last executing test programs:

2m40.753398119s ago: executing program 1 (id=1231):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r3=>0x0})
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r3}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x6}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x00\x00\x00\x00\x00\x00\x00\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000)
sendmsg$auto_OVS_DP_CMD_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x9}, @OVS_DP_ATTR_NAME={0x6, 0x1, '.\x00'}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004895}, 0x20008004)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_to_team/ioam6_enabled\x00', 0x202, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r4, &(0x7f0000000140)="bb3a", 0x2)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
r5 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
write$auto_snd_seq_f_ops_seq_clientmgr(r5, &(0x7f0000000300)="632d1bfe595046ab5c40bd6163307acb6501baef6176e669a216aae1144ccafdd80500ffffffffdfff0000018056ada5cc4fbc3fc0ebbc2f", 0x38)
connect$auto(0x3, 0x0, 0x55)
close_range$auto(0x2, 0x8, 0x0)

2m39.936014513s ago: executing program 1 (id=1234):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x2, 0x0, 0x0)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/o2cb/interface_revision\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000280)=""/139, 0x8b)
kexec_load$auto(0x200000000007, 0x1, &(0x7f0000000040)={@kbuf=0x0, 0x2aaa, 0x6c0000c000, 0xc000}, 0x4)
ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000d40), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r6=>0x0})
sendmsg$auto_NETDEV_CMD_QSTATS_GET(r3, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x1c, r4, 0x305, 0x70bd2a, 0x25dfdbfc, {}, [@NETDEV_A_QSTATS_IFINDEX={0x8, 0x1, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(r0, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0xe8, 0x0, 0x4, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}]}, @ETHTOOL_A_PHY_HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xbd91}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffffc}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5252}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x40}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1e00}]}, @ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}]}, @ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xf18f}]}, @ETHTOOL_A_PHY_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1ff}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x4000004}, 0x4884)
setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d)
bind$auto(0xffffffffffffffff, 0x0, 0x6a)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
shmdt$auto(&(0x7f0000000100)='-+@\x00')
getitimer$auto(0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)

2m38.202758749s ago: executing program 1 (id=1240):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000300)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.pressure\x00', 0x42802, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/231, 0xe7)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
io_uring_enter$auto(0xffffffffffffffff, 0x9, 0x820e, 0x6, 0x0, 0x8bb)
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
write$auto_sg_fops_sg(r4, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1ed", 0x24)
socketpair$auto(0x1, 0x2, 0x3ff, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0xfffffffe, 0x2, 0x1, 0x5, 0x4, 0x7, 0x5, 0x200000000000000, 0x1, 0x1000000000000003, 0x0, 0x4000000000000000, 0x9, 0x2, 0x5000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto_IORING_REGISTER_ENABLE_RINGS(r5, 0xc, &(0x7f0000000040), 0x8)
waitid$auto_P_ALL(0x0, 0xe, 0x0, 0x3e, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.0/usb10/10-0:1.0/usb10-port4/over_current_count\x00', 0x230000, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@nfc={0x27, 0x0, 0x0, 0x3}, 0x6a)

2m36.686993299s ago: executing program 1 (id=1244):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

2m35.952212326s ago: executing program 1 (id=1247):
socket(0x2, 0x5, 0x0)
r0 = socket(0xa, 0x80803, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x220080, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
lseek$auto(0x3, 0x8, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x100, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/sit0/accept_dad\x00', 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000780)='/proc/mtrr\x00', 0x441, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event1\x00', 0x8000, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f0000000240)="72825ee239342921ccdf772613f3205f9e2c878e48b4867b6daa0218985c85f3d4edca7f3a3e9b874d3eb5a60af3774a5a17025b051e10a022f4d295eb2abc991721848deb3eef1ff5bdae71866324ad2494a68e3f87f2506730248ce9c8c1e167697b8a513248c5cc61c0bf141ebb9810417b0282a4ef72742db43597ae05f107f37ad3df7eedbe3d5229ca1bf26dcce1d12ad1fe48aef77629464bf72645d39f0befceec804c26cd6fea17a693916c6a5988a126f9aae886d58224", 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x2b, 0x0)
fsopen$auto(0x0, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/cgroup/delegate\x00', 0x80, 0x0)
r1 = socket(0x2, 0x1, 0x106)
getsockopt$auto_SO_RCVTIMEO_OLD(r1, 0x0, 0x14, 0x0, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
shutdown$auto(0x200000003, 0x2)
connect$auto(0x3, 0x0, 0x54)

2m35.63249635s ago: executing program 1 (id=1248):
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) (async)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d})
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(r0, &(0x7f00000003c0)={{0x0, 0x3000000, 0x0, 0x800002, 0x0, 0x50000000000000, 0x1}, 0x892}, 0x3, 0x1) (async)
sendmmsg$auto(r0, &(0x7f00000003c0)={{0x0, 0x3000000, 0x0, 0x800002, 0x0, 0x50000000000000, 0x1}, 0x892}, 0x3, 0x1)
getpid() (async)
r1 = getpid()
sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01001ec8"], 0x14}, 0x1, 0x0, 0x0, 0x814}, 0x800c8c1)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x92523, 0x0) (async)
r2 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x92523, 0x0)
write$auto(r2, &(0x7f0000000180)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k>\xc8\x1f\xad\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\xe5\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\xb2^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xba\xab\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x1a\xd3\xd5Of\x95\xee\x13e\xeb}o\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dT\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xdc*\x1dV', 0x5)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) (async)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
bpf$auto(0x691, &(0x7f0000000000)=@iter_create={r0, 0x1}, 0x7)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x6)
listen$auto(0x3, 0x81)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
ioctl$auto_SNDRV_PCM_IOCTL_PREPARE2(r3, 0x4140, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
write$auto_proc_uid_map_operations_base(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/pagemap\x00', 0x5d5083, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/tls_stat\x00', 0x500, 0x0)
pread64$auto(r6, 0x0, 0x1ff, 0x8800000000)
ioctl$auto_USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240)="2303", 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0})
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

2m20.521337569s ago: executing program 32 (id=1248):
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d}) (async)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d})
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(r0, &(0x7f00000003c0)={{0x0, 0x3000000, 0x0, 0x800002, 0x0, 0x50000000000000, 0x1}, 0x892}, 0x3, 0x1) (async)
sendmmsg$auto(r0, &(0x7f00000003c0)={{0x0, 0x3000000, 0x0, 0x800002, 0x0, 0x50000000000000, 0x1}, 0x892}, 0x3, 0x1)
getpid() (async)
r1 = getpid()
sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="01001ec8"], 0x14}, 0x1, 0x0, 0x0, 0x814}, 0x800c8c1)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x92523, 0x0) (async)
r2 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x92523, 0x0)
write$auto(r2, &(0x7f0000000180)='0\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k>\xc8\x1f\xad\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\xe5\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\xb2^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xba\xab\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x1a\xd3\xd5Of\x95\xee\x13e\xeb}o\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dT\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xdc*\x1dV', 0x5)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) (async)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
bpf$auto(0x691, &(0x7f0000000000)=@iter_create={r0, 0x1}, 0x7)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x6)
listen$auto(0x3, 0x81)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
ioctl$auto_SNDRV_PCM_IOCTL_PREPARE2(r3, 0x4140, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), 0xffffffffffffffff)
write$auto_proc_uid_map_operations_base(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r5, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/pagemap\x00', 0x5d5083, 0x0)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/tls_stat\x00', 0x500, 0x0)
pread64$auto(r6, 0x0, 0x1ff, 0x8800000000)
ioctl$auto_USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240)="2303", 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0})
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

1m45.520662376s ago: executing program 4 (id=1408):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=@bpf_attr_3={0x2b, 0xffff, 0x6, 0x5, 0x9, 0x21, 0x4, 0x8, 0xd, "9cb752c613de1e128a360e822228879b", 0x0, 0xd0, 0xffffffffffffffff, 0x200, 0x0, 0x3, 0x8, 0x9, 0x6, 0x2, @attach_prog_fd, 0x0, 0x3, 0x5b, 0x6, 0x6}, 0x40)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2042, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x3f000000)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event1\x00', 0x1, 0x0)
ioctl$auto_EVIOCSREP(r1, 0x40084503, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x6a1, 0x2000000000002)
socket(0x26, 0x80805, 0x0)
socket(0x28, 0x1, 0x0)
socket(0x1, 0x1, 0x1)
pidfd_open$auto(0x1, 0x0)
fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0)
close_range$auto(0x2, 0x8, 0x0)
setrlimit$auto(0x1000000007, 0x0)
readv$auto(0x0, &(0x7f0000000080)={0x0, 0x60}, 0x3)
mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000)

1m44.152083931s ago: executing program 4 (id=1411):
socket(0x2, 0x5, 0x0)
r0 = socket(0xa, 0x80803, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x220080, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
lseek$auto(0x3, 0x8, 0x3)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x9b61ace3aceec0d4, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/sit0/accept_dad\x00', 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000780)='/proc/mtrr\x00', 0x441, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sysfs$auto(0x2, 0x100000000000038, 0x0)
r1 = signalfd$auto(0xffffffffffffffff, 0x0, 0x8)
timer_create$auto(0x7, 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000a40)=""/4096, 0x1000)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x0, 0x400}, {0x0, 0x87}}, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event1\x00', 0x8000, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r0, 0x2, &(0x7f0000000240)="72825ee239342921ccdf772613f3205f9e2c878e48b4867b6daa0218985c85f3d4edca7f3a3e9b874d3eb5a60af3774a5a17025b051e10a022f4d295eb2abc991721848deb3eef1ff5bdae71866324ad2494a68e3f87f2506730248ce9c8c1e167697b8a513248c5cc61c0bf141ebb9810417b0282a4ef72742db43597ae05f107f37ad3df7eedbe3d5229ca1bf26dcce1d12ad1fe48aef77629464bf72645d39f0befceec804c26cd6fea17a693916c6a5988a126f9aae886d58224", 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x2b, 0x0)
fsopen$auto(0x0, 0x1)
syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000180), r2)
msgctl$auto_MSG_INFO(0x7, 0xc, &(0x7f0000000300)={{0x6b931f4b, 0xee00, 0xee00, 0xcfc5, 0x0, 0x400, 0x8}, &(0x7f00000001c0)=0x1, &(0x7f0000000200)=0xb5, 0x8, 0x4, 0xffffffffffffff2a, 0x80000000, 0x3, 0x8, 0x7f, 0x0, @raw=0x42})

1m43.522519269s ago: executing program 4 (id=1413):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
sendfile$auto(r2, 0x3, 0x0, 0x400000000004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)

1m42.710735773s ago: executing program 4 (id=1415):
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x5, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x5411, 0x74)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_IF2_AGE={0x8, 0x4, 0x4b3d}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
getsockopt$auto_SO_PASSCRED(r0, 0x4, 0x10, &(0x7f0000000000)='{%\x00', &(0x7f0000000280)=0x3)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = socket(0xa, 0x1, 0x0)
getsockopt$auto(r2, 0x6, 0x5, 0x0, 0x0)
setfsuid$auto(0x0)
r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x3b72, 0x0)

1m42.047205017s ago: executing program 4 (id=1418):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000)
r0 = socketcall$auto(0xffe, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0xe0300, 0x0)
ioctl$auto_BTRFS_IOC_SNAP_CREATE_V2(r0, 0x50009417, &(0x7f0000000100)={@inferred, 0x0, 0x0, @unused, @subvolid=0x6000})
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
io_uring_setup$auto(0x6, 0x0)
ioctl$auto(0x3, 0x4008ae61, r0)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x80000000}, 0x4)
sysfs$auto(0x2, 0x23, 0x0)
r2 = fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r3 = clone$auto(0xc9, 0x8, 0x0, 0x0, 0x4)
setpriority$auto_PRIO_PGRP(0x1, r3, 0x1)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001100)='/dev/input/event2\x00', 0xc01, 0x0)
mount$auto(0x0, &(0x7f0000000440)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', &(0x7f0000000140)='nfsd\x00', 0x1010000, 0x0)
sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xa8, 0x0, 0x4ad, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_FLAGS={0x1f, 0x11, 0x0, 0x1, [@nested={0x8, 0x15b, 0x0, 0x1, [@nested={0x4, 0xb6}]}, @typed={0x8, 0xda, 0x0, 0x0, @u32=0x8}, @generic="96180a0004803ed3a6dbd3"]}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_PREV_BSSID={0x42, 0x4f, "9f9280ed1c78479ffd958f90174962132b228acbc993133193ac7e9d0bcc42a65482c33130075848370819b777b80bcda981f53c1b1b193141aaf9fdf99c"}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x9a}, @NL80211_ATTR_WDEV={0xc, 0x99, 0x4}, @NL80211_ATTR_MBSSID_CONFIG={0x14, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES={0x5, 0x1, 0x9}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}, @NL80211_MBSSID_CONFIG_ATTR_EMA={0x4}]}, @NL80211_ATTR_REG_INDOOR={0x4}]}, 0xa8}, 0x1, 0x0, 0x0, 0x40}, 0x44)

1m40.438516325s ago: executing program 4 (id=1422):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)='*', 0x1)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x600, 0x0)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x3, 0x100)
socket(0x2a, 0x2, 0x0)
pipe$auto(&(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)
ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, 0x0)
read$auto_proc_timers_operations_base(0xffffffffffffffff, &(0x7f0000000200)=""/8, 0x8)
fanotify_init$auto(0x5, 0x0)
io_uring_setup$auto(0xf00, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socketpair$auto(0x4004, 0x8, 0x7, 0x0)
r5 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r6 = socket(0x25, 0x3, 0x3b)
getsockopt$auto(r6, 0x29, 0x33, 0x0, 0x0)
setsockopt$auto(r5, 0x114, 0x8, 0x0, 0x4)

1m27.154306935s ago: executing program 2 (id=1458):
r0 = openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0)
write$auto(r0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(0x0, 0x0)
r1 = open(0x0, 0x22240, 0x154)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084)
bpf$auto(0x0, &(0x7f0000000400)=@link_update={r1, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3)
socket(0x28, 0x800, 0x8)

1m26.839272516s ago: executing program 2 (id=1459):
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1c\x00', 0x501102, 0x0)
mmap$auto(0x0, 0x6, 0x10000000000, 0x11, 0x3, 0x0)
r0 = ioctl$auto_NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0)
mmap$auto(0x0, 0x40000c, 0x45bd, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd4\x00', 0x200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x85, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS32(0xffffffffffffffff, 0xc0245720, &(0x7f0000000280)={0x1, 0x1c, 0x97, 0x101, 0x5, "5194e77255155114e93717088a9e0a91"})
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0x2000040080000004, 0x1)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="110b27bd7000ffdbdf250900000800030000", @ANYRES32=r1, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4001010)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/ip_vs_ftp/parameters/ports\x00', 0x80100, 0x0)
mmap$auto(0x0, 0x80000000000000, 0x1, 0x40eb1, 0x401, 0x300000000000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0)
ioctl$auto_MON_IOCX_GET(r3, 0x40189206, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/038/001\x00', 0x101840, 0x0)
preadv2$auto(r2, &(0x7f0000000440)={&(0x7f0000000380)="711617b2b919c741b01179271726848679547277cc0aa6fee0385707661432d3cd3e4d6cb855d57073ea9fad3ee922b1f6d19b4dcfddda895464efd1614e0fa9b1c2d9f0be740ccc6d1227b526c0781d88935969fa1ef23a981f9d0609dc617722d406c33d1a02751cd057359d865731d90ff5544449a649427c5282a1f33b814cb3577d8ddd", 0x80}, 0x8001, 0x8001, 0x8, 0x400)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/149, 0x95)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

1m26.124357365s ago: executing program 2 (id=1462):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x0, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x9bht\xeb\xf1\xb9c\xf2\xfa\b\x1c\xc7k\x89\xe8^\x98#\x86\x92\x86w\xa1\x05\x9b\xad}yX\xc5\xc0\x1c\xd1\xeb\x9e\x91\b\xfc=\x18\xf9E\b\xa3Rgu\xf5L\x1d\xf8\ny', 0x2)
unshare$auto(0x8100000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x123002, 0x0)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0xfffffffffffffffd, 0x4020007, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x12b743, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x367}, 0x6)
setsockopt$auto(0x3, 0x10f, 0x7f, 0x0, 0x14)
io_uring_setup$auto(0x8, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x40002, 0x6, 0x7, 0xad, 0xffffffffffffffff, [], {0x9, 0x10000005, 0x8f, 0x8000029f, 0x2, 0x83, 0xfe, 0x17b, 0x40000000002}, {0xff, 0x3, 0x52, 0xfffffffe, 0x2000001, 0x0, 0x4, 0xffff, 0x100000004}})
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x5}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0)
epoll_create$auto(0x0)
fanotify_init$auto(0x602, 0x1)
timer_create$auto(0x402, 0x0, 0x0)
exit$auto(0x2)
r2 = socketpair$auto(0x10000005, 0x0, 0xffc, 0x0)
ioctl$auto_VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, &(0x7f0000000140)={0x40, 0x9})
close_range$auto(0x2, r2, 0x2)
socket(0x2, 0xa, 0x106)
socket(0x2, 0x801, 0x100)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @empty}, 0x51)

1m25.115693153s ago: executing program 33 (id=1422):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000200)='*', 0x1)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x600, 0x0)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x3, 0x100)
socket(0x2a, 0x2, 0x0)
pipe$auto(&(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)
ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, 0x0)
read$auto_proc_timers_operations_base(0xffffffffffffffff, &(0x7f0000000200)=""/8, 0x8)
fanotify_init$auto(0x5, 0x0)
io_uring_setup$auto(0xf00, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
socketpair$auto(0x4004, 0x8, 0x7, 0x0)
r5 = socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r6 = socket(0x25, 0x3, 0x3b)
getsockopt$auto(r6, 0x29, 0x33, 0x0, 0x0)
setsockopt$auto(r5, 0x114, 0x8, 0x0, 0x4)

1m24.402256716s ago: executing program 2 (id=1465):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sr0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x4)
r1 = io_uring_setup$auto(0x6, 0x0)
syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), r1)
socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(r0, 0x4, r0, &(0x7f0000000240)={0x6, 0x7fff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000cc0), r2)
sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdb5f252e000000180001801400020076657468305f746f5f6873c27e92bd72000000002b56b79ae8b66165abd2b470a2434a64a3d7f5ce79fc5dcbe8856a2606e8339e0d9c31d25cd9582b4561c992a60700"/100], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4c000)
sendmsg$auto_NFC_CMD_LLC_SDREQ(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xfffffffffffffd33, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRESHEX=r1, @ANYRES16=r1, @ANYBLOB="02002abd7000fedbdf2513000000060002003a40000005000c0003000000080003000400000008000d0001000000c00019000623f93c3367a181f13054925476a6e9c1f10df9ae661d21bc22c21bb742019256c6897da0855da10c51b0c85b26db1e90b90b1a733aa0bb7dcca5e70bf6b693a3edb329c7fa38cd16578d9a20adf288683ba0067019ca4ecda7791f4447ee40d9fcf0ee02b05968424072e557a0cdb6e3c418834947c4a74fd974a40ce5f3b121fb82cb45ae958716171eade9d555c15d79eadfbbc41cda080627a16d55fde9016520648c52fab79e219fca222c5cf662b0b6e5132f5631dc2ddd0105000c0006000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20004000}, 0x4008803)
io_uring_register$auto(0x2, 0x4, 0x0, 0x1)

1m24.129727175s ago: executing program 2 (id=1466):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:01.0/revision\x00', 0xb02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff)
r1 = getsockopt$auto(r0, 0x0, 0x1e1f, &(0x7f0000000000)='nfsd\x00', &(0x7f0000001440)=0x8)
r2 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
write$auto(r2, 0x0, 0xfffffdf1)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0)
linkat$auto(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)
shmctl$auto_IPC_SET(0x405, 0x1, &(0x7f00000012c0)={{0x10000, <r3=>0x0, <r4=>0xee01, 0x1, 0x2, 0x2, 0xfff2}, 0xb2, 0xa0, 0x91, 0x100, @inferred=<r5=>0xffffffffffffffff, @inferred=<r6=>0x0, 0x80, 0x0, &(0x7f00000001c0)="2fd3f7daa2b34311c9f0226fb5d8317cf69e1c2f1b768b4aab44516c0e7d5628e7057e4c7a040f40dd6b142229b8d4cf833425d5fb10a96ca2b0fd61416d416d3ee465898e4bb812225964746265489832e9ac2b68c08ae072201a3783fecf2b18a4b9c15867f5ac0e206c97597e93976b506ad9161726c24e3ed42ed208ef273414ae12c7b774ef507544c2e2a9f1588302e88526717a6f9c0e1b3b66e8c712dbe09db93dde109f5603b6e802763d789723aabcac350f0a8f8baab5ff5378a14b555cc4bfd1e15b768cb1dc7e8a98caaabd29982576526e08", &(0x7f00000002c0)="0f9f4bcdb4c71cc5b60e6744a05a5eabee1e46411294a584a5f154ae500e0955364acf2a758ff0ef7d6dd16150ecc7497ba4c61a1fb4ffcaa94d393c6127840ce6268ab84584a705ec794182d9e33602c9ea903f0807f77f203e45fd3fd30099b934d751bcf86b09a016ae20de4e6567b34afd76ef14bd69217718aa56ecc093abe25ed7b77187388c626cb9cddf93d41e2f5e6e934200c2cd9642a460b4d4ab876290bb6def04d8be8eff07838d5d90db52327e5061ae2ef0f9efd4dccb4a722b52de26c13793ad15ba551e7f14af7de524e685e2dd3386f37805fe4c26810217daff159c6376727a94302d6e220badb1e8ecbcc7f031ceb74a95cc1d21de5ea73b6cfa6a56197e5605baac14c2e90f480dc244823242f37dfbe9c05014bac77a79215aef1fd93be0f6d04c941b4db62e9dbc47bdcb5e78af55729bf7283630e524fcb7b844e71fc3d945d094377f6a895f162c41b22bd6690a0b6fc216b37e2ba1ebfe71dcf0ac327e3dc267f94820d8469ee0784b516deb1ce243dc79f2fbfebe24d6a5c30b970cd5ba2974460e30488414dbcd558eb65403eeb764123100e39c85875699c04c3dd1a58381ccc8f7d54036603fa215d9d3ce376baa348bbfd249949fbd35c738bd3bb202f63630bed4919b7758abe3bf15d5443690a02fe701e4f3119e8797f5df5a6eb10d6c92185c956d9680eccd4f8892baf37bacf6397fb9d713f0db9e43966fbe851d9265a140502dc47e6d3f9ea4c87f294822de247530d4d52063cffb315c0b881654cba2caf0b799f112ca95e71506dbdc20c602b582155d92132822378137cd1184da12af70bcc762766d80453a2bb3d9db518e09d42ccbf35d77e2e4d04eacc920c1a29d72e3fd921761959d862c8ed0714f7e6ba7711370683bcedabd7d322fa4c36da0c4d9438aa58db5e445111c51f853f556d33c595f755a7a309685c79a9a14fbea74dc8e8e4e19e18a82cfe4578265812bac91f358aaacb5f082ee16b90f9b3e09cfbf83b37a9fe8afd5e608efb6c9dba1336953e8e0e37022828f111523744d16605286549e49648b22ffce65e1171a7aec51db8685c58cde87993e81d93dd28cb13727759e098e3c85439b50670491f31f76effb111a5458fae6ff3ef8a0c3495cb5b7b353eac273365a57ae9857e27dc90653fc68844529184374fde7cd78eba23edc4ec4e1df6dcd4d54eff0e2824e1b6a271e7bf4c485ffe74075c3eb999ccc19affd3651f4ddcd909fc084e83c1bbeccd21c6c52418c6ed3c0aa1e277d1c28ee2edfcee1ea244d58755b65d5a8929c7c928772c4508e2916a553d062dc546dff7d0b8b4bc4853b0547de4e19409cd5724d6b7efa4b5fc84536dea0a23dc8c98d093ea91897d1d2c5cb90ac0b9afd2da56546bf11abbe6aff5a4ffde6115fb50e37a8779637731039f323472457e99ce7a92015eb873631a5809b2ed8ed5ab14c907d9b5e985a16f344730c990f1c2051f45d3cd6c7caef8839d18025d9238f96cf9adfd1302a9c30769f6ddfa1a83c6e543e4a48c91de1e868c441b1b378ea608740cab80dd7e40bbf21f4214d31c2b62eb8ec07774e2b526be6549123d37be0e9945e19998c05292f6253e760ca71a13912cc318251e956a7f48b27b22dd258bee5e70139579249afe17020ddff3186814107f0196b5b1a69f9367885184e64de08f5f2098bbadcf081a45e6cb18038f3db836d3094d3e8cf689ff0b6b27fd20464cc1498d28b5615a72e1e0ee539ddfd727978f3544f04f46f5319ab5fd671300bd474f6f1cf865053a2f23de59b0f6dac03f2c6cef8d8d48e37420eccc52b76f739f675090516fd0201b0049aeca5a53b29504e1a492cad530f4ba3dfdba4056efc25869cb1f777f09a5cc70c8ce27faf7e50f3b3b9ae469a14bbf601fac3c2f288afd4eb1cb04e4adb5c2b9fc9c5e60c0556969570238c995ec7adff68ea2bccc27b44fd92c6a3d2ebe685434a6bdcfbaeb2729373056728031730bd8028548dfc8ea5b8ab41053f4b6da47c332655266a2c2b529a074797afe80c7f3d0ed44523e75de6b9af0959dcb8c7a18376825afdb9780972fb52b36d3efa38ca2f352a2c784bfd2573a85350dc0c747f52ef70b60ea006a64c0033cfab3b36d368bccb54649d40acc55f5a45fcab48dc68f9a2cf25031f0875d920b57f47aae5191bf9f8c77702d340b623a778dee33e1396f5f185563e4e3cf49da53e78cd27f6e34e53c12121e014bd595fa948d08541ebc480a8e3f09b0c4774d6acbc7d1bc38bf646b6c304edadd18dbe6ca593e9a4e3d7de0fe505919c4c7c23c9b6ddec5a43816b9eb1ac88b49699326ee3cd505d4768a389463485cc9823f8c50914da1906bcccdfdd0ec4e9a4d508a4bf6d2bd4679ed6c5ac87a0140546f0ffe68edcbb661fde7703105d59283bb8fd1ace356cc6c14d9b36893924965eeb008c43816c0ae07396467d32a25da69bcd096bd90442015baec93454cc67337b0309decc3d37d772f065334f552e7154acab6cbc55aac4bc6dd0f85b16be95d3ca15faacba71ef95d9b0befcf8f77e7f2130c7e3d9f49e67285c4aeaa2a856145d2a5eb6437862098957e29464e322bcb323b2ab25685dc747157125d48410730a081e42b54cbf397699b376ec5fe9671491578c88708fe90d84bcdcc13b09d0cc386bbe609b1dce5419eb1c8e9f4d2c2763a38291956cd1bab9fad93508a5e4d54dbf7256cc438e2926f72cfdbc3280bfd196f75ac9840cc09297bd0b84b991fea6ba30edc7f04daab1c838ee5ee1a21c9faf54c2c76c76740c7433eaf3870366fc83b96138893c9299c850dcf782447043d6ae5e67b993e52ab9829aca61becb8b89942e913e9001677576590cb2a11f7f3d052163a1039e43ff3a97eddd5a612ce97b919bcdac195489a865709b4e9a6c98702f146ea80ee322b94eab64bd7959fbf718032117b22681bd93f6f93220d2a9b0a6b42f70aa8ffd2e9598b3cef7eaf71a68f0bcc26488c236852fca0c1f52e4873c581ce43c95a228500c1468afbe7671a8826857600f58fd92e5e281afb0777e54558ca224926827102c448ca5f58a9966e0e92df3db990f968f684e2da6d2005d1a4ceb7119c203737193de3c3cec5a83510f3bd0c47f458e9943253691905e13c5a50033b04365846b81aa59f98b0a9743330b27219529c98325f5e6344de000c9dc1382c61f94e800ef474e851ef0b41a349871f4efa3276fd2057e39b65efccc67043c8808897ba0fdb187ae5cf86b41421807aea05962d2a6da752f62554152e869e2a38dae3fc35b9cdaddee057b0f8805ef8b15c417f54632c6e533ff391a5ecfe0e77a4e25c771fd3cff9fe7e87d2720d6dddf535d07ed5f7a63a74cc42cad2a925de3d9f51b02942119ff9ff82beef694fa929a1fcf8b369976a24f6646e990b3aafafba6e8fa40ac0e66bbf7b75f15fa0627cd0b33e8f8af57a0af01c3a7314364016e93a70272574ce9884d1c54c2852490ae635cd9a76f94c975ca123a1cc08da041809769105ea150f0f93193f91a1fccd104d198a90dfc7b1d9f0415edc522fbcb326e68fb43a6a6a3ad445705397af21c511a81ae19e57c78b93927f42a09b2fa28e100d1ac3869a425ec1a11b604c1f7e85c421a5037031ec0d8b7b6257be28b4ce9d60cd7f8e8c38ecb8e7b02abf36aa5c208cbe0b18b4c6d34a36e30a90eaf8f78b312bd507a629178ab6037555dd35ad769917c7904c04a8981c563d51876413a624e8c64de38e792d9c67e1c054849906a9c01ba8a2eb466d4fcd9b6b4e146838d0590946eba52875e9bb734688ef19f1b1b1255be0d6f262809a5f835bd66be02dfe3a77108a0be860cb9069a869e5db321c53cd325e169019058274de0ba77c58866e60571f832699a2c188b3226631918c0d520a54586d4b88c8346ddfe495d3d9e9895e2fd893108c95e31915a9abd96a215a703bef930c91ffb7e668de4f9bdea063fffc9c974f8b8aa4e40936b0637633c977d69cbed4ec2f96a456269079c13dc419a62f3e4dfd8baa5ab0f72dfbd4124d9e98d6bde11422140db6b94095751fea14067a1cd14631f4c361f627e314b73ae762ff87de7e93fdfd9735889f140d87270028ca28974042f7a49e715d87eeeba208ad0fbbb6a0ccb450ca42d447aefbf053e3d6bc388ef7bcbd68db653ebc494a8d5b1573e8331828d55639c571ab13da78b9647fee7854c92c4531e7c438af436354ee818699cdf90a2a0f2d53bc5dccb50cf60958bebc26caf46ae5fff08356bb8e1c31c452713311b21a4c5262790185ca49ccfbfb3505210e6420d953f4897a5a5ba756dcacdc5385c0d15e28b9ef42012bcb5eeafaae1c3678b6851b47c091203e6358659ebcfd8fd7b65d8b42d91aefdc5076d8ecb6f17fa1314998ff9e19f77e1a901d385d71a776d2263e7c8862ee570178c353d92f6ec43233ccd765b798f96f71e151a751720332a6ab518d463490a33ecaa36c735b672da2843f73249ba43c805568f7b641ff4ecd067b149eb194cfd675d76700715700df6053b2c3ae1ab9c6c969f0a438aa073a46626262080118e94e005dd65bef419d01f7287310d5caad4fffb8ecd27a2aae022c2dcc80e1467356fe529200c3df48fc6f3903224cb394c3fcc08f03c4c3ef46ec388f3167d7b51adb505d1363cb71be535003e84ae41c7f470b61112c625b50748e9562cb2737c08506b23ec7ed351b5b17f5e21a315dd3b8f655988f0f24e5725743c7c9d124e118c1233f1153c3bf959721783b6518ab46cc9b97438b2ac2e71f76bd180aa073365e072d80d10380aeb87805eae8f130b9bcb76efa92e2a7bcd4024ee874ea16c56ade11e579767013281a05197cc2c56f099313d5386b66ade59262d991c82aa029eed43dc3511aa503eb4ca2b8e1ea839e205116cc10c9745a3ce07f60fbbb9cdbe6cc1bbece753dd551e9e68fbce73b97935eeaf35f242907514d396d1ae037a4575e2ff20999a434dadc3ca7f7300b5f2ce4e51b7e34fcb31cd9ee85329c70ba396a7903702881798394a5400acd43b0b686e8d5769588cc097858395c61486350a308f09afa93d7d373e441b105b98f20c15c2ba982e81014ebeb72e019fa83fab07e7f0fa84c3dd550098e23a6243a733d7b73c64cc11b517b4527505db067caffb82cdf1f5c6179c2546ed74d5f89d3d80edf09bd6fe0c993d149d3fbdec5e330258fbe2a685e0430a230ea88d3c2eab5c83304b9493e17f6559055bf7c607944451ec16b04c7dd108d69bef08821c165b66401dda317f2325e1b8c45c3a30ce4835a98f82f2bf3264ff1424d62fe4dfa0ec26a1ff27409f29d154a5053bef2fa8c9d879e975d92f589b9b273e7ede656acfd0884ae42f67f9c032dcea70bd073e5b47bd1f7c0613793a55eac8d24f2d361a359d28ae37194bd8e9e1b2b2a0ca5d875e77dbe0bdcdf4305795c2a2545daddb702b7286058c4ca6798bf585b9ff490952808bbeb32619f8036ecea8997cf745db5fbd0cb6f4d37bea90ef6714de708ed22299cc503ac5f51a697592188f752137d439de1c434e99c3f5c5411b8abb533fa54c555c2e3c53f1d9ce2345e724f4a753071ac25ce11d7120349f6f20c099bf2aa407ab6435b7e4b9c8c07f7ccdf6fe1b87a7b74e52b2dece55e8f4f4246b9e4a0861b2ddd2b4f5c35f27b12078765f255dc317adbab3a1817b84100336385428d481c89237f5fdab959e6c2c832e804357439c07c9741e462add6c2242a0e17bd9"})
r7 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
r8 = getegid()
setfsgid$auto(r8)
newfstatat$auto(r1, &(0x7f0000001480)='&&\x00', &(0x7f0000001780)={0x5, 0x2, 0x8, 0x1000, <r9=>r3, r8, 0x0, 0xfffffffffffffffe, 0x9, 0x2, 0x3a4b, 0xdd26, 0x401, 0x0, 0x5, 0x2a, 0x5}, 0x4)
shmctl$auto(0x1, 0x7a76, &(0x7f0000001700)={{0xb21, r9, r4, 0x1000, 0x9e, 0x8, 0xfffe}, 0x4, 0xa, 0x2, 0x257, @inferred=r6, @inferred=r5, 0x2, 0x0, &(0x7f0000001580)="b91f6583e5bb305b6b245d542dcab3b2948aa04c7d3c6cf4c7431342eaeec062540fa8b58fc6bdc86058cd84785dc8393fd6289b52ee9abc344d3e654f468a4eda0b2a944cb279f8ca780135ca9a3d90a947d3158aaab150b5086edb81136482c1a0606f24cf8b657f7df6c25c183c3eb156e6b0c3eaba785d8badd6e16bd3149357c13f5a587edd5c1fbad256bef5f099d60dafd09f9e4b39411d4b3496d3f75ac2999d8d288d9c35bdd81dd3200023603a2a6ce4c6c71379f4b6f9e2681fbe198558b41be7a6469f4f53c72c2dd638479e5c74a0123b930893ac27fb2d3153cf9f6185", &(0x7f0000001680)="c4e812b95cfb4d9f49a34f19523b5b58300f21ab2439a885c3d6392b6113f47f80e246b40eddb374351f6dc1e1737088c912939fabf5ed5b90ccbf40a04459e6237cefb7a5f7a7d96731d9bf03b67e01dacfd1bc67e7814a0dedc1e427366b8457968e3ef35b5fabce"})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(0x3, 0x81484d11, 0x38)
lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0)
ioctl$auto(0x3, 0x3b84, 0x38)
fsconfig$auto_FSCONFIG_SET_PATH(r7, 0x3, &(0x7f0000000100)='\x00', &(0x7f00000001c0)="3b4ec31ec0f99f7204157cf35a18ec5deee46d8199213352d586fa8f5221aba1444d24903f49bc1dae1d817f5dcd6aa4ecd33b62cc5abe6ef526851713c0cffa477ac0f9c3a30e7adf8bcbbfb8c0b164dfc1c5c35a14dce07e769daa726b15cbfbefc1c4a262de7b4141b435c73f4b47ede2e0369ce0edab9f7d3b2e1c35b8f3eff4e58144bdfb99e2956f8b262b81bce85d444857ba046847ea751e661795273ce6e1d428f028647118e3f94cdc3c3e8cc3db83a9362f6551e64476b7ae65cc1aab7b59e5206a", r8)
r10 = semctl$auto_GETPID(0x7, 0x8, 0xb, 0x5)
msgctl$auto_IPC_STAT(0x6, 0x2, &(0x7f00000013c0)={{0x1ff, r3, r8, 0x6, 0x9, 0x1, 0x7}, &(0x7f0000001340)=0x9, &(0x7f0000001380)=0x40, 0x8, 0x1, 0x5, 0x7, 0xb, 0x101, 0x7ff, 0x2, @raw=0x5, @inferred=r10})
mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862)
mprotect$auto(0x0, 0x8000000000000001, 0x8)

1m22.28201399s ago: executing program 2 (id=1470):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
lsm_get_self_attr$auto(0x64, 0x0, &(0x7f0000002440)=0x1f9, 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
close_range$auto(0x0, 0x5, 0x0)
socketpair$auto(0x5, 0x4, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
pidfd_open$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r2, 0x1, 0x7ff)
ptrace$auto(0x2, r2, 0x9, 0x98)
r3 = setfsuid$auto(0xee00)
setreuid$auto(r3, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x63c1, 0x7ff)
ioctl$auto_KVM_CREATE_VM(r0, 0xaea2, 0x0)

1m6.9324516s ago: executing program 34 (id=1470):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
lsm_get_self_attr$auto(0x64, 0x0, &(0x7f0000002440)=0x1f9, 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
close_range$auto(0x0, 0x5, 0x0)
socketpair$auto(0x5, 0x4, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
pidfd_open$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r2, 0x1, 0x7ff)
ptrace$auto(0x2, r2, 0x9, 0x98)
r3 = setfsuid$auto(0xee00)
setreuid$auto(r3, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x63c1, 0x7ff)
ioctl$auto_KVM_CREATE_VM(r0, 0xaea2, 0x0)

12.092459791s ago: executing program 3 (id=1638):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x100000001, 0x7ff)
ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0x7f, 0x5)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
msync$auto(0x200000, 0x2000000005, 0x6) (async)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) (async)
unshare$auto(0x40000080) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2, 0x3, 0xa)
getsockopt$auto(r1, 0x0, 0x30, 0x0, &(0x7f0000000040)=0xdbb) (async)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) (async, rerun: 64)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/uevent_helper\x00', 0x80302, 0x0) (async, rerun: 64)
remap_file_pages$auto(0x7fffffff, 0x513e42ea, 0x0, 0xfffffffffffffffe, 0x741a7957) (async)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x7ffc) (async)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7f, 0x9, 0x0) (async)
mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0)

11.110647361s ago: executing program 3 (id=1642):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/amidi2\x00', 0x250082, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x80045700, &(0x7f00000000c0)=0x9)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$auto(0x3, 0x6f2d, 0x2000)
mmap$auto(0x0, 0xb, 0x6, 0xeb1, 0x3ff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
socket(0xa, 0x5, 0x0)
io_uring_setup$auto(0x6, 0x0)
mincore$auto(0x0, 0x1, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)

7.83482681s ago: executing program 3 (id=1651):
mmap$auto(0xfffffffffffffffe, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000180)='ns/time_for_children\x00')
mmap$auto(0x0, 0x80004, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0x15, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)={0x1c, r2, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x18}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x34, r2, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x44}, @CTRL_ATTR_OP={0x8, 0xa, 0x4}, @CTRL_ATTR_OP={0x8, 0xa, 0xffff}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x20}]}, 0x34}, 0x1, 0x0, 0x0, 0x24048040}, 0x40001)
r3 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event_pid\x00', 0x22b01, 0x0)
io_uring_enter$auto(r3, 0x1, 0x81, 0x4000a5, &(0x7f0000000080), 0x6)
sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
keyctl$auto(0x6, 0xfffffffffffffffd, 0xee01, 0x0, 0xfff)
mprotect$auto(0x110c230000, 0x41, 0xc)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x18bd01, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x14)
socket(0x11, 0x80003, 0x300)
socket(0x1d, 0x2, 0x7)
socket(0x2, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x1d, 0x2, 0x7)
socket(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)

7.633284943s ago: executing program 0 (id=1652):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x3)

7.307972924s ago: executing program 0 (id=1653):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
pwrite64$auto(0xc8, 0x0, 0x3, 0x3a)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x8000400)
sysfs$auto(0x2, 0xd, 0x0)
acct$auto(&(0x7f00000000c0)='/dev/input/event1\x00')
r1 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0)
r2 = fsopen$auto(0x0, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='\"'], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7)
fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
lstat$auto(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0)
inotify_init1$auto(0x80000001)
write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000040)='1', 0x1)
sendmsg$auto_NL80211_CMD_VENDOR(r4, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000240)=ANY=[@ANYRESDEC=r0, @ANYRES16=r5, @ANYBLOB="050727567000fbdbdf256700010005002a014000ff078ae62ecb4771db88b32ff0afd393b6f788fba299284df6b4bfa8b4e5b31013bf3380a9ca26913a7726ba730fda008d06777fe5095e111979f721e8d689153464c384d9be7ed8969b4e536cee3ebfd0d004945f07000000109ac05d62ab75c0b07e283983b53071f68d3f990d9005fb7363f7c0e973b989"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)

6.971298998s ago: executing program 3 (id=1656):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS2\x00', 0x0, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x21, 0x0, 0x9)
ioctl$auto_TIOCSTI2(r1, 0x545c, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0x1000000000eb1, r1, 0x8002)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
mmap$auto(0x0, 0xb, 0x9f, 0xffffffffffffff92, 0x401, 0x7ffd)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20340, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/oom_adj\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x1f40)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880)
ioctl$auto(0xc8, 0x800454e1, 0x5c8d)
mkdir$auto(&(0x7f0000000040)='./cgroup/../file0\x00', 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0)
ioctl$auto(r5, 0x540a, 0x0)
unshare$auto(0x40000080)

6.602743193s ago: executing program 5 (id=1658):
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages\x00', 0xe8202, 0x0)
write$auto(r0, &(0x7f0000000080)='9\x00;T\x16\b\x06\x00\x00\x00', 0x10)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
getsockopt$auto_SO_RCVTIMEO_OLD(0xffffffffffffffff, 0x47f, 0x14, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', &(0x7f0000000140)=0x1)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
unshare$auto(0x40000080)
r1 = waitid$auto_P_ALL(0x0, 0x1, &(0x7f0000000000)={@siginfo_0_0={0x6f, 0x3ff, 0x0, @_sigfault={&(0x7f0000000140)="f64a75d4ad42e9fee398f48881fa924556211bcaa346197e496b938a6efafa1fa664685b0bb986c1b7a541d6b5a23e8a7116ddd3d9e7d86096ba", @_perf={0x0, 0x4, 0x8}}}}, 0x9, &(0x7f0000000080)={{0x8000}, {0x7fff, 0x4}, 0x0, 0x5, 0x80000000000000, 0x2, 0xffff, 0x0, 0xfff, 0x1, 0x3, 0xf4da, 0x3, 0x5, 0x4, 0x3})
prctl$auto(0x1000000003b, 0x1, r1, 0x5, 0xffffffffffffffff)
bind$auto(0xffffffffffffffff, 0x0, 0x1)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
setreuid$auto(0xffffffffffffffff, 0x8)

5.328473097s ago: executing program 0 (id=1660):
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x5, 0x4000000000df, 0x40000000000eb1, r0, 0x52)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r1)
sendmsg$auto_NFSD_CMD_POOL_MODE_GET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000004c0)={0x14, r2, 0x1, 0x70bd38, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x2004c804}, 0x40000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
recvmmsg$auto(r0, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x400002)
mlockall$auto(0x7)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000000), r0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3)
write$auto(0x3, 0x0, 0xfffffdef)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.3/usb15/product\x00', 0x129302, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)

4.667271769s ago: executing program 5 (id=1662):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810003, 0xffb, 0x8000000008011, r0, 0x8000)
preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x8, 0xa00006, 0x6, 0x100000000040eb0, 0x602, 0x300000000000)
ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cefe0e7c269c25cd32701679442d287388dedeedd83d20b9d079d0a971a993bfa4a4499f8631caa1722a7a93bf39c2535ea752a9b05e21efeebdeaa71269153bdd6ba4fac9b230a6653e8cbaf66e11ea7c105"})
ioperm$auto(0x4, 0xbc6, 0x81)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram14/queue/max_discard_segments\x00', 0x80862, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
rt_sigqueueinfo$auto(0x0, 0x4000, &(0x7f0000000000)={@siginfo_0_0={0x100ea8, 0x14, 0x7e73, @_sigsys={0x0, 0x5, 0x6}}})
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000100)='.\x00', 0x595002, 0x60c)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=<r2=>0x0, @ANYBLOB="010026bd7000ffdbdf250400000014001a80ffff04800c0001"], 0x28}, 0x1, 0x0, 0x0, 0x891}, 0x4)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffffff, &(0x7f0000000040)=""/53, 0x35)
futex_waitv$auto(&(0x7f0000000000)={0x7, 0x5d94, 0x2, 0x4}, 0x8, 0xfffffffc, 0x0, 0x62bb)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b", @ANYRES8], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x6, 0x9}, 0x7}, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x200000000)
write$auto(0xca, 0x0, 0x2d9)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
ioctl$auto_XFS_IOC_BULKSTAT(r3, 0x8040587f, &(0x7f0000000300)=ANY=[@ANYRESHEX=r0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYRES32=r2, @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="000000000b00000000100000030000000b000000d400eec20000be0000000200000006000000000000000500004b0d00000005001d00f8ff09002c2b00000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ae26286030704875822d355c29030100551fa2846ba0caee81eb66e42672945b46367c88666f008c570d164450d9d61afb411401fc0fb45b624fa34673ab2173249adede66bf7fa72acbe988079951a2bbd1c47cb31421111797cafc2e1e78f513fa51cf9b3157a6e080199ae9308ff0c859fb0c5e01382ecb2b806c62e7b026d2f1ea351bf5f6fd0d017aeed2d14e4b33c1269f163faedfb99460fb0d745f82a658209cd14d3c3ea9bbc4d10024c948936d"])
unshare$auto(0x40000080)

3.982479615s ago: executing program 3 (id=1663):
mmap$auto(0x0, 0x2, 0x5, 0x10, 0xffffffffffffffff, 0x8004)
syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/workqueue/ib-comp-unb-wq/nice\x00', 0xcaa02, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
sendfile$auto(r0, r1, 0x0, 0x98)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/profiling\x00', 0x82002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mbind$auto(0x200000, 0x48e, 0x100000000, 0x0, 0x20000000000006, 0x2)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, r3, 0x0)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000000100)="307c9b140d", 0x5)
r4 = open(&(0x7f0000000000)='&&\x00', 0x595002, 0x408)
r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x6f2a, 0x0)
write$auto(r4, 0x0, 0xfffffdf1)
linkat$auto(r4, 0x0, r4, &(0x7f0000000280)='&&\x00', 0x1000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xf6\x04W\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xed\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\x9bg\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0)
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/open_files\x00', 0xd00, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r6, &(0x7f0000000180)=""/249, 0xf9)
mknod$auto(&(0x7f0000000040)='&&\x00', 0xca, 0x6862)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/anycast6\x00', 0x101940, 0x0)
pread64$auto(r7, 0x0, 0x1ff, 0x5)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0x200000094c, 0x3)
getpgid(0x0)

3.871227674s ago: executing program 6 (id=1664):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4090ae82, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x501, 0x0)
socket(0x15, 0x5, 0xfff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0)
ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x10007c)
pwrite64$auto(0xc8, 0x0, 0xfdef, 0x11b5f095)
r2 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r2, 0x114, 0x271e, 0xfffffffffffffffc, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/raw\x00', 0x6466c1, 0x0)
pread64$auto(r3, 0x0, 0x201, 0xc000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101181, 0x0)
write$auto(0x3, 0x0, 0x100082)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lapb5/mtu\x00', 0x226201, 0x0)
get_mempolicy$auto(0x0, &(0x7f0000000140)=0x100000000001fb, 0x3, 0x400000000000085, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x1e, 0x4, 0x3, 0x8}, 0x6f4)

2.836773569s ago: executing program 6 (id=1665):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x40000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/fs/suid_dumpable\x00', 0x1a9442, 0x0)
write$auto(r0, 0x0, 0x0)
socket(0x2, 0x1, 0x65e)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x9, 0x2, 0x300)
setsockopt$auto(r1, 0x107, 0xf, 0x0, 0x6)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x12b901, 0x0)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x19, 0x0, 0xd076)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
r3 = fanotify_init$auto(0x65, 0x2)
unshare$auto(0x20000080)
capset$auto(0x0, &(0x7f0000000040)={0x40001, 0x522, 0x8005c})
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000280)="b423451d622f3a49584aa4b59ab87f16b05bdf8893e2c9da409fd6b5c9d621084068fcd3b303061ee1896c61eba9beacca97f40a159f925a81cbc0efc79d39170bf2552c7bb8ec1821110f964850db9daa30aa9c2c1be00b80d10a479060dd3520daa50e889d0de34f493195657b1d17cd56c0affd531d1c4d550592c210440422e98e", 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x9, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00'})
socket(0xf, 0x80003, 0x300)

2.274572039s ago: executing program 3 (id=1666):
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5401b0060c100", "70d9a9a3af9f39d000000001", "ef5a00", '\x00\a\x00']})
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e00a7"], 0x1ac}, 0x1, 0x0, 0x0, 0x40080}, 0x40000) (async)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) (async)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x408101, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b73, r2, 0x8000) (async)
io_uring_setup$auto(0x6, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x16e) (async)
socket(0x2, 0x80802, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e23, @multicast2}, 0x55) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) (async)
fcntl$auto(0x3, 0x4, 0xa553) (async)
swapon$auto(0x0, 0x6) (async)
quotactl_fd$auto(r1, 0x200, 0x0, &(0x7f0000000240)="d70c3de76eda7326") (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000)
mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2000, 0x9, 0x0)
socket(0x25, 0x2, 0x4) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
read$auto(r0, &(0x7f00000000c0)='\x00', 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)

1.853889571s ago: executing program 5 (id=1667):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/net_prio.prioidx\x00', 0x103200, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000002140)=""/64, 0x40)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB='$\x00f}', @ANYRES16=r0, @ANYBLOB="01002abd7000fddbdf250200000008000300", @ANYRES32, @ANYBLOB="0800400003000800"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80)
socket(0x11, 0x3, 0x2)
mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mknod$auto(&(0x7f0000000b00)='X))\x00', 0x63c1, 0x7fb)
mknod$auto(&(0x7f0000000340)='\xe1\x9eHU\x00', 0x63c1, 0x7ff)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r3 = socket(0x2, 0x2, 0x1)
sendto$auto(r3, 0x0, 0x100000000, 0x8001, 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000001080)=""/244, 0xf4)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007)

1.759949781s ago: executing program 6 (id=1668):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000000000)={@raw, "7bef88e1d7542662294d8a38d4646d409813a3cf53e0879b9cb214b233b007e1848170be3ac29a129b99c8b9c66118c30b4cdeeda34e4fe704543ce934148c003b7d2e9d6f5070e4401bc9967a9862b664e46aebf2aee79cf6a05221d07a8c78b652d4fa41fb83304acb133c20ada1e3565a0b2d16dfc63505807b34f80f8e7433df9c69860b81f98d1214445039a9998d50934d737ff123065c1afd417b28a5b130faacd64fd244904dac09b4e6e8af78633d774a2203bb309602a5fd5b75d184ee5c12355c8972530dc18281f7778be3b328c7957b58c822e406b23efd9a543fa2fbf7725bd1c3dbb443ddf9b2e0b812edb63d3084d3a6a781f36104fb97e2d86d3f2cf1a7f3842c772a0d178ea90d7a9db348bb08fc7a1ad940058f2688923987212087719a8ede184b43b8d49f3fb7848284714d4def40cb11f65c3b81ae24807bc6322633584e4a2c09624eab400af137103a91f2d009691d3fd5a67f0228922965e88b80c04557235d78684a05b665efca1e81b06760b850db714bbccc6e53b6623d48bf079a967f05feaf0f17f9e9a67f2de35793e8befe5438cb4080cbe43cca3c4df31a80b07662e2b944660b5e8cabf8af571f634357429b849041ced9f153b905c77b286c42e9604fe545a08d14821ea3cebd2452d6bc1c45f443b5e3868d93ef7223fec4fe2ae7153e10b45b9f89bbb4e352035a914cdc1257bcaa795a22f04ecf911797d74bf0ae2d8ed644583051ee349a592b042640d8893bc6ec13c5089625299e09ac11aa6c19eac4b19f05480a319be508f717403a197edca1cfdd9c29595d6f546564be5b093c3c885bafbd280b48c2b8494529c0d2273093d20f6460f41b1d93a2f2a443e61716cc617c4670261c725909570e7f4acf8726232a8db9944b012872163c8a0fc8194d405ab08c30c45cd77fb31a8bb04b94278716cf9ec897aeb15578ec9a82a56436d02e7923e9eabad2d247dd6f31fbb8df58cea77be0a2ea778077ef3d68e79cd9070733803acdfca4a03bf9eec319243df69a8ea09d5bcf389726f5c5df81934831fa0d8512787f18c240a610bbef41ae0876d88ef873a0af634532c4c1d020e8f0a444f30a00281a3dd5a7667fb27c32568e8dda6188a81aae861db7646ceeeeb4a941605e470da5bbea0f44c1598dbfa8116019cd0c5028e5f1c921f22c6c92df00626fd000de63b66a60553de1aa7cb44d56b0ad38c0edc661d3d2cd4dc4e4dc8d1761db0ff55d9932182cd5209e38ece9eee1fe0435be9cc12badbf01530aab9577daa8d417121ecf51be38334894137381e4e57e0f88e1e201c5ccba3dcc38c1a8c16ed101cbf12a1f6c9daa378e9bb9b9fae42e42de304bb02875e761a7aa775057e3415b3a52f1c2ac0ad63a523b4550f287d5637baa9fea0906bd03cbbc247ee533851acd8ccff13645aa66d0136d47019f9329f67ba4f9eb76c64dce59012530ad5cb7f7f2ffcac30690aa113ba9aa0c6e336c6b049d258dab203f90b575315b9786da7ed6cacc12fa1950757c4798b3835d0c0cd0a3ff4d5575b42c4964c5436cd166e175c10321dd9da5c6b4cf4f3201e898b6afa7198ee3142602ac053b8b4b0664c51306395d0d9339d7a9e4243d8a7a19a16f439f321799d23d3d35f31f7de40d2cd5ddfc452c9ba323e747bed03818297c77dd2a5bfa75bba444d19b8c2da83758cd0aa2d4ecfd4e0fdb9d229ddd8b65a4be966d0683b476980ae229e01757884b353fcbfaf7fd0e84d13731e4a3e469cd508f7bd17523247badecd180b6e3ade32ec42b9a559ae58ae18cc2477de1376f46796a73dcaae036fe8c9130ec5a66fb3e59142ae62ea5a69c007d06d298d3376fe23d33aaa269b2196f29e5da6bd70da6fd8ce9a6cf5d362b4315cfb666bf72a5cc90ab938e62816f8acdab2c0376ce4c76b3ba3d9723bda222f3beb70d80ca27a886c5f1fd85966af9c259322902d58c560d984060467d9139df9d13f420124b31be9dcafc82ed80eb448285981fd48b7f88608ba4597b4f9d4fc12bcd0df21e9ffeee71982e822449b68fd1167bdfe7d732683ca4f16ff19b8249c5ed95fdbaa1dd7021b0e12a9df3fefeacd2e9fed6d7c2422722ec6381f9c428e54c15240d60ec8afc4b07b91a4911dab9baf7889da24db405bdb838ee2ed0b7fec56c8ec5308af75592671d4c894d30197ead299965e6071e13387cf0b887755f2f389646ee81891247d6501dec5860472dd22528328e470ae5f5a5f76961b1ba3de681ac910792a6a99a1a5aa9294854d0344c419703d556fa5e75efb68c6c3e55f9f17346612a818a657dbec852a11a6e0473caf16b8c559c0ec1401506318c9f950672b1e3b8b980f1fbf2c3947723ee73f7dd1843b8b71a72ff35199ec7df91a5ef788bcdded640d1a3e014e1bc9292ae82b421c0dc8c175ee252737bb87769cd2a860065167c62a79e752d27cd4f29b2a904f3feea045a888a0fc1308978c5735942750adadcf9602a987518410cf279ea0209a61925a06eee00d91a49f2e2366e65c7fd482ac062fd098abbfd5f361e3999680476f4a4a242bb6e262bbc7e226bbf066c69bc95ac425f19999ecce87b6ed512e9788620cca8874fd1fb45b1fb23b5a404036b2e60a291c9ea189568211446d82b5c2d8b347ca71cf0a6298c407ac5ab0adf8037315d0280e778c7a451384a877048582731027e3ccf2539eda673550724162fbf4e27306afae09c64ac3b03fe9b8a8817b61c3f08924bdde26018c36dc3d746199ce18902c4cbcb5560f2662c460a75fafd73c5d3d299c9135dd52a3be7b2da12adc9dc14cdaee1793e59819399a677c2df38d755ca3bc1703cfedac291c8e7864709755444b522989affd8cad6957e3674afc7e837440e1ae5978901f817b154229238b768eb606ec11e46983039ec1b3053998bd380ebf433d8db76d92627d5cf3f35b96cd3fda67df9438249938ca8f82d3c23427eebe20c88cfc29ce6c38ed9e6f199298ab53c3999c5035909c124664fd06280e9de01f7e745d0cf81ee94a98006f54d0925d7b6d9e0acb329f2b8b4211589f547a7003b9826cb11828f2e774fefd69c16530b13cea6e44f2ffb24644591921bb51e83e659cc0b914133233110c66951e71c122ea2afc6431ad1a48e8b98166f0221c547d338c856c795da78bc3c1874ec07ce8627c795c73d4ee9d3eedee2465a4d7680b10b654b522668bed2fc6ccced2a346719161e7a48e359867c23141c2347c788128aa6a9acd650d954c3a9a4cad6bc9c99b94add852e0f367406b46fe0542d99471eabafac9c94b9a680c05823a99e9e37ccda61dd80b060de006643e5987000c06e4d5c268cecd291a354644f7064cd0f9275dbc286327ddabf0be31b6cecab9f60c34b83c923216fda8b5fdf1ffd3b904f4a47c32590d764ee2d200a88484375e04d166fbe9efb133baf28c22f226e11aa104498a25cd6fe9ec0d1e2c74e2fc873aae7ba5d5cc6f60e7babb11d3f982c31f867becd689fd82db6107b745c8cf44dbaa6c3510201900c7f8f36a772fd925aa810afeec6dcf6f80b3daddaad42db2eecacf7fd9d110458d8c3e3bef9b283b0a6efd469dc84feda8eb7aad08b4c2a87daf6c162803b107fe7dfe779a7b9ee3fd0b01ea6d3c39f2796426ddd3391c6d4a1fdb897dcd91389d362515a93871adbb752266f7bcd91fb4bfc1a93e59c79f95ea34864c8bad532441b657d3370d88b44e3db5c019c9a79da98726955fc56108b8c8d16a9c5b59228f7448a2d0af23791fd389efa77bafaae0b4bd452d6170728706e99f4d00c1e5b001db0064186f82ae0a218b7cc37367d2d13a43cab3dd447f707267c42c898c74a871f01e8f4cbccb3a9dec3ac97588f648ab31426ddfd0079565377e8a6cd7bc035522a366da001e3997c0624171a01c73636e30b245e6c2b9fde6515cccd952290b9ed7ce8bf7d1ba81b61e3a397748de166a5527f8f41e723f79bed4b672c75d3bcfe2dfcf1caf4c866f00cd326eeea00acc17bf2b7959745f91e9000b79c83493b645b595c9cde4ba26bcab7f6d02eb0c8da4492802709788e2e4ec9fdc838264ffaffb29874a686a2ea45ddea4e68632d0645fa7e34f1b92b365560431ea46f2e05efb5a1ee10bb9c4d1ecb6a01084c712375289ee63d99cc58a0f87b53d1b5e9728aa3f16806f11ff9d2d1726141998eb0c6b0d455506d8feb48708c9acc9d77714b3eb2b0097d3aa35602d47be2b673cba048b8174f7dcd00328623b86e8388efa5762744c49ee72adbd7d3ee85497e95a017bab670a23777195fc742c4f659a5f4b535a204cdfcb564b38c9f77e9dfe8b6f092a7387804e257f21e4325ab21fed28477f600b58b97741a0177a7ea2f49f37bb6988e46cb68811852b5249173aa53d69ac745860cd615880bf4495df77e4089450993dce9b46f2290b9b3eda97a5ef5386ffb7354132c2958b47208b29c25868d8e360807ddfac4c4c935e20be7f585cb2f52978defd57df6858b82a3c0ccc3569ea6a8987560a89fcd5362dff93e51e0f00dad1599e99b43786e649b85eb830194b16abad9cf05168ec7bfccfe8951f5b830ad6e2b85c24b240d36f374c85bca3f3d1f27ff59e82acbbf6de47dbdd8d9b54fee7744ba2d352f0342d65e06ac9f98b35e92b737fa33d30b364fbf1c98419b59895904af50dcf455683305e3c8fc2caa2a493e7dfc7bd62696ebc7dd82bc4551163bb17aaf8183cdd9c048dbcf84f04d542c743d4295c2adfa1466b7947c99310b4def809c1a1aec5b747eceb142c66723eb22a2e21e2d85024b7466ff0760b1af3dcc5707961d9b1a92fcf9ed362093f20f415e9355ce872f07df98175182579df913b020b3aecae2a386d9ac1a63754bb61def8c1979cfc7e6fe19295f35ea4913622d5678cd7d1b3d248bbe78ea689bdb6363e7647c9fbd5e9b3883f8a81b535400b6b9537ff2f5c511f90885e6725ce3c48bc8e0ef943c3ce2296a49dbfbda6d45cac3ea321731905aa55bbf174f1c47173d368006e5ecb56002f715a589d2576589aa5c746c9ae7166ff1ed9208e874a2743beba992cdda7e44967906a9e4cea04051775e8c99628c1095990cc21e176e389d68ef0756c865be0314498f347f084b10301b0b2b8fb47d724aed3c6982664e47dede10450169340354469463d84fd62e82951765eb0164f8a73fd8b69195be764abcc9bc18648070e337d51e8a835c600bfdb8b779fb5b4eafe0c922057b2b03d5d8403e8cf65c747360e98122cba6fb8163d7c74526885f32f311d4fd8385bd102cba27969b19c42d735dbdae078dbb9bd684515a8321c5122eb022314ec47b828961fdddba97c438d87eff4cb942824e6c7237fd09a68008f0839350cded6a903d95f72aceab854bccc464b631b380aeef6a8072a1e4038bc60f44ab266a9f3923333898716764a91e3f7713f964bf60f8e08541a2da0ed6b626d0e327886b1d36cb70161f65ea4be9fb3a63d19b6dcc6b32deb5ce125e9cc7a722ecb6027fe33c515bebac4dbe0da477956d32b62b3c3447444be4323130fe71dea2564b5104a82c022dc883213ef85614670b4540f918958904f4340561318b0193c7c5f222b9f7cc1d308fd8e8e0eb16118617451dc133b5bd5ba89e3adb83d4a3c4aec4290766223bac268fbfe4a24fa0548a1cdbab464d238f8850e4c1666cff0d9be38a23068c31f39a734769cbaa35e26f782a4d6c0483b667b127ad24351c3c455bfc1d34593616"})
mremap$auto(0x7, 0xffffffffffffffff, 0x3fda, 0x3, 0x7fffffffb000) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000001380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xfc\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\r&\xec\xb8\xb1Z\\\xc9L\xb2\t\xddbH|\xffGP\x97)\xb9:nqn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc$\xa0\xa5\xce\xca\xe1P\xf7\xe5_\xca\xd5\xd8\xa4g_\xb1\x88\x8cAJS\x11\x8b\xd1%a\xe5DPk\x8c\xf9\xfb\xe0+\xdb\x12\x10.F\x00\xc37\xc7\xbf\x80\xbeu\xe1V\xb2\xc5\xc9\x1a\xc7\xdc}!\x10\xb1\",1%\x0e\xeb\x15\x15me\xe1a\x03\x18{\xb03+\x93*vB\xc6\xf1\xc6\xff\xbbt\x04!\xb6\v\xde2\xc9\x89#\xbaR\xee\x13jF%\xf2\x15\x9a\x82&\x89o\xa9\xd9\xbfFY\x90\x8c\xa0\xe4\x9d\xa2\xcd\x9a\xb5TC\xc4\x9d\x9ePb]\xaa\xc7f\x06N\xc5\xfa{\x02Y\xae\xf4(\xaa\x06);{?\x1e\fu\x19b\xdf$,\x01\"\x94\x00\x00\x00\x00\x003\xcfZ\xaf~<\xba\xb7\xa03\x8c\n*krS\x19Q#\x8f\xfbW\xad\xe0\xb3o\xcb\xf7\xda\x87C\x99\x1a\xa8\xc1\xe3\xc6%\xac\x01@*\xa0\xc4\xedn-lT\xe6*?\'\x9dW=\xa7\x03\x06\x83 IT\xa3\x7ff\xb6\x95\xe5\xd2\n\xaf\x87`\xce%\xf6 &\xa7M5I\x9c\x17h\x8c\xa4\x98\x16\xe0\xd9?Y\x7f\xf6\x85_{\xfd9p$B9_\xd8\xf4\x0e\xd0\xfa\xe7\xb0\xb8\xa0\xd7\a\xff.\"\x81\b\xb0\xb4\x84\xac\xad\x1b\x93~_\xea\xfe7\x03\"\xd9\x1d.\xe5{bHX\x14\xa1\bO\x03[^\x85jP\x89\t\x06GI\xb7\x99\xb2zZf\xc8\xd4\x8d\x1c\x1e\x03\xb9\xa7Nt\xae\xfff\xf9\tx\xae\xa8\x05\xb14\xc6\x9b\x1f\xd3\x01#\xc6\nb\xd4\xb4\xc8?\xa7\xe2R\xc1\xcf\xd2\xbc\xae\xd1\xc2\x88\"\xf3\xf0\xc0uQy\xec\xfab\xd6\xcd\x16)\x19*E\vm\x8d\x1bG:\x80\'pJ', 0x4100000a3d7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
madvise$auto(0x0, 0x200007, 0x19)
pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0xa, 0x1, 0x84)
bind$auto(r1, &(0x7f0000000040)=@phonet={0x23, 0x0, 0x3, 0x7}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0x0, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
r3 = pipe2$auto(0x0, 0x0)
statx$auto(0xffffff9c, 0x0, 0x1000, 0xbb, 0x0) (async)
vmsplice$auto(r3, 0x0, 0x2, 0x2) (async)
unshare$auto(0x40000080) (async)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) (async)
open_tree$auto(r3, &(0x7f0000001000)='./file0\x00', 0x928) (async)
ioctl$auto_XFS_IOC_COMMIT_RANGE(0xffffffffffffffff, 0x40585883, &(0x7f00000011c0)={0xffffffffffffffff, 0x0, 0xbcd80000000, 0x1, 0xffffffffffffc0a7, 0x98, [0x8, 0x7, 0x4, 0x1, 0x1000000000000001, 0x7fffffff]}) (async)
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000010c0), r2) (async)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000001240), 0x80, 0x0)

1.495744064s ago: executing program 0 (id=1669):
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000380), 0x20200, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffff004, 0x2)
socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond0\x00'})
bpf$auto(0x0, &(0x7f00000000c0)=@task_fd_query={0x0, r0, 0xd, 0x7fffffff, 0x4, 0x8, r2, 0xb236, 0x6}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4)
r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r3, 0xffffffffffffffff, 0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_IPVS_CMD_GET_SERVICE(r4, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x6, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r6)
ioctl$auto_KVM_GET_MSRS(r5, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000105, 0x400, 0x5891}]})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x22b42, 0x0)
clock_adjtime$auto(0x0, &(0x7f0000000040)={0xfbb, 0x0, 0x7f, 0xfffffffff7fffffe, 0x602, 0x8, 0xb, 0x0, 0x7, 0xb, 0x1, {0x3ff, 0x7}, 0xfffffffffffffffa, 0x200000a5, 0xa, 0x0, 0x0, 0xc3, 0x7, 0x40, 0x5, 0x90, 0xfffffff8})
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r4, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)

902.276604ms ago: executing program 5 (id=1670):
r0 = openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_cancel$auto(0x8, &(0x7f0000000040)={0x80000000, 0x454, 0x401, 0x8, 0xffff, <r1=>r0, 0x9, 0x5, 0x0, 0x0, 0x2, <r2=>0xffffffffffffffff}, &(0x7f0000000080)={0x3, 0x8f, 0x9, 0x10001}) (async)
r3 = prctl$auto_PR_SET_MM_START_DATA(0x2, 0x3, 0x0, 0x6, 0x0)
io_cancel$auto(0x2, &(0x7f00000000c0)={0xfa3, 0x0, 0x4, 0x4, 0x8001, <r4=>r3, 0xa4, 0xb5c4, 0x5b, 0x0, 0x1, <r5=>r1}, &(0x7f0000000100)={0x2, 0xfffffffffffffff2, 0x9, 0x2})
r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r4) (async)
r7 = wait4$auto(0x0, &(0x7f00000001c0)=0x5, 0xc, &(0x7f0000000200)={{0x3, 0x80000001}, {0xf, 0x2}, 0x7, 0xd7, 0x5, 0x5, 0x4, 0x9, 0x2, 0x1, 0xfffffffffffffff7, 0x0, 0x3, 0x1, 0xe0, 0x10001})
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r5, &(0x7f0000000700)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x104}, 0xc, &(0x7f00000006c0)={&(0x7f00000002c0)={0x3d4, r6, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x87}, @NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x7f}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x5}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x8}, @NL802154_ATTR_WPAN_PHY_NAME={0x8, 0x2, ',++\x00'}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xffff10b9}, @NL802154_ATTR_SEC_DEVICE={0x380, 0x2e, 0x0, 0x1, [@generic="e84c30e4063e6daf8fb7b2f59c547a9123eca7d6ba2cc67503ed2dd1fdde3c9b55f9188b726d3664bab89c0dfdea5640bc56fda075ebb49814852e5dc9663a10491ceb5fa75a9dd83f8a69030e492185eb816d99ed90a2d3a2f9848037e506b4f5620fe2e516cb3a324ce5d60456408ca19654437c9dae244236533f17a1e08abe8d93b4902c84d26afa6bb5ce671376e85adcd46b99bc772ee6391975a601eb5ed1b88eb1cb94c236c64303dacc0575c1e6511dbea432e9356f81fa7cd4490314f24c7dd4c5ffd1ae0c5223801877e6915b4a1fe76c81831f2d9ee0122567cd7544eb5993a5f0c5f4b723027f7efbfbdf52cd4ffa", @typed={0x8, 0x78, 0x0, 0x0, @pid=r7}, @typed={0xe9, 0x3, 0x0, 0x0, @binary="44a24c4a44d7167a8e5805dbcfe3107770a39808395ecba69eb0b82cda735e8cf4dc139493a13e19005ca2c867787b761c7981451f01c2568677b9d50d10c05159a93d444ee74f057cc4c4c77a7e5b5afa53e2cea69c82ce7118eda42143a3a5e4810ffb443795887e411579c29de9e4989ad412c9814152e23e138ef88591eaf74f7c732447edd3bee3c0f898178e78466e4f393ca37eb6fa7112c56c99d8f8e4ee8c1b2b5839bb714b3116a37cda4c9079fd6d6945892fd6a9ec0256c7bc9493f39d3eb883cbeb12fb69114e761aeeb7c1ac1f5665518c0244f732c34b6281c34a08f860"}, @nested={0x47, 0xa0, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @u32=0x4}, @generic="916e84dc9b2e9de1b049349b18d3d18bf97bc7847b25fd9f00626e736e15c38a106087774c9d175ddf22ddb4272a9b6df68f58094b1e6f", @nested={0x4, 0x145}]}, @typed={0x8, 0x9a, 0x0, 0x0, @ipv4=@local}, @generic="9d904d92fa6f8626415c04cd7ed0a6160ea05037dd6357ae7ee35a1580127e1417cbd1b44ab8cb6ca0249bccc4598c47c8b03a5356402abdaeb910017f9dca00c4e7c868cb0e85a692a847efe68b6b6a860436110c33a23eca16bc6b18822500f97a2f5a1092d113ff73c20380a8468cb14cb6f51dbdb37fab3de04b6412351d455c4bfdcfd19ed08a1c336d106aabaebae6ca6affede6fa0910e0396a1edf81707c26", @generic="fd154b0d8fb2f033ca543caeb7f36e7afe948452a22b6f4d5a67f3d7a80d4a40b74638aee2e161a86913219fe739d830fe8a697ec13aa2a8c913c2f410543c166274137f612f29a6ec3419b4fd7314e0c70fd5beb4adffd65fbe8f95ea88c419b2090249a1acd72375a013412955cc583b2dc5f11431a7f22f330aeab3e4ca7fa271aedb85237cf88ef431904c17d34b", @typed={0x8, 0x2, 0x0, 0x0, @u32=0x8}, @typed={0x8, 0x145, 0x0, 0x0, @ipv4=@multicast2}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x9}]}, 0x3d4}, 0x1, 0x0, 0x0, 0x4000001}, 0x20008000) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000740)='/sys/kernel/mm/transparent_hugepage/hpage_pmd_size\x00', 0x80241, 0x0) (async, rerun: 64)
msync$auto(0x2, 0x100, 0x8) (async, rerun: 64)
r8 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f00000007c0), r3) (async, rerun: 32)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000800)={'pim6reg\x00', <r9=>0x0}) (rerun: 32)
sendmsg$auto_WG_CMD_SET_DEVICE(r1, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000900)={&(0x7f0000000840)={0x90, r8, 0x100, 0x70bd27, 0x25dfdbff, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r9}, @WGDEVICE_A_PUBLIC_KEY={0x2c, 0x4, "a19f9b67eb41a5a0149c0a20a7abe11e2234834c141d88246ba2baf20d502232db728e5c714634bd"}, @WGDEVICE_A_PRIVATE_KEY={0x46, 0x3, "1d735b9f9a9db3418cc340c750f04f0275b91f3fcc4b67c9d5c17ea6cc0d1cd1157c8543ad64d18a0543fa0133da89707d5bb2200d7be0f22f1a31b281cb0b7abe3c"}]}, 0x90}, 0x1, 0x0, 0x0, 0x40048084}, 0x48000)
timer_create$auto_CLOCK_MONOTONIC(0x1, &(0x7f0000000980)={@sival_int=0x9, @raw=0x1000, 0x8}, &(0x7f00000009c0)=0x49c7) (async, rerun: 32)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/sg1\x00', 0x200, 0x0) (rerun: 32)
mmap$auto(0x4, 0x10000, 0x1, 0x10011, r5, 0x8)
r10 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000a40), 0x480, 0x0)
ioctl$auto_FS_IOC_FSSETXATTR(r10, 0x401c5820, 0xffffffffffffffff) (async)
r11 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x3, 0x3, r7, 0x7fffffffffffffff, 0x4)
r12 = fcntl$auto(r11, 0x8, r7) (async)
getsockopt$auto_SO_RCVTIMEO_NEW(0xffffffffffffffff, 0x1, 0x42, &(0x7f0000000a80)='/sys/kernel/debug/bluetooth/sco\x00', &(0x7f0000000ac0)=0x1e) (async, rerun: 64)
madvise$auto(0xe2, 0x7, 0x9ef) (async, rerun: 64)
syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000b00), r2) (async)
readv$auto(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000b40)="0ad7f18e377054bb70b0a3", 0x4}, 0x2) (async)
r13 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000c00), r11)
sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r1, &(0x7f0000000d00)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c40)={0x50, r13, 0x300, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_PMK={0x22, 0xfe, "e36353fde25eed0fe50b7f87f482681dfaf2bb5626fef380747fc8a274c8"}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x40}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x4804)
io_uring_register$auto_IORING_REGISTER_IOWQ_MAX_WORKERS(r12, 0x13, &(0x7f0000000d40)="dd1243615204485ea07dfab37c490ca7a6c748b3a5", 0x4) (async)
ioctl$auto_SNDCTL_DSP_PROFILE(r4, 0x40045017, &(0x7f0000000d80)="86fdb038b9c49a77b145bc1f9aed02005c1a882f1361f74f6a1df0ec06717fea6a0b87c5fce441b16a4cc64acc21e99b26167a5215430d8b2cad824be268186d61b7e591b4a4c53a074047b837b2f13a478717032cbdf5a9b823e88404ce9f25c417e6a8ea") (async, rerun: 64)
r14 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64)
r15 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000e40), r1)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(r14, &(0x7f0000002480)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000002440)={&(0x7f0000001000)={0x143c, r15, 0x4, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0xe5, 0x6, 0x0, 0x1, [@nested={0xbd, 0xbe, 0x0, 0x1, [@generic="25fc10a2d65c16cef3937ec882ade0cc565c05a5fc0a758b9bb728c3a3a495e6d87211223eac04cfda753e1e474923686ac4d58c7eb097a5f4fcc6e6af11ed3b342e70e70f62a9857ccecf3f67e6bf251a6cd1915165ad9698e903893406dbacc08791d05aba68cc37286baf36fa447047c3ba93645494611e0a790aed8d0baed1901e0121f7902db0d19f7a119cbde587d3b3b250081c43856855332a23831561662d6a578a734879936ef8266b7ad1509a09f06621dd45e6"]}, @generic="be9a79b16df91908f27447391c462762c547ad20996012f3d0db6a5c9f430986c3"]}, @TIPC_NLA_NET={0xe8, 0x7, 0x0, 0x1, [@nested={0xc2, 0x3a, 0x0, 0x1, [@typed={0xe, 0x15a, 0x0, 0x0, @str='${-^!%%&}\x00'}, @generic="aba8a5c2115aeb5a02e5b061d95d57b238878707e8e4bbd0fe3224b78456cff7a63b413bdebe91c2c90df32f5f4768c407b50ff69cbb598e1e8177c011e7cdbdbc06513e0a3faae396f114599b05dc726f89292725fd", @generic="ee36ee9dc7ca49e70d85c45a4d59061ce6699df2019b052c87379ab35499d8d1a7f9cef3499c9e82ba1a56adcc61a5c80321d0637167cddc30da5c3c", @typed={0x14, 0x27, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0xc0, 0x0, 0x0, @pid=r7}]}, @typed={0x8, 0x63, 0x0, 0x0, @pid}, @typed={0x8, 0x141, 0x0, 0x0, @u32=0x3000000}, @nested={0x10, 0x7f, 0x0, 0x1, [@nested={0x4, 0xe4}, @typed={0x8, 0x11c, 0x0, 0x0, @fd=r0}]}]}, @TIPC_NLA_NET={0x8d, 0x7, 0x0, 0x1, [@typed={0x8, 0xf7, 0x0, 0x0, @fd=r10}, @generic="199df2f72eb1b8694c74f101e20c871cc46ccc389918e1e136a12bcac6571ee251eddb4ec9a2b82bee316f3f0b554166aec1dd4c1349ed14a6b3d9f4fcf1a6014abc0789556326e33e8f2702e1da3efca195e81c2ddb41d66ded04cc3d1b071ca31f341581bc62eaa4b85b3000271834cc", @typed={0x8, 0x90, 0x0, 0x0, @fd}, @typed={0x8, 0x6b, 0x0, 0x0, @pid=r7}]}, @TIPC_NLA_NODE={0xc8, 0x6, 0x0, 0x1, [@typed={0x14, 0x48, 0x0, 0x0, @ipv6=@loopback}, @nested={0x97, 0xe0, 0x0, 0x1, [@typed={0x8, 0x5b, 0x0, 0x0, @ipv4=@multicast1}, @generic="c04636900141fc4c0567279c1b06f4bb680ddeafa0775c9709ab24d16d0facbfe0edf477fcdc56fab3d037c435112e2771e3025ff46266177fd5e157a7847e1bfd34e40b874cbe46bee47a2b0a3284a511a8bb6e87b5a8ab8088394f8bb26c3c5709c1b86695bac7f45ef776a50996ff87928446e23c36b04535940e529e72", @nested={0x4, 0x4d}, @typed={0x8, 0x69, 0x0, 0x0, @fd=r12}]}, @typed={0x8, 0x32, 0x0, 0x0, @fd=r12}, @typed={0xf, 0x78, 0x0, 0x0, @str='\"%$#,*[)[,\x00'}]}, @TIPC_NLA_MEDIA={0x10fd, 0x5, 0x0, 0x1, [@nested={0x8b, 0x9d, 0x0, 0x1, [@generic="426e14e52ba4ebcd3df1d0c0a91d623eb152f2646f047f1a80547fb356da15d4fe9c336a1f6a", @generic="6450945af605e0a4ec3c36e584f47da97b81e33bcbc34b31d1e18bc494f7ab5ddd8d51aaf923d65e9aa5a807ccadbf40c8743cebc26cdcd44bab7ca0ece6d4f8983b09c994519c90ae7450c7ae9511b96a3cbad08f23dcd63ec6f88483", @nested={0x4, 0x11e}]}, @typed={0xc, 0x76, 0x0, 0x0, @u64=0xe9}, @typed={0x4, 0xc1}, @generic="197dcc7f6e99bbf9283fdc5de524bb8f4bc03641fb05fcf47cee446966ad3c618f", @typed={0x8, 0x81, 0x0, 0x0, @u32=0xd}, @nested={0x102c, 0x70, 0x0, 0x1, [@generic="81eba29ecd4977435ff37eca7b42dd5afde5b24283ec0a424134852504e0eb2737c7eef3105e15b2b9c1a77f8524d46f5d168917173b43752fd1c452635c8c59cff04088f1745430fa521356b483d874d147cdbf9ac4e20fe02bbcb5315c21566e354a72bee5d1e4d1dc5265e03c7f09bf36af03deeaa46dc0edbcab09a26cd68ca8c9a5540d70149f30c432a1304b3025d1e7d15abae2267ae879b17c1854d21b1df23853806ed27d179b5c3f83cfbb382c457d246da34592ccdfb5443af43a0922d5d2f0b7395896e900ec2c80259566ba64a1a1b61c0a2005f751320194c47ade8284aab7ade6049cfc7c0f738b4ca3e4eda7c57eee762f4d25281259549eda6122df3e97dc845a3ab8504b5021a3b7f93da457e4c450ec99570c5ebeae6dfb1735a97828b0a088fd457c7b21a014e214d8da1bb192d69f8a08c6a233c8c804a02f867c801f06a571a29af1549ca28e80babdc319cc2b0ca59940b2521ed2825b6f89c9b5eee2c8cbcb9cdb74ca363c99d93540fcd7a1a57afab5a4918f726e2f3b2f1e5e3f232117c7d180083f9f40ac131befb171c1a9f926ca13461d88670b55dc4f0336640ab5b43dfcaee9365edfb2e9e3b15efb242811bf329e1e746340f9f23c653618827e8f4b9119869fb7a90fbba7e8507562607d5288bd2e9ae62e68f9b25b2059c4f1951a2e083f5bbcfe61cc2d4723965aeff77cecd6495179a23378f3648d3d3ae75d7a11c515b82dee6d5fed8cfc40df36be7d075901345cd912bb71d7535e0be5c297e8bca4d2288b63f5dfba23b69c7d7a33c1e5884e5144a3c3ba3f426c98d717566f1a46929fd7736e86c3c441c776485a8bbd221d8d301e87063b5d2b1f8b7015828fac1bb8349ef276d4f830164df1d07dc79b02fd2a8cea9355ae90634cf97fd97801ec89f846536a61d36ef5e5692b2d0d610e908135048f43e26c13bc4fdb4debbbefd035cbefa132131690c76be6991e05576ba85271cfb5962fd7768df1fbb2a7ddab1243d7dde1d2f6053e2999eefeef1347814f63c918fdefa526921e83d4ee546ccd00c2b395829a413ea2123283db5b78af36b54d9b19a0aef64c3700bb91827ebe2058e696aa200a199ca2b505001fda03c15e1726e4922adf22ebfe2def67eec07bb4718de173640237f5987c801eb0ab0f0dac8ca1275298f989a74c312c323eeb6941a9b671babd002aafc3b820f4c2b6b10662471f7b7fc794abad61da17cbd4766ccb8b49c57797cfd430fda733eede171b2774812d5cca6df11edb7e16d505a79b262b4d1b6b139cb2a240058db87ec3d38a6879df97805a80c9afef8f4a3ef81e5b6fef12acfc022d6cbe3d4b3fbe94a58f14dbe25b64465a645441f145de926da7563ba9d12c31838b24150de74262351c04f30dcd0faaa12d9d30bf5a9d3e153ad9a6e9cbf1a665a15d565fc1aa4fc6eafa8c50f67c9fc11cb9393b2b991a66ab973dc9bfb57ed51e30f5c277b15dbd1cae2c9e99652ebc3ba4b7c8eabf6846689c46f3a732aba82dc8d59657ba2d0f92e6a664f91d66fdd8d73d1d12773d55d022fc174a15e560f09eabce66b7dfcdcfe6f159173811efc57be60e6222a43e02a327553afdceeeade1beb32986454dbf2a962f870e7f8c7802253297e3bdd13edd10fea8908b527a6c2dc2ba98bfe7dd93c32533c183b6f935e0dd0127048698cc2fef28f20b18a2e73c20aed145347b878f7a82c27e91d9877672ea3235699dc02b28d32ce10ef667516c7d2f72e71b37b987a35106aa8477ae0d533aacc3098af9d977f83cb7033c2db2f55f2c82f8a7ec6239a73e9120902e8b2ab14b81d9008a54bbdc16bec67425e18d9c69cffdda6eb456b0b1307cfcdc08064f8e3e9012b46ac833542cac4fec39184d88804357416d85c6b580968134a3961a6ec3912d28e5070c4fe9d83450ec54c7c4d96e71d0f2638115a1f1721c69eebf9d7577eff00af6baee16efe456ead0c039ca2295cd077825fbfbde14d07e2eddf8d32f338e99667ca7fc0c96b3d142a59049726630a9f73237d883a69f6bae23da689d4f4d81255d70476f1929a394b22e67ceb847aeb6bd9db97a7cfe08f5243e11bfc44c06125296af8e81bb6450014d5cdd1eee87f2401d00ea747d277124cb98126952259b3f04a8eb8a05668c170e372b826a9159d1780666f3cb78f0ee7d88f2e7b9995f3bd4aa4f5edc6d4abf56db96b4e2e6b902377b1307656ac01f091026388340e088333c559209c34a6885aa428320827972d482cadd0f47d65762c359ea410d5e2c2b57deece0f54ee5e058bd1e7d1e62a7cd6ca2126f7c856e2e6f70ab3a90a8e25633d2e735941a4c7db924a38d8a70247629baa7ac40aa3807a2676988743924ce29c3b3aa27395ced8bb9d69788b6cc7a7fd449b4c5487ffa606c6f7e7bbedd9228762e7406228df0a94e8ea865b9364d36c355288cc638f0300af50d82ac85ab4a9b3830278e3b72fe3b56f4d41592de0eb2b4b352480dd38c39ee1d96177e93976c173738c0300ca82bd68e85e61ef6fddecc67068e919da6035a72928365e91beda31379493622f90f81623c5bdecdad32c6d1c6a07f28f49bc1ddb6129b102de26474e29a32072547e0c02792e633b8b403a05cfdf72b8e353c5c977ab629d8bef88f04a603d95a6a464c7ab49dbd4ce80c780ba79a67ba59487339fb786593e1c7f4fd18ef3e2b4adf5f91405a12d32faeef3be3a98a0dccd90e56bdc4512378a7e1c58e32b94bf9a8d60e3befa465aaf8574142a7207eb8e1bb9f9406b653b32436088c0d5868d23d62e1fcd47f849b939863c6bf0268993f999f1fa74d3d1a1940f84cff0313c6d8fd86a8a880895f6bb75f05870ea231c9ef5a51bc8eeba56585f5f8d95746f26a9814c84e56173e0c83e55b9a99aaf87957b4e357666516086ffbb9bcf86c5e4b09294f201f6398ebab099e8847e1be5c88758ff18d5c2eee2b21c7eddb06138948d0f72f9bfba1608ce50765ca198e9a055b66968f1e43b96a2d740b2e57119fcdb668f3bc90cc8a7080f2248bcc4224e0abb688480dabc47ac2cbfe75fd6f3b2e2c3b32f4789b4632b41d22ff6563cd20401a74966865387239a46853cd90ec5b88c892461b0087eeb71cf0f613353bb5343a674682518beda5262200de9d36001d476173586523a1bc76bb7dc9140ccd0ac35307516bd027b3af4379270c26c90ac396d107e4c75aea3153a26a7c4e4d36aa76d1443d0a93f0bcf212c778c951a627cc3c6235592bce75f23ac3b570e557f25b77cd46b212a6724c44e839a1de11eb308d29bb3f943533a9ed03626ccdb6aefb6bba9cc8133a4410868238b2319d076d003f10e241732f9a7915f5301f5f4e8ac70713d9984c16130ef6f01d20ec7a5d936debaabff9be12b231b28432501b520ea933e003bab6151d9b4ea5603b8983367ad37c8a1a41f4f211be4cf240c74c60d6dd0f29cde62447474624f5b2274d2d4a6c06956f30d0f78809ed84d63ef26a05138f8c94baf54b615a81b669d2f8b32e8fc99695408ddd5926106ffb96acf554205920b9abb5e6c7a8739d0e64d62637005a0c0a5c3a5045011a7c86cf14b94aafc68ce81deb9e9b12525d88264fdb7b3c954bd597dc71cba83468e5adde1ff0876b61b8dbcd5b0c001752e22b71df1260de16d86675b5dd27d340fdb9386da842fb38e03537bdb4dc5ff3765e2f85cb26532819c152b2b74c270d825a9559a5a596d8394c87e16c7f8e45e8aea5a1051496bef4e7b0bd066f48d20344e0c2aa755aa678b5b77e117dbcad82713ab6a695dee9a242fef6dcf8d61aef2d17df6569ff9d52071cfa059a061ce970624802376af53132b03ed6e14b805c48b66c7004d633097b5f270827d7a3ecc9fa82368f830f7fb946c28e853a2d6cf11a055ef3098c6293b58a4c94553cab2e8a25919b530d3ddbaa1b4a95c8b4b783fb3f8c707294b073b007e1325ca245181630b9d29d7da8d913fed4d7c78797ef6cd22d072a3b72f897bb0e01a952af47203785132828d87359976f18ce22163533c24ae38892c61cdf9dc104f0dd03948b40526f9de66934d7a139022a969dec3074c3d6b943e40bd3192b809dce354f97f78ffed0644e2c874a96dc65e537432572e8b8273c31412b98f7a74d5abd33d1097ee90a90da22a3bbe17e4b725b7dddf5526fa9182db2c9812f8e2974215d2d56f047aa72cded8131f035ba666b74386a5bdbd0b60c4440a72ef30238fbb9db24571bc4cff21b2d91da8d5a27bf3fd8a4b516933ec694d7e21033e676b7f02895d9da7d23cd5685c64899869604f88e6103a0c420f46223f2616f8a7bdb05b046ab9206e1c5806a3811cfb632e137831b43495e31389e257558558d315a8fa39b61f79ec07b00d6f1e11f71a5e85c3d7557df34e1d38e5a203fe3b6dc86ed5c6ac2a5ef92ef006d259edc8177ad184dd6ef18fb850355d373b38c5fb2bcecc8acb058228fdbc17d9ec25fe9837c136f877efb6088401b87934bad2f4810a82238d3c6cf00a2a6f609c0cae84b14f5a0794c7a21eac611e057984071c1d18a03a91ba697c3da7f6580cd569baccfb6b7d3fc8620e4bf54ceedb17e7ba31510153e7ef199c49dbc02471777c6057cdc7c859ab2c23d85a99a3e0e963adc99faf67e3a94ff3580c58bb3dae64dd6a3ced08dfed878d02bea518b614fb67006664090986d96f552a5a0f9d3acefe6c39271214a82c6105c24a87360e873a3fcdcbabaabc759ddea7e60b3fa9383fa237495018e6a830053318a2285375c1dd37381ce10abed72bd7ea9a5b608976e5f822ce8db353aa0069f084e58fb7fc690c34807a88c95a45f1753a74b7b14f7a229bef5b3db949588737c8ba06bb199cb9c4af49ba72338fb99b3f7ac19cf457d446b6d1b5b59961c8243b70db1a7ebe09f36f3e9ea608b1f9eb2195ac2d70fad01ffc680d5e97cceae9990016b25d1fb66ae46d2cceb6e10469f65ca1764b2e63b83fdf6a62eca05c955f9ef65d183394de6fa6fa4429c5f29657bbd5909965977ef49eee4ad2de84946ba41045b6f33d125c0d5a84b46beac1c41c11cb621e43fd09c6c6923a33a934ccfedd5e5eaa09fb6c83c0f52b82c8ab58200ba1032e3d48170d13e061f71c26070e7e0093aea4b096edc0c8d5156d9f7d3bc0ccd601662d4856fd5cbe2d4e1700a144083737310c8d77be116ff2071d8191e0e2e60fe14df8c5107bece43848cacfdd8ac6e8745c420ed519b0f955f645eab12119af50812a2d4d089f7c756baf2da62f55632daaf2e130aee489789a8e2948e2855042e75250be56f64e0f21266a6ba7493fc76aeaf1fa265c43d4c4d5bf0eaefa1e46aee2d4132552c8a98daea12f95f755a097356c4c6a6d171fcd216c4d7b1e579dac73275918f09ae4081fdbc2e1adb215d200bef85a787ac4dca1411ddb02a26eba42147f58c0b9b8c99cdc03cbfcb32fa7d4f8e062ec1603ddb6446b3db61c71c25517afe4cd762c6c9c4193b96a92dd953bb04d17486e5fd753b5735b7ad09bbd8084755ddb83ba7645923727dd4c757f36df205ca1e8774da44b703274605e531135a41f17324c9e5380291b22a3cb9ce8b54aae4a94ca437874080d3cfe31c47538a7051ee401f82ea95072fe40d77d6234dc242467670fb70fa72d155d85ec28a634eaaf4e79fd800dd1355b9184d351eb2a189ce7b34995de1bab217bdbb6c618bb337ee37bad7edc7a184ba3e2f5f8ad4646b50c63d8f8604e23eddb9c6778eb21e5cc3", @typed={0xc, 0xbf, 0x0, 0x0, @u64=0x7}, @nested={0x4, 0x66}, @nested={0x4, 0x70}, @nested={0x4, 0x5}, @typed={0x8, 0x136, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x112, 0x0, 0x0, @fd=r0}]}, @typed={0x8, 0x108, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}]}]}, 0x143c}, 0x1, 0x0, 0x0, 0xc000}, 0xc841)

877.929079ms ago: executing program 0 (id=1671):
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x26, 0x80805, 0x0)
clone$auto(0x20003b4b, 0xa, 0x0, 0x0, 0x10)
ioctl$auto(0x3, 0xff02, 0x0)
bpf$auto_BPF_PROG_QUERY(0x10, &(0x7f0000000a80)=@bpf_attr_3={0x0, 0x1, 0x100000001, 0x2, 0x2, 0x6, 0x6120865b, 0x10, 0xccb, "411ee11343ab7a378e52fa1977c7bc4c", 0x0, 0x7, 0xffffffffffffffff, 0x8001, 0xc, 0x2, 0x8, 0x8, 0x7, 0x8, @attach_btf_obj_fd, 0x825e, 0x1, 0x2, 0x80000001, 0x5, <r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x100)
r2 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1)
sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0002fedbdf2592000000ef1a2932493b0d60"], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x40004)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
r4 = io_uring_setup$auto(0x1, 0x0)
write$auto_fops_init_pkru_pkeys(r4, 0x0, 0x0)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0x6}, 0x4}, 0x8, 0x311)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x18dd01, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000300)="de91b83a075ce51fff544f85b0b6d328f3beb9b8634fd16bf2701cb13a2d93abd414c9a1586e4fbc7b163c42c4783614b2dcf995a43c8cf63d102facaebb7019f67c4241ee77139ef43eac615fcf4ca071ad7ecd284cb135be34415cca234d6a11827f2178354b81a06111504ccdbebb0a5fe8cce82085a67d2b34e551a52a59", 0x80)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x4ff, 0x0)

706.7601ms ago: executing program 5 (id=1672):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40802, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x5603, r2)
r3 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0)
pread64$auto(r3, 0x0, 0x80, 0x6)
ioctl$auto_SG_GET_LOW_DMA(r2, 0x227a, &(0x7f0000000040)="0c31575c37efc562cbb0efb6e468b155b854e6dd18e46660b44e53144e3a02b75e8d058f1fc601fd5f290b707cc466efa5a46b3cce4994f46cf4e2763073ed9da9aefa8fa7b54c390e2719bd")
read$auto(r0, 0x0, 0xb4d3)
mmap$auto(0x0, 0x1000, 0xfffffffffffffff7, 0x40eb2, 0x602, 0x300000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xe0301, 0x0)
r5 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r4, 0x4b72, r5)

528.966158ms ago: executing program 5 (id=1673):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x891}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
listmount$auto(&(0x7f0000000080)={0x1f, @inferred=r0, 0x80000002, 0xfffffffffffffff7, 0x9}, 0x0, 0xf4244, 0x1)
lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2b, 0x1, 0x0)
r2 = socket(0x10, 0x2, 0xf)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x14, r4, 0x705, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r5 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe\x00', 0x840, 0x0)
bpf$auto(0x0, &(0x7f0000000680)=@bpf_attr_4={0x1e, r2, 0x24000000, r5}, 0x210)
socket(0x2, 0x3, 0xa)
io_uring_setup$auto(0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
fcntl$auto(0x0, 0x407, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
getsockopt$auto_SO_TIMESTAMP_OLD(r1, 0x71a3c2e7, 0x1d, &(0x7f0000000000)='^&$\x00', &(0x7f0000000180)=0x40)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/memory_tiering/memory_tier4/nodelist\x00', 0x22100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000006c0)=""/249, 0x138)
lsm_set_self_attr$auto(0xb35e, &(0x7f0000000240)={0x400, 0x5ebe, 0xe511, 0x62, "4d647bceaf82a22f89a5b0f3782771e1c0eebf3954a777a40258e73ea943036cebb32f7b0b585926a5594e4ed6cd422a0b9c0c7df0e9e1e312c766597cd69e35c495098f5ba65d7009b5fd935bbacf4c82fdc360a6ee0aee6ce31b155a59051dabaa"}, 0x80000001, 0x94f)
getpgid$auto(0x0)
mlockall$auto(0x2)
shmget$auto(0x802, 0x10565, 0x7ff)
shmat$auto(0x0, &(0x7f0000000140)='(\x00\xaf)9\xd7~X\x7f\a\xc4)\xfaz\xb8\xcdC\xff\xa8N\x1a%r\xe9\xda\xd3O', 0xfffffffc)

453.310492ms ago: executing program 6 (id=1674):
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
io_uring_register$auto(0x2, 0x9, 0x0, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
set_mempolicy$auto(0x3, &(0x7f0000000040)=0x7, 0x3) (async)
acct$auto(0x0) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x602c2, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0)
prctl$auto(0x26, 0x1, 0x0, 0x0, 0x0) (async)
r1 = socket(0x10, 0x2, 0xc) (async)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) (async)
execveat$auto(r0, 0x0, 0x0, 0x0, 0x11000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
modify_ldt$auto(0x11, 0x0, 0x10) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = eventfd$auto(0x4) (async)
r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) (async)
r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000080), r3) (async)
ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x5) (async)
ioctl$auto(r5, 0x4008af20, r4)

262.749728ms ago: executing program 6 (id=1675):
bpf$auto(0x18, &(0x7f0000000040)=@batch={0x6, 0xb, 0xda9, 0x9, 0x8, 0xffffffffffffffff, 0x5, 0x6}, 0x92) (async)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff)
socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d})
unshare$auto(0x40000080) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x6)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async)
ioctl$auto_SNDRV_PCM_IOCTL_PREPARE2(r1, 0x4140, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) (rerun: 32)
write$auto_proc_uid_map_operations_base(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r3, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000)
capset$auto(&(0x7f0000000700)={0x3}, &(0x7f0000000740)={0x8, 0x4, 0x6}) (async, rerun: 32)
madvise$auto(0x0, 0x200007, 0x19) (async, rerun: 32)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) (async)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
prctl$auto(0x1000000003b, 0xfffffffffffffffd, 0x4, 0x5, 0x7) (async)
ioctl$auto_USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240)="2303", 0xc694, 0x3, 0x80005, @stream_id=0x7, 0x2004b, 0xc, 0x0}) (async, rerun: 32)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async, rerun: 32)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) (async, rerun: 64)
socket(0x1a, 0x6, 0xa) (async, rerun: 64)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)

233.208762ms ago: executing program 0 (id=1676):
r0 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
mmap$auto(0x0, 0x10bb, 0xdf, 0xeb1, 0x401, 0x7fff)
unshare$auto(0x40000080)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r2, &(0x7f0000001680), 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SETHMAC(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x2c, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x2}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x8}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x44800)
msgctl$auto_IPC_INFO(0x400, 0x3, &(0x7f0000000140)={{0xfffffff9, 0xee01, 0x0, 0x341, 0x240000, 0x0, 0x9}, &(0x7f0000000040)=0x81, &(0x7f0000000100)=0x7, 0x9, 0xe5, 0x3, 0x3, 0x1, 0x2, 0x5cb, 0x2, @inferred, @raw=0xffffff15})
ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f00000001c0)={0x4, 0xfff, 0x2, 0x8, 0x7b8c})
r5 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = prctl$auto(0x10, 0x9, r5, 0x5, 0x42c)
write$auto_force_devcoredump_fops_hci_vhci(r6, &(0x7f0000001740)="33119f2c9e9d449ff1046a7faf0c741d18b31bca2496f6c2a6008c46809b17e9d6a11777258b47aa21fed5826a277a57f603fea4cf12af4e56c07220031780ca5aec0fedc547c73543862bdfb7a2eea09f65b773ad37c6b1772cdef3ead08d83e4574f63abe0050a964808e1849760c32f5671c0fb01861860db0c82c24e3e09a3ed16a36f55e4e4b3b52936fd74737422ccde64639ee7ec1daf8f7c0c8bb7a7c8f4ccc3d2953b44491db1485cfc397c6253f5f64120bff0812e8a0787cde70c", 0xc0)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000001700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000016c0)={&(0x7f0000000200)={0x50, r4, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACINFO={0x4}, @SEG6_ATTR_DST={0x14, 0x1, @private2={0xfc, 0x2, '\x00', 0x1}}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}, @SEG6_ATTR_DST={0x14, 0x1, @private1}]}, 0x50}, 0x1, 0x0, 0x0, 0x8084}, 0x4000)
ioctl$auto(r1, 0x8, r1)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto_PR_SET_THP_DISABLE(0x29, 0x9, 0x2, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r7 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder1\x00', 0x0, 0x0)
ioctl$auto_BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f0000000000)="fc06c1")

0s ago: executing program 6 (id=1677):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
umount2$auto(&(0x7f0000000240)='/proc/\x00\x18s/fs/bin\xe6mt[\xe9\xdf\xe2%\f\x16#9\x00\x00\x00\x00\x00\x00\xbe\xe6]\x01\x05\xac\xb4\x896\xd3\xe1|\x82\xa1\x7fB\x18|T\x9ev\x03\x00EM*\t\x91\xbbb\xc9X\xee<\xc4T\xf5dRw\xb6*A\x97\xf6\xf8\xeb\a\x95>B\xfb\xd3\x12YAm\x15\xad\x80n\xbe\x01.\x86*\x9d\x1e\xbdBp\xe6C\x06i\xd5\xd7\"Z0V\xa4\x80SCzA\x81|\x1c\xec\xc8\xdb\xa0C3\xcf1S\'<\x1d\xee\xb4v\x8aB\xd6\x87d\x86\xda+\xd5C\x11\x01\x93\xc3\xc1h\xde\xb7\xb10f5\xa4\xeaCG\x8bR\\\x1bM\x94:\xa0\xb2\b]\x05\xe1$\xfaG\xe9~/\xde\xccA\x018\xbc\xd2\'FvN\xdf\xed\xa9*\x17n\x04R3', 0x4)
madvise$auto(0xa, 0xfffffffbffff0001, 0x1000005)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
madvise$auto(0x8, 0x80, 0x0)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r1, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
setsockopt$auto(r0, 0x29, 0x39, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)

kernel console output (not intermixed with test programs):

 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  318.415408][ T8926] RSP: 002b:00007ff579ff6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0
[  318.415426][ T8926] RAX: ffffffffffffffda RBX: 00007ff57c016090 RCX: 00007ff57bd9cdd9
[  318.415438][ T8926] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  318.415449][ T8926] RBP: 00007ff579ff6090 R08: 0000000000000000 R09: 0000000000000000
[  318.415460][ T8926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.415470][ T8926] R13: 00007ff57c016128 R14: 00007ff57c016090 R15: 00007ffeaf031f88
[  318.415493][ T8926]  </TASK>
[  320.933208][ T8968] FAULT_INJECTION: forcing a failure.
[  320.933208][ T8968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.011562][ T8968] CPU: 0 UID: 0 PID: 8968 Comm: syz.2.680 Not tainted syzkaller #0 PREEMPT(full) 
[  321.011590][ T8968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  321.011601][ T8968] Call Trace:
[  321.011607][ T8968]  <TASK>
[  321.011614][ T8968]  dump_stack_lvl+0x100/0x190
[  321.011640][ T8968]  should_fail_ex.cold+0x5/0xa
[  321.011663][ T8968]  _copy_to_user+0x32/0xd0
[  321.011696][ T8968]  put_itimerspec64+0x13c/0x1e0
[  321.011725][ T8968]  ? __pfx_put_itimerspec64+0x10/0x10
[  321.011754][ T8968]  ? _raw_spin_unlock_irq+0x23/0x50
[  321.011776][ T8968]  ? lockdep_hardirqs_on+0x78/0x100
[  321.011803][ T8968]  __x64_sys_timer_gettime+0x14a/0x180
[  321.011827][ T8968]  ? __pfx___x64_sys_timer_gettime+0x10/0x10
[  321.011850][ T8968]  ? ksys_write+0x1ac/0x250
[  321.011874][ T8968]  ? rcu_is_watching+0x12/0xc0
[  321.011899][ T8968]  do_syscall_64+0x10b/0xf80
[  321.011922][ T8968]  ? clear_bhb_loop+0x40/0x90
[  321.011945][ T8968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.011964][ T8968] RIP: 0033:0x7f6610d9cdd9
[  321.011980][ T8968] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.011998][ T8968] RSP: 002b:00007f6611c44028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0
[  321.012017][ T8968] RAX: ffffffffffffffda RBX: 00007f6611016090 RCX: 00007f6610d9cdd9
[  321.012029][ T8968] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  321.012040][ T8968] RBP: 00007f6611c44090 R08: 0000000000000000 R09: 0000000000000000
[  321.012051][ T8968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.012061][ T8968] R13: 00007f6611016128 R14: 00007f6611016090 R15: 00007fff39d71908
[  321.012084][ T8968]  </TASK>
[  322.309218][ T8986] netlink: 186 bytes leftover after parsing attributes in process `syz.2.684'.
[  322.462334][ T8986] FAULT_INJECTION: forcing a failure.
[  322.462334][ T8986] name failslab, interval 1, probability 0, space 0, times 0
[  322.594623][ T8986] CPU: 0 UID: 0 PID: 8986 Comm: syz.2.684 Not tainted syzkaller #0 PREEMPT(full) 
[  322.594651][ T8986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  322.594663][ T8986] Call Trace:
[  322.594670][ T8986]  <TASK>
[  322.594677][ T8986]  dump_stack_lvl+0x100/0x190
[  322.594703][ T8986]  should_fail_ex.cold+0x5/0xa
[  322.594727][ T8986]  should_failslab+0xc2/0x120
[  322.594749][ T8986]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  322.594780][ T8986]  ? __alloc_skb+0x140/0x710
[  322.594802][ T8986]  __alloc_skb+0x140/0x710
[  322.594819][ T8986]  ? __alloc_skb+0x5b7/0x710
[  322.594836][ T8986]  ? __pfx___alloc_skb+0x10/0x10
[  322.594852][ T8986]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  322.594881][ T8986]  ? pfkey_xfrm_policy2msg_size+0x207/0x250
[  322.594912][ T8986]  pfkey_send_policy_notify+0x14e/0x8c0
[  322.594942][ T8986]  ? __pfx_pfkey_send_policy_notify+0x10/0x10
[  322.594972][ T8986]  km_policy_notify+0xb3/0x240
[  322.594996][ T8986]  xfrm_add_policy+0x452/0x840
[  322.595022][ T8986]  ? rcu_is_watching+0x12/0xc0
[  322.595044][ T8986]  ? __pfx_xfrm_add_policy+0x10/0x10
[  322.595068][ T8986]  ? apparmor_capable+0x1d7/0x4d0
[  322.595102][ T8986]  ? __nla_parse+0x40/0x60
[  322.595126][ T8986]  ? __pfx_xfrm_add_policy+0x10/0x10
[  322.595152][ T8986]  xfrm_user_rcv_msg+0x411/0xb50
[  322.595179][ T8986]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  322.595202][ T8986]  ? kfree_skbmem+0x19f/0x210
[  322.595227][ T8986]  ? consume_skb+0xd6/0x110
[  322.595271][ T8986]  ? rcu_is_watching+0x12/0xc0
[  322.595293][ T8986]  ? trace_contention_end+0x122/0x170
[  322.595315][ T8986]  ? __mutex_lock+0x26d/0x1b10
[  322.595344][ T8986]  netlink_rcv_skb+0x159/0x420
[  322.595370][ T8986]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  322.595394][ T8986]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  322.595432][ T8986]  xfrm_netlink_rcv+0x71/0x90
[  322.595453][ T8986]  netlink_unicast+0x585/0x850
[  322.595482][ T8986]  ? __pfx_netlink_unicast+0x10/0x10
[  322.595514][ T8986]  netlink_sendmsg+0x8b0/0xda0
[  322.595542][ T8986]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.595566][ T8986]  ? __import_iovec+0x1d2/0x640
[  322.595586][ T8986]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  322.595624][ T8986]  ____sys_sendmsg+0x9e1/0xb70
[  322.595652][ T8986]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.595679][ T8986]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.595702][ T8986]  ? preempt_schedule_thunk+0x16/0x30
[  322.595736][ T8986]  ? try_to_wake_up+0x5f6/0x1900
[  322.595765][ T8986]  ___sys_sendmsg+0x190/0x1e0
[  322.595793][ T8986]  ? __pfx____sys_sendmsg+0x10/0x10
[  322.595819][ T8986]  ? futex_private_hash_put+0x107/0x1c0
[  322.595864][ T8986]  __sys_sendmsg+0x170/0x220
[  322.595883][ T8986]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.595902][ T8986]  ? __x64_sys_futex+0x34f/0x4d0
[  322.595931][ T8986]  ? rcu_is_watching+0x12/0xc0
[  322.595955][ T8986]  do_syscall_64+0x10b/0xf80
[  322.595978][ T8986]  ? clear_bhb_loop+0x40/0x90
[  322.596000][ T8986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.596020][ T8986] RIP: 0033:0x7f6610d9cdd9
[  322.596035][ T8986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  322.596053][ T8986] RSP: 002b:00007f6611c65028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  322.596072][ T8986] RAX: ffffffffffffffda RBX: 00007f6611015fa0 RCX: 00007f6610d9cdd9
[  322.596083][ T8986] RDX: 0000000000004004 RSI: 0000200000000240 RDI: 0000000000000006
[  322.596094][ T8986] RBP: 00007f6610e32d69 R08: 0000000000000000 R09: 0000000000000000
[  322.596105][ T8986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  322.596115][ T8986] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  322.596139][ T8986]  </TASK>
[  324.264340][ T9004] FAULT_INJECTION: forcing a failure.
[  324.264340][ T9004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  324.368933][ T9004] CPU: 0 UID: 0 PID: 9004 Comm: syz.1.689 Not tainted syzkaller #0 PREEMPT(full) 
[  324.368961][ T9004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  324.368972][ T9004] Call Trace:
[  324.368979][ T9004]  <TASK>
[  324.368986][ T9004]  dump_stack_lvl+0x100/0x190
[  324.369013][ T9004]  should_fail_ex.cold+0x5/0xa
[  324.369038][ T9004]  _copy_to_user+0x32/0xd0
[  324.369075][ T9004]  simple_read_from_buffer+0xcb/0x170
[  324.369100][ T9004]  proc_fail_nth_read+0x1af/0x230
[  324.369134][ T9004]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  324.369170][ T9004]  ? rw_verify_area+0xce/0x6d0
[  324.369189][ T9004]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  324.369222][ T9004]  vfs_read+0x1e4/0xb30
[  324.369247][ T9004]  ? __pfx_vfs_read+0x10/0x10
[  324.369269][ T9004]  ? __fget_files+0x215/0x3d0
[  324.369297][ T9004]  ? __fget_files+0x21f/0x3d0
[  324.369327][ T9004]  ksys_read+0x12a/0x250
[  324.369349][ T9004]  ? __pfx_ksys_read+0x10/0x10
[  324.369374][ T9004]  ? rcu_is_watching+0x12/0xc0
[  324.369401][ T9004]  do_syscall_64+0x10b/0xf80
[  324.369429][ T9004]  ? clear_bhb_loop+0x40/0x90
[  324.369453][ T9004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.369472][ T9004] RIP: 0033:0x7ff57bd5d60e
[  324.369488][ T9004] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  324.369506][ T9004] RSP: 002b:00007ff579ff5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  324.369524][ T9004] RAX: ffffffffffffffda RBX: 00007ff579ff66c0 RCX: 00007ff57bd5d60e
[  324.369536][ T9004] RDX: 000000000000000f RSI: 00007ff579ff60a0 RDI: 0000000000000003
[  324.369547][ T9004] RBP: 00007ff579ff6090 R08: 0000000000000000 R09: 0000000000000000
[  324.369558][ T9004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.369568][ T9004] R13: 00007ff57c016128 R14: 00007ff57c016090 R15: 00007ffeaf031f88
[  324.369591][ T9004]  </TASK>
[  327.471191][ T9037] hub 1-0:1.0: USB hub found
[  327.493777][ T9037] hub 1-0:1.0: 1 port detected
[  328.997187][ T9057] FAULT_INJECTION: forcing a failure.
[  328.997187][ T9057] name fail_futex, interval 1, probability 0, space 0, times 0
[  329.119651][ T9064] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  329.237912][ T9057] CPU: 0 UID: 0 PID: 9057 Comm: syz.1.702 Not tainted syzkaller #0 PREEMPT(full) 
[  329.237940][ T9057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  329.237950][ T9057] Call Trace:
[  329.237957][ T9057]  <TASK>
[  329.237964][ T9057]  dump_stack_lvl+0x100/0x190
[  329.237990][ T9057]  should_fail_ex.cold+0x5/0xa
[  329.238013][ T9057]  get_futex_key+0x1d2/0x1510
[  329.238040][ T9057]  ? __pfx_get_futex_key+0x10/0x10
[  329.238062][ T9057]  ? folios_put_refs+0x716/0xa90
[  329.238083][ T9057]  futex_wait_setup+0x83/0x510
[  329.238116][ T9057]  __futex_wait+0x19f/0x300
[  329.238146][ T9057]  ? __pfx___futex_wait+0x10/0x10
[  329.238176][ T9057]  ? __pfx_futex_wake_mark+0x10/0x10
[  329.238204][ T9057]  ? futex_hash+0x2ad/0x370
[  329.238223][ T9057]  ? futex_hash+0x141/0x370
[  329.238243][ T9057]  futex_wait+0xe6/0x370
[  329.238269][ T9057]  ? __pfx_futex_wait+0x10/0x10
[  329.238294][ T9057]  ? __mm_populate+0x33a/0x3a0
[  329.238324][ T9057]  ? __mm_populate+0x2b0/0x3a0
[  329.238353][ T9057]  ? __pfx___mm_populate+0x10/0x10
[  329.238378][ T9057]  do_futex+0x1ef/0x350
[  329.238398][ T9057]  ? __pfx_do_futex+0x10/0x10
[  329.238417][ T9057]  ? do_mlock+0x33a/0x7f0
[  329.238449][ T9057]  __x64_sys_futex+0x34f/0x4d0
[  329.238471][ T9057]  ? __pfx___x64_sys_futex+0x10/0x10
[  329.238491][ T9057]  ? ksys_write+0x1ac/0x250
[  329.238515][ T9057]  ? rcu_is_watching+0x12/0xc0
[  329.238540][ T9057]  do_syscall_64+0x10b/0xf80
[  329.238563][ T9057]  ? clear_bhb_loop+0x40/0x90
[  329.238592][ T9057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  329.238611][ T9057] RIP: 0033:0x7ff57bd9cdd9
[  329.238628][ T9057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  329.238646][ T9057] RSP: 002b:00007ff57cb750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  329.238664][ T9057] RAX: ffffffffffffffda RBX: 00007ff57c015fa8 RCX: 00007ff57bd9cdd9
[  329.238676][ T9057] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff57c015fa8
[  329.238688][ T9057] RBP: 00007ff57c015fa0 R08: 0000000000000000 R09: 0000000000000000
[  329.238699][ T9057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  329.238710][ T9057] R13: 00007ff57c016038 R14: 00007ffeaf031ea0 R15: 00007ffeaf031f88
[  329.238733][ T9057]  </TASK>
[  329.763465][ T9064] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  329.845894][ T9064] Format for adding new device is "id port_count num_queues" (uint uint uint).
[  330.206349][ T9071] Process accounting resumed
[  331.713581][ T9101] FAULT_INJECTION: forcing a failure.
[  331.713581][ T9101] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  331.925941][ T9101] CPU: 0 UID: 0 PID: 9101 Comm: syz.2.712 Not tainted syzkaller #0 PREEMPT(full) 
[  331.925968][ T9101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  331.925979][ T9101] Call Trace:
[  331.925985][ T9101]  <TASK>
[  331.925992][ T9101]  dump_stack_lvl+0x100/0x190
[  331.926017][ T9101]  should_fail_ex.cold+0x5/0xa
[  331.926041][ T9101]  _copy_to_user+0x32/0xd0
[  331.926072][ T9101]  simple_read_from_buffer+0xcb/0x170
[  331.926096][ T9101]  proc_fail_nth_read+0x1af/0x230
[  331.926130][ T9101]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  331.926160][ T9101]  ? rw_verify_area+0xce/0x6d0
[  331.926179][ T9101]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  331.926208][ T9101]  vfs_read+0x1e4/0xb30
[  331.926231][ T9101]  ? __pfx_vfs_read+0x10/0x10
[  331.926251][ T9101]  ? __fget_files+0x215/0x3d0
[  331.926277][ T9101]  ? __fget_files+0x21f/0x3d0
[  331.926304][ T9101]  ksys_read+0x12a/0x250
[  331.926324][ T9101]  ? __pfx_ksys_read+0x10/0x10
[  331.926347][ T9101]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  331.926376][ T9101]  ? syscall_user_dispatch+0x76/0x130
[  331.926400][ T9101]  do_syscall_64+0x10b/0xf80
[  331.926424][ T9101]  ? clear_bhb_loop+0x40/0x90
[  331.926446][ T9101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.926465][ T9101] RIP: 0033:0x7f6610d5d60e
[  331.926481][ T9101] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  331.926499][ T9101] RSP: 002b:00007f6611c64fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  331.926517][ T9101] RAX: ffffffffffffffda RBX: 00007f6611c656c0 RCX: 00007f6610d5d60e
[  331.926529][ T9101] RDX: 000000000000000f RSI: 00007f6611c650a0 RDI: 0000000000000005
[  331.926540][ T9101] RBP: 00007f6611c65090 R08: 0000000000000000 R09: 0000000000000000
[  331.926551][ T9101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.926561][ T9101] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  331.926591][ T9101]  </TASK>
[  332.469953][ T9114] netlink: 8 bytes leftover after parsing attributes in process `syz.3.714'.
[  332.582153][ T9118] ALSA: mixer_oss: invalid OSS volume ',e�&��E�R��$o���i<��\#Z�����\'
[  333.416746][ T9131] FAULT_INJECTION: forcing a failure.
[  333.416746][ T9131] name failslab, interval 1, probability 0, space 0, times 0
[  333.552309][ T9131] CPU: 0 UID: 0 PID: 9131 Comm: syz.2.719 Not tainted syzkaller #0 PREEMPT(full) 
[  333.552337][ T9131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  333.552348][ T9131] Call Trace:
[  333.552355][ T9131]  <TASK>
[  333.552366][ T9131]  dump_stack_lvl+0x100/0x190
[  333.552392][ T9131]  should_fail_ex.cold+0x5/0xa
[  333.552417][ T9131]  should_failslab+0xc2/0x120
[  333.552439][ T9131]  __kmalloc_cache_noprof+0x7a/0x6f0
[  333.552466][ T9131]  ? sctp_endpoint_new+0xfc/0xb20
[  333.552485][ T9131]  ? __debug_object_init+0x2de/0x3d0
[  333.552516][ T9131]  sctp_endpoint_new+0xfc/0xb20
[  333.552542][ T9131]  ? __pfx_sctp_endpoint_new+0x10/0x10
[  333.552562][ T9131]  ? lockdep_init_map_type+0x5c/0x250
[  333.552581][ T9131]  ? lockdep_init_map_type+0x5c/0x250
[  333.552599][ T9131]  ? lockdep_init_map_type+0x5c/0x250
[  333.552620][ T9131]  sctp_init_sock+0xe2b/0x1300
[  333.552637][ T9131]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  333.552656][ T9131]  sctp_v6_init_sock+0x16/0x70
[  333.552672][ T9131]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  333.552689][ T9131]  inet6_create+0xb21/0x12b0
[  333.552712][ T9131]  ? inet6_create+0x7f/0x12b0
[  333.552736][ T9131]  __sock_create+0x339/0x860
[  333.552765][ T9131]  __sys_socket+0x14d/0x260
[  333.552792][ T9131]  ? __pfx___sys_socket+0x10/0x10
[  333.552816][ T9131]  ? ksys_write+0x1ac/0x250
[  333.552843][ T9131]  __x64_sys_socket+0x72/0xb0
[  333.552867][ T9131]  ? lockdep_hardirqs_on+0x78/0x100
[  333.552891][ T9131]  do_syscall_64+0x10b/0xf80
[  333.552914][ T9131]  ? clear_bhb_loop+0x40/0x90
[  333.552937][ T9131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.552956][ T9131] RIP: 0033:0x7f6610d9cdd9
[  333.552972][ T9131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  333.552989][ T9131] RSP: 002b:00007f6611c65028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  333.553008][ T9131] RAX: ffffffffffffffda RBX: 00007f6611015fa0 RCX: 00007f6610d9cdd9
[  333.553019][ T9131] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a
[  333.553030][ T9131] RBP: 00007f6610e32d69 R08: 0000000000000000 R09: 0000000000000000
[  333.553041][ T9131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  333.553051][ T9131] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  333.553074][ T9131]  </TASK>
[  336.962231][ T9170] FAULT_INJECTION: forcing a failure.
[  336.962231][ T9170] name fail_futex, interval 1, probability 0, space 0, times 0
[  337.083096][ T9170] CPU: 0 UID: 0 PID: 9170 Comm: syz.2.731 Not tainted syzkaller #0 PREEMPT(full) 
[  337.083123][ T9170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  337.083134][ T9170] Call Trace:
[  337.083141][ T9170]  <TASK>
[  337.083148][ T9170]  dump_stack_lvl+0x100/0x190
[  337.083172][ T9170]  should_fail_ex.cold+0x5/0xa
[  337.083196][ T9170]  get_futex_key+0x1d2/0x1510
[  337.083218][ T9170]  ? __pfx_get_futex_key+0x10/0x10
[  337.083235][ T9170]  ? mlock_drain_local+0x254/0x4e0
[  337.083276][ T9170]  ? mlock_drain_local+0x280/0x4e0
[  337.083307][ T9170]  futex_wake+0xea/0x530
[  337.083331][ T9170]  ? __mm_populate+0x33a/0x3a0
[  337.083354][ T9170]  ? __pfx_futex_wake+0x10/0x10
[  337.083380][ T9170]  ? __mm_populate+0x2b0/0x3a0
[  337.083403][ T9170]  ? __pfx___mm_populate+0x10/0x10
[  337.083428][ T9170]  do_futex+0x32b/0x350
[  337.083449][ T9170]  ? __pfx_do_futex+0x10/0x10
[  337.083468][ T9170]  ? do_mlock+0x33a/0x7f0
[  337.083499][ T9170]  __x64_sys_futex+0x34f/0x4d0
[  337.083521][ T9170]  ? __pfx___x64_sys_futex+0x10/0x10
[  337.083541][ T9170]  ? ksys_write+0x1ac/0x250
[  337.083571][ T9170]  ? rcu_is_watching+0x12/0xc0
[  337.083596][ T9170]  do_syscall_64+0x10b/0xf80
[  337.083619][ T9170]  ? clear_bhb_loop+0x40/0x90
[  337.083641][ T9170]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.083660][ T9170] RIP: 0033:0x7f6610d9cdd9
[  337.083676][ T9170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  337.083693][ T9170] RSP: 002b:00007f6611c440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  337.083711][ T9170] RAX: ffffffffffffffda RBX: 00007f6611016098 RCX: 00007f6610d9cdd9
[  337.083723][ T9170] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f661101609c
[  337.083734][ T9170] RBP: 00007f6611016090 R08: 0000000000000001 R09: 0000000000000000
[  337.083745][ T9170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  337.083756][ T9170] R13: 00007f6611016128 R14: 00007fff39d71820 R15: 00007fff39d71908
[  337.083778][ T9170]  </TASK>
[  337.395815][ T9183] program syz.0.729 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  337.767522][ T9183] can: request_module (can-proto-4) failed.
[  339.227305][ T9203] netlink: 342 bytes leftover after parsing attributes in process `syz.0.737'.
[  340.516734][ T9197] Process accounting resumed
[  342.076656][ T9241] netlink: 338 bytes leftover after parsing attributes in process `syz.0.746'.
[  342.124269][ T9241] netlink: 338 bytes leftover after parsing attributes in process `syz.0.746'.
[  342.166739][ T9241] netlink: 338 bytes leftover after parsing attributes in process `syz.0.746'.
[  342.364904][ T9241] netlink: 338 bytes leftover after parsing attributes in process `syz.0.746'.
[  342.762840][ T9249] FAULT_INJECTION: forcing a failure.
[  342.762840][ T9249] name failslab, interval 1, probability 0, space 0, times 0
[  342.885575][ T9249] CPU: 0 UID: 0 PID: 9249 Comm: syz.1.745 Not tainted syzkaller #0 PREEMPT(full) 
[  342.885610][ T9249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  342.885621][ T9249] Call Trace:
[  342.885627][ T9249]  <TASK>
[  342.885635][ T9249]  dump_stack_lvl+0x100/0x190
[  342.885661][ T9249]  should_fail_ex.cold+0x5/0xa
[  342.885684][ T9249]  should_failslab+0xc2/0x120
[  342.885707][ T9249]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  342.885736][ T9249]  ? mas_preallocate+0x1105/0x14a0
[  342.885769][ T9249]  mas_preallocate+0x1105/0x14a0
[  342.885801][ T9249]  ? __pfx_mas_preallocate+0x10/0x10
[  342.885834][ T9249]  ? vm_area_alloc+0x1f/0x160
[  342.885861][ T9249]  ? lockdep_init_map_type+0x5c/0x250
[  342.885882][ T9249]  __mmap_region+0x124a/0x2da0
[  342.885915][ T9249]  ? __pfx___mmap_region+0x10/0x10
[  342.885947][ T9249]  ? rcu_is_watching+0x12/0xc0
[  342.885968][ T9249]  ? trace_pelt_se_tp+0x13b/0x190
[  342.885991][ T9249]  ? do_raw_spin_lock+0x128/0x260
[  342.886015][ T9249]  ? __lock_acquire+0x4a5/0x2630
[  342.886034][ T9249]  ? do_raw_spin_unlock+0x145/0x1e0
[  342.886067][ T9249]  ? rcu_is_watching+0x12/0xc0
[  342.886098][ T9249]  ? mark_held_locks+0x40/0x70
[  342.886114][ T9249]  ? finish_task_switch.isra.0+0x2cb/0x1010
[  342.886166][ T9249]  ? rcu_is_watching+0x12/0xc0
[  342.886192][ T9249]  mmap_region+0x35d/0x620
[  342.886209][ T9249]  ? rcu_is_watching+0x12/0xc0
[  342.886231][ T9249]  ? __pfx_mmap_region+0x10/0x10
[  342.886250][ T9249]  ? cap_mmap_addr+0x4b/0x120
[  342.886276][ T9249]  ? bpf_lsm_mmap_addr+0x9/0x30
[  342.886293][ T9249]  ? security_mmap_addr+0x71/0x1e0
[  342.886313][ T9249]  ? __get_unmapped_area+0x255/0x3e0
[  342.886338][ T9249]  do_mmap+0xc63/0x12f0
[  342.886364][ T9249]  ? __pfx_do_mmap+0x10/0x10
[  342.886386][ T9249]  ? __pfx_down_write_killable+0x10/0x10
[  342.886417][ T9249]  vm_mmap_pgoff+0x29e/0x470
[  342.886448][ T9249]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  342.886472][ T9249]  ? do_futex+0x192/0x350
[  342.886492][ T9249]  ? __pfx_do_futex+0x10/0x10
[  342.886516][ T9249]  ksys_mmap_pgoff+0xe4/0x610
[  342.886538][ T9249]  ? __x64_sys_futex+0x358/0x4d0
[  342.886558][ T9249]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  342.886585][ T9249]  ? xfd_validate_state+0x129/0x190
[  342.886604][ T9249]  ? ksys_write+0x1ac/0x250
[  342.886628][ T9249]  __x64_sys_mmap+0x125/0x190
[  342.886651][ T9249]  do_syscall_64+0x10b/0xf80
[  342.886673][ T9249]  ? clear_bhb_loop+0x40/0x90
[  342.886696][ T9249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.886716][ T9249] RIP: 0033:0x7ff57bd9cdd9
[  342.886733][ T9249] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  342.886751][ T9249] RSP: 002b:00007ff579bb2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  342.886769][ T9249] RAX: ffffffffffffffda RBX: 00007ff57c016270 RCX: 00007ff57bd9cdd9
[  342.886781][ T9249] RDX: 0000000000000003 RSI: 000000000202000a RDI: 0000000000000000
[  342.886791][ T9249] RBP: 00007ff57be32d69 R08: fffffffffffffffa R09: 0000000000008000
[  342.886802][ T9249] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  342.886813][ T9249] R13: 00007ff57c016308 R14: 00007ff57c016270 R15: 00007ffeaf031f88
[  342.886836][ T9249]  </TASK>
[  345.807312][ T9299] FAULT_INJECTION: forcing a failure.
[  345.807312][ T9299] name failslab, interval 1, probability 0, space 0, times 0
[  345.967605][ T9299] CPU: 0 UID: 0 PID: 9299 Comm: syz.1.758 Not tainted syzkaller #0 PREEMPT(full) 
[  345.967634][ T9299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  345.967645][ T9299] Call Trace:
[  345.967655][ T9299]  <TASK>
[  345.967663][ T9299]  dump_stack_lvl+0x100/0x190
[  345.967689][ T9299]  should_fail_ex.cold+0x5/0xa
[  345.967715][ T9299]  should_failslab+0xc2/0x120
[  345.967738][ T9299]  __kmalloc_cache_noprof+0x7a/0x6f0
[  345.967768][ T9299]  ? allocate_file_region_entries+0x1a0/0x620
[  345.967806][ T9299]  allocate_file_region_entries+0x1a0/0x620
[  345.967847][ T9299]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  345.967890][ T9299]  region_chg+0x85/0x140
[  345.967925][ T9299]  __vma_reservation_common+0x376/0x720
[  345.967946][ T9299]  ? __pfx___vma_reservation_common+0x10/0x10
[  345.967965][ T9299]  ? __pfx___might_resched+0x10/0x10
[  345.967993][ T9299]  hugetlb_no_page+0xb31/0x1980
[  345.968029][ T9299]  hugetlb_fault+0x5e5/0x1410
[  345.968060][ T9299]  ? __pfx_hugetlb_fault+0x10/0x10
[  345.968096][ T9299]  ? __pfx___up_read+0x10/0x10
[  345.968118][ T9299]  ? hugetlb_vma_unlock_read+0x109/0x140
[  345.968135][ T9299]  ? hugetlb_vma_unlock_read+0x109/0x140
[  345.968156][ T9299]  handle_mm_fault+0x5f1/0xa20
[  345.968193][ T9299]  __get_user_pages+0x1178/0x32a0
[  345.968227][ T9299]  ? __pfx___get_user_pages+0x10/0x10
[  345.968257][ T9299]  populate_vma_page_range+0x267/0x3f0
[  345.968285][ T9299]  ? __pfx_populate_vma_page_range+0x10/0x10
[  345.968312][ T9299]  ? __pfx_find_vma_intersection+0x10/0x10
[  345.968336][ T9299]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  345.968374][ T9299]  __mm_populate+0x107/0x3a0
[  345.968402][ T9299]  ? __pfx___mm_populate+0x10/0x10
[  345.968428][ T9299]  ? up_write+0x28c/0x4f0
[  345.968452][ T9299]  do_mlock+0x3f0/0x7f0
[  345.968489][ T9299]  ? __pfx_do_mlock+0x10/0x10
[  345.968533][ T9299]  ? __x64_sys_futex+0x34f/0x4d0
[  345.968553][ T9299]  ? __x64_sys_futex+0x358/0x4d0
[  345.968577][ T9299]  ? xfd_validate_state+0x129/0x190
[  345.968595][ T9299]  ? ksys_write+0x1ac/0x250
[  345.968624][ T9299]  __x64_sys_mlock+0x59/0x80
[  345.968642][ T9299]  do_syscall_64+0x10b/0xf80
[  345.968666][ T9299]  ? clear_bhb_loop+0x40/0x90
[  345.968688][ T9299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.968707][ T9299] RIP: 0033:0x7ff57bd9cdd9
[  345.968723][ T9299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  345.968741][ T9299] RSP: 002b:00007ff57cb75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  345.968760][ T9299] RAX: ffffffffffffffda RBX: 00007ff57c015fa0 RCX: 00007ff57bd9cdd9
[  345.968772][ T9299] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000009
[  345.968782][ T9299] RBP: 00007ff57be32d69 R08: 0000000000000000 R09: 0000000000000000
[  345.968793][ T9299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.968804][ T9299] R13: 00007ff57c016038 R14: 00007ff57c015fa0 R15: 00007ffeaf031f88
[  345.968827][ T9299]  </TASK>
[  347.536829][ T9328] netlink: 350 bytes leftover after parsing attributes in process `syz.2.765'.
[  347.615809][ T9328] random: crng reseeded on system resumption
[  348.271376][ T9340] FAULT_INJECTION: forcing a failure.
[  348.271376][ T9340] name failslab, interval 1, probability 0, space 0, times 0
[  348.411114][ T9340] CPU: 0 UID: 0 PID: 9340 Comm: syz.3.766 Not tainted syzkaller #0 PREEMPT(full) 
[  348.411141][ T9340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  348.411152][ T9340] Call Trace:
[  348.411158][ T9340]  <TASK>
[  348.411165][ T9340]  dump_stack_lvl+0x100/0x190
[  348.411191][ T9340]  should_fail_ex.cold+0x5/0xa
[  348.411214][ T9340]  should_failslab+0xc2/0x120
[  348.411237][ T9340]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  348.411266][ T9340]  ? alloc_inode+0x68/0x250
[  348.411294][ T9340]  ? simple_start_creating+0xb0/0x110
[  348.411316][ T9340]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  348.411343][ T9340]  alloc_inode+0x68/0x250
[  348.411371][ T9340]  new_inode+0x22/0x1c0
[  348.411400][ T9340]  __debugfs_create_file+0x105/0x4f0
[  348.411430][ T9340]  debugfs_create_file_full+0x41/0x60
[  348.411459][ T9340]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  348.411483][ T9340]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  348.411504][ T9340]  ? ida_alloc_range+0x70d/0x830
[  348.411546][ T9340]  ? lockdep_init_map_type+0x5c/0x250
[  348.411568][ T9340]  preinit_net.part.0+0x252/0x920
[  348.411591][ T9340]  copy_net_ns+0x339/0x7c0
[  348.411614][ T9340]  create_new_namespaces+0x3ea/0xac0
[  348.411643][ T9340]  unshare_nsproxy_namespaces+0xf2/0x220
[  348.411669][ T9340]  ksys_unshare+0x438/0xab0
[  348.411698][ T9340]  ? __pfx_ksys_unshare+0x10/0x10
[  348.411724][ T9340]  ? xfd_validate_state+0x129/0x190
[  348.411742][ T9340]  ? ksys_write+0x1ac/0x250
[  348.411769][ T9340]  __x64_sys_unshare+0x31/0x40
[  348.411796][ T9340]  do_syscall_64+0x10b/0xf80
[  348.411818][ T9340]  ? clear_bhb_loop+0x40/0x90
[  348.411849][ T9340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.411869][ T9340] RIP: 0033:0x7f297e79cdd9
[  348.411886][ T9340] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  348.411903][ T9340] RSP: 002b:00007f297f5db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  348.411922][ T9340] RAX: ffffffffffffffda RBX: 00007f297ea16090 RCX: 00007f297e79cdd9
[  348.411934][ T9340] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  348.411945][ T9340] RBP: 00007f297e832d69 R08: 0000000000000000 R09: 0000000000000000
[  348.411957][ T9340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  348.411968][ T9340] R13: 00007f297ea16128 R14: 00007f297ea16090 R15: 00007ffc78351be8
[  348.411991][ T9340]  </TASK>
[  348.411998][ T9340] debugfs: out of free dentries, can not create file 'net_refcnt@ffff888058ec8280'
[  348.823569][ T9343] random: crng reseeded on system resumption
[  349.083808][   T30] audit: type=1800 audit(1777752421.785:13): pid=9351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.769" name="discovery_nqn" dev="configfs" ino=25549 res=0 errno=0
[  352.451916][ T9446] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input8
[  354.766233][ T9497] tipc: Started in network mode
[  354.823382][ T9497] tipc: Node identity ffffffff, cluster identity 4711
[  354.857675][ T9497] tipc: Node number set to 4294967295
[  355.879591][ T9536] netlink: 8 bytes leftover after parsing attributes in process `syz.0.798'.
[  356.544396][ T9520] kexec: Could not allocate control_code_buffer
[  357.247082][ T9573] FAULT_INJECTION: forcing a failure.
[  357.247082][ T9573] name failslab, interval 1, probability 0, space 0, times 0
[  357.346057][ T9573] CPU: 0 UID: 0 PID: 9573 Comm: syz.3.804 Not tainted syzkaller #0 PREEMPT(full) 
[  357.346084][ T9573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  357.346099][ T9573] Call Trace:
[  357.346106][ T9573]  <TASK>
[  357.346113][ T9573]  dump_stack_lvl+0x100/0x190
[  357.346139][ T9573]  should_fail_ex.cold+0x5/0xa
[  357.346163][ T9573]  should_failslab+0xc2/0x120
[  357.346186][ T9573]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  357.346215][ T9573]  ? vm_area_dup+0x27/0x8e0
[  357.346241][ T9573]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  357.346270][ T9573]  vm_area_dup+0x27/0x8e0
[  357.346298][ T9573]  __split_vma+0x18c/0xd90
[  357.346327][ T9573]  ? find_held_lock+0x2b/0x80
[  357.346351][ T9573]  ? __pfx___split_vma+0x10/0x10
[  357.346377][ T9573]  ? is_bpf_text_address+0x8a/0x1a0
[  357.346408][ T9573]  ? kernel_text_address+0x8d/0x100
[  357.346428][ T9573]  ? __kernel_text_address+0xd/0x30
[  357.346447][ T9573]  ? unwind_get_return_address+0x59/0xa0
[  357.346475][ T9573]  vms_gather_munmap_vmas+0x1d2/0x1720
[  357.346507][ T9573]  ? mtree_range_walk+0x72b/0xb70
[  357.346530][ T9573]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  357.346566][ T9573]  ? mas_walk+0x6ef/0x9b0
[  357.346602][ T9573]  __mmap_region+0x4aa/0x2da0
[  357.346635][ T9573]  ? __pfx___mmap_region+0x10/0x10
[  357.346670][ T9573]  ? __lock_acquire+0x4a5/0x2630
[  357.346696][ T9573]  ? lock_acquire+0x1b1/0x370
[  357.346714][ T9573]  ? find_held_lock+0x2b/0x80
[  357.346737][ T9573]  ? clockevents_program_event+0x23e/0x820
[  357.346759][ T9573]  ? clockevents_program_event+0x23e/0x820
[  357.346795][ T9573]  ? __pfx_clockevents_program_event+0x10/0x10
[  357.346818][ T9573]  ? find_held_lock+0x2b/0x80
[  357.346842][ T9573]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  357.346865][ T9573]  ? __hrtimer_rearm_deferred+0x24d/0x740
[  357.346890][ T9573]  ? find_held_lock+0x2b/0x80
[  357.346913][ T9573]  ? finish_task_switch.isra.0+0x2c6/0x1010
[  357.346941][ T9573]  ? mark_held_locks+0x40/0x70
[  357.346957][ T9573]  ? finish_task_switch.isra.0+0x2cb/0x1010
[  357.347018][ T9573]  mmap_region+0x35d/0x620
[  357.347038][ T9573]  ? __pfx_mmap_region+0x10/0x10
[  357.347060][ T9573]  ? bpf_lsm_capable+0x9/0x10
[  357.347081][ T9573]  ? security_capable+0x80/0x260
[  357.347111][ T9573]  do_mmap+0xc63/0x12f0
[  357.347138][ T9573]  ? __pfx_do_mmap+0x10/0x10
[  357.347161][ T9573]  ? __pfx_down_write_killable+0x10/0x10
[  357.347193][ T9573]  vm_mmap_pgoff+0x29e/0x470
[  357.347221][ T9573]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  357.347243][ T9573]  ? __fget_files+0x215/0x3d0
[  357.347268][ T9573]  ? __fget_files+0x21f/0x3d0
[  357.347294][ T9573]  ksys_mmap_pgoff+0x3cb/0x610
[  357.347319][ T9573]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  357.347340][ T9573]  ? fput+0x79/0x100
[  357.347364][ T9573]  ? ksys_write+0x1ac/0x250
[  357.347385][ T9573]  ? __pfx_ksys_write+0x10/0x10
[  357.347409][ T9573]  __x64_sys_mmap+0x125/0x190
[  357.347432][ T9573]  do_syscall_64+0x10b/0xf80
[  357.347455][ T9573]  ? clear_bhb_loop+0x40/0x90
[  357.347478][ T9573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.347498][ T9573] RIP: 0033:0x7f297e79cdd9
[  357.347513][ T9573] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  357.347531][ T9573] RSP: 002b:00007f297f5db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  357.347550][ T9573] RAX: ffffffffffffffda RBX: 00007f297ea16090 RCX: 00007f297e79cdd9
[  357.347562][ T9573] RDX: 0000000000000001 RSI: 0000000000004000 RDI: 0000200000ffc000
[  357.347573][ T9573] RBP: 00007f297f5db090 R08: 0000000000000003 R09: 0000000000000000
[  357.347589][ T9573] R10: 000000000008e051 R11: 0000000000000246 R12: 0000000000000001
[  357.347600][ T9573] R13: 00007f297ea16128 R14: 00007f297ea16090 R15: 00007ffc78351be8
[  357.347624][ T9573]  </TASK>
[  359.817032][ T9617] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  360.155422][ T9626] FAULT_INJECTION: forcing a failure.
[  360.155422][ T9626] name failslab, interval 1, probability 0, space 0, times 0
[  360.250431][ T9626] CPU: 0 UID: 0 PID: 9626 Comm: syz.3.817 Not tainted syzkaller #0 PREEMPT(full) 
[  360.250459][ T9626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  360.250471][ T9626] Call Trace:
[  360.250478][ T9626]  <TASK>
[  360.250485][ T9626]  dump_stack_lvl+0x100/0x190
[  360.250517][ T9626]  should_fail_ex.cold+0x5/0xa
[  360.250548][ T9626]  should_failslab+0xc2/0x120
[  360.250574][ T9626]  __kmalloc_cache_noprof+0x7a/0x6f0
[  360.250601][ T9626]  ? allocate_file_region_entries+0x1a0/0x620
[  360.250636][ T9626]  allocate_file_region_entries+0x1a0/0x620
[  360.250670][ T9626]  ? __pfx_allocate_file_region_entries+0x10/0x10
[  360.250708][ T9626]  region_chg+0x85/0x140
[  360.250739][ T9626]  __vma_reservation_common+0x376/0x720
[  360.250760][ T9626]  ? __pfx___vma_reservation_common+0x10/0x10
[  360.250780][ T9626]  ? __pfx___might_resched+0x10/0x10
[  360.250805][ T9626]  hugetlb_no_page+0xb31/0x1980
[  360.250838][ T9626]  hugetlb_fault+0x5e5/0x1410
[  360.250866][ T9626]  ? __pfx_hugetlb_fault+0x10/0x10
[  360.250900][ T9626]  ? __pfx___up_read+0x10/0x10
[  360.250920][ T9626]  ? hugetlb_vma_unlock_read+0x109/0x140
[  360.250938][ T9626]  ? hugetlb_vma_unlock_read+0x109/0x140
[  360.250958][ T9626]  handle_mm_fault+0x5f1/0xa20
[  360.250991][ T9626]  __get_user_pages+0x1178/0x32a0
[  360.251022][ T9626]  ? __pfx___get_user_pages+0x10/0x10
[  360.251053][ T9626]  populate_vma_page_range+0x267/0x3f0
[  360.251079][ T9626]  ? __pfx_populate_vma_page_range+0x10/0x10
[  360.251103][ T9626]  ? __pfx_find_vma_intersection+0x10/0x10
[  360.251126][ T9626]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  360.251158][ T9626]  __mm_populate+0x107/0x3a0
[  360.251182][ T9626]  ? __pfx___mm_populate+0x10/0x10
[  360.251207][ T9626]  ? up_write+0x28c/0x4f0
[  360.251230][ T9626]  do_mlock+0x3f0/0x7f0
[  360.251261][ T9626]  ? __pfx_do_mlock+0x10/0x10
[  360.251287][ T9626]  ? __x64_sys_futex+0x34f/0x4d0
[  360.251306][ T9626]  ? __x64_sys_futex+0x358/0x4d0
[  360.251328][ T9626]  ? xfd_validate_state+0x129/0x190
[  360.251347][ T9626]  ? ksys_write+0x1ac/0x250
[  360.251374][ T9626]  __x64_sys_mlock+0x59/0x80
[  360.251391][ T9626]  do_syscall_64+0x10b/0xf80
[  360.251414][ T9626]  ? clear_bhb_loop+0x40/0x90
[  360.251441][ T9626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.251460][ T9626] RIP: 0033:0x7f297e79cdd9
[  360.251476][ T9626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  360.251495][ T9626] RSP: 002b:00007f297f5fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  360.251513][ T9626] RAX: ffffffffffffffda RBX: 00007f297ea15fa0 RCX: 00007f297e79cdd9
[  360.251531][ T9626] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000009
[  360.251542][ T9626] RBP: 00007f297e832d69 R08: 0000000000000000 R09: 0000000000000000
[  360.251554][ T9626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.251565][ T9626] R13: 00007f297ea16038 R14: 00007f297ea15fa0 R15: 00007ffc78351be8
[  360.251589][ T9626]  </TASK>
[  361.146570][ T9629] Process accounting paused
[  362.059489][ T9653] ubi0: attaching mtd0
[  362.095015][ T9653] ubi0: scanning is finished
[  362.504098][ T9653] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  362.645860][ T9653] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  362.772399][ T9653] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  362.897239][ T9653] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  363.011786][ T9653] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  363.032243][ T9638] kexec: Could not allocate control_code_buffer
[  363.141845][ T9653] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  363.281133][ T9653] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 515927447
[  363.415756][ T9653] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  363.563344][ T9658] ubi0: background thread "ubi_bgt0d" started, PID 9658
[  363.586090][ T9654] ubi0: detaching mtd0
[  363.735357][ T9654] ubi0: mtd0 is detached
[  364.305399][ T9673] FAULT_INJECTION: forcing a failure.
[  364.305399][ T9673] name fail_futex, interval 1, probability 0, space 0, times 0
[  364.361732][ T9673] CPU: 0 UID: 0 PID: 9673 Comm: syz.3.829 Not tainted syzkaller #0 PREEMPT(full) 
[  364.361758][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  364.361770][ T9673] Call Trace:
[  364.361776][ T9673]  <TASK>
[  364.361783][ T9673]  dump_stack_lvl+0x100/0x190
[  364.361809][ T9673]  should_fail_ex.cold+0x5/0xa
[  364.361833][ T9673]  get_futex_key+0x1d2/0x1510
[  364.361854][ T9673]  ? __pfx_get_futex_key+0x10/0x10
[  364.361873][ T9673]  ? __destroy_inode+0x2cd/0x710
[  364.361904][ T9673]  ? __pfx_sock_free_inode+0x10/0x10
[  364.361930][ T9673]  ? destroy_inode+0x139/0x1c0
[  364.361964][ T9673]  futex_wake+0xea/0x530
[  364.361992][ T9673]  ? __pfx_futex_wake+0x10/0x10
[  364.362027][ T9673]  do_futex+0x32b/0x350
[  364.362049][ T9673]  ? __pfx_do_futex+0x10/0x10
[  364.362069][ T9673]  ? iput+0x3a/0x40
[  364.362095][ T9673]  ? __sock_release+0x184/0x260
[  364.362120][ T9673]  __x64_sys_futex+0x34f/0x4d0
[  364.362144][ T9673]  ? __pfx___x64_sys_futex+0x10/0x10
[  364.362166][ T9673]  ? __pfx___schedule+0x10/0x10
[  364.362190][ T9673]  ? rcu_is_watching+0x12/0xc0
[  364.362218][ T9673]  do_syscall_64+0x10b/0xf80
[  364.362243][ T9673]  ? clear_bhb_loop+0x40/0x90
[  364.362267][ T9673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  364.362285][ T9673] RIP: 0033:0x7f297e79cdd9
[  364.362301][ T9673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  364.362319][ T9673] RSP: 002b:00007f297f5fc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  364.362337][ T9673] RAX: ffffffffffffffda RBX: 00007f297ea15fa8 RCX: 00007f297e79cdd9
[  364.362349][ T9673] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f297ea15fac
[  364.362360][ T9673] RBP: 00007f297ea15fa0 R08: 0000000000000001 R09: 0000000000000000
[  364.362371][ T9673] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  364.362382][ T9673] R13: 00007f297ea16038 R14: 00007ffc78351b00 R15: 00007ffc78351be8
[  364.362403][ T9673]  </TASK>
[  369.700949][ T9775] openvswitch: netlink: Flow key attr not present in new flow.
[  370.251900][ T9784] nfs: Unknown parameter '/sys/devices/virtual/net/eql/statistics/tx_carrier_errors'
[  371.398610][ T9788] Process accounting paused
[  372.244174][ T9810] netlink: 354 bytes leftover after parsing attributes in process `syz.3.859'.
[  378.844815][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  378.853343][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  382.144212][ T9955] FAULT_INJECTION: forcing a failure.
[  382.144212][ T9955] name failslab, interval 1, probability 0, space 0, times 0
[  382.217922][ T9955] CPU: 0 UID: 0 PID: 9955 Comm: syz.2.895 Not tainted syzkaller #0 PREEMPT(full) 
[  382.217950][ T9955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  382.217961][ T9955] Call Trace:
[  382.217968][ T9955]  <TASK>
[  382.217975][ T9955]  dump_stack_lvl+0x100/0x190
[  382.218001][ T9955]  should_fail_ex.cold+0x5/0xa
[  382.218024][ T9955]  should_failslab+0xc2/0x120
[  382.218045][ T9955]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  382.218066][ T9955]  ? snd_pcm_hw_rule_add+0x3b3/0x510
[  382.218095][ T9955]  krealloc_node_align_noprof+0x321/0x3e0
[  382.218118][ T9955]  snd_pcm_hw_rule_add+0x3b3/0x510
[  382.218142][ T9955]  ? __pfx_snd_pcm_hw_rule_format+0x10/0x10
[  382.218172][ T9955]  ? __pfx_snd_pcm_hw_rule_add+0x10/0x10
[  382.218199][ T9955]  ? mutex_init_lockdep+0xf1/0x120
[  382.218219][ T9955]  ? snd_pcm_attach_substream+0x287/0xd20
[  382.218244][ T9955]  snd_pcm_open_substream+0x54a/0x1850
[  382.218265][ T9955]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  382.218284][ T9955]  ? rcu_is_watching+0x12/0xc0
[  382.218310][ T9955]  snd_pcm_open+0x2a3/0x710
[  382.218330][ T9955]  ? __pfx_snd_pcm_open+0x10/0x10
[  382.218351][ T9955]  ? __pfx_default_wake_function+0x10/0x10
[  382.218383][ T9955]  ? __pfx_snd_pcm_playback_open+0x10/0x10
[  382.218401][ T9955]  snd_pcm_playback_open+0x86/0xe0
[  382.218420][ T9955]  snd_open+0x201/0x450
[  382.218446][ T9955]  ? __pfx_snd_open+0x10/0x10
[  382.218469][ T9955]  chrdev_open+0x234/0x6a0
[  382.218492][ T9955]  ? __pfx_apparmor_file_open+0x10/0x10
[  382.218521][ T9955]  ? __pfx_chrdev_open+0x10/0x10
[  382.218545][ T9955]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  382.218574][ T9955]  do_dentry_open+0x6d8/0x1660
[  382.218596][ T9955]  ? __pfx_chrdev_open+0x10/0x10
[  382.218624][ T9955]  vfs_open+0x82/0x3f0
[  382.218653][ T9955]  path_openat+0x208c/0x31a0
[  382.218683][ T9955]  ? __pfx_path_openat+0x10/0x10
[  382.218715][ T9955]  do_file_open+0x20e/0x430
[  382.218740][ T9955]  ? __pfx_do_file_open+0x10/0x10
[  382.218778][ T9955]  ? alloc_fd+0x476/0x790
[  382.218802][ T9955]  ? do_getname+0x191/0x390
[  382.218831][ T9955]  do_sys_openat2+0x10d/0x1e0
[  382.218867][ T9955]  ? __pfx_do_sys_openat2+0x10/0x10
[  382.218903][ T9955]  __x64_sys_openat+0x12d/0x210
[  382.218931][ T9955]  ? __pfx___x64_sys_openat+0x10/0x10
[  382.218958][ T9955]  ? ksys_write+0x1ac/0x250
[  382.218984][ T9955]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  382.219013][ T9955]  ? syscall_user_dispatch+0x76/0x130
[  382.219037][ T9955]  do_syscall_64+0x10b/0xf80
[  382.219061][ T9955]  ? clear_bhb_loop+0x40/0x90
[  382.219083][ T9955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.219102][ T9955] RIP: 0033:0x7f6610d9cdd9
[  382.219118][ T9955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  382.219136][ T9955] RSP: 002b:00007f6611c65028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  382.219155][ T9955] RAX: ffffffffffffffda RBX: 00007f6611015fa0 RCX: 00007f6610d9cdd9
[  382.219168][ T9955] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  382.219180][ T9955] RBP: 00007f6610e32d69 R08: 0000000000000000 R09: 0000000000000000
[  382.219191][ T9955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.219202][ T9955] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  382.219225][ T9955]  </TASK>
[  383.820767][ T9965] FAULT_INJECTION: forcing a failure.
[  383.820767][ T9965] name failslab, interval 1, probability 0, space 0, times 0
[  384.178166][ T9965] CPU: 0 UID: 0 PID: 9965 Comm: syz.3.897 Not tainted syzkaller #0 PREEMPT(full) 
[  384.178194][ T9965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  384.178205][ T9965] Call Trace:
[  384.178212][ T9965]  <TASK>
[  384.178220][ T9965]  dump_stack_lvl+0x100/0x190
[  384.178245][ T9965]  should_fail_ex.cold+0x5/0xa
[  384.178269][ T9965]  ? lsm_blob_alloc+0x68/0x90
[  384.178292][ T9965]  should_failslab+0xc2/0x120
[  384.178314][ T9965]  __kmalloc_noprof+0xe0/0x850
[  384.178342][ T9965]  ? down_write_nested+0x14f/0x200
[  384.178369][ T9965]  lsm_blob_alloc+0x68/0x90
[  384.178393][ T9965]  security_sb_alloc+0x25/0x240
[  384.178420][ T9965]  alloc_super+0x24c/0xd20
[  384.178443][ T9965]  ? __pfx_mqueue_fill_super+0x10/0x10
[  384.178468][ T9965]  sget_fc+0x117/0xc70
[  384.178488][ T9965]  ? __pfx_set_anon_super_fc+0x10/0x10
[  384.178507][ T9965]  ? __pfx_mqueue_fill_super+0x10/0x10
[  384.178531][ T9965]  get_tree_nodev+0x28/0x190
[  384.178553][ T9965]  mqueue_get_tree+0xf1/0x130
[  384.178587][ T9965]  vfs_get_tree+0x92/0x320
[  384.178604][ T9965]  fc_mount_longterm+0x1a/0x270
[  384.178625][ T9965]  mq_init_ns+0x482/0x820
[  384.178655][ T9965]  copy_ipcs+0x3dd/0x7e0
[  384.178674][ T9965]  create_new_namespaces+0x20a/0xac0
[  384.178698][ T9965]  ? security_capable+0x80/0x260
[  384.178727][ T9965]  unshare_nsproxy_namespaces+0xf2/0x220
[  384.178754][ T9965]  ksys_unshare+0x438/0xab0
[  384.178783][ T9965]  ? __pfx_ksys_unshare+0x10/0x10
[  384.178808][ T9965]  ? xfd_validate_state+0x129/0x190
[  384.178834][ T9965]  __x64_sys_unshare+0x31/0x40
[  384.178861][ T9965]  do_syscall_64+0x10b/0xf80
[  384.178884][ T9965]  ? clear_bhb_loop+0x40/0x90
[  384.178906][ T9965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.178925][ T9965] RIP: 0033:0x7f297e79cdd9
[  384.178941][ T9965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  384.178958][ T9965] RSP: 002b:00007f297f5db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  384.178977][ T9965] RAX: ffffffffffffffda RBX: 00007f297ea16090 RCX: 00007f297e79cdd9
[  384.178988][ T9965] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[  384.178999][ T9965] RBP: 00007f297e832d69 R08: 0000000000000000 R09: 0000000000000000
[  384.179010][ T9965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  384.179020][ T9965] R13: 00007f297ea16128 R14: 00007f297ea16090 R15: 00007ffc78351be8
[  384.179043][ T9965]  </TASK>
[  388.502808][T10025] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input9
[  389.670879][T10045] netlink: 326 bytes leftover after parsing attributes in process `syz.1.915'.
[  396.490822][   T30] audit: type=1800 audit(1777752469.225:14): pid=10099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.928" name="lu_gp_id" dev="configfs" ino=28519 res=0 errno=0
[  396.547994][T10099] kstrtoul() returned -22 for lu_gp_id
[  399.987416][T10211] netlink: 342 bytes leftover after parsing attributes in process `syz.3.951'.
[  401.752131][T10254] netlink: 4394 bytes leftover after parsing attributes in process `syz.1.962'.
[  403.652134][ T6869] Bluetooth: hci2: unexpected event 0x36 length: 123 > 7
[  403.777196][T10278] netlink: 'syz.3.967': attribute type 1 has an invalid length.
[  403.912282][T10278] netlink: 9 bytes leftover after parsing attributes in process `syz.3.967'.
[  404.168834][T10291] netlink: 334 bytes leftover after parsing attributes in process `syz.1.970'.
[  405.534489][ T6869] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  409.172590][T10365] netlink: 206 bytes leftover after parsing attributes in process `syz.3.990'.
[  410.575615][T10392] netlink: 16 bytes leftover after parsing attributes in process `syz.1.996'.
[  412.226654][T10424] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1005'.
[  413.731270][T10441] zswap: compressor  not available
[  416.637648][T10486] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1016'.
[  418.545503][T10507] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'.
[  422.755994][T10582] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  424.856266][T10609] FAULT_INJECTION: forcing a failure.
[  424.856266][T10609] name failslab, interval 1, probability 0, space 0, times 0
[  424.911105][T10609] CPU: 0 UID: 0 PID: 10609 Comm: syz.0.1046 Not tainted syzkaller #0 PREEMPT(full) 
[  424.911132][T10609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  424.911143][T10609] Call Trace:
[  424.911149][T10609]  <TASK>
[  424.911157][T10609]  dump_stack_lvl+0x100/0x190
[  424.911183][T10609]  should_fail_ex.cold+0x5/0xa
[  424.911207][T10609]  should_failslab+0xc2/0x120
[  424.911228][T10609]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  424.911258][T10609]  ? __d_alloc+0x34/0xa40
[  424.911287][T10609]  __d_alloc+0x34/0xa40
[  424.911314][T10609]  d_alloc+0x4a/0x1e0
[  424.911339][T10609]  lookup_one_qstr_excl+0x171/0x250
[  424.911369][T10609]  start_dirop+0x59/0xb0
[  424.911390][T10609]  simple_start_creating+0xf9/0x110
[  424.911413][T10609]  ? __pfx_simple_start_creating+0x10/0x10
[  424.911436][T10609]  ? mntput+0x70/0xa0
[  424.911455][T10609]  ? simple_pin_fs+0xa3/0x190
[  424.911474][T10609]  debugfs_start_creating.part.0+0x82/0x170
[  424.911503][T10609]  __debugfs_create_file+0xb3/0x4f0
[  424.911542][T10609]  debugfs_create_file_full+0x41/0x60
[  424.911571][T10609]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  424.911595][T10609]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  424.911621][T10609]  ? ida_alloc_range+0x70d/0x830
[  424.911665][T10609]  ? lockdep_init_map_type+0x5c/0x250
[  424.911688][T10609]  preinit_net.part.0+0x252/0x920
[  424.911710][T10609]  copy_net_ns+0x339/0x7c0
[  424.911736][T10609]  create_new_namespaces+0x3ea/0xac0
[  424.911766][T10609]  unshare_nsproxy_namespaces+0xf2/0x220
[  424.911793][T10609]  ksys_unshare+0x438/0xab0
[  424.911822][T10609]  ? __pfx_ksys_unshare+0x10/0x10
[  424.911848][T10609]  ? xfd_validate_state+0x129/0x190
[  424.911867][T10609]  ? ksys_write+0x1ac/0x250
[  424.911894][T10609]  __x64_sys_unshare+0x31/0x40
[  424.911921][T10609]  do_syscall_64+0x10b/0xf80
[  424.911944][T10609]  ? clear_bhb_loop+0x40/0x90
[  424.911966][T10609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.911985][T10609] RIP: 0033:0x7ff5e7b9cdd9
[  424.912000][T10609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  424.912018][T10609] RSP: 002b:00007ff5e8a7b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  424.912036][T10609] RAX: ffffffffffffffda RBX: 00007ff5e7e15fa0 RCX: 00007ff5e7b9cdd9
[  424.912048][T10609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  424.912059][T10609] RBP: 00007ff5e7c32d69 R08: 0000000000000000 R09: 0000000000000000
[  424.912069][T10609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  424.912080][T10609] R13: 00007ff5e7e16038 R14: 00007ff5e7e15fa0 R15: 00007ffd42a973a8
[  424.912103][T10609]  </TASK>
[  425.995391][T10622] vhci_hcd vhci_hcd.2: default hub control req: 03fd v0005 i0001 l1
[  426.717012][T10629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1050'.
[  426.772169][T10629] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1050'.
[  426.818224][   T30] audit: type=1800 audit(1777752499.555:15): pid=10627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1049" name="lu_gp_id" dev="configfs" ino=31077 res=0 errno=0
[  427.954491][T10647] kvm_intel: kvm [10646]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffff9
[  428.413943][   T30] audit: type=1800 audit(1777752501.145:16): pid=10663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1058" name="lu_gp_id" dev="configfs" ino=31257 res=0 errno=0
[  429.135319][T10682] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1061'.
[  429.191385][T10643] kexec: Could not allocate control_code_buffer
[  430.589595][ T6869] Bluetooth: hci0: Malformed LE Event: 0x0b
[  432.979797][T10745] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input11
[  434.876998][T10792] ksmbd: Unknown IPC event: 14, ignore.
[  434.897892][T10796] FAULT_INJECTION: forcing a failure.
[  434.897892][T10796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.027106][T10801] FAULT_INJECTION: forcing a failure.
[  435.027106][T10801] name failslab, interval 1, probability 0, space 0, times 0
[  435.099223][T10796] CPU: 0 UID: 0 PID: 10796 Comm: syz.0.1084 Not tainted syzkaller #0 PREEMPT(full) 
[  435.099250][T10796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  435.099261][T10796] Call Trace:
[  435.099268][T10796]  <TASK>
[  435.099275][T10796]  dump_stack_lvl+0x100/0x190
[  435.099301][T10796]  should_fail_ex.cold+0x5/0xa
[  435.099325][T10796]  _copy_from_user+0x2e/0xd0
[  435.099356][T10796]  move_addr_to_kernel+0x65/0x170
[  435.099384][T10796]  copy_msghdr_from_user+0x417/0x4f0
[  435.099410][T10796]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  435.099441][T10796]  ? __pfx_futex_wake_mark+0x10/0x10
[  435.099469][T10796]  ___sys_sendmsg+0x106/0x1e0
[  435.099495][T10796]  ? __pfx____sys_sendmsg+0x10/0x10
[  435.099553][T10796]  __sys_sendmsg+0x170/0x220
[  435.099573][T10796]  ? __pfx___sys_sendmsg+0x10/0x10
[  435.099592][T10796]  ? __x64_sys_futex+0x34f/0x4d0
[  435.099620][T10796]  ? rcu_is_watching+0x12/0xc0
[  435.099646][T10796]  do_syscall_64+0x10b/0xf80
[  435.099669][T10796]  ? clear_bhb_loop+0x40/0x90
[  435.099691][T10796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.099710][T10796] RIP: 0033:0x7ff5e7b9cdd9
[  435.099725][T10796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  435.099743][T10796] RSP: 002b:00007ff5e8a7b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  435.099761][T10796] RAX: ffffffffffffffda RBX: 00007ff5e7e15fa0 RCX: 00007ff5e7b9cdd9
[  435.099772][T10796] RDX: 0000000020000000 RSI: 00002000000002c0 RDI: 0000000000000005
[  435.099783][T10796] RBP: 00007ff5e7c32d69 R08: 0000000000000000 R09: 0000000000000000
[  435.099794][T10796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  435.099804][T10796] R13: 00007ff5e7e16038 R14: 00007ff5e7e15fa0 R15: 00007ffd42a973a8
[  435.099827][T10796]  </TASK>
[  435.509876][T10801] CPU: 0 UID: 0 PID: 10801 Comm: syz.0.1084 Not tainted syzkaller #0 PREEMPT(full) 
[  435.509903][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  435.509914][T10801] Call Trace:
[  435.509920][T10801]  <TASK>
[  435.509927][T10801]  dump_stack_lvl+0x100/0x190
[  435.509953][T10801]  should_fail_ex.cold+0x5/0xa
[  435.509977][T10801]  should_failslab+0xc2/0x120
[  435.509999][T10801]  __kvmalloc_node_noprof+0xfa/0xa00
[  435.510017][T10801]  ? io_alloc_cache_init+0x38/0x170
[  435.510044][T10801]  ? lockdep_init_map_type+0x50/0x250
[  435.510066][T10801]  io_alloc_cache_init+0x38/0x170
[  435.510093][T10801]  io_uring_setup.cold+0x3eb/0x1c6e
[  435.510127][T10801]  ? __pfx_io_uring_setup+0x10/0x10
[  435.510149][T10801]  ? do_futex+0x192/0x350
[  435.510169][T10801]  ? __pfx_do_futex+0x10/0x10
[  435.510198][T10801]  ? xfd_validate_state+0x129/0x190
[  435.510216][T10801]  ? ksys_write+0x1ac/0x250
[  435.510242][T10801]  __x64_sys_io_uring_setup+0xc2/0x170
[  435.510264][T10801]  do_syscall_64+0x10b/0xf80
[  435.510287][T10801]  ? clear_bhb_loop+0x40/0x90
[  435.510310][T10801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.510329][T10801] RIP: 0033:0x7ff5e7b9cdd9
[  435.510344][T10801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  435.510361][T10801] RSP: 002b:00007ff5e8a5a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  435.510380][T10801] RAX: ffffffffffffffda RBX: 00007ff5e7e16090 RCX: 00007ff5e7b9cdd9
[  435.510393][T10801] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000001d48
[  435.510404][T10801] RBP: 00007ff5e7c32d69 R08: 0000000000000000 R09: 0000000000000000
[  435.510415][T10801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  435.510425][T10801] R13: 00007ff5e7e16128 R14: 00007ff5e7e16090 R15: 00007ffd42a973a8
[  435.510448][T10801]  </TASK>
[  437.272863][T10821] zswap: compressor  not available
[  438.586861][T10849] Invalid ELF header magic: != ELF
[  438.809218][T10855] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1098'.
[  440.013426][T10879] netlink: 'syz.3.1104': attribute type 1 has an invalid length.
[  440.283395][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  440.291551][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  441.529644][T10913] futex_wake_op: syz.0.1111 tries to shift op by -2048; fix this program
[  442.961857][ T6869] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  442.969415][ T6869] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  444.185717][T10964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'.
[  444.704912][T10937] kexec: Could not allocate control_code_buffer
[  445.200399][T10975] binder: 10974:10975 ioctl c00c620f 0 returned -22
[  446.418062][T10994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1125'.
[  447.048126][T11012] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1131'.
[  447.795993][T11009] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1125'.
[  451.321943][T11072] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[  452.333776][T11109] zram0: detected capacity change from 16 to 0
[  452.752382][T11122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1148'.
[  455.268278][T11170] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1157'.
[  455.377680][T11170] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.385671][T11170] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.631754][   T30] audit: type=1800 audit(1777752525.369:17): pid=11174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1158" name="discovery_nqn" dev="configfs" ino=33435 res=0 errno=0
[  455.872218][T11160] ima: policy update failed
[  455.980358][   T30] audit: type=1802 audit(1777752525.719:18): pid=11160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1154" res=0 errno=0
[  457.966114][T11208] sd 0:0:1:0: PR command failed: 1026
[  457.989882][T11208] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  458.022117][T11208] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  462.471180][T11283] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1178'.
[  462.590109][T11283] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  462.648839][T11283] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  462.706333][T11283] bond0 (unregistering): Released all slaves
[  463.018564][T11290] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1180'.
[  464.324307][T11322] smc: net device dummy0 applied user defined pnetid DUMMY0
[  465.415968][T11349] smc: net device dummy0 applied user defined pnetid DUMMY0
[  465.893804][T11327] Process accounting resumed
[  467.233539][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  467.240330][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  467.359282][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  467.367268][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  472.107572][T11490] FAULT_INJECTION: forcing a failure.
[  472.107572][T11490] name failslab, interval 1, probability 0, space 0, times 0
[  472.187212][T11490] CPU: 0 UID: 0 PID: 11490 Comm: syz.2.1226 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  472.187245][T11490] Tainted: [L]=SOFTLOCKUP
[  472.187251][T11490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  472.187262][T11490] Call Trace:
[  472.187269][T11490]  <TASK>
[  472.187276][T11490]  dump_stack_lvl+0x100/0x190
[  472.187309][T11490]  should_fail_ex.cold+0x5/0xa
[  472.187332][T11490]  ? tomoyo_realpath_from_path+0xb6/0x690
[  472.187356][T11490]  should_failslab+0xc2/0x120
[  472.187377][T11490]  __kmalloc_noprof+0xe0/0x850
[  472.187406][T11490]  ? kfree+0x1dd/0x6c0
[  472.187434][T11490]  tomoyo_realpath_from_path+0xb6/0x690
[  472.187462][T11490]  tomoyo_check_open_permission+0x2af/0x3c0
[  472.187494][T11490]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  472.187522][T11490]  ? hook_file_open+0x24e/0x7a0
[  472.187557][T11490]  ? path_get+0x61/0x80
[  472.187585][T11490]  tomoyo_file_open+0x6b/0x90
[  472.187612][T11490]  security_file_open+0xb5/0x1e0
[  472.187633][T11490]  do_dentry_open+0x5aa/0x1660
[  472.187664][T11490]  ? security_inode_permission+0xbf/0x250
[  472.187692][T11490]  vfs_open+0x82/0x3f0
[  472.187722][T11490]  path_openat+0x208c/0x31a0
[  472.187753][T11490]  ? __pfx_path_openat+0x10/0x10
[  472.187784][T11490]  do_file_open+0x20e/0x430
[  472.187809][T11490]  ? __pfx_do_file_open+0x10/0x10
[  472.187848][T11490]  ? alloc_fd+0x476/0x790
[  472.187872][T11490]  ? do_getname+0x191/0x390
[  472.187901][T11490]  do_sys_openat2+0x10d/0x1e0
[  472.187936][T11490]  ? __pfx_do_sys_openat2+0x10/0x10
[  472.187972][T11490]  __x64_sys_openat+0x12d/0x210
[  472.188000][T11490]  ? __pfx___x64_sys_openat+0x10/0x10
[  472.188028][T11490]  ? ksys_write+0x1ac/0x250
[  472.188052][T11490]  ? rcu_is_watching+0x12/0xc0
[  472.188083][T11490]  do_syscall_64+0x10b/0xf80
[  472.188106][T11490]  ? clear_bhb_loop+0x40/0x90
[  472.188129][T11490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.188148][T11490] RIP: 0033:0x7f6610d9cdd9
[  472.188163][T11490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  472.188182][T11490] RSP: 002b:00007f6611c44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  472.188200][T11490] RAX: ffffffffffffffda RBX: 00007f6611016090 RCX: 00007f6610d9cdd9
[  472.188211][T11490] RDX: 000000000014f602 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  472.188223][T11490] RBP: 00007f6610e32d69 R08: 0000000000000000 R09: 0000000000000000
[  472.188234][T11490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.188245][T11490] R13: 00007f6611016128 R14: 00007f6611016090 R15: 00007fff39d71908
[  472.188268][T11490]  </TASK>
[  472.191384][T11490] ERROR: Out of memory at tomoyo_realpath_from_path.
[  472.978374][T11495] can0: slcan on ttyS2.
[  473.689871][T11495] can0 (unregistered): slcan off ttyS2.
[  473.705281][T11508] ovs_: entered promiscuous mode
[  474.946485][T11506] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[  481.869286][T11633] Invalid ELF header magic: != ELF
[  483.605304][T11648] FAULT_INJECTION: forcing a failure.
[  483.605304][T11648] name failslab, interval 1, probability 0, space 0, times 0
[  483.697735][T11648] CPU: 0 UID: 0 PID: 11648 Comm: syz.2.1256 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  483.697767][T11648] Tainted: [L]=SOFTLOCKUP
[  483.697773][T11648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  483.697783][T11648] Call Trace:
[  483.697790][T11648]  <TASK>
[  483.697797][T11648]  dump_stack_lvl+0x100/0x190
[  483.697822][T11648]  should_fail_ex.cold+0x5/0xa
[  483.697845][T11648]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  483.697871][T11648]  should_failslab+0xc2/0x120
[  483.697893][T11648]  __kmalloc_noprof+0xe0/0x850
[  483.697927][T11648]  kernfs_fop_write_iter+0x26a/0x5f0
[  483.697957][T11648]  vfs_write+0x6ac/0x1070
[  483.697979][T11648]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  483.698007][T11648]  ? __pfx_vfs_write+0x10/0x10
[  483.698042][T11648]  ksys_write+0x12a/0x250
[  483.698063][T11648]  ? __pfx_ksys_write+0x10/0x10
[  483.698085][T11648]  ? rcu_is_watching+0x12/0xc0
[  483.698111][T11648]  do_syscall_64+0x10b/0xf80
[  483.698135][T11648]  ? clear_bhb_loop+0x40/0x90
[  483.698158][T11648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.698177][T11648] RIP: 0033:0x7f6610d9cdd9
[  483.698193][T11648] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  483.698211][T11648] RSP: 002b:00007f6611c44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  483.698229][T11648] RAX: ffffffffffffffda RBX: 00007f6611016090 RCX: 00007f6610d9cdd9
[  483.698241][T11648] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  483.698252][T11648] RBP: 00007f6611c44090 R08: 0000000000000000 R09: 0000000000000000
[  483.698263][T11648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.698273][T11648] R13: 00007f6611016128 R14: 00007f6611016090 R15: 00007fff39d71908
[  483.698297][T11648]  </TASK>
[  484.427389][T11657] mtrr: base(0x1000000) is not aligned on a size(0x0000) boundary
[  484.982342][T11659] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  485.022981][T11659] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  485.086233][T11659] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  485.130561][T11659] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  485.206732][T11659] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  485.257549][T11659] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  485.325942][T11659] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  486.081882][T11679] FAULT_INJECTION: forcing a failure.
[  486.081882][T11679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  486.127220][T11679] CPU: 0 UID: 0 PID: 11679 Comm: syz.2.1266 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  486.127252][T11679] Tainted: [L]=SOFTLOCKUP
[  486.127259][T11679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  486.127270][T11679] Call Trace:
[  486.127277][T11679]  <TASK>
[  486.127284][T11679]  dump_stack_lvl+0x100/0x190
[  486.127309][T11679]  should_fail_ex.cold+0x5/0xa
[  486.127333][T11679]  _copy_from_iter+0x1f4/0x1690
[  486.127357][T11679]  ? __pfx__copy_from_iter+0x10/0x10
[  486.127374][T11679]  ? rcu_is_watching+0x12/0xc0
[  486.127397][T11679]  ? trace_kmalloc+0xe3/0x110
[  486.127418][T11679]  ? __kasan_kmalloc+0xaa/0xb0
[  486.127437][T11679]  ? __kmalloc_noprof+0x320/0x850
[  486.127470][T11679]  kernfs_fop_write_iter+0x186/0x5f0
[  486.127500][T11679]  vfs_write+0x6ac/0x1070
[  486.127522][T11679]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  486.127558][T11679]  ? __pfx_vfs_write+0x10/0x10
[  486.127597][T11679]  ksys_write+0x12a/0x250
[  486.127618][T11679]  ? __pfx_ksys_write+0x10/0x10
[  486.127641][T11679]  ? rcu_is_watching+0x12/0xc0
[  486.127666][T11679]  do_syscall_64+0x10b/0xf80
[  486.127689][T11679]  ? clear_bhb_loop+0x40/0x90
[  486.127712][T11679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.127731][T11679] RIP: 0033:0x7f6610d9cdd9
[  486.127748][T11679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  486.127765][T11679] RSP: 002b:00007f6611c44028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  486.127783][T11679] RAX: ffffffffffffffda RBX: 00007f6611016090 RCX: 00007f6610d9cdd9
[  486.127795][T11679] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  486.127806][T11679] RBP: 00007f6611c44090 R08: 0000000000000000 R09: 0000000000000000
[  486.127817][T11679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.127828][T11679] R13: 00007f6611016128 R14: 00007f6611016090 R15: 00007fff39d71908
[  486.127851][T11679]  </TASK>
[  487.057194][ T6869] Bluetooth: hci0: command 0x0c1a tx timeout
[  487.138485][ T6869] Bluetooth: hci1: command 0x0c1a tx timeout
[  487.217122][ T6869] Bluetooth: hci2: command 0x0c1a tx timeout
[  487.377256][ T6869] Bluetooth: hci3: command 0x0c1a tx timeout
[  487.860424][T11710] block2mtd: error: cannot open device 
[  488.761416][ T6869] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  488.761446][ T6869] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  488.776535][ T6869] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  488.776557][ T6869] Bluetooth: hci2: adv larger than maximum supported
[  488.785663][ T6869] Bluetooth: hci2: Unknown advertising packet type: 0x3d
[  488.792438][ T6869] Bluetooth: hci2: Unknown advertising packet type: 0x3e
[  488.800290][ T6869] Bluetooth: hci2: Unknown advertising packet type: 0x73
[  488.807385][ T6869] Bluetooth: hci2: Malformed LE Event: 0x0d
[  488.827239][T11729] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1278'.
[  488.884704][T11732] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1278'.
[  488.920129][T11733] FAULT_INJECTION: forcing a failure.
[  488.920129][T11733] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  488.981892][T11733] CPU: 0 UID: 0 PID: 11733 Comm: syz.2.1279 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  488.981923][T11733] Tainted: [L]=SOFTLOCKUP
[  488.981929][T11733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  488.981940][T11733] Call Trace:
[  488.981946][T11733]  <TASK>
[  488.981954][T11733]  dump_stack_lvl+0x100/0x190
[  488.981978][T11733]  should_fail_ex.cold+0x5/0xa
[  488.982004][T11733]  _copy_to_user+0x32/0xd0
[  488.982041][T11733]  simple_read_from_buffer+0xcb/0x170
[  488.982065][T11733]  proc_fail_nth_read+0x1af/0x230
[  488.982100][T11733]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.982136][T11733]  ? rw_verify_area+0xce/0x6d0
[  488.982154][T11733]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  488.982187][T11733]  vfs_read+0x1e4/0xb30
[  488.982213][T11733]  ? __pfx_vfs_read+0x10/0x10
[  488.982234][T11733]  ? __fget_files+0x215/0x3d0
[  488.982262][T11733]  ? __fget_files+0x21f/0x3d0
[  488.982291][T11733]  ksys_read+0x12a/0x250
[  488.982313][T11733]  ? __pfx_ksys_read+0x10/0x10
[  488.982338][T11733]  ? rcu_is_watching+0x12/0xc0
[  488.982366][T11733]  do_syscall_64+0x10b/0xf80
[  488.982392][T11733]  ? clear_bhb_loop+0x40/0x90
[  488.982416][T11733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.982436][T11733] RIP: 0033:0x7f6610d5d60e
[  488.982451][T11733] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  488.982470][T11733] RSP: 002b:00007f6611c43fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  488.982489][T11733] RAX: ffffffffffffffda RBX: 00007f6611c446c0 RCX: 00007f6610d5d60e
[  488.982501][T11733] RDX: 000000000000000f RSI: 00007f6611c440a0 RDI: 0000000000000004
[  488.982512][T11733] RBP: 00007f6611c44090 R08: 0000000000000000 R09: 0000000000000000
[  488.982523][T11733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  488.982534][T11733] R13: 00007f6611016128 R14: 00007f6611016090 R15: 00007fff39d71908
[  488.982564][T11733]  </TASK>
[  489.399915][ T6869] Bluetooth: hci0: command 0x0c1a tx timeout
[  489.406031][ T6869] Bluetooth: hci1: command 0x0c1a tx timeout
[  489.412700][ T6869] Bluetooth: hci2: command 0x0c1a tx timeout
[  492.255336][T11790] FAULT_INJECTION: forcing a failure.
[  492.255336][T11790] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  492.286122][T11790] CPU: 0 UID: 0 PID: 11790 Comm: syz.3.1294 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  492.286154][T11790] Tainted: [L]=SOFTLOCKUP
[  492.286161][T11790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  492.286171][T11790] Call Trace:
[  492.286178][T11790]  <TASK>
[  492.286186][T11790]  dump_stack_lvl+0x100/0x190
[  492.286212][T11790]  should_fail_ex.cold+0x5/0xa
[  492.286233][T11790]  ? prepare_alloc_pages+0x16d/0x5f0
[  492.286259][T11790]  should_fail_alloc_page+0xeb/0x140
[  492.286282][T11790]  prepare_alloc_pages+0x1f0/0x5f0
[  492.286309][T11790]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  492.286340][T11790]  ? do_raw_spin_lock+0x128/0x260
[  492.286367][T11790]  ? timerqueue_linked_add+0x260/0x430
[  492.286399][T11790]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  492.286439][T11790]  ? __asan_memcpy+0x3c/0x60
[  492.286469][T11790]  ? __pfx_interleave_nid+0x10/0x10
[  492.286489][T11790]  ? lock_acquire+0x1b1/0x370
[  492.286509][T11790]  ? policy_nodemask+0xed/0x4f0
[  492.286533][T11790]  alloc_pages_mpol+0x1fb/0x540
[  492.286563][T11790]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  492.286587][T11790]  ? __lock_acquire+0x4a5/0x2630
[  492.286605][T11790]  folio_alloc_mpol_noprof+0x36/0x260
[  492.286632][T11790]  vma_alloc_folio_noprof+0xed/0x1d0
[  492.286657][T11790]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  492.286689][T11790]  do_anonymous_page+0xb46/0x2050
[  492.286717][T11790]  ? rcu_read_unlock+0x2d/0xb0
[  492.286751][T11790]  __handle_mm_fault+0x1d2c/0x2a00
[  492.286781][T11790]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  492.286804][T11790]  ? __pfx___handle_mm_fault+0x10/0x10
[  492.286832][T11790]  ? pte_offset_map_lock+0x174/0x320
[  492.286853][T11790]  ? find_held_lock+0x2b/0x80
[  492.286883][T11790]  ? follow_page_pte+0x4d0/0x13f0
[  492.286909][T11790]  handle_mm_fault+0x36d/0xa20
[  492.286940][T11790]  __get_user_pages+0x1178/0x32a0
[  492.286971][T11790]  ? __pfx___get_user_pages+0x10/0x10
[  492.287000][T11790]  populate_vma_page_range+0x267/0x3f0
[  492.287025][T11790]  ? __pfx_populate_vma_page_range+0x10/0x10
[  492.287049][T11790]  ? __pfx_find_vma_intersection+0x10/0x10
[  492.287072][T11790]  ? do_mmap+0x93f/0x12f0
[  492.287095][T11790]  __mm_populate+0x107/0x3a0
[  492.287120][T11790]  ? __pfx___mm_populate+0x10/0x10
[  492.287145][T11790]  ? up_write+0x28c/0x4f0
[  492.287167][T11790]  vm_mmap_pgoff+0x37f/0x470
[  492.287192][T11790]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  492.287216][T11790]  ? do_futex+0x192/0x350
[  492.287236][T11790]  ? __pfx_do_futex+0x10/0x10
[  492.287256][T11790]  ? _raw_spin_unlock+0x28/0x50
[  492.287278][T11790]  ksys_mmap_pgoff+0xe4/0x610
[  492.287300][T11790]  ? __x64_sys_futex+0x358/0x4d0
[  492.287320][T11790]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  492.287341][T11790]  ? xfd_validate_state+0x129/0x190
[  492.287365][T11790]  __x64_sys_mmap+0x125/0x190
[  492.287387][T11790]  do_syscall_64+0x10b/0xf80
[  492.287410][T11790]  ? clear_bhb_loop+0x40/0x90
[  492.287432][T11790]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  492.287451][T11790] RIP: 0033:0x7f297e79cdd9
[  492.287467][T11790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  492.287484][T11790] RSP: 002b:00007f297f5fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  492.287502][T11790] RAX: ffffffffffffffda RBX: 00007f297ea15fa0 RCX: 00007f297e79cdd9
[  492.287514][T11790] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  492.287524][T11790] RBP: 00007f297e832d69 R08: ffffffffffffffff R09: 0000040000008000
[  492.287541][T11790] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  492.287553][T11790] R13: 00007f297ea16038 R14: 00007f297ea15fa0 R15: 00007ffc78351be8
[  492.287576][T11790]  </TASK>
[  493.912960][T11807] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1299'.
[  494.376099][ T6869] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  494.392029][ T6869] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  494.400903][ T6869] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  494.411282][ T6869] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  494.444995][ T6869] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  495.891796][T11844] random: crng reseeded on system resumption
[  496.492882][ T6869] Bluetooth: hci4: command tx timeout
[  496.532341][T11851] hub 1-0:1.0: USB hub found
[  496.575793][T11851] hub 1-0:1.0: 1 port detected
[  497.156295][T11812] bridge0: port 1(bridge_slave_0) entered blocking state
[  497.189405][T11812] bridge0: port 1(bridge_slave_0) entered disabled state
[  497.226856][T11812] bridge_slave_0: entered allmulticast mode
[  497.261374][T11812] bridge_slave_0: entered promiscuous mode
[  497.313185][T11812] bridge0: port 2(bridge_slave_1) entered blocking state
[  497.341316][T11812] bridge0: port 2(bridge_slave_1) entered disabled state
[  497.371366][T11812] bridge_slave_1: entered allmulticast mode
[  497.407413][T11812] bridge_slave_1: entered promiscuous mode
[  497.558508][T11812] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  497.630933][T11812] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  497.783154][T11812] team0: Port device team_slave_0 added
[  497.826290][T11812] team0: Port device team_slave_1 added
[  498.004658][T11812] batman_adv: batadv0: Adding interface: batadv_slave_0
[  498.044553][T11812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  498.189703][T11812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  498.260453][T11812] batman_adv: batadv0: Adding interface: batadv_slave_1
[  498.294052][T11812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  498.422676][T11812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  498.571491][ T6869] Bluetooth: hci4: command tx timeout
[  498.644091][T11812] hsr_slave_0: entered promiscuous mode
[  498.675222][T11812] hsr_slave_1: entered promiscuous mode
[  498.696057][T11812] debugfs: 'hsr0' already exists in 'hsr'
[  498.713885][T11812] Cannot create hsr debugfs directory
[  499.319177][T11904] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  499.349033][T11904] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  499.392648][T11904] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  499.432443][T11904] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  499.460757][T11904] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  499.493777][T11904] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  499.527697][T11904] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  499.816783][T11812] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  499.888334][T11812] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  499.927963][T11812] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  499.979937][T11812] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  500.018766][T11812] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  500.095534][T11812] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  500.138657][T11812] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  500.194546][T11812] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  500.252930][T11911] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[5636] was attempted by "
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
 
[  500.650706][ T6869] Bluetooth: hci0: command 0x0c1a tx timeout
[  501.367607][T11812] 8021q: adding VLAN 0 to HW filter on device bond0
[  501.375367][ T6869] Bluetooth: hci1: command 0x0c1a tx timeout
[  501.450233][ T6869] Bluetooth: hci3: command 0x0c1a tx timeout
[  501.456607][ T6660] Bluetooth: hci2: command 0x0c1a tx timeout
[  501.529498][T11812] 8021q: adding VLAN 0 to HW filter on device team0
[  501.536369][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  501.608100][ T6783] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.615344][ T6783] bridge0: port 1(bridge_slave_0) entered forwarding state
[  501.692987][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  501.703888][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  501.772200][ T6783] bridge0: port 2(bridge_slave_1) entered blocking state
[  501.779386][ T6783] bridge0: port 2(bridge_slave_1) entered forwarding state
[  503.583599][T11812] 8021q: adding VLAN 0 to HW filter on device batadv0
[  503.611052][ T6869] Bluetooth: hci4: command 0x0419 tx timeout
[  503.825333][T11995] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1331'.
[  504.669534][T11812] veth0_vlan: entered promiscuous mode
[  504.816485][T11812] veth1_vlan: entered promiscuous mode
[  504.974844][T11812] veth0_macvtap: entered promiscuous mode
[  505.007301][T12020] No such timeout policy "
"
[  505.023041][T12019] No such timeout policy "
"
[  505.087425][T12020] netlink: Failed to associated timeout policy '
'
[  505.112874][T12019] netlink: Failed to associated timeout policy '
'
[  505.166590][T11812] veth1_macvtap: entered promiscuous mode
[  505.300174][T12026] netlink: 130 bytes leftover after parsing attributes in process `syz.0.1336'.
[  505.458893][T11812] batman_adv: batadv0: Interface activated: batadv_slave_0
[  505.633344][T11812] batman_adv: batadv0: Interface activated: batadv_slave_1
[  505.689308][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  505.817234][T11342] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  505.985792][T11342] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  506.042245][T11342] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  506.075200][T11342] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  506.292338][ T8407] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.344200][ T8407] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  506.706941][ T6783] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  506.748749][ T6783] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  507.329922][T12053] __vm_enough_memory: pid: 12053, comm: syz.4.1343, bytes: 4398046457856 not enough memory for the allocation
[  507.768324][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  509.406583][T12091] vivid-007: =================  START STATUS  =================
[  509.454844][T12091] vivid-007: Enable Output Cropping: true
[  509.496936][T12091] vivid-007: Enable Output Composing: true
[  509.542410][T12091] vivid-007: Enable Output Scaler: true
[  509.575371][T12091] vivid-007: Tx RGB Quantization Range: Automatic
[  509.615742][T12091] vivid-007: Transmit Mode: HDMI
[  509.638195][T12091] vivid-007: Hotplug Present: 0x00000000
[  509.670588][T12091] vivid-007: RxSense Present: 0x00000000
[  509.699844][T12091] vivid-007: EDID Present: 0x00000000
[  509.736065][T12091] vivid-007: ==================  END STATUS  ==================
[  511.474807][T12122] FAULT_INJECTION: forcing a failure.
[  511.474807][T12122] name fail_futex, interval 1, probability 0, space 0, times 0
[  511.679349][T12122] CPU: 0 UID: 0 PID: 12122 Comm: syz.2.1358 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  511.679382][T12122] Tainted: [L]=SOFTLOCKUP
[  511.679389][T12122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  511.679400][T12122] Call Trace:
[  511.679407][T12122]  <TASK>
[  511.679415][T12122]  dump_stack_lvl+0x100/0x190
[  511.679441][T12122]  should_fail_ex.cold+0x5/0xa
[  511.679465][T12122]  get_futex_key+0x1d2/0x1510
[  511.679487][T12122]  ? __pfx_get_futex_key+0x10/0x10
[  511.679513][T12122]  futex_wake+0xea/0x530
[  511.679545][T12122]  ? __pfx_futex_wake+0x10/0x10
[  511.679574][T12122]  ? do_raw_spin_lock+0x128/0x260
[  511.679598][T12122]  do_futex+0x32b/0x350
[  511.679623][T12122]  ? __pfx_do_futex+0x10/0x10
[  511.679642][T12122]  ? _raw_spin_unlock+0x28/0x50
[  511.679662][T12122]  ? do_set_mempolicy+0x217/0x3d0
[  511.679683][T12122]  ? __pfx_do_set_mempolicy+0x10/0x10
[  511.679707][T12122]  __x64_sys_futex+0x34f/0x4d0
[  511.679730][T12122]  ? __pfx___x64_sys_futex+0x10/0x10
[  511.679750][T12122]  ? __pfx_kernel_set_mempolicy+0x10/0x10
[  511.679774][T12122]  ? rcu_is_watching+0x12/0xc0
[  511.679798][T12122]  do_syscall_64+0x10b/0xf80
[  511.679820][T12122]  ? clear_bhb_loop+0x40/0x90
[  511.679843][T12122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.679863][T12122] RIP: 0033:0x7f6610d9cdd9
[  511.679879][T12122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  511.679897][T12122] RSP: 002b:00007f6611c650e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  511.679916][T12122] RAX: ffffffffffffffda RBX: 00007f6611015fa8 RCX: 00007f6610d9cdd9
[  511.679928][T12122] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6611015fac
[  511.679939][T12122] RBP: 00007f6611015fa0 R08: 0000000000000001 R09: 0000000000000000
[  511.679950][T12122] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  511.679960][T12122] R13: 00007f6611016038 R14: 00007fff39d71820 R15: 00007fff39d71908
[  511.679983][T12122]  </TASK>
[  512.813128][T12122] sg_write: data in/out 1685414155/2147479510 bytes for SCSI command 0x3-- guessing data in;
[  512.813128][T12122]    program syz.2.1358 not setting count and/or reply_len properly
[  513.256970][T12145] cifs: Unknown parameter 'no+ 1����`��r�sFn)��a�H��ā��h`����9k�A}���1\D@��.��Z�Cg^�'
[  515.719617][T12160] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.086318][ T6660] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  518.685810][T12213] FAULT_INJECTION: forcing a failure.
[  518.685810][T12213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  519.035308][T12213] CPU: 0 UID: 0 PID: 12213 Comm: syz.2.1382 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  519.035341][T12213] Tainted: [L]=SOFTLOCKUP
[  519.035348][T12213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  519.035358][T12213] Call Trace:
[  519.035365][T12213]  <TASK>
[  519.035372][T12213]  dump_stack_lvl+0x100/0x190
[  519.035398][T12213]  should_fail_ex.cold+0x5/0xa
[  519.035422][T12213]  _copy_to_user+0x32/0xd0
[  519.035455][T12213]  simple_read_from_buffer+0xcb/0x170
[  519.035478][T12213]  proc_fail_nth_read+0x1af/0x230
[  519.035515][T12213]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  519.035550][T12213]  ? rw_verify_area+0xce/0x6d0
[  519.035569][T12213]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  519.035598][T12213]  vfs_read+0x1e4/0xb30
[  519.035621][T12213]  ? __pfx_vfs_read+0x10/0x10
[  519.035641][T12213]  ? __fget_files+0x215/0x3d0
[  519.035667][T12213]  ? __fget_files+0x21f/0x3d0
[  519.035695][T12213]  ksys_read+0x12a/0x250
[  519.035715][T12213]  ? __pfx_ksys_read+0x10/0x10
[  519.035737][T12213]  ? rcu_is_watching+0x12/0xc0
[  519.035763][T12213]  do_syscall_64+0x10b/0xf80
[  519.035787][T12213]  ? clear_bhb_loop+0x40/0x90
[  519.035810][T12213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.035830][T12213] RIP: 0033:0x7f6610d5d60e
[  519.035845][T12213] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  519.035863][T12213] RSP: 002b:00007f6611c64fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  519.035882][T12213] RAX: ffffffffffffffda RBX: 00007f6611c656c0 RCX: 00007f6610d5d60e
[  519.035894][T12213] RDX: 000000000000000f RSI: 00007f6611c650a0 RDI: 0000000000000007
[  519.035905][T12213] RBP: 00007f6611c65090 R08: 0000000000000000 R09: 0000000000000000
[  519.035916][T12213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.035926][T12213] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  519.035949][T12213]  </TASK>
[  520.606124][T12227] blktrace: Concurrent blktraces are not allowed on sda1
[  520.788709][T12230] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1385'.
[  521.578966][T12234] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1385'.
[  523.541010][T12261] "mq-deadline" elevator initialization, failed -12, falling back to "none"
[  527.853765][T12313] netlink: 'syz.4.1405': attribute type 1 has an invalid length.
[  527.899734][T12313] blktrace: Concurrent blktraces are not allowed on zram0
[  528.181303][T12321] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  528.935958][T12330] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input13
[  531.358501][T12354] netlink: 'syz.3.1414': attribute type 1 has an invalid length.
[  531.455778][T12354] blktrace: Concurrent blktraces are not allowed on zram0
[  535.868226][   T30] audit: type=1800 audit(1777752605.649:19): pid=12397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1424" name=04 dev="tmpfs" ino=1716 res=0 errno=0
[  535.935039][T12399] netlink: 'syz.2.1425': attribute type 1 has an invalid length.
[  535.976836][T12399] blktrace: Concurrent blktraces are not allowed on zram0
[  536.558289][T12406] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1426'.
[  537.411300][   T30] audit: type=1804 audit(1777752607.190:20): pid=12430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1434" name="/newroot/332/file0" dev="tmpfs" ino=1733 res=1 errno=0
[  537.803772][T12441] netlink: 'syz.3.1436': attribute type 1 has an invalid length.
[  537.836485][T12441] blktrace: Concurrent blktraces are not allowed on zram0
[  538.043156][T12444] FAULT_INJECTION: forcing a failure.
[  538.043156][T12444] name failslab, interval 1, probability 0, space 0, times 0
[  538.091093][T12444] CPU: 0 UID: 0 PID: 12444 Comm: syz.2.1437 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  538.091125][T12444] Tainted: [L]=SOFTLOCKUP
[  538.091132][T12444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  538.091142][T12444] Call Trace:
[  538.091149][T12444]  <TASK>
[  538.091156][T12444]  dump_stack_lvl+0x100/0x190
[  538.091183][T12444]  should_fail_ex.cold+0x5/0xa
[  538.091207][T12444]  ? tomoyo_realpath_from_path+0xb6/0x690
[  538.091230][T12444]  should_failslab+0xc2/0x120
[  538.091251][T12444]  __kmalloc_noprof+0xe0/0x850
[  538.091279][T12444]  ? kfree+0x1dd/0x6c0
[  538.091308][T12444]  tomoyo_realpath_from_path+0xb6/0x690
[  538.091336][T12444]  tomoyo_path_perm+0x276/0x460
[  538.091353][T12444]  ? tomoyo_path_perm+0x262/0x460
[  538.091373][T12444]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  538.091402][T12444]  ? lockdown_is_locked_down+0x3d/0x140
[  538.091439][T12444]  ? __pfx_ima_file_check+0x10/0x10
[  538.091473][T12444]  ? hook_file_truncate+0xc3/0x240
[  538.091498][T12444]  security_file_truncate+0xb5/0x1e0
[  538.091521][T12444]  path_openat+0x1c6e/0x31a0
[  538.091552][T12444]  ? __pfx_path_openat+0x10/0x10
[  538.091589][T12444]  do_file_open+0x20e/0x430
[  538.091614][T12444]  ? __pfx_do_file_open+0x10/0x10
[  538.091654][T12444]  ? alloc_fd+0x476/0x790
[  538.091678][T12444]  ? do_getname+0x191/0x390
[  538.091709][T12444]  do_sys_openat2+0x10d/0x1e0
[  538.091738][T12444]  ? __pfx_do_sys_openat2+0x10/0x10
[  538.091768][T12444]  ? __fget_files+0x21f/0x3d0
[  538.091795][T12444]  __x64_sys_openat+0x12d/0x210
[  538.091824][T12444]  ? __pfx___x64_sys_openat+0x10/0x10
[  538.091858][T12444]  ? rcu_is_watching+0x12/0xc0
[  538.091884][T12444]  do_syscall_64+0x10b/0xf80
[  538.091908][T12444]  ? clear_bhb_loop+0x40/0x90
[  538.091931][T12444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.091951][T12444] RIP: 0033:0x7f6610d9cdd9
[  538.091967][T12444] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  538.091985][T12444] RSP: 002b:00007f6611c65028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  538.092004][T12444] RAX: ffffffffffffffda RBX: 00007f6611015fa0 RCX: 00007f6610d9cdd9
[  538.092016][T12444] RDX: 0000000000008742 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  538.092027][T12444] RBP: 00007f6610e32d69 R08: 0000000000000000 R09: 0000000000000000
[  538.092038][T12444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  538.092049][T12444] R13: 00007f6611016038 R14: 00007f6611015fa0 R15: 00007fff39d71908
[  538.092073][T12444]  </TASK>
[  539.408719][T12444] ERROR: Out of memory at tomoyo_realpath_from_path.
[  545.870462][T12553] netlink: 'syz.3.1454': attribute type 1 has an invalid length.
[  545.952949][T12553] blktrace: Concurrent blktraces are not allowed on zram0
[  547.193794][T12557] kexec: Could not allocate control_code_buffer
[  547.738097][T12576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1461'.
[  548.585106][T12578] FAULT_INJECTION: forcing a failure.
[  548.585106][T12578] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.864146][T12578] CPU: 0 UID: 0 PID: 12578 Comm: syz.0.1460 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  548.864183][T12578] Tainted: [L]=SOFTLOCKUP
[  548.864190][T12578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  548.864201][T12578] Call Trace:
[  548.864207][T12578]  <TASK>
[  548.864215][T12578]  dump_stack_lvl+0x100/0x190
[  548.864240][T12578]  should_fail_ex.cold+0x5/0xa
[  548.864265][T12578]  strncpy_from_user+0x3b/0x2d0
[  548.864286][T12578]  do_getname+0x78/0x390
[  548.864321][T12578]  do_sys_openat2+0xc5/0x1e0
[  548.864355][T12578]  ? __pfx_do_sys_openat2+0x10/0x10
[  548.864395][T12578]  __x64_sys_openat+0x12d/0x210
[  548.864430][T12578]  ? __pfx___x64_sys_openat+0x10/0x10
[  548.864463][T12578]  ? ksys_read+0x1ac/0x250
[  548.864488][T12578]  ? rcu_is_watching+0x12/0xc0
[  548.864516][T12578]  do_syscall_64+0x10b/0xf80
[  548.864543][T12578]  ? clear_bhb_loop+0x40/0x90
[  548.864574][T12578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.864594][T12578] RIP: 0033:0x7ff5e7b9cdd9
[  548.864609][T12578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  548.864627][T12578] RSP: 002b:00007ff5e8a5a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  548.864649][T12578] RAX: ffffffffffffffda RBX: 00007ff5e7e16090 RCX: 00007ff5e7b9cdd9
[  548.864661][T12578] RDX: 0000000000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  548.864672][T12578] RBP: 00007ff5e7c32d69 R08: 0000000000000000 R09: 0000000000000000
[  548.864684][T12578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  548.864695][T12578] R13: 00007ff5e7e16128 R14: 00007ff5e7e16090 R15: 00007ffd42a973a8
[  548.864718][T12578]  </TASK>
[  549.564963][   T30] audit: type=1804 audit(1777752619.246:21): pid=12593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1464" name="/newroot/348/file0" dev="tmpfs" ino=1815 res=1 errno=0
[  550.276253][ T6660] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  550.291426][ T6660] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  550.299294][ T6660] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  550.309919][ T6660] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  550.324997][ T6660] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  552.275970][T12602] bridge0: port 1(bridge_slave_0) entered blocking state
[  552.300948][T12602] bridge0: port 1(bridge_slave_0) entered disabled state
[  552.325365][T12602] bridge_slave_0: entered allmulticast mode
[  552.349189][T12602] bridge_slave_0: entered promiscuous mode
[  552.378571][T12602] bridge0: port 2(bridge_slave_1) entered blocking state
[  552.388791][ T6660] Bluetooth: hci5: command tx timeout
[  552.413053][T12602] bridge0: port 2(bridge_slave_1) entered disabled state
[  552.442629][T12602] bridge_slave_1: entered allmulticast mode
[  552.460424][T12602] bridge_slave_1: entered promiscuous mode
[  552.565166][T12602] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  552.604259][T12602] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  552.705906][T12602] team0: Port device team_slave_0 added
[  552.729848][T12602] team0: Port device team_slave_1 added
[  552.829677][T12602] batman_adv: batadv0: Adding interface: batadv_slave_0
[  552.852751][T12602] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  552.942530][T12602] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  552.993371][T12602] batman_adv: batadv0: Adding interface: batadv_slave_1
[  553.019176][T12602] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  553.124013][T12602] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  553.251703][T12650] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[  553.282097][T12602] hsr_slave_0: entered promiscuous mode
[  553.302426][T12602] hsr_slave_1: entered promiscuous mode
[  553.320500][T12602] debugfs: 'hsr0' already exists in 'hsr'
[  553.340194][T12602] Cannot create hsr debugfs directory
[  554.397282][T12602] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  554.450099][T12602] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  554.466568][ T6660] Bluetooth: hci5: command tx timeout
[  554.480049][T12602] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  554.510823][T12602] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  554.659297][T12602] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  554.691684][T12602] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  554.722700][T12602] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  554.748991][T12602] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  555.019313][T12602] 8021q: adding VLAN 0 to HW filter on device bond0
[  555.091398][T12602] 8021q: adding VLAN 0 to HW filter on device team0
[  555.137793][T11342] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.144979][T11342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  555.212382][T11342] bridge0: port 2(bridge_slave_1) entered blocking state
[  555.219547][T11342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  556.491535][T12602] 8021q: adding VLAN 0 to HW filter on device batadv0
[  556.543198][ T6660] Bluetooth: hci5: command tx timeout
[  557.524477][T12602] veth0_vlan: entered promiscuous mode
[  557.558301][T12602] veth1_vlan: entered promiscuous mode
[  557.646106][T12602] veth0_macvtap: entered promiscuous mode
[  557.686251][T12602] veth1_macvtap: entered promiscuous mode
[  557.757409][T12602] batman_adv: batadv0: Interface activated: batadv_slave_0
[  557.818176][T12602] batman_adv: batadv0: Interface activated: batadv_slave_1
[  557.906314][ T6653] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  557.938321][ T6653] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  557.972278][ T6653] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  558.009582][ T6653] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  558.227880][ T6653] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  558.263720][ T6653] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.505886][ T6657] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  558.529725][ T6657] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  558.621836][ T6660] Bluetooth: hci5: command tx timeout
[  559.189883][T12737] ICMPv6: process `syz.5.1487' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  559.320283][T12739] netlink: 'syz.3.1488': attribute type 1 has an invalid length.
[  559.355995][T12739] blktrace: Concurrent blktraces are not allowed on zram0
[  560.283729][T12751] device-mapper: ioctl: Unable to rename non-existent device,  to uuid �
[  562.458024][T12790] zswap: compressor  not available
[  563.516986][T12792] kexec: Could not allocate control_code_buffer
[  567.340449][ T6869] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  567.353063][ T6869] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  567.361624][ T6869] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  567.377972][ T6869] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  567.389298][ T6869] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  568.033884][T12929] nfs: Unknown parameter '�m?���LH>�｢^�e���ko}*	 �'
[  568.837753][T12939] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1520'.
[  569.501987][ T6660] Bluetooth: hci6: command tx timeout
[  571.370757][T12902] bridge0: port 1(bridge_slave_0) entered blocking state
[  571.412681][T12902] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.449633][T12902] bridge_slave_0: entered allmulticast mode
[  571.478674][T12902] bridge_slave_0: entered promiscuous mode
[  571.514808][T12902] bridge0: port 2(bridge_slave_1) entered blocking state
[  571.549310][T12902] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.574984][ T6660] Bluetooth: hci6: command tx timeout
[  571.586247][T12902] bridge_slave_1: entered allmulticast mode
[  571.617518][T12902] bridge_slave_1: entered promiscuous mode
[  571.667021][T12976] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1525'.
[  571.770796][T12902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  571.849234][T12902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  572.031651][T12902] team0: Port device team_slave_0 added
[  572.083094][T12902] team0: Port device team_slave_1 added
[  572.552292][T12979] vhci_hcd vhci_hcd.0: invalid port number 16
[  572.680731][T12902] batman_adv: batadv0: Adding interface: batadv_slave_0
[  572.720775][T12902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  572.775132][T12980] netlink: 'syz.3.1526': attribute type 11 has an invalid length.
[  572.856594][T12902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  572.959359][T12902] batman_adv: batadv0: Adding interface: batadv_slave_1
[  572.992724][T12902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  573.105634][T12902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  573.323840][T12902] hsr_slave_0: entered promiscuous mode
[  573.368003][T12902] hsr_slave_1: entered promiscuous mode
[  573.396788][T12902] debugfs: 'hsr0' already exists in 'hsr'
[  573.426400][T12902] Cannot create hsr debugfs directory
[  573.654172][ T6660] Bluetooth: hci6: command tx timeout
[  574.823960][T12902] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  575.732878][ T6660] Bluetooth: hci6: command tx timeout
[  576.668626][T12902] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  577.105691][T12902] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  577.148408][T12902] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  577.263921][T12902] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  577.312862][T12902] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  577.337501][T12902] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  577.373923][T12902] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  577.633371][T12902] 8021q: adding VLAN 0 to HW filter on device bond0
[  577.705042][T12902] 8021q: adding VLAN 0 to HW filter on device team0
[  577.758090][T12888] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.765285][T12888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  577.866784][T12888] bridge0: port 2(bridge_slave_1) entered blocking state
[  577.873967][T12888] bridge0: port 2(bridge_slave_1) entered forwarding state
[  578.380199][T13038] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  578.469655][T13038] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  578.575813][T13038] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  578.740795][T13038] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  578.841524][T13038] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  578.915004][T13038] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  579.705855][T13038] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  579.723882][T12902] 8021q: adding VLAN 0 to HW filter on device batadv0
[  579.738434][T13038] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  580.054317][T13038] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  580.164731][T13038] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  580.204045][T13038] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  580.450476][ T6660] Bluetooth: hci0: command 0x0c1a tx timeout
[  580.530686][ T6660] Bluetooth: hci1: command 0x0c1a tx timeout
[  580.595528][T13038] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  580.612433][ T6660] Bluetooth: hci2: command 0x0c1a tx timeout
[  580.770335][ T6660] Bluetooth: hci3: command 0x0c1a tx timeout
[  580.850532][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  580.958650][T12902] veth0_vlan: entered promiscuous mode
[  581.052502][T13078] =======================================================
[  581.052502][T13078] WARNING: The mand mount option has been deprecated and
[  581.052502][T13078]          and is ignored by this kernel. Remove the mand
[  581.052502][T13078]          option from the mount to silence this warning.
[  581.052502][T13078] =======================================================
[  581.313063][T12902] veth1_vlan: entered promiscuous mode
[  581.730505][ T6660] Bluetooth: hci5: command 0x0c1a tx timeout
[  581.769114][T12902] veth0_macvtap: entered promiscuous mode
[  581.822961][T12902] veth1_macvtap: entered promiscuous mode
[  581.873931][T12902] batman_adv: batadv0: Interface activated: batadv_slave_0
[  581.918116][T12902] batman_adv: batadv0: Interface activated: batadv_slave_1
[  581.983562][T12888] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  582.014776][T12888] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  582.132130][T12888] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  582.163954][T12888] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  582.210173][ T6660] Bluetooth: hci6: command 0x0c1a tx timeout
[  582.730291][T13050] kexec: Could not allocate control_code_buffer
[  582.929739][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  582.976638][T12876] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  583.035768][T12876] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  583.077483][T13092] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1543'.
[  583.472883][T13092] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  583.506316][T13092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  583.551833][T13092] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  583.597009][T13092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  583.809314][ T6660] Bluetooth: hci5: command 0x0c1a tx timeout
[  584.279410][ T8407] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  584.290542][ T6660] Bluetooth: hci6: command 0x0c1a tx timeout
[  584.328406][ T8407] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  585.887997][ T6660] Bluetooth: hci5: command 0x0c1a tx timeout
[  586.367834][ T6660] Bluetooth: hci6: command 0x0c1a tx timeout
[  587.182923][T13145] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  587.230178][T13152] capability: warning: `syz.3.1554' uses deprecated v2 capabilities in a way that may be insecure
[  589.163824][T13194] FAULT_INJECTION: forcing a failure.
[  589.163824][T13194] name failslab, interval 1, probability 0, space 0, times 0
[  589.425956][T13194] CPU: 0 UID: 0 PID: 13194 Comm: syz.3.1563 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  589.425987][T13194] Tainted: [L]=SOFTLOCKUP
[  589.425994][T13194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  589.426004][T13194] Call Trace:
[  589.426011][T13194]  <TASK>
[  589.426018][T13194]  dump_stack_lvl+0x100/0x190
[  589.426042][T13194]  should_fail_ex.cold+0x5/0xa
[  589.426066][T13194]  ? security_inode_init_security+0x113/0x370
[  589.426092][T13194]  should_failslab+0xc2/0x120
[  589.426114][T13194]  __kmalloc_noprof+0xe0/0x850
[  589.426148][T13194]  security_inode_init_security+0x113/0x370
[  589.426174][T13194]  ? __pfx_shmem_initxattrs+0x10/0x10
[  589.426199][T13194]  ? __pfx_security_inode_init_security+0x10/0x10
[  589.426227][T13194]  ? make_vfsgid+0xf1/0x140
[  589.426247][T13194]  shmem_mknod+0x2ce/0x480
[  589.426275][T13194]  ? __pfx_shmem_mknod+0x10/0x10
[  589.426305][T13194]  vfs_create+0x301/0x6c0
[  589.426338][T13194]  filename_mknodat+0x2de/0x7f0
[  589.426366][T13194]  ? __pfx_filename_mknodat+0x10/0x10
[  589.426390][T13194]  ? strncpy_from_user+0x19d/0x2d0
[  589.426411][T13194]  ? do_getname+0x191/0x390
[  589.426439][T13194]  __x64_sys_mknod+0x8f/0xc0
[  589.426464][T13194]  do_syscall_64+0x10b/0xf80
[  589.426488][T13194]  ? clear_bhb_loop+0x40/0x90
[  589.426511][T13194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.426530][T13194] RIP: 0033:0x7f297e79cdd9
[  589.426551][T13194] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  589.426570][T13194] RSP: 002b:00007f297f5db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  589.426589][T13194] RAX: ffffffffffffffda RBX: 00007f297ea16090 RCX: 00007f297e79cdd9
[  589.426601][T13194] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  589.426612][T13194] RBP: 00007f297e832d69 R08: 0000000000000000 R09: 0000000000000000
[  589.426623][T13194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.426633][T13194] R13: 00007f297ea16128 R14: 00007f297ea16090 R15: 00007ffc78351be8
[  589.426657][T13194]  </TASK>
[  590.931339][T13211] netlink: 334 bytes leftover after parsing attributes in process `syz.6.1567'.
[  591.103209][T13211] bridge0: port 3(team0) entered blocking state
[  591.187115][T13211] bridge0: port 3(team0) entered disabled state
[  591.285206][T13211] team0: entered allmulticast mode
[  591.358571][T13211] team_slave_0: entered allmulticast mode
[  591.439422][T13211] team_slave_1: entered allmulticast mode
[  591.583799][T13211] team0: entered promiscuous mode
[  591.662851][T13211] team_slave_0: entered promiscuous mode
[  591.744602][T13211] team_slave_1: entered promiscuous mode
[  591.824077][T13211] bridge0: port 3(team0) entered blocking state
[  591.830532][T13211] bridge0: port 3(team0) entered forwarding state
[  592.566651][T13228] binder: 13226:13228 ioctl 400c620e 0 returned -14
[  592.628786][T13227] binder: 13226:13227 ioctl 400c620e 0 returned -14
[  593.742613][T13236] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1574'.
[  593.978495][T13236] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1574'.
[  595.531770][T13242] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1575'.
[  598.098194][T13256] ceph: Failed to parse sending metrics switch value 'P^'
[  598.179821][T13257] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1579'.
[  598.373801][T13257] openvswitch: netlink: Geneve option length err (len 256, max 255).
[  599.804052][ T6660] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  599.841967][T13278] vivid-008: =================  START STATUS  =================
[  599.912784][T13278] vivid-008: ==================  END STATUS  ==================
[  600.248157][T13279] random: crng reseeded on system resumption
[  601.347282][T13307] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  601.879778][ T6869] Bluetooth: hci2: command 0x0c1a tx timeout
[  603.960131][ T6869] Bluetooth: hci2: command 0x0c1a tx timeout
[  606.694042][T13352] FAULT_INJECTION: forcing a failure.
[  606.694042][T13352] name failslab, interval 1, probability 0, space 0, times 0
[  606.773948][T13352] CPU: 0 UID: 0 PID: 13352 Comm: syz.5.1599 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  606.773980][T13352] Tainted: [L]=SOFTLOCKUP
[  606.773987][T13352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  606.773997][T13352] Call Trace:
[  606.774003][T13352]  <TASK>
[  606.774011][T13352]  dump_stack_lvl+0x100/0x190
[  606.774035][T13352]  should_fail_ex.cold+0x5/0xa
[  606.774059][T13352]  should_failslab+0xc2/0x120
[  606.774081][T13352]  __kvmalloc_node_noprof+0xfa/0xa00
[  606.774100][T13352]  ? io_alloc_cache_init+0x38/0x170
[  606.774126][T13352]  ? lockdep_init_map_type+0x50/0x250
[  606.774154][T13352]  io_alloc_cache_init+0x38/0x170
[  606.774181][T13352]  io_uring_setup.cold+0x3eb/0x1c6e
[  606.774215][T13352]  ? __pfx_io_uring_setup+0x10/0x10
[  606.774237][T13352]  ? do_futex+0x192/0x350
[  606.774257][T13352]  ? __pfx_do_futex+0x10/0x10
[  606.774287][T13352]  ? xfd_validate_state+0x129/0x190
[  606.774305][T13352]  ? ksys_write+0x1ac/0x250
[  606.774331][T13352]  __x64_sys_io_uring_setup+0xc2/0x170
[  606.774353][T13352]  do_syscall_64+0x10b/0xf80
[  606.774376][T13352]  ? clear_bhb_loop+0x40/0x90
[  606.774398][T13352]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.774417][T13352] RIP: 0033:0x7f4cde99cdd9
[  606.774440][T13352] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  606.774457][T13352] RSP: 002b:00007f4cdf823028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  606.774476][T13352] RAX: ffffffffffffffda RBX: 00007f4cdec15fa0 RCX: 00007f4cde99cdd9
[  606.774487][T13352] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000001d48
[  606.774498][T13352] RBP: 00007f4cdea32d69 R08: 0000000000000000 R09: 0000000000000000
[  606.774510][T13352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  606.774520][T13352] R13: 00007f4cdec16038 R14: 00007f4cdec15fa0 R15: 00007fffbd7877f8
[  606.774543][T13352]  </TASK>
[  607.398612][T13366] ubi0: attaching mtd0
[  607.425250][T13366] ubi0: scanning is finished
[  607.453772][T13366] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  607.783031][T13366] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  608.189168][T13374] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1603'.
[  608.958020][T13374] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  608.986817][T13374] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  609.015398][T13374] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  609.049919][T13374] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  609.083436][T13374] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  609.124898][T13374] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  609.168358][T13374] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  610.355547][ T6660] Bluetooth: hci0: command 0x0c1a tx timeout
[  610.995242][ T6660] Bluetooth: hci1: command 0x0c1a tx timeout
[  611.076447][ T6660] Bluetooth: hci3: command 0x0c1a tx timeout
[  611.083484][ T6869] Bluetooth: hci2: command 0x0c1a tx timeout
[  611.155143][ T6869] Bluetooth: hci5: command 0x0c1a tx timeout
[  611.161206][ T6660] Bluetooth: hci4: command 0x0419 tx timeout
[  611.235063][ T6869] Bluetooth: hci6: command 0x0c1a tx timeout
[  613.050900][T13429] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1611'.
[  613.213657][T13429] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1611'.
[  614.154099][T13435] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  617.097169][T13472] netlink: 334 bytes leftover after parsing attributes in process `syz.6.1621'.
[  617.510877][T13474] netlink: 25 bytes leftover after parsing attributes in process `syz.5.1622'.
[  618.757266][T13497] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1627'.
[  619.473977][T13512] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input14
[  619.567507][T13497] hsr_slave_1 (unregistering): left promiscuous mode
[  620.973650][T13528] block2mtd: illegal erase size
[  621.543436][T13532] netlink: 25 bytes leftover after parsing attributes in process `syz.6.1634'.
[  622.252156][T13540] nbd: couldn't find device at index 33904
[  622.778613][T13553] Process accounting resumed
[  624.453827][T13588] FAULT_INJECTION: forcing a failure.
[  624.453827][T13588] name failslab, interval 1, probability 0, space 0, times 0
[  624.522225][   T30] audit: type=1804 audit(1777752694.343:22): pid=13586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1655" name="/newroot/440/file0" dev="tmpfs" ino=2306 res=1 errno=0
[  624.550007][T13588] CPU: 0 UID: 0 PID: 13588 Comm: syz.6.1648 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  624.550039][T13588] Tainted: [L]=SOFTLOCKUP
[  624.550046][T13588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  624.550057][T13588] Call Trace:
[  624.550064][T13588]  <TASK>
[  624.550071][T13588]  dump_stack_lvl+0x100/0x190
[  624.550096][T13588]  should_fail_ex.cold+0x5/0xa
[  624.550120][T13588]  ? constrain_params_by_rules+0x175/0xcc0
[  624.550149][T13588]  should_failslab+0xc2/0x120
[  624.550171][T13588]  __kmalloc_noprof+0xe0/0x850
[  624.550200][T13588]  ? unwind_get_return_address+0x59/0xa0
[  624.550231][T13588]  constrain_params_by_rules+0x175/0xcc0
[  624.550266][T13588]  ? stack_trace_save+0x8e/0xc0
[  624.550294][T13588]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  624.550330][T13588]  ? __kasan_kmalloc+0xaa/0xb0
[  624.550346][T13588]  ? snd_pcm_oss_change_params_locked+0x81c/0x39f0
[  624.550374][T13588]  ? snd_pcm_oss_make_ready+0xeb/0x1b0
[  624.550400][T13588]  ? snd_pcm_oss_sync+0x1de/0x840
[  624.550434][T13588]  ? snd_interval_refine+0x2d0/0x580
[  624.550458][T13588]  snd_pcm_hw_refine+0x7e7/0xad0
[  624.550501][T13588]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  624.550542][T13588]  ? snd_interval_refine+0x2d0/0x580
[  624.550566][T13588]  snd_pcm_oss_change_params_locked+0xdb3/0x39f0
[  624.550605][T13588]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  624.550633][T13588]  ? __pfx___mutex_lock+0x10/0x10
[  624.550657][T13588]  ? task_work_add+0x201/0x3b0
[  624.550677][T13588]  ? __pfx_task_work_add+0x10/0x10
[  624.550707][T13588]  snd_pcm_oss_make_ready+0xeb/0x1b0
[  624.550736][T13588]  snd_pcm_oss_sync+0x1de/0x840
[  624.550765][T13588]  snd_pcm_oss_release+0x238/0x300
[  624.550791][T13588]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  624.550818][T13588]  __fput+0x3ff/0xb50
[  624.550848][T13588]  task_work_run+0x150/0x240
[  624.550868][T13588]  ? __pfx_task_work_run+0x10/0x10
[  624.550888][T13588]  ? rcu_is_watching+0x12/0xc0
[  624.550912][T13588]  exit_to_user_mode_loop+0x100/0x4a0
[  624.550930][T13588]  ? do_syscall_64+0x519/0xf80
[  624.550954][T13588]  do_syscall_64+0x6f2/0xf80
[  624.550976][T13588]  ? clear_bhb_loop+0x40/0x90
[  624.550998][T13588]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.551017][T13588] RIP: 0033:0x7f529659cdd9
[  624.551034][T13588] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  624.551052][T13588] RSP: 002b:00007f52947ee028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  624.551071][T13588] RAX: 0000000000000000 RBX: 00007f5296815fa0 RCX: 00007f529659cdd9
[  624.551082][T13588] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  624.551092][T13588] RBP: 00007f5296632d69 R08: 0000000000000000 R09: 0000000000000000
[  624.551103][T13588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  624.551113][T13588] R13: 00007f5296816038 R14: 00007f5296815fa0 R15: 00007ffff98de198
[  624.551136][T13588]  </TASK>
[  625.158262][   T30] audit: type=1804 audit(1777752694.373:23): pid=13578 uid=2 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1655" name="/newroot/440/file0" dev="tmpfs" ino=2306 res=1 errno=0
[  627.301585][T13624] netlink: 'syz.6.1657': attribute type 1 has an invalid length.
[  627.355526][T13622] FAULT_INJECTION: forcing a failure.
[  627.355526][T13622] name failslab, interval 1, probability 0, space 0, times 0
[  627.385146][T13624] blktrace: Concurrent blktraces are not allowed on zram0
[  627.452218][T13622] CPU: 0 UID: 0 PID: 13622 Comm: syz.3.1656 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  627.452250][T13622] Tainted: [L]=SOFTLOCKUP
[  627.452257][T13622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  627.452268][T13622] Call Trace:
[  627.452274][T13622]  <TASK>
[  627.452281][T13622]  dump_stack_lvl+0x100/0x190
[  627.452307][T13622]  should_fail_ex.cold+0x5/0xa
[  627.452331][T13622]  should_failslab+0xc2/0x120
[  627.452354][T13622]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  627.452386][T13622]  ? sock_alloc_inode+0x26/0x290
[  627.452415][T13622]  ? __pfx_sock_alloc_inode+0x10/0x10
[  627.452441][T13622]  sock_alloc_inode+0x26/0x290
[  627.452466][T13622]  ? __pfx_sock_alloc_inode+0x10/0x10
[  627.452497][T13622]  alloc_inode+0x68/0x250
[  627.452529][T13622]  sock_alloc+0x44/0x280
[  627.452550][T13622]  ? security_socket_create+0x7f/0x250
[  627.452579][T13622]  __sock_create+0xc2/0x860
[  627.452607][T13622]  __sys_socket+0x14d/0x260
[  627.452633][T13622]  ? __pfx___sys_socket+0x10/0x10
[  627.452658][T13622]  ? kmem_cache_free+0x127/0x6c0
[  627.452690][T13622]  __x64_sys_socket+0x72/0xb0
[  627.452715][T13622]  ? lockdep_hardirqs_on+0x78/0x100
[  627.452739][T13622]  do_syscall_64+0x10b/0xf80
[  627.452761][T13622]  ? clear_bhb_loop+0x40/0x90
[  627.452783][T13622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  627.452802][T13622] RIP: 0033:0x7f297e79cdd9
[  627.452818][T13622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  627.452836][T13622] RSP: 002b:00007f297f5db028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  627.452854][T13622] RAX: ffffffffffffffda RBX: 00007f297ea16090 RCX: 00007f297e79cdd9
[  627.452865][T13622] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  627.452876][T13622] RBP: 00007f297e832d69 R08: 0000000000000000 R09: 0000000000000000
[  627.452887][T13622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  627.452897][T13622] R13: 00007f297ea16128 R14: 00007f297ea16090 R15: 00007ffc78351be8
[  627.452920][T13622]  </TASK>
[  627.452929][T13622] socket: no more sockets
[  628.162951][T13610] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  628.183839][T13610] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  628.198836][   T30] audit: type=1804 audit(1777752698.025:24): pid=13638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1659" name="/newroot/34/file0" dev="tmpfs" ino=200 res=1 errno=0
[  628.235802][T13610] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  628.275321][T13610] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  628.292712][T13610] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  628.321364][   T30] audit: type=1804 audit(1777752698.045:25): pid=13639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1659" name="/newroot/34/file0" dev="tmpfs" ino=200 res=1 errno=0
[  628.354612][T13610] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  628.382217][T13610] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  630.026056][ T6869] Bluetooth: hci0: command 0x0c1a tx timeout
[  630.345600][ T6869] Bluetooth: hci3: command 0x0c1a tx timeout
[  630.351690][ T6660] Bluetooth: hci2: command 0x0c1a tx timeout
[  630.358211][ T6660] Bluetooth: hci1: command 0x0c1a tx timeout
[  630.425684][T11813] Bluetooth: hci5: command 0x0c1a tx timeout
[  630.431751][ T6869] Bluetooth: hci4: command 0x0419 tx timeout
[  630.438036][T13666] Bluetooth: hci6: command 0x0c1a tx timeout
[  633.827802][   T30] audit: type=1800 audit(1777753726.652:26): pid=13722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1673" name="SYSV00000802" dev="tmpfs" ino=0 res=0 errno=0
[  634.105556][   T31] INFO: task syz.1.1248:11612 blocked for more than 143 seconds.
[  634.131210][   T31]       Tainted: G             L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  634.154136][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  634.202453][   T31] task:syz.1.1248      state:D stack:27528 pid:11612 tgid:11608 ppid:5625   task_flags:0x400140 flags:0x00080002
[  634.257934][   T31] Call Trace:
[  634.272323][   T31]  <TASK>
[  634.285068][   T31]  __schedule+0x10e9/0x6820
[  634.308116][   T31]  ? __pfx___schedule+0x10/0x10
[  634.330051][   T31]  ? find_held_lock+0x2b/0x80
[  634.350021][   T31]  ? schedule+0x2bf/0x390
[  634.369398][   T31]  schedule+0xdd/0x390
[  634.384027][   T31]  schedule_preempt_disabled+0x13/0x30
[  634.399797][   T31]  __mutex_lock+0xced/0x1b10
[  634.418029][   T31]  ? nfsd_nl_threads_set_doit+0x8ec/0x12b0
[  634.438140][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  634.459256][   T31]  ? net_generic+0xea/0x2a0
[  634.477998][   T31]  ? net_generic+0xea/0x2a0
[  634.491260][   T31]  ? nfsd_nl_threads_set_doit+0x8ec/0x12b0
[  634.510523][   T31]  nfsd_nl_threads_set_doit+0x8ec/0x12b0
[  634.529715][   T31]  genl_family_rcv_msg_doit+0x214/0x300
[  634.548596][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  634.594910][   T31]  ? genl_get_cmd+0x3e7/0x760
[  634.637135][   T31]  ? bpf_lsm_capable+0x9/0x10
[  634.689885][   T31]  ? security_capable+0x80/0x260
[  634.711935][   T31]  genl_rcv_msg+0x560/0x800
[  634.734839][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  634.771139][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  634.800455][   T31]  netlink_rcv_skb+0x159/0x420
[  634.818561][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  634.841766][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  634.866307][   T31]  ? netlink_deliver_tap+0x1ae/0xcc0
[  634.892289][   T31]  genl_rcv+0x28/0x40
[  634.910215][   T31]  netlink_unicast+0x585/0x850
[  634.928497][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  634.951665][   T31]  netlink_sendmsg+0x8b0/0xda0
[  634.976372][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  635.023793][   T31]  ? __import_iovec+0x1d2/0x640
[  635.039274][   T31]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  635.058685][   T31]  ____sys_sendmsg+0x9e1/0xb70
[  635.079638][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  635.102915][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  635.118374][   T31]  ? __pfx_futex_wake_mark+0x10/0x10
[  635.140646][   T31]  ___sys_sendmsg+0x190/0x1e0
[  635.150166][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  635.175068][   T31]  __sys_sendmsg+0x170/0x220
[  635.195311][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  635.226177][   T31]  ? __x64_sys_futex+0x34f/0x4d0
[  635.243730][   T31]  ? rcu_is_watching+0x12/0xc0
[  635.260448][   T31]  do_syscall_64+0x10b/0xf80
[  635.275089][   T31]  ? clear_bhb_loop+0x40/0x90
[  635.293022][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.311064][   T31] RIP: 0033:0x7ff57bd9cdd9
[  635.324558][   T31] RSP: 002b:00007ff579fd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  635.361416][   T31] RAX: ffffffffffffffda RBX: 00007ff57c016180 RCX: 00007ff57bd9cdd9
[  635.394174][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000006
[  635.420870][   T31] RBP: 00007ff57be32d69 R08: 0000000000000000 R09: 0000000000000000
[  635.457039][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  635.486132][   T31] R13: 00007ff57c016218 R14: 00007ff57c016180 R15: 00007ffeaf031f88
[  635.507996][   T31]  </TASK>
[  635.544131][   T31] 
[  635.544131][   T31] Showing all locks held in the system:
[  635.609944][   T31] 1 lock held by pool_workqueue_/3:
[  635.641737][   T31] 2 locks held by kworker/0:0/9:
[  635.678481][   T31] 1 lock held by khungtaskd/31:
[  635.711161][   T31]  #0: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  635.766512][   T31] 2 locks held by getty/5384:
[  635.801863][   T31]  #0: ffff8880381910a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  635.851403][   T31]  #1: ffffc9000322b2e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0
[  635.911620][   T31] 2 locks held by syz-executor/5629:
[  635.944836][   T31]  #0: ffff888021f740d8 (&type->s_umount_key#54){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[  636.004150][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  636.061524][   T31] 2 locks held by syz-executor/5636:
[  636.095022][   T31]  #0: ffff888037bac0d8 (&type->s_umount_key#54){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[  636.155913][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  636.210289][   T31] 3 locks held by kworker/0:3/5700:
[  636.239261][   T31]  #0: ffff88813fe57140 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980
[  636.297176][   T31]  #1: ffffc90004187d08 (drain_vmap_work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980
[  636.359938][   T31]  #2: ffffffff8e9a83a0 (vmap_purge_lock){+.+.}-{4:4}, at: drain_vmap_area_work+0x17/0x40
[  636.407262][   T31] 3 locks held by kworker/0:5/5772:
[  636.423838][   T31] 2 locks held by syz.1.1248/11612:
[  636.445480][   T31]  #0: ffffffff906bc788 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  636.491569][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8ec/0x12b0
[  636.530193][   T31] 2 locks held by syz.1.1248/11615:
[  636.545946][   T31]  #0: ffffffff906bc788 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  636.577455][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x8ec/0x12b0
[  636.607349][   T31] 2 locks held by syz-executor/11812:
[  636.625652][   T31]  #0: ffff8880593f60d8 (&type->s_umount_key#54){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[  636.658419][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  636.693094][   T31] 4 locks held by kworker/u10:21/12882:
[  636.712061][   T31]  #0: ffff88801c6ae140 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980
[  636.748090][   T31]  #1: ffffc90003637d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980
[  636.778573][   T31]  #2: ffffffff905f5728 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[  636.816296][   T31]  #3: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0
[  636.846269][   T31] 3 locks held by kworker/u10:26/12888:
[  636.860985][   T31]  #0: ffff88813fe9c140 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12d6/0x1980
[  636.895685][   T31]  #1: ffffc900034d7d08 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x973/0x1980
[  636.932596][   T31]  #2: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  636.967870][   T31] 2 locks held by syz-executor/12902:
[  636.986363][   T31]  #0: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  637.008249][   T31]  #1: ffffffff8e7f0e28 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  637.047868][   T31] 2 locks held by syz.0.1671/13703:
[  637.072652][   T31]  #0: ffff8880290d40d8 (&type->s_umount_key#54){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110
[  637.104586][   T31]  #1: ffffffff8ec61aa0 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[  637.129380][   T31] 1 lock held by syz.5.1673/13709:
[  637.152912][   T31]  #0: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  637.181394][   T31] 1 lock held by syz.0.1676/13723:
[  637.197018][   T31]  #0: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  637.228261][   T31] 2 locks held by syz.6.1677/13726:
[  637.248899][   T31]  #0: ffffffff905f5728 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[  637.286465][   T31]  #1: ffffffff9060e460 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0
[  637.305880][   T31] 1 lock held by dhcpcd/13734:
[  637.324084][   T31]  #0: ffff888054bd4260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf50
[  637.349616][   T31] 1 lock held by dhcpcd/13735:
[  637.359243][   T31]  #0: ffff888077992260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf50
[  637.386374][   T31] 
[  637.414232][   T31] =============================================
[  637.414232][   T31] 
[  637.459509][   T31] NMI backtrace for cpu 0
[  637.459535][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  637.459562][   T31] Tainted: [L]=SOFTLOCKUP
[  637.459568][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  637.459579][   T31] Call Trace:
[  637.459585][   T31]  <TASK>
[  637.459592][   T31]  dump_stack_lvl+0x100/0x190
[  637.459617][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[  637.459640][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  637.459661][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  637.459695][   T31]  sys_info+0x141/0x190
[  637.459721][   T31]  watchdog+0xcb1/0x1030
[  637.459752][   T31]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  637.459775][   T31]  ? __pfx_watchdog+0x10/0x10
[  637.459802][   T31]  ? __kthread_parkme+0x18c/0x230
[  637.459829][   T31]  ? kthread+0x13a/0x450
[  637.459844][   T31]  ? __pfx_watchdog+0x10/0x10
[  637.459872][   T31]  kthread+0x370/0x450
[  637.459890][   T31]  ? __pfx_kthread+0x10/0x10
[  637.459907][   T31]  ret_from_fork+0x72b/0xd50
[  637.459928][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  637.459949][   T31]  ? __switch_to+0x800/0x1100
[  637.459973][   T31]  ? __switch_to_asm+0x39/0x70
[  637.459998][   T31]  ? __pfx_kthread+0x10/0x10
[  637.460015][   T31]  ret_from_fork_asm+0x1a/0x30
[  637.460048][   T31]  </TASK>
[  637.811758][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  637.818645][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  637.829327][   T31] Tainted: [L]=SOFTLOCKUP
[  637.833826][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  637.843990][   T31] Call Trace:
[  637.847269][   T31]  <TASK>
[  637.850202][   T31]  dump_stack_lvl+0x100/0x190
[  637.854906][   T31]  vpanic+0x552/0x970
[  637.858902][   T31]  ? __pfx_vpanic+0x10/0x10
[  637.863405][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  637.869621][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  637.875826][   T31]  panic+0xd1/0xe0
[  637.879546][   T31]  ? __pfx_panic+0x10/0x10
[  637.883966][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  637.890133][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  637.896302][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  637.902480][   T31]  ? watchdog.cold+0x1ec/0x234
[  637.907248][   T31]  ? watchdog+0xcc1/0x1030
[  637.911675][   T31]  watchdog.cold+0x1fd/0x234
[  637.916271][   T31]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  637.922100][   T31]  ? __pfx_watchdog+0x10/0x10
[  637.926785][   T31]  ? __kthread_parkme+0x18c/0x230
[  637.931852][   T31]  ? kthread+0x13a/0x450
[  637.936090][   T31]  ? __pfx_watchdog+0x10/0x10
[  637.940781][   T31]  kthread+0x370/0x450
[  637.944852][   T31]  ? __pfx_kthread+0x10/0x10
[  637.949506][   T31]  ret_from_fork+0x72b/0xd50
[  637.954109][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  637.959415][   T31]  ? __switch_to+0x800/0x1100
[  637.964109][   T31]  ? __switch_to_asm+0x39/0x70
[  637.968888][   T31]  ? __pfx_kthread+0x10/0x10
[  637.973493][   T31]  ret_from_fork_asm+0x1a/0x30
[  637.978292][   T31]  </TASK>
[  637.981374][   T31] Kernel Offset: disabled
[  637.985704][   T31] Rebooting in 86400 seconds..