x1cf/0x380
[  128.719279][ T6635]  ? find_held_lock+0x2b/0x80
[  128.719309][ T6635]  tomoyo_file_open+0x6b/0x90
[  128.719345][ T6635]  security_file_open+0xb5/0x1e0
[  128.719375][ T6635]  do_dentry_open+0x5aa/0x1660
[  128.719410][ T6635]  vfs_open+0x82/0x3f0
[  128.719444][ T6635]  path_openat+0x208c/0x31a0
[  128.719480][ T6635]  ? __pfx_path_openat+0x10/0x10
[  128.719522][ T6635]  do_file_open+0x20e/0x430
[  128.719550][ T6635]  ? __pfx_do_file_open+0x10/0x10
[  128.719611][ T6635]  ? alloc_fd+0x476/0x790
[  128.719638][ T6635]  ? do_getname+0x191/0x390
[  128.719670][ T6635]  do_sys_openat2+0x10d/0x1e0
[  128.719701][ T6635]  ? __pfx_do_sys_openat2+0x10/0x10
[  128.719744][ T6635]  __x64_sys_openat+0x12d/0x210
[  128.719776][ T6635]  ? __pfx___x64_sys_openat+0x10/0x10
[  128.719819][ T6635]  do_syscall_64+0x106/0xf80
[  128.719855][ T6635]  ? clear_bhb_loop+0x40/0x90
[  128.719887][ T6635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.719913][ T6635] RIP: 0033:0x7fd53e39c799
[  128.719936][ T6635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  128.719960][ T6635] RSP: 002b:00007fd53f2ed028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  128.719985][ T6635] RAX: ffffffffffffffda RBX: 00007fd53e615fa0 RCX: 00007fd53e39c799
[  128.720000][ T6635] RDX: 00000000000c0002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  128.720016][ T6635] RBP: 00007fd53e432c99 R08: 0000000000000000 R09: 0000000000000000
[  128.720030][ T6635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  128.720044][ T6635] R13: 00007fd53e616038 R14: 00007fd53e615fa0 R15: 00007ffd116512c8
[  128.720077][ T6635]  </TASK>
[  129.004144][ T6632] can: request_module (can-proto-0) failed.
[  129.010742][ T6635] ERROR: Out of memory at tomoyo_realpath_from_path.
[  129.192569][ T6635] zswap: compressor  not available
[  129.494466][ T6649] netlink: 12 bytes leftover after parsing attributes in process `syz.3.182'.
[  129.722117][   T29] audit: type=1800 audit(1773801122.138:18): pid=6656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.183" name="lu_gp_id" dev="configfs" ino=11644 res=0 errno=0
[  129.745452][ T6656] kstrtoul() returned -22 for lu_gp_id
[  130.673008][ T6682] netlink: 12 bytes leftover after parsing attributes in process `syz.0.191'.
[  131.037878][   T29] audit: type=1800 audit(1773801123.448:19): pid=6696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.194" name="lu_gp_id" dev="configfs" ino=11734 res=0 errno=0
[  131.060378][ T6696] kstrtoul() returned -22 for lu_gp_id
[  131.661206][ T6689] FAULT_INJECTION: forcing a failure.
[  131.661206][ T6689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.746947][ T6689] CPU: 0 UID: 0 PID: 6689 Comm: syz.3.193 Not tainted syzkaller #0 PREEMPT(full) 
[  131.746987][ T6689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  131.747010][ T6689] Call Trace:
[  131.747019][ T6689]  <TASK>
[  131.747030][ T6689]  dump_stack_lvl+0x100/0x190
[  131.747076][ T6689]  should_fail_ex.cold+0x5/0xa
[  131.747106][ T6689]  _copy_to_user+0x32/0xd0
[  131.747140][ T6689]  poll_select_finish+0x32f/0x670
[  131.747185][ T6689]  ? __pfx_poll_select_finish+0x10/0x10
[  131.747231][ T6689]  ? ktime_get_ts64+0x2d2/0x3f0
[  131.747262][ T6689]  ? read_tsc+0x9/0x20
[  131.747289][ T6689]  ? ktime_get_ts64+0x256/0x3f0
[  131.747320][ T6689]  kern_select+0x21b/0x270
[  131.747364][ T6689]  ? __pfx_kern_select+0x10/0x10
[  131.747420][ T6689]  __x64_sys_select+0xbd/0x160
[  131.747443][ T6689]  ? do_syscall_64+0x95/0xf80
[  131.747478][ T6689]  ? lockdep_hardirqs_on+0x78/0x100
[  131.747512][ T6689]  do_syscall_64+0x106/0xf80
[  131.747545][ T6689]  ? clear_bhb_loop+0x40/0x90
[  131.747576][ T6689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.747604][ T6689] RIP: 0033:0x7fd59f99c799
[  131.747626][ T6689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  131.747651][ T6689] RSP: 002b:00007fd5a088c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  131.747678][ T6689] RAX: ffffffffffffffda RBX: 00007fd59fc15fa0 RCX: 00007fd59f99c799
[  131.747696][ T6689] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001
[  131.747712][ T6689] RBP: 00007fd59fa32c99 R08: 00002000000001c0 R09: 0000000000000000
[  131.747728][ T6689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  131.747742][ T6689] R13: 00007fd59fc16038 R14: 00007fd59fc15fa0 R15: 00007ffe7b73b3a8
[  131.747779][ T6689]  </TASK>
[  133.211658][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[  133.218281][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[  133.549719][ T6718] netlink: 16 bytes leftover after parsing attributes in process `syz.1.199'.
[  134.267159][ T6720] zswap: compressor  not available
[  134.310912][ T6728] netlink: 12 bytes leftover after parsing attributes in process `syz.1.202'.
[  134.665663][ T6738] FAULT_INJECTION: forcing a failure.
[  134.665663][ T6738] name failslab, interval 1, probability 0, space 0, times 0
[  134.730933][ T6740] CIFS: VFS: Invalid SecurityFlags: 
[  134.802697][ T6738] CPU: 0 UID: 0 PID: 6738 Comm: syz.1.204 Not tainted syzkaller #0 PREEMPT(full) 
[  134.802739][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  134.802755][ T6738] Call Trace:
[  134.802765][ T6738]  <TASK>
[  134.802775][ T6738]  dump_stack_lvl+0x100/0x190
[  134.802822][ T6738]  should_fail_ex.cold+0x5/0xa
[  134.802857][ T6738]  ? tomoyo_encode2+0xfb/0x3c0
[  134.802892][ T6738]  should_failslab+0xc2/0x120
[  134.802924][ T6738]  __kmalloc_noprof+0xe0/0x850
[  134.802967][ T6738]  ? rcu_is_watching+0x12/0xc0
[  134.803026][ T6738]  tomoyo_encode2+0xfb/0x3c0
[  134.803069][ T6738]  tomoyo_encode+0x29/0x50
[  134.803104][ T6738]  tomoyo_realpath_from_path+0x18c/0x690
[  134.803161][ T6738]  tomoyo_check_open_permission+0x2af/0x3c0
[  134.803197][ T6738]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  134.803267][ T6738]  ? lock_acquire+0x1cf/0x380
[  134.803304][ T6738]  ? find_held_lock+0x2b/0x80
[  134.803343][ T6738]  tomoyo_file_open+0x6b/0x90
[  134.803389][ T6738]  security_file_open+0xb5/0x1e0
[  134.803426][ T6738]  do_dentry_open+0x5aa/0x1660
[  134.803469][ T6738]  vfs_open+0x82/0x3f0
[  134.803510][ T6738]  path_openat+0x208c/0x31a0
[  134.803555][ T6738]  ? __pfx_path_openat+0x10/0x10
[  134.803602][ T6738]  do_file_open+0x20e/0x430
[  134.803634][ T6738]  ? __pfx_do_file_open+0x10/0x10
[  134.803689][ T6738]  ? alloc_fd+0x476/0x790
[  134.803725][ T6738]  ? do_getname+0x191/0x390
[  134.803764][ T6738]  do_sys_openat2+0x10d/0x1e0
[  134.803800][ T6738]  ? __pfx_do_sys_openat2+0x10/0x10
[  134.803835][ T6738]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  134.803882][ T6738]  ? __fget_files+0x21f/0x3d0
[  134.803914][ T6738]  __x64_sys_openat+0x12d/0x210
[  134.803949][ T6738]  ? __pfx___x64_sys_openat+0x10/0x10
[  134.803992][ T6738]  ? ksys_write+0x1ac/0x250
[  134.804032][ T6738]  do_syscall_64+0x106/0xf80
[  134.804067][ T6738]  ? clear_bhb_loop+0x40/0x90
[  134.804104][ T6738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.804134][ T6738] RIP: 0033:0x7f2e0cb9c799
[  134.804159][ T6738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  134.804185][ T6738] RSP: 002b:00007f2e0d97a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  134.804212][ T6738] RAX: ffffffffffffffda RBX: 00007f2e0ce15fa0 RCX: 00007f2e0cb9c799
[  134.804231][ T6738] RDX: 1a6b75d63882a792 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  134.804249][ T6738] RBP: 00007f2e0d97a090 R08: 0000000000000000 R09: 0000000000000000
[  134.804273][ T6738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  134.804289][ T6738] R13: 00007f2e0ce16038 R14: 00007f2e0ce15fa0 R15: 00007ffdb9c241a8
[  134.804329][ T6738]  </TASK>
[  134.804438][ T6738] ERROR: Out of memory at tomoyo_realpath_from_path.
[  135.995742][ T6753] FAULT_INJECTION: forcing a failure.
[  135.995742][ T6753] name failslab, interval 1, probability 0, space 0, times 0
[  136.023619][ T6754] kstrtoul() returned -22 for lu_gp_id
[  136.089547][   T29] audit: type=1800 audit(1773801128.438:20): pid=6754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.208" name="lu_gp_id" dev="configfs" ino=11876 res=0 errno=0
[  136.196104][ T6753] CPU: 1 UID: 0 PID: 6753 Comm: syz.2.209 Not tainted syzkaller #0 PREEMPT(full) 
[  136.196150][ T6753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  136.196168][ T6753] Call Trace:
[  136.196178][ T6753]  <TASK>
[  136.196191][ T6753]  dump_stack_lvl+0x100/0x190
[  136.196245][ T6753]  should_fail_ex.cold+0x5/0xa
[  136.196282][ T6753]  ? create_ruleset+0x21/0x140
[  136.196310][ T6753]  should_failslab+0xc2/0x120
[  136.196343][ T6753]  __kmalloc_noprof+0xe0/0x850
[  136.196409][ T6753]  create_ruleset+0x21/0x140
[  136.196439][ T6753]  landlock_merge_ruleset+0xbb/0x830
[  136.196472][ T6753]  ? prepare_creds+0x5ee/0x950
[  136.196523][ T6753]  __do_sys_landlock_restrict_self+0x2a6/0x9e0
[  136.196584][ T6753]  do_syscall_64+0x106/0xf80
[  136.196628][ T6753]  ? clear_bhb_loop+0x40/0x90
[  136.196664][ T6753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.196693][ T6753] RIP: 0033:0x7f5f4959c799
[  136.196718][ T6753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  136.196746][ T6753] RSP: 002b:00007f5f4a3e2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  136.196776][ T6753] RAX: ffffffffffffffda RBX: 00007f5f49815fa0 RCX: 00007f5f4959c799
[  136.196796][ T6753] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000003
[  136.196813][ T6753] RBP: 00007f5f49632c99 R08: 0000000000000000 R09: 0000000000000000
[  136.196831][ T6753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  136.196848][ T6753] R13: 00007f5f49816038 R14: 00007f5f49815fa0 R15: 00007ffdc3148288
[  136.196887][ T6753]  </TASK>
[  136.774248][ T6761] netlink: 12 bytes leftover after parsing attributes in process `syz.1.212'.
[  137.159924][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[  137.243820][ T6765] netlink: 4 bytes leftover after parsing attributes in process `syz.2.211'.
[  138.261216][ T6782] zswap: compressor  not available
[  139.358041][ T6801] netlink: 12 bytes leftover after parsing attributes in process `syz.2.221'.
[  141.663903][   T29] audit: type=1800 audit(1773801134.078:21): pid=6842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.232" name="lu_gp_id" dev="configfs" ino=12461 res=0 errno=0
[  141.664590][ T6842] kstrtoul() returned -22 for lu_gp_id
[  142.232461][ T6849] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  142.265120][ T6849] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  142.287779][ T6849] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  142.322504][ T6849] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  143.448714][ T6866] netlink: 'syz.0.238': attribute type 33 has an invalid length.
[  144.269627][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  144.275713][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.339685][ T5144] Bluetooth: hci3: command 0x0c1a tx timeout
[  144.345963][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  144.630998][   T29] audit: type=1800 audit(1773801137.048:22): pid=6882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.242" name="lu_gp_id" dev="configfs" ino=12117 res=0 errno=0
[  144.670872][ T6882] kstrtoul() returned -22 for lu_gp_id
[  145.394416][ T6894] netlink: 40 bytes leftover after parsing attributes in process `syz.2.248'.
[  145.665884][ T6895] netlink: 338 bytes leftover after parsing attributes in process `syz.1.247'.
[  145.723460][ T6891] netlink: 338 bytes leftover after parsing attributes in process `syz.1.247'.
[  146.243164][ T6891] kexec: Could not allocate control_code_buffer
[  147.316787][ T6923] netlink: 12 bytes leftover after parsing attributes in process `syz.1.255'.
[  147.871116][ T6932] FAULT_INJECTION: forcing a failure.
[  147.871116][ T6932] name failslab, interval 1, probability 0, space 0, times 0
[  148.014198][ T6932] CPU: 1 UID: 0 PID: 6932 Comm: syz.3.257 Not tainted syzkaller #0 PREEMPT(full) 
[  148.014240][ T6932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  148.014256][ T6932] Call Trace:
[  148.014265][ T6932]  <TASK>
[  148.014276][ T6932]  dump_stack_lvl+0x100/0x190
[  148.014328][ T6932]  should_fail_ex.cold+0x5/0xa
[  148.014361][ T6932]  ? snd_pcm_plugin_build+0x434/0x650
[  148.014397][ T6932]  should_failslab+0xc2/0x120
[  148.014428][ T6932]  __kmalloc_noprof+0xe0/0x850
[  148.014481][ T6932]  snd_pcm_plugin_build+0x434/0x650
[  148.014517][ T6932]  ? snd_pcm_plugin_build+0x4b7/0x650
[  148.014558][ T6932]  snd_pcm_plugin_build_linear+0x254/0x850
[  148.014606][ T6932]  ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10
[  148.014653][ T6932]  ? snd_pcm_hw_params+0x262/0x1cb0
[  148.014701][ T6932]  snd_pcm_plug_format_plugins+0x536/0x1430
[  148.014747][ T6932]  ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10
[  148.014801][ T6932]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  148.014849][ T6932]  snd_pcm_oss_change_params_locked+0x2e3c/0x39f0
[  148.014907][ T6932]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  148.014946][ T6932]  ? __pfx___mutex_lock+0x10/0x10
[  148.015023][ T6932]  snd_pcm_oss_get_active_substream+0x175/0x1d0
[  148.015067][ T6932]  snd_pcm_oss_ioctl+0x1c08/0x3720
[  148.015106][ T6932]  ? __fget_files+0x215/0x3d0
[  148.015131][ T6932]  ? hook_file_ioctl_common+0x146/0x410
[  148.015166][ T6932]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  148.015207][ T6932]  ? __fget_files+0x21f/0x3d0
[  148.015247][ T6932]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  148.015284][ T6932]  __x64_sys_ioctl+0x18e/0x210
[  148.015332][ T6932]  do_syscall_64+0x106/0xf80
[  148.015373][ T6932]  ? clear_bhb_loop+0x40/0x90
[  148.015411][ T6932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.015442][ T6932] RIP: 0033:0x7fd59f99c799
[  148.015468][ T6932] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.015497][ T6932] RSP: 002b:00007fd5a088c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.015526][ T6932] RAX: ffffffffffffffda RBX: 00007fd59fc15fa0 RCX: 00007fd59f99c799
[  148.015546][ T6932] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000007
[  148.015563][ T6932] RBP: 00007fd59fa32c99 R08: 0000000000000000 R09: 0000000000000000
[  148.015581][ T6932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.015598][ T6932] R13: 00007fd59fc16038 R14: 00007fd59fc15fa0 R15: 00007ffe7b73b3a8
[  148.015639][ T6932]  </TASK>
[  148.978507][ T6946] netlink: 16 bytes leftover after parsing attributes in process `syz.3.262'.
[  151.473364][ T6986] ubi0: attaching mtd0
[  151.482099][ T6986] ubi0: scanning is finished
[  151.486762][ T6986] ubi0: empty MTD device detected
[  151.554352][ T6981] ovs_: entered promiscuous mode
[  151.618096][ T6986] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record
[  151.894290][ T6986] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  152.009033][ T6991] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  153.173911][   T29] audit: type=1800 audit(1773801145.588:23): pid=7002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.277" name="lu_gp_id" dev="configfs" ino=13397 res=0 errno=0
[  153.180071][ T7002] kstrtoul() returned -22 for lu_gp_id
[  153.625453][ T7009] FAULT_INJECTION: forcing a failure.
[  153.625453][ T7009] name failslab, interval 1, probability 0, space 0, times 0
[  153.625539][ T7009] CPU: 1 UID: 0 PID: 7009 Comm: syz.1.280 Not tainted syzkaller #0 PREEMPT(full) 
[  153.625577][ T7009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  153.625595][ T7009] Call Trace:
[  153.625605][ T7009]  <TASK>
[  153.625616][ T7009]  dump_stack_lvl+0x100/0x190
[  153.625669][ T7009]  should_fail_ex.cold+0x5/0xa
[  153.625705][ T7009]  should_failslab+0xc2/0x120
[  153.625738][ T7009]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  153.625785][ T7009]  ? __kernfs_new_node+0xd2/0x960
[  153.625838][ T7009]  __kernfs_new_node+0xd2/0x960
[  153.625889][ T7009]  ? __pfx___kernfs_new_node+0x10/0x10
[  153.625944][ T7009]  ? find_held_lock+0x2b/0x80
[  153.625974][ T7009]  ? kernfs_root+0xee/0x2a0
[  153.626015][ T7009]  ? kernfs_root+0xee/0x2a0
[  153.626069][ T7009]  kernfs_new_node+0x11b/0x1a0
[  153.626125][ T7009]  __kernfs_create_file+0x53/0x350
[  153.626167][ T7009]  sysfs_add_file_mode_ns+0x207/0x3c0
[  153.626221][ T7009]  internal_create_group+0x593/0xf40
[  153.626278][ T7009]  ? __pfx_internal_create_group+0x10/0x10
[  153.626340][ T7009]  ? kernfs_create_link+0x1bd/0x240
[  153.626384][ T7009]  internal_create_groups+0x9d/0x150
[  153.626435][ T7009]  device_add+0x71a/0x1950
[  153.626474][ T7009]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  153.626526][ T7009]  ? __pfx_device_add+0x10/0x10
[  153.626563][ T7009]  ? lockdep_init_map_type+0x5c/0x250
[  153.626605][ T7009]  ? __init_waitqueue_head+0xca/0x150
[  153.626659][ T7009]  netdev_register_kobject+0x1a9/0x3d0
[  153.626716][ T7009]  register_netdevice+0x12e0/0x2210
[  153.626772][ T7009]  ? __pfx_register_netdevice+0x10/0x10
[  153.626823][ T7009]  ? __pfx_loopback_net_init+0x10/0x10
[  153.626866][ T7009]  register_netdev+0x34/0x50
[  153.626913][ T7009]  loopback_net_init+0x7a/0x170
[  153.626948][ T7009]  ? __pfx_loopback_net_init+0x10/0x10
[  153.626978][ T7009]  ops_init+0x1e2/0x5f0
[  153.627029][ T7009]  setup_net+0x118/0x3a0
[  153.627078][ T7009]  ? __pfx_setup_net+0x10/0x10
[  153.627123][ T7009]  ? lockdep_init_map_type+0x5c/0x250
[  153.627166][ T7009]  ? mutex_init_lockep+0x110/0x150
[  153.627215][ T7009]  copy_net_ns+0x46f/0x7c0
[  153.627249][ T7009]  create_new_namespaces+0x3ea/0xac0
[  153.627338][ T7009]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  153.627378][ T7009]  ksys_unshare+0x473/0xad0
[  153.627421][ T7009]  ? __pfx_ksys_unshare+0x10/0x10
[  153.627477][ T7009]  __x64_sys_unshare+0x31/0x40
[  153.627516][ T7009]  do_syscall_64+0x106/0xf80
[  153.627559][ T7009]  ? clear_bhb_loop+0x40/0x90
[  153.627599][ T7009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.627631][ T7009] RIP: 0033:0x7f2e0cb9c799
[  153.627658][ T7009] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  153.627687][ T7009] RSP: 002b:00007f2e0d97a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  153.627719][ T7009] RAX: ffffffffffffffda RBX: 00007f2e0ce15fa0 RCX: 00007f2e0cb9c799
[  153.627740][ T7009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  153.627758][ T7009] RBP: 00007f2e0cc32c99 R08: 0000000000000000 R09: 0000000000000000
[  153.627776][ T7009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.627793][ T7009] R13: 00007f2e0ce16038 R14: 00007f2e0ce15fa0 R15: 00007ffdb9c241a8
[  153.627836][ T7009]  </TASK>
[  154.008161][ T7021] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  156.483475][   T29] audit: type=1800 audit(1773801148.898:24): pid=7054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.288" name="lu_gp_id" dev="configfs" ino=12970 res=0 errno=0
[  156.486338][ T7054] kstrtoul() returned -22 for lu_gp_id
[  159.798510][ T7109] vivid-007: =================  START STATUS  =================
[  159.819617][ T7109] vivid-007: Generate PTS: true
[  159.824781][ T7109] vivid-007: Generate SCR: true
[  159.860875][ T7109] tpg source WxH: 320x240 (Y'CbCr)
[  159.867956][ T7109] tpg field: 1
[  159.877223][ T7109] tpg crop: (0,0)/320x240
[  159.894035][ T7109] tpg compose: (0,0)/320x240
[  159.929643][ T7109] tpg colorspace: 8
[  159.933515][ T7109] tpg transfer function: 0/0
[  159.938325][ T7109] tpg Y'CbCr encoding: 0/0
[  159.960366][ T7104] FAULT_INJECTION: forcing a failure.
[  159.960366][ T7104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.999656][ T7109] tpg quantization: 0/0
[  160.010040][ T7109] tpg RGB range: 0/2
[  160.014021][ T7109] vivid-007: ==================  END STATUS  ==================
[  160.036865][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.1.299'.
[  160.059776][ T7104] CPU: 0 UID: 0 PID: 7104 Comm: syz.2.298 Not tainted syzkaller #0 PREEMPT(full) 
[  160.059803][ T7104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  160.059813][ T7104] Call Trace:
[  160.059821][ T7104]  <TASK>
[  160.059829][ T7104]  dump_stack_lvl+0x100/0x190
[  160.059861][ T7104]  should_fail_ex.cold+0x5/0xa
[  160.059882][ T7104]  core_sys_select+0x9b9/0xbb0
[  160.059916][ T7104]  ? __pfx_core_sys_select+0x10/0x10
[  160.059967][ T7104]  ? ktime_get_ts64+0x2d2/0x3f0
[  160.059987][ T7104]  ? read_tsc+0x9/0x20
[  160.060006][ T7104]  ? ktime_get_ts64+0x256/0x3f0
[  160.060028][ T7104]  kern_select+0x20c/0x270
[  160.060058][ T7104]  ? __pfx_kern_select+0x10/0x10
[  160.060094][ T7104]  __x64_sys_select+0xbd/0x160
[  160.060117][ T7104]  ? do_syscall_64+0x95/0xf80
[  160.060142][ T7104]  ? lockdep_hardirqs_on+0x78/0x100
[  160.060166][ T7104]  do_syscall_64+0x106/0xf80
[  160.060190][ T7104]  ? clear_bhb_loop+0x40/0x90
[  160.060212][ T7104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.060231][ T7104] RIP: 0033:0x7f5f4959c799
[  160.060247][ T7104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.060264][ T7104] RSP: 002b:00007f5f4a3e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  160.060282][ T7104] RAX: ffffffffffffffda RBX: 00007f5f49815fa0 RCX: 00007f5f4959c799
[  160.060293][ T7104] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001
[  160.060303][ T7104] RBP: 00007f5f49632c99 R08: 00002000000001c0 R09: 0000000000000000
[  160.060314][ T7104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  160.060323][ T7104] R13: 00007f5f49816038 R14: 00007f5f49815fa0 R15: 00007ffdc3148288
[  160.060345][ T7104]  </TASK>
[  160.654818][ T7119] FAULT_INJECTION: forcing a failure.
[  160.654818][ T7119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.679804][ T7119] CPU: 0 UID: 0 PID: 7119 Comm: syz.1.299 Not tainted syzkaller #0 PREEMPT(full) 
[  160.679842][ T7119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  160.679859][ T7119] Call Trace:
[  160.679868][ T7119]  <TASK>
[  160.679877][ T7119]  dump_stack_lvl+0x100/0x190
[  160.679923][ T7119]  should_fail_ex.cold+0x5/0xa
[  160.679951][ T7119]  _copy_from_user+0x2e/0xd0
[  160.679979][ T7119]  copy_msghdr_from_user+0x9f/0x4f0
[  160.680007][ T7119]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  160.680047][ T7119]  ___sys_sendmsg+0x106/0x1e0
[  160.680082][ T7119]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.680143][ T7119]  __sys_sendmsg+0x170/0x220
[  160.680175][ T7119]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.680225][ T7119]  do_syscall_64+0x106/0xf80
[  160.680255][ T7119]  ? clear_bhb_loop+0x40/0x90
[  160.680283][ T7119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.680306][ T7119] RIP: 0033:0x7f2e0cb9c799
[  160.680325][ T7119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  160.680346][ T7119] RSP: 002b:00007f2e0adf6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.680368][ T7119] RAX: ffffffffffffffda RBX: 00007f2e0ce16090 RCX: 00007f2e0cb9c799
[  160.680382][ T7119] RDX: 0000000000000080 RSI: 00002000000000c0 RDI: 0000000000000006
[  160.680395][ T7119] RBP: 00007f2e0adf6090 R08: 0000000000000000 R09: 0000000000000000
[  160.680408][ T7119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.680421][ T7119] R13: 00007f2e0ce16128 R14: 00007f2e0ce16090 R15: 00007ffdb9c241a8
[  160.680451][ T7119]  </TASK>
[  161.529894][ T7134] kstrtoul() returned -22 for lu_gp_id
[  161.535586][   T29] audit: type=1800 audit(1773801153.938:25): pid=7134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.300" name="lu_gp_id" dev="configfs" ino=13117 res=0 errno=0
[  162.254179][ T7156] FAULT_INJECTION: forcing a failure.
[  162.254179][ T7156] name fail_futex, interval 1, probability 0, space 0, times 0
[  162.336974][ T7161] FAULT_INJECTION: forcing a failure.
[  162.336974][ T7161] name fail_futex, interval 1, probability 0, space 0, times 0
[  162.349737][ T7156] CPU: 1 UID: 0 PID: 7156 Comm: syz.2.307 Not tainted syzkaller #0 PREEMPT(full) 
[  162.349773][ T7156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  162.349786][ T7156] Call Trace:
[  162.349795][ T7156]  <TASK>
[  162.349805][ T7156]  dump_stack_lvl+0x100/0x190
[  162.349850][ T7156]  should_fail_ex.cold+0x5/0xa
[  162.349883][ T7156]  get_futex_key+0x295/0x1620
[  162.349922][ T7156]  ? __pfx_get_futex_key+0x10/0x10
[  162.349952][ T7156]  ? lock_acquire+0x1cf/0x380
[  162.350000][ T7156]  futex_wake+0xea/0x530
[  162.350047][ T7156]  ? __pfx_futex_wake+0x10/0x10
[  162.350088][ T7156]  ? exit_mm_release+0x19/0x30
[  162.350135][ T7156]  do_futex+0x32b/0x350
[  162.350182][ T7156]  ? __pfx_do_futex+0x10/0x10
[  162.350216][ T7156]  ? __might_fault+0xc5/0x140
[  162.350267][ T7156]  mm_release+0x24a/0x2f0
[  162.350297][ T7156]  do_exit+0x704/0x2b60
[  162.350341][ T7156]  ? __pfx_do_exit+0x10/0x10
[  162.350379][ T7156]  ? do_raw_spin_lock+0x128/0x260
[  162.350420][ T7156]  ? find_held_lock+0x2b/0x80
[  162.350446][ T7156]  ? get_signal+0x7e0/0x21e0
[  162.350480][ T7156]  do_group_exit+0xd5/0x2a0
[  162.350522][ T7156]  get_signal+0x1ec7/0x21e0
[  162.350567][ T7156]  ? __pfx_get_signal+0x10/0x10
[  162.350600][ T7156]  ? do_futex+0x192/0x350
[  162.350641][ T7156]  arch_do_signal_or_restart+0x91/0x770
[  162.350678][ T7156]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  162.350727][ T7156]  ? __pfx___x64_sys_futex+0x10/0x10
[  162.350775][ T7156]  exit_to_user_mode_loop+0x86/0x4a0
[  162.350817][ T7156]  do_syscall_64+0x668/0xf80
[  162.350856][ T7156]  ? clear_bhb_loop+0x40/0x90
[  162.350889][ T7156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.350915][ T7156] RIP: 0033:0x7f5f4959c799
[  162.350939][ T7156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.350962][ T7156] RSP: 002b:00007f5f4a3e20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  162.350987][ T7156] RAX: fffffffffffffe00 RBX: 00007f5f49815fa8 RCX: 00007f5f4959c799
[  162.351003][ T7156] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5f49815fa8
[  162.351019][ T7156] RBP: 00007f5f49815fa0 R08: 0000000000000000 R09: 0000000000000000
[  162.351034][ T7156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.351048][ T7156] R13: 00007f5f49816038 R14: 00007ffdc31481a0 R15: 00007ffdc3148288
[  162.351083][ T7156]  </TASK>
[  162.679618][ T7161] CPU: 0 UID: 0 PID: 7161 Comm: syz.1.309 Not tainted syzkaller #0 PREEMPT(full) 
[  162.679660][ T7161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  162.679677][ T7161] Call Trace:
[  162.679686][ T7161]  <TASK>
[  162.679696][ T7161]  dump_stack_lvl+0x100/0x190
[  162.679737][ T7161]  should_fail_ex.cold+0x5/0xa
[  162.679767][ T7161]  get_futex_key+0x1d2/0x1620
[  162.679800][ T7161]  ? __pfx_get_futex_key+0x10/0x10
[  162.679840][ T7161]  futex_wake+0xea/0x530
[  162.679878][ T7161]  ? __pfx_futex_wake+0x10/0x10
[  162.679920][ T7161]  ? putname+0xb1/0x110
[  162.679946][ T7161]  ? kmem_cache_free+0x124/0x6a0
[  162.679985][ T7161]  do_futex+0x32b/0x350
[  162.680016][ T7161]  ? __pfx_do_futex+0x10/0x10
[  162.680043][ T7161]  ? __pfx_do_sys_openat2+0x10/0x10
[  162.680076][ T7161]  ? __fget_files+0x21f/0x3d0
[  162.680102][ T7161]  __x64_sys_futex+0x34f/0x4d0
[  162.680134][ T7161]  ? __x64_sys_openat+0x12d/0x210
[  162.680173][ T7161]  ? __pfx___x64_sys_futex+0x10/0x10
[  162.680216][ T7161]  do_syscall_64+0x106/0xf80
[  162.680248][ T7161]  ? clear_bhb_loop+0x40/0x90
[  162.680277][ T7161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.680300][ T7161] RIP: 0033:0x7f2e0cb9c799
[  162.680320][ T7161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.680341][ T7161] RSP: 002b:00007f2e0d97a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  162.680365][ T7161] RAX: ffffffffffffffda RBX: 00007f2e0ce15fa8 RCX: 00007f2e0cb9c799
[  162.680381][ T7161] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2e0ce15fac
[  162.680395][ T7161] RBP: 00007f2e0ce15fa0 R08: 0000000000000000 R09: 0000000000000000
[  162.680409][ T7161] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  162.680424][ T7161] R13: 00007f2e0ce16038 R14: 00007ffdb9c240c0 R15: 00007ffdb9c241a8
[  162.680455][ T7161]  </TASK>
[  163.411123][ T7180] FAULT_INJECTION: forcing a failure.
[  163.411123][ T7180] name failslab, interval 1, probability 0, space 0, times 0
[  163.461306][ T7180] CPU: 0 UID: 0 PID: 7180 Comm: syz.3.313 Not tainted syzkaller #0 PREEMPT(full) 
[  163.461345][ T7180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  163.461360][ T7180] Call Trace:
[  163.461370][ T7180]  <TASK>
[  163.461380][ T7180]  dump_stack_lvl+0x100/0x190
[  163.461425][ T7180]  should_fail_ex.cold+0x5/0xa
[  163.461457][ T7180]  should_failslab+0xc2/0x120
[  163.461487][ T7180]  __kmalloc_node_noprof+0xe6/0x850
[  163.461524][ T7180]  ? load_msg+0x43/0x4a0
[  163.461564][ T7180]  load_msg+0x43/0x4a0
[  163.461605][ T7180]  do_msgsnd+0x1ad/0x1790
[  163.461643][ T7180]  ? __fget_files+0x215/0x3d0
[  163.461671][ T7180]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  163.461715][ T7180]  ? __pfx_do_msgsnd+0x10/0x10
[  163.461754][ T7180]  ? find_held_lock+0x2b/0x80
[  163.461780][ T7180]  ? __might_fault+0xc5/0x140
[  163.461817][ T7180]  ? __might_fault+0xc5/0x140
[  163.461863][ T7180]  ? __x64_sys_msgsnd+0xe5/0x130
[  163.461905][ T7180]  __x64_sys_msgsnd+0xe5/0x130
[  163.461953][ T7180]  do_syscall_64+0x106/0xf80
[  163.461991][ T7180]  ? clear_bhb_loop+0x40/0x90
[  163.462026][ T7180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.462055][ T7180] RIP: 0033:0x7fd59f99c799
[  163.462080][ T7180] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  163.462116][ T7180] RSP: 002b:00007fd5a086b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000045
[  163.462145][ T7180] RAX: ffffffffffffffda RBX: 00007fd59fc16090 RCX: 00007fd59f99c799
[  163.462164][ T7180] RDX: 0000000000000008 RSI: 0000200000000000 RDI: 0000000000000000
[  163.462180][ T7180] RBP: 00007fd5a086b090 R08: 0000000000000000 R09: 0000000000000000
[  163.462197][ T7180] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001
[  163.462213][ T7180] R13: 00007fd59fc16128 R14: 00007fd59fc16090 R15: 00007ffe7b73b3a8
[  163.462251][ T7180]  </TASK>
[  164.394616][ T7190] kstrtoul() returned -22 for lu_gp_id
[  164.534026][   T29] audit: type=1800 audit(1773801156.778:26): pid=7190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.316" name="lu_gp_id" dev="configfs" ino=13785 res=0 errno=0
[  164.724049][ T7202] FAULT_INJECTION: forcing a failure.
[  164.724049][ T7202] name fail_futex, interval 1, probability 0, space 0, times 0
[  164.739890][ T7202] CPU: 1 UID: 0 PID: 7202 Comm: syz.0.320 Not tainted syzkaller #0 PREEMPT(full) 
[  164.739931][ T7202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  164.739949][ T7202] Call Trace:
[  164.739958][ T7202]  <TASK>
[  164.739971][ T7202]  dump_stack_lvl+0x100/0x190
[  164.740017][ T7202]  should_fail_ex.cold+0x5/0xa
[  164.740054][ T7202]  get_futex_key+0x1d2/0x1620
[  164.740097][ T7202]  ? __pfx_get_futex_key+0x10/0x10
[  164.740141][ T7202]  ? rcu_is_watching+0x12/0xc0
[  164.740187][ T7202]  ? vfs_writev+0x1d5/0xe10
[  164.740232][ T7202]  ? kfree+0x2ec/0x6b0
[  164.740282][ T7202]  futex_wake+0xea/0x530
[  164.740332][ T7202]  ? __pfx_futex_wake+0x10/0x10
[  164.740384][ T7202]  ? do_writev+0x214/0x340
[  164.740438][ T7202]  do_futex+0x32b/0x350
[  164.740479][ T7202]  ? __pfx_do_futex+0x10/0x10
[  164.740522][ T7202]  ? __fget_files+0x21f/0x3d0
[  164.740556][ T7202]  __x64_sys_futex+0x34f/0x4d0
[  164.740603][ T7202]  ? __pfx___x64_sys_futex+0x10/0x10
[  164.740643][ T7202]  ? __pfx_do_writev+0x10/0x10
[  164.740701][ T7202]  do_syscall_64+0x106/0xf80
[  164.740743][ T7202]  ? clear_bhb_loop+0x40/0x90
[  164.740782][ T7202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.740813][ T7202] RIP: 0033:0x7fd53e39c799
[  164.740839][ T7202] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  164.740868][ T7202] RSP: 002b:00007fd53f2ed0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  164.740897][ T7202] RAX: ffffffffffffffda RBX: 00007fd53e615fa8 RCX: 00007fd53e39c799
[  164.740915][ T7202] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd53e615fac
[  164.740932][ T7202] RBP: 00007fd53e615fa0 R08: 0000000000000000 R09: 0000000000000000
[  164.740949][ T7202] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  164.740966][ T7202] R13: 00007fd53e616038 R14: 00007ffd116511e0 R15: 00007ffd116512c8
[  164.741007][ T7202]  </TASK>
[  168.742600][ T5144] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  170.819809][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  171.153668][ T7313] netlink: 12 bytes leftover after parsing attributes in process `syz.2.344'.
[  171.229036][ T7313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.344'.
[  171.445958][ T7317] FAULT_INJECTION: forcing a failure.
[  171.445958][ T7317] name failslab, interval 1, probability 0, space 0, times 0
[  171.469397][ T7317] CPU: 1 UID: 0 PID: 7317 Comm: syz.1.345 Not tainted syzkaller #0 PREEMPT(full) 
[  171.469440][ T7317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  171.469457][ T7317] Call Trace:
[  171.469472][ T7317]  <TASK>
[  171.469483][ T7317]  dump_stack_lvl+0x100/0x190
[  171.469531][ T7317]  should_fail_ex.cold+0x5/0xa
[  171.469567][ T7317]  should_failslab+0xc2/0x120
[  171.469599][ T7317]  __kmalloc_cache_noprof+0x7a/0x6f0
[  171.469638][ T7317]  ? snd_pcm_oss_change_params_locked+0x211/0x39f0
[  171.469685][ T7317]  snd_pcm_oss_change_params_locked+0x211/0x39f0
[  171.469733][ T7317]  ? __mutex_lock+0x26a/0x1b90
[  171.469782][ T7317]  ? snd_pcm_oss_sync+0x243/0x840
[  171.469818][ T7317]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  171.469860][ T7317]  ? __pfx___mutex_lock+0x10/0x10
[  171.469910][ T7317]  ? __fsnotify_parent+0x2b4/0xca0
[  171.469955][ T7317]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  171.469995][ T7317]  snd_pcm_oss_sync+0x265/0x840
[  171.470038][ T7317]  snd_pcm_oss_release+0x238/0x300
[  171.470075][ T7317]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  171.470113][ T7317]  __fput+0x3ff/0xb40
[  171.470159][ T7317]  task_work_run+0x150/0x240
[  171.470205][ T7317]  ? __pfx_task_work_run+0x10/0x10
[  171.470262][ T7317]  exit_to_user_mode_loop+0x100/0x4a0
[  171.470308][ T7317]  do_syscall_64+0x668/0xf80
[  171.470349][ T7317]  ? clear_bhb_loop+0x40/0x90
[  171.470397][ T7317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.470429][ T7317] RIP: 0033:0x7f2e0cb9c799
[  171.470454][ T7317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.470483][ T7317] RSP: 002b:00007f2e0d97a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  171.470513][ T7317] RAX: 0000000000000000 RBX: 00007f2e0ce15fa0 RCX: 00007f2e0cb9c799
[  171.470532][ T7317] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  171.470549][ T7317] RBP: 00007f2e0cc32c99 R08: 0000000000000000 R09: 0000000000000000
[  171.470567][ T7317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.470585][ T7317] R13: 00007f2e0ce16038 R14: 00007f2e0ce15fa0 R15: 00007ffdb9c241a8
[  171.470626][ T7317]  </TASK>
[  171.814275][ T7319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.346'.
[  172.099732][   T10] ==================================================================
[  172.099753][   T10] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60
[  172.099803][   T10] Write of size 8 at addr ffffc900040f9100 by task kworker/0:1/10
[  172.099828][   T10] 
[  172.099842][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) 
[  172.099875][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  172.099894][   T10] Workqueue: events_power_efficient fb_flashcursor
[  172.099924][   T10] Call Trace:
[  172.099933][   T10]  <TASK>
[  172.099945][   T10]  dump_stack_lvl+0x100/0x190
[  172.099997][   T10]  print_report+0x156/0x4c9
[  172.100038][   T10]  ? _raw_spin_lock_irqsave+0x52/0x60
[  172.100075][   T10]  ? __virt_addr_valid+0x81/0x620
[  172.100113][   T10]  ? sys_imageblit+0x19fb/0x1d60
[  172.100151][   T10]  kasan_report+0xdf/0x1e0
[  172.100181][   T10]  ? sys_imageblit+0x19fb/0x1d60
[  172.100224][   T10]  sys_imageblit+0x19fb/0x1d60
[  172.100263][   T10]  ? __pfx_sys_imageblit+0x10/0x10
[  172.100302][   T10]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  172.100349][   T10]  soft_cursor+0x524/0xa10
[  172.100381][   T10]  ? lockdep_hardirqs_on+0x78/0x100
[  172.100420][   T10]  bit_cursor+0xe58/0x16f0
[  172.100454][   T10]  ? __pfx_bit_cursor+0x10/0x10
[  172.100488][   T10]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.100533][   T10]  ? get_color+0x1da/0x450
[  172.100556][   T10]  ? __pfx_bit_cursor+0x10/0x10
[  172.100584][   T10]  fb_flashcursor+0x338/0x430
[  172.100609][   T10]  process_one_work+0xa23/0x19a0
[  172.100654][   T10]  ? __pfx_process_one_work+0x10/0x10
[  172.100696][   T10]  ? __pfx_fb_flashcursor+0x10/0x10
[  172.100721][   T10]  worker_thread+0x5ef/0xe50
[  172.100762][   T10]  ? __pfx_worker_thread+0x10/0x10
[  172.100800][   T10]  ? kthread+0x13a/0x450
[  172.100832][   T10]  ? __pfx_worker_thread+0x10/0x10
[  172.100868][   T10]  kthread+0x370/0x450
[  172.100901][   T10]  ? __pfx_kthread+0x10/0x10
[  172.100936][   T10]  ret_from_fork+0x754/0xd80
[  172.100984][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  172.101024][   T10]  ? __switch_to+0x7b4/0x1120
[  172.101052][   T10]  ? __pfx_kthread+0x10/0x10
[  172.101087][   T10]  ret_from_fork_asm+0x1a/0x30
[  172.101123][   T10]  </TASK>
[  172.101131][   T10] 
[  172.101138][   T10] The buggy address belongs to a vmalloc virtual mapping
[  172.101157][   T10] Memory state around the buggy address:
[  172.101171][   T10]  ffffc900040f9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  172.101190][   T10]  ffffc900040f9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  172.101208][   T10] >ffffc900040f9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  172.101222][   T10]                    ^
[  172.101235][   T10]  ffffc900040f9180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  172.101254][   T10]  ffffc900040f9200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  172.101268][   T10] ==================================================================
[  172.101283][   T10] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  172.101300][   T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted syzkaller #0 PREEMPT(full) 
[  172.101330][   T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  172.101347][   T10] Workqueue: events_power_efficient fb_flashcursor
[  172.101372][   T10] Call Trace:
[  172.101380][   T10]  <TASK>
[  172.101389][   T10]  dump_stack_lvl+0x100/0x190
[  172.101426][   T10]  vpanic+0x552/0x970
[  172.101451][   T10]  ? __pfx_vpanic+0x10/0x10
[  172.101476][   T10]  ? __pfx_vprintk_emit+0x10/0x10
[  172.101503][   T10]  ? sys_imageblit+0x19fb/0x1d60
[  172.101540][   T10]  panic+0xd1/0xe0
[  172.101572][   T10]  ? __pfx_panic+0x10/0x10
[  172.101601][   T10]  ? sys_imageblit+0x19fb/0x1d60
[  172.101638][   T10]  ? check_panic_on_warn+0x1f/0x90
[  172.101677][   T10]  check_panic_on_warn.cold+0x19/0x34
[  172.101706][   T10]  end_report.part.0+0x3a/0x90
[  172.101742][   T10]  kasan_report.cold+0xe/0x18
[  172.101781][   T10]  ? sys_imageblit+0x19fb/0x1d60
[  172.101822][   T10]  sys_imageblit+0x19fb/0x1d60
[  172.101862][   T10]  ? __pfx_sys_imageblit+0x10/0x10
[  172.101905][   T10]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  172.101960][   T10]  soft_cursor+0x524/0xa10
[  172.102000][   T10]  ? lockdep_hardirqs_on+0x78/0x100
[  172.102040][   T10]  bit_cursor+0xe58/0x16f0
[  172.102074][   T10]  ? __pfx_bit_cursor+0x10/0x10
[  172.102109][   T10]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.102154][   T10]  ? get_color+0x1da/0x450
[  172.102178][   T10]  ? __pfx_bit_cursor+0x10/0x10
[  172.102207][   T10]  fb_flashcursor+0x338/0x430
[  172.102233][   T10]  process_one_work+0xa23/0x19a0
[  172.102278][   T10]  ? __pfx_process_one_work+0x10/0x10
[  172.102321][   T10]  ? __pfx_fb_flashcursor+0x10/0x10
[  172.102348][   T10]  worker_thread+0x5ef/0xe50
[  172.102390][   T10]  ? __pfx_worker_thread+0x10/0x10
[  172.102428][   T10]  ? kthread+0x13a/0x450
[  172.102461][   T10]  ? __pfx_worker_thread+0x10/0x10
[  172.102496][   T10]  kthread+0x370/0x450
[  172.102529][   T10]  ? __pfx_kthread+0x10/0x10
[  172.102565][   T10]  ret_from_fork+0x754/0xd80
[  172.102608][   T10]  ? __pfx_ret_from_fork+0x10/0x10
[  172.102647][   T10]  ? __switch_to+0x7b4/0x1120
[  172.102676][   T10]  ? __pfx_kthread+0x10/0x10
[  172.102711][   T10]  ret_from_fork_asm+0x1a/0x30
[  172.102747][   T10]  </TASK>
[  172.103103][   T10] Kernel Offset: disabled