last executing test programs:

9m13.460649194s ago: executing program 2 (id=1421):
mmap$auto(0x5, 0x8, 0x4000000000e3, 0x800000000000017, 0x401, 0x5)
socket(0x11, 0x5, 0x1)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x191000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/dev_snmp6/veth0_virt_wifi\x00', 0x200000, 0x0)
writev$auto(0x3, 0x0, 0x8009)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250200c12b2bd90252"], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0xec73, 0x3, 0x9)
read$auto(0x3, 0x0, 0x5)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x47ccc2, 0x0)

9m12.318367135s ago: executing program 2 (id=1427):
mmap$auto(0x6df, 0x200000001, 0xdf, 0xeb1, 0x401, 0x8001)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
unshare$auto(0x40000080)
r0 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x8, 0x0)
r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000200), r0)
capget$auto(&(0x7f00000002c0)={0x1, <r2=>0x0}, &(0x7f0000000300)={0x4, 0x40000, 0xaf})
fcntl$getown(r0, 0x9)
r3 = getpgrp(0x0)
socket(0x1d, 0x3, 0x1)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, <r4=>0x0, 0xfd}, 0x6a)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
r5 = clone$auto(0x8, 0x8, &(0x7f00000003c0)=0x80, &(0x7f0000000400)=0x6, 0x200000000000)
r6 = getpid()
process_vm_readv$auto(r6, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r7 = getpgid(0x0)
sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x74, r1, 0x701, 0x70bd2c, 0x25dfdbfd, {}, [@TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r2}, @TASKSTATS_CMD_ATTR_PID={0x8, 0x1, r3}, @TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK={0xd, 0x4, '/dev/dsp\x00'}, @TASKSTATS_CMD_ATTR_PID={0x8, 0x1, r3}, @TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK={0x6, 0x4, ']['}, @TASKSTATS_CMD_ATTR_PID={0x8, 0x1, r5}, @TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r6}, @TASKSTATS_CMD_ATTR_DEREGISTER_CPUMASK={0x16, 0x4, '\\]#!@\\\xe4-$\\\'$/\'\xb0//\x17'}, @TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r7}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000}, 0x400000d1)
msgctl$auto(0x3ff, 0x5, &(0x7f0000000540)={{0x800, <r8=>0xee00, 0xffffffffffffffff, 0x8000, 0x1, 0x8, 0x7}, &(0x7f0000000040)=0xd, &(0x7f0000000100)=0x10, 0xfffffffffffffffc, 0x3, 0x8, 0x6, 0x5, 0x7, 0xf, 0x400, @raw=0x6, @raw=0xa38a})
futex$auto(&(0x7f0000000600)=0x6675, 0x7, 0xdc, &(0x7f0000000640)={0x5, 0xd5a}, &(0x7f0000000680)=0x2, 0x0)
r9 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/hw_conf\x00', 0x200000, 0x0)
r10 = ioctl$auto_TUNSETVNETHDRSZ2(r0, 0x400454d8, &(0x7f0000000240)=0x7fff)
r11 = pipe$auto(&(0x7f00000005c0)=r10)
r12 = setfsgid$auto(0xee01)
fsconfig$auto_FSCONFIG_SET_FD(r11, 0x5, &(0x7f00000010c0)='\x00', &(0x7f0000001100), r12)
fsconfig$auto_FSCONFIG_SET_FD(r9, 0x5, &(0x7f0000000080)='/dev/ram5\x00', &(0x7f00000000c0)="4dedd5abc5df178e288d63a29c8180ceae6129ea0bbb8e1fd9587a250cb022348917c7ecdfab4b813311c09a335f25c5e7126961393334ce0215021d9263fdb488d03812719bac3a8f034b08a3ef81badfb94ec47e128ee95d6504e3c6a187", r12)
msgctl$auto_MSG_INFO(0x4, 0xc, &(0x7f0000000340)={{0x8, r8, r12, 0x1, 0x7, 0x4}, &(0x7f0000000140)=0x3, &(0x7f00000001c0)=0xe0, 0xfffffffffffffeb4, 0x100, 0x100000001, 0x8, 0x9, 0x555, 0x3, 0x7, @raw=0x10, @raw=0x1})
setfsgid$auto(r12)
r13 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000011500), 0x40002, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r13, 0xc0045002, &(0x7f0000000140)="3318cb")
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

9m11.278674538s ago: executing program 2 (id=1433):
r0 = socket(0xa, 0x801, 0x84)
setsockopt$auto(r0, 0x10000000084, 0x3, 0x0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0xfffffffffffffffc)
socket(0x1f, 0x800, 0x8)
recvmsg$auto(0xffffffffffffffff, 0x0, 0x6)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
syz_genetlink_get_family_id$auto_tcp_metrics(0x0, 0xffffffffffffffff)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x200, 0x80000df, 0xebd, 0xffffffffffffffff, 0x8003)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r1)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0)
ioctl$auto_PPPIOCATTACH(r3, 0x4004743d, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r4 = socket(0x2, 0x1, 0x84)
setsockopt$auto_SO_RCVBUFFORCE(r4, 0x0, 0x21, &(0x7f0000000040)='/dev/video1\x00', 0x9)
close_range$auto(0x2, 0x8, 0x0)

9m10.339663471s ago: executing program 2 (id=1436):
r0 = socket(0x1d, 0x3, 0x1)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
capget$auto(&(0x7f0000000000)={0x6, <r1=>0x0}, &(0x7f00000000c0)={0xcea5042, 0xf})
adjtimex$auto(&(0x7f0000000000)={0xffff92b5, 0x0, 0x9, 0x3, 0x0, 0x80000000000000, 0x80000000, 0x0, 0x4513, 0x9, 0xffffffffffffffff, {0x7, 0x6}, 0xfffffffc, 0xbfa, 0x9, 0x10, 0x0, 0x2, 0x8, 0xff, 0x10000, 0x100000001, 0x4})
syz_open_procfs$namespace(r1, &(0x7f0000000100)='ns/user\x00')
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
sysinfo$auto(0x0)
r2 = socket(0xa, 0x801, 0x100)
setsockopt$auto(r2, 0x6, 0x2, 0x0, 0xfb3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r3 = socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
prctl$auto(0x59616d61, 0xffffffffffffffff, 0x1, 0x1004, 0xfffffffffffffffb)
connect$auto(0x3, 0x0, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
eventfd$auto(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
r4 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r5=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r5}, 0x6a)
setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

9m9.788174868s ago: executing program 2 (id=1440):
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_secret$auto(0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000002180), 0x100, 0x0)
eventfd$auto(0x3)
pipe$auto(0x0)
socketpair$auto(0x1e, 0x1, 0x4, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_TCFLSH2(r0, 0x40384708, 0x0)

9m9.29118867s ago: executing program 2 (id=1442):
mmap$auto(0x1, 0x7fffffffffffffff, 0xdf, 0x36, 0xffffffffffffffff, 0x1028000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = open(0x0, 0x101840, 0x33903f3ada88772b)
read$auto(r0, 0x0, 0x1)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001b40), r0)
sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000001c40)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001240)={&(0x7f0000001280)=ANY=[@ANYRESDEC, @ANYRES16=r1, @ANYRES64=r0], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x11) (async)
write$auto_fops_x16_ro_(r0, &(0x7f0000000100)="18d50164e81ca4ab92d0d15e0d28f7eea7af041d1be9e949e98ec5c2abe4b4ecd40a92a093d85407ef845aadbfb36099f3ec5e92a4f926018bda264c5c2c561f098850adf5ea070ac52a02bfbeddef7b938033722405496b76492c8983f59c83b1660999b903beeb1589b83c2706df6be367c15675d92ec59daff49daf5fe2b83ab324072339cd95074a3f50e52fc236e7eecccff1e6d4bc210ab87e68ebf78bf5843e8819df3b2cb2a8ee1c3fe113ed4ef01677ea6f73236f9225e8f9d7c7ef9dbb7d69ed7b715eb4c8db8de9697135f6d067e40a76092833ebccbadc2ead39b15bea79719367b92280fc410662b2e1eecb52a21d081d032ad453b6185b17e22b9ec7166172cc92b64ee8dc4981d40bb93a8ca4b06d8408b69284eb5858d20e85ca6c2cac40683ed004ac7ba9d18df2ee0795c537d3b495d2fcfd73ea90c6b51f8a3a446c19de2074291636cd352a0550216da57c86fe1e0019561012dbbe5709aebeb18bf1bdf80773117058759bae8e169a04f6533d2579b3fc65c7d8cf2383279210be12f1cd25eda121939c48d6b848c057dd761ad5e23edbc903ef1929ea75549392de6a322c77358f43607879c40b822694ff3747009160e830d46052e5ca737bb46666bfed8f9c67636d8526ce6978bbb4970e4cc74e7066beb28dd5d78f991649579f74de68532c8cae362fba468c5461283baaae5196d7b150d5e5382eacae45a105bb9ba8b002bffe06171ba5588659997a9d82cc79b4ddccfbc3fb946ab6f5c5fa7b9cd9d818171de89e739ffa6e874a51dcd93dda88d92854c2e794154ee227f23353e3b681b2297212d8dedeebeaceaf5378107d0fa5a43843da518555c1213190eed178633909c965060ecbda9b743ba686cd36bc550d6270b921b72ddd4a5b2caad361bc182772c310e1ba370ae5137ca74c3afd4deabc515f08f5b542e481e0ffe5fe9aa6f26aadaa1de77899db49e17c5801b884dfe329dfcea43c2a52eb4dd0b9cd87ef0f4043baa620e954e32b046ee12c4bc74626c0d9f2719bf5812c1597079f559680e874c3a35f8bfc1d13c17f96e7bc18833a2cb4f9cfa5349d55ed539c6ed5b8c43e24d64fa5971eb9c4754dc090aada86eea3d3990f4501cbf82e655d59631e4e02f1946278752dfeee2e676993b546c45799fa5e196c02ee03745cd67fe1ea8c0a428d3a363357002a1c08a69acedcca0b9db09ff5405db66165a161ecc79079b0f27d66f636c34629e72373bdd0bc0b184f2f733a781a04b30bab3349e08ee3ff50774ee6ee0192e02d29a7464c4cdfdc914d4b252650e90688a6be82073378ef0c72ccad723b400281fa55f61075654a745b69cf726a56d451558dc95a2e208d72407ad39b9067786400cd1e9560be33c36b4db7dffb45b050f11003c0e80f1ddf08994a4e120f560f5473d1a344b0aad3ea1837f16967503f38b5252a1c91fdff37371f63a56ce4557eb3849faa191623ee49ca59fd8479b204e927f4175fadbc0d4b54c3dc1018bf7dd5c41715ab24d9802d78c2cdcc73cc97ba9620647cf411e086b27b943d99b1c5f3ad3032bf7243703ae87cd45cbcc6c5b9a959cde3e1264309264fd9d853e3321b16c9938c3dab86e71debfbbdc1c5c1fb8bd4eea4aa8bef2ae2c2c26ce08d4885bb2209e2a5e7e48d9cc916f4c53311df29f975bef1b5702b3610f5ff3c7e9823cd27ac6cbbc95ef8226f936cd1f15372b92f1a3fcb508226436be7a5fd5b1f8b4a1f6790904693f7a8b1e6eb942338618936bcd28143a52584c1c40fc2589d2b0d51aaa5607ce7fe4f8c3394ef55f4530d7796af5d55f0d191d0cdb348cc983a6eaa0900bbdccedc734ab691b9b50e4c3b73aeea5dd1ca0e321f3d2988e7943135ef3a3e2086af7fe749440925afc61d2a5a98fe20e87cdfb874e0e18df3637e77afa49fa9a80baf2ce618ea2aec4e34c865f470e3489216d1063599d10986556383e0bb87b4bf524e271ad107b9408b7e3418967dd10dff5c4beae9ec282f55b1d199453ea5ea0896e4b0c5e03d63c767a6ae142532211bc0f3ca4111cdd9abad06c3805ca254666b94c65665dee085eb5ea15c5e3830542ee5b6bc54f4651043753b328ffbc3bc9f5e6f9bb0a88e686cd90267e108947ae6a943c619bdca7eaed5159964ce8fca4cd4aacb9869171f3341c999b2d34995708acc3615e9abea6482dde023b8bec044fc26a1049d5a61959ccb9672fc57a17803b12ff6ba822de19b32e2aec81e81ee2e64ed7a79f897f11dfe571d2820f9cdfa599a187a2297c06e0b42d10a01b4d022dc3021c6a888a89341a19ee0df2a12d252fc3fa9a0d3d3727e0b94d2925d70ce8bae4cd5f2ae4a7ae28e77950014152b373291848e05a394e03d70fdff86c129175eb683e3c576164e8d571e2b9d832b224a77a63010f799652057966c0a9795508607d68682057aeaa4a79fab7ab5456c1a3997f9f64e7feadf07e5204e402aa3788215f0f0e53119e6be7e25a67f61ca5028f92e4a8a75bca74ec6953144fd9e08fa2a9cf4772394074ed5fac6da41d4e749318ce547dfad856310cb6b0503f79e27695c641a7ec2a830a5df012b2ca123fc2329a480fc2d5bdd05f4ff525eef45522e1c0b639d6db32553eda243b33e274617a505e89cc35fd405267085018e48f00dce2f0f561d6997c2dc92849dd524fcb9011633b193fc7e6cbd5374c9630cb24ef5db46825ddcdc5ee0c57cadf71396e107289e84b902152614e85e59345de158a2b9603b930026eddcb8fba10ba55119015a751ab6f73562cd57839c154c36c6daf876ec0a4969eaac3d11cc2e22908e2ce905e636715967f1faa2cf1774d47a23782a671568b115e47d992a1390a0b26ba2c27e77588ba886bc8a2f27aa8d8cc095f03989e2da70e155250f3eafd6d3d64afb3ba3f0a9a33b665aa1973ac52ab67743e93b0cbe9465fa51bbc04b938c7a9fda55b051a4f4627e5f9bc852cc8b8b957e83640f647280dba8952508031dadcae07936d282b51e3977ee7ed7905d36d847b23675321d9b97fa5237a4329bf832b2ed3741215682218eaa3fdac2561b96b3fe4806f9d60e355726f859c6347bd67678640ca4fbe0cff3e19b718d8e78f9469cdcd72b351fe2e2b7f44dd804f062286b7e640b27a1addad7d12c6cfaa2aaeeb6bc55d8158ddf29d69855f6d699ae6bf5f89e1bfb481d0c9c7b7bf8833d7664e874ad06597b0625da02a9f9627fc70d0ba58565b19ba5a7b189ca138477e1b9100bce76b6450ae7ac799e50bd9db82f565ae178467a79ea769645865d56dbc5e5df4a90551ef0acc7bcd1d1bf2005f72ec843f1dee3a624f4334360837d5fd1f43c6fcfc99ae1df2aebf04bfad6160b3a2ab2d6f9a4c4d8479e1f339f1225ed758185a77c7bf97a4cd5c8081d427db7f5379a85fe89a09af1f05f0d8f0012b0749668e60157ad4e30ce3bfeebfb9c93e15a260cedd56194466c4a87e340df74e42c8a5f929e23823208e1883294619509fcb1dc52a5a5e37100e45aa63400b946d41526e8ba254bb0fccee56d11d65c82b23bc2966902a88de34ba4ebb1df30c9d1d5fdfcc0c4ca03b0115cffabdbfb1eeb89d41b41d9605937e4029b1ce002a00ccb7242699747b257dae415dfedfb6f084130430ec9a6fdf9b0652bb613a5399fc3cb25848b46199826d4b3475cc1fb5738b1814fc0c0c33b904bf5384b6d0c977a58d55b7dd03884d4f5cc263fde484cc7185685251107d4797d0c8fc650941d0422b74fcad316f675f309ea0d6091652a28e3e3d69a12869bf2be958667f301f62febf8da5c5b3d84eb872fda6861c63a5d497fb74816829ac78a817a1ff7f0be998cc87ef7ba4e6f6734ad2158abb6af3f7dcb16110009993fbf0bdb14cc7e2fce77e9a0f71a15338052d8e6edf087f66ba90949cf8a8abe250103c4d4a489ac11d0ccc028a1e6a98020c2285894d576d0ddcbb4a665753ea0d5f8f178d8f517bff4fd249154a70fe8f2fd444b800518f213f0446e19dec3d587bfcea3b8c4e157bd2338a03f53ef87fed922099dd7bbbf13429028c19590a91229ac4535a95e922d88759ac26d34f3cbbc45561291fc2bf47b022e590298596daddf50ea17c27e5d606dd28ba625371ac5be1cab75954b9d313a40695c7dd249e4b0f33fdcf58047d38f9d57e3575a12c48cb52f36f2d412911dcf909f9e0769e701cea4d19504f72a5fe23407ce949da08cb449aac6b83d50a0c595d9810f795a9b96d9305e2bbb764662e6c812b6823dc2d04c66042d58178492e87923c38065895b84596ef7c35758799dc689aa219d96a62fcb9599e631600794eb6e8dc0ff360c851e35086f004de7af47fe7134368efa7489d1696599e095923901b61df2b78a20962c00ac383bf56be7c431e65d1c5156f48677c0c0ccc5838af8db38dd09ebda72d4b780d80d94d8d3f18f55ed25ca31bf7d79d407e9cfd2a66fd00fabbee563dd043f958bc2b58634e7ae385aa94e582b48068c27076bcb3b0b50ed2d6af8bc6f41bbd0287753d89030301aa6a6ab4a788e77d0089452d9e72f4c925e31984caa8fc8308f62555464946a2ea8c54a1b6ce9eb8a1d3b67b6ad84db2464f121d14ecd7e080724b7bc0acc8bf987ba2cfc0459410e911158e881bad14c09a4b5d14295ef263274dfcf6c65aaf25bceeb21beb6b7777b9f6efc388d132b9bbc8e96ee64216264281a560453a33ae158e2c3345eb2d485124ef14887be7c104b5a79a45849530591fbaac5b9548e04e0a7121702d50af508c57f290cc535ab32c1da0205564381e86eac2d0a189d60369ec15043b283347e720a1674c6884766fdc0487e7177f8983d76e28f61cd54f73feb7bd0172fd9fadb934a0a6e6e07fd61123983052ac5c846bebbc2092a103608d0772e54fe605039e96939435ac6ebdc55a90bbb0045a256c00edafa09d8b5432a49d6844333bebc58ecbe02170df8b061deea474cf8efc60ddce59ea0e3809c9767996ab042488d1339dd166faa7afa08f285a1159e2f683c40dccd95d8bfd4ecc417a8814302047e6e74ce92f32a72bcb7c3aee1d75dd475cbcc2bb4b85006385da6a172032abef4d813cdfdd5783213216019291ae8f81603ff09fb3ee097c17dd1b061d7987a75ce883ab9185f6401800fc52c626fa68b09d42e62cb51628c6f9cec88a4887d591abacb18d46dbcbdf659b2b2d11c2eba0987a8fd1642db8692b1e30b578e2b767898ac5484de17d6177b7d506bce65c3587bf1cc8a58545699b144c6f78b4cd1b796fbe734fc117aa52faf2d0cf5290ddaf88f317f911c9bd223dfc2e91475fd2fdfeaa6c7be18212f896b1006e844f13f9bf75dc05c51dca9e4766f5363bb02182dd3cc0adb3d0bd82369932796201d446af7bc1556c573966a56a9aaf109506b8d6f2cc6710c7e7b8d4737e498566913d8a277583d45dea6a34dcb1d3e1482faa6f18fa5d9225405dcaea996bae6c9c1630d54b70274376d636faa3b73d07ad1d54b13a0f4b2d9576df7e3d5b768e7da797b9687038123b7378641ccd16bde191c00c91f5ae850f090fe51b1bfde81adbdf5ac70b630f11ba92d38c41f0d7641c703b84971bb7fdedb04e89c5338f030cc27b0352cf12fd8ec867258304e8fcf1db09cff4b32565bf0f5c5ae65377adbcf345c1ed2bd62be57b3e3ac7e003f81a181d6977c516519449ad75b278b588d91ac3e9d07a993f146b9450ae17c8efbae09fe5a226f8a5faf0f3c379a2276c42257e30312abb43a2d22ca", 0x1000) (async)
ioctl$auto_SOUND_PCM_READ_BITS(0xffffffffffffffff, 0x80045005, &(0x7f0000000080)="07fe268a97689028fc8e0c5987dd9eb8d55385e097cd0fd92289d66e25b1d46edd58187323428024c5996fc1cd919b78a28a56a3c1516bec70ada6a65ffdb4ea76bab63043d71ad41065d6a5136f375fd89374d878566864b1e566c049581858d3b182ffcde54f754d51a3be64bd63bfdd2d99bee80fed55a627ebc0d8789b") (async)
r2 = socket(0x10, 0x2, 0x118a)
sendmmsg$auto(r2, 0x0, 0x24, 0x4008) (async)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001140), r0) (rerun: 32)
geteuid()
gettid()
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
mmap$auto(0xfffffffffffffffc, 0x2000000a0009, 0x4000000000df, 0x100800011, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
sysfs$auto(0x2, 0x42, 0x0) (async)
write$auto(0x3, 0x0, 0xfdf3)
fstat$auto(r2, &(0x7f0000001180)={0x7, 0x81, 0x7, 0x5, 0xee01, 0x0, 0x0, 0xffff, 0x7, 0x400, 0xfffffffffffffff7, 0x100000001, 0x3, 0x7, 0x7f, 0x1, 0x200}) (async)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mq_open$auto(0x0, 0x0, 0x7d, &(0x7f0000000040)={0xfffffffffffffffd, 0x6, 0xffffffffffffffc0, 0x800000000000006}) (async)
socket(0xa, 0x6, 0x2)
eventfd$auto(0x7)

8m54.067102527s ago: executing program 32 (id=1442):
mmap$auto(0x1, 0x7fffffffffffffff, 0xdf, 0x36, 0xffffffffffffffff, 0x1028000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = open(0x0, 0x101840, 0x33903f3ada88772b)
read$auto(r0, 0x0, 0x1)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001b40), r0)
sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000001c40)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001240)={&(0x7f0000001280)=ANY=[@ANYRESDEC, @ANYRES16=r1, @ANYRES64=r0], 0x44}, 0x1, 0x0, 0x0, 0x800}, 0x11) (async)
write$auto_fops_x16_ro_(r0, &(0x7f0000000100)="18d50164e81ca4ab92d0d15e0d28f7eea7af041d1be9e949e98ec5c2abe4b4ecd40a92a093d85407ef845aadbfb36099f3ec5e92a4f926018bda264c5c2c561f098850adf5ea070ac52a02bfbeddef7b938033722405496b76492c8983f59c83b1660999b903beeb1589b83c2706df6be367c15675d92ec59daff49daf5fe2b83ab324072339cd95074a3f50e52fc236e7eecccff1e6d4bc210ab87e68ebf78bf5843e8819df3b2cb2a8ee1c3fe113ed4ef01677ea6f73236f9225e8f9d7c7ef9dbb7d69ed7b715eb4c8db8de9697135f6d067e40a76092833ebccbadc2ead39b15bea79719367b92280fc410662b2e1eecb52a21d081d032ad453b6185b17e22b9ec7166172cc92b64ee8dc4981d40bb93a8ca4b06d8408b69284eb5858d20e85ca6c2cac40683ed004ac7ba9d18df2ee0795c537d3b495d2fcfd73ea90c6b51f8a3a446c19de2074291636cd352a0550216da57c86fe1e0019561012dbbe5709aebeb18bf1bdf80773117058759bae8e169a04f6533d2579b3fc65c7d8cf2383279210be12f1cd25eda121939c48d6b848c057dd761ad5e23edbc903ef1929ea75549392de6a322c77358f43607879c40b822694ff3747009160e830d46052e5ca737bb46666bfed8f9c67636d8526ce6978bbb4970e4cc74e7066beb28dd5d78f991649579f74de68532c8cae362fba468c5461283baaae5196d7b150d5e5382eacae45a105bb9ba8b002bffe06171ba5588659997a9d82cc79b4ddccfbc3fb946ab6f5c5fa7b9cd9d818171de89e739ffa6e874a51dcd93dda88d92854c2e794154ee227f23353e3b681b2297212d8dedeebeaceaf5378107d0fa5a43843da518555c1213190eed178633909c965060ecbda9b743ba686cd36bc550d6270b921b72ddd4a5b2caad361bc182772c310e1ba370ae5137ca74c3afd4deabc515f08f5b542e481e0ffe5fe9aa6f26aadaa1de77899db49e17c5801b884dfe329dfcea43c2a52eb4dd0b9cd87ef0f4043baa620e954e32b046ee12c4bc74626c0d9f2719bf5812c1597079f559680e874c3a35f8bfc1d13c17f96e7bc18833a2cb4f9cfa5349d55ed539c6ed5b8c43e24d64fa5971eb9c4754dc090aada86eea3d3990f4501cbf82e655d59631e4e02f1946278752dfeee2e676993b546c45799fa5e196c02ee03745cd67fe1ea8c0a428d3a363357002a1c08a69acedcca0b9db09ff5405db66165a161ecc79079b0f27d66f636c34629e72373bdd0bc0b184f2f733a781a04b30bab3349e08ee3ff50774ee6ee0192e02d29a7464c4cdfdc914d4b252650e90688a6be82073378ef0c72ccad723b400281fa55f61075654a745b69cf726a56d451558dc95a2e208d72407ad39b9067786400cd1e9560be33c36b4db7dffb45b050f11003c0e80f1ddf08994a4e120f560f5473d1a344b0aad3ea1837f16967503f38b5252a1c91fdff37371f63a56ce4557eb3849faa191623ee49ca59fd8479b204e927f4175fadbc0d4b54c3dc1018bf7dd5c41715ab24d9802d78c2cdcc73cc97ba9620647cf411e086b27b943d99b1c5f3ad3032bf7243703ae87cd45cbcc6c5b9a959cde3e1264309264fd9d853e3321b16c9938c3dab86e71debfbbdc1c5c1fb8bd4eea4aa8bef2ae2c2c26ce08d4885bb2209e2a5e7e48d9cc916f4c53311df29f975bef1b5702b3610f5ff3c7e9823cd27ac6cbbc95ef8226f936cd1f15372b92f1a3fcb508226436be7a5fd5b1f8b4a1f6790904693f7a8b1e6eb942338618936bcd28143a52584c1c40fc2589d2b0d51aaa5607ce7fe4f8c3394ef55f4530d7796af5d55f0d191d0cdb348cc983a6eaa0900bbdccedc734ab691b9b50e4c3b73aeea5dd1ca0e321f3d2988e7943135ef3a3e2086af7fe749440925afc61d2a5a98fe20e87cdfb874e0e18df3637e77afa49fa9a80baf2ce618ea2aec4e34c865f470e3489216d1063599d10986556383e0bb87b4bf524e271ad107b9408b7e3418967dd10dff5c4beae9ec282f55b1d199453ea5ea0896e4b0c5e03d63c767a6ae142532211bc0f3ca4111cdd9abad06c3805ca254666b94c65665dee085eb5ea15c5e3830542ee5b6bc54f4651043753b328ffbc3bc9f5e6f9bb0a88e686cd90267e108947ae6a943c619bdca7eaed5159964ce8fca4cd4aacb9869171f3341c999b2d34995708acc3615e9abea6482dde023b8bec044fc26a1049d5a61959ccb9672fc57a17803b12ff6ba822de19b32e2aec81e81ee2e64ed7a79f897f11dfe571d2820f9cdfa599a187a2297c06e0b42d10a01b4d022dc3021c6a888a89341a19ee0df2a12d252fc3fa9a0d3d3727e0b94d2925d70ce8bae4cd5f2ae4a7ae28e77950014152b373291848e05a394e03d70fdff86c129175eb683e3c576164e8d571e2b9d832b224a77a63010f799652057966c0a9795508607d68682057aeaa4a79fab7ab5456c1a3997f9f64e7feadf07e5204e402aa3788215f0f0e53119e6be7e25a67f61ca5028f92e4a8a75bca74ec6953144fd9e08fa2a9cf4772394074ed5fac6da41d4e749318ce547dfad856310cb6b0503f79e27695c641a7ec2a830a5df012b2ca123fc2329a480fc2d5bdd05f4ff525eef45522e1c0b639d6db32553eda243b33e274617a505e89cc35fd405267085018e48f00dce2f0f561d6997c2dc92849dd524fcb9011633b193fc7e6cbd5374c9630cb24ef5db46825ddcdc5ee0c57cadf71396e107289e84b902152614e85e59345de158a2b9603b930026eddcb8fba10ba55119015a751ab6f73562cd57839c154c36c6daf876ec0a4969eaac3d11cc2e22908e2ce905e636715967f1faa2cf1774d47a23782a671568b115e47d992a1390a0b26ba2c27e77588ba886bc8a2f27aa8d8cc095f03989e2da70e155250f3eafd6d3d64afb3ba3f0a9a33b665aa1973ac52ab67743e93b0cbe9465fa51bbc04b938c7a9fda55b051a4f4627e5f9bc852cc8b8b957e83640f647280dba8952508031dadcae07936d282b51e3977ee7ed7905d36d847b23675321d9b97fa5237a4329bf832b2ed3741215682218eaa3fdac2561b96b3fe4806f9d60e355726f859c6347bd67678640ca4fbe0cff3e19b718d8e78f9469cdcd72b351fe2e2b7f44dd804f062286b7e640b27a1addad7d12c6cfaa2aaeeb6bc55d8158ddf29d69855f6d699ae6bf5f89e1bfb481d0c9c7b7bf8833d7664e874ad06597b0625da02a9f9627fc70d0ba58565b19ba5a7b189ca138477e1b9100bce76b6450ae7ac799e50bd9db82f565ae178467a79ea769645865d56dbc5e5df4a90551ef0acc7bcd1d1bf2005f72ec843f1dee3a624f4334360837d5fd1f43c6fcfc99ae1df2aebf04bfad6160b3a2ab2d6f9a4c4d8479e1f339f1225ed758185a77c7bf97a4cd5c8081d427db7f5379a85fe89a09af1f05f0d8f0012b0749668e60157ad4e30ce3bfeebfb9c93e15a260cedd56194466c4a87e340df74e42c8a5f929e23823208e1883294619509fcb1dc52a5a5e37100e45aa63400b946d41526e8ba254bb0fccee56d11d65c82b23bc2966902a88de34ba4ebb1df30c9d1d5fdfcc0c4ca03b0115cffabdbfb1eeb89d41b41d9605937e4029b1ce002a00ccb7242699747b257dae415dfedfb6f084130430ec9a6fdf9b0652bb613a5399fc3cb25848b46199826d4b3475cc1fb5738b1814fc0c0c33b904bf5384b6d0c977a58d55b7dd03884d4f5cc263fde484cc7185685251107d4797d0c8fc650941d0422b74fcad316f675f309ea0d6091652a28e3e3d69a12869bf2be958667f301f62febf8da5c5b3d84eb872fda6861c63a5d497fb74816829ac78a817a1ff7f0be998cc87ef7ba4e6f6734ad2158abb6af3f7dcb16110009993fbf0bdb14cc7e2fce77e9a0f71a15338052d8e6edf087f66ba90949cf8a8abe250103c4d4a489ac11d0ccc028a1e6a98020c2285894d576d0ddcbb4a665753ea0d5f8f178d8f517bff4fd249154a70fe8f2fd444b800518f213f0446e19dec3d587bfcea3b8c4e157bd2338a03f53ef87fed922099dd7bbbf13429028c19590a91229ac4535a95e922d88759ac26d34f3cbbc45561291fc2bf47b022e590298596daddf50ea17c27e5d606dd28ba625371ac5be1cab75954b9d313a40695c7dd249e4b0f33fdcf58047d38f9d57e3575a12c48cb52f36f2d412911dcf909f9e0769e701cea4d19504f72a5fe23407ce949da08cb449aac6b83d50a0c595d9810f795a9b96d9305e2bbb764662e6c812b6823dc2d04c66042d58178492e87923c38065895b84596ef7c35758799dc689aa219d96a62fcb9599e631600794eb6e8dc0ff360c851e35086f004de7af47fe7134368efa7489d1696599e095923901b61df2b78a20962c00ac383bf56be7c431e65d1c5156f48677c0c0ccc5838af8db38dd09ebda72d4b780d80d94d8d3f18f55ed25ca31bf7d79d407e9cfd2a66fd00fabbee563dd043f958bc2b58634e7ae385aa94e582b48068c27076bcb3b0b50ed2d6af8bc6f41bbd0287753d89030301aa6a6ab4a788e77d0089452d9e72f4c925e31984caa8fc8308f62555464946a2ea8c54a1b6ce9eb8a1d3b67b6ad84db2464f121d14ecd7e080724b7bc0acc8bf987ba2cfc0459410e911158e881bad14c09a4b5d14295ef263274dfcf6c65aaf25bceeb21beb6b7777b9f6efc388d132b9bbc8e96ee64216264281a560453a33ae158e2c3345eb2d485124ef14887be7c104b5a79a45849530591fbaac5b9548e04e0a7121702d50af508c57f290cc535ab32c1da0205564381e86eac2d0a189d60369ec15043b283347e720a1674c6884766fdc0487e7177f8983d76e28f61cd54f73feb7bd0172fd9fadb934a0a6e6e07fd61123983052ac5c846bebbc2092a103608d0772e54fe605039e96939435ac6ebdc55a90bbb0045a256c00edafa09d8b5432a49d6844333bebc58ecbe02170df8b061deea474cf8efc60ddce59ea0e3809c9767996ab042488d1339dd166faa7afa08f285a1159e2f683c40dccd95d8bfd4ecc417a8814302047e6e74ce92f32a72bcb7c3aee1d75dd475cbcc2bb4b85006385da6a172032abef4d813cdfdd5783213216019291ae8f81603ff09fb3ee097c17dd1b061d7987a75ce883ab9185f6401800fc52c626fa68b09d42e62cb51628c6f9cec88a4887d591abacb18d46dbcbdf659b2b2d11c2eba0987a8fd1642db8692b1e30b578e2b767898ac5484de17d6177b7d506bce65c3587bf1cc8a58545699b144c6f78b4cd1b796fbe734fc117aa52faf2d0cf5290ddaf88f317f911c9bd223dfc2e91475fd2fdfeaa6c7be18212f896b1006e844f13f9bf75dc05c51dca9e4766f5363bb02182dd3cc0adb3d0bd82369932796201d446af7bc1556c573966a56a9aaf109506b8d6f2cc6710c7e7b8d4737e498566913d8a277583d45dea6a34dcb1d3e1482faa6f18fa5d9225405dcaea996bae6c9c1630d54b70274376d636faa3b73d07ad1d54b13a0f4b2d9576df7e3d5b768e7da797b9687038123b7378641ccd16bde191c00c91f5ae850f090fe51b1bfde81adbdf5ac70b630f11ba92d38c41f0d7641c703b84971bb7fdedb04e89c5338f030cc27b0352cf12fd8ec867258304e8fcf1db09cff4b32565bf0f5c5ae65377adbcf345c1ed2bd62be57b3e3ac7e003f81a181d6977c516519449ad75b278b588d91ac3e9d07a993f146b9450ae17c8efbae09fe5a226f8a5faf0f3c379a2276c42257e30312abb43a2d22ca", 0x1000) (async)
ioctl$auto_SOUND_PCM_READ_BITS(0xffffffffffffffff, 0x80045005, &(0x7f0000000080)="07fe268a97689028fc8e0c5987dd9eb8d55385e097cd0fd92289d66e25b1d46edd58187323428024c5996fc1cd919b78a28a56a3c1516bec70ada6a65ffdb4ea76bab63043d71ad41065d6a5136f375fd89374d878566864b1e566c049581858d3b182ffcde54f754d51a3be64bd63bfdd2d99bee80fed55a627ebc0d8789b") (async)
r2 = socket(0x10, 0x2, 0x118a)
sendmmsg$auto(r2, 0x0, 0x24, 0x4008) (async)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001140), r0) (rerun: 32)
geteuid()
gettid()
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
mmap$auto(0xfffffffffffffffc, 0x2000000a0009, 0x4000000000df, 0x100800011, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0x400454ca, 0x38)
sysfs$auto(0x2, 0x42, 0x0) (async)
write$auto(0x3, 0x0, 0xfdf3)
fstat$auto(r2, &(0x7f0000001180)={0x7, 0x81, 0x7, 0x5, 0xee01, 0x0, 0x0, 0xffff, 0x7, 0x400, 0xfffffffffffffff7, 0x100000001, 0x3, 0x7, 0x7f, 0x1, 0x200}) (async)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mq_open$auto(0x0, 0x0, 0x7d, &(0x7f0000000040)={0xfffffffffffffffd, 0x6, 0xffffffffffffffc0, 0x800000000000006}) (async)
socket(0xa, 0x6, 0x2)
eventfd$auto(0x7)

8m10.343689072s ago: executing program 4 (id=1718):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x11, 0x3, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='(4D\xee\x9c\xd1\xa8\xe8\x05@\x00\xb4\xfa\x93\xc0\xd7\xd4\xaa\x0eZ\xb4\xd5\xb6\xc2\x02', 0x100000a3d9)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff)
mmap$auto(0xfffffffffffffffe, 0x20009, 0xe3, 0x10, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
set_mempolicy$auto(0x6, 0x0, 0x21)
ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, &(0x7f0000000040)={0x40000000001, 0xfffffffffffffffe, 0x2, 0xffffffff, 0x4e3, 0xffffffff, '\x00', 0xa, 0x26, 0x82, 0x5, 0x4, 0x5, 0x3})
unshare$auto(0x40000080)
madvise$auto(0x0, 0x0, 0x5)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x20500, 0x0)
r1 = open(0x0, 0x4201, 0x64)
madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11)
setsockopt$auto_SO_TIMESTAMPING_NEW(r1, 0x6, 0x41, &(0x7f0000000040)=']\x00', 0x6)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/ip_vs_conn_sync\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000380)=""/23, 0x17)
prctl$auto(0x3e, 0x0, 0x4, 0x8, 0x7fe)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
pread64$auto(r3, 0x0, 0x40000000f42c, 0x80002)
io_uring_setup$auto(0x7, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
ioctl$auto_BTRFS_IOC_SEND_32(0xffffffffffffffff, 0x40449426, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2b, 0x1, 0x1)

8m9.236046967s ago: executing program 4 (id=1725):
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x450481, 0x0)
write$auto(r0, 0x0, 0x100000a3dd)
socket(0x22, 0x2, 0x0)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socket(0x10, 0x80000, 0x0)
mmap$auto(0x0, 0x20009, 0xde, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x2a, 0x2, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2b, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x208400, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0xffffffffffff7fff)
getrlimit$auto(0x3, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop12\x00', 0x6281, 0x0)
ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
write$auto(0x3, 0x0, 0x1)
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
bpf$auto(0x7, &(0x7f0000000200)=@bpf_attr_11={0x3, 0x9b0, 0x0, 0x1, 0x1, 0x200, 0x8, r1}, 0xb4000000)
ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.14/usb38/uevent\x00', 0x89041, 0x0)
mmap$auto(0x0, 0x1aa5, 0x10000000000003, 0xeb1, 0xffffffffffffffff, 0x8000)

8m8.773153258s ago: executing program 4 (id=1729):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10810, 0x0, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
fcntl$auto(r2, 0x400, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x4)
ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x15, 0xffffffffffffffff, 0xc)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
r3 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
write$auto(r3, &(0x7f0000000c40)='gthtool\x00', 0x5)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x929, 0x44b, 0x7, 0x5, 0x100717e, 0xfffffffa, 0x7, 0x4, 0x10000007ff, 0xfffffffe, 0x80000001, 0x4, 0x200000000001, 0x1, 0xfffffffffffffffb, 0x8, 0x0, 0x2, 0xfffffffffffffffe, 0x867, 0xe, 0x22000, 0x200, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, [0x100000000b, 0x2007f, 0x0, 0x1, 0x6b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x3, 0x1000, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0xfffffffffffffffd]}, 0xa, 0xe)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffff7effffd01, &(0x7f00000001c0))
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000031c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x101000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000003200)=""/49, 0x31)

8m7.586240294s ago: executing program 4 (id=1736):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setsockopt$auto(0x3, 0x1, 0x8, 0x0, 0x89)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) (async)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x20000040) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (async)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01H\x01\x00\x00\x0fo\x84\xfc\x89\v\xea\b\x00\x00\x00\x00\x00\x00\x00\x01\x88\v\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dG\x9f`\xb8Q\xf0BFWI\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00\\0 \xa2\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\b\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xeeI\x00'/232, 0xfdea, 0x23)
read$auto(r1, 0x0, 0x20) (async, rerun: 32)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lo/mtu\x00', 0x2062, 0x0)
read$auto(0xffffffffffffffff, &(0x7f0000003040)='veth1_to_team\x00', 0x9)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x4) (async)
ioctl$auto_FIDEDUPERANGE(r1, 0xc0189436, 0x8000) (async)
chdir$auto(&(0x7f0000000040)='./file0\x00') (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) (async)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x2, 0x0) (async)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x0, 0x18, 0x0, 0x0) (async, rerun: 32)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/capabilities/sw\x00', 0x0, 0x0) (rerun: 32)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000001600)=""/4098, 0x1002) (async)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000240)='/dev/mtd0\x00', 0x2142, 0x0)
ioctl$auto_MEMWRITEOOB(r5, 0xc0104d03, &(0x7f0000000340)={0x1ff, 0x3109, 0x0})
write$auto(r3, 0x0, 0x9) (async)
mprotect$auto(0x200000000000, 0x806121, 0x8)
sysfs$auto(0x2, 0x11, 0x0) (async)
r6 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r6, 0x8, 0x0, 0x0, 0x0)

8m7.340933211s ago: executing program 4 (id=1738):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x400009, 0x4, 0xa911, 0xffffffffffffffff, 0x7ffd)
r0 = socket(0x15, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0xc, 0x0, 0xf58, 0x4, 0x4412d, 0x8, 0x0, 0x4, 0xf, 0x8000000000000, 0x84c, 0x1, 0x7]}, 0x0)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram2\x00', 0x10ba02, 0x0)
r2 = prctl$auto(0x23, 0x6, 0x2009, 0x0, 0x0)
sendfile$auto(r1, 0x3, 0x0, 0x400000000006)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xffffffff00000000, &(0x7f0000000080)="fa103ae1cdaeda7423ccf71ed75ef605d9997452e83521709e1a20f4a74aba494ab014c1581765d48a2a2960324f2a685681edec91ed88f1e3b20dc14496fec0679a51da4a93040c1cf06a60c34ede07a771cf8ef761e995099adc31fe95a167b1b20d4625fa44edf3007dbe8104dd1f")
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c00, 0x0)
pidfd_open$auto(0x0, 0x7c)
ioctl$auto_SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), r4)
personality$auto(0xfffff032)
ioctl$auto_BLKIOOPT(r1, 0x1279, 0x0)
ppoll$auto(0x0, 0x8, 0x0, 0x0, 0x8)
msgctl$auto_IPC_RMID(0x1, 0x0, 0x0)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), r2)
prctl$auto(0x2000007, 0x1, 0x0, 0xffffffffffffffff, 0x7)
r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x80, 0x0)
ioctl$auto_EVIOCGREP(r5, 0x80084503, 0x0)

8m6.348957226s ago: executing program 4 (id=1742):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = open(0x0, 0x22240, 0x55) (async)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
clock_nanosleep$auto(0x8, 0x0, 0x0, &(0x7f00000000c0)={0x7fffffffffffffff, 0x6}) (async)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async)
statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38) (async)
close_range$auto(0x2, 0x8, 0x0)

7m51.19889378s ago: executing program 33 (id=1742):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = open(0x0, 0x22240, 0x55) (async)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0) (async)
close_range$auto(0x2, 0xa, 0x0) (async)
clock_nanosleep$auto(0x8, 0x0, 0x0, &(0x7f00000000c0)={0x7fffffffffffffff, 0x6}) (async)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async)
statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) (async)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x20008, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38) (async)
close_range$auto(0x2, 0x8, 0x0)

11.291072111s ago: executing program 5 (id=5479):
prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0)
readv$auto(0x3, &(0x7f0000003080)={&(0x7f0000003040), 0x4}, 0x9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vhci_hcd.13/usb36/36-0:1.0/usb36-port7/state\x00', 0x101342, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x840042, 0x0)
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/security/tomoyo/audit\x00', 0x6a502, 0x0)
r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/loop5/rqos/wbt/min_lat_nsec\x00', 0x240400, 0x0)
close_range$auto(r4, 0x8, 0xffff)
madvise$auto(0x0, 0x2003f0, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg0\x00', 0x248082, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r5, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e)
read$auto(r3, 0x0, 0xb4d3)
setsockopt$auto_SO_RCVBUF(r0, 0x5, 0x8, &(0x7f0000000000)='$}-\'$$#\x88\x00', 0x40f)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20001, 0x0)
mmap$auto(0x10001, 0x7, 0x8001, 0x40eb2, r2, 0x8)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
r7 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x80002, 0x0)
ioctl$auto_PPPIOCSMRU(r7, 0xc004743e, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r6, 0x4601, 0x0)
r8 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7)
sysinfo$auto(0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
ioctl$auto_BTRFS_IOC_SNAP_DESTROY_V2(r8, 0x5000943f, &(0x7f00000013c0)={@raw=0x4, 0x6, 0x2000000000081d, @btrfs_ioctl_vol_args_v2_3_0={0x1, &(0x7f0000000140)={0x6, 0x3ff, 0x3, 0x100, {0x7ff, 0x4, 0x400002, 0xa8a, 0x8}, [0x7, 0x8]}}, @subvolid=0x10001})
sendfile$auto(r1, 0x3, 0x0, 0xc01)

11.096925357s ago: executing program 5 (id=5482):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
setresuid$auto(0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_NOOP(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x40, r2, 0x8, 0x70bd25, 0x25dfdbfd, {}, [@L2TP_ATTR_RECV_SEQ={0x5, 0x12, 0x6}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private0={0xfc, 0x0, '\x00', 0x1}}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x81}, @L2TP_ATTR_L2SPEC_LEN={0x5, 0x6, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x24000001)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setattr$auto(0x0, 0x0, 0x7b)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
r3 = open(0x0, 0x0, 0x408)
getdents$auto(r3, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)

4.286749435s ago: executing program 1 (id=5508):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r2, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
getpid()
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r3, 0x0, 0x200000000006, 0x8)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
madvise$auto(0x0, 0x2003f0, 0x15)

3.491900348s ago: executing program 3 (id=5510):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ustat$auto(0x801, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
setresgid$auto(0x81, 0x800000a0, 0x8)
setgroups$auto(0xc00000000, 0xfffffffffffffffc)
setresuid$auto(0x8, 0x8, 0x0)
setfsuid$auto(0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0)
write$auto(r2, 0x0, 0x2)
poll$auto(&(0x7f0000003640)={<r3=>r1, 0x7, 0x6}, 0x7, 0x3)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r1)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r3, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01032ebd7000fddbdf250a0000000800020030caf1"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008800)
ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'rose0\x00'})
r5 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(r5, 0x40087543, &(0x7f00000002c0)={0x6, 0x40000b})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(r6, r6, 0x0, 0x7ffff003)
vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0)
write$auto(0x1, 0x0, 0x80000000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

3.292123056s ago: executing program 5 (id=5512):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x82, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
r1 = epoll_create$auto(0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r2, 0x0)
capset$auto(0x0, 0x0)
epoll_ctl$auto(0x5, 0x3, r2, 0x0)
epoll_wait$auto(r1, 0x0, 0xe007, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
write$auto(r5, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYRESDEC=r0, @ANYRESOCT=r1, @ANYBLOB="04007d80"], 0x20}, 0x1, 0x0, 0x0, 0x40810}, 0x20000000)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
r7 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
mmap$auto(0x102, 0x9, 0x1fec, 0x800000000801f, r7, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2ab42, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x1e21c2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_BLKPG(r6, 0x1269, 0x0)
setsockopt$auto(r7, 0x0, 0x100, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x100000000000028, 0x0)
fsopen$auto(0x0, 0x1)
ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000080)=0x101)
socket$nl_generic(0x10, 0x3, 0x10)

3.144215546s ago: executing program 1 (id=5514):
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
sysfs$auto(0x2, 0xb, 0x0) (async)
keyctl$auto(0x2000000000000017, 0x3ff, 0x0, 0x0, 0x3) (async)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x881}, 0x4000001) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mprotect$auto(0x200000000000, 0x806121, 0x4)
process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={0x0, 0x55}, 0x6, 0x2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
lsm_list_modules$auto(&(0x7f0000000000), &(0x7f0000000100)=0x6, 0x401)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/capabilities/led\x00', 0x40000, 0x0) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0) (async)
socket(0x2, 0x2, 0x1)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x2, 0x0) (async)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty7\x00', 0x44040, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) (async)
shmctl$auto(0x3, 0x8, &(0x7f0000000300)={{0x31a, 0xee01, 0xee00, 0x7fff, 0x101, 0x6, 0x100}, 0x240000, 0x7f, 0x7df0, 0x9, @inferred=0xffffffffffffffff, @raw=0x4906, 0xa49, 0x0, &(0x7f0000000200)="84cb17b024faa5d152030a65a59e6916cb02f550c82d352b59d771db2331474a5ad856aae75b3cbf0352b403454f9fa8945e9f6b30e98d9d1fbd00a2d0d7856015cf11f4e2b79a828c7587a14c77e57b5611f0e9e7100ae9eab71d49fc2b0731ce5d61d16486d751407c1cd4ac15a95951f9012dbe2ec03aa35eea8bbcd6411fd1c3e95546f6587bfc2a70e458994d4740ac46bd4c993ee0f9cf2a5ee84aa055778699", 0x0})
sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(r0, 0x0, 0x8800) (async)
socketpair$auto(0x5b, 0x1, 0x420000, 0x0) (async)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)

2.90579201s ago: executing program 1 (id=5516):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r2 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
getpid()
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (fail_nth: 5)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x200000000006, 0x8)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
madvise$auto(0x0, 0x2003f0, 0x15)

2.540003124s ago: executing program 5 (id=5519):
r0 = bpf$auto(0x0, 0x0, 0x6f4)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r2 = open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14)
r3 = open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x1c7)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYRES16=r4, @ANYBLOB="00022abd7000ffdbdf255f00000008000b01ffffffff04001b8006004301e47a00000600f70007060000af00f3003c9724e1de765023280dafe18608b46e8d48f4e204e4eec7277ee1ae79363c7165c4f475dcdb4f7d16b9467ccd03c62f16f0d468e687aedc110c8240b3142bd40f26cf0d7fa73256099bdb75898e7ac4e93f34a12315d0c7f3911a8a202c4b64cb800c6547a9b3a441a22f0f83ef67eaf3091991fde3ea4ecacdb30fbfa8867fb023b42bd822522da0ff9a4b879872dd69b5275afaf19c8ac24835de50db1e6beef2c98c58134d61221e8800"], 0xe0}, 0x1, 0x0, 0x0, 0x80}, 0xc804)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x400280, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
ioctl$auto_RNDADDENTROPY(r3, 0x40085203, &(0x7f0000000200)=[0x1, 0x1])
write$auto(r2, 0x0, 0xfffffdeb)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0xffffffffffffffff, 0x300000000000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="00020000", @ANYRES16=r7, @ANYBLOB="010028bd7000fedbdf251c000000180001801400020064756d6d793000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000)
close_range$auto(0x2, 0x8, 0x0)

2.426444691s ago: executing program 3 (id=5521):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r0 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x8, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x9, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x8, 0x402, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCNXCL2(r2, 0x540d, &(0x7f00000001c0)="dbc7503dfed0f5a2223b64aa77912c33ea7df916acf8cf57e2915fe0160b3b7f57d501f7dc8b6ae2b3fabb7a1d745cd7b0cfbceed8a9e754")
socket(0x2, 0x80802, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/status\x00', 0x101600, 0x0)
read$auto(r4, &(0x7f0000000040)='\x04\x00\x86\xd2\x0f\x84\xe7\x05}\x88\x04\xc2&\x14^\v\x802\x89Y\xf2;\xe8\xf4a\xab\x01\xf5\x1f\xd5\xf5\x89lg\x0f+S\xbf\xa7\xc3\xd0\x1e\x18\xc2\xe8\x87\xa9\x9a4I;\xf6wP\'go\xf2\xf13\x91I\x819nz65-\x84\x11\x7f^\xed^\xbc\x17\x17\x82r\xa4\xf6\x86m\x81YI\xa7\xe7\x97%\x9d\bs\xc92\x1b\t\xf9q\a*\xf1\r\xc1\x18\xa7\x05m\xb1\xda\apU\xb8)b\x7f\xe9rQ\xc5N~,,\xad\xf0\x011\x8b`\xb8\x06\x01$\'\xb4\x03g\xe6\xf8\x18liR-\x97\xadX\x7f\v\xa4\xb5\xfa\xe0k\xa1\xc3\x89\x01\xb1J\xdcy!\x99\xf65\x9e\xcd\xe2[\xd78\x0e\xde-!u\x9bh\a\xbbHC\x91\xde\xd2\x9a}S\xf0\x85\x7f\x86/\xd7||\xf4\xca\xc9A\xac\xfb\x1f\xcb\xed\xbaF\xe5\xb2\xdc/Z\x1b\xc9\xb8\xc9\x83O2F\x91\a\x8c\xcd\xe57\xaa\x12\x03\xe4=\x85\xb3\xa7L', 0xc)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0)
socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x8)

2.171006413s ago: executing program 0 (id=5523):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
connect$auto(0x3, 0x0, 0x54)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9c575a0000", @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf25010000000c00078008000180040001800c0002000600000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880)
getsockopt$auto_SO_TXREHASH(r0, 0x1, 0x4a, &(0x7f0000000080)='nbd\x00', &(0x7f00000000c0)=0x6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyvf\x00', 0x4000, 0x0)
stat$auto(0x0, 0x0)
getpid()
socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
connect$auto(0x3, 0x0, 0x54) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) (async)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9c575a0000", @ANYRES16=r1, @ANYBLOB="010025bd7000fddbdf25010000000c00078008000180040001800c0002000600000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x8880) (async)
getsockopt$auto_SO_TXREHASH(r0, 0x1, 0x4a, &(0x7f0000000080)='nbd\x00', &(0x7f00000000c0)=0x6) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyvf\x00', 0x4000, 0x0) (async)
stat$auto(0x0, 0x0) (async)
getpid() (async)
socket(0xa, 0x2, 0x0) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
socket(0xa, 0x3, 0x3b) (async)

2.07769783s ago: executing program 1 (id=5524):
close_range$auto(0x2, 0x8, 0xd)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x2cae82, 0x0) (async)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x2cae82, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x70f740, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f00000003c0)="0911548eab7200ae7783048e6dc28abde561f51d1d78a5ba4fe4b62e2b89695ed7d1dd79688738b1a720bea8d93580168674f50b6099d20aac38c6fca99e47d623b1a0999052fa52be9782ab0afc290096fbe10e7991d6af1863722772c73bebd6bf626bab9c829bdf573a258e3c0bf52dda60be0c2c1f3ce6d3ff221e12591e975548f862bc34bb1beb783d684600"/162, 0xa2)
futex$auto(&(0x7f0000000080)=0x1, 0x6, 0x1, 0x0, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000)
futex$auto(0x0, 0x5, 0x0, 0x0, &(0x7f0000000080)=0x9, 0x4000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r2, 0x0, 0x20) (async)
read$auto(r2, 0x0, 0x20)
mmap$auto(0xfffffffffffffffe, 0x3, 0xdb, 0x9b72, 0x5, 0x4)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x25, 0x1, 0x0) (async)
socket(0x25, 0x1, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/ht_capa\x00', 0x82, 0x0) (async)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/ht_capa\x00', 0x82, 0x0)
pwritev$auto(r3, &(0x7f0000000180)={0x0, 0x5}, 0x3, 0x700, 0x5)
socket(0x27, 0x6, 0x80100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen_full\x00', 0xe0003, 0x0)
r4 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0)
ioctl$auto_FUSE_DEV_IOC_CLONE(r4, 0xe503, 0x0) (async)
ioctl$auto_FUSE_DEV_IOC_CLONE(r4, 0xe503, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x9, 0x0, 0x15f4da0e, 0x3, 0x3, 0x62, 0x80000020, 0x7, 0x6d3e, 0x4000000000c, 0x2, 0x6]}, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2000c, 0x4, 0x1d, 0x40000000000a5, 0x8000) (async)
mmap$auto(0x0, 0x2000c, 0x4, 0x1d, 0x40000000000a5, 0x8000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.849882112s ago: executing program 0 (id=5525):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
r1 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async)
openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x80680, 0x0) (async)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
sendmsg$auto_NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000380)={0x1ac, 0x0, 0x2, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_IE_PROBE_RESP={0xb4, 0x7f, "9a1c276d6dfba3525923069f80485c97dcd1ab22b41033dbaf73918cebb491c542c66084f1d9dea3dd58d4c13344f4e010937ad77630645c55159ed4c2b88dcdcf7b7a85789682219e3202189431499868c76d31ea56fd615d1123e1bf5a7e3fc3b5c0ed5cf9a3f8e4d540edff44f24057d654e303c202bd3dd0fd8dc0a66065bf5d1bf8141149c7a779a426084ba38dfd332879e509df938d9b6b300a26684cbb600e336f7630c475656ad4f50a325c"}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x7}, @NL80211_ATTR_MLO_TTLM_ULINK={0xd1, 0x149, "577e77925475c7de6950e4b547f01885df469a79900a2c5d3f0cb2d53f7d8b96c61ee90b5685d456e098145d02f2fe283ece6fecd75c2b56d3df305b672e7cb4fc66bd5e6751024a15e4cb4c1cc140760ae7e55d315eaea0cf3a41b6031b051ac56349124e2684b20c1e636ee70ce5ab22bd8234f1d98a5f13ab9c346dde93cd6429fffa2ded8e65e0960aeeef0fce5ef9e6cd8d6b28501f4ebb0cc0b96a96c74c5e06dce84c60d12fa8ecacf132ab72b58c701aa02714d8541fe7fe639e48973fb93ea4a7c0b2e2c49345936e"}, @NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0xc7}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
listen$auto(0x3, 0x81) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0x240007, 0x19) (async)
madvise$auto(0x0, 0x2003f2, 0x15)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) (async)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video68\x00', 0x90d01, 0x0)
ioctl$auto(r0, 0xc0945662, r2) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, r3, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kfence/parameters/sample_interval\x00', 0x102, 0x0) (async)
socket(0x18, 0x1, 0xffffff57) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)

1.541547935s ago: executing program 5 (id=5526):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x0, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty24\x00', 0x40, 0x0)
ioctl$auto_TCFLSH2(r0, 0x540b, &(0x7f0000000380)="c7c7cc315b1b7a6194953361c0617e8c287004ae48734ae21534ea5676ee744a67a047a4eff5f93205d5a6566f61490f3d73e12a72131108b7ae932551b8be16e44dff8f8576e075b00ce9f3e0d9863782212afa466f3d2f3df02661812d62")
acct$auto(&(0x7f0000000280)='\x98\xe0#\xd5f\x04xR\xe9\x92\x1d\x99\x11F\xe8Pa\xd9#\xaf\xdc\x9c{\xdfYlW,Or\xf8\xf1\x9a\xbf\xa4i\xea\xb6\xb1\xa0FrqJm\x81\xe0{\x90\xc3\xcf\xb5?\xbc\xf84\x8f\xb9\xe1\f\xfaVM\xfaf\xd0\x7f\x8c\xeeD\xcc\x90\x00\x00\xe6\xfc\\5\xbb\xd44}$\x11\x10V\xc5s\xe6\x83\xfd\'h\x17~L\x80\xc5\xd0P\x94t\x01c  [\xf8\xbd?~z\"\x9d1\xe4\x9dl\x0f\xc82\xce]\xe7g\xf6\xe4B\x8b\fa\xfev\xe8^\x1c\xdf\xac\b\xb7\xb1\x0f.x\x1f\x8eg\xd6\ftj.\xabz\xd2\x11\xdf\x01\xa2\x8bIS\x05\x05e\xb1\xa8\xbe\x8b@T\f\"\xcdMv\xc5\x12\xe3cD\x8c\xec\x1c\xe2\a\xe7*m\xaa2\xcc&i\xdc\xbe\x80o\x85SQ\xa3\xcbJ\x92')
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000140)="4ba8e0737bd42cd9dec0346b4eda4f7464ab5c", 0x5, &(0x7f00000004c0)={&(0x7f0000000400)="bf5b3e99461fa8a9dc816dcb0b8f6137bf6451e86014539632a06a446d415af1d4fabefc88de967e96ed2a2778a79bfbc0c18bd705bbd2773326e1f2c6252dde6bc0df79b6d71094e67f75706c9c2f64134151bf0cad500bc8675ae5fc9ac7d178550e09c7e72ee3cf9481124209961409fe2a5c9806200e9074facfb16c57ab6db74d8fbc4a08bb93e8e6d85d1516ee5d448dbdaeda0aa944a4e01c7608bbbe07ed0516e5a7d8c7ec34", 0x1ff}, 0x129b898a, &(0x7f0000000500)="f2cd0dc4e304da8ea07ef02238d3cb41b8e0889dbed0a1f1449c8b4b13fff9cfb1b2fc80fe3fa689f97515d5719bcbe7c9d009b13437766fc296255bfea5e762582a0046d7b2b7cf9f20c4f8205db68e962ae609b1293a7edbcb2abd14b9a4b33c29f3f7571b02ef5d495e8a3bf54e80174d24f26a1f4c1a4c645eea0ae9c598a4fa89879d9e4c0bdedc0b218320f1b12247d247fb2ce185f15c191b9c8102617d589709da96e067ba9ccb2dc0911bb9feb1462c6cddbdff42f53f37cb67c2f3519d936add8f96c04d02befe0f847b9494c87e3e0976dbfe72658542d9eb9966e4d11dc3c227313aca", 0x5, 0x4}, 0x3}, 0x44, 0x80000001)
acct$auto(&(0x7f0000000000)='/dev/ptmx\x00')
r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x1a1040, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
ioctl$auto_TIOCGDEV2(r2, 0x5410, 0x0)
pwritev$auto(r1, &(0x7f0000000080)={&(0x7f0000000180)="9753c6dbdf9df67a257c86c303a3451bcf46a8e2ad53fab84ce6a583f3b1d0b136ef96e48a98bf3bef39c002faf1b3e581dc628d0572b1d1968645231d0ee1f8692102b2405a2496103c6208bdb7b74f41f759efce33ccd0c4e114cd2da8f5c4f02c17f9f4bd400a67076afd2e63ee238b4d37c32b11a65704bdcd10630b1d9e9c8ef023800cc44697f480af2988790c52b91e1b39ab76d7b131e5f11b9e8fa74256b2b7deaaaa07464fa53419d610aa5f7a0f4a43992c513b386b07a78c3411980e140b6eb13acbeeae456aee9e35a3659518eb166f14fb626f099787693c30236d03381d617a", 0x7fffffffffffffff}, 0x0, 0x0, 0xc)

1.396038947s ago: executing program 0 (id=5527):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r2 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r4, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x20, r5, 0x23, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x4008008}, 0x0)
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r6 = getpid()
process_vm_readv$auto(r6, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r7, 0x0, 0x200000000006, 0x8)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)

1.392120644s ago: executing program 3 (id=5528):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x82, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
r1 = epoll_create$auto(0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r2, 0x0)
capset$auto(0x0, 0x0)
epoll_ctl$auto(0x5, 0x3, r2, 0x0)
epoll_wait$auto(r1, 0x0, 0xe007, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
write$auto(r5, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYRESDEC=r0, @ANYRESOCT=r1, @ANYBLOB="04007d80"], 0x20}, 0x1, 0x0, 0x0, 0x40810}, 0x20000000)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
r7 = openat$auto_component_list_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
mmap$auto(0x102, 0x9, 0x1fec, 0x800000000801f, r7, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2ab42, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x1e21c2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_BLKPG(r6, 0x1269, 0x0)
setsockopt$auto(r7, 0x0, 0x100, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/lp_interval\x00', 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x100000000000028, 0x0)
fsopen$auto(0x0, 0x1)
mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.341230102s ago: executing program 5 (id=5529):
r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r1 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r3, 0x0, 0x200000000006, 0x8)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
madvise$auto(0x0, 0x2003f0, 0x15)

1.162877626s ago: executing program 3 (id=5530):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
ustat$auto(0x801, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
r0 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0x0, 0x29f, 0x100, 0x7f, 0xffffffff, 0x6, 0x2}, {0x8000100, 0x1, 0x8000052, 0x5, 0x1, 0x40, 0x76c5, 0x9a, 0x100000000}})
socket(0x2b, 0x1, 0x0)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
listen$auto(0x3, 0x81)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
close_range$auto(0x2, 0x8000, 0x2000000)

1.133913589s ago: executing program 0 (id=5531):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/compact_memory\x00', 0x80801, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8001)
write$auto(0x3, 0x0, 0x3f00)

1.073554473s ago: executing program 1 (id=5532):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80002, 0x73)
r1 = io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x2, 0x0)
socket(0x25, 0x5, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/arch_status\x00', 0x1a9080, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
read$auto_proc_timens_offsets_operations_base(r1, &(0x7f00000001c0)=""/96, 0x60)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
open(0x0, 0x8643, 0x15e)
ioctl$auto(r0, 0xc008af12, r0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000a00)='/dev/sg0\x00', 0x101000, 0x0)
ioctl$auto_BLKSECTGET2(r2, 0x1267, 0x200000000000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x6, 0x61)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x22282, 0x0)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, 0x0)
write$auto(0x3, 0x0, 0xffd8)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
lseek$auto(r4, 0xfffffffffffffffb, 0x1)

993.718382ms ago: executing program 0 (id=5533):
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20040010)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x100000001, 0x6, 0xffffffffffffffff, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
prctl$auto(0x7f, 0x8548, 0x2, 0x4000000b, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00))
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2a, 0x2, 0x1)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x882, 0x0)
r1 = socket(0x1e, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/queue/nomerges\x00', 0x80302, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
connect$auto(r1, &(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x1, {{0x1, 0x2}}}, 0x10)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x1ffffffffffe, 0xd59f)
r3 = socket(0x2b, 0x1, 0x1)
syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/time_for_children\x00')
socketpair$auto(0xfffffffe, 0x1, 0x40000, 0x0)
ioctl$auto(r3, 0x89a0, 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)

958.754175ms ago: executing program 3 (id=5534):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80002, 0x0)
pwrite64$auto(r0, &(0x7f0000000180)=',\xa8[\x00', 0x3, 0x6)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_l2tp(0x0, r1)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x703d02, 0x0)
sendfile$auto(r2, r2, 0x0, 0x8080000001)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000)
ioctl$auto(0x4000000000000c8, 0x1000, 0x3)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40200, 0x0)
read$auto(r3, 0x0, 0x20)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r4, &(0x7f00000001c0)={0x0, 0x7}, 0x3)
getsockopt$auto_SO_WIFI_STATUS(r3, 0x7, 0x29, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x50}, 0xc800)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r6, 0x114, 0x5, 0xfffffffffffffffc, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)

683.636048ms ago: executing program 1 (id=5535):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r2 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
getpid()
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x200000000006, 0x8)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
madvise$auto(0x0, 0x2003f0, 0x15)

142.958894ms ago: executing program 0 (id=5536):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fe080008808592a023d1efb784f45793f24f5ffdab780c90304dc667530ea7916e8e66eaf4b0ad0ed7c57bc11a7d091fd6f83cfa34dd4d2bb9435a6632ec2f5fbdce23f097c762ef4a791b7b76b3adda6fa16fdfd507dfef9276ed08d7cab3a8cc3c3ae51f4dfd43156fae077d0e88b254e27d730e2b1d85a9a76db61bdde72b98467dde98ed00487508916086ebf713cf9e4a6ab42e72b59eb71340f5bb9590765fc86b1a25f23e1547959d30f77525e7f1c1c74fbca8d2cd1dc381e7e00f88b972c64c"], 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x2, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1028c2, 0x0)
r2 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0xffffffffffff0001, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D2\x00', 0x640c01, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xfffffffffffffffe, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x7ffffffe, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
getpid()
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0)
pread64$auto(r4, 0x0, 0x200000000006, 0x8)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x6, 0xeb1, r2, 0x8000)

0s ago: executing program 3 (id=5537):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
socket(0x2, 0x5, 0x0) (async)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async)
openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0) (async)
socketpair$auto(0x1b, 0x9, 0x8000000000000000, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) (async)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0) (async)
inotify_init1$auto(0x3000000000000) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async)
open(0x0, 0x22240, 0x55) (async)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_last_time_ms\x00', 0x2240, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/105, 0x69) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x82, 0x0, 0x0) (async)
ioctl$auto(0x3, 0x80106f53, r1)
capget$auto(0x0, 0xfffffffffffffffe)
r3 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0)
write$auto(r3, 0x0, 0xff)
r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20020, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x5, 0xffffff7d, 0xa, 0x9, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700", @raw=0x3}, 0x1, @integer64=@value=[0x1, 0x9, 0x6b92, 0x6, 0xfffffffffffffffe, 0x7fffffff, 0x4c6a8f65, 0x5, 0xc, 0xffffffffffffff30, 0x6, 0x2000000002, 0x8, 0x7c1, 0x8000, 0x8, 0x2, 0x2, 0xca1, 0xfffffffffffffffc, 0xffffffff00000001, 0x2, 0x7, 0x6, 0x6, 0x40000000008, 0x4, 0x93, 0xaa, 0x4, 0x2, 0x0, 0x7, 0x3, 0x749, 0x6, 0x4, 0x7, 0x1, 0x3, 0x9186, 0x3, 0x1, 0x1, 0x8, 0x6, 0xfffffffffffffffc, 0x3, 0x4, 0x7fff, 0x3, 0x1, 0xaa7, 0x0, 0xfffffffffffff41f, 0x6, 0xe36c, 0x22e, 0x9, 0x10000000, 0xaca7, 0xf3c, 0x9660, 0x9], "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"})
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/oom_adj\x00', 0x28280, 0x0)

kernel console output (not intermixed with test programs):

endmsg+0x16d/0x220
[  749.020980][T21871]  ? __pfx___sys_sendmsg+0x10/0x10
[  749.020997][T21871]  ? __x64_sys_futex+0x1e0/0x4c0
[  749.021023][T21871]  do_syscall_64+0xcd/0xf80
[  749.021047][T21871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.021062][T21871] RIP: 0033:0x7f3e7938f7c9
[  749.021075][T21871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.021088][T21871] RSP: 002b:00007f3e7a285038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  749.021102][T21871] RAX: ffffffffffffffda RBX: 00007f3e795e5fa0 RCX: 00007f3e7938f7c9
[  749.021111][T21871] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 000000000000000b
[  749.021119][T21871] RBP: 00007f3e79413f91 R08: 0000000000000000 R09: 0000000000000000
[  749.021127][T21871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  749.021135][T21871] R13: 00007f3e795e6038 R14: 00007f3e795e5fa0 R15: 00007fffb7a07158
[  749.021153][T21871]  </TASK>
[  750.485906][ T6202] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 925 with max blocks 14 with error 117
[  750.518886][ T6202] EXT4-fs (sda1): This should not happen!! Data will be lost
[  750.518886][ T6202] 
[  750.890669][T21895] FAULT_INJECTION: forcing a failure.
[  750.890669][T21895] name failslab, interval 1, probability 0, space 0, times 0
[  750.942444][T21895] CPU: 0 UID: 0 PID: 21895 Comm: syz.0.4455 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  750.942473][T21895] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  750.942478][T21895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  750.942486][T21895] Call Trace:
[  750.942492][T21895]  <TASK>
[  750.942499][T21895]  dump_stack_lvl+0x16c/0x1f0
[  750.942525][T21895]  should_fail_ex+0x512/0x640
[  750.942542][T21895]  ? kmem_cache_alloc_noprof+0x62/0x770
[  750.942562][T21895]  should_failslab+0xc2/0x120
[  750.942583][T21895]  kmem_cache_alloc_noprof+0x83/0x770
[  750.942598][T21895]  ? security_inode_alloc+0x3b/0x2b0
[  750.942613][T21895]  ? sk_prot_alloc+0x60/0x2a0
[  750.942636][T21895]  ? sk_prot_alloc+0x60/0x2a0
[  750.942654][T21895]  sk_prot_alloc+0x60/0x2a0
[  750.942675][T21895]  sk_alloc+0x36/0xe30
[  750.942691][T21895]  rxrpc_create+0x116/0x8d0
[  750.942711][T21895]  __sock_create+0x339/0x8a0
[  750.942727][T21895]  __sys_socket+0x14d/0x260
[  750.942738][T21895]  ? fput+0x70/0xf0
[  750.942751][T21895]  ? __pfx___sys_socket+0x10/0x10
[  750.942763][T21895]  ? xfd_validate_state+0x61/0x180
[  750.942780][T21895]  __x64_sys_socket+0x72/0xb0
[  750.942792][T21895]  ? lockdep_hardirqs_on+0x7c/0x110
[  750.942812][T21895]  do_syscall_64+0xcd/0xf80
[  750.942833][T21895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.942848][T21895] RIP: 0033:0x7f3e7938f7c9
[  750.942860][T21895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.942873][T21895] RSP: 002b:00007f3e7a285038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  750.942887][T21895] RAX: ffffffffffffffda RBX: 00007f3e795e5fa0 RCX: 00007f3e7938f7c9
[  750.942896][T21895] RDX: 0010000000000002 RSI: 0000000000000002 RDI: 2000000000000021
[  750.942904][T21895] RBP: 00007f3e79413f91 R08: 0000000000000000 R09: 0000000000000000
[  750.942931][T21895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  750.942941][T21895] R13: 00007f3e795e6038 R14: 00007f3e795e5fa0 R15: 00007fffb7a07158
[  750.942958][T21895]  </TASK>
[  752.243612][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  752.250166][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  752.371185][T21915] batman_adv: Routing algorithm '7' is not supported
[  752.934533][ T6184] netdevsim netdevsim511 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  753.977317][ T8556] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260
[  753.977342][ T8556] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260
[  753.992554][ T8556] Bluetooth: hci0: Dropping invalid advertising data
[  753.999943][ T8556] Bluetooth: hci0: unknown advertising packet type: 0xe9
[  754.645264][T21970] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4465'.
[  755.969655][T21992] netlink: 'syz.3.4470': attribute type 8 has an invalid length.
[  757.615493][T22016] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  757.651855][T22016] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  757.684361][T22016] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  757.707173][T22016] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  758.775040][T22072] netlink: 'syz.3.4486': attribute type 8 has an invalid length.
[  759.003731][T22076] input: jJǸ-�¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input40
[  759.282993][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  759.681990][ T8556] Bluetooth: hci2: command 0x0c1a tx timeout
[  759.759478][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  759.765541][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  761.315015][T22086] Process accounting paused
[  761.770246][T22124] ptp ptp0: only physical clock in use now
[  762.194250][T22122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4495'.
[  762.270316][T22133] batman_adv: Routing algorithm '7' is not supported
[  762.800303][T22138] tipc: Started in network mode
[  762.805294][T22138] tipc: Node identity ffffffff, cluster identity 4711
[  762.919511][T22138] tipc: Node number set to 4294967295
[  764.999024][T22159] __vm_enough_memory: pid: 22159, comm: syz.0.4503, bytes: 8589938688 not enough memory for the allocation
[  765.830764][T22180] futex_wake_op: syz.5.4507 tries to shift op by -2048; fix this program
[  765.925735][T22181] 0x000000000001-0x000000020000 : ""
[  765.999947][T22181] ftl_cs: FTL header corrupt!
[  767.142247][T22191] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4508'.
[  767.679181][T22204] batman_adv: Routing algorithm '7' is not supported
[  770.388836][T22233] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4518'.
[  770.554716][T22237] hub 8-0:1.0: USB hub found
[  770.663398][T22235] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4519'.
[  770.683606][T22237] hub 8-0:1.0: 1 port detected
[  770.791856][T22241] netlink: 'syz.3.4519': attribute type 1 has an invalid length.
[  770.840318][T22247] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  771.130697][T22253] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4522'.
[  771.262023][T22252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4522'.
[  774.805237][T22296] ovs_: entered promiscuous mode
[  775.812558][T22321] Unable to find swap-space signature
[  778.172147][T22359] FAULT_INJECTION: forcing a failure.
[  778.172147][T22359] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  778.230441][T22359] CPU: 0 UID: 0 PID: 22359 Comm: syz.1.4543 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  778.230467][T22359] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  778.230473][T22359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  778.230482][T22359] Call Trace:
[  778.230487][T22359]  <TASK>
[  778.230493][T22359]  dump_stack_lvl+0x16c/0x1f0
[  778.230520][T22359]  should_fail_ex+0x512/0x640
[  778.230538][T22359]  strncpy_from_user+0x3b/0x2e0
[  778.230555][T22359]  getname_flags.part.0+0x8f/0x550
[  778.230575][T22359]  getname_flags+0x93/0xf0
[  778.230592][T22359]  __x64_sys_symlink+0x65/0x90
[  778.230606][T22359]  do_syscall_64+0xcd/0xf80
[  778.230627][T22359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  778.230640][T22359] RIP: 0033:0x7fa067d8f7c9
[  778.230652][T22359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  778.230665][T22359] RSP: 002b:00007fa068c3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  778.230679][T22359] RAX: ffffffffffffffda RBX: 00007fa067fe5fa0 RCX: 00007fa067d8f7c9
[  778.230688][T22359] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000200000000080
[  778.230697][T22359] RBP: 00007fa067e13f91 R08: 0000000000000000 R09: 0000000000000000
[  778.230705][T22359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  778.230713][T22359] R13: 00007fa067fe6038 R14: 00007fa067fe5fa0 R15: 00007ffe8c7d04e8
[  778.230729][T22359]  </TASK>
[  779.479441][T22379] batman_adv: Routing algorithm '7' is not supported
[  780.604790][T22390] FAULT_INJECTION: forcing a failure.
[  780.604790][T22390] name failslab, interval 1, probability 0, space 0, times 0
[  780.699615][T22390] CPU: 0 UID: 0 PID: 22390 Comm: syz.0.4553 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  780.699642][T22390] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  780.699648][T22390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  780.699656][T22390] Call Trace:
[  780.699661][T22390]  <TASK>
[  780.699668][T22390]  dump_stack_lvl+0x16c/0x1f0
[  780.699693][T22390]  should_fail_ex+0x512/0x640
[  780.699709][T22390]  ? kmem_cache_alloc_noprof+0x62/0x770
[  780.699727][T22390]  should_failslab+0xc2/0x120
[  780.699749][T22390]  kmem_cache_alloc_noprof+0x83/0x770
[  780.699765][T22390]  ? __anon_vma_prepare+0x344/0x5e0
[  780.699782][T22390]  ? __anon_vma_prepare+0x344/0x5e0
[  780.699796][T22390]  __anon_vma_prepare+0x344/0x5e0
[  780.699812][T22390]  __vmf_anon_prepare+0x11c/0x240
[  780.699833][T22390]  do_wp_page+0x10a7/0x5010
[  780.699863][T22390]  ? __pfx_do_wp_page+0x10/0x10
[  780.699884][T22390]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  780.699904][T22390]  __handle_mm_fault+0x1bd2/0x2bb0
[  780.699923][T22390]  ? __pfx___handle_mm_fault+0x10/0x10
[  780.699941][T22390]  ? __pte_offset_map_lock+0x174/0x310
[  780.699959][T22390]  ? vm_normal_page+0x1c4/0x320
[  780.699976][T22390]  ? find_held_lock+0x2b/0x80
[  780.699998][T22390]  ? follow_page_pte+0x5cf/0x1390
[  780.700021][T22390]  handle_mm_fault+0x3fe/0xad0
[  780.700038][T22390]  __get_user_pages+0x54e/0x3590
[  780.700065][T22390]  ? __pfx___get_user_pages+0x10/0x10
[  780.700089][T22390]  populate_vma_page_range+0x267/0x3f0
[  780.700110][T22390]  ? __pfx_populate_vma_page_range+0x10/0x10
[  780.700130][T22390]  ? __pfx_find_vma_intersection+0x10/0x10
[  780.700149][T22390]  ? do_mmap+0x69c/0x1210
[  780.700169][T22390]  __mm_populate+0x1d8/0x380
[  780.700190][T22390]  ? __pfx___mm_populate+0x10/0x10
[  780.700212][T22390]  ? up_write+0x282/0x4e0
[  780.700228][T22390]  vm_mmap_pgoff+0x37f/0x470
[  780.700248][T22390]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  780.700269][T22390]  ? __fget_files+0x20e/0x3c0
[  780.700291][T22390]  ksys_mmap_pgoff+0x32c/0x5c0
[  780.700309][T22390]  ? __pfx_ksys_write+0x10/0x10
[  780.700330][T22390]  __x64_sys_mmap+0x125/0x190
[  780.700346][T22390]  do_syscall_64+0xcd/0xf80
[  780.700367][T22390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  780.700381][T22390] RIP: 0033:0x7f3e7938f7c9
[  780.700393][T22390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  780.700407][T22390] RSP: 002b:00007f3e7a285038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  780.700421][T22390] RAX: ffffffffffffffda RBX: 00007f3e795e5fa0 RCX: 00007f3e7938f7c9
[  780.700430][T22390] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000
[  780.700437][T22390] RBP: 00007f3e79413f91 R08: 0000000000000003 R09: 0000000000008000
[  780.700445][T22390] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000
[  780.700453][T22390] R13: 00007f3e795e6038 R14: 00007f3e795e5fa0 R15: 00007fffb7a07158
[  780.700471][T22390]  </TASK>
[  781.746540][T22413] netlink: 322 bytes leftover after parsing attributes in process `syz.1.4557'.
[  782.311187][T22430] batman_adv: Routing algorithm '7' is not supported
[  782.360982][T22425] netlink: Failed to add  helper -22
[  783.079066][T22442] ceph: Failed to parse sending metrics switch value 'P^'
[  784.016142][T22446] FAULT_INJECTION: forcing a failure.
[  784.016142][T22446] name fail_futex, interval 1, probability 0, space 0, times 0
[  784.123451][T22446] CPU: 0 UID: 0 PID: 22446 Comm: syz.3.4566 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  784.123478][T22446] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  784.123483][T22446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  784.123491][T22446] Call Trace:
[  784.123496][T22446]  <TASK>
[  784.123501][T22446]  dump_stack_lvl+0x16c/0x1f0
[  784.123526][T22446]  should_fail_ex+0x512/0x640
[  784.123550][T22446]  get_futex_key+0x1d0/0x15f0
[  784.123567][T22446]  ? __pfx_get_futex_key+0x10/0x10
[  784.123587][T22446]  futex_wake+0xea/0x530
[  784.123607][T22446]  ? __pfx_futex_wake+0x10/0x10
[  784.123632][T22446]  do_futex+0x1e3/0x350
[  784.123647][T22446]  ? __pfx_do_futex+0x10/0x10
[  784.123661][T22446]  ? __might_fault+0xe3/0x190
[  784.123681][T22446]  mm_release+0x24e/0x300
[  784.123700][T22446]  do_exit+0x69e/0x2bd0
[  784.123716][T22446]  ? __pfx_do_exit+0x10/0x10
[  784.123729][T22446]  ? do_raw_spin_lock+0x12c/0x2b0
[  784.123747][T22446]  ? find_held_lock+0x2b/0x80
[  784.123768][T22446]  do_group_exit+0xd3/0x2a0
[  784.123782][T22446]  get_signal+0x2671/0x26d0
[  784.123812][T22446]  ? __pfx_get_signal+0x10/0x10
[  784.123833][T22446]  ? do_futex+0x122/0x350
[  784.123849][T22446]  arch_do_signal_or_restart+0x8f/0x7a0
[  784.123873][T22446]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  784.123897][T22446]  ? __pfx___x64_sys_futex+0x10/0x10
[  784.123916][T22446]  exit_to_user_mode_loop+0x8c/0x540
[  784.123935][T22446]  do_syscall_64+0x4ee/0xf80
[  784.123957][T22446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.123971][T22446] RIP: 0033:0x7f29ea38f7c9
[  784.123983][T22446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.123997][T22446] RSP: 002b:00007f29eb1f20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  784.124011][T22446] RAX: fffffffffffffe00 RBX: 00007f29ea5e5fa8 RCX: 00007f29ea38f7c9
[  784.124020][T22446] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f29ea5e5fa8
[  784.124028][T22446] RBP: 00007f29ea5e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  784.124036][T22446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  784.124044][T22446] R13: 00007f29ea5e6038 R14: 00007ffc757901e0 R15: 00007ffc757902c8
[  784.124061][T22446]  </TASK>
[  785.268035][T22472] batman_adv: Routing algorithm '7' is not supported
[  785.414454][T22474] lo: entered allmulticast mode
[  785.997823][T22475] lo: left allmulticast mode
[  786.638600][T22495] zswap: compressor  not available
[  786.956220][T22494] zswap: compressor  not available
[  787.027861][T22502] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[  787.707047][T22516] Console: switching to colour VGA+ 14x6
[  787.714824][T22521] blktrace: Concurrent blktraces are not allowed on loop2
[  788.384316][T22537] vhci_hcd vhci_hcd.2: invalid port number 252
[  788.407301][T22537] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2
[  789.007113][T22105] syz.5.4493 (22105) used greatest stack depth: 18200 bytes left
[  789.208032][ T8556] Bluetooth: hci0: Received unexpected HCI Event 0x00
[  790.112321][T22580] netlink: 'syz.0.4595': attribute type 19 has an invalid length.
[  790.158719][T22580] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4595'.
[  790.250588][T22586] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4594'.
[  790.865077][T22600] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41
[  791.124310][T22599] zswap: compressor  not available
[  791.248695][T22606] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42
[  792.030370][T22628] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4605'.
[  792.408534][T22606] Process accounting resumed
[  792.880293][T22631] __vm_enough_memory: pid: 22631, comm: syz.3.4606, bytes: 4398046511104 not enough memory for the allocation
[  793.405716][T22653] batman_adv: Routing algorithm '7' is not supported
[  793.440443][T22657] lo: entered allmulticast mode
[  793.962954][T22664] lo: left allmulticast mode
[  795.994633][T22701] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  796.007949][T22701] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  796.033210][T22701] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  796.050841][T22701] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  796.217030][T22709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4623'.
[  796.271971][T22711] vhci_hcd vhci_hcd.2: invalid port number 0
[  796.719033][T22718] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4625'.
[  797.020671][T22723] netlink: 'syz.3.4627': attribute type 8 has an invalid length.
[  798.007103][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  798.079369][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  798.085477][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  798.091686][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  798.508120][T22763] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4634'.
[  798.987360][T22767] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  799.021042][T22775] FAULT_INJECTION: forcing a failure.
[  799.021042][T22775] name failslab, interval 1, probability 0, space 0, times 0
[  799.087164][T22775] CPU: 0 UID: 0 PID: 22775 Comm: syz.0.4638 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  799.087193][T22775] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  799.087199][T22775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  799.087208][T22775] Call Trace:
[  799.087213][T22775]  <TASK>
[  799.087219][T22775]  dump_stack_lvl+0x16c/0x1f0
[  799.087243][T22775]  should_fail_ex+0x512/0x640
[  799.087259][T22775]  ? __kmalloc_noprof+0xca/0x910
[  799.087276][T22775]  should_failslab+0xc2/0x120
[  799.087297][T22775]  __kmalloc_noprof+0xeb/0x910
[  799.087312][T22775]  ? kvm_io_bus_register_dev+0x1cf/0x720
[  799.087401][T22775]  ? kvm_io_bus_register_dev+0x1cf/0x720
[  799.087419][T22775]  kvm_io_bus_register_dev+0x1cf/0x720
[  799.087442][T22775]  kvm_pic_init+0x25e/0x380
[  799.087459][T22775]  kvm_arch_vm_ioctl+0x8f0/0x18b0
[  799.087481][T22775]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[  799.087502][T22775]  ? __lock_acquire+0x436/0x2890
[  799.087518][T22775]  ? __lock_acquire+0x436/0x2890
[  799.087535][T22775]  ? __lock_acquire+0x436/0x2890
[  799.087551][T22775]  ? __lock_acquire+0x436/0x2890
[  799.087577][T22775]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  799.087597][T22775]  ? is_bpf_text_address+0x94/0x1a0
[  799.087616][T22775]  ? kernel_text_address+0x8d/0x100
[  799.087631][T22775]  ? __kernel_text_address+0xd/0x40
[  799.087646][T22775]  ? unwind_get_return_address+0x59/0xa0
[  799.087664][T22775]  ? arch_stack_walk+0xa6/0x100
[  799.087687][T22775]  ? stack_trace_save+0x8e/0xc0
[  799.087706][T22775]  ? __pfx_stack_trace_save+0x10/0x10
[  799.087727][T22775]  ? stack_depot_save_flags+0x29/0x9b0
[  799.087742][T22775]  ? __lock_acquire+0x436/0x2890
[  799.087756][T22775]  ? kasan_save_stack+0x42/0x60
[  799.087773][T22775]  ? kasan_save_stack+0x33/0x60
[  799.087789][T22775]  ? kasan_save_track+0x14/0x30
[  799.087805][T22775]  ? kasan_save_free_info+0x3b/0x60
[  799.087818][T22775]  ? __kasan_slab_free+0x5f/0x80
[  799.087835][T22775]  ? kfree+0x2f8/0x6e0
[  799.087846][T22775]  ? tomoyo_path_number_perm+0x470/0x580
[  799.087862][T22775]  ? security_file_ioctl+0x9b/0x240
[  799.087876][T22775]  ? __x64_sys_ioctl+0xb7/0x210
[  799.087891][T22775]  ? do_syscall_64+0xcd/0xf80
[  799.087912][T22775]  kvm_vm_ioctl+0x1b03/0x4090
[  799.087936][T22775]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  799.087962][T22775]  ? kasan_quarantine_put+0x10a/0x240
[  799.087979][T22775]  ? lockdep_hardirqs_on+0x7c/0x110
[  799.088000][T22775]  ? find_held_lock+0x2b/0x80
[  799.088017][T22775]  ? tomoyo_path_number_perm+0x295/0x580
[  799.088039][T22775]  ? tomoyo_path_number_perm+0x18d/0x580
[  799.088055][T22775]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  799.088070][T22775]  ? futex_wake+0x1ad/0x530
[  799.088092][T22775]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  799.088113][T22775]  ? do_vfs_ioctl+0x128/0x14f0
[  799.088129][T22775]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  799.088149][T22775]  ? find_held_lock+0x2b/0x80
[  799.088165][T22775]  ? hook_file_ioctl_common+0x144/0x410
[  799.088185][T22775]  ? __fget_files+0x20e/0x3c0
[  799.088207][T22775]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  799.088224][T22775]  __x64_sys_ioctl+0x18e/0x210
[  799.088241][T22775]  do_syscall_64+0xcd/0xf80
[  799.088262][T22775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  799.088275][T22775] RIP: 0033:0x7f3e7938f7c9
[  799.088288][T22775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  799.088302][T22775] RSP: 002b:00007f3e7a285038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  799.088316][T22775] RAX: ffffffffffffffda RBX: 00007f3e795e5fa0 RCX: 00007f3e7938f7c9
[  799.088331][T22775] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[  799.088341][T22775] RBP: 00007f3e79413f91 R08: 0000000000000000 R09: 0000000000000000
[  799.088349][T22775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  799.088358][T22775] R13: 00007f3e795e6038 R14: 00007f3e795e5fa0 R15: 00007fffb7a07158
[  799.088378][T22775]  </TASK>
[  799.958164][T22782] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4639'.
[  800.000164][T22782] FAULT_INJECTION: forcing a failure.
[  800.000164][T22782] name failslab, interval 1, probability 0, space 0, times 0
[  800.063306][T22782] CPU: 0 UID: 0 PID: 22782 Comm: syz.0.4639 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  800.063334][T22782] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  800.063340][T22782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  800.063349][T22782] Call Trace:
[  800.063355][T22782]  <TASK>
[  800.063360][T22782]  dump_stack_lvl+0x16c/0x1f0
[  800.063387][T22782]  should_fail_ex+0x512/0x640
[  800.063404][T22782]  ? kmem_cache_alloc_noprof+0x62/0x770
[  800.063422][T22782]  should_failslab+0xc2/0x120
[  800.063443][T22782]  kmem_cache_alloc_noprof+0x83/0x770
[  800.063459][T22782]  ? __anon_vma_prepare+0xae/0x5e0
[  800.063477][T22782]  ? __anon_vma_prepare+0xae/0x5e0
[  800.063492][T22782]  __anon_vma_prepare+0xae/0x5e0
[  800.063505][T22782]  ? do_raw_spin_lock+0x12c/0x2b0
[  800.063524][T22782]  __vmf_anon_prepare+0x11c/0x240
[  800.063545][T22782]  do_huge_pmd_anonymous_page+0x161/0x2200
[  800.063563][T22782]  ? __pmd_alloc+0x6aa/0x9c0
[  800.063584][T22782]  __handle_mm_fault+0x25ca/0x2bb0
[  800.063603][T22782]  ? __pfx___handle_mm_fault+0x10/0x10
[  800.063631][T22782]  handle_mm_fault+0x3fe/0xad0
[  800.063647][T22782]  __get_user_pages+0x54e/0x3590
[  800.063674][T22782]  ? __pfx___get_user_pages+0x10/0x10
[  800.063698][T22782]  populate_vma_page_range+0x267/0x3f0
[  800.063719][T22782]  ? __pfx_populate_vma_page_range+0x10/0x10
[  800.063739][T22782]  ? __pfx_find_vma_intersection+0x10/0x10
[  800.063759][T22782]  ? do_mmap+0x69c/0x1210
[  800.063780][T22782]  __mm_populate+0x1d8/0x380
[  800.063801][T22782]  ? __pfx___mm_populate+0x10/0x10
[  800.063822][T22782]  ? up_write+0x282/0x4e0
[  800.063838][T22782]  vm_mmap_pgoff+0x37f/0x470
[  800.063866][T22782]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  800.063889][T22782]  ? __x64_sys_futex+0x1e0/0x4c0
[  800.063904][T22782]  ? __x64_sys_futex+0x1e9/0x4c0
[  800.063921][T22782]  ksys_mmap_pgoff+0x7d/0x5c0
[  800.063940][T22782]  ? xfd_validate_state+0x61/0x180
[  800.063953][T22782]  ? __pfx_ksys_write+0x10/0x10
[  800.063975][T22782]  __x64_sys_mmap+0x125/0x190
[  800.063991][T22782]  do_syscall_64+0xcd/0xf80
[  800.064012][T22782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.064026][T22782] RIP: 0033:0x7f3e7938f7c9
[  800.064039][T22782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  800.064052][T22782] RSP: 002b:00007f3e7a285038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  800.064066][T22782] RAX: ffffffffffffffda RBX: 00007f3e795e5fa0 RCX: 00007f3e7938f7c9
[  800.064075][T22782] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  800.064083][T22782] RBP: 00007f3e79413f91 R08: 0000000000000002 R09: 0000000800008000
[  800.064091][T22782] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  800.064099][T22782] R13: 00007f3e795e6038 R14: 00007f3e795e5fa0 R15: 00007fffb7a07158
[  800.064117][T22782]  </TASK>
[  801.017157][T22793] HfR: entered promiscuous mode
[  801.608630][T22811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4647'.
[  801.874709][T22820] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[  801.925223][T22820] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  801.970236][T22820] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[  802.016608][T22820] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  802.062004][T22820] page dumped because: unmovable page
[  802.085851][T22820] page_owner info is not present (never set?)
[  803.050846][T22821] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[  803.088536][T22821] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  803.118078][T22821] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[  803.145960][T22821] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  803.182182][T22821] page dumped because: unmovable page
[  803.200077][T22821] page_owner info is not present (never set?)
[  803.373259][T22855] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  803.417973][T22855] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  803.454849][T22875] futex_wake_op: syz.3.4656 tries to shift op by -2048; fix this program
[  803.463579][T22855] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  803.499468][T22855] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  804.639365][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  805.164905][T22917] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26)
[  805.290088][T22919] ima: policy update failed
[  805.335312][   T30] audit: type=1802 audit(4294967450.530:33): pid=22919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4663" res=0 errno=0
[  805.429910][T22920] random: crng reseeded on system resumption
[  805.440147][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  805.519845][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  805.525873][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  805.862924][T22927] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4664'.
[  806.852100][T22946] ubi31: attaching mtd0
[  806.866716][T22946] ubi31: scanning is finished
[  806.916839][T22946] ubi31 error: ubi_read_volume_table: the layout volume was not found
[  807.120137][T22946] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  808.051717][T12057] Process accounting resumed
[  809.825796][T23025] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4686'.
[  809.880783][T23024] sp0: Synchronizing with TNC
[  810.363758][T23039] netlink: 346 bytes leftover after parsing attributes in process `syz.0.4688'.
[  810.761037][T23049] netlink: 'syz.3.4690': attribute type 8 has an invalid length.
[  811.648889][T23037] kexec: Could not allocate control_code_buffer
[  812.628750][T23083] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4698'.
[  813.100027][T23106] netlink: 'syz.3.4705': attribute type 4 has an invalid length.
[  813.681736][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  813.690212][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  815.766362][   T30] audit: type=1107 audit(4294967460.960:34): pid=23178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  815.852461][   T30] audit: type=1107 audit(4294967460.990:35): pid=23178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  816.500723][ T8556] Bluetooth: hci2: unexpected event 0x31 length: 19 > 6
[  817.495361][T23230] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 924 with max blocks 15 with error 117
[  817.518425][T23236] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4724'.
[  817.559436][T23225] zswap: compressor  not available
[  817.590271][T23236] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4724'.
[  817.748419][T23230] EXT4-fs (sda1): This should not happen!! Data will be lost
[  817.748419][T23230] 
[  818.880759][T23262] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$â��æµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ	�-¾_€™¯Ôåáª5Zäoåé¢mžÐfwYÍhº*/ÿxD
lÝ©Š×ígÕkÇ�Aí³ùÏ7ÍØØ9’�ôXöa/fê_ÿAR£ˆ™�‘ÈxM	‚v¬—pÿ±$^;ôØq‡3±«£n졵-
6�©+e„k�„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨�t®ÐSMÎÆ1,'
[  819.142216][T23262] CIFS mount error: No usable UNC path provided in device string!
[  819.142216][T23262] 
[  819.325857][T23262] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  819.554744][T23273] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4733'.
[  819.721142][T23275] hub 8-0:1.0: USB hub found
[  819.744625][T23275] hub 8-0:1.0: 1 port detected
[  821.178087][T23325] FAULT_INJECTION: forcing a failure.
[  821.178087][T23325] name failslab, interval 1, probability 0, space 0, times 0
[  821.233302][T23315] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4742'.
[  821.371349][T23325] CPU: 0 UID: 0 PID: 23325 Comm: syz.3.4744 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  821.371378][T23325] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  821.371385][T23325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  821.371395][T23325] Call Trace:
[  821.371400][T23325]  <TASK>
[  821.371406][T23325]  dump_stack_lvl+0x16c/0x1f0
[  821.371432][T23325]  should_fail_ex+0x512/0x640
[  821.371448][T23325]  ? fs_reclaim_acquire+0xae/0x150
[  821.371471][T23325]  should_failslab+0xc2/0x120
[  821.371492][T23325]  kmem_cache_alloc_noprof+0x83/0x770
[  821.371508][T23325]  ? jbd2__journal_start+0x193/0x6a0
[  821.371534][T23325]  ? jbd2__journal_start+0x193/0x6a0
[  821.371552][T23325]  jbd2__journal_start+0x193/0x6a0
[  821.371574][T23325]  __ext4_journal_start_sb+0x195/0x640
[  821.371590][T23325]  ? ext4_dirty_inode+0xa1/0x130
[  821.371607][T23325]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  821.371625][T23325]  ext4_dirty_inode+0xa1/0x130
[  821.371641][T23325]  ? rcu_is_watching+0x12/0xc0
[  821.371659][T23325]  __mark_inode_dirty+0x1f7/0x1670
[  821.371679][T23325]  generic_update_time+0xcf/0xf0
[  821.371693][T23325]  file_update_time_flags+0x410/0x520
[  821.371710][T23325]  file_modified+0x36/0x50
[  821.371723][T23325]  ext4_fallocate+0x24a/0x36c0
[  821.371746][T23325]  ? __pfx_ext4_fallocate+0x10/0x10
[  821.371765][T23325]  vfs_fallocate+0x5b4/0x10e0
[  821.371787][T23325]  ? __pfx_vfs_fallocate+0x10/0x10
[  821.371806][T23325]  ? madvise_vma_behavior+0x26d9/0x29e0
[  821.371822][T23325]  madvise_vma_behavior+0x2679/0x29e0
[  821.371838][T23325]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  821.371851][T23325]  ? mas_prev+0x9b/0xf0
[  821.371863][T23325]  ? __pfx_mas_prev+0x10/0x10
[  821.371878][T23325]  ? find_vma_prev+0xd3/0x150
[  821.371896][T23325]  ? find_held_lock+0x2b/0x80
[  821.371913][T23325]  ? __pfx_find_vma_prev+0x10/0x10
[  821.371937][T23325]  ? __futex_wait+0x24b/0x2f0
[  821.371967][T23325]  madvise_walk_vmas+0x31f/0xac0
[  821.371985][T23325]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  821.372004][T23325]  madvise_do_behavior+0x1e2/0x530
[  821.372017][T23325]  ? futex_private_hash_put+0x160/0x1b0
[  821.372033][T23325]  ? __pfx_madvise_do_behavior+0x10/0x10
[  821.372048][T23325]  ? down_read+0x13d/0x460
[  821.372071][T23325]  do_madvise+0x176/0x240
[  821.372084][T23325]  ? __pfx_do_madvise+0x10/0x10
[  821.372097][T23325]  ? do_futex+0x122/0x350
[  821.372124][T23325]  ? xfd_validate_state+0x61/0x180
[  821.372136][T23325]  ? __pfx_ksys_write+0x10/0x10
[  821.372159][T23325]  __x64_sys_madvise+0xa9/0x110
[  821.372171][T23325]  ? lockdep_hardirqs_on+0x7c/0x110
[  821.372191][T23325]  do_syscall_64+0xcd/0xf80
[  821.372212][T23325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.372226][T23325] RIP: 0033:0x7f29ea38f7c9
[  821.372238][T23325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  821.372251][T23325] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  821.372265][T23325] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  821.372274][T23325] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000110c230000
[  821.372282][T23325] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  821.372290][T23325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  821.372298][T23325] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  821.372316][T23325]  </TASK>
[  821.780801][T23335] kAFS: bad VL server IP address
[  823.010028][T23342] netlink: 'syz.0.4747': attribute type 8 has an invalid length.
[  824.087865][T23375] sg_write: data in/out 14745563/34144 bytes for SCSI command 0x0-- guessing data in;
[  824.087865][T23375]    program syz.1.4756 not setting count and/or reply_len properly
[  824.951126][T23384] batman_adv: Routing algorithm '7' is not supported
[  825.363393][   T30] audit: type=1800 audit(4294967470.560:36): pid=23411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4762" name="lu_gp_id" dev="configfs" ino=107853 res=0 errno=0
[  826.314001][T23440] batman_adv: Routing algorithm '7' is not supported
[  826.619375][T23433] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  826.640046][T23433] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  826.661090][T23433] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  826.689574][T23433] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  826.730508][T23443] FAULT_INJECTION: forcing a failure.
[  826.730508][T23443] name failslab, interval 1, probability 0, space 0, times 0
[  826.829692][T23445] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43
[  826.899809][T23443] CPU: 0 UID: 0 PID: 23443 Comm: syz.3.4773 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  826.899837][T23443] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  826.899843][T23443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  826.899852][T23443] Call Trace:
[  826.899858][T23443]  <TASK>
[  826.899863][T23443]  dump_stack_lvl+0x16c/0x1f0
[  826.899889][T23443]  should_fail_ex+0x512/0x640
[  826.899905][T23443]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  826.899925][T23443]  should_failslab+0xc2/0x120
[  826.899945][T23443]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  826.899967][T23443]  ? __pfx___might_resched+0x10/0x10
[  826.899985][T23443]  ? __lock_acquire+0x436/0x2890
[  826.899997][T23443]  ? sock_alloc_inode+0x25/0x1c0
[  826.900019][T23443]  ? __pfx_sock_alloc_inode+0x10/0x10
[  826.900037][T23443]  ? sock_alloc_inode+0x25/0x1c0
[  826.900056][T23443]  sock_alloc_inode+0x25/0x1c0
[  826.900075][T23443]  alloc_inode+0x64/0x240
[  826.900091][T23443]  sock_alloc+0x40/0x280
[  826.900109][T23443]  __sock_create+0xc2/0x8a0
[  826.900124][T23443]  __sys_socket+0x14d/0x260
[  826.900137][T23443]  ? __pfx___sys_socket+0x10/0x10
[  826.900149][T23443]  ? xfd_validate_state+0x61/0x180
[  826.900166][T23443]  __x64_sys_socket+0x72/0xb0
[  826.900177][T23443]  ? lockdep_hardirqs_on+0x7c/0x110
[  826.900197][T23443]  do_syscall_64+0xcd/0xf80
[  826.900217][T23443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.900231][T23443] RIP: 0033:0x7f29ea38f7c9
[  826.900243][T23443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.900256][T23443] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  826.900270][T23443] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  826.900278][T23443] RDX: 0000000000000106 RSI: 0000000000000001 RDI: 0000000000000002
[  826.900286][T23443] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  826.900294][T23443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  826.900302][T23443] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  826.900319][T23443]  </TASK>
[  826.900327][T23443] socket: no more sockets
[  827.806182][T23450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44
[  828.323216][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  828.719575][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  828.725758][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  828.731791][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  829.376209][ T5946] Process accounting resumed
[  829.540757][T23489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4784'.
[  829.569923][T23489] netlink: 17 bytes leftover after parsing attributes in process `syz.0.4784'.
[  830.419471][T23505] nfs4: Unknown parameter ''
[  831.231621][T21627] block nbd0: Receive control failed (result -32)
[  831.736615][T23542] FAULT_INJECTION: forcing a failure.
[  831.736615][T23542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  831.813430][T23542] CPU: 0 UID: 0 PID: 23542 Comm: syz.5.4794 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  831.813457][T23542] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  831.813462][T23542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  831.813470][T23542] Call Trace:
[  831.813475][T23542]  <TASK>
[  831.813481][T23542]  dump_stack_lvl+0x16c/0x1f0
[  831.813506][T23542]  should_fail_ex+0x512/0x640
[  831.813524][T23542]  _copy_from_user+0x2e/0xd0
[  831.813539][T23542]  snd_rawmidi_kernel_write1+0x50a/0x8a0
[  831.813561][T23542]  snd_rawmidi_write+0x26e/0xc10
[  831.813581][T23542]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  831.813596][T23542]  ? common_file_perm+0x1b1/0x500
[  831.813612][T23542]  ? __pfx_default_wake_function+0x10/0x10
[  831.813631][T23542]  ? bpf_lsm_file_permission+0x9/0x10
[  831.813647][T23542]  ? security_file_permission+0x71/0x210
[  831.813665][T23542]  ? rw_verify_area+0xcf/0x6c0
[  831.813683][T23542]  ? __pfx_snd_rawmidi_write+0x10/0x10
[  831.813697][T23542]  vfs_write+0x2a0/0x11d0
[  831.813720][T23542]  ? __pfx_vfs_write+0x10/0x10
[  831.813738][T23542]  ? find_held_lock+0x2b/0x80
[  831.813755][T23542]  ? __fget_files+0x204/0x3c0
[  831.813777][T23542]  ? __fget_files+0x20e/0x3c0
[  831.813800][T23542]  ksys_write+0x1f8/0x250
[  831.813820][T23542]  ? __pfx_ksys_write+0x10/0x10
[  831.813843][T23542]  do_syscall_64+0xcd/0xf80
[  831.813865][T23542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.813884][T23542] RIP: 0033:0x7fe09b98f7c9
[  831.813896][T23542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.813910][T23542] RSP: 002b:00007fe09c8b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  831.813924][T23542] RAX: ffffffffffffffda RBX: 00007fe09bbe6090 RCX: 00007fe09b98f7c9
[  831.813933][T23542] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004
[  831.813941][T23542] RBP: 00007fe09ba13f91 R08: 0000000000000000 R09: 0000000000000000
[  831.813949][T23542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  831.813957][T23542] R13: 00007fe09bbe6128 R14: 00007fe09bbe6090 R15: 00007ffcc549c918
[  831.813973][T23542]  </TASK>
[  832.414148][T23549] batman_adv: Routing algorithm '7' is not supported
[  832.649448][T23561] netlink: 'syz.1.4799': attribute type 8 has an invalid length.
[  833.531046][T23573] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  833.568381][T23573] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  835.473754][T23615] vivid-007: =================  START STATUS  =================
[  835.632106][T23615] vivid-007: Generate PTS: true
[  835.733328][T23615] vivid-007: Generate SCR: true
[  835.821826][T23615] tpg source WxH: 320x240 (Y'CbCr)
[  835.903940][T23615] tpg field: 1
[  835.960063][T23615] tpg crop: (0,0)/320x240
[  836.068555][T23615] tpg compose: (0,0)/320x240
[  836.141671][T23615] tpg colorspace: 8
[  836.145711][T23615] tpg transfer function: 0/0
[  836.250639][T23615] tpg Y'CbCr encoding: 0/0
[  836.255084][T23615] tpg quantization: 0/0
[  836.313619][T23615] tpg RGB range: 0/2
[  836.342844][T23615] vivid-007: ==================  END STATUS  ==================
[  838.677017][T23696] netlink: 'syz.5.4824': attribute type 1 has an invalid length.
[  839.413394][T23712] zswap: compressor  not available
[  839.746328][T23732] netlink: 326 bytes leftover after parsing attributes in process `syz.0.4831'.
[  840.227869][T23748] FAULT_INJECTION: forcing a failure.
[  840.227869][T23748] name failslab, interval 1, probability 0, space 0, times 0
[  840.401260][T23748] CPU: 0 UID: 0 PID: 23748 Comm: syz.3.4832 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  840.401287][T23748] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  840.401293][T23748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  840.401300][T23748] Call Trace:
[  840.401307][T23748]  <TASK>
[  840.401314][T23748]  dump_stack_lvl+0x16c/0x1f0
[  840.401339][T23748]  should_fail_ex+0x512/0x640
[  840.401355][T23748]  ? __kmalloc_cache_noprof+0x5f/0x800
[  840.401373][T23748]  should_failslab+0xc2/0x120
[  840.401395][T23748]  __kmalloc_cache_noprof+0x80/0x800
[  840.401411][T23748]  ? vkms_plane_duplicate_state+0x87/0x130
[  840.401431][T23748]  ? vkms_plane_duplicate_state+0x87/0x130
[  840.401446][T23748]  vkms_plane_duplicate_state+0x87/0x130
[  840.401462][T23748]  drm_atomic_get_plane_state+0x279/0x760
[  840.401479][T23748]  drm_client_modeset_commit_atomic+0x237/0x7e0
[  840.401496][T23748]  ? rcu_is_watching+0x12/0xc0
[  840.401518][T23748]  ? __mutex_lock+0x27b/0x1ca0
[  840.401539][T23748]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  840.401556][T23748]  ? trace_contention_end+0xdd/0x110
[  840.401586][T23748]  drm_client_modeset_commit_locked+0x14d/0x580
[  840.401607][T23748]  drm_client_modeset_commit+0x4f/0x80
[  840.401624][T23748]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  840.401643][T23748]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  840.401662][T23748]  drm_fbdev_client_restore+0x1b/0x30
[  840.401694][T23748]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  840.401716][T23748]  drm_client_dev_restore+0x200/0x2a0
[  840.401738][T23748]  drm_release+0x2c6/0x360
[  840.401756][T23748]  ? __pfx_drm_release+0x10/0x10
[  840.401771][T23748]  __fput+0x402/0xb70
[  840.401790][T23748]  task_work_run+0x150/0x240
[  840.401807][T23748]  ? __pfx_task_work_run+0x10/0x10
[  840.401820][T23748]  ? __do_sys_close_range+0x278/0x730
[  840.401846][T23748]  exit_to_user_mode_loop+0xfb/0x540
[  840.401865][T23748]  do_syscall_64+0x4ee/0xf80
[  840.401889][T23748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.401903][T23748] RIP: 0033:0x7f29ea38f7c9
[  840.401915][T23748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.401928][T23748] RSP: 002b:00007f29eb1d1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  840.401947][T23748] RAX: 0000000000000000 RBX: 00007f29ea5e6090 RCX: 00007f29ea38f7c9
[  840.401955][T23748] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  840.401964][T23748] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  840.401972][T23748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  840.401980][T23748] R13: 00007f29ea5e6128 R14: 00007f29ea5e6090 R15: 00007ffc757902c8
[  840.401999][T23748]  </TASK>
[  840.966229][T23758] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4834: iget: checksum invalid
[  840.968772][T23758] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  840.974114][T23758] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4834: iget: checksum invalid
[  840.974810][T23758] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  840.974933][T23758] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4834: iget: checksum invalid
[  840.975043][T23758] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  840.982112][T23758] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.4834: iget: checksum invalid
[  840.982274][T23758] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  840.982298][T23758] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  840.982313][T23758] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  841.594044][T23769] FAULT_INJECTION: forcing a failure.
[  841.594044][T23769] name failslab, interval 1, probability 0, space 0, times 0
[  841.594072][T23769] CPU: 0 UID: 0 PID: 23769 Comm: syz.5.4838 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  841.594092][T23769] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  841.594097][T23769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  841.594105][T23769] Call Trace:
[  841.594110][T23769]  <TASK>
[  841.594116][T23769]  dump_stack_lvl+0x16c/0x1f0
[  841.594141][T23769]  should_fail_ex+0x512/0x640
[  841.594157][T23769]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  841.594177][T23769]  should_failslab+0xc2/0x120
[  841.594197][T23769]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  841.594215][T23769]  ? __d_alloc+0x35/0xa80
[  841.594230][T23769]  ? __d_alloc+0x35/0xa80
[  841.594241][T23769]  __d_alloc+0x35/0xa80
[  841.594251][T23769]  ? __pfx_from_vfsgid+0x10/0x10
[  841.594269][T23769]  d_alloc_pseudo+0x1c/0xc0
[  841.594285][T23769]  alloc_file_pseudo+0xcf/0x230
[  841.594301][T23769]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  841.594316][T23769]  ? hugetlbfs_get_inode+0x31f/0x700
[  841.594332][T23769]  hugetlb_file_setup+0x4ce/0x620
[  841.594347][T23769]  ksys_mmap_pgoff+0x189/0x5c0
[  841.594369][T23769]  __x64_sys_mmap+0x125/0x190
[  841.594385][T23769]  do_syscall_64+0xcd/0xf80
[  841.594405][T23769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.594419][T23769] RIP: 0033:0x7fe09b98f7c9
[  841.594430][T23769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  841.594443][T23769] RSP: 002b:00007fe09c8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  841.594457][T23769] RAX: ffffffffffffffda RBX: 00007fe09bbe5fa0 RCX: 00007fe09b98f7c9
[  841.594465][T23769] RDX: 0000000000000002 RSI: 0000000000000007 RDI: 0000000000000001
[  841.594473][T23769] RBP: 00007fe09ba13f91 R08: ffffffffffffffff R09: 0000308000000000
[  841.594482][T23769] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000
[  841.594490][T23769] R13: 00007fe09bbe6038 R14: 00007fe09bbe5fa0 R15: 00007ffcc549c918
[  841.594511][T23769]  </TASK>
[  842.445764][T23786] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4843: iget: checksum invalid
[  842.445929][T23786] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  842.446027][T23786] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4843: iget: checksum invalid
[  842.446133][T23786] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  842.446226][T23786] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4843: iget: checksum invalid
[  842.447621][T23786] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  842.447776][T23786] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.0.4843: iget: checksum invalid
[  842.447891][T23786] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  842.447914][T23786] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  842.447927][T23786] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  843.160287][   T30] audit: type=1804 audit(4294967488.360:37): pid=23799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.4846" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0
[  843.465275][T23811] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46
[  844.653279][T23814] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47
[  844.669464][   T30] audit: type=1800 audit(4294967489.860:38): pid=23831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4856" name="discovery_nqn" dev="configfs" ino=109925 res=0 errno=0
[  846.221743][T23868] netlink: 194 bytes leftover after parsing attributes in process `syz.1.4862'.
[  846.272823][T23873] netlink: 194 bytes leftover after parsing attributes in process `syz.1.4862'.
[  848.398283][T23911] writes to the poll attribute are ignored.
[  848.432979][T23911] please use driver specific parameters instead.
[  848.611333][T23909] EXT4-fs (sda1): Delayed block allocation failed for inode 2032 at logical offset 1314 with max blocks 9 with error 117
[  848.737490][T23909] EXT4-fs (sda1): This should not happen!! Data will be lost
[  848.737490][T23909] 
[  848.941266][T23919] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4874'.
[  850.014057][T23948] ovs_: entered promiscuous mode
[  851.903644][T23976] FAULT_INJECTION: forcing a failure.
[  851.903644][T23976] name fail_futex, interval 1, probability 0, space 0, times 0
[  851.969600][T23976] CPU: 0 UID: 0 PID: 23976 Comm: syz.3.4886 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  851.969626][T23976] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  851.969632][T23976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  851.969640][T23976] Call Trace:
[  851.969645][T23976]  <TASK>
[  851.969651][T23976]  dump_stack_lvl+0x16c/0x1f0
[  851.969676][T23976]  should_fail_ex+0x512/0x640
[  851.969694][T23976]  get_futex_key+0x1085/0x15f0
[  851.969712][T23976]  ? __pfx_get_futex_key+0x10/0x10
[  851.969731][T23976]  futex_wake+0xea/0x530
[  851.969751][T23976]  ? __pfx_futex_wake+0x10/0x10
[  851.969776][T23976]  do_futex+0x1e3/0x350
[  851.969792][T23976]  ? __pfx_do_futex+0x10/0x10
[  851.969806][T23976]  ? __might_fault+0xe3/0x190
[  851.969826][T23976]  mm_release+0x24e/0x300
[  851.969845][T23976]  do_exit+0x69e/0x2bd0
[  851.969861][T23976]  ? __pfx_do_exit+0x10/0x10
[  851.969874][T23976]  ? do_raw_spin_lock+0x12c/0x2b0
[  851.969890][T23976]  ? find_held_lock+0x2b/0x80
[  851.969909][T23976]  do_group_exit+0xd3/0x2a0
[  851.969924][T23976]  get_signal+0x2671/0x26d0
[  851.969948][T23976]  ? __pfx_get_signal+0x10/0x10
[  851.969967][T23976]  ? do_futex+0x122/0x350
[  851.969983][T23976]  arch_do_signal_or_restart+0x8f/0x7a0
[  851.970004][T23976]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  851.970028][T23976]  ? __pfx___x64_sys_futex+0x10/0x10
[  851.970047][T23976]  exit_to_user_mode_loop+0x8c/0x540
[  851.970066][T23976]  do_syscall_64+0x4ee/0xf80
[  851.970087][T23976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  851.970101][T23976] RIP: 0033:0x7f29ea38f7c9
[  851.970113][T23976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  851.970127][T23976] RSP: 002b:00007f29eb1f20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  851.970141][T23976] RAX: fffffffffffffe00 RBX: 00007f29ea5e5fa8 RCX: 00007f29ea38f7c9
[  851.970150][T23976] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f29ea5e5fa8
[  851.970158][T23976] RBP: 00007f29ea5e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  851.970166][T23976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  851.970174][T23976] R13: 00007f29ea5e6038 R14: 00007ffc757901e0 R15: 00007ffc757902c8
[  851.970191][T23976]  </TASK>
[  852.955714][T23994] ovs_ÿÿ: entered promiscuous mode
[  855.674710][T24027] FAULT_INJECTION: forcing a failure.
[  855.674710][T24027] name fail_futex, interval 1, probability 0, space 0, times 0
[  855.741368][T24027] CPU: 0 UID: 0 PID: 24027 Comm: syz.3.4899 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  855.741395][T24027] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  855.741401][T24027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  855.741409][T24027] Call Trace:
[  855.741414][T24027]  <TASK>
[  855.741420][T24027]  dump_stack_lvl+0x16c/0x1f0
[  855.741446][T24027]  should_fail_ex+0x512/0x640
[  855.741491][T24027]  get_futex_key+0x1085/0x15f0
[  855.741510][T24027]  ? __pfx_get_futex_key+0x10/0x10
[  855.741529][T24027]  futex_wake+0xea/0x530
[  855.741550][T24027]  ? __pfx_futex_wake+0x10/0x10
[  855.741575][T24027]  do_futex+0x1e3/0x350
[  855.741591][T24027]  ? __pfx_do_futex+0x10/0x10
[  855.741605][T24027]  ? __might_fault+0xe3/0x190
[  855.741625][T24027]  mm_release+0x24e/0x300
[  855.741644][T24027]  do_exit+0x69e/0x2bd0
[  855.741661][T24027]  ? __pfx_do_exit+0x10/0x10
[  855.741674][T24027]  ? do_raw_spin_lock+0x12c/0x2b0
[  855.741690][T24027]  ? find_held_lock+0x2b/0x80
[  855.741710][T24027]  do_group_exit+0xd3/0x2a0
[  855.741724][T24027]  get_signal+0x2671/0x26d0
[  855.741748][T24027]  ? __pfx_get_signal+0x10/0x10
[  855.741768][T24027]  ? do_futex+0x122/0x350
[  855.741784][T24027]  arch_do_signal_or_restart+0x8f/0x7a0
[  855.741805][T24027]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  855.741829][T24027]  ? __pfx___x64_sys_futex+0x10/0x10
[  855.741848][T24027]  exit_to_user_mode_loop+0x8c/0x540
[  855.741867][T24027]  do_syscall_64+0x4ee/0xf80
[  855.741888][T24027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  855.741902][T24027] RIP: 0033:0x7f29ea38f7c9
[  855.741914][T24027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  855.741928][T24027] RSP: 002b:00007f29eb1f20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  855.741943][T24027] RAX: fffffffffffffe00 RBX: 00007f29ea5e5fa8 RCX: 00007f29ea38f7c9
[  855.741951][T24027] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f29ea5e5fa8
[  855.741960][T24027] RBP: 00007f29ea5e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  855.741968][T24027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  855.741976][T24027] R13: 00007f29ea5e6038 R14: 00007ffc757901e0 R15: 00007ffc757902c8
[  855.741992][T24027]  </TASK>
[  856.432638][T24038] kAFS: No cell specified
[  856.745976][T24043] random: crng reseeded on system resumption
[  856.784202][T24043] FAULT_INJECTION: forcing a failure.
[  856.784202][T24043] name failslab, interval 1, probability 0, space 0, times 0
[  856.842902][T24043] CPU: 0 UID: 0 PID: 24043 Comm: syz.3.4902 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  856.842930][T24043] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  856.842936][T24043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  856.842946][T24043] Call Trace:
[  856.842951][T24043]  <TASK>
[  856.842957][T24043]  dump_stack_lvl+0x16c/0x1f0
[  856.842982][T24043]  should_fail_ex+0x512/0x640
[  856.842997][T24043]  ? __kmalloc_cache_noprof+0x5f/0x800
[  856.843019][T24043]  should_failslab+0xc2/0x120
[  856.843039][T24043]  __kmalloc_cache_noprof+0x80/0x800
[  856.843055][T24043]  ? memory_bm_create+0x154/0x810
[  856.843076][T24043]  ? memory_bm_create+0x154/0x810
[  856.843091][T24043]  memory_bm_create+0x154/0x810
[  856.843116][T24043]  create_basic_memory_bitmaps+0x10b/0x370
[  856.843138][T24043]  snapshot_open+0x235/0x2b0
[  856.843158][T24043]  ? __pfx_snapshot_open+0x10/0x10
[  856.843178][T24043]  misc_open+0x26d/0x450
[  856.843194][T24043]  ? __pfx_misc_open+0x10/0x10
[  856.843209][T24043]  chrdev_open+0x234/0x6a0
[  856.843229][T24043]  ? __pfx_apparmor_file_open+0x10/0x10
[  856.843243][T24043]  ? __pfx_chrdev_open+0x10/0x10
[  856.843263][T24043]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  856.843287][T24043]  do_dentry_open+0x748/0x1590
[  856.843305][T24043]  ? __pfx_chrdev_open+0x10/0x10
[  856.843330][T24043]  vfs_open+0x82/0x3f0
[  856.843346][T24043]  path_openat+0x2078/0x3140
[  856.843372][T24043]  ? __pfx_path_openat+0x10/0x10
[  856.843398][T24043]  do_filp_open+0x20b/0x470
[  856.843418][T24043]  ? __pfx_do_filp_open+0x10/0x10
[  856.843454][T24043]  ? alloc_fd+0x471/0x7d0
[  856.843479][T24043]  do_sys_openat2+0x121/0x290
[  856.843493][T24043]  ? __pfx_do_sys_openat2+0x10/0x10
[  856.843515][T24043]  __x64_sys_openat+0x174/0x210
[  856.843531][T24043]  ? __pfx___x64_sys_openat+0x10/0x10
[  856.843553][T24043]  do_syscall_64+0xcd/0xf80
[  856.843575][T24043]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.843589][T24043] RIP: 0033:0x7f29ea38f7c9
[  856.843601][T24043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.843615][T24043] RSP: 002b:00007f29eb1b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  856.843628][T24043] RAX: ffffffffffffffda RBX: 00007f29ea5e6180 RCX: 00007f29ea38f7c9
[  856.843637][T24043] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c
[  856.843645][T24043] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  856.843653][T24043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  856.843661][T24043] R13: 00007f29ea5e6218 R14: 00007f29ea5e6180 R15: 00007ffc757902c8
[  856.843679][T24043]  </TASK>
[  859.036375][T24074] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 931 with max blocks 8 with error 117
[  859.081111][T24074] EXT4-fs (sda1): This should not happen!! Data will be lost
[  859.081111][T24074] 
[  859.223436][T24076] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  859.256409][T24076] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  859.288130][T24076] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  859.330426][T24076] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  859.666980][T24096] FAULT_INJECTION: forcing a failure.
[  859.666980][T24096] name failslab, interval 1, probability 0, space 0, times 0
[  859.681273][T24094] HfR: entered promiscuous mode
[  859.706853][T24094] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4918'.
[  859.740123][T24096] CPU: 0 UID: 0 PID: 24096 Comm: syz.1.4919 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  859.740152][T24096] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  859.740157][T24096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  859.740165][T24096] Call Trace:
[  859.740171][T24096]  <TASK>
[  859.740177][T24096]  dump_stack_lvl+0x16c/0x1f0
[  859.740203][T24096]  should_fail_ex+0x512/0x640
[  859.740220][T24096]  ? __kmalloc_cache_noprof+0x5f/0x800
[  859.740239][T24096]  should_failslab+0xc2/0x120
[  859.740260][T24096]  __kmalloc_cache_noprof+0x80/0x800
[  859.740274][T24096]  ? __kasan_kmalloc+0xaa/0xb0
[  859.740291][T24096]  ? sctp_auth_shkey_create+0x9e/0x210
[  859.740315][T24096]  ? sctp_auth_shkey_create+0x9e/0x210
[  859.740334][T24096]  ? __genradix_ptr+0x148/0x1a0
[  859.740348][T24096]  sctp_auth_shkey_create+0x9e/0x210
[  859.740369][T24096]  sctp_auth_asoc_copy_shkeys+0x1f2/0x360
[  859.740394][T24096]  sctp_association_new+0x19ad/0x29d0
[  859.740412][T24096]  sctp_connect_new_asoc+0x1a8/0x770
[  859.740430][T24096]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  859.740446][T24096]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  859.740470][T24096]  __sctp_connect+0x3f3/0xc80
[  859.740493][T24096]  ? do_raw_spin_lock+0x12c/0x2b0
[  859.740510][T24096]  ? __pfx___sctp_connect+0x10/0x10
[  859.740526][T24096]  ? __pfx_sctp_inet_connect+0x10/0x10
[  859.740542][T24096]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  859.740563][T24096]  ? __pfx_sctp_inet_connect+0x10/0x10
[  859.740577][T24096]  sctp_inet_connect+0x15f/0x230
[  859.740593][T24096]  __sys_connect_file+0x141/0x1a0
[  859.740612][T24096]  __sys_connect+0x13b/0x160
[  859.740626][T24096]  ? __pfx___sys_connect+0x10/0x10
[  859.740647][T24096]  ? xfd_validate_state+0x61/0x180
[  859.740659][T24096]  ? __pfx_ksys_write+0x10/0x10
[  859.740682][T24096]  __x64_sys_connect+0x72/0xb0
[  859.740695][T24096]  ? lockdep_hardirqs_on+0x7c/0x110
[  859.740714][T24096]  do_syscall_64+0xcd/0xf80
[  859.740735][T24096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.740749][T24096] RIP: 0033:0x7fa067d8f7c9
[  859.740761][T24096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.740774][T24096] RSP: 002b:00007fa068c3e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  859.740787][T24096] RAX: ffffffffffffffda RBX: 00007fa067fe5fa0 RCX: 00007fa067d8f7c9
[  859.740796][T24096] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003
[  859.740804][T24096] RBP: 00007fa067e13f91 R08: 0000000000000000 R09: 0000000000000000
[  859.740812][T24096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  859.740820][T24096] R13: 00007fa067fe6038 R14: 00007fa067fe5fa0 R15: 00007ffe8c7d04e8
[  859.740837][T24096]  </TASK>
[  859.740967][T24094] HfR: left promiscuous mode
[  860.468654][T24045] kexec: Could not allocate control_code_buffer
[  860.528643][T24133] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4918'.
[  860.640273][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  861.279542][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  861.359486][ T6174] Bluetooth: hci3: command 0x0c1a tx timeout
[  861.366695][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  861.606313][T24141] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  861.636895][T24141] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  861.684573][T24141] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  861.705496][T24141] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  862.203120][T24167] FAULT_INJECTION: forcing a failure.
[  862.203120][T24167] name fail_futex, interval 1, probability 0, space 0, times 0
[  862.269366][T24167] CPU: 0 UID: 0 PID: 24167 Comm: syz.1.4933 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  862.269393][T24167] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  862.269398][T24167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  862.269406][T24167] Call Trace:
[  862.269411][T24167]  <TASK>
[  862.269417][T24167]  dump_stack_lvl+0x16c/0x1f0
[  862.269447][T24167]  should_fail_ex+0x512/0x640
[  862.269465][T24167]  get_futex_key+0x1d0/0x15f0
[  862.269482][T24167]  ? __lock_acquire+0x436/0x2890
[  862.269495][T24167]  ? __pfx_get_futex_key+0x10/0x10
[  862.269515][T24167]  futex_wait_setup+0x9d/0x570
[  862.269538][T24167]  __futex_wait+0x193/0x2f0
[  862.269557][T24167]  ? __pfx___futex_wait+0x10/0x10
[  862.269577][T24167]  ? __pfx_futex_wake_mark+0x10/0x10
[  862.269598][T24167]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  862.269613][T24167]  ? __hrtimer_setup+0x176/0x280
[  862.269631][T24167]  ? ktime_add_safe+0x60/0x70
[  862.269649][T24167]  futex_wait+0xe8/0x380
[  862.269667][T24167]  ? __pfx_futex_wait+0x10/0x10
[  862.269683][T24167]  ? __lock_acquire+0x436/0x2890
[  862.269697][T24167]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  862.269719][T24167]  do_futex+0x229/0x350
[  862.269735][T24167]  ? __pfx_do_futex+0x10/0x10
[  862.269749][T24167]  ? rcu_is_watching+0x12/0xc0
[  862.269767][T24167]  ? ktime_get+0x200/0x310
[  862.269779][T24167]  ? lockdep_hardirqs_on+0x7c/0x110
[  862.269799][T24167]  ? read_tsc+0x9/0x20
[  862.269818][T24167]  __x64_sys_futex+0x1e0/0x4c0
[  862.269836][T24167]  ? __pfx___x64_sys_futex+0x10/0x10
[  862.269852][T24167]  ? xfd_validate_state+0x61/0x180
[  862.269876][T24167]  do_syscall_64+0xcd/0xf80
[  862.269898][T24167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.269912][T24167] RIP: 0033:0x7fa067d8f7c9
[  862.269924][T24167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.269938][T24167] RSP: 002b:00007ffe8c7d0648 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  862.269953][T24167] RAX: ffffffffffffffda RBX: 00000000000d27dd RCX: 00007fa067d8f7c9
[  862.269962][T24167] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa067fe5fac
[  862.269970][T24167] RBP: 0000000000000032 R08: 00007fa068c3f000 R09: 000000038c7d093f
[  862.269978][T24167] R10: 00007ffe8c7d0740 R11: 0000000000000246 R12: 00007fa067fe5fac
[  862.269986][T24167] R13: 00007ffe8c7d0740 R14: 00000000000d280f R15: 00007ffe8c7d0760
[  862.270003][T24167]  </TASK>
[  862.999654][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  863.016454][T24176] batman_adv: Routing algorithm '7' is not supported
[  863.679314][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  863.761223][ T6174] Bluetooth: hci3: command 0x0c1a tx timeout
[  863.767387][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  864.079500][T24184] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  864.112131][T24184] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  864.135652][T24184] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  864.165098][T24184] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  865.361018][T24248] futex_wake_op: syz.1.4954 tries to shift op by -2048; fix this program
[  865.422236][T24248] futex_wake_op: syz.1.4954 tries to shift op by -2048; fix this program
[  865.519794][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  866.159375][ T8556] Bluetooth: hci2: command 0x0c1a tx timeout
[  866.165471][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  866.239585][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  866.505875][T24273] cifs: Unknown parameter '‰ƒ´ÕéŒ)¬	Up†µÌ¢{´¼V]7ž62']ßΨÉú!²gÉÊ®Ë7ú9½ófM¸<*y¢sEéhî
é”'
[  866.543607][T24260] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  866.553492][T24273] CIFS mount error: No usable UNC path provided in device string!
[  866.553492][T24273] 
[  866.574790][T24260] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  866.594578][T24273] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  866.606373][T24260] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  866.635721][T24260] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  867.067962][T24275] zswap: compressor  not available
[  867.999536][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  868.603198][T24333] netlink: 21 bytes leftover after parsing attributes in process `syz.1.4973'.
[  868.639416][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  868.645580][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  868.651741][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  869.873383][ T6174] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  871.495478][T24407] tipc: Can't bind to reserved service type 0
[  871.714983][T24411] netlink: 'syz.0.4991': attribute type 1 has an invalid length.
[  871.758043][T24411] netlink: 33 bytes leftover after parsing attributes in process `syz.0.4991'.
[  872.531766][T24431] FAULT_INJECTION: forcing a failure.
[  872.531766][T24431] name fail_futex, interval 1, probability 0, space 0, times 0
[  872.688899][T24431] CPU: 0 UID: 0 PID: 24431 Comm: syz.1.4995 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  872.688925][T24431] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  872.688930][T24431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  872.688939][T24431] Call Trace:
[  872.688944][T24431]  <TASK>
[  872.688949][T24431]  dump_stack_lvl+0x16c/0x1f0
[  872.688974][T24431]  should_fail_ex+0x512/0x640
[  872.688993][T24431]  get_futex_key+0x1d0/0x15f0
[  872.689009][T24431]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  872.689024][T24431]  ? __pfx_get_futex_key+0x10/0x10
[  872.689039][T24431]  ? blk_finish_plug+0x53/0xa0
[  872.689055][T24431]  ? madvise_do_behavior+0x1f4/0x530
[  872.689070][T24431]  futex_wake+0xea/0x530
[  872.689089][T24431]  ? __pfx___up_read+0x10/0x10
[  872.689104][T24431]  ? __pfx_futex_wake+0x10/0x10
[  872.689121][T24431]  ? madvise_unlock+0x16d/0x220
[  872.689144][T24431]  ? madvise_unlock+0x7c/0x220
[  872.689167][T24431]  do_futex+0x1e3/0x350
[  872.689183][T24431]  ? __pfx_do_futex+0x10/0x10
[  872.689206][T24431]  __x64_sys_futex+0x1e0/0x4c0
[  872.689224][T24431]  ? __pfx___x64_sys_futex+0x10/0x10
[  872.689240][T24431]  ? xfd_validate_state+0x61/0x180
[  872.689253][T24431]  ? __pfx_ksys_write+0x10/0x10
[  872.689277][T24431]  do_syscall_64+0xcd/0xf80
[  872.689299][T24431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.689313][T24431] RIP: 0033:0x7fa067d8f7c9
[  872.689325][T24431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.689339][T24431] RSP: 002b:00007fa068bfc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  872.689353][T24431] RAX: ffffffffffffffda RBX: 00007fa067fe6188 RCX: 00007fa067d8f7c9
[  872.689362][T24431] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa067fe618c
[  872.689370][T24431] RBP: 00007fa067fe6180 R08: 00007fa068c3f000 R09: 0000000000000000
[  872.689378][T24431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  872.689387][T24431] R13: 00007fa067fe6218 R14: 00007ffe8c7d0400 R15: 00007ffe8c7d04e8
[  872.689404][T24431]  </TASK>
[  875.123441][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  875.130007][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  877.023118][T24519] bond0: option all_slaves_active: invalid value ()
[  877.931437][T24554] hub 1-0:1.0: USB hub found
[  877.969615][T24554] hub 1-0:1.0: 1 port detected
[  878.315908][ T6174] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  878.875649][T24584] input: f¬
 as /devices/virtual/input/input48
[  879.529333][ T6174] Bluetooth: hci2: unexpected event 0x2c length: 42 > 17
[  879.529360][ T6174] Bluetooth: hci2: Ignoring connect complete event for invalid link type
[  880.033007][T24619] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[  880.242132][ T6415] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 13 with max blocks 2 with error 117
[  880.308825][ T6415] EXT4-fs (sda1): This should not happen!! Data will be lost
[  880.308825][ T6415] 
[  880.399642][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  880.454446][T24621] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[  881.980203][T24668] usb usb3: usbfs: interface 0 claimed by hub while 'syz.3.5060' sets config #-1
[  882.010813][T24670] FAULT_INJECTION: forcing a failure.
[  882.010813][T24670] name fail_futex, interval 1, probability 0, space 0, times 0
[  882.072236][T24670] CPU: 0 UID: 0 PID: 24670 Comm: syz.1.5061 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  882.072267][T24670] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  882.072272][T24670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  882.072280][T24670] Call Trace:
[  882.072286][T24670]  <TASK>
[  882.072292][T24670]  dump_stack_lvl+0x16c/0x1f0
[  882.072318][T24670]  should_fail_ex+0x512/0x640
[  882.072337][T24670]  get_futex_key+0x1d0/0x15f0
[  882.072354][T24670]  ? __pfx_get_futex_key+0x10/0x10
[  882.072375][T24670]  futex_wake+0xea/0x530
[  882.072395][T24670]  ? kasan_quarantine_put+0x10a/0x240
[  882.072415][T24670]  ? __pfx_futex_wake+0x10/0x10
[  882.072436][T24670]  ? putname+0xf5/0x1a0
[  882.072452][T24670]  do_futex+0x1e3/0x350
[  882.072468][T24670]  ? __pfx_do_futex+0x10/0x10
[  882.072487][T24670]  __x64_sys_futex+0x1e0/0x4c0
[  882.072503][T24670]  ? __x64_sys_openat+0x174/0x210
[  882.072518][T24670]  ? __pfx___x64_sys_futex+0x10/0x10
[  882.072539][T24670]  do_syscall_64+0xcd/0xf80
[  882.072560][T24670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.072574][T24670] RIP: 0033:0x7fa067d8f7c9
[  882.072585][T24670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  882.072598][T24670] RSP: 002b:00007fa068c3e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  882.072612][T24670] RAX: ffffffffffffffda RBX: 00007fa067fe5fa8 RCX: 00007fa067d8f7c9
[  882.072621][T24670] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa067fe5fac
[  882.072629][T24670] RBP: 00007fa067fe5fa0 R08: 00007fa068c3f000 R09: 0000000000000000
[  882.072637][T24670] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  882.072645][T24670] R13: 00007fa067fe6038 R14: 00007ffe8c7d0400 R15: 00007ffe8c7d04e8
[  882.072662][T24670]  </TASK>
[  882.456457][T24686] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5063'.
[  882.491403][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  882.782729][T24696] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5068'.
[  883.308700][T24713] Format for adding new device is "id port_count num_queues" (uint uint unit).
[  883.356720][T24713] batman_adv: Routing algorithm '7' is not supported
[  884.669071][T24743] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5082'.
[  884.722452][T24743] bridge0: port 1(bridge_slave_0) entered disabled state
[  884.770596][T24739] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5080'.
[  885.083028][T24750] zswap: compressor  not available
[  885.159669][T24750] __vm_enough_memory: pid: 24750, comm: syz.3.5084, bytes: 4398046511104 not enough memory for the allocation
[  886.780062][T24801] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5094'.
[  886.988492][T24811] hub 1-0:1.0: USB hub found
[  887.011412][T24811] hub 1-0:1.0: 1 port detected
[  887.266551][T24823] FAULT_INJECTION: forcing a failure.
[  887.266551][T24823] name failslab, interval 1, probability 0, space 0, times 0
[  887.427383][T24823] CPU: 0 UID: 0 PID: 24823 Comm: syz.1.5101 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  887.427409][T24823] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  887.427415][T24823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  887.427423][T24823] Call Trace:
[  887.427429][T24823]  <TASK>
[  887.427435][T24823]  dump_stack_lvl+0x16c/0x1f0
[  887.427461][T24823]  should_fail_ex+0x512/0x640
[  887.427477][T24823]  ? __kmalloc_noprof+0xca/0x910
[  887.427494][T24823]  should_failslab+0xc2/0x120
[  887.427515][T24823]  __kmalloc_noprof+0xeb/0x910
[  887.427530][T24823]  ? copy_splice_read+0x1a8/0xc20
[  887.427552][T24823]  ? copy_splice_read+0x1a8/0xc20
[  887.427570][T24823]  copy_splice_read+0x1a8/0xc20
[  887.427593][T24823]  ? __pfx_copy_splice_read+0x10/0x10
[  887.427613][T24823]  ? __mark_inode_dirty+0x943/0x1670
[  887.427632][T24823]  ? find_held_lock+0x2b/0x80
[  887.427652][T24823]  ? __pfx_copy_splice_read+0x10/0x10
[  887.427670][T24823]  do_splice_read+0x285/0x370
[  887.427691][T24823]  splice_direct_to_actor+0x2a1/0xa30
[  887.427710][T24823]  ? __pfx_direct_splice_actor+0x10/0x10
[  887.427732][T24823]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  887.427751][T24823]  ? do_raw_spin_lock+0x12c/0x2b0
[  887.427770][T24823]  do_splice_direct+0x174/0x240
[  887.427789][T24823]  ? __pfx_do_splice_direct+0x10/0x10
[  887.427809][T24823]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  887.427830][T24823]  ? rw_verify_area+0xcf/0x6c0
[  887.427849][T24823]  do_sendfile+0xb06/0xe50
[  887.427869][T24823]  ? __pfx_do_sendfile+0x10/0x10
[  887.427886][T24823]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  887.427910][T24823]  __x64_sys_sendfile64+0x1d8/0x220
[  887.427924][T24823]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  887.427936][T24823]  ? rcu_is_watching+0x12/0xc0
[  887.427958][T24823]  do_syscall_64+0xcd/0xf80
[  887.427978][T24823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  887.427992][T24823] RIP: 0033:0x7fa067d8f7c9
[  887.428003][T24823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  887.428016][T24823] RSP: 002b:00007fa068c1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  887.428029][T24823] RAX: ffffffffffffffda RBX: 00007fa067fe6090 RCX: 00007fa067d8f7c9
[  887.428038][T24823] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[  887.428046][T24823] RBP: 00007fa067e13f91 R08: 0000000000000000 R09: 0000000000000000
[  887.428054][T24823] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000
[  887.428062][T24823] R13: 00007fa067fe6128 R14: 00007fa067fe6090 R15: 00007ffe8c7d04e8
[  887.428078][T24823]  </TASK>
[  888.300150][T24831] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  888.310413][T24831] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  888.316478][T24831] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  888.421313][T24831] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  888.427621][T24831] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  890.244889][ T6174] Bluetooth: hci1: command 0x0c1a tx timeout
[  890.399428][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  890.482251][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  890.488332][ T6174] Bluetooth: hci0: command 0x040f tx timeout
[  890.770879][T24908] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5117'.
[  890.915853][T24908] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  890.943457][T24908] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  890.998058][T24908] bond0 (unregistering): Released all slaves
[  891.224403][T24924] FAULT_INJECTION: forcing a failure.
[  891.224403][T24924] name failslab, interval 1, probability 0, space 0, times 0
[  891.286524][T24924] CPU: 0 UID: 0 PID: 24924 Comm: syz.5.5122 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  891.286552][T24924] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  891.286557][T24924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  891.286566][T24924] Call Trace:
[  891.286572][T24924]  <TASK>
[  891.286578][T24924]  dump_stack_lvl+0x16c/0x1f0
[  891.286603][T24924]  should_fail_ex+0x512/0x640
[  891.286619][T24924]  ? __kmalloc_cache_noprof+0x5f/0x800
[  891.286638][T24924]  should_failslab+0xc2/0x120
[  891.286659][T24924]  __kmalloc_cache_noprof+0x80/0x800
[  891.286675][T24924]  ? percpu_ref_init+0xec/0x410
[  891.286698][T24924]  ? percpu_ref_init+0xec/0x410
[  891.286720][T24924]  ? __pfx_obj_cgroup_release+0x10/0x10
[  891.286736][T24924]  percpu_ref_init+0xec/0x410
[  891.286753][T24924]  ? kasan_save_track+0x14/0x30
[  891.286773][T24924]  mem_cgroup_css_online+0x7e/0x640
[  891.286790][T24924]  ? __pfx_mem_cgroup_css_online+0x10/0x10
[  891.286807][T24924]  online_css+0xb2/0x350
[  891.286825][T24924]  cgroup_apply_control_enable+0x702/0xbb0
[  891.286850][T24924]  cgroup_mkdir+0x5e0/0x12e0
[  891.286872][T24924]  ? __pfx_cgroup_mkdir+0x10/0x10
[  891.286891][T24924]  kernfs_iop_mkdir+0x111/0x190
[  891.286908][T24924]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  891.286924][T24924]  vfs_mkdir+0x731/0xb60
[  891.286949][T24924]  do_mkdirat+0x442/0x5e0
[  891.286970][T24924]  ? __pfx_do_mkdirat+0x10/0x10
[  891.286990][T24924]  ? strncpy_from_user+0x203/0x2e0
[  891.287005][T24924]  ? getname_flags.part.0+0x1c5/0x550
[  891.287022][T24924]  __x64_sys_mkdir+0xef/0x140
[  891.287042][T24924]  do_syscall_64+0xcd/0xf80
[  891.287065][T24924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.287079][T24924] RIP: 0033:0x7fe09b98f7c9
[  891.287097][T24924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.287111][T24924] RSP: 002b:00007fe09c8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  891.287124][T24924] RAX: ffffffffffffffda RBX: 00007fe09bbe5fa0 RCX: 00007fe09b98f7c9
[  891.287133][T24924] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  891.287141][T24924] RBP: 00007fe09ba13f91 R08: 0000000000000000 R09: 0000000000000000
[  891.287149][T24924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  891.287157][T24924] R13: 00007fe09bbe6038 R14: 00007fe09bbe5fa0 R15: 00007ffcc549c918
[  891.287175][T24924]  </TASK>
[  891.830498][T24905] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  891.840699][T24905] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  891.850817][T24905] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  891.856797][T24905] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  892.924675][T24949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.5128: iget: checksum invalid
[  892.984669][T24949] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  892.997990][T24954] kernel read not supported for file /events/vmalloc/enable (pid: 24954 comm: syz.5.5129)
[  893.061555][T24949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.5128: iget: checksum invalid
[  893.076464][   T30] audit: type=1800 audit(4295004226.284:39): pid=24954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5129" name="enable" dev="tracefs" ino=19680823 res=0 errno=0
[  893.126369][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  893.141228][T24949] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  893.207842][T24949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.5128: iget: checksum invalid
[  893.248418][T24949] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  893.291548][T24949] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.5128: iget: checksum invalid
[  893.349597][T24949] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  893.393724][T24949] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  893.442246][T24949] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  893.631014][T12450] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 3545 with max blocks 38 with error 117
[  893.700053][T12450] EXT4-fs (sda1): This should not happen!! Data will be lost
[  893.700053][T12450] 
[  894.001987][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  894.008046][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  894.014139][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  894.221012][T24966] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  894.243823][T24966] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  894.265664][T24966] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  894.288955][T24966] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  895.008823][T25000] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5144'.
[  895.054778][T25001] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5143'.
[  895.234446][T22923] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 920 with max blocks 19 with error 117
[  895.329310][T22923] EXT4-fs (sda1): This should not happen!! Data will be lost
[  895.329310][T22923] 
[  895.603695][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  896.321863][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  896.327981][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  896.334041][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  897.207264][   T30] audit: type=1800 audit(4295004230.414:40): pid=25036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5153" name="members" dev="configfs" ino=116050 res=0 errno=0
[  897.418905][T25041] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5154'.
[  899.008744][T25075] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5162'.
[  900.188932][T25087] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5166'.
[  900.986622][T25107] FAULT_INJECTION: forcing a failure.
[  900.986622][T25107] name failslab, interval 1, probability 0, space 0, times 0
[  901.045714][T25107] CPU: 0 UID: 0 PID: 25107 Comm: syz.3.5171 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  901.045740][T25107] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  901.045746][T25107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  901.045755][T25107] Call Trace:
[  901.045760][T25107]  <TASK>
[  901.045766][T25107]  dump_stack_lvl+0x16c/0x1f0
[  901.045789][T25107]  should_fail_ex+0x512/0x640
[  901.045805][T25107]  ? kmem_cache_alloc_noprof+0x62/0x770
[  901.045825][T25107]  should_failslab+0xc2/0x120
[  901.045845][T25107]  kmem_cache_alloc_noprof+0x83/0x770
[  901.045861][T25107]  ? alloc_empty_file+0x55/0x1e0
[  901.045880][T25107]  ? alloc_empty_file+0x55/0x1e0
[  901.045893][T25107]  alloc_empty_file+0x55/0x1e0
[  901.045912][T25107]  alloc_file_pseudo+0x13a/0x230
[  901.045928][T25107]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  901.045944][T25107]  ? do_raw_spin_unlock+0x172/0x230
[  901.045962][T25107]  __anon_inode_getfile+0xe8/0x280
[  901.045978][T25107]  anon_inode_getfile_fmode+0x37/0xa0
[  901.045993][T25107]  __do_sys_timerfd_create+0x2fd/0x4e0
[  901.046009][T25107]  do_syscall_64+0xcd/0xf80
[  901.046032][T25107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.046048][T25107] RIP: 0033:0x7f29ea38f7c9
[  901.046060][T25107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  901.046073][T25107] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b
[  901.046086][T25107] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  901.046095][T25107] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009
[  901.046110][T25107] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  901.046119][T25107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  901.046128][T25107] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  901.046146][T25107]  </TASK>
[  901.387689][T25117] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5172'.
[  901.397370][T25117] unsupported nlmsg_type 40
[  901.408071][T25117] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5172'.
[  902.319041][T25152] openvswitch: netlink: Key 26 has unexpected len 131 expected 16
[  904.178796][T25221] batman_adv: Routing algorithm '7' is not supported
[  904.227045][T25217] binder: 25210:25217 ioctl c0306201 0 returned -14
[  904.952300][T25240] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5197'.
[  907.794188][T25314] program syz.3.5215 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  908.114779][T25291] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  908.467100][T25325] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5217'.
[  910.555645][T25376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5228'.
[  911.025625][T25394] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5233'.
[  911.752496][   T30] audit: type=1400 audit(4295004244.964:41): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=25409 comm="syz.5.5237"
[  912.789509][T25442] random: crng reseeded on system resumption
[  913.763571][T25466] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5252'.
[  915.025215][ T6464] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 928 with max blocks 11 with error 117
[  915.113931][ T6464] EXT4-fs (sda1): This should not happen!! Data will be lost
[  915.113931][ T6464] 
[  915.488371][T25491] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  915.545185][T25491] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  915.699634][T25491] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  915.799543][T25491] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  916.803552][T25593] netlink: 4552 bytes leftover after parsing attributes in process `syz.3.5260'.
[  917.439259][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  917.521280][T25601] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5261'.
[  917.599408][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  917.759480][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  917.839910][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  919.099794][T25625] could not allocate digest TFM handle 
[  920.106398][T25629] FAULT_INJECTION: forcing a failure.
[  920.106398][T25629] name fail_futex, interval 1, probability 0, space 0, times 0
[  920.159757][T25629] CPU: 0 UID: 0 PID: 25629 Comm: syz.3.5271 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  920.159783][T25629] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  920.159789][T25629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  920.159797][T25629] Call Trace:
[  920.159802][T25629]  <TASK>
[  920.159808][T25629]  dump_stack_lvl+0x16c/0x1f0
[  920.159833][T25629]  should_fail_ex+0x512/0x640
[  920.159852][T25629]  get_futex_key+0x293/0x15f0
[  920.159869][T25629]  ? __pfx_get_futex_key+0x10/0x10
[  920.159889][T25629]  futex_wake+0xea/0x530
[  920.159909][T25629]  ? __pfx_futex_wake+0x10/0x10
[  920.159934][T25629]  do_futex+0x1e3/0x350
[  920.159953][T25629]  ? __pfx_do_futex+0x10/0x10
[  920.159967][T25629]  ? __might_fault+0xe3/0x190
[  920.159987][T25629]  mm_release+0x24e/0x300
[  920.160007][T25629]  do_exit+0x69e/0x2bd0
[  920.160024][T25629]  ? __pfx_do_exit+0x10/0x10
[  920.160036][T25629]  ? do_raw_spin_lock+0x12c/0x2b0
[  920.160052][T25629]  ? find_held_lock+0x2b/0x80
[  920.160072][T25629]  do_group_exit+0xd3/0x2a0
[  920.160086][T25629]  get_signal+0x2671/0x26d0
[  920.160110][T25629]  ? __pfx_get_signal+0x10/0x10
[  920.160130][T25629]  ? do_futex+0x122/0x350
[  920.160146][T25629]  arch_do_signal_or_restart+0x8f/0x7a0
[  920.160167][T25629]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  920.160192][T25629]  ? __pfx___x64_sys_futex+0x10/0x10
[  920.160211][T25629]  exit_to_user_mode_loop+0x8c/0x540
[  920.160230][T25629]  do_syscall_64+0x4ee/0xf80
[  920.160251][T25629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.160266][T25629] RIP: 0033:0x7f29ea38f7c9
[  920.160277][T25629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  920.160291][T25629] RSP: 002b:00007f29eb1f20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  920.160304][T25629] RAX: fffffffffffffe00 RBX: 00007f29ea5e5fa8 RCX: 00007f29ea38f7c9
[  920.160313][T25629] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f29ea5e5fa8
[  920.160321][T25629] RBP: 00007f29ea5e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  920.160329][T25629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  920.160338][T25629] R13: 00007f29ea5e6038 R14: 00007ffc757901e0 R15: 00007ffc757902c8
[  920.160355][T25629]  </TASK>
[  921.922174][   T30] audit: type=1800 audit(4295004255.124:42): pid=25696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5288" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  922.925537][T22923] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 3502 with max blocks 76 with error 117
[  923.005893][T22923] EXT4-fs (sda1): This should not happen!! Data will be lost
[  923.005893][T22923] 
[  923.181580][T25732] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5300'.
[  923.311069][T25738] program syz.3.5301 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  924.978835][T25765] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  925.008348][T25765] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  925.041087][T25765] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  925.066555][T25765] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  926.399268][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  927.039290][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  927.119449][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  927.125553][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  927.552635][T25819] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5323'.
[  928.073631][T25833] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  928.126074][T25834] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  928.418185][T25846] netlink: 338 bytes leftover after parsing attributes in process `syz.0.5328'.
[  929.085357][T25864] FAULT_INJECTION: forcing a failure.
[  929.085357][T25864] name failslab, interval 1, probability 0, space 0, times 0
[  929.123980][T25867] FAULT_INJECTION: forcing a failure.
[  929.123980][T25867] name failslab, interval 1, probability 0, space 0, times 0
[  929.144774][T25864] CPU: 0 UID: 0 PID: 25864 Comm: syz.5.5332 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  929.144801][T25864] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  929.144806][T25864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  929.144814][T25864] Call Trace:
[  929.144819][T25864]  <TASK>
[  929.144825][T25864]  dump_stack_lvl+0x16c/0x1f0
[  929.144849][T25864]  should_fail_ex+0x512/0x640
[  929.144865][T25864]  ? kmem_cache_alloc_noprof+0x62/0x770
[  929.144885][T25864]  should_failslab+0xc2/0x120
[  929.144906][T25864]  kmem_cache_alloc_noprof+0x83/0x770
[  929.144922][T25864]  ? security_file_alloc+0x34/0x2b0
[  929.144941][T25864]  ? security_file_alloc+0x34/0x2b0
[  929.144957][T25864]  security_file_alloc+0x34/0x2b0
[  929.144973][T25864]  init_file+0x93/0x4c0
[  929.144988][T25864]  alloc_empty_file+0x73/0x1e0
[  929.145003][T25864]  path_openat+0xde/0x3140
[  929.145021][T25864]  ? do_syscall_64+0xcd/0xf80
[  929.145040][T25864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.145058][T25864]  ? __pfx_path_openat+0x10/0x10
[  929.145084][T25864]  do_filp_open+0x20b/0x470
[  929.145104][T25864]  ? __pfx_do_filp_open+0x10/0x10
[  929.145135][T25864]  ? alloc_fd+0x471/0x7d0
[  929.145158][T25864]  do_sys_openat2+0x121/0x290
[  929.145173][T25864]  ? __pfx_do_sys_openat2+0x10/0x10
[  929.145198][T25864]  __x64_sys_openat+0x174/0x210
[  929.145214][T25864]  ? __pfx___x64_sys_openat+0x10/0x10
[  929.145236][T25864]  do_syscall_64+0xcd/0xf80
[  929.145256][T25864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.145269][T25864] RIP: 0033:0x7fe09b98f7c9
[  929.145282][T25864] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.145295][T25864] RSP: 002b:00007fe09c8d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  929.145309][T25864] RAX: ffffffffffffffda RBX: 00007fe09bbe5fa0 RCX: 00007fe09b98f7c9
[  929.145318][T25864] RDX: 00000000000c0202 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  929.145326][T25864] RBP: 00007fe09ba13f91 R08: 0000000000000000 R09: 0000000000000000
[  929.145334][T25864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  929.145342][T25864] R13: 00007fe09bbe6038 R14: 00007fe09bbe5fa0 R15: 00007ffcc549c918
[  929.145359][T25864]  </TASK>
[  929.564863][T25867] CPU: 0 UID: 0 PID: 25867 Comm: syz.1.5333 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  929.564890][T25867] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  929.564896][T25867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  929.564905][T25867] Call Trace:
[  929.564910][T25867]  <TASK>
[  929.564916][T25867]  dump_stack_lvl+0x16c/0x1f0
[  929.564942][T25867]  should_fail_ex+0x512/0x640
[  929.564960][T25867]  should_failslab+0xc2/0x120
[  929.564982][T25867]  __kmalloc_cache_noprof+0x80/0x800
[  929.564999][T25867]  ? __pfx___might_resched+0x10/0x10
[  929.565017][T25867]  ? nfc_genl_rcv_nl_event+0xb9/0x310
[  929.565036][T25867]  ? nfc_genl_rcv_nl_event+0xb9/0x310
[  929.565050][T25867]  nfc_genl_rcv_nl_event+0xb9/0x310
[  929.565064][T25867]  notifier_call_chain+0xbc/0x3e0
[  929.565085][T25867]  ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10
[  929.565102][T25867]  blocking_notifier_call_chain+0x69/0xa0
[  929.565117][T25867]  netlink_release+0x1671/0x2000
[  929.565140][T25867]  ? netlink_release+0x1e4/0x2000
[  929.565160][T25867]  ? __pfx_netlink_release+0x10/0x10
[  929.565180][T25867]  ? __pfx_locks_remove_file+0x10/0x10
[  929.565202][T25867]  __sock_release+0xb3/0x270
[  929.565221][T25867]  ? __pfx_sock_close+0x10/0x10
[  929.565237][T25867]  sock_close+0x1c/0x30
[  929.565253][T25867]  __fput+0x402/0xb70
[  929.565271][T25867]  task_work_run+0x150/0x240
[  929.565287][T25867]  ? __pfx_task_work_run+0x10/0x10
[  929.565300][T25867]  ? __do_sys_close_range+0x278/0x730
[  929.565326][T25867]  exit_to_user_mode_loop+0xfb/0x540
[  929.565345][T25867]  do_syscall_64+0x4ee/0xf80
[  929.565366][T25867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.565380][T25867] RIP: 0033:0x7fa067d8f7c9
[  929.565392][T25867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.565405][T25867] RSP: 002b:00007fa068c3e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  929.565419][T25867] RAX: 0000000000000000 RBX: 00007fa067fe5fa0 RCX: 00007fa067d8f7c9
[  929.565428][T25867] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  929.565435][T25867] RBP: 00007fa067e13f91 R08: 0000000000000000 R09: 0000000000000000
[  929.565443][T25867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  929.565451][T25867] R13: 00007fa067fe6038 R14: 00007fa067fe5fa0 R15: 00007ffe8c7d04e8
[  929.565469][T25867]  </TASK>
[  932.367226][T25940] netlink: 146 bytes leftover after parsing attributes in process `syz.5.5349'.
[  933.218569][T25975] FAULT_INJECTION: forcing a failure.
[  933.218569][T25975] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  933.281664][T25975] CPU: 0 UID: 0 PID: 25975 Comm: syz.3.5357 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  933.281692][T25975] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  933.281698][T25975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  933.281707][T25975] Call Trace:
[  933.281713][T25975]  <TASK>
[  933.281719][T25975]  dump_stack_lvl+0x16c/0x1f0
[  933.281745][T25975]  should_fail_ex+0x512/0x640
[  933.281763][T25975]  strncpy_from_user+0x3b/0x2e0
[  933.281780][T25975]  getname_flags.part.0+0x8f/0x550
[  933.281798][T25975]  getname_flags+0x93/0xf0
[  933.281816][T25975]  do_sys_openat2+0xb9/0x290
[  933.281832][T25975]  ? __pfx_do_sys_openat2+0x10/0x10
[  933.281854][T25975]  __x64_sys_openat+0x174/0x210
[  933.281870][T25975]  ? __pfx___x64_sys_openat+0x10/0x10
[  933.281891][T25975]  do_syscall_64+0xcd/0xf80
[  933.281912][T25975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  933.281927][T25975] RIP: 0033:0x7f29ea38f7c9
[  933.281938][T25975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  933.281951][T25975] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  933.281965][T25975] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  933.281974][T25975] RDX: 0000000000004000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  933.281982][T25975] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  933.281990][T25975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  933.281998][T25975] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  933.282015][T25975]  </TASK>
[  935.237941][T26009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5367'.
[  935.521762][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.579509][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.619969][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.661202][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.700847][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.753298][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.801582][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.834271][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  935.857572][T26016] netlink: 62 bytes leftover after parsing attributes in process `syz.3.5369'.
[  936.088380][T26032] batman_adv: Routing algorithm '7' is not supported
[  936.317555][  T980] Process accounting resumed
[  936.563751][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  936.571348][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  937.667573][T26082] batman_adv: Routing algorithm '7' is not supported
[  939.198999][T26104] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  939.236414][T26104] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  939.269550][T26104] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  939.275570][T26104] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  940.639286][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  941.279497][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  941.359324][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  941.365404][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  942.521593][T26184] ptp ptp0: new virtual clock ptp1
[  942.552068][T26184] ptp ptp0: new virtual clock ptp2
[  942.577627][T26184] ptp ptp0: new virtual clock ptp3
[  942.616912][T26184] ptp ptp0: new virtual clock ptp4
[  942.645041][T26184] ptp ptp0: new virtual clock ptp5
[  942.679052][T26184] ptp ptp0: new virtual clock ptp6
[  942.704484][T26184] ptp ptp0: new virtual clock ptp7
[  942.740633][T26184] ptp ptp0: new virtual clock ptp8
[  942.778160][T26184] ptp ptp0: new virtual clock ptp9
[  942.815167][T26184] ptp ptp0: new virtual clock ptp10
[  942.835525][T26184] ptp ptp0: guarantee physical clock free running
[  944.121583][T26211] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  944.147580][T26211] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  944.166918][T26211] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  944.192121][T26211] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  944.344553][T26229] binder: 26226:26229 ioctl c0306201 0 returned -14
[  944.362832][T26225] __nla_validate_parse: 14 callbacks suppressed
[  944.362849][T26225] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5426'.
[  944.450565][T26225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  944.787570][T26237] FAULT_INJECTION: forcing a failure.
[  944.787570][T26237] name fail_futex, interval 1, probability 0, space 0, times 0
[  944.854209][T26237] CPU: 0 UID: 0 PID: 26237 Comm: syz.3.5427 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  944.854236][T26237] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  944.854241][T26237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  944.854250][T26237] Call Trace:
[  944.854255][T26237]  <TASK>
[  944.854260][T26237]  dump_stack_lvl+0x16c/0x1f0
[  944.854285][T26237]  should_fail_ex+0x512/0x640
[  944.854305][T26237]  get_futex_key+0x1d0/0x15f0
[  944.854328][T26237]  ? __pfx_get_futex_key+0x10/0x10
[  944.854347][T26237]  futex_wake+0xea/0x530
[  944.854367][T26237]  ? __lock_acquire+0x436/0x2890
[  944.854380][T26237]  ? __pfx_futex_wake+0x10/0x10
[  944.854401][T26237]  ? find_held_lock+0x2b/0x80
[  944.854422][T26237]  do_futex+0x1e3/0x350
[  944.854439][T26237]  ? __pfx_do_futex+0x10/0x10
[  944.854455][T26237]  ? grab_requested_mnt_ns+0x14c/0x670
[  944.854477][T26237]  __x64_sys_futex+0x1e0/0x4c0
[  944.854493][T26237]  ? __pfx_do_mknodat+0x10/0x10
[  944.854512][T26237]  ? __pfx___x64_sys_futex+0x10/0x10
[  944.854533][T26237]  do_syscall_64+0xcd/0xf80
[  944.854554][T26237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.854569][T26237] RIP: 0033:0x7f29ea38f7c9
[  944.854580][T26237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  944.854595][T26237] RSP: 002b:00007f29eb1b00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  944.854609][T26237] RAX: ffffffffffffffda RBX: 00007f29ea5e6188 RCX: 00007f29ea38f7c9
[  944.854618][T26237] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f29ea5e618c
[  944.854627][T26237] RBP: 00007f29ea5e6180 R08: 00007f29eb1f3000 R09: 0000000000000000
[  944.854636][T26237] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  944.854645][T26237] R13: 00007f29ea5e6218 R14: 00007ffc757901e0 R15: 00007ffc757902c8
[  944.854662][T26237]  </TASK>
[  945.520002][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  945.604616][T26256] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5433'.
[  946.164672][ T8556] Bluetooth: hci2: command 0x0c1a tx timeout
[  946.239939][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  946.246275][ T8556] Bluetooth: hci0: command 0x040f tx timeout
[  946.921139][T26269] batman_adv: Routing algorithm '7' is not supported
[  947.440340][T26265] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  947.493056][T26265] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  947.528642][T26265] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  947.551152][T26265] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  948.160986][T26300] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  948.229463][T26300] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  948.307841][T21627] Bluetooth: hci1: unexpected event 0x03 length: 727 > 11
[  948.324017][T26300] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  948.402700][T26300] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  950.239371][ T8556] Bluetooth: hci1: command 0x0c1a tx timeout
[  950.245780][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  950.399418][T21627] Bluetooth: hci3: command 0x0c1a tx timeout
[  950.479334][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  950.650519][T26351] FAULT_INJECTION: forcing a failure.
[  950.650519][T26351] name failslab, interval 1, probability 0, space 0, times 0
[  950.747381][T26351] CPU: 0 UID: 0 PID: 26351 Comm: syz.3.5457 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  950.747410][T26351] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  950.747415][T26351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  950.747424][T26351] Call Trace:
[  950.747429][T26351]  <TASK>
[  950.747436][T26351]  dump_stack_lvl+0x16c/0x1f0
[  950.747462][T26351]  should_fail_ex+0x512/0x640
[  950.747478][T26351]  ? kmem_cache_alloc_noprof+0x62/0x770
[  950.747498][T26351]  should_failslab+0xc2/0x120
[  950.747519][T26351]  kmem_cache_alloc_noprof+0x83/0x770
[  950.747536][T26351]  ? __pmd_alloc+0xbf/0x9c0
[  950.747566][T26351]  ? __pmd_alloc+0xbf/0x9c0
[  950.747586][T26351]  __pmd_alloc+0xbf/0x9c0
[  950.747609][T26351]  walk_to_pmd+0x3a6/0x4c0
[  950.747630][T26351]  vm_insert_pages+0x202/0xa60
[  950.747648][T26351]  ? __pfx_vm_insert_pages+0x10/0x10
[  950.747666][T26351]  io_uring_mmap+0x3bf/0x5c0
[  950.747688][T26351]  ? __pfx_io_uring_mmap+0x10/0x10
[  950.747707][T26351]  ? vm_area_alloc+0x1f/0x160
[  950.747723][T26351]  ? lockdep_init_map_type+0x5c/0x270
[  950.747740][T26351]  __mmap_region+0x13f2/0x2a00
[  950.747757][T26351]  ? __lock_acquire+0x436/0x2890
[  950.747769][T26351]  ? __pfx___mmap_region+0x10/0x10
[  950.747789][T26351]  ? lock_acquire+0x179/0x330
[  950.747817][T26351]  ? lock_acquire+0x179/0x330
[  950.747852][T26351]  ? rcu_is_watching+0x12/0xc0
[  950.747874][T26351]  mmap_region+0x1ab/0x3f0
[  950.747890][T26351]  ? __get_unmapped_area+0x267/0x3f0
[  950.747912][T26351]  do_mmap+0xa3e/0x1210
[  950.747934][T26351]  ? __pfx_do_mmap+0x10/0x10
[  950.747953][T26351]  ? __pfx_down_write_killable+0x10/0x10
[  950.747970][T26351]  vm_mmap_pgoff+0x29e/0x470
[  950.747992][T26351]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  950.748013][T26351]  ? __fget_files+0x20e/0x3c0
[  950.748035][T26351]  ksys_mmap_pgoff+0x32c/0x5c0
[  950.748053][T26351]  ? __pfx_ksys_write+0x10/0x10
[  950.748073][T26351]  __x64_sys_mmap+0x125/0x190
[  950.748089][T26351]  do_syscall_64+0xcd/0xf80
[  950.748110][T26351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.748123][T26351] RIP: 0033:0x7f29ea38f7c9
[  950.748134][T26351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  950.748148][T26351] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  950.748161][T26351] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  950.748170][T26351] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000
[  950.748177][T26351] RBP: 00007f29ea413f91 R08: 0000000000000003 R09: 0000000000008000
[  950.748185][T26351] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000
[  950.748193][T26351] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  950.748210][T26351]  </TASK>
[  951.315027][T26365] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  952.427593][T26394] binder: 26390:26394 ioctl 4008ae89 2000000000c0 returned -22
[  953.482485][T26422] netlink: 'syz.0.5472': attribute type 8 has an invalid length.
[  954.192596][T26424] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  954.205208][T26424] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  954.218961][T26424] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  954.234457][T26424] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  955.029579][T26450] Invalid ELF header magic: != ELF
[  955.599692][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  956.239318][ T6174] Bluetooth: hci2: command 0x0c1a tx timeout
[  956.245490][T21627] Bluetooth: hci0: command 0x040f tx timeout
[  956.251581][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  957.250791][T26475] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  957.274237][T26475] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  957.303606][T26475] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  957.339459][T26475] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  957.471795][T26491] FAULT_INJECTION: forcing a failure.
[  957.471795][T26491] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  957.659475][T26491] CPU: 0 UID: 0 PID: 26491 Comm: syz.1.5490 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  957.659502][T26491] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  957.659508][T26491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  957.659518][T26491] Call Trace:
[  957.659523][T26491]  <TASK>
[  957.659529][T26491]  dump_stack_lvl+0x16c/0x1f0
[  957.659554][T26491]  should_fail_ex+0x512/0x640
[  957.659573][T26491]  core_sys_select+0x9cf/0xc20
[  957.659598][T26491]  ? __pfx_core_sys_select+0x10/0x10
[  957.659620][T26491]  ? __lock_acquire+0x436/0x2890
[  957.659644][T26491]  ? read_tsc+0x9/0x20
[  957.659663][T26491]  ? ktime_get_ts64+0x256/0x400
[  957.659681][T26491]  kern_select+0x15d/0x1e0
[  957.659699][T26491]  ? __pfx_kern_select+0x10/0x10
[  957.659718][T26491]  ? xfd_validate_state+0x61/0x180
[  957.659730][T26491]  ? __pfx_ksys_write+0x10/0x10
[  957.659750][T26491]  __x64_sys_select+0xbd/0x160
[  957.659768][T26491]  ? do_syscall_64+0x91/0xf80
[  957.659786][T26491]  ? lockdep_hardirqs_on+0x7c/0x110
[  957.659806][T26491]  do_syscall_64+0xcd/0xf80
[  957.659826][T26491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.659839][T26491] RIP: 0033:0x7fa067d8f7c9
[  957.659851][T26491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  957.659863][T26491] RSP: 002b:00007fa068c3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  957.659877][T26491] RAX: ffffffffffffffda RBX: 00007fa067fe5fa0 RCX: 00007fa067d8f7c9
[  957.659885][T26491] RDX: 0000200000000340 RSI: 00002000000002c0 RDI: 0000000000000008
[  957.659894][T26491] RBP: 00007fa067e13f91 R08: 00002000000001c0 R09: 0000000000000000
[  957.659902][T26491] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000000
[  957.659910][T26491] R13: 00007fa067fe6038 R14: 00007fa067fe5fa0 R15: 00007ffe8c7d04e8
[  957.659927][T26491]  </TASK>
[  957.912391][T26465] syz.5.5482 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=0, oom_score_adj=1000
[  957.924535][T26465] CPU: 0 UID: 0 PID: 26465 Comm: syz.5.5482 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  957.924561][T26465] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  957.924567][T26465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  957.924575][T26465] Call Trace:
[  957.924581][T26465]  <TASK>
[  957.924586][T26465]  dump_stack_lvl+0x16c/0x1f0
[  957.924611][T26465]  dump_header+0x101/0x960
[  957.924629][T26465]  oom_kill_process+0x176/0x910
[  957.924646][T26465]  out_of_memory+0x350/0x1700
[  957.924661][T26465]  ? __lock_acquire+0x436/0x2890
[  957.924678][T26465]  ? __pfx_out_of_memory+0x10/0x10
[  957.924698][T26465]  mem_cgroup_out_of_memory+0x118/0x130
[  957.924715][T26465]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  957.924735][T26465]  ? do_raw_spin_unlock+0x172/0x230
[  957.924754][T26465]  try_charge_memcg+0x695/0xd30
[  957.924779][T26465]  ? __pfx_try_charge_memcg+0x10/0x10
[  957.924800][T26465]  ? rcu_read_unlock+0x1/0x60
[  957.924816][T26465]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  957.924835][T26465]  obj_cgroup_charge_account+0x336/0x670
[  957.924859][T26465]  __memcg_slab_post_alloc_hook+0x2e3/0x880
[  957.924884][T26465]  ? kasan_save_track+0x14/0x30
[  957.924905][T26465]  kmem_cache_alloc_lru_noprof+0x58f/0x770
[  957.924923][T26465]  ? xas_nomem+0x101/0x2c0
[  957.924946][T26465]  ? xas_nomem+0x101/0x2c0
[  957.924964][T26465]  xas_nomem+0x101/0x2c0
[  957.924982][T26465]  ? _raw_spin_unlock_irq+0x23/0x50
[  957.925003][T26465]  __filemap_add_folio+0xae1/0x11b0
[  957.925023][T26465]  ? __pfx___filemap_add_folio+0x10/0x10
[  957.925041][T26465]  ? __pfx_workingset_update_node+0x10/0x10
[  957.925063][T26465]  filemap_add_folio+0x19a/0x610
[  957.925080][T26465]  ? __pfx_filemap_add_folio+0x10/0x10
[  957.925100][T26465]  __filemap_get_folio_mpol+0x511/0xc60
[  957.925122][T26465]  filemap_fault+0x684/0x29d0
[  957.925141][T26465]  ? __pfx_filemap_fault+0x10/0x10
[  957.925165][T26465]  __do_fault+0x10d/0x490
[  957.925184][T26465]  do_fault+0x302/0x1ad0
[  957.925203][T26465]  ? __pfx_filemap_map_pages+0x10/0x10
[  957.925221][T26465]  __handle_mm_fault+0x1919/0x2bb0
[  957.925241][T26465]  ? __pfx___handle_mm_fault+0x10/0x10
[  957.925256][T26465]  ? __pte_offset_map_lock+0x174/0x310
[  957.925276][T26465]  ? find_held_lock+0x2b/0x80
[  957.925299][T26465]  ? follow_page_pte+0x5cf/0x1390
[  957.925323][T26465]  handle_mm_fault+0x3fe/0xad0
[  957.925340][T26465]  __get_user_pages+0x54e/0x3590
[  957.925365][T26465]  ? down_read_killable+0x313/0x4c0
[  957.925384][T26465]  ? __lock_acquire+0x436/0x2890
[  957.925396][T26465]  ? __pfx___get_user_pages+0x10/0x10
[  957.925422][T26465]  __gup_longterm_locked+0xa92/0x17e0
[  957.925447][T26465]  ? __pfx___gup_longterm_locked+0x10/0x10
[  957.925469][T26465]  ? try_get_folio+0x255/0x730
[  957.925487][T26465]  ? find_held_lock+0x2b/0x80
[  957.925504][T26465]  ? sanity_check_pinned_pages+0x58a/0x11d0
[  957.925528][T26465]  gup_fast_fallback+0xf5f/0x2350
[  957.925560][T26465]  ? __pfx_gup_fast_fallback+0x10/0x10
[  957.925581][T26465]  ? kasan_save_stack+0x33/0x60
[  957.925598][T26465]  ? kasan_save_track+0x14/0x30
[  957.925615][T26465]  ? __kasan_slab_alloc+0x89/0x90
[  957.925633][T26465]  ? mempool_alloc_noprof+0x1b4/0x2f0
[  957.925651][T26465]  ? bvec_alloc+0x192/0x210
[  957.925672][T26465]  ? irqentry_exit+0x1dd/0x8c0
[  957.925691][T26465]  ? lockdep_hardirqs_on+0x7c/0x110
[  957.925713][T26465]  pin_user_pages_fast+0xa7/0xf0
[  957.925733][T26465]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  957.925755][T26465]  ? iov_iter_advance+0x1e3/0x6c0
[  957.925772][T26465]  iov_iter_extract_pages+0x3a2/0x1ed0
[  957.925790][T26465]  ? find_held_lock+0x2b/0x80
[  957.925807][T26465]  ? pfn_valid+0x26a/0x4d0
[  957.925826][T26465]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  957.925842][T26465]  ? pfn_valid+0x6f/0x4d0
[  957.925861][T26465]  ? __bio_add_page+0x143/0x2e0
[  957.925879][T26465]  ? bio_add_page+0x16f/0x790
[  957.925898][T26465]  ? iov_iter_revert+0x27/0x5a0
[  957.925914][T26465]  bio_iov_iter_get_pages+0x395/0x1300
[  957.925946][T26465]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[  957.925968][T26465]  ? __pfx_bio_alloc_bioset+0x10/0x10
[  957.925993][T26465]  blkdev_direct_IO+0x1232/0x1fe0
[  957.926018][T26465]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  957.926039][T26465]  ? __pfx_aa_file_perm+0x10/0x10
[  957.926058][T26465]  ? do_swap_page+0x16a0/0x64a0
[  957.926074][T26465]  blkdev_read_iter+0x289/0x500
[  957.926094][T26465]  do_iter_readv_writev+0x743/0x9e0
[  957.926113][T26465]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  957.926131][T26465]  ? common_file_perm+0x1b1/0x500
[  957.926149][T26465]  ? bpf_lsm_file_permission+0x9/0x10
[  957.926165][T26465]  ? security_file_permission+0x71/0x210
[  957.926183][T26465]  ? rw_verify_area+0xcf/0x6c0
[  957.926201][T26465]  vfs_readv+0x4cb/0x8b0
[  957.926222][T26465]  ? __pfx_vfs_readv+0x10/0x10
[  957.926240][T26465]  ? css_rstat_updated+0x1d1/0x590
[  957.926253][T26465]  ? __lock_acquire+0x436/0x2890
[  957.926275][T26465]  ? __fget_files+0x20e/0x3c0
[  957.926298][T26465]  ? do_readv+0x132/0x340
[  957.926315][T26465]  do_readv+0x132/0x340
[  957.926332][T26465]  ? __pfx_do_readv+0x10/0x10
[  957.926354][T26465]  __x64_sys_preadv2+0x11f/0x160
[  957.926377][T26465]  do_syscall_64+0xcd/0xf80
[  957.926403][T26465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.926417][T26465] RIP: 0033:0x7fe09b98f7c9
[  957.926431][T26465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  957.926444][T26465] RSP: 002b:00007fe09c8b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147
[  957.926458][T26465] RAX: ffffffffffffffda RBX: 00007fe09bbe6090 RCX: 00007fe09b98f7c9
[  957.926467][T26465] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000003
[  957.926475][T26465] RBP: 00007fe09ba13f91 R08: 0000000000000004 R09: 000000000000002e
[  957.926484][T26465] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  957.926492][T26465] R13: 00007fe09bbe6128 R14: 00007fe09bbe6090 R15: 00007ffcc549c918
[  957.926509][T26465]  </TASK>
[  957.926515][T26465] memory: usage 3072kB, limit 3072kB, failcnt 135229
[  958.572248][T26503] FAULT_INJECTION: forcing a failure.
[  958.572248][T26503] name failslab, interval 1, probability 0, space 0, times 0
[  958.619337][T26503] CPU: 0 UID: 0 PID: 26503 Comm: syz.3.5494 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  958.619373][T26503] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  958.619379][T26503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  958.619387][T26503] Call Trace:
[  958.619393][T26503]  <TASK>
[  958.619399][T26503]  dump_stack_lvl+0x16c/0x1f0
[  958.619424][T26503]  should_fail_ex+0x512/0x640
[  958.619441][T26503]  ? fs_reclaim_acquire+0xae/0x150
[  958.619466][T26503]  should_failslab+0xc2/0x120
[  958.619486][T26503]  kmem_cache_alloc_noprof+0x83/0x770
[  958.619502][T26503]  ? __pfx_map_id_range_down+0x10/0x10
[  958.619522][T26503]  ? security_inode_alloc+0x3b/0x2b0
[  958.619540][T26503]  ? security_inode_alloc+0x3b/0x2b0
[  958.619553][T26503]  security_inode_alloc+0x3b/0x2b0
[  958.619569][T26503]  inode_init_always_gfp+0xced/0x1040
[  958.619591][T26503]  alloc_inode+0x86/0x240
[  958.619606][T26503]  new_inode+0x22/0x1c0
[  958.619622][T26503]  nfsd_mkdir+0x78/0x460
[  958.619642][T26503]  ? dput.part.0+0xd8/0x570
[  958.619658][T26503]  nfsd_fill_super+0x41a/0x5a0
[  958.619679][T26503]  ? __pfx_nfsd_fill_super+0x10/0x10
[  958.619699][T26503]  get_tree_keyed+0x10e/0x1d0
[  958.619719][T26503]  vfs_get_tree+0x8e/0x330
[  958.619735][T26503]  path_mount+0x7bf/0x23a0
[  958.619748][T26503]  ? rcu_is_watching+0x12/0xc0
[  958.619768][T26503]  ? __pfx_path_mount+0x10/0x10
[  958.619781][T26503]  ? kmem_cache_free+0x2d8/0x770
[  958.619797][T26503]  ? putname+0xf5/0x1a0
[  958.619812][T26503]  ? putname+0xf5/0x1a0
[  958.619822][T26503]  ? putname+0xf5/0x1a0
[  958.619835][T26503]  ? __x64_sys_mount+0x293/0x310
[  958.619846][T26503]  __x64_sys_mount+0x293/0x310
[  958.619864][T26503]  ? __pfx___x64_sys_mount+0x10/0x10
[  958.619882][T26503]  do_syscall_64+0xcd/0xf80
[  958.619903][T26503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.619916][T26503] RIP: 0033:0x7f29ea38f7c9
[  958.619929][T26503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  958.619942][T26503] RSP: 002b:00007f29eb1f2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  958.619956][T26503] RAX: ffffffffffffffda RBX: 00007f29ea5e5fa0 RCX: 00007f29ea38f7c9
[  958.619964][T26503] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000
[  958.619973][T26503] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  958.619981][T26503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  958.619989][T26503] R13: 00007f29ea5e6038 R14: 00007f29ea5e5fa0 R15: 00007ffc757902c8
[  958.620007][T26503]  </TASK>
[  959.250557][T21627] Bluetooth: hci1: command 0x0c1a tx timeout
[  959.408542][ T8556] Bluetooth: hci3: command 0x0c1a tx timeout
[  959.414845][T21627] Bluetooth: hci2: command 0x0c1a tx timeout
[  959.421039][ T6174] Bluetooth: hci0: command 0x040f tx timeout
[  960.305348][T26465] memory+swap: usage 3248kB, limit 9007199254740988kB, failcnt 0
[  960.324052][ T8556] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260
[  960.324084][ T8556] Bluetooth: hci1: unexpected subevent 0x0c length: 727 > 5
[  960.345112][T26461] Page cache invalidation failure on direct I/O.  Possible data corruption due to collision with buffered I/O!
[  960.380851][T26461] File: /dev/nullb0 PID: 26461 Comm: syz.5.5482
[  960.418254][T26465] kmem: usage 1380kB, limit 9007199254740988kB, failcnt 0
[  960.475733][T26465] Memory cgroup stats for /syz5:
[  960.475968][T26465] cache 1155072
[  960.589269][T26465] rss 0
[  960.592087][T26465] rss_huge 0
[  960.595362][T26465] shmem 0
[  960.693028][T26465] mapped_file 0
[  960.697828][T26465] dirty 0
[  960.725371][T26465] writeback 0
[  960.772472][T26465] workingset_refault_anon 17271
[  960.777354][T26465] workingset_refault_file 742
[  960.801876][T26465] swap 180224
[  960.815422][T26465] swapcached 49152
[  960.828728][T26465] pgpgin 310552
[  960.842497][T26465] pgpgout 330231
[  960.851965][T26465] pgfault 257606
[  960.855924][T26465] pgmajfault 6633
[  960.878198][T26465] inactive_anon 49152
[  960.905537][T26465] active_anon 0
[  960.922079][T26465] inactive_file 1089536
[  960.954714][T26465] active_file 589824
[  960.964869][T26465] unevictable 0
[  960.968452][T26465] hierarchical_memory_limit 3145728
[  961.001043][T26465] hierarchical_memsw_limit 9223372036854771712
[  961.014193][T26465] total_cache 1155072
[  961.023875][T26465] total_rss 0
[  961.033232][T26465] total_rss_huge 0
[  961.036974][T26465] total_shmem 0
[  961.057747][T26465] total_mapped_file 0
[  961.078201][T26465] total_dirty 0
[  961.093725][T26465] total_writeback 0
[  961.113948][T26465] total_workingset_refault_anon 17271
[  961.134198][T26465] total_workingset_refault_file 742
[  961.157489][T26465] total_swap 180224
[  961.185369][T26465] total_swapcached 49152
[  961.209818][T26465] total_pgpgin 310552
[  961.213931][T26465] total_pgpgout 330231
[  961.255712][T26465] total_pgfault 257606
[  961.272350][T26465] total_pgmajfault 6633
[  961.296199][T26465] total_inactive_anon 49152
[  961.306915][T26465] total_active_anon 0
[  961.315718][T26465] total_inactive_file 1089536
[  961.329755][T26465] total_active_file 589824
[  961.341622][T26465] total_unevictable 0
[  961.350125][T26465] anon_cost 0
[  961.353436][T26465] file_cost 0
[  961.366605][T26465] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.5482,pid=26460,uid=0
[  961.421554][T26465] Memory cgroup out of memory: Killed process 26460 (syz.5.5482) total-vm:110556kB, anon-rss:1268kB, file-rss:25204kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000
[  962.383859][T26573] Invalid ELF header magic: != ELF
[  964.517264][T26624] random: crng reseeded on system resumption
[  965.789152][T26670] FAULT_INJECTION: forcing a failure.
[  965.789152][T26670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  965.917859][T26670] CPU: 0 UID: 0 PID: 26670 Comm: syz.3.5534 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  965.917887][T26670] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  965.917893][T26670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  965.917902][T26670] Call Trace:
[  965.917907][T26670]  <TASK>
[  965.917913][T26670]  dump_stack_lvl+0x16c/0x1f0
[  965.917939][T26670]  should_fail_ex+0x512/0x640
[  965.917957][T26670]  _copy_from_user+0x2e/0xd0
[  965.917973][T26670]  move_addr_to_kernel+0x65/0x170
[  965.917995][T26670]  __sys_bind+0x11b/0x260
[  965.918010][T26670]  ? __pfx___sys_bind+0x10/0x10
[  965.918030][T26670]  ? xfd_validate_state+0x61/0x180
[  965.918048][T26670]  __x64_sys_bind+0x72/0xb0
[  965.918062][T26670]  ? lockdep_hardirqs_on+0x7c/0x110
[  965.918083][T26670]  do_syscall_64+0xcd/0xf80
[  965.918118][T26670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  965.918133][T26670] RIP: 0033:0x7f29ea38f7c9
[  965.918145][T26670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  965.918159][T26670] RSP: 002b:00007f29eb1b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  965.918173][T26670] RAX: ffffffffffffffda RBX: 00007f29ea5e6180 RCX: 00007f29ea38f7c9
[  965.918183][T26670] RDX: 000000000000006a RSI: 0000200000000040 RDI: 0000000000000003
[  965.918192][T26670] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  965.918201][T26670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  965.918210][T26670] R13: 00007f29ea5e6218 R14: 00007f29ea5e6180 R15: 00007ffc757902c8
[  965.918228][T26670]  </TASK>
[  966.510549][T26681] ==================================================================
[  966.518638][T26681] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[  966.526365][T26681] Read of size 8 at addr ffff8881476bfc18 by task syz.3.5537/26681
[  966.534237][T26681] 
[  966.536650][T26681] CPU: 0 UID: 0 PID: 26681 Comm: syz.3.5537 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  966.536671][T26681] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  966.536677][T26681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  966.536686][T26681] Call Trace:
[  966.536691][T26681]  <TASK>
[  966.536697][T26681]  dump_stack_lvl+0x116/0x1f0
[  966.536720][T26681]  print_report+0xcd/0x630
[  966.536740][T26681]  ? __virt_addr_valid+0x81/0x610
[  966.536762][T26681]  ? __phys_addr+0xe8/0x180
[  966.536781][T26681]  ? dvb_device_open+0x36a/0x3b0
[  966.536801][T26681]  kasan_report+0xe0/0x110
[  966.536821][T26681]  ? dvb_device_open+0x36a/0x3b0
[  966.536842][T26681]  ? __pfx_dvb_device_open+0x10/0x10
[  966.536863][T26681]  dvb_device_open+0x36a/0x3b0
[  966.536883][T26681]  ? __pfx_dvb_device_open+0x10/0x10
[  966.536903][T26681]  chrdev_open+0x234/0x6a0
[  966.536924][T26681]  ? __pfx_apparmor_file_open+0x10/0x10
[  966.536938][T26681]  ? __pfx_chrdev_open+0x10/0x10
[  966.536959][T26681]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  966.536991][T26681]  do_dentry_open+0x748/0x1590
[  966.537011][T26681]  ? __pfx_chrdev_open+0x10/0x10
[  966.537041][T26681]  vfs_open+0x82/0x3f0
[  966.537056][T26681]  path_openat+0x2078/0x3140
[  966.537078][T26681]  ? __pfx_path_openat+0x10/0x10
[  966.537100][T26681]  do_filp_open+0x20b/0x470
[  966.537120][T26681]  ? __pfx_do_filp_open+0x10/0x10
[  966.537144][T26681]  ? alloc_fd+0x471/0x7d0
[  966.537165][T26681]  do_sys_openat2+0x121/0x290
[  966.537180][T26681]  ? __pfx_do_sys_openat2+0x10/0x10
[  966.537195][T26681]  ? count_memcg_events+0x122/0x290
[  966.537215][T26681]  __x64_sys_openat+0x174/0x210
[  966.537231][T26681]  ? __pfx___x64_sys_openat+0x10/0x10
[  966.537249][T26681]  do_syscall_64+0xcd/0xf80
[  966.537270][T26681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.537284][T26681] RIP: 0033:0x7f29ea38f7c9
[  966.537296][T26681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  966.537310][T26681] RSP: 002b:00007f29eb1b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  966.537324][T26681] RAX: ffffffffffffffda RBX: 00007f29ea5e6180 RCX: 00007f29ea38f7c9
[  966.537333][T26681] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  966.537341][T26681] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  966.537350][T26681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  966.537358][T26681] R13: 00007f29ea5e6218 R14: 00007f29ea5e6180 R15: 00007ffc757902c8
[  966.537370][T26681]  </TASK>
[  966.537375][T26681] 
[  966.791674][T26681] Allocated by task 1:
[  966.795765][T26681]  kasan_save_stack+0x33/0x60
[  966.800454][T26681]  kasan_save_track+0x14/0x30
[  966.805134][T26681]  __kasan_kmalloc+0xaa/0xb0
[  966.809822][T26681]  dvb_register_device+0x1e4/0x2370
[  966.815107][T26681]  dvb_register_frontend+0x5a6/0x8a0
[  966.820388][T26681]  vidtv_bridge_probe+0x459/0xa90
[  966.825400][T26681]  platform_probe+0x106/0x1d0
[  966.830074][T26681]  really_probe+0x241/0xb20
[  966.834568][T26681]  __driver_probe_device+0x1de/0x470
[  966.839836][T26681]  driver_probe_device+0x4c/0x1b0
[  966.845011][T26681]  __driver_attach+0x283/0x5e0
[  966.849765][T26681]  bus_for_each_dev+0x13e/0x1d0
[  966.854633][T26681]  bus_add_driver+0x30f/0x6c0
[  966.859503][T26681]  driver_register+0x15c/0x4b0
[  966.864266][T26681]  vidtv_bridge_init+0x45/0x80
[  966.869032][T26681]  do_one_initcall+0x123/0x680
[  966.873791][T26681]  kernel_init_freeable+0x5c8/0x920
[  966.878971][T26681]  kernel_init+0x1c/0x2b0
[  966.883370][T26681]  ret_from_fork+0x983/0xb10
[  966.888031][T26681]  ret_from_fork_asm+0x1a/0x30
[  966.892969][T26681] 
[  966.895369][T26681] Freed by task 26365:
[  966.899416][T26681]  kasan_save_stack+0x33/0x60
[  966.904170][T26681]  kasan_save_track+0x14/0x30
[  966.908839][T26681]  kasan_save_free_info+0x3b/0x60
[  966.913844][T26681]  __kasan_slab_free+0x5f/0x80
[  966.918682][T26681]  kfree+0x2f8/0x6e0
[  966.923006][T26681]  dvb_device_put.part.0+0x60/0x90
[  966.928283][T26681]  dvb_device_open+0x2a4/0x3b0
[  966.933411][T26681]  chrdev_open+0x234/0x6a0
[  966.937824][T26681]  do_dentry_open+0x748/0x1590
[  966.942625][T26681]  vfs_open+0x82/0x3f0
[  966.946780][T26681]  path_openat+0x2078/0x3140
[  966.951364][T26681]  do_filp_open+0x20b/0x470
[  966.955860][T26681]  do_sys_openat2+0x121/0x290
[  966.960536][T26681]  __x64_sys_openat+0x174/0x210
[  966.965370][T26681]  do_syscall_64+0xcd/0xf80
[  966.969877][T26681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.975764][T26681] 
[  966.978068][T26681] The buggy address belongs to the object at ffff8881476bfc00
[  966.978068][T26681]  which belongs to the cache kmalloc-256 of size 256
[  966.992172][T26681] The buggy address is located 24 bytes inside of
[  966.992172][T26681]  freed 256-byte region [ffff8881476bfc00, ffff8881476bfd00)
[  967.006151][T26681] 
[  967.008560][T26681] The buggy address belongs to the physical page:
[  967.015055][T26681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881476bfc00 pfn:0x1476be
[  967.025190][T26681] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  967.033666][T26681] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  967.041282][T26681] page_type: f5(slab)
[  967.045262][T26681] raw: 057ff00000000040 ffff88813ff26b40 ffffea0001f8ae00 0000000000000006
[  967.053847][T26681] raw: ffff8881476bfc00 000000000010000f 00000000f5000000 0000000000000000
[  967.062454][T26681] head: 057ff00000000040 ffff88813ff26b40 ffffea0001f8ae00 0000000000000006
[  967.071174][T26681] head: ffff8881476bfc00 000000000010000f 00000000f5000000 0000000000000000
[  967.080093][T26681] head: 057ff00000000001 ffffea00051daf81 00000000ffffffff 00000000ffffffff
[  967.089286][T26681] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  967.098064][T26681] page dumped because: kasan: bad access detected
[  967.104819][T26681] page_owner tracks the page as allocated
[  967.110726][T26681] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 20357262045, free_ts 0
[  967.131042][T26681]  post_alloc_hook+0x1af/0x220
[  967.135845][T26681]  get_page_from_freelist+0xd0b/0x31a0
[  967.141377][T26681]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  967.147343][T26681]  alloc_pages_mpol+0x1fb/0x550
[  967.152197][T26681]  new_slab+0x2c3/0x430
[  967.156355][T26681]  ___slab_alloc+0xe18/0x1c90
[  967.161014][T26681]  __slab_alloc.constprop.0+0x63/0x110
[  967.166459][T26681]  __kmalloc_cache_noprof+0x485/0x800
[  967.171817][T26681]  bus_add_driver+0x92/0x6c0
[  967.176567][T26681]  driver_register+0x15c/0x4b0
[  967.181402][T26681]  usb_register_driver+0x216/0x4d0
[  967.186512][T26681]  do_one_initcall+0x123/0x680
[  967.191300][T26681]  kernel_init_freeable+0x5c8/0x920
[  967.196499][T26681]  kernel_init+0x1c/0x2b0
[  967.201033][T26681]  ret_from_fork+0x983/0xb10
[  967.205782][T26681]  ret_from_fork_asm+0x1a/0x30
[  967.210536][T26681] page_owner free stack trace missing
[  967.215975][T26681] 
[  967.218369][T26681] Memory state around the buggy address:
[  967.224081][T26681]  ffff8881476bfb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  967.232255][T26681]  ffff8881476bfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  967.240323][T26681] >ffff8881476bfc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  967.248535][T26681]                             ^
[  967.253465][T26681]  ffff8881476bfc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  967.261515][T26681]  ffff8881476bfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  967.269971][T26681] ==================================================================
[  967.400013][T26681] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  967.407324][T26681] CPU: 0 UID: 0 PID: 26681 Comm: syz.3.5537 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  967.418253][T26681] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  967.423449][T26681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  967.433588][T26681] Call Trace:
[  967.436851][T26681]  <TASK>
[  967.439950][T26681]  dump_stack_lvl+0x3d/0x1f0
[  967.444553][T26681]  vpanic+0x640/0x6f0
[  967.448624][T26681]  panic+0xca/0xd0
[  967.452415][T26681]  ? __pfx_panic+0x10/0x10
[  967.456827][T26681]  ? dvb_device_open+0x36a/0x3b0
[  967.461764][T26681]  ? preempt_schedule_common+0x44/0xc0
[  967.467302][T26681]  ? preempt_schedule_thunk+0x16/0x30
[  967.472830][T26681]  ? check_panic_on_warn+0x1f/0xb0
[  967.477923][T26681]  check_panic_on_warn+0xab/0xb0
[  967.482858][T26681]  end_report+0x107/0x160
[  967.487177][T26681]  kasan_report+0xee/0x110
[  967.491585][T26681]  ? dvb_device_open+0x36a/0x3b0
[  967.496693][T26681]  ? __pfx_dvb_device_open+0x10/0x10
[  967.502054][T26681]  dvb_device_open+0x36a/0x3b0
[  967.506831][T26681]  ? __pfx_dvb_device_open+0x10/0x10
[  967.512540][T26681]  chrdev_open+0x234/0x6a0
[  967.516945][T26681]  ? __pfx_apparmor_file_open+0x10/0x10
[  967.522493][T26681]  ? __pfx_chrdev_open+0x10/0x10
[  967.527421][T26681]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  967.533742][T26681]  do_dentry_open+0x748/0x1590
[  967.538597][T26681]  ? __pfx_chrdev_open+0x10/0x10
[  967.543526][T26681]  vfs_open+0x82/0x3f0
[  967.547581][T26681]  path_openat+0x2078/0x3140
[  967.552180][T26681]  ? __pfx_path_openat+0x10/0x10
[  967.557195][T26681]  do_filp_open+0x20b/0x470
[  967.561710][T26681]  ? __pfx_do_filp_open+0x10/0x10
[  967.566736][T26681]  ? alloc_fd+0x471/0x7d0
[  967.571061][T26681]  do_sys_openat2+0x121/0x290
[  967.575721][T26681]  ? __pfx_do_sys_openat2+0x10/0x10
[  967.581074][T26681]  ? count_memcg_events+0x122/0x290
[  967.586349][T26681]  __x64_sys_openat+0x174/0x210
[  967.591284][T26681]  ? __pfx___x64_sys_openat+0x10/0x10
[  967.596989][T26681]  do_syscall_64+0xcd/0xf80
[  967.601483][T26681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  967.607365][T26681] RIP: 0033:0x7f29ea38f7c9
[  967.611778][T26681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  967.631557][T26681] RSP: 002b:00007f29eb1b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  967.640003][T26681] RAX: ffffffffffffffda RBX: 00007f29ea5e6180 RCX: 00007f29ea38f7c9
[  967.647970][T26681] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  967.655922][T26681] RBP: 00007f29ea413f91 R08: 0000000000000000 R09: 0000000000000000
[  967.663875][T26681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  967.671825][T26681] R13: 00007f29ea5e6218 R14: 00007f29ea5e6180 R15: 00007ffc757902c8
[  967.679785][T26681]  </TASK>
[  967.682836][T26681] Kernel Offset: disabled
[  967.687166][T26681] Rebooting in 86400 seconds..