last executing test programs:

24m26.734481811s ago: executing program 2 (id=510):
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x11, 0x3, 0x9)
sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
close_range$auto(0x2, r0, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x52, 0x0)
sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100)

24m26.435987948s ago: executing program 2 (id=513):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x400caed0, r0)

24m26.09541764s ago: executing program 2 (id=515):
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
syz_clone3(&(0x7f00000004c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x3f000000, 0x0, 0x40480c0}, 0x40000)

24m24.999333666s ago: executing program 2 (id=521):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

24m24.521424411s ago: executing program 2 (id=522):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0xc0000103, 0x400, 0x2}]})

24m24.113431071s ago: executing program 2 (id=524):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x2, 0x0)
lseek$auto(0x3, 0x2, 0x4)
write$auto(0x3, 0x0, 0x100082)
r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x501000, 0x0)
write$auto_vcs_fops_vc_screen(r1, 0x0, 0x0)
bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000080)=@link_detach, 0x9)
ioctl$auto(r0, 0x4b4a, 0x9)

24m23.516539831s ago: executing program 32 (id=524):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x2, 0x0)
lseek$auto(0x3, 0x2, 0x4)
write$auto(0x3, 0x0, 0x100082)
r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x501000, 0x0)
write$auto_vcs_fops_vc_screen(r1, 0x0, 0x0)
bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000080)=@link_detach, 0x9)
ioctl$auto(r0, 0x4b4a, 0x9)

21m15.382938664s ago: executing program 0 (id=1532):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x7, 0x0)
r0 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0)
read$auto(r1, 0x0, 0x20)
getsockopt$auto(r0, 0x84, 0x71, 0x0, 0x0)
io_uring_register$auto(0x2, 0xf, 0x0, 0x20)

21m15.119929188s ago: executing program 0 (id=1533):
openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
syz_clone3(&(0x7f0000000380)={0x101045100, 0x0, 0x0, 0x0, {0x3a}, 0x0, 0x0, 0x0, 0x0}, 0x58)
madvise$auto(0x0, 0x200007, 0x8)
madvise$auto(0x0, 0x200204, 0x15)

21m13.855268901s ago: executing program 0 (id=1541):
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/nr9/statistics/tx_dropped\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
io_uring_setup$auto(0x9, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dri/card0\x00', 0x0, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x7d48, 0x948b, 0x4, 0x6, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x4, 0x5, 0x2, 0xfffffffffffffffd]}, 0x0)

21m13.558531445s ago: executing program 0 (id=1544):
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x1, 0x0)
semctl$auto(0x7, 0x2, 0x13, 0x5)
r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x40, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x2, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0)
ioctl$auto(0x3, 0x40045542, r0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0)

21m13.302639891s ago: executing program 0 (id=1547):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

21m13.085338769s ago: executing program 0 (id=1549):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pipe$auto(0x0)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x91f5}, 0x800000001, &(0x7f0000001080)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x4040ae79, r1)

20m57.917376498s ago: executing program 33 (id=1549):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pipe$auto(0x0)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x91f5}, 0x800000001, &(0x7f0000001080)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0x4040ae79, r1)

2m50.629637103s ago: executing program 3 (id=4692):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

2m48.00808148s ago: executing program 3 (id=4699):
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121080, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0)
io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, 0x0, 0x4000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0xfffff004, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xa, 0x2, 0x88)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bond0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x8, 0xff, r2, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4)
r6 = bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb)
ioctl$auto_SNDCTL_DSP_PROFILE(r6, 0x541b, 0x0)

2m47.762441753s ago: executing program 3 (id=4700):
fstatfs$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8001, 0x100000000000, 0x1, 0x9, 0x5d, 0x2, 0x75, {[0x80000000]}, 0x0, 0x7ff, 0x68a6, [0x5, 0x8, 0x5, 0x4]})
statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x4, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff], "c4cbb7ab40a4d6220aa6d6ea4305f533c9e9bee6fcfc61722ccb678e0e2cba7194bc385b26d84c96723400de3b5aacff44f65a10b6c36a9a55945d88270da0f18327ed7c66498ace94f97e799732311e069e26edbb6d"}, 0x200, 0x81)
setfsuid$auto(0xee00)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8002, 0x0, 0x6)
sysfs$auto(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r1, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x7, 0x2000000000000eb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
getegid()
socket(0x18, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202, 0x0)
close_range$auto(0x0, 0x5, 0x0)

2m45.500215684s ago: executing program 3 (id=4706):
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0)
r0 = socket(0x2, 0x3, 0x1)
setsockopt$auto(r0, 0xff, 0x1, 0x0, 0x1)
r1 = bpf$auto(0xff, &(0x7f00000004c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x0, 0x5, 0xffffffffffffffff, @relative_id=0x4, 0x5}, 0x3fc)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000100)={&(0x7f0000000580), 0xfc2}, 0x4, &(0x7f0000000000), 0x9a, 0xa502}, 0x803}, 0x4, 0x1005)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
capset$auto(&(0x7f0000000100)={0x20080522, <r2=>0x0}, 0x0)
sched_setaffinity$auto(r2, 0x10001, 0x0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x5404, &(0x7f0000000040)="a80b4a5b1716b8524a1c839175ef7d")
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
write$auto(0x3, 0x0, 0x7fffffff)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x421, 0x7}, 0x9, 0x0)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/003/001\x00', 0x1, 0x0)
sysfs$auto(0x33, 0xa, 0x83cb)
io_uring_setup$auto(0x1, 0x0)
ioctl$auto_FS_IOC_UNRESVSP(r1, 0x40305829, 0x2)
fsconfig$auto_SHMEM_HUGE_WITHIN_SIZE(r4, 0x9, &(0x7f0000000300)='\x00\x00\x006\x96\xc15\xf8\xa0 s\x03\x17\x7f\x99\x9cY\xa4\xe6\xa8\x05\xe5IM\x13?\x83\xee\xb2\x95\xff\xe2\xff_q\xf6\x8c\x14\xdc\xed\x9d\xa9\xa2\x8a\xca\xf1\xd2^\x1b\x8ek\xa0k\xc5\x93\xa4\xccTH:\"\xf3\x06O\x92\xb5\xfa\x89\xf8Ei\xecEO\xf4\xfd\xbb\x9dLH\xb8*\xbf8\xb1\xd4\xd6\x05\x1b\xfe\xa1\xad\x9biS\xdcDk\x98:\xf4\xfb\a\xe5\x96\xee\xad\xac\x0e\xbc\xc2\xe5\x03I\xf4S\xb1\xc7\xdc\x05\r\xcb\xd7\xbb\xb7g\x17{2-m\xb1\xa8[$#\xf0\xe1G_V\x86\xc9\xa1\x99\xcd\x9a)g\x9f\x87\xad\xea\x05\x823\xef\xd6\xad\x98Y\xf4\xf2\x99\xfcd\xe5\xc7\xa9\xb3\v\x0f\'\xd4\x03X\x0f\xb4:\xe4,\xfb\xc40w\xfc\xf8\xf3\xca\x05\x85X\xb7S\x02s\x96\"E\x15b\x04\x93\x8c\x18', 0x0, 0x2)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x103800, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000400)={0x4, &(0x7f00000000c0)={0xfffd, 0x1, 0x6, @raw=0x1d38c21e}})
ioctl$auto_USBDEVFS_BULK32(r4, 0xc0105502, 0x0)

2m45.234660076s ago: executing program 3 (id=4708):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x80802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x103280, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x40d01, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/012/001\x00', 0x360240, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82400, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x2000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto_BPF_MAP_CREATE(0x0, 0x0, 0x4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28b42, 0x0)
clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x4)
open(0x0, 0x261c2, 0x84)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r0, 0x0, 0xc3)

2m44.870495059s ago: executing program 3 (id=4709):
unshare$auto(0x40000080)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
ioctl$auto(r0, 0xc040564b, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0)
mmap$auto(0x3ff, 0x5, 0x81, 0x75, r3, 0x9)
write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)='1', 0x1)
sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000080)={0x14, r2, 0x200, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x64000, 0x0)
ioctl$auto_BTRFS_IOC_SEND_32(r4, 0x40449426, &(0x7f0000000140)={@raw=0x1, 0x4, 0x8, 0x0, 0x8, 0x5, "39fb0b4aa9765adeb6ac19883e4bedfe95f0d5ca2e598fb4dbf27923"})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r7 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYRES32=r7, @ANYRES16=r7, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40805}, 0x4000000)
r8 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000380)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xda5c}, 0x80000000}, 0x7, 0x0)
sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000080)={0x1c, r6, 0x3abba0b2ae0bab93, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0xfffffe9a, 0x35, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4040010)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)

2m34.767042671s ago: executing program 1 (id=4728):
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/setgroups\x00', 0x149002, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
ioctl$auto_UI_SET_RELBIT(r2, 0x40045566, &(0x7f0000000040)=0x7fffffff)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00 \x00'/21, 0x100000002, 0x100000001)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
mq_open$auto(0x0, 0x7e, 0x9, 0x0)

2m33.767298647s ago: executing program 1 (id=4732):
ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, 0x0)
openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x301, 0x0)
bpf$auto_BPF_LINK_UPDATE(0x1d, 0x0, 0x400)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0)
shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d)
rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00')
r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
getdents$auto(r1, 0x0, 0x62d4)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x4)
select$auto(0x6, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x4, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5a, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x35]}, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x7ff, &(0x7f0000000000)="27c2afced1ba09d463134c74d41ad8b7e455c6616636a461636ab88c934d8ea703b7e977da82e36504c017be5967e15b9b4452f41acc34")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0x0, 0x0, 0x0)
sendmsg$auto_OVS_METER_CMD_SET(r2, 0x0, 0x40)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x214000, 0x0)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/249, 0xf9)

2m32.725529057s ago: executing program 1 (id=4734):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

2m31.182622111s ago: executing program 1 (id=4737):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)

2m29.485643286s ago: executing program 34 (id=4709):
unshare$auto(0x40000080)
lstat$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
ioctl$auto(r0, 0xc040564b, r0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0)
mmap$auto(0x3ff, 0x5, 0x81, 0x75, r3, 0x9)
write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)='1', 0x1)
sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000080)={0x14, r2, 0x200, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x64000, 0x0)
ioctl$auto_BTRFS_IOC_SEND_32(r4, 0x40449426, &(0x7f0000000140)={@raw=0x1, 0x4, 0x8, 0x0, 0x8, 0x5, "39fb0b4aa9765adeb6ac19883e4bedfe95f0d5ca2e598fb4dbf27923"})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000880), r5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r7 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000009c0), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYRES32=r7, @ANYRES16=r7, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40805}, 0x4000000)
r8 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x3f, &(0x7f0000000380)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xda5c}, 0x80000000}, 0x7, 0x0)
sendmsg$auto_BATADV_CMD_GET_ORIGINATORS(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000080)={0x1c, r6, 0x3abba0b2ae0bab93, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0xfffffe9a, 0x35, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4040010)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)

2m29.426056023s ago: executing program 1 (id=4740):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2, 0x5, 0x0)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
ioctl$auto(0x3, 0x8905, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[], 0x70}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmmsg$auto(r4, 0x0, 0x7, 0x4008)
sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x808}, 0x4044040)

2m28.882399437s ago: executing program 1 (id=4742):
socket(0xa, 0x5, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto(0x0, 0x0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/video4linux/video42/power/control\x00', 0xc2902, 0x0)
read$auto(r2, 0x0, 0x20)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0)
write$auto(0x3, 0x0, 0xffd8)
mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1)
socket(0x15, 0x5, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1938f4e799cc0e09beb23791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880)

2m13.520795468s ago: executing program 35 (id=4742):
socket(0xa, 0x5, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto(0x0, 0x0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/video4linux/video42/power/control\x00', 0xc2902, 0x0)
read$auto(r2, 0x0, 0x20)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0)
write$auto(0x3, 0x0, 0xffd8)
mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1)
socket(0x15, 0x5, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1938f4e799cc0e09beb23791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880)

2m12.434746036s ago: executing program 6 (id=4782):
r0 = syz_genetlink_get_family_id$auto_tcp_metrics(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
sendmsg$auto_TCP_METRICS_CMD_GET(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r0, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000002600)={0x24, r3, 0x221, 0x70bd28, 0x25cfdbfe, {}, [@OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @ipv4=@local}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPATH(r4, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, r5, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090)
getpgrp(0x0)
r6 = gettid()
kill$auto(r6, 0x11)
remap_file_pages$auto(0x7fff, 0x10f, 0x2, 0x0, 0x2)

2m12.062635494s ago: executing program 6 (id=4784):
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x100010, r0, 0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/modalias\x00', 0x80500, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
read$auto(0x3, 0x0, 0x7fffffff)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x1a1000, 0x0)
unshare$auto(0x40000080)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000)
prctl$auto(0x4000002a, 0x3, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = socket(0x22, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x80044944, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xe43)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0)
ioctl$auto_XFS_IOC_ALLOCSP(r1, 0x4030580a, &(0x7f0000000000)={0x1, 0x1, 0x1, 0xfffffffffffffff9, 0x3})
read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0)
ioctl$auto_MON_IOCG_STATS(r3, 0x80089203, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r4, 0x3b84, 0xffffffffffffffff)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x0, 0x0)

2m10.955628257s ago: executing program 6 (id=4786):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/workqueue/scsi_tmf_0/power/autosuspend_delay_ms\x00', 0x8000, 0x0)
openat$auto_force_wakeup_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/bluetooth/hci3/force_wakeup\x00', 0x317a82, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/ib_srp/parameters/reconnect_delay\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)='-7', 0x2)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
r1 = socket(0x10, 0x4, 0xffffffc0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r1, 0x0, 0xc000)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
write$auto(0xffffffffffffffff, &(0x7f00000001c0)='c', 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0xffffffff)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0)
sendfile$auto(r3, r3, 0x0, 0x3)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x20000000000008b, r4, 0x4, 0x100)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r4, 0x4, 0x8)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x109500, 0x0)
pread64$auto(r5, 0x0, 0x8, 0xffff)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0)
setreuid$auto(0x1, 0x0)
shmctl$auto_SHM_STAT(0x6, 0xd, &(0x7f00000003c0)={{0x3, 0xffffffffffffffff, 0xee01, 0x4, 0x9, 0x2, 0x35e2}, 0x5, 0x0, 0x6, 0xc7, @inferred, @raw=0x1, 0x0, 0x0, &(0x7f00000005c0)="69335af9f15ae72ea901484a57794ef9eb78720104662f331b48fcf4e458a7c51a6503dc4b0f79b14b4246eea1f9fa04d784cf1f33dc825fb660d1e60f9c6f0df35911a47114966d9ce6c1584bf2532c2d94192a34fff7cf0f3f888843c44e20dbf57f7c9f11f673acef614348c2d41761cef58e156924fe38ed394049952b4766a09ca54265ca419a6b96cbd82e7ca9517f4c427cc37910c3dd29db011e52fafc57a5b308ee3563f90fbdaac6792560ed69f1fe2b2e92a01bd64c1086deb3869e997bd533d0163901b1e909196eb5260cefe2c79ac0d85a64d656e17406717511ff486f58a38f1988e03c52390ba7d717308b0580bb95db23743dc93e38e8f2aeade47cd3f898aeceea9d383b73f15d4afff465927059763b22c49a9184cc17f31f145dd56a4a66bd3e152c95c22d29982af781e6c57e8ec54e804f5b6c0d1a1e3c0128d8bdb011ed1e8cf286a39887dfe69d0e9d1c8e300f5fc703f5a67f51561070e17318d6256d62123609e04b17fe7500deb0f5ddbba511e5157b8e4ed04cbf1bbed4f94c1a2192d393c9a987857baea6658aba7969ab30c28c422813e6d2746466c0e8c32eb961de761650d77b15978fb9294d995606cfc69ec1cf29a9cf4816a4697a5e7387161df3d0e9283baa8adf10aaa4bb21ac673eb36de9652413eb2a5293a2e23d58ed7a3936be27674dc96b48efa6ac60846643ea2f8115a17216fb0e9938467c8db594d68f93ca6d831ccfb0bfe71f1d7b198df78ddd36864263609b99c9007f18f250a90ad3a145ebd469cf7c22e27ba2c93d352855c31bd83ab32da012072f0ba7567b38e4817bf2bbedafc64d7b3092324a84d556dc02ba39e08e68844a383157aa1f7d44a06acac9117448a24bf26d6957f68eb0a6657d02524bee29a728fdebff860e769226551bde4f9a5658037bf379e33039b67adf8c5317792027154f6d880e7f9554407beb9f9866b8b7d26e41ea213b6571b27194142fca20c1454567130f6195e68b77c4d62c0e8e799660c0576689fc318edb472f217575e6568d433217e2ea92b6a4602da6150cb3a51b82c87c5888b924bef27d73372509a56f4211096354e2030b6415263d2cd96253dac61bb542196906fef10381d62021cf6423a76542034276252bfb5c712365566fd4c4af7b49b2453343c1720c3c6b5cdf1b7641d02ddb4c634033e835ee2aa4487195b320d72f28d737c1a85ffb491b306a85f7c6b32601ae9f72ffc1fa865bf6f13ba34a5b948adf26e7de920809318396ecb9bcda3e90748338116cb86c777e3b5af31b91b0625644b70d4a67462107e6ff86c8c096607c9af0340851377516707eb5fee6ab51ebcc12b13cdd25348077f302877c6f287172c525a8db67572a7d8f9db066334a9383aa255ba99a29345420101082ac3d82adbadceede91864fd0743ff6d1642b08c7ee8fd83b6c07f9f9decc2f04cebc4eaba7c1d07b0f7536e1d2d98cfdb14b22087fa19b9f607870cd9704dd7ec4f3e60e9ca83df7cd890e189190cb67172da077be9e3eaf7c52d0a80b83d7e2967cb17b33671f6cc1d1a0c94af756729ff14871d96c2fb27be0381f01287e8d5a4cf887f7a9c87d7663a928f8622d4df689624a383b00411379ab9ffb0f45904668f3aea30ac10dabd26eb8bf427dd8b27943a2234a189bc414cefa733f7497846c50060a04887afa796c8bbb5562ca7bd0400b03747f41838e2036eec25669b074636014b5fc2e4b8f8c7606a3a9edf9717abd61eecdd1d95356b18b0630d6bb4f29e21d007e5f248da217845ac68b6239909a27db04042efe0e5e4f0994374c50caa12da647aba9adf11b34443de27562d07d76c78216c07788454368bf187576224e170d1a31ff21cfd75793356c590b230884118e938411bc25fb7b23820b775b468dcb51e4caff1a4c00943cfba089f924b25871c5dc03e3a92c9fda5a7d03066eae0645910555a654d44341e894593efb09cec9ea4cdb87508e3a666fc31bb45da7aa5f6597824e704f7758f7d57aacb520b0462c698aeee4fa8f6f582415b9778b5938433f0c8663ad9316a4c05ba411ae6a00d2962be4f283810888cb2a6fb30ac56f069c79805bd9381eeaf48f9b4a3fa6bd055fce267930c27de77d6ef5b2cecda73a48588eb1a4a797e1391193e1f06768c4812c73a19d4d1a5decded480ce302c3b79446f8c134ef03f88381ddd5269846de02a24e51dbcc1ad0ae6d595a31ea3ea6debf517e2f3cef36308f9cd7473b7b45a3376f0e76816e2aadcb8dee473f01f19d4e13165f24c87ad143e49d66606bdecc3f8f91930980ab7ee35a0e683d4813a12e4b683b99d8ba6a00c850f49a5a60a76233d58b2c205dc7b68dba446c597735af318e159a27d9d639273fbe659dcb7682a59f32659ef7387f6e01c401d07fe095338dc51020f496c8693e3ba0bb424782c878b2c2171f1b8e39cba76e776363f53dc55b0ceff122e75a8ee0a07827f48187c6b1ec86452e83d3e5500b469d8ce87e6bbad9a2f61c11019fde7696b4f165202f1193f1c4e89179ee678e2633dedb72ef70018962d2de9d7f54e71afc9997a5d4f69b8a0b3eb9831924f98d0fd6ca12b89c6a9bb1f84a3368470ef7d3dc49c801e13c98a428ceb17cef2d2db41fd4bfa4aaef3781b3a76e0b9e8771e1e2832313bf92999d878b66bf01d11b06bdede2d3d57120d6d886cab67699a95f8c257281e42d11202c8ee2493297ba4c7da4d7ad18e1e1c11ff84edec32da4aa83080ef9304dbaef4f8aa1f3f4dca23dbd2b52bed3022fa786caba8398d05f90ae2b380d8b6ab7f1250db3599284c1109cacc00cbcd14b5cb2fb4ed6a84613452bd8fe217bb20921ac78b1c524d6f9f05ceb868f3c4169edfff9d5eee9b2d1ef4c6b281762a05bf451b389b73352ba978d579009607beff78f29ac608e64b798e21df3bb00089e3c09de0f49d65540e284af554966d53ac304e36d7d85055f89f23e5d1ed06ae2729153772042bab38d5cc754128b6f4039cd66ddb7e37b75308b59fe948650ce056f0bb4510e524f1638db545802b38b1d1f55509d5758af1da90c3fce9fe051cf4421e0fca0b530880eeda3a1bed36341afc9663974aded6d83dcb35e2e770c8f8cadd6860dd52f41e8a61e6e1e08c89c333428085450ab7e7d3cbcf5c863bdae9ad0d912c0d0e3f0cef983639754251201fd5eb7f3ece56872d0725b38dd3f031330a5834301bd48f46d5703bb938bdf5ad3a8702ac2a27072f27ac8f4db38925d5dfb99e0ba22c2748ff8fd2783a4f2cccae1c567eea4f22a45c052cb779afb85c8f553df05d81b8e2fd34ec7fff9b113546cfffa4e8d35641c761735fd1a6946d8d8bd88dba2dc6260aa07e87360fe83a2e345a6e96fa4f28ce665b67d2428cb3755354619af541bfe496e960fc3a0e40c7b1938195ed8bdeeb04af38ccec9d6a27e8586d46875d7bbb4dc292b924a19779a380ba8891cd1d6ef84ee57779c1061364566a2620d3233815e4d65f8c036faa9751d8fb701c51bc9cdf0a7a6401799e339d97f67695c60009276e93a862555974fac7a207026417b6790b88451a0e436915fae39631d5a7d8b3d2a9e4f0b521f78b0e7bc4040f35697517672db69fcc79d4cdcf05f9bc5b15dcb1482cf6d17e1947a305ad0edbc8d8467ef84c9f08014844a290f41aefa527d2416d44df6d49fad99e24af3e48c415f00c1119639d52991d6f43eda10fa9ba2589fdb1a632cc7c2705abaef479a880cb84477b2a21d5a16a85170ecfc928656e1a664a35277a7d3a9fda291621fb94967244bdd7ef356517e78fbd388132817103e4fc3bd4410038ad66e5ab424da85471b9e339d90a7dce2bf35d5d435f96ae42e8134f2fe1929b0dbe2ed5720c807bf0b7b67cbfb5ba7c75ca5ffdd1973cc818bc4b59578273a82788d10659c2e9082c8b88eb8165247f4ed023f5dc9e33a4b040a341b072dbb3f4d1bcd3fc0b8ac0249aa2aece1e82d4dd029a4f66f5174901a02a60f81f52bfde84b7d8c48cb79b188b31da0363ab2756e2119da612014d89cf186c75f3818713f91821221458b4a5319e78e9c67d2bf573b3f514b800ce29ca07c69e24544547964b1dc9bb3808d813238686ec6a87c932d3f6f4097bf905d37347d93d2c2054d53ab32bce551ce7c91fa6c57cb76e9721930c1456e714950e56f21ebe3409ffbbe6ffffe2a6e143a9796ac85f198df2db2d0cb5e3cb308a80a21d680e64ec652543862ca9bbfe818575c7c48335f33602ffeeb909f6e0782ac5f64470493c1163563de9d5467494055ab6803fdbe1efafe54dc1a6857cc2512d206424e5df08df9d4064d5ec181b2901a95415c845da14a4df0c12ef601fb19e125965705ad04d1eeb0b02d522c365a2a4ff2bbde9b6551a7dd9ceb3262fc0ee8634785e72c95ee575b55d8c0dd6ceea27afde097b6aaa2bedc9fac82a5e8a225499e1518ba6b977c32b7d2d18365681a69318f821154c8f0879de98ea50050af4049f330e8d7741aebecc4ff9f252737b492282cfb148ef295852a1978a2ca98cf0c05556924660dbd02946f426af71f344b7dba34ded5df5a9ba072fdef450ab3644861f38a1d0a6b536af507806abc3f30a78e90373f40caf9118d565cbbb9c4142bdd5ce5f1921e94e9f69253502b42ca98731cccf9cd7706b47495990402ef780788947d45a289a6afbf636a58b062ae2f211d3663ce0a0fb842f002f78318be6b0d50308e917ec8c8edf18d52d5dc714e1e6252f4bf08247cbeede0fbefa2673d4e471875b743fc3d6e0b2b7ab6feb58f8ac43ed53c114e9013c4d790f9a998a92fd4d267e27f853bbedc50039f0721cb62e8e4008deb942c62fb961b779c6e6d7d7a6cc255494317ab07581df0d58afc68af19e15e7c1c01ad8c90abee86fcaa996c8c96a113eb10747c929a592526deb4ac9463c7494d1f86fbf2d760f1899fc2339980a27b1e2c3e042027ad697a0cc50520b97c4b0302fb523eb4e85011f2bcdbf3e2620db04ae009f84728019f9b154f6626b2e77d16235787b27207360b387ecb2ce9cba164c8af3d2fa088d110d6b6475e10f0c669b8677d9c2f3158ece583716ec698a5bf905b576f73db4c0dae7d803f6a220e36d0609ddcc72ce1050f3497b6d34c6c9bb5ff339c53f390255c39457d41d1bc5409831dfd71093d138008ce02db89701011d654e2263af62cf6c11f1068a39e8b4da9e64139256e276867cad2c13e18e648a945b05b7a583cf8e2cc049ff224757a97164081386b62290e8d614cb454dcdf0a7b3326ec778461340f3b6330c07db65d1eb7d3f74a4f99204410a67f2c2e92fc640d4092710ba116fc9a084064acc14e64cf77f75cbaf59c893ba5690ff2a2107966698a783eedc16ae677f727d9b382c481063406f4f439b573d3c58bdc588e5ea6f6cd74f0301744aa87856c2462a7e447e314d1431460c351b9746bbb6138c239db6fe8d78d1cc2c239bfaa2305ed1701339807296a946f224e0f0c04c933b0c92f81b56421cc2e653dd9f0d1314f03367bdbfb28b9d98ee806e8816bb763dbce602f286e20b66c9c1cdb31b31024cde80ad4a6037d374fa09f317c8c7ccb0ccc2daa638c89bb6c79daf5bac7d439953562c2a7a684116883589c2f8280a611dd3f36c7f63657d3b9828b446891a69b64dccf95976933abe1baf86c7f4a1660adcf05b2ad388d30d1fc3a9b9f1a2907dba9af0ffe861dd951d34b580fb4295c65a4f2f3c55a0f8de7b7b16aad8f32cc67fd5", &(0x7f0000000340)})

2m9.448221381s ago: executing program 6 (id=4788):
r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYBLOB="010026bd7000fedbdf25020000000800048004000880"], 0x1c}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x1000000000009489, 0x3, 0x15f4da0a, 0x1, 0x7, 0x7, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x5, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)

2m8.378479614s ago: executing program 6 (id=4792):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

2m5.101792297s ago: executing program 6 (id=4799):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x5, 0x801, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, 0x0, 0x9)
listen$auto(0x3, 0xffffff39)
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket(0x23, 0x2, 0x0)
sendto$auto(r1, 0x0, 0x8000000008000, 0x0, 0x0, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
pread64$auto(0xffffffffffffffff, 0x0, 0x800003, 0x270)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103001, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f4)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004)
madvise$auto(0x0, 0x200007, 0x19)
linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400)

1m49.994841986s ago: executing program 36 (id=4799):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x5, 0x801, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, 0x0, 0x9)
listen$auto(0x3, 0xffffff39)
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r1 = socket(0x23, 0x2, 0x0)
sendto$auto(r1, 0x0, 0x8000000008000, 0x0, 0x0, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
pread64$auto(0xffffffffffffffff, 0x0, 0x800003, 0x270)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103001, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f4)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004)
madvise$auto(0x0, 0x200007, 0x19)
linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x400)

28.76587769s ago: executing program 7 (id=5058):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
fsconfig$auto(r0, 0x800, 0x0, 0x0, 0x0)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
process_mrelease$auto(0xffffffffffffffff, 0xa)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe)
ioctl$auto_BCH_IOCTL_DISK_GET_IDX(r1, 0x4008bc0d, &(0x7f0000000240)={0x8})
write$auto(r1, 0x0, 0x100000a3d6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000000280)="13")
mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff)
socket(0x2, 0x1, 0x106)
select$auto(0x9, 0x0, &(0x7f0000000080)={[0x209c, 0x2e7d11ca, 0x6, 0x8000, 0xfffffffffffffffc, 0x100000004, 0x9, 0x800002017d, 0x4, 0xdfdffdff, 0x3ff, 0xd59, 0xfb, 0x1, 0x7f, 0x7]}, 0x0, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)

27.670334051s ago: executing program 7 (id=5062):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/kexec_crash_loaded\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000240)=""/140, 0x8c)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/adsp1\x00', 0x2, 0x0)
r1 = prctl$auto(0x23, 0x9, 0x2008, 0x0, 0x0)
ioctl$auto_OSS_ALSAEMULVER2(r1, 0x80044df9, &(0x7f0000000380)="9d1762cbb7829f8d3fb18591b084d80d92343101f817b4a6e9a9877102c77979621afb68e30cd1a743be112689b11bd27219201d82d566ff59d1b9f5e0eb4dc8e2f56ac8a0bc5866")
landlock_restrict_self$auto(r0, 0xfffffffe)
mmap$auto(0xc8, 0xe2, 0x0, 0xeb1, r0, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48010}, 0x20004800)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x119280, 0x0)
getpid()
ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop6\x00', 0x101202, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c01, 0x0)

25.367787456s ago: executing program 7 (id=5070):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
sendmsg$auto_NL80211_CMD_UPDATE_CONNECT_PARAMS(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x24, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_INACTIVITY_TIMEOUT={0x6}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0xfffffff8}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x5, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
socket(0xa, 0x1, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
fsconfig$auto(r0, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, 0x0)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
process_mrelease$auto(0xffffffffffffffff, 0xa)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$auto_BCH_IOCTL_DISK_GET_IDX(r1, 0x4008bc0d, &(0x7f0000000240)={0x8})
mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x802, 0x0)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d7, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0x100]}, 0x0)

24.102703494s ago: executing program 7 (id=5073):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0)
ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x49, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x1)
clock_adjtime$auto(0x0, &(0x7f0000000040)={0xfbb, 0x0, 0x7f, 0xfffffffff7fffffe, 0x602, 0x8, 0x7, 0x0, 0x7, 0xb, 0x1, {0x3ff, 0x7}, 0xfffffffffffffffa, 0x200000a5, 0xa, 0x13c, 0x0, 0xc3, 0x7, 0x2, 0x5, 0x90, 0xfffffff5})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
fsopen$auto(0x0, 0x1)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
madvise$auto(0x0, 0x20499d, 0x9)
openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, 0x0, 0x230c41, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, 0x0, 0x100, 0x0)
preadv$auto(r0, &(0x7f00000001c0)={0x0, 0xfffffffd}, 0x5, 0xc, 0x1)
sendfile$auto(r1, r1, 0x0, 0x2)

22.193117559s ago: executing program 7 (id=5081):
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0x8)
ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0)
socket(0x25, 0x5, 0x2)
r0 = socket(0x848000000015, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setfsuid$auto(0xee00)
clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2)
wait4$auto(0x0, 0x0, 0x80000001, 0x0)
bind$auto(0x3, &(0x7f0000000240)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x23}}, 0x6b)
connect$auto(0x3, &(0x7f00000002c0)=@generic={0xa, "5457c29004e0b991da88f70ef61b"}, 0x55)
sendmsg$auto_NL80211_CMD_GET_MPATH(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x100000)
getsockopt$auto(0xffffffffffffffff, 0x11c, 0x3616, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
statmount$auto(&(0x7f00000000c0)={0x8059, @inferred=r1, 0x2, 0x8000000000000000, 0x35ba}, &(0x7f0000000500)={0x6, 0x7, 0x7, 0x0, 0x20000000, 0x6, 0x800, 0x9, 0x4, 0x2000000, 0x2, 0xf701, 0x7, 0x0, 0x2, 0x80000000, 0xa99, 0x5, 0x9, 0x2, 0x8, 0x1, 0x7, 0x5, 0x62, 0x7, 0x9, 0xc5, 0x7, 0x4, 0x3677, [0x4, 0x204b, 0x2, 0x200, 0x4, 0x1a2, 0x2, 0x0, 0x4, 0x400, 0x2, 0x216, 0x1, 0x7fffffffffffffff, 0x247ec0000000000, 0x0, 0x80000001, 0x10001, 0x2, 0x7f, 0x1, 0x3, 0x3, 0x180, 0x7, 0xe7bf, 0x6, 0x8a88, 0x2, 0x5, 0x8, 0x7, 0x6, 0x66, 0x3b, 0x3, 0x50a5, 0xffffffffffff7fff, 0x9, 0x7, 0x100000001, 0x6, 0x7fffffffffffffff], "dea07cf503f7d5c1b5ba920b5537c230c4b7fbda2352a4fff095a2b06eb3ce55b9831c27a91f39ae41f39b1beac686c3acc041b2d2ab7894a89b7854de778eecdbdf459f6cacdba74793109dc022da45914d04aebf93c003409f3218a555508d1b557bc9f009974f928aac27ffb3555116ff21f1b6804e1f0777a0d983693b183fc686e88a45574d983a6926459a82f57ae9f3405e75e6b8b8d4881a0df2b9df83a214fc673a71dd063a784861467742685e4c3af37274000498864329cd7aa1a93c0ba7d5621add5ade08995cc5b2db17effc5c77468f618f7a88010c304d28529b"}, 0x3, 0x5)
r3 = socketcall$auto(0x8000, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r3)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae8a, &(0x7f0000000100)={0x66})

21.10355053s ago: executing program 7 (id=5084):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
fstatfs$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8001, 0x100000000000, 0x1, 0x9, 0x5d, 0x2, 0x75, {[0x80000000]}, 0x0, 0x7ff, 0x68a6, [0x5, 0x8, 0x5, 0x4]})
statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x4, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff], "c4cbb7ab40a4d6220aa6d6ea4305f533c9e9bee6fcfc61722ccb678e0e2cba7194bc385b26d84c96723400de3b5aacff44f65a10b6c36a9a55945d88270da0f18327ed7c66498ace94f97e799732311e069e26edbb6db1b0ddede50878458b27f5e2fb6581"}, 0x200, 0x81)
setfsuid$auto(0xee00)
sysfs$auto(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r1, 0x0, 0x400000000006)
socket(0x18, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202, 0x0)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0), 0xca400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdc, 0xeb2, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x81004000000008dd, 0x1000000eb1, r2, 0x0)
unshare$auto(0x40000080)

20.50032219s ago: executing program 8 (id=5085):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

19.599470611s ago: executing program 5 (id=5086):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

19.049568317s ago: executing program 8 (id=5088):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0)
r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b30000000000", 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd})
madvise$auto(0x0, 0x200007, 0x1d)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
socket(0x11, 0x80003, 0x300)
socket(0x29, 0x5, 0x0)
open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r4, 0x0, 0x1f40)

18.756839182s ago: executing program 4 (id=5089):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x1000000000009489, 0x3, 0x15f4da0a, 0x1, 0x7, 0x7, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, 0x0, 0xa, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
close_range$auto(0x2, 0x8, 0x0)

18.451387485s ago: executing program 4 (id=5090):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

17.875107211s ago: executing program 8 (id=5091):
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x1000000000009489, 0x3, 0x15f4da0a, 0x1, 0x7, 0x7, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x5, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)

5.867942681s ago: executing program 37 (id=5084):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
fstatfs$auto(0xffffffffffffffff, &(0x7f0000000140)={0x8001, 0x100000000000, 0x1, 0x9, 0x5d, 0x2, 0x75, {[0x80000000]}, 0x0, 0x7ff, 0x68a6, [0x5, 0x8, 0x5, 0x4]})
statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x4, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff], "c4cbb7ab40a4d6220aa6d6ea4305f533c9e9bee6fcfc61722ccb678e0e2cba7194bc385b26d84c96723400de3b5aacff44f65a10b6c36a9a55945d88270da0f18327ed7c66498ace94f97e799732311e069e26edbb6db1b0ddede50878458b27f5e2fb6581"}, 0x200, 0x81)
setfsuid$auto(0xee00)
sysfs$auto(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendfile$auto(0x3, r1, 0x0, 0x400000000006)
socket(0x18, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202, 0x0)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0), 0xca400, 0x0)
mmap$auto(0x0, 0x4020009, 0xdc, 0xeb2, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x81004000000008dd, 0x1000000eb1, r2, 0x0)
unshare$auto(0x40000080)

5.849846281s ago: executing program 4 (id=5093):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

5.849236262s ago: executing program 8 (id=5094):
mmap$auto(0xffffffffffffffff, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0)
socket(0x10, 0x3, 0xa)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x101400, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x20)
select$auto(0x9, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x25, 0x1, 0x0)
connect$auto(r1, 0x0, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
ioctl$auto_EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000040)={0x0, r0, 0x2, 0x2, 0x1, 0x2})
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x110000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="100026"], 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x40080c0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
clock_nanosleep$auto(0xb, 0xa000001c, 0x0, 0xffffffffffffffff)

5.846862468s ago: executing program 5 (id=5100):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
ioctl$auto(0x4000000000000c8, 0x400454cc, 0x6f)
socket(0xa, 0x2, 0x0)
setsockopt$auto(0x3, 0x0, 0x28, 0xfffffffffffffffc, 0x70)
write$auto(0x3, 0x0, 0x1)
lseek$auto(r0, 0x100, 0x6)
write$auto(0x3, 0x0, 0xfffffdef)
setresuid$auto(0x0, 0x0, 0xee01)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = fanotify_init$auto(0x5, 0x0)
fanotify_mark$auto(r1, 0x205, 0xa, 0x4, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
r2 = socket(0x10, 0x2, 0x0)
r3 = openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, 0x0, 0x20002, 0x0)
read$auto_bdi_debug_stats_fops_(r3, &(0x7f0000000040)=""/69, 0x45)
bind$auto(r2, 0x0, 0x6b)
prctl$auto_PR_TASK_PERF_EVENTS_DISABLE(0x1f, 0x49e, 0x7000000000, 0x978f, 0x7)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0x100000000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)

5.240728042s ago: executing program 5 (id=5095):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

4.411562231s ago: executing program 8 (id=5096):
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/kcore\x00', 0x28000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x4007, 0xb})
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0)
pread64$auto(r1, 0x0, 0x800003, 0x270)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x5, 0x109)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230)
shmget$auto(0x100000000, 0x3, 0x79e56dc9)
fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000040)='\x00', &(0x7f0000000240)="311d426c6705229aad0d8eac02929ca02f79503079f6a5e963e571ca221dd0db06767b340d81c2add9c77f19713a391f0ad30e704bb67b9312140bf8f881a42be0ba31fdd39773fede310deb9010aaeb4bd27225d36c6860a8130e74ee9b695f42b1793f380ca88d82230eb5cbc28debc313fa837988779023d6133a170aab3769028488ac6addc3dded8da9798c15765137087971ea7104a38dd745cd3028b2bca5252ae76747218b52e2cc74253655a0aba9ee34c98f1bad4712454cae17b5a0f8188e1dfbb03d8ad7ba9dacbe9bdff9dbb2047a36eb51cb3fb3", 0x0)
setsockopt$auto(0x3, 0x0, 0xd0, 0xfffffffffffffffc, 0x4)

3.703652493s ago: executing program 4 (id=5097):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

2.703862243s ago: executing program 5 (id=5098):
r0 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0)
ioctl$auto(r2, 0xc1205531, r1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0xf, 0x3, 0x2)
recvfrom$auto(r4, 0x0, 0xde, 0x8, 0x0, 0x0)
sendmsg$auto_TCP_METRICS_CMD_GET(r3, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r0, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_SET(r5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPATH(r6, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, r7, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090)
r8 = getpgrp(0x0)
r9 = gettid()
kill$auto(r9, 0x11)
remap_file_pages$auto(0x7fff, 0x10f, 0x2, 0x0, 0x2)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d0, r7, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_MAC_ADDRS={0x1b7, 0xa6, 0x0, 0x1, [@nested={0x14, 0x8d, 0x0, 0x1, [@typed={0x8, 0x154, 0x0, 0x0, @pid=r8}, @nested={0x4, 0x9b}, @typed={0x4, 0x41}]}, @typed={0x8, 0x89, 0x0, 0x0, @pid=r9}, @typed={0x8, 0x7b, 0x0, 0x0, @fd=r1}, @generic="fc60b72ad14c267182a5fac875b73915cfccc6d4b6d99f9057a3730528ff3425d1cc477b4dc69dd791018cbe9564d86f46d6ba65c587bf1b44908b085e2fbf0447ad0ca1883fe82393f0202de8dcb7424c13822e85ba81928dd264c068c645cb5e8bb45fbe9e79e3077feecc0699836978a5fb7a5369dd555ba7c8171986e50fe98a0622bc0acfbf907f48572bb0af99136f0dff459c5742b23af74739d23eeca70dfcbf1958ffd7a8f9f66309d0afc6558938f144b83df6bc2a346185506ded8923257bac9baaf16083d1807d59a09927e114f1f43856b662fdb44888623b1bd9bb4b2905bd8afc0bf8ce1a", @generic="196e507da91fa68c41372995b1978de3513efbc5fd2f95fa3e1d80acd152d60dc28495f450fb5f36e9", @typed={0x4, 0x151}, @typed={0x1a, 0x5d, 0x0, 0x0, @binary="a457aa2beab743d7882ab7b3469bc6cae88e836a5ca9"}, @generic="314f5d30f350988c65b7744d1612775d496e9e24c896acd49ca8d081a4da4930317ed4ce6592d1c606bb4dca15b0e9092f38c51c3c1f7c0039a062606c6486027ef2ca172f86d27c636b8a00a465ec13c706d641b45ff66bf928"]}, @NL80211_ATTR_REG_INDOOR={0x4}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x44085}, 0x4)

2.223167418s ago: executing program 5 (id=5099):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mlockall$auto(0x7)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
pwrite64$auto(r0, 0x0, 0x0, 0x2000000000040007)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
tgkill$auto(0x0, 0x0, 0x11)
readv$auto(0x3, 0x0, 0x7)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="010031bd7000fddbdf250c00000018000380140003800300b0800c000200657468746f6f6c001800018014000200776c616e30"], 0x44}}, 0x24048084)

2.106004897s ago: executing program 4 (id=5101):
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}})
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x3, 0xff)
connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex_wake$auto(0x0, 0x5, 0x4, 0xa)
futex_wake$auto(0x0, 0xfffffffffffffff8, 0xfff, 0x7f)
mmap$auto(0x0, 0x2000a, 0x10000000000e1, 0xeb2, 0x401, 0x8000)

848.804145ms ago: executing program 5 (id=5102):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0)
readv$auto(r0, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1000, 0x1c9}, 0x2, 0x7)
io_uring_setup$auto(0x6, 0x0)
set_mempolicy$auto(0x1, &(0x7f00000000c0)=0x6, 0x21)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
lseek$auto(0x3, 0x2, 0x4)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TCSBRK2(r1, 0x5409, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0)
prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0)

848.600467ms ago: executing program 8 (id=5103):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

0s ago: executing program 4 (id=5104):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0)
pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)

kernel console output (not intermixed with test programs):

: forcing a failure.
[  985.441626][T17984] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  985.720441][T17984] CPU: 0 UID: 0 PID: 17984 Comm: syz.5.3815 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  985.720482][T17984] Tainted: [L]=SOFTLOCKUP
[  985.720492][T17984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  985.720507][T17984] Call Trace:
[  985.720516][T17984]  <TASK>
[  985.720526][T17984]  dump_stack_lvl+0x100/0x190
[  985.720569][T17984]  should_fail_ex.cold+0x5/0xa
[  985.720598][T17984]  _copy_from_user+0x2e/0xd0
[  985.720629][T17984]  snd_pcm_oss_write2+0x1c2/0x400
[  985.720664][T17984]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  985.720703][T17984]  snd_pcm_oss_write+0x729/0xa30
[  985.720736][T17984]  ? security_file_permission+0x76/0x210
[  985.720774][T17984]  vfs_write+0x2aa/0x1070
[  985.720799][T17984]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  985.720832][T17984]  ? __pfx_vfs_write+0x10/0x10
[  985.720871][T17984]  ? find_held_lock+0x2b/0x80
[  985.720894][T17984]  ? __fget_files+0x215/0x3d0
[  985.720917][T17984]  ? __fget_files+0x215/0x3d0
[  985.720946][T17984]  ? __fget_files+0x21f/0x3d0
[  985.720977][T17984]  ksys_write+0x12a/0x250
[  985.721000][T17984]  ? __pfx_ksys_write+0x10/0x10
[  985.721032][T17984]  do_syscall_64+0x106/0xf80
[  985.721068][T17984]  ? clear_bhb_loop+0x40/0x90
[  985.721100][T17984]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.721126][T17984] RIP: 0033:0x7f0a28b9c799
[  985.721147][T17984] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  985.721173][T17984] RSP: 002b:00007f0a269d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  985.721197][T17984] RAX: ffffffffffffffda RBX: 00007f0a28e16270 RCX: 00007f0a28b9c799
[  985.721215][T17984] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003
[  985.721231][T17984] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[  985.721247][T17984] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  985.721262][T17984] R13: 00007f0a28e16308 R14: 00007f0a28e16270 R15: 00007fffffab8cc8
[  985.721323][T17984]  </TASK>
[  986.437768][T17991] random: crng reseeded on system resumption
[  990.779069][T18031] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3817'.
[  990.869572][T18031] netlink: 354 bytes leftover after parsing attributes in process `syz.4.3817'.
[  993.511133][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  993.517592][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  995.072751][ T5834] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  998.334928][T18093] nbd: must specify at least one socket
[  999.187735][   T30] audit: type=1807 audit(2147483814.696:20): UNKNOWN=0"�]$|�1j�0B|d���ӉO��+��/��x����WӦ��^��gq%Ḧr�O� res=0
[  999.254603][   T30] audit: type=1802 audit(2147483814.716:21): pid=18101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.3837" res=0 errno=0
[  999.637484][T18100] ima: policy update failed
[  999.696157][   T30] audit: type=1802 audit(2147483815.145:22): pid=18100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.3837" res=0 errno=0
[ 1000.571691][T18125] netlink: 17 bytes leftover after parsing attributes in process `syz.5.3842'.
[ 1001.669877][T18138] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3843'.
[ 1002.772163][T18148] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3845'.
[ 1007.396991][T18176] kexec: Could not allocate control_code_buffer
[ 1010.889811][T18203] FAULT_INJECTION: forcing a failure.
[ 1010.889811][T18203] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.200341][T18203] CPU: 0 UID: 0 PID: 18203 Comm: syz.5.3865 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1011.200384][T18203] Tainted: [L]=SOFTLOCKUP
[ 1011.200393][T18203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1011.200410][T18203] Call Trace:
[ 1011.200419][T18203]  <TASK>
[ 1011.200429][T18203]  dump_stack_lvl+0x100/0x190
[ 1011.200473][T18203]  should_fail_ex.cold+0x5/0xa
[ 1011.200503][T18203]  should_failslab+0xc2/0x120
[ 1011.200530][T18203]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1011.200571][T18203]  ? shmem_alloc_inode+0x25/0x50
[ 1011.200603][T18203]  ? __pfx_shmem_alloc_inode+0x10/0x10
[ 1011.200635][T18203]  shmem_alloc_inode+0x25/0x50
[ 1011.200662][T18203]  alloc_inode+0x68/0x250
[ 1011.200696][T18203]  new_inode+0x22/0x1c0
[ 1011.200732][T18203]  shmem_get_inode+0x212/0x1040
[ 1011.200769][T18203]  ? __pfx_shmem_get_inode+0x10/0x10
[ 1011.200801][T18203]  ? d_add+0x443/0x850
[ 1011.200834][T18203]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1011.200879][T18203]  shmem_mknod+0x20c/0x470
[ 1011.200914][T18203]  ? __pfx_shmem_mknod+0x10/0x10
[ 1011.200945][T18203]  ? bpf_lsm_inode_create+0x9/0x10
[ 1011.200987][T18203]  ? __pfx_shmem_create+0x10/0x10
[ 1011.201033][T18203]  lookup_open.isra.0+0xc47/0x11b0
[ 1011.201084][T18203]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1011.201127][T18203]  ? __pfx___might_resched+0x10/0x10
[ 1011.201164][T18203]  ? mnt_get_write_access+0x52/0x2f0
[ 1011.201203][T18203]  ? __pfx_down_write+0x10/0x10
[ 1011.201241][T18203]  ? mnt_get_write_access+0x1e9/0x2f0
[ 1011.201300][T18203]  path_openat+0x2291/0x31a0
[ 1011.201337][T18203]  ? __pfx_path_openat+0x10/0x10
[ 1011.201374][T18203]  do_file_open+0x20e/0x430
[ 1011.201402][T18203]  ? __pfx_do_file_open+0x10/0x10
[ 1011.201450][T18203]  ? alloc_fd+0x476/0x790
[ 1011.201477][T18203]  ? do_getname+0x191/0x390
[ 1011.201511][T18203]  do_sys_openat2+0x10d/0x1e0
[ 1011.201559][T18203]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1011.201594][T18203]  ? __fget_files+0x21f/0x3d0
[ 1011.201642][T18203]  __x64_sys_openat+0x12d/0x210
[ 1011.201677][T18203]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1011.201724][T18203]  do_syscall_64+0x106/0xf80
[ 1011.201759][T18203]  ? clear_bhb_loop+0x40/0x90
[ 1011.201790][T18203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.201816][T18203] RIP: 0033:0x7f0a28b9c799
[ 1011.201838][T18203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1011.201864][T18203] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1011.201888][T18203] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1011.201906][T18203] RDX: 00000000000861c2 RSI: 0000000000000000 RDI: ffffffffffffff9c
[ 1011.201922][T18203] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1011.201938][T18203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1011.201954][T18203] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1011.201987][T18203]  </TASK>
[ 1016.825254][   T30] audit: type=1806 audit(2147483832.327:23): xattr="." res=0
[ 1020.394869][T18264] ubi0: attaching mtd0
[ 1020.606126][T18264] ubi0: scanning is finished
[ 1020.611547][T18264] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1021.861242][T18277] netlink: 9 bytes leftover after parsing attributes in process `syz.4.3878'.
[ 1022.864800][T18264] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1027.734970][T18331] binder: 18330:18331 ioctl c018620c 200000000040 returned -22
[ 1031.198375][T18366] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3899'.
[ 1032.369794][ T5834] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1032.379954][ T5834] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[ 1032.389617][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: kworker/u9:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1032.389658][ T5834] Tainted: [L]=SOFTLOCKUP
[ 1032.389667][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1032.389711][ T5834] Workqueue: hci4 hci_rx_work
[ 1032.389803][ T5834] Call Trace:
[ 1032.389813][ T5834]  <TASK>
[ 1032.389823][ T5834]  dump_stack_lvl+0x100/0x190
[ 1032.389864][ T5834]  sysfs_warn_dup.cold+0x1c/0x28
[ 1032.389900][ T5834]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1032.389937][ T5834]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1032.389971][ T5834]  ? find_held_lock+0x2b/0x80
[ 1032.389994][ T5834]  ? kobject_add_internal+0x25f/0x930
[ 1032.390036][ T5834]  ? kobject_add_internal+0x25f/0x930
[ 1032.390097][ T5834]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1032.390137][ T5834]  kobject_add_internal+0x2c8/0x930
[ 1032.390185][ T5834]  kobject_add+0x16a/0x1e0
[ 1032.390209][ T5834]  ? __pfx_kobject_add+0x10/0x10
[ 1032.390231][ T5834]  ? class_to_subsys+0x10f/0x150
[ 1032.390295][ T5834]  ? kobject_put+0xb9/0x640
[ 1032.390333][ T5834]  ? _raw_spin_unlock+0x28/0x50
[ 1032.390379][ T5834]  device_add+0x294/0x1950
[ 1032.390409][ T5834]  ? __pfx_dev_set_name+0x10/0x10
[ 1032.390446][ T5834]  ? __pfx_device_add+0x10/0x10
[ 1032.390477][ T5834]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1032.390536][ T5834]  hci_conn_add_sysfs+0x1a3/0x260
[ 1032.390612][ T5834]  le_conn_complete_evt+0x11cb/0x1f40
[ 1032.390666][ T5834]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1032.390695][ T5834]  ? __pfx_bt_warn+0x10/0x10
[ 1032.390745][ T5834]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1032.390778][ T5834]  ? skb_pull_data+0x15f/0x1e0
[ 1032.390811][ T5834]  hci_le_meta_evt+0x34a/0x5f0
[ 1032.390860][ T5834]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1032.390896][ T5834]  hci_event_packet+0x682/0x11c0
[ 1032.390927][ T5834]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1032.390963][ T5834]  ? __pfx_hci_event_packet+0x10/0x10
[ 1032.390997][ T5834]  ? kcov_remote_start+0x374/0x660
[ 1032.391022][ T5834]  ? lockdep_hardirqs_on+0x78/0x100
[ 1032.391065][ T5834]  hci_rx_work+0x451/0xfc0
[ 1032.391100][ T5834]  process_one_work+0xa23/0x19a0
[ 1032.391150][ T5834]  ? __pfx_process_one_work+0x10/0x10
[ 1032.391195][ T5834]  ? __pfx_hci_rx_work+0x10/0x10
[ 1032.391229][ T5834]  worker_thread+0x5ef/0xe50
[ 1032.391273][ T5834]  ? __pfx_worker_thread+0x10/0x10
[ 1032.391311][ T5834]  ? kthread+0x13a/0x450
[ 1032.391349][ T5834]  ? __pfx_worker_thread+0x10/0x10
[ 1032.391384][ T5834]  kthread+0x370/0x450
[ 1032.391417][ T5834]  ? __pfx_kthread+0x10/0x10
[ 1032.391454][ T5834]  ret_from_fork+0x754/0xd80
[ 1032.391494][ T5834]  ? __pfx_ret_from_fork+0x10/0x10
[ 1032.391535][ T5834]  ? __switch_to+0x7b4/0x1120
[ 1032.391562][ T5834]  ? __pfx_kthread+0x10/0x10
[ 1032.391605][ T5834]  ret_from_fork_asm+0x1a/0x30
[ 1032.391647][ T5834]  </TASK>
[ 1033.195966][ T5834] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1033.214864][ T5834] Bluetooth: hci4: failed to register connection device
[ 1034.466309][T18382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[ 1034.563204][T18382] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1034.609967][T18382] memcg:ffff888078541201
[ 1034.661518][T18382] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1034.744916][T18382] page_type: f5(slab)
[ 1034.814162][T18382] raw: 00fff00000000040 ffff88801ce8d8c0 dead000000000100 dead000000000122
[ 1034.917713][T18382] raw: 0000000000000000 0000000800190019 00000000f5000000 ffff888078541201
[ 1035.011604][T18382] head: 00fff00000000040 ffff88801ce8d8c0 dead000000000100 dead000000000122
[ 1035.081752][T18382] head: 0000000000000000 0000000800190019 00000000f5000000 ffff888078541201
[ 1035.235915][T18382] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[ 1035.279371][T16654] Bluetooth: hci4: command 0x0406 tx timeout
[ 1035.340282][T18382] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1035.403253][T18382] page dumped because: unmovable page
[ 1035.408682][T18382] page_owner tracks the page as allocated
[ 1035.481957][T18382] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5489, tgid 5489 (dhcpcd), ts 63371158012, free_ts 31132765200
[ 1035.632009][T18382]  post_alloc_hook+0x153/0x170
[ 1035.661992][T18382]  get_page_from_freelist+0x111d/0x3140
[ 1035.667654][T18382]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 1035.743832][T18382]  new_slab+0xa6/0x6b0
[ 1035.748010][T18382]  refill_objects+0x26b/0x400
[ 1035.812165][T18382]  __pcs_replace_empty_main+0x1ab/0x660
[ 1035.817843][T18382]  kmem_cache_alloc_lru_noprof+0x485/0x6e0
[ 1035.869753][T18382]  alloc_inode+0x183/0x250
[ 1035.922374][T18382]  iget_locked+0x1d9/0x6d0
[ 1035.926866][T18382]  kernfs_get_inode+0x46/0x470
[ 1035.992154][T18382]  kernfs_iop_lookup+0x1a7/0x2d0
[ 1035.997252][T18382]  __lookup_slow+0x251/0x460
[ 1036.052903][T18382]  lookup_slow+0x50/0x70
[ 1036.057250][T18382]  path_lookupat+0x5e8/0xc40
[ 1036.061873][T18382]  filename_lookup+0x202/0x590
[ 1036.107107][T18382]  vfs_statx+0xff/0x3f0
[ 1036.162900][T18382] page last free pid 1 tgid 1 stack trace:
[ 1036.168791][T18382]  __free_frozen_pages+0x7e1/0x10d0
[ 1036.222635][T18382]  free_contig_range+0xde/0x1d0
[ 1036.244476][T18382]  destroy_args+0xa8/0x7a0
[ 1036.282173][T18382]  debug_vm_pgtable+0x1b66/0x34c0
[ 1036.339498][T18382]  do_one_initcall+0x11d/0x760
[ 1036.383247][T18382]  kernel_init_freeable+0x6e5/0x7a0
[ 1036.388518][T18382]  kernel_init+0x1f/0x1e0
[ 1036.455199][T18382]  ret_from_fork+0x754/0xd80
[ 1036.459868][T18382]  ret_from_fork_asm+0x1a/0x30
[ 1037.357303][T16654] Bluetooth: hci4: command 0x0406 tx timeout
[ 1038.213489][T18398] netlink: 326 bytes leftover after parsing attributes in process `syz.5.3904'.
[ 1038.513358][T18395] input: f�
 as /devices/virtual/input/input16
[ 1042.115613][T18441] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 1044.037973][T18457] FAULT_INJECTION: forcing a failure.
[ 1044.037973][T18457] name failslab, interval 1, probability 0, space 0, times 0
[ 1044.104781][T18457] CPU: 0 UID: 0 PID: 18457 Comm: syz.5.3920 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1044.104822][T18457] Tainted: [L]=SOFTLOCKUP
[ 1044.104831][T18457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1044.104847][T18457] Call Trace:
[ 1044.104855][T18457]  <TASK>
[ 1044.104865][T18457]  dump_stack_lvl+0x100/0x190
[ 1044.104910][T18457]  should_fail_ex.cold+0x5/0xa
[ 1044.104938][T18457]  ? __register_sysctl_table+0xbe4/0x1650
[ 1044.104980][T18457]  should_failslab+0xc2/0x120
[ 1044.105008][T18457]  __kmalloc_noprof+0xe0/0x850
[ 1044.105052][T18457]  __register_sysctl_table+0xbe4/0x1650
[ 1044.105100][T18457]  ? __pfx___register_sysctl_table+0x10/0x10
[ 1044.105142][T18457]  ? is_module_address+0x69/0xf0
[ 1044.105175][T18457]  ? register_net_sysctl_sz+0x222/0x430
[ 1044.105224][T18457]  __devinet_sysctl_register+0x1b9/0x360
[ 1044.105269][T18457]  ? trace_kmalloc+0x101/0x130
[ 1044.105295][T18457]  ? __pfx___devinet_sysctl_register+0x10/0x10
[ 1044.105342][T18457]  ? __asan_memcpy+0x3c/0x60
[ 1044.105392][T18457]  devinet_init_net+0x303/0x8d0
[ 1044.105435][T18457]  ? __pfx_devinet_init_net+0x10/0x10
[ 1044.105476][T18457]  ops_init+0x1e2/0x5f0
[ 1044.105517][T18457]  setup_net+0x118/0x3a0
[ 1044.105555][T18457]  ? __pfx_setup_net+0x10/0x10
[ 1044.105592][T18457]  ? lockdep_init_map_type+0x5c/0x250
[ 1044.105627][T18457]  ? mutex_init_lockep+0x110/0x150
[ 1044.105666][T18457]  copy_net_ns+0x46f/0x7c0
[ 1044.105691][T18457]  create_new_namespaces+0x3ea/0xac0
[ 1044.105725][T18457]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1044.105756][T18457]  ksys_unshare+0x473/0xad0
[ 1044.105790][T18457]  ? __pfx_ksys_unshare+0x10/0x10
[ 1044.105833][T18457]  __x64_sys_unshare+0x31/0x40
[ 1044.105864][T18457]  do_syscall_64+0x106/0xf80
[ 1044.105900][T18457]  ? clear_bhb_loop+0x40/0x90
[ 1044.105935][T18457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1044.105962][T18457] RIP: 0033:0x7f0a28b9c799
[ 1044.105982][T18457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1044.106007][T18457] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1044.106031][T18457] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1044.106049][T18457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1044.106064][T18457] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1044.106080][T18457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1044.106095][T18457] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1044.106127][T18457]  </TASK>
[ 1045.519714][T18457] sysctl could not get directory: /net/ipv4/conf/all -12
[ 1046.771447][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805ed66400: rx timeout, send abort
[ 1047.280065][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805ed66400: abort rx timeout. Force session deactivation
[ 1049.050025][T18487] [U] 
[ 1049.761540][T18519] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3933'.
[ 1050.470488][T18521] netlink: 252 bytes leftover after parsing attributes in process `syz.4.3934'.
[ 1050.668274][T18525] netlink: 252 bytes leftover after parsing attributes in process `syz.4.3934'.
[ 1050.857782][T18530] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3936'.
[ 1051.925675][T18542] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1053.078164][T18557] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3945'.
[ 1054.012327][T18566] FAULT_INJECTION: forcing a failure.
[ 1054.012327][T18566] name failslab, interval 1, probability 0, space 0, times 0
[ 1054.107681][T18566] CPU: 0 UID: 0 PID: 18566 Comm: syz.5.3948 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1054.107724][T18566] Tainted: [L]=SOFTLOCKUP
[ 1054.107733][T18566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1054.107750][T18566] Call Trace:
[ 1054.107759][T18566]  <TASK>
[ 1054.107769][T18566]  dump_stack_lvl+0x100/0x190
[ 1054.107813][T18566]  should_fail_ex.cold+0x5/0xa
[ 1054.107842][T18566]  ? __alloc_empty_sheaf+0x35/0x50
[ 1054.107875][T18566]  should_failslab+0xc2/0x120
[ 1054.107902][T18566]  __kmalloc_noprof+0xe0/0x850
[ 1054.107946][T18566]  ? lockdep_init_map_type+0x5c/0x250
[ 1054.107986][T18566]  __alloc_empty_sheaf+0x35/0x50
[ 1054.108027][T18566]  do_kmem_cache_create+0x49e/0x540
[ 1054.108059][T18566]  __kmem_cache_create_args+0x386/0x420
[ 1054.108104][T18566]  mon_text_open+0x333/0x510
[ 1054.108208][T18566]  ? __pfx_mon_text_open+0x10/0x10
[ 1054.108235][T18566]  ? __pfx_mon_text_ctor+0x10/0x10
[ 1054.108258][T18566]  ? find_held_lock+0x2b/0x80
[ 1054.108300][T18566]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1054.108344][T18566]  ? lockdown_is_locked_down+0x3d/0x140
[ 1054.108383][T18566]  ? bpf_lsm_locked_down+0x9/0x10
[ 1054.108414][T18566]  ? __pfx_mon_text_open+0x10/0x10
[ 1054.108437][T18566]  full_proxy_open_regular+0x1b6/0x370
[ 1054.108483][T18566]  do_dentry_open+0x6d8/0x1660
[ 1054.108508][T18566]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1054.108556][T18566]  vfs_open+0x82/0x3f0
[ 1054.108597][T18566]  path_openat+0x208c/0x31a0
[ 1054.108635][T18566]  ? __pfx_path_openat+0x10/0x10
[ 1054.108673][T18566]  do_file_open+0x20e/0x430
[ 1054.108701][T18566]  ? __pfx_do_file_open+0x10/0x10
[ 1054.108750][T18566]  ? alloc_fd+0x476/0x790
[ 1054.108778][T18566]  ? do_getname+0x191/0x390
[ 1054.108814][T18566]  do_sys_openat2+0x10d/0x1e0
[ 1054.108847][T18566]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1054.108883][T18566]  ? __sys_sendmsg+0x18f/0x220
[ 1054.108928][T18566]  __x64_sys_openat+0x12d/0x210
[ 1054.108964][T18566]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1054.109010][T18566]  do_syscall_64+0x106/0xf80
[ 1054.109046][T18566]  ? clear_bhb_loop+0x40/0x90
[ 1054.109079][T18566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.109106][T18566] RIP: 0033:0x7f0a28b9c799
[ 1054.109127][T18566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1054.109153][T18566] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1054.109178][T18566] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1054.109195][T18566] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1054.109213][T18566] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1054.109229][T18566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1054.109246][T18566] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1054.109279][T18566]  </TASK>
[ 1054.110032][T18566] __kmem_cache_create_args(mon_text_ffff88802f024800) failed with error -12
[ 1054.811608][T18541] can: request_module (can-proto-3) failed.
[ 1055.091944][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1055.098457][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1056.019457][T18566] CPU: 0 UID: 0 PID: 18566 Comm: syz.5.3948 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1056.019496][T18566] Tainted: [L]=SOFTLOCKUP
[ 1056.019505][T18566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1056.019520][T18566] Call Trace:
[ 1056.019529][T18566]  <TASK>
[ 1056.019539][T18566]  dump_stack_lvl+0x100/0x190
[ 1056.019580][T18566]  __kmem_cache_create_args.cold+0x33/0x6e
[ 1056.019642][T18566]  mon_text_open+0x333/0x510
[ 1056.019668][T18566]  ? __pfx_mon_text_open+0x10/0x10
[ 1056.019693][T18566]  ? __pfx_mon_text_ctor+0x10/0x10
[ 1056.019715][T18566]  ? find_held_lock+0x2b/0x80
[ 1056.019738][T18566]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1056.019778][T18566]  ? lockdown_is_locked_down+0x3d/0x140
[ 1056.019814][T18566]  ? bpf_lsm_locked_down+0x9/0x10
[ 1056.019844][T18566]  ? __pfx_mon_text_open+0x10/0x10
[ 1056.019866][T18566]  full_proxy_open_regular+0x1b6/0x370
[ 1056.019907][T18566]  do_dentry_open+0x6d8/0x1660
[ 1056.019931][T18566]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1056.019976][T18566]  vfs_open+0x82/0x3f0
[ 1056.020009][T18566]  path_openat+0x208c/0x31a0
[ 1056.020044][T18566]  ? __pfx_path_openat+0x10/0x10
[ 1056.020080][T18566]  do_file_open+0x20e/0x430
[ 1056.020107][T18566]  ? __pfx_do_file_open+0x10/0x10
[ 1056.020153][T18566]  ? alloc_fd+0x476/0x790
[ 1056.020180][T18566]  ? do_getname+0x191/0x390
[ 1056.020213][T18566]  do_sys_openat2+0x10d/0x1e0
[ 1056.020246][T18566]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1056.020280][T18566]  ? __sys_sendmsg+0x18f/0x220
[ 1056.020321][T18566]  __x64_sys_openat+0x12d/0x210
[ 1056.020359][T18566]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1056.020408][T18566]  do_syscall_64+0x106/0xf80
[ 1056.020442][T18566]  ? clear_bhb_loop+0x40/0x90
[ 1056.020472][T18566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1056.020497][T18566] RIP: 0033:0x7f0a28b9c799
[ 1056.020517][T18566] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1056.020542][T18566] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1056.020565][T18566] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1056.020582][T18566] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1056.020598][T18566] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1056.020613][T18566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1056.020628][T18566] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1056.020659][T18566]  </TASK>
[ 1057.103295][T18582] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3952'.
[ 1057.163882][T18582] netlink: 350 bytes leftover after parsing attributes in process `syz.1.3952'.
[ 1063.352775][T18635] FAULT_INJECTION: forcing a failure.
[ 1063.352775][T18635] name failslab, interval 1, probability 0, space 0, times 0
[ 1063.352837][T18635] CPU: 0 UID: 0 PID: 18635 Comm: syz.3.3965 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1063.352872][T18635] Tainted: [L]=SOFTLOCKUP
[ 1063.352882][T18635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1063.352898][T18635] Call Trace:
[ 1063.352906][T18635]  <TASK>
[ 1063.352923][T18635]  dump_stack_lvl+0x100/0x190
[ 1063.352966][T18635]  should_fail_ex.cold+0x5/0xa
[ 1063.352995][T18635]  should_failslab+0xc2/0x120
[ 1063.353022][T18635]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 1063.353074][T18635]  ? kvasprintf_const+0x66/0x1a0
[ 1063.353112][T18635]  kvasprintf+0xbc/0x150
[ 1063.353142][T18635]  ? __pfx_kvasprintf+0x10/0x10
[ 1063.353174][T18635]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1063.353258][T18635]  ? lockdep_init_map_type+0x5c/0x250
[ 1063.353299][T18635]  kvasprintf_const+0x66/0x1a0
[ 1063.353331][T18635]  kobject_set_name_vargs+0x5a/0x140
[ 1063.353358][T18635]  device_create_groups_vargs+0x1b1/0x270
[ 1063.353397][T18635]  device_create+0xed/0x130
[ 1063.353429][T18635]  ? __pfx_device_create+0x10/0x10
[ 1063.353460][T18635]  ? con_is_visible+0x65/0x150
[ 1063.353556][T18635]  ? csi_J+0x57e/0xad0
[ 1063.353596][T18635]  vc_allocate+0x539/0x880
[ 1063.353632][T18635]  ? __pfx_vc_allocate+0x10/0x10
[ 1063.353676][T18635]  con_install+0xa1/0x620
[ 1063.353714][T18635]  ? __pfx_con_install+0x10/0x10
[ 1063.353754][T18635]  ? __pfx_con_install+0x10/0x10
[ 1063.353797][T18635]  tty_init_dev.part.0+0x9e/0x470
[ 1063.353865][T18635]  tty_open+0xa63/0xfa0
[ 1063.353910][T18635]  ? __pfx_tty_open+0x10/0x10
[ 1063.353947][T18635]  ? chrdev_open+0x10b/0x6a0
[ 1063.353972][T18635]  ? chrdev_open+0x10b/0x6a0
[ 1063.354002][T18635]  ? __pfx_tty_open+0x10/0x10
[ 1063.354041][T18635]  chrdev_open+0x234/0x6a0
[ 1063.354065][T18635]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1063.354108][T18635]  ? __pfx_chrdev_open+0x10/0x10
[ 1063.354136][T18635]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1063.354174][T18635]  do_dentry_open+0x6d8/0x1660
[ 1063.354199][T18635]  ? __pfx_chrdev_open+0x10/0x10
[ 1063.354233][T18635]  vfs_open+0x82/0x3f0
[ 1063.354268][T18635]  path_openat+0x208c/0x31a0
[ 1063.354306][T18635]  ? __pfx_path_openat+0x10/0x10
[ 1063.354343][T18635]  do_file_open+0x20e/0x430
[ 1063.354372][T18635]  ? __pfx_do_file_open+0x10/0x10
[ 1063.354419][T18635]  ? alloc_fd+0x476/0x790
[ 1063.354447][T18635]  ? do_getname+0x191/0x390
[ 1063.354481][T18635]  do_sys_openat2+0x10d/0x1e0
[ 1063.354515][T18635]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1063.354551][T18635]  ? fd_install+0x24f/0x580
[ 1063.354580][T18635]  __x64_sys_openat+0x12d/0x210
[ 1063.354614][T18635]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1063.354661][T18635]  do_syscall_64+0x106/0xf80
[ 1063.354697][T18635]  ? clear_bhb_loop+0x40/0x90
[ 1063.354727][T18635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1063.354754][T18635] RIP: 0033:0x7f9396b9c799
[ 1063.354781][T18635] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1063.354808][T18635] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1063.354832][T18635] RAX: ffffffffffffffda RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1063.354850][T18635] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1063.354866][T18635] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1063.354883][T18635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1063.354898][T18635] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1063.354931][T18635]  </TASK>
[ 1069.079637][T18678] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3973'.
[ 1069.820890][T18649] can: request_module (can-proto-3) failed.
[ 1073.741061][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805ea0a800: rx timeout, send abort
[ 1073.749625][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805ea0a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1075.299317][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805ec8b800: rx timeout, send abort
[ 1075.307719][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805ec8b400: rx timeout, send abort
[ 1075.316267][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805ec8b800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1075.330700][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805ec8b400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1076.138053][T18726] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3986'.
[ 1078.082310][T18751] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3992'.
[ 1078.889990][T18752] Process accounting resumed
[ 1082.536032][T18795] netlink: 17 bytes leftover after parsing attributes in process `syz.3.4002'.
[ 1086.515024][T18835] FAULT_INJECTION: forcing a failure.
[ 1086.515024][T18835] name failslab, interval 1, probability 0, space 0, times 0
[ 1086.819156][T18835] CPU: 0 UID: 0 PID: 18835 Comm: syz.3.4011 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1086.819200][T18835] Tainted: [L]=SOFTLOCKUP
[ 1086.819235][T18835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1086.819252][T18835] Call Trace:
[ 1086.819260][T18835]  <TASK>
[ 1086.819270][T18835]  dump_stack_lvl+0x100/0x190
[ 1086.819317][T18835]  should_fail_ex.cold+0x5/0xa
[ 1086.819347][T18835]  should_failslab+0xc2/0x120
[ 1086.819377][T18835]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1086.819418][T18835]  ? alloc_inode+0x183/0x250
[ 1086.819458][T18835]  alloc_inode+0x183/0x250
[ 1086.819492][T18835]  new_inode+0x22/0x1c0
[ 1086.819528][T18835]  nfsd_mkdir+0x78/0x460
[ 1086.819589][T18835]  ? dput.part.0+0xdd/0x570
[ 1086.819625][T18835]  nfsd_fill_super+0x3f9/0x560
[ 1086.819656][T18835]  ? __pfx_nfsd_fill_super+0x10/0x10
[ 1086.819684][T18835]  get_tree_keyed+0x10e/0x1d0
[ 1086.819726][T18835]  vfs_get_tree+0x92/0x320
[ 1086.819763][T18835]  path_mount+0x7d0/0x23d0
[ 1086.819797][T18835]  ? __pfx_path_mount+0x10/0x10
[ 1086.819825][T18835]  ? lockdep_hardirqs_on+0x78/0x100
[ 1086.819873][T18835]  ? putname+0xb1/0x110
[ 1086.819898][T18835]  ? kmem_cache_free+0x124/0x6a0
[ 1086.819943][T18835]  ? __x64_sys_mount+0x293/0x310
[ 1086.819972][T18835]  __x64_sys_mount+0x293/0x310
[ 1086.820003][T18835]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1086.820042][T18835]  do_syscall_64+0x106/0xf80
[ 1086.820077][T18835]  ? clear_bhb_loop+0x40/0x90
[ 1086.820109][T18835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1086.820136][T18835] RIP: 0033:0x7f9396b9c799
[ 1086.820157][T18835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1086.820184][T18835] RSP: 002b:00007f9397aca028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1086.820208][T18835] RAX: ffffffffffffffda RBX: 00007f9396e16090 RCX: 00007f9396b9c799
[ 1086.820226][T18835] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000
[ 1086.820242][T18835] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1086.820258][T18835] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[ 1086.820274][T18835] R13: 00007f9396e16128 R14: 00007f9396e16090 R15: 00007fff534896a8
[ 1086.820306][T18835]  </TASK>
[ 1087.818108][T16718] Process accounting resumed
[ 1089.281549][T18868] random: crng reseeded on system resumption
[ 1089.931096][T18870] netlink: 'syz.4.4019': attribute type 2 has an invalid length.
[ 1090.019111][T18870] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4019'.
[ 1090.345007][T18876] FAULT_INJECTION: forcing a failure.
[ 1090.345007][T18876] name failslab, interval 1, probability 0, space 0, times 0
[ 1090.425219][T18876] CPU: 0 UID: 0 PID: 18876 Comm: syz.5.4020 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1090.425260][T18876] Tainted: [L]=SOFTLOCKUP
[ 1090.425270][T18876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1090.425287][T18876] Call Trace:
[ 1090.425310][T18876]  <TASK>
[ 1090.425320][T18876]  dump_stack_lvl+0x100/0x190
[ 1090.425364][T18876]  should_fail_ex.cold+0x5/0xa
[ 1090.425393][T18876]  ? security_inode_init_security+0x113/0x370
[ 1090.425433][T18876]  should_failslab+0xc2/0x120
[ 1090.425459][T18876]  __kmalloc_noprof+0xe0/0x850
[ 1090.425505][T18876]  security_inode_init_security+0x113/0x370
[ 1090.425545][T18876]  ? __pfx_shmem_initxattrs+0x10/0x10
[ 1090.425575][T18876]  ? __pfx_security_inode_init_security+0x10/0x10
[ 1090.425617][T18876]  ? make_vfsgid+0xf1/0x140
[ 1090.425663][T18876]  shmem_mknod+0x2bf/0x470
[ 1090.425699][T18876]  ? __pfx_shmem_mknod+0x10/0x10
[ 1090.425741][T18876]  vfs_create+0x301/0x6c0
[ 1090.425781][T18876]  filename_mknodat+0x2de/0x7f0
[ 1090.425813][T18876]  ? __pfx_filename_mknodat+0x10/0x10
[ 1090.425841][T18876]  ? strncpy_from_user+0x19d/0x2d0
[ 1090.425872][T18876]  ? do_getname+0x191/0x390
[ 1090.425907][T18876]  __x64_sys_mknod+0x8f/0xc0
[ 1090.425935][T18876]  do_syscall_64+0x106/0xf80
[ 1090.425971][T18876]  ? clear_bhb_loop+0x40/0x90
[ 1090.426002][T18876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1090.426028][T18876] RIP: 0033:0x7f0a28b9c799
[ 1090.426049][T18876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1090.426074][T18876] RSP: 002b:00007f0a29984028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1090.426097][T18876] RAX: ffffffffffffffda RBX: 00007f0a28e16090 RCX: 00007f0a28b9c799
[ 1090.426115][T18876] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[ 1090.426130][T18876] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1090.426145][T18876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1090.426161][T18876] R13: 00007f0a28e16128 R14: 00007f0a28e16090 R15: 00007fffffab8cc8
[ 1090.426193][T18876]  </TASK>
[ 1093.023789][T18898] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4027'.
[ 1093.129238][T18898] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1093.197547][T18898] bridge_slave_1 (unregistering): left allmulticast mode
[ 1093.236682][T18898] bridge_slave_1 (unregistering): left promiscuous mode
[ 1093.268156][T18898] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1097.613530][T18953] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4042'.
[ 1098.604864][T18960] zswap: compressor G not available
[ 1099.909925][T18986] netlink: 9 bytes leftover after parsing attributes in process `syz.1.4051'.
[ 1103.214814][T19009] serio: Serial port pty6
[ 1103.812279][T19015] FAULT_INJECTION: forcing a failure.
[ 1103.812279][T19015] name failslab, interval 1, probability 0, space 0, times 0
[ 1103.929407][T19015] CPU: 0 UID: 0 PID: 19015 Comm: syz.5.4057 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1103.929454][T19015] Tainted: [L]=SOFTLOCKUP
[ 1103.929465][T19015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1103.929481][T19015] Call Trace:
[ 1103.929490][T19015]  <TASK>
[ 1103.929500][T19015]  dump_stack_lvl+0x100/0x190
[ 1103.929553][T19015]  should_fail_ex.cold+0x5/0xa
[ 1103.929583][T19015]  should_failslab+0xc2/0x120
[ 1103.929609][T19015]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1103.929648][T19015]  ? __proc_create+0x2cb/0x8c0
[ 1103.929696][T19015]  __proc_create+0x2cb/0x8c0
[ 1103.929738][T19015]  ? __pfx___proc_create+0x10/0x10
[ 1103.929782][T19015]  ? _raw_write_unlock+0x28/0x50
[ 1103.929884][T19015]  ? proc_register+0x559/0x8a0
[ 1103.929911][T19015]  proc_create_reg+0x75/0x170
[ 1103.929939][T19015]  proc_create_seq_private+0x8e/0x180
[ 1103.929967][T19015]  ? __pfx_proc_create_seq_private+0x10/0x10
[ 1103.929995][T19015]  ? __pfx_proc_create_net_data+0x10/0x10
[ 1103.930019][T19015]  ? __pfx_uevent_net_rcv+0x10/0x10
[ 1103.930050][T19015]  ? __pfx_dev_proc_net_init+0x10/0x10
[ 1103.930085][T19015]  dev_proc_net_init+0xac/0x230
[ 1103.930118][T19015]  ops_init+0x1e2/0x5f0
[ 1103.930159][T19015]  setup_net+0x118/0x3a0
[ 1103.930198][T19015]  ? __pfx_setup_net+0x10/0x10
[ 1103.930235][T19015]  ? lockdep_init_map_type+0x5c/0x250
[ 1103.930271][T19015]  ? mutex_init_lockep+0x110/0x150
[ 1103.930310][T19015]  copy_net_ns+0x46f/0x7c0
[ 1103.930336][T19015]  create_new_namespaces+0x3ea/0xac0
[ 1103.930370][T19015]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1103.930400][T19015]  ksys_unshare+0x473/0xad0
[ 1103.930435][T19015]  ? __pfx_ksys_unshare+0x10/0x10
[ 1103.930479][T19015]  __x64_sys_unshare+0x31/0x40
[ 1103.930520][T19015]  do_syscall_64+0x106/0xf80
[ 1103.930556][T19015]  ? clear_bhb_loop+0x40/0x90
[ 1103.930588][T19015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1103.930614][T19015] RIP: 0033:0x7f0a28b9c799
[ 1103.930636][T19015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1103.930662][T19015] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1103.930686][T19015] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1103.930704][T19015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1103.930720][T19015] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1103.930736][T19015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1103.930752][T19015] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1103.930784][T19015]  </TASK>
[ 1104.745689][T19021] : Can't lookup blockdev
[ 1105.101866][T19027] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4061'.
[ 1110.231881][T19083] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4074'.
[ 1110.305291][T19083] netlink: 'syz.5.4074': attribute type 1 has an invalid length.
[ 1110.356491][T19083] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4074'.
[ 1110.901492][T19089] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4076'.
[ 1110.978186][T19089] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4076'.
[ 1112.328232][T19108] FAULT_INJECTION: forcing a failure.
[ 1112.328232][T19108] name failslab, interval 1, probability 0, space 0, times 0
[ 1112.533494][T19108] CPU: 0 UID: 0 PID: 19108 Comm: syz.3.4082 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1112.533535][T19108] Tainted: [L]=SOFTLOCKUP
[ 1112.533545][T19108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1112.533561][T19108] Call Trace:
[ 1112.533569][T19108]  <TASK>
[ 1112.533579][T19108]  dump_stack_lvl+0x100/0x190
[ 1112.533659][T19108]  should_fail_ex.cold+0x5/0xa
[ 1112.533700][T19108]  should_failslab+0xc2/0x120
[ 1112.533741][T19108]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1112.533783][T19108]  ? vkms_plane_duplicate_state+0x87/0x130
[ 1112.533903][T19108]  vkms_plane_duplicate_state+0x87/0x130
[ 1112.533937][T19108]  drm_atomic_get_plane_state+0x279/0x760
[ 1112.534012][T19108]  drm_client_modeset_commit_atomic+0x237/0x7e0
[ 1112.534071][T19108]  ? trace_contention_end+0x140/0x180
[ 1112.534123][T19108]  ? __mutex_lock+0x26a/0x1b90
[ 1112.534184][T19108]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 1112.534222][T19108]  ? drm_master_internal_acquire+0x21/0x80
[ 1112.534285][T19108]  drm_client_modeset_commit_locked+0x14d/0x580
[ 1112.534327][T19108]  drm_client_modeset_commit+0x4f/0x80
[ 1112.534364][T19108]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[ 1112.534443][T19108]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[ 1112.534484][T19108]  drm_fbdev_client_restore+0x1b/0x30
[ 1112.534532][T19108]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 1112.534561][T19108]  drm_client_dev_restore+0x205/0x2a0
[ 1112.534603][T19108]  drm_release+0x2c6/0x360
[ 1112.534652][T19108]  ? __pfx_drm_release+0x10/0x10
[ 1112.534684][T19108]  __fput+0x3ff/0xb40
[ 1112.534725][T19108]  task_work_run+0x150/0x240
[ 1112.534767][T19108]  ? __pfx_task_work_run+0x10/0x10
[ 1112.534814][T19108]  exit_to_user_mode_loop+0x100/0x4a0
[ 1112.534860][T19108]  do_syscall_64+0x668/0xf80
[ 1112.534895][T19108]  ? clear_bhb_loop+0x40/0x90
[ 1112.534938][T19108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.534965][T19108] RIP: 0033:0x7f9396b9c799
[ 1112.534986][T19108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1112.535012][T19108] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1112.535040][T19108] RAX: 0000000000000000 RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1112.535057][T19108] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1112.535073][T19108] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1112.535089][T19108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1112.535105][T19108] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1112.535138][T19108]  </TASK>
[ 1113.775063][T19116] __vm_enough_memory: pid: 19116, comm: syz.3.4084, bytes: 4398046511104 not enough memory for the allocation
[ 1115.962619][T19140] FAULT_INJECTION: forcing a failure.
[ 1115.962619][T19140] name failslab, interval 1, probability 0, space 0, times 0
[ 1116.053777][T19140] CPU: 0 UID: 0 PID: 19140 Comm: syz.3.4090 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1116.053819][T19140] Tainted: [L]=SOFTLOCKUP
[ 1116.053828][T19140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1116.053843][T19140] Call Trace:
[ 1116.053852][T19140]  <TASK>
[ 1116.053863][T19140]  dump_stack_lvl+0x100/0x190
[ 1116.053906][T19140]  should_fail_ex.cold+0x5/0xa
[ 1116.053935][T19140]  should_failslab+0xc2/0x120
[ 1116.053963][T19140]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1116.054001][T19140]  ? security_inode_alloc+0x3b/0x2c0
[ 1116.054052][T19140]  ? lockdep_init_map_type+0x5c/0x250
[ 1116.054094][T19140]  security_inode_alloc+0x3b/0x2c0
[ 1116.054120][T19140]  inode_init_always_gfp+0xced/0x1040
[ 1116.054158][T19140]  alloc_inode+0x8e/0x250
[ 1116.054192][T19140]  new_inode+0x22/0x1c0
[ 1116.054229][T19140]  configfs_new_inode+0x24/0x4a0
[ 1116.054283][T19140]  configfs_create+0xd9/0x370
[ 1116.054326][T19140]  configfs_lookup+0x38f/0x780
[ 1116.054359][T19140]  lookup_open.isra.0+0x631/0x11b0
[ 1116.054404][T19140]  ? __pfx_lookup_open.isra.0+0x10/0x10
[ 1116.054459][T19140]  ? mnt_get_write_access+0x1e9/0x2f0
[ 1116.054498][T19140]  path_openat+0xa98/0x31a0
[ 1116.054534][T19140]  ? __pfx_path_openat+0x10/0x10
[ 1116.054571][T19140]  do_file_open+0x20e/0x430
[ 1116.054607][T19140]  ? __pfx_do_file_open+0x10/0x10
[ 1116.054655][T19140]  ? alloc_fd+0x476/0x790
[ 1116.054683][T19140]  ? do_getname+0x191/0x390
[ 1116.054718][T19140]  do_sys_openat2+0x10d/0x1e0
[ 1116.054758][T19140]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1116.054794][T19140]  ? __x64_sys_close_range+0x2d9/0x5d0
[ 1116.054829][T19140]  __x64_sys_openat+0x12d/0x210
[ 1116.054865][T19140]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1116.054911][T19140]  do_syscall_64+0x106/0xf80
[ 1116.054947][T19140]  ? clear_bhb_loop+0x40/0x90
[ 1116.054979][T19140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1116.055006][T19140] RIP: 0033:0x7f9396b9c799
[ 1116.055028][T19140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1116.055054][T19140] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1116.055079][T19140] RAX: ffffffffffffffda RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1116.055099][T19140] RDX: 0000000000109103 RSI: 0000200000001280 RDI: ffffffffffffff9c
[ 1116.055116][T19140] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1116.055132][T19140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1116.055149][T19140] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1116.055181][T19140]  </TASK>
[ 1116.713106][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.720620][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.821528][T19150] tipc: Started in network mode
[ 1116.844969][T19150] tipc: Node identity ffffffff, cluster identity 4711
[ 1116.870052][T19150] tipc: Node number set to 4294967295
[ 1117.095539][T19153] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4094'.
[ 1117.132654][T19153] bond0: left allmulticast mode
[ 1117.137571][T19153] �: left allmulticast mode
[ 1117.162846][T19153] bond0: left promiscuous mode
[ 1117.172705][T19153] �: left promiscuous mode
[ 1117.183857][T19153] bridge0: port 3(bond0) entered disabled state
[ 1117.450413][T19153] bridge_slave_1: left allmulticast mode
[ 1117.540837][T19153] bridge_slave_1: left promiscuous mode
[ 1117.601024][T19153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1117.681511][T19153] bridge_slave_0: left allmulticast mode
[ 1117.703508][T19153] bridge_slave_0: left promiscuous mode
[ 1117.760561][T19153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.713930][T19156] __vm_enough_memory: pid: 19156, comm: syz.5.4095, bytes: 4398046511104 not enough memory for the allocation
[ 1119.620197][   T30] audit: type=1800 audit(2147483935.065:24): pid=19176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4099" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1120.373341][T19180] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4100'.
[ 1120.435453][T19183] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4100'.
[ 1124.036946][T16654] Bluetooth: hci2: command 0xfc11 tx timeout
[ 1124.045997][ T5834] Bluetooth: hci2: Entering manufacturer mode failed (-110)
[ 1125.526797][T19222] tipc: Started in network mode
[ 1125.552296][T19222] tipc: Node identity ffffffff, cluster identity 4711
[ 1125.619698][T19222] tipc: Node number set to 4294967295
[ 1141.586429][T19345] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1150.490258][ T5834] Bluetooth: hci3: SCO packet for unknown connection handle 0
[ 1150.891609][T19400] random: crng reseeded on system resumption
[ 1151.917085][T19386] FAULT_INJECTION: forcing a failure.
[ 1151.917085][T19386] name failslab, interval 1, probability 0, space 0, times 0
[ 1152.043716][T19386] CPU: 0 UID: 0 PID: 19386 Comm: syz.3.4148 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1152.043757][T19386] Tainted: [L]=SOFTLOCKUP
[ 1152.043766][T19386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1152.043783][T19386] Call Trace:
[ 1152.043792][T19386]  <TASK>
[ 1152.043803][T19386]  dump_stack_lvl+0x100/0x190
[ 1152.043850][T19386]  should_fail_ex.cold+0x5/0xa
[ 1152.043880][T19386]  ? memcg_list_lru_alloc+0x4ec/0x740
[ 1152.043943][T19386]  should_failslab+0xc2/0x120
[ 1152.043975][T19386]  __kmalloc_noprof+0xe0/0x850
[ 1152.044014][T19386]  ? ipcget+0xee/0xf50
[ 1152.044127][T19386]  memcg_list_lru_alloc+0x4ec/0x740
[ 1152.044175][T19386]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[ 1152.044213][T19386]  ? rcu_read_unlock+0x17/0x60
[ 1152.044249][T19386]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[ 1152.044292][T19386]  __memcg_slab_post_alloc_hook+0x130/0x990
[ 1152.044328][T19386]  ? kasan_save_track+0x14/0x30
[ 1152.044371][T19386]  kmem_cache_alloc_lru_noprof+0x592/0x6e0
[ 1152.044410][T19386]  ? hugetlbfs_alloc_inode+0x8c/0x1d0
[ 1152.044450][T19386]  hugetlbfs_alloc_inode+0x8c/0x1d0
[ 1152.044475][T19386]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[ 1152.044502][T19386]  alloc_inode+0x68/0x250
[ 1152.044536][T19386]  new_inode+0x22/0x1c0
[ 1152.044573][T19386]  hugetlbfs_get_inode+0x313/0x750
[ 1152.044604][T19386]  hugetlb_file_setup+0x3cc/0x5b0
[ 1152.044636][T19386]  newseg+0xabb/0xed0
[ 1152.044671][T19386]  ? __pfx_newseg+0x10/0x10
[ 1152.044708][T19386]  ? down_write+0x146/0x1f0
[ 1152.044752][T19386]  ? ksys_write+0x190/0x250
[ 1152.044775][T19386]  ? ksys_write+0x190/0x250
[ 1152.044802][T19386]  ipcget+0xee/0xf50
[ 1152.044833][T19386]  ? do_futex+0x192/0x350
[ 1152.044871][T19386]  ? __pfx_do_futex+0x10/0x10
[ 1152.044909][T19386]  ? __pfx_ipcget+0x10/0x10
[ 1152.044942][T19386]  ? __x64_sys_futex+0x34f/0x4d0
[ 1152.044974][T19386]  ? __x64_sys_futex+0x358/0x4d0
[ 1152.045013][T19386]  __x64_sys_shmget+0x13b/0x1b0
[ 1152.045046][T19386]  ? __pfx___x64_sys_shmget+0x10/0x10
[ 1152.045096][T19386]  do_syscall_64+0x106/0xf80
[ 1152.045132][T19386]  ? clear_bhb_loop+0x40/0x90
[ 1152.045163][T19386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.045190][T19386] RIP: 0033:0x7f9396b9c799
[ 1152.045211][T19386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1152.045236][T19386] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[ 1152.045261][T19386] RAX: ffffffffffffffda RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1152.045279][T19386] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000
[ 1152.045295][T19386] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1152.045311][T19386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1152.045326][T19386] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1152.045359][T19386]  </TASK>
[ 1154.882873][T19431] hub 1-0:1.0: USB hub found
[ 1155.010922][T19431] hub 1-0:1.0: 1 port detected
[ 1156.852863][T19460] FAULT_INJECTION: forcing a failure.
[ 1156.852863][T19460] name failslab, interval 1, probability 0, space 0, times 0
[ 1157.038280][T19460] CPU: 0 UID: 0 PID: 19460 Comm: syz.3.4167 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1157.038321][T19460] Tainted: [L]=SOFTLOCKUP
[ 1157.038330][T19460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1157.038346][T19460] Call Trace:
[ 1157.038354][T19460]  <TASK>
[ 1157.038365][T19460]  dump_stack_lvl+0x100/0x190
[ 1157.038408][T19460]  should_fail_ex.cold+0x5/0xa
[ 1157.038437][T19460]  should_failslab+0xc2/0x120
[ 1157.038464][T19460]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1157.038499][T19460]  ? sctp_add_bind_addr+0xae/0x3e0
[ 1157.038565][T19460]  sctp_add_bind_addr+0xae/0x3e0
[ 1157.038601][T19460]  sctp_copy_local_addr_list+0x349/0x550
[ 1157.038643][T19460]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1157.038684][T19460]  ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360
[ 1157.038727][T19460]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1157.038780][T19460]  sctp_bind_addr_copy+0xe0/0x530
[ 1157.038820][T19460]  sctp_connect_new_asoc+0x1c9/0x770
[ 1157.038848][T19460]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1157.038875][T19460]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[ 1157.038918][T19460]  ? sctp_endpoint_lookup_assoc+0x15c/0x2a0
[ 1157.038968][T19460]  __sctp_connect+0x3e7/0xc70
[ 1157.039000][T19460]  ? __pfx___sctp_connect+0x10/0x10
[ 1157.039027][T19460]  ? __pfx_sctp_inet_connect+0x10/0x10
[ 1157.039054][T19460]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1157.039100][T19460]  ? __pfx_sctp_inet_connect+0x10/0x10
[ 1157.039132][T19460]  sctp_inet_connect+0x15f/0x220
[ 1157.039160][T19460]  __sys_connect_file+0x141/0x1a0
[ 1157.039216][T19460]  __sys_connect+0x141/0x170
[ 1157.039247][T19460]  ? __pfx___sys_connect+0x10/0x10
[ 1157.039298][T19460]  __x64_sys_connect+0x72/0xb0
[ 1157.039329][T19460]  ? lockdep_hardirqs_on+0x78/0x100
[ 1157.039366][T19460]  do_syscall_64+0x106/0xf80
[ 1157.039400][T19460]  ? clear_bhb_loop+0x40/0x90
[ 1157.039431][T19460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1157.039457][T19460] RIP: 0033:0x7f9396b9c799
[ 1157.039478][T19460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1157.039504][T19460] RSP: 002b:00007f9397aca028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1157.039529][T19460] RAX: ffffffffffffffda RBX: 00007f9396e16090 RCX: 00007f9396b9c799
[ 1157.039547][T19460] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[ 1157.039563][T19460] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1157.039579][T19460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1157.039595][T19460] R13: 00007f9396e16128 R14: 00007f9396e16090 R15: 00007fff534896a8
[ 1157.039632][T19460]  </TASK>
[ 1161.178067][T19493] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4173'.
[ 1161.384969][T19496] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4173'.
[ 1166.506202][T19550] FAULT_INJECTION: forcing a failure.
[ 1166.506202][T19550] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1166.519569][T19550] CPU: 0 UID: 0 PID: 19550 Comm: syz.3.4185 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1166.519608][T19550] Tainted: [L]=SOFTLOCKUP
[ 1166.519617][T19550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1166.519634][T19550] Call Trace:
[ 1166.519642][T19550]  <TASK>
[ 1166.519653][T19550]  dump_stack_lvl+0x100/0x190
[ 1166.519699][T19550]  should_fail_ex.cold+0x5/0xa
[ 1166.519728][T19550]  should_fail_futex+0x4c/0x60
[ 1166.519781][T19550]  futex_lock_pi_atomic+0xe7/0xaf0
[ 1166.519828][T19550]  futex_lock_pi+0x246/0x7b0
[ 1166.519872][T19550]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1166.519913][T19550]  ? __pfx___futex_wait+0x10/0x10
[ 1166.519979][T19550]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1166.520025][T19550]  ? ksys_write+0x190/0x250
[ 1166.520047][T19550]  ? ksys_write+0x190/0x250
[ 1166.520075][T19550]  do_futex+0x18a/0x350
[ 1166.520108][T19550]  ? __pfx_do_futex+0x10/0x10
[ 1166.520149][T19550]  __x64_sys_futex+0x34f/0x4d0
[ 1166.520186][T19550]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1166.520231][T19550]  do_syscall_64+0x106/0xf80
[ 1166.520266][T19550]  ? clear_bhb_loop+0x40/0x90
[ 1166.520297][T19550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1166.520323][T19550] RIP: 0033:0x7f9396b9c799
[ 1166.520345][T19550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1166.520375][T19550] RSP: 002b:00007f9397aca028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1166.520400][T19550] RAX: ffffffffffffffda RBX: 00007f9396e16090 RCX: 00007f9396b9c799
[ 1166.520417][T19550] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000000
[ 1166.520433][T19550] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 00000000fffffffa
[ 1166.520449][T19550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1166.520465][T19550] R13: 00007f9396e16128 R14: 00007f9396e16090 R15: 00007fff534896a8
[ 1166.520498][T19550]  </TASK>
[ 1168.390530][T19564] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807fe07248 pfn:0x7fe00
[ 1168.471242][T19564] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1168.569398][T19564] memcg:ffff888078541201
[ 1168.573721][T19564] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1168.703934][T19564] page_type: f5(slab)
[ 1168.708035][T19564] raw: 00fff00000000240 ffff88801ce8d8c0 ffffea00012fb210 ffffea00012f1e10
[ 1168.839835][T19564] raw: ffff88807fe07248 0000000800190015 00000000f5000000 ffff888078541201
[ 1168.909249][T19564] head: 00fff00000000240 ffff88801ce8d8c0 ffffea00012fb210 ffffea00012f1e10
[ 1168.918031][T19564] head: ffff88807fe07248 0000000800190015 00000000f5000000 ffff888078541201
[ 1169.068739][T19564] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[ 1169.175554][T19564] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1169.273048][T19564] page dumped because: unmovable page
[ 1169.303152][T19564] page_owner tracks the page as allocated
[ 1169.369553][T19564] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5489, tgid 5489 (dhcpcd), ts 63371158012, free_ts 31132765200
[ 1169.579803][T19564]  post_alloc_hook+0x153/0x170
[ 1169.629358][T19564]  get_page_from_freelist+0x111d/0x3140
[ 1169.635023][T19564]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 1169.752273][T19564]  new_slab+0xa6/0x6b0
[ 1169.756425][T19564]  refill_objects+0x26b/0x400
[ 1169.832115][T19564]  __pcs_replace_empty_main+0x1ab/0x660
[ 1169.837784][T19564]  kmem_cache_alloc_lru_noprof+0x485/0x6e0
[ 1169.929102][T19564]  alloc_inode+0x183/0x250
[ 1169.933614][T19564]  iget_locked+0x1d9/0x6d0
[ 1169.938126][T19564]  kernfs_get_inode+0x46/0x470
[ 1170.053415][T19564]  kernfs_iop_lookup+0x1a7/0x2d0
[ 1170.058442][T19564]  __lookup_slow+0x251/0x460
[ 1170.121480][T19564]  lookup_slow+0x50/0x70
[ 1170.125801][T19564]  path_lookupat+0x5e8/0xc40
[ 1170.199028][T19564]  filename_lookup+0x202/0x590
[ 1170.239031][T19564]  vfs_statx+0xff/0x3f0
[ 1170.282661][T19564] page last free pid 1 tgid 1 stack trace:
[ 1170.288556][T19564]  __free_frozen_pages+0x7e1/0x10d0
[ 1170.360192][T19564]  free_contig_range+0xde/0x1d0
[ 1170.365121][T19564]  destroy_args+0xa8/0x7a0
[ 1170.419331][T19564]  debug_vm_pgtable+0x1b66/0x34c0
[ 1170.424418][T19564]  do_one_initcall+0x11d/0x760
[ 1170.483132][T19564]  kernel_init_freeable+0x6e5/0x7a0
[ 1170.488461][T19564]  kernel_init+0x1f/0x1e0
[ 1170.569327][T19564]  ret_from_fork+0x754/0xd80
[ 1170.599475][T19564]  ret_from_fork_asm+0x1a/0x30
[ 1177.909643][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.916088][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.587150][T19667] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1186.951323][T19703] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1187.009818][T19704] random: crng reseeded on system resumption
[ 1187.172412][T19702] Restarting kernel threads ...
[ 1187.237134][T19702] Done restarting kernel threads.
[ 1187.593008][T19703] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4218'.
[ 1187.953668][T19703] HfR: entered promiscuous mode
[ 1190.407944][T19727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4224'.
[ 1190.570566][T19732] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4224'.
[ 1198.181492][T19798] FAULT_INJECTION: forcing a failure.
[ 1198.181492][T19798] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1198.323923][T19798] CPU: 0 UID: 0 PID: 19798 Comm: syz.3.4240 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1198.323972][T19798] Tainted: [L]=SOFTLOCKUP
[ 1198.323982][T19798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1198.323997][T19798] Call Trace:
[ 1198.324006][T19798]  <TASK>
[ 1198.324017][T19798]  dump_stack_lvl+0x100/0x190
[ 1198.324060][T19798]  should_fail_ex.cold+0x5/0xa
[ 1198.324089][T19798]  get_futex_key+0x1d2/0x1620
[ 1198.324124][T19798]  ? __pfx_get_futex_key+0x10/0x10
[ 1198.324165][T19798]  futex_wait_setup+0x83/0x510
[ 1198.324212][T19798]  __futex_wait+0x19f/0x300
[ 1198.324254][T19798]  ? __pfx___futex_wait+0x10/0x10
[ 1198.324299][T19798]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1198.324343][T19798]  ? find_held_lock+0x2b/0x80
[ 1198.324367][T19798]  ? futex_wake+0x456/0x530
[ 1198.324412][T19798]  futex_wait+0xed/0x380
[ 1198.324451][T19798]  ? __pfx_futex_wait+0x10/0x10
[ 1198.324497][T19798]  ? putname+0xb1/0x110
[ 1198.324522][T19798]  ? kmem_cache_free+0x124/0x6a0
[ 1198.324563][T19798]  do_futex+0x1ef/0x350
[ 1198.324596][T19798]  ? __pfx_do_futex+0x10/0x10
[ 1198.324627][T19798]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1198.324668][T19798]  __x64_sys_futex+0x34f/0x4d0
[ 1198.324703][T19798]  ? __x64_sys_openat+0x12d/0x210
[ 1198.324737][T19798]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1198.324782][T19798]  do_syscall_64+0x106/0xf80
[ 1198.324818][T19798]  ? clear_bhb_loop+0x40/0x90
[ 1198.324848][T19798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1198.324874][T19798] RIP: 0033:0x7f9396b9c799
[ 1198.324894][T19798] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1198.324920][T19798] RSP: 002b:00007f9397aca0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1198.324954][T19798] RAX: ffffffffffffffda RBX: 00007f9396e16098 RCX: 00007f9396b9c799
[ 1198.324971][T19798] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9396e16098
[ 1198.324987][T19798] RBP: 00007f9396e16090 R08: 0000000000000000 R09: 0000000000000000
[ 1198.325002][T19798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1198.325018][T19798] R13: 00007f9396e16128 R14: 00007fff534895c0 R15: 00007fff534896a8
[ 1198.325050][T19798]  </TASK>
[ 1203.693769][T19828] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4248'.
[ 1212.443114][T19898] tipc: Started in network mode
[ 1212.537354][T19898] tipc: Node identity ffffffff, cluster identity 4711
[ 1212.598230][T19898] tipc: Node number set to 4294967295
[ 1213.722897][T19913] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4268'.
[ 1213.828254][T19913] netlink: 'syz.1.4268': attribute type 1 has an invalid length.
[ 1213.920605][T19913] netlink: 'syz.1.4268': attribute type 6 has an invalid length.
[ 1218.315749][ T5834] Bluetooth: hci0: unexpected event 0x12 length: 440 > 8
[ 1219.945147][T19966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4278'.
[ 1220.209476][T19968] netlink: 'syz.4.4278': attribute type 1 has an invalid length.
[ 1220.331269][T19968] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4278'.
[ 1224.471300][T19998] netlink: 504 bytes leftover after parsing attributes in process `syz.1.4285'.
[ 1225.157700][T20006] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4288'.
[ 1228.022406][   T30] audit: type=1804 audit(2147484043.438:25): pid=20027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4293" name="/newroot/646/file0" dev="tmpfs" ino=3393 res=1 errno=0
[ 1228.220716][   T30] audit: type=1804 audit(2147484043.528:26): pid=20039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.4293" name="/newroot/646/file0" dev="tmpfs" ino=3393 res=1 errno=0
[ 1230.595633][T20058] netlink: zone id is out of range
[ 1230.760762][T20058] netlink: zone id is out of range
[ 1230.875851][T20059] netlink: zone id is out of range
[ 1230.970826][T20058] netlink: zone id is out of range
[ 1230.976202][T20058] netlink: zone id is out of range
[ 1231.074338][T20059] netlink: zone id is out of range
[ 1231.230137][T20059] netlink: zone id is out of range
[ 1231.297266][T20058] netlink: zone id is out of range
[ 1231.331683][T20059] netlink: zone id is out of range
[ 1231.401857][T20058] netlink: zone id is out of range
[ 1239.361484][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.367988][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1242.680390][T20123] net_ratelimit: 16 callbacks suppressed
[ 1242.680415][T20123] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1243.050780][T20125] can: request_module (can-proto-5) failed.
[ 1243.311877][T20125] netlink: 186 bytes leftover after parsing attributes in process `syz.4.4314'.
[ 1244.933038][T20138] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4316'.
[ 1245.083580][T20142] netlink: 354 bytes leftover after parsing attributes in process `syz.5.4316'.
[ 1245.791088][T20148] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[ 1246.672564][T20156] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[ 1249.778785][T20172] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17
[ 1257.564963][   T30] audit: type=1804 audit(2147484072.968:27): pid=20203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4331" name="file0" dev="tmpfs" ino=5989 res=1 errno=0
[ 1257.784304][   T30] audit: type=1804 audit(2147484073.038:28): pid=20206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4331" name="file0" dev="tmpfs" ino=5989 res=1 errno=0
[ 1259.004661][T20215] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4333'.
[ 1263.264602][T20246] hub 1-0:1.0: USB hub found
[ 1263.600828][T20246] hub 1-0:1.0: 1 port detected
[ 1266.530228][T20266] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4345'.
[ 1266.883956][T20274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4346'.
[ 1273.063867][T20327] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4356'.
[ 1273.153464][T20327] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4356'.
[ 1273.715075][T20323] netlink: 306 bytes leftover after parsing attributes in process `syz.3.4355'.
[ 1279.385070][T20388] Invalid ELF header magic: != ELF
[ 1291.722166][T20473] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input18
[ 1294.241267][T20490] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4388'.
[ 1295.207520][T20491] netlink: 306 bytes leftover after parsing attributes in process `syz.1.4387'.
[ 1296.808571][T20513] Invalid ELF header magic: != ELF
[ 1300.807750][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.814191][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.184719][T20545] netlink: zone id is out of range
[ 1313.021099][T20625] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1313.574267][T20625] CIFS mount error: No usable UNC path provided in device string!
[ 1313.574267][T20625] 
[ 1313.801059][T20625] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1314.251103][T20638] FAULT_INJECTION: forcing a failure.
[ 1314.251103][T20638] name failslab, interval 1, probability 0, space 0, times 0
[ 1314.365931][T20638] CPU: 0 UID: 0 PID: 20638 Comm: syz.3.4417 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1314.365974][T20638] Tainted: [L]=SOFTLOCKUP
[ 1314.365983][T20638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1314.366000][T20638] Call Trace:
[ 1314.366009][T20638]  <TASK>
[ 1314.366018][T20638]  dump_stack_lvl+0x100/0x190
[ 1314.366065][T20638]  should_fail_ex.cold+0x5/0xa
[ 1314.366095][T20638]  ? tomoyo_supervisor+0x65d/0x1340
[ 1314.366159][T20638]  should_failslab+0xc2/0x120
[ 1314.366187][T20638]  __kmalloc_noprof+0xe0/0x850
[ 1314.366234][T20638]  tomoyo_supervisor+0x65d/0x1340
[ 1314.366278][T20638]  ? __pfx_tomoyo_supervisor+0x10/0x10
[ 1314.366319][T20638]  ? tomoyo_realpath_from_path+0x19c/0x690
[ 1314.366367][T20638]  ? tomoyo_realpath_from_path+0x19c/0x690
[ 1314.366400][T20638]  ? kfree+0x1f6/0x6b0
[ 1314.366441][T20638]  ? tomoyo_check_path_number_acl+0x1e6/0x2f0
[ 1314.366479][T20638]  tomoyo_path_number_perm+0x445/0x580
[ 1314.366509][T20638]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1314.366539][T20638]  ? rcu_read_unlock+0x17/0x60
[ 1314.366575][T20638]  ? do_raw_spin_lock+0x128/0x260
[ 1314.366628][T20638]  ? find_held_lock+0x2b/0x80
[ 1314.366652][T20638]  ? __pfx_d_add+0x10/0x10
[ 1314.366682][T20638]  ? d_alloc+0x176/0x1e0
[ 1314.366709][T20638]  ? current_check_access_path+0x281/0x460
[ 1314.366752][T20638]  ? simple_lookup+0x105/0x1d0
[ 1314.366797][T20638]  tomoyo_path_mknod+0x164/0x190
[ 1314.366835][T20638]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[ 1314.366876][T20638]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1314.366924][T20638]  security_path_mknod+0x161/0x300
[ 1314.366980][T20638]  filename_mknodat+0x241/0x7f0
[ 1314.367014][T20638]  ? __pfx_filename_mknodat+0x10/0x10
[ 1314.367042][T20638]  ? strncpy_from_user+0x19d/0x2d0
[ 1314.367088][T20638]  ? do_getname+0x191/0x390
[ 1314.367123][T20638]  __x64_sys_mknod+0x8f/0xc0
[ 1314.367152][T20638]  do_syscall_64+0x106/0xf80
[ 1314.367190][T20638]  ? clear_bhb_loop+0x40/0x90
[ 1314.367222][T20638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1314.367249][T20638] RIP: 0033:0x7f9396b9c799
[ 1314.367271][T20638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1314.367297][T20638] RSP: 002b:00007f9397aa9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1314.367322][T20638] RAX: ffffffffffffffda RBX: 00007f9396e16180 RCX: 00007f9396b9c799
[ 1314.367339][T20638] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 0000000000000000
[ 1314.367355][T20638] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1314.367371][T20638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1314.367387][T20638] R13: 00007f9396e16218 R14: 00007f9396e16180 R15: 00007fff534896a8
[ 1314.367425][T20638]  </TASK>
[ 1319.212089][T20671] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1320.583549][T20680] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4426'.
[ 1324.648853][T20721] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[ 1325.409851][T20735] CIFS mount error: No usable UNC path provided in device string!
[ 1325.409851][T20735] 
[ 1325.513090][T20735] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1328.542978][T20763] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1333.766282][T20801] futex_wake_op: syz.4.4451 tries to shift op by -2048; fix this program
[ 1333.836818][T20801] futex_wake_op: syz.4.4451 tries to shift op by -2048; fix this program
[ 1336.295794][T20821] FAULT_INJECTION: forcing a failure.
[ 1336.295794][T20821] name failslab, interval 1, probability 0, space 0, times 0
[ 1336.471069][T20821] CPU: 0 UID: 0 PID: 20821 Comm: syz.3.4456 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1336.471111][T20821] Tainted: [L]=SOFTLOCKUP
[ 1336.471120][T20821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1336.471137][T20821] Call Trace:
[ 1336.471146][T20821]  <TASK>
[ 1336.471169][T20821]  dump_stack_lvl+0x100/0x190
[ 1336.471211][T20821]  should_fail_ex.cold+0x5/0xa
[ 1336.471239][T20821]  should_failslab+0xc2/0x120
[ 1336.471265][T20821]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1336.471304][T20821]  ? alloc_inode+0x68/0x250
[ 1336.471337][T20821]  ? start_dirop+0x79/0xb0
[ 1336.471377][T20821]  ? __pfx_rpc_alloc_inode+0x10/0x10
[ 1336.471493][T20821]  alloc_inode+0x68/0x250
[ 1336.471526][T20821]  new_inode+0x22/0x1c0
[ 1336.471561][T20821]  rpc_new_file+0xa9/0x420
[ 1336.471589][T20821]  ? rpc_close_pipes+0xa0/0x770
[ 1336.471619][T20821]  rpc_fill_super+0x386/0x4f0
[ 1336.471657][T20821]  ? __pfx_rpc_fill_super+0x10/0x10
[ 1336.471686][T20821]  get_tree_keyed+0x10e/0x1d0
[ 1336.471725][T20821]  vfs_get_tree+0x92/0x320
[ 1336.471760][T20821]  vfs_cmd_create+0xd7/0x2a0
[ 1336.471794][T20821]  __do_sys_fsconfig+0x55a/0xcb0
[ 1336.471828][T20821]  ? __pfx___do_sys_fsconfig+0x10/0x10
[ 1336.471874][T20821]  do_syscall_64+0x106/0xf80
[ 1336.471908][T20821]  ? clear_bhb_loop+0x40/0x90
[ 1336.471938][T20821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.471963][T20821] RIP: 0033:0x7f9396b9c799
[ 1336.471984][T20821] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1336.472009][T20821] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1336.472032][T20821] RAX: ffffffffffffffda RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1336.472048][T20821] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000003
[ 1336.472063][T20821] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1336.472082][T20821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1336.472097][T20821] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1336.472128][T20821]  </TASK>
[ 1337.138636][ T5834] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[ 1337.907592][T20834] Invalid ELF header magic: != ELF
[ 1338.291202][T20833] Invalid ELF header magic: != ELF
[ 1339.510749][T20825] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1339.954114][   T30] audit: type=1800 audit(2147484155.368:29): pid=20851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4462" name="dbroot" dev="configfs" ino=398019 res=0 errno=0
[ 1341.591235][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1343.528602][T20873] netlink: 9 bytes leftover after parsing attributes in process `syz.3.4466'.
[ 1344.711446][T20880] can: request_module (can-proto-4) failed.
[ 1345.305437][T20879] [U] ^@
[ 1346.546305][T20906] lo: entered allmulticast mode
[ 1347.389469][T20900] lo: left allmulticast mode
[ 1348.624919][ T5834] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[ 1348.624951][ T5834] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[ 1348.639826][ T5834] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[ 1348.639892][ T5834] Bluetooth: hci0: Unknown advertising packet type: 0x76
[ 1348.648892][ T5834] Bluetooth: hci0: adv larger than maximum supported
[ 1348.656008][ T5834] Bluetooth: hci0: Malformed LE Event: 0x0d
[ 1355.614128][T20980] Invalid ELF header magic: != ELF
[ 1362.235287][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.242595][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.755449][T21038] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4501'.
[ 1362.861319][T21041] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4501'.
[ 1366.460754][T21066] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead.
[ 1368.320946][T21078] can: request_module (can-proto-4) failed.
[ 1371.328432][T21095] Invalid ELF header magic: != ELF
[ 1371.685604][T21099] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4515'.
[ 1376.434750][T21119] delete_channel: no stack
[ 1376.480087][T21119] netlink: 'syz.1.4518': attribute type 10 has an invalid length.
[ 1376.571431][T21119] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4518'.
[ 1377.312579][T21130] Invalid ELF header magic: != ELF
[ 1379.615918][T21135] kexec: Could not allocate control_code_buffer
[ 1380.150257][T21149] futex_wake_op: syz.1.4524 tries to shift op by -2048; fix this program
[ 1380.231210][T21149] futex_wake_op: syz.1.4524 tries to shift op by -2048; fix this program
[ 1381.411467][T21157] Invalid ELF header magic: != ELF
[ 1385.257928][T21181] netlink: 'syz.4.4531': attribute type 1 has an invalid length.
[ 1392.907964][T21238] ptrace attach of "./syz-executor exec"[10675] was attempted by "./syz-executor exec"[21238]
[ 1393.121774][T21238] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1396.686240][ T5834] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5
[ 1396.941507][T21280] openvswitch: netlink: Multiple metadata blocks provided
[ 1403.171399][T21313] netlink: 'syz.5.4559': attribute type 1 has an invalid length.
[ 1406.795745][ T5834] Bluetooth: hci1: unexpected subevent 0x18 length: 123 > 19
[ 1406.803308][ T5834] Bluetooth: hci1: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00
[ 1414.089212][T21397] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4577'.
[ 1418.422587][T21434] zswap: compressor  not available
[ 1418.974937][T21450] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4586'.
[ 1420.064611][ T5834] Bluetooth: hci1: unexpected event 0x10 length: 440 > 1
[ 1420.067190][T20825] Bluetooth: hci1: hardware error 0x00
[ 1421.946785][T21474] Invalid ELF header magic: != ELF
[ 1422.153214][T20825] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1423.679233][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.694143][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1425.560180][T21497] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[ 1425.831073][T21489] zswap: compressor  not available
[ 1425.997728][T21497] File: /dev/nullb0 PID: 21497 Comm: syz.3.4598
[ 1427.425213][T21513] zswap: compressor  not available
[ 1433.311023][T21560] Invalid ELF header magic: != ELF
[ 1442.510932][T21623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4622'.
[ 1442.607464][T21624] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4622'.
[ 1446.880460][T21661] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4631'.
[ 1446.979129][T21662] netlink: 354 bytes leftover after parsing attributes in process `syz.3.4631'.
[ 1447.039602][T21645] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4628'.
[ 1451.759308][T21700] Invalid ELF header magic: != ELF
[ 1456.931411][T21746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4648'.
[ 1457.007598][T21747] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4648'.
[ 1461.819060][T21783] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4658'.
[ 1461.927796][T21786] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4658'.
[ 1463.303491][T20825] block nbd0: Receive control failed (result -32)
[ 1464.317905][T21812] FAULT_INJECTION: forcing a failure.
[ 1464.317905][T21812] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.440420][T21812] CPU: 0 UID: 0 PID: 21812 Comm: syz.3.4663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1464.440463][T21812] Tainted: [L]=SOFTLOCKUP
[ 1464.440472][T21812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1464.440489][T21812] Call Trace:
[ 1464.440499][T21812]  <TASK>
[ 1464.440509][T21812]  dump_stack_lvl+0x100/0x190
[ 1464.440560][T21812]  should_fail_ex.cold+0x5/0xa
[ 1464.440589][T21812]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1464.440627][T21812]  should_failslab+0xc2/0x120
[ 1464.440654][T21812]  __kmalloc_noprof+0xe0/0x850
[ 1464.440703][T21812]  tomoyo_realpath_from_path+0xb6/0x690
[ 1464.440744][T21812]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1464.440775][T21812]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1464.440833][T21812]  ? do_raw_spin_lock+0x128/0x260
[ 1464.440874][T21812]  ? path_get+0x61/0x80
[ 1464.440906][T21812]  tomoyo_file_open+0x6b/0x90
[ 1464.440946][T21812]  security_file_open+0xb5/0x1e0
[ 1464.440979][T21812]  do_dentry_open+0x5aa/0x1660
[ 1464.441007][T21812]  ? security_inode_permission+0xbf/0x250
[ 1464.441048][T21812]  vfs_open+0x82/0x3f0
[ 1464.441084][T21812]  path_openat+0x208c/0x31a0
[ 1464.441121][T21812]  ? __pfx_path_openat+0x10/0x10
[ 1464.441158][T21812]  do_file_open+0x20e/0x430
[ 1464.441187][T21812]  ? __pfx_do_file_open+0x10/0x10
[ 1464.441235][T21812]  ? alloc_fd+0x476/0x790
[ 1464.441263][T21812]  ? do_getname+0x191/0x390
[ 1464.441298][T21812]  do_sys_openat2+0x10d/0x1e0
[ 1464.441331][T21812]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1464.441376][T21812]  __x64_sys_openat+0x12d/0x210
[ 1464.441411][T21812]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1464.441458][T21812]  do_syscall_64+0x106/0xf80
[ 1464.441496][T21812]  ? clear_bhb_loop+0x40/0x90
[ 1464.441527][T21812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.441553][T21812] RIP: 0033:0x7f9396b9c799
[ 1464.441580][T21812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1464.441608][T21812] RSP: 002b:00007f9397aca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1464.441634][T21812] RAX: ffffffffffffffda RBX: 00007f9396e16090 RCX: 00007f9396b9c799
[ 1464.441651][T21812] RDX: 0000000000020200 RSI: 0000200000000440 RDI: ffffffffffffff9c
[ 1464.441668][T21812] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1464.441685][T21812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1464.441701][T21812] R13: 00007f9396e16128 R14: 00007f9396e16090 R15: 00007fff534896a8
[ 1464.441734][T21812]  </TASK>
[ 1464.954601][T21812] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1465.305100][T21820] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4666'.
[ 1465.347124][T21820] netlink: 'syz.5.4666': attribute type 1 has an invalid length.
[ 1465.394790][T21820] netlink: 5 bytes leftover after parsing attributes in process `syz.5.4666'.
[ 1472.452577][T21881] Invalid ELF header magic: != ELF
[ 1473.314770][T21900] Invalid ELF header magic: != ELF
[ 1474.495381][T21908] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4682'.
[ 1474.540137][T21908] netlink: 354 bytes leftover after parsing attributes in process `syz.3.4682'.
[ 1475.048149][T21922] Invalid ELF header magic: != ELF
[ 1475.116456][T21927] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4684'.
[ 1475.910942][T21920] Invalid ELF header magic: != ELF
[ 1476.284376][T21944] FAULT_INJECTION: forcing a failure.
[ 1476.284376][T21944] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1476.387489][T21944] CPU: 0 UID: 0 PID: 21944 Comm: syz.3.4688 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1476.387530][T21944] Tainted: [L]=SOFTLOCKUP
[ 1476.387539][T21944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1476.387557][T21944] Call Trace:
[ 1476.387565][T21944]  <TASK>
[ 1476.387576][T21944]  dump_stack_lvl+0x100/0x190
[ 1476.387620][T21944]  should_fail_ex.cold+0x5/0xa
[ 1476.387644][T21944]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1476.387676][T21944]  should_fail_alloc_page+0xeb/0x140
[ 1476.387705][T21944]  prepare_alloc_pages+0x1f0/0x5f0
[ 1476.387740][T21944]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1476.387794][T21944]  ? stack_trace_save+0x8e/0xc0
[ 1476.387824][T21944]  ? __pfx_stack_trace_save+0x10/0x10
[ 1476.387849][T21944]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1476.387888][T21944]  ? stack_depot_save_flags+0x27/0x9d0
[ 1476.387928][T21944]  ? kasan_save_stack+0x3f/0x50
[ 1476.387966][T21944]  ? kasan_save_stack+0x30/0x50
[ 1476.388005][T21944]  ? kasan_save_track+0x14/0x30
[ 1476.388049][T21944]  ? __kasan_kmalloc+0xaa/0xb0
[ 1476.388090][T21944]  ? do_file_open+0x20e/0x430
[ 1476.388115][T21944]  ? do_sys_openat2+0x10d/0x1e0
[ 1476.388147][T21944]  ? __x64_sys_openat+0x12d/0x210
[ 1476.388180][T21944]  ? do_syscall_64+0x106/0xf80
[ 1476.388215][T21944]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1476.388246][T21944]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1476.388292][T21944]  ? policy_nodemask+0xed/0x4f0
[ 1476.388324][T21944]  alloc_pages_mpol+0x1fb/0x550
[ 1476.388352][T21944]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1476.388388][T21944]  alloc_pages_noprof+0x131/0x390
[ 1476.388416][T21944]  get_zeroed_page_noprof+0x18/0xb0
[ 1476.388445][T21944]  mon_alloc_buff+0xce/0x1b0
[ 1476.388513][T21944]  ? kasan_save_track+0x14/0x30
[ 1476.388556][T21944]  mon_bin_open+0x207/0x470
[ 1476.388584][T21944]  ? __pfx_mon_bin_open+0x10/0x10
[ 1476.388612][T21944]  chrdev_open+0x234/0x6a0
[ 1476.388637][T21944]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1476.388681][T21944]  ? __pfx_chrdev_open+0x10/0x10
[ 1476.388709][T21944]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1476.388746][T21944]  do_dentry_open+0x6d8/0x1660
[ 1476.388770][T21944]  ? __pfx_chrdev_open+0x10/0x10
[ 1476.388804][T21944]  vfs_open+0x82/0x3f0
[ 1476.388839][T21944]  path_openat+0x208c/0x31a0
[ 1476.388875][T21944]  ? __pfx_path_openat+0x10/0x10
[ 1476.388912][T21944]  do_file_open+0x20e/0x430
[ 1476.388940][T21944]  ? __pfx_do_file_open+0x10/0x10
[ 1476.388987][T21944]  ? alloc_fd+0x476/0x790
[ 1476.389020][T21944]  ? do_getname+0x191/0x390
[ 1476.389055][T21944]  do_sys_openat2+0x10d/0x1e0
[ 1476.389100][T21944]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1476.389135][T21944]  ? __fget_files+0x21f/0x3d0
[ 1476.389163][T21944]  __x64_sys_openat+0x12d/0x210
[ 1476.389198][T21944]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1476.389242][T21944]  do_syscall_64+0x106/0xf80
[ 1476.389275][T21944]  ? clear_bhb_loop+0x40/0x90
[ 1476.389305][T21944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1476.389330][T21944] RIP: 0033:0x7f9396b9c799
[ 1476.389351][T21944] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1476.389375][T21944] RSP: 002b:00007f9397aca028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1476.389399][T21944] RAX: ffffffffffffffda RBX: 00007f9396e16090 RCX: 00007f9396b9c799
[ 1476.389415][T21944] RDX: 0000000000002040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1476.389431][T21944] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1476.389447][T21944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1476.389462][T21944] R13: 00007f9396e16128 R14: 00007f9396e16090 R15: 00007fff534896a8
[ 1476.389493][T21944]  </TASK>
[ 1477.331296][T21956] FAULT_INJECTION: forcing a failure.
[ 1477.331296][T21956] name failslab, interval 1, probability 0, space 0, times 0
[ 1477.380722][T21956] CPU: 0 UID: 0 PID: 21956 Comm: syz.5.4689 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1477.380764][T21956] Tainted: [L]=SOFTLOCKUP
[ 1477.380774][T21956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1477.380789][T21956] Call Trace:
[ 1477.380799][T21956]  <TASK>
[ 1477.380808][T21956]  dump_stack_lvl+0x100/0x190
[ 1477.380852][T21956]  should_fail_ex.cold+0x5/0xa
[ 1477.380881][T21956]  should_failslab+0xc2/0x120
[ 1477.380916][T21956]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1477.380957][T21956]  ? __d_alloc+0x34/0xa80
[ 1477.380991][T21956]  __d_alloc+0x34/0xa80
[ 1477.381023][T21956]  d_alloc+0x4a/0x1e0
[ 1477.381053][T21956]  lookup_one_qstr_excl+0x175/0x250
[ 1477.381089][T21956]  start_dirop+0x59/0xb0
[ 1477.381130][T21956]  simple_start_creating+0xf9/0x110
[ 1477.381173][T21956]  ? __pfx_simple_start_creating+0x10/0x10
[ 1477.381217][T21956]  ? dput.part.0+0xdd/0x570
[ 1477.381252][T21956]  rpc_new_dir+0x27/0x420
[ 1477.381284][T21956]  rpc_populate.constprop.0+0x125/0x1c0
[ 1477.381320][T21956]  ? d_instantiate+0x95/0xb0
[ 1477.381355][T21956]  ? __pfx_rpc_fill_super+0x10/0x10
[ 1477.381385][T21956]  rpc_fill_super+0x2b9/0x4f0
[ 1477.381419][T21956]  ? __pfx_rpc_fill_super+0x10/0x10
[ 1477.381449][T21956]  get_tree_keyed+0x10e/0x1d0
[ 1477.381492][T21956]  vfs_get_tree+0x92/0x320
[ 1477.381527][T21956]  vfs_cmd_create+0xd7/0x2a0
[ 1477.381562][T21956]  __do_sys_fsconfig+0x55a/0xcb0
[ 1477.381598][T21956]  ? __pfx___do_sys_fsconfig+0x10/0x10
[ 1477.381646][T21956]  do_syscall_64+0x106/0xf80
[ 1477.381682][T21956]  ? clear_bhb_loop+0x40/0x90
[ 1477.381713][T21956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1477.381740][T21956] RIP: 0033:0x7f0a28b9c799
[ 1477.381761][T21956] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1477.381786][T21956] RSP: 002b:00007f0a29984028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1477.381811][T21956] RAX: ffffffffffffffda RBX: 00007f0a28e16090 RCX: 00007f0a28b9c799
[ 1477.381827][T21956] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004
[ 1477.381842][T21956] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1477.381858][T21956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1477.381873][T21956] R13: 00007f0a28e16128 R14: 00007f0a28e16090 R15: 00007fffffab8cc8
[ 1477.381912][T21956]  </TASK>
[ 1477.382040][T21956] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory /
[ 1477.754962][T21957] Invalid ELF header magic: != ELF
[ 1478.067644][T21960] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4693'.
[ 1478.122369][T21962] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4693'.
[ 1480.291225][T21984] Invalid ELF header magic: != ELF
[ 1482.782549][T22027] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4707'.
[ 1482.847480][T22027] mac80211_hwsim hwsim14 �: renamed from wlan0 (while UP)
[ 1484.306065][T22037] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1484.389157][T22037] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1484.493787][T22037] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1484.604622][T22037] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1484.806325][T22055] Invalid ELF header magic: != ELF
[ 1484.914831][T22037] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1485.155907][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.162299][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.626268][T21852] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1486.429979][T21852] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1486.505495][T21852] Bluetooth: hci4: command 0x0406 tx timeout
[ 1488.587043][T21852] Bluetooth: hci4: command 0x0406 tx timeout
[ 1489.427279][T22122] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4719'.
[ 1489.490411][T22124] netlink: 'syz.5.4719': attribute type 1 has an invalid length.
[ 1489.571093][T22127] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4721'.
[ 1489.586622][T22124] netlink: 51505 bytes leftover after parsing attributes in process `syz.5.4719'.
[ 1489.617853][T22127] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4721'.
[ 1489.934406][T22125] ovs_: entered promiscuous mode
[ 1490.667734][T21852] Bluetooth: hci4: command 0x0406 tx timeout
[ 1494.387466][T22174] Invalid ELF header magic: != ELF
[ 1495.562813][T22194] Invalid ELF header magic: != ELF
[ 1496.716997][T22204] Invalid ELF header magic: != ELF
[ 1496.986500][T22210] Invalid ELF header magic: != ELF
[ 1498.710228][T22220] random: crng reseeded on system resumption
[ 1498.999882][T22228] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1499.012454][T22228] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1499.020570][T22228] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1499.029950][T22228] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1499.038003][T22228] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1499.097147][T22223] hub 1-0:1.0: USB hub found
[ 1499.153086][T22223] hub 1-0:1.0: 1 port detected
[ 1500.470640][T22225] chnl_net:caif_netlink_parms(): no params data found
[ 1501.073980][T22228] Bluetooth: hci2: command tx timeout
[ 1501.150138][T22225] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1501.201170][T22225] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1501.230752][T22225] bridge_slave_0: entered allmulticast mode
[ 1501.267977][T22225] bridge_slave_0: entered promiscuous mode
[ 1501.306204][T22225] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1501.330537][T22259] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4745'.
[ 1501.362909][T22225] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1501.373840][T22225] bridge_slave_1: entered allmulticast mode
[ 1501.404461][T22225] bridge_slave_1: entered promiscuous mode
[ 1501.615208][T22225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1501.670216][T22225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1501.834662][T22225] team0: Port device team_slave_0 added
[ 1501.874089][T22225] team0: Port device team_slave_1 added
[ 1501.993291][T22225] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1502.031921][T22225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1502.128250][T22225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1502.176806][T22225] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1502.205596][T22225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1502.294114][T22225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1502.456700][T22225] hsr_slave_0: entered promiscuous mode
[ 1502.477844][T22225] hsr_slave_1: entered promiscuous mode
[ 1502.504373][T22225] debugfs: 'hsr0' already exists in 'hsr'
[ 1502.510172][T22225] Cannot create hsr debugfs directory
[ 1503.158429][T22228] Bluetooth: hci2: command tx timeout
[ 1503.230475][T22225] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1503.290701][T22225] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1503.339926][T22225] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1503.434585][T22225] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1503.931669][T22225] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1504.001314][T22225] 8021q: adding VLAN 0 to HW filter on device team0
[ 1504.052583][T21940] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1504.052703][T21940] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1504.057339][T21940] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1504.057428][T21940] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1504.822797][T22225] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1505.255271][T22228] Bluetooth: hci2: command tx timeout
[ 1505.923862][T22225] veth0_vlan: entered promiscuous mode
[ 1506.003270][T22225] veth1_vlan: entered promiscuous mode
[ 1506.142089][T22225] veth0_macvtap: entered promiscuous mode
[ 1506.188946][T22225] veth1_macvtap: entered promiscuous mode
[ 1506.306596][T22225] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1506.354144][T22225] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1506.425509][T21866] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1506.434325][T21866] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1506.592566][T21866] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1506.638373][T21866] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1506.676659][T22327] Invalid ELF header magic: != ELF
[ 1506.922548][T21866] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1506.955572][T21866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1507.109917][T21850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1507.131207][T21850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1507.319658][T22228] Bluetooth: hci2: command tx timeout
[ 1508.501002][T22355] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4757'.
[ 1508.533310][T22355] netlink: 354 bytes leftover after parsing attributes in process `syz.6.4757'.
[ 1509.064912][T22364] Invalid ELF header magic: != ELF
[ 1509.341041][T22369] Invalid ELF header magic: != ELF
[ 1510.104242][T22377] hub 1-0:1.0: USB hub found
[ 1510.186576][T22377] hub 1-0:1.0: 1 port detected
[ 1510.543542][T22381] Invalid ELF header magic: != ELF
[ 1511.983818][T22396] bond0: invalid ARP target specified
[ 1512.033194][T22396] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4768'.
[ 1512.110261][T22396] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1512.135451][T22396] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1512.157129][T22396] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1512.172665][T22396] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1512.922067][T22416] Invalid ELF header magic: != ELF
[ 1513.097418][T22424] netlink: 342 bytes leftover after parsing attributes in process `syz.6.4775'.
[ 1513.126928][T22421] Invalid ELF header magic: != ELF
[ 1513.140109][T22424] netlink: 342 bytes leftover after parsing attributes in process `syz.6.4775'.
[ 1513.190557][T22424] netlink: 342 bytes leftover after parsing attributes in process `syz.6.4775'.
[ 1513.229380][T22424] netlink: 98 bytes leftover after parsing attributes in process `syz.6.4775'.
[ 1513.934666][T22431] Invalid ELF header magic: != ELF
[ 1514.684995][T21852] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1514.698751][T21852] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1514.709858][T21852] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1514.717731][T21852] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1514.734240][T21852] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1515.980376][T22437] chnl_net:caif_netlink_parms(): no params data found
[ 1516.639391][T22437] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1516.692302][T22437] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1516.699607][T22437] bridge_slave_0: entered allmulticast mode
[ 1516.778005][T22437] bridge_slave_0: entered promiscuous mode
[ 1516.821864][T22437] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1516.846275][T21852] Bluetooth: hci5: command tx timeout
[ 1516.862480][T22437] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1516.917957][T22437] bridge_slave_1: entered allmulticast mode
[ 1516.955911][T22437] bridge_slave_1: entered promiscuous mode
[ 1517.139087][T22437] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1517.211592][T22437] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1517.324601][T22480] Invalid ELF header magic: != ELF
[ 1517.356353][T22437] team0: Port device team_slave_0 added
[ 1517.399335][T22437] team0: Port device team_slave_1 added
[ 1517.537742][T22437] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1517.580368][T22437] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1517.749483][T22437] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1517.855863][T22437] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1517.887329][T22437] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1518.010054][T22437] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1518.236116][T22437] hsr_slave_0: entered promiscuous mode
[ 1518.262482][T22437] hsr_slave_1: entered promiscuous mode
[ 1518.317541][T22437] debugfs: 'hsr0' already exists in 'hsr'
[ 1518.341275][T22437] Cannot create hsr debugfs directory
[ 1518.921593][T21852] Bluetooth: hci5: command tx timeout
[ 1519.319149][T22437] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1519.355393][T22437] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1519.369592][T22505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4791'.
[ 1519.410712][T22505] netlink: 354 bytes leftover after parsing attributes in process `syz.5.4791'.
[ 1519.494289][T22437] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1519.574447][T22437] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1520.098566][T22437] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1520.196756][T22437] 8021q: adding VLAN 0 to HW filter on device team0
[ 1520.281927][T21872] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1520.289163][T21872] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1520.374999][T21872] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1520.382235][T21872] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1520.539430][T22527] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4794'.
[ 1520.561142][T22510] Invalid ELF header magic: != ELF
[ 1520.591248][T22528] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4794'.
[ 1521.044095][T21852] Bluetooth: hci5: command tx timeout
[ 1521.361322][T22536] Invalid ELF header magic: != ELF
[ 1521.419919][T22437] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1522.692605][T22437] veth0_vlan: entered promiscuous mode
[ 1522.780931][T22437] veth1_vlan: entered promiscuous mode
[ 1522.951852][T22437] veth0_macvtap: entered promiscuous mode
[ 1523.033174][T22437] veth1_macvtap: entered promiscuous mode
[ 1523.084001][T22228] Bluetooth: hci5: command tx timeout
[ 1523.204986][T22437] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1523.308045][T22437] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1523.382150][T21866] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.406285][T21866] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.539293][T21866] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.568742][T21866] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1523.845936][T22572] netlink: 'syz.5.4801': attribute type 1 has an invalid length.
[ 1523.884344][T22572] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4801'.
[ 1524.181502][T21866] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.230368][T21866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1524.352454][T21872] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1524.384277][T21872] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1526.860501][T22604] Invalid ELF header magic: != ELF
[ 1527.162002][T22605] Setting dangerous option i915.mitigations - tainting kernel
[ 1528.363659][T22616] Invalid ELF header magic: != ELF
[ 1528.688172][T22622] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4811'.
[ 1530.903421][T22656] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input23
[ 1532.019618][T22668] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4819'.
[ 1532.036054][T22667] Invalid ELF header magic: != ELF
[ 1532.059991][T22667] FAULT_INJECTION: forcing a failure.
[ 1532.059991][T22667] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1532.083606][T22668] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1532.090943][T22668] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1532.110748][T22667] CPU: 0 UID: 0 PID: 22667 Comm: syz.7.4820 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1532.110792][T22667] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1532.110802][T22667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1532.110819][T22667] Call Trace:
[ 1532.110827][T22667]  <TASK>
[ 1532.110837][T22667]  dump_stack_lvl+0x100/0x190
[ 1532.110894][T22667]  should_fail_ex.cold+0x5/0xa
[ 1532.110925][T22667]  get_futex_key+0x1d2/0x1620
[ 1532.110960][T22667]  ? __pfx_get_futex_key+0x10/0x10
[ 1532.110994][T22667]  ? find_held_lock+0x2b/0x80
[ 1532.111018][T22667]  ? file_tty_write.isra.0+0x5ea/0x890
[ 1532.111074][T22667]  ? file_tty_write.isra.0+0x5ea/0x890
[ 1532.111116][T22667]  futex_wake+0xea/0x530
[ 1532.111155][T22667]  ? file_tty_write.isra.0+0x5ef/0x890
[ 1532.111193][T22667]  ? __pfx_futex_wake+0x10/0x10
[ 1532.111236][T22667]  ? vfs_write+0x15d/0x1070
[ 1532.111261][T22667]  ? __pfx_tty_write+0x10/0x10
[ 1532.111300][T22667]  do_futex+0x32b/0x350
[ 1532.111333][T22667]  ? __pfx_do_futex+0x10/0x10
[ 1532.111374][T22667]  __x64_sys_futex+0x34f/0x4d0
[ 1532.111410][T22667]  ? fput+0x79/0x100
[ 1532.111437][T22667]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1532.111470][T22667]  ? ksys_write+0x1ac/0x250
[ 1532.111499][T22667]  ? __pfx_ksys_write+0x10/0x10
[ 1532.111531][T22667]  do_syscall_64+0x106/0xf80
[ 1532.111569][T22667]  ? clear_bhb_loop+0x40/0x90
[ 1532.111600][T22667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1532.111626][T22667] RIP: 0033:0x7f8a80d9c799
[ 1532.111650][T22667] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1532.111676][T22667] RSP: 002b:00007f8a81d2f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1532.111700][T22667] RAX: ffffffffffffffda RBX: 00007f8a81015fa8 RCX: 00007f8a80d9c799
[ 1532.111717][T22667] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8a81015fac
[ 1532.111734][T22667] RBP: 00007f8a81015fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1532.111750][T22667] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1532.111766][T22667] R13: 00007f8a81016038 R14: 00007ffe3a0cfa70 R15: 00007ffe3a0cfb58
[ 1532.111797][T22667]  </TASK>
[ 1532.443646][T22668] bridge0: entered promiscuous mode
[ 1534.456645][T22704] netlink: 17 bytes leftover after parsing attributes in process `syz.4.4827'.
[ 1534.928105][T22713] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4830'.
[ 1535.864752][T22726] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.16.0), cmd(12)
[ 1536.278886][T22730] Invalid ELF header magic: != ELF
[ 1537.580978][T22749] futex_wake_op: syz.4.4838 tries to shift op by -2048; fix this program
[ 1537.600191][T22749] futex_wake_op: syz.4.4838 tries to shift op by -2048; fix this program
[ 1537.711657][T22747] Invalid ELF header magic: != ELF
[ 1538.384932][T21852] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1538.397203][T21852] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1538.407744][T21852] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1538.416457][T21852] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1538.425488][T21852] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1539.687673][T22778] Invalid ELF header magic: != ELF
[ 1539.833383][T22761] chnl_net:caif_netlink_parms(): no params data found
[ 1540.492604][T22761] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1540.528621][T22761] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1540.538732][T21852] Bluetooth: hci6: command tx timeout
[ 1540.572846][T22761] bridge_slave_0: entered allmulticast mode
[ 1540.623002][T22761] bridge_slave_0: entered promiscuous mode
[ 1540.641741][T22761] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1540.672582][T22761] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1540.708861][T22761] bridge_slave_1: entered allmulticast mode
[ 1540.736265][T22761] bridge_slave_1: entered promiscuous mode
[ 1540.937533][T22761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1541.071771][T22761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1541.288204][T22761] team0: Port device team_slave_0 added
[ 1541.300537][T22801] FAULT_INJECTION: forcing a failure.
[ 1541.300537][T22801] name failslab, interval 1, probability 0, space 0, times 0
[ 1541.331576][T22761] team0: Port device team_slave_1 added
[ 1541.366443][T22801] CPU: 0 UID: 0 PID: 22801 Comm: syz.5.4848 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1541.366486][T22801] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1541.366496][T22801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1541.366512][T22801] Call Trace:
[ 1541.366520][T22801]  <TASK>
[ 1541.366530][T22801]  dump_stack_lvl+0x100/0x190
[ 1541.366574][T22801]  should_fail_ex.cold+0x5/0xa
[ 1541.366602][T22801]  ? snd_pcm_plugin_build+0x434/0x650
[ 1541.366667][T22801]  should_failslab+0xc2/0x120
[ 1541.366700][T22801]  __kmalloc_noprof+0xe0/0x850
[ 1541.366740][T22801]  ? snd_pcm_hw_params+0x262/0x1cb0
[ 1541.366788][T22801]  snd_pcm_plugin_build+0x434/0x650
[ 1541.366824][T22801]  snd_pcm_plugin_build_io+0x207/0x5f0
[ 1541.366861][T22801]  ? __pfx_snd_pcm_plugin_build_io+0x10/0x10
[ 1541.366897][T22801]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[ 1541.366937][T22801]  snd_pcm_oss_change_params_locked+0x2eb3/0x39f0
[ 1541.366982][T22801]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[ 1541.367014][T22801]  ? __mutex_unlock_slowpath+0x15c/0x790
[ 1541.367073][T22801]  snd_pcm_oss_get_active_substream+0x175/0x1d0
[ 1541.367109][T22801]  snd_pcm_oss_ioctl+0x1c08/0x3720
[ 1541.367140][T22801]  ? __fget_files+0x215/0x3d0
[ 1541.367163][T22801]  ? hook_file_ioctl_common+0x146/0x410
[ 1541.367195][T22801]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1541.367229][T22801]  ? __fget_files+0x21f/0x3d0
[ 1541.367257][T22801]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[ 1541.367290][T22801]  __x64_sys_ioctl+0x18e/0x210
[ 1541.367330][T22801]  do_syscall_64+0x106/0xf80
[ 1541.367365][T22801]  ? clear_bhb_loop+0x40/0x90
[ 1541.367396][T22801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1541.367423][T22801] RIP: 0033:0x7f0a28b9c799
[ 1541.367444][T22801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1541.367470][T22801] RSP: 002b:00007f0a299a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1541.367493][T22801] RAX: ffffffffffffffda RBX: 00007f0a28e15fa0 RCX: 00007f0a28b9c799
[ 1541.367510][T22801] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000005
[ 1541.367526][T22801] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1541.367541][T22801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1541.367557][T22801] R13: 00007f0a28e16038 R14: 00007f0a28e15fa0 R15: 00007fffffab8cc8
[ 1541.367589][T22801]  </TASK>
[ 1541.728838][T22761] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1541.736420][T22761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1541.762790][T22761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1541.775475][T22761] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1541.782866][T22761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1541.809144][T22761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1541.858934][T22761] hsr_slave_0: entered promiscuous mode
[ 1541.873902][T22761] hsr_slave_1: entered promiscuous mode
[ 1541.884099][T22761] debugfs: 'hsr0' already exists in 'hsr'
[ 1541.900066][T22761] Cannot create hsr debugfs directory
[ 1542.119896][T22804] Invalid ELF header magic: != ELF
[ 1542.614401][T21852] Bluetooth: hci6: command tx timeout
[ 1543.107020][T22761] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1543.367325][T22761] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1543.438711][T22761] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1543.475259][T22761] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1543.724282][T22822] Invalid ELF header magic: != ELF
[ 1544.342463][T22761] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1544.460567][T22761] 8021q: adding VLAN 0 to HW filter on device team0
[ 1544.534023][T22839] Invalid ELF header magic: != ELF
[ 1544.540466][T21874] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1544.547622][T21874] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1544.609114][T21866] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1544.616415][T21866] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1544.694988][T21852] Bluetooth: hci6: command tx timeout
[ 1545.444012][T22761] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1546.623488][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.630353][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.734840][T22877] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4860'.
[ 1546.747111][T22761] veth0_vlan: entered promiscuous mode
[ 1546.777282][T21852] Bluetooth: hci6: command tx timeout
[ 1546.785047][T22879] netlink: 354 bytes leftover after parsing attributes in process `syz.7.4860'.
[ 1546.814204][T22761] veth1_vlan: entered promiscuous mode
[ 1546.942577][T22761] veth0_macvtap: entered promiscuous mode
[ 1547.009588][T22761] veth1_macvtap: entered promiscuous mode
[ 1547.117052][T22761] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1547.167833][T22761] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1547.251958][T21872] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1547.305638][T21872] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1547.353326][T21872] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1547.501672][T21872] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1547.664879][T21874] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1547.704567][T21874] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1547.889698][T22844] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1547.960093][T22844] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1548.599603][T22896] Invalid ELF header magic: != ELF
[ 1548.607217][T22908] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1548.670913][T22907] Invalid ELF header magic: != ELF
[ 1548.722568][T22909] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1548.768604][T22909] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1548.834783][T22909] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1548.913344][T22909] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1548.987727][T22909] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1549.083740][T22909] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1549.183493][T22909] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1549.347639][T22909] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1549.662924][T22909] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1549.875388][T22909] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1549.896128][T22909] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1550.135129][T22909] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1550.464065][T22924] Invalid ELF header magic: != ELF
[ 1550.544895][T22927] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4869'.
[ 1550.588207][T22927] netlink: 354 bytes leftover after parsing attributes in process `syz.8.4869'.
[ 1550.781231][T21852] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1550.787413][T22228] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1550.857803][T21852] Bluetooth: hci4: command 0x0406 tx timeout
[ 1550.938036][T21852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1551.258243][T21852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1551.898553][T21852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1553.020202][T21852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1553.339167][T21852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1553.979054][T21852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1553.993201][T22977] vivid-007: =================  START STATUS  =================
[ 1554.093067][T22977] vivid-007: Generate PTS: true
[ 1554.154609][T22977] vivid-007: Generate SCR: true
[ 1554.214824][T22977] tpg source WxH: 320x240 (Y'CbCr)
[ 1554.259609][T22982] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4881'.
[ 1554.279319][T22977] tpg field: 1
[ 1554.291419][T22977] tpg crop: (0,0)/320x240
[ 1554.307500][T22977] tpg compose: (0,0)/320x240
[ 1554.331610][T22977] tpg colorspace: 8
[ 1554.353960][T22977] tpg transfer function: 0/0
[ 1554.382552][T22977] tpg Y'CbCr encoding: 0/0
[ 1554.405569][T22977] tpg quantization: 0/0
[ 1554.425387][T22977] tpg RGB range: 0/2
[ 1554.465167][T22977] vivid-007: ==================  END STATUS  ==================
[ 1555.100433][T21852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1555.188965][T22990] Invalid ELF header magic: != ELF
[ 1555.419812][T21852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1555.906782][T22996] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4893'.
[ 1556.061222][T21852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1556.337498][T23002] Invalid ELF header magic: != ELF
[ 1558.673741][T23041] Invalid ELF header magic: != ELF
[ 1560.184076][T23059] Invalid ELF header magic: != ELF
[ 1561.631857][T23071] Invalid ELF header magic: != ELF
[ 1561.877524][T23079] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1562.577385][T23086] Invalid ELF header magic: != ELF
[ 1563.116406][T23095] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1567.700415][T23154] Invalid ELF header magic: != ELF
[ 1567.957801][T23159] Invalid ELF header magic: != ELF
[ 1572.490405][T23221] Invalid ELF header magic: != ELF
[ 1574.382144][T23253] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4942'.
[ 1575.001644][T23261] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4951'.
[ 1575.031298][T23261] netlink: 354 bytes leftover after parsing attributes in process `syz.8.4951'.
[ 1577.921381][T23303] Invalid ELF header magic: != ELF
[ 1578.117278][T23295] Invalid ELF header magic: != ELF
[ 1580.320351][T23328] hub 1-0:1.0: USB hub found
[ 1580.367826][T23328] hub 1-0:1.0: 1 port detected
[ 1581.594953][T23351] Invalid ELF header magic: != ELF
[ 1585.984545][T23388] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1586.015858][T23388] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1586.035497][T23388] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1586.065626][T23388] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1586.094562][T23388] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1586.133418][T23388] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1586.555724][T21852] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1587.094137][T23417] Invalid ELF header magic: != ELF
[ 1588.077838][T21852] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1588.083930][T21852] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1588.090262][T22228] Bluetooth: hci4: command 0x0406 tx timeout
[ 1588.098742][T22228] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1588.157247][T21852] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1588.722948][T23439] Invalid ELF header magic: != ELF
[ 1589.227981][T23451] Invalid ELF header magic: != ELF
[ 1591.158796][T23468] Invalid ELF header magic: != ELF
[ 1591.248973][T23469] Invalid ELF header magic: != ELF
[ 1593.365084][T23498] futex_wake_op: syz.5.4988 tries to shift op by -2048; fix this program
[ 1593.416556][T23498] 0x000000000001-0x000000020000 : ""
[ 1593.477961][T23491] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4987'.
[ 1593.526132][T23498] ftl_cs: FTL header corrupt!
[ 1594.301491][T23510] Invalid ELF header magic: != ELF
[ 1594.883943][T23523] Invalid ELF header magic: != ELF
[ 1595.958005][T23532] Invalid ELF header magic: != ELF
[ 1596.622540][T23548] Invalid ELF header magic: != ELF
[ 1597.300062][T23551] Invalid ELF header magic: != ELF
[ 1597.774756][T23560] Invalid ELF header magic: != ELF
[ 1600.500573][T23600] Invalid ELF header magic: != ELF
[ 1601.536406][T23623] Invalid ELF header magic: != ELF
[ 1601.721252][T23628] Invalid ELF header magic: != ELF
[ 1602.441555][T23618] Invalid ELF header magic: != ELF
[ 1604.631939][T23665] Invalid ELF header magic: != ELF
[ 1607.627408][T23693] Invalid ELF header magic: != ELF
[ 1608.103709][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 1608.116722][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.526733][T23704] Invalid ELF header magic: != ELF
[ 1609.284207][T23723] FAULT_INJECTION: forcing a failure.
[ 1609.284207][T23723] name failslab, interval 1, probability 0, space 0, times 0
[ 1609.381006][T23723] CPU: 0 UID: 0 PID: 23723 Comm: syz.5.5030 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1609.381050][T23723] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1609.381060][T23723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1609.381078][T23723] Call Trace:
[ 1609.381107][T23723]  <TASK>
[ 1609.381117][T23723]  dump_stack_lvl+0x100/0x190
[ 1609.381159][T23723]  should_fail_ex.cold+0x5/0xa
[ 1609.381187][T23723]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1609.381221][T23723]  should_failslab+0xc2/0x120
[ 1609.381248][T23723]  __kmalloc_noprof+0xe0/0x850
[ 1609.381292][T23723]  tomoyo_realpath_from_path+0xb6/0x690
[ 1609.381332][T23723]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1609.381364][T23723]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1609.381420][T23723]  ? do_raw_spin_lock+0x128/0x260
[ 1609.381459][T23723]  ? path_get+0x61/0x80
[ 1609.381489][T23723]  tomoyo_file_open+0x6b/0x90
[ 1609.381527][T23723]  security_file_open+0xb5/0x1e0
[ 1609.381559][T23723]  do_dentry_open+0x5aa/0x1660
[ 1609.381585][T23723]  ? security_inode_permission+0xbf/0x250
[ 1609.381636][T23723]  vfs_open+0x82/0x3f0
[ 1609.381672][T23723]  path_openat+0x208c/0x31a0
[ 1609.381708][T23723]  ? __pfx_path_openat+0x10/0x10
[ 1609.381746][T23723]  do_file_open+0x20e/0x430
[ 1609.381774][T23723]  ? __pfx_do_file_open+0x10/0x10
[ 1609.381822][T23723]  ? alloc_fd+0x476/0x790
[ 1609.381850][T23723]  ? do_getname+0x191/0x390
[ 1609.381884][T23723]  do_sys_openat2+0x10d/0x1e0
[ 1609.381918][T23723]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1609.381963][T23723]  __x64_sys_openat+0x12d/0x210
[ 1609.381998][T23723]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1609.382044][T23723]  do_syscall_64+0x106/0xf80
[ 1609.382080][T23723]  ? clear_bhb_loop+0x40/0x90
[ 1609.382116][T23723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1609.382143][T23723] RIP: 0033:0x7f0a28b9c799
[ 1609.382164][T23723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1609.382191][T23723] RSP: 002b:00007f0a29984028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1609.382215][T23723] RAX: ffffffffffffffda RBX: 00007f0a28e16090 RCX: 00007f0a28b9c799
[ 1609.382232][T23723] RDX: 0000000000020200 RSI: 0000200000000440 RDI: ffffffffffffff9c
[ 1609.382249][T23723] RBP: 00007f0a28c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1609.382266][T23723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1609.382282][T23723] R13: 00007f0a28e16128 R14: 00007f0a28e16090 R15: 00007fffffab8cc8
[ 1609.382314][T23723]  </TASK>
[ 1609.656461][T23723] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1610.375390][T23737] Invalid ELF header magic: != ELF
[ 1610.955370][T23741] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5034'.
[ 1612.076988][T23758] Invalid ELF header magic: != ELF
[ 1612.280198][T23761] Invalid ELF header magic: != ELF
[ 1614.594217][T23802] Invalid ELF header magic: != ELF
[ 1615.595120][T23813] netlink: 338 bytes leftover after parsing attributes in process `syz.7.5046'.
[ 1615.669111][T23813] netlink: 338 bytes leftover after parsing attributes in process `syz.7.5046'.
[ 1615.725903][T23813] netlink: 338 bytes leftover after parsing attributes in process `syz.7.5046'.
[ 1615.760305][T23813] netlink: 134 bytes leftover after parsing attributes in process `syz.7.5046'.
[ 1617.086629][T23824] Invalid ELF header magic: != ELF
[ 1618.484634][T23856] Invalid ELF header magic: != ELF
[ 1618.560783][T23862] Invalid ELF header magic: != ELF
[ 1620.331393][T23891] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1621.870309][T23911] Invalid ELF header magic: != ELF
[ 1622.921071][T23930] Invalid ELF header magic: != ELF
[ 1624.953895][T23953] hub 1-0:1.0: USB hub found
[ 1625.125663][T23953] hub 1-0:1.0: 1 port detected
[ 1626.752938][T23990] Invalid ELF header magic: != ELF
[ 1626.906140][T23991] Invalid ELF header magic: != ELF
[ 1628.387294][T23999] Invalid ELF header magic: != ELF
[ 1628.779666][T24007] Invalid ELF header magic: != ELF
[ 1629.857577][T24021] Invalid ELF header magic: != ELF
[ 1642.378279][T24040] Invalid ELF header magic: != ELF
[ 1642.447019][T21871] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1642.462416][T21871] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1642.470935][T21871] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1642.479705][T21871] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1642.487349][T21871] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1643.377714][T24044] chnl_net:caif_netlink_parms(): no params data found
[ 1643.809967][T24044] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1643.833921][T24044] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1643.877386][T24044] bridge_slave_0: entered allmulticast mode
[ 1643.910113][T24044] bridge_slave_0: entered promiscuous mode
[ 1643.942807][T24044] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1643.986804][T24044] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1644.027398][T24044] bridge_slave_1: entered allmulticast mode
[ 1644.058083][T24044] bridge_slave_1: entered promiscuous mode
[ 1644.237126][T24044] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1644.292730][T24044] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1644.561104][T24044] team0: Port device team_slave_0 added
[ 1644.586141][T21871] Bluetooth: hci7: command tx timeout
[ 1644.606894][T24044] team0: Port device team_slave_1 added
[ 1644.776681][T24044] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1644.804738][T24044] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1644.916298][T24044] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1644.971391][T24044] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1645.006724][T24044] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1645.140752][T24044] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1645.400287][T24044] hsr_slave_0: entered promiscuous mode
[ 1645.425336][T24044] hsr_slave_1: entered promiscuous mode
[ 1645.454437][T24044] debugfs: 'hsr0' already exists in 'hsr'
[ 1645.473056][T24044] Cannot create hsr debugfs directory
[ 1646.389293][T24044] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1646.509953][T24044] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1646.572702][T24044] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1646.644321][T24044] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1646.669949][T21852] Bluetooth: hci7: command tx timeout
[ 1646.976061][T24044] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1647.074262][T24044] 8021q: adding VLAN 0 to HW filter on device team0
[ 1647.133122][T21940] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1647.140340][T21940] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1647.286124][T21940] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1647.293324][T21940] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1647.452654][T24044] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1647.652586][T24102] Invalid ELF header magic: != ELF
[ 1647.786237][   T31] INFO: task kworker/u11:1:21858 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1647.826436][   T31]       Tainted: G     U       L      syzkaller #0
[ 1647.872679][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1647.940953][   T31] task:kworker/u11:1   state:D stack:26888 pid:21858 tgid:21858 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1648.060639][   T31] Workqueue: netns cleanup_net
[ 1648.110459][   T31] Call Trace:
[ 1648.152902][   T31]  <TASK>
[ 1648.165652][   T31]  __schedule+0xfee/0x6120
[ 1648.189842][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1648.246044][   T31]  ? __pfx___schedule+0x10/0x10
[ 1648.264678][   T31]  ? find_held_lock+0x2b/0x80
[ 1648.325796][   T31]  ? schedule+0x2bf/0x390
[ 1648.351448][   T31]  schedule+0xdd/0x390
[ 1648.384737][   T31]  schedule_timeout+0x1b2/0x280
[ 1648.422864][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1648.447792][T24044] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1648.469277][   T31]  ? mark_held_locks+0x40/0x70
[ 1648.474128][   T31]  __wait_for_common+0x2e7/0x4c0
[ 1648.534812][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1648.651840][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1648.702235][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1648.749649][T24114] Invalid ELF header magic: != ELF
[ 1648.756514][T21852] Bluetooth: hci7: command tx timeout
[ 1648.794560][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[ 1648.846819][   T31]  __flush_workqueue+0x3f7/0x1200
[ 1648.851928][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1648.916328][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1648.921346][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[ 1648.981763][   T31]  ? reacquire_held_locks+0xce/0x1e0
[ 1649.016592][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1649.022145][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1649.065472][   T31]  rds_tcp_listen_stop+0x104/0x160
[ 1649.101988][   T31]  rds_tcp_exit_net+0xe0/0x870
[ 1649.127154][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1649.132596][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1649.156581][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1649.177163][   T31]  ops_undo_list+0x2ee/0xab0
[ 1649.181831][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1649.217534][   T31]  ? cleanup_net+0x332/0x920
[ 1649.222214][   T31]  ? idr_destroy+0x62/0x2e0
[ 1649.252288][   T31]  cleanup_net+0x499/0x920
[ 1649.257195][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1649.262211][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1649.315356][   T31]  process_one_work+0xa23/0x19a0
[ 1649.326880][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1649.332366][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1649.354765][   T31]  worker_thread+0x5ef/0xe50
[ 1649.374781][   T31]  ? kthread+0x13a/0x450
[ 1649.407162][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1649.413111][   T31]  kthread+0x370/0x450
[ 1649.426882][   T31]  ? __pfx_kthread+0x10/0x10
[ 1649.431579][   T31]  ret_from_fork+0x754/0xd80
[ 1649.436201][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1649.457366][   T31]  ? __switch_to+0x7b4/0x1120
[ 1649.462137][   T31]  ? __pfx_kthread+0x10/0x10
[ 1649.476699][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1649.486811][   T31]  </TASK>
[ 1649.494309][   T31] INFO: task syz.3.4709:22036 blocked for more than 145 seconds.
[ 1649.536699][   T31]       Tainted: G     U       L      syzkaller #0
[ 1649.543308][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1649.586647][   T31] task:syz.3.4709      state:D stack:27232 pid:22036 tgid:22034 ppid:5822   task_flags:0x400140 flags:0x00080002
[ 1649.635452][   T31] Call Trace:
[ 1649.657105][   T31]  <TASK>
[ 1649.660121][   T31]  __schedule+0xfee/0x6120
[ 1649.804098][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1649.824786][   T31]  ? __pfx___schedule+0x10/0x10
[ 1649.835251][   T31]  ? find_held_lock+0x2b/0x80
[ 1649.856835][   T31]  ? schedule+0x2bf/0x390
[ 1649.867287][   T31]  schedule+0xdd/0x390
[ 1649.871403][   T31]  schedule_timeout+0x1b2/0x280
[ 1649.876302][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1649.921597][   T31]  ? mark_held_locks+0x40/0x70
[ 1649.956889][   T31]  __wait_for_common+0x2e7/0x4c0
[ 1649.961929][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1649.986919][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1649.992500][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1650.020444][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[ 1650.054796][   T31]  __flush_workqueue+0x3f7/0x1200
[ 1650.072315][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[ 1650.120967][   T31]  ? reacquire_held_locks+0xce/0x1e0
[ 1650.130754][   T31]  ? release_sock+0x21/0x220
[ 1650.156941][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1650.162528][   T31]  ? __local_bh_enable_ip+0x9e/0x120
[ 1650.173158][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1650.179537][   T31]  rds_tcp_listen_stop+0x104/0x160
[ 1650.184866][   T31]  rds_tcp_exit_net+0xe0/0x870
[ 1650.190897][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1650.196340][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1650.202495][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1650.208218][   T31]  ops_undo_list+0x2ee/0xab0
[ 1650.214217][   T31]  ? kfree+0x1c0/0x6b0
[ 1650.219247][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1650.224408][   T31]  ? ops_init+0x2fa/0x5f0
[ 1650.233663][   T31]  setup_net+0x1fa/0x3a0
[ 1650.242102][   T31]  ? __pfx_setup_net+0x10/0x10
[ 1650.249007][   T31]  ? lockdep_init_map_type+0x5c/0x250
[ 1650.254604][   T31]  ? mutex_init_lockep+0x110/0x150
[ 1650.260158][   T31]  copy_net_ns+0x46f/0x7c0
[ 1650.264602][   T31]  create_new_namespaces+0x3ea/0xac0
[ 1650.271589][   T31]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1650.277997][   T31]  ksys_unshare+0x473/0xad0
[ 1650.282538][   T31]  ? kfree+0x2ec/0x6b0
[ 1650.286637][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1650.292136][   T31]  ? __pfx_ksys_unshare+0x10/0x10
[ 1650.297484][   T31]  ? kcov_ioctl+0x16a/0x720
[ 1650.302554][   T31]  __x64_sys_unshare+0x31/0x40
[ 1650.308119][   T31]  do_syscall_64+0x106/0xf80
[ 1650.314085][   T31]  ? clear_bhb_loop+0x40/0x90
[ 1650.319202][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1650.325151][   T31] RIP: 0033:0x7f9396b9c799
[ 1650.329962][   T31] RSP: 002b:00007f9397aeb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1650.343463][   T31] RAX: ffffffffffffffda RBX: 00007f9396e15fa0 RCX: 00007f9396b9c799
[ 1650.364247][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1650.372536][   T31] RBP: 00007f9396c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1650.381584][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1650.389918][   T31] R13: 00007f9396e16038 R14: 00007f9396e15fa0 R15: 00007fff534896a8
[ 1650.398281][   T31]  </TASK>
[ 1650.529341][   T31] INFO: task syz.1.4742:22235 blocked for more than 146 seconds.
[ 1650.583911][   T31]       Tainted: G     U       L      syzkaller #0
[ 1650.627658][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1650.636377][   T31] task:syz.1.4742      state:D stack:26656 pid:22235 tgid:22230 ppid:5825   task_flags:0x400140 flags:0x00080002
[ 1650.727242][   T31] Call Trace:
[ 1650.730573][   T31]  <TASK>
[ 1650.733522][   T31]  __schedule+0xfee/0x6120
[ 1650.780693][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1650.785723][   T31]  ? __pfx___schedule+0x10/0x10
[ 1650.835899][T21852] Bluetooth: hci7: command tx timeout
[ 1650.847955][   T31]  ? find_held_lock+0x2b/0x80
[ 1650.877711][   T31]  ? schedule+0x2bf/0x390
[ 1650.882128][   T31]  schedule+0xdd/0x390
[ 1650.886245][   T31]  schedule_timeout+0x1b2/0x280
[ 1650.937455][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1650.942960][   T31]  ? mark_held_locks+0x40/0x70
[ 1650.988547][   T31]  __wait_for_common+0x2e7/0x4c0
[ 1651.017897][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1651.023349][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1651.077742][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1651.083042][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[ 1651.125528][   T31]  __flush_workqueue+0x3f7/0x1200
[ 1651.158252][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[ 1651.163823][   T31]  ? reacquire_held_locks+0xce/0x1e0
[ 1651.212903][   T31]  ? release_sock+0x21/0x220
[ 1651.218829][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1651.265336][   T31]  ? __local_bh_enable_ip+0x9e/0x120
[ 1651.275255][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1651.281400][   T31]  rds_tcp_listen_stop+0x104/0x160
[ 1651.286563][   T31]  rds_tcp_exit_net+0xe0/0x870
[ 1651.291794][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1651.297244][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1651.303785][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1651.310964][   T31]  ops_undo_list+0x2ee/0xab0
[ 1651.315609][   T31]  ? kfree+0x1c0/0x6b0
[ 1651.320135][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1651.325806][   T31]  ? ops_init+0x2fa/0x5f0
[ 1651.330711][   T31]  setup_net+0x1fa/0x3a0
[ 1651.335000][   T31]  ? __pfx_setup_net+0x10/0x10
[ 1651.341412][   T31]  ? lockdep_init_map_type+0x5c/0x250
[ 1651.346922][   T31]  ? mutex_init_lockep+0x110/0x150
[ 1651.361688][   T31]  copy_net_ns+0x46f/0x7c0
[ 1651.366210][   T31]  create_new_namespaces+0x3ea/0xac0
[ 1651.371988][   T31]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1651.378111][   T31]  ksys_unshare+0x473/0xad0
[ 1651.382679][   T31]  ? kfree+0x2ec/0x6b0
[ 1651.386778][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1651.399492][   T31]  ? __pfx_ksys_unshare+0x10/0x10
[ 1651.405075][   T31]  ? kcov_ioctl+0x16a/0x720
[ 1651.410031][   T31]  __x64_sys_unshare+0x31/0x40
[ 1651.414916][   T31]  do_syscall_64+0x106/0xf80
[ 1651.420327][   T31]  ? clear_bhb_loop+0x40/0x90
[ 1651.425041][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1651.431858][   T31] RIP: 0033:0x7f7992f9c799
[ 1651.436303][   T31] RSP: 002b:00007f7993de6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1651.446424][   T31] RAX: ffffffffffffffda RBX: 00007f7993216180 RCX: 00007f7992f9c799
[ 1651.454734][   T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1651.474528][   T31] RBP: 00007f7993032c99 R08: 0000000000000000 R09: 0000000000000000
[ 1651.482924][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1651.491194][   T31] R13: 00007f7993216218 R14: 00007f7993216180 R15: 00007ffcc9047198
[ 1651.500201][   T31]  </TASK>
[ 1651.529153][   T31] 
[ 1651.529153][   T31] Showing all locks held in the system:
[ 1651.576084][   T31] 1 lock held by khungtaskd/31:
[ 1651.588032][   T31]  #0: ffffffff8e7e74e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[ 1651.598566][   T31] 3 locks held by kworker/u11:1/21858:
[ 1651.604080][   T31]  #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[ 1651.615790][   T31]  #1: ffffc90003ec7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[ 1651.626338][   T31]  #2: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[ 1651.640637][   T31] 1 lock held by syz.3.4709/22036:
[ 1651.647058][   T31]  #0: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1651.657043][   T31] 1 lock held by syz.1.4742/22235:
[ 1651.663625][   T31]  #0: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1651.674100][   T31] 1 lock held by syz.6.4799/22562:
[ 1651.682500][   T31]  #0: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1651.697366][   T31] 3 locks held by kworker/u11:7/22844:
[ 1651.703179][   T31]  #0: ffff88813fea4148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[ 1651.715250][   T31]  #1: ffffc900000e7d08 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[ 1651.726642][   T31]  #2: ffffffff90614168 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[ 1651.736595][   T31] 2 locks held by syz.5.4902/23074:
[ 1651.742550][   T31]  #0: ffffffff90614168 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1651.753775][   T31]  #1: ffffffff8e7f30f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[ 1651.764179][   T31] 1 lock held by syz.7.5084/23994:
[ 1651.770301][   T31]  #0: ffffffff905fb910 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1651.780819][   T31] 1 lock held by syz-executor/24044:
[ 1651.786123][   T31]  #0: ffffffff90614168 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1651.803251][   T31] 1 lock held by syz.8.5103/24101:
[ 1651.808710][   T31]  #0: ffffffff90614168 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1651.818505][   T31] 1 lock held by syz.4.5104/24113:
[ 1651.823633][   T31]  #0: ffffffff90614168 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1651.868376][   T31] 
[ 1651.870752][   T31] =============================================
[ 1651.870752][   T31] 
[ 1651.900182][   T31] NMI backtrace for cpu 0
[ 1651.900205][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1651.900241][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1651.900251][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1651.900265][   T31] Call Trace:
[ 1651.900273][   T31]  <TASK>
[ 1651.900283][   T31]  dump_stack_lvl+0x100/0x190
[ 1651.900324][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[ 1651.900363][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1651.900432][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[ 1651.900463][   T31]  sys_info+0x141/0x190
[ 1651.900500][   T31]  watchdog+0xd25/0x1050
[ 1651.900532][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1651.900556][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1651.900586][   T31]  ? kthread+0x13a/0x450
[ 1651.900616][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1651.900637][   T31]  kthread+0x370/0x450
[ 1651.900668][   T31]  ? __pfx_kthread+0x10/0x10
[ 1651.900701][   T31]  ret_from_fork+0x754/0xd80
[ 1651.900738][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1651.900777][   T31]  ? __switch_to+0x7b4/0x1120
[ 1651.900803][   T31]  ? __pfx_kthread+0x10/0x10
[ 1651.900841][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1651.900880][   T31]  </TASK>
[ 1652.207296][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1652.214201][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1652.224898][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1652.230097][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1652.240163][   T31] Call Trace:
[ 1652.243449][   T31]  <TASK>
[ 1652.246390][   T31]  dump_stack_lvl+0x100/0x190
[ 1652.251096][   T31]  vpanic+0x552/0x970
[ 1652.255113][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1652.259633][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 1652.265809][   T31]  panic+0xd1/0xe0
[ 1652.269541][   T31]  ? __pfx_panic+0x10/0x10
[ 1652.273976][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[ 1652.280145][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[ 1652.286316][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[ 1652.292498][   T31]  ? watchdog.cold+0x198/0x1ca
[ 1652.297301][   T31]  ? watchdog+0xd35/0x1050
[ 1652.301781][   T31]  watchdog.cold+0x1a9/0x1ca
[ 1652.306396][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1652.311090][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1652.316135][   T31]  ? kthread+0x13a/0x450
[ 1652.320397][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1652.325080][   T31]  kthread+0x370/0x450
[ 1652.329173][   T31]  ? __pfx_kthread+0x10/0x10
[ 1652.333801][   T31]  ret_from_fork+0x754/0xd80
[ 1652.338416][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1652.343552][   T31]  ? __switch_to+0x7b4/0x1120
[ 1652.348252][   T31]  ? __pfx_kthread+0x10/0x10
[ 1652.352862][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1652.357653][   T31]  </TASK>
[ 1652.360775][   T31] Kernel Offset: disabled
[ 1652.365128][   T31] Rebooting in 86400 seconds..