last executing test programs:

6m3.966145581s ago: executing program 1 (id=1840):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x129400, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
read$auto(r0, 0x0, 0x9)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/options/blk_classic\x00', 0x5, 0x0)
r2 = openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0)
writev$auto(r2, &(0x7f0000001900)={0x0, 0x100000000}, 0x8)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)
r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000080), r1)
sendmsg$auto_GTP_CMD_ECHOREQ(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r3, 0x10, 0x70bd29, 0x25dfdbff, {}, [@GTPA_TID={0xc, 0x3, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x48000}, 0x80)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/net/teql0/statistics/rx_dropped\x00', 0x80000, 0x0)
read$auto(r4, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfdef)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

6m3.759722431s ago: executing program 1 (id=1842):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/carrier_down_count\x00', 0xc4e81, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0)
writev$auto(r0, &(0x7f00000001c0)={0x0, 0x4}, 0x3611)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xeb1, r1, 0xac4)
mbind$auto(0x2000, 0x2000000100000008, 0x2100000000, 0x0, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/loadavg\x00', 0x202, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x8000000009b72, 0xffffffffffffffff, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x1, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0)
lseek$auto(r2, 0x4, 0x0)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/pagemap\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x39b8)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
close_range$auto(0x2, 0xa, 0x0)
socket(0x1, 0x5, 0xb)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x169a02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2a, 0x6, 0x101)

6m1.353817368s ago: executing program 1 (id=1853):
mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0)
mmap$auto(0x0, 0x10000, 0xe2, 0xeb1, 0x405, 0x20000000008000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
ioctl$auto_BLKALIGNOFF(r1, 0x127a, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r2, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYBLOB="16018d8e82d8e469fdd8c9f27e056e81bc35907492ec2617766f61c7ce27126f3618c51a89c8f0a556d235"], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r2)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r2)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYRES8=r0, @ANYRESDEC=r0, @ANYRES8=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x57e)
fcntl$auto_F_ADD_SEALS(r3, 0x410, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2000006, 0xdf, 0xeb1, 0x401, 0x4)
socket(0x6, 0x6, 0x4)
socket(0x26, 0xe3d3b3b5d78160da, 0xfff)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, r3, 0x40004004)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x5311c0, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r5)
ioctl$auto_KVM_CREATE_VM(r4, 0xc048aeca, 0x0)

6m0.959988849s ago: executing program 1 (id=1847):
r0 = open(0x0, 0x4242, 0xe1d2b27bdc14aabc)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000014c0)={{&(0x7f0000001300)="47862d085a68a69af18d1f2bed44356da2256019e4880ba79a47132cb253d22a0dc9e280deeaefe11477914b37642e3b6e8bad83bd177d802c8ef866e74601cbd5718a853dc55fffa5ca7736b445584384ae646a6e90d9960fec1ea6", 0x3, &(0x7f00000013c0)={&(0x7f0000001380)="28850bcc6f4e6718495b78fc4cead67a09cb3918", 0x3}, 0x4, 0x0, 0x1, 0x6}}, 0x5, 0xa)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8ee46, 0x0)
r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x6065c0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x13, r1, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsf\x00', 0x12, 0x0)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
mremap$auto(0x3, 0xffffffffffffffff, 0x3fdb, 0x3, 0x7fffffffb000)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f0000000280)=""/40, 0x28)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000001380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xfc\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\r&\xec\xb8\xb1Z\\\xc9L\xb2\t\xddbH|\xffGP\x97)\xb9:nqn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc$\xa0\xa5\xce\xca\xe1P\xf7\xe5_\xca\xd5\xd8\xa4g_\xb1\x88\x8cAJS\x11\x8b\xd1%a\xe5DPk\x8c\xf9\xfb\xe0+\xdb\x12\x10.F\x00\xc37\xc7\xbf\x80\xbeu\xe1V\xb2\xc5\xc9\x1a\xc7\xdc}!\x10\xb1\",1%\x0e\xeb\x15\x15me\xe1a\x03\x18{\xb03+\x93*vB\xc6\xf1\xc6\xff\xbbt\x04!\xb6\v\xde2\xc9\x89#\xbaR\xee\x13jF%\xf2\x15\x9a\x82&\x89o\xa9\xd9\xbfFY\x90\x8c\xa0\xe4\x9d\xa2\xcd\x9a\xb5TC\xc4\x9d\x9ePb]\xaa\xc7f\x06N\xc5\xfa{\x02Y\xae\xf4(\xaa\x06);{?\x1e\fu\x19b\xdf$,\x01\"\x94\x00\x00\x00\x00\x003\xcfZ\xaf~<\xba\xb7\xa03\x8c\n*krS\x19Q#\x8f\xfbW\xad\xe0\xb3o\xcb\xf7\xda\x87C\x99\x1a\xa8\xc1\xe3\xc6%\xac\x01@*\xa0\xc4\xedn-lT\xe6*?\'\x9dW=\xa7\x03\x06\x83 IT\xa3\x7ff\xb6\x95\xe5\xd2\n\xaf\x87`\xce%\xf6 &\xa7M5I\x9c\x17h\x8c\xa4\x98\x16\xe0\xd9?Y\x7f\xf6\x85_{\xfd9p$B9_\xd8\xf4\x0e\xd0\xfa\xe7\xb0\xb8\xa0\xd7\a\xff.\"\x81\b\xb0\xb4\x84\xac\xad\x1b\x93~_\xea\xfe7\x03\"\xd9\x1d.\xe5{bHX\x14\xa1\bO\x03[^\x85jP\x89\t\x06GI\xb7\x99\xb2zZf\xc8\xd4\x8d\x1c\x1e\x03\xb9\xa7Nt\xae\xfff\xf9\tx\xae\xa8\x05\xb14\xc6\x9b\x1f\xd3\x01#\xc6\nb\xd4\xb4\xc8?\xa7\xe2R\xc1\xcf\xd2\xbc\xae\xd1\xc2\x88\"\xf3\xf0\xc0uQy\xec\xfab\xd6\xcd\x16)\x19*E\vm\x8d\x1bG:\x80\'pJ', 0x4100000a3d7)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x8040, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f0000000100)=""/184, 0xb8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4", @ANYRES32, @ANYRES32, @ANYRESDEC=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x20000040}, 0x40080)
close_range$auto(r2, 0xffffffffffffffff, 0x2)
socket(0xa, 0xa, 0x0)
r6 = socket(0x18, 0xa, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r7 = socket(0x2, 0x1, 0x106)
getsockopt$auto(r7, 0x0, 0x33, 0xfffffffffffffffe, 0x0)
connect$auto(r6, &(0x7f0000000000)=@in={0x2, 0x100}, 0x26)
getsockname$auto(r6, &(0x7f0000000200)=@l2tp={0x2, 0x0, @rand_addr=0x64010100, 0x1}, &(0x7f0000000080)=0x771a)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f2, 0x15)

5m59.813471929s ago: executing program 1 (id=1851):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socket(0x28, 0x5, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00000000000000000000000000000000000000000000000000cadb00", 0x3ff, 0x408, 0xf, 0x400001, 0x200000000040000d})
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
write$auto_tty_fops_tty_io(r6, &(0x7f00000009c0)="8939cc4d36227fdb35e4a7779345a4d999cb1552f41b34b4003355454e96e6647b34e58345a013e46d9380cd77dcd9b5804ab378df5b19fd93b23d547b6a39e0563f1da27d880a0c7a41ada96f5899128a2f138a38855f3a0e5090cfcb022a807fd8d8410e21962aea3354ff7d28917ad17443189afcba863b21eedff9ef8944e15848033f30ec1ce206287db0755992c3d95fa6c7a2ecb44696ce661038bdc304c775605215501e237d8713947274ff5249f4fefe090d0581a07ac675fdc5da272124ae5975977941ead35326b8dd9ef2562c730a1df3116a5e25f19463fb391d3ba275758c4dd50d5bb8ecd6b3b07ebadfc8c978bb7e15a95c5bd06356d6d9d9e89db59312c4f8452f55ba7013b2691ca80c7db06df2026b190ae22bd233128b0459f8e22f77579ee7f7c6054e4eb33480be2d6e034dd96379f65937a7edf67a2d6b9fc5bb4253bb95d4bedd94da5d5cd944ccfa98c65c25dc3ab8fda6e68d77806b21e624aae3a6435c313b15894332942eb58e2bc6a0582aceaeb594578a2908b49a6f2ce66aac2e2ee4cadfc452cb953a51449039dbb5c7e84405d9cb335afbed3384ffc695b954cc51531bb083df05e2af461c2a7a0a697d0d59c565f5cfd3b354f051d5637fd1f72aeb79be3567215c648ae85541c9f3c4856229247b1225d327ed57fa7981424b39ebbb77a0f6ca5778ed0c9713d68aedd19627de8edf485f9155261ede5c803da5ce248f4c93a1b9925ee07d3f42c8f999252655c582ff47da1e6d010449345c4f3a43336547112ef4e8e0bd0829027b6dcb8fb127171eeb7a38470592c8422bc5c9bb784c281d20847eb79fef43fd38aa88f1a8639728267aef7a74fc40cc54cefea2807f598cd25f3c1bd8ab17fc88aac82179057717177355a1103433d8f7468a8f49d7d5dd8093f6882a791ce983aa4e03bf1a91e938b8da4f9cb41d6371579d9feb55636d8626b9e339d5e54a2397537e9b2f5bb846f1d0dd4614ad5f68fa35ea3f366a12eb4d51aad810856db0f11974bda08daf259c9477053847f17074fbbcbce75472cb9acada0b400f4fa85b71a97e7c686b2ba98e3d2bbb905d9e82430a2730d8d3465d9b632ba07fd746b2a394feb76db7501208f559be2a151c205103c4481cae7352f7117e6c626f25f0b3367d50a1ea87a38136b6ca64e1ef51207c0d6c06dfe86336b65caeee24138f1ca0955135c5d2b49743b0e51f98b7a8bd3a5ac50ca3a5d6e8e17cdf154bae7fa031b40b83b285b58eb47277920fc28ef916d5ae8536458577a37b73ae29312fee7885c405417d454e38dbe50ef1a8603e28611bf4d6b63251a1abc190581c6efe832d62d6ce8f6c4a64c7e018427b5fadddc1cec3896ed51c977d9e3f7c0d1e8f8d75693e1ead5a7a3714843fb3517bd0ddc68936c801692cce52ba003036764dc7f016e342a54f99916fc595dba1fc76222c5e814a1b71c6b9b735240e6bf747a900f6048b2836af70c6aa717701312c61c965d8ca1bdafb5d3623b2ee9b7e4a767ed76defd661a9f18bffaeada811ac2ad6731bf96274b019498c5552b38678ff0aedb465713d895595b92e2bc9e1b3acec28f3ee5831951582f2ad1831ddce1300dcc4547ec444eae5c614719be9c3d397fc1db1a76d954cbc9b7a0d7c8d1eab3eeccd70b17dcd7c3543b6d9effbea67c4ade126c6fbfdee281fe3479c3052e68cf8441a50a6adc59dec8de4261a117e0286eea92ecc88230fdfdca1ed438026e238e6dbfdc4772dccb17737c398add9644b47bfb1a3e3a4b1316ec25ea07f90f858736e80dbb9c882701e7188d315391c538469695f33d266550fb873f47a12518717c83bec4e0cce65958d08a0e287df6a08efd979e087814b1822681ba6ea015714fd66af5100967e152262973b065ed349398aa13bb4329b4f56081aba2ba73ede47a2f1b2dbd5daeaf4d4f790a030e3c1fac30da1b5f6149074de6d76b1635adf44016027efd4ac08c93983e0935c1c8b38a675d5c356483539624e1f402439e6a55529a44c17207d6a5f9d0a2b1745ccb5d4e7332a2b2467c9690c9b7fb9fa73b4da5d3eadd347b89bf05a6aacac989ce9f1398729a4b3383c64c64cc68a8638735ebd80fb9ba2ee9e30e65a56d5676f2b607567f2a07adba966b210339d6a8cc404ffdcbf8ac02216239cc9e0abec2e2aa1d27d658913c83ae08657439bf32213d6b3c3fbb37f978a1820d23be11511869e5884ccab0de2a2ac982d58f01e88b54a54b0f50cc0ff699e39f86d74371f1667927ea4ba96af4c98b05e2b1d4115ef892332ab7ac777f1537f3ce78a2889fab969aa6a11f9e855ec1ba09096346fe930737e6760688c91a60bce3f173c24fa1efcbe5d12869ba34883f95e6bc90c61994f6761c305f5de4a0f79f6b3403249190542edd86d7231f0d89d1519ccab3ef35e3dc9e35a5031ab1cb888a8ace8cbe67073c19f8060ea78bf6d6a8970ed1aae35246df0b825d325279ae4c2a838e0e1f40a3c9615b06b2c4e929942a2d820a82ef19d355754caa45119d5e07f9052bf02ed05de6e07bf46758255d8ef077fd04e971b5117f8ef54f20559c98a9c51df5ed7d2db8f2085ce9947b474c7f00f4a1585507e2344a53a597292a338dd39592df962267a835d091dc9f1c5e7a6a0f1215a0015d9083720aee97b7fa1aa7f4fbcf698018980ebe5cd928e6ea1f1c4e6087678cfa687f1f6cea280fb9f24496211fb00b3788bf4ac4cf5d0972c398baa70fc54dc28a9fd3b838a5732b5039602d5049afc135cfef8053a20359287d53bcce117c7c36147288178cef8dac66f4b941333dd74cf2e9e22ce1be287f1ea2c0d5f476ea74a996d5952c98714a9939084f87bb525f287214567bf1da94d8d098640215d14800f09367aaade0f57ad08dc581dc19d21bdd640d1d3cf54336bb0feafc14d9709f719b1212eee75d9f8b958783cce8a535cb6a1b890e002fefa0e60597275ca2d516b28ef1d1ce3f25184b20726cb59ccab574b8d0ffd30fce23936ec84224991a6f9d2fd74def41248726f86e413dd13e9be77f1856fa1b5803312b8a9179914980bb70873a380278f1c6ad42186b14933892427939f83556e9d130607c1b3e1292da5ba6908b642a11d2814b7ea8b7442ae9aaea89948a58cba34807e617404af7e34ecc449be8c403ee536f311af194d63c9120e0268c3f7e2cafc739b6a0575396d61e55707820fe6eb6a71ce094b931d67b8be93937542e3f7e5bb80ab033d979b3c1bff4ff367934c73198fd04571e7a74b9376894d4b0c45a53b7711cecdd98fc87980b82019db23bf4f41ad8182b6861cab9fdb8f882eddc568f5f35e798350857b3818e2e0ef189cf08825355a9ffec231c0f5039b80764f3c7d1f2371fc71216e8f8d83bce4273bcbf22908d81b7c28d664e574e396098ad8fb0bcd68dbc3d1bb0f0bf295df0ae59339381ee231536c7d3b949072a5a2ba5245cb57848dfbb7cbcb7cbdae9b96752c824410eb46f6978051ae5734c278292a90f3c395f098162d4a43c7f449b1cd8208e15fe97c11c25b663a837348b45e059998a10f1c05490dae27b12508decaafec265eb2c22f3df91291922c80e33f479a77078717a7beea74972a7817e791e2cedcaafb43d1bb71ae86242f3375633bdcf0176ef26075446d3cf999df207983af46406defa8aaab0071a24c273a6b2ef78c47efdc0950a3bf486e1f0c26587b8de77a7fbfeb10a22485a6ec662f3afa0508343f9019a8a04118a30c78d89311da9fddfab1cd44f0c2c2f934ba94e88862fb2121893dab164b3edd2d3b0f4658624f6883099353b1bd0e0601f5397c5a5d6689890b207189602ee61524acc886ab1276aecf1a0bb4fbc85ff7e4881a977513ea0abd446b757464f6caa3485c3d08a4dc810ce21d85cfffc4fa07015ae41b1c7a6ba1858566db8ecaa0dd1cd6e5b7e3cc2a344399e89103954e380ee58b62cd508c587c9946b05433af55959a2ad30fb9b521c64f57321a23e4ac9866f356d28b29302f9604303bc66215696874eaf63e7a37056f78ac3034dc63db9315edb5bc7ada518e02b28281893792ac39374220645694c8e437358b5117f1e2d8269125111afc070ff118ec3a38d949c9ca4a7a1ce6dcac1e2a8e63af511d140b23a86cb78a7a47c4a9e2dcd4587ae32a36e47ed7a7a6e84bf1dbc60b0b00773b4bc0c9ebd38f0e8ccaa0eef5199229057f93c12988cd52317e64c9668b74e946a5cf837320f0889a427f84431f20540dc17eeb0587e51bd05ae9478dd42d215849d50cb745dd9d2d90c294a404ec95941d39ffacbe0e02c0fb6b017042986f1bb00e675a26eb0e65654eb130e5ad3b67cf73b89783effdebf50788f5287ebf2b1d96a4a94e37f39a9bfa0e6c95791a6fd5b5bc083af38afd3fb3ae0f17736f020d8b055a8081121d9f5d563cba2d8b803c4c687ea9184aa09445af016c77d946b03fca370c157f3c7b61ada339a9d3b1b5d18d68e3d66db596164720b09b1426bae1b96c7c5c201a5b232742cfcba1c45164165b5f342548354c2e040fc3a9dbb77dd35ae1f84aa89360fbd232637c0522c64088d7e4313311708c5525538c2e0db4d25143306e93492170413f1f85c3e582ca354164e14b5d3bb33fd808a8b608e29f744333fc670f3816829c1a8583a7b158154a988f5b3b97c38add8146f2faa7c30acc309763eee280251c0a1e1b2d26bd377531a00a2dc54696b90045b17bba7e76dcef64714fecd12c3e84bcc7cffa17b18c6bbcc39960f4156ef05e368c4f205e8dc05a668b09548c2ced5927e6dab63a9e196aa42034ac8f4b9fb9ee4d8cd9c0fb435efaf5c7f4059607a2ac5669f5ebfd5c6db2579e465a3ca09c2a8441fabd977ada9ef15d795c891810ff1cf95bf071ecd4cd4b8fff8a1e63e08e790edef1aced37d8cab6d66696bbfce01ed7e22aefa9dc81de1fb212c4153ca29647d85b84def3234bfeaac52f6e1d567987d0b92ef04f9822acd1c25f532ba96c513954af88288b2d3a100bb9bc33df9b86ba471b2c7eed43d64422831455d144709d2ca4582559fb2a8cdc1c0686c686bbd04bd81f6116c7b8480c990651c4eab199dd27fecce28ab10965b60d0d062f66c0055cf7c0bf5b9779a65960dc059cdbb15c8f2a984d852e05f90203847b6f8bfbdf6d908055d28c7a96249b0909354d", 0xe68)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), r7)
ioctl$auto_BLKSSZGET(r5, 0x1268, 0x0)
sendmsg$auto_GTP_CMD_ECHOREQ(r7, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)={0x24, r8, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @loopback}, @GTPA_LINK={0x8, 0x1, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4091}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x9488, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x7ff, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0x8001, 0xfffffffffffffffe, 0x80000000, 0x335b0eef, 0xffffdfffffffff81, 0x4]}, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
close_range$auto(r6, r4, 0x1000)
sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000280)={0x1c, r1, 0x9ec6579d452c1f15, 0x70bd2c, 0x25dfdbfb, {0x16, 0x0, 0x300}, [@TIPC_NLA_BEARER={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x1}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x20000080)

5m58.787360901s ago: executing program 1 (id=1854):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
fcntl$auto(0x3, 0x4, 0xa553)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x1000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0xc)
socket(0x15, 0x5, 0x0)
r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x3)
landlock_restrict_self$auto(r0, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x8c601, 0x0)
unshare$auto(0x40000080)
ioctl$auto_TCSBRK(r0, 0x5409, &(0x7f0000000200)="fddfc2f41831363c4a739ebf119c9326b5301871685773496bacb21aa65786d083a44faca6e272a7a84891eecebd307ad0a33a97b8734728dc55dfb0020b0d5c41b806c7ced059ef4c347bb9a6da096d375c6d2dcb24dbba838d6719203ea1759e3125023bd9b97fb33a9ce4861004a30343383eb42d2c8fcc2b8a619b2092ec4b27fd197f1d1e8354fe00ce9fa2e61c8fb363a5c8cd3e80660be7509fea0f2569")
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, &(0x7f0000000100)="63f375ac4758a330bc9bd5ecc9604d0ff03a6368b8dcc7f50841f397dcd249653b1bd3ad12f5ba10a61512433be55c13fb29e2917fdfb01534", 0x3)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x2001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
pread64$auto(r1, 0x0, 0x8, 0x8000)

5m43.27737591s ago: executing program 32 (id=1854):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
fcntl$auto(0x3, 0x4, 0xa553)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x1000)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0xc)
socket(0x15, 0x5, 0x0)
r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x3)
landlock_restrict_self$auto(r0, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x8c601, 0x0)
unshare$auto(0x40000080)
ioctl$auto_TCSBRK(r0, 0x5409, &(0x7f0000000200)="fddfc2f41831363c4a739ebf119c9326b5301871685773496bacb21aa65786d083a44faca6e272a7a84891eecebd307ad0a33a97b8734728dc55dfb0020b0d5c41b806c7ced059ef4c347bb9a6da096d375c6d2dcb24dbba838d6719203ea1759e3125023bd9b97fb33a9ce4861004a30343383eb42d2c8fcc2b8a619b2092ec4b27fd197f1d1e8354fe00ce9fa2e61c8fb363a5c8cd3e80660be7509fea0f2569")
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, &(0x7f0000000100)="63f375ac4758a330bc9bd5ecc9604d0ff03a6368b8dcc7f50841f397dcd249653b1bd3ad12f5ba10a61512433be55c13fb29e2917fdfb01534", 0x3)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x2001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setresuid$auto(0x0, 0x7, 0x8080)
setfsuid$auto(0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0)
pread64$auto(r1, 0x0, 0x8, 0x8000)

47.219148842s ago: executing program 2 (id=2802):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0)
mmap$auto(0x20000000000101, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x2, 0x4, 0x5, 0x100000001)
close_range$auto(r0, r0, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x2002, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x40100000000aa)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x9, 0x1ffe0, 0xfffff75b, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffc]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

46.00988931s ago: executing program 2 (id=2806):
mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000)
ioctl$auto(0xc8, 0x800454d2, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x100, 0x0)
r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x20080, 0x0)
poll$auto(&(0x7f0000000040)={r0, 0x1000, 0x1c9}, 0x2, 0x7)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/bridge/bridge-nf-pass-vlan-input-dev\x00', 0x202, 0x0)
sendfile$auto(r1, r1, 0x0, 0x200)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x800, 0x0)
mmap$auto(0x0, 0xe883, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0xfffffffffffffffc, 0x40000a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0x2)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x38}}, 0x54)
madvise$auto(0x110c230000, 0x8031ca, 0x9)
madvise$auto(0x110d230000, 0x1, 0x9)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x0, 0x0)
sendfile$auto(r2, r3, 0x0, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0x2, 0x0)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
sendfile$auto(r4, r4, 0x0, 0x10000800000003)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/003/001\x00', 0xab01, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000100)={0x2, 0x0, 0x8000004, 0x81, &(0x7f0000000040)="a006", 0x100400, 0x2d, 0x6, @number_of_packets=0xfffffff3, 0x45a, 0x0, 0x0})
r6 = timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0xff)
fsetxattr$auto(r6, &(0x7f0000000280)='/dek\x85bus/usb/003/001\x00', &(0x7f00000001c0)="d9f6fd8f976809ec5affb5a0a3322d0a082b2b685a8e624d23fefa5ebd13269c7ed4f2a00da29f085217b737337fa6cb2a29ec02ecccc25406c6f6e50cac197d4e3988d74810ca0710cabbdde584064cff537696ffe35f24839c44e41cce1f19fe30c1", 0xfffffffffffffff7, 0x91d)

42.083988157s ago: executing program 2 (id=2817):
r0 = socket(0x2, 0x3, 0xa)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x7, 0x1, 0x9, 0xc98c20f, 0x3e, 0x93f, 0x1fee5, 0x3, 0x200006, 0x2, 0x202, 0x5, 0x8008, 0x4, 0xb0, 0x9, 0x1, 0x3, 0x8, 0x4, 0x10, 0xb65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x800, 0x0, 0x0, [0xffffffffffffffff, 0x7fffff7f, 0x3ff, 0xfffffffffffffffe, 0x9, 0x0, 0x2d26, 0x9, 0x0, 0x0, 0x9, 0x4, 0x8f0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x1, 0x80000000000000, 0x80000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x7fffffffffff, 0x9, 0xfffffffffffffffc, 0xffffffffffffffff, 0x10, 0x4, 0x2000000000000000, 0xd, 0xc, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffffffffff9]}, 0x1fe, 0x82)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000080)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x800)
r4 = socket(0x2, 0x3, 0xa)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(r4, 0x0, 0x10000, 0x0, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/orangefs/slot_timeout_secs\x00', 0x102, 0x0)
write$auto(r5, &(0x7f0000000480)='7\x00\\\xa0\x04\x9c\"\xa9Nd_\xff\xa0k\xd8\xc9\xba\x00\xb5\x89\x8cg\xa84\xd8D)\xfdcR8\xdb\x98\xc5\xd7\x94\x94\xda\xc0r\x8f)\xbb_r\xac\x98\xa2k\x9bu=>\xce\x8d\xa2\fZ\xfa\x0f\x87R\xf7\x05OA\xfak\xba0\xab\xe1\xffm\xf9t\x012A\xc8%H\x88\xaej\xda\xae\x1dO\xd7\x88?\x19\xf3\x068\xb4e\xb5\x93\x9a\xb9|Kh\xc2d\xda\xb7\xe5\x1fb~8\xf2q\x0e\x98A[\xbb\xa9\xdc[8\xfc\xc6\x9f\xa3\xb5\xdf\x1a', 0x84)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000884)
lstat$auto(0x0, &(0x7f0000000180)={0xe, 0xfffffffffffffffe, 0x100000001, 0x1000, 0x0, 0x0, 0x0, 0x200fa98, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffffff, 0x5, 0x0, 0x7, 0x4, 0xb})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r7 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), r0)
sendmsg$auto_NFC_CMD_SE_IO(r2, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="00032abd7000ffdbdf251b00000005000f0007000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8014}, 0x8880)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
execveat$auto(r3, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)=&(0x7f0000000400)=']:\\\xcb[@\x00', &(0x7f0000000580)=&(0x7f0000000540)='nfc\x00', 0x7)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)

41.94965372s ago: executing program 0 (id=2818):
mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="02ff0000090028706e5dce93d2197be347d282ef9671b21c3c37556e5240d42ab58dc8e65f00ae00"/55, @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf2503000000080003800400118012000100898771f1c19f17790485908288470000"], 0x30}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r0 = socket(0x10, 0x2, 0x0)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES64=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x40890)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram0\x00', 0x16f300, 0x0)
sendfile$auto(0x3, r2, 0x0, 0x400000000006)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32, @ANYRES8=r0], 0x1ac}}, 0x40000)
r3 = mq_open$auto(&(0x7f00000001c0)='\\*)A\x00', 0x8d8, 0x6, 0x0)
mq_notify$auto(r3, &(0x7f0000000180)={@sival_ptr=0x0, @raw=0x1, 0x1, @_sigev_thread={0x0, 0x0}})
r4 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
mq_notify$auto(r4, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
fcntl$auto_F_SETPIPE_SZ(r4, 0x407, 0x1)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)

40.589780549s ago: executing program 0 (id=2822):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
capset$auto(0x0, 0x0)
capget$auto(0x0, 0x0)

40.178352643s ago: executing program 0 (id=2823):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCMBIS2(r0, 0x5416, 0x0)

39.969213088s ago: executing program 0 (id=2824):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a)
ioctl$auto(0x3, 0x89e0, 0x38)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x141401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r3 = prctl$auto_PR_SCHED_CORE_CREATE(0x5, 0x1, 0xffffffffffffffff, 0x3, 0x1)
ioctl$auto_IOC_PR_PREEMPT(r3, 0x401870cb, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r5)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, 0x0)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000500)={0x7, 0x0, [{0x40000010, 0x2, 0x6}]})
write$auto_msft_opcode_fops_(r3, &(0x7f0000000140)="91eb227ca9116c3b2c93cd04ed84e7dd138cb90d19ba75c2d702dabdbb38f09892131a87758eb5a56d2d9cb3d448b1bdd549e5f4950b546d9ead1fdd351e831b7db1315350011a3de0f7e3b5db", 0x4d)

39.748139395s ago: executing program 2 (id=2825):
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000002c0)='\x00\x80\xccY\xb98ofe\x81\x1f\xacx\xdee,\xa8\x80O\xc0ak2*\x80k-\xfe\x85uj\xf57\b\xd5\x11\x0e\xcfB\xc7)\"\x1fQ\xf3\xfa\xaf\x90t\x1e\xa4@\xe9\x9f\xd2\x8aW\x14\xf8\v\x89\xff\xd8nZ\x00\xe3\x9ci\x8f>K[$\xcbx\x17M\x12\x8a\x10\xe0\"\xd2', 0xf, 0x0)
chdir$auto(&(0x7f0000000380)='}[,&*}\x00')
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
unshare$auto(0x40000080)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'team0\x00', <r3=>0x0})
bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x200, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0xfffffffffffffffb, 0x0, 0x3)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
ioctl$auto_SNDCTL_DSP_PROFILE(r5, 0x40045017, &(0x7f0000000180))
ioctl$auto_HPET_IRQFREQ(0xffffffffffffffff, 0x40086806, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='\\@-,@n', 0x60)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28200, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000001c0)=""/234, 0xea)
prctl$auto(0x1003e, 0x1, 0x0, 0x1, 0x8)
write$auto(r0, &(0x7f0000001380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xfc\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\r&\xec\xb8\xb1Z\\\xc9L\xb2\t\xddbH|\xffGP\x97)\xb9:nqn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc$\xa0\xa5\xce\xca\xe1P\xf7\xe5_\xca\xd5\xd8\xa4g_\xb1\x88\x8cAJS\x11\x8b\xd1%a\xe5DPk\x8c\xf9\xfb\xe0+\xdb\x12\x10.F\x00\xc37\xc7\xbf\x80\xbeu\xe1V\xb2\xc5\xc9\x1a\xc7\xdc}!\x10\xb1\",1%\x0e\xeb\x15\x15me\xe1a\x03\x18{\xb03+\x93*vB\xc6\xf1\xc6\xff\xbbt\x04!\xb6\v\xde2\xc9\x89#\xbaR\xee\x13jF%\xf2\x15\x9a\x82&\x89o\xa9\xd9\xbfFY\x90\x8c\xa0\xe4\x9d\xa2\xcd\x9a\xb5TC\xc4\x9d\x9ePb]\xaa\xc7f\x06N\xc5\xfa{\x02Y\xae\xf4(\xaa\x06);{?\x1e\fu\x19b\xdf$,\x01\"\x94\x00\x00\x00\x00\x003\xcfZ\xaf~<\xba\xb7\xa03\x8c\n*krS\x19Q#\x8f\xfbW\xad\xe0\xb3o\xcb\xf7\xda\x87C\x99\x1a\xa8\xc1\xe3\xc6%\xac\x01@*\xa0\xc4\xedn-lT\xe6*?\'\x9dW=\xa7\x03\x06\x83 IT\xa3\x7ff\xb6\x95\xe5\xd2\n\xaf\x87`\xce%\xf6 &\xa7M5I\x9c\x17h\x8c\xa4\x98\x16\xe0\xd9?Y\x7f\xf6\x85_{\xfd9p$B9_\xd8\xf4\x0e\xd0\xfa\xe7\xb0\xb8\xa0\xd7\a\xff.\"\x81\b\xb0\xb4\x84\xac\xad\x1b\x93~_\xea\xfe7\x03\"\xd9\x1d.\xe5{bHX\x14\xa1\bO\x03[^\x85jP\x89\t\x06GI\xb7\x99\xb2zZf\xc8\xd4\x8d\x1c\x1e\x03\xb9\xa7Nt\xae\xfff\xf9\tx\xae\xa8\x05\xb14\xc6\x9b\x1f\xd3\x01#\xc6\nb\xd4\xb4\xc8?\xa7\xe2R\xc1\xcf\xd2\xbc\xae\xd1\xc2\x88\"\xf3\xf0\xc0uQy\xec\xfab\xd6\xcd\x16)\x19*E\vm\x8d\x1bG:\x80\'pJ', 0x4100000a3d7)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x101000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000000100)=""/184, 0xb8)
madvise$auto(0x0, 0x2003f2, 0x15)

39.626388969s ago: executing program 0 (id=2827):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r0, @ANYBLOB="08002cbd00000000df254400000004008b00"], 0x18}, 0x1, 0x0, 0x0, 0x24008000}, 0x28014) (async)
madvise$auto(0x0, 0x8000000000000001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080) (async)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, 0x0, 0x0) (async)
open(0x0, 0x595002, 0x408) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
r2 = socket(0x2, 0xa, 0x1)
r3 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1b, r2, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xfffffffffffffffb, 0x8000200008011, r3, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mseal$auto(0x0, 0x7dda, 0x0)
mmap$auto(0x0, 0x400008, 0xdd, 0x9b72, 0x2, 0x20000000008000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11FCSErrorCount\x00', 0x100, 0x0) (async)
read$auto(0x3, 0x0, 0x8) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
unshare$auto(0x40000080) (async)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) (async)
time$auto(0x0)

37.29244199s ago: executing program 0 (id=2830):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

37.279383641s ago: executing program 2 (id=2831):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x1000000000008000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0xa0202, 0x0)
sendfile$auto(r1, r1, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x1, 0x1, 0x3, 0x16, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0)
ioctl$auto_MON_IOCX_GET(r3, 0x40189206, 0x0)

34.607825856s ago: executing program 2 (id=2838):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test\x00', 0x20461, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
pipe2$auto(&(0x7f0000000000), 0xda1)

33.354728783s ago: executing program 3 (id=2841):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x1000000000008000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0xa0202, 0x0)
sendfile$auto(r1, r1, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x1, 0x1, 0x3, 0x16, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0)
ioctl$auto_MON_IOCX_GET(r3, 0x40189206, 0x0)

33.279403196s ago: executing program 4 (id=2842):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCMBIS2(r0, 0x5416, &(0x7f0000001a40))

33.176301418s ago: executing program 4 (id=2843):
mmap$auto(0x3, 0x80002020009, 0x7, 0xfa, 0xffffffffffffffff, 0x400)
syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff)
setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x15, 0x80003, 0x1)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(r1, 0x0, 0x10000, 0x1ff, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x11, 0xffffffffffffffff, 0x8000)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0xffffffffffffffff, 0xffdb, &(0x7f0000000140)="84f293f075860930e10ea7a91b932b75a966fdd78c3ee8d4f3e1fd2223afc3aa595d79e55fc22d153cb61199a9b47a1f76fe494eae28a6c1d4f9ebcaad76850428544684000000800000000000000000", 0xfffc)
io_uring_register$auto(r0, 0x0, &(0x7f00000001c0)="adcad60f3fbcc0eb20182113104e74e294e6bd20324dea345bbafdbd21f0d1d18d498bdeb549c2d51d68318a30b5d3f1185c222f0061949db39fe6404d81117cd5ee3cc29d3ec105a33bc58d9555f8ba099005cdcc235ade5d75c9211d5315d8dbb00db1f50bcde9cd7794314fb2b68d087fc20cced82f9dbf7260f1e9298d6c42b97d1c303682fc24ea152ab00fac34040926c37676a2", 0x5)
sendmsg$auto_CTRL_CMD_GETPOLICY(r2, 0x0, 0x0)
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x24008850)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
preadv2$auto(r3, 0x0, 0x4, 0x3, 0x2, 0x2e)
ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000)
socket(0x15, 0x5, 0x0)
prctl$auto(0x0, 0x2, 0x4, 0x5, 0x7)

32.195711741s ago: executing program 4 (id=2844):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0x10, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x0)
socket(0xa, 0x801, 0x106)
read$auto_snd_ctl_f_ops_control(0xffffffffffffffff, 0x0, 0x0)
r1 = socket(0x10, 0xa, 0x3)
bpf$auto(0xff, &(0x7f00000004c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x5, 0xffffffffffffffff, @relative_id=0x4, 0x5}, 0x3fc)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x700, &(0x7f0000000100)={&(0x7f0000000580), 0xfc2}, 0x2, &(0x7f0000000000), 0x7, 0xa502}, 0x803}, 0x4, 0x8)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1938f4e799cc0e09beb23791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0xc0}, 0x20000040)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
socket(0xa, 0x3, 0x3b)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x141000, 0x0)
ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, 0x0)
socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000000080)=0x6)
semctl$auto_SEM_STAT(0xc7a0, 0x80000000, 0x12, 0x0)
connect$auto(0x3, 0x0, 0x58)
r3 = getpid()
process_vm_readv$auto(r3, 0x0, 0x800000005, 0x0, 0x2, 0x0)
prctl$auto(0x3e, 0x1, r3, 0x1, 0x6)
r4 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/user_power\x00', 0x60a40, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r4, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

31.55933601s ago: executing program 4 (id=2845):
setsockopt$auto(0x3, 0x10000c7, 0x26, 0x0, 0x40fd)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0)
write$auto(r0, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1)
ioctl$auto_FIOQSIZE(r0, 0x5460, 0x6)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, r1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x252, 0x2, 0x6}]})
bpf$auto_BPF_OBJ_PIN(0x6, &(0x7f00000000c0)=@raw_tracepoint={0x6, r3, 0x0, 0x240000000000000}, 0x7)

31.550742799s ago: executing program 3 (id=2846):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cpuacct.stat\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)=""/163, 0xa3)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/kernel/cad_pid\x00', 0x242, 0x0)
write$auto(0x3, 0x0, 0xfdef)
r1 = socket(0xa, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000180)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0x4, 0x80000000}, 0xb}, 0x1, 0x3663f3c3)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_SURVEY(r3, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000000)={0x14, r2, 0xf01, 0x70bd2d, 0x25dfdbfd, {0x32, 0x0, 0xec0}}, 0x14}, 0x1, 0x0, 0x0, 0x24008004}, 0x20048840)
mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
r4 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r4, 0x6, 0x17, 0x0, 0x2)
getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_LEAVE_OCB(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000000c0)={0x68, r2, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MBSSID_CONFIG={0x34, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0xd5}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x2}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8, 0x4, r5}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x6}, @NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX={0x8}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0x40}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x3}]}, 0x68}, 0x1, 0x0, 0x0, 0x4008000}, 0x40000)

31.434733667s ago: executing program 4 (id=2847):
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000380)="7a47301037954c081c9a0bb84bb7b04ef84993eab91abe1686f43e43d786e964e8f04455bd620de9f3fb6d65e6c078c1a672c549dbc7876cb528ba081a81d884bfc00dd4eef57cedc0cc4156ff6a5b0aa8ba9511fe2b07c6e7f4732fe36ba218aa5b0ff402f2e6adb8ea60886c1e52c60d7d87e4c0551386501763ad098eb2b9602f83b2a643399f10dfdb0f4018b401be4db675d0acf8d348c26acf338cbe20fcb76439ca602a3c022f4463a8820f1c6f865d24e058af98f0c48bf552c3f6cc28c09d9054347db3c28701c67fa1e57d81b881638b518dd8e24969b7fd10406fcf6eb9bb66bf56ed7568510c72b380fa6efbca845bde90f7672708000000000000003513")
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x6, 0xc, 0x0, 0x4)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
write$auto(r1, &(0x7f0000000080)='/dev/audio\x00', 0x80000000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)=&(0x7f0000000340)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\xbe\xb2\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5', 0x0)
mmap$auto(0x0, 0x2020005, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2b, 0x1, 0x0)
sysfs$auto(0x2, 0x100000000000011, 0x0)
r2 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0)
fsmount$auto(0x4, 0x0, 0x200003)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r1, 0x80045017, &(0x7f0000000180))
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
ioctl$auto(0xc8, 0x800454e1, 0x5c8d)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x8080)

31.379080822s ago: executing program 3 (id=2848):
r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x101401, 0x0)
ioctl$auto(0xffffffffffffffff, 0x6, r0) (async)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci4/force_devcoredump\x00', 0x6c17e777a72615f, 0x0)
write$auto_force_devcoredump_fops_hci_vhci(r1, &(0x7f00000000c0), 0x0) (async)
timer_create$auto_CLOCK_BOOTTIME(0x7, &(0x7f0000000240)={@sival_ptr=&(0x7f00000001c0), @inferred=<r2=>r1, 0x200}, &(0x7f0000000280)=0x3)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, 0x0, 0x8) (async, rerun: 64)
r3 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async, rerun: 64)
io_uring_register$auto_IORING_REGISTER_CLOCK(r2, 0x1d, &(0x7f0000000440), 0x7)
statx$auto(r2, &(0x7f0000000540)='./file0\x00', 0x2, 0x9, &(0x7f0000000580)={0x3, 0xfffffffb, 0x81, 0xfffffffa, <r4=>0xee00, 0xee01, 0x6c3b, 0x4, 0x2, 0x2, 0x5, 0x86c, {0x8, 0x5}, {0x3, 0x9}, {0x3, 0x47f}, {0x0, 0xfe7d}, 0x1, 0x3, 0x4f, 0x0, 0x6, 0x100, 0x6, 0x100000000, 0x4, 0x3, 0x8b, 0xddc2, [0xffe0, 0x0, 0xfffffffffffffff0, 0x0, 0x3, 0xba, 0x4b0, 0x0, 0x1]})
shmctl$auto(0xb7, 0x4, &(0x7f0000000840)={{0x7c, <r5=>0x0, <r6=>0xffffffffffffffff, 0x5, 0x100, 0x400}, 0x7fffffff, 0x1, 0xfffffffffffffff7, 0x7ff, @inferred, @inferred, 0x40, 0x0, &(0x7f0000000680)="6963bb1650baa54263497dabf7500c77f04ad274fdf080ebccf935b58413fb01d9e95fa54aacfaf29723e2de275fa60fb580c19a5f7d4dd59cc4227ba596a05f374904657c4f204168efb001c03ba4b9b87e0e800ba089cde51a6faa9adfe44e6eb4f9ce2d2857e2ea8659c683af09af2fe3ea98c7fb9cf336ac992608e8aeadf5b4a907a40d49bff0f34ef666db2f2b359a33640dfa2affab5b0478ca7311bda7d188dd31b5589526c7d72abb9964dba04f72f9533a58ad4269c92fa7a958b9cbcacbae84ddd33da4a27b63", &(0x7f0000000780)="791d57f3c0ccac8ca2e6809da6e6f5d3be03a87e71d1695b53d14ba7bef3f58e451eb7301198dceb4144837d13bd1466a56c00656be572b2ef676c00838e49860f"})
keyctl$auto(0x2, 0xee00, r4, r6, 0x101) (async)
fsconfig$auto_XFS_DAX_ALWAYS(r3, 0x6, &(0x7f00000008c0)='/sys/kernel/debug/bluetooth/hci4/force_devcoredump\x00', &(0x7f0000000900), 0x1) (async)
r7 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001900)='/dev/sequencer2\x00', 0x2c0800, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r7, 0x5404, &(0x7f0000001940)) (async)
r8 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/snd/midiC2D0\x00', 0x100, 0x0) (async)
ioctl$auto_SNAPSHOT_FREE(r0, 0x3305, 0x0) (async)
getpriority$auto_PRIO_USER(0x2, r4) (async)
syz_genetlink_get_family_id$auto_nl802154(0x0, r2)
sendmsg$auto_NL802154_CMD_ASSOCIATE(r2, &(0x7f0000001cc0)={&(0x7f0000001ac0)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async)
pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffd8ef, 0x3, &(0x7f0000001d00)={@_si_pad}, 0x8) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty1\x00', 0x200000, 0x0)
connect$auto(r8, &(0x7f0000001d80)=@llc={0x1a, 0x108, 0x9, 0x9, 0x30, 0x7, @remote}, 0x5) (async, rerun: 32)
ioctl$auto_SNDCTL_MIDI_INFO(r7, 0xc074510c, &(0x7f0000001dc0)="7f9a3bd7f0847b10fa1e07552affaef2905d516040c18b10d1dd8b4520d5f75f7bf002b5790872ed2945a071b7631232706d4f90353d67eeb929a707897b0362d9337d4915056cba2b6ce5b8b0b48d4e5bac0a7af28569d95dbd5e33943deb2522f5f38b07cba3dd914586cea4be5d34df52f0c89ad918516250e9c088f227e9c3e044c43b627e72c7fd06af11b4227bf0b1db460823e5f9445dcf08b3872422c52c26cf52c6e4ac9384be0813a2fcf311e0674c56786f104d9c128cf878809ea173eced3e2af7d1c8d58ba9b6d50af7c76f11c519ca9eceb9d1cb90d9f38e09e510bdef8fcbce98cbe8ab60b16096aafa78caeb33232762ddddf01c61d0a552e266a2c63d31ae4a383ebd2fd1bfcc7fb4a951c2c207fd24dc56435cbcf88f6315bf23d09013ff44652374b9359e65703d33c3f2979b5d9aecd2576336fc2d143af54c2db08889e04a0d0675895cb00c9e8ce7d1edc2059ed4f1df7ddea4fc176811d7749447b5f5b9b92d5eab2b57b9938143834fbe6147abbda897c52d6b1b52188ee2351638ccdc6b877cd265aaa3edf492f94a0a61e4a31a80b45f33770dbf548849953d59af92a0e04ce350207f7e7fed79168d71f882663f873b4ddfb81117a44fd943f57d8af2339bcf5daf69eb65832f53f50d5023c3a0aeed7da6cbc3d83e4d9859cde3eee14b094096a27c014dd5034c728b00640ac45651330ab68c7b050c56de85b9c10dceda9b4ac8cc483ec41a8dd9eaac26e99ffc85d54e3b5f8f6de428b024f7d807a291d126ce55d2c0d768e00173207021d98c5d88fd9194391e275f1ea8c53c389fd4f5e814edab1d35298a3651195af43b4446dc0e2fa6d963d75569d300bddb47097d8c978d75ba711836205886d245fe4d34a28bd3aa9536bd8cc2ab8b8d4b2e5ffad75fdb89a1a9c4209d05f1f5837311f7d6c883d76a3da8ffb7c48d5088d33168ed81d2b9c9cf7acefe16b66df0d3748ace764274710bf444b96a023e0834e4469881bf0b02df3e29f19557ce73b3bc8df746734a3029bf91d268d44e2a73b26310f8977c9e1f46707d521240bee9ff9164b967a9281c28ca311e1e852313d7f94e271c97f3c85c84c6eed355d39ac6531ce8693f352b024484abb282b19355d18fcd15ab715487afc77fdec9a3977c855f30b4658fb06734af993e081b818aecf433f8095e25524a868186a22d5500a59b3af6534ee3725b39808a5818230c03125cc3d9f89b26df528db056003804020cf0ad4c988a022b3564bdaa47fe33ec9912c8076d87ce58e95d985ee5ae655b28ec9ad1d6ce5a4daa7e4ffefcf9fd6da7e26610be3b2b6b0555987f2f06b2d56504eae4903e63c184f4d06f9a4e7fa0e18809c4b7f45bb3a60116bfe79ffa11b2b4d3d89ae4155561bd71c356ef8521389b3367dd2a74c9f3b60befcfded2e6db1db8ec05e7b483ca2de4b2200bcd50b1e337e796a132b53c2aa184c5ab4e25d80638343b43a19f7a4479c6896f69240286d4cfc3647ff852d5cf76226081d3785b90eeeabeede07caa6ebf15add81227dc31013a93fcd9c0affe48cd72d3bef7aabf730f6b7b30d03f42937107f14a6e6783341868704c45e6a674f714a8e2514ebc5246dcc4d7034a66b7f892092bd062c26d23016b039e55d5df83d35bbce92ba6022695e7ec01ae9ad1fdbaa44e701597b806ff59909fc4d84339403fd97cd7893f749691943e051274c739833e6cf279a556a87483190bc6156ee882212cb5329ffa75811d5f318f61ee479ad1718e3d75815e05b25a53b3f53767e75ce9bc729da485292b8e800794c30047bf67add682bb7fb6b39a809ad58695959bc6f457a9f38be6ec203f69a9b9a9f1e7a798123a14796c9334d112ec7945fc616a75d004f982f651612623f9e9d5c491cc10d82e0d312f6a338eeb2da9153e3ccc8f865a1d625e2ef8de34225ba56b21e51341b33c6cef421ea395162d375a0d33d8a7b85f1aacf4f8f86858084de637af67fa2da7ce8c8c56e1130a4f7417695b84c7521d8a361a9ddd5ef0610dbf50f0e135052778df6d6e8751c726fd603f886669e59b795a9311291cf167464352363fb081db9a75e322ee5b13accb3b902f1a3e122f58d4aae8d7b50e13a2d51c34f5bc9f27c9cd6a7bf790751054a3c3be0c5f1344dcabaf30aa51afee34d48f3e4fcc31d9cff12e812600379a75d6acc4529267c01f413aa76af0352305357723d0b80f9d4e3e8cee36ff5049b3bba39b7a70ac1e29cece50a69568dcff6635fc9ddcae2e6d4ce9076c16f2d8bcbb9fae84fcdd16c1b4f99818410c387666ef2003771cfb50189b589963facdaaca43281d487df6dd0c6a86986a1f85975c5d9307a76b1ddf13ffcac76e8bb989215f924055e4ec94ae0837c5a129b727873f468d8502e61a64f6c99c252b6334ccb6faaf554471a3a8b0adb01bc2cf1748cea70c9a814d0cc6a079b79e14060f2995a1f291f75ea072792e88a653a5b6f60cf2f18762139a5c73ffbdb738e16f5fbf47dbf7e2340eb5cf1915c88d2fb5a313d855c466139d6c4a7309ed8bef2e0e5066c88f40c86a642f33939bc7701eb3439f3df7e81035a25b456e7f5f1ea627612d556fb3841e6c9dbe7e98ee97e4852c31d9eff20a23db2921049bcdd0c45b50f16f3b81345899da6a0f01d9f21f7b234d8507b85dcc744f7a32edc8a1ce112ce478ac6aa7e23d38dac2431da3be9171dc3a575cf66371403b9984e36482f8c6d2640ca1ed13307425edc157607e1bed6f6a6e63151cffe19722f24b3ef56353cfcce7a36544495cd5febe81d1ce56b1ca3c6392b061e6c75443c749fa2a257ca64fc5fa9cfa00be98e110a662ec47d9fc9b2038c5ea2cc85b4192f5c8bc205290ba44a5ed4ab5fa505dae1946a1bf4fa17ce11f5a147c23566adcee8b90f42c79423b60e06e307d748ffa55d23281458f16496adb3d4d861e8fa64892acafe35ddd4f2641e5df8b33fa7c9301f3c35b56e9f5967c5289e7944ef3a9433aa7443991ec34ceb6d30cd373b38a01a4539aa0bda0145125861a016a469b4ec9cb4075e0edc8d79e061bb96b6811ced64535fc9c874ab9e66f2c6fd9128dd15e622dec4ce77685c532c2e7d10261e2cbb7f564af123b0f3afd38e13cdf99131c1eca726c488524ca1597f9d92f2bc1a4e5845746e9e3f47de0a2f638f88b2c9c127ecf13b95a70bccb6c5fbe624de05687b9834ebae2daaff9cb86066cca2f834bda1952800dcc73f3648efc6a4a1c50fc66df16bc2ac052407f967689124d1258bafff6c152c303c529d4712cab06d35e9c3814c4896ca60eaa3512a40064fbc72237210ea70b4db77c0fc4e34bfe89b8a2d4e54063c19e58df49ea335d0361b20b364ecc2aa43121a3fc5ddc235ee64d8099fdf800d13b014616c1ffa3b810f5ba6230fe687eb555baad9d31b6ba020c6a7d6dc8fefd7af94b8939ca86b8f538728b6c4f0c6926842eaa08c7aa71568b9406dc3ef29a61ee54c6839ed2253e1ca9649f304793a8156747e215d2b88f3f6b507924a551991990cae6a1d0f9d3d1c9fc04b191c632b6ba6439559c4abd0eeeb9266fb0bee1fd0706e4a1c7cfd91c5a1d90f0a8f60b241fb8475ecd494a70bb4488b59529cc558b868147a93f80a4cb33c7ba226f09ae167e55f85be0a4c422f7628972b3a9ca196d9cba27d52c4f05ebfd0f61846d65a78b46b806edabd4c4be585ad392371612bda2baac081edb485c198a2ead7698a93df8037affc3b05388176d273f2055770dd94b67b35312c7c3d55ed86e02b975d61016d1d5395585d0ab9bd9a6cc3c744a54e5c46369e56a48cd940ae3dd052c4606cccc7a7b508e5c8002cb5ff30d187d9db10ae4199bc526f3100da86d6ec1c87a0da07679d9bc6605b3826c1ac216d18d7e649c84cfb54c3d41fc4357b5d2fb33f86fa73f09ce65844f6b77355e269476c626fbadeafa3ba09df575f0a3e5d80845849287cf800930cbffe2f343055c98e172e96715e3288d0dda603f634e64b6ac094d2404fc121caaae9f4faba54f76e024f7f3229336b0bcf92e7e1629d8d0e99b7d5de5d354a5dfe9107e38ebaef811e8893985ed173e652746859ba40f28ecd6fc0485ba5f19434a80eef52f20c70a518c577daf4a496a302a044a2ae93a84523a12ef4adb875eca7f7dacee887a117acd9d5c8da6df53a6275d484c382da0e34d1b0bba4f893155a83bbd4f177a64d02d2d8787dd28aaa6fd80960a7559c00ff1329934c31ef3e248a9b48482c71dc5b16c333bec656d3238c2d570b303443966a8ef4d22143b3f763da33f0cc6b9b064dfb2943ab491b891fb63082e5b20387d8641f1d77a9338576445696877da6bc3af3033203a775fa7f75b8be8726b9a0128d3655c4d325e7479cf2e350586a6dd1eee0100c3ad70e056090fdea5132be205e1dcbaa5617bda2c861c0d7997b97599b70364444dd6f4359df0330cc55a33faf5ca76cdd48ff39c11222557d12c56a1cfb881193bb3542e0573841822ebf5517a7412d3bc1ddaf41eb8c7a4615a7f8a17db47eae8e337e42438354081ff26a1621ae501b2e5dd3d7006eef2d9a802286468d3d9b7dfcc41e5fa481bf46393dd800f9f4a50eac753f8a4e3c1c0736203f95d0a21f761e4011f8a959899f3ff06f104e7873f14ff74361fc599c7a7a24c12381bb71f1e1d7b6aea45d992342cb56e0f143c80f0ac9f14e0a5df660552184b68e4e8873ba5c5260de3751851e59c6b9738d4bce4796a0e2c1966d6071ed1de1fa39e4976b6294ccb612e752ee6e7ec53864f2f25a63e7c9d86a5cc0ed8cd001c7d579ad76b7e115e2453fe2a41441ac0342f432fc9383afa89147eaec148dd1d5783a834ce56ea75d8d2611f515b9de1d52cc7db0200d454ea653d19de18e4b025cfcdeb9cf01ef688b140dfb7645e6c8027d3f9616fcfd23046280a38ab8f79594b28f96b79e27f2fdbc9d6ad87e3c381172437cec27105c1536c81ba108dcb59097b7aef117de1df6814fb86524dd5e469eb76de91f0a705a61366905b9498e33b2d667248c16f4c657c14c3ae0761c14d0cc75adacb8164a9a9c061b33c4c38bfe37d7042aa8a3966ee5838ec4d0f86d7cad0e55949a8d4003bc9bd19d858fda606f4a74fdbc1305e9f3db00e1f0133deddbfb35a6958911bdeda0e987b26081708c0210947aaf9a7de49951abed897108ff23bb0e87ad6febfc1d971773afbac8feb2725c4226cf4ae80d794ad3a6b8ae11cae9e85207b5f783f3d3f5d9da5839da8310c0fb2f9fe911f1fc0f59e55864aa817220d2c70206ab5796e68c2b0cefdc72eff5f02dff5a05b052d7605472dda1b957c9b08d6010820777d4065dcbdca7966d336f61ee43e62d234859f9e1526566e0dc9458641c393869e2d95bfcd4c225a03c925e886a63908f3767a9996210ba4e24faf62260e7f3d2716da3b792cd9093fd5149c590c3c9ee2c3dc9688aaaad069e78e4cfada515b314957307d39afd105e4df416df43ad0ae1ebfe03cba0669de6ea05af706428ac2463ab853fdfa3b1e44ae31244f0b8f7da8") (async, rerun: 32)
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000002dc0), 0x0) (async)
unshare$auto(0x10001) (async)
openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000003ec0), 0x200200, 0x0)
shmctl$auto_SHM_LOCK(0x9, 0xb, &(0x7f0000004100)={{0x3, r5, r6, 0x50d, 0xc2, 0x4, 0x890}, 0xc0, 0x7f, 0x10000, 0x9c05, @raw=0x400, @raw=0x6, 0x4, 0x0, &(0x7f0000003f00), &(0x7f0000004000)="d155352dde7595f9c1f0ad1cd6b3de52357cd95974a3d536"})

31.102931375s ago: executing program 3 (id=2849):
mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x90, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x0, 0xee01, 0x0, 0x3f8)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0x20000006)
mmap$auto(0x40080000000, 0x7, 0x7fffffff, 0x8010, r0, 0x400000087fc)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D0c\x00', 0x80042, 0x0)
mmap$auto(0x0, 0x1, 0x400000000ffb, 0x8000000008011, 0x3, 0x81000000)
openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0)
prctl$auto(0x3, 0x1, 0x0, 0x5, 0x10004)
r1 = open(0x0, 0x840, 0x0)
ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
mmap$auto(0x0, 0x6, 0x80003, 0xeb1, r1, 0x8000)
getrandom$auto(0x0, 0x7, 0x4)
ioctl$auto(0xffffffffffffffff, 0x4b67, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x280442, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0xfffffffffffffffe)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'wg0\x00'})
syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000000), r1)
sendmsg$auto_WG_CMD_SET_DEVICE(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200480c4}, 0x4000000)
fsopen$auto(0x0, 0x1)
recvfrom$auto(0xffffffffffffffff, 0x0, 0x2, 0x300d, 0x0, 0x0)
pidfd_open$auto(0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000140)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x4814}, 0x2400c850)

30.873936999s ago: executing program 3 (id=2850):
sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, 0x0, 0x844)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
memfd_create$auto(&(0x7f0000000000)='\x00', 0x8cf)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(r0, 0x0, 0x6, 0x4697)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x4a901, 0x0)
openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000000c0), 0x8c02, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0xfffffffffffff000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x2, 0x3, 0x6)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r3, 0x0, 0x400000000006)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
recvmmsg$auto(r1, 0x0, 0x1, 0x8, 0x0)

30.26462171s ago: executing program 4 (id=2851):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

29.410270925s ago: executing program 3 (id=2852):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

22.110671704s ago: executing program 33 (id=2830):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

19.600827799s ago: executing program 34 (id=2838):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test\x00', 0x20461, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
pipe2$auto(&(0x7f0000000000), 0xda1)

15.266459905s ago: executing program 35 (id=2851):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

14.257471448s ago: executing program 36 (id=2852):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
ioctl$auto(0x3, 0x4020565b, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r5=>r4})
pipe2$auto(&(0x7f0000000000)=r5, 0xda1)

10.768308276s ago: executing program 5 (id=2862):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x1000000000008000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/netfilter/nf_log/6\x00', 0xa0202, 0x0)
sendfile$auto(r1, r1, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x1, 0x1, 0x3, 0x16, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0)
ioctl$auto_MON_IOCX_GET(r3, 0x40189206, 0x0)
ioctl$auto_MON_IOCQ_RING_SIZE(r3, 0x9205, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/032/001\x00', 0x8202, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001400038010000e800c"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0xc800)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000306b87000fedbdf250300000004000800040003800c0016"], 0x28}}, 0x4c810)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0d566b3dd008e4edd96502"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8)

8.483863503s ago: executing program 5 (id=2863):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = prctl$auto_PR_SCHED_CORE_CREATE(0x5, 0x1, 0xffffffffffffffff, 0x3, 0x1)
ioctl$auto_IOC_PR_PREEMPT(r3, 0x401870cb, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x0, 0x0)
openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/1:7/wb_stats\x00', 0x2080, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r5)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000104, 0x400, 0x4}]})
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000500)={0x7, 0x0, [{0x40000010, 0x2, 0x6}]})
r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x8c53, 0x0, 0x5, 0x0})

8.155119051s ago: executing program 5 (id=2864):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
ioctl$auto_TIOCGDEV2(r0, 0x80045432, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0x8, 0x0, 0x4000006)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x52)
write$auto(0x3, 0x0, 0x5c8)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
statmount$auto(0x0, 0x0, 0x1fe, 0xf)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008004)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(r0, 0x10000000084, 0x8, 0x0, 0x1)
getpgid(0xffffffffffffffff)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x414041, 0x0)
ioctl$auto_XFS_IOC_DIOINFO(r1, 0x800c581e, &(0x7f0000000000)={0x9, 0x0, 0x63a})

7.490676472s ago: executing program 6 (id=2854):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
read$auto(0xffffffffffffffff, 0x0, 0x20) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x140082, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x3e) (async)
syz_genetlink_get_family_id$auto_ipvs(0x0, r0)
sendmsg$auto_IPVS_CMD_SET_CONFIG(0xffffffffffffffff, 0x0, 0x800) (async)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async, rerun: 32)
preadv2$auto(r1, &(0x7f0000000280)={0x0, 0x80000003}, 0x6, 0x3, 0x4, 0x2a) (rerun: 32)
ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x4, 0x9f, 0x8000000008012, r2, 0x8000) (async)
mprotect$auto(0x1000, 0x401000, 0x4)
mmap$auto(0x1, 0x202000a, 0x5, 0xfffffffffffffffb, 0xfffffffffffffffa, 0x402) (async)
mmap$auto(0x0, 0xa6e, 0x8000000000000001, 0xeb9, r2, 0x7ffe) (async)
r3 = socket(0x2, 0x801, 0x106)
getsockopt$auto(r3, 0x11c, 0x1, 0x0, 0x0)
mmap$auto(0x4, 0x200000000a00006, 0x2, 0xffffffffffffff91, 0x602, 0x300000000000) (async)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async)
unshare$auto(0x40000080) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="920000c321b3111ee24ed1b6b34ab64e69878f08000000000000003d0cac913484d3b9058b424ef4754d43e30000000000000000", @ANYRES16=0x0, @ANYRESDEC=0x0, @ANYRES32=r4, @ANYBLOB], 0x90}, 0x1, 0x0, 0x0, 0x44010}, 0x1)
socket(0x15, 0x5, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) (async)
r5 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, r5)
keyctl$auto_KEY_SPEC_THREAD_KEYRING(0x3, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)

7.146866403s ago: executing program 6 (id=2865):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/mcfilter\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2f01, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NFSD_A_SERVER_SOCK_ADDR={0x20, 0x1, 0x0, 0x1, [@NFSD_A_SOCK_ADDR={0x14, 0x1, "5e1f970f497f9f23d63e72850177cde9"}, @NFSD_A_SOCK_TRANSPORT_NAME={0x6, 0x2, '-\x00'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
read$auto_proc_pagemap_operations_internal(r0, &(0x7f0000001540)=""/209, 0xd1)
mknod$auto(&(0x7f0000000240)=':,\x00', 0xfff, 0xfffffffa)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vbi28\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
ioctl$auto(0x3, 0x4020565a, 0x38)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/028/001\x00', 0x86100, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test\x00', 0x20461, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000080)="2d296699eb5df9d24db978ee2ae789f693d6325d33d31c0a16", 0x19)
ioctl$auto_VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000000c0)={0x7f47, <r6=>r4})
pipe2$auto(&(0x7f0000000000)=r6, 0xda1)

6.176798492s ago: executing program 5 (id=2866):
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x242, 0x0)
read$auto_sco_debugfs_fops_(0xffffffffffffffff, &(0x7f00000003c0)=""/229, 0xe5)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x1, 0x2020009, 0x1, 0xebd, 0xffffffffffffffff, 0x8000)
r0 = pidfd_open$auto(0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x1cb603, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyr1\x00', 0x80200, 0x0)
r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x600000, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
unshare$auto(0x40000080)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
madvise$auto(0x0, 0xff7fffffffff0001, 0x15)
close_range$auto(r1, 0x8, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x454502, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
setns(r0, 0x60020000)
mknod$auto(0x0, 0x1081, 0x3)
open(0x0, 0xa00, 0x100)
socket(0xa, 0x6, 0x83)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)

3.729466934s ago: executing program 5 (id=2867):
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x109802, 0x0)
unshare$auto(0x14000007f)
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0x9, 0x0, 0x20008004)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x100000000008000)
openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f00000000c0), 0x101c41, 0x0)
ioctl$auto(0xffffffffffffffff, 0xfffff7fe, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e20, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
unshare$auto(0x40000080)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0xf, 0x0)
r2 = fsopen$auto(0x0, 0x1)
fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x0, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0)
write$auto(0x3, 0x0, 0xffd8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x7}, 0xa}, 0x3, 0x0)
mlock$auto(0x3, 0x7fff)
execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=&(0x7f00000000c0)='@)\x00', &(0x7f0000000180)=&(0x7f0000000140)='\x00')
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r3, r0, 0x8, 0x2, 0xffffffffffffffff, @relative_fd, 0xe600}, 0x156)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r4, 0x5607, r4)

2.03567679s ago: executing program 5 (id=2868):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x482, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x1817c3, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D0\x00', 0x22c501, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="a8b0f970dbf751d44b77eb848257d8abe74b04508454469b7b316dacdd2fea4d2b3ae5d1826240206d721b72d00a81afd144f32745dae482575100cec3d8494835d850b04d718a27041de40233ebad62d5e66f7ab7348b672851d9916c13857ee26832eac20c7fffde36a09ce89a025cd8ec4defbe423016880835019a00", @ANYRES16=0x0, @ANYBLOB="040025bd7000ffdbdf251f10000005001300090000000800e3b00d0000000500080005000000050011000e00000008000500ae199f06d00000000005001a0002000000"], 0x44}, 0x1, 0x0, 0x0, 0x4000850}, 0x1)
ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, 0x0)
mmap$auto(0x87df, 0x400004, 0x1, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
close_range$auto(r2, 0x8, 0x0)
unshare$auto(0x40000080)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
bpf$auto(0x0, 0x0, 0xf)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x5, 0x20007, 0xdb, 0x411, 0x401, 0x8000)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0x4009, 0x8fd6, 0x2, 0x61c5, 0x15f4da0a, 0x53000000000000, 0x7, 0xa, 0x7fffffff, 0x7, 0x1, 0xa6ca, 0x5, 0x1]}, 0x0)
close_range$auto(0x2, 0x8, 0x8)
r4 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000280), 0x200040, 0x0)
close_range$auto(0x2, r4, 0x0)
keyctl$auto_KEYCTL_SEARCH(0xa, 0x8, 0x8, 0x2000000002, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)

187.116251ms ago: executing program 7 (id=2856):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lowpan0/ifalias\x00', 0xa0001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000400)='\n', 0x1)
r1 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8880, 0x0)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r1, 0x0, 0x0)

0s ago: executing program 7 (id=2869):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
bpf$auto(0x0, 0x0, 0x10)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) (rerun: 32)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async, rerun: 32)
madvise$auto(0x0, 0x2000040080000004, 0xe) (async, rerun: 32)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.export/content\x00', 0x2, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000000c0)=""/163, 0xa3) (async, rerun: 32)
ioctl$auto_CEC_DQEVENT(r0, 0xc0506107, 0x0) (async, rerun: 32)
close_range$auto(0x2, 0xa, 0x0) (async)
socket(0xa, 0x1, 0x84)
r2 = openat$auto_fops_ulong_ro_(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/ieee80211/phy15/netdev:wlan1/stations/08:02:11:00:00:00/rx_duplicates\x00', 0x44000, 0x0)
mmap$auto(0x3, 0x3, 0x3, 0xeb0, r2, 0x7) (async)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0xd, 0x0, 0x6, 0x0, 0x0, 0x1002}, 0x5}, 0x5, 0x100)
bpf$auto(0xf7fff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfaae, 0x468, 0x3000400000000009, 0x2, 0x4, 0x3, 0x4, 0x1ff, 0x5, 0xb5, 0x4, 0x806, 0xd9f1}, 0x800000a3)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x200)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) (async)
mmap$auto(0x0, 0x400008, 0x5, 0x9b7f, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

kernel console output (not intermixed with test programs):

48907][T16051]  dump_stack_lvl+0x100/0x190
[  646.948928][T16051]  should_fail_ex.cold+0x5/0xa
[  646.948950][T16051]  ? tomoyo_realpath_from_path+0xb6/0x690
[  646.948971][T16051]  should_failslab+0xc2/0x120
[  646.948990][T16051]  __kmalloc_noprof+0xe0/0x850
[  646.949008][T16051]  ? kfree+0x1dd/0x6c0
[  646.949033][T16051]  tomoyo_realpath_from_path+0xb6/0x690
[  646.949058][T16051]  tomoyo_path_perm+0x276/0x460
[  646.949073][T16051]  ? tomoyo_path_perm+0x262/0x460
[  646.949091][T16051]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  646.949130][T16051]  ? __pfx_ima_file_check+0x10/0x10
[  646.949163][T16051]  ? hook_file_truncate+0xc3/0x240
[  646.949188][T16051]  security_file_truncate+0xb5/0x1e0
[  646.949210][T16051]  path_openat+0x1c6e/0x31a0
[  646.949236][T16051]  ? __pfx_path_openat+0x10/0x10
[  646.949262][T16051]  do_file_open+0x20e/0x430
[  646.949282][T16051]  ? __pfx_do_file_open+0x10/0x10
[  646.949316][T16051]  ? alloc_fd+0x476/0x790
[  646.949336][T16051]  ? do_getname+0x191/0x390
[  646.949360][T16051]  do_sys_openat2+0x10d/0x1e0
[  646.949383][T16051]  ? __pfx_do_sys_openat2+0x10/0x10
[  646.949407][T16051]  ? __fget_files+0x21f/0x3d0
[  646.949429][T16051]  __x64_sys_openat+0x12d/0x210
[  646.949443][T16051]  ? __pfx___x64_sys_openat+0x10/0x10
[  646.949469][T16051]  ? rcu_is_watching+0x12/0xc0
[  646.949490][T16051]  do_syscall_64+0x10b/0x830
[  646.949505][T16051]  ? clear_bhb_loop+0x40/0x90
[  646.949524][T16051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.949540][T16051] RIP: 0033:0x7f9ab999ce59
[  646.949555][T16051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  646.949569][T16051] RSP: 002b:00007f9aba8d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  646.949584][T16051] RAX: ffffffffffffffda RBX: 00007f9ab9c16090 RCX: 00007f9ab999ce59
[  646.949594][T16051] RDX: 0000000000000600 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  646.949603][T16051] RBP: 00007f9ab9a32d6f R08: 0000000000000000 R09: 0000000000000000
[  646.949612][T16051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  646.949622][T16051] R13: 00007f9ab9c16128 R14: 00007f9ab9c16090 R15: 00007ffc5b3e0288
[  646.949642][T16051]  </TASK>
[  647.667992][T16055] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  648.332797][T16068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2070'.
[  648.410907][T16051] ERROR: Out of memory at tomoyo_realpath_from_path.
[  649.259094][T16086] nbd: socks must be embedded in a SOCK_ITEM attr
[  649.287747][T16086] block nbd0: shutting down sockets
[  649.329882][T16090] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2074'.
[  649.797872][T16102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2078'.
[  650.017680][T16108] blktrace: Concurrent blktraces are not allowed on sda1
[  650.295621][T16112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2080'.
[  650.548964][T16111] FAULT_INJECTION: forcing a failure.
[  650.548964][T16111] name fail_futex, interval 1, probability 0, space 0, times 0
[  650.610479][T16111] CPU: 0 UID: 0 PID: 16111 Comm: syz.3.2080 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  650.610508][T16111] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  650.610514][T16111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  650.610524][T16111] Call Trace:
[  650.610530][T16111]  <TASK>
[  650.610536][T16111]  dump_stack_lvl+0x100/0x190
[  650.610557][T16111]  should_fail_ex.cold+0x5/0xa
[  650.610577][T16111]  get_futex_key+0x1d2/0x1510
[  650.610596][T16111]  ? __pfx_get_futex_key+0x10/0x10
[  650.610612][T16111]  ? __lock_acquire+0x4a5/0x2630
[  650.610631][T16111]  futex_wait_setup+0x83/0x510
[  650.610656][T16111]  __futex_wait+0x19f/0x300
[  650.610677][T16111]  ? __pfx___futex_wait+0x10/0x10
[  650.610699][T16111]  ? __pfx_futex_wake_mark+0x10/0x10
[  650.610721][T16111]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  650.610737][T16111]  ? __hrtimer_setup+0x208/0x330
[  650.610755][T16111]  ? ktime_add_safe+0x60/0x70
[  650.610773][T16111]  futex_wait+0xe6/0x370
[  650.610793][T16111]  ? __pfx_futex_wait+0x10/0x10
[  650.610815][T16111]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  650.610838][T16111]  do_futex+0x1ef/0x350
[  650.610854][T16111]  ? __pfx_do_futex+0x10/0x10
[  650.610871][T16111]  ? ktime_get+0x22c/0x320
[  650.610892][T16111]  ? lockdep_hardirqs_on+0x78/0x100
[  650.610913][T16111]  __x64_sys_futex+0x34f/0x4d0
[  650.610932][T16111]  ? __pfx___x64_sys_futex+0x10/0x10
[  650.610952][T16111]  ? rcu_is_watching+0x12/0xc0
[  650.610973][T16111]  do_syscall_64+0x10b/0x830
[  650.610992][T16111]  ? clear_bhb_loop+0x40/0x90
[  650.611010][T16111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.611026][T16111] RIP: 0033:0x7f9ab999ce59
[  650.611040][T16111] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  650.611055][T16111] RSP: 002b:00007ffc5b3e03e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  650.611070][T16111] RAX: ffffffffffffffda RBX: 000000000009f520 RCX: 00007f9ab999ce59
[  650.611080][T16111] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9ab9c1618c
[  650.611090][T16111] RBP: 0000000000000032 R08: 0000000000000001 R09: 0000000000000000
[  650.611099][T16111] R10: 00007ffc5b3e04f0 R11: 0000000000000246 R12: 00007ffc5b3e0510
[  650.611108][T16111] R13: 00007f9ab9c1618c R14: 000000000009f552 R15: 00007ffc5b3e04f0
[  650.611128][T16111]  </TASK>
[  651.412527][T16122] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  652.075989][T16139] bond0: invalid ARP target specified
[  652.136931][T16139] nbd: socks must be embedded in a SOCK_ITEM attr
[  652.164207][T16139] block nbd0: shutting down sockets
[  652.218619][T16143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2085'.
[  652.803075][T16111] Process accounting paused
[  652.855387][T16153] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2086'.
[  653.072435][T16153] ipvlan1: entered promiscuous mode
[  653.126932][T16153] ipvlan1: entered allmulticast mode
[  653.177368][T16153] veth0_vlan: entered allmulticast mode
[  653.300892][T16169] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes.
[  653.617046][T16177] openvswitch: ovs_: Dropping previously announced user features
[  654.500913][T16193] nbd: socks must be embedded in a SOCK_ITEM attr
[  654.526688][T16193] block nbd0: shutting down sockets
[  654.795733][   T30] audit: type=1800 audit(4294967348.651:17): pid=16208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2099" name="dbroot" dev="configfs" ino=62567 res=0 errno=0
[  655.050107][T16213] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2100: iget: checksum invalid
[  655.253013][T16213] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  655.386072][T16213] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2100: iget: checksum invalid
[  655.467865][T16213] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  655.553567][T16213] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2100: iget: checksum invalid
[  655.635526][T16213] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  655.710292][T16213] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2100: iget: checksum invalid
[  655.800448][T16213] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  655.860839][T16213] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  655.920131][T16213] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  657.694254][T16263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2110'.
[  661.231508][T16327] random: crng reseeded on system resumption
[  662.503895][T15147] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  662.533485][T16355] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2128'.
[  663.372119][T16377] nbd: socks must be embedded in a SOCK_ITEM attr
[  663.408333][T16377] block nbd0: shutting down sockets
[  663.448253][T16381] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2133'.
[  664.423927][T16402] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  664.440052][T16402] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  664.458848][T16402] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  664.469498][T16402] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  664.477429][T16402] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  664.576405][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  665.652034][   T57] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.055593][   T57] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.405130][   T57] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.568073][T16402] Bluetooth: hci2: command tx timeout
[  666.647563][T16402] Bluetooth: hci3: command 0x0406 tx timeout
[  667.893669][   T57] bridge_slave_1: left allmulticast mode
[  667.926756][   T57] bridge_slave_1: left promiscuous mode
[  667.964563][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.031440][   T57] bridge_slave_0: left allmulticast mode
[  668.069548][   T57] bridge_slave_0: left promiscuous mode
[  668.105860][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.637249][   T50] Bluetooth: hci2: command tx timeout
[  669.157233][   T57] ovs_: left promiscuous mode
[  669.328599][   T57] HfR: left promiscuous mode
[  669.436639][T16399] bridge0: port 1(bridge_slave_0) entered blocking state
[  669.466044][T16399] bridge0: port 1(bridge_slave_0) entered disabled state
[  669.503473][T16399] bridge_slave_0: entered allmulticast mode
[  669.534117][T16399] bridge_slave_0: entered promiscuous mode
[  669.685064][T16399] bridge0: port 2(bridge_slave_1) entered blocking state
[  669.709955][T16399] bridge0: port 2(bridge_slave_1) entered disabled state
[  669.732455][T16399] bridge_slave_1: entered allmulticast mode
[  669.758675][T16399] bridge_slave_1: entered promiscuous mode
[  669.968495][T16399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  670.028100][T16399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  670.235893][T16399] team0: Port device team_slave_0 added
[  670.295603][T16399] team0: Port device team_slave_1 added
[  670.445212][T16463] FAULT_INJECTION: forcing a failure.
[  670.445212][T16463] name failslab, interval 1, probability 0, space 0, times 0
[  670.548037][T16463] CPU: 0 UID: 0 PID: 16463 Comm: syz.3.2146 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  670.548071][T16463] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  670.548077][T16463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  670.548087][T16463] Call Trace:
[  670.548094][T16463]  <TASK>
[  670.548100][T16463]  dump_stack_lvl+0x100/0x190
[  670.548123][T16463]  should_fail_ex.cold+0x5/0xa
[  670.548143][T16463]  should_failslab+0xc2/0x120
[  670.548162][T16463]  __kmalloc_cache_noprof+0x7a/0x6f0
[  670.548185][T16463]  ? crtc_crc_open+0x3ba/0x7e0
[  670.548212][T16463]  crtc_crc_open+0x3ba/0x7e0
[  670.548234][T16463]  ? __debugfs_file_get+0x1fc/0x860
[  670.548254][T16463]  ? __pfx_crtc_crc_open+0x10/0x10
[  670.548277][T16463]  ? __pfx_apparmor_file_open+0x10/0x10
[  670.548293][T16463]  ? path_get+0x61/0x80
[  670.548316][T16463]  ? __pfx_crtc_crc_open+0x10/0x10
[  670.548338][T16463]  full_proxy_open_regular+0x1b6/0x370
[  670.548361][T16463]  do_dentry_open+0x6d8/0x1660
[  670.548380][T16463]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  670.548406][T16463]  vfs_open+0x82/0x3f0
[  670.548430][T16463]  path_openat+0x208c/0x31a0
[  670.548456][T16463]  ? __pfx_path_openat+0x10/0x10
[  670.548488][T16463]  do_file_open+0x20e/0x430
[  670.548510][T16463]  ? __pfx_do_file_open+0x10/0x10
[  670.548543][T16463]  ? alloc_fd+0x476/0x790
[  670.548564][T16463]  ? do_getname+0x191/0x390
[  670.548588][T16463]  do_sys_openat2+0x10d/0x1e0
[  670.548612][T16463]  ? __pfx_do_sys_openat2+0x10/0x10
[  670.548635][T16463]  ? do_raw_spin_lock+0x128/0x260
[  670.548664][T16463]  __x64_sys_openat+0x12d/0x210
[  670.548679][T16463]  ? __pfx___x64_sys_openat+0x10/0x10
[  670.548706][T16463]  ? rcu_is_watching+0x12/0xc0
[  670.548727][T16463]  do_syscall_64+0x10b/0x830
[  670.548742][T16463]  ? clear_bhb_loop+0x40/0x90
[  670.548760][T16463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.548776][T16463] RIP: 0033:0x7f9ab999ce59
[  670.548791][T16463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  670.548806][T16463] RSP: 002b:00007f9aba8d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  670.548822][T16463] RAX: ffffffffffffffda RBX: 00007f9ab9c16090 RCX: 00007f9ab999ce59
[  670.548833][T16463] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  670.548843][T16463] RBP: 00007f9ab9a32d6f R08: 0000000000000000 R09: 0000000000000000
[  670.548853][T16463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  670.548862][T16463] R13: 00007f9ab9c16128 R14: 00007f9ab9c16090 R15: 00007ffc5b3e0288
[  670.548883][T16463]  </TASK>
[  671.135472][   T50] Bluetooth: hci2: command tx timeout
[  671.969048][T16399] batman_adv: batadv0: Adding interface: batadv_slave_0
[  671.994018][T16399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  672.075198][T16399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  672.180689][T16399] batman_adv: batadv0: Adding interface: batadv_slave_1
[  672.216666][T16399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  672.316129][T16399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  672.354667][T16484] vivid-008: =================  START STATUS  =================
[  672.363654][   T50] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  672.382232][T16484] vivid-008: ==================  END STATUS  ==================
[  672.544549][   T57] hsr_slave_1: left promiscuous mode
[  672.552026][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  672.574278][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  672.604309][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  672.626799][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  672.669496][   T57] veth1_macvtap: left promiscuous mode
[  672.685242][   T57] veth0_macvtap: left promiscuous mode
[  672.705441][   T57] veth1_vlan: left promiscuous mode
[  672.722437][   T57] veth0_vlan: left promiscuous mode
[  672.936755][T16485] random: crng reseeded on system resumption
[  673.176566][T16402] Bluetooth: hci2: command tx timeout
[  673.357514][   T57] team0 (unregistering): Port device team_slave_1 removed
[  673.792995][T16399] hsr_slave_0: entered promiscuous mode
[  673.818855][T16399] hsr_slave_1: entered promiscuous mode
[  673.862148][T16399] debugfs: 'hsr0' already exists in 'hsr'
[  673.881534][T16399] Cannot create hsr debugfs directory
[  674.371915][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  675.580455][   T30] audit: type=1804 audit(4294967369.539:18): pid=16515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2155" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1073 res=1 errno=0
[  675.723360][T16402] Bluetooth: hci4: unexpected event 0x04 length: 435 > 10
[  675.723435][T16402] Bluetooth: hci4: connection err: -111
[  675.768602][T16510] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2155'.
[  676.442737][T16402] Bluetooth: hci4: command 0x2016 tx timeout
[  676.754895][T16399] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  676.761865][T16515] futex_wake_op: syz.4.2155 tries to shift op by -1; fix this program
[  676.845165][T16399] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  676.906235][T16399] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  676.986080][T16399] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  677.314894][T16399] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  677.391955][T16399] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  677.456493][T16399] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  677.511419][T16399] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  677.526654][T16544] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2162'.
[  678.208260][T16399] 8021q: adding VLAN 0 to HW filter on device bond0
[  678.353249][T16399] 8021q: adding VLAN 0 to HW filter on device team0
[  678.507285][T10070] bridge0: port 1(bridge_slave_0) entered blocking state
[  678.514425][T10070] bridge0: port 1(bridge_slave_0) entered forwarding state
[  678.691673][T10070] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.700166][T10070] bridge0: port 2(bridge_slave_1) entered forwarding state
[  680.801126][T16399] 8021q: adding VLAN 0 to HW filter on device batadv0
[  681.055454][T16399] veth0_vlan: entered promiscuous mode
[  681.076270][T16585] program syz.4.2167 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  681.113264][T16399] veth1_vlan: entered promiscuous mode
[  681.225143][T16399] veth0_macvtap: entered promiscuous mode
[  681.382248][T16399] veth1_macvtap: entered promiscuous mode
[  681.676544][T16399] batman_adv: batadv0: Interface activated: batadv_slave_0
[  681.940836][T16399] batman_adv: batadv0: Interface activated: batadv_slave_1
[  682.049771][ T9164] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  682.071262][ T9164] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  682.152942][ T9164] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  682.207489][ T9164] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.537678][T10060] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.587907][T10060] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.788023][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.836382][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  683.694361][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  683.704135][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  684.160300][T16650] netlink: 'syz.4.2178': attribute type 3 has an invalid length.
[  684.214985][T16650] netlink: 'syz.4.2178': attribute type 5 has an invalid length.
[  684.237640][T16654] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2177: iget: checksum invalid
[  684.271650][T16650] netlink: 'syz.4.2178': attribute type 6 has an invalid length.
[  684.308890][T16650] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2178'.
[  684.360213][T16650] netlink: 'syz.4.2178': attribute type 1 has an invalid length.
[  684.431427][T16650] netlink: 'syz.4.2178': attribute type 2 has an invalid length.
[  684.450157][T16654] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  684.617636][T16654] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2177: iget: checksum invalid
[  684.784393][T16654] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  684.942954][T16654] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2177: iget: checksum invalid
[  685.109588][T16654] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  685.167808][T16654] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2177: iget: checksum invalid
[  685.191068][T16668] ubi0: attaching mtd0
[  685.241731][T16654] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  685.281520][T16668] ubi0: scanning is finished
[  685.361697][T16654] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  685.374609][T16668] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  685.461382][T16654] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  685.470539][T16675] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2183'.
[  685.947646][T16668] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  686.182221][T16682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2184'.
[  688.131271][T16718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2193'.
[  688.485940][T16731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2194'.
[  689.122859][T16748] nbd: socks must be embedded in a SOCK_ITEM attr
[  689.157986][T16751] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2199'.
[  689.168041][T16748] block nbd0: shutting down sockets
[  689.217225][T16752] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2197'.
[  689.294671][T16751] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2199'.
[  689.664659][T16759] FAULT_INJECTION: forcing a failure.
[  689.664659][T16759] name failslab, interval 1, probability 0, space 0, times 0
[  689.751004][T16759] CPU: 0 UID: 0 PID: 16759 Comm: syz.4.2201 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  689.751035][T16759] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  689.751041][T16759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  689.751053][T16759] Call Trace:
[  689.751058][T16759]  <TASK>
[  689.751065][T16759]  dump_stack_lvl+0x100/0x190
[  689.751088][T16759]  should_fail_ex.cold+0x5/0xa
[  689.751109][T16759]  should_failslab+0xc2/0x120
[  689.751128][T16759]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  689.751143][T16759]  ? sk_prot_alloc+0x60/0x2a0
[  689.751169][T16759]  sk_prot_alloc+0x60/0x2a0
[  689.751191][T16759]  sk_alloc+0x36/0xe80
[  689.751209][T16759]  qrtr_create+0x84/0x1d0
[  689.751225][T16759]  __sock_create+0x339/0x860
[  689.751251][T16759]  __sys_socket+0x14d/0x260
[  689.751267][T16759]  ? __pfx___sys_socket+0x10/0x10
[  689.751281][T16759]  ? ksys_write+0x1ac/0x250
[  689.751303][T16759]  __x64_sys_socket+0x72/0xb0
[  689.751317][T16759]  ? lockdep_hardirqs_on+0x78/0x100
[  689.751332][T16759]  do_syscall_64+0x10b/0x830
[  689.751345][T16759]  ? clear_bhb_loop+0x40/0x90
[  689.751363][T16759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.751387][T16759] RIP: 0033:0x7f3ff879ce59
[  689.751402][T16759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  689.751418][T16759] RSP: 002b:00007f3ff96bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  689.751433][T16759] RAX: ffffffffffffffda RBX: 00007f3ff8a15fa0 RCX: 00007f3ff879ce59
[  689.751444][T16759] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000002a
[  689.751454][T16759] RBP: 00007f3ff8832d6f R08: 0000000000000000 R09: 0000000000000000
[  689.751464][T16759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  689.751473][T16759] R13: 00007f3ff8a16038 R14: 00007f3ff8a15fa0 R15: 00007fff42168dc8
[  689.751496][T16759]  </TASK>
[  689.988292][T16762] FAULT_INJECTION: forcing a failure.
[  689.988292][T16762] name failslab, interval 1, probability 0, space 0, times 0
[  690.001095][T16762] CPU: 0 UID: 0 PID: 16762 Comm: syz.0.2200 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  690.001124][T16762] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  690.001131][T16762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  690.001142][T16762] Call Trace:
[  690.001150][T16762]  <TASK>
[  690.001157][T16762]  dump_stack_lvl+0x100/0x190
[  690.001180][T16762]  should_fail_ex.cold+0x5/0xa
[  690.001201][T16762]  should_failslab+0xc2/0x120
[  690.001220][T16762]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  690.001236][T16762]  ? __d_alloc+0x34/0xa40
[  690.001261][T16762]  __d_alloc+0x34/0xa40
[  690.001284][T16762]  d_alloc+0x4a/0x1e0
[  690.001304][T16762]  lookup_one_qstr_excl+0x171/0x250
[  690.001329][T16762]  start_dirop+0x59/0xb0
[  690.001348][T16762]  simple_start_creating+0xf9/0x110
[  690.001367][T16762]  ? __pfx_simple_start_creating+0x10/0x10
[  690.001386][T16762]  ? mntput+0x70/0xa0
[  690.001402][T16762]  ? simple_pin_fs+0xa3/0x190
[  690.001419][T16762]  debugfs_start_creating.part.0+0x82/0x170
[  690.001444][T16762]  __debugfs_create_file+0xb3/0x4f0
[  690.001470][T16762]  debugfs_create_file_full+0x41/0x60
[  690.001496][T16762]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  690.001517][T16762]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  690.001536][T16762]  ? ida_alloc_range+0x70d/0x830
[  690.001567][T16762]  ? lockdep_init_map_type+0x5c/0x250
[  690.001586][T16762]  preinit_net.part.0+0x252/0x920
[  690.001608][T16762]  copy_net_ns+0x339/0x7c0
[  690.001630][T16762]  create_new_namespaces+0x3ea/0xac0
[  690.001655][T16762]  unshare_nsproxy_namespaces+0xf2/0x220
[  690.001677][T16762]  ksys_unshare+0x438/0xab0
[  690.001699][T16762]  ? __pfx_ksys_unshare+0x10/0x10
[  690.001720][T16762]  ? xfd_validate_state+0x129/0x190
[  690.001735][T16762]  ? ksys_write+0x1ac/0x250
[  690.001758][T16762]  __x64_sys_unshare+0x31/0x40
[  690.001780][T16762]  do_syscall_64+0x10b/0x830
[  690.001794][T16762]  ? clear_bhb_loop+0x40/0x90
[  690.001813][T16762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.001829][T16762] RIP: 0033:0x7f0be6d9ce59
[  690.001843][T16762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  690.001858][T16762] RSP: 002b:00007f0be7c4f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  690.001873][T16762] RAX: ffffffffffffffda RBX: 00007f0be7016090 RCX: 00007f0be6d9ce59
[  690.001884][T16762] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  690.001893][T16762] RBP: 00007f0be6e32d6f R08: 0000000000000000 R09: 0000000000000000
[  690.001903][T16762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  690.001912][T16762] R13: 00007f0be7016128 R14: 00007f0be7016090 R15: 00007ffd8aca8fd8
[  690.001934][T16762]  </TASK>
[  690.356089][T16763] block nbd2: not configured, cannot reconfigure
[  690.629467][T16773] ecryptfs_miscdev_write: Error while inspecting packet size
[  690.738932][T16776] nbd: couldn't find device at index 33904
[  691.745494][T16780] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2205'.
[  692.263253][T16793] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2208'.
[  692.650083][T16801] ksmbd: Unknown IPC event: 14, ignore.
[  693.032037][T16806] hugetlbfs: syz.4.2210 (16806): Using mlock ulimits for SHM_HUGETLB is obsolete
[  693.503680][T16818] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2215'.
[  696.439281][T16874] : Can't lookup blockdev
[  697.523497][T16902] netlink: 'syz.0.2233': attribute type 1 has an invalid length.
[  697.570043][T16902] nbd: error processing sock list
[  698.217333][T16909] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2234'.
[  698.711372][T16902] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  699.260794][T16920] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  700.162607][T16939] ovs_: entered promiscuous mode
[  701.869616][T16982] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  701.876111][T16982] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  703.191619][T16995] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  703.217085][T16995] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  703.239502][T16995] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  703.285344][T16995] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  703.324731][T16995] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  703.363540][T16995] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  703.409132][T16995] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  703.638152][T17000] bridge0: port 3(vlan1) entered blocking state
[  703.672912][T17000] bridge0: port 3(vlan1) entered disabled state
[  703.728120][T17000] vlan1: entered allmulticast mode
[  703.768999][T17000] veth0_vlan: entered allmulticast mode
[  703.829986][T17000] vlan1: entered promiscuous mode
[  703.899238][T17000] bridge0: port 3(vlan1) entered blocking state
[  703.905652][T17000] bridge0: port 3(vlan1) entered forwarding state
[  704.332897][T17020] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2256'.
[  704.628014][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  705.265292][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  705.345783][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  705.914886][T17038] zswap: compressor  not available
[  706.012501][T17049] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2259'.
[  706.107495][T17048] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  707.337358][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  707.415282][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  707.468925][T17061] netlink: 350 bytes leftover after parsing attributes in process `syz.4.2262'.
[  707.729974][T17063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2263'.
[  709.405749][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  709.485265][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  710.327681][T17104] random: crng reseeded on system resumption
[  710.937313][T17086] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  711.202438][   T50] Bluetooth: hci3: Unexpected cc 0x7c89 with no status
[  713.991944][   T30] audit: type=1804 audit(4294967408.130:19): pid=17146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2280" name="file0" dev="tmpfs" ino=2883 res=1 errno=0
[  715.168015][   T30] audit: type=1804 audit(4294967409.305:20): pid=17182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2282" name="/newroot/80/file0" dev="tmpfs" ino=430 res=1 errno=0
[  715.887336][T17196] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2284'.
[  717.536394][T17206] NFSD: Failed to start, no listeners configured.
[  717.572556][T17217] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2289'.
[  719.566791][T17245] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2293'.
[  719.645667][T17246] netlink: 'syz.4.2293': attribute type 1 has an invalid length.
[  720.279331][T17262] netlink: 172 bytes leftover after parsing attributes in process `syz.0.2297'.
[  720.421459][T17269] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2298'.
[  722.352405][T17318] blktrace: Concurrent blktraces are not allowed on loop2
[  726.052759][T17376] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  727.304918][T17391] random: crng reseeded on system resumption
[  727.446592][T17391] hub 1-0:1.0: USB hub found
[  727.492272][T17391] hub 1-0:1.0: 1 port detected
[  728.415501][T17407] netlink: 178 bytes leftover after parsing attributes in process `syz.3.2329'.
[  728.537999][T17407] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2329'.
[  729.008608][T17436] openvswitch: ovs_: Dropping previously announced user features
[  729.445785][T17449] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2340'.
[  729.691362][T17458] netlink: 'syz.3.2342': attribute type 11 has an invalid length.
[  730.540872][T17482] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2347'.
[  732.919110][T17519] openvswitch: ovs_: Dropping previously announced user features
[  733.686120][T17552] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2363'.
[  738.995069][T17649] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2379'.
[  744.847296][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  744.856008][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  746.419759][T17755] openvswitch: ovs_: Dropping previously announced user features
[  746.757927][   T50] Bluetooth: hci2: unexpected event 0x1d length: 8 > 5
[  746.761697][T17762] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2401'.
[  746.876762][T17762] macvlan0: entered promiscuous mode
[  746.908633][T17762] macvlan0: entered allmulticast mode
[  746.997277][T17762] veth1_vlan: entered allmulticast mode
[  747.432643][T17770] kAFS: No cell specified
[  748.105509][T17783] bond0: invalid ARP target specified
[  748.151116][T17783] nbd: must specify at least one socket
[  748.193930][T17783] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2408'.
[  748.965267][T17806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2413'.
[  749.115606][T17810] openvswitch: ovs_: Dropping previously announced user features
[  749.829296][T17825] futex_wake_op: syz.0.2418 tries to shift op by -2048; fix this program
[  750.571576][T17852] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2422'.
[  750.699979][ T9164] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  750.757108][ T9164] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  750.815748][ T9164] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  750.930966][T17860] netlink: zone id is out of range
[  751.127467][T17860] netlink: zone id is out of range
[  751.259285][T17860] netlink: zone id is out of range
[  751.358044][T17860] netlink: zone id is out of range
[  751.437510][T17860] netlink: zone id is out of range
[  751.499679][T17860] netlink: zone id is out of range
[  751.678187][T17860] netlink: set zone limit has 8 unknown bytes
[  752.553533][T17885] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2429'.
[  752.627747][T17892] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2430'.
[  752.668391][   T30] audit: type=1800 audit(4105.042:21): pid=17890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2428" name="features" dev="configfs" ino=72997 res=0 errno=0
[  752.798259][   T50] block nbd0: Receive control failed (result -32)
[  753.058201][   T50] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  755.110862][T16402] Bluetooth: hci3: command 0x0406 tx timeout
[  755.899716][T17956] netlink: 4776 bytes leftover after parsing attributes in process `syz.2.2444'.
[  756.261445][T17962] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2445'.
[  756.875173][T17981] bond0: invalid ARP target specified
[  756.893476][T17979] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2448'.
[  756.984349][T17985] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2450'.
[  757.182660][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  757.531175][T17995] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2453'.
[  757.563347][T17999] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2452'.
[  757.622981][T17997] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2453'.
[  757.644846][T17947] kexec: Could not allocate control_code_buffer
[  757.663936][T16402] block nbd1: Receive control failed (result -32)
[  758.451523][T18020] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2459'.
[  759.924617][T18040] HfR: entered promiscuous mode
[  760.007284][T18040] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2462'.
[  760.059385][T18040] HfR: left promiscuous mode
[  761.178588][   T30] audit: type=1800 audit(4113.582:22): pid=18075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2468" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  762.324727][   T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  762.354859][   T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  762.376394][   T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  762.387523][   T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  762.400664][   T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  763.668088][ T7549] bridge0: port 3(syz_tun) entered disabled state
[  763.753818][ T7549] syz_tun (unregistering): left allmulticast mode
[  763.776136][ T7549] syz_tun (unregistering): left promiscuous mode
[  763.800522][ T7549] bridge0: port 3(syz_tun) entered disabled state
[  764.508082][T16402] Bluetooth: hci0: command tx timeout
[  764.623216][T10068] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.240293][T10068] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  765.790681][T10068] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.113830][T10068] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.485611][T10068] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  766.577422][T16402] Bluetooth: hci0: command tx timeout
[  767.194339][T18093] bridge0: port 1(bridge_slave_0) entered blocking state
[  767.228194][T18093] bridge0: port 1(bridge_slave_0) entered disabled state
[  767.259894][T18093] bridge_slave_0: entered allmulticast mode
[  767.296102][T18093] bridge_slave_0: entered promiscuous mode
[  767.367523][T18093] bridge0: port 2(bridge_slave_1) entered blocking state
[  767.401073][T18093] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.434526][T18093] bridge_slave_1: entered allmulticast mode
[  767.459716][T18169] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2484'.
[  767.471229][T18093] bridge_slave_1: entered promiscuous mode
[  767.764289][T18093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  767.853729][T18171] FAULT_INJECTION: forcing a failure.
[  767.853729][T18171] name failslab, interval 1, probability 0, space 0, times 0
[  767.941626][T18093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.977113][T18171] CPU: 0 UID: 0 PID: 18171 Comm: syz.0.2484 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  767.977144][T18171] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  767.977150][T18171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  767.977161][T18171] Call Trace:
[  767.977166][T18171]  <TASK>
[  767.977173][T18171]  dump_stack_lvl+0x100/0x190
[  767.977197][T18171]  should_fail_ex.cold+0x5/0xa
[  767.977218][T18171]  should_failslab+0xc2/0x120
[  767.977253][T18171]  __kmalloc_cache_noprof+0x7a/0x6f0
[  767.977274][T18171]  ? crtc_crc_open+0x3ba/0x7e0
[  767.977301][T18171]  crtc_crc_open+0x3ba/0x7e0
[  767.977324][T18171]  ? __debugfs_file_get+0x1fc/0x860
[  767.977344][T18171]  ? __pfx_crtc_crc_open+0x10/0x10
[  767.977367][T18171]  ? __pfx_apparmor_file_open+0x10/0x10
[  767.977383][T18171]  ? path_get+0x61/0x80
[  767.977406][T18171]  ? __pfx_crtc_crc_open+0x10/0x10
[  767.977434][T18171]  full_proxy_open_regular+0x1b6/0x370
[  767.977458][T18171]  do_dentry_open+0x6d8/0x1660
[  767.977478][T18171]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  767.977504][T18171]  vfs_open+0x82/0x3f0
[  767.977529][T18171]  path_openat+0x208c/0x31a0
[  767.977554][T18171]  ? __pfx_path_openat+0x10/0x10
[  767.977579][T18171]  do_file_open+0x20e/0x430
[  767.977599][T18171]  ? __pfx_do_file_open+0x10/0x10
[  767.977631][T18171]  ? alloc_fd+0x476/0x790
[  767.977651][T18171]  ? do_getname+0x191/0x390
[  767.977674][T18171]  do_sys_openat2+0x10d/0x1e0
[  767.977697][T18171]  ? __pfx_do_sys_openat2+0x10/0x10
[  767.977720][T18171]  ? do_raw_spin_lock+0x128/0x260
[  767.977743][T18171]  __x64_sys_openat+0x12d/0x210
[  767.977757][T18171]  ? __pfx___x64_sys_openat+0x10/0x10
[  767.977783][T18171]  ? rcu_is_watching+0x12/0xc0
[  767.977803][T18171]  do_syscall_64+0x10b/0x830
[  767.977818][T18171]  ? clear_bhb_loop+0x40/0x90
[  767.977836][T18171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.977852][T18171] RIP: 0033:0x7f0be6d9ce59
[  767.977867][T18171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  767.977882][T18171] RSP: 002b:00007f0be7c2e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  767.977898][T18171] RAX: ffffffffffffffda RBX: 00007f0be7016180 RCX: 00007f0be6d9ce59
[  767.977909][T18171] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  767.977919][T18171] RBP: 00007f0be6e32d6f R08: 0000000000000000 R09: 0000000000000000
[  767.977930][T18171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  767.977939][T18171] R13: 00007f0be7016218 R14: 00007f0be7016180 R15: 00007ffd8aca8fd8
[  767.977959][T18171]  </TASK>
[  768.557158][T18093] team0: Port device team_slave_0 added
[  768.582213][T18093] team0: Port device team_slave_1 added
[  768.736122][T16402] Bluetooth: hci0: command tx timeout
[  768.746124][T18093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  768.789369][T18093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  768.886281][T18093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  769.174208][T10068] bridge_slave_1: left allmulticast mode
[  769.200862][T10068] bridge_slave_1: left promiscuous mode
[  769.219973][T10068] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.260775][T10068] bridge_slave_0: left allmulticast mode
[  769.287892][T10068] bridge_slave_0: left promiscuous mode
[  769.306181][T10068] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.078810][T18186] netlink: 'syz.3.2487': attribute type 1 has an invalid length.
[  770.095139][T18093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  770.102326][T18093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  770.143343][T18187] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2487'.
[  770.172360][T18093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  770.184365][T18186] nbd: error processing sock list
[  770.259292][T10068] ovs_: left promiscuous mode
[  770.710688][T18093] hsr_slave_0: entered promiscuous mode
[  770.740402][T18093] hsr_slave_1: entered promiscuous mode
[  770.768572][T18093] debugfs: 'hsr0' already exists in 'hsr'
[  770.796597][T18093] Cannot create hsr debugfs directory
[  770.803225][   T50] Bluetooth: hci0: command tx timeout
[  771.352267][T18196] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2488'.
[  771.890221][T10068] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  771.935949][T10068] batman_adv: batadv0: Removing interface: batadv_slave_0
[  772.027513][T10068] veth1_macvtap: left promiscuous mode
[  772.054096][T10068] veth0_macvtap: left promiscuous mode
[  772.078969][T10068] veth1_vlan: left promiscuous mode
[  772.097444][T10068] veth0_vlan: left promiscuous mode
[  772.654963][T10068] team0 (unregistering): Port device team_slave_1 removed
[  772.721448][T10068] team0 (unregistering): Port device team_slave_0 removed
[  774.630912][T18231] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2497'.
[  775.095499][T18235] bond0: invalid ARP target specified
[  775.138673][T18238] nbd: socks must be embedded in a SOCK_ITEM attr
[  775.225518][T18235] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2498'.
[  775.359421][T18243] netlink: 'syz.3.2500': attribute type 1 has an invalid length.
[  775.399319][T18243] nbd: error processing sock list
[  775.442213][T18243] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2500'.
[  775.500163][T18093] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  775.580035][T18093] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  775.623299][T18093] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  775.686235][T18093] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  775.728467][T18093] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  775.802269][T18251] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2503'.
[  775.822217][T18093] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  775.861341][T18093] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  775.919008][T18093] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  776.890572][T18093] 8021q: adding VLAN 0 to HW filter on device bond0
[  777.002440][T18093] 8021q: adding VLAN 0 to HW filter on device team0
[  777.093899][T15562] bridge0: port 1(bridge_slave_0) entered blocking state
[  777.101183][T15562] bridge0: port 1(bridge_slave_0) entered forwarding state
[  777.201674][T15562] bridge0: port 2(bridge_slave_1) entered blocking state
[  777.208910][T15562] bridge0: port 2(bridge_slave_1) entered forwarding state
[  778.068033][T18280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2506'.
[  778.813739][T18298] netlink: 'syz.3.2509': attribute type 1 has an invalid length.
[  778.875148][T18299] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2509'.
[  778.930976][T18298] nbd: error processing sock list
[  779.258948][T18309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2511'.
[  779.382826][T18093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  779.758708][T18093] veth0_vlan: entered promiscuous mode
[  779.832720][T18093] veth1_vlan: entered promiscuous mode
[  780.198339][T18093] veth0_macvtap: entered promiscuous mode
[  780.271514][T18093] veth1_macvtap: entered promiscuous mode
[  780.603070][T18093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  780.715043][T18093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  780.812726][   T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  780.960326][   T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  781.008405][   T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  781.081102][   T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  781.136253][T18320] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  781.234612][T18320] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  781.281805][T18320] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  781.336208][T18320] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  781.393547][T18320] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  781.765841][T18338] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2517'.
[  781.815000][T10068] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.884186][T10068] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  782.256953][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  782.274300][T18339] FAULT_INJECTION: forcing a failure.
[  782.274300][T18339] name failslab, interval 1, probability 0, space 0, times 0
[  782.316018][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  782.388863][T18339] CPU: 0 UID: 0 PID: 18339 Comm: syz.0.2516 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  782.388892][T18339] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  782.388898][T18339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  782.388909][T18339] Call Trace:
[  782.388915][T18339]  <TASK>
[  782.388922][T18339]  dump_stack_lvl+0x100/0x190
[  782.388949][T18339]  should_fail_ex.cold+0x5/0xa
[  782.388969][T18339]  ? __pfx_cgroup_show_path+0x10/0x10
[  782.388993][T18339]  should_failslab+0xc2/0x120
[  782.389010][T18339]  ? __pfx_cgroup_show_path+0x10/0x10
[  782.389032][T18339]  __kmalloc_cache_noprof+0x7a/0x6f0
[  782.389054][T18339]  ? cgroup_show_path+0xb2/0x730
[  782.389077][T18339]  ? find_held_lock+0x2b/0x80
[  782.389099][T18339]  ? __pfx_cgroup_show_path+0x10/0x10
[  782.389121][T18339]  cgroup_show_path+0xb2/0x730
[  782.389151][T18339]  ? __pfx_cgroup_show_path+0x10/0x10
[  782.389173][T18339]  kernfs_sop_show_path+0xe9/0x160
[  782.389189][T18339]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[  782.389205][T18339]  show_path+0x9e/0x100
[  782.389227][T18339]  show_mountinfo+0x1d8/0x820
[  782.389246][T18339]  ? __pfx_show_mountinfo+0x10/0x10
[  782.389263][T18339]  ? __kvmalloc_node_noprof+0x37b/0xa00
[  782.389284][T18339]  seq_read_iter+0xbce/0x1270
[  782.389308][T18339]  ? __pfx_seq_read_iter+0x10/0x10
[  782.389326][T18339]  vfs_read+0x825/0xb30
[  782.389346][T18339]  ? __pfx_vfs_read+0x10/0x10
[  782.389376][T18339]  ksys_read+0x12a/0x250
[  782.389393][T18339]  ? __pfx_ksys_read+0x10/0x10
[  782.389412][T18339]  ? rcu_is_watching+0x12/0xc0
[  782.389433][T18339]  do_syscall_64+0x10b/0x830
[  782.389448][T18339]  ? clear_bhb_loop+0x40/0x90
[  782.389466][T18339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.389482][T18339] RIP: 0033:0x7f0be6d9ce59
[  782.389496][T18339] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  782.389511][T18339] RSP: 002b:00007f0be7c70028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  782.389527][T18339] RAX: ffffffffffffffda RBX: 00007f0be7015fa0 RCX: 00007f0be6d9ce59
[  782.389537][T18339] RDX: 0000000000001036 RSI: 0000200000000040 RDI: 0000000000000004
[  782.389546][T18339] RBP: 00007f0be6e32d6f R08: 0000000000000000 R09: 0000000000000000
[  782.389556][T18339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  782.389565][T18339] R13: 00007f0be7016038 R14: 00007f0be7015fa0 R15: 00007ffd8aca8fd8
[  782.389586][T18339]  </TASK>
[  783.023180][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  783.308208][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  783.314253][T16402] Bluetooth: hci2: command 0x0c1a tx timeout
[  784.734431][   T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  784.750463][   T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  784.760431][   T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  784.774236][   T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  784.783351][   T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  785.374291][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  785.765643][T18392] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  786.883922][   T50] Bluetooth: hci3: command tx timeout
[  786.910195][T18407] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2525'.
[  787.218713][T18390] kexec: Could not allocate control_code_buffer
[  787.441202][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  788.773011][T18378] bridge0: port 1(bridge_slave_0) entered blocking state
[  788.805273][T18378] bridge0: port 1(bridge_slave_0) entered disabled state
[  788.831820][T18378] bridge_slave_0: entered allmulticast mode
[  788.857657][T18378] bridge_slave_0: entered promiscuous mode
[  788.952362][   T50] Bluetooth: hci3: command tx timeout
[  789.010179][T18378] bridge0: port 2(bridge_slave_1) entered blocking state
[  789.045028][T18378] bridge0: port 2(bridge_slave_1) entered disabled state
[  789.080452][T18378] bridge_slave_1: entered allmulticast mode
[  789.115744][T18378] bridge_slave_1: entered promiscuous mode
[  789.520939][T18378] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  789.589759][T18378] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  789.991077][T18378] team0: Port device team_slave_0 added
[  790.060491][T18378] team0: Port device team_slave_1 added
[  790.214237][T18378] batman_adv: batadv0: Adding interface: batadv_slave_0
[  790.243020][T18378] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  790.336099][T18378] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  790.518520][T18378] batman_adv: batadv0: Adding interface: batadv_slave_1
[  790.573694][T18378] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  790.715114][T18378] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  790.931606][T18378] hsr_slave_0: entered promiscuous mode
[  790.971778][T18378] hsr_slave_1: entered promiscuous mode
[  791.014302][T18378] debugfs: 'hsr0' already exists in 'hsr'
[  791.021977][   T50] Bluetooth: hci3: command tx timeout
[  791.060664][T18378] Cannot create hsr debugfs directory
[  791.196650][T18465] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[15268] was attempted by "m���^�z�V�z\x0d�n�*):��f�na��\x0bͣ��x'#
�V���)���O˼�Z򕷤 Q[��_i_!���s�?W*{�!���dZ+�{���d�RyiH��dnS�W?�˳�ʀGW\x0b)�T!)��z���\x0br*����
7D�*M;kA=GܸyƯ���%�_�q$0�^�ipJ ��89��������!�V��*�7�Rh�<� ǣ�a~X\x0a�zh�\x0c�E���L���� %ѡ����7kd��ը]���>�x���U�*�%�Ħ\x5c�����I��1\x5c‡�ymi���?<�A�84�̘S�\x071q��g����gy�C��}��V.�\x0d��5Y
闽��%U��\x0b.��N�
�Q/_�����Ն}�@���#/Wv~��c_����a,���z4\x09[+�\x22��?Pe� ������@ᢓ~���N���_�(����3J�1�&,��^�u\x09s�g~\x0a��2~��7�6]����CH\x0bLN�i6C�G\x0aS��m%�����dWjT�ڏy��c�\x22M|�\x0aЕ��56�h�xҺ}]�����:&#�/,1��F�g7�˨�A�\x0a����,P�0�!(��������/��������1``�:�U�\x0cɤ���1�8�2���lbowc��U����N�\x1b��t4y#�mH5��hj���˨�p~H��#�.ND��w����v��.��5�����\x07���c@��\x09}*]S��|�8V/9�Z�\x0a<\x07x^����^cʦ����Q ϜjX��D�䶳���w�欻l��Z�힉�u ԗ�p4�O5��w:��ן`��V2��������{��I�Ȼ{\x0c�#/��?+F,]
9@\x5cGR�����0bڹ�
[  792.074676][T18477] openvswitch: ovs_: Dropping previously announced user features
[  792.869354][T18378] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  793.094296][   T50] Bluetooth: hci3: command tx timeout
[  793.117168][T18478] Process accounting resumed
[  793.339968][T18528] ovs_: entered promiscuous mode
[  793.681211][T18378] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.140719][T18378] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.221325][T18553] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2545'.
[  794.569395][T18378] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.967258][T18561] nbd: socks must be embedded in a SOCK_ITEM attr
[  794.996728][T18563] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2547'.
[  795.048773][T18561] block nbd2: shutting down sockets
[  795.885214][T18378] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  795.932653][T18378] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  795.996586][T18378] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  796.051900][T18378] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  796.107488][T18378] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  796.171963][T18378] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  796.212127][T18378] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  796.252891][T18378] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  797.105370][T18609] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2555'.
[  797.518170][T18378] 8021q: adding VLAN 0 to HW filter on device bond0
[  797.868819][T18378] 8021q: adding VLAN 0 to HW filter on device team0
[  798.253889][   T94] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.261073][   T94] bridge0: port 1(bridge_slave_0) entered forwarding state
[  798.355237][T18623] can0: slcan on pty238.
[  798.391945][   T94] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.399128][   T94] bridge0: port 2(bridge_slave_1) entered forwarding state
[  798.527426][T18622] can0 (unregistered): slcan off pty238.
[  799.664759][T18632] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  800.046249][T18631] kexec: Could not allocate control_code_buffer
[  800.585729][T18659] FAULT_INJECTION: forcing a failure.
[  800.585729][T18659] name fail_futex, interval 1, probability 0, space 0, times 0
[  800.721176][T18659] CPU: 0 UID: 0 PID: 18659 Comm: syz.2.2564 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  800.721209][T18659] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  800.721215][T18659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  800.721225][T18659] Call Trace:
[  800.721231][T18659]  <TASK>
[  800.721238][T18659]  dump_stack_lvl+0x100/0x190
[  800.721261][T18659]  should_fail_ex.cold+0x5/0xa
[  800.721282][T18659]  get_futex_key+0x1d2/0x1510
[  800.721301][T18659]  ? __pfx_get_futex_key+0x10/0x10
[  800.721316][T18659]  ? find_held_lock+0x2b/0x80
[  800.721336][T18659]  ? futex_wake+0x456/0x530
[  800.721360][T18659]  futex_wake+0xea/0x530
[  800.721381][T18659]  ? __pfx_futex_wake+0x10/0x10
[  800.721402][T18659]  ? find_held_lock+0x2b/0x80
[  800.721420][T18659]  ? do_sys_openat2+0x1b4/0x1e0
[  800.721446][T18659]  do_futex+0x32b/0x350
[  800.721463][T18659]  ? __pfx_do_futex+0x10/0x10
[  800.721484][T18659]  __x64_sys_futex+0x34f/0x4d0
[  800.721503][T18659]  ? fdget_pos+0x2c0/0x380
[  800.721522][T18659]  ? __pfx___x64_sys_futex+0x10/0x10
[  800.721538][T18659]  ? ksys_write+0x1ac/0x250
[  800.721555][T18659]  ? __pfx_ksys_write+0x10/0x10
[  800.721574][T18659]  ? rcu_is_watching+0x12/0xc0
[  800.721595][T18659]  do_syscall_64+0x10b/0x830
[  800.721609][T18659]  ? clear_bhb_loop+0x40/0x90
[  800.721628][T18659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.721643][T18659] RIP: 0033:0x7fe82159ce59
[  800.721658][T18659] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  800.721672][T18659] RSP: 002b:00007fe8223750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  800.721688][T18659] RAX: ffffffffffffffda RBX: 00007fe821816188 RCX: 00007fe82159ce59
[  800.721698][T18659] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe82181618c
[  800.721708][T18659] RBP: 00007fe821816180 R08: 0000000000000001 R09: 0000000000000000
[  800.721718][T18659] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  800.721728][T18659] R13: 00007fe821816218 R14: 00007fff69209360 R15: 00007fff69209448
[  800.721748][T18659]  </TASK>
[  801.476314][T18661] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  801.615890][T18378] 8021q: adding VLAN 0 to HW filter on device batadv0
[  802.079126][T18378] veth0_vlan: entered promiscuous mode
[  802.158478][T18378] veth1_vlan: entered promiscuous mode
[  802.306745][T18378] veth0_macvtap: entered promiscuous mode
[  802.365911][T18378] veth1_macvtap: entered promiscuous mode
[  802.472535][T18378] batman_adv: batadv0: Interface activated: batadv_slave_0
[  802.543912][T18378] batman_adv: batadv0: Interface activated: batadv_slave_1
[  802.618378][T10068] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  802.672543][T10068] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  802.731748][T10068] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  802.780622][T10068] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  803.138962][T10068] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  803.188877][T10068] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  803.298661][T10068] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  803.343490][T10068] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  803.716931][T18697] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input14
[  803.784578][T18697] FAULT_INJECTION: forcing a failure.
[  803.784578][T18697] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  803.800118][T18698] futex_wake_op: syz.3.2522 tries to shift op by -2048; fix this program
[  803.864220][T18697] CPU: 0 UID: 0 PID: 18697 Comm: syz.2.2570 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  803.864251][T18697] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  803.864258][T18697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  803.864268][T18697] Call Trace:
[  803.864275][T18697]  <TASK>
[  803.864281][T18697]  dump_stack_lvl+0x100/0x190
[  803.864304][T18697]  should_fail_ex.cold+0x5/0xa
[  803.864324][T18697]  _copy_from_iter+0x1f4/0x1690
[  803.864347][T18697]  ? __pfx__copy_from_iter+0x10/0x10
[  803.864369][T18697]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  803.864390][T18697]  skb_copy_datagram_from_iter+0x11f/0x720
[  803.864412][T18697]  tun_get_user+0x1889/0x3c20
[  803.864451][T18697]  ? __pfx_tun_get_user+0x10/0x10
[  803.864469][T18697]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  803.864495][T18697]  ? find_held_lock+0x2b/0x80
[  803.864516][T18697]  ? tun_get+0x191/0x370
[  803.864537][T18697]  ? tun_get+0x191/0x370
[  803.864563][T18697]  tun_chr_write_iter+0xdc/0x200
[  803.864580][T18697]  vfs_write+0x6ac/0x1070
[  803.864599][T18697]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  803.864619][T18697]  ? __pfx_vfs_write+0x10/0x10
[  803.864635][T18697]  ? find_held_lock+0x2b/0x80
[  803.864665][T18697]  __x64_sys_pwrite64+0x1eb/0x250
[  803.864684][T18697]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  803.864705][T18697]  ? rcu_is_watching+0x12/0xc0
[  803.864726][T18697]  do_syscall_64+0x10b/0x830
[  803.864740][T18697]  ? clear_bhb_loop+0x40/0x90
[  803.864767][T18697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  803.864784][T18697] RIP: 0033:0x7fe82159ce59
[  803.864798][T18697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  803.864813][T18697] RSP: 002b:00007fe8223b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  803.864829][T18697] RAX: ffffffffffffffda RBX: 00007fe821815fa0 RCX: 00007fe82159ce59
[  803.864839][T18697] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 00000000000000c8
[  803.864848][T18697] RBP: 00007fe821632d6f R08: 0000000000000000 R09: 0000000000000000
[  803.864857][T18697] R10: 000000000000019f R11: 0000000000000246 R12: 0000000000000000
[  803.864866][T18697] R13: 00007fe821816038 R14: 00007fe821815fa0 R15: 00007fff69209448
[  803.864885][T18697]  </TASK>
[  804.190047][T18698] futex_wake_op: syz.3.2522 tries to shift op by -2048; fix this program
[  804.596290][T18706] netlink: 'syz.4.2572': attribute type 1 has an invalid length.
[  805.958694][T18727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2576'.
[  806.000229][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  806.006833][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  806.303668][T18733] FAULT_INJECTION: forcing a failure.
[  806.303668][T18733] name failslab, interval 1, probability 0, space 0, times 0
[  806.506542][T18733] CPU: 0 UID: 0 PID: 18733 Comm: syz.2.2576 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  806.506572][T18733] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  806.506579][T18733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  806.506589][T18733] Call Trace:
[  806.506595][T18733]  <TASK>
[  806.506602][T18733]  dump_stack_lvl+0x100/0x190
[  806.506625][T18733]  should_fail_ex.cold+0x5/0xa
[  806.506646][T18733]  should_failslab+0xc2/0x120
[  806.506665][T18733]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  806.506680][T18733]  ? alloc_inode+0x68/0x250
[  806.506695][T18733]  ? simple_start_creating+0xb0/0x110
[  806.506715][T18733]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  806.506739][T18733]  alloc_inode+0x68/0x250
[  806.506753][T18733]  new_inode+0x22/0x1c0
[  806.506769][T18733]  __debugfs_create_file+0x105/0x4f0
[  806.506796][T18733]  debugfs_create_file_full+0x41/0x60
[  806.506822][T18733]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  806.506844][T18733]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  806.506869][T18733]  ? ida_alloc_range+0x70d/0x830
[  806.506901][T18733]  ? lockdep_init_map_type+0x5c/0x250
[  806.506921][T18733]  preinit_net.part.0+0x252/0x920
[  806.506942][T18733]  copy_net_ns+0x339/0x7c0
[  806.506965][T18733]  create_new_namespaces+0x3ea/0xac0
[  806.506990][T18733]  unshare_nsproxy_namespaces+0xf2/0x220
[  806.507011][T18733]  ksys_unshare+0x438/0xab0
[  806.507034][T18733]  ? __pfx_ksys_unshare+0x10/0x10
[  806.507055][T18733]  ? xfd_validate_state+0x129/0x190
[  806.507070][T18733]  ? ksys_write+0x1ac/0x250
[  806.507093][T18733]  __x64_sys_unshare+0x31/0x40
[  806.507115][T18733]  do_syscall_64+0x10b/0x830
[  806.507129][T18733]  ? clear_bhb_loop+0x40/0x90
[  806.507148][T18733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  806.507163][T18733] RIP: 0033:0x7fe82159ce59
[  806.507177][T18733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  806.507192][T18733] RSP: 002b:00007fe822375028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  806.507208][T18733] RAX: ffffffffffffffda RBX: 00007fe821816180 RCX: 00007fe82159ce59
[  806.507218][T18733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  806.507228][T18733] RBP: 00007fe821632d6f R08: 0000000000000000 R09: 0000000000000000
[  806.507237][T18733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  806.507246][T18733] R13: 00007fe821816218 R14: 00007fe821816180 R15: 00007fff69209448
[  806.507267][T18733]  </TASK>
[  806.507274][T18733] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88807d748280'
[  809.611800][T18745] kexec: Could not allocate control_code_buffer
[  810.777827][T18781] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  810.796569][T18781] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  810.822174][T18781] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  810.843011][T18781] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  810.863803][T18781] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  810.903192][T18781] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  812.122821][   T50] Bluetooth: hci4: command 0x2016 tx timeout
[  812.839460][T16402] Bluetooth: hci0: command 0x0c1a tx timeout
[  812.846146][T15147] Bluetooth: hci2: command 0x0c1a tx timeout
[  812.852750][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  812.955792][T18821] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2594'.
[  813.371891][T18827] FAULT_INJECTION: forcing a failure.
[  813.371891][T18827] name failslab, interval 1, probability 0, space 0, times 0
[  813.483165][T18827] CPU: 0 UID: 0 PID: 18827 Comm: syz.2.2594 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  813.483195][T18827] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  813.483202][T18827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  813.483212][T18827] Call Trace:
[  813.483218][T18827]  <TASK>
[  813.483224][T18827]  dump_stack_lvl+0x100/0x190
[  813.483246][T18827]  should_fail_ex.cold+0x5/0xa
[  813.483267][T18827]  should_failslab+0xc2/0x120
[  813.483286][T18827]  __kmalloc_cache_noprof+0x7a/0x6f0
[  813.483308][T18827]  ? crtc_crc_open+0x3ba/0x7e0
[  813.483334][T18827]  crtc_crc_open+0x3ba/0x7e0
[  813.483357][T18827]  ? __debugfs_file_get+0x1fc/0x860
[  813.483384][T18827]  ? __pfx_crtc_crc_open+0x10/0x10
[  813.483409][T18827]  ? __pfx_apparmor_file_open+0x10/0x10
[  813.483425][T18827]  ? path_get+0x61/0x80
[  813.483448][T18827]  ? __pfx_crtc_crc_open+0x10/0x10
[  813.483470][T18827]  full_proxy_open_regular+0x1b6/0x370
[  813.483493][T18827]  do_dentry_open+0x6d8/0x1660
[  813.483511][T18827]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  813.483537][T18827]  vfs_open+0x82/0x3f0
[  813.483561][T18827]  path_openat+0x208c/0x31a0
[  813.483586][T18827]  ? __pfx_path_openat+0x10/0x10
[  813.483612][T18827]  do_file_open+0x20e/0x430
[  813.483632][T18827]  ? __pfx_do_file_open+0x10/0x10
[  813.483664][T18827]  ? alloc_fd+0x476/0x790
[  813.483684][T18827]  ? do_getname+0x191/0x390
[  813.483707][T18827]  do_sys_openat2+0x10d/0x1e0
[  813.483729][T18827]  ? __pfx_do_sys_openat2+0x10/0x10
[  813.483753][T18827]  ? do_raw_spin_lock+0x128/0x260
[  813.483775][T18827]  __x64_sys_openat+0x12d/0x210
[  813.483790][T18827]  ? __pfx___x64_sys_openat+0x10/0x10
[  813.483816][T18827]  ? rcu_is_watching+0x12/0xc0
[  813.483837][T18827]  do_syscall_64+0x10b/0x830
[  813.483851][T18827]  ? clear_bhb_loop+0x40/0x90
[  813.483869][T18827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.483886][T18827] RIP: 0033:0x7fe82159ce59
[  813.483900][T18827] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  813.483915][T18827] RSP: 002b:00007fe822375028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  813.483931][T18827] RAX: ffffffffffffffda RBX: 00007fe821816180 RCX: 00007fe82159ce59
[  813.483942][T18827] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  813.483952][T18827] RBP: 00007fe821632d6f R08: 0000000000000000 R09: 0000000000000000
[  813.483961][T18827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  813.483971][T18827] R13: 00007fe821816218 R14: 00007fe821816180 R15: 00007fff69209448
[  813.483991][T18827]  </TASK>
[  813.825677][T18815] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2593'.
[  814.088713][T18815] veth1_macvtap: left promiscuous mode
[  814.105442][T18815] macsec0: entered promiscuous mode
[  814.138226][T18815] macsec0: entered allmulticast mode
[  814.912485][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  815.606513][T18864] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  816.599223][T18887] HfR: entered promiscuous mode
[  816.695637][T18887] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2608'.
[  816.804398][T18887] HfR: left promiscuous mode
[  816.980098][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  817.959904][T18912] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2612'.
[  819.560872][T18958] sysfs_service_op_store: Client not running :-5:
[  820.207009][T18965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x20000
[  820.320017][T18969] zswap: compressor  not available
[  820.339945][T18965] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  820.396233][T18965] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  820.532916][T18965] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  820.657005][T18965] page dumped because: unmovable page
[  820.760551][T18965] page_owner tracks the page as allocated
[  820.810741][T18965] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(), pid 0, tgid 0 (swapper), ts 1641267928, free_ts 0
[  820.871780][T18965]  register_early_stack+0x74/0xaf
[  820.901486][T18965]  init_page_owner+0x4c/0xa10
[  820.922446][T18965]  page_ext_init+0x71d/0x780
[  820.950587][T18965]  mm_core_init+0x229/0x270
[  820.956206][T18965] page_owner free stack trace missing
[  821.369689][T18996] nbd: socks must be embedded in a SOCK_ITEM attr
[  821.406216][T18996] block nbd2: shutting down sockets
[  821.913163][T19002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2626'.
[  822.072064][T19004] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2627'.
[  823.944267][T19021] Process accounting paused
[  824.294027][T19055] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input15
[  824.621749][T19068] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2641'.
[  825.235113][T19073] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2642'.
[  825.316870][T19073] gretap0: refused to change device tx_queue_len
[  825.603384][T19090] openvswitch: ovs_: Dropping previously announced user features
[  826.605795][T19109] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2649: iget: checksum invalid
[  826.765639][T19109] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  826.902299][T19109] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2649: iget: checksum invalid
[  827.029976][T19109] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  827.084545][T19109] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2649: iget: checksum invalid
[  827.159579][T19109] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  827.235984][T19109] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.4.2649: iget: checksum invalid
[  827.316444][T19109] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  827.371248][T19114] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2650'.
[  827.404980][T19109] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  827.466081][T19109] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  827.706592][T19120] bond0: invalid ARP target specified
[  827.780656][T19120] nbd: socks must be embedded in a SOCK_ITEM attr
[  827.834730][T19120] block nbd2: shutting down sockets
[  828.033716][T19153] netlink: 'syz.0.2654': attribute type 19 has an invalid length.
[  828.056707][T19127] cgroup: fork rejected by pids controller in /syz4
[  828.086329][T19153] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2654'.
[  828.220719][T19162] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2655'.
[  828.732612][T19180] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2658'.
[  830.210355][T19202] openvswitch: ovs_: Dropping previously announced user features
[  830.256634][T19204] FAULT_INJECTION: forcing a failure.
[  830.256634][T19204] name failslab, interval 1, probability 0, space 0, times 0
[  830.330398][T19204] CPU: 0 UID: 0 PID: 19204 Comm: syz.0.2663 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  830.330424][T19204] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  830.330431][T19204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  830.330441][T19204] Call Trace:
[  830.330446][T19204]  <TASK>
[  830.330452][T19204]  dump_stack_lvl+0x100/0x190
[  830.330474][T19204]  should_fail_ex.cold+0x5/0xa
[  830.330493][T19204]  should_failslab+0xc2/0x120
[  830.330512][T19204]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  830.330528][T19204]  ? __alloc_skb+0x140/0x710
[  830.330546][T19204]  ? __alloc_skb+0x5b7/0x710
[  830.330565][T19204]  __alloc_skb+0x140/0x710
[  830.330580][T19204]  ? __alloc_skb+0x5b7/0x710
[  830.330597][T19204]  ? __pfx___alloc_skb+0x10/0x10
[  830.330619][T19204]  netlink_alloc_large_skb+0x69/0x150
[  830.330644][T19204]  netlink_sendmsg+0x680/0xda0
[  830.330670][T19204]  ? __pfx_netlink_sendmsg+0x10/0x10
[  830.330692][T19204]  ? __import_iovec+0x1d2/0x640
[  830.330711][T19204]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  830.330738][T19204]  ____sys_sendmsg+0x9e1/0xb70
[  830.330760][T19204]  ? __pfx_netlink_sendmsg+0x10/0x10
[  830.330784][T19204]  ? __pfx_____sys_sendmsg+0x10/0x10
[  830.330816][T19204]  ___sys_sendmsg+0x190/0x1e0
[  830.330834][T19204]  ? __pfx____sys_sendmsg+0x10/0x10
[  830.330870][T19204]  __sys_sendmsg+0x170/0x220
[  830.330890][T19204]  ? __pfx___sys_sendmsg+0x10/0x10
[  830.330916][T19204]  ? rcu_is_watching+0x12/0xc0
[  830.330937][T19204]  do_syscall_64+0x10b/0x830
[  830.330951][T19204]  ? clear_bhb_loop+0x40/0x90
[  830.330970][T19204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  830.330985][T19204] RIP: 0033:0x7f0be6d9ce59
[  830.330999][T19204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  830.331014][T19204] RSP: 002b:00007f0be7c4f028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  830.331029][T19204] RAX: ffffffffffffffda RBX: 00007f0be7016090 RCX: 00007f0be6d9ce59
[  830.331039][T19204] RDX: 0000000020008004 RSI: 00002000000001c0 RDI: 0000000000000006
[  830.331048][T19204] RBP: 00007f0be7c4f090 R08: 0000000000000000 R09: 0000000000000000
[  830.331057][T19204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  830.331066][T19204] R13: 00007f0be7016128 R14: 00007f0be7016090 R15: 00007ffd8aca8fd8
[  830.331085][T19204]  </TASK>
[  837.470614][T19270] syz.3.2677(19270): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  839.480505][T19293] bond0: invalid ARP target specified
[  839.573042][T19297] nbd: socks must be embedded in a SOCK_ITEM attr
[  839.611510][T19297] block nbd2: shutting down sockets
[  840.167643][T19303] NFSD: Failed to start, no listeners configured.
[  841.590727][T19314] zswap: compressor  not available
[  844.624109][T19356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2693'.
[  846.738131][T19381] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2696'.
[  846.896973][T19384] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2696'.
[  848.304955][T19397] kvm: user requested TSC rate below hardware speed
[  848.451092][T19399] futex_wake_op: syz.3.2699 tries to shift op by -2048; fix this program
[  849.969715][T19408] FAULT_INJECTION: forcing a failure.
[  849.969715][T19408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.214749][T19408] CPU: 0 UID: 0 PID: 19408 Comm: syz.3.2702 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  850.214781][T19408] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  850.214788][T19408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  850.214799][T19408] Call Trace:
[  850.214805][T19408]  <TASK>
[  850.214812][T19408]  dump_stack_lvl+0x100/0x190
[  850.214838][T19408]  should_fail_ex.cold+0x5/0xa
[  850.214860][T19408]  strncpy_from_user+0x3b/0x2d0
[  850.214881][T19408]  do_getname+0x78/0x390
[  850.214908][T19408]  do_sys_openat2+0xc5/0x1e0
[  850.214933][T19408]  ? __pfx_do_sys_openat2+0x10/0x10
[  850.214965][T19408]  __x64_sys_openat+0x12d/0x210
[  850.214981][T19408]  ? __pfx___x64_sys_openat+0x10/0x10
[  850.215006][T19408]  ? exit_to_user_mode_loop+0xe2/0x4f0
[  850.215025][T19408]  ? rcu_is_watching+0x12/0xc0
[  850.215046][T19408]  do_syscall_64+0x10b/0x830
[  850.215061][T19408]  ? clear_bhb_loop+0x40/0x90
[  850.215080][T19408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.215096][T19408] RIP: 0033:0x7f826b19ce59
[  850.215112][T19408] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  850.215127][T19408] RSP: 002b:00007f826c059028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  850.215144][T19408] RAX: ffffffffffffffda RBX: 00007f826b416180 RCX: 00007f826b19ce59
[  850.215155][T19408] RDX: 0000000000454502 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  850.215165][T19408] RBP: 00007f826b232d6f R08: 0000000000000000 R09: 0000000000000000
[  850.215174][T19408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  850.215183][T19408] R13: 00007f826b416218 R14: 00007f826b416180 R15: 00007ffe8b995298
[  850.215203][T19408]  </TASK>
[  850.808218][T19418] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2705'.
[  851.850371][T19427] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2706'.
[  854.228066][T19429] FAULT_INJECTION: forcing a failure.
[  854.228066][T19429] name failslab, interval 1, probability 0, space 0, times 0
[  854.280107][T19429] CPU: 0 UID: 0 PID: 19429 Comm: syz.3.2706 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  854.280144][T19429] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  854.280151][T19429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  854.280164][T19429] Call Trace:
[  854.280170][T19429]  <TASK>
[  854.280178][T19429]  dump_stack_lvl+0x100/0x190
[  854.280208][T19429]  should_fail_ex.cold+0x5/0xa
[  854.280232][T19429]  should_failslab+0xc2/0x120
[  854.280253][T19429]  __kmalloc_cache_noprof+0x7a/0x6f0
[  854.280376][T19429]  ? netdevice_event+0x308/0x9a0
[  854.280405][T19429]  netdevice_event+0x308/0x9a0
[  854.280428][T19429]  ? __pfx_netdevice_event+0x10/0x10
[  854.280446][T19429]  ? __pfx_del_netdev_ips+0x10/0x10
[  854.280463][T19429]  ? __pfx_pass_all_filter+0x10/0x10
[  854.280487][T19429]  ? lockdep_rtnl_is_held+0x26/0x40
[  854.280505][T19429]  notifier_call_chain+0x99/0x400
[  854.280533][T19429]  call_netdevice_notifiers_info+0xbe/0x110
[  854.280558][T19429]  unregister_netdevice_many_notify+0x118f/0x24f0
[  854.280592][T19429]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  854.280619][T19429]  ? __call_rcu_common.constprop.0+0x3f0/0x9b0
[  854.280642][T19429]  unregister_netdevice_queue+0x30b/0x3c0
[  854.280663][T19429]  ? kernfs_remove_by_name_ns+0x103/0x120
[  854.280686][T19429]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  854.280713][T19429]  _cfg80211_unregister_wdev+0x64b/0x800
[  854.280738][T19429]  ieee80211_remove_interfaces+0x34e/0x6f0
[  854.280763][T19429]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[  854.280793][T19429]  ieee80211_unregister_hw+0x55/0x360
[  854.280811][T19429]  mac80211_hwsim_netlink_notify+0x868/0x16c0
[  854.280838][T19429]  ? __pfx_mac80211_hwsim_netlink_notify+0x10/0x10
[  854.280867][T19429]  notifier_call_chain+0x99/0x400
[  854.280895][T19429]  blocking_notifier_call_chain+0x69/0xa0
[  854.280920][T19429]  netlink_release+0x167a/0x2030
[  854.280947][T19429]  ? netlink_release+0x1e0/0x2030
[  854.280971][T19429]  ? __pfx_netlink_release+0x10/0x10
[  854.280995][T19429]  ? __pfx_locks_remove_file+0x10/0x10
[  854.281019][T19429]  __sock_release+0xb3/0x260
[  854.281039][T19429]  ? __pfx_sock_close+0x10/0x10
[  854.281068][T19429]  sock_close+0x1c/0x30
[  854.281087][T19429]  __fput+0x3ff/0xb50
[  854.281115][T19429]  task_work_run+0x150/0x240
[  854.281156][T19429]  ? __pfx_task_work_run+0x10/0x10
[  854.281175][T19429]  ? rcu_is_watching+0x12/0xc0
[  854.281198][T19429]  exit_to_user_mode_loop+0x107/0x4f0
[  854.281214][T19429]  ? rcu_is_watching+0x12/0xc0
[  854.281234][T19429]  do_syscall_64+0x6f2/0x830
[  854.281249][T19429]  ? clear_bhb_loop+0x40/0x90
[  854.281268][T19429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.281285][T19429] RIP: 0033:0x7f826b19ce59
[  854.281302][T19429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  854.281318][T19429] RSP: 002b:00007f826c059028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  854.281335][T19429] RAX: 0000000000000000 RBX: 00007f826b416180 RCX: 00007f826b19ce59
[  854.281345][T19429] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007
[  854.281355][T19429] RBP: 00007f826b232d6f R08: 0000000000000000 R09: 0000000000000000
[  854.281365][T19429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  854.281375][T19429] R13: 00007f826b416218 R14: 00007f826b416180 R15: 00007ffe8b995298
[  854.281396][T19429]  </TASK>
[  855.734320][T19150] syz.4.2653 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[  856.040534][T19150] CPU: 0 UID: 0 PID: 19150 Comm: syz.4.2653 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  856.040567][T19150] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  856.040573][T19150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  856.040584][T19150] Call Trace:
[  856.040589][T19150]  <TASK>
[  856.040596][T19150]  dump_stack_lvl+0x100/0x190
[  856.040621][T19150]  dump_header+0xfb/0x606
[  856.040640][T19150]  oom_kill_process.cold+0xd/0x330
[  856.040659][T19150]  out_of_memory+0x340/0x14f0
[  856.040690][T19150]  ? __pfx_out_of_memory+0x10/0x10
[  856.040719][T19150]  mem_cgroup_out_of_memory+0xc6/0x130
[  856.040749][T19150]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  856.040772][T19150]  ? find_held_lock+0x2b/0x80
[  856.040796][T19150]  ? do_raw_spin_unlock+0x145/0x1e0
[  856.040815][T19150]  ? _raw_spin_unlock+0x28/0x50
[  856.040840][T19150]  try_charge_memcg+0x6e5/0xdf0
[  856.040863][T19150]  ? __pfx_try_charge_memcg+0x10/0x10
[  856.040880][T19150]  ? find_held_lock+0x2b/0x80
[  856.041070][T19150]  ? rcu_read_unlock+0x17/0x60
[  856.041091][T19150]  ? rcu_read_unlock+0x17/0x60
[  856.041112][T19150]  ? find_held_lock+0x2b/0x80
[  856.041133][T19150]  ? rcu_read_unlock+0x17/0x60
[  856.041156][T19150]  charge_memcg+0x19f/0x210
[  856.041183][T19150]  __mem_cgroup_charge+0x2b/0x1c0
[  856.041206][T19150]  shmem_alloc_and_add_folio+0x451/0xd40
[  856.041228][T19150]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  856.041246][T19150]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  856.041267][T19150]  shmem_get_folio_gfp+0x6ab/0x1900
[  856.041287][T19150]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  856.041309][T19150]  shmem_write_begin+0x1a4/0x420
[  856.041326][T19150]  ? __pfx_shmem_write_begin+0x10/0x10
[  856.041344][T19150]  ? balance_dirty_pages_ratelimited_flags+0x91/0x1170
[  856.041364][T19150]  ? lockdep_hardirqs_on+0x78/0x100
[  856.041382][T19150]  generic_perform_write+0x292/0xa40
[  856.041412][T19150]  ? __pfx_generic_perform_write+0x10/0x10
[  856.041438][T19150]  ? file_update_time_flags+0x373/0x500
[  856.041464][T19150]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  856.041483][T19150]  shmem_file_write_iter+0x10e/0x140
[  856.041503][T19150]  __kernel_write_iter+0x2ac/0x920
[  856.041525][T19150]  ? __pfx___kernel_write_iter+0x10/0x10
[  856.041544][T19150]  ? __up_read+0x2c1/0x6e0
[  856.041563][T19150]  ? dump_user_range+0x65e/0xad0
[  856.041588][T19150]  ? copy_mc_enhanced_fast_string+0x6/0xf
[  856.041612][T19150]  dump_user_range+0x3f9/0xad0
[  856.041639][T19150]  ? __pfx_dump_user_range+0x10/0x10
[  856.041668][T19150]  ? __pfx_writenote+0x10/0x10
[  856.041696][T19150]  elf_core_dump+0x2d5f/0x3d10
[  856.041731][T19150]  ? __pfx_elf_core_dump+0x10/0x10
[  856.041754][T19150]  ? wakeup_preempt_fair+0x630/0x1050
[  856.041781][T19150]  ? 0xffffffffff600000
[  856.041797][T19150]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  856.041849][T19150]  ? vfs_coredump+0x29a0/0x5770
[  856.041918][T19150]  vfs_coredump+0x29a0/0x5770
[  856.041949][T19150]  ? __pfx_vfs_coredump+0x10/0x10
[  856.041973][T19150]  ? __lock_acquire+0x4a5/0x2630
[  856.041996][T19150]  ? lock_acquire+0x1b1/0x370
[  856.042020][T19150]  ? is_bpf_text_address+0x8a/0x1a0
[  856.042041][T19150]  ? bpf_ksym_find+0x124/0x1c0
[  856.042063][T19150]  ? __kernel_text_address+0xd/0x30
[  856.042081][T19150]  ? unwind_get_return_address+0x59/0xa0
[  856.042108][T19150]  ? arch_stack_walk+0xa6/0xf0
[  856.042142][T19150]  ? __sigqueue_free+0xbe/0x2a0
[  856.042166][T19150]  ? stack_trace_save+0x8e/0xc0
[  856.042189][T19150]  ? __pfx_stack_trace_save+0x10/0x10
[  856.042211][T19150]  ? stack_depot_save_flags+0x27/0x9d0
[  856.042234][T19150]  ? __lock_acquire+0x4a5/0x2630
[  856.042282][T19150]  ? proc_coredump_connector+0x2d3/0x4f0
[  856.042298][T19150]  ? __pfx_proc_coredump_connector+0x10/0x10
[  856.042317][T19150]  ? rcu_is_watching+0x12/0xc0
[  856.042340][T19150]  get_signal+0x2162/0x2210
[  856.042369][T19150]  ? __pfx_get_signal+0x10/0x10
[  856.042389][T19150]  ? find_held_lock+0x2b/0x80
[  856.042409][T19150]  ? bad_area_access_error+0xab/0x1d0
[  856.042427][T19150]  ? fixup_vdso_exception+0x2d1/0x370
[  856.042453][T19150]  arch_do_signal_or_restart+0x91/0x7a0
[  856.042486][T19150]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  856.042516][T19150]  ? rcu_is_watching+0x12/0xc0
[  856.042537][T19150]  irqentry_exit+0x410/0x7e0
[  856.042557][T19150]  asm_exc_page_fault+0x26/0x30
[  856.042574][T19150] RIP: 0033:0x0
[  856.042586][T19150] Code: Unable to access opcode bytes at 0xffffffffffffffd6.
[  856.042594][T19150] RSP: 002b:0000000000000011 EFLAGS: 00010217
[  856.042608][T19150] RAX: 0000000000000000 RBX: 00007f3ff8a16180 RCX: 00007f3ff879ce59
[  856.042618][T19150] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00000000000007a3
[  856.042628][T19150] RBP: 00007f3ff8832d6f R08: 0000000000000003 R09: 0000000000000000
[  856.042637][T19150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.042647][T19150] R13: 00007f3ff8a16218 R14: 00007f3ff8a16180 R15: 00007fff42168dc8
[  856.042668][T19150]  </TASK>
[  858.175172][T19150] memory: usage 307200kB, limit 307200kB, failcnt 29249
[  858.190470][T19418] Process accounting resumed
[  858.234535][T19150] memory+swap: usage 428048kB, limit 9007199254740988kB, failcnt 0
[  858.289587][T19150] kmem: usage 7860kB, limit 9007199254740988kB, failcnt 0
[  858.364152][T19150] Memory cgroup stats for /syz4:
[  858.364457][T19150] cache 306335744
[  858.430795][T19150] rss 159744
[  858.484243][T19150] rss_huge 0
[  858.500796][T19150] shmem 306335744
[  858.542769][T19150] mapped_file 14790656
[  858.564184][T19150] dirty 0
[  858.598370][T19150] writeback 0
[  858.648991][T19150] workingset_refault_anon 1897
[  858.680898][T19150] workingset_refault_file 627
[  858.729053][T19150] swap 123748352
[  858.744820][T19150] swapcached 174845952
[  858.785991][T19150] pgpgin 285127
[  858.805838][T19150] pgpgout 211830
[  858.847359][T19150] pgfault 174725
[  858.884660][T19150] pgmajfault 472
[  858.902200][T19150] inactive_anon 127987712
[  858.946750][T19150] active_anon 178515968
[  858.986772][T19150] inactive_file 0
[  859.019955][T19150] active_file 0
[  859.050153][T19150] unevictable 0
[  859.073642][T19150] hierarchical_memory_limit 314572800
[  859.132888][T19150] hierarchical_memsw_limit 9223372036854771712
[  859.182862][T19150] total_cache 306335744
[  859.210298][T19150] total_rss 159744
[  859.254941][T19150] total_rss_huge 0
[  859.289584][T19150] total_shmem 306335744
[  859.313103][T19150] total_mapped_file 14790656
[  859.352932][T19150] total_dirty 0
[  859.374967][T19150] total_writeback 0
[  859.421950][T19150] total_workingset_refault_anon 1897
[  859.453703][T19150] total_workingset_refault_file 627
[  859.486400][T19150] total_swap 123748352
[  859.524650][T19150] total_swapcached 174845952
[  859.568999][T19150] total_pgpgin 285127
[  859.588578][T19150] total_pgpgout 211830
[  859.603421][T19450] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2712'.
[  859.651815][T19150] total_pgfault 174725
[  859.672406][T19150] total_pgmajfault 472
[  859.705997][T19150] total_inactive_anon 127987712
[  859.733794][T19442] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2710'.
[  859.770864][T19150] total_active_anon 178515968
[  859.791029][T19150] total_inactive_file 0
[  859.817102][T19150] total_active_file 0
[  859.868934][T19150] total_unevictable 0
[  859.895332][T19150] anon_cost 0
[  859.916667][T19150] file_cost 0
[  859.943660][T19150] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2653,pid=19158,uid=0
[  860.058345][T19150] Memory cgroup out of memory: Killed process 19158 (syz.4.2653) total-vm:197092kB, anon-rss:1332kB, file-rss:21556kB, shmem-rss:14452kB, UID:0 pgtables:168kB oom_score_adj:0
[  860.839882][T19158] syz.4.2653 (19158) used greatest stack depth: 19392 bytes left
[  863.068195][T19487] ovs_: entered promiscuous mode
[  863.262991][T19491] tc_dump_action: action bad kind
[  863.304185][T19491] FAULT_INJECTION: forcing a failure.
[  863.304185][T19491] name fail_futex, interval 1, probability 0, space 0, times 0
[  863.391417][T19491] CPU: 0 UID: 0 PID: 19491 Comm: syz.3.2721 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  863.391448][T19491] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  863.391455][T19491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  863.391476][T19491] Call Trace:
[  863.391486][T19491]  <TASK>
[  863.391495][T19491]  dump_stack_lvl+0x100/0x190
[  863.391521][T19491]  should_fail_ex.cold+0x5/0xa
[  863.391543][T19491]  get_futex_key+0x1d2/0x1510
[  863.391563][T19491]  ? __pfx_get_futex_key+0x10/0x10
[  863.391579][T19491]  ? get_futex_key+0x4e8/0x1510
[  863.391597][T19491]  futex_wait_setup+0x83/0x510
[  863.391622][T19491]  futex_wait_requeue_pi+0x240/0x890
[  863.391645][T19491]  ? __pfx_futex_wait_requeue_pi+0x10/0x10
[  863.391666][T19491]  ? __futex_wait+0x256/0x300
[  863.391687][T19491]  ? __pfx___futex_wait+0x10/0x10
[  863.391726][T19491]  ? __pfx_futex_wake_mark+0x10/0x10
[  863.391751][T19491]  ? __fget_files+0x21f/0x3d0
[  863.391774][T19491]  do_futex+0x24f/0x350
[  863.391791][T19491]  ? __pfx_do_futex+0x10/0x10
[  863.391813][T19491]  __x64_sys_futex+0x34f/0x4d0
[  863.391832][T19491]  ? __pfx___x64_sys_futex+0x10/0x10
[  863.391848][T19491]  ? ksys_write+0x1ac/0x250
[  863.391869][T19491]  ? rcu_is_watching+0x12/0xc0
[  863.391890][T19491]  do_syscall_64+0x10b/0x830
[  863.391906][T19491]  ? clear_bhb_loop+0x40/0x90
[  863.391924][T19491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.391941][T19491] RIP: 0033:0x7f826b19ce59
[  863.391955][T19491] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  863.391971][T19491] RSP: 002b:00007f826c09b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  863.391987][T19491] RAX: ffffffffffffffda RBX: 00007f826b415fa0 RCX: 00007f826b19ce59
[  863.391998][T19491] RDX: 0000000000000001 RSI: 000000000000000b RDI: 0000200000000080
[  863.392007][T19491] RBP: 00007f826b232d6f R08: 0000000000000000 R09: 00000000fffffffa
[  863.392017][T19491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  863.392026][T19491] R13: 00007f826b416038 R14: 00007f826b415fa0 R15: 00007ffe8b995298
[  863.392045][T19491]  </TASK>
[  863.840677][T19493] openvswitch: ovs_: Dropping previously announced user features
[  863.865386][T19493] netlink: 'syz.2.2722': attribute type 5 has an invalid length.
[  864.370014][   T32] oom_reaper: reaped process 19158 (syz.4.2653), now anon-rss:0kB, file-rss:20524kB, shmem-rss:4184kB
[  865.320977][T19129] syz.4.2653 (19129) used greatest stack depth: 19320 bytes left
[  865.550296][T19510] nbd: socks must be embedded in a SOCK_ITEM attr
[  865.613373][T19510] block nbd2: shutting down sockets
[  865.981245][T19143] syz.4.2653 (19143) used greatest stack depth: 17320 bytes left
[  867.152994][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  867.168110][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  868.783644][T19559] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input16
[  868.967285][T19568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2735'.
[  872.527751][T19612] netlink: 'syz.3.2743': attribute type 22 has an invalid length.
[  872.855740][T19612] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2743'.
[  875.371355][T19635] bond0: invalid ARP target specified
[  875.462042][T19635] nbd: socks must be embedded in a SOCK_ITEM attr
[  875.520748][T19635] block nbd2: shutting down sockets
[  877.155939][T19672] netlink: 114 bytes leftover after parsing attributes in process `syz.4.2759'.
[  878.178725][T19691] netlink: 345 bytes leftover after parsing attributes in process `syz.2.2764'.
[  878.238857][T19691] netlink: 296 bytes leftover after parsing attributes in process `syz.2.2764'.
[  878.470518][T19695] netlink: 'syz.4.2765': attribute type 11 has an invalid length.
[  882.109042][T19779] can: request_module (can-proto-4) failed.
[  883.328689][T19800] MTRR 1 not used
[  883.499208][T19797] nfs4: Unknown parameter 'EC�H�];^��Y�ى��ZL�`�~^g��'
[  884.147553][T19808] ubi0: attaching mtd0
[  884.214587][T19817] random: crng reseeded on system resumption
[  884.258502][T19808] ubi0: scanning is finished
[  884.391666][T19808] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  885.075300][T19808] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  885.430251][T19833] warning: `syz.3.2791' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  885.721142][T19845] FAULT_INJECTION: forcing a failure.
[  885.721142][T19845] name failslab, interval 1, probability 0, space 0, times 0
[  885.902146][T19845] CPU: 0 UID: 0 PID: 19845 Comm: syz.3.2791 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  885.902176][T19845] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  885.902183][T19845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  885.902193][T19845] Call Trace:
[  885.902199][T19845]  <TASK>
[  885.902205][T19845]  dump_stack_lvl+0x100/0x190
[  885.902229][T19845]  should_fail_ex.cold+0x5/0xa
[  885.902250][T19845]  should_failslab+0xc2/0x120
[  885.902269][T19845]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  885.902285][T19845]  ? __d_alloc+0x34/0xa40
[  885.902311][T19845]  __d_alloc+0x34/0xa40
[  885.902340][T19845]  d_alloc+0x4a/0x1e0
[  885.902362][T19845]  lookup_one_qstr_excl+0x171/0x250
[  885.902388][T19845]  start_dirop+0x59/0xb0
[  885.902407][T19845]  simple_start_creating+0xf9/0x110
[  885.902426][T19845]  ? __pfx_simple_start_creating+0x10/0x10
[  885.902444][T19845]  ? mntput+0x70/0xa0
[  885.902461][T19845]  ? simple_pin_fs+0xa3/0x190
[  885.902480][T19845]  debugfs_start_creating.part.0+0x82/0x170
[  885.902506][T19845]  __debugfs_create_file+0xb3/0x4f0
[  885.902532][T19845]  debugfs_create_file_full+0x41/0x60
[  885.902557][T19845]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  885.902579][T19845]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  885.902598][T19845]  ? ida_alloc_range+0x70d/0x830
[  885.902629][T19845]  ? lockdep_init_map_type+0x5c/0x250
[  885.902649][T19845]  preinit_net.part.0+0x252/0x920
[  885.902671][T19845]  copy_net_ns+0x339/0x7c0
[  885.902695][T19845]  create_new_namespaces+0x3ea/0xac0
[  885.902720][T19845]  unshare_nsproxy_namespaces+0xf2/0x220
[  885.902741][T19845]  ksys_unshare+0x438/0xab0
[  885.902765][T19845]  ? __pfx_ksys_unshare+0x10/0x10
[  885.902785][T19845]  ? xfd_validate_state+0x129/0x190
[  885.902801][T19845]  ? ksys_write+0x1ac/0x250
[  885.902824][T19845]  __x64_sys_unshare+0x31/0x40
[  885.902854][T19845]  do_syscall_64+0x10b/0x830
[  885.902869][T19845]  ? clear_bhb_loop+0x40/0x90
[  885.902888][T19845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  885.902905][T19845] RIP: 0033:0x7f826b19ce59
[  885.902919][T19845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  885.902935][T19845] RSP: 002b:00007f826c017028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  885.902950][T19845] RAX: ffffffffffffffda RBX: 00007f826b416360 RCX: 00007f826b19ce59
[  885.902961][T19845] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  885.902971][T19845] RBP: 00007f826b232d6f R08: 0000000000000000 R09: 0000000000000000
[  885.902982][T19845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  885.902991][T19845] R13: 00007f826b4163f8 R14: 00007f826b416360 R15: 00007ffe8b995298
[  885.903012][T19845]  </TASK>
[  888.797908][T19865] nbd: socks must be embedded in a SOCK_ITEM attr
[  888.837581][T19864] bond0: invalid ARP target specified
[  888.905319][T19865] block nbd2: shutting down sockets
[  889.127196][T19849] Process accounting paused
[  889.486193][T19879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2803'.
[  889.504211][T19880] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2802'.
[  889.600848][T19880] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  889.684847][T19880] batman_adv: batadv0: Removing interface: batadv_slave_0
[  889.782345][T19880] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  889.851081][T19880] batman_adv: batadv0: Removing interface: batadv_slave_1
[  891.334987][T19907] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2810'.
[  891.392342][T19907] mac80211_hwsim hwsim80 �: renamed from wlan0 (while UP)
[  891.800734][T19897] zswap: compressor 000 not available
[  891.844611][T19922] usb usb3: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  892.676101][T19939] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2813'.
[  894.608390][T19958] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2817'.
[  894.720409][T19958] veth0_macvtap: left promiscuous mode
[  897.355490][T20008] FAULT_INJECTION: forcing a failure.
[  897.355490][T20008] name failslab, interval 1, probability 0, space 0, times 0
[  897.426847][T20008] CPU: 0 UID: 0 PID: 20008 Comm: syz.3.2828 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  897.426877][T20008] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  897.426884][T20008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  897.426894][T20008] Call Trace:
[  897.426900][T20008]  <TASK>
[  897.426907][T20008]  dump_stack_lvl+0x100/0x190
[  897.426929][T20008]  should_fail_ex.cold+0x5/0xa
[  897.426949][T20008]  should_failslab+0xc2/0x120
[  897.426969][T20008]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  897.426983][T20008]  ? sk_prot_alloc+0x60/0x2a0
[  897.427009][T20008]  sk_prot_alloc+0x60/0x2a0
[  897.427047][T20008]  sk_alloc+0x36/0xe80
[  897.427066][T20008]  inet6_create+0x385/0x12b0
[  897.427089][T20008]  ? inet6_create+0x7f/0x12b0
[  897.427112][T20008]  __sock_create+0x339/0x860
[  897.427138][T20008]  smc_create+0x163/0x290
[  897.427162][T20008]  __sock_create+0x339/0x860
[  897.427187][T20008]  __sys_socket+0x14d/0x260
[  897.427203][T20008]  ? __pfx___sys_socket+0x10/0x10
[  897.427226][T20008]  __x64_sys_socket+0x72/0xb0
[  897.427240][T20008]  ? lockdep_hardirqs_on+0x78/0x100
[  897.427255][T20008]  do_syscall_64+0x10b/0x830
[  897.427269][T20008]  ? clear_bhb_loop+0x40/0x90
[  897.427288][T20008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.427303][T20008] RIP: 0033:0x7f826b19ce59
[  897.427318][T20008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  897.427333][T20008] RSP: 002b:00007f826c07a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  897.427349][T20008] RAX: ffffffffffffffda RBX: 00007f826b416090 RCX: 00007f826b19ce59
[  897.427359][T20008] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b
[  897.427368][T20008] RBP: 00007f826b232d6f R08: 0000000000000000 R09: 0000000000000000
[  897.427379][T20008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.427388][T20008] R13: 00007f826b416128 R14: 00007f826b416090 R15: 00007ffe8b995298
[  897.427409][T20008]  </TASK>
[  901.258267][T20042] device-mapper: ioctl: device name cannot contain '/'
[  903.039171][T20054] Process accounting resumed
[  905.110057][T20078] random: crng reseeded on system resumption
[  905.159879][T20078] Restarting kernel threads ...
[  905.211458][T20078] Done restarting kernel threads.
[  914.545307][T20102] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  914.563720][T20102] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  914.572331][T20102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  914.581698][T20102] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  914.596084][T20102] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  915.481801][T20101] bridge0: port 1(bridge_slave_0) entered blocking state
[  915.498822][T20101] bridge0: port 1(bridge_slave_0) entered disabled state
[  915.517081][T20101] bridge_slave_0: entered allmulticast mode
[  915.529810][T20101] bridge_slave_0: entered promiscuous mode
[  915.550627][T20101] bridge0: port 2(bridge_slave_1) entered blocking state
[  915.567240][T20101] bridge0: port 2(bridge_slave_1) entered disabled state
[  915.581103][T20101] bridge_slave_1: entered allmulticast mode
[  915.610800][T20101] bridge_slave_1: entered promiscuous mode
[  915.661142][T20101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  915.681785][T20101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  915.744850][T20101] team0: Port device team_slave_0 added
[  915.767984][T20101] team0: Port device team_slave_1 added
[  915.825876][T20101] batman_adv: batadv0: Adding interface: batadv_slave_0
[  915.845405][T20101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  915.902449][T20101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  915.931831][T20101] batman_adv: batadv0: Adding interface: batadv_slave_1
[  915.955364][T20101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  916.006120][T20101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  916.095976][T20101] hsr_slave_0: entered promiscuous mode
[  916.116342][T20101] hsr_slave_1: entered promiscuous mode
[  916.124212][T20101] debugfs: 'hsr0' already exists in 'hsr'
[  916.146067][T20101] Cannot create hsr debugfs directory
[  916.556108][T20101] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  916.575983][T20101] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  916.597510][T20101] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  916.629359][T20101] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  916.645401][T20101] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  916.667843][T20101] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  916.684761][T20102] Bluetooth: hci1: command tx timeout
[  916.702316][T20101] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  916.723313][T20101] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  916.970754][T20101] 8021q: adding VLAN 0 to HW filter on device bond0
[  917.024185][T20101] 8021q: adding VLAN 0 to HW filter on device team0
[  917.059767][T19524] bridge0: port 1(bridge_slave_0) entered blocking state
[  917.066932][T19524] bridge0: port 1(bridge_slave_0) entered forwarding state
[  917.117273][T19524] bridge0: port 2(bridge_slave_1) entered blocking state
[  917.124485][T19524] bridge0: port 2(bridge_slave_1) entered forwarding state
[  917.177765][T19545] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  917.196559][T19545] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  917.206192][T19545] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  917.214772][T19545] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  917.223679][T19545] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  918.263226][T20101] 8021q: adding VLAN 0 to HW filter on device batadv0
[  918.630913][T20126] bridge0: port 1(bridge_slave_0) entered blocking state
[  918.657036][T20126] bridge0: port 1(bridge_slave_0) entered disabled state
[  918.682995][T20126] bridge_slave_0: entered allmulticast mode
[  918.691502][T20126] bridge_slave_0: entered promiscuous mode
[  918.716782][T20126] bridge0: port 2(bridge_slave_1) entered blocking state
[  918.737425][T20126] bridge0: port 2(bridge_slave_1) entered disabled state
[  918.750355][T19545] Bluetooth: hci1: command tx timeout
[  918.775865][T20126] bridge_slave_1: entered allmulticast mode
[  918.806688][T20126] bridge_slave_1: entered promiscuous mode
[  918.912777][T20126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  918.944441][T20126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  919.016132][T20126] team0: Port device team_slave_0 added
[  919.036535][T20126] team0: Port device team_slave_1 added
[  919.107364][T20101] veth0_vlan: entered promiscuous mode
[  919.126809][T20126] batman_adv: batadv0: Adding interface: batadv_slave_0
[  919.143170][T20126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  919.202820][T20126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  919.235766][T20126] batman_adv: batadv0: Adding interface: batadv_slave_1
[  919.261458][T20126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  919.300672][T19545] Bluetooth: hci5: command tx timeout
[  919.323197][T20126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  919.366623][T20101] veth1_vlan: entered promiscuous mode
[  919.425226][T20126] hsr_slave_0: entered promiscuous mode
[  919.449327][T20126] hsr_slave_1: entered promiscuous mode
[  919.456734][T20126] debugfs: 'hsr0' already exists in 'hsr'
[  919.479255][T20126] Cannot create hsr debugfs directory
[  919.595082][T20101] veth0_macvtap: entered promiscuous mode
[  919.623462][T20101] veth1_macvtap: entered promiscuous mode
[  919.710110][T20101] batman_adv: batadv0: Interface activated: batadv_slave_0
[  919.759856][T20101] batman_adv: batadv0: Interface activated: batadv_slave_1
[  919.815462][T19516] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  919.844543][T19516] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  919.883593][T19516] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  919.916209][T19516] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  920.236991][T19516] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  920.255336][T19516] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  920.328082][T20126] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  920.346742][T20126] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  920.366387][T19516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  920.380510][T20126] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  920.396393][T19516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  920.410931][T20126] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  920.437636][T20126] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  920.461235][T20126] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  920.492947][T20126] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  920.532846][T20126] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  920.814382][T19545] Bluetooth: hci1: command tx timeout
[  920.843520][T20126] 8021q: adding VLAN 0 to HW filter on device bond0
[  920.899932][T20126] 8021q: adding VLAN 0 to HW filter on device team0
[  920.927908][T19539] bridge0: port 1(bridge_slave_0) entered blocking state
[  920.935077][T19539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  920.993338][T19539] bridge0: port 2(bridge_slave_1) entered blocking state
[  921.000580][T19539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  921.370217][T19545] Bluetooth: hci5: command tx timeout
[  921.582472][T20102] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  921.597386][T20102] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  921.606685][T20102] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  921.624069][T20102] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  921.641560][T20102] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  921.830381][T20181] bond0: invalid ARP target specified
[  921.888427][T20181] nbd: socks must be embedded in a SOCK_ITEM attr
[  921.915863][T20181] block nbd2: shutting down sockets
[  922.705959][T19545] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  922.720172][T19545] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  922.734100][T19545] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  922.753769][T20126] 8021q: adding VLAN 0 to HW filter on device batadv0
[  922.768482][T19545] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  922.778979][T19545] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  922.883425][T20102] Bluetooth: hci1: command tx timeout
[  923.440575][T20102] Bluetooth: hci5: command tx timeout
[  923.684071][T20102] Bluetooth: hci6: command tx timeout
[  924.034735][T20126] veth0_vlan: entered promiscuous mode
[  924.173794][T20126] veth1_vlan: entered promiscuous mode
[  924.363550][T20176] bridge0: port 1(bridge_slave_0) entered blocking state
[  924.380148][T20207] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2861'.
[  924.397108][T20176] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.416832][T20176] bridge_slave_0: entered allmulticast mode
[  924.437559][T20176] bridge_slave_0: entered promiscuous mode
[  924.483898][T20176] bridge0: port 2(bridge_slave_1) entered blocking state
[  924.510682][T20176] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.535836][T20176] bridge_slave_1: entered allmulticast mode
[  924.558731][T20176] bridge_slave_1: entered promiscuous mode
[  924.762838][T20126] veth0_macvtap: entered promiscuous mode
[  924.809436][T20176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  924.873414][T20102] Bluetooth: hci7: command tx timeout
[  924.884382][T20176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  924.909317][   T30] audit: type=1800 audit(4278.091:23): pid=20204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2861" name="file0" dev="tmpfs" ino=43 res=0 errno=0
[  924.975844][T20126] veth1_macvtap: entered promiscuous mode
[  925.053235][T20176] team0: Port device team_slave_0 added
[  925.085441][T20176] team0: Port device team_slave_1 added
[  925.235226][T20126] batman_adv: batadv0: Interface activated: batadv_slave_0
[  925.304739][T20176] batman_adv: batadv0: Adding interface: batadv_slave_0
[  925.330718][T20176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  925.415323][T20176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  925.456018][T20176] batman_adv: batadv0: Adding interface: batadv_slave_1
[  925.479734][T20176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  925.515085][T20102] Bluetooth: hci5: command tx timeout
[  925.583686][T20176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  925.681268][T20126] batman_adv: batadv0: Interface activated: batadv_slave_1
[  925.750092][T20102] Bluetooth: hci6: command tx timeout
[  925.825972][T20176] hsr_slave_0: entered promiscuous mode
[  925.857567][T20176] hsr_slave_1: entered promiscuous mode
[  925.886572][T20176] debugfs: 'hsr0' already exists in 'hsr'
[  925.908799][T20176] Cannot create hsr debugfs directory
[  925.995982][T19516] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  926.024563][T19516] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  926.132217][T19516] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  926.165382][T19516] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  926.266011][T20237] netlink: 'syz.5.2862': attribute type 22 has an invalid length.
[  926.354563][T20237] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2862'.
[  926.429010][T20199] bridge0: port 1(bridge_slave_0) entered blocking state
[  926.473986][T20199] bridge0: port 1(bridge_slave_0) entered disabled state
[  926.501067][T20199] bridge_slave_0: entered allmulticast mode
[  926.531724][T20199] bridge_slave_0: entered promiscuous mode
[  926.743172][T20199] bridge0: port 2(bridge_slave_1) entered blocking state
[  926.776863][T20199] bridge0: port 2(bridge_slave_1) entered disabled state
[  926.798301][T20199] bridge_slave_1: entered allmulticast mode
[  926.827751][T20199] bridge_slave_1: entered promiscuous mode
[  926.943323][T20102] Bluetooth: hci7: command tx timeout
[  927.043338][T20199] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  927.105263][T20199] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  927.360117][T20199] team0: Port device team_slave_0 added
[  927.384005][T20199] team0: Port device team_slave_1 added
[  927.492798][T19539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  927.533796][T19539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  927.561452][T20199] batman_adv: batadv0: Adding interface: batadv_slave_0
[  927.589463][T20199] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  927.693741][T20199] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  927.782123][T20199] batman_adv: batadv0: Adding interface: batadv_slave_1
[  927.800252][T20199] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  927.842599][T20102] Bluetooth: hci6: command tx timeout
[  927.900012][T20199] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  928.281265][T20199] hsr_slave_0: entered promiscuous mode
[  928.311398][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[  928.319987][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[  928.330248][T20199] hsr_slave_1: entered promiscuous mode
[  928.351584][T20199] debugfs: 'hsr0' already exists in 'hsr'
[  928.373486][T20199] Cannot create hsr debugfs directory
[  928.453750][T19525] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  928.486546][T19525] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  928.699007][T20176] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  928.731727][T20176] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  928.767745][T20176] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  928.786635][T20248] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2864'.
[  928.810949][T20176] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  928.858597][T20176] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  928.905484][T20176] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  928.942775][T20176] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  929.010986][T20176] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  929.020330][T20102] Bluetooth: hci7: command tx timeout
[  929.578415][T20176] 8021q: adding VLAN 0 to HW filter on device bond0
[  929.655798][T20176] 8021q: adding VLAN 0 to HW filter on device team0
[  929.889684][T20102] Bluetooth: hci6: command tx timeout
[  929.943975][T19533] bridge0: port 1(bridge_slave_0) entered blocking state
[  929.951162][T19533] bridge0: port 1(bridge_slave_0) entered forwarding state
[  930.006143][T19533] bridge0: port 2(bridge_slave_1) entered blocking state
[  930.013367][T19533] bridge0: port 2(bridge_slave_1) entered forwarding state
[  930.322861][T20199] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  930.374182][T20199] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  930.414244][T20199] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  930.461284][T20199] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  930.501989][T20199] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  930.543224][T20199] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  930.579323][T20199] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  930.622411][T20199] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  930.687317][T20272] FAULT_INJECTION: forcing a failure.
[  930.687317][T20272] name failslab, interval 1, probability 0, space 0, times 0
[  930.793197][T20272] CPU: 0 UID: 0 PID: 20272 Comm: syz.5.2866 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  930.793225][T20272] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  930.793232][T20272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  930.793243][T20272] Call Trace:
[  930.793249][T20272]  <TASK>
[  930.793255][T20272]  dump_stack_lvl+0x100/0x190
[  930.793279][T20272]  should_fail_ex.cold+0x5/0xa
[  930.793299][T20272]  ? tomoyo_realpath_from_path+0xb6/0x690
[  930.793321][T20272]  should_failslab+0xc2/0x120
[  930.793340][T20272]  __kmalloc_noprof+0xe0/0x850
[  930.793355][T20272]  ? kfree+0x1dd/0x6c0
[  930.793378][T20272]  tomoyo_realpath_from_path+0xb6/0x690
[  930.793403][T20272]  tomoyo_check_open_permission+0x2af/0x3c0
[  930.793422][T20272]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  930.793446][T20272]  ? hook_file_open+0x24e/0x7a0
[  930.793477][T20272]  ? path_get+0x61/0x80
[  930.793499][T20272]  tomoyo_file_open+0x6b/0x90
[  930.793523][T20272]  security_file_open+0xb5/0x1e0
[  930.793542][T20272]  do_dentry_open+0x5aa/0x1660
[  930.793562][T20272]  ? security_inode_permission+0xbf/0x250
[  930.793583][T20272]  vfs_open+0x82/0x3f0
[  930.793607][T20272]  path_openat+0x208c/0x31a0
[  930.793639][T20272]  ? __pfx_path_openat+0x10/0x10
[  930.793667][T20272]  do_file_open+0x20e/0x430
[  930.793688][T20272]  ? __pfx_do_file_open+0x10/0x10
[  930.793722][T20272]  ? alloc_fd+0x476/0x790
[  930.793743][T20272]  ? do_getname+0x191/0x390
[  930.793768][T20272]  do_sys_openat2+0x10d/0x1e0
[  930.793791][T20272]  ? __pfx_do_sys_openat2+0x10/0x10
[  930.793821][T20272]  __x64_sys_openat+0x12d/0x210
[  930.793836][T20272]  ? __pfx___x64_sys_openat+0x10/0x10
[  930.793858][T20272]  ? ksys_write+0x1ac/0x250
[  930.793878][T20272]  ? rcu_is_watching+0x12/0xc0
[  930.793900][T20272]  do_syscall_64+0x10b/0x830
[  930.793918][T20272]  ? clear_bhb_loop+0x40/0x90
[  930.793937][T20272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.793953][T20272] RIP: 0033:0x7f7f7a19ce59
[  930.793968][T20272] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  930.793984][T20272] RSP: 002b:00007f7f7afea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  930.794000][T20272] RAX: ffffffffffffffda RBX: 00007f7f7a416090 RCX: 00007f7f7a19ce59
[  930.794011][T20272] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  930.794020][T20272] RBP: 00007f7f7a232d6f R08: 0000000000000000 R09: 0000000000000000
[  930.794030][T20272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  930.794039][T20272] R13: 00007f7f7a416128 R14: 00007f7f7a416090 R15: 00007ffe0f134da8
[  930.794060][T20272]  </TASK>
[  931.461956][T20102] Bluetooth: hci7: command tx timeout
[  931.644011][T20272] ERROR: Out of memory at tomoyo_realpath_from_path.
[  932.937127][T20199] 8021q: adding VLAN 0 to HW filter on device bond0
[  933.066262][T20199] 8021q: adding VLAN 0 to HW filter on device team0
[  933.121513][T19538] bridge0: port 1(bridge_slave_0) entered blocking state
[  933.128700][T19538] bridge0: port 1(bridge_slave_0) entered forwarding state
[  933.212054][T19538] bridge0: port 2(bridge_slave_1) entered blocking state
[  933.219243][T19538] bridge0: port 2(bridge_slave_1) entered forwarding state
[  933.327729][T20176] 8021q: adding VLAN 0 to HW filter on device batadv0
[  934.318178][T20176] veth0_vlan: entered promiscuous mode
[  934.407687][T20176] veth1_vlan: entered promiscuous mode
[  934.568317][T20176] veth0_macvtap: entered promiscuous mode
[  934.628070][T20176] veth1_macvtap: entered promiscuous mode
[  934.700793][T20176] batman_adv: batadv0: Interface activated: batadv_slave_0
[  934.760291][T20176] batman_adv: batadv0: Interface activated: batadv_slave_1
[  934.811900][T20285] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  934.848753][T20285] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  934.900368][T20285] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  934.950845][T20199] 8021q: adding VLAN 0 to HW filter on device batadv0
[  935.008799][T20285] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  935.563885][T19539] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  935.610594][T19539] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  935.780754][T20285] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  935.828103][T20285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  935.906894][T20199] veth0_vlan: entered promiscuous mode
[  935.984396][T20199] veth1_vlan: entered promiscuous mode
[  936.164539][T20199] veth0_macvtap: entered promiscuous mode
[  936.218423][T20199] veth1_macvtap: entered promiscuous mode
[  936.301183][T20199] batman_adv: batadv0: Interface activated: batadv_slave_0
[  936.358117][T20199] batman_adv: batadv0: Interface activated: batadv_slave_1
[  936.436518][T20285] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  936.482407][T20285] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  936.535848][T20285] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  936.567432][T20333] ==================================================================
[  936.575554][T20333] BUG: KASAN: slab-out-of-bounds in cache_seq_start_rcu+0x3fe/0x420
[  936.583532][T20333] Read of size 8 at addr ffff888061244800 by task syz.7.2869/20333
[  936.591409][T20333] 
[  936.593723][T20333] CPU: 0 UID: 0 PID: 20333 Comm: syz.7.2869 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  936.593747][T20333] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  936.593753][T20333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  936.593763][T20333] Call Trace:
[  936.593771][T20333]  <TASK>
[  936.593778][T20333]  dump_stack_lvl+0x100/0x190
[  936.593796][T20333]  print_report+0x13d/0x4b0
[  936.593818][T20333]  ? __virt_addr_valid+0x239/0x430
[  936.593844][T20333]  ? cache_seq_start_rcu+0x3fe/0x420
[  936.593859][T20333]  kasan_report+0xdf/0x1d0
[  936.593877][T20333]  ? cache_seq_start_rcu+0x3fe/0x420
[  936.593895][T20333]  cache_seq_start_rcu+0x3fe/0x420
[  936.593913][T20333]  seq_read_iter+0x2c1/0x1270
[  936.593933][T20333]  seq_read+0x33b/0x4c0
[  936.593949][T20333]  ? __pfx_seq_read+0x10/0x10
[  936.593966][T20333]  ? lock_acquire+0x1b1/0x370
[  936.593983][T20333]  ? __pfx_seq_read+0x10/0x10
[  936.593998][T20333]  proc_reg_read+0x240/0x330
[  936.594016][T20333]  ? __pfx_proc_reg_read+0x10/0x10
[  936.594034][T20333]  vfs_read+0x1e4/0xb30
[  936.594052][T20333]  ? __pfx_vfs_read+0x10/0x10
[  936.594067][T20333]  ? __fget_files+0x215/0x3d0
[  936.594087][T20333]  ? __fget_files+0x21f/0x3d0
[  936.594106][T20333]  ksys_read+0x12a/0x250
[  936.594127][T20333]  ? __pfx_ksys_read+0x10/0x10
[  936.594144][T20333]  ? rcu_is_watching+0x12/0xc0
[  936.594162][T20333]  do_syscall_64+0x10b/0x830
[  936.594177][T20333]  ? clear_bhb_loop+0x40/0x90
[  936.594193][T20333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.594209][T20333] RIP: 0033:0x7fb09059ce59
[  936.594223][T20333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  936.594238][T20333] RSP: 002b:00007fb0914c8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  936.594252][T20333] RAX: ffffffffffffffda RBX: 00007fb090816270 RCX: 00007fb09059ce59
[  936.594263][T20333] RDX: 00000000000000a3 RSI: 00002000000000c0 RDI: 0000000000000020
[  936.594273][T20333] RBP: 00007fb090632d6f R08: 0000000000000000 R09: 0000000000000000
[  936.594283][T20333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  936.594292][T20333] R13: 00007fb090816308 R14: 00007fb090816270 R15: 00007ffeeeb02e58
[  936.594306][T20333]  </TASK>
[  936.594312][T20333] 
[  936.818545][T20333] Allocated by task 20176:
[  936.822943][T20333]  kasan_save_stack+0x30/0x50
[  936.827609][T20333]  kasan_save_track+0x14/0x30
[  936.832281][T20333]  __kasan_kmalloc+0xaa/0xb0
[  936.836872][T20333]  __kmalloc_noprof+0x301/0x850
[  936.841721][T20333]  cache_create_net+0xa2/0x1f0
[  936.846487][T20333]  nfsd_export_init+0x62/0x250
[  936.851248][T20333]  nfsd_net_init+0x69/0x3e0
[  936.855744][T20333]  ops_init+0x1e2/0x5f0
[  936.859888][T20333]  setup_net+0x118/0x3a0
[  936.864209][T20333]  copy_net_ns+0x46f/0x7c0
[  936.868616][T20333]  create_new_namespaces+0x3ea/0xac0
[  936.873888][T20333]  unshare_nsproxy_namespaces+0xf2/0x220
[  936.879657][T20333]  ksys_unshare+0x438/0xab0
[  936.884237][T20333]  __x64_sys_unshare+0x31/0x40
[  936.889083][T20333]  do_syscall_64+0x10b/0x830
[  936.893676][T20333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  936.899564][T20333] 
[  936.901873][T20333] The buggy address belongs to the object at ffff888061244000
[  936.901873][T20333]  which belongs to the cache kmalloc-2k of size 2048
[  936.915918][T20333] The buggy address is located 0 bytes to the right of
[  936.915918][T20333]  allocated 2048-byte region [ffff888061244000, ffff888061244800)
[  936.930497][T20333] 
[  936.932822][T20333] The buggy address belongs to the physical page:
[  936.939376][T20333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x61240
[  936.948132][T20333] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  936.956623][T20333] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  936.964155][T20333] page_type: f5(slab)
[  936.968125][T20333] raw: 00fff00000000040 ffff88813fe34000 dead000000000100 dead000000000122
[  936.976735][T20333] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  936.985316][T20333] head: 00fff00000000040 ffff88813fe34000 dead000000000100 dead000000000122
[  936.994062][T20333] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000
[  937.002717][T20333] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  937.011370][T20333] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  937.020026][T20333] page dumped because: kasan: bad access detected
[  937.026419][T20333] page_owner tracks the page as allocated
[  937.032372][T20333] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 20176, tgid 20176 (syz-executor), ts 922906820936, free_ts 909994987944
[  937.054156][T20333]  post_alloc_hook+0xfd/0x120
[  937.058847][T20333]  get_page_from_freelist+0x11a6/0x33b0
[  937.064395][T20333]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[  937.070289][T20333]  new_slab+0xa6/0x6c0
[  937.074347][T20333]  refill_objects+0x277/0x420
[  937.079046][T20333]  __pcs_replace_empty_main+0x375/0x650
[  937.084576][T20333]  __kmalloc_cache_noprof+0x493/0x6f0
[  937.089936][T20333]  fib_net_init+0x1a4/0x3f0
[  937.094428][T20333]  ops_init+0x1e2/0x5f0
[  937.098571][T20333]  setup_net+0x118/0x3a0
[  937.102799][T20333]  copy_net_ns+0x46f/0x7c0
[  937.107201][T20333]  create_new_namespaces+0x3ea/0xac0
[  937.112472][T20333]  unshare_nsproxy_namespaces+0xf2/0x220
[  937.118091][T20333]  ksys_unshare+0x438/0xab0
[  937.122590][T20333]  __x64_sys_unshare+0x31/0x40
[  937.127344][T20333]  do_syscall_64+0x10b/0x830
[  937.131919][T20333] page last free pid 4993 tgid 4993 stack trace:
[  937.138222][T20333]  __free_frozen_pages+0x747/0x1040
[  937.143406][T20333]  qlist_free_all+0x47/0xf0
[  937.147888][T20333]  kasan_quarantine_reduce+0x1a0/0x1f0
[  937.153344][T20333]  __kasan_slab_alloc+0x69/0x90
[  937.158289][T20333]  kmem_cache_alloc_lru_noprof+0x246/0x6e0
[  937.164106][T20333]  __d_alloc+0x34/0xa40
[  937.168391][T20333]  d_alloc+0x4a/0x1e0
[  937.172363][T20333]  lookup_one_qstr_excl+0x171/0x250
[  937.177552][T20333]  filename_unlinkat+0x275/0x730
[  937.182481][T20333]  __x64_sys_unlink+0x46/0x70
[  937.187147][T20333]  do_syscall_64+0x10b/0x830
[  937.191723][T20333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  937.197601][T20333] 
[  937.199907][T20333] Memory state around the buggy address:
[  937.205523][T20333]  ffff888061244700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  937.213655][T20333]  ffff888061244780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  937.221699][T20333] >ffff888061244800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  937.229737][T20333]                    ^
[  937.233784][T20333]  ffff888061244880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  937.241826][T20333]  ffff888061244900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  937.249956][T20333] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  937.488018][T20285] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  938.467459][T20333] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  938.474680][T20333] CPU: 0 UID: 0 PID: 20333 Comm: syz.7.2869 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  938.485609][T20333] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  938.490803][T20333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  938.500857][T20333] Call Trace:
[  938.504123][T20333]  <TASK>
[  938.507039][T20333]  dump_stack_lvl+0x100/0x190
[  938.511708][T20333]  vpanic+0x552/0x970
[  938.515672][T20333]  ? __pfx_vpanic+0x10/0x10
[  938.520193][T20333]  ? mark_held_locks+0x40/0x70
[  938.524945][T20333]  ? cache_seq_start_rcu+0x3fe/0x420
[  938.530218][T20333]  panic+0xd1/0xe0
[  938.533946][T20333]  ? __pfx_panic+0x10/0x10
[  938.538347][T20333]  ? cache_seq_start_rcu+0x3fe/0x420
[  938.543631][T20333]  ? preempt_schedule_common+0x42/0xc0
[  938.549092][T20333]  ? check_panic_on_warn+0x1f/0x90
[  938.554200][T20333]  check_panic_on_warn.cold+0x19/0x34
[  938.559557][T20333]  end_report.part.0+0x3a/0x90
[  938.564315][T20333]  kasan_report.cold+0xe/0x18
[  938.569073][T20333]  ? cache_seq_start_rcu+0x3fe/0x420
[  938.574352][T20333]  cache_seq_start_rcu+0x3fe/0x420
[  938.579508][T20333]  seq_read_iter+0x2c1/0x1270
[  938.584287][T20333]  seq_read+0x33b/0x4c0
[  938.588432][T20333]  ? __pfx_seq_read+0x10/0x10
[  938.593095][T20333]  ? lock_acquire+0x1b1/0x370
[  938.597769][T20333]  ? __pfx_seq_read+0x10/0x10
[  938.602434][T20333]  proc_reg_read+0x240/0x330
[  938.607065][T20333]  ? __pfx_proc_reg_read+0x10/0x10
[  938.612186][T20333]  vfs_read+0x1e4/0xb30
[  938.616353][T20333]  ? __pfx_vfs_read+0x10/0x10
[  938.621016][T20333]  ? __fget_files+0x215/0x3d0
[  938.625690][T20333]  ? __fget_files+0x21f/0x3d0
[  938.630365][T20333]  ksys_read+0x12a/0x250
[  938.634609][T20333]  ? __pfx_ksys_read+0x10/0x10
[  938.639465][T20333]  ? rcu_is_watching+0x12/0xc0
[  938.644272][T20333]  do_syscall_64+0x10b/0x830
[  938.648851][T20333]  ? clear_bhb_loop+0x40/0x90
[  938.653516][T20333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.659394][T20333] RIP: 0033:0x7fb09059ce59
[  938.663802][T20333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  938.683424][T20333] RSP: 002b:00007fb0914c8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  938.691820][T20333] RAX: ffffffffffffffda RBX: 00007fb090816270 RCX: 00007fb09059ce59
[  938.699777][T20333] RDX: 00000000000000a3 RSI: 00002000000000c0 RDI: 0000000000000020
[  938.707732][T20333] RBP: 00007fb090632d6f R08: 0000000000000000 R09: 0000000000000000
[  938.715686][T20333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  938.723744][T20333] R13: 00007fb090816308 R14: 00007fb090816270 R15: 00007ffeeeb02e58
[  938.731710][T20333]  </TASK>
[  938.734778][T20333] Kernel Offset: disabled
[  938.739097][T20333] Rebooting in 86400 seconds..