last executing test programs:

6m15.296813267s ago: executing program 2 (id=2211):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="7000fbdbdf252b6f0a0f22e5c93e0800000004000e0000000000"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = gettid()
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
kill$auto(r1, 0x11)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0)

6m13.609378547s ago: executing program 2 (id=2213):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0)
mmap$auto(0x200000000000080, 0x4000c, 0xffffffffffffffff, 0x9b72, r0, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05f36fdbec216350cbe3ee607d3e174415813e73eb444333acbe009e26246d5cf99d91957104006789c6c2eb6670fcd554697ded1916fba8ecdef3729d8367457ab78cbfa32c76b58a6326ea4c98b81896814c1b3d28"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000140)={0x10, 0x8001, 0x2, 0x6, 0x6, <r2=>0x0})
shmctl$auto_SHM_LOCK(0x8, 0xb, &(0x7f0000000240)={{0x0, <r3=>0xee01, <r4=>0xffffffffffffffff, 0x8, 0x1, 0x8000, 0x9}, 0x3, 0x8, 0x2, 0xfffffffffffffff9, @raw=0x1000, @raw=0x4f6, 0xfff4, 0x0, &(0x7f0000000780)="48fa20110a034bf7d9d1c8c5ce734b445f4f288f87859790659354433c506830e6c3c0b2efe4b822d6f6202e30af1da5b7125aefba900f156354dce6af482300d5de55f1dcac3c02b6c4c2b75fbf52b762a096e11935dc00919cc94163775e5496c24e701e601c7d5949280bbb1dc731635cfc7d09617f0c543fa6f2ac6beb6f585870307d5f714a244f288a8ade0f8dd46b61c7b7058d55e51a08ee82966251e4de21eedbaa", &(0x7f0000000440)="286d8cf53149100d68e15763c2d42a19a4561a84ea566ce9d75f960f829e19034ef30d52afa32c7d968b92ec1e3bb0f1f5db5d0a375635a09b09bda1a132bb7cbdc38feb4701990a6bf2841ca91ff4510b3b45c7b443f82f773b7c52e97ef4ae202ea4723dc1c9f9272a334b34221ac78bc126e85f2b1c43252d5ef0f68140f14bb6da33eb57e008658fc71a7bca848bcdb1143178ae02186e92c1808c1fef0b82963f064d8c82f77349d48959d90e23c2364df36c8d13523e574a6a944061557e56d50d62584126fec59448fefde2f397be43e844e8710350a119dedb191c3c24ad0dcdfef8d6d3787991f62709187fe12a8f60d60c2371878e"})
sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYRESHEX=r3, @ANYRES16=0x0, @ANYBLOB="000228bd7000fbdbdf252000000008000500290b0000ef01038008002e00", @ANYRES32=r2, @ANYBLOB="bc052c1075642b5476fbf748806374e4102e00fdfbdfcd2230bde510a4f385347929d2cafedbed1a7b5a00965db0d32fa18edcca19db837a9271d3a501068004001e000400558031aad20f91a867cc358c7511d69e6fdc3f61eee5cec9caf8c06d5a6644232d540087f5a9d4b2272c787dc4384421f4cac8aa2fd1fa8edf81d61964fabf382d543b1e3dbde15e10babdcf59cd260b4c6be708203885f68bb80d97053f384c824561fabaaf9c8e30aeda60374d400b9946e06ea6092f03a7239c238bb1343644ffc86efa9e308667ab070245464dd0613795ffdd9c2278e7c38bcabb343fabd8f7802e6b232a09d3a091099ed937f455ffa188d77b8a506f39c9804544085fc29ea080023aeb62ab0c1f3c253b4dff154769d53f1dc508", @ANYRES32=r3, @ANYRES8=r4], 0x20c}, 0x1, 0x0, 0x0, 0x2000c014}, 0x40010)
socket(0xf, 0x3, 0x2)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8e, 0x0, 0x0, &(0x7f00000006c0)={[0x1fd, 0xc451, 0xd, 0x4, 0x4, 0x3, 0x15f4da0a, 0x3, 0x1000000000000003, 0x4, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x9, 0x30]}, 0x0)
mmap$auto(0x0, 0x400408, 0x4, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r6, 0x0, 0x20000000001, 0x7fff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/info\x00', 0xa0000, 0x0)
pread64$auto(r0, 0x0, 0x200000000007, 0x4)

6m9.616430288s ago: executing program 2 (id=2225):
openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
socket(0x1b, 0x3, 0x1)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7}, 0x1fe, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3fc, 0x4}, 0xf3, 0x0, 0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
syslog$auto(0x2, 0x0, 0x3)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1)
socket(0x5, 0xa, 0x2000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
io_uring_enter$auto(0xffffffffffffffff, 0x9, 0xfffffc01, 0x4, &(0x7f00000002c0)="9cb0e925b6c933c1e84975dc16630bb8b0f266d7793d8229a9d6a5dfa1591faeb97caa277628e870ede4c8395f417b1d493e45805b63a07812b75f6cd4492fdea991c15d4023d9c188cadd85207071510b6e83adfd4a4c3357c9090be67ea8", 0x9)
prctl$auto_PR_PAC_GET_ENABLED_KEYS(0x3d, 0x1, 0xb82, 0xff, 0x7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2c, 0x6, 0x2)

6m6.279870024s ago: executing program 2 (id=2220):
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/range\x00', 0x40100, 0x0)
syz_clone3(&(0x7f00000004c0)={0x82000280, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0, 0x14}, 0x58)
read$auto(r0, 0x0, 0x20)
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
r1 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(r1, 0x0, 0x9aa, 0x6)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000)
madvise$auto(0x1, 0x9, 0xa)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9)
recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0)
shutdown$auto(0x200000003, 0x2)
clone$auto(0x6db, 0x1, 0x0, 0x0, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket(0x1d, 0x1, 0x7fff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)

6m3.510750419s ago: executing program 2 (id=2223):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0)
mmap$auto(0x200000000000080, 0x4000c, 0xffffffffffffffff, 0x9b72, r0, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="05f36fdbec216350cbe3ee607d3e174415813e73eb444333acbe009e26246d5cf99d91957104006789c6c2eb6670fcd554697ded1916fba8ecdef3729d8367457ab78cbfa32c76b58a6326ea4c98b81896814c1b3d28"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000140)={0x10, 0x8001, 0x2, 0x6, 0x6, <r2=>0x0})
shmctl$auto_SHM_LOCK(0x8, 0xb, &(0x7f0000000240)={{0x0, <r3=>0xee01, <r4=>0xffffffffffffffff, 0x8, 0x1, 0x8000, 0x9}, 0x3, 0x8, 0x2, 0xfffffffffffffff9, @raw=0x1000, @raw=0x4f6, 0xfff4, 0x0, &(0x7f0000000780)="48fa20110a034bf7d9d1c8c5ce734b445f4f288f87859790659354433c506830e6c3c0b2efe4b822d6f6202e30af1da5b7125aefba900f156354dce6af482300d5de55f1dcac3c02b6c4c2b75fbf52b762a096e11935dc00919cc94163775e5496c24e701e601c7d5949280bbb1dc731635cfc7d09617f0c543fa6f2ac6beb6f585870307d5f714a244f288a8ade0f8dd46b61c7b7058d55e51a08ee82966251e4de21eedbaa", &(0x7f0000000440)="286d8cf53149100d68e15763c2d42a19a4561a84ea566ce9d75f960f829e19034ef30d52afa32c7d968b92ec1e3bb0f1f5db5d0a375635a09b09bda1a132bb7cbdc38feb4701990a6bf2841ca91ff4510b3b45c7b443f82f773b7c52e97ef4ae202ea4723dc1c9f9272a334b34221ac78bc126e85f2b1c43252d5ef0f68140f14bb6da33eb57e008658fc71a7bca848bcdb1143178ae02186e92c1808c1fef0b82963f064d8c82f77349d48959d90e23c2364df36c8d13523e574a6a944061557e56d50d62584126fec59448fefde2f397be43e844e8710350a119dedb191c3c24ad0dcdfef8d6d3787991f62709187fe12a8f60d60c2371878e"})
sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f00000009c0)=ANY=[@ANYRESHEX=r3, @ANYRES16=0x0, @ANYBLOB="000228bd7000fbdbdf252000000008000500290b0000ef01038008002e00", @ANYRES32=r2, @ANYBLOB="bc052c1075642b5476fbf748806374e4102e00fdfbdfcd2230bde510a4f385347929d2cafedbed1a7b5a00965db0d32fa18edcca19db837a9271d3a501068004001e000400558031aad20f91a867cc358c7511d69e6fdc3f61eee5cec9caf8c06d5a6644232d540087f5a9d4b2272c787dc4384421f4cac8aa2fd1fa8edf81d61964fabf382d543b1e3dbde15e10babdcf59cd260b4c6be708203885f68bb80d97053f384c824561fabaaf9c8e30aeda60374d400b9946e06ea6092f03a7239c238bb1343644ffc86efa9e308667ab070245464dd0613795ffdd9c2278e7c38bcabb343fabd8f7802e6b232a09d3a091099ed937f455ffa188d77b8a506f39c9804544085fc29ea080023aeb62ab0c1f3c253b4dff154769d53f1dc508", @ANYRES32=r3, @ANYRES8=r4], 0x20c}, 0x1, 0x0, 0x0, 0x2000c014}, 0x40010)
socket(0xf, 0x3, 0x2)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8e, 0x0, 0x0, &(0x7f00000006c0)={[0x1fd, 0xc451, 0xd, 0x4, 0x4, 0x3, 0x15f4da0a, 0x3, 0x1000000000000003, 0x4, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x9, 0x30]}, 0x0)
mmap$auto(0x0, 0x400408, 0x4, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r6, 0x0, 0x20000000001, 0x7fff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/info\x00', 0xa0000, 0x0)
pread64$auto(r0, 0x0, 0x200000000007, 0x4)

5m59.405872044s ago: executing program 2 (id=2227):
socket(0x1b, 0x3, 0x1)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7}, 0x1fe, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3fc, 0x4}, 0xf3, 0x0, 0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
syslog$auto(0x2, &(0x7f0000000380)=']^^/W#\'\x00', 0x3)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1)
socket(0x5, 0xa, 0x2000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
io_uring_enter$auto(0xffffffffffffffff, 0x9, 0xfffffc01, 0x4, &(0x7f00000002c0)="9cb0e925b6c933c1e84975dc16630bb8b0f266d7793d8229a9d6a5dfa1591faeb97caa277628e870ede4c8395f417b1d493e45805b63a07812b75f6cd4492fdea991c15d4023d9c188cadd85207071510b6e83adfd4a4c3357c9", 0x9)
prctl$auto_PR_PAC_GET_ENABLED_KEYS(0x3d, 0x1, 0xb82, 0xff, 0x7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2c, 0x6, 0x2)

5m43.955295816s ago: executing program 32 (id=2227):
socket(0x1b, 0x3, 0x1)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7}, 0x1fe, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3fc, 0x4}, 0xf3, 0x0, 0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
syslog$auto(0x2, &(0x7f0000000380)=']^^/W#\'\x00', 0x3)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1)
socket(0x5, 0xa, 0x2000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
io_uring_enter$auto(0xffffffffffffffff, 0x9, 0xfffffc01, 0x4, &(0x7f00000002c0)="9cb0e925b6c933c1e84975dc16630bb8b0f266d7793d8229a9d6a5dfa1591faeb97caa277628e870ede4c8395f417b1d493e45805b63a07812b75f6cd4492fdea991c15d4023d9c188cadd85207071510b6e83adfd4a4c3357c9", 0x9)
prctl$auto_PR_PAC_GET_ENABLED_KEYS(0x3d, 0x1, 0xb82, 0xff, 0x7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2c, 0x6, 0x2)

8.163812408s ago: executing program 1 (id=2759):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0xfffffffc)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x9c, 0x1, 0x4, 0x200005, 0xa)
madvise$auto(0x7, 0xfffffffff7ff0005, 0x6)
setreuid$auto(0x3, 0x7)
r1 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r1, 0x29, 0x30, 0x0, 0x56b)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYBLOB="5e0027b4839f3015398d3b", @ANYRES32, @ANYRES32, @ANYRES64], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'})
r2 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x99, 0x2, 0x0, 0x5, 0x8)
mmap$auto(0x0, 0x20005, 0xdf, 0x15, 0x401, 0x2)
mremap$auto(0x10001, 0x9b5, 0x0, 0x3, 0x9)
r3 = socketpair$auto(0x1, 0x9, 0x4, 0x0)
r4 = socket(0x10, 0x2, 0x9)
setsockopt$auto(r2, 0x104000000000010e, 0x6, 0x0, 0x1a)
sendmsg$auto_NET_DM_CMD_CONFIG(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES32=r0, @ANYRESOCT=r3], 0x14}, 0x1, 0x0, 0x0, 0x4040001}, 0x4000)
ioctl$auto_PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000080)=0x1)
r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r5, 0x402, 0x2)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b)
r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010026bd7000ffdbdf25050000000c00010007000000000000002c00010004000000000000000c00010040000000000000000a00"], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0)
r7 = socket(0x10, 0x2, 0x6)
sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000040), 0x7, 0xa505}, 0x800}, 0x3, 0x400a)
socket(0x18, 0xa, 0x1)

6.856175303s ago: executing program 3 (id=2762):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, 0x0, 0x4000880)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.stat\x00', 0x280, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000003c0)=""/20, 0xfffffcc4)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_LLSEC_DEL_KEY(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0a0000004f560fc621930352aebb215a10", @ANYRES16=0x0, @ANYBLOB="100024bd7000fddbdf2528000000"], 0x14}, 0x1, 0x0, 0x0, 0x8840}, 0x4000880)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000940)={'batadv0\x00', <r3=>0x0})
read$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffffff, &(0x7f00000001c0)=""/16, 0x10)
sendmsg$auto_BATADV_CMD_TP_METER(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="28846ddcdef8f723097a284683f8784dba203db5c7170c358746831899115fd6a6c0207a1a5dda711cf86019a391bb3400b5124827760cb2877babdbea73f4ea152d258dad5f4c88b93383a127272642d6bc9be92c9c1b6a0a040b0741593e46ca2ae46297ff45b079e45b6c897b26547454738b622f4a85ead65367a8a7812e", @ANYRES16, @ANYRES32, @ANYRES16=r3], 0x28}}, 0x0)
ioctl$auto(0xffffffffffffffff, 0x921064a3, 0x1000000000000003)
mmap$auto(0x2, 0x40009, 0xe1, 0x9b72, 0xffffffffffffffff, 0x3)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x8, 0x2000000000002)
fanotify_mark$auto(0x0, 0x451, 0xa, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r4 = socket(0x2, 0x801, 0x100)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000005c0)={'veth0_to_bond\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex=r5, r4, 0x0, 0x0, 0x1, @relative_fd, 0x5}, 0x96)
socket(0x9, 0xa, 0xa)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x20000000001ff, 0x9, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da07, 0xffffffffffffffff, 0x8, 0x83, 0x100000001, 0x7, 0x8000006d3f, 0x9, 0xa, 0x7]}, 0x0)
write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x4, 0xfffffffffffffffd, 0x7, 0x3, 0x15f4da0a, 0x10003, 0x335, 0x5, 0x2, 0x100000000, 0x6d3c, 0x9, 0xc, 0x8]}, 0x0)
socket(0x2, 0x5, 0x0)

6.576662021s ago: executing program 0 (id=2764):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="7000fbdbdf252b6f0a0f22e5c93e0800000004000e0000000000"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = gettid()
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
kill$auto(r1, 0x11)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0)
r3 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x8)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)
sendfile$auto(r4, 0xffffffffffffffff, 0x0, 0x1000200)

6.544362499s ago: executing program 1 (id=2765):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0)
mmap$auto(0x200000000000080, 0x4000c, 0xffffffffffffffff, 0x9b72, r0, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000140)={0x10, 0x8001, 0x2, 0x6, 0x6})
sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c014}, 0x40010)
socket(0xf, 0x3, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0xffffffff)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
write$auto(r2, 0x0, 0x100000a3d9)
select$auto(0x8e, 0x0, 0x0, &(0x7f00000006c0)={[0x1fd, 0xc451, 0xd, 0x4, 0x4, 0x3, 0x15f4da0a, 0x3, 0x1000000000000003, 0x4, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x9, 0x30]}, 0x0)
mmap$auto(0x0, 0x400408, 0x4, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r3, 0x0, 0x20000000001, 0x7fff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/info\x00', 0xa0000, 0x0)
pread64$auto(r0, 0x0, 0x200000000007, 0x4)

5.84677848s ago: executing program 1 (id=2767):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="7000fbdbdf252b6f0a0f22e5c93e0800000004000e0000000000"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = gettid()
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
kill$auto(r1, 0x11)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0)
r3 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x8)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)
sendfile$auto(r4, 0xffffffffffffffff, 0x0, 0x1000200)

5.846518257s ago: executing program 4 (id=2768):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0)
mmap$auto(0x200000000000080, 0x4000c, 0xffffffffffffffff, 0x9b72, r0, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000140)={0x10, 0x8001, 0x2, 0x6, 0x6})
sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c014}, 0x40010)
socket(0xf, 0x3, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0xffffffff)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x8e, 0x0, 0x0, &(0x7f00000006c0)={[0x1fd, 0xc451, 0xd, 0x4, 0x4, 0x3, 0x15f4da0a, 0x3, 0x1000000000000003, 0x4, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x9, 0x30]}, 0x0)
mmap$auto(0x0, 0x400408, 0x4, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyr3/dev\x00', 0x40200, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0)
pread64$auto(r3, 0x0, 0x20000000001, 0x7fff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x8000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/pcm0c/sub6/info\x00', 0xa0000, 0x0)
pread64$auto(r0, 0x0, 0x200000000007, 0x4)

5.513226402s ago: executing program 3 (id=2769):
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r1, 0x0, 0xa2b0)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_secret$auto(0x0)
socket(0xa, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi21\x00', 0x14000, 0x0)
eventfd$auto(0x3)
bpf$auto(0x6, &(0x7f0000000200)=@link_create={@prog_fd, @target_fd, 0x80000001, 0xbca, @kprobe_multi={0x5, 0x6, 0x4, 0x8, 0xc66}}, 0x101)

5.484210842s ago: executing program 0 (id=2770):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="7000fbdbdf252b6f0a0f22e5c93e0800000004000e0000000000"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r1 = gettid()
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
kill$auto(r1, 0x11)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x42000, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000005c0), 0x2000, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0)
r3 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x8)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)

4.633374265s ago: executing program 1 (id=2771):
unshare$auto(0x7ff)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/fs/suid_dumpable\x00', 0x1a9442, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r0, &(0x7f0000000200)="747c144e31dd", 0x6)
r1 = socket(0x15, 0x2, 0x1)
timerfd_create$auto(0x7, 0x0)
connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/uapsd_max_sp_len\x00', 0x82, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/id/vendor\x00', 0x2000, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0x5)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
clock_settime$auto(0xfffffffe, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(0x0, 0x261c2, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socket(0x10, 0x1, 0x9)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd703900dbdf25598c000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x56bb82, 0x0)

4.545613696s ago: executing program 4 (id=2772):
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x1f53, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/modules\x00', 0x88400, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0)
mq_open$auto(0x0, 0x7e, 0x9, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r1, 0x4020ae76, r2)

4.283595046s ago: executing program 0 (id=2773):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio1/rate\x00', 0x2, 0x0)
read$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfdef)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x1c000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto_HDIO_GETGEO(r1, 0x301, &(0x7f00000001c0))
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x41000, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x258000, 0x0)
ioctl$auto_SG_GET_PACK_ID(r3, 0x227c, 0x0)
poll$auto(&(0x7f0000000180)={<r4=>r2, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto(r4, 0x4008af24, r2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0)
socket(0x25, 0x5, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)

4.156187465s ago: executing program 3 (id=2774):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
mmap$auto(0xfffffffffffffffd, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket(0x11, 0x80003, 0x300)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
madvise$auto(0xf4, 0x200007, 0x19)

3.883220603s ago: executing program 3 (id=2775):
unshare$auto(0x7ff)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/fs/suid_dumpable\x00', 0x1a9442, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r0, &(0x7f0000000200)="747c144e31dd", 0x6)
r1 = socket(0x15, 0x2, 0x1)
timerfd_create$auto(0x7, 0x0)
connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/uapsd_max_sp_len\x00', 0x82, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/id/vendor\x00', 0x2000, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0x5)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
clock_settime$auto(0xfffffffe, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(0x0, 0x261c2, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socket(0x10, 0x1, 0x9)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x3, 0x6)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010026bd703900dbdf25598c000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x56bb82, 0x0)

3.749993364s ago: executing program 4 (id=2776):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
mmap$auto(0xfffffffffffffffd, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket(0x11, 0x80003, 0x300)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
madvise$auto(0x0, 0x200007, 0x19) (fail_nth: 6)

3.630333038s ago: executing program 1 (id=2777):
mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0xfffffffffffffffd, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x3, 0x66)
madvise$auto(0x0, 0x20000a, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYRES16=r0], 0x20}, 0x1, 0x0, 0x0, 0x200080d5}, 0x40440f5)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
socket(0x11, 0x80003, 0x300)
open(&(0x7f00000000c0)='./cgroup\x00', 0x200001, 0xb5d1af1605322dff)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
recvmsg$auto(r3, &(0x7f00000005c0)={0x0, 0x8, &(0x7f00000004c0)={&(0x7f00000003c0)="444debcb5d4827b41b873d646e2663fb2d4aa24da78f4b3472bd8daf8c57304fe5302fe1869cfca458a5a39bd4006710640f6032088c509f0c082c1b04896afe04d524b8b80ce2949dae1a1d2bec705c343bc92a41212ae3ed0a036e67d0c6d7b35e6cb8956ef9b289a7e42615af9f0470dc70d3deea952a1d85a1a845530a190757f55d6e53993d1e8f22b49f44b8a5b9b989d8ed44e1a1f0002bb9f9c8813bee34cfb9b329b8b45794054ee04fdb17a945013b532f53854704c99cc8f02c1582b9c9", 0x3}, 0xd3, &(0x7f0000000500), 0xc, 0xffffffff}, 0xfffffff7)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0x2003f2, 0x15)

3.252531698s ago: executing program 4 (id=2778):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x1, 0x20009, 0x8, 0xeb1, 0x7f, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
mlock$auto(0x81, 0xffff)
madvise$auto(0x0, 0x2000040080000004, 0xe)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
syslog$auto(0x3, 0x0, 0x5)
poll$auto(0x0, 0x7f, 0x9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r1, r1, 0x0, 0x3)
fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004)
rseq$auto(0x0, 0xfffffff5, 0x0, 0x5)
mmap$auto(0x9, 0x40009, 0x9, 0xe7e, 0x7, 0x29000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)

3.16519838s ago: executing program 0 (id=2779):
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r2, &(0x7f0000000440)="671f264add69b6440843b6e6688a2b5ad9df2669e6f9cd9b6532b20ed763ac8caf4b9b4d", 0x24)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x80000001, &(0x7f0000000100), 0x80)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r0, 0x0, 0x6)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = memfd_secret$auto(0x0)
socket(0xa, 0x3, 0x100)
madvise$auto_MADV_NOHUGEPAGE(0x50a8, 0x7fffffff, 0xf)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x101802, 0x0)
ioctl$auto_VHOST_GET_BACKEND_FEATURES2(r1, 0x8008af26, &(0x7f0000000340)=0x4)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x3)
bpf$auto(0x3, &(0x7f0000000200)=@test={r3, 0x8, 0x5, 0x16a, 0xa5f, 0x8, 0x0, 0x7, 0x80, 0x202, 0x80000001, 0x6, 0xfffffff8, 0x1}, 0x101)

2.567270594s ago: executing program 3 (id=2780):
unshare$auto(0x7ff)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/fs/suid_dumpable\x00', 0x1a9442, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r0, &(0x7f0000000200)="747c144e31dd", 0x6)
r1 = socket(0x15, 0x2, 0x1)
timerfd_create$auto(0x7, 0x0)
connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/uapsd_max_sp_len\x00', 0x82, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/id/vendor\x00', 0x2000, 0x0)
read$auto(r3, 0x0, 0x20)
write$auto(r2, 0x0, 0x5)
clock_settime$auto(0xfffffffe, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
open(0x0, 0x261c2, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socket(0x10, 0x1, 0x9)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x3, 0x6)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010026bd703900dbdf25598c000008000300", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40010)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x56bb82, 0x0)

1.526095939s ago: executing program 3 (id=2781):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000)
io_uring_setup$auto(0x89, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0xfffffffffffffffc, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000)
unshare$auto(0x8000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
setsockopt$auto(0x400000000000003, 0x29, 0xd4, 0x0, 0x4)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$auto(r1, 0x80286f4e, 0x38)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r2=>0x0})
r3 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
sendmsg$auto_BATADV_CMD_SET_MESH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES64=r0, @ANYRES16=0x0, @ANYBLOB="0108000300", @ANYRES16=r2, @ANYRES16=r3], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x140080e4)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
r6 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETTRIGGER(r6, 0x80045010, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20005, 0xdf, 0x12, r4, 0x4)
open_by_handle_at$auto(r5, &(0x7f0000000240)={0x1c, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa1550488efa19b"}, 0x2)

1.493263179s ago: executing program 0 (id=2782):
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, 0x0, 0x40080)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0)
r0 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x24000, 0x0)
fsconfig$auto_SHMEM_HUGE_ADVISE(r0, 0x2, &(0x7f0000000140)='%\x00', &(0x7f0000000180)="2d818f960c0bc3c947687197bd029b141c4c1ea2bb5a147d7d779a5d1c8a43", 0x3)
chdir$auto(&(0x7f0000000000)='}[,&*}\x00')
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
move_pages$auto(0x1, 0x2000000000003, 0xffffffffffffffff, 0x0, 0x0, 0x8000000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto(0x5, 0x1, 0x4b, 0x0, 0x9)
lseek$auto(r1, 0x9, 0x1)

498.417466ms ago: executing program 0 (id=2783):
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
getdents$auto(r1, 0x0, 0xa2b0)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_secret$auto(0x0)
socket(0xa, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi21\x00', 0x14000, 0x0)
eventfd$auto(0x3)
bpf$auto(0x6, &(0x7f0000000200)=@link_create={@prog_fd, @target_fd, 0x80000001, 0xbca, @kprobe_multi={0x5, 0x6, 0x4, 0x8, 0xc66}}, 0x101)

427.883231ms ago: executing program 4 (id=2784):
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x30, &(0x7f0000000100)={&(0x7f0000000780)=ANY=[], 0xf5c}, 0x1, 0x0, 0x0, 0x4044055}, 0x10)
recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0xf240, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x50}, 0x80000}, 0x10c, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x4}]}, 0x24}}, 0x4000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB=' 6\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd7000fcdbdf250300000004000180083601"], 0x3620}, 0x1, 0x0, 0x0, 0x20000000}, 0x200400d0)
fadvise64$auto(r0, 0x7, 0x3, 0xf0)

241.716488ms ago: executing program 1 (id=2785):
openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
socket(0x1b, 0x3, 0x1)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, 0x0, 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x13, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7}, 0x1fe, 0x81)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3fc, 0x4}, 0xf3, 0x0, 0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
syslog$auto(0x2, &(0x7f0000000380)=']^^/W#\'\x00', 0x3)
sendmsg$auto_ILA_CMD_ADD(r3, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040880}, 0x4)
syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1)
socket(0x5, 0xa, 0x2000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
io_uring_enter$auto(0xffffffffffffffff, 0x9, 0xfffffc01, 0x4, &(0x7f00000002c0)="9cb0e925b6c933c1e84975dc16630bb8b0f266d7793d8229a9d6a5dfa1591faeb97caa277628e870ede4c8395f417b1d", 0x9)
prctl$auto_PR_PAC_GET_ENABLED_KEYS(0x3d, 0x1, 0xb82, 0xff, 0x7)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
socket(0x2c, 0x6, 0x2)

0s ago: executing program 4 (id=2786):
mmap$auto(0x0, 0x20009, 0x4000800000df, 0xeb1, 0x401, 0x400000000008000)
adjtimex$auto(&(0x7f0000000200)={0x5f95, 0x0, 0x2, 0x2000000a, 0xff7d, 0xbc58, 0x4000005, 0x0, 0x5, 0x8, 0x80000000, {0x7ff, 0xf423f}, 0x2744, 0x200000001, 0xff, 0x7, 0x0, 0x3c8, 0x8, 0x8, 0xffffffffffffffff, 0x1560cc85, 0x9})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/020/001\x00', 0x80000, 0x0)
socket(0x25, 0x1, 0x3)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8)
mknod$auto(&(0x7f00000000c0)='./file0\x00', 0x1001, 0x804)
socket(0x1f, 0x6, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0xa8201, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x7ffe)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'bridge_slave_1\x00'})
close_range$auto(0x2, 0x8, 0x0)
r0 = gettid()
waitid$auto_P_PGID(0x2, r0, 0x0, 0x4, 0x0)
socket(0x10, 0x2, 0x4)
r1 = socket(0x1d, 0x2, 0x7)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r3=>0x0})
bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r3}, 0x6a)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r5=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x8, 0x7, 0x1, 0x9, 0x20000000000002, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0x5, 0x2)
close_range$auto(r4, 0xffffffffffffffff, 0xffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r6 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000)
timer_create$auto(0xb, 0x0, 0x0)

kernel console output (not intermixed with test programs):

over after parsing attributes in process `syz.0.1802'.
[  980.130930][T17753] [U] 
[  980.133675][T17753] [U] 
[  980.136370][T17753] [U] 
[  980.139324][T17753] [U] 
[  980.178021][T17753] [U] 
[  980.180820][T17753] [U] 
[  980.183570][T17753] [U] 
[  980.186312][T17753] [U] 
[  980.189322][T17753] [U] 
[  980.192046][T17753] [U] �7�9Ĭ�k�6�W\���g֨����:��9��)�/��f/`�b�#�'��8�Z��_����LQ���mr��
����]�b�q^��eN������	As��UΟ��E@H�*������s������b���_����`��IEn�I�8Z��d�����H�m�\_�����Է����,Om؋��(�<w�i.���P
[  980.213099][T17753] [U] ���m�f�a0!��Gk�xrD�G�
[  980.218174][T17753] [U] L���{g�Ӑo���5�Uf�)���.4x�����<��Y�p�͉✢����צ�Zg��
T��:��$f��	�!�#���2l{н����a�E\P����݇�B�ea>�/���iDs^�`���(1�H�.�����_��Ð�*�@r����s���|߫[���fM6�ʮ���V�
[  980.236471][T17753] [U] ����6��"�%�MuΣ���d&{�4��r뭢�c�-��1�?8z&Ihӥ�7Ǟ}�L{~��|�N�>��-�a�UG}�w��7������M{7ӕSl~��u�l]c�^�wq��x��2�>q��"W
[  980.251443][T17753] [U] �RBѴ*�V�=y�`���Ԝ��5+�ϨE�����;�q���лpTA�Nhq-Q*����#��VA��|̩ChՊ�k�%��z�T��:ts
[  980.262580][T17753] [U] �(5�-]>b\_%��Z:�I~���Ifɟ�������x1��U��m>�*WG��noȾ�?��a-àcƾ�vxKy>"�'�^�
[  980.272413][T17753] [U] '�*RL�޷�������;rE��HK��x�䘪��ļAL,���񟘲���l���$l�߬2���7���v��Q('�ק�c�>I���D��N3>2��9(*;)ю9�]�Y�z�lb'F_*rj�u;�&/QZu��h*˃BմQD�2�"x#�7sG�gD�4�dT��V.�ԕ}�(�"��я5��~�K�/"c�\
[  980.292569][T17753] [U] ���,:�v���`gwS׵�]LL���.��� �R�
[  980.298566][T17753] [U] ��ut����یܒ�C��ZU8��p�o;�j�t�
[  980.304470][T17753] [U] ���T�q��n�3%.W79*�eZ2�UeP��ι�ejۂ%�&�)�7�*lt
[  980.311582][T17753] [U] 4���b�
[  980.314781][T17753] [U] ,
[  980.317566][T17753] [U] h��K�=KPOSp��������ߪ�7��B����Q���;�����"a�}MM4 a�@(~!��2�W3GT�o�p��9;��ןe`'�E�1��Ŧd��0�C�<�&�o�	n \Ag���&й�o�Z�=�y�J{g���“����a���8���۶�jn
[  980.334503][T17753] [U] ;�v���p�R	��Kۉ���vW�2�٨û�
[  980.339983][T17753] [U] ��cWO�3�����Uł~���i�Ȑ��ǡ	��
[  980.345755][T17753] [U] �%Z0�:�vY���GA�M	u���E�
[  980.350785][T17753] [U] ��
[  980.353636][T17753] [U] `��
[  980.356750][    C0] vkms_vblank_simulate: vblank timer overrun
[  980.515211][T17753] [U] Jz;�Q�4y&'�^>����.��uı�CdOG��s}2\����[��r��|2?�k-qA�R5�
[  980.523308][T17753] [U] 
[  980.526037][T17753] [U] 
[  980.528726][T17753] [U] 
[  980.565076][T17753] [U] 
[  980.892986][ T5872] Bluetooth: hci1: ACL packet too small
[  983.817259][T17762] kexec: Could not allocate control_code_buffer
[  985.882707][T17837] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  985.919803][T17837] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  985.925885][T17837] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  985.966910][T17837] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  987.022313][   T30] audit: type=1326 audit(1757568893.436:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17849 comm="syz.3.1813" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0558f8eba9 code=0x0
[  987.488876][ T5872] Bluetooth: hci0: command 0x0c1a tx timeout
[  987.967930][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  987.974128][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  987.982105][ T5872] Bluetooth: hci1: command 0x0c1a tx timeout
[  990.283559][T17893] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1818'.
[  993.609439][T17952] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1826'.
[  995.810861][T17983] [U]  
[  995.813693][T17983] [U] 
[  995.816502][T17983] [U] 
[  995.819215][T17983] [U] 
[  995.886516][T17983] [U] 
[  995.889294][T17983] [U] 
[  995.892039][T17983] [U] 
[  995.894772][T17983] [U] 
[  995.918019][T17983] [U] 
[  995.920805][T17983] [U] 
[  995.923553][T17983] [U] 
[  995.926295][T17983] [U] 
[  995.968906][T17983] [U] 
[  995.971716][T17983] [U] �u��.�&����u�D�$\[;�2�K`b�P�������3�3C4���S/(��O_����[�m~{�Ph�R����:nUʃ�D�:#4��F�!�zi�n̇`�n�ӳ�E��چ�l]1��'�G
[  995.985266][T17983] [U] �c�O��
�d�杇#��f��$握F�d��0,��B�y3wlG&��D���zF���mw��2�c
[  995.993629][T17983] [U] ҋBE
�$�J'
[  995.997389][T17983] [U] /�VM��^q?v���q�	���d��+�p��_[��N�~�< �~�ٴ&զ�����Y
[  996.005168][T17983] [U] 'q�8���٭ҽs�느ޜ��)����;JY�X�GLm�^�V[1�C�+'�tTH	I�q����.�x��̜�����)K])S��rk{\�]Cc|\�K
[  996.016149][T17983] [U] ��k����N���/�C�����2&k(��b�p]
[  996.021839][T17983] [U] #�%!�G����#��R%?s���di]�A���O�ųf��
@Z��J�b%�>�Y��L�OO����~B�XMk��":2XzB(��AŒ>�ѯ���`���Pn#�}���B�UA����U���n�w}�����1wSm �Y��J�!�D<�}g�)�;�va����]�����������bJ[B�<�9�!b��l��i��k%��	9���'g�"�U��ض�X��*��
[  996.044719][T17983] [U] ����>H�f+������O]U��%#�7u?Z�@�w���"�))����t���V��`W���܍�3B��W�4����{����W��`ͼ�/����`�������h*�ţ�"d�hr����3*js^2�8y�
[  996.059330][T17983] [U] aS��02=n��>���Nf��H��Y�I%9:/2�27��=e%�؀��mRAB3`n!a�F����o�6$a�s0ݪ���e͕���}a���{i_Lo��f�������ն*���<]z����#L^��2{d�����C%�YJ��)"�k��N��&ՙx���~P'���O�
[  996.077873][T17983] [U] �ٓy5Nw| �c�8�������7�����i��+�J��=ԎW4D����
�ӻ�&"_�ߛ��]�*�;,v%3`U8���=���C�/�l�nr�����/�B��⾡;M>bA��P�T�<��{W��}��v6��6�l�X����gm�wl��sl���R~&��<�E���r��)����R��j%��/��K2Ť�[��y�摁а.��j�0(��%Y=���͙���U���KI�=0|�
[  996.102640][T17983] [U] mQ�m�qd!?Z6���� +�F�*
[  996.107455][T17983] [U] �D5$B:y�c��;h~4^u
[  996.174986][T17983] [U] 6X�x���Z++3��MH����-[o�Ō핈��VٕoF�q��L
�,���=nP��Ǿ�6�EG����n����So?��<�R�VP����p��:
D�J����U��'2~`t��G��5l����'��jڿ߭q��;��順���#yK���5���S\�mI<��v����27h,�X@$��	/G���8��=�*�QA	�X�[^���
[  996.197210][T17983] [U] �\ެ�Z�����배���!�{���ZQc;y��M�g�r�9�����֊q}7wL�'Y�Y�Y����[\�{Ю)uS}�sO�F��+E�a�vP��At�Ů�7��kd�Nn�����]��c��
[  996.211297][T17983] [U] ��T�*��`s�3�>T�A�م����k��rM���5�a<…���K�J��2)��]�:�������������.�0v2��]'��l	X�-%�}I�5<�3�L��RE]���u�3��rG�����(��6HɁ�
[  996.225903][T17983] [U] q��R]�y�~ET���Q�?�-TM^�k�
���~j��
[  996.231899][T17983] [U] ����*�H��U����f�k�tM�O������H3��.�n���@��>�1�.�Xެ:0ٍ���8�T}=�{"-jI�@�*U�S
[  996.242159][T17983] [U] z2�ԑ�6�Dˮ�hf)OO�ĀC��A�@-�p�I�'L����?���0V������*�
[  996.250404][T17983] [U] ��j
[  996.253377][T17983] [U] ���%�3�F����~
�&&��ٮ.�p4Oxo]�_�C$�j�EK���М���(�1&o�9�ԓ��>�wl���"�@�B�� �$]��q���K��"��M"�A;b	.v�g��9�Xu���pt=�+�9lx��#����i�o(�OPi�Pg��BF͎�w�/�&nX�0S�O5d������Iw[ku/���:�]��E�¥����k�JF�է3�ME�o��=f�b��	��4T� /���J�t�4�7��Y05mP�=��l(.ĕ7z16әo�lf�&�>Sŭ��
[  996.282066][T17983] [U] �4woj��8	��)V�"F�X-�;�\�y<�t5;'�`8u�P$�+W9[�Ok%��
���FH�m�e�d�̛R=j#�N���5��*�dž�8UG�~��SZ���\F�X��4��b1s
[  996.295715][T17983] [U] �M���#f��K��b8��^$
[  996.300487][T17983] [U] a���;�%{�E����L���F7��,<X���̋��-�-�,��}a~��
[  996.307866][T17983] [U] [֕����I{�'��0c�y����/lN���
[  996.313162][T17983] [U] '�'Ci{�o|Q��đ�,-Ry$�#��:�O::(�t|0/9�'W���3cb�l��|�zȷ&�S�U2�Hu涰p��O`.��d0�p��ߋ�~K6!��uv�~��
[  996.325400][T17983] [U] jU�(u��;�\y,
[  996.329222][T17983] [U] �O�Tк'��0����h4��@�����JW�T6�A/,dooB�� �1.`§H;���ǃh�g�ɻ���G��~7��d1�$�<컞����8z�ϭڣ-�$V�q����C���Ûy����5K%���1��	����O��;b�X��z	�ȳvdδ�[���"ʈ�7��~��pGE"|$�]M���;�w%�
[  996.392851][T17983] [U] ���=؎�bTj�.���˖M�sL��>u,��k�2���`tO"w�F\���8)݆d>e�zۈ�P��O2	�Ǻ|<)���T�|�n㕩�����Yg��.�]}�����q7���n�&�6V=��^�>��iP$税o��HɁ"*Ԃ�����e8����
[  996.410255][T17983] [U] z⢋v���m�Tdgަ�b�a��Y�7��\�P�N���I�0`~j�]޷�?�G��Ӹ�ξ���<��0�al�n+x
��I��W`B_����>:������+�')i����|(!������ڎ��R�c���m�-߇O�m���n4�m��%.�,�W�����v�r���,�5�ec���,gVk��\ᶻ�p��m.-��>x�H����֛�E^]�"2&�C�T�݉9(�P@���t,<�Z��-K�R����
[  996.434812][T17983] [U] ���p����w��u��"0���GE���r�(i|F�w�C�5�iý3]p�Y"pd���E�
[  996.442587][T17983] [U] �(�"�w`�OS,��|i�9��/����^T����F�y�Wa�R'=)g�WLT��_�#��n��f�����9�La��t5-&����@�4��ހ�}oWv۔n�O��78�F�c�;�e�4�Y�kMԫa����|�2�q��bs�}��O�ౄs�Ю�5s��ڽk
[  996.459845][T17983] [U] �SV�P�q^�$�,�������*i���m�������չ�b
[  996.466313][T17983] [U] ��y*���y�w��j��C��
[  996.471210][T17983] [U] ��6�p�%w���
[  996.474964][T17983] [U] ��NXr�O��x| 
[  996.478890][T17983] [U] ��3�۳�&Q3MCg�������9�n*��kv���R-�j�q�.����w�������KLT�
[  996.486730][T17983] [U] X���*����C�8���v��E'�}f}�
�#�����-��*d�&
[  996.493434][T17983] [U] ,��!��h��(�i\EE%���ɱ�w��
[  996.498695][T17983] [U] o�D�.YG-���c����O������DzD�U�wD`m^;X��c��C	���e�?����=�'��B�g�(�X,ʷ�Os�>���O��@�^;��P`d�c��Q����A��K������� �Nb�*h�1��/�^���m
[  996.514005][T17983] [U] �����l�k��f���s��Fd�
[  996.518882][T17983] [U] h�-���*�
[  996.522538][T17983] [U] ����
[  996.525780][T17983] [U] ��<��svd��I{\
�c+g���$��;��	���~->g�\�H7W׬aW3�so��oOO"������r�����{ӢP�צT���
[  996.536139][T17983] [U] �Hб��!��<�ol8���Új�b�|����
[  996.652168][T17983] [U] �R�X)���[�
[  996.655833][T17983] [U] 
[  996.658569][T17983] [U] 
[  996.661315][T17983] [U] 
[  996.664831][T17983] [U] 
[  996.667586][T17983] [U] 
[  996.670318][T17983] [U] 
[  996.673047][T17983] [U] 
[  996.676543][T17983] [U] 
[  996.679304][T17983] [U] 
[  996.682035][T17983] [U] 
[  996.684770][T17983] [U] 
[  996.687792][T17983] [U] 
[  996.690883][T17983] [U] 
[  996.693621][T17983] [U] 
[  996.696352][T17983] [U] 
[  996.730376][T17983] [U] 
[  996.733140][T17983] [U] 
[  996.735890][T17983] [U] 
[  996.738623][T17983] [U] 
[  996.761221][T17983] [U] 
[  996.764095][T17983] [U] 
[  996.766851][T17983] [U] 
[  996.769606][T17983] [U] 
[  996.790702][T17983] [U] 
[  996.793568][T17983] [U] 
[  996.796534][T17983] [U] 
[  996.799269][T17983] [U] 
[  996.806625][T17983] [U] 
[  996.809573][T17983] [U] 
[  996.812301][T17983] [U] 
[  996.815032][T17983] [U] 
[  996.828614][T17983] [U] 
[  996.831366][T17983] [U] 
[  996.834149][T17983] [U] 
[  996.836840][T17983] [U] 
[  996.848277][T17983] [U] 
[  996.851059][T17983] [U] 
[  996.853790][T17983] [U] 
[  996.856484][T17983] [U] 
[  996.868574][T17983] [U] 
[  997.443984][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  997.450795][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  997.955039][T18001] mmap: syz.1.1835 (18001): VmData 46071808 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data.
[  998.428270][T18014] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1840'.
[  998.929419][T18019] [U]  
[  998.932279][T18019] [U] 
[  998.934979][T18019] [U] 
[  998.937673][T18019] [U] 
[  998.953240][T18019] [U] 
[  998.955982][T18019] [U] 
[  998.958708][T18019] [U] 
[  998.961452][T18019] [U] 
[  999.020652][T18019] [U] 
[  999.023431][T18019] [U] 
[  999.026681][T18019] [U] 
[  999.029394][T18019] [U] 
[  999.032607][T18019] [U] 
[  999.035427][T18019] [U] 
[  999.038125][T18019] [U] 
[  999.041014][T18019] [U] 
[  999.046908][T18019] [U] 
[  999.049660][T18019] [U] 
[  999.052408][T18019] [U] 
[  999.055205][T18019] [U] 
[  999.062476][T18019] [U] 
[  999.065256][T18019] [U] 
[  999.067975][T18019] [U] 
[  999.070672][T18019] [U] 
[  999.087385][T18019] [U] 
[  999.090160][T18019] [U] 
[  999.092898][T18019] [U] 
[  999.095639][T18019] [U] 
[  999.114577][T18019] [U] 
[  999.117317][T18019] [U] N3��T��m��uU�-xig�I���"7Th+�O�^�X8����d|a���pf�M�-[dg���'�\����x.�3
[  999.126083][T18019] [U] �@w�8M�o�1O�~]��`"�\�t9���k5C������3��*�,��b��/�f�/~it�f�l��|�L����&�c����h��˯�9+
���B�Y�&���hH�y���*�
[  999.139964][T18019] [U] �7He�lm
[  999.143336][T18019] [U] )
[  999.146177][T18019] [U] <���J�*�����d��]K6my#
[  999.151050][T18019] [U] �K�q�.�5.��DJ�7f�g��*��(�/)�04�e�4k��I���N�#�@����O��Z�ENL�rRL���پ���g\���n"z�ψ�+��+�Hn	b��݂Ӗ]s3���ß��W���">C��f�m�G���w)��(�U��
[  999.166758][T18019] [U] Hh�m?f�=��5��
[  999.170703][T18019] [U] �J�a�?�r{&�N�$x(��
e������Œo������U�[̔��ѝ�ф��(�_%�?,z�;�p�xطI��^;�ԫ}���"i���T8>P�3��Ҽ�bD�
Q����v�ZQ�I)���zI�<%�$���W1��=
[  999.186105][T18019] [U] Y-��]����M��Mk�i�cF���	/�#qZcL?�b;�]E8~e֨�V+�#
[  999.193849][T18019] [U] Qc����I�@�iO��B�#�c�b
[  999.198720][T18019] [U] !2�6��.��(��9����C��Ɏ}���t�vFgkᱸ�ɯ9��SMPSP=5s,G(vK*k���<�
[  999.207228][T18019] [U] 6g��U�!��oP�>B��?��jh���H����\�C�@"��퉣��qpT��DХ8[�#?ͯ)g�;Z�Y�y)q�D�Q�4��!W�E%�䎬����
Qs]&��YV~8g��{e��aoφ�*X����Ǵ@�ܩ�2���cEq/y›y�oY�Y��%�HR��k�;���V:�,Ζo�XAvb˔9467T��x�.Z3
[  999.227889][T18019] [U] c���`T?��Kj5
[  999.231786][T18019] [U] +U�=%4�xB��(�8���XU3Q�j���e��yE��ܢ3Hu�T`2�Ĕ���;y���:����E�?gy�D0��7�,��WQ���3�;4������p�E��a�5'���W���%~�嵪�ݐ[��IQ�����+v��� �-E�����Ջ6��01G�o��g�*d�A�b4
[  999.250188][T18019] [U] j/wj2��j�47���V� �"ä@��8W<��2�_��Y����Ĩtp�&OM���5�5�#rH_��C����\P�u��
�R\�!���r���q]M�Ԃ+�>�y�5̢ՅupW�����<x����}�d���&2(�/���V
[  999.265989][T18019] [U] 洪�����n`mB�k8kS�S����\�N�TA�u�ӹ��[ϟ
[  999.272324][T18019] [U] }�p(3������3͊�w;����I���Я�5F��k��q���M��^;�[������|�z�#]N����8��]�.
[  999.281385][    C1] vkms_vblank_simulate: vblank timer overrun
[  999.318319][T18019] [U] ���r-�w�E�˻����/YD>o2-�֨M�M�W��T=�v�(
[  999.324895][T18019] [U] �!����=�����*�L�b3R�e�1;��<�.��;�!|Zv8Xw�v&~R�T�̎�� g�	�_�����V�1��?}�1۾Ѫ�9E������a��f�i��ַ�K�w���l�W�(V�1�ïB5ʬ�d5V�0�E���uk��x҇~>m��aMp����jj�ى	��k&"�N�ӷ{(	�j߿�T�ۛ�5���黰r�(�8��mɞ��|��8�>�8\)]v�J
[  999.348601][T18019] [U] ���m.;<v���w���	�a��ɨ���qe����7��/
[  999.355545][T18019] [U] �:�>�"/�-��W��*
[  999.359519][T18019] [U] �_��B~�ݲ
[  999.363055][T18019] [U] ��
[  999.365900][T18019] [U] ����q�:ș�io�r����Q�/�!�^����
[  999.371175][T18019] [U] �E��q@�c��Ұ7�s7g��|�g����)>-�J�G����|
[  999.377584][T18019] [U] �324P��'㟃�\�7�F�7ň�e�ͲN����+~܌���	b�0�,���9�����?
A#�_
[  999.386088][T18019] [U] ����
[  999.389216][T18019] [U] .����4

[  999.392696][T18019] [U] F}�D�~�}��{ȑvƾ���S������8�)�����1t��Qn�	�Mp����D�p����e���.�"^��M�Nӑ_8]�{�-
[  999.403123][T18019] [U] 0�.&`��,#�jY�ٓG)9�&׬5v!��,R*O���)�Cca�A�.�!�?r^H�^5��,�����ar����a	ua]��,-a�w1��	����!O!V9��zE��=�LS�$
�Ǚ�98��4;	�Q�dyZ��֝X�k��P�����&�L����Y/�̔��}�W(56\��1�y��,���k�MÒ��d��i�D3�
[  999.424165][T18019] [U] C���]_.�7��X|Mr zJ;ӈe���0N��nE�W�&�K턻ZJ�b-mW�hH�(dC�>���cX���>�q��;��@p�E�%-/z'z�w���:����.��CT�f֓�F](:[�A�p"�r,�
��x��;͉�Bk!�3�y��N��Wi#����Gk����ˍ���.�]���Qɣ��w�lݬz�[=&����KL>��Z�Y29��1��S3~����~�3����Ҏfg��1@�]3��=c���޲��s�2D��}<����� �\+�_5^@&s�յR4�#��)���T!��=���~��!�=X���ӝ�-t���o�]�j��7��Gz/�?
[  999.457694][T18019] [U] �:������2e�so�o�G���AσfɎ��h�k��7����m�R�X��A�n�� n޲˽J��%��` ��svfWz�)����o�@SG~��f��u{�LNP�A!$Оw I�}�p?��S)�W.���ІD5Տ�#ɔ���2�	j���[��'ZkCn�i��M�"h
[  999.476030][T18019] [U] s^����X���䲽�
[  999.480052][T18019] [U] ?�b��(�zj�l��.1~u���l`U���3J8��ET��$Ep�xq����ْ0
[  999.487381][T18019] [U] AV�0�+	@�����@�
[  999.491575][T18019] [U] ��vࣷ��'���7�oe#���`t$���<�O@�g�k��~?�
[  999.498080][T18019] [U] �8\�/ �����D6IF�ܬO���C����H��e��w<�&TN��s
k�f����-�U>�dR�A]�je6��G����W3H���]%{.�:�O�A�
[  999.509808][T18019] [U] 
�vE��4�m �+�5T�-�|s���E>y�];q��ǧ!J�j�����H�zp�r���f�z���󾥗��X�v�����!�\]O���f���_�#�Y���k��r}Ximł��,�ԅ\.��Ʀ��l��|.��Gt�P�B��F��+e����P��{-�cC�&7,� �Y� �zUDW�۱�ex����g_�@)IbK2��~�t�`f
[  999.647167][T18019] [U] �_���hW�ET/b$)����?3:��Ā2�տ�!��D�'qY:7�8�F������&	�>�Y�0?kB�x_|������^��휵�������/„J��$VП4Њ�T�����`���[�&�c�����
[  999.661058][T18019] [U] $�����̵#��֠!l�޳��1��d�[����X�ucG�0/��e}���蔔&q��T�|ŗ���ʳ�ޝ����I�ш����-p���jm�;���]s5<6.x�g�z����lU����9#9t.p2�>�V �mO��f��
&������P-��`�B�O�`�3,=��oz��
[  999.679769][T18019] [U] ilʢ���g����1KW�U|���>�j�[v_�c���%���-Q�d9<q�ϱ��l�
�WҎ<�p@��&����A�|F����"�냓�뾒�ۦ�6s�}��	�
[  999.692649][T18019] [U] ���d��)U2�M�l
[  999.696581][T18019] [U] ՠݣ��wz�&�H��o��@��!����~ئ������v��9��>��h#Ꮈ�(�}���&�1:�Wucv�vG��r�ܟnZ����eG����7
[  999.707844][T18019] [U] 	�f�E�1
)`��3l���������;�j77F\�2��%�̝G���{ ٠�",�N%���PTV�zTU�@a�G��+�(��c"��i_*sX�6^
[  999.719440][T18019] [U] _uU�/��D�ty��J"ò��_q/�Nl)�AV���T��R:0N2Q��*o���qe�(�J���}�At\��d��&+��Ik��X!���m=�2Ö����W��8��x/kĒ���H͋Xaz�b�^v�>���1Ȇ����oӥ�|���Cw���UJ�yQ�
[  999.737014][T18019] [U] ��IY��pq~��T�jB��M8�=�+��8�
�8�Y�m���&�;���F�GB��^4ej�
����a䮐�HE�ƪ�!�~	%����0d�t�2I��Ji�`��BW�}�+�z9'@|E�;���F���C�h_L����t��M���Êz��[����w���9i
[  999.754585][T18019] [U] Ĭ�>BY'�s�T��,��w��g|g+�Rk�Ewߕ�*-����F�z�K�Wr��j���X)�Y���8Î߱���
�P�~�5�څ]J�wY]�J���WR�3���
[  999.837072][T18019] [U] <Z$�z�2�'�L��(g�V{��7���ɬ�1�H�#�IA.��}�n�n���
��,ω4����+�Z��(����sz�!�vN���X�4����к�%@R����Ki�4����E��E2?�+' {N@낺}�#��)�|��=�.�&ۋX~��!��B�a��`�)�����l�+�%i����O��0{�(!��8$���e�:��k�q�p�4'<��{�k�&&�`�r��H&���r������^���T}�C9�Ʋ�@D7
[  999.863799][T18019] [U] 
[  999.866504][T18019] [U] 
[  999.869199][T18019] [U] 
[  999.871975][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1000.000012][T18019] [U] 
[ 1003.953211][T18103] [U]  
[ 1003.956033][T18103] [U] 
[ 1003.958728][T18103] [U] 
[ 1003.961420][T18103] [U] 
[ 1003.983068][T18103] [U] 
[ 1003.985801][T18103] [U] 
[ 1003.988501][T18103] [U] 
[ 1003.991219][T18103] [U] 
[ 1004.057831][T18103] [U] 
[ 1004.060695][T18103] [U] 
[ 1004.063393][T18103] [U] 
[ 1004.066089][T18103] [U] 
[ 1004.116250][T18103] [U] 
[ 1004.119033][T18103] [U] 
[ 1004.121782][T18103] [U] 
[ 1004.124612][T18103] [U] 
[ 1004.131254][T18103] [U] 
[ 1004.187141][T18103] [U] 
^�1��+���Z�1u�}��qy�`s�4��
[ 1004.273623][T18103] [U] BP*��t�ׁ��
[ 1004.277661][T18103] [U] �D�6l��
[ 1004.282247][T18103] [U] rŴ	gS�ܜ[�H'�zB��u�͘��meڳ�s���h�L�E�A�i
[ 1004.302427][T18103] [U] ����ܤ��@1
[ 1004.311892][T18103] [U] <c,�B_�E�=�Dm]�T��}�;�e�p��"t������t�2(��ϛYD�q���'/�A�j��Qu6�Q��z��T�8T��a�4m���Z�f�6�yى{u`�����%_g�uU���p4^0F���+_7Я�ē$L�ʕ���Ħ��c��-u?�F��/���~ �ׯ�g�����Q�N�$�ikR4�9HE�#)3�̀�*�X��/7���|�D9I��h��|�����X,/�����"�o��c$�Q[�/Y7󰺪�(
[ 1004.339473][T18103] [U] �!�}~Ҁ�0+��?o��R
[ 1004.343834][T18103] [U] �K	�A�0k��
[ 1004.354880][T18103] [U] ,@P�8�OAՔ����.L*5P�����6�f�������	�Dt��������"n�b�Љ"X�5xݾv�x�O��E�eɒg%��ks]8
[ 1004.389536][T18103] [U] ����d+u��-;)�)���T6T/�d�Y^�>Ew�7:Q����\�#cP�L
[ 1004.396991][T18103] [U] �Z�p�}����Wi�e/9V>xD�}�X{�SS�뎌S6�>�J̀ܙ*�������ִ%����
[ 1004.405279][T18103] [U] ӿ�o�~�&��Y��J��@P+�Dg�C�Dw�� ��{��B����}em��~T�JO7mǎ��F����b(��^�T�z��J�
[ 1004.415079][T18103] [U] �¡�6�@�b{��aҩQ���`�������L�%)x�Gy�6mʟTƱ,��sѷ��!_���v��4OўE$y��9m�������׶��vx�9|��]J��J?qP��<3+0?\g�{�d���Z?)��\��RjnQ2�%�}I�K18f|���"�����>�2�Z��e�dW�p��C�����x�0�&p���yKi>���G3�I����3'�LjD�*R-x��I��;�?l��H�~L?��rL¹܋�Y��b/��;c+&M��_�x8����d�S�=��(���foک'�5�5����#AJY���S@��}��E�;}�z�V:�鬞�~I��+�9Q����~Lq�o|�P�p8;_j���s܆ӈv�`�E��)1��D���A�M���R�<2�c+8)�}-W����R�𸳋����4�Z��7�����4ճ6�S�h�R�&5i2�G�(�5�_�ѧ�������$Ҭɫ����d�y7��%`[�|
[ 1004.461717][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1004.504659][T18103] [U] x�A���Qa�(t��VF^)6�cr��R���C~���ͽ����e%5�d]S��I���K�R"�=��垌�Nu�ebϒ����P1bu٪�"}�?U��Z
[ 1004.515883][T18103] [U] 
[ 1004.518636][T18103] [U] 
[ 1004.521378][T18103] [U] 
[ 1004.524198][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1004.541306][T18103] [U] 
[ 1004.544076][T18103] [U] 
[ 1004.546803][T18103] [U] 
[ 1004.549528][T18103] [U] 
[ 1004.570387][T18103] [U] 
[ 1004.573219][T18103] [U] 
[ 1004.575934][T18103] [U] 
[ 1004.578664][T18103] [U] 
[ 1004.582294][T18103] [U] 
[ 1004.585005][T18103] [U] 
[ 1004.587703][T18103] [U] 
[ 1004.590411][T18103] [U] 
[ 1004.593864][T18103] [U] 
[ 1004.596679][T18103] [U] 
[ 1004.599379][T18103] [U] 
[ 1004.602074][T18103] [U] 
[ 1004.606704][T18103] [U] 
[ 1004.609447][T18103] [U] 
[ 1004.612172][T18103] [U] 
[ 1004.614963][T18103] [U] 
[ 1004.618515][T18103] [U] 
[ 1004.621341][T18103] [U] 
[ 1004.624038][T18103] [U] 
[ 1004.626745][T18103] [U] 
[ 1004.631648][T18103] [U] 
[ 1004.634351][T18103] [U] 
[ 1004.637134][T18103] [U] 
[ 1004.639832][T18103] [U] 
[ 1004.642811][T18103] [U] 
[ 1004.645520][T18103] [U] 
[ 1004.648299][T18103] [U] 
[ 1004.650995][T18103] [U] 
[ 1004.669708][T18103] [U] 
[ 1004.672438][T18103] [U] 
[ 1004.675158][T18103] [U] 
[ 1004.677861][T18103] [U] 
[ 1004.775440][T18103] [U] 
[ 1004.778327][T18103] [U] 
[ 1004.781220][T18103] [U] 
[ 1004.784036][T18103] [U] 
[ 1004.787593][T18103] [U] 
[ 1004.970132][T18130] [U]  
[ 1004.973082][T18130] [U] 
[ 1004.975775][T18130] [U] 
[ 1004.978508][T18130] [U] 
[ 1005.117309][T18130] [U] 
[ 1005.120358][T18130] [U] 
[ 1005.123174][T18130] [U] 
[ 1005.126005][T18130] [U] 
[ 1005.161773][T18130] [U] 
[ 1005.164513][T18130] [U] 
[ 1005.167226][T18130] [U] 
[ 1005.169946][T18130] [U] 
[ 1005.248471][T18130] [U] 
[ 1005.251349][T18130] [U] 
[ 1005.254185][T18130] [U] 
[ 1005.256933][T18130] [U] 
[ 1005.286610][T18130] [U] 
[ 1005.289460][T18130] [U] K(����f�G���|�	�1��h �L��<.�]���f˹���p�ϴꊈtz�ժ�cjb�ٟ�Q�^=ִId��䏰R�`sU���4 <��~0X��i����Զ�<��r�R�2�;s-���
[ 1005.303996][T18130] [U] n����/���ü$>z�t��w ���-�/�[�M�]�)����@�:��!��N�Y1��KMq2s�%�㥉2��
[ 1005.313314][T18130] [U] ,˙L|��)�e�ɥU|��6Q���$��)�0(E�J�BMd^�Q�Q�7�V*�Q��ӗ�f����7Z�aX�D
��0
[ 1005.323362][T18130] [U] ��>A��q�B�����u��PG3�C��K.�51�����9�)�����
[ 1005.330156][T18130] [U] &�1������i��]���1+���.�F֚��D`�	V�k-A�����a
�zr��/Պ��tuK������|�O\!��
[ 1005.339890][T18130] [U] �OT]) Y<�7�ꮃ��
[ 1005.344401][T18130] [U] u�霣^�?2ڭ�H����v5{
=�/։����� "�͋�x||n"���1+H���$kg���/;��s�כ���{��
[ 1005.354554][T18130] [U] xW8�k=b@6R*�$�R��a^�e��Z����ʣ��:ñN{�/�V��
[ 1005.361758][T18130] [U] �+c`;U�!΅o��DOiK���0��j���E�,������nn���?1��ʼ�q���Q��3@�$�٢@�Y1^���ف�U�����?M�[ Z�#��ןH:�-��L
[ 1005.373749][T18130] [U] �HE���A��S�]&i-
����䜩�cL�Yb<���ߟc��	�<����5�p,A��f�Y�e�~�|��m.ܹwωF�0#[�QẠP2��ݻ�R��9մAr�Y,���ZC�l4k<�l�n��z��|�8�b�F\3&;g���"��wN�7J�i���
[ 1005.392197][T18130] [U] t���c�I�����, �&�P�����]�2�h����;���jQ���()t��,‹��r�����;�
-JZ�R+�Gb����!��a:�ֽ&;�������+��zڄ�+N�<���+������nZr�bc{�H8���|�w�W*Ln��/HHu!�GV����qC��6Z=g��h�#G��Ȧӟ^uil`who
��<<S�y���y%/��}�G�n �?�����kݴ�^�����@�f�
�W�� f\v
[ 1005.418979][T18130] [U] (����g�迒݈"�ų	W^\F���EnČQ�g�hf0��������,�r:�����t��D�P*�G)�$m�GLU<�7S��^ז���7	*:����w�����y��˅�ky�<�[?p#k
[ 1005.432802][T18130] [U] ��ȗ�-{c~t�����cw^�Ќ~��a���1j�H5�� Ԋ7�[�
��z���`+���
[ 1005.441010][T18130] [U] ��Y�P�0���ec�Q��`i,���'������똤���}G��S�ɉ�B��^��]� ��|ݫ���/ 6�`]���QV�z
[ 1005.451265][T18130] [U] ��pU�BDL-��w�*���
[ 1005.455870][T18130] [U] ̠�nea�'���*t�������U�@8}�T3D5r�R �2iW˻��T���k$��,���|s�"�y��8��n�t���,���h��QfN�R'�«�P}~G^+�K��t� �b�+�C|#3����Q�%�)�B�y9������q�ڈ���S!���4%� ���c B
[ 1005.473944][T18130] [U] ��@}#gf
[ 1005.479757][T18130] [U] u�z�|��t��Z�kk��Z�'���-[��~0�n�@�U�=U��co�j��@����@G\�=$h��íe'�Q��[
[ 1005.489279][T18130] [U] ��j���,��֭K��A3��~���x��r#�f�mD�v	�b��HH{Q�m����}�e`gܦǞVM�b$*s�73Mr`w1���\=|RY�8~�7a"N�z7!�)a>W�^��xe�����I���3�
[ 1005.503986][T18130] [U] :�ޱC�9��
��Ѝ���}�x>�{��fs]��(O��7'-��:����א\}<���SK���ȲOe%�7���F����
[ 1005.513557][T18130] [U] �v8֙�L]݉G���u�.k�
[ 1005.518171][T18130] [U] ظ=o�
[ 1005.521289][T18130] [U] �l�W�
[ 1005.524674][T18130] [U] �U��Z7�(������S�򿑻�x8Q��/0\��]�{��T]�����p�,ATZ��m�i��4�8
[ 1005.533351][T18130] [U] Y1;
V���+�8�9��5
[ 1005.537450][T18130] [U] �a��4��5��D�����5K�tSD�k��T�۷��&�����Rg	��[@��\X���<e��"����+�����J�F\e�G�I��s����T�^��W��g��.ː���J>�����Ye���w�|�U1I"��f�WA�md�Hj���G�a��̅�j��v@��\��&B�m�n0��W���3R�Bz���Җk<�K<d��
[ 1005.558661][T18130] [U] ��@��4:g��a2=a1�H=��n�P���`���1���xJE���5�KT
_���J�!LQ@ء���ߤ�\�ȯ���XͰ�{\�_��_58:�'��&8BseżW�Q&����v>Il�/pV.��R�<д���sϭ�>w)ݎ9����o1E�옆��׳��"%����o��:a=`1�El3i��ȼH6�����6lQ���Zq�:s%w"�Fuv�`�	���Th���a~�������5�ا������J��W
[ 1005.583956][T18130] [U] ���C䀯;�"`��N:2���2�r��Z-���!��֣ASX�s
[ 1005.590742][T18130] [U] ��I#C��fɯi��C����E��*�
[ 1005.595685][T18130] [U] ��0�3R�J�
�H��_c�����
[ 1005.600626][T18130] [U] E�EGNQ���
[ 1005.604090][T18130] [U] C��=ܧ�M��B*�u ������Y����6�!�O�P`G��L�+)־����t�J�W|}g��Q�S|���
[ 1005.613648][T18130] [U] ��X���UE����"�(S
[ 1005.617919][T18130] [U] �Z��hY��O_
[ 1005.621841][T18130] [U] ��%!)�[��O%���"�j;��4#{�#j�����-W4T�r6 �
[ 1005.628716][T18130] [U] ښ�2�)��M3�������f��!?j+<!(�S�[��V�;���{C̶���uP�ږݣ�.��:-G���h]w^0�z_1Q�=��0��
[ 1005.639594][T18130] [U] �C��Y%e/o:�g*�x�����o�	/C�K��5��c?�I�k0k,��g��T��W�K�o������vY|X�X�����r�.����@��%Ko�\\���cC���QE�[`�G����z��V+�9��UW��nv�����H��?�t�>�U�����
[ 1005.656877][T18130] [U] �*��
[ 1005.660123][T18130] [U] ���~i�E��B�P_�ap==��T�.�6
[ 1005.665161][T18130] [U] �wv�HB���Ug^�BUc��3�r��;*N�Q
[ 1005.670886][T18130] [U] ����ۚ��(Z����m�`p��l��Ȁ����>�^Ծ��~E
[ 1005.677944][T18130] [U] ���b��
�����5���+f�;��	�ԧT���C{g����c�l�`�������^���<�`��u�g�D2��
[ 1005.785763][T18130] [U] �-�D@��
[ 1005.789576][T18130] [U] 
[ 1005.792283][T18130] [U] 
[ 1005.794984][T18130] [U] 
[ 1005.889409][T18130] [U] 
[ 1013.451206][T18280] [U]  
[ 1013.454038][T18280] [U] 
[ 1013.456736][T18280] [U] 
[ 1013.459516][T18280] [U] 
[ 1013.534008][T18280] [U] 
[ 1013.536791][T18280] [U] 
[ 1013.539538][T18280] [U] 
[ 1013.542343][T18280] [U] 
[ 1013.580498][T18280] [U] 
[ 1013.596546][T18280] [U] �D|�5s�>bzo�mK��G�;��S�[ɥ���r�m0����I�t\�L�bh�w?`|�m�bl���k�$`p_��'n�4:���p<�(F����p|H3�o\?�������䑢�/űxI7��z�t����2�j\����P)��
���4����ѣ����"kݙNTk܉~Y A�3Sz͡ң����>�Ӆ��h�\���nNA���؜����b��p�
[ 1013.748749][T18280] [U] x�>��)ٕ�U@2�6�3@��*wE�C2K�4^��En�A/)u�WQgtY��n���h��xO_lЅ���^/Jd��U�R���?ɛٖB�Hc�EsQz���Q
��5IV��D!'=��IJ-�ŏ��_�vj8m��r֚جpx��@&��*.�aX��{~c��>�6�X
[ 1013.808134][T18280] [U] iR�b$��+Us�q���3�Y��,�}{v�zYOOC�]�x?;3��}+
[ 1013.816541][T18280] [U] r�4�oT=��X��UM_}J�8��\%`U"�U��c�>�9~�����[�>_��P����K�4ltg���ơ�ץ�M<�7�������=�xU�τ�:Op�_:5���c�!uK
[ 1013.829451][T18280] [U] ���t�f�8�X
[ 1013.834631][T18280] [U] ZU��2_��c�O_n���L��k/�k�$����k�c�أ�{�]}+
[ 1013.844006][T18280] [U] �9�ʋ��?�ײ�R#b$��9Ϡ���/�?�N�����
[ 1013.865107][T18280] [U] �N�$��}A���n�_o9vb����JL#���l����Oqc^���AL��[���-�
[ 1013.873686][T18280] [U] W?�Ġ�aՋ��
[ 1013.878702][T18280] [U] ��(C��K�S�rуQ
+�?�
[ 1013.883364][T18280] [U] MU(y�B[��zEG>L?�y�#�J����0�2v�)c��v��Z_�G�����J��a��"kA���c�	��%��  <2H�j��w�qG�w���x��KZ�!�Fݿ6*m�?�"�/�t��̐2R@��6Z�Cbu
[ 1013.898685][T18280] [U] :�}5���G��.�_ɱuA��w�<��
[ 1013.919819][T18280] [U] �tt��S
[ 1013.923928][T18280] [U] ���Z�W��ti��R�j	����0�;U3��V\����ա6B����K4����y��I@}@�|�p��D�8�@ »�
[ 1013.934226][T18280] [U] ������p0�v��1O�i
[ 1013.938766][T18280] [U] xD��&`���Q��8�c�n�,��B-`���[�Vq�B��䮁c��Y�8'�Z�f�X�/�%�������49�
[ 1014.292605][T18293] [U]  
[ 1014.295445][T18293] [U] 
[ 1014.298171][T18293] [U] 
[ 1014.300977][T18293] [U] 
[ 1014.336978][T18293] [U] 
[ 1014.339713][T18293] [U] 
[ 1014.342408][T18293] [U] 
[ 1014.345137][T18293] [U] 
[ 1014.395642][T18293] [U] 
[ 1014.398378][T18293] [U] 
[ 1014.401078][T18293] [U] 
[ 1014.403777][T18293] [U] 
[ 1014.449518][T18293] [U] 
[ 1014.452285][T18293] [U] 
[ 1014.454988][T18293] [U] 
[ 1014.457704][T18293] [U] 
[ 1014.480623][T18293] [U] 
[ 1014.483405][T18293] [U] 
[ 1014.486164][T18293] [U] 
[ 1014.488890][T18293] [U] 
[ 1014.596111][T18293] [U] 
[ 1014.598989][T18293] [U] 
[ 1014.601724][T18293] [U] 
[ 1014.604462][T18293] [U] 
[ 1014.692622][T18293] [U] 
[ 1019.304121][T18372] net_ratelimit: 517 callbacks suppressed
[ 1019.304151][T18372] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1019.316868][T18372] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1020.577461][T18372] FAULT_INJECTION: forcing a failure.
[ 1020.577461][T18372] name failslab, interval 1, probability 0, space 0, times 0
[ 1020.616341][T18372] CPU: 1 UID: 0 PID: 18372 Comm: syz.3.1886 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1020.616394][T18372] Tainted: [U]=USER
[ 1020.616406][T18372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1020.616424][T18372] Call Trace:
[ 1020.616436][T18372]  <TASK>
[ 1020.616449][T18372]  dump_stack_lvl+0x16c/0x1f0
[ 1020.616504][T18372]  should_fail_ex+0x512/0x640
[ 1020.616534][T18372]  ? fs_reclaim_acquire+0xae/0x150
[ 1020.616586][T18372]  should_failslab+0xc2/0x120
[ 1020.616626][T18372]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1020.616673][T18372]  ? security_inode_alloc+0x3b/0x2b0
[ 1020.616715][T18372]  security_inode_alloc+0x3b/0x2b0
[ 1020.616754][T18372]  inode_init_always_gfp+0xce4/0x1030
[ 1020.616797][T18372]  alloc_inode+0x86/0x240
[ 1020.616842][T18372]  path_from_stashed+0x25b/0x750
[ 1020.616878][T18372]  ? do_raw_spin_unlock+0x172/0x230
[ 1020.616946][T18372]  ns_get_path+0x5f/0x80
[ 1020.616981][T18372]  proc_ns_get_link+0x121/0x230
[ 1020.617027][T18372]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1020.617070][T18372]  ? atime_needs_update+0x8b/0x710
[ 1020.617121][T18372]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1020.617159][T18372]  step_into+0x1a2c/0x2270
[ 1020.617200][T18372]  ? __pfx_step_into+0x10/0x10
[ 1020.617232][T18372]  ? find_held_lock+0x2b/0x80
[ 1020.617276][T18372]  path_openat+0x6db/0x2cb0
[ 1020.617328][T18372]  ? __pfx_path_openat+0x10/0x10
[ 1020.617376][T18372]  do_filp_open+0x20b/0x470
[ 1020.617414][T18372]  ? __pfx_do_filp_open+0x10/0x10
[ 1020.617483][T18372]  ? alloc_fd+0x471/0x7d0
[ 1020.617528][T18372]  do_sys_openat2+0x11b/0x1d0
[ 1020.617576][T18372]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1020.617641][T18372]  __x64_sys_openat+0x174/0x210
[ 1020.617670][T18372]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1020.617735][T18372]  do_syscall_64+0xcd/0x490
[ 1020.617788][T18372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1020.617819][T18372] RIP: 0033:0x7f0558f8d510
[ 1020.617845][T18372] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1020.617875][T18372] RSP: 002b:00007f0559e5ef10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1020.617913][T18372] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f0558f8d510
[ 1020.617934][T18372] RDX: 0000000000000002 RSI: 00007f0559e5efa0 RDI: 00000000ffffff9c
[ 1020.617953][T18372] RBP: 00007f0559e5efa0 R08: 0000000000000000 R09: 0000000000000000
[ 1020.617972][T18372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1020.617991][T18372] R13: 00007f05591d6038 R14: 00007f05591d5fa0 R15: 00007ffe48159718
[ 1020.618038][T18372]  </TASK>
[ 1036.309536][T18578] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1036.316104][T18578] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1036.643261][T18572] [U]  
[ 1036.646114][T18572] [U] 
[ 1036.648834][T18572] [U] 
[ 1036.651525][T18572] [U] 
[ 1036.697039][T18572] [U] 
[ 1036.699890][T18572] [U] 
[ 1036.702631][T18572] [U] 
[ 1036.705342][T18572] [U] 
[ 1036.762728][T18572] [U] 
[ 1036.765516][T18572] [U] 
[ 1036.768261][T18572] [U] 
[ 1036.771013][T18572] [U] 
[ 1036.774569][T18572] [U] 
[ 1036.777367][T18572] [U] TR9�
[ 1036.780783][T18572] [U] z��<�M���*�Na�aձ�@���*C]V~����j̺�)�ƌ�"�z�
[ 1036.792825][T18572] [U] ���+ۑ[�.:쉤�#���0�C#�m6߹��#
[ 1036.798766][T18572] [U] ����<m�^[�:���roL!�*�u�H��t������,Y'7�.P�����n���A�
��{Ի%���,�?}�~�}�9�J�t�Zy�]��"����d�h��#}�!������M��;�Z���IuH�N�G��+��Sc���&+�Z$�Lb}��ѬXS�2hXrX<"����F�>��[��|V�\~u}��k3����$���MN��x�ew#��F��l��� *ޛ�iN4���&|D<W��S�F��Sۚ�9NA;�݃R�=�Y3���D�K.-6�Z���
�YP�BFn	��QG�vZ�Bڜ�F)���q���I�r+�L曀Ɓ1�KvG��R�R��*v��e����!W��+�@�YU��^�g��;*s��Z$���K��F9g
[ 1036.932450][T18572] [U] (�
[ 1036.939591][T18572] [U] ��_NL�3y��;��{����k����;���Ӭ:gXM
[ 1036.945555][T18572] [U] �+�H�dž��`�t7C��#�y����_{T����{�xۋ�'��Ph��3�⸠�>�\
[ 1036.976369][T18572] [U] ��yC/�C���2���vRG��zɟ�.�{U����P��u�K�� 7
[ 1037.112513][T18572] [U] ���'ꌅ�8˶�ﯧ��R%{�U�{�3��
[ 1037.140282][T18572] [U] L��?s�iA�eA9���o�l�6��]�6��k�V���p��€�N8[lbB��t؉Kc֏����,5񮖋}��:e����ah��@�֏ȼx�3���>79��k�F����u����s�6�����H�Y_2D#4DX�����u�F�U>��H�Ό��Mǯ��W��a��ד�﹄N�'�L��J��a������t���)ָy=r�Ԛ�e�Z\"vy�h���@�9m(�]�z�w?M:lS�;}OD3
���]�(�e�fsI���釪�m�&J<�Ys�&����p���d�U���rY���r;��-2s Z����l�/g�5hyE�����V�	u֔F'�E�^ޅ�5�˩l���P�A��DS|���>�޺�fx.��f�|�VB��$i�lI��#�o
[ 1037.178662][T18572] [U] E�T&��x����XJ�h�m����\�ą���C��䵨�Džၭ�wϨ@\e?�ڶ�x��Y�[���ĕJ?�a���z%<p�ӟ9�R���}�В�0J�����bζԌ�FRJ���x�7�y�5=[YRc������%(�k���W�p��u
[ 1037.195445][T18572] [U] �1(����Xh5c�p����p��i�"�F8����W��%��f_+Q��/B8Bߧ�ے��t�4�<�s�!p�⫌�*8B��"�WvQŧ0���f9��3
[ 1037.207001][T18572] [U] 3�n���zHʡ���o%i��ꉰZ1oʟ����ZU
gY~�N����k-�,��VU�[cA'N���
[ 1037.215873][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1038.015084][T18572] [U] ��X6ؤ=o�R=ð	�tV�Z�^v+�Y��
'?
[ 1038.050641][T18572] [U] nɘ;��H8�ј V�fL���X�nQ�a.������y� 1G�]RQN��5A�فϛ�~�wY�JY���B�W(6�����������J�>A��T�2��m
[ 1038.080641][T18572] [U] 7^kX� W�D<4~l08�
[ 1038.084983][T18572] [U] Uk�طH���8�x�ᙺA�"O��_�<�����ԝ+���L�X꥟�v���a�/�o�Ryn-�*)�/
[ 1038.098995][T18572] [U] 3�@��
[ 1038.102391][T18572] [U] 
[ 1038.105225][T18572] [U] 
[ 1038.107969][T18572] [U] 
[ 1038.201129][T18572] [U] 
[ 1038.204012][T18572] [U] 
[ 1038.206726][T18572] [U] 
[ 1038.209428][T18572] [U] 
[ 1038.452559][T18572] [U] 
[ 1038.455357][T18572] [U] 
[ 1038.458110][T18572] [U] 
[ 1038.460879][T18572] [U] 
[ 1038.463975][T18572] [U] 
[ 1038.760489][T18578] FAULT_INJECTION: forcing a failure.
[ 1038.760489][T18578] name failslab, interval 1, probability 0, space 0, times 0
[ 1038.848202][T18578] CPU: 0 UID: 0 PID: 18578 Comm: syz.1.1913 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1038.848236][T18578] Tainted: [U]=USER
[ 1038.848242][T18578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1038.848253][T18578] Call Trace:
[ 1038.848260][T18578]  <TASK>
[ 1038.848268][T18578]  dump_stack_lvl+0x16c/0x1f0
[ 1038.848300][T18578]  should_fail_ex+0x512/0x640
[ 1038.848318][T18578]  ? fs_reclaim_acquire+0xae/0x150
[ 1038.848348][T18578]  should_failslab+0xc2/0x120
[ 1038.848375][T18578]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1038.848398][T18578]  ? security_inode_alloc+0x3b/0x2b0
[ 1038.848423][T18578]  security_inode_alloc+0x3b/0x2b0
[ 1038.848446][T18578]  inode_init_always_gfp+0xce4/0x1030
[ 1038.848472][T18578]  alloc_inode+0x86/0x240
[ 1038.848500][T18578]  path_from_stashed+0x25b/0x750
[ 1038.848521][T18578]  ? do_raw_spin_unlock+0x172/0x230
[ 1038.848554][T18578]  ns_get_path+0x5f/0x80
[ 1038.848574][T18578]  proc_ns_get_link+0x121/0x230
[ 1038.848597][T18578]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1038.848622][T18578]  ? atime_needs_update+0x8b/0x710
[ 1038.848651][T18578]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1038.848674][T18578]  step_into+0x1a2c/0x2270
[ 1038.848698][T18578]  ? __pfx_step_into+0x10/0x10
[ 1038.848715][T18578]  ? find_held_lock+0x2b/0x80
[ 1038.848741][T18578]  path_openat+0x6db/0x2cb0
[ 1038.848777][T18578]  ? __pfx_path_openat+0x10/0x10
[ 1038.848806][T18578]  do_filp_open+0x20b/0x470
[ 1038.848828][T18578]  ? __pfx_do_filp_open+0x10/0x10
[ 1038.848865][T18578]  ? alloc_fd+0x471/0x7d0
[ 1038.848891][T18578]  do_sys_openat2+0x11b/0x1d0
[ 1038.848920][T18578]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1038.848957][T18578]  __x64_sys_openat+0x174/0x210
[ 1038.848975][T18578]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1038.849012][T18578]  do_syscall_64+0xcd/0x490
[ 1038.849043][T18578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1038.849062][T18578] RIP: 0033:0x7fd9f538d510
[ 1038.849078][T18578] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1038.849103][T18578] RSP: 002b:00007fd9f35f5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1038.849121][T18578] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd9f538d510
[ 1038.849133][T18578] RDX: 0000000000000002 RSI: 00007fd9f35f5fa0 RDI: 00000000ffffff9c
[ 1038.849145][T18578] RBP: 00007fd9f35f5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1038.849156][T18578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1038.849167][T18578] R13: 00007fd9f55d6038 R14: 00007fd9f55d5fa0 R15: 00007fffaa501bd8
[ 1038.849190][T18578]  </TASK>
[ 1058.565261][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1058.574670][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1101.927823][T19391] FAULT_INJECTION: forcing a failure.
[ 1101.927823][T19391] name failslab, interval 1, probability 0, space 0, times 0
[ 1101.968002][T19391] CPU: 0 UID: 0 PID: 19391 Comm: syz.1.2012 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1101.968051][T19391] Tainted: [U]=USER
[ 1101.968061][T19391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1101.968079][T19391] Call Trace:
[ 1101.968091][T19391]  <TASK>
[ 1101.968103][T19391]  dump_stack_lvl+0x16c/0x1f0
[ 1101.968153][T19391]  should_fail_ex+0x512/0x640
[ 1101.968180][T19391]  ? __kmalloc_noprof+0xbf/0x510
[ 1101.968219][T19391]  ? copy_splice_read+0x1a8/0xc20
[ 1101.968248][T19391]  should_failslab+0xc2/0x120
[ 1101.968287][T19391]  __kmalloc_noprof+0xd2/0x510
[ 1101.968332][T19391]  copy_splice_read+0x1a8/0xc20
[ 1101.968373][T19391]  ? __pfx_copy_splice_read+0x10/0x10
[ 1101.968408][T19391]  ? look_up_lock_class+0x59/0x150
[ 1101.968458][T19391]  ? lockdep_init_map_type+0x5c/0x280
[ 1101.968502][T19391]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1101.968540][T19391]  ? __pfx_copy_splice_read+0x10/0x10
[ 1101.968570][T19391]  do_splice_read+0x282/0x370
[ 1101.968606][T19391]  splice_direct_to_actor+0x2a1/0xa30
[ 1101.968641][T19391]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1101.968682][T19391]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1101.968711][T19391]  ? get_pid_task+0xfc/0x250
[ 1101.968763][T19391]  do_splice_direct+0x174/0x240
[ 1101.968808][T19391]  ? __pfx_do_splice_direct+0x10/0x10
[ 1101.968841][T19391]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1101.968880][T19391]  ? rw_verify_area+0xcf/0x6c0
[ 1101.968916][T19391]  do_sendfile+0xb06/0xe50
[ 1101.968957][T19391]  ? __pfx_do_sendfile+0x10/0x10
[ 1101.968991][T19391]  ? __fget_files+0x20e/0x3c0
[ 1101.969035][T19391]  __x64_sys_sendfile64+0x1d8/0x220
[ 1101.969075][T19391]  ? ksys_write+0x1ac/0x250
[ 1101.969110][T19391]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1101.969163][T19391]  do_syscall_64+0xcd/0x490
[ 1101.969213][T19391]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.969243][T19391] RIP: 0033:0x7fd9f538eba9
[ 1101.969268][T19391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.969298][T19391] RSP: 002b:00007fd9f35d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1101.969327][T19391] RAX: ffffffffffffffda RBX: 00007fd9f55d6090 RCX: 00007fd9f538eba9
[ 1101.969348][T19391] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[ 1101.969372][T19391] RBP: 00007fd9f35d5090 R08: 0000000000000000 R09: 0000000000000000
[ 1101.969390][T19391] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[ 1101.969408][T19391] R13: 00007fd9f55d6128 R14: 00007fd9f55d6090 R15: 00007fffaa501bd8
[ 1101.969448][T19391]  </TASK>
[ 1102.227909][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1104.171254][T19420] FAULT_INJECTION: forcing a failure.
[ 1104.171254][T19420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1104.195394][T19420] CPU: 1 UID: 0 PID: 19420 Comm: syz.0.2016 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1104.195443][T19420] Tainted: [U]=USER
[ 1104.195452][T19420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1104.195470][T19420] Call Trace:
[ 1104.195480][T19420]  <TASK>
[ 1104.195492][T19420]  dump_stack_lvl+0x16c/0x1f0
[ 1104.195541][T19420]  should_fail_ex+0x512/0x640
[ 1104.195575][T19420]  _copy_to_user+0x32/0xd0
[ 1104.195609][T19420]  simple_read_from_buffer+0xcb/0x170
[ 1104.195642][T19420]  proc_fail_nth_read+0x197/0x240
[ 1104.195676][T19420]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1104.195712][T19420]  ? rw_verify_area+0xcf/0x6c0
[ 1104.195742][T19420]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1104.195775][T19420]  vfs_read+0x1e4/0xcf0
[ 1104.195814][T19420]  ? __pfx___mutex_lock+0x10/0x10
[ 1104.195869][T19420]  ? __pfx_vfs_read+0x10/0x10
[ 1104.195914][T19420]  ? __fget_files+0x20e/0x3c0
[ 1104.195958][T19420]  ksys_read+0x12a/0x250
[ 1104.195992][T19420]  ? __pfx_ksys_read+0x10/0x10
[ 1104.196040][T19420]  do_syscall_64+0xcd/0x490
[ 1104.196088][T19420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1104.196118][T19420] RIP: 0033:0x7ff5e0f8d5bc
[ 1104.196142][T19420] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1104.196169][T19420] RSP: 002b:00007ff5e1dac030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1104.196197][T19420] RAX: ffffffffffffffda RBX: 00007ff5e11d5fa0 RCX: 00007ff5e0f8d5bc
[ 1104.196218][T19420] RDX: 000000000000000f RSI: 00007ff5e1dac0a0 RDI: 0000000000000003
[ 1104.196237][T19420] RBP: 00007ff5e1dac090 R08: 0000000000000000 R09: 0000000000000000
[ 1104.196255][T19420] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1104.196272][T19420] R13: 00007ff5e11d6038 R14: 00007ff5e11d5fa0 R15: 00007fff547af108
[ 1104.196313][T19420]  </TASK>
[ 1114.881941][T19519] Invalid ELF header magic: != ELF
[ 1118.650604][T19538] sd 0:0:1:0: PR command failed: 1026
[ 1118.935136][T19538] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1119.034737][T19538] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1119.689678][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1119.696212][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1147.203915][T19789] cifs: Unknown parameter 'T.�����żc[���$⁍��)��U�ÑnE�-ʙ�l���-��	�-�_������5Z�o��m��fwY�h�*/�xD
lݩ���g�kǐA����7���9���X�a/f�_�AR������xM	�v��p��$^;��q�3���n���-
6��+e�k�����<�k�c�)n.�eM��Na��t��SM��1,��%�m�%1��^�0܆�G)?p'
[ 1159.921933][T19917] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 1159.921933][T19917]    program syz.2.2079 not setting count and/or reply_len properly
[ 1160.919979][T19921] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2079'.
[ 1161.199012][T19928] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2079'.
[ 1180.639259][T20164] workqueue: Failed to create a rescuer kthread for wq "nfc5_nci_tx_wq": -EINTR
[ 1180.913102][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1180.939639][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1211.762624][T20428] FAULT_INJECTION: forcing a failure.
[ 1211.762624][T20428] name failslab, interval 1, probability 0, space 0, times 0
[ 1212.000226][T20428] CPU: 1 UID: 0 PID: 20428 Comm: syz.0.2136 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1212.000272][T20428] Tainted: [U]=USER
[ 1212.000281][T20428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1212.000298][T20428] Call Trace:
[ 1212.000315][T20428]  <TASK>
[ 1212.000326][T20428]  dump_stack_lvl+0x16c/0x1f0
[ 1212.000375][T20428]  should_fail_ex+0x512/0x640
[ 1212.000401][T20428]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1212.000434][T20428]  should_failslab+0xc2/0x120
[ 1212.000473][T20428]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1212.000505][T20428]  ? ppp_register_net_channel+0x52/0x530
[ 1212.000559][T20428]  ppp_register_net_channel+0x52/0x530
[ 1212.000601][T20428]  ? __init_swait_queue_head+0xca/0x150
[ 1212.000650][T20428]  ppp_sync_open+0x414/0x5b0
[ 1212.000684][T20428]  ? up_write+0x1b2/0x520
[ 1212.000724][T20428]  ? __pfx_ppp_sync_open+0x10/0x10
[ 1212.000761][T20428]  tty_ldisc_open+0x9f/0x120
[ 1212.000801][T20428]  tty_set_ldisc+0x32b/0x780
[ 1212.000848][T20428]  tty_ioctl+0xc2e/0x1680
[ 1212.000894][T20428]  ? __pfx_tty_ioctl+0x10/0x10
[ 1212.000948][T20428]  ? find_held_lock+0x2b/0x80
[ 1212.000981][T20428]  ? hook_file_ioctl_common+0x145/0x410
[ 1212.001031][T20428]  ? __fget_files+0x20e/0x3c0
[ 1212.001070][T20428]  ? __pfx_tty_ioctl+0x10/0x10
[ 1212.001117][T20428]  __x64_sys_ioctl+0x18e/0x210
[ 1212.001165][T20428]  do_syscall_64+0xcd/0x490
[ 1212.001215][T20428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1212.001245][T20428] RIP: 0033:0x7ff5e0f8eba9
[ 1212.001268][T20428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1212.001297][T20428] RSP: 002b:00007ff5e1dac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1212.001333][T20428] RAX: ffffffffffffffda RBX: 00007ff5e11d5fa0 RCX: 00007ff5e0f8eba9
[ 1212.001354][T20428] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e
[ 1212.001371][T20428] RBP: 00007ff5e1dac090 R08: 0000000000000000 R09: 0000000000000000
[ 1212.001389][T20428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1212.001406][T20428] R13: 00007ff5e11d6038 R14: 00007ff5e11d5fa0 R15: 00007fff547af108
[ 1212.001448][T20428]  </TASK>
[ 1241.937057][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1241.943424][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1242.500317][T20653] FAULT_INJECTION: forcing a failure.
[ 1242.500317][T20653] name failslab, interval 1, probability 0, space 0, times 0
[ 1242.599676][T20653] CPU: 1 UID: 0 PID: 20653 Comm: syz.0.2164 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1242.599731][T20653] Tainted: [U]=USER
[ 1242.599743][T20653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1242.599762][T20653] Call Trace:
[ 1242.599773][T20653]  <TASK>
[ 1242.599787][T20653]  dump_stack_lvl+0x16c/0x1f0
[ 1242.599840][T20653]  should_fail_ex+0x512/0x640
[ 1242.599869][T20653]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1242.599912][T20653]  should_failslab+0xc2/0x120
[ 1242.599949][T20653]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1242.599982][T20653]  ? getname_flags.part.0+0x4c/0x550
[ 1242.600030][T20653]  getname_flags.part.0+0x4c/0x550
[ 1242.600084][T20653]  getname_flags+0x93/0xf0
[ 1242.600120][T20653]  do_sys_openat2+0xb8/0x1d0
[ 1242.600177][T20653]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1242.600226][T20653]  ? __pfx___might_resched+0x10/0x10
[ 1242.600269][T20653]  __x64_sys_openat+0x174/0x210
[ 1242.600299][T20653]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1242.600365][T20653]  do_syscall_64+0xcd/0x490
[ 1242.600417][T20653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1242.600449][T20653] RIP: 0033:0x7ff5e0f8eba9
[ 1242.600474][T20653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1242.600504][T20653] RSP: 002b:00007ff5e1dac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1242.600535][T20653] RAX: ffffffffffffffda RBX: 00007ff5e11d5fa0 RCX: 00007ff5e0f8eba9
[ 1242.600555][T20653] RDX: 0000000000000802 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1242.600575][T20653] RBP: 00007ff5e1011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1242.600595][T20653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1242.600613][T20653] R13: 00007ff5e11d6038 R14: 00007ff5e11d5fa0 R15: 00007fff547af108
[ 1242.600650][T20653]  </TASK>
[ 1259.305166][T20840] mkiss: ax0: crc mode is auto.
[ 1279.382879][T20997] input: f�
 as /devices/virtual/input/input25
[ 1303.053607][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1303.077448][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1312.934910][T21241] sp0: Synchronizing with TNC
[ 1317.763743][ T5872] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1317.772683][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1317.780413][ T5872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1317.792050][ T5872] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1317.800759][ T5872] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1318.597445][T21285] random: crng reseeded on system resumption
[ 1319.840947][T17143] Bluetooth: hci4: command tx timeout
[ 1321.919518][T17143] Bluetooth: hci4: command tx timeout
[ 1323.161383][T21279] chnl_net:caif_netlink_parms(): no params data found
[ 1323.951289][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1323.993821][T17143] Bluetooth: hci4: command tx timeout
[ 1325.120199][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1326.048414][T17143] Bluetooth: hci4: command tx timeout
[ 1326.977883][T21279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1327.003209][T21279] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1327.012676][T21279] bridge_slave_0: entered allmulticast mode
[ 1327.035238][T21279] bridge_slave_0: entered promiscuous mode
[ 1327.087025][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1327.188541][T21279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1327.196297][T21279] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1327.206126][T21279] bridge_slave_1: entered allmulticast mode
[ 1327.218604][T21279] bridge_slave_1: entered promiscuous mode
[ 1327.305138][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1327.415196][T21279] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1327.454099][T21279] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1327.516982][T21279] team0: Port device team_slave_0 added
[ 1327.579407][T21279] team0: Port device team_slave_1 added
[ 1327.752717][T21279] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1327.780447][T21279] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1327.814645][T21279] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1327.902889][T21279] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1327.953023][T21279] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1327.992725][T21279] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1328.047222][   T13] bridge_slave_1: left allmulticast mode
[ 1328.059909][   T13] bridge_slave_1: left promiscuous mode
[ 1328.075970][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1328.164387][   T13] bridge_slave_0: left allmulticast mode
[ 1328.177356][   T13] bridge_slave_0: left promiscuous mode
[ 1328.355092][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1332.787500][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1332.857921][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1333.064408][   T13] bond0 (unregistering): Released all slaves
[ 1333.397675][   T13] HfR: left promiscuous mode
[ 1333.689947][T21279] hsr_slave_0: entered promiscuous mode
[ 1333.696775][T21279] hsr_slave_1: entered promiscuous mode
[ 1333.712981][T21279] debugfs: 'hsr0' already exists in 'hsr'
[ 1333.733572][T21279] Cannot create hsr debugfs directory
[ 1336.804345][   T13] hsr_slave_0: left promiscuous mode
[ 1336.992466][   T13] hsr_slave_1: left promiscuous mode
[ 1337.045217][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1337.059274][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1337.068283][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1337.076003][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1337.100647][   T13] veth1_macvtap: left promiscuous mode
[ 1337.107606][   T13] veth0_macvtap: left promiscuous mode
[ 1337.113424][   T13] veth1_vlan: left promiscuous mode
[ 1337.119016][   T13] veth0_vlan: left promiscuous mode
[ 1339.435324][   T13] team0 (unregistering): Port device team_slave_1 removed
[ 1339.882414][   T13] team0 (unregistering): Port device team_slave_0 removed
[ 1342.723126][T21279] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1342.943023][T21279] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1343.074835][T21279] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1343.246655][T21279] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1345.180994][T21279] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1346.199279][T21279] 8021q: adding VLAN 0 to HW filter on device team0
[ 1346.539858][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1346.547070][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1346.743020][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1346.750174][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1349.403789][T21279] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1349.449323][T21552] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[ 1351.396452][T21552] openvswitch: HfR: Dropping previously announced user features
[ 1351.677513][T21552] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2266'.
[ 1351.774353][T21552] HfR: left promiscuous mode
[ 1352.876672][T21279] veth0_vlan: entered promiscuous mode
[ 1352.992697][T21279] veth1_vlan: entered promiscuous mode
[ 1353.128816][T21279] veth0_macvtap: entered promiscuous mode
[ 1353.194770][T21279] veth1_macvtap: entered promiscuous mode
[ 1353.300750][T21279] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1353.411557][T21279] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1353.443910][T21377] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1353.534412][T21377] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1353.678200][T21377] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1353.718655][T21377] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1357.687033][ T1342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1357.753167][ T1342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1358.166473][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1358.331730][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1364.200272][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1364.207597][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1372.158370][T21769] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2287'.
[ 1372.217100][T21771] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[ 1425.298312][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1425.304757][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1436.713340][ T5872] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1436.725321][ T5872] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1436.737473][ T5872] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1436.746551][ T5872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1436.763934][ T5872] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1437.610704][T22422] chnl_net:caif_netlink_parms(): no params data found
[ 1438.821576][T21282] Bluetooth: hci2: command tx timeout
[ 1440.900871][T17143] Bluetooth: hci2: command tx timeout
[ 1441.771470][T22422] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1441.794078][T22422] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1441.809533][T22422] bridge_slave_0: entered allmulticast mode
[ 1441.838286][T22422] bridge_slave_0: entered promiscuous mode
[ 1442.371134][T22483] FAULT_INJECTION: forcing a failure.
[ 1442.371134][T22483] name failslab, interval 1, probability 0, space 0, times 0
[ 1442.388135][T22483] CPU: 0 UID: 0 PID: 22483 Comm: syz.1.2384 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1442.388184][T22483] Tainted: [U]=USER
[ 1442.388194][T22483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1442.388211][T22483] Call Trace:
[ 1442.388221][T22483]  <TASK>
[ 1442.388231][T22483]  dump_stack_lvl+0x16c/0x1f0
[ 1442.388281][T22483]  should_fail_ex+0x512/0x640
[ 1442.388308][T22483]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1442.388345][T22483]  should_failslab+0xc2/0x120
[ 1442.388382][T22483]  __kvmalloc_node_noprof+0x137/0x620
[ 1442.388414][T22483]  ? get_pid_task+0xfc/0x250
[ 1442.388455][T22483]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[ 1442.388508][T22483]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[ 1442.388551][T22483]  file_tty_write.constprop.0+0x6ef/0x9b0
[ 1442.388600][T22483]  ? rw_verify_area+0xcf/0x6c0
[ 1442.388635][T22483]  vfs_write+0x7d0/0x11d0
[ 1442.388669][T22483]  ? __pfx_tty_write+0x10/0x10
[ 1442.388715][T22483]  ? __pfx_vfs_write+0x10/0x10
[ 1442.388746][T22483]  ? find_held_lock+0x2b/0x80
[ 1442.388802][T22483]  ksys_write+0x12a/0x250
[ 1442.388847][T22483]  ? __pfx_ksys_write+0x10/0x10
[ 1442.388895][T22483]  do_syscall_64+0xcd/0x490
[ 1442.388943][T22483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1442.388971][T22483] RIP: 0033:0x7fd9f538eba9
[ 1442.388995][T22483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1442.389022][T22483] RSP: 002b:00007fd9f35f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1442.389050][T22483] RAX: ffffffffffffffda RBX: 00007fd9f55d5fa0 RCX: 00007fd9f538eba9
[ 1442.389078][T22483] RDX: 0000000000000011 RSI: 00002000000009c0 RDI: 0000000000000003
[ 1442.389096][T22483] RBP: 00007fd9f35f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1442.389113][T22483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1442.389131][T22483] R13: 00007fd9f55d6038 R14: 00007fd9f55d5fa0 R15: 00007fffaa501bd8
[ 1442.389172][T22483]  </TASK>
[ 1442.880834][T17143] Bluetooth: hci4: command 0x0406 tx timeout
[ 1442.909729][T21020] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1442.960570][T17143] Bluetooth: hci2: command tx timeout
[ 1443.187632][T22422] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1443.233099][T22422] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1443.284664][T22422] bridge_slave_1: entered allmulticast mode
[ 1443.358816][T22422] bridge_slave_1: entered promiscuous mode
[ 1443.603311][T22422] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1443.844880][T21020] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1443.910623][T22422] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1444.058967][T21020] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1444.231466][T21020] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1444.428743][T22422] team0: Port device team_slave_0 added
[ 1444.469867][T22499] ptrace attach of ""[22500] was attempted by "./syz-executor exec"[22499]
[ 1444.544124][T22422] team0: Port device team_slave_1 added
[ 1444.705193][T22422] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1444.714667][T22422] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1444.750240][T22422] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1444.763550][T22422] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1444.780532][T22422] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1444.836821][T22422] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1444.920723][T22504] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1444.936153][T22504] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1444.961760][T22504] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1444.979050][T22504] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1445.029514][T21282] Bluetooth: hci2: command tx timeout
[ 1445.050090][T22504] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1445.057544][T22504] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1445.077584][T22504] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1445.115937][T22422] hsr_slave_0: entered promiscuous mode
[ 1445.147881][T22422] hsr_slave_1: entered promiscuous mode
[ 1445.175945][T22422] debugfs: 'hsr0' already exists in 'hsr'
[ 1445.194979][T22422] Cannot create hsr debugfs directory
[ 1445.475880][T21020] hsr0: left allmulticast mode
[ 1445.481235][T21020] hsr_slave_0: left allmulticast mode
[ 1445.486669][T21020] hsr_slave_1: left allmulticast mode
[ 1445.492907][T21020] hsr0: left promiscuous mode
[ 1445.499906][T21020] bridge0: port 3(hsr0) entered disabled state
[ 1445.777835][T21020] bridge_slave_1: left allmulticast mode
[ 1445.783648][T21020] bridge_slave_1: left promiscuous mode
[ 1445.791622][T21020] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1445.847928][T21020] bridge_slave_0: left allmulticast mode
[ 1445.853729][T21020] bridge_slave_0: left promiscuous mode
[ 1445.859521][T21020] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1446.115655][T22510] FAULT_INJECTION: forcing a failure.
[ 1446.115655][T22510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1446.148702][T22510] CPU: 1 UID: 0 PID: 22510 Comm: syz.4.2390 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1446.148749][T22510] Tainted: [U]=USER
[ 1446.148758][T22510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1446.148775][T22510] Call Trace:
[ 1446.148785][T22510]  <TASK>
[ 1446.148796][T22510]  dump_stack_lvl+0x16c/0x1f0
[ 1446.148845][T22510]  should_fail_ex+0x512/0x640
[ 1446.148883][T22510]  _copy_from_user+0x2e/0xd0
[ 1446.148917][T22510]  get_timespec64+0x8b/0x1b0
[ 1446.148953][T22510]  ? __pfx_get_timespec64+0x10/0x10
[ 1446.148995][T22510]  ? common_nsleep+0xa1/0xd0
[ 1446.149036][T22510]  __x64_sys_clock_nanosleep+0x1ce/0x4a0
[ 1446.149071][T22510]  ? __pfx___x64_sys_clock_nanosleep+0x10/0x10
[ 1446.149115][T22510]  do_syscall_64+0xcd/0x490
[ 1446.149212][T22510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1446.149245][T22510] RIP: 0033:0x7f8e927c1465
[ 1446.149270][T22510] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1446.149300][T22510] RSP: 002b:00007ffe7314dc50 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1446.149330][T22510] RAX: ffffffffffffffda RBX: 00007f8e929d5fa0 RCX: 00007f8e927c1465
[ 1446.149351][T22510] RDX: 00007ffe7314dc90 RSI: 0000000000000000 RDI: 0000000000000000
[ 1446.149369][T22510] RBP: 00007f8e929d7da0 R08: 0000000000000000 R09: 00007f8e93588000
[ 1446.149389][T22510] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000161e61
[ 1446.149407][T22510] R13: 00007f8e929d6270 R14: ffffffffffffffff R15: 00007ffe7314ddd0
[ 1446.149449][T22510]  </TASK>
[ 1446.939952][T21282] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1446.946031][T21282] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1447.019218][T21282] Bluetooth: hci4: command 0x0406 tx timeout
[ 1447.126396][T21282] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1447.809460][T21020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1447.877711][T21020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1448.095128][T21020] bond0 (unregistering): Released all slaves
[ 1449.100925][T21282] Bluetooth: hci4: command 0x0406 tx timeout
[ 1449.178358][T21282] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1450.928544][T21020] hsr_slave_0: left promiscuous mode
[ 1450.979335][T21020] hsr_slave_1: left promiscuous mode
[ 1451.011374][T21020] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1451.026472][T21020] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1451.037379][T22578] ptrace attach of "./syz-executor exec"[22581] was attempted by "./syz-executor exec"[22578]
[ 1451.054379][T21020] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1451.111092][T21020] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1451.243129][T21282] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1451.305331][T21020] veth1_macvtap: left promiscuous mode
[ 1451.311602][T21020] veth0_macvtap: left promiscuous mode
[ 1451.317676][T21020] veth1_vlan: left promiscuous mode
[ 1451.323131][T21020] veth0_vlan: left promiscuous mode
[ 1453.908395][T21020] team0 (unregistering): Port device team_slave_1 removed
[ 1454.251066][T21020] team0 (unregistering): Port device team_slave_0 removed
[ 1458.730240][T22681] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1459.143496][T22422] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1459.185240][T22422] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1459.304803][T22422] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1459.557072][T22422] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1460.157635][T22422] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1460.407653][T22422] 8021q: adding VLAN 0 to HW filter on device team0
[ 1460.447870][T21377] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1460.455166][T21377] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1460.700819][ T8802] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1460.708197][ T8802] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1461.477898][T22727] FAULT_INJECTION: forcing a failure.
[ 1461.477898][T22727] name failslab, interval 1, probability 0, space 0, times 0
[ 1461.491071][T22727] CPU: 0 UID: 0 PID: 22727 Comm: syz.4.2416 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1461.491102][T22727] Tainted: [U]=USER
[ 1461.491109][T22727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1461.491120][T22727] Call Trace:
[ 1461.491127][T22727]  <TASK>
[ 1461.491133][T22727]  dump_stack_lvl+0x16c/0x1f0
[ 1461.491166][T22727]  should_fail_ex+0x512/0x640
[ 1461.491183][T22727]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1461.491205][T22727]  should_failslab+0xc2/0x120
[ 1461.491229][T22727]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1461.491248][T22727]  ? find_held_lock+0x2b/0x80
[ 1461.491265][T22727]  ? alloc_pipe_info+0x10e/0x590
[ 1461.491292][T22727]  alloc_pipe_info+0x10e/0x590
[ 1461.491317][T22727]  splice_direct_to_actor+0x77d/0xa30
[ 1461.491338][T22727]  ? __lock_acquire+0x62e/0x1ce0
[ 1461.491360][T22727]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1461.491381][T22727]  ? __pfx_aa_file_perm+0x10/0x10
[ 1461.491409][T22727]  ? find_held_lock+0x2b/0x80
[ 1461.491427][T22727]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1461.491445][T22727]  ? get_pid_task+0xfc/0x250
[ 1461.491476][T22727]  do_splice_direct+0x174/0x240
[ 1461.491495][T22727]  ? __pfx_do_splice_direct+0x10/0x10
[ 1461.491515][T22727]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1461.491537][T22727]  ? rw_verify_area+0xcf/0x6c0
[ 1461.491558][T22727]  do_sendfile+0xb06/0xe50
[ 1461.491581][T22727]  ? __pfx_do_sendfile+0x10/0x10
[ 1461.491602][T22727]  ? __fget_files+0x20e/0x3c0
[ 1461.491627][T22727]  __x64_sys_sendfile64+0x1d8/0x220
[ 1461.491654][T22727]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1461.491678][T22727]  ? syscall_user_dispatch+0x78/0x140
[ 1461.491713][T22727]  do_syscall_64+0xcd/0x490
[ 1461.491743][T22727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1461.491762][T22727] RIP: 0033:0x7f8e9278eba9
[ 1461.491777][T22727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1461.491796][T22727] RSP: 002b:00007f8e93566038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1461.491814][T22727] RAX: ffffffffffffffda RBX: 00007f8e929d6090 RCX: 00007f8e9278eba9
[ 1461.491826][T22727] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a
[ 1461.491837][T22727] RBP: 00007f8e93566090 R08: 0000000000000000 R09: 0000000000000000
[ 1461.491848][T22727] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[ 1461.491859][T22727] R13: 00007f8e929d6128 R14: 00007f8e929d6090 R15: 00007ffe7314db58
[ 1461.491881][T22727]  </TASK>
[ 1463.394427][T22422] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1463.542300][T22422] veth0_vlan: entered promiscuous mode
[ 1463.674467][T22422] veth1_vlan: entered promiscuous mode
[ 1463.983997][T22422] veth0_macvtap: entered promiscuous mode
[ 1464.055784][T22422] veth1_macvtap: entered promiscuous mode
[ 1464.168452][T22422] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1464.201139][T22422] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1464.289800][ T1115] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.368050][ T1115] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.517460][T21377] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.553365][T22759] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1464.567712][T21377] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1464.871269][ T8802] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1464.915797][ T8802] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1465.070958][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1465.126210][T22769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2422'.
[ 1465.159962][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1469.661582][T22790] random: crng reseeded on system resumption
[ 1471.779732][T22811] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2436'.
[ 1472.001230][T17143] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1472.022039][T17143] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1472.030531][T17143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1472.041055][T17143] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1472.150715][T17143] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1472.773313][T22811] team0: Port device team_slave_1 removed
[ 1472.901239][T21377] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1473.036440][T21377] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1473.482071][T21377] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1473.752896][T21377] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1474.247391][T17143] Bluetooth: hci0: command tx timeout
[ 1475.418455][T22816] chnl_net:caif_netlink_parms(): no params data found
[ 1475.534079][T21377] hsr0: left allmulticast mode
[ 1475.539249][T21377] hsr_slave_0: left allmulticast mode
[ 1475.560337][T21377] hsr_slave_1: left allmulticast mode
[ 1475.569676][T21377] hsr0: left promiscuous mode
[ 1475.581223][T21377] bridge0: port 3(hsr0) entered disabled state
[ 1475.598197][T21377] bridge_slave_1: left allmulticast mode
[ 1475.604021][T21377] bridge_slave_1: left promiscuous mode
[ 1475.614148][T21377] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1475.674176][T21377] bridge_slave_0: left allmulticast mode
[ 1475.719309][T21377] bridge_slave_0: left promiscuous mode
[ 1475.747241][T21377] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1476.306702][T17143] Bluetooth: hci0: command tx timeout
[ 1478.379381][T17143] Bluetooth: hci0: command tx timeout
[ 1479.386162][T22899] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1480.190952][T21377] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1480.201519][T21377] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1480.213556][T21377] bond0 (unregistering): Released all slaves
[ 1480.384810][T21377] HfR: left promiscuous mode
[ 1480.445305][T17143] Bluetooth: hci0: command tx timeout
[ 1480.893525][T22816] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1480.901000][T22816] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1480.997116][T22816] bridge_slave_0: entered allmulticast mode
[ 1481.052785][T22816] bridge_slave_0: entered promiscuous mode
[ 1481.131250][T22816] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1481.196479][T22816] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1481.229530][T22816] bridge_slave_1: entered allmulticast mode
[ 1481.269588][T22816] bridge_slave_1: entered promiscuous mode
[ 1482.606833][T22816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1483.144777][T22816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1484.986862][T22816] team0: Port device team_slave_0 added
[ 1485.083748][T22816] team0: Port device team_slave_1 added
[ 1485.430327][T22816] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1485.437438][T22816] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1485.513738][T22816] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1485.906826][T22816] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1485.957807][T22816] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1486.076267][T22816] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1486.273168][T21377] hsr_slave_0: left promiscuous mode
[ 1486.421656][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1486.428120][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1486.496495][T21377] hsr_slave_1: left promiscuous mode
[ 1486.568782][T21377] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1486.605064][T21377] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1486.657771][T21377] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1486.665372][T21377] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1486.848795][T21377] veth1_macvtap: left promiscuous mode
[ 1486.880667][T21377] veth0_macvtap: left promiscuous mode
[ 1486.898864][T21377] veth1_vlan: left promiscuous mode
[ 1486.904504][T21377] veth0_vlan: left promiscuous mode
[ 1488.366517][T23016] netlink: 'syz.4.2454': attribute type 11 has an invalid length.
[ 1488.383146][T23016] netlink: 'syz.4.2454': attribute type 11 has an invalid length.
[ 1488.393628][T23016] netlink: 'syz.4.2454': attribute type 11 has an invalid length.
[ 1488.401572][T23016] netlink: 'syz.4.2454': attribute type 11 has an invalid length.
[ 1489.078209][T21377] team0 (unregistering): Port device team_slave_1 removed
[ 1489.148941][T23012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1489.865549][T21377] team0 (unregistering): Port device team_slave_0 removed
[ 1492.338841][T22816] hsr_slave_0: entered promiscuous mode
[ 1492.363508][T22816] hsr_slave_1: entered promiscuous mode
[ 1495.762420][T22816] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1495.790350][T22816] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1495.867471][T22816] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1495.976470][T22816] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1496.539266][T22816] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1496.688323][T22816] 8021q: adding VLAN 0 to HW filter on device team0
[ 1496.715457][ T1115] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1496.722843][ T1115] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1496.802246][ T1115] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1496.802419][ T1115] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1498.173146][T22816] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1498.996185][T22816] veth0_vlan: entered promiscuous mode
[ 1499.149891][T22816] veth1_vlan: entered promiscuous mode
[ 1499.183066][T22816] veth0_macvtap: entered promiscuous mode
[ 1499.278744][T22816] veth1_macvtap: entered promiscuous mode
[ 1499.420224][T22816] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1499.537239][T22816] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1499.975513][ T1342] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.105012][ T1342] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.137609][ T1342] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.195209][ T1342] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1500.783731][ T1342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1500.828516][ T1342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1500.871739][ T1342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1500.881037][ T1342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1503.436550][T21282] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1503.491151][T21282] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1503.505101][T21282] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1503.549881][T21282] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1503.566904][T21282] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1505.026181][T23232] chnl_net:caif_netlink_parms(): no params data found
[ 1505.669967][T17143] Bluetooth: hci1: command tx timeout
[ 1506.906334][T23232] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1506.988516][T23232] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1507.003810][T23232] bridge_slave_0: entered allmulticast mode
[ 1507.091547][T23232] bridge_slave_0: entered promiscuous mode
[ 1507.111468][T23232] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1507.118870][T23232] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1507.130926][T23232] bridge_slave_1: entered allmulticast mode
[ 1507.145088][T23232] bridge_slave_1: entered promiscuous mode
[ 1507.524771][T23232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1507.589389][T23232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1507.720546][T23301] netlink: 'syz.3.2478': attribute type 11 has an invalid length.
[ 1507.738580][T17143] Bluetooth: hci1: command tx timeout
[ 1507.747042][T23301] netlink: 'syz.3.2478': attribute type 11 has an invalid length.
[ 1507.889663][T23232] team0: Port device team_slave_0 added
[ 1507.899701][T23232] team0: Port device team_slave_1 added
[ 1507.922638][T23301] netlink: 'syz.3.2478': attribute type 11 has an invalid length.
[ 1507.939553][T23301] netlink: 'syz.3.2478': attribute type 11 has an invalid length.
[ 1508.154946][T23232] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1508.198205][T23232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1508.304041][T23232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1508.317338][T23232] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1508.324482][T23232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1508.351316][T23232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1508.650431][T23232] hsr_slave_0: entered promiscuous mode
[ 1508.680359][T23232] hsr_slave_1: entered promiscuous mode
[ 1508.726900][T23296] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1508.765609][T23232] debugfs: 'hsr0' already exists in 'hsr'
[ 1508.798907][T23232] Cannot create hsr debugfs directory
[ 1509.203110][T23312] netlink: zone id is out of range
[ 1509.208278][T23312] netlink: zone id is out of range
[ 1509.234116][T23312] netlink: zone id is out of range
[ 1509.242675][T23312] netlink: zone id is out of range
[ 1509.252880][T23312] netlink: zone id is out of range
[ 1509.258217][T23312] netlink: zone id is out of range
[ 1509.264533][T23312] netlink: zone id is out of range
[ 1509.273921][T23312] netlink: zone id is out of range
[ 1509.279235][T23312] netlink: zone id is out of range
[ 1509.284734][T23312] netlink: zone id is out of range
[ 1509.568991][T23232] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1509.806487][T17143] Bluetooth: hci1: command tx timeout
[ 1509.866701][T23232] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1510.245174][T23232] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1510.555354][T23232] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1511.642644][T23232] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1511.751375][T23232] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1511.795283][T23232] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1511.923177][T17143] Bluetooth: hci1: command tx timeout
[ 1512.127784][T23232] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1513.100101][T23232] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1513.262084][T23232] 8021q: adding VLAN 0 to HW filter on device team0
[ 1513.296188][ T8802] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1513.303318][ T8802] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1513.352171][T23232] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1513.373168][T23232] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1513.454092][ T8802] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1513.461569][ T8802] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1514.568502][T23232] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1514.820587][T23232] veth0_vlan: entered promiscuous mode
[ 1514.862492][T23232] veth1_vlan: entered promiscuous mode
[ 1515.011009][T23232] veth0_macvtap: entered promiscuous mode
[ 1515.079943][T23232] veth1_macvtap: entered promiscuous mode
[ 1515.141655][T23232] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1515.291843][T23232] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1515.570177][ T1115] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.613202][ T1115] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.633546][ T1115] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.803273][ T1115] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1516.247352][T23380] net_ratelimit: 517 callbacks suppressed
[ 1516.247372][T23380] netlink: zone id is out of range
[ 1516.291290][T23380] netlink: zone id is out of range
[ 1516.318788][T23380] netlink: zone id is out of range
[ 1516.379044][T23380] netlink: zone id is out of range
[ 1516.420219][T23380] netlink: zone id is out of range
[ 1516.427511][T23380] netlink: zone id is out of range
[ 1516.447763][T23380] netlink: zone id is out of range
[ 1516.455618][T23380] netlink: zone id is out of range
[ 1516.461973][T23380] netlink: zone id is out of range
[ 1516.467645][T23380] netlink: zone id is out of range
[ 1517.327593][T23387] FAULT_INJECTION: forcing a failure.
[ 1517.327593][T23387] name failslab, interval 1, probability 0, space 0, times 0
[ 1517.362512][   T30] audit: type=1800 audit(1757573522.531:7): pid=23387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2492" name="lu_gp_id" dev="configfs" ino=66439 res=0 errno=0
[ 1517.441666][T23387] CPU: 0 UID: 0 PID: 23387 Comm: syz.4.2492 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1517.441718][T23387] Tainted: [U]=USER
[ 1517.441729][T23387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1517.441748][T23387] Call Trace:
[ 1517.441759][T23387]  <TASK>
[ 1517.441777][T23387]  dump_stack_lvl+0x16c/0x1f0
[ 1517.441839][T23387]  should_fail_ex+0x512/0x640
[ 1517.441868][T23387]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[ 1517.441911][T23387]  should_failslab+0xc2/0x120
[ 1517.441952][T23387]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[ 1517.442001][T23387]  ? alloc_inode+0xc3/0x240
[ 1517.442054][T23387]  alloc_inode+0xc3/0x240
[ 1517.442093][T23387]  iget_locked+0x2e4/0x830
[ 1517.442140][T23387]  ? __pfx_iget_locked+0x10/0x10
[ 1517.442188][T23387]  ? find_held_lock+0x2b/0x80
[ 1517.442222][T23387]  ? kernfs_root+0xee/0x2a0
[ 1517.442269][T23387]  kernfs_get_inode+0x48/0x460
[ 1517.442308][T23387]  kernfs_iop_lookup+0x1a7/0x2d0
[ 1517.442353][T23387]  __lookup_slow+0x251/0x460
[ 1517.442401][T23387]  ? __pfx___lookup_slow+0x10/0x10
[ 1517.442476][T23387]  ? lookup_fast+0x156/0x610
[ 1517.442504][T23387]  ? __pfx_kernfs_iop_permission+0x10/0x10
[ 1517.442548][T23387]  walk_component+0x353/0x5b0
[ 1517.442584][T23387]  link_path_walk+0x627/0xe20
[ 1517.442634][T23387]  path_openat+0x1b0/0x2cb0
[ 1517.442667][T23387]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1517.442715][T23387]  ? __pfx_path_openat+0x10/0x10
[ 1517.442765][T23387]  do_filp_open+0x20b/0x470
[ 1517.442804][T23387]  ? __pfx_do_filp_open+0x10/0x10
[ 1517.442889][T23387]  ? alloc_fd+0x471/0x7d0
[ 1517.442939][T23387]  do_sys_openat2+0x11b/0x1d0
[ 1517.442988][T23387]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1517.443058][T23387]  __x64_sys_openat+0x174/0x210
[ 1517.443086][T23387]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1517.443158][T23387]  do_syscall_64+0xcd/0x490
[ 1517.443212][T23387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1517.443243][T23387] RIP: 0033:0x7f8e9278eba9
[ 1517.443270][T23387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1517.443305][T23387] RSP: 002b:00007f8e93587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1517.443337][T23387] RAX: ffffffffffffffda RBX: 00007f8e929d5fa0 RCX: 00007f8e9278eba9
[ 1517.443359][T23387] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1517.443381][T23387] RBP: 00007f8e92811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1517.443402][T23387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1517.443423][T23387] R13: 00007f8e929d6038 R14: 00007f8e929d5fa0 R15: 00007ffe7314db58
[ 1517.443466][T23387]  </TASK>
[ 1518.119698][ T1342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1518.137645][ T1342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1518.757899][ T1342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1518.770616][ T1342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1521.398985][T23419] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 1521.398985][T23419]    program syz.0.2496 not setting count and/or reply_len properly
[ 1522.399703][T23421] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1522.460493][T23421] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1522.479681][T23421] netlink: 290 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1522.492923][T23421] netlink: 290 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1523.814093][T23443] FAULT_INJECTION: forcing a failure.
[ 1523.814093][T23443] name failslab, interval 1, probability 0, space 0, times 0
[ 1523.829101][T23443] CPU: 0 UID: 0 PID: 23443 Comm: syz.0.2499 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1523.829149][T23443] Tainted: [U]=USER
[ 1523.829159][T23443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1523.829176][T23443] Call Trace:
[ 1523.829187][T23443]  <TASK>
[ 1523.829199][T23443]  dump_stack_lvl+0x16c/0x1f0
[ 1523.829250][T23443]  should_fail_ex+0x512/0x640
[ 1523.829286][T23443]  should_failslab+0xc2/0x120
[ 1523.829325][T23443]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1523.829365][T23443]  ? skb_clone+0x190/0x3f0
[ 1523.829416][T23443]  skb_clone+0x190/0x3f0
[ 1523.829462][T23443]  netlink_deliver_tap+0xabd/0xd30
[ 1523.829518][T23443]  netlink_unicast+0x64c/0x870
[ 1523.829572][T23443]  ? __pfx_netlink_unicast+0x10/0x10
[ 1523.829619][T23443]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1523.829664][T23443]  ? __lock_acquire+0xb97/0x1ce0
[ 1523.829715][T23443]  netlink_sendmsg+0x8d1/0xdd0
[ 1523.829777][T23443]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1523.829841][T23443]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1523.829884][T23443]  ____sys_sendmsg+0xa95/0xc70
[ 1523.829920][T23443]  ? copy_msghdr_from_user+0x10a/0x160
[ 1523.829966][T23443]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1523.830021][T23443]  ___sys_sendmsg+0x134/0x1d0
[ 1523.830070][T23443]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1523.830170][T23443]  __sys_sendmsg+0x16d/0x220
[ 1523.830219][T23443]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1523.830293][T23443]  do_syscall_64+0xcd/0x490
[ 1523.830345][T23443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1523.830375][T23443] RIP: 0033:0x7fd65b18eba9
[ 1523.830400][T23443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1523.830428][T23443] RSP: 002b:00007fd6593f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1523.830458][T23443] RAX: ffffffffffffffda RBX: 00007fd65b3d6180 RCX: 00007fd65b18eba9
[ 1523.830478][T23443] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000005
[ 1523.830496][T23443] RBP: 00007fd6593f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1523.830514][T23443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1523.830532][T23443] R13: 00007fd65b3d6218 R14: 00007fd65b3d6180 R15: 00007fff17a06b58
[ 1523.830573][T23443]  </TASK>
[ 1527.784750][T23483] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 1527.784750][T23483]    program syz.1.2508 not setting count and/or reply_len properly
[ 1528.317316][T23486] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2508'.
[ 1528.369395][T23486] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2508'.
[ 1528.439249][T23486] netlink: 290 bytes leftover after parsing attributes in process `syz.1.2508'.
[ 1528.588557][T23489] netlink: 290 bytes leftover after parsing attributes in process `syz.1.2508'.
[ 1530.086933][T23505] FAULT_INJECTION: forcing a failure.
[ 1530.086933][T23505] name failslab, interval 1, probability 0, space 0, times 0
[ 1530.099897][T23505] CPU: 1 UID: 0 PID: 23505 Comm: syz.4.2510 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1530.099927][T23505] Tainted: [U]=USER
[ 1530.099934][T23505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1530.099945][T23505] Call Trace:
[ 1530.099952][T23505]  <TASK>
[ 1530.099959][T23505]  dump_stack_lvl+0x16c/0x1f0
[ 1530.099991][T23505]  should_fail_ex+0x512/0x640
[ 1530.100019][T23505]  should_failslab+0xc2/0x120
[ 1530.100045][T23505]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1530.100068][T23505]  ? skb_clone+0x190/0x3f0
[ 1530.100100][T23505]  skb_clone+0x190/0x3f0
[ 1530.100129][T23505]  netlink_deliver_tap+0xabd/0xd30
[ 1530.100162][T23505]  netlink_unicast+0x64c/0x870
[ 1530.100195][T23505]  ? __pfx_netlink_unicast+0x10/0x10
[ 1530.100224][T23505]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1530.100251][T23505]  ? __lock_acquire+0xb97/0x1ce0
[ 1530.100281][T23505]  netlink_sendmsg+0x8d1/0xdd0
[ 1530.100314][T23505]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1530.100347][T23505]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[ 1530.100373][T23505]  ____sys_sendmsg+0xa95/0xc70
[ 1530.100395][T23505]  ? copy_msghdr_from_user+0x10a/0x160
[ 1530.100424][T23505]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1530.100456][T23505]  ___sys_sendmsg+0x134/0x1d0
[ 1530.100486][T23505]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1530.100542][T23505]  __sys_sendmsg+0x16d/0x220
[ 1530.100571][T23505]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1530.100615][T23505]  do_syscall_64+0xcd/0x490
[ 1530.100646][T23505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1530.100666][T23505] RIP: 0033:0x7f8e9278eba9
[ 1530.100682][T23505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1530.100703][T23505] RSP: 002b:00007f8e93587038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1530.100722][T23505] RAX: ffffffffffffffda RBX: 00007f8e929d5fa0 RCX: 00007f8e9278eba9
[ 1530.100735][T23505] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000005
[ 1530.100747][T23505] RBP: 00007f8e93587090 R08: 0000000000000000 R09: 0000000000000000
[ 1530.100759][T23505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1530.100770][T23505] R13: 00007f8e929d6038 R14: 00007f8e929d5fa0 R15: 00007ffe7314db58
[ 1530.100794][T23505]  </TASK>
[ 1546.165555][T23658] input: f�
 as /devices/virtual/input/input28
[ 1547.512854][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1547.520234][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1549.349450][T21282] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260
[ 1551.456314][T23717] [U] 
[ 1556.333371][T23774] input: f�
 as /devices/virtual/input/input29
[ 1557.921790][T21282] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[ 1567.578725][T23894] input: f�
 as /devices/virtual/input/input30
[ 1569.239604][T23919] net_ratelimit: 517 callbacks suppressed
[ 1569.239643][T23919] netlink: zone id is out of range
[ 1569.250759][T23919] netlink: zone id is out of range
[ 1569.803139][   T30] audit: type=1800 audit(1757573575.321:8): pid=23923 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2588" name="members" dev="configfs" ino=69743 res=0 errno=0
[ 1579.146122][T24022] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.8192.1450), cmd(2)
[ 1583.405769][T24062] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1583.425688][T24062] block nbd0: shutting down sockets
[ 1588.118616][T24118] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[ 1595.400020][T21282] Bluetooth: hci0: command 0x0406 tx timeout
[ 1604.790023][T24274] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[ 1604.790023][T24274]    program syz.1.2660 not setting count and/or reply_len properly
[ 1605.402002][T24275] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2660'.
[ 1605.458838][T24275] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2660'.
[ 1605.538974][T24275] netlink: 290 bytes leftover after parsing attributes in process `syz.1.2660'.
[ 1605.572985][T24275] netlink: 290 bytes leftover after parsing attributes in process `syz.1.2660'.
[ 1606.653573][T24285] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2663'.
[ 1608.641901][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1608.648215][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1625.955824][T21282] Bluetooth: hci1: command 0x0406 tx timeout
[ 1628.250247][T24476] [U]  
[ 1628.253085][T24476] [U] 
[ 1628.255893][T24476] [U] 
[ 1628.258610][T24476] [U] 
[ 1628.369311][T24476] [U] 
[ 1628.372108][T24476] [U] 
[ 1628.374858][T24476] [U] 
[ 1628.377605][T24476] [U] 
[ 1628.483221][T24476] [U] 
[ 1628.485979][T24476] [U] 
[ 1628.488694][T24476] [U] 
[ 1628.491523][T24476] [U] 
[ 1628.611156][T24476] [U] 
[ 1628.613948][T24476] [U] 
[ 1628.616698][T24476] [U] 
[ 1628.619532][T24476] [U] 
[ 1628.622489][T24476] [U] 
[ 1628.625197][T24476] [U] �k������O[zɟD	�/�LQ��Q揽v�����~�/n���P��I.���
>�v$�H���Dž�%Q�M���O�����]4i�`�׼�U�a����y+`�(n:�迹g�W�
[ 1628.638783][T24476] [U] ��F�1�條���EL�i�B
sO��,�i";:X�:/�w�"ܮ�k�y�]��iց���W�ƒ[�B�=�2]m�]��/��
[ 1628.648539][T24476] [U] �6�KI�f��9����Jt�=i
l
[ 1628.653436][T24476] [U] �]�;1���D�?p�L4S
���'3���qq�
[ 1628.659029][T24476] [U] 
[ 1628.661873][T24476] [U] ����b
[ 1628.665012][T24476] [U] 2�O�Q���J����lj�z�5^	j��^����}���<oS�w��S���[��l& ��:�*�ʛt�Q>>���:&<8\1��������N��8�榟3���,_�g��H߷!VY�Z�:���o���+!�A�2�S�40�%(O��
[ 1628.680947][T24476] [U] ��$*��3N{�
��S���PXz
[ 1628.685583][T24476] [U] mꞩ��w�/�|-�ro/7IN�iY{�:Z��{���QżJV��G������1Ԭ�~
~��31�3�Ky��3���@������#"�ܗԕm�x����(ȯ�O�k�L��sN��զ&�+k
[ 1628.699838][T24476] [U] nC��ԭ�$�g'��w4�X�T�r@�\�}E�Bc/��;m��Qxi"����Zউ��z Ԅ^.GI�\��
[ 1628.708782][T24476] [U] (
[ 1628.711649][T24476] [U] ʎ������ՁE�eMT�%�c�5]���\�^�`�\G芒�Pt��º�'cw��i�:�,�]��&�8H(�\�m�W7�5+�n�JELp��v�c��/����T��x%��(�?���,�s faI>�
%�_̓���
[ 1628.727115][T24476] [U] �WibD�ṡW��Ž)��h:܇Z�
[ 1628.731986][T24476] [U] Y�3����`CI���^�a�I�����،��<�<ު�'�S��CO&!�)7e�������S���Mn���=j[�d����P�X�[�fKW#�٦
[ 1628.743279][T24476] [U] RGP{��ަٯ������F}[�a���B,h��!R�C�&�H��
[ 1628.750144][T24476] [U] ��N
[ 1628.753156][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1629.332526][T24476] [U] �*C�"6q0�_�}��PT}�pj#{X6�7Ȁ���F3�;>
[ 1632.272601][T24502] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2704'.
[ 1632.292035][T24518] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1632.322415][T24518] block nbd0: shutting down sockets
[ 1633.104053][T17143] Bluetooth: hci4: unexpected event 0x01 length: 5 > 1
[ 1634.453850][T24532] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2710'.
[ 1634.480832][T24532] bridge_slave_1: left allmulticast mode
[ 1634.530031][T24532] bridge_slave_1: left promiscuous mode
[ 1634.552099][T24532] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1634.760530][T24532] bridge_slave_0: left allmulticast mode
[ 1634.822529][T24532] bridge_slave_0: left promiscuous mode
[ 1634.828646][T24532] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1637.428683][T24559] FAULT_INJECTION: forcing a failure.
[ 1637.428683][T24559] name failslab, interval 1, probability 0, space 0, times 0
[ 1637.456874][T24559] CPU: 1 UID: 0 PID: 24559 Comm: syz.1.2715 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1637.456920][T24559] Tainted: [U]=USER
[ 1637.456930][T24559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1637.456946][T24559] Call Trace:
[ 1637.456957][T24559]  <TASK>
[ 1637.456969][T24559]  dump_stack_lvl+0x16c/0x1f0
[ 1637.457016][T24559]  should_fail_ex+0x512/0x640
[ 1637.457043][T24559]  ? __kmalloc_noprof+0xbf/0x510
[ 1637.457082][T24559]  ? copy_splice_read+0x1a8/0xc20
[ 1637.457109][T24559]  should_failslab+0xc2/0x120
[ 1637.457153][T24559]  __kmalloc_noprof+0xd2/0x510
[ 1637.457195][T24559]  copy_splice_read+0x1a8/0xc20
[ 1637.457233][T24559]  ? __pfx_copy_splice_read+0x10/0x10
[ 1637.457267][T24559]  ? look_up_lock_class+0x59/0x150
[ 1637.457316][T24559]  ? lockdep_init_map_type+0x5c/0x280
[ 1637.457359][T24559]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1637.457397][T24559]  ? __pfx_copy_splice_read+0x10/0x10
[ 1637.457426][T24559]  do_splice_read+0x282/0x370
[ 1637.457461][T24559]  splice_direct_to_actor+0x2a1/0xa30
[ 1637.457506][T24559]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1637.457548][T24559]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1637.457575][T24559]  ? get_pid_task+0xfc/0x250
[ 1637.457628][T24559]  do_splice_direct+0x174/0x240
[ 1637.457660][T24559]  ? __pfx_do_splice_direct+0x10/0x10
[ 1637.457693][T24559]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1637.457733][T24559]  ? rw_verify_area+0xcf/0x6c0
[ 1637.457769][T24559]  do_sendfile+0xb06/0xe50
[ 1637.457812][T24559]  ? __pfx_do_sendfile+0x10/0x10
[ 1637.457847][T24559]  ? __fget_files+0x20e/0x3c0
[ 1637.457893][T24559]  __x64_sys_sendfile64+0x1d8/0x220
[ 1637.457933][T24559]  ? ksys_write+0x1ac/0x250
[ 1637.457966][T24559]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1637.458023][T24559]  do_syscall_64+0xcd/0x490
[ 1637.458073][T24559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1637.458102][T24559] RIP: 0033:0x7f5f1d38eba9
[ 1637.458127][T24559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1637.458156][T24559] RSP: 002b:00007f5f1e26b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1637.458186][T24559] RAX: ffffffffffffffda RBX: 00007f5f1d5d5fa0 RCX: 00007f5f1d38eba9
[ 1637.458207][T24559] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[ 1637.458226][T24559] RBP: 00007f5f1e26b090 R08: 0000000000000000 R09: 0000000000000000
[ 1637.458245][T24559] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[ 1637.458263][T24559] R13: 00007f5f1d5d6038 R14: 00007f5f1d5d5fa0 R15: 00007ffd230d6de8
[ 1637.458304][T24559]  </TASK>
[ 1638.126040][T24546] FAULT_INJECTION: forcing a failure.
[ 1638.126040][T24546] name failslab, interval 1, probability 0, space 0, times 0
[ 1638.143504][T24546] CPU: 1 UID: 0 PID: 24546 Comm: syz.3.2713 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1638.143556][T24546] Tainted: [U]=USER
[ 1638.143569][T24546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1638.143590][T24546] Call Trace:
[ 1638.143602][T24546]  <TASK>
[ 1638.143616][T24546]  dump_stack_lvl+0x16c/0x1f0
[ 1638.143666][T24546]  should_fail_ex+0x512/0x640
[ 1638.143696][T24546]  ? __kmalloc_noprof+0xbf/0x510
[ 1638.143736][T24546]  ? kvm_io_bus_register_dev+0x1b9/0x7f0
[ 1638.143769][T24546]  should_failslab+0xc2/0x120
[ 1638.143811][T24546]  __kmalloc_noprof+0xd2/0x510
[ 1638.143860][T24546]  kvm_io_bus_register_dev+0x1b9/0x7f0
[ 1638.143909][T24546]  kvm_pic_init+0x25e/0x380
[ 1638.143943][T24546]  kvm_arch_vm_ioctl+0x8a4/0x1860
[ 1638.143982][T24546]  ? register_lock_class+0x41/0x4c0
[ 1638.144024][T24546]  ? find_held_lock+0x2b/0x80
[ 1638.144055][T24546]  ? __pfx_kvm_arch_vm_ioctl+0x10/0x10
[ 1638.144104][T24546]  ? __lock_acquire+0x62e/0x1ce0
[ 1638.144154][T24546]  ? __lock_acquire+0x62e/0x1ce0
[ 1638.144205][T24546]  ? __lock_acquire+0x62e/0x1ce0
[ 1638.144374][T24546]  ? __lock_acquire+0x62e/0x1ce0
[ 1638.144446][T24546]  ? is_bpf_text_address+0x8a/0x1a0
[ 1638.144485][T24546]  ? bpf_ksym_find+0x124/0x1c0
[ 1638.144515][T24546]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1638.144552][T24546]  ? is_bpf_text_address+0x94/0x1a0
[ 1638.144590][T24546]  ? kernel_text_address+0x8d/0x100
[ 1638.144621][T24546]  ? __kernel_text_address+0xd/0x40
[ 1638.144650][T24546]  ? unwind_get_return_address+0x59/0xa0
[ 1638.144684][T24546]  ? arch_stack_walk+0xa6/0x100
[ 1638.144735][T24546]  ? stack_trace_save+0x8e/0xc0
[ 1638.144769][T24546]  ? __pfx_stack_trace_save+0x10/0x10
[ 1638.144805][T24546]  ? stack_depot_save_flags+0x29/0x9c0
[ 1638.144834][T24546]  ? __lock_acquire+0xb97/0x1ce0
[ 1638.144880][T24546]  ? kasan_save_stack+0x42/0x60
[ 1638.144913][T24546]  ? kasan_save_stack+0x33/0x60
[ 1638.144946][T24546]  ? kasan_save_track+0x14/0x30
[ 1638.144979][T24546]  ? kasan_save_free_info+0x3b/0x60
[ 1638.145004][T24546]  ? __kasan_slab_free+0x60/0x70
[ 1638.145040][T24546]  ? kfree+0x2b4/0x4d0
[ 1638.145073][T24546]  kvm_vm_ioctl+0x1a91/0x4000
[ 1638.145122][T24546]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1638.145182][T24546]  ? kasan_quarantine_put+0x10a/0x240
[ 1638.145216][T24546]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1638.145275][T24546]  ? find_held_lock+0x2b/0x80
[ 1638.145308][T24546]  ? tomoyo_path_number_perm+0x295/0x580
[ 1638.145355][T24546]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1638.145398][T24546]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1638.145456][T24546]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1638.145503][T24546]  ? do_vfs_ioctl+0x128/0x14f0
[ 1638.145553][T24546]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1638.145615][T24546]  ? find_held_lock+0x2b/0x80
[ 1638.145645][T24546]  ? hook_file_ioctl_common+0x145/0x410
[ 1638.145697][T24546]  ? __fget_files+0x20e/0x3c0
[ 1638.145738][T24546]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1638.145771][T24546]  __x64_sys_ioctl+0x18e/0x210
[ 1638.145824][T24546]  do_syscall_64+0xcd/0x490
[ 1638.145875][T24546]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1638.145906][T24546] RIP: 0033:0x7f8eda78eba9
[ 1638.145933][T24546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1638.145964][T24546] RSP: 002b:00007f8edb586038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1638.145994][T24546] RAX: ffffffffffffffda RBX: 00007f8eda9d5fa0 RCX: 00007f8eda78eba9
[ 1638.146015][T24546] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003
[ 1638.146034][T24546] RBP: 00007f8eda811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1638.146052][T24546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1638.146071][T24546] R13: 00007f8eda9d6038 R14: 00007f8eda9d5fa0 R15: 00007ffdb6fc4d88
[ 1638.146114][T24546]  </TASK>
[ 1640.880537][T24590] FAULT_INJECTION: forcing a failure.
[ 1640.880537][T24590] name failslab, interval 1, probability 0, space 0, times 0
[ 1640.894739][T24590] CPU: 1 UID: 0 PID: 24590 Comm: syz.0.2725 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1640.894794][T24590] Tainted: [U]=USER
[ 1640.894806][T24590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1640.894823][T24590] Call Trace:
[ 1640.894835][T24590]  <TASK>
[ 1640.894848][T24590]  dump_stack_lvl+0x16c/0x1f0
[ 1640.894901][T24590]  should_fail_ex+0x512/0x640
[ 1640.894929][T24590]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1640.894972][T24590]  should_failslab+0xc2/0x120
[ 1640.895013][T24590]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1640.895056][T24590]  ? __kthread_create_on_node+0x186/0x3f0
[ 1640.895104][T24590]  kvasprintf+0xbc/0x160
[ 1640.895141][T24590]  ? __pfx_kvasprintf+0x10/0x10
[ 1640.895194][T24590]  ? __pfx_dvb_frontend_thread+0x10/0x10
[ 1640.895224][T24590]  __kthread_create_on_node+0x186/0x3f0
[ 1640.895268][T24590]  ? __pfx___kthread_create_on_node+0x10/0x10
[ 1640.895340][T24590]  ? __lock_acquire+0xb97/0x1ce0
[ 1640.895386][T24590]  ? __pfx_dvb_frontend_thread+0x10/0x10
[ 1640.895417][T24590]  kthread_create_on_node+0xc7/0x100
[ 1640.895459][T24590]  ? __pfx_kthread_create_on_node+0x10/0x10
[ 1640.895509][T24590]  ? mark_held_locks+0x49/0x80
[ 1640.895556][T24590]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1640.895600][T24590]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1640.895653][T24590]  dvb_frontend_open+0xf47/0x1730
[ 1640.895716][T24590]  ? __pfx_dvb_frontend_open+0x10/0x10
[ 1640.895769][T24590]  dvb_device_open+0x270/0x3b0
[ 1640.895803][T24590]  ? __pfx_dvb_device_open+0x10/0x10
[ 1640.895834][T24590]  chrdev_open+0x231/0x6a0
[ 1640.895875][T24590]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1640.895911][T24590]  ? __pfx_chrdev_open+0x10/0x10
[ 1640.895955][T24590]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1640.896000][T24590]  do_dentry_open+0x97f/0x1530
[ 1640.896040][T24590]  ? __pfx_chrdev_open+0x10/0x10
[ 1640.896089][T24590]  vfs_open+0x82/0x3f0
[ 1640.896143][T24590]  path_openat+0x1de4/0x2cb0
[ 1640.896196][T24590]  ? __pfx_path_openat+0x10/0x10
[ 1640.896247][T24590]  do_filp_open+0x20b/0x470
[ 1640.896295][T24590]  ? __pfx_do_filp_open+0x10/0x10
[ 1640.896366][T24590]  ? alloc_fd+0x471/0x7d0
[ 1640.896413][T24590]  do_sys_openat2+0x11b/0x1d0
[ 1640.896462][T24590]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1640.896525][T24590]  __x64_sys_openat+0x174/0x210
[ 1640.896554][T24590]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1640.896621][T24590]  do_syscall_64+0xcd/0x490
[ 1640.896674][T24590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1640.896707][T24590] RIP: 0033:0x7fd65b18eba9
[ 1640.896735][T24590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1640.896767][T24590] RSP: 002b:00007fd65bf52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1640.896798][T24590] RAX: ffffffffffffffda RBX: 00007fd65b3d5fa0 RCX: 00007fd65b18eba9
[ 1640.896819][T24590] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1640.896838][T24590] RBP: 00007fd65b211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1640.896858][T24590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1640.896877][T24590] R13: 00007fd65b3d6038 R14: 00007fd65b3d5fa0 R15: 00007fff17a06b58
[ 1640.896919][T24590]  </TASK>
[ 1640.897040][T24590] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12)
[ 1641.487520][T24590] FAULT_INJECTION: forcing a failure.
[ 1641.487520][T24590] name failslab, interval 1, probability 0, space 0, times 0
[ 1641.571020][T24590] CPU: 1 UID: 0 PID: 24590 Comm: syz.0.2725 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1641.571074][T24590] Tainted: [U]=USER
[ 1641.571084][T24590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1641.571101][T24590] Call Trace:
[ 1641.571112][T24590]  <TASK>
[ 1641.571124][T24590]  dump_stack_lvl+0x16c/0x1f0
[ 1641.571176][T24590]  should_fail_ex+0x512/0x640
[ 1641.571213][T24590]  should_failslab+0xc2/0x120
[ 1641.571288][T24590]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1641.571329][T24590]  ? zswap_store+0x839/0x25a0
[ 1641.571384][T24590]  zswap_store+0x839/0x25a0
[ 1641.571451][T24590]  ? __pfx_zswap_store+0x10/0x10
[ 1641.571499][T24590]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1641.571546][T24590]  ? find_held_lock+0x2b/0x80
[ 1641.571580][T24590]  ? folio_free_swap+0x171/0x580
[ 1641.571623][T24590]  ? do_raw_spin_unlock+0x172/0x230
[ 1641.571669][T24590]  ? swp_swap_info+0xce/0x130
[ 1641.571711][T24590]  ? __pfx_swp_swap_info+0x10/0x10
[ 1641.571756][T24590]  ? mod_memcg_lruvec_state+0x389/0x5f0
[ 1641.571813][T24590]  swap_writeout+0x3b2/0xfe0
[ 1641.571861][T24590]  ? mark_held_locks+0x49/0x80
[ 1641.571903][T24590]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1641.571950][T24590]  shmem_writeout+0xc29/0x1140
[ 1641.571994][T24590]  ? __pfx_shmem_writeout+0x10/0x10
[ 1641.572036][T24590]  ? inode_to_bdi+0x9e/0x160
[ 1641.572076][T24590]  ? folio_clear_dirty_for_io+0x112/0x810
[ 1641.572133][T24590]  shrink_folio_list+0x2f4c/0x4880
[ 1641.572181][T24590]  ? __pfx_shrink_folio_list+0x10/0x10
[ 1641.572220][T24590]  ? __lock_acquire+0xb97/0x1ce0
[ 1641.572290][T24590]  ? lock_acquire+0x179/0x350
[ 1641.572332][T24590]  ? find_held_lock+0x2b/0x80
[ 1641.572400][T24590]  ? check_path.constprop.0+0x24/0x50
[ 1641.572452][T24590]  reclaim_folio_list+0xda/0x5d0
[ 1641.572483][T24590]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1641.572523][T24590]  ? __pfx_reclaim_folio_list+0x10/0x10
[ 1641.572574][T24590]  ? lru_gen_update_size+0x543/0xe10
[ 1641.572617][T24590]  ? lru_gen_del_folio+0x32b/0x540
[ 1641.572653][T24590]  reclaim_pages+0x47b/0x650
[ 1641.572692][T24590]  ? __pfx_reclaim_pages+0x10/0x10
[ 1641.572723][T24590]  ? find_held_lock+0x2b/0x80
[ 1641.572756][T24590]  ? madvise_cold_or_pageout_pte_range+0x749/0x2120
[ 1641.572811][T24590]  madvise_cold_or_pageout_pte_range+0x1546/0x2120
[ 1641.572879][T24590]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1641.572946][T24590]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1641.572996][T24590]  walk_pgd_range+0xc05/0x1f50
[ 1641.573065][T24590]  ? __pfx_walk_pgd_range+0x10/0x10
[ 1641.573118][T24590]  __walk_page_range+0x163/0x820
[ 1641.573164][T24590]  ? __lock_acquire+0xb97/0x1ce0
[ 1641.573216][T24590]  walk_page_range_vma+0x2c7/0xa20
[ 1641.573262][T24590]  ? __pfx_walk_page_range_vma+0x10/0x10
[ 1641.573311][T24590]  ? find_held_lock+0x2b/0x80
[ 1641.573360][T24590]  madvise_pageout+0x257/0x540
[ 1641.573405][T24590]  ? __pfx_madvise_pageout+0x10/0x10
[ 1641.573446][T24590]  ? finish_task_switch.isra.0+0x21c/0xc10
[ 1641.573513][T24590]  madvise_vma_behavior+0xb22/0x2d60
[ 1641.573564][T24590]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1641.573614][T24590]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1641.573664][T24590]  ? __pfx_mas_prev+0x10/0x10
[ 1641.573719][T24590]  ? find_vma_prev+0xda/0x160
[ 1641.573759][T24590]  ? find_held_lock+0x2b/0x80
[ 1641.573787][T24590]  ? __pfx_find_vma_prev+0x10/0x10
[ 1641.573830][T24590]  ? futex_unqueue+0x133/0x2c0
[ 1641.573878][T24590]  ? __futex_wait+0x24c/0x2f0
[ 1641.573930][T24590]  madvise_walk_vmas+0x31f/0x9c0
[ 1641.573984][T24590]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1641.574044][T24590]  madvise_do_behavior+0x1e2/0x530
[ 1641.574088][T24590]  ? futex_private_hash_put+0x18a/0x300
[ 1641.574128][T24590]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1641.574176][T24590]  ? down_read+0x13d/0x480
[ 1641.574231][T24590]  do_madvise+0x176/0x240
[ 1641.574283][T24590]  ? __pfx_do_madvise+0x10/0x10
[ 1641.574327][T24590]  ? do_futex+0x122/0x350
[ 1641.574376][T24590]  ? __pfx___schedule+0x10/0x10
[ 1641.574439][T24590]  ? syscall_user_dispatch+0x78/0x140
[ 1641.574497][T24590]  __x64_sys_madvise+0xa9/0x110
[ 1641.574543][T24590]  do_syscall_64+0xcd/0x490
[ 1641.574595][T24590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1641.574628][T24590] RIP: 0033:0x7fd65b18eba9
[ 1641.574657][T24590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1641.574689][T24590] RSP: 002b:00007fd65bf52038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1641.574719][T24590] RAX: ffffffffffffffda RBX: 00007fd65b3d5fa0 RCX: 00007fd65b18eba9
[ 1641.574739][T24590] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000
[ 1641.574757][T24590] RBP: 00007fd65b211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1641.574775][T24590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1641.574794][T24590] R13: 00007fd65b3d6038 R14: 00007fd65b3d5fa0 R15: 00007fff17a06b58
[ 1641.574837][T24590]  </TASK>
[ 1642.994945][T24625] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1643.371683][T24625] CIFS mount error: No usable UNC path provided in device string!
[ 1643.371683][T24625] 
[ 1643.382659][T24625] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1644.213305][T24652] tipc: Started in network mode
[ 1644.218482][T24652] tipc: Node identity ee00, cluster identity 4711
[ 1644.225321][T24652] tipc: Node number set to 60928
[ 1644.261697][T24643] could not allocate digest TFM handle 
[ 1646.665367][T24689] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2745'.
[ 1648.835957][T24716] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1653.242936][T24784] FAULT_INJECTION: forcing a failure.
[ 1653.242936][T24784] name failslab, interval 1, probability 0, space 0, times 0
[ 1653.258124][T24784] CPU: 0 UID: 0 PID: 24784 Comm: syz.4.2766 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1653.258179][T24784] Tainted: [U]=USER
[ 1653.258198][T24784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1653.258217][T24784] Call Trace:
[ 1653.258228][T24784]  <TASK>
[ 1653.258240][T24784]  dump_stack_lvl+0x16c/0x1f0
[ 1653.258289][T24784]  should_fail_ex+0x512/0x640
[ 1653.258324][T24784]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1653.258363][T24784]  should_failslab+0xc2/0x120
[ 1653.258405][T24784]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1653.258439][T24784]  ? apply_subsystem_event_filter+0x460/0x17e0
[ 1653.258480][T24784]  ? kasan_save_track+0x14/0x30
[ 1653.258521][T24784]  apply_subsystem_event_filter+0x460/0x17e0
[ 1653.258577][T24784]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[ 1653.258626][T24784]  ? _copy_from_user+0x59/0xd0
[ 1653.258667][T24784]  subsystem_filter_write+0x95/0x120
[ 1653.258710][T24784]  ? __pfx_subsystem_filter_write+0x10/0x10
[ 1653.258749][T24784]  vfs_write+0x29d/0x11d0
[ 1653.258790][T24784]  ? __pfx___mutex_lock+0x10/0x10
[ 1653.258838][T24784]  ? __pfx_vfs_write+0x10/0x10
[ 1653.258898][T24784]  ? __fget_files+0x20e/0x3c0
[ 1653.258948][T24784]  ksys_write+0x12a/0x250
[ 1653.258986][T24784]  ? __pfx_ksys_write+0x10/0x10
[ 1653.259039][T24784]  do_syscall_64+0xcd/0x490
[ 1653.259091][T24784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1653.259123][T24784] RIP: 0033:0x7f8e9278eba9
[ 1653.259151][T24784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1653.259183][T24784] RSP: 002b:00007f8e93587038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1653.259222][T24784] RAX: ffffffffffffffda RBX: 00007f8e929d5fa0 RCX: 00007f8e9278eba9
[ 1653.259242][T24784] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000005
[ 1653.259260][T24784] RBP: 00007f8e92811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1653.259278][T24784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1653.259296][T24784] R13: 00007f8e929d6038 R14: 00007f8e929d5fa0 R15: 00007ffe7314db58
[ 1653.259337][T24784]  </TASK>
[ 1657.405043][T24830] FAULT_INJECTION: forcing a failure.
[ 1657.405043][T24830] name failslab, interval 1, probability 0, space 0, times 0
[ 1657.448551][T24830] CPU: 1 UID: 0 PID: 24830 Comm: syz.1.2777 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1657.448600][T24830] Tainted: [U]=USER
[ 1657.448612][T24830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1657.448629][T24830] Call Trace:
[ 1657.448640][T24830]  <TASK>
[ 1657.448652][T24830]  dump_stack_lvl+0x16c/0x1f0
[ 1657.448705][T24830]  should_fail_ex+0x512/0x640
[ 1657.448732][T24830]  ? __kmalloc_node_track_caller_noprof+0xc3/0x510
[ 1657.448785][T24830]  should_failslab+0xc2/0x120
[ 1657.448826][T24830]  __kmalloc_node_track_caller_noprof+0xd6/0x510
[ 1657.448867][T24830]  ? __kthread_create_on_node+0x186/0x3f0
[ 1657.448914][T24830]  kvasprintf+0xbc/0x160
[ 1657.448948][T24830]  ? __pfx_kvasprintf+0x10/0x10
[ 1657.448997][T24830]  ? __pfx_dvb_frontend_thread+0x10/0x10
[ 1657.449026][T24830]  __kthread_create_on_node+0x186/0x3f0
[ 1657.449068][T24830]  ? __pfx___kthread_create_on_node+0x10/0x10
[ 1657.449126][T24830]  ? __lock_acquire+0xb97/0x1ce0
[ 1657.449171][T24830]  ? __pfx_dvb_frontend_thread+0x10/0x10
[ 1657.449201][T24830]  kthread_create_on_node+0xc7/0x100
[ 1657.449240][T24830]  ? __pfx_kthread_create_on_node+0x10/0x10
[ 1657.449287][T24830]  ? mark_held_locks+0x49/0x80
[ 1657.449325][T24830]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1657.449367][T24830]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1657.449419][T24830]  dvb_frontend_open+0xf47/0x1730
[ 1657.449488][T24830]  ? __pfx_dvb_frontend_open+0x10/0x10
[ 1657.449537][T24830]  dvb_device_open+0x270/0x3b0
[ 1657.449570][T24830]  ? __pfx_dvb_device_open+0x10/0x10
[ 1657.449598][T24830]  chrdev_open+0x231/0x6a0
[ 1657.449636][T24830]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1657.449672][T24830]  ? __pfx_chrdev_open+0x10/0x10
[ 1657.449712][T24830]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1657.449754][T24830]  do_dentry_open+0x97f/0x1530
[ 1657.449791][T24830]  ? __pfx_chrdev_open+0x10/0x10
[ 1657.449838][T24830]  vfs_open+0x82/0x3f0
[ 1657.449889][T24830]  path_openat+0x1de4/0x2cb0
[ 1657.449939][T24830]  ? __pfx_path_openat+0x10/0x10
[ 1657.449984][T24830]  do_filp_open+0x20b/0x470
[ 1657.450022][T24830]  ? __pfx_do_filp_open+0x10/0x10
[ 1657.450089][T24830]  ? alloc_fd+0x471/0x7d0
[ 1657.450132][T24830]  do_sys_openat2+0x11b/0x1d0
[ 1657.450177][T24830]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1657.450241][T24830]  __x64_sys_openat+0x174/0x210
[ 1657.450271][T24830]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1657.450338][T24830]  do_syscall_64+0xcd/0x490
[ 1657.450391][T24830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1657.450423][T24830] RIP: 0033:0x7f5f1d38eba9
[ 1657.450451][T24830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1657.450495][T24830] RSP: 002b:00007f5f1e26b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1657.450527][T24830] RAX: ffffffffffffffda RBX: 00007f5f1d5d5fa0 RCX: 00007f5f1d38eba9
[ 1657.450551][T24830] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[ 1657.450572][T24830] RBP: 00007f5f1d411e19 R08: 0000000000000000 R09: 0000000000000000
[ 1657.450592][T24830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1657.450612][T24830] R13: 00007f5f1d5d6038 R14: 00007f5f1d5d5fa0 R15: 00007ffd230d6de8
[ 1657.450656][T24830]  </TASK>
[ 1657.800906][T24830] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12)
[ 1658.004772][T24830] FAULT_INJECTION: forcing a failure.
[ 1658.004772][T24830] name failslab, interval 1, probability 0, space 0, times 0
[ 1658.043526][T24830] CPU: 1 UID: 0 PID: 24830 Comm: syz.1.2777 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1658.043581][T24830] Tainted: [U]=USER
[ 1658.043592][T24830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1658.043611][T24830] Call Trace:
[ 1658.043622][T24830]  <TASK>
[ 1658.043635][T24830]  dump_stack_lvl+0x16c/0x1f0
[ 1658.043689][T24830]  should_fail_ex+0x512/0x640
[ 1658.043727][T24830]  should_failslab+0xc2/0x120
[ 1658.043771][T24830]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1658.043812][T24830]  ? zswap_store+0x839/0x25a0
[ 1658.043869][T24830]  zswap_store+0x839/0x25a0
[ 1658.043936][T24830]  ? __pfx_zswap_store+0x10/0x10
[ 1658.043985][T24830]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1658.044033][T24830]  ? find_held_lock+0x2b/0x80
[ 1658.044067][T24830]  ? folio_free_swap+0x171/0x580
[ 1658.044111][T24830]  ? do_raw_spin_unlock+0x172/0x230
[ 1658.044158][T24830]  ? swp_swap_info+0xce/0x130
[ 1658.044201][T24830]  ? __pfx_swp_swap_info+0x10/0x10
[ 1658.044237][T24830]  ? mod_memcg_lruvec_state+0x389/0x5f0
[ 1658.044289][T24830]  swap_writeout+0x3b2/0xfe0
[ 1658.044338][T24830]  ? mark_held_locks+0x49/0x80
[ 1658.044379][T24830]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1658.044427][T24830]  shmem_writeout+0xc29/0x1140
[ 1658.044482][T24830]  ? __pfx_shmem_writeout+0x10/0x10
[ 1658.044524][T24830]  ? inode_to_bdi+0x9e/0x160
[ 1658.044566][T24830]  ? folio_clear_dirty_for_io+0x112/0x810
[ 1658.044624][T24830]  shrink_folio_list+0x2f4c/0x4880
[ 1658.044675][T24830]  ? __pfx_shrink_folio_list+0x10/0x10
[ 1658.044708][T24830]  ? __asan_memcpy+0x3c/0x60
[ 1658.044744][T24830]  ? vsnprintf+0x2e0/0x1160
[ 1658.044854][T24830]  ? mark_held_locks+0x49/0x80
[ 1658.044898][T24830]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1658.044931][T24830]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1658.044977][T24830]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1658.045016][T24830]  reclaim_folio_list+0xda/0x5d0
[ 1658.045056][T24830]  ? __pfx_reclaim_folio_list+0x10/0x10
[ 1658.045118][T24830]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1658.045177][T24830]  reclaim_pages+0x47b/0x650
[ 1658.045215][T24830]  ? __pfx_reclaim_pages+0x10/0x10
[ 1658.045246][T24830]  ? find_held_lock+0x2b/0x80
[ 1658.045278][T24830]  ? madvise_cold_or_pageout_pte_range+0x749/0x2120
[ 1658.045333][T24830]  madvise_cold_or_pageout_pte_range+0x1546/0x2120
[ 1658.045400][T24830]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1658.045457][T24830]  ? __lock_acquire+0x62e/0x1ce0
[ 1658.045513][T24830]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[ 1658.045562][T24830]  walk_pgd_range+0xc05/0x1f50
[ 1658.045630][T24830]  ? __pfx_walk_pgd_range+0x10/0x10
[ 1658.045671][T24830]  ? __lock_acquire+0x62e/0x1ce0
[ 1658.045721][T24830]  __walk_page_range+0x163/0x820
[ 1658.045768][T24830]  ? __lock_acquire+0xb97/0x1ce0
[ 1658.045821][T24830]  walk_page_range_vma+0x2c7/0xa20
[ 1658.045869][T24830]  ? __pfx_walk_page_range_vma+0x10/0x10
[ 1658.045911][T24830]  ? find_held_lock+0x2b/0x80
[ 1658.045961][T24830]  madvise_pageout+0x257/0x540
[ 1658.046006][T24830]  ? __pfx_madvise_pageout+0x10/0x10
[ 1658.046046][T24830]  ? finish_task_switch.isra.0+0x21c/0xc10
[ 1658.046112][T24830]  madvise_vma_behavior+0xb22/0x2d60
[ 1658.046163][T24830]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1658.046210][T24830]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1658.046259][T24830]  ? __pfx_mas_prev+0x10/0x10
[ 1658.046317][T24830]  ? find_vma_prev+0xda/0x160
[ 1658.046360][T24830]  ? find_held_lock+0x2b/0x80
[ 1658.046390][T24830]  ? __pfx_find_vma_prev+0x10/0x10
[ 1658.046435][T24830]  ? futex_unqueue+0x133/0x2c0
[ 1658.046495][T24830]  ? __futex_wait+0x24c/0x2f0
[ 1658.046549][T24830]  madvise_walk_vmas+0x31f/0x9c0
[ 1658.046603][T24830]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1658.046663][T24830]  madvise_do_behavior+0x1e2/0x530
[ 1658.046709][T24830]  ? futex_private_hash_put+0x18a/0x300
[ 1658.046751][T24830]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1658.046800][T24830]  ? down_read+0x13d/0x480
[ 1658.046854][T24830]  do_madvise+0x176/0x240
[ 1658.046901][T24830]  ? __pfx_do_madvise+0x10/0x10
[ 1658.046946][T24830]  ? do_futex+0x122/0x350
[ 1658.047025][T24830]  ? syscall_user_dispatch+0x78/0x140
[ 1658.047083][T24830]  __x64_sys_madvise+0xa9/0x110
[ 1658.047132][T24830]  do_syscall_64+0xcd/0x490
[ 1658.047185][T24830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1658.047218][T24830] RIP: 0033:0x7f5f1d38eba9
[ 1658.047245][T24830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1658.047280][T24830] RSP: 002b:00007f5f1e26b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1658.047313][T24830] RAX: ffffffffffffffda RBX: 00007f5f1d5d5fa0 RCX: 00007f5f1d38eba9
[ 1658.047336][T24830] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000
[ 1658.047356][T24830] RBP: 00007f5f1d411e19 R08: 0000000000000000 R09: 0000000000000000
[ 1658.047377][T24830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1658.047398][T24830] R13: 00007f5f1d5d6038 R14: 00007f5f1d5d5fa0 R15: 00007ffd230d6de8
[ 1658.047441][T24830]  </TASK>
[ 1659.806912][T24878] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2786'.
[ 1659.859778][T24877] ==================================================================
[ 1659.867910][T24877] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0
[ 1659.875689][T24877] Read of size 8 at addr ffff88814736d618 by task syz.3.2781/24877
[ 1659.883619][T24877] 
[ 1659.885991][T24877] CPU: 1 UID: 0 PID: 24877 Comm: syz.3.2781 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1659.886043][T24877] Tainted: [U]=USER
[ 1659.886055][T24877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1659.886075][T24877] Call Trace:
[ 1659.886087][T24877]  <TASK>
[ 1659.886099][T24877]  dump_stack_lvl+0x116/0x1f0
[ 1659.886146][T24877]  print_report+0xcd/0x630
[ 1659.886181][T24877]  ? __virt_addr_valid+0x81/0x610
[ 1659.886219][T24877]  ? __phys_addr+0xe8/0x180
[ 1659.886256][T24877]  ? dvb_device_open+0x36a/0x3b0
[ 1659.886283][T24877]  kasan_report+0xe0/0x110
[ 1659.886321][T24877]  ? dvb_device_open+0x36a/0x3b0
[ 1659.886352][T24877]  ? __pfx_dvb_device_open+0x10/0x10
[ 1659.886381][T24877]  dvb_device_open+0x36a/0x3b0
[ 1659.886419][T24877]  ? __pfx_dvb_device_open+0x10/0x10
[ 1659.886448][T24877]  chrdev_open+0x231/0x6a0
[ 1659.886487][T24877]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1659.886524][T24877]  ? __pfx_chrdev_open+0x10/0x10
[ 1659.886565][T24877]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1659.886603][T24877]  do_dentry_open+0x97f/0x1530
[ 1659.886641][T24877]  ? __pfx_chrdev_open+0x10/0x10
[ 1659.886684][T24877]  vfs_open+0x82/0x3f0
[ 1659.886729][T24877]  path_openat+0x1de4/0x2cb0
[ 1659.886770][T24877]  ? __pfx_path_openat+0x10/0x10
[ 1659.886810][T24877]  do_filp_open+0x20b/0x470
[ 1659.886846][T24877]  ? __pfx_do_filp_open+0x10/0x10
[ 1659.886895][T24877]  ? alloc_fd+0x471/0x7d0
[ 1659.886933][T24877]  do_sys_openat2+0x11b/0x1d0
[ 1659.886977][T24877]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1659.887030][T24877]  __x64_sys_openat+0x174/0x210
[ 1659.887057][T24877]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1659.887112][T24877]  do_syscall_64+0xcd/0x490
[ 1659.887157][T24877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1659.887182][T24877] RIP: 0033:0x7f8eda78eba9
[ 1659.887204][T24877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1659.887231][T24877] RSP: 002b:00007f8ed85f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1659.887258][T24877] RAX: ffffffffffffffda RBX: 00007f8eda9d6270 RCX: 00007f8eda78eba9
[ 1659.887279][T24877] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[ 1659.887300][T24877] RBP: 00007f8eda811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1659.887319][T24877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1659.887339][T24877] R13: 00007f8eda9d6308 R14: 00007f8eda9d6270 R15: 00007ffdb6fc4d88
[ 1659.887368][T24877]  </TASK>
[ 1659.887379][T24877] 
[ 1660.134168][T24877] Allocated by task 1:
[ 1660.138243][T24877]  kasan_save_stack+0x33/0x60
[ 1660.142946][T24877]  kasan_save_track+0x14/0x30
[ 1660.147637][T24877]  __kasan_kmalloc+0xaa/0xb0
[ 1660.152236][T24877]  dvb_register_device+0x1e4/0x2370
[ 1660.157445][T24877]  dvb_register_frontend+0x5a6/0x880
[ 1660.162851][T24877]  vidtv_bridge_probe+0x459/0xa90
[ 1660.167897][T24877]  platform_probe+0x106/0x1d0
[ 1660.172591][T24877]  really_probe+0x23e/0xa90
[ 1660.177124][T24877]  __driver_probe_device+0x1de/0x440
[ 1660.182430][T24877]  driver_probe_device+0x4c/0x1b0
[ 1660.187479][T24877]  __driver_attach+0x283/0x580
[ 1660.192269][T24877]  bus_for_each_dev+0x13b/0x1d0
[ 1660.197138][T24877]  bus_add_driver+0x2e9/0x690
[ 1660.201833][T24877]  driver_register+0x15c/0x4b0
[ 1660.206606][T24877]  vidtv_bridge_init+0x45/0x80
[ 1660.211385][T24877]  do_one_initcall+0x120/0x6e0
[ 1660.216162][T24877]  kernel_init_freeable+0x5c2/0x910
[ 1660.221379][T24877]  kernel_init+0x1c/0x2b0
[ 1660.225725][T24877]  ret_from_fork+0x5d7/0x6f0
[ 1660.230338][T24877]  ret_from_fork_asm+0x1a/0x30
[ 1660.235120][T24877] 
[ 1660.237443][T24877] Freed by task 24830:
[ 1660.241532][T24877]  kasan_save_stack+0x33/0x60
[ 1660.246233][T24877]  kasan_save_track+0x14/0x30
[ 1660.250925][T24877]  kasan_save_free_info+0x3b/0x60
[ 1660.256134][T24877]  __kasan_slab_free+0x60/0x70
[ 1660.261001][T24877]  kfree+0x2b4/0x4d0
[ 1660.264911][T24877]  dvb_device_put.part.0+0x60/0x90
[ 1660.270052][T24877]  dvb_device_open+0x2a4/0x3b0
[ 1660.274925][T24877]  chrdev_open+0x231/0x6a0
[ 1660.279364][T24877]  do_dentry_open+0x97f/0x1530
[ 1660.284142][T24877]  vfs_open+0x82/0x3f0
[ 1660.288232][T24877]  path_openat+0x1de4/0x2cb0
[ 1660.292851][T24877]  do_filp_open+0x20b/0x470
[ 1660.297393][T24877]  do_sys_openat2+0x11b/0x1d0
[ 1660.302126][T24877]  __x64_sys_openat+0x174/0x210
[ 1660.307014][T24877]  do_syscall_64+0xcd/0x490
[ 1660.311644][T24877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1660.317669][T24877] 
[ 1660.320028][T24877] The buggy address belongs to the object at ffff88814736d600
[ 1660.320028][T24877]  which belongs to the cache kmalloc-256 of size 256
[ 1660.334097][T24877] The buggy address is located 24 bytes inside of
[ 1660.334097][T24877]  freed 256-byte region [ffff88814736d600, ffff88814736d700)
[ 1660.347819][T24877] 
[ 1660.350148][T24877] The buggy address belongs to the physical page:
[ 1660.356576][T24877] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x14736c
[ 1660.365560][T24877] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1660.374090][T24877] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[ 1660.382006][T24877] page_type: f5(slab)
[ 1660.386004][T24877] raw: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000
[ 1660.394885][T24877] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1660.403499][T24877] head: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000
[ 1660.412199][T24877] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1660.420889][T24877] head: 057ff00000000001 ffffea00051cdb01 00000000ffffffff 00000000ffffffff
[ 1660.429570][T24877] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1660.438340][T24877] page dumped because: kasan: bad access detected
[ 1660.444795][T24877] page_owner tracks the page as allocated
[ 1660.450713][T24877] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 23353704088, free_ts 0
[ 1660.470629][T24877]  post_alloc_hook+0x1c0/0x230
[ 1660.475463][T24877]  get_page_from_freelist+0x132b/0x38e0
[ 1660.481220][T24877]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1660.487230][T24877]  alloc_pages_mpol+0x1fb/0x550
[ 1660.492103][T24877]  new_slab+0x247/0x330
[ 1660.496274][T24877]  ___slab_alloc+0xcf2/0x1750
[ 1660.500961][T24877]  __slab_alloc.constprop.0+0x56/0xb0
[ 1660.506517][T24877]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 1660.511905][T24877]  bus_add_driver+0x92/0x690
[ 1660.516605][T24877]  driver_register+0x15c/0x4b0
[ 1660.521389][T24877]  usb_register_driver+0x216/0x4d0
[ 1660.526518][T24877]  do_one_initcall+0x120/0x6e0
[ 1660.531303][T24877]  kernel_init_freeable+0x5c2/0x910
[ 1660.536521][T24877]  kernel_init+0x1c/0x2b0
[ 1660.540954][T24877]  ret_from_fork+0x5d7/0x6f0
[ 1660.545574][T24877]  ret_from_fork_asm+0x1a/0x30
[ 1660.550365][T24877] page_owner free stack trace missing
[ 1660.555738][T24877] 
[ 1660.558071][T24877] Memory state around the buggy address:
[ 1660.563714][T24877]  ffff88814736d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1660.571879][T24877]  ffff88814736d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1660.580008][T24877] >ffff88814736d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1660.588076][T24877]                             ^
[ 1660.592931][T24877]  ffff88814736d680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1660.601004][T24877]  ffff88814736d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1660.609069][T24877] ==================================================================
[ 1660.653921][T24877] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1660.661192][T24877] CPU: 1 UID: 0 PID: 24877 Comm: syz.3.2781 Tainted: G     U              syzkaller #0 PREEMPT(full) 
[ 1660.672165][T24877] Tainted: [U]=USER
[ 1660.675978][T24877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1660.686050][T24877] Call Trace:
[ 1660.689329][T24877]  <TASK>
[ 1660.692259][T24877]  dump_stack_lvl+0x3d/0x1f0
[ 1660.696864][T24877]  vpanic+0x6e8/0x7a0
[ 1660.700866][T24877]  ? __pfx_vpanic+0x10/0x10
[ 1660.705379][T24877]  ? __pfx_vprintk_emit+0x10/0x10
[ 1660.710412][T24877]  ? dvb_device_open+0x36a/0x3b0
[ 1660.715392][T24877]  panic+0xca/0xd0
[ 1660.719124][T24877]  ? __pfx_panic+0x10/0x10
[ 1660.723549][T24877]  ? dvb_device_open+0x36a/0x3b0
[ 1660.728571][T24877]  ? preempt_schedule_common+0x44/0xc0
[ 1660.734040][T24877]  ? preempt_schedule_thunk+0x16/0x30
[ 1660.739508][T24877]  check_panic_on_warn+0xab/0xb0
[ 1660.744582][T24877]  end_report+0x107/0x170
[ 1660.748923][T24877]  kasan_report+0xee/0x110
[ 1660.753360][T24877]  ? dvb_device_open+0x36a/0x3b0
[ 1660.758297][T24877]  ? __pfx_dvb_device_open+0x10/0x10
[ 1660.763584][T24877]  dvb_device_open+0x36a/0x3b0
[ 1660.768348][T24877]  ? __pfx_dvb_device_open+0x10/0x10
[ 1660.773638][T24877]  chrdev_open+0x231/0x6a0
[ 1660.778070][T24877]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1660.783623][T24877]  ? __pfx_chrdev_open+0x10/0x10
[ 1660.788582][T24877]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1660.794916][T24877]  do_dentry_open+0x97f/0x1530
[ 1660.799771][T24877]  ? __pfx_chrdev_open+0x10/0x10
[ 1660.804716][T24877]  vfs_open+0x82/0x3f0
[ 1660.808797][T24877]  path_openat+0x1de4/0x2cb0
[ 1660.813393][T24877]  ? __pfx_path_openat+0x10/0x10
[ 1660.818336][T24877]  do_filp_open+0x20b/0x470
[ 1660.822933][T24877]  ? __pfx_do_filp_open+0x10/0x10
[ 1660.827966][T24877]  ? alloc_fd+0x471/0x7d0
[ 1660.832577][T24877]  do_sys_openat2+0x11b/0x1d0
[ 1660.837264][T24877]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1660.842519][T24877]  __x64_sys_openat+0x174/0x210
[ 1660.847570][T24877]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1660.853130][T24877]  do_syscall_64+0xcd/0x490
[ 1660.857743][T24877]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1660.863637][T24877] RIP: 0033:0x7f8eda78eba9
[ 1660.868230][T24877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1660.887956][T24877] RSP: 002b:00007f8ed85f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1660.896462][T24877] RAX: ffffffffffffffda RBX: 00007f8eda9d6270 RCX: 00007f8eda78eba9
[ 1660.904528][T24877] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[ 1660.912775][T24877] RBP: 00007f8eda811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1660.920743][T24877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1660.928734][T24877] R13: 00007f8eda9d6308 R14: 00007f8eda9d6270 R15: 00007ffdb6fc4d88
[ 1660.936715][T24877]  </TASK>
[ 1660.940072][T24877] Kernel Offset: disabled
[ 1660.944489][T24877] Rebooting in 86400 seconds..