last executing test programs:

4m44.810856499s ago: executing program 0 (id=2184):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x4, 0x3, 0x4, 0x9b72, r0, 0x200000000000)
timer_create$auto(0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x54, r2, 0x1, 0x70bd2b, 0x25dfdbf9, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0)
write$auto(r3, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x85)
r4 = socket(0x2, 0x1, 0x106)
setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6})
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0)
ioctl$auto_dma_heap_fops_dma_heap(r5, 0xffffffffffdffe00, &(0x7f0000000140)=';')
r6 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$auto(0x3, 0xc0086202, r6)
connect$auto(r4, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54)
read$auto(0x3, 0x0, 0x7fffffff)
setsockopt$auto_SO_KEEPALIVE(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000080)='%&+#*%-\xfc\x00', 0x9)
rt_sigqueueinfo$auto(0x0, 0x9, &(0x7f00000000c0)={@_si_pad})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
shmget$auto(0x8, 0x10565, 0x7ff)
shmat$auto(0x0, 0x0, 0xfffffffa)
shmctl$auto(0x0, 0x0, 0xfffffffffffffffd)

4m44.683590275s ago: executing program 0 (id=2185):
io_uring_setup$auto(0x59, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x1f40)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)
ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, 0x0)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14)

4m43.694627118s ago: executing program 0 (id=2191):
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
listen$auto(0x3, 0x81)
r0 = socket(0x2b, 0x1, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/tcp\x00', 0x400, 0x0)
syz_clone3(0x0, 0x0)
pread64$auto(r1, 0x0, 0x202, 0x1)

4m42.780798808s ago: executing program 0 (id=2196):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0)
write$auto(r0, 0x0, 0x100082)
r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0xe47, 0xd, 0x5, 0x6, 0x4, 0x3, 0xffffffffffffffff, [], {0x7, 0x6, 0x8c48, 0x2a3, 0x100, 0x3, 0x40100101, 0x6}, {0xf8, 0x1, 0x1, 0x1, 0x3, 0x40, 0x1000, 0x8, 0x100000000}})
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r2, 0x0, 0x0)
socketpair$auto(0x4, 0x3, 0xb, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f00000005c0)={0x0, 0x9e, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000fadbdf250f00000008000300", @ANYRES32=r4, @ANYBLOB="0500300000000000794f4dbd7aee651ff9e79a5d4ebe82b9ae3f4f4acd628fb79caae39230b2714dac04885d25940a0b77883047ea618735c772aaeba8da4e0e4996b47d79b23fd07bf61ec76645544e368eabd5a5e34483be76f7f8cbb01521d5dd9a07060cb35ee5f010379c863d7875abf0c22e27f2721ae15627c3a73b"], 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140000e4)
sendmsg$auto_BATADV_CMD_GET_MESH(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, r5, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0xfffffffc}, @BATADV_ATTR_BLA_VID={0x6, 0x20, 0xc}, @BATADV_ATTR_HARD_IFNAME={0x14, 0x7, 'wlan0\x00'}, @BATADV_ATTR_MESH_IFNAME={0x14, 0x4, 'veth0_to_hsr\x00'}, @BATADV_ATTR_TT_ADDRESS={0xa, 0x10, @multicast}]}, 0x58}}, 0x800c050)
write$auto(0xca, &(0x7f0000000340)='\x04>2\x1b!\xe2\x00\x94\xf2\xa2\x00\x00z\x0e\x8d\xea!\xbc\xf8*\x84(rw\xee\x9c\xb4,\xdaW\x0f\xef7\xbf\n|\x9a\xd9\xc3\xe7%\xeb\x1b\xd0\xc4\xc0\xae\xf6\xdf\x90,\x84\x12o4\a\x87\xe6\xe6\x17t\xb3<\xed\x91*\x8a#\x938D\xb6s\x9f\x14\xd4\x97\fY\xad5\xf5\xe9Iv\xe0\xd9\xfd\xff\x02idN\x94\x81\xc3\xa6\xb1\x11pM-><C_\xaf,\x18\xc2\xf5\xd4E\xc2\xc7\xbf\xeaA\xe4\x01\x00\xdf\xfc\x9e\xb9\xe7\xd1\xe9az\xa2\xe1\xb7%v\x18\v\xf9n\x8d\xab)\xa6\x18x<\xeb\x800X\xfa\xe94\x9frA-', 0x7e)
unshare$auto(0x40000080)
keyctl$auto(0xe, 0x1, 0x1, 0x4, 0x6)
keyctl$auto(0xe, 0x1, 0x1, 0x4, 0x6)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, r6, 0x7)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r7, 0x5423, 0x0)
read$auto(r7, 0x0, 0x2)
r8 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sg1\x00', 0x440, 0x0)
ioctl$auto_SG_SET_FORCE_PACK_ID(r8, 0x227b, &(0x7f0000000480)="6fc2c0eedc0829c32961016ada085976e203e1fa08426d490a292cc22fa547b81ece19ddad0e479be61c19de1c22909e3ef07ff4e246e8a12b860278ea1d49c884089ed91527c352eecfc48d02d57fd199c3f152733446cbc69fc2c0d54ecd000d6894031301018ed8ec524076ea8be06fa1922009e62516b580576fd1040e7ea59c2a7ff6547805574a0004af26f66738082dfa012a9bbf86c74d8ae0bcfa1bcf3ea949bcc814be6d9a52c7053f85741b7d701d88227b2871ef331bca41fadfdd9cd4f65361c46486418f39309fa8bb8896c751ba4b5bef7e5168d36c5c1b81888ed86c4f8dc6fa53c6a8dda386c1")

4m41.920776545s ago: executing program 0 (id=2201):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}})
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

4m41.856181017s ago: executing program 0 (id=2202):
r0 = socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffffff, 0x19300, 0x0)
bind$auto(r0, 0x0, 0x68)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
read$auto(0xffffffffffffffff, 0x0, 0x9)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

4m26.848689877s ago: executing program 32 (id=2202):
r0 = socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffffff, 0x19300, 0x0)
bind$auto(r0, 0x0, 0x68)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
read$auto(0xffffffffffffffff, 0x0, 0x9)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

6.896251107s ago: executing program 3 (id=3037):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x2000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x1, 0x2, 0x2, 0xff, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9", @raw}, 0x0, @integer=@value=[0x400000000006, 0x6, 0x179, 0xfffffffffffff8ad, 0x0, 0xa, 0x89, 0x8, 0x4, 0x7, 0x6, 0x7, 0x100000001, 0x3, 0x7, 0x8, 0x81, 0x9f, 0x8, 0xd, 0xb1, 0x0, 0x3, 0x8, 0x2, 0x10001, 0x1, 0x80100000, 0x8000, 0xffffffff8db4d983, 0x0, 0xee7c, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x9, 0x804, 0x7, 0x3, 0x4f3, 0xc, 0x4, 0xe02, 0x0, 0xe4, 0x9, 0x6, 0x81, 0x401, 0x3, 0xa, 0x0, 0x400000000000006, 0xa36d, 0x0, 0x6, 0x101, 0x82, 0xc9d, 0x401, 0x9, 0x5, 0x640c, 0x3, 0x1000, 0xff, 0x201, 0x0, 0xec31, 0x9, 0x1ff, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x7, 0x7fffffffffffffff, 0x1, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x7, 0x7fffffffffffffff, 0x7, 0x401, 0xfffffffffffffff7, 0x8, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x9, 0x8000000000000001, 0x5, 0x5, 0x1, 0x40, 0x1, 0x7, 0x2, 0x3, 0x400000000000008, 0x1f, 0x8001, 0xc13, 0x800000000000006, 0xbf5, 0x2, 0xa, 0x7, 0xf, 0xe0, 0x1, 0x8, 0x3, 0x7fffffff, 0x6, 0x2, 0x2, 0xa, 0x5, 0x1, 0x7fffffffffffffff, 0x10002], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"})
mmap$auto(0x0, 0x400008, 0x800df, 0x9b72, 0xfffffffffffffffe, 0x8000)
socketpair$auto(0x1e, 0x5, 0x3, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x80201, 0x0)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0xa, 0x1, 0x84)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r1, 0x9, &(0x7f0000000040)='{6y\xfa\xd6\bk\xf0\xe3\n', 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
prctl$auto(0x4e, 0x2, 0x0, 0x100, 0x2)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca002, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7ffff000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0182, 0x0)
readv$auto(r4, 0x0, 0x200000000080003)

5.007967209s ago: executing program 3 (id=3042):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4068aea3, &(0x7f0000000040)={0x80})
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0x2, 0x3, 0x6)
r5 = socket(0x2, 0x1, 0x0)
bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x23, 0xb}, 0x800005}, 0x5, 0x20000001)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0)
sendmsg$auto_NL80211_CMD_SET_STATION(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140), 0xc, &(0x7f00000001c0)={0x0, 0x150}, 0x1, 0x0, 0x0, 0x40010}, 0x20048004)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), r4)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[@ANYBLOB="78010000", @ANYRES16=r7, @ANYBLOB="000429bd7000fbdbdf257e000000750055000544ae400b12e0eba2131b8cae9393154066d260cb35fd2ec7b5192f8dee147adec2e44bb465a0ffa7b8f69276eb120330bdad87765b5eb41572484829a9611926855879e43957ab398732e63dbd0c16c0d67cd1a4b05735e7004a5b0bde85a174f073a56e69e84dd9d28b4fa2f38511a70000000400930008009e00030000000800140005000000d500550023a2b0767e1178dfe46faa0eb966da1e35f48b5e2e1e50095aeb"], 0x178}, 0x1, 0x0, 0x0, 0x4}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(r5, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x44004)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(r3, &(0x7f0000000480)={{0x0, 0x10, 0x0, 0x1, 0x0, 0x0, 0x109}, 0x5}, 0x5, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x508f, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x4, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0xa)
write$auto(0x3, 0x0, 0x100085)

4.776567147s ago: executing program 4 (id=3043):
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
fcntl$auto(0xffffffffffffffff, 0xa, 0x1)
fcntl$auto(0xffffffffffffffff, 0x10, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000100)={0x0, 0x3f00, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r1, 0x301, 0x70bd29, 0x25dfdc02}, 0x14}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$auto(r2, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, 0x0, 0x40)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0xa, 0x1, 0x84)
pidfd_getfd$auto(r3, r4, 0x8000)
sendmsg$auto_TASKSTATS_CMD_GET(r3, 0x0, 0x20000000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xfff6, 0x0)
ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, 0x0)

4.554821612s ago: executing program 4 (id=3046):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x301140, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0)
socketpair$auto(0x1, 0x0, 0x0, 0x0)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x7, 0x63, 0x0, 0x0, 0x0, 0x1002, 0x4, 0x80000008040000a, 0x40000402, 0x7, 0x8, 0xffffffff80000000, 0xffffffffffffffff, 0x6, 0x240000100103})
close_range$auto(0x2, 0x8, 0x0)
socket(0x23, 0x2, 0x3)
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptyt1\x00', 0x129203, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x200002, 0x3, 0x0, 0x0, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto(r1, 0x1, r1)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_clone3(&(0x7f0000000640)={0x80000000, 0x0, 0x0, 0x0, {0x4000015}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x81}, "6a060007c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c0000b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xb})
getcwd$auto(0x0, 0xffffffffffffffff)
renameat$auto(0x6, 0x0, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00')
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
acct$auto(0x0)

4.047332888s ago: executing program 1 (id=3048):
mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
r0 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r0, 0x6, 0x17, 0x0, 0x4)
getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0)
socket(0x18, 0x6, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0xa, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r1, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={0x0, 0x13}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x1a000, 0x100)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x181881, 0x0)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
pread64$auto(r2, &(0x7f0000000140)='[/]&].%[[[\\&.#}}\x00', 0x9, 0x7f)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r3 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
poll$auto(&(0x7f0000000480)={r3, 0x8000, 0xff81}, 0x7, 0x54b)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0xfdef)

3.981030582s ago: executing program 3 (id=3049):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sg1\x00', 0x2f0941, 0x0)
socket(0xa, 0x3, 0x3914)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28562, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
socket(0xa, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000003140)={0x0, 0x0, &(0x7f0000003100)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="1e0025bd7000fbdbdf2500000000", @ANYRES32=r3, @ANYRES16=r2, @ANYRES32=r0, @ANYBLOB="7ee0aa5ae219e16707bcecff84b178dc808262da5451765516494c882ca1499928e1cb1b19e234d6bb6055fc1d4fdfa007f3fb126b7f4c50f26d02b1f569a2c5fa798d2d1f4da485f470e40791d65380e31c2adc7980e4280409d9bea5fffbda10668bff85d48302df534682de120f2f5e6aeb6960b798737cc30d5634554ce7a7cb207b53d6af4dc686814cff70ff54ed6f7a3b544b46bc43a13483a77d37dc323d92f978c393fe8a18ac60bf2bb5a0b2128b62b17b582382e905a35deb291f48046a96c3536c4d299ff0b0414f23f22722ac60f0d6af0ad92090bc9edc213490ff569f5d4047e1692006dfb80dc9594a40ab9c83d15e07dc941fa4919b07012c8e5e10cf653b9f288426483f47d883f2d0a63957d01681568d3360a989cfbb3e51521a059f49db0ee4567ad1e8b31ef79afe90d8657e96e22258da9e4152d2b25f19e1b1cc8c142c63c2c810540b8c50dbe3931161423df54147b6166944e66888ed26e4c39c786bf0a45c3392e3e5429204d4ca5c26d18c43da14aef4397c703036757e1d350ef9e811a2a7c46d66b177f5ceb70d08d78b9eb59c2cd202fc2aef247fe7b29c8e4cf8382126b5933f842ccfc68d8c03691931a91ec325f596835aebfd52cb786b009493b42b5240e3ca0e67ab26407ca23455b124c9c0e7fe5c1bf4ff4933843fbbd2120a41106a8e359f7cc65c97a5f6712031e54296334eafc016d28a1754ff47e7c7e689e0f926c65011d492e6fe753a0e2627ee73de5e7a836be8b9307fee9da2ec6da9137d9a873f5e756011143bac4cd2367dce6505e2764845af534840f56105202da4e356c3b7fa78603879c6398c4566888f198a6cfa35c5adf3c84af9e240cc678f46c569cb6242775a19b3c1b879d1fe7d2b0bc70ead1eb6fe33e231e140f7638e9540706c43a2f4cb6e287bfb99060b498967e03fa5151b5c93fd486fa646728053e61955cb9dffccdba19825b7de202290a3a50f2c559a108fe3bd60b38731d25454016fc34bb5eb3ef52e0eeac70a773ae7afeb8abb81d58d4229b6a2b194c814d56ed657494b8ff0c7e1ef55b98778ec9dcbc898f589ef962f0f1e80f010f737e6613b23c74de33ad7e94c8a24d2b300412b31e7d427ff3428142bbf67771265058027e45bbf683a580f2d5f8a49cb470d99dedfbbb6a7f27d5bb22b8a444627af458e13cc160d5b25d5150697bb34a60fe522c7cadd9cd7a14a5fd485ad60130c5a13338c96c4741fd72d42ea55364b8416bbe668e1c136279818334ab9b19c23a6c59e8584359416058abcde39b560479f894ef56e80e09a8b3dc3aa5b17d6d942c3d2b7765e99883e8f25bcb0b766bb6f067cb0619c4447913d82ea710307d235aae3f6b2c0e11c279774627c6a4ec58537e54269ebf938de40b0928c77deec5fa4b941c98aac18e0de52ce8397c53fc592553ffce71e3dc01a107c6f1bb871c99b8e26818d59b060b83d4416068dbb404c387692c64e3b6b7c01b6771297cb5092dd0e14a3a1687ec64f88285f11c12075262d8f43a8f52a2138a09ab4597dad16a53b535b9e649e8c986d217895d7705b609de36a0da30d9cfb9078b45a6c60f6f65ab1dc1112b07187c3f88bbf8e8fc6fbecbd15b211c2c39aebfdd3d0d2c47431467af6fde2746a4eb1181eb77e9aef0b4ed9cc768a770baae9831c0c24ff9a02af2de7461926d0a34b3a75a142d4788980aa3fa8936b7f5b8c4cf77ccf86d248f40b7a4f06ff0a0e80689c0fcfe1e3c99af5e6a313fe678fd7f012aabf32c9dad90ed71375337746bbdc16dfbe2c04b9d59d5c87f4888625c54fd77ede959030550bd789b66377f9319effbe5d80f5f029361170171014406e166a5b8e2a0497ee61d1bb7c4956440b2db1fa46b6da4e5ee3a2e6cb1e2077e4503d34809878bf71bd7f0b8ae580dac01887512446460b2f2be98bad821f7da965595ef6129323ad801d41f7f098c1cd4478f6859d48cb1e59e504263d70d9fed65e9140b57322ba55f76dc23f214de4b645e169b1a330e7ed6c7359959ff593f740cefc0cadbb215c35f14b9f7ea2661d292cf246c765df4c05899178fb5551ac4e81fc5507051f441f5e80c0ad69b1c3977c938b6d3b2ab541a2e81f3255c73204c0b59580694dd08afca89eba46c88d505a494881be485aee729eb3f722a2d2b2f02282ffbc303337e5c684ad43d67cb592ede5114191f2501e1bf4e5626a35a6d2f40864eca3ea172e97ae8476bdd86530e0c60f4701d95b0a99bcf9e9d1830c9e59eb701c17e990bac7a971effb7c157cf913edb7bb59dbbccba5f5fd49dbd0f81bbfd46c8dbc8599ec66bf6394b0f2149e424b09b673ce59ad73f14e38e0db4447187a56dfc2fb4e82ec8df8015ee720b1b5dca1b1fefeed98e478c1e89910c38e8056df83438bd111e62e0d160b8d183f586d4a9f8c69d9ffe89b0f1a1a78958ce83c2116bc5e183a0200be4edd6cdc11c251f4c235f73020435b996784936a4008bcb3b520b32416526de36ee6e9835aa5a0ce4319461473b348a3c9e5997459e34a30ec30a107996f57435d1774f5c49a0b7f666fdcca5045e03a90cdf88519bf2d054c0c41571e260266cb074475b3d7d1ffe1898d2b2cfe3e5b67cf822462a9a0e955d8edd13d1103b5c5e762caca5ea545ba737185424ecf363ed2faf4128a4343c392e3921f439e279c499a2e7911b0fea29e2c9ca900a72d79fe0b813fa3da3a6b872f4ba204b8fc7ceada22fa2166d93a81a8c66da36472483e9367b82a744e5e310988d319bf38d96feb3509d48b850b6dcf39533064d7727069832ad27b1bcabcce60c997a969539311fd33d5b35b7bfcc18456aadcff95ac6eac9185e40c49baa3b97041914050ac65fd1be438a4a022940cbab64701dbafb5e6900761c12a780b92b4f255aec0f3118bbb20492a7df1ba328094c5a8efab99704acb9f2bc386cd5c8bfeaf91fd28498b1086fa58bb8eae2976517bca99cfc7fa0a34401ecf6b8535c9e64507e8b729cc6de468e944434a8b843534a68878d7844dc91ad578f158370af091a6b2f365e8d923ccd43513b1fe8605a6095c431b8e36ddfd54e8baccc34b2e776406de2fec484feadb13c691c8089cee897f8888340d6a3d7dc3cb3c6f70de925fef5ebb8d7aa6e130a83aeed52dc9170914aa6806f4de4118429007bba01394f888658508c676dc318f99167cd4bae5e24a2fd75816ae2b931d774a4371e4a2dd5d7ccc20626d26960a47a73c9ee8027ad9606ff47d72c3bce82cf3a6f3e8c35e0d69c7f43efd52004e94520a7a4f0170c938889e74f8425fe7db09f435805314865c87aa339cbf6260bab6eea0e797161691928a94cd39b0786fb2c47ce435eab0835221a0ab0284381580f9e812890eec822c82b0b714541ae54be4fbdb7991befd6d9b1f5948814454bca87deb2b2273ab797fa8072918e0776bd024896c7110a1b8ce6607dddfdd75e5f9c28989de3389039296e9393fb30097cfda0b51b370e2535392b2b0f8f134507fbd3f14d032ea52cd17bee9a4c38bcc0e19ccf0b352aed9e118a5dce3b76e2db0bc47400df794e7c5aba0b047b9bee4b8808db762cc2451d27a7c876515c63db7e6d556eb1cf0e4854ad7bc84c714d07a555d20dce9c49679c908f8ce29b76546d757c036ce76edf1c7ba181dbc1cf51ba224b95504db36bc732853be5ca85f609e1280e8c0f508192f18a8091c0474272f3127e8c37c8eae6ecc71dad20c7b6c7ac4e510996569e229016d2dfd43a734ec3ec04a01fe0ee7a3f9e29145d418cb79c184693c576db867bf850c0712b048a62c7d294abd378a06a25fe5a68fa1e1219f530541d89cc302a726ad4b63aaafdf079072965c567076fed27d83fe8c1c050eb2da2c4767a01cac8728ea4a6b5b704fe6c7c397d22bf1e3931fb875895313bfd64df66d3d0fbf15f9c49e833279de33ab47ec26802f14957bc40e4b87ec556f1636ea55585e3db8fa4a305136ae967935464ad77d5f2b2c0764bfb5e9fe436c67348752cb8a570a203a5f307205596b4f489b547eb368a3eca8b6d399c9d588070384dc344d6a9fbc7135a6ecd14441efdd658d156a8755aeb351c340130f32ab014933700c2131895906c5b36f543e23f27a605aa8e07b01bbc14f4e2284eeaf8a838a9c83dfe659c96d4fc84e4cccd50ac5c402a1542621e6c6be00502f3e4393badd47cb574053d75459531dc55689038893fa3c6f052b5ec2cb5d93c169167df5c3df06288b52ed63cee388f77e9f70d799e386fa652dcc7da6f2e8469b7259723d177a321bfc74962345addc8031e7eeaf3ca3179cf5d739847df5036812dfd0efb816184ed52fc4a61b62f8a62287183ea8ea11edb0ec7e81d1f4eeab4967309ca5951e15d0cbef8cc402ca3420b9e36033e33033eed7a98de12e4c9a7846dc83192a5418eaa5679b8b1a578cead328d5aeaec9f205d137735ed3a69b2c0cce4a13604243da76c7223e9570300f95c5dfac39151a00b3116b0c8ac61574f16967512163f998bed8b66af1473e43b466ba4710ab33a4b672ccaf6660ccb596ffcddd31bafd303dea3be530825726060f498cb598c91a25e4d0c5cee2ab672269f276233ddc3228a26a0049d282b3187b03ab83000a1d98c17b9a5c497ce7dcc745524a467f7135de2def9915c3c4bc17aac71d1d9200a2033705664d308572bf8a733f4a3d49403be4335cfc94dba83c26602e15ebcb592e51c22070aa814fcf80dec59799159a36eadc4143d4730dff02c89779b134894078e0d8c1a18116262070f2f92af78c5bdc06c062f8e1656d5db22dc0cfddf9f1ee88e0896ec3d4298034ec67c43c36236d21f54cdce176e44baa3e8c4aa79a2cb0208202d76496e7916a044335545fe4837166f5155d1046e81abac44fa14f9171803f794e41c7909a07b1b067a4da5c5e9ef4a750aa1b231538648769b082012a4ef5632e586f3a7f55ade7212321eb973f1a0c059ee183c49b569f3e97f477f18d8437820c37a218868b695ad48ae889cae6281e86aca1c9e7a771676538f3df7e1ed858567f995f751f5d706a54fc5755cbbcd7330e05b9c6e244759b0c0b9878f4c51211d06c1c2d88ba68d92f2711d9ba9f101a58e9b306d92bc565934129d323dcb52ee64a177dfbb27525caac8526bc58f2886fc563c3878fee013110d8d10a2974d8b2542574cb7c96ffa19f0c518187acf5dc13d16b46d917b0bbb8f4610fa09544111389e1c8545d159626f0b3ebb6229148f71a759a37310dfeedc5b2be016d5c3a935f126ed3aff508ea1d8bd7cc63226a9d3f49d1a3b539db4dbb32448fd45c786537757ba862df78a43fc0bf2572c31e4fe7b96ac7e7d4348df722052f81f70848d5e5fe5038fc70abe1e2d4c27a3673f1ea2832be0e10465798f02ab2deb5867a7efba1a5a1a54f74d9100076ff5f66c826140de978964e25c125377623fa9d007cdd03be779d3d770be14b76792a8dd3179f2d93d7019aabc26d233687ede29d3bfd4c589cfa44c030c2e8e6a172459012349b8db3182802b2eb73ecdd6547fa38a20dc4d82f3d164435cd9e041d14d9b45489b748ef2ef3622dc12b08fbc55cf29703dfefb2e6a69535a5e413a24414db215a7988e6550f06c8758c3839b768670d6ec42fbe69daf48614b6e3d3c997468dd23eb0a9e6f772fd14458f384bebd22cb096e0ec5c496fb17e21704b40c40f7502c54ffc0c29c4c2c2978a09abafb9ebfca01c47b8b8fe5e171b8d913df0628faa4e", @ANYBLOB="65ddac0dabbdfc3fd033663ad94b1e28e1e72c1234187f97da69f4d252e843ad90b0f8f17984c48e6c010f7d6fbd3964af90b710de63de25855676d526ed9383a13f0a32c6e44f5d1fc4248275821699399be68101a6339600"/98, @ANYRESDEC=0x0], 0x30}, 0x1, 0x0, 0x0, 0x24000044}, 0x20008800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r6 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_SEQ_GETOUTCOUNT(r6, 0x80045104, 0x0)
brk$auto(0x8)
fstat$auto(0xffffffffffffffff, 0x0)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000)
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/time\x00')
socket(0x2, 0xa, 0x1)
ioctl$auto(0x1, 0x890b, 0x8)
socket(0x10, 0x2, 0x4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0)
write$auto(0x3, 0x0, 0xffd8)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/034/001\x00', 0xcc842, 0x0)
socket(0x18, 0xa, 0x103)
mmap$auto(0x5, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)

3.840789724s ago: executing program 4 (id=3050):
r0 = socket(0xa, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffffff, 0x19300, 0x0)
bind$auto(r0, 0x0, 0x68)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
read$auto(0xffffffffffffffff, 0x0, 0x9)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0xfffffffffffffff7, 0x2020009, 0x3, 0x214, 0xfffffffffffffffa, 0x0)
r1 = socketcall$auto_SYS_GETSOCKOPT(0xf, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000000)=0x1)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)=@raw_tracepoint={0x80000000, r1, 0x0, 0x8000000000000000}, 0xffff)
ioctl$auto(r2, 0x1, r1)
mremap$auto(0xfffffffffffffffa, 0x103, 0x606, 0xfffffffffffffffa, 0x100000000)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x44)
sendmmsg$auto(r3, 0x0, 0x7, 0x4008)
madvise$auto(0x0, 0x200007, 0x19)
r4 = io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, <r5=>0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000380), r5)
sendmsg$auto_BATADV_CMD_TP_METER(r4, 0x0, 0x0)
futex_wake$auto(0x0, 0x5, 0x4, 0xa)
pread64$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x8800000000)
openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000640), 0x88180, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20481, 0x0)

3.488693467s ago: executing program 4 (id=3051):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r0, 0x114, 0x2717, 0xfffffffffffffffc, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0)
sendfile$auto(r1, r2, 0x0, 0x3)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r3)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r4 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x1e, 0x800, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r5 = clone$auto(0x6, 0x8000000000000001, &(0x7f0000000080)=0xcf, &(0x7f00000000c0)=0xffff7fff, 0x1000)
prctl$auto(0xa134, 0x22, r5, 0x800, 0x5)
socket(0x2, 0x1, 0x106)
socket(0xf, 0x3, 0xa)
setsockopt$auto(0x4, 0x0, 0x3, &(0x7f0000000000)='!/*:(*\'\x00', 0x800000e)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
socket(0x12, 0x4, 0x7fff)
setresuid$auto(0x60, 0x1000, 0x607)
ioctl$auto(r6, 0x2284, 0xffffffffffffffff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r4, 0x300000000000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0)
statmount$auto(&(0x7f0000000040)={0xffff, @raw=0x2, 0x6, 0x4, 0xfffffffffffffff8}, &(0x7f0000000340)={0x3ff, 0x1, 0x7fff, 0x8, 0x6, 0x3, 0x3, 0x5, 0x8, 0x8, 0x3, 0x690, 0x1604000000000, 0x2, 0x100, 0xfff, 0x7, 0x109, 0xfffff1a0, 0x8, 0x9, 0xfff, 0x3, 0x9501, 0x0, 0x9, 0x400, 0x5c1f, 0x1, 0x9, 0x20000000, [0x9, 0x4, 0x7, 0x2, 0x0, 0x3, 0x2, 0x7, 0x10001, 0x7f, 0x3, 0x2, 0x400000000000009, 0x1, 0x4, 0x3, 0x0, 0x10001, 0x8, 0x0, 0x7, 0xa5, 0xc, 0x1, 0x8000000000000000, 0x7, 0x3, 0x80000001, 0x2, 0x2, 0x0, 0x9, 0xe23f, 0x60000000, 0x3, 0x0, 0x10000, 0x800, 0x6, 0x0, 0xb, 0xfff, 0x100000002], "0d4da07757fc0a8e5de18bd363ce4cd41558fdae0643974f4f329960f2cb8c8e546a2541ef8227735f9d60e3cb50f6712c580dab3d8d1876a632fbe3c7bc8983b2033f3e94ce99928fb6f63d6a5d00427e16356cd2bb5ac7332f15102dfa643a2ac8b0a2354713be651e33e04d87dc8db31dee05bda730841ad8c01c925cfb6c19c83be19a876ab65f124cbd4bf03702b919b3334dc9"}, 0x6, 0x5)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)

3.35673035s ago: executing program 3 (id=3052):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
uname$auto(0x0)
setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x0)
io_uring_setup$auto(0x2, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0xff)
connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendfile$auto(r2, r1, 0x0, 0x1000202)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x121480, 0x0)
ioctl$auto_SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth1_to_batadv\x00'})
shmctl$auto_SHM_LOCK(0x6, 0xb, &(0x7f0000000340)={{0x7f, 0xee00, 0xee01, 0x200, 0xc, 0x2}, 0x7, 0x1, 0x3, 0xc3, @inferred=0xffffffffffffffff, @raw=0x2, 0x8, 0x0, &(0x7f00000001c0)="eb2c1ed0d52ec2b286bde5a479e43f0ecba7bb832ee8fbec4f4d28a9404aa37f41c74b7f20547c523bb6c8be7951241c8e76302fc028420c090c04362fcfb0f5541d8dbe0e16c9f35833915e74ca2af821ea172285e496513c2c3bb40c62e26a8edffcb39ad880437d73c2a0e56313175d7feba226a8cfdf1045ea6e0cb91a439ef086372fbc8088499e85c78eae2e9fb8b2ee1a57945f33b7276139abe65525bbeecb79cd7d9598e94cf641b44db2d765216e", &(0x7f0000000280)="988543088f23fb8bd6bee77a0db84bf4b8d968411ba47a6223c97bc1174c6c282f8d9b8b30d3c3474b5e0f1346266b020cf614ee5cabdaa68505eb53847889547770241bebbd8e1bc9ad028c0e3efe303e5e22661df9fba46a8b09f41e6014e4c25fc6ea220a4c5d5a250c027358ca1d994609c39bc248b8929374eebdbbbaf499216a76331a1c3f8462d37082baecca0dfa91c1f0a588e8f71d2b5b26a0d08baf154bd9e47d93798546364ba13906686d12e9"})
shmctl$auto_IPC_INFO(0x9, 0x3, &(0x7f00000004c0)={{0x7, 0x0, 0xffffffffffffffff, 0x1, 0x1, 0x9, 0x8}, 0x0, 0x10, 0xd, 0x7, @raw=0x6, @inferred, 0x6, 0x0, &(0x7f00000003c0)="579fac047cbfdc74b0b576a26f06", &(0x7f0000000400)="21acb93901ca343612be23eafb38566528880adecb77d7d6208f550f821102cbed338f29807a244661ec6f17b71f771ef9128880282dfaa869e1f680de6a64623a99e3f58e81520d6639781473b153c394473ce578711f2de6a0f19f27b88ddb375e144bbe130be7529ec5968537d14300356d1dfdf9bd1186fe44db56484d6d17a4dbda49d07316ae394107656e901bd3f6dd3fb9603a95df05174a31abdf7cf42d120ce416f6"})

3.076295487s ago: executing program 2 (id=3053):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x101002, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x1a1d02, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
memfd_secret$auto(0x0)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0xfa5)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x100, 0x0)
eventfd$auto(0x3)
pipe$auto(0x0)
socketpair$auto(0x3, 0x1, 0x4, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r0, 0x404c4701, 0x0)

3.071620238s ago: executing program 1 (id=3054):
mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20007, 0xfffffffffffffffe, 0xeb5, 0x401, 0x8000)
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0)
init_module$auto(&(0x7f00000001c0), 0x1ff, &(0x7f00000002c0)='\x94\x19\xac\x80/der/S\x1auenc9\xf6a\x1b`\b\xab\xfaf\x94;\xc9\xc2,x1y\xd4\x1e\xba\xe4\x84\xcbWW\x8eK`lT\x9c\xc1\x98G \xad\v\x82U\x80w\xac\xe4OW?\xd6\x1e]\xac\x19\xf2\xc2\x98\x9d\xe3-\x95\xc1\x90\x99J\xccB\xd2,\x99R\x85\xd6h\xc8\xe4Ex\x18\x19\x8b\x9e\x05\a\x94l\xde\xc1x/lB\xf6\xe6\x00\xef6\xd6wJ')
close_range$auto(r0, r0, 0x0)
socket(0xa, 0x2, 0x73)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0xf, 0x6, 0x0)
bind$auto(0x3, 0x0, 0x6b)
bind$auto(0x3, 0x0, 0x6a)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
msync$auto(0x110c230000, 0x200001, 0x6)
process_vm_readv$auto(0x0, 0x0, 0x4, &(0x7f0000000040)={0x0, 0x40000000001243}, 0x80000000000000a, 0xfffffffffffffffc)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0x800000000000038, r1, 0x7ffd)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
request_key$auto_KEY_SPEC_PROCESS_KEYRING(&(0x7f00000006c0)='[{%\xbc::(\x00', 0xfffffffffffffffd, 0x0, 0xfffffffffffffffe)
madvise$auto(0x0, 0x200, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r2, 0x114, 0x8, 0x0, 0x4)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r4)

2.925867617s ago: executing program 4 (id=3055):
ioperm$auto(0x1, 0x1004, 0x7f)
iopl$auto(0x2)
r0 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x1, 0x0)
write$auto_event_trigger_fops_trace(r0, &(0x7f0000000240)='!', 0x1)
r1 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x181841, 0x0)
write$auto(r1, &(0x7f0000000100)='9\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x16)
r2 = prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, 0x0, 0x4, 0x3)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), r2)
r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xffffffffffff5f53, 0xeb0, r3, 0x8000)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
unshare$auto(0x40000080)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r4, 0x0, 0x46, &(0x7f00000000c0)='[\x00', 0xfff)
openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x80201, 0x0)
ioctl$auto_SNAPSHOT_AVAIL_SWAP_SIZE(r5, 0x80083313, &(0x7f0000000080)=0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r6 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x810, r6, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

2.882695386s ago: executing program 2 (id=3056):
mmap$auto(0x4, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
unshare$auto(0x40000080)

2.533749309s ago: executing program 1 (id=3057):
r0 = socket(0x2, 0x801, 0x106)
r1 = getsockopt$auto(r0, 0x11c, 0x3, 0x0, 0x0)
ioctl$auto(r1, 0x541c, r1)

2.466895562s ago: executing program 2 (id=3058):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/virt_wifi0/unres_qlen_bytes\x00', 0x4001, 0x0)
r0 = socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
connect$auto(r0, &(0x7f0000000080)=@generic={0xa, "509235679a5532c63bacddae0710"}, 0x54)
write$auto(0x3, 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video43\x00', 0x24840, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
rt_sigtimedwait$auto(&(0x7f00000010c0)={0x2dda}, &(0x7f00000011c0)={@siginfo_0_0={0x3, 0x10001, 0x18, @_sigsys={&(0x7f0000001100)="b8b596e2b833f004e2b356f49dd9b4b4519cb39912e1267c3d4e9b764015e94859ecc3802c0ad16152e8eb033bcde2594d4268bb4537e6b99eea8cddd953e044c067ebbfb4e02de3f99f3c6b55bea2971d10651e8ef9379ccdb5f2f806daa1370329b78e1f5b648ff59282bd918933e78b2fbe6e5780b63fb16d8fcc8ed6f706f4ef0ccca231a9a7d01c390b80be336cdd7c39fd589bd25f6127e8369efe77641fd354fc20d637416ee5cbc0f1972ff5476cbb7cf338b36a8982dade5c7594", 0x7, 0x4}}}, &(0x7f0000001240)={0x0, 0x7fffffffffffffff}, 0x8)
write$auto(r1, 0x0, 0x80000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendfile$auto(r2, r2, 0x0, 0x7ffff003)
vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x0)
write$auto(0x1, 0x0, 0x80000000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x5, 0x5]}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000100)={[0x1fe, 0x6, 0x2, 0xffffffffffffffe7, 0x800000000000948b, 0x3, 0x15f4da0a, 0x3, 0x4000000000000003, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x8000000000000000, 0x6]}, 0x0)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x4, 0xe983, 0x9, 0xeb1, 0x401, 0x8000)

2.346323818s ago: executing program 3 (id=3059):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
read$auto_uinput_fops_uinput(r0, 0x0, 0x0)
socket(0xa, 0x5, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x60742, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
timer_create$auto(0x0, 0x0, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_system\x00', 0x0, 0x0)
r3 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0)
write$auto(0x3, 0x0, 0x7)
close_range$auto(0x2, 0xa, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x8000000000000001, 0x40eb1, r1, 0x300000000000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x5, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000200df, 0xeb1, r3, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x3, 0xbf)
futex$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0xffffffdf)
setsockopt$auto(0x3, 0x0, 0x12, 0x0, 0x28)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/019/001\x00', 0x1, 0x0)

2.338064796s ago: executing program 1 (id=3060):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x18, 0x80000, 0x1)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r0, 0x7ff, 0x6, 0xa, 0x21b, 0x5f, 0x0, 0x3}, 0x6f6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
pipe2$auto(0x0, 0x0)
io_uring_setup$auto(0x7e1b, 0x0)
socket(0x2, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x11, 0x2, 0x14)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)
write$auto(0x3, 0x0, 0x0)

2.067729917s ago: executing program 1 (id=3061):
unshare$auto(0x40000082)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wg0\x00'})
sendmsg$auto_WG_CMD_SET_DEVICE(r1, 0x0, 0x810)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x400201, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r2, 0x0, 0x4000040)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x13b, 0x1, 0x4, 0x5, 0x2)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/loop6\x00', 0x1, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c07, 0x0)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5)
ioctl$auto(r3, 0x4008af13, r3)
syslog$auto(0x4, 0x0, 0x0)
write$auto(0x3, 0x0, 0xfffffdef)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x0, 0x0)

1.349918596s ago: executing program 2 (id=3062):
mmap$auto(0x0, 0x20007, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
socket(0x23, 0x2, 0x0)
sysfs$auto(0x2, 0x100000000000036, 0x100000)
fsopen$auto(0x0, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
sysfs$auto(0x2, 0x48, 0x0)
r0 = fsopen$auto(0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x4)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10001}, 0x80)
clock_gettime$auto(0x3, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
fsconfig$auto(r0, 0x6, 0x0, 0x0, 0x0)
fsmount$auto(0x4, 0x0, 0x200003)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
sendto$auto(0x3, 0x0, 0x5, 0x2, &(0x7f0000000440)=@generic={0x10, "91cdc3e32874c3294700d0ca7f8f"}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

1.071638585s ago: executing program 2 (id=3063):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x424c0, 0x0)
eventfd$auto(0x34b)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001740)='/sys/devices/virtual/block/loop8/mq/0/nr_tags\x00', 0xa8580, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001780)=""/238, 0xee)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xb, 0x1, 0x948b, 0x3, 0x4, 0x10060000000, 0x6, 0x62, 0x8000001d, 0x8, 0x6d3b, 0x9, 0x8, 0x4]}, 0x0)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x4, 0x7, 0x6, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x7, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000004, 0xa, 0xfffffffffffffffd, 0x6, 0x800, 0x0, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x706, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1ff, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x7, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0x1, 0x40, 0x5, 0x7, 0x2, 0x3, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"})
mmap$auto(0x9, 0x400008, 0xde, 0x9b72, 0x2, 0x7fff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10007)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88282, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000001c0)='y\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000180), r2)
sendmsg$auto_TCP_METRICS_CMD_DEL(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48010}, 0x4000011)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x389803, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP0_STALL(0xffffffffffffffff, 0x550c, 0x5f)
ioctl$auto_TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f0000000040)="1e66cfea880288ddc30115c3e01d1aff43b6768c2e86242394c3d7f3cf5a8996deaf1c8cf1cb09e2fb7f001651c62c2b820be9720e64b82be79af1c74ed80c8e43e561c1504568ddfaa46191ffc8508ddc0327b6378f2a7a2d")
close_range$auto(0x2, 0x8, 0x0)

665.387925ms ago: executing program 1 (id=3064):
unshare$auto(0x40000080)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7ffd)
socket$nl_generic(0x10, 0x3, 0x10)
msgctl$auto_MSG_INFO(0x0, 0xc, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x4)
ioctl$auto_FIDEDUPERANGE(r1, 0xc0189436, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x3, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC1D0p\x00', 0x6100, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000001440))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x100)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)

428.062826ms ago: executing program 3 (id=3065):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
read$auto(0xffffffffffffffff, 0x0, 0x20)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x48041, 0x0)
write$auto(r3, 0x0, 0x6)
r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/block/sda/sched/read0_fifo_list\x00', 0x2000, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r4, &(0x7f0000000040)=""/163, 0xa3)
unshare$auto(0x40000080)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)="b2", 0x1)
r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r1, r6, 0x0, 0x1)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9)
socket(0x10, 0x80002, 0x0)
bind$auto(r2, &(0x7f0000000140)=@generic={0x1a, "9300000004000000000000000091"}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vgem/driver_override\x00', 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x18, r8, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff)

101.678353ms ago: executing program 2 (id=3066):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
bind$auto(0x3, 0x0, 0x6a)
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0)
ppoll$auto(&(0x7f0000000140)={r1, 0x8, 0x1}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000100), r0)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
msgctl$auto(0x9, 0xf8, &(0x7f00000001c0)={{0x8, 0xee00, 0x0, 0x4, 0xa771, 0x7, 0x9}, &(0x7f0000000140)=0x1, &(0x7f0000000180)=0x1, 0xc28a, 0x5f52, 0x3, 0x9, 0x8, 0x2cce, 0xfffc, 0x6, @inferred, @inferred=0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSC(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x28, r3, 0x201, 0x70bd2a, 0x25dfdbfe, {}, [@MACSEC_ATTR_RXSC_CONFIG={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@multicast2}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x28}}, 0x48010)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
r4 = socket(0xa, 0x1, 0x84)
io_uring_setup$auto(0x401, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
getsockopt$auto(r4, 0x84, 0x1a, 0x0, 0x0)
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0)
personality$auto(0xffffffffffffffff)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20080, 0x0)
pread64$auto(r6, 0x0, 0x1fffe001, 0xb)
fremovexattr$auto(r5, &(0x7f0000000000)='\x00}]\x00\x00[\xff\xff\xff\xff')
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/dev_snmp6/bond0\x00', 0x2080, 0x0)
ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, 0x0)

0s ago: executing program 4 (id=3067):
mmap$auto(0x4, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
unshare$auto(0x40000080)

kernel console output (not intermixed with test programs):

dep_hardirqs_on+0x7c/0x110
[  793.482527][T17347]  do_syscall_64+0xcd/0xf80
[  793.482547][T17347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  793.482562][T17347] RIP: 0033:0x7f1eaa38f7c9
[  793.482575][T17347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  793.482590][T17347] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  793.482604][T17347] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  793.482614][T17347] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a
[  793.482623][T17347] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  793.482631][T17347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  793.482640][T17347] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  793.482660][T17347]  </TASK>
[  794.898756][T17355] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  794.944422][T17355] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  795.001539][T17355] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  795.053882][T17355] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  795.126141][T17366] zswap: compressor  not available
[  796.482523][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  796.818177][T17401] netlink: 'syz.2.2486': attribute type 11 has an invalid length.
[  796.959899][T15612] Bluetooth: hci1: command 0x0c1a tx timeout
[  797.040611][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  797.119163][T15612] Bluetooth: hci4: command 0x0c1a tx timeout
[  797.167533][T17406] FAULT_INJECTION: forcing a failure.
[  797.167533][T17406] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  797.389791][T17410] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2489'.
[  797.407828][T17406] CPU: 0 UID: 0 PID: 17406 Comm: syz.1.2487 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  797.407855][T17406] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  797.407861][T17406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  797.407871][T17406] Call Trace:
[  797.407876][T17406]  <TASK>
[  797.407882][T17406]  dump_stack_lvl+0x16c/0x1f0
[  797.407905][T17406]  should_fail_ex+0x512/0x640
[  797.407931][T17406]  should_fail_alloc_page+0xe7/0x130
[  797.407954][T17406]  prepare_alloc_pages+0x401/0x670
[  797.407975][T17406]  ? __lock_acquire+0x436/0x2890
[  797.407992][T17406]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  797.408009][T17406]  ? kvm_sched_clock_read+0x11/0x20
[  797.408029][T17406]  ? lock_acquire+0x179/0x330
[  797.408042][T17406]  ? find_held_lock+0x2b/0x80
[  797.408061][T17406]  ? finish_task_switch.isra.0+0x202/0xbd0
[  797.408082][T17406]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  797.408109][T17406]  ? finish_task_switch.isra.0+0x207/0xbd0
[  797.408132][T17406]  ? __schedule+0x114c/0x6150
[  797.408152][T17406]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  797.408177][T17406]  ? policy_nodemask+0xea/0x4e0
[  797.408200][T17406]  alloc_pages_mpol+0x1fb/0x550
[  797.408223][T17406]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  797.408249][T17406]  folio_alloc_mpol_noprof+0x36/0x2f0
[  797.408265][T17406]  vma_alloc_folio_noprof+0xed/0x1e0
[  797.408279][T17406]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  797.408299][T17406]  do_anonymous_page+0xc81/0x2190
[  797.408321][T17406]  __handle_mm_fault+0x1ecf/0x2bb0
[  797.408339][T17406]  ? reacquire_held_locks+0xcd/0x1f0
[  797.408353][T17406]  ? __pfx___handle_mm_fault+0x10/0x10
[  797.408371][T17406]  ? lock_vma_under_rcu+0x176/0x580
[  797.408397][T17406]  handle_mm_fault+0x3fe/0xad0
[  797.408416][T17406]  do_user_addr_fault+0x60c/0x1370
[  797.408435][T17406]  ? rcu_is_watching+0x12/0xc0
[  797.408457][T17406]  exc_page_fault+0x64/0xc0
[  797.408473][T17406]  asm_exc_page_fault+0x26/0x30
[  797.408487][T17406] RIP: 0033:0x7fdaf5c5a65b
[  797.408500][T17406] Code: 00 00 00 48 8d 3d dd 5a 19 00 48 89 c1 31 c0 e8 2b 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 5b 19 00 48 89 34 24 48 8b 14 24 48 8b
[  797.408515][T17406] RSP: 002b:00007fdaf3fcbfb0 EFLAGS: 00010202
[  797.408527][T17406] RAX: 0000000000000000 RBX: 00007fdaf5fe6090 RCX: 0000000000000000
[  797.408536][T17406] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000
[  797.408545][T17406] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  797.408553][T17406] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  797.408561][T17406] R13: 00007fdaf5fe6128 R14: 00007fdaf5fe6090 R15: 00007fff42fde5f8
[  797.408581][T17406]  </TASK>
[  797.408749][T17406] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  799.061233][T17428] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2493'.
[  799.102971][T17428] unsupported nlmsg_type 40
[  799.129516][T17428] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2493'.
[  799.441729][T17436] ima: policy update failed
[  799.497383][   T30] audit: type=1802 audit(4294967339.052:23): pid=17436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2495" res=0 errno=0
[  799.516447][T17436] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2495'.
[  800.261799][T17448] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  801.737429][T17475] serio: Serial port ttyS2
[  802.311312][T17485] Invalid ELF header magic: != ELF
[  802.614534][T17495] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  803.329563][T17505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2511'.
[  803.380339][T17504] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2510'.
[  803.420392][T17506] netlink: 'syz.2.2511': attribute type 1 has an invalid length.
[  803.483427][T17506] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2511'.
[  803.522610][T17502] HfR: entered promiscuous mode
[  805.029688][T17521] serio: Serial port ttyS2
[  806.588395][T17543] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  806.690656][T17543] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  806.741065][T17543] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  806.805338][T17543] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  808.422109][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  808.739365][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout
[  808.745498][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  808.818349][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  809.216534][T15612] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  809.251561][T17569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2525'.
[  809.395979][T17570] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2525'.
[  809.764355][T17569] HfR: entered promiscuous mode
[  810.413190][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  810.419522][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  811.603881][T15612] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  812.228151][T17601] NFSD: Failed to start, no listeners configured.
[  813.494198][T17623] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2536'.
[  814.150618][T15612] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  815.792153][T17644] mkiss: ax0: crc mode is auto.
[  815.895179][T17652] FAULT_INJECTION: forcing a failure.
[  815.895179][T17652] name failslab, interval 1, probability 0, space 0, times 0
[  815.961952][T17652] CPU: 0 UID: 0 PID: 17652 Comm: syz.3.2543 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  815.961981][T17652] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  815.961986][T17652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  815.961996][T17652] Call Trace:
[  815.962001][T17652]  <TASK>
[  815.962008][T17652]  dump_stack_lvl+0x16c/0x1f0
[  815.962031][T17652]  should_fail_ex+0x512/0x640
[  815.962053][T17652]  ? kmem_cache_alloc_noprof+0x62/0x770
[  815.962074][T17652]  should_failslab+0xc2/0x120
[  815.962096][T17652]  kmem_cache_alloc_noprof+0x83/0x770
[  815.962113][T17652]  ? __kernfs_new_node+0xd2/0x990
[  815.962133][T17652]  ? __kernfs_new_node+0xd2/0x990
[  815.962148][T17652]  __kernfs_new_node+0xd2/0x990
[  815.962166][T17652]  ? __pfx___kernfs_new_node+0x10/0x10
[  815.962188][T17652]  ? find_held_lock+0x2b/0x80
[  815.962207][T17652]  ? kernfs_root+0xee/0x2a0
[  815.962226][T17652]  kernfs_new_node+0x13c/0x1e0
[  815.962248][T17652]  kernfs_create_link+0xcc/0x240
[  815.962271][T17652]  sysfs_do_create_link_sd+0x90/0x140
[  815.962289][T17652]  sysfs_create_link+0x61/0xc0
[  815.962304][T17652]  device_add+0x652/0x1980
[  815.962323][T17652]  ? __pfx_device_add+0x10/0x10
[  815.962339][T17652]  ? lockdep_init_map_type+0x5c/0x270
[  815.962353][T17652]  ? __init_waitqueue_head+0xca/0x150
[  815.962382][T17652]  netdev_register_kobject+0x1a9/0x3d0
[  815.962406][T17652]  register_netdevice+0x13ac/0x21d0
[  815.962427][T17652]  ? rcu_is_watching+0x12/0xc0
[  815.962448][T17652]  ? __pfx_register_netdevice+0x10/0x10
[  815.962471][T17652]  slip_open+0xb86/0x1150
[  815.962494][T17652]  ? __pfx_slip_open+0x10/0x10
[  815.962512][T17652]  ? down_write+0x14d/0x200
[  815.962532][T17652]  ? __pfx_slip_open+0x10/0x10
[  815.962550][T17652]  tty_ldisc_open+0x9f/0x120
[  815.962565][T17652]  tty_set_ldisc+0x32b/0x780
[  815.962583][T17652]  tty_ioctl+0xc2d/0x1650
[  815.962600][T17652]  ? __pfx_tty_ioctl+0x10/0x10
[  815.962622][T17652]  ? find_held_lock+0x2b/0x80
[  815.962640][T17652]  ? hook_file_ioctl_common+0x144/0x410
[  815.962667][T17652]  ? __fget_files+0x20e/0x3c0
[  815.962689][T17652]  ? __pfx_tty_ioctl+0x10/0x10
[  815.962706][T17652]  __x64_sys_ioctl+0x18e/0x210
[  815.962725][T17652]  do_syscall_64+0xcd/0xf80
[  815.962744][T17652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  815.962759][T17652] RIP: 0033:0x7f6f9718f7c9
[  815.962772][T17652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  815.962787][T17652] RSP: 002b:00007f6f97f6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  815.962802][T17652] RAX: ffffffffffffffda RBX: 00007f6f973e6090 RCX: 00007f6f9718f7c9
[  815.962812][T17652] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008
[  815.962821][T17652] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  815.962829][T17652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  815.962838][T17652] R13: 00007f6f973e6128 R14: 00007f6f973e6090 R15: 00007fff03a80208
[  815.962858][T17652]  </TASK>
[  819.279536][T17678] [U] 	
[  819.282339][T17678] [U] 
[  819.285017][T17678] [U] 
[  819.287693][T17678] [U] 
[  819.290366][T17678] [U] 
[  819.367121][T17678] [U] 
[  819.370014][T17678] [U] 
[  819.372700][T17678] [U] 
[  819.375376][T17678] [U] 
[  819.495177][T17678] [U] 
[  819.497891][T17678] [U] 
[  819.500566][T17678] [U] 
[  819.503257][T17678] [U] 
[  819.560505][T17678] [U] 
[  819.563225][T17678] [U] 
[  819.565908][T17678] [U] 
[  819.568582][T17678] [U] 
[  819.683618][T17678] [U] 
[  820.370207][T17708] serio: Serial port ttyS2
[  820.763710][T17684] kexec: Could not allocate control_code_buffer
[  822.208659][T15612] Bluetooth: hci1: Malformed LE Event: 0x0b
[  822.570049][T17737] serio: Serial port ttyS2
[  822.830955][T17743] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  823.447725][T17753] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  823.896828][T17759] serio: Serial port ttyS2
[  824.387770][T17764] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  824.420388][T17764] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  824.466386][T17764] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  824.502446][T17764] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  824.826552][T17784] Console: switching to colour VGA+ 80x25
[  825.033353][T17787] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  825.907928][T17801] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2574'.
[  825.972655][T17801] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.100855][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  826.243049][T17801] bridge_slave_1 (unregistering): left allmulticast mode
[  826.277620][T17801] bridge_slave_1 (unregistering): left promiscuous mode
[  826.316944][T17801] bridge0: port 2(bridge_slave_1) entered disabled state
[  826.496764][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  826.502833][T15612] Bluetooth: hci3: command 0x0c1a tx timeout
[  826.565922][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  826.804393][T17810] FAULT_INJECTION: forcing a failure.
[  826.804393][T17810] name failslab, interval 1, probability 0, space 0, times 0
[  826.896149][T17810] CPU: 0 UID: 0 PID: 17810 Comm: syz.4.2577 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  826.896178][T17810] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  826.896184][T17810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  826.896194][T17810] Call Trace:
[  826.896200][T17810]  <TASK>
[  826.896206][T17810]  dump_stack_lvl+0x16c/0x1f0
[  826.896230][T17810]  should_fail_ex+0x512/0x640
[  826.896253][T17810]  ? kmem_cache_alloc_noprof+0x62/0x770
[  826.896273][T17810]  should_failslab+0xc2/0x120
[  826.896295][T17810]  kmem_cache_alloc_noprof+0x83/0x770
[  826.896312][T17810]  ? __kernfs_new_node+0xd2/0x990
[  826.896332][T17810]  ? __kernfs_new_node+0xd2/0x990
[  826.896348][T17810]  __kernfs_new_node+0xd2/0x990
[  826.896367][T17810]  ? __pfx___kernfs_new_node+0x10/0x10
[  826.896388][T17810]  ? find_held_lock+0x2b/0x80
[  826.896417][T17810]  ? kernfs_root+0xee/0x2a0
[  826.896438][T17810]  kernfs_new_node+0x13c/0x1e0
[  826.896461][T17810]  __kernfs_create_file+0x53/0x350
[  826.896487][T17810]  cgroup_addrm_files+0x546/0xc20
[  826.896515][T17810]  ? __xa_store+0x1dc/0x2e0
[  826.896534][T17810]  ? __pfx_cgroup_addrm_files+0x10/0x10
[  826.896554][T17810]  ? __pfx___xa_store+0x10/0x10
[  826.896579][T17810]  ? do_raw_spin_unlock+0x172/0x230
[  826.896600][T17810]  css_populate_dir+0x169/0x570
[  826.896621][T17810]  cgroup_apply_control_enable+0x3f3/0xbb0
[  826.896648][T17810]  cgroup_mkdir+0x5e0/0x12e0
[  826.896672][T17810]  ? __pfx_cgroup_mkdir+0x10/0x10
[  826.896693][T17810]  kernfs_iop_mkdir+0x111/0x190
[  826.896710][T17810]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  826.896727][T17810]  vfs_mkdir+0x731/0xb60
[  826.896747][T17810]  do_mkdirat+0x442/0x5e0
[  826.896770][T17810]  ? __pfx_do_mkdirat+0x10/0x10
[  826.896791][T17810]  ? strncpy_from_user+0x203/0x2e0
[  826.896814][T17810]  ? getname_flags.part.0+0x1c5/0x550
[  826.896831][T17810]  __x64_sys_mkdir+0xef/0x140
[  826.896853][T17810]  do_syscall_64+0xcd/0xf80
[  826.896872][T17810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.896888][T17810] RIP: 0033:0x7f1eaa38f7c9
[  826.896900][T17810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.896915][T17810] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  826.896930][T17810] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  826.896940][T17810] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  826.896950][T17810] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  826.896959][T17810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  826.896969][T17810] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  826.896990][T17810]  </TASK>
[  826.897012][T17810] cgroup: cgroup_addrm_files: failed to add usage_in_bytes, err=-12
[  827.343451][T17809] serio: Serial port ttyS2
[  828.170162][T17817] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  828.213183][T17817] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  828.277577][T17817] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  828.346986][T17817] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  829.791859][T17845] serio: Serial port ttyS2
[  830.067767][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  830.227012][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  830.307020][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  830.386257][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  830.622325][T17858] vhci_hcd vhci_hcd.2: Wrong hub descriptor type for USB 3.0 roothub.
[  831.149242][T17868] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2590'.
[  831.322346][T17876] vhci_hcd vhci_hcd.0: invalid port number 16
[  831.571202][T17874] serio: Serial port ttyS2
[  831.582295][T17884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2593'.
[  832.331657][T17890] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  832.730903][T17893] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  833.531892][T17902] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2596'.
[  834.092099][T17911] serio: Serial port ttyS2
[  834.712926][T17929] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44
[  835.821190][T17931] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45
[  837.235797][T17964] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  837.444394][T17964] FAULT_INJECTION: forcing a failure.
[  837.444394][T17964] name failslab, interval 1, probability 0, space 0, times 0
[  837.579123][T17964] CPU: 0 UID: 0 PID: 17964 Comm: syz.1.2611 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  837.579153][T17964] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  837.579159][T17964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  837.579168][T17964] Call Trace:
[  837.579174][T17964]  <TASK>
[  837.579181][T17964]  dump_stack_lvl+0x16c/0x1f0
[  837.579205][T17964]  should_fail_ex+0x512/0x640
[  837.579228][T17964]  ? kmem_cache_alloc_noprof+0x62/0x770
[  837.579249][T17964]  should_failslab+0xc2/0x120
[  837.579271][T17964]  kmem_cache_alloc_noprof+0x83/0x770
[  837.579288][T17964]  ? __proc_create+0x2c8/0x8d0
[  837.579311][T17964]  ? __proc_create+0x2c8/0x8d0
[  837.579333][T17964]  __proc_create+0x2c8/0x8d0
[  837.579352][T17964]  ? __pfx___proc_create+0x10/0x10
[  837.579374][T17964]  ? _raw_write_unlock+0x28/0x50
[  837.579391][T17964]  ? proc_register+0x559/0x8b0
[  837.579419][T17964]  proc_create_reg+0x7d/0x180
[  837.579445][T17964]  proc_create_net_data+0x8e/0x1c0
[  837.579467][T17964]  ? __pfx_proc_create_net_data+0x10/0x10
[  837.579490][T17964]  ? __pfx_vlan_init_net+0x10/0x10
[  837.579510][T17964]  vlan_proc_init+0xe3/0x180
[  837.579525][T17964]  ops_init+0x1e2/0x5f0
[  837.579544][T17964]  setup_net+0x11d/0x3a0
[  837.579560][T17964]  ? __pfx_setup_net+0x10/0x10
[  837.579574][T17964]  ? lockdep_init_map_type+0x5c/0x270
[  837.579590][T17964]  ? mutex_init_lockep+0x110/0x150
[  837.579609][T17964]  copy_net_ns+0x351/0x7c0
[  837.579629][T17964]  create_new_namespaces+0x3ea/0xab0
[  837.579654][T17964]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  837.579675][T17964]  ksys_unshare+0x45b/0xa40
[  837.579697][T17964]  ? __pfx_ksys_unshare+0x10/0x10
[  837.579720][T17964]  ? xfd_validate_state+0x61/0x180
[  837.579740][T17964]  __x64_sys_unshare+0x31/0x40
[  837.579761][T17964]  do_syscall_64+0xcd/0xf80
[  837.579780][T17964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.579796][T17964] RIP: 0033:0x7fdaf5d8f7c9
[  837.579809][T17964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.579823][T17964] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  837.579838][T17964] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  837.579848][T17964] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  837.579857][T17964] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  837.579866][T17964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  837.579875][T17964] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  837.579896][T17964]  </TASK>
[  837.579904][T17964] 8021q: can't create entry in proc filesystem!
[  837.977860][T17974] sg_write: data in/out 3292/1 bytes for SCSI command 0xa3-- guessing data in;
[  837.977860][T17974]    program syz.4.2613 not setting count and/or reply_len properly
[  838.077344][T17976] FAULT_INJECTION: forcing a failure.
[  838.077344][T17976] name failslab, interval 1, probability 0, space 0, times 0
[  838.132853][T17976] CPU: 0 UID: 0 PID: 17976 Comm: syz.3.2614 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  838.132882][T17976] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  838.132888][T17976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  838.132897][T17976] Call Trace:
[  838.132904][T17976]  <TASK>
[  838.132910][T17976]  dump_stack_lvl+0x16c/0x1f0
[  838.132934][T17976]  should_fail_ex+0x512/0x640
[  838.132956][T17976]  ? __kmalloc_noprof+0xca/0x910
[  838.132975][T17976]  should_failslab+0xc2/0x120
[  838.132996][T17976]  __kmalloc_noprof+0xeb/0x910
[  838.133012][T17976]  ? cgroup_mkdir+0x2b0/0x12e0
[  838.133036][T17976]  ? cgroup_mkdir+0x2b0/0x12e0
[  838.133055][T17976]  cgroup_mkdir+0x2b0/0x12e0
[  838.133078][T17976]  ? __pfx_cgroup_mkdir+0x10/0x10
[  838.133099][T17976]  kernfs_iop_mkdir+0x111/0x190
[  838.133118][T17976]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  838.133135][T17976]  vfs_mkdir+0x731/0xb60
[  838.133155][T17976]  do_mkdirat+0x442/0x5e0
[  838.133178][T17976]  ? __pfx_do_mkdirat+0x10/0x10
[  838.133200][T17976]  ? strncpy_from_user+0x203/0x2e0
[  838.133222][T17976]  ? getname_flags.part.0+0x1c5/0x550
[  838.133240][T17976]  __x64_sys_mkdir+0xef/0x140
[  838.133262][T17976]  do_syscall_64+0xcd/0xf80
[  838.133281][T17976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.133296][T17976] RIP: 0033:0x7f6f9718f7c9
[  838.133309][T17976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.133324][T17976] RSP: 002b:00007f6f97f8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  838.133339][T17976] RAX: ffffffffffffffda RBX: 00007f6f973e5fa0 RCX: 00007f6f9718f7c9
[  838.133357][T17976] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  838.133366][T17976] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  838.133375][T17976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  838.133384][T17976] R13: 00007f6f973e6038 R14: 00007f6f973e5fa0 R15: 00007fff03a80208
[  838.133405][T17976]  </TASK>
[  839.056702][T17980] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2615'.
[  839.443459][T17983] zswap: compressor  not available
[  839.907522][T17993] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  840.870475][ T5829] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  840.870502][ T5829] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[  840.885313][ T5829] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  840.885349][ T5829] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[  840.892717][ T5829] Bluetooth: hci3: adv larger than maximum supported
[  840.899745][ T5829] Bluetooth: hci3: Unknown advertising packet type: 0x7d
[  840.907772][ T5829] Bluetooth: hci3: Malformed LE Event: 0x0d
[  841.555247][T18027] FAULT_INJECTION: forcing a failure.
[  841.555247][T18027] name failslab, interval 1, probability 0, space 0, times 0
[  842.201441][T18027] CPU: 0 UID: 0 PID: 18027 Comm: syz.4.2626 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  842.201471][T18027] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  842.201478][T18027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  842.201487][T18027] Call Trace:
[  842.201493][T18027]  <TASK>
[  842.201501][T18027]  dump_stack_lvl+0x16c/0x1f0
[  842.201525][T18027]  should_fail_ex+0x512/0x640
[  842.201549][T18027]  ? __kmalloc_cache_noprof+0x5f/0x800
[  842.201568][T18027]  should_failslab+0xc2/0x120
[  842.201592][T18027]  __kmalloc_cache_noprof+0x80/0x800
[  842.201609][T18027]  ? ima_add_digest_entry+0x52/0x540
[  842.201631][T18027]  ? ima_add_digest_entry+0x52/0x540
[  842.201649][T18027]  ima_add_digest_entry+0x52/0x540
[  842.201670][T18027]  ima_add_template_entry+0x478/0x870
[  842.201691][T18027]  ? ima_alloc_init_template+0x19d/0x720
[  842.201713][T18027]  ? __pfx_ima_add_template_entry+0x10/0x10
[  842.201733][T18027]  ? ima_alloc_init_template+0x536/0x720
[  842.201759][T18027]  ima_add_violation+0x17f/0x3d0
[  842.201782][T18027]  ? __pfx_ima_add_violation+0x10/0x10
[  842.201803][T18027]  ? ima_d_path+0x12b/0x2a0
[  842.201822][T18027]  ? __pfx___might_resched+0x10/0x10
[  842.201843][T18027]  ? __pfx_ima_d_path+0x10/0x10
[  842.201867][T18027]  ? __pfx_down_write+0x10/0x10
[  842.201891][T18027]  process_measurement+0x16d7/0x22d0
[  842.201917][T18027]  ? __pfx_process_measurement+0x10/0x10
[  842.201938][T18027]  ? trace_contention_end+0xdd/0x110
[  842.201954][T18027]  ? __mutex_lock+0x27b/0x1ca0
[  842.201973][T18027]  ? find_held_lock+0x2b/0x80
[  842.201991][T18027]  ? tracing_check_open_get_tr.part.0+0xdc/0x190
[  842.202037][T18027]  ? tracing_check_open_get_tr.part.0+0xe1/0x190
[  842.202058][T18027]  ? inode_to_bdi+0x9e/0x160
[  842.202080][T18027]  ima_file_check+0xc7/0x110
[  842.202100][T18027]  ? __pfx_ima_file_check+0x10/0x10
[  842.202125][T18027]  security_file_post_open+0x8e/0x210
[  842.202140][T18027]  path_openat+0xe5f/0x3140
[  842.202168][T18027]  ? __pfx_path_openat+0x10/0x10
[  842.202196][T18027]  do_filp_open+0x20b/0x470
[  842.202217][T18027]  ? __pfx_do_filp_open+0x10/0x10
[  842.202252][T18027]  ? alloc_fd+0x471/0x7d0
[  842.202278][T18027]  do_sys_openat2+0x11f/0x280
[  842.202294][T18027]  ? __pfx_do_sys_openat2+0x10/0x10
[  842.202317][T18027]  __x64_sys_openat+0x174/0x210
[  842.202333][T18027]  ? __pfx___x64_sys_openat+0x10/0x10
[  842.202357][T18027]  do_syscall_64+0xcd/0xf80
[  842.202377][T18027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.202393][T18027] RIP: 0033:0x7f1eaa38f7c9
[  842.202406][T18027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  842.202421][T18027] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  842.202436][T18027] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  842.202446][T18027] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  842.202457][T18027] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  842.202467][T18027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  842.202477][T18027] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  842.202497][T18027]  </TASK>
[  842.202505][T18027] ima: OUT OF MEMORY ERROR creating queue entry
[  843.293880][T18040] FAULT_INJECTION: forcing a failure.
[  843.293880][T18040] name failslab, interval 1, probability 0, space 0, times 0
[  843.349411][T18040] CPU: 0 UID: 0 PID: 18040 Comm: syz.1.2629 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  843.349441][T18040] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  843.349447][T18040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  843.349457][T18040] Call Trace:
[  843.349462][T18040]  <TASK>
[  843.349469][T18040]  dump_stack_lvl+0x16c/0x1f0
[  843.349493][T18040]  should_fail_ex+0x512/0x640
[  843.349516][T18040]  ? fs_reclaim_acquire+0xae/0x150
[  843.349541][T18040]  should_failslab+0xc2/0x120
[  843.349564][T18040]  kmem_cache_alloc_noprof+0x83/0x770
[  843.349582][T18040]  ? __pfx_map_id_range_down+0x10/0x10
[  843.349602][T18040]  ? security_inode_alloc+0x3b/0x2b0
[  843.349627][T18040]  ? security_inode_alloc+0x3b/0x2b0
[  843.349647][T18040]  security_inode_alloc+0x3b/0x2b0
[  843.349669][T18040]  inode_init_always_gfp+0xced/0x1040
[  843.349694][T18040]  alloc_inode+0x86/0x240
[  843.349710][T18040]  new_inode+0x22/0x1c0
[  843.349727][T18040]  bdev_alloc+0x2b/0x420
[  843.349750][T18040]  __alloc_disk_node+0x116/0x6b0
[  843.349771][T18040]  __blk_mq_alloc_disk+0x89/0x120
[  843.349789][T18040]  loop_add+0x490/0xb70
[  843.349809][T18040]  ? __pfx_loop_add+0x10/0x10
[  843.349839][T18040]  ? find_held_lock+0x2b/0x80
[  843.349861][T18040]  loop_control_ioctl+0x13e/0x630
[  843.349881][T18040]  ? __pfx_loop_control_ioctl+0x10/0x10
[  843.349911][T18040]  ? __pfx_loop_control_ioctl+0x10/0x10
[  843.349932][T18040]  __x64_sys_ioctl+0x18e/0x210
[  843.349952][T18040]  do_syscall_64+0xcd/0xf80
[  843.349972][T18040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.349988][T18040] RIP: 0033:0x7fdaf5d8f7c9
[  843.350001][T18040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.350016][T18040] RSP: 002b:00007fdaf3fcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  843.350031][T18040] RAX: ffffffffffffffda RBX: 00007fdaf5fe6090 RCX: 00007fdaf5d8f7c9
[  843.350042][T18040] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007
[  843.350051][T18040] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  843.350060][T18040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  843.350069][T18040] R13: 00007fdaf5fe6128 R14: 00007fdaf5fe6090 R15: 00007fff42fde5f8
[  843.350089][T18040]  </TASK>
[  844.200508][T18054] serio: Serial port ttyS2
[  844.832411][T18076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2636'.
[  846.136088][T18081] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  846.156401][T18081] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  846.162435][T18081] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  846.200060][T18081] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  846.470404][    T9] Process accounting resumed
[  847.055062][T18095] FAULT_INJECTION: forcing a failure.
[  847.055062][T18095] name failslab, interval 1, probability 0, space 0, times 0
[  847.198870][T18095] CPU: 0 UID: 0 PID: 18095 Comm: syz.1.2639 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  847.198899][T18095] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  847.198906][T18095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  847.198915][T18095] Call Trace:
[  847.198921][T18095]  <TASK>
[  847.198927][T18095]  dump_stack_lvl+0x16c/0x1f0
[  847.198952][T18095]  should_fail_ex+0x512/0x640
[  847.198975][T18095]  ? kmem_cache_alloc_noprof+0x62/0x770
[  847.198996][T18095]  should_failslab+0xc2/0x120
[  847.199017][T18095]  kmem_cache_alloc_noprof+0x83/0x770
[  847.199035][T18095]  ? __proc_create+0x2c8/0x8d0
[  847.199061][T18095]  ? __proc_create+0x2c8/0x8d0
[  847.199078][T18095]  __proc_create+0x2c8/0x8d0
[  847.199097][T18095]  ? __pfx___proc_create+0x10/0x10
[  847.199118][T18095]  ? _raw_write_unlock+0x28/0x50
[  847.199137][T18095]  ? proc_register+0x559/0x8b0
[  847.199158][T18095]  proc_create_reg+0x7d/0x180
[  847.199179][T18095]  proc_create_net_data+0x8e/0x1c0
[  847.199199][T18095]  ? __pfx_proc_create_net_data+0x10/0x10
[  847.199224][T18095]  sctp_proc_init+0x199/0x270
[  847.199243][T18095]  ? __pfx_sctp_defaults_init+0x10/0x10
[  847.199261][T18095]  sctp_defaults_init+0x758/0xd90
[  847.199279][T18095]  ? __pfx_sctp_defaults_init+0x10/0x10
[  847.199296][T18095]  ops_init+0x1e2/0x5f0
[  847.199316][T18095]  setup_net+0x11d/0x3a0
[  847.199332][T18095]  ? __pfx_setup_net+0x10/0x10
[  847.199346][T18095]  ? lockdep_init_map_type+0x5c/0x270
[  847.199363][T18095]  ? mutex_init_lockep+0x110/0x150
[  847.199380][T18095]  copy_net_ns+0x351/0x7c0
[  847.199399][T18095]  create_new_namespaces+0x3ea/0xab0
[  847.199423][T18095]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  847.199445][T18095]  ksys_unshare+0x45b/0xa40
[  847.199467][T18095]  ? __pfx_ksys_unshare+0x10/0x10
[  847.199490][T18095]  ? xfd_validate_state+0x61/0x180
[  847.199510][T18095]  __x64_sys_unshare+0x31/0x40
[  847.199531][T18095]  do_syscall_64+0xcd/0xf80
[  847.199557][T18095]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.199573][T18095] RIP: 0033:0x7fdaf5d8f7c9
[  847.199587][T18095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  847.199602][T18095] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  847.199617][T18095] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  847.199628][T18095] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  847.199636][T18095] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  847.199646][T18095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  847.199655][T18095] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  847.199676][T18095]  </TASK>
[  847.838041][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  848.216036][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout
[  848.222164][T15612] Bluetooth: hci1: command 0x0c1a tx timeout
[  848.228216][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  848.632499][   T30] audit: type=1804 audit(4294967388.437:24): pid=18027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.4.2626" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=124 res=0 errno=0
[  848.738314][   T30] audit: type=1804 audit(4294967388.498:25): pid=18027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2626" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=124 res=0 errno=0
[  849.003913][T18104] serio: Serial port ttyS2
[  850.067590][   T30] audit: type=1800 audit(4294967389.875:26): pid=18115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2644" name="features" dev="configfs" ino=71259 res=0 errno=0
[  850.405393][T18128] vhci_hcd vhci_hcd.2: default hub control req: 3132 v0a38 i0000 l0
[  852.079007][T18145] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  852.105209][T18145] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  852.148722][T18145] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  852.193038][T18145] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  852.934217][T18165] ima: policy update failed
[  852.956723][   T30] audit: type=1802 audit(4294967392.780:27): pid=18165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2656" res=0 errno=0
[  852.979200][T18165] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2656'.
[  853.150053][   T30] audit: type=1800 audit(4294967392.971:28): pid=18167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2655" name="features" dev="configfs" ino=71615 res=0 errno=0
[  853.406243][T18169] serio: Serial port ttyS2
[  853.699519][T18178] FAULT_INJECTION: forcing a failure.
[  853.699519][T18178] name failslab, interval 1, probability 0, space 0, times 0
[  853.825412][T18178] CPU: 0 UID: 0 PID: 18178 Comm: syz.2.2659 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  853.825440][T18178] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  853.825447][T18178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  853.825456][T18178] Call Trace:
[  853.825462][T18178]  <TASK>
[  853.825469][T18178]  dump_stack_lvl+0x16c/0x1f0
[  853.825492][T18178]  should_fail_ex+0x512/0x640
[  853.825515][T18178]  ? __kmalloc_noprof+0xca/0x910
[  853.825533][T18178]  should_failslab+0xc2/0x120
[  853.825556][T18178]  __kmalloc_noprof+0xeb/0x910
[  853.825572][T18178]  ? lsm_blob_alloc+0x68/0x90
[  853.825593][T18178]  ? lsm_blob_alloc+0x68/0x90
[  853.825608][T18178]  ? __raw_spin_lock_init+0x3a/0x110
[  853.825625][T18178]  lsm_blob_alloc+0x68/0x90
[  853.825642][T18178]  security_sb_alloc+0x27/0x230
[  853.825663][T18178]  alloc_super+0x24c/0xd00
[  853.825681][T18178]  ? sget_fc+0xd3/0xc20
[  853.825703][T18178]  sget_fc+0x116/0xc20
[  853.825722][T18178]  ? __pfx_set_anon_super_fc+0x10/0x10
[  853.825740][T18178]  ? __pfx_ovl_fill_super+0x10/0x10
[  853.825754][T18178]  get_tree_nodev+0x28/0x190
[  853.825774][T18178]  vfs_get_tree+0x8e/0x330
[  853.825791][T18178]  vfs_cmd_create+0xd7/0x2a0
[  853.825809][T18178]  __do_sys_fsconfig+0x7b8/0xbe0
[  853.825827][T18178]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  853.825853][T18178]  do_syscall_64+0xcd/0xf80
[  853.825873][T18178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.825888][T18178] RIP: 0033:0x7f1ca1f8f7c9
[  853.825900][T18178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  853.825915][T18178] RSP: 002b:00007f1ca2d4e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  853.825930][T18178] RAX: ffffffffffffffda RBX: 00007f1ca21e5fa0 RCX: 00007f1ca1f8f7c9
[  853.825941][T18178] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
[  853.825949][T18178] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  853.825959][T18178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  853.825967][T18178] R13: 00007f1ca21e6038 R14: 00007f1ca21e5fa0 R15: 00007ffd56b00548
[  853.826000][T18178]  </TASK>
[  854.194617][T18186] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2660'.
[  854.395191][ T5829] Bluetooth: hci0: command 0x0c1a tx timeout
[  854.403422][ T5829] Bluetooth: hci4: command 0x0c1a tx timeout
[  854.423333][ T5839] Bluetooth: hci3: command 0x0c1a tx timeout
[  854.429813][T15612] Bluetooth: hci1: command 0x0c1a tx timeout
[  855.027526][T18187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  855.126994][T18187] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  855.206314][T18187] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  855.275044][T18187] page_type: f5(slab)
[  855.291661][T18187] raw: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001
[  855.346036][T18187] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  855.401175][T18187] head: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001
[  855.475660][T18187] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  855.518209][T18187] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  855.572442][T18187] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  855.630226][T18187] page dumped because: unmovable page
[  855.657727][T18217] Unable to find swap-space signature
[  855.685793][T18187] page_owner tracks the page as allocated
[  855.724941][T18187] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6900, tgid 6899 (syz.1.166), ts 154944507148, free_ts 152523277561
[  855.805026][T18187]  post_alloc_hook+0x1af/0x220
[  855.809817][T18187]  get_page_from_freelist+0xd0b/0x31a0
[  855.833006][T18187]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  855.868580][T18187]  alloc_pages_mpol+0x1fb/0x550
[  855.886426][T18187]  new_slab+0x2c3/0x430
[  855.915190][T18187]  ___slab_alloc+0xe18/0x1c90
[  855.934595][T18187]  __slab_alloc.constprop.0+0x63/0x110
[  855.962177][T18187]  __kmalloc_cache_noprof+0x485/0x800
[  855.983428][T18187]  inet6_net_init+0x678/0xb60
[  856.003089][T18187]  ops_init+0x1e2/0x5f0
[  856.007268][T18187]  setup_net+0x11d/0x3a0
[  856.011502][T18187]  copy_net_ns+0x351/0x7c0
[  856.059480][T18187]  create_new_namespaces+0x3ea/0xab0
[  856.091549][T18187]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  856.117076][T18187]  ksys_unshare+0x45b/0xa40
[  856.136986][T18187]  __x64_sys_unshare+0x31/0x40
[  856.162612][T18187] page last free pid 6844 tgid 6844 stack trace:
[  856.191409][T18187]  __free_frozen_pages+0x7df/0x1170
[  856.217138][T18187]  qlist_free_all+0x4c/0xf0
[  856.230156][T18187]  kasan_quarantine_reduce+0x195/0x1e0
[  856.257439][T18187]  __kasan_slab_alloc+0x69/0x90
[  856.276441][T18187]  kmem_cache_alloc_noprof+0x25e/0x770
[  856.294948][T18187]  jbd2__journal_start+0x193/0x6a0
[  856.313516][T18187]  __ext4_journal_start_sb+0x195/0x640
[  856.330375][T18187]  ext4_dirty_inode+0xa1/0x130
[  856.346234][T18187]  __mark_inode_dirty+0x1f7/0x1670
[  856.364411][T18187]  generic_update_time+0xcf/0xf0
[  856.380693][T18187]  file_update_time_flags+0x410/0x520
[  856.403608][T18187]  ext4_page_mkwrite+0x33d/0x1880
[  856.421824][T18187]  do_page_mkwrite+0x174/0x380
[  856.435333][T18187]  do_fault+0x3fc/0x1ad0
[  856.449453][T18187]  __handle_mm_fault+0x1919/0x2bb0
[  856.480584][T18187]  handle_mm_fault+0x3fe/0xad0
[  857.005032][T18201] kexec: Could not allocate control_code_buffer
[  857.600788][T18236] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  857.654587][T18236] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  857.715314][T18236] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  857.807174][T18236] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  857.843041][T18246] serio: Serial port ttyS2
[  858.144165][T18255] binder: 18253:18255 ioctl c018620c 0 returned -1
[  858.188911][T18255] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2674'.
[  858.627874][T18275] random: crng reseeded on system resumption
[  858.685061][T18276] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  858.910079][T18280] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  859.193889][T18289] FAULT_INJECTION: forcing a failure.
[  859.193889][T18289] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  859.283398][T18289] CPU: 0 UID: 0 PID: 18289 Comm: syz.1.2679 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  859.283428][T18289] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  859.283434][T18289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  859.283443][T18289] Call Trace:
[  859.283450][T18289]  <TASK>
[  859.283456][T18289]  dump_stack_lvl+0x16c/0x1f0
[  859.283480][T18289]  should_fail_ex+0x512/0x640
[  859.283514][T18289]  should_fail_alloc_page+0xe7/0x130
[  859.283543][T18289]  prepare_alloc_pages+0x401/0x670
[  859.283567][T18289]  ? finish_task_switch.isra.0+0x202/0xbd0
[  859.283590][T18289]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  859.283608][T18289]  ? lockdep_hardirqs_on+0x7c/0x110
[  859.283626][T18289]  ? finish_task_switch.isra.0+0x207/0xbd0
[  859.283647][T18289]  ? rcu_is_watching+0x12/0xc0
[  859.283667][T18289]  ? trace_sched_exit_tp+0xd1/0x110
[  859.283688][T18289]  ? __schedule+0x10b9/0x6150
[  859.283707][T18289]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  859.283734][T18289]  ? find_held_lock+0x2b/0x80
[  859.283753][T18289]  ? aa_file_perm+0x29e/0x1560
[  859.283769][T18289]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  859.283792][T18289]  ? policy_nodemask+0xea/0x4e0
[  859.283815][T18289]  alloc_pages_mpol+0x1fb/0x550
[  859.283837][T18289]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  859.283858][T18289]  ? __pfx_aa_file_perm+0x10/0x10
[  859.283873][T18289]  ? __lock_acquire+0x436/0x2890
[  859.283890][T18289]  ___kmalloc_large_node+0x10c/0x150
[  859.283915][T18289]  __kmalloc_large_noprof+0x1c/0x70
[  859.283939][T18289]  nsim_dev_take_snapshot_write+0xa6/0x1f0
[  859.283961][T18289]  ? __debugfs_file_get+0x1fe/0x840
[  859.283979][T18289]  ? __pfx_nsim_dev_take_snapshot_write+0x10/0x10
[  859.284007][T18289]  full_proxy_write+0x131/0x1a0
[  859.284026][T18289]  ? __pfx_full_proxy_write+0x10/0x10
[  859.284044][T18289]  vfs_write+0x2a0/0x11d0
[  859.284066][T18289]  ? __pfx___mutex_lock+0x10/0x10
[  859.284086][T18289]  ? __pfx_vfs_write+0x10/0x10
[  859.284111][T18289]  ? __fget_files+0x20e/0x3c0
[  859.284136][T18289]  ksys_write+0x12a/0x250
[  859.284156][T18289]  ? __pfx_ksys_write+0x10/0x10
[  859.284181][T18289]  do_syscall_64+0xcd/0xf80
[  859.284201][T18289]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.284216][T18289] RIP: 0033:0x7fdaf5d8f7c9
[  859.284230][T18289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.284245][T18289] RSP: 002b:00007fdaf3fcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  859.284260][T18289] RAX: ffffffffffffffda RBX: 00007fdaf5fe6090 RCX: 00007fdaf5d8f7c9
[  859.284271][T18289] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003
[  859.284280][T18289] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  859.284289][T18289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  859.284298][T18289] R13: 00007fdaf5fe6128 R14: 00007fdaf5fe6090 R15: 00007fff42fde5f8
[  859.284320][T18289]  </TASK>
[  859.973249][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout
[  859.979300][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  859.990815][T15612] Bluetooth: hci3: command 0x0c1a tx timeout
[  859.996913][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  861.534546][T18191] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  862.078018][T18333] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  862.120379][T18333] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  862.168220][T18333] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  862.599748][T18348] Process accounting resumed
[  863.973793][T18191] Bluetooth: hci0: command 0x0c1a tx timeout
[  864.130737][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  864.217921][T18333] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  864.224141][T15612] Bluetooth: hci4: command 0x0c1a tx timeout
[  864.230302][T18191] Bluetooth: hci3: command 0x0c1a tx timeout
[  864.360190][   T30] audit: type=1800 audit(4294967404.249:29): pid=18363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2692" name="lu_gp_id" dev="configfs" ino=72573 res=0 errno=0
[  864.467619][   T30] audit: type=1800 audit(4294967404.289:30): pid=18363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2692" name="version" dev="configfs" ino=72578 res=0 errno=0
[  864.574837][T18367] FAULT_INJECTION: forcing a failure.
[  864.574837][T18367] name failslab, interval 1, probability 0, space 0, times 0
[  864.657832][T18367] CPU: 0 UID: 0 PID: 18367 Comm: syz.4.2694 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  864.657862][T18367] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  864.657868][T18367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  864.657878][T18367] Call Trace:
[  864.657885][T18367]  <TASK>
[  864.657891][T18367]  dump_stack_lvl+0x16c/0x1f0
[  864.657915][T18367]  should_fail_ex+0x512/0x640
[  864.657938][T18367]  ? fs_reclaim_acquire+0xae/0x150
[  864.657976][T18367]  should_failslab+0xc2/0x120
[  864.658000][T18367]  __kmalloc_noprof+0xeb/0x910
[  864.658018][T18367]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  864.658039][T18367]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  864.658055][T18367]  tomoyo_realpath_from_path+0xc2/0x6e0
[  864.658074][T18367]  ? tomoyo_profile+0x47/0x60
[  864.658094][T18367]  tomoyo_path_perm+0x274/0x460
[  864.658115][T18367]  ? tomoyo_path_perm+0x260/0x460
[  864.658138][T18367]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  864.658180][T18367]  ? __pfx_ima_file_check+0x10/0x10
[  864.658201][T18367]  ? hook_file_truncate+0xc6/0x250
[  864.658230][T18367]  security_file_truncate+0x84/0x1e0
[  864.658246][T18367]  path_openat+0x23a4/0x3140
[  864.658274][T18367]  ? __pfx_path_openat+0x10/0x10
[  864.658302][T18367]  do_filp_open+0x20b/0x470
[  864.658324][T18367]  ? __pfx_do_filp_open+0x10/0x10
[  864.658358][T18367]  ? alloc_fd+0x471/0x7d0
[  864.658384][T18367]  do_sys_openat2+0x11f/0x280
[  864.658400][T18367]  ? __pfx_do_sys_openat2+0x10/0x10
[  864.658424][T18367]  __x64_sys_openat+0x174/0x210
[  864.658440][T18367]  ? __pfx___x64_sys_openat+0x10/0x10
[  864.658464][T18367]  do_syscall_64+0xcd/0xf80
[  864.658483][T18367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  864.658499][T18367] RIP: 0033:0x7f1eaa38f7c9
[  864.658512][T18367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  864.658527][T18367] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  864.658542][T18367] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  864.658553][T18367] RDX: 000000000014bb00 RSI: 0000200000000300 RDI: ffffffffffffff9c
[  864.658563][T18367] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  864.658571][T18367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  864.658580][T18367] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  864.658602][T18367]  </TASK>
[  864.658609][T18367] ERROR: Out of memory at tomoyo_realpath_from_path.
[  865.049859][T18375] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2696'.
[  865.217250][T18372] serio: Serial port ttyS2
[  866.279484][T18191] Bluetooth: hci4: command 0x0c1a tx timeout
[  866.770036][T18385] zswap: compressor  not available
[  867.191094][T18410] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  868.231373][T18418] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  868.260636][T18418] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  868.305842][T18418] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  868.360350][T18418] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  868.429156][T18423] serio: Serial port ttyS2
[  868.697352][T18437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2707'.
[  868.921089][T18431] serio: Serial port ttyS2
[  869.781491][T18191] Bluetooth: hci0: command 0x0c1a tx timeout
[  870.259530][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  870.341665][T18191] Bluetooth: hci3: command 0x0c1a tx timeout
[  870.417971][T18191] Bluetooth: hci4: command 0x0c1a tx timeout
[  871.543310][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  871.549600][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  872.173513][T18488] vivid-007: =================  START STATUS  =================
[  872.211992][T18491] FAULT_INJECTION: forcing a failure.
[  872.211992][T18491] name failslab, interval 1, probability 0, space 0, times 0
[  872.268423][T18488] vivid-007: Generate PTS: true
[  872.288250][T18491] CPU: 0 UID: 0 PID: 18491 Comm: syz.1.2717 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  872.288280][T18491] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  872.288287][T18491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  872.288297][T18491] Call Trace:
[  872.288302][T18491]  <TASK>
[  872.288309][T18491]  dump_stack_lvl+0x16c/0x1f0
[  872.288332][T18491]  should_fail_ex+0x512/0x640
[  872.288355][T18491]  ? __kmalloc_cache_noprof+0x5f/0x800
[  872.288375][T18491]  should_failslab+0xc2/0x120
[  872.288397][T18491]  __kmalloc_cache_noprof+0x80/0x800
[  872.288414][T18491]  ? ovl_init_fs_context+0x52/0x5f0
[  872.288436][T18491]  ? ovl_init_fs_context+0x52/0x5f0
[  872.288451][T18491]  ovl_init_fs_context+0x52/0x5f0
[  872.288466][T18491]  ? __pfx_ovl_init_fs_context+0x10/0x10
[  872.288482][T18491]  alloc_fs_context+0x629/0xf50
[  872.288501][T18491]  __x64_sys_fsopen+0xeb/0x240
[  872.288519][T18491]  do_syscall_64+0xcd/0xf80
[  872.288538][T18491]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.288554][T18491] RIP: 0033:0x7fdaf5d8f7c9
[  872.288566][T18491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  872.288580][T18491] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  872.288595][T18491] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  872.288605][T18491] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  872.288613][T18491] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  872.288622][T18491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  872.288631][T18491] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  872.288650][T18491]  </TASK>
[  872.666302][T18488] vivid-007: Generate SCR: true
[  872.671215][T18488] tpg source WxH: 320x240 (Y'CbCr)
[  872.744997][T18488] tpg field: 1
[  872.762804][   T30] audit: type=1800 audit(4294967412.683:31): pid=18499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2716" name="lu_gp_id" dev="configfs" ino=73244 res=0 errno=0
[  872.794300][T18488] tpg crop: (0,0)/320x240
[  872.815667][T18488] tpg compose: (0,0)/320x240
[  872.843839][T18488] tpg colorspace: 8
[  872.865220][T18488] tpg transfer function: 0/0
[  872.905118][T18488] tpg Y'CbCr encoding: 0/0
[  872.939232][T18488] tpg quantization: 0/0
[  872.979907][T18488] tpg RGB range: 0/2
[  872.999564][T18488] vivid-007: ==================  END STATUS  ==================
[  873.594603][T18519] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  873.752291][T18524] serio: Serial port ttyS2
[  876.902943][T18570] random: crng reseeded on system resumption
[  876.979539][T18573] capability: warning: `syz.2.2727' uses deprecated v2 capabilities in a way that may be insecure
[  877.060483][T18568] zswap: compressor  not available
[  877.427017][T18582] vhci_hcd vhci_hcd.0: invalid port number 16
[  878.468659][T18603] FAULT_INJECTION: forcing a failure.
[  878.468659][T18603] name failslab, interval 1, probability 0, space 0, times 0
[  878.527348][T18603] CPU: 0 UID: 0 PID: 18603 Comm: syz.2.2734 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  878.527377][T18603] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  878.527384][T18603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  878.527394][T18603] Call Trace:
[  878.527400][T18603]  <TASK>
[  878.527406][T18603]  dump_stack_lvl+0x16c/0x1f0
[  878.527429][T18603]  should_fail_ex+0x512/0x640
[  878.527453][T18603]  ? __kmalloc_cache_noprof+0x5f/0x800
[  878.527472][T18603]  should_failslab+0xc2/0x120
[  878.527494][T18603]  __kmalloc_cache_noprof+0x80/0x800
[  878.527511][T18603]  ? rfkill_fop_open+0x1b6/0x750
[  878.527529][T18603]  ? rfkill_fop_open+0x1b6/0x750
[  878.527543][T18603]  rfkill_fop_open+0x1b6/0x750
[  878.527560][T18603]  ? __pfx_rfkill_fop_open+0x10/0x10
[  878.527575][T18603]  misc_open+0x26d/0x450
[  878.527597][T18603]  ? __pfx_misc_open+0x10/0x10
[  878.527619][T18603]  chrdev_open+0x234/0x6a0
[  878.527640][T18603]  ? __pfx_apparmor_file_open+0x10/0x10
[  878.527669][T18603]  ? __pfx_chrdev_open+0x10/0x10
[  878.527691][T18603]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  878.527719][T18603]  do_dentry_open+0x748/0x1590
[  878.527740][T18603]  ? __pfx_chrdev_open+0x10/0x10
[  878.527766][T18603]  vfs_open+0x82/0x3f0
[  878.527784][T18603]  path_openat+0x2078/0x3140
[  878.527811][T18603]  ? __pfx_path_openat+0x10/0x10
[  878.527838][T18603]  do_filp_open+0x20b/0x470
[  878.527860][T18603]  ? __pfx_do_filp_open+0x10/0x10
[  878.527895][T18603]  ? alloc_fd+0x471/0x7d0
[  878.527921][T18603]  do_sys_openat2+0x11f/0x280
[  878.527936][T18603]  ? __pfx_do_sys_openat2+0x10/0x10
[  878.527960][T18603]  __x64_sys_openat+0x174/0x210
[  878.527976][T18603]  ? __pfx___x64_sys_openat+0x10/0x10
[  878.528000][T18603]  do_syscall_64+0xcd/0xf80
[  878.528019][T18603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.528035][T18603] RIP: 0033:0x7f1ca1f8f7c9
[  878.528048][T18603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  878.528063][T18603] RSP: 002b:00007f1ca2d4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  878.528079][T18603] RAX: ffffffffffffffda RBX: 00007f1ca21e5fa0 RCX: 00007f1ca1f8f7c9
[  878.528089][T18603] RDX: 0000000000002000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  878.528099][T18603] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  878.528108][T18603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  878.528117][T18603] R13: 00007f1ca21e6038 R14: 00007f1ca21e5fa0 R15: 00007ffd56b00548
[  878.528137][T18603]  </TASK>
[  880.492066][T18622] serio: Serial port ttyS2
[  882.068291][T18661] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  882.107593][T18661] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  882.135711][T18661] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  882.176927][T18661] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  882.851903][   T30] audit: type=1800 audit(4294967422.825:32): pid=18688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2746" name="features" dev="configfs" ino=74030 res=0 errno=0
[  884.027239][T18191] Bluetooth: hci0: command 0x0c1a tx timeout
[  884.107960][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  884.186358][T15612] Bluetooth: hci3: command 0x0c1a tx timeout
[  884.192377][T18191] Bluetooth: hci4: command 0x0c1a tx timeout
[  887.053914][T18750] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  887.074128][T18750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  887.163896][T18750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  887.290991][T18750] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  889.121643][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  889.127670][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  889.205011][T18191] Bluetooth: hci3: command 0x0c1a tx timeout
[  889.366207][T18191] Bluetooth: hci4: command 0x0c1a tx timeout
[  891.532440][T18795] FAULT_INJECTION: forcing a failure.
[  891.532440][T18795] name failslab, interval 1, probability 0, space 0, times 0
[  891.582201][T18795] CPU: 0 UID: 0 PID: 18795 Comm: syz.1.2764 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  891.582232][T18795] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  891.582239][T18795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  891.582249][T18795] Call Trace:
[  891.582255][T18795]  <TASK>
[  891.582262][T18795]  dump_stack_lvl+0x16c/0x1f0
[  891.582286][T18795]  should_fail_ex+0x512/0x640
[  891.582309][T18795]  ? __kmalloc_cache_noprof+0x5f/0x800
[  891.582329][T18795]  should_failslab+0xc2/0x120
[  891.582351][T18795]  __kmalloc_cache_noprof+0x80/0x800
[  891.582368][T18795]  ? rfkill_fop_open+0x1b6/0x750
[  891.582386][T18795]  ? rfkill_fop_open+0x1b6/0x750
[  891.582400][T18795]  rfkill_fop_open+0x1b6/0x750
[  891.582416][T18795]  ? __pfx_rfkill_fop_open+0x10/0x10
[  891.582431][T18795]  misc_open+0x26d/0x450
[  891.582454][T18795]  ? __pfx_misc_open+0x10/0x10
[  891.582481][T18795]  chrdev_open+0x234/0x6a0
[  891.582503][T18795]  ? __pfx_apparmor_file_open+0x10/0x10
[  891.582524][T18795]  ? __pfx_chrdev_open+0x10/0x10
[  891.582546][T18795]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  891.582572][T18795]  do_dentry_open+0x748/0x1590
[  891.582592][T18795]  ? __pfx_chrdev_open+0x10/0x10
[  891.582619][T18795]  vfs_open+0x82/0x3f0
[  891.582637][T18795]  path_openat+0x2078/0x3140
[  891.582664][T18795]  ? __pfx_path_openat+0x10/0x10
[  891.582692][T18795]  do_filp_open+0x20b/0x470
[  891.582720][T18795]  ? __pfx_do_filp_open+0x10/0x10
[  891.582755][T18795]  ? alloc_fd+0x471/0x7d0
[  891.582783][T18795]  do_sys_openat2+0x11f/0x280
[  891.582799][T18795]  ? __pfx_do_sys_openat2+0x10/0x10
[  891.582823][T18795]  __x64_sys_openat+0x174/0x210
[  891.582840][T18795]  ? __pfx___x64_sys_openat+0x10/0x10
[  891.582865][T18795]  do_syscall_64+0xcd/0xf80
[  891.582885][T18795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  891.582900][T18795] RIP: 0033:0x7fdaf5d8f7c9
[  891.582915][T18795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  891.582930][T18795] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  891.582945][T18795] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  891.582955][T18795] RDX: 0000000000002000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  891.582965][T18795] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  891.582974][T18795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  891.582983][T18795] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  891.583004][T18795]  </TASK>
[  892.440920][T18798] Unable to find swap-space signature
[  893.448734][T18810] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  893.651239][T18814] vivid-007: =================  START STATUS  =================
[  893.689966][T18814] vivid-007: Generate PTS: true
[  893.694854][T18814] vivid-007: Generate SCR: true
[  893.719470][T18804] can0: slcan on pty185.
[  893.739842][T18814] tpg source WxH: 320x240 (Y'CbCr)
[  893.768047][T18814] tpg field: 1
[  893.771432][T18814] tpg crop: (0,0)/320x240
[  893.807411][T18814] tpg compose: (0,0)/320x240
[  893.812013][T18814] tpg colorspace: 8
[  893.815802][T18814] tpg transfer function: 0/0
[  893.896082][T18814] tpg Y'CbCr encoding: 0/0
[  893.900511][T18814] tpg quantization: 0/0
[  893.961787][T18814] tpg RGB range: 0/2
[  894.002335][T18814] vivid-007: ==================  END STATUS  ==================
[  894.049973][T18809] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  894.311898][T18806] can0 (unregistered): slcan off pty185.
[  894.736138][T18809] kexec: Could not allocate control_code_buffer
[  898.001560][T18882] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  898.186468][T18873] hub 8-0:1.0: USB hub found
[  898.299656][T18873] hub 8-0:1.0: 1 port detected
[  898.389769][T18882] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2789: iget: checksum invalid
[  898.946577][T18882] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  899.151731][T18882] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2789: iget: checksum invalid
[  899.348945][T18882] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  899.513039][T18882] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2789: iget: checksum invalid
[  899.718092][T18882] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  899.960051][T18882] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2789: iget: checksum invalid
[  900.193761][T18882] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  900.753756][T18882] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  900.753793][T18882] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  901.617020][T18927] serio: Serial port ttyS2
[  901.624855][T18929] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2791: iget: checksum invalid
[  901.912697][T18929] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  902.134809][T18929] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2791: iget: checksum invalid
[  902.248065][T18942] serio: Serial port ttyS2
[  902.372077][T18929] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  902.542041][T18929] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2791: iget: checksum invalid
[  902.648335][T18929] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  902.801960][T18929] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.2791: iget: checksum invalid
[  902.916589][T18952] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2797'.
[  902.970751][T18952] veth1_macvtap: entered allmulticast mode
[  902.981152][T18929] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  903.110459][T18929] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  903.131959][T18957] hub 1-0:1.0: USB hub found
[  903.185755][T18957] hub 1-0:1.0: 1 port detected
[  903.320040][T18929] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  903.367303][T18961] hub 1-0:1.0: USB hub found
[  903.453701][T18961] hub 1-0:1.0: 1 port detected
[  903.970901][T18970] FAULT_INJECTION: forcing a failure.
[  903.970901][T18970] name failslab, interval 1, probability 0, space 0, times 0
[  904.049104][T18970] CPU: 0 UID: 0 PID: 18970 Comm: syz.4.2800 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  904.049133][T18970] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  904.049139][T18970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  904.049148][T18970] Call Trace:
[  904.049154][T18970]  <TASK>
[  904.049161][T18970]  dump_stack_lvl+0x16c/0x1f0
[  904.049184][T18970]  should_fail_ex+0x512/0x640
[  904.049206][T18970]  ? __kmalloc_noprof+0xca/0x910
[  904.049224][T18970]  should_failslab+0xc2/0x120
[  904.049247][T18970]  __kmalloc_noprof+0xeb/0x910
[  904.049263][T18970]  ? group_cpus_evenly+0xeb/0x650
[  904.049284][T18970]  ? group_cpus_evenly+0xeb/0x650
[  904.049301][T18970]  group_cpus_evenly+0xeb/0x650
[  904.049321][T18970]  ? __pfx_group_cpus_evenly+0x10/0x10
[  904.049346][T18970]  blk_mq_map_queues+0xa5/0x4d0
[  904.049369][T18970]  ? __pfx_blk_mq_map_queues+0x10/0x10
[  904.049397][T18970]  ? rcu_is_watching+0x12/0xc0
[  904.049421][T18970]  blk_mq_update_queue_map+0x34a/0x3e0
[  904.049445][T18970]  blk_mq_alloc_tag_set+0x662/0x12e0
[  904.049462][T18970]  ? __pfx_idr_alloc+0x3/0x10
[  904.049483][T18970]  loop_add+0x3b2/0xb70
[  904.049503][T18970]  ? __pfx_loop_add+0x10/0x10
[  904.049533][T18970]  ? find_held_lock+0x2b/0x80
[  904.049554][T18970]  loop_control_ioctl+0x13e/0x630
[  904.049574][T18970]  ? __pfx_loop_control_ioctl+0x10/0x10
[  904.049595][T18970]  ? __pfx_loop_control_ioctl+0x10/0x10
[  904.049615][T18970]  __x64_sys_ioctl+0x18e/0x210
[  904.049634][T18970]  do_syscall_64+0xcd/0xf80
[  904.049653][T18970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  904.049668][T18970] RIP: 0033:0x7f1eaa38f7c9
[  904.049680][T18970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  904.049695][T18970] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  904.049710][T18970] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  904.049720][T18970] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[  904.049729][T18970] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  904.049738][T18970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  904.049747][T18970] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  904.049766][T18970]  </TASK>
[  905.224572][T18987] netlink: 'syz.4.2803': attribute type 2 has an invalid length.
[  906.505437][T19010] random: crng reseeded on system resumption
[  906.662356][T18191] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5
[  907.584084][T19018] serio: Serial port ttyS2
[  907.628587][T19021] zswap: compressor  not available
[  908.030725][T19035] FAULT_INJECTION: forcing a failure.
[  908.030725][T19035] name failslab, interval 1, probability 0, space 0, times 0
[  908.103497][T19035] CPU: 0 UID: 0 PID: 19035 Comm: syz.2.2812 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  908.103525][T19035] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  908.103531][T19035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  908.103541][T19035] Call Trace:
[  908.103548][T19035]  <TASK>
[  908.103554][T19035]  dump_stack_lvl+0x16c/0x1f0
[  908.103578][T19035]  should_fail_ex+0x512/0x640
[  908.103601][T19035]  ? __kvmalloc_node_noprof+0x129/0xa40
[  908.103624][T19035]  should_failslab+0xc2/0x120
[  908.103645][T19035]  __kvmalloc_node_noprof+0x14a/0xa40
[  908.103667][T19035]  ? sbitmap_init_node+0x1cc/0x770
[  908.103689][T19035]  ? sbitmap_init_node+0x1cc/0x770
[  908.103705][T19035]  sbitmap_init_node+0x1cc/0x770
[  908.103725][T19035]  sbitmap_queue_init_node+0x40/0x4a0
[  908.103745][T19035]  blk_mq_init_tags+0x17f/0x320
[  908.103764][T19035]  blk_mq_alloc_map_and_rqs+0x222/0xeb0
[  908.103795][T19035]  __blk_mq_alloc_map_and_rqs+0x128/0x1f0
[  908.103815][T19035]  blk_mq_alloc_tag_set+0x7c3/0x12e0
[  908.103838][T19035]  loop_add+0x3b2/0xb70
[  908.103859][T19035]  ? __pfx_loop_add+0x10/0x10
[  908.103889][T19035]  ? find_held_lock+0x2b/0x80
[  908.103911][T19035]  loop_control_ioctl+0x13e/0x630
[  908.103934][T19035]  ? __pfx_loop_control_ioctl+0x10/0x10
[  908.103956][T19035]  ? __pfx_loop_control_ioctl+0x10/0x10
[  908.103976][T19035]  __x64_sys_ioctl+0x18e/0x210
[  908.104003][T19035]  do_syscall_64+0xcd/0xf80
[  908.104023][T19035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.104039][T19035] RIP: 0033:0x7f1ca1f8f7c9
[  908.104053][T19035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  908.104068][T19035] RSP: 002b:00007f1ca2d4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  908.104084][T19035] RAX: ffffffffffffffda RBX: 00007f1ca21e5fa0 RCX: 00007f1ca1f8f7c9
[  908.104094][T19035] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[  908.104103][T19035] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  908.104112][T19035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  908.104120][T19035] R13: 00007f1ca21e6038 R14: 00007f1ca21e5fa0 R15: 00007ffd56b00548
[  908.104139][T19035]  </TASK>
[  908.104238][T19035] blk-mq: reduced tag depth (128 -> 64)
[  909.339015][T19051] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48
[  909.964612][T19053] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[  912.950787][T19081] serio: Serial port ttyS2
[  914.759478][T19095] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  914.877574][T19114] ICMPv6: process `syz.4.2826' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead
[  914.975513][T19095] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.106060][T19095] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.199881][T19095] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.322951][T19120] netlink: 'syz.1.2827': attribute type 11 has an invalid length.
[  915.415697][T19123] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2829'.
[  915.625021][T19097] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.747651][T19097] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.828236][T19097] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  915.906543][T19097] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  916.071957][T19130] FAULT_INJECTION: forcing a failure.
[  916.071957][T19130] name failslab, interval 1, probability 0, space 0, times 0
[  916.122738][T19133] FAULT_INJECTION: forcing a failure.
[  916.122738][T19133] name failslab, interval 1, probability 0, space 0, times 0
[  916.140513][T19130] CPU: 0 UID: 0 PID: 19130 Comm: syz.1.2831 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  916.140541][T19130] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  916.140547][T19130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  916.140556][T19130] Call Trace:
[  916.140562][T19130]  <TASK>
[  916.140568][T19130]  dump_stack_lvl+0x16c/0x1f0
[  916.140593][T19130]  should_fail_ex+0x512/0x640
[  916.140616][T19130]  ? __kmalloc_cache_noprof+0x5f/0x800
[  916.140635][T19130]  should_failslab+0xc2/0x120
[  916.140657][T19130]  __kmalloc_cache_noprof+0x80/0x800
[  916.140673][T19130]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  916.140689][T19130]  ? sctp_endpoint_new+0xfc/0xb20
[  916.140711][T19130]  ? sctp_endpoint_new+0xfc/0xb20
[  916.140727][T19130]  sctp_endpoint_new+0xfc/0xb20
[  916.140747][T19130]  ? __pfx_sctp_endpoint_new+0x10/0x10
[  916.140767][T19130]  ? lockdep_init_map_type+0x5c/0x270
[  916.140783][T19130]  ? lockdep_init_map_type+0x5c/0x270
[  916.140800][T19130]  sctp_init_sock+0xe2b/0x1310
[  916.140817][T19130]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  916.140835][T19130]  sctp_v6_init_sock+0x16/0x70
[  916.140852][T19130]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  916.140869][T19130]  inet6_create+0xb30/0x12b0
[  916.140888][T19130]  ? inet6_create+0x7f/0x12b0
[  916.140908][T19130]  __sock_create+0x339/0x8a0
[  916.140931][T19130]  __sys_socket+0x14d/0x260
[  916.140949][T19130]  ? fput+0x70/0xf0
[  916.140963][T19130]  ? __pfx___sys_socket+0x10/0x10
[  916.140982][T19130]  ? xfd_validate_state+0x61/0x180
[  916.140996][T19130]  ? __pfx_ksys_write+0x10/0x10
[  916.141019][T19130]  __x64_sys_socket+0x72/0xb0
[  916.141038][T19130]  ? lockdep_hardirqs_on+0x7c/0x110
[  916.141056][T19130]  do_syscall_64+0xcd/0xf80
[  916.141074][T19130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.141089][T19130] RIP: 0033:0x7fdaf5d8f7c9
[  916.141102][T19130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  916.141117][T19130] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  916.141132][T19130] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  916.141142][T19130] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a
[  916.141151][T19130] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  916.141160][T19130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  916.141169][T19130] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  916.141188][T19130]  </TASK>
[  916.421437][T19133] CPU: 0 UID: 0 PID: 19133 Comm: syz.3.2830 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  916.421465][T19133] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  916.421470][T19133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  916.421480][T19133] Call Trace:
[  916.421486][T19133]  <TASK>
[  916.421492][T19133]  dump_stack_lvl+0x16c/0x1f0
[  916.421515][T19133]  should_fail_ex+0x512/0x640
[  916.421538][T19133]  ? __kmalloc_noprof+0xca/0x910
[  916.421557][T19133]  should_failslab+0xc2/0x120
[  916.421579][T19133]  __kmalloc_noprof+0xeb/0x910
[  916.421595][T19133]  ? group_cpus_evenly+0x199/0x650
[  916.421616][T19133]  ? group_cpus_evenly+0x199/0x650
[  916.421632][T19133]  group_cpus_evenly+0x199/0x650
[  916.421652][T19133]  ? __pfx_group_cpus_evenly+0x10/0x10
[  916.421676][T19133]  blk_mq_map_queues+0xa5/0x4d0
[  916.421700][T19133]  ? __pfx_blk_mq_map_queues+0x10/0x10
[  916.421722][T19133]  ? rcu_is_watching+0x12/0xc0
[  916.421744][T19133]  blk_mq_update_queue_map+0x34a/0x3e0
[  916.421766][T19133]  blk_mq_alloc_tag_set+0x662/0x12e0
[  916.421782][T19133]  ? __pfx_idr_alloc+0x3/0x10
[  916.421803][T19133]  loop_add+0x3b2/0xb70
[  916.421823][T19133]  ? __pfx_loop_add+0x10/0x10
[  916.421853][T19133]  ? find_held_lock+0x2b/0x80
[  916.421874][T19133]  loop_control_ioctl+0x13e/0x630
[  916.421893][T19133]  ? __pfx_loop_control_ioctl+0x10/0x10
[  916.421915][T19133]  ? __pfx_loop_control_ioctl+0x10/0x10
[  916.421935][T19133]  __x64_sys_ioctl+0x18e/0x210
[  916.421954][T19133]  do_syscall_64+0xcd/0xf80
[  916.421973][T19133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  916.421988][T19133] RIP: 0033:0x7f6f9718f7c9
[  916.422001][T19133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  916.422016][T19133] RSP: 002b:00007f6f97f8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  916.422031][T19133] RAX: ffffffffffffffda RBX: 00007f6f973e5fa0 RCX: 00007f6f9718f7c9
[  916.422041][T19133] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000005
[  916.422050][T19133] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  916.422060][T19133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  916.422068][T19133] R13: 00007f6f973e6038 R14: 00007f6f973e5fa0 R15: 00007fff03a80208
[  916.422088][T19133]  </TASK>
[  917.507945][T19154] bond0: invalid ARP target specified
[  917.621702][T19159] openvswitch: netlink: Flow key attribute not present in set flow.
[  918.281851][T19171] zswap: compressor  not available
[  918.336370][T19165] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  918.354223][T19165] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  918.383798][T19165] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  918.414575][T19165] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  919.183423][T19191] FAULT_INJECTION: forcing a failure.
[  919.183423][T19191] name failslab, interval 1, probability 0, space 0, times 0
[  919.230823][T19191] CPU: 0 UID: 0 PID: 19191 Comm: syz.1.2844 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  919.230851][T19191] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  919.230857][T19191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  919.230867][T19191] Call Trace:
[  919.230873][T19191]  <TASK>
[  919.230880][T19191]  dump_stack_lvl+0x16c/0x1f0
[  919.230903][T19191]  should_fail_ex+0x512/0x640
[  919.230926][T19191]  ? __kmalloc_cache_node_noprof+0x62/0x830
[  919.230949][T19191]  should_failslab+0xc2/0x120
[  919.230978][T19191]  __kmalloc_cache_node_noprof+0x83/0x830
[  919.230999][T19191]  ? alloc_shrinker_info+0x192/0x470
[  919.231023][T19191]  ? alloc_shrinker_info+0x192/0x470
[  919.231041][T19191]  alloc_shrinker_info+0x192/0x470
[  919.231065][T19191]  mem_cgroup_css_online+0x217/0x640
[  919.231091][T19191]  ? __pfx_mem_cgroup_css_online+0x10/0x10
[  919.231110][T19191]  online_css+0xb2/0x350
[  919.231129][T19191]  cgroup_apply_control_enable+0x702/0xbb0
[  919.231159][T19191]  cgroup_mkdir+0x5e0/0x12e0
[  919.231183][T19191]  ? __pfx_cgroup_mkdir+0x10/0x10
[  919.231205][T19191]  kernfs_iop_mkdir+0x111/0x190
[  919.231223][T19191]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  919.231240][T19191]  vfs_mkdir+0x731/0xb60
[  919.231260][T19191]  do_mkdirat+0x442/0x5e0
[  919.231283][T19191]  ? __pfx_do_mkdirat+0x10/0x10
[  919.231304][T19191]  ? strncpy_from_user+0x203/0x2e0
[  919.231327][T19191]  ? getname_flags.part.0+0x1c5/0x550
[  919.231345][T19191]  __x64_sys_mkdir+0xef/0x140
[  919.231371][T19191]  do_syscall_64+0xcd/0xf80
[  919.231391][T19191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  919.231407][T19191] RIP: 0033:0x7fdaf5d8f7c9
[  919.231420][T19191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  919.231435][T19191] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  919.231450][T19191] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  919.231460][T19191] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  919.231469][T19191] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  919.231479][T19191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  919.231488][T19191] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  919.231510][T19191]  </TASK>
[  919.936369][T19193] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  919.944929][T19193] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  919.954600][T19193] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  919.994123][T19193] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  920.343609][T19215] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2848'.
[  920.494267][T19212] HfR: entered promiscuous mode
[  920.508126][T19219] input: f¬
 as /devices/virtual/input/input51
[  920.697493][T19218] serio: Serial port ttyS2
[  921.338490][T19244] FAULT_INJECTION: forcing a failure.
[  921.338490][T19244] name failslab, interval 1, probability 0, space 0, times 0
[  921.419078][T19244] CPU: 0 UID: 0 PID: 19244 Comm: syz.1.2855 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  921.419108][T19244] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  921.419114][T19244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  921.419124][T19244] Call Trace:
[  921.419130][T19244]  <TASK>
[  921.419136][T19244]  dump_stack_lvl+0x16c/0x1f0
[  921.419160][T19244]  should_fail_ex+0x512/0x640
[  921.419183][T19244]  ? __kmalloc_cache_noprof+0x5f/0x800
[  921.419203][T19244]  should_failslab+0xc2/0x120
[  921.419226][T19244]  __kmalloc_cache_noprof+0x80/0x800
[  921.419243][T19244]  ? do_raw_spin_lock+0x12c/0x2b0
[  921.419260][T19244]  ? kobject_uevent_env+0x265/0x1920
[  921.419284][T19244]  ? kobject_uevent_env+0x265/0x1920
[  921.419305][T19244]  kobject_uevent_env+0x265/0x1920
[  921.419326][T19244]  ? __pfx_dev_uevent_name+0x10/0x10
[  921.419350][T19244]  ? bus_to_subsys+0x131/0x160
[  921.419371][T19244]  device_add+0x1103/0x1980
[  921.419389][T19244]  ? __pfx_device_add+0x10/0x10
[  921.419404][T19244]  ? lockdep_init_map_type+0x5c/0x270
[  921.419419][T19244]  ? __init_waitqueue_head+0xca/0x150
[  921.419441][T19244]  rfkill_register+0x1ad/0xb40
[  921.419459][T19244]  nfc_register_device+0x11f/0x410
[  921.419478][T19244]  nci_register_device+0x7f1/0xb80
[  921.419501][T19244]  ? __pfx_nci_register_device+0x10/0x10
[  921.419527][T19244]  ? lockdep_init_map_type+0x5c/0x270
[  921.419545][T19244]  virtual_ncidev_open+0x141/0x220
[  921.419565][T19244]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  921.419584][T19244]  misc_open+0x26d/0x450
[  921.419607][T19244]  ? __pfx_misc_open+0x10/0x10
[  921.419628][T19244]  chrdev_open+0x234/0x6a0
[  921.419649][T19244]  ? __pfx_apparmor_file_open+0x10/0x10
[  921.419670][T19244]  ? __pfx_chrdev_open+0x10/0x10
[  921.419692][T19244]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  921.419718][T19244]  do_dentry_open+0x748/0x1590
[  921.419738][T19244]  ? __pfx_chrdev_open+0x10/0x10
[  921.419764][T19244]  vfs_open+0x82/0x3f0
[  921.419782][T19244]  path_openat+0x2078/0x3140
[  921.419845][T19244]  ? __pfx_path_openat+0x10/0x10
[  921.419874][T19244]  do_filp_open+0x20b/0x470
[  921.419897][T19244]  ? __pfx_do_filp_open+0x10/0x10
[  921.419933][T19244]  ? alloc_fd+0x471/0x7d0
[  921.419959][T19244]  do_sys_openat2+0x11f/0x280
[  921.419975][T19244]  ? __pfx_do_sys_openat2+0x10/0x10
[  921.419998][T19244]  __x64_sys_openat+0x174/0x210
[  921.420015][T19244]  ? __pfx___x64_sys_openat+0x10/0x10
[  921.420039][T19244]  do_syscall_64+0xcd/0xf80
[  921.420059][T19244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.420074][T19244] RIP: 0033:0x7fdaf5d8f7c9
[  921.420087][T19244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  921.420102][T19244] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  921.420117][T19244] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  921.420127][T19244] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  921.420137][T19244] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  921.420146][T19244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  921.420155][T19244] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  921.420176][T19244]  </TASK>
[  921.751072][T18191] Bluetooth: hci0: command 0x0c1a tx timeout
[  922.116766][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  922.122897][T18191] Bluetooth: hci4: command 0x0c1a tx timeout
[  922.144785][T15612] Bluetooth: hci3: command 0x0c1a tx timeout
[  924.781522][T19258] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2856: iget: checksum invalid
[  924.878333][T19258] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  924.925240][T19258] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2856: iget: checksum invalid
[  924.994424][T19258] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  925.054034][T19258] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2856: iget: checksum invalid
[  925.111334][T19258] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  925.170347][T19258] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.2856: iget: checksum invalid
[  925.213400][T19258] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  925.262762][T19258] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  925.302582][T19258] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  926.389242][T19291] FAULT_INJECTION: forcing a failure.
[  926.389242][T19291] name failslab, interval 1, probability 0, space 0, times 0
[  926.426094][T19292] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2859'.
[  926.455119][T19291] CPU: 0 UID: 0 PID: 19291 Comm: syz.2.2858 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  926.455149][T19291] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  926.455155][T19291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  926.455166][T19291] Call Trace:
[  926.455172][T19291]  <TASK>
[  926.455178][T19291]  dump_stack_lvl+0x16c/0x1f0
[  926.455202][T19291]  should_fail_ex+0x512/0x640
[  926.455226][T19291]  ? __kmalloc_cache_node_noprof+0x62/0x830
[  926.455249][T19291]  should_failslab+0xc2/0x120
[  926.455271][T19291]  __kmalloc_cache_node_noprof+0x83/0x830
[  926.455293][T19291]  ? alloc_shrinker_info+0x192/0x470
[  926.455316][T19291]  ? alloc_shrinker_info+0x192/0x470
[  926.455332][T19291]  alloc_shrinker_info+0x192/0x470
[  926.455355][T19291]  mem_cgroup_css_online+0x217/0x640
[  926.455373][T19291]  ? __pfx_mem_cgroup_css_online+0x10/0x10
[  926.455391][T19291]  online_css+0xb2/0x350
[  926.455409][T19291]  cgroup_apply_control_enable+0x702/0xbb0
[  926.455437][T19291]  cgroup_mkdir+0x5e0/0x12e0
[  926.455461][T19291]  ? __pfx_cgroup_mkdir+0x10/0x10
[  926.455482][T19291]  kernfs_iop_mkdir+0x111/0x190
[  926.455501][T19291]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  926.455518][T19291]  vfs_mkdir+0x731/0xb60
[  926.455538][T19291]  do_mkdirat+0x442/0x5e0
[  926.455561][T19291]  ? __pfx_do_mkdirat+0x10/0x10
[  926.455582][T19291]  ? strncpy_from_user+0x203/0x2e0
[  926.455615][T19291]  ? getname_flags.part.0+0x1c5/0x550
[  926.455634][T19291]  __x64_sys_mkdir+0xef/0x140
[  926.455657][T19291]  do_syscall_64+0xcd/0xf80
[  926.455677][T19291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.455692][T19291] RIP: 0033:0x7f1ca1f8f7c9
[  926.455706][T19291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  926.455722][T19291] RSP: 002b:00007f1ca2d4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  926.455737][T19291] RAX: ffffffffffffffda RBX: 00007f1ca21e5fa0 RCX: 00007f1ca1f8f7c9
[  926.455747][T19291] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  926.455756][T19291] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  926.455766][T19291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  926.455774][T19291] R13: 00007f1ca21e6038 R14: 00007f1ca21e5fa0 R15: 00007ffd56b00548
[  926.455795][T19291]  </TASK>
[  927.337732][T19303] FAULT_INJECTION: forcing a failure.
[  927.337732][T19303] name fail_futex, interval 1, probability 0, space 0, times 0
[  927.485337][T19303] CPU: 0 UID: 0 PID: 19303 Comm: syz.1.2862 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  927.485367][T19303] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  927.485373][T19303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  927.485383][T19303] Call Trace:
[  927.485389][T19303]  <TASK>
[  927.485396][T19303]  dump_stack_lvl+0x16c/0x1f0
[  927.485418][T19303]  should_fail_ex+0x512/0x640
[  927.485444][T19303]  get_futex_key+0x1d0/0x15f0
[  927.485463][T19303]  ? __pfx_get_futex_key+0x10/0x10
[  927.485485][T19303]  futex_wait_setup+0x9d/0x570
[  927.485510][T19303]  __futex_wait+0x193/0x2f0
[  927.485530][T19303]  ? __pfx___futex_wait+0x10/0x10
[  927.485552][T19303]  ? __pfx_futex_wake_mark+0x10/0x10
[  927.485574][T19303]  ? futex_hash+0x2c5/0x380
[  927.485591][T19303]  ? futex_private_hash_put+0x160/0x1b0
[  927.485608][T19303]  futex_wait+0xe8/0x380
[  927.485627][T19303]  ? __pfx_futex_wait+0x10/0x10
[  927.485650][T19303]  ? __might_fault+0xe3/0x190
[  927.485666][T19303]  ? __might_fault+0x13b/0x190
[  927.485685][T19303]  do_futex+0x229/0x350
[  927.485702][T19303]  ? __pfx_do_futex+0x10/0x10
[  927.485718][T19303]  ? fput+0x70/0xf0
[  927.485731][T19303]  ? __sys_connect+0xe0/0x160
[  927.485756][T19303]  __x64_sys_futex+0x1e0/0x4c0
[  927.485775][T19303]  ? __pfx___x64_sys_futex+0x10/0x10
[  927.485792][T19303]  ? xfd_validate_state+0x61/0x180
[  927.485806][T19303]  ? __pfx_ksys_write+0x10/0x10
[  927.485832][T19303]  do_syscall_64+0xcd/0xf80
[  927.485852][T19303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  927.485867][T19303] RIP: 0033:0x7fdaf5d8f7c9
[  927.485880][T19303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  927.485895][T19303] RSP: 002b:00007fdaf3fee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  927.485910][T19303] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa8 RCX: 00007fdaf5d8f7c9
[  927.485920][T19303] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdaf5fe5fa8
[  927.485929][T19303] RBP: 00007fdaf5fe5fa0 R08: 0000000000000000 R09: 0000000000000000
[  927.485938][T19303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  927.485947][T19303] R13: 00007fdaf5fe6038 R14: 00007fff42fde510 R15: 00007fff42fde5f8
[  927.485967][T19303]  </TASK>
[  928.289672][T19313] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2865'.
[  928.377708][T19313] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2865'.
[  928.400082][T19315] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  928.410957][T19303] NFSD: Failed to start, no listeners configured.
[  928.814302][T15612] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[  932.673474][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  932.689345][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  933.743884][T19425] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2882'.
[  934.931620][T19452] netlink: zone id is out of range
[  934.961122][T19447] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  934.981641][T19447] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  935.005434][T19452] netlink: zone id is out of range
[  935.018836][T19447] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  935.041499][T19447] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  936.634454][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  937.032009][T18191] Bluetooth: hci1: command 0x0c1a tx timeout
[  937.038798][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  937.045555][T15612] Bluetooth: hci4: command 0x0c1a tx timeout
[  937.221852][T19504] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  938.305379][T19519] FAULT_INJECTION: forcing a failure.
[  938.305379][T19519] name failslab, interval 1, probability 0, space 0, times 0
[  938.543743][T19519] CPU: 0 UID: 0 PID: 19519 Comm: syz.4.2901 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  938.543772][T19519] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  938.543777][T19519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  938.543787][T19519] Call Trace:
[  938.543792][T19519]  <TASK>
[  938.543799][T19519]  dump_stack_lvl+0x16c/0x1f0
[  938.543822][T19519]  should_fail_ex+0x512/0x640
[  938.543845][T19519]  ? __kmalloc_cache_noprof+0x5f/0x800
[  938.543865][T19519]  should_failslab+0xc2/0x120
[  938.543887][T19519]  __kmalloc_cache_noprof+0x80/0x800
[  938.543904][T19519]  ? psi_cgroup_alloc+0x52/0x2d0
[  938.543928][T19519]  ? psi_cgroup_alloc+0x52/0x2d0
[  938.543947][T19519]  ? css_rstat_init+0x243/0x480
[  938.543961][T19519]  psi_cgroup_alloc+0x52/0x2d0
[  938.543986][T19519]  cgroup_mkdir+0x649/0x12e0
[  938.544009][T19519]  ? __pfx_cgroup_mkdir+0x10/0x10
[  938.544031][T19519]  kernfs_iop_mkdir+0x111/0x190
[  938.544050][T19519]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  938.544066][T19519]  vfs_mkdir+0x731/0xb60
[  938.544087][T19519]  do_mkdirat+0x442/0x5e0
[  938.544111][T19519]  ? __pfx_do_mkdirat+0x10/0x10
[  938.544132][T19519]  ? strncpy_from_user+0x203/0x2e0
[  938.544155][T19519]  ? getname_flags.part.0+0x1c5/0x550
[  938.544173][T19519]  __x64_sys_mkdir+0xef/0x140
[  938.544201][T19519]  do_syscall_64+0xcd/0xf80
[  938.544222][T19519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.544237][T19519] RIP: 0033:0x7f1eaa38f7c9
[  938.544251][T19519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.544265][T19519] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  938.544280][T19519] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  938.544291][T19519] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000
[  938.544300][T19519] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  938.544309][T19519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  938.544318][T19519] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  938.544339][T19519]  </TASK>
[  938.783691][T19527] serio: Serial port ttyS2
[  938.923867][T19534] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  938.953703][T19534] FAULT_INJECTION: forcing a failure.
[  938.953703][T19534] name failslab, interval 1, probability 0, space 0, times 0
[  938.966468][T19534] CPU: 0 UID: 0 PID: 19534 Comm: syz.3.2903 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  938.966495][T19534] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  938.966501][T19534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  938.966511][T19534] Call Trace:
[  938.966518][T19534]  <TASK>
[  938.966525][T19534]  dump_stack_lvl+0x16c/0x1f0
[  938.966548][T19534]  should_fail_ex+0x512/0x640
[  938.966572][T19534]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  938.966593][T19534]  should_failslab+0xc2/0x120
[  938.966615][T19534]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  938.966633][T19534]  ? sock_alloc_inode+0x25/0x1c0
[  938.966655][T19534]  ? __pfx_sock_alloc_inode+0x10/0x10
[  938.966672][T19534]  ? sock_alloc_inode+0x25/0x1c0
[  938.966688][T19534]  sock_alloc_inode+0x25/0x1c0
[  938.966704][T19534]  alloc_inode+0x64/0x240
[  938.966721][T19534]  sock_alloc+0x40/0x280
[  938.966737][T19534]  __sock_create+0xc2/0x8a0
[  938.966760][T19534]  inet_ctl_sock_create+0x94/0x230
[  938.966782][T19534]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  938.966803][T19534]  ? lockdep_init_map_type+0x5c/0x270
[  938.966818][T19534]  ? do_init_timer+0xc9/0x110
[  938.966843][T19534]  ? __pfx_sctp_ctrlsock_init+0x10/0x10
[  938.966860][T19534]  sctp_ctrlsock_init+0x40/0xf0
[  938.966876][T19534]  ops_init+0x1e2/0x5f0
[  938.966894][T19534]  setup_net+0x11d/0x3a0
[  938.966910][T19534]  ? __pfx_setup_net+0x10/0x10
[  938.966924][T19534]  ? lockdep_init_map_type+0x5c/0x270
[  938.966939][T19534]  ? mutex_init_lockep+0x110/0x150
[  938.966957][T19534]  copy_net_ns+0x351/0x7c0
[  938.966976][T19534]  create_new_namespaces+0x3ea/0xab0
[  938.967001][T19534]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  938.967022][T19534]  ksys_unshare+0x45b/0xa40
[  938.967045][T19534]  ? __pfx_ksys_unshare+0x10/0x10
[  938.967068][T19534]  ? xfd_validate_state+0x61/0x180
[  938.967087][T19534]  __x64_sys_unshare+0x31/0x40
[  938.967109][T19534]  do_syscall_64+0xcd/0xf80
[  938.967129][T19534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.967144][T19534] RIP: 0033:0x7f6f9718f7c9
[  938.967157][T19534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.967172][T19534] RSP: 002b:00007f6f97f8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  938.967187][T19534] RAX: ffffffffffffffda RBX: 00007f6f973e5fa0 RCX: 00007f6f9718f7c9
[  938.967198][T19534] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  938.967207][T19534] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  938.967224][T19534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  938.967234][T19534] R13: 00007f6f973e6038 R14: 00007f6f973e5fa0 R15: 00007fff03a80208
[  938.967255][T19534]  </TASK>
[  938.967263][T19534] socket: no more sockets
[  940.936817][T19552] serio: Serial port ttyS2
[  942.385143][T19583] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  944.097536][T19601] FAULT_INJECTION: forcing a failure.
[  944.097536][T19601] name fail_futex, interval 1, probability 0, space 0, times 0
[  944.207480][T19601] CPU: 0 UID: 0 PID: 19601 Comm: syz.3.2921 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  944.207513][T19601] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  944.207520][T19601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  944.207529][T19601] Call Trace:
[  944.207535][T19601]  <TASK>
[  944.207542][T19601]  dump_stack_lvl+0x16c/0x1f0
[  944.207578][T19601]  should_fail_ex+0x512/0x640
[  944.207603][T19601]  get_futex_key+0x1d0/0x15f0
[  944.207622][T19601]  ? __pfx_get_futex_key+0x10/0x10
[  944.207644][T19601]  futex_wait_setup+0x9d/0x570
[  944.207670][T19601]  __futex_wait+0x193/0x2f0
[  944.207690][T19601]  ? __pfx___futex_wait+0x10/0x10
[  944.207718][T19601]  ? __pfx_futex_wake_mark+0x10/0x10
[  944.207739][T19601]  ? futex_hash+0x2c5/0x380
[  944.207756][T19601]  ? futex_private_hash_put+0x160/0x1b0
[  944.207773][T19601]  futex_wait+0xe8/0x380
[  944.207792][T19601]  ? __pfx_futex_wait+0x10/0x10
[  944.207816][T19601]  ? __might_fault+0xe3/0x190
[  944.207832][T19601]  ? __might_fault+0x13b/0x190
[  944.207853][T19601]  do_futex+0x229/0x350
[  944.207869][T19601]  ? __pfx_do_futex+0x10/0x10
[  944.207885][T19601]  ? fput+0x70/0xf0
[  944.207899][T19601]  ? __sys_connect+0xe0/0x160
[  944.207924][T19601]  __x64_sys_futex+0x1e0/0x4c0
[  944.207943][T19601]  ? __pfx___x64_sys_futex+0x10/0x10
[  944.207960][T19601]  ? xfd_validate_state+0x61/0x180
[  944.207973][T19601]  ? __pfx_ksys_write+0x10/0x10
[  944.207998][T19601]  do_syscall_64+0xcd/0xf80
[  944.208017][T19601]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.208033][T19601] RIP: 0033:0x7f6f9718f7c9
[  944.208046][T19601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  944.208061][T19601] RSP: 002b:00007f6f97f8d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  944.208076][T19601] RAX: ffffffffffffffda RBX: 00007f6f973e5fa8 RCX: 00007f6f9718f7c9
[  944.208087][T19601] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6f973e5fa8
[  944.208096][T19601] RBP: 00007f6f973e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  944.208105][T19601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  944.208114][T19601] R13: 00007f6f973e6038 R14: 00007fff03a80120 R15: 00007fff03a80208
[  944.208133][T19601]  </TASK>
[  946.060895][T19599] kexec: Could not allocate control_code_buffer
[  946.686332][T19628] mkiss: ax0: crc mode is auto.
[  946.936338][T15612] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  946.936363][T15612] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260
[  946.952075][T15612] Bluetooth: hci4: Unknown advertising packet type: 0x7f
[  946.952111][T15612] Bluetooth: hci4: Unknown advertising packet type: 0x3c
[  946.959379][T15612] Bluetooth: hci4: adv larger than maximum supported
[  946.967648][T15612] Bluetooth: hci4: Unknown advertising packet type: 0x55
[  946.974527][T15612] Bluetooth: hci4: Unknown advertising packet type: 0x32
[  946.981738][T15612] Bluetooth: hci4: Malformed LE Event: 0x0d
[  947.596280][T19645] FAULT_INJECTION: forcing a failure.
[  947.596280][T19645] name failslab, interval 1, probability 0, space 0, times 0
[  947.686161][T19645] CPU: 0 UID: 0 PID: 19645 Comm: syz.1.2932 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  947.686190][T19645] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  947.686196][T19645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  947.686206][T19645] Call Trace:
[  947.686212][T19645]  <TASK>
[  947.686219][T19645]  dump_stack_lvl+0x16c/0x1f0
[  947.686242][T19645]  should_fail_ex+0x512/0x640
[  947.686266][T19645]  ? __kmalloc_cache_noprof+0x5f/0x800
[  947.686285][T19645]  should_failslab+0xc2/0x120
[  947.686307][T19645]  __kmalloc_cache_noprof+0x80/0x800
[  947.686324][T19645]  ? device_add+0xcf2/0x1980
[  947.686343][T19645]  ? device_add+0xcf2/0x1980
[  947.686358][T19645]  device_add+0xcf2/0x1980
[  947.686373][T19645]  ? dev_set_name+0xc7/0x100
[  947.686390][T19645]  ? __pfx_dev_set_name+0x10/0x10
[  947.686408][T19645]  ? __pfx_device_add+0x10/0x10
[  947.686424][T19645]  ? lockdep_init_map_type+0x5c/0x270
[  947.686440][T19645]  ? __init_waitqueue_head+0xca/0x150
[  947.686462][T19645]  netdev_register_kobject+0x1a9/0x3d0
[  947.686491][T19645]  register_netdevice+0x13ac/0x21d0
[  947.686513][T19645]  ? rcu_is_watching+0x12/0xc0
[  947.686534][T19645]  ? __pfx_register_netdevice+0x10/0x10
[  947.686559][T19645]  slip_open+0xb86/0x1150
[  947.686582][T19645]  ? __pfx_slip_open+0x10/0x10
[  947.686600][T19645]  ? down_write+0x14d/0x200
[  947.686622][T19645]  ? __pfx_slip_open+0x10/0x10
[  947.686647][T19645]  tty_ldisc_open+0x9f/0x120
[  947.686663][T19645]  tty_set_ldisc+0x32b/0x780
[  947.686682][T19645]  tty_ioctl+0xc2d/0x1650
[  947.686700][T19645]  ? __pfx_tty_ioctl+0x10/0x10
[  947.686723][T19645]  ? find_held_lock+0x2b/0x80
[  947.686741][T19645]  ? hook_file_ioctl_common+0x144/0x410
[  947.686770][T19645]  ? __fget_files+0x20e/0x3c0
[  947.686793][T19645]  ? __pfx_tty_ioctl+0x10/0x10
[  947.686810][T19645]  __x64_sys_ioctl+0x18e/0x210
[  947.686829][T19645]  do_syscall_64+0xcd/0xf80
[  947.686848][T19645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.686863][T19645] RIP: 0033:0x7fdaf5d8f7c9
[  947.686876][T19645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  947.686891][T19645] RSP: 002b:00007fdaf3fcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  947.686905][T19645] RAX: ffffffffffffffda RBX: 00007fdaf5fe6090 RCX: 00007fdaf5d8f7c9
[  947.686916][T19645] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008
[  947.686925][T19645] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  947.686934][T19645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  947.686944][T19645] R13: 00007fdaf5fe6128 R14: 00007fdaf5fe6090 R15: 00007fff42fde5f8
[  947.686965][T19645]  </TASK>
[  948.983201][T19655] vhci_hcd vhci_hcd.0: invalid port number 16
[  949.558344][T19660] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52
[  950.292950][T19672] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  950.304520][T19663] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53
[  951.725657][T19689] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2940'.
[  952.402136][T19709] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  954.857809][T19742] NFSD: Failed to start, no listeners configured.
[  956.543914][T19752] serio: Serial port ttyS2
[  958.318983][T19773] serio: Serial port ttyS0
[  958.499228][T19777] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0]
[  958.888916][T19787] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  959.678416][T19796] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  959.816029][T19804] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2970'.
[  959.961578][T15612] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260
[  960.843618][T19814] can: request_module (can-proto-4) failed.
[  961.838795][T19835] serio: Serial port ttyS2
[  963.329442][T15612] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260
[  965.995722][T19901] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2985'.
[  968.396222][T19922] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  968.452830][T19922] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  968.523059][T19922] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  968.571930][T19922] page_type: f5(slab)
[  968.590803][T19922] raw: 00fff00000000040 ffff88813ff27140 ffffea0001dc2e00 dead000000000002
[  968.606099][T19922] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  968.625433][T19922] head: 00fff00000000040 ffff88813ff27140 ffffea0001dc2e00 dead000000000002
[  968.649396][T19922] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[  968.685002][T19922] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  968.698183][T19925] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  968.731618][T19925] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  968.760214][T19922] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  968.769059][T19925] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  968.795928][T19925] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  968.827823][T19922] page dumped because: unmovable page
[  968.859064][T19922] page_owner tracks the page as allocated
[  968.905809][T19922] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6900, tgid 6899 (syz.1.166), ts 154944507148, free_ts 152523277561
[  969.045051][T19922]  post_alloc_hook+0x1af/0x220
[  969.069996][T19922]  get_page_from_freelist+0xd0b/0x31a0
[  969.099098][T19946] FAULT_INJECTION: forcing a failure.
[  969.099098][T19946] name failslab, interval 1, probability 0, space 0, times 0
[  969.116353][T19922]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  969.154542][T19922]  alloc_pages_mpol+0x1fb/0x550
[  969.159452][T19922]  new_slab+0x2c3/0x430
[  969.163595][T19922]  ___slab_alloc+0xe18/0x1c90
[  969.185924][T19946] CPU: 0 UID: 0 PID: 19946 Comm: syz.3.2996 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  969.185952][T19946] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  969.185958][T19946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  969.185968][T19946] Call Trace:
[  969.185973][T19946]  <TASK>
[  969.185979][T19946]  dump_stack_lvl+0x16c/0x1f0
[  969.186003][T19946]  should_fail_ex+0x512/0x640
[  969.186027][T19946]  ? __kmalloc_cache_noprof+0x5f/0x800
[  969.186046][T19946]  should_failslab+0xc2/0x120
[  969.186068][T19946]  __kmalloc_cache_noprof+0x80/0x800
[  969.186083][T19946]  ? ovl_init_fs_context+0x338/0x5f0
[  969.186099][T19946]  ? fscontext_alloc_log+0x4a/0x1b0
[  969.186119][T19946]  ? fscontext_alloc_log+0x4a/0x1b0
[  969.186135][T19946]  fscontext_alloc_log+0x4a/0x1b0
[  969.186152][T19946]  __x64_sys_fsopen+0x157/0x240
[  969.186169][T19946]  do_syscall_64+0xcd/0xf80
[  969.186187][T19946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  969.186202][T19946] RIP: 0033:0x7f6f9718f7c9
[  969.186215][T19946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  969.186230][T19946] RSP: 002b:00007f6f97f8d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  969.186245][T19946] RAX: ffffffffffffffda RBX: 00007f6f973e5fa0 RCX: 00007f6f9718f7c9
[  969.186255][T19946] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  969.186263][T19946] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  969.186273][T19946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  969.186281][T19946] R13: 00007f6f973e6038 R14: 00007f6f973e5fa0 R15: 00007fff03a80208
[  969.186301][T19946]  </TASK>
[  969.542510][T19922]  __slab_alloc.constprop.0+0x63/0x110
[  969.552399][T19922]  __kmalloc_cache_noprof+0x485/0x800
[  969.562380][T19922]  inet6_net_init+0x678/0xb60
[  969.571871][T19922]  ops_init+0x1e2/0x5f0
[  969.582324][T19922]  setup_net+0x11d/0x3a0
[  969.586582][T19922]  copy_net_ns+0x351/0x7c0
[  969.592362][T19922]  create_new_namespaces+0x3ea/0xab0
[  969.597664][T19922]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  969.637912][T19922]  ksys_unshare+0x45b/0xa40
[  969.647951][T19922]  __x64_sys_unshare+0x31/0x40
[  969.657992][T19922] page last free pid 6844 tgid 6844 stack trace:
[  969.698361][T19922]  __free_frozen_pages+0x7df/0x1170
[  969.708465][T19922]  qlist_free_all+0x4c/0xf0
[  969.718551][T19922]  kasan_quarantine_reduce+0x195/0x1e0
[  969.728627][T19922]  __kasan_slab_alloc+0x69/0x90
[  969.772656][T19922]  kmem_cache_alloc_noprof+0x25e/0x770
[  969.778181][T19922]  jbd2__journal_start+0x193/0x6a0
[  969.791247][T19922]  __ext4_journal_start_sb+0x195/0x640
[  969.801089][T19922]  ext4_dirty_inode+0xa1/0x130
[  969.806353][T19922]  __mark_inode_dirty+0x1f7/0x1670
[  969.817487][T19922]  generic_update_time+0xcf/0xf0
[  969.827532][T19922]  file_update_time_flags+0x410/0x520
[  969.837582][T19922]  ext4_page_mkwrite+0x33d/0x1880
[  969.847638][T19922]  do_page_mkwrite+0x174/0x380
[  969.857683][T19922]  do_fault+0x3fc/0x1ad0
[  969.867720][T19922]  __handle_mm_fault+0x1919/0x2bb0
[  969.877780][T19922]  handle_mm_fault+0x3fe/0xad0
[  970.219078][T15612] Bluetooth: hci0: command 0x0c1a tx timeout
[  970.755315][   T30] audit: type=1804 audit(4294967511.192:33): pid=19975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3001" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=124 res=1 errno=0
[  970.790735][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  970.796819][T15612] Bluetooth: hci3: command 0x0c1a tx timeout
[  970.863439][   T52] Bluetooth: hci4: command 0x0c1a tx timeout
[  970.990698][T19980] FAULT_INJECTION: forcing a failure.
[  970.990698][T19980] name failslab, interval 1, probability 0, space 0, times 0
[  971.060843][T19980] CPU: 0 UID: 0 PID: 19980 Comm: syz.2.3003 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  971.060872][T19980] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  971.060878][T19980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  971.060888][T19980] Call Trace:
[  971.060894][T19980]  <TASK>
[  971.060900][T19980]  dump_stack_lvl+0x16c/0x1f0
[  971.060923][T19980]  should_fail_ex+0x512/0x640
[  971.060947][T19980]  ? __kmalloc_noprof+0xca/0x910
[  971.060966][T19980]  should_failslab+0xc2/0x120
[  971.060989][T19980]  __kmalloc_noprof+0xeb/0x910
[  971.061004][T19980]  ? __register_sysctl_table+0xb3/0x1900
[  971.061027][T19980]  ? __register_sysctl_table+0xb3/0x1900
[  971.061045][T19980]  __register_sysctl_table+0xb3/0x1900
[  971.061065][T19980]  ? is_module_address+0x5f/0xf0
[  971.061085][T19980]  ? __pfx___register_sysctl_table+0x10/0x10
[  971.061103][T19980]  ? is_module_address+0x69/0xf0
[  971.061124][T19980]  ? register_net_sysctl_sz+0x222/0x450
[  971.061146][T19980]  ? __asan_memcpy+0x3c/0x60
[  971.061164][T19980]  sctp_sysctl_net_register+0x15d/0x200
[  971.061184][T19980]  ? __pfx_sctp_defaults_init+0x10/0x10
[  971.061202][T19980]  sctp_defaults_init+0x6d2/0xd90
[  971.061220][T19980]  ? __pfx_sctp_defaults_init+0x10/0x10
[  971.061238][T19980]  ops_init+0x1e2/0x5f0
[  971.061266][T19980]  setup_net+0x11d/0x3a0
[  971.061283][T19980]  ? __pfx_setup_net+0x10/0x10
[  971.061298][T19980]  ? lockdep_init_map_type+0x5c/0x270
[  971.061315][T19980]  ? mutex_init_lockep+0x110/0x150
[  971.061333][T19980]  copy_net_ns+0x351/0x7c0
[  971.061352][T19980]  create_new_namespaces+0x3ea/0xab0
[  971.061376][T19980]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  971.061397][T19980]  ksys_unshare+0x45b/0xa40
[  971.061420][T19980]  ? __pfx_ksys_unshare+0x10/0x10
[  971.061443][T19980]  ? xfd_validate_state+0x61/0x180
[  971.061463][T19980]  __x64_sys_unshare+0x31/0x40
[  971.061485][T19980]  do_syscall_64+0xcd/0xf80
[  971.061504][T19980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.061519][T19980] RIP: 0033:0x7f1ca1f8f7c9
[  971.061532][T19980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.061546][T19980] RSP: 002b:00007f1ca2d4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  971.061561][T19980] RAX: ffffffffffffffda RBX: 00007f1ca21e5fa0 RCX: 00007f1ca1f8f7c9
[  971.061571][T19980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  971.061580][T19980] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  971.061589][T19980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  971.061598][T19980] R13: 00007f1ca21e6038 R14: 00007f1ca21e5fa0 R15: 00007ffd56b00548
[  971.061618][T19980]  </TASK>
[  973.632131][T20004] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3008'.
[  974.561513][T20026] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  974.703319][T20024] FAULT_INJECTION: forcing a failure.
[  974.703319][T20024] name failslab, interval 1, probability 0, space 0, times 0
[  974.926485][T20038] vhci_hcd vhci_hcd.2: default hub control req: 3132 v0a38 i0000 l0
[  975.062918][T20024] CPU: 0 UID: 0 PID: 20024 Comm: syz.4.3012 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  975.062948][T20024] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  975.062954][T20024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  975.062963][T20024] Call Trace:
[  975.062969][T20024]  <TASK>
[  975.062975][T20024]  dump_stack_lvl+0x16c/0x1f0
[  975.062999][T20024]  should_fail_ex+0x512/0x640
[  975.063022][T20024]  ? kmem_cache_alloc_noprof+0x62/0x770
[  975.063042][T20024]  should_failslab+0xc2/0x120
[  975.063067][T20024]  kmem_cache_alloc_noprof+0x83/0x770
[  975.063085][T20024]  ? __kernfs_new_node+0xd2/0x990
[  975.063105][T20024]  ? __kernfs_new_node+0xd2/0x990
[  975.063121][T20024]  __kernfs_new_node+0xd2/0x990
[  975.063140][T20024]  ? __pfx___kernfs_new_node+0x10/0x10
[  975.063161][T20024]  ? find_held_lock+0x2b/0x80
[  975.063181][T20024]  ? kernfs_root+0xee/0x2a0
[  975.063201][T20024]  kernfs_new_node+0x13c/0x1e0
[  975.063224][T20024]  __kernfs_create_file+0x53/0x350
[  975.063248][T20024]  sysfs_add_file_mode_ns+0x207/0x3c0
[  975.063269][T20024]  internal_create_group+0x597/0xf70
[  975.063291][T20024]  ? __pfx_internal_create_group+0x10/0x10
[  975.063312][T20024]  ? kernfs_create_link+0x1bd/0x240
[  975.063336][T20024]  internal_create_groups+0x9d/0x150
[  975.063355][T20024]  device_add+0x6f7/0x1980
[  975.063375][T20024]  ? __pfx_device_add+0x10/0x10
[  975.063391][T20024]  ? lockdep_init_map_type+0x5c/0x270
[  975.063406][T20024]  ? __init_waitqueue_head+0xca/0x150
[  975.063427][T20024]  netdev_register_kobject+0x1a9/0x3d0
[  975.063450][T20024]  register_netdevice+0x13ac/0x21d0
[  975.063471][T20024]  ? __pfx_register_netdevice+0x10/0x10
[  975.063494][T20024]  internal_dev_create+0x2d3/0x520
[  975.063515][T20024]  ovs_vport_add+0x147/0x4d0
[  975.063534][T20024]  new_vport+0x16/0x1d0
[  975.063556][T20024]  ovs_dp_cmd_new+0x6ba/0xe60
[  975.063575][T20024]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  975.063594][T20024]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  975.063615][T20024]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  975.063640][T20024]  genl_family_rcv_msg_doit+0x209/0x2f0
[  975.063662][T20024]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  975.063681][T20024]  ? genl_get_cmd+0x194/0x580
[  975.063704][T20024]  ? bpf_lsm_capable+0x9/0x10
[  975.063722][T20024]  ? security_capable+0x7e/0x260
[  975.063743][T20024]  ? ns_capable+0xd7/0x110
[  975.063763][T20024]  genl_rcv_msg+0x55c/0x800
[  975.063785][T20024]  ? __pfx_genl_rcv_msg+0x10/0x10
[  975.063805][T20024]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  975.063826][T20024]  netlink_rcv_skb+0x158/0x420
[  975.063844][T20024]  ? __pfx_genl_rcv_msg+0x10/0x10
[  975.063871][T20024]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  975.063897][T20024]  ? netlink_deliver_tap+0x1ae/0xd30
[  975.063917][T20024]  genl_rcv+0x28/0x40
[  975.063935][T20024]  netlink_unicast+0x5aa/0x870
[  975.063956][T20024]  ? __pfx_netlink_unicast+0x10/0x10
[  975.063983][T20024]  netlink_sendmsg+0x8c8/0xdd0
[  975.064005][T20024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  975.064026][T20024]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  975.064050][T20024]  ____sys_sendmsg+0xa5d/0xc30
[  975.064070][T20024]  ? copy_msghdr_from_user+0x10a/0x160
[  975.064084][T20024]  ? __pfx_____sys_sendmsg+0x10/0x10
[  975.064108][T20024]  ? __pfx_futex_wake_mark+0x10/0x10
[  975.064131][T20024]  ___sys_sendmsg+0x134/0x1d0
[  975.064147][T20024]  ? __pfx____sys_sendmsg+0x10/0x10
[  975.064162][T20024]  ? futex_private_hash_put+0x160/0x1b0
[  975.064200][T20024]  __sys_sendmsg+0x16d/0x220
[  975.064216][T20024]  ? __pfx___sys_sendmsg+0x10/0x10
[  975.064231][T20024]  ? __x64_sys_futex+0x1e0/0x4c0
[  975.064252][T20024]  ? syscall_user_dispatch+0x78/0x140
[  975.064276][T20024]  do_syscall_64+0xcd/0xf80
[  975.064296][T20024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  975.064311][T20024] RIP: 0033:0x7f1eaa38f7c9
[  975.064325][T20024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  975.064339][T20024] RSP: 002b:00007f1eab29f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  975.064355][T20024] RAX: ffffffffffffffda RBX: 00007f1eaa5e5fa0 RCX: 00007f1eaa38f7c9
[  975.064365][T20024] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 000000000000000a
[  975.064375][T20024] RBP: 00007f1eaa413f91 R08: 0000000000000000 R09: 0000000000000000
[  975.064384][T20024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  975.064393][T20024] R13: 00007f1eaa5e6038 R14: 00007f1eaa5e5fa0 R15: 00007ffc4d5f84e8
[  975.064415][T20024]  </TASK>
[  980.466405][T20059] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  980.474032][T20059] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  980.480151][T20059] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  980.495668][T20059] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  980.694746][T20071] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  982.063739][T20081] FAULT_INJECTION: forcing a failure.
[  982.063739][T20081] name failslab, interval 1, probability 0, space 0, times 0
[  982.102166][T20081] CPU: 0 UID: 0 PID: 20081 Comm: syz.2.3036 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  982.102196][T20081] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  982.102202][T20081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  982.102212][T20081] Call Trace:
[  982.102217][T20081]  <TASK>
[  982.102224][T20081]  dump_stack_lvl+0x16c/0x1f0
[  982.102246][T20081]  should_fail_ex+0x512/0x640
[  982.102270][T20081]  ? __kmalloc_node_track_caller_noprof+0xcb/0x930
[  982.102294][T20081]  should_failslab+0xc2/0x120
[  982.102324][T20081]  __kmalloc_node_track_caller_noprof+0xec/0x930
[  982.102346][T20081]  ? kstrdup_const+0x63/0x80
[  982.102367][T20081]  ? kstrdup+0x53/0x100
[  982.102383][T20081]  kstrdup+0x53/0x100
[  982.102401][T20081]  kstrdup_const+0x63/0x80
[  982.102417][T20081]  kvasprintf_const+0x10f/0x1a0
[  982.102441][T20081]  kobject_set_name_vargs+0x5a/0x140
[  982.102463][T20081]  dev_set_name+0xc7/0x100
[  982.102482][T20081]  ? __pfx_dev_set_name+0x10/0x10
[  982.102502][T20081]  ? lockdep_init_map_type+0x5c/0x270
[  982.102517][T20081]  ? __init_waitqueue_head+0xca/0x150
[  982.102540][T20081]  netdev_register_kobject+0xc5/0x3d0
[  982.102562][T20081]  register_netdevice+0x13ac/0x21d0
[  982.102582][T20081]  ? rcu_is_watching+0x12/0xc0
[  982.102602][T20081]  ? __pfx_register_netdevice+0x10/0x10
[  982.102625][T20081]  slip_open+0xb86/0x1150
[  982.102649][T20081]  ? __pfx_slip_open+0x10/0x10
[  982.102666][T20081]  ? down_write+0x14d/0x200
[  982.102688][T20081]  ? __pfx_slip_open+0x10/0x10
[  982.102706][T20081]  tty_ldisc_open+0x9f/0x120
[  982.102722][T20081]  tty_set_ldisc+0x32b/0x780
[  982.102740][T20081]  tty_ioctl+0xc2d/0x1650
[  982.102757][T20081]  ? __pfx_tty_ioctl+0x10/0x10
[  982.102780][T20081]  ? find_held_lock+0x2b/0x80
[  982.102797][T20081]  ? hook_file_ioctl_common+0x144/0x410
[  982.102825][T20081]  ? __fget_files+0x20e/0x3c0
[  982.102848][T20081]  ? __pfx_tty_ioctl+0x10/0x10
[  982.102865][T20081]  __x64_sys_ioctl+0x18e/0x210
[  982.102884][T20081]  do_syscall_64+0xcd/0xf80
[  982.102903][T20081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.102919][T20081] RIP: 0033:0x7f1ca1f8f7c9
[  982.102932][T20081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  982.102948][T20081] RSP: 002b:00007f1ca01f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  982.102964][T20081] RAX: ffffffffffffffda RBX: 00007f1ca21e6090 RCX: 00007f1ca1f8f7c9
[  982.102974][T20081] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000009
[  982.102984][T20081] RBP: 00007f1ca2013f91 R08: 0000000000000000 R09: 0000000000000000
[  982.102998][T20081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  982.103009][T20081] R13: 00007f1ca21e6128 R14: 00007f1ca21e6090 R15: 00007ffd56b00548
[  982.103033][T20081]  </TASK>
[  982.629023][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout
[  982.629167][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  982.641359][T18191] Bluetooth: hci0: command 0x0c1a tx timeout
[  982.647415][T15612] Bluetooth: hci1: command 0x0c1a tx timeout
[  983.153389][T20105] FAULT_INJECTION: forcing a failure.
[  983.153389][T20105] name failslab, interval 1, probability 0, space 0, times 0
[  983.254930][T20105] CPU: 0 UID: 0 PID: 20105 Comm: syz.1.3033 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  983.254959][T20105] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  983.254965][T20105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  983.254975][T20105] Call Trace:
[  983.254981][T20105]  <TASK>
[  983.254987][T20105]  dump_stack_lvl+0x16c/0x1f0
[  983.255011][T20105]  should_fail_ex+0x512/0x640
[  983.255034][T20105]  ? __kmalloc_cache_noprof+0x5f/0x800
[  983.255053][T20105]  should_failslab+0xc2/0x120
[  983.255076][T20105]  __kmalloc_cache_noprof+0x80/0x800
[  983.255091][T20105]  ? ovl_init_fs_context+0x338/0x5f0
[  983.255107][T20105]  ? fscontext_alloc_log+0x4a/0x1b0
[  983.255126][T20105]  ? fscontext_alloc_log+0x4a/0x1b0
[  983.255142][T20105]  fscontext_alloc_log+0x4a/0x1b0
[  983.255160][T20105]  __x64_sys_fsopen+0x157/0x240
[  983.255177][T20105]  do_syscall_64+0xcd/0xf80
[  983.255204][T20105]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  983.255220][T20105] RIP: 0033:0x7fdaf5d8f7c9
[  983.255233][T20105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  983.255248][T20105] RSP: 002b:00007fdaf3fee038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  983.255263][T20105] RAX: ffffffffffffffda RBX: 00007fdaf5fe5fa0 RCX: 00007fdaf5d8f7c9
[  983.255274][T20105] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  983.255282][T20105] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  983.255292][T20105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  983.255301][T20105] R13: 00007fdaf5fe6038 R14: 00007fdaf5fe5fa0 R15: 00007fff42fde5f8
[  983.255321][T20105]  </TASK>
[  983.651686][T20118] Process accounting resumed
[  984.112843][T20122] Invalid ELF header magic: != ELF
[  985.763099][ T5917] Process accounting resumed
[  986.359254][T20172] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  986.918830][T20181] zswap: compressor 000 not available
[  987.129677][T20194] Invalid ELF header magic: != ELF
[  987.842352][T20207] random: crng reseeded on system resumption
[  988.287311][T20207] Invalid ELF header magic: != ELF
[  989.587918][T20243] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  989.645342][T20243] FAULT_INJECTION: forcing a failure.
[  989.645342][T20243] name failslab, interval 1, probability 0, space 0, times 0
[  989.745592][T20243] CPU: 0 UID: 0 PID: 20243 Comm: syz.1.3064 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  989.745621][T20243] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  989.745627][T20243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  989.745636][T20243] Call Trace:
[  989.745642][T20243]  <TASK>
[  989.745649][T20243]  dump_stack_lvl+0x16c/0x1f0
[  989.745672][T20243]  should_fail_ex+0x512/0x640
[  989.745695][T20243]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  989.745715][T20243]  should_failslab+0xc2/0x120
[  989.745737][T20243]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  989.745756][T20243]  ? __d_alloc+0x35/0xa80
[  989.745780][T20243]  ? __d_alloc+0x35/0xa80
[  989.745800][T20243]  __d_alloc+0x35/0xa80
[  989.745820][T20243]  ? set_nlink+0x86/0x180
[  989.745842][T20243]  d_make_root+0x3e/0x90
[  989.745855][T20243]  proc_fill_super+0x472/0x750
[  989.745876][T20243]  ? __pfx_proc_fill_super+0x10/0x10
[  989.745894][T20243]  get_tree_nodev+0xdd/0x190
[  989.745915][T20243]  vfs_get_tree+0x8e/0x330
[  989.745931][T20243]  vfs_cmd_create+0xd7/0x2a0
[  989.745948][T20243]  __do_sys_fsconfig+0x7b8/0xbe0
[  989.745967][T20243]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  989.745993][T20243]  do_syscall_64+0xcd/0xf80
[  989.746012][T20243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  989.746028][T20243] RIP: 0033:0x7fdaf5d8f7c9
[  989.746041][T20243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  989.746056][T20243] RSP: 002b:00007fdaf3fcd038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  989.746070][T20243] RAX: ffffffffffffffda RBX: 00007fdaf5fe6090 RCX: 00007fdaf5d8f7c9
[  989.746081][T20243] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000006
[  989.746089][T20243] RBP: 00007fdaf5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  989.746099][T20243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  989.746108][T20243] R13: 00007fdaf5fe6128 R14: 00007fdaf5fe6090 R15: 00007fff42fde5f8
[  989.746128][T20243]  </TASK>
[  989.746176][T20243] proc_fill_super: allocate dentry failed
[  990.146573][T20253] ==================================================================
[  990.146587][T20253] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70
[  990.146615][T20253] Read of size 256 at addr ffff888078387f60 by task syz.3.3065/20253
[  990.146629][T20253] 
[  990.146640][T20253] CPU: 0 UID: 0 PID: 20253 Comm: syz.3.3065 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  990.146663][T20253] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  990.146669][T20253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  990.146679][T20253] Call Trace:
[  990.146684][T20253]  <TASK>
[  990.146690][T20253]  dump_stack_lvl+0x116/0x1f0
[  990.146710][T20253]  print_report+0xcd/0x630
[  990.146732][T20253]  ? __virt_addr_valid+0x81/0x610
[  990.146754][T20253]  ? __phys_addr+0xe8/0x180
[  990.146776][T20253]  ? fbcon_prepare_logo+0xa03/0xc70
[  990.146797][T20253]  kasan_report+0xe0/0x110
[  990.146818][T20253]  ? fbcon_prepare_logo+0xa03/0xc70
[  990.146840][T20253]  kasan_check_range+0x100/0x1b0
[  990.146855][T20253]  __asan_memcpy+0x23/0x60
[  990.146872][T20253]  fbcon_prepare_logo+0xa03/0xc70
[  990.146894][T20253]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  990.146917][T20253]  fbcon_init+0xda0/0x1930
[  990.146939][T20253]  visual_init+0x320/0x620
[  990.146961][T20253]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  990.146979][T20253]  store_bind+0x61d/0x760
[  990.146995][T20253]  ? sysfs_file_kobj+0xe4/0x290
[  990.147009][T20253]  ? __pfx_store_bind+0x10/0x10
[  990.147023][T20253]  dev_attr_store+0x58/0x80
[  990.147038][T20253]  ? __pfx_dev_attr_store+0x10/0x10
[  990.147052][T20253]  sysfs_kf_write+0xf2/0x150
[  990.147066][T20253]  kernfs_fop_write_iter+0x3af/0x570
[  990.147086][T20253]  ? __pfx_sysfs_kf_write+0x10/0x10
[  990.147101][T20253]  iter_file_splice_write+0xa24/0x12b0
[  990.147128][T20253]  ? __pfx_iter_file_splice_write+0x10/0x10
[  990.147151][T20253]  ? __pfx_copy_splice_read+0x10/0x10
[  990.147175][T20253]  ? __pfx_iter_file_splice_write+0x10/0x10
[  990.147196][T20253]  direct_splice_actor+0x192/0x6c0
[  990.147217][T20253]  splice_direct_to_actor+0x345/0xa30
[  990.147238][T20253]  ? __pfx_direct_splice_actor+0x10/0x10
[  990.147260][T20253]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  990.147282][T20253]  do_splice_direct+0x174/0x240
[  990.147302][T20253]  ? __pfx_do_splice_direct+0x10/0x10
[  990.147322][T20253]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  990.147343][T20253]  ? rw_verify_area+0xcf/0x6c0
[  990.147362][T20253]  do_sendfile+0xb06/0xe50
[  990.147381][T20253]  ? __pfx_do_sendfile+0x10/0x10
[  990.147401][T20253]  ? __x64_sys_futex+0x1e0/0x4c0
[  990.147417][T20253]  ? __x64_sys_futex+0x1e9/0x4c0
[  990.147434][T20253]  __x64_sys_sendfile64+0x1d8/0x220
[  990.147457][T20253]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  990.147482][T20253]  do_syscall_64+0xcd/0xf80
[  990.147508][T20253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.147525][T20253] RIP: 0033:0x7f6f9718f7c9
[  990.147538][T20253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  990.147553][T20253] RSP: 002b:00007f6f94ff4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  990.147568][T20253] RAX: ffffffffffffffda RBX: 00007f6f973e6270 RCX: 00007f6f9718f7c9
[  990.147579][T20253] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004
[  990.147589][T20253] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  990.147599][T20253] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  990.147608][T20253] R13: 00007f6f973e6308 R14: 00007f6f973e6270 R15: 00007fff03a80208
[  990.147623][T20253]  </TASK>
[  990.147629][T20253] 
[  990.147633][T20253] The buggy address belongs to the physical page:
[  990.147640][T20253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888078387c00 pfn:0x78384
[  990.147656][T20253] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  990.147667][T20253] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  990.147682][T20253] page_type: f8(unknown)
[  990.147695][T20253] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  990.147709][T20253] raw: ffff888078387c00 0000000000000000 00000000f8000000 0000000000000000
[  990.147723][T20253] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  990.147736][T20253] head: ffff888078387c00 0000000000000000 00000000f8000000 0000000000000000
[  990.147749][T20253] head: 00fff00000000002 ffffea0001e0e101 00000000ffffffff 00000000ffffffff
[  990.147762][T20253] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  990.147770][T20253] page dumped because: kasan: bad access detected
[  990.147777][T20253] page_owner tracks the page as allocated
[  990.147782][T20253] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x140dc0(GFP_USER|__GFP_ZERO|__GFP_COMP), pid 20253, tgid 20245 (syz.3.3065), ts 990146179097, free_ts 990145585110
[  990.147806][T20253]  post_alloc_hook+0x1af/0x220
[  990.147821][T20253]  get_page_from_freelist+0xd0b/0x31a0
[  990.147837][T20253]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  990.147853][T20253]  alloc_pages_mpol+0x1fb/0x550
[  990.147871][T20253]  ___kmalloc_large_node+0x10c/0x150
[  990.147892][T20253]  __kmalloc_large_node_noprof+0x1c/0x70
[  990.147913][T20253]  __kmalloc_noprof.cold+0xc/0x62
[  990.147932][T20253]  vc_do_resize+0x1de/0x10e0
[  990.147946][T20253]  fbcon_init+0xd7c/0x1930
[  990.147965][T20253]  visual_init+0x320/0x620
[  990.147984][T20253]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  990.147999][T20253]  store_bind+0x61d/0x760
[  990.148012][T20253]  dev_attr_store+0x58/0x80
[  990.148025][T20253]  sysfs_kf_write+0xf2/0x150
[  990.148038][T20253]  kernfs_fop_write_iter+0x3af/0x570
[  990.148057][T20253]  iter_file_splice_write+0xa24/0x12b0
[  990.148077][T20253] page last free pid 20253 tgid 20245 stack trace:
[  990.148086][T20253]  __free_frozen_pages+0x7df/0x1170
[  990.148099][T20253]  vc_do_resize+0xe29/0x10e0
[  990.148112][T20253]  fbcon_startup+0x427/0xc10
[  990.148131][T20253]  do_bind_con_driver.isra.0+0x20a/0xbf0
[  990.148145][T20253]  store_bind+0x61d/0x760
[  990.148158][T20253]  dev_attr_store+0x58/0x80
[  990.148171][T20253]  sysfs_kf_write+0xf2/0x150
[  990.148183][T20253]  kernfs_fop_write_iter+0x3af/0x570
[  990.148205][T20253]  iter_file_splice_write+0xa24/0x12b0
[  990.148225][T20253]  direct_splice_actor+0x192/0x6c0
[  990.148244][T20253]  splice_direct_to_actor+0x345/0xa30
[  990.148263][T20253]  do_splice_direct+0x174/0x240
[  990.148281][T20253]  do_sendfile+0xb06/0xe50
[  990.148297][T20253]  __x64_sys_sendfile64+0x1d8/0x220
[  990.148319][T20253]  do_syscall_64+0xcd/0xf80
[  990.148335][T20253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.148349][T20253] 
[  990.148353][T20253] Memory state around the buggy address:
[  990.148360][T20253]  ffff888078387e00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  990.148371][T20253]  ffff888078387e80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  990.148382][T20253] >ffff888078387f00: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  990.148390][T20253]                                                        ^
[  990.148398][T20253]  ffff888078387f80: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe
[  990.148409][T20253]  ffff888078388000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  990.148417][T20253] ==================================================================
[  990.148426][T20253] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  990.148438][T20253] CPU: 0 UID: 0 PID: 20253 Comm: syz.3.3065 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  990.148461][T20253] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  990.148467][T20253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  990.148476][T20253] Call Trace:
[  990.148482][T20253]  <TASK>
[  990.148488][T20253]  dump_stack_lvl+0x3d/0x1f0
[  990.148514][T20253]  vpanic+0x640/0x6f0
[  990.148530][T20253]  panic+0xca/0xd0
[  990.148544][T20253]  ? __pfx_panic+0x10/0x10
[  990.148563][T20253]  check_panic_on_warn+0xab/0xb0
[  990.148579][T20253]  end_report+0x107/0x160
[  990.148599][T20253]  kasan_report+0xee/0x110
[  990.148620][T20253]  ? fbcon_prepare_logo+0xa03/0xc70
[  990.148642][T20253]  kasan_check_range+0x100/0x1b0
[  990.148657][T20253]  __asan_memcpy+0x23/0x60
[  990.148674][T20253]  fbcon_prepare_logo+0xa03/0xc70
[  990.148696][T20253]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  990.148718][T20253]  fbcon_init+0xda0/0x1930
[  990.148741][T20253]  visual_init+0x320/0x620
[  990.148763][T20253]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  990.148781][T20253]  store_bind+0x61d/0x760
[  990.148797][T20253]  ? sysfs_file_kobj+0xe4/0x290
[  990.148811][T20253]  ? __pfx_store_bind+0x10/0x10
[  990.148826][T20253]  dev_attr_store+0x58/0x80
[  990.148840][T20253]  ? __pfx_dev_attr_store+0x10/0x10
[  990.148855][T20253]  sysfs_kf_write+0xf2/0x150
[  990.148869][T20253]  kernfs_fop_write_iter+0x3af/0x570
[  990.148889][T20253]  ? __pfx_sysfs_kf_write+0x10/0x10
[  990.148904][T20253]  iter_file_splice_write+0xa24/0x12b0
[  990.148930][T20253]  ? __pfx_iter_file_splice_write+0x10/0x10
[  990.148952][T20253]  ? __pfx_copy_splice_read+0x10/0x10
[  990.148977][T20253]  ? __pfx_iter_file_splice_write+0x10/0x10
[  990.148998][T20253]  direct_splice_actor+0x192/0x6c0
[  990.149020][T20253]  splice_direct_to_actor+0x345/0xa30
[  990.149041][T20253]  ? __pfx_direct_splice_actor+0x10/0x10
[  990.149063][T20253]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  990.149086][T20253]  do_splice_direct+0x174/0x240
[  990.149106][T20253]  ? __pfx_do_splice_direct+0x10/0x10
[  990.149126][T20253]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  990.149148][T20253]  ? rw_verify_area+0xcf/0x6c0
[  990.149166][T20253]  do_sendfile+0xb06/0xe50
[  990.149185][T20253]  ? __pfx_do_sendfile+0x10/0x10
[  990.149205][T20253]  ? __x64_sys_futex+0x1e0/0x4c0
[  990.149221][T20253]  ? __x64_sys_futex+0x1e9/0x4c0
[  990.149238][T20253]  __x64_sys_sendfile64+0x1d8/0x220
[  990.149260][T20253]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  990.149285][T20253]  do_syscall_64+0xcd/0xf80
[  990.149303][T20253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.149318][T20253] RIP: 0033:0x7f6f9718f7c9
[  990.149330][T20253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  990.149345][T20253] RSP: 002b:00007f6f94ff4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  990.149360][T20253] RAX: ffffffffffffffda RBX: 00007f6f973e6270 RCX: 00007f6f9718f7c9
[  990.149370][T20253] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004
[  990.149379][T20253] RBP: 00007f6f97213f91 R08: 0000000000000000 R09: 0000000000000000
[  990.149389][T20253] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  990.149398][T20253] R13: 00007f6f973e6308 R14: 00007f6f973e6270 R15: 00007fff03a80208
[  990.149414][T20253]  </TASK>
[  990.149472][T20253] Kernel Offset: disabled