last executing test programs:

1m34.267739649s ago: executing program 0 (id=3050):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
listxattrat$auto(r0, 0x0, 0x4, 0x0, 0x10000000000000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x2, 0x5, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = bpf$auto(0x0, &(0x7f0000000280)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_prog_fd=0x13b}, 0xa3)
r2 = socket(0x10, 0x3, 0x6)
bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000340)=@enable_stats={0xfffffffc}, 0x5)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000e40003800800c200e000000204002a000400110008002e00", @ANYRES32=r2, @ANYBLOB="d152e64e2269535add73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c280005802400638020009e8008005a002f7d2100100086800c000d0006000000000000000400c98000"/200], 0xf8}, 0x1, 0x0, 0x0, 0x40000}, 0x2404c810)
bpf$auto(0x3, &(0x7f00000001c0)=@query={@target_fd=r1, 0x1, 0x86e6, 0x9, 0x63, @count=0x4, 0x0, 0x6, 0x2, 0x10004, 0xb716}, 0xc)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0)
acct$auto(&(0x7f0000000400)='/dev/vcsa1\x00')
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
io_uring_setup$auto(0x1, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000040)={0xd, 0x0, 0x0, 0x7fffffffffffffff})

1m32.405202871s ago: executing program 0 (id=3055):
landlock_restrict_self$auto(0xffffffffffffffff, 0x4)
r0 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
r1 = prctl$auto(0x43, 0x2000017, 0x0, 0x0, 0x0)
socket(0x11, 0x3, 0x9)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ptype\x00', 0x101000, 0x0)
socket(0x11, 0x3, 0x9)
pread64$auto(r2, 0x0, 0x8, 0xffff)
execveat$auto(r0, &(0x7f0000000040)='\x00', 0x0, 0x0, 0x11000)
getsockopt$auto_SO_BPF_EXTENSIONS(r1, 0x40, 0x30, &(0x7f0000000000)='\x00', &(0x7f0000000080)=0x4)
ioctl$auto_USBDEVFS_DISCARDURB(r0, 0x550b, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xfff)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r4 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0)
ioctl$auto_BINDER_SET_CONTEXT_MGR(r5, 0x40046207, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
r6 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0)
read$auto_state_fops_(r6, &(0x7f0000000180)=""/61, 0xfffffeeb)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000)

1m31.206080913s ago: executing program 0 (id=3059):
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x7, @local}, 0x50)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0xba080, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x17)
openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x8002, 0x0)
unshare$auto(0x40000080)
open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0)
mkdir$auto(&(0x7f0000000040)='./cgroup/../file0\x00', 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
futex$auto(&(0x7f0000000080)=0x2948, 0x9, 0x2948, 0x0, 0x0, 0x5)
futex$auto(0x0, 0x200, 0x680a501e, 0x0, &(0x7f0000000080)=0x80000000, 0xcc9e)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
ioctl$auto_SNDCTL_DSP_GETODELAY(0xffffffffffffffff, 0x80045035, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
mount$auto(&(0x7f0000000000)='veth1_vlan\x00', &(0x7f0000000240)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440)='hfs\xf1\x86\xf7d@\xe8Y\xea\xb1H\x01\xff\"^\'6\xba\xa9s\x1d\xf4\xe1i\xc5\xb6_B\xa7\f\xef\xe0S\x93\xd3\xb1KFS\xc1\xa7\x8e*h\xe3\x8b\x7f\xca\xfcNE\xff\xf2\xac\xd1\xee\xf4\x9a?\xac\x11\x88\aO\x84\xe6k\a\x9bY\xddx\xb8\xdf\vHv\xb5\f\xbc\b\xc0\xfa\xa6\xce\xbd\x03\x00\x93\xdc4\x97\xce\xd5&\x93\xae\x05q\xe9\xa8?\x00\xbdi\x88q\xd0w\xfd@\r\xce\xe4\xadrt`\xf8`b\xbf\xeci\x93a\xc6o\x9ej\xe4\xa3\x9d\xaa\xe1\xe1N\n\xbcq\n[\"5\xd4\xa6\x96#).\xbd\x8aD\x88>8J\v\xb5\x9bH\xc5\a\xc9\xcf\xbc\x85\xbf\x85\x81\x0f\x7f8\x01\xdbK\xf3\xc2#\x18\x1c\xdf\x05\xcd\xbb\xc03_\xb7Q@\xf2G\x00'/208, 0x56, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6a742, 0x0)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0)
mmap$auto(0x3, 0x8, 0xdf, 0x1a, 0x2, 0x80000000000c002)
r3 = socket(0x23, 0x1, 0x0)
fcntl$getown(r3, 0x9)

1m27.439011691s ago: executing program 0 (id=3069):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
socketcall$auto_SYS_SOCKET(0x1, &(0x7f00000000c0)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/audio1\x00', 0x101001, 0x0)
poll$auto(&(0x7f0000000040)={0x3, 0x0, 0xa}, 0x5, 0x108)
getsockopt$auto_SO_MEMINFO(0xffffffffffffffff, 0xaa6, 0x37, &(0x7f0000000100)='nl80211\x00', 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e1f, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x80000b}, 0x3, 0x20000000)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@generic={0x0, "ab06fdffff00fff500"}, 0x55)
close_range$auto(0x2, 0x8, 0x0)
readv$auto(r1, &(0x7f00000001c0)={&(0x7f0000000180)="7ef9fdc56a7b90995b1cbd633db1bbf2559714", 0x9}, 0xffffffffffffffff)
socket(0xa, 0x2, 0x0)
socket(0x11, 0x80003, 0x300)
ioctl$auto(0x3, 0x5411, 0x10000000000402)
write$auto(0x3, 0x0, 0x100082)
write$auto(0x3, 0x0, 0x8)

1m26.201929658s ago: executing program 0 (id=3071):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC0D0p\x00', 0x84000, 0x0)
accept$auto(r1, &(0x7f00000000c0)=@can, &(0x7f0000000100)=0x8)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO(r1, 0x80184132, &(0x7f0000000080)={0x6, 0x7, 0x0, 0x10001})
socket(0x11, 0x3, 0x9)
mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000)
io_uring_setup$auto(0x1010008, 0x0)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r2 = socket(0x2, 0x2, 0x0)
r3 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x0, 0x20)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
listen$auto(r2, 0x81)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2, 0x1, 0x9b72, 0x7, 0x28000)
socket(0xa, 0x1, 0x84)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D3\x00', 0x401, 0x0)
socketpair$auto(0xffffffff, 0x4000002, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0xe57f, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2]}, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)

1m25.93888942s ago: executing program 0 (id=3072):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x3, 0x6, 0x9, 0xfffffffffffffffc)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
r0 = epoll_create$auto(0x3e)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
socket(0x1a, 0x800, 0xe2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/shmem_fallback_charge\x00', 0x101100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000640)=""/177, 0xb1)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0)

1m10.276079902s ago: executing program 32 (id=3072):
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
prctl$auto_PR_SET_SHADOW_STACK_STATUS(0x4b, 0x3, 0x6, 0x9, 0xfffffffffffffffc)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0)
r0 = epoll_create$auto(0x3e)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
socket(0x1a, 0x800, 0xe2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-256kB/stats/shmem_fallback_charge\x00', 0x101100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000640)=""/177, 0xb1)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0)
write$auto(0x3, 0x0, 0x100082)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0)

10.968986375s ago: executing program 3 (id=3297):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="67d89f3ca5c2dc71ec503091b9b4f15aabe261d481323dcf70ebf79893725bb80d28ade464bca611250b8e875ae41e9f690f7581e70a405e60cc662988ad3f21e0ecbe9512ea3cfc84c4affeb8781b41382e330fddb24eca3123ca8542fde6ea21781a76980760539c50a1dee1b4fe7d08b74f9db80c8f822a1d6886200c8c16", @ANYRES16=r1, @ANYBLOB="01002cbd7000fedbdf25040000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
mmap$auto(0xffffffffffffffff, 0x40000c, 0x45bd, 0x1c, 0x2, 0x8000)
r2 = epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0x3, 0x0, 0x5c8)
statmount$auto(0x0, &(0x7f0000000180)={0x5, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0xfe74, 0x10, 0x80, 0x800000029f, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0xe, 0x9, 0x2000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0xfffffffffffffffd, 0x7, 0x0, 0x400, 0x94, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000379ede783706ff3c98ee2cf25276f3649ec394a5e121eb5922951c7893539541a66b28415b30f28a528f45c88dc61f7f6037ce8f96e98ffe25522e0051e66667e21290222c505cd3948739b857b8e605eff86809f336851a63a7dc22016011500b0b3f21120875700f9298ffa79fb60578b231bbfa4bd7846622638754bcca00d2bab314ff665361ccfb37e79d7a787a18749f4dbf2d6c5c0ebdb8cc29fc8071601ae6a88b073b8f961c4f3a4437fd26f9dc920000000000", @ANYRES16=0x0, @ANYBLOB="01002cbd70000c00000003000000050025", @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4893}, 0x8040)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xb, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000)
madvise$auto(0x0, 0x2003f0, 0x15)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2)

9.651941405s ago: executing program 4 (id=3300):
timerfd_create$auto(0x9, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x8, 0xffffffffffffff49, 0x5, 0x1823, 0x800000000004, 0x1, 0x5, 0x19, 0x10, 0x5, 0x2dde, 0x8, 0xfffffffffffffffa, 0xab, 0x0, 0x1]}, &(0x7f0000000040)={0x0, 0x7})
mmap$auto(0xffffffff, 0x400008, 0xdf, 0xff, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
write$auto(0x3, 0x0, 0xfdef)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b)
socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f00000000c0)={0xb213, 0xae, 0x800})
sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f00000000c0), 0x5aa, &(0x7f0000000080)={&(0x7f0000000040)='f', 0x69}, 0x1, 0x0, 0x8, 0x3}, 0x6}, 0x2, 0x100)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x8000000000000000, 0x400008, 0xd, 0x2fd, r0, 0x7)
syz_clone(0x20480, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x401, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000)
madvise$auto(0x0, 0x3, 0x7f)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x6, 0x1)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x0)
mmap$auto(0xffffffffffffffff, 0x400006, 0xdf, 0x9b72, 0x0, 0x100000000008000)
write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
waitid$auto_P_PID(0x1, 0x0, 0x0, 0x5, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r3, 0xc0185500, 0x0)

8.225612074s ago: executing program 4 (id=3301):
fanotify_init$auto(0x6a1, 0x2000000000002)
socket(0x0, 0x1, 0x6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

7.944645344s ago: executing program 4 (id=3302):
socket(0x18, 0x80004, 0x1)
r0 = socket(0x2, 0x3, 0xa)
r1 = socket(0xa, 0x1, 0x84)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000240)={0x5a02, 0x0, [{0xc, 0xffff, 0x6}]})
writev$auto(0xffffffffffffffff, 0x0, 0x8)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000600), r0)
sendmsg$auto_OVS_FLOW_CMD_SET(r4, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES16=r2, @ANYRES64=r1], 0x24}, 0x1, 0x0, 0x0, 0x44}, 0x40000)
close_range$auto(0xffffffffffffffff, r3, 0x3)
r5 = socket(0x80000000000000a, 0x2, 0x0)
socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
setreuid$auto(0x7, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
sysfs$auto(0x2, 0x2, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
mbind$auto(0x8, 0xffff, 0x200, &(0x7f0000000180)=0x7, 0x6, 0x80000000)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x3, 0x0, 0x106, 0x0, 0x6c, 0x5}, 0x3}, 0x9a6, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
r6 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x8201, 0x0)
readv$auto(r6, &(0x7f0000000040)={0x0, 0xffff}, 0x4)
ioctl$auto_SNDCTL_SEQ_CTRLRATE(0xffffffffffffffff, 0xc0045103, 0x0)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="19e6ea3adededc85a9c73dbffeed88816dc2c0db0384eb1016135d36b21b5f65fd71c6d8e83e6cb91d96575f7e340f87dcff8b9c4b4b33e3e84c215218aa466bbcaad70f8419572fde10a474ffff7ca93aec5ae6e2a74c3a883a2219efa14d49b11a2a25d9e777565b3e86147a2348fbb6", @ANYRES32=r3, @ANYRES64], 0x24}}, 0x4000000)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r1, &(0x7f0000000300)={&(0x7f0000000200), 0xc, &(0x7f00000002c0)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x4000005)
sendfile$auto(r5, 0x3, 0x0, 0xc01)

7.243997323s ago: executing program 4 (id=3305):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/vm/nr_overcommit_hugepages\x00', 0x100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getrusage$auto(0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
ustat$auto(0x801, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4)
pwrite64$auto(0xc8, 0x0, 0xfdef, 0x2)
io_uring_setup$auto(0x6, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001a80)={'wg2\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f0000001ac0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd70007cdbdf251b0000000c0001800800016d", @ANYRES32=r5, @ANYBLOB="04000280"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000000)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000100)={0x2, 0x179, [{0x3a, 0x5, 0x80000000}]})

6.690760631s ago: executing program 3 (id=3307):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x2, 0x0)
open(0x0, 0x22240, 0x55)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(r1, 0x40106f52, r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001300)={'batadv_slave_0\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000040)={0x28, r7, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x34b}]}, 0x28}, 0x1, 0x100000000000000, 0x0, 0x9dfefc5e47f5c72f}, 0x4)
stat$auto(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x80000001, 0x9, 0x800000000000000, 0xf5d, <r8=>0x0, 0xffffffffffffffff, 0x0, 0xc8, 0x8000, 0x4, 0x8000, 0x929, 0x40000000000, 0xd, 0xfffffffffffffffd, 0x4, 0x5})
sendmsg$auto_ETHTOOL_MSG_FEC_SET(r0, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000480)={&(0x7f00000006c0)={0x360, r7, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_FEC_MODES={0x33b, 0x2, 0x0, 0x1, [@generic="fce8cfad7548c776e3576eb525814be240355eeaaf4cd485722eeffc021aa0df5681738ea837deca4cdcaef601033c97130a3c3c84b0f621eab65599074bb5d9ee96dbd8415ef8093b599bb7831cfa10af2dbb2143e9174e9813a5dc3bf6870afa4fec4c66c68afe85c6fea31c5b6561db0c3066a981201dc4851064cde3fc23fe4d8c72ae69e71c85ec", @nested={0x77, 0xb7, 0x0, 0x1, [@generic="f497c55d6f9fc6089e7c9acc8321e28676708ce728452558166fda160906cacb991129e7b96ae30c96abff7ba6b3d3d35660a41e24f7ad5b6feb8574a4a927d20e023c3261aa2e", @typed={0x16, 0x94, 0x0, 0x0, @str='/dev/input/event0\x00'}, @typed={0x14, 0x80, 0x0, 0x0, @ipv6=@local}]}, @generic="20bf904c339b3c2fb9923da7aa1381cb96e82c4746c13f2dd442473643c0aae8ea40fc10ac40b017573b5b9b044c1a4a39c2de8d481b30690e447d7f2e5a506ccfb9bfa2cf90a410d92f13da4d89946614a6557588bc2c42b1730c68f34b3f1fac43f74b021a032f68c336c0004b83699a6af824f7db21fb73505922fdf17632aedc08ae0049e9c0ec3e75484cc0ae455e7fb34c4c7b87b49a07929ae2dc347eb704cad65bd127655f99e10bbde384e41d64322342d16e675fcb33c26b693cf5fe95c888e80949497620cfdfdb8e20609263081a94a30870881b267d40f9", @nested={0xc8, 0x8c, 0x0, 0x1, [@nested={0x4, 0xee}, @typed={0x6c, 0x82, 0x0, 0x0, @binary="931470c93ab2162c935bbd2dec684d4f4012a52d915fc8408697868cdcfd5cd2a4d92c979a1a88ed6eebd91dba045658518de0a8b9eb8af3aa0ae9f4ecaa5fe2656c8bf1e59ac945f3850a30359ab178e1729f83f0ebeb594cabb0e87b327813904fe454cbbe4f32"}, @nested={0x4, 0xfa}, @nested={0x4, 0xa4}, @typed={0x4a, 0x105, 0x0, 0x0, @binary="5b263989893dea188d5ef66ad47642d87d94019a9ddc3a57f5ab4585c30e36bf15b7dcede3ac73250ebf721fc07905761c0145ed7f340ab199e9cdd0f32d5d6f501ed0ca1801"}]}, @generic="859cc3d8b11fad1fd6b6837bc08d5c84c5e66367586b916b184cda6c2f279c1117c1e5311efa4b0ca760392954e7476d154316d9aad86d2a79cf057eb03dbd427698cf74e3fb408e4be164321fa12bb5ab848a58ccbd294ed040c1ec96f0aa1d3ac8e999fb70b527e7f5527e545b0202c4b4df4c1ba188551c9047f97787ea7900c914408f99a1", @typed={0x8, 0xb6, 0x0, 0x0, @uid=r8}]}, @ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0xfc}, @ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0x8}]}, 0x360}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x14000000}, 0x0)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r4, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r9}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r3, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0)
r10 = openat$auto_fops_x16_ro_(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/dormant_links\x00', 0x8040, 0x0)
io_uring_register$auto_IORING_REGISTER_PBUF_RING(r10, 0x16, &(0x7f0000000280)="b4dc694efa1149efce5bd03c592600a75e6cc91e39f5aebeed", 0x8)
r11 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_VHOST_SET_VRING_BASE(r11, 0x4008af12, &(0x7f0000000340)={0x80000001, 0x7fffffff})
ioctl$auto_AUTOFS_IOC_SETTIMEOUT32(r11, 0xc0049364, &(0x7f00000002c0)=0x9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
r12 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r12, 0x80004507, 0x10000000000402)
madvise$auto(0x8000, 0x87fff, 0xc)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)

6.571236041s ago: executing program 2 (id=3308):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="67d89f3ca5c2dc71ec503091b9b4f15aabe261d481323dcf70ebf79893725bb80d28ade464bca611250b8e875ae41e9f690f7581e70a405e60cc662988ad3f21e0ecbe9512ea3cfc84c4affeb8781b41382e330fddb24eca3123ca8542fde6ea21781a76980760539c50a1dee1b4fe7d08b74f9db80c8f822a1d6886200c8c16", @ANYRES16=r1, @ANYBLOB="01002cbd7000fedbdf25040000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
mmap$auto(0xffffffffffffffff, 0x40000c, 0x45bd, 0x1c, 0x2, 0x8000)
r2 = epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0x3, 0x0, 0x5c8)
statmount$auto(0x0, &(0x7f0000000180)={0x5, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0xfe74, 0x10, 0x80, 0x800000029f, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0xe, 0x9, 0x2000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0xfffffffffffffffd, 0x7, 0x0, 0x400, 0x94, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000379ede783706ff3c98ee2cf25276f3649ec394a5e121eb5922951c7893539541a66b28415b30f28a528f45c88dc61f7f6037ce8f96e98ffe25522e0051e66667e21290222c505cd3948739b857b8e605eff86809f336851a63a7dc22016011500b0b3f21120875700f9298ffa79fb60578b231bbfa4bd7846622638754bcca00d2bab314ff665361ccfb37e79d7a787a18749f4dbf2d6c5c0ebdb8cc29fc8071601ae6a88b073b8f961c4f3a4437fd26f9dc920000000000", @ANYRES16=0x0, @ANYBLOB="01002cbd70000c00000003000000050025", @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4893}, 0x8040)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xb, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
timerfd_gettime$auto(0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000)
madvise$auto(0x0, 0x2003f0, 0x15)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2)

6.566813804s ago: executing program 1 (id=3309):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/carrier\x00', 0xc2061, 0x0)
write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xab\b\x00\x00\x00\x00\x00\x00\x00}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2oc!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x83)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x10)
sysfs$auto(0x2, 0x23, 0x0)
r1 = fsopen$auto(0x0, 0x5)
fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0)
r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r2, 0xc1004111, 0x0)
r3 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0)
close_range$auto(r1, r0, 0x2)
readv$auto(r3, &(0x7f00000018c0)={0x0, 0x1}, 0x9)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/personality\x00', 0x8002, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/rt_acct\x00', 0x840, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/138, 0x8a)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000300)=""/251, 0xfb)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/dev_snmp6/macvtap0\x00', 0x0, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
symlink$auto(&(0x7f0000000400)='./file0\x00', 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x100)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)

6.047735611s ago: executing program 4 (id=3310):
unshare$auto(0x40000080)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/id/id\x00', 0xa000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4088, 0xff8)
mmap$auto(0x0, 0x2000d, 0x3, 0xeb1, 0x404, 0x100010008000)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x580, 0x0)
write$auto_proc_fail_nth_operations_base(r1, &(0x7f0000000280)="9aac3ca103c89389e240c32ed9183e228d120ebe1883268c97cee75949d818c90aa5d5961abac626f4b7e3030376fac4cf8274218e96180a4fe3a941aa39ef22d3ae27ab38a1e8839defcf4a735e00df2d5690dc53f305f77c3f271fa3e825501042d586599be0cc4cca6556cf282d42f2b29e8a437b5805e09a789d96eb9438b3b725679ccf923446f6731758b73ac63347f121d005e62b06bd2c2a5d04454b", 0xa0)
write$auto(0xffffffffffffffff, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060007000080007489000200f5f5f0d60cbfdc11458ee19ee660f3e77f7d9090f6339aab9338c894c4ce18ceacbaf94dd7c1f09e90fef86d4d001435ec21a34d559c31396a921fec9b9431a851eae26f138dd309856146dda395c9afca2ee98ba46da0f844fd99c88b90340ee832efcdb77700eb34cafc4b764af350901fb0051dd263903340754de724283f2d19d1e70cda39fa64d15c0cb78042fb5051a39abc44860d", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32=r0], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='.'], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x1080000001fc, 0x8800000000)
pwrite64$auto(0xc8, 0x0, 0xfdf3, 0x6)
close_range$auto(0x2, 0x8, 0x0)
setresuid$auto(0x8, 0x8, 0x0)
r2 = setfsuid$auto(0xee00)
setreuid$auto(r2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snd/midiC2D0\x00', 0x40041, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
fsconfig$auto(0xffffffffffffffff, 0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", <r5=>0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf)
ioctl$auto_X86_IOC_WRMSR_REGS(r4, 0xc02063a1, &(0x7f0000000000)=[0x2, 0x2, 0x4, 0x0, 0x2, 0x200, 0x3, 0x7])
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)

5.251781462s ago: executing program 3 (id=3311):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_NEW(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="b73882b2b08d7dae7e699454343b1b4cc420c61d0d849c8e7d2fce9bb30472fb3f5af15a2d3ee5f651a2944118b3f34d1a6cc5511046dcc5c59cf9d552a6097173c2d31ae16bd2ef6f9ce5f390e659daea80be9cbf59089c58f5af64030d65af2f590c96d7126fd9ecc49f81e50cc364fc34d7927305156abf672e8c72", @ANYRES16=r1, @ANYBLOB="01002bbd7000fddbdf250100000004000a8013000300a309bc2a7ca4d840eb89670800010000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)

5.185336267s ago: executing program 1 (id=3312):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nbd14\x00', 0x10002, 0x0)
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder0\x00', 0x385ac1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0xf, 0x5, 0x87ff)
ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f00000002c0)="31148c9310a82dc63ae2915cb1b10f5092a51a9751e2a5a1e35b51c657cb58df7c77a0d7e33de009c698071e8803171741d4bbf2daa62f79b3f67302017d09249ef004c0a22936c95133813bf662ecdbad204847af920136fb22c0869f02cbbb275abf36fb2bfba52da6b5ad692485e5a574626e1d63b4f57487e7211d63ec5f44ec9e9dc589920767bd361e85bf7dd136a085926a5e99b84dd8dbc6f49e58feb6c8910bf69783a0a32f11ac6f175787c6cacd2612c0")
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/query\x00', 0xc0040, 0x0)
socket(0x3, 0x800, 0x5)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer\x00', 0x2, 0x0)
r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r3, r1, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0)
ioctl$auto(r4, 0xc0585611, r4)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x8, 0xa563, 0x9, 0x3, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x8, 0x8, 0x9a8c, 0x9, 0xfffe]}, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x7)
writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x8}, 0xfffffffffffffff9)
ioctl$auto_BINDER_GET_NODE_DEBUG_INFO(r3, 0xc018620b, &(0x7f0000000840)="2f2387ed1c68c56b95d2ea8c7fc4f4d51123918a0bd9893d4aa306d5ce1ecb9a9fb43bad9b690256a880b6dbb057a0b84328bba5d184f06fae62e8d3456c94d3a17afdd064acea5a19a5c86f6535f771fbbcff0000000000000014287f218b73f87df269b0b530b2072116f5facb955187bcb5cbb18609614896c7daacf3c0607cf33442e21b985b18e5b494a671984aa5905754e9fcc1b9491aaa714b933b5bd2d3e70b4ed83e482a2cf2556cd28465c910861a3b63956950294997a749e5bea3ba14578e297f32cb6f79dc42940cebdfef79425ff86d20873c7b87d5fcca7e10d79336e8715fc8e65d63c39300000000000000000000000000000000668a1d7f11d65bb05ecb55e5f0c3ef99606aa6c6d7c4b23e35c6307d3abb286df42d42e50b8bcfa71738be3eb3eb70d3b1db5be032a04ec65803056518d10d09bf8906c9abd3c5f8035958e85725009da3b83fd5d80b20538cbba7b15414cb9704e66b8ded79ef14571bc01b73e3c0dc95950973cfc5f2edeb897b1d49603516dc10ad36eea483a60390cab71b84421fb7abe285b0de3e15beeeb60df2d91bd287c1fc322e53c3592659a509270596a630e093388ff4e0e3acb47c575b334e1a569e58a63e442946236ec3446b2799f3f2badf9eb3eef73f5fc2f5464426114f8cb13203bc84a7828a5aa61b6f474253de2a2d2f8ba74bdd3e9cd227cf4f89e82f22c02bf6145579a53af3e4117bcb88115391cb1deef7d6095d2f998d8b42aa586ed87681dba716a435ccca8e2489ab350dffd2946fa508bddaa49dfa0ebb99c599ed2c147babdadf00ab69ef7ed390d4c2b219ac11a901160b329249d48d179479a63314")
mmap$auto(0x3, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x80008000)
close_range$auto(r0, r2, 0x0)
r5 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x1, 0x2020009, 0x2, 0xebf, 0xffffffffffffffff, 0x1)
unshare$auto(0x40000080)
r6 = socketpair$auto(0x401, 0x800, 0x2, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x800000a)
socket(0x2, 0x801, 0x6)
setsockopt$auto(0x3, 0x1, 0x1e, 0x0, 0x9)
sendmmsg$auto(r1, 0x0, 0x9a6, 0xa00)
mmap$auto_mon_fops_binary_mon_bin(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4, 0x4010, r5, 0x7ff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8001c01, 0x0, 0x1, 0x0, 0xfff, 0x8}, 0x7}, 0x2, 0xa1ab)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r6)

4.901077871s ago: executing program 3 (id=3313):
mmap$auto(0x0, 0x400009, 0x81, 0x9b72, 0x8000000000000003, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = socket(0xa, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c030000000000000033", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)
fsopen$auto(&(0x7f0000000080)='xfrm0\x00', 0x81)
statmount$auto(&(0x7f0000000040)={0x1f, @inferred=r0, 0x80000020, 0xffffffffffffffff, 0x8}, 0x0, 0x7ff7fffff000, 0x4000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'xfrm0\x00'})
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/pids.peak\x00', 0x9c100, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x2000040080000000, 0xe)
mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0xfff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x0, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000)
unshare$auto(0x40000080)
r4 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x181c40, 0x0)
lseek$auto(r4, 0x0, 0x2)
readv$auto(r4, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1)
getsockopt$auto(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000040)='/dev/cec27\x00', 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

3.767785707s ago: executing program 4 (id=3314):
r0 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, &(0x7f0000004980)={&(0x7f0000000040)={0x20, r0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_OPTIONS={0xc, 0x4, 0x0, 0x1, [@nested={0x8, 0x8, 0x0, 0x1, [@generic="8592a023"]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040801}, 0x44000)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
r1 = socket(0x29, 0x2, 0x0)
select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, &(0x7f00000004c0)={[0xe3c6, 0x8, 0x2, 0x8, 0x7, 0x3ff, 0x3, 0xa, 0x0, 0x9, 0x6, 0x1, 0x7a, 0x8, 0x66960ada, 0xffff]}, &(0x7f00000000c0)={0xffffffffffffffff, 0x7})
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'})
socket(0x2, 0x1, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0)
write$auto(r2, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto_lockdown_ops_lockdown(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64$auto(r4, 0x0, 0x200000000006, 0x8)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0x9, 0x92f1, 0x4000004}, 0xd)
madvise$auto(0x0, 0x2003f0, 0x15)

3.764825946s ago: executing program 1 (id=3315):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
r1 = timerfd_create$auto(0x9, 0x9)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
fallocate$auto(r0, 0x1, 0x820, 0x7fff)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000180)="fc5ea5f1401a03cd7d362456adda0cf384c0e2d7bd3d31e409957ab6bd240c4af9373f9691253b947acf08619b")
mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
prctl$auto(0x3f, 0x1, 0x4, 0x8000000000000000, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x5054c2, 0x0)
bpf$auto(0x5, 0x0, 0x1)
unshare$auto(0x40000080)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x3)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
preadv2$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)

3.587589645s ago: executing program 2 (id=3316):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) (async)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) (async)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0)

3.157035271s ago: executing program 2 (id=3317):
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async)
mmap$auto(0x0, 0x400006, 0xdf, 0x809b72, 0x2, 0x8000) (async)
pipe2$auto(0x0, 0x80) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYRES8=0x0, @ANYRES64=r0], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0) (async)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xd8, r1, 0x8, 0x70bd2c, 0x25dfdbfe, {}, "662c77ca23d64f51ec6efcb972ac13f84f7408021799ecb6e20a8ead5f6188af6a4bd4193587196c6777b6c818722290a58c95c30c6d9154d82ec0848754e358b38f389ad95fe5129a5e7743ac396d0686ca3ca8af0acc092aba2febab234ed3c66494141b8607026be090d7b746b95d9d0fcf8a23cb5d6eaf913708d0960fd6b853965299c2bf0716688a78713d201545d8f12eaa82f86b035d96ec25bbbe6bf363799c8d4c46e51ae4864c1b6f98fbbd40c4c9b2f3fc5d632536f2098689368c43"}, 0xd8}, 0x1, 0x0, 0x0, 0x1285b9617f7d259}, 0x85) (async)
dup2$auto(0x5, 0x4) (async)
select$auto(0xb, &(0x7f0000000100)={[0x7f, 0x31, 0xffffffffffffffff, 0x80000000, 0x7, 0x6, 0x81, 0x67e, 0x8, 0x2, 0x5, 0x10001, 0x334, 0x4, 0xfffffffffffffffe, 0x8]}, 0x0, 0x0, 0x0) (async)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$auto_VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x6, <r3=>0xffffffffffffffff})
r4 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r3, 0x8004b709, &(0x7f0000000040)=0x6)
syz_open_procfs$namespace(r4, &(0x7f00000000c0)='ns/time\x00')
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x0, 0x0)

2.708823911s ago: executing program 2 (id=3318):
mmap$auto(0x0, 0x20009, 0xe4, 0xeb1, 0x403, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(r1, 0xc008ae67, r1)
execveat$auto(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=0x0, 0x0, 0x80000001)
mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/memory_hotplug/parameters/online_policy\x00', 0x2, 0x0)
read$auto(r3, 0x0, 0x800)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x1ff, 0x7, 0x3f, 0x7, 0x1ffe0, 0x7, 0x3, 0x2, 0xd, 0x3, 0x6, 0x4, 0x8b4, 0x9, 0x4, 0x10003, 0x7, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x7, 0x0, 0x0, 0x0, [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe]}, 0x8, 0xd)
socket(0xa, 0x5, 0x84)
openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x101b00, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r6 = openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0xe00, 0x0)
read$auto(r6, 0x0, 0x4)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/cmdline\x00', 0x481, 0x0)
mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002)
close_range$auto(0x2, 0x8, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
keyctl$auto_KEYCTL_GET_PERSISTENT(0x16, 0x0, 0x7fffffffffffffff, 0xffffffffffffe6d6, 0x2)
sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r4, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="9c05", @ANYRES16=0x0, @ANYBLOB="000126bd7000ffdbdf254b0000001c00e70020351644513a7bd458eecf3c840963a2350f2330419c3c40a4009d008182b2cd99554eee70979c47af537a163f65a1a5cb0dc88f31513db86fd3a37f30698be457c216b4fda8d1986eeb32c4a53d14b7071a97be6bf915335d252f3574037f42a59949294dcb3117f7ae7159f7b33e69dc43f14e7a478ad496538bad7d729784d9f4a723dcfa63ac419991a0ae", @ANYRES32=0x0], 0x59c}, 0x1, 0x0, 0x0, 0x20040084}, 0x20000000)
waitid$auto_P_ALL(0x0, 0x468e, 0x0, 0x20003, &(0x7f0000000340)={{0x8, 0x20000000000005}, {0xa, 0xffe}, 0xfffffffffffff801, 0x1af, 0xfffffffffffffffa, 0x2, 0x7, 0x5, 0x402, 0x2, 0xe6, 0x8, 0x7, 0x200006, 0x2, 0x8})

1.96904816s ago: executing program 3 (id=3319):
mmap$auto(0x5, 0x8, 0x4000000000e4, 0x800000000000017, 0x401, 0x5)
socket(0x11, 0x5, 0x1)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x191000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000db, 0x40000000000eb1, 0x401, 0x8000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = prctl$auto(0x3e, 0xc32f, 0x0, 0xffffffffffffffff, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace_pipe\x00', 0xf23f6ee378443d14, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/net/dev_snmp6/veth0_virt_wifi\x00', 0x200000, 0x0)
writev$auto(0x3, 0x0, 0x8009)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(r0, 0x0, 0x4000)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x81ac}, 0x7, 0x0, 0x9)
read$auto(0x3, 0x0, 0xf34)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)

1.40485433s ago: executing program 2 (id=3320):
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000)
getsockopt$auto_SO_DOMAIN(0xffffffffffffffff, 0xf99, 0x27, &(0x7f0000000040)='-&\x00', &(0x7f0000000100)=0x100203)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = open(0x0, 0x22240, 0x155)
mmap$auto(0x0, 0x2, 0xdf, 0x9b72, r0, 0x2)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/power_state\x00', 0x40, 0x0)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/fcloop/ctl/add_local_port\x00', 0xa001, 0x0)
write$auto(r2, &(0x7f0000000000)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x92\xa3\x99\xc4 \xbcr^\x9f\x8a\a\xd7\x19\xb8k\xa2\xce\xdb\xab?\xecZ\xb4\x068\xae\b\x1e~\xe0{\x1f\xf6^\x92\xdfDng', 0x80)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x40146f2c, 0x0)
prctl$auto(0x23, 0xa, 0x2008, 0x0, 0x0)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x403c6f2b, 0x0)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, 0x0, 0x6a)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x100000000400008, 0xdf, 0x9b72, 0x2, 0x3)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x81, 0x0)
ioctl$auto_SNDCTL_TMR_CONTINUE(r4, 0x5404, &(0x7f0000000180)='i}7')
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0xfffffffe)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)

931.339629ms ago: executing program 1 (id=3321):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async)
write$auto(0x4, 0x0, 0x100082)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000340)='J7', 0x2) (async)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd)

495.068071ms ago: executing program 1 (id=3322):
r0 = openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy4/hwsim/dfs_simulate_radar\x00', 0x400, 0x0)
mmap$auto(0x0, 0x2020009, 0x4000000003, 0xeb1, r0, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000001200)='/proc/thread-self/mounts\x00', 0x28000, 0x0)
preadv$auto(r1, &(0x7f0000000140)={&(0x7f00000000c0), 0x6}, 0x1000000ffff, 0x4, 0x4)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
r2 = socket(0x22, 0x2, 0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
fstat$auto(r2, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0x4048aecb, 0x0)
close_range$auto(0x2, 0x8, 0x0)

237.030761ms ago: executing program 1 (id=3323):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0x2, 0x6)
mmap$auto(0x0, 0x400, 0xe0, 0x9b72, 0x2, 0x4)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto(0x3, 0x80108907, 0x38)
setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd)
mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0xfffffdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

97.77406ms ago: executing program 2 (id=3324):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="67d89f3ca5c2dc71ec503091b9b4f15aabe261d481323dcf70ebf79893725bb80d28ade464bca611250b8e875ae41e9f690f7581e70a405e60cc662988ad3f21e0ecbe9512ea3cfc84c4affeb8781b41382e330fddb24eca3123ca8542fde6ea21781a76980760539c50a1dee1b4fe7d08b74f9db80c8f822a1d6886200c8c16", @ANYRES16=r1, @ANYBLOB="01002cbd7000fedbdf25040000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
mmap$auto(0xffffffffffffffff, 0x40000c, 0x45bd, 0x1c, 0x2, 0x8000)
r2 = epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0x3, 0x0, 0x5c8)
statmount$auto(0x0, &(0x7f0000000180)={0x5, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0xfe74, 0x10, 0x80, 0x800000029f, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0xe, 0x9, 0x2000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0xfffffffffffffffd, 0x7, 0x0, 0x400, 0x94, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000379ede783706ff3c98ee2cf25276f3649ec394a5e121eb5922951c7893539541a66b28415b30f28a528f45c88dc61f7f6037ce8f96e98ffe25522e0051e66667e21290222c505cd3948739b857b8e605eff86809f336851a63a7dc22016011500b0b3f21120875700f9298ffa79fb60578b231bbfa4bd7846622638754bcca00d2bab314ff665361ccfb37e79d7a787a18749f4dbf2d6c5c0ebdb8cc29fc8071601ae6a88b073b8f961c4f3a4437fd26f9dc920000000000", @ANYRES16=0x0, @ANYBLOB="01002cbd70000c00000003000000050025", @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4893}, 0x8040)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xb, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r5, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
timerfd_gettime$auto(0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000)
madvise$auto(0x0, 0x2003f0, 0x15)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2)

0s ago: executing program 3 (id=3325):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
mmap$auto(0x0, 0x8, 0x8004000080000df, 0x40eb2, 0x401, 0x300000000000)
move_pages$auto(0x0, 0x5, 0x0, &(0x7f00000003c0)=0x1, 0x0, 0x2)
r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x1eb082, 0x0)
ioctl$auto_BLKPG2(r2, 0x1269, 0x0)
read$auto(r1, 0x0, 0x7)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/tdls_wider_bw\x00', 0x402480, 0x0)
openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x14100, 0x0)
r4 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800})
sendmmsg$auto(r4, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f00000000c0)={&(0x7f0000000040)="661b", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x4}, 0x2, 0x100)
pwrite64$auto(r3, 0x0, 0x3, 0x4200000000000005)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
setfsuid$auto(0xee00)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0x60, 0x0, 0x10001)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x538, 0x80, 0x10000, 0x0, r5, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, r5, 0x4, 0x6, 0x101, 0x1, r5}, 0x6f3)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r5)
setfsuid$auto(0xee01)

kernel console output (not intermixed with test programs):

0
[  194.095664][ T7376]  ? update_load_avg+0x233/0x2220
[  194.095740][ T7376]  ? lock_acquire+0x179/0x330
[  194.095822][ T7376]  ? rcu_is_watching+0x12/0xc0
[  194.095879][ T7376]  mmap_region+0x1ab/0x3f0
[  194.095918][ T7376]  ? __get_unmapped_area+0x267/0x3f0
[  194.095970][ T7376]  do_mmap+0xa3e/0x1210
[  194.096025][ T7376]  ? __pfx_do_mmap+0x10/0x10
[  194.096072][ T7376]  ? __pfx_down_write_killable+0x10/0x10
[  194.096115][ T7376]  vm_mmap_pgoff+0x29e/0x470
[  194.096169][ T7376]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  194.096212][ T7376]  ? __pfx___might_resched+0x10/0x10
[  194.096257][ T7376]  ? blkcg_maybe_throttle_current+0x650/0xf30
[  194.096304][ T7376]  ? __x64_sys_futex+0x1e0/0x4c0
[  194.096339][ T7376]  ? __x64_sys_futex+0x1e9/0x4c0
[  194.096380][ T7376]  ksys_mmap_pgoff+0x7d/0x5c0
[  194.096427][ T7376]  ? xfd_validate_state+0x61/0x180
[  194.096462][ T7376]  __x64_sys_mmap+0x125/0x190
[  194.096499][ T7376]  do_syscall_64+0xcd/0xf80
[  194.096550][ T7376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.096582][ T7376] RIP: 0033:0x7fcd8678f7c9
[  194.096608][ T7376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.096648][ T7376] RSP: 002b:00007fcd8754c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  194.096678][ T7376] RAX: ffffffffffffffda RBX: 00007fcd869e5fa0 RCX: 00007fcd8678f7c9
[  194.096699][ T7376] RDX: 00000000000000df RSI: 0000000000000fff RDI: 0000000000000000
[  194.096718][ T7376] RBP: 00007fcd86813f91 R08: 0000000000000401 R09: 0000000000008000
[  194.096738][ T7376] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  194.096757][ T7376] R13: 00007fcd869e6038 R14: 00007fcd869e5fa0 R15: 00007ffeb42a1658
[  194.096801][ T7376]  </TASK>
[  194.455340][ T7374] netlink: 12 bytes leftover after parsing attributes in process `syz.2.321'.
[  194.643063][ T7392] FAULT_INJECTION: forcing a failure.
[  194.643063][ T7392] name failslab, interval 1, probability 0, space 0, times 0
[  194.655944][ T7392] CPU: 0 UID: 0 PID: 7392 Comm: syz.0.323 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  194.656000][ T7392] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  194.656013][ T7392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  194.656031][ T7392] Call Trace:
[  194.656042][ T7392]  <TASK>
[  194.656054][ T7392]  dump_stack_lvl+0x16c/0x1f0
[  194.656111][ T7392]  should_fail_ex+0x512/0x640
[  194.656149][ T7392]  ? kmem_cache_alloc_noprof+0x62/0x770
[  194.656194][ T7392]  should_failslab+0xc2/0x120
[  194.656246][ T7392]  kmem_cache_alloc_noprof+0x83/0x770
[  194.656293][ T7392]  ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10
[  194.656336][ T7392]  ? acpi_ut_create_generic_state+0x61/0xc0
[  194.656383][ T7392]  ? acpi_ut_create_generic_state+0x61/0xc0
[  194.656419][ T7392]  acpi_ut_create_generic_state+0x61/0xc0
[  194.656456][ T7392]  acpi_ps_init_scope+0x3a/0x240
[  194.656497][ T7392]  acpi_ds_init_aml_walk+0x1f6/0x680
[  194.656543][ T7392]  acpi_ps_execute_method+0x39d/0xe90
[  194.656606][ T7392]  acpi_ns_evaluate+0x98c/0x16d0
[  194.656663][ T7392]  acpi_evaluate_object+0x4ca/0xdf0
[  194.656699][ T7392]  ? ksys_read+0x12a/0x250
[  194.656751][ T7392]  ? __pfx_acpi_evaluate_object+0x10/0x10
[  194.656792][ T7392]  ? __pfx___might_resched+0x10/0x10
[  194.656842][ T7392]  acpi_evaluate_integer+0xdd/0x230
[  194.656892][ T7392]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[  194.656958][ T7392]  ? __pfx_status_show+0x10/0x10
[  194.656995][ T7392]  status_show+0xa0/0x120
[  194.657028][ T7392]  ? __pfx_status_show+0x10/0x10
[  194.657073][ T7392]  dev_attr_show+0x56/0xe0
[  194.657117][ T7392]  ? __pfx_dev_attr_show+0x10/0x10
[  194.657158][ T7392]  sysfs_kf_seq_show+0x216/0x3e0
[  194.657200][ T7392]  seq_read_iter+0x50e/0x12d0
[  194.657262][ T7392]  kernfs_fop_read_iter+0x46c/0x610
[  194.657356][ T7392]  ? rw_verify_area+0xcf/0x6c0
[  194.657403][ T7392]  vfs_read+0x8bf/0xcf0
[  194.657458][ T7392]  ? __pfx_vfs_read+0x10/0x10
[  194.657533][ T7392]  ksys_read+0x12a/0x250
[  194.657666][ T7392]  ? __pfx_ksys_read+0x10/0x10
[  194.657730][ T7392]  do_syscall_64+0xcd/0xf80
[  194.657782][ T7392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.657816][ T7392] RIP: 0033:0x7fe20138f7c9
[  194.657845][ T7392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.657875][ T7392] RSP: 002b:00007fe202199038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  194.657905][ T7392] RAX: ffffffffffffffda RBX: 00007fe2015e5fa0 RCX: 00007fe20138f7c9
[  194.657926][ T7392] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003
[  194.657945][ T7392] RBP: 00007fe201413f91 R08: 0000000000000000 R09: 0000000000000000
[  194.657964][ T7392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  194.657983][ T7392] R13: 00007fe2015e6038 R14: 00007fe2015e5fa0 R15: 00007ffd8c48cc68
[  194.658028][ T7392]  </TASK>
[  195.367956][ T7399] WARNING! power/level is deprecated; use power/control instead
[  195.440044][ T7399] hub 1-0:1.0: USB hub found
[  195.445978][ T7399] hub 1-0:1.0: 1 port detected
[  195.455920][ T7405] lo: entered allmulticast mode
[  195.534101][ T7399] hub 1-0:1.0: USB hub found
[  195.541649][ T7399] hub 1-0:1.0: 1 port detected
[  195.747641][ T7413] FAULT_INJECTION: forcing a failure.
[  195.747641][ T7413] name failslab, interval 1, probability 0, space 0, times 0
[  195.797451][ T7413] CPU: 0 UID: 0 PID: 7413 Comm: syz.3.332 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  195.797504][ T7413] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  195.797516][ T7413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  195.797534][ T7413] Call Trace:
[  195.797544][ T7413]  <TASK>
[  195.797556][ T7413]  dump_stack_lvl+0x16c/0x1f0
[  195.797610][ T7413]  should_fail_ex+0x512/0x640
[  195.797646][ T7413]  ? kmem_cache_alloc_noprof+0x62/0x770
[  195.797690][ T7413]  should_failslab+0xc2/0x120
[  195.797740][ T7413]  kmem_cache_alloc_noprof+0x83/0x770
[  195.797780][ T7413]  ? alloc_empty_file+0x55/0x1e0
[  195.797822][ T7413]  ? alloc_empty_file+0x55/0x1e0
[  195.797854][ T7413]  alloc_empty_file+0x55/0x1e0
[  195.797890][ T7413]  alloc_file_pseudo+0x13a/0x230
[  195.797927][ T7413]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  195.797975][ T7413]  __shmem_file_setup+0x1a8/0x350
[  195.798032][ T7413]  shmem_zero_setup+0x93/0x1b0
[  195.798073][ T7413]  __mmap_region+0x2271/0x2a00
[  195.798118][ T7413]  ? __pfx___mmap_region+0x10/0x10
[  195.798166][ T7413]  ? kvm_sched_clock_read+0x11/0x20
[  195.798205][ T7413]  ? sched_clock+0x38/0x60
[  195.798271][ T7413]  ? rcu_is_watching+0x12/0xc0
[  195.798332][ T7413]  ? __update_load_avg_se+0x3fb/0x940
[  195.798451][ T7413]  ? rcu_is_watching+0x12/0xc0
[  195.798507][ T7413]  mmap_region+0x1ab/0x3f0
[  195.798546][ T7413]  ? __get_unmapped_area+0x267/0x3f0
[  195.798598][ T7413]  do_mmap+0xa3e/0x1210
[  195.798653][ T7413]  ? __pfx_do_mmap+0x10/0x10
[  195.798700][ T7413]  ? __pfx_down_write_killable+0x10/0x10
[  195.798741][ T7413]  vm_mmap_pgoff+0x29e/0x470
[  195.798794][ T7413]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  195.798835][ T7413]  ? __pfx___might_resched+0x10/0x10
[  195.798881][ T7413]  ? blkcg_maybe_throttle_current+0x650/0xf30
[  195.798928][ T7413]  ? __x64_sys_futex+0x1e0/0x4c0
[  195.798963][ T7413]  ? __x64_sys_futex+0x1e9/0x4c0
[  195.799005][ T7413]  ksys_mmap_pgoff+0x7d/0x5c0
[  195.799049][ T7413]  ? xfd_validate_state+0x61/0x180
[  195.799084][ T7413]  __x64_sys_mmap+0x125/0x190
[  195.799121][ T7413]  do_syscall_64+0xcd/0xf80
[  195.799170][ T7413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.799201][ T7413] RIP: 0033:0x7ff5fdf8f7c9
[  195.799226][ T7413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.799255][ T7413] RSP: 002b:00007ff5fedc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  195.799285][ T7413] RAX: ffffffffffffffda RBX: 00007ff5fe1e5fa0 RCX: 00007ff5fdf8f7c9
[  195.799305][ T7413] RDX: 00000000000000df RSI: 0000000000000fff RDI: 0000000000000000
[  195.799322][ T7413] RBP: 00007ff5fe013f91 R08: 0000000000000401 R09: 0000000000008000
[  195.799340][ T7413] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  195.799357][ T7413] R13: 00007ff5fe1e6038 R14: 00007ff5fe1e5fa0 R15: 00007fff24e89ac8
[  195.799398][ T7413]  </TASK>
[  196.111697][ T5838] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  196.111741][ T5838] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  196.126753][ T5838] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  196.126843][ T5838] Bluetooth: hci2: Malformed LE Event: 0x0d
[  196.454144][ T7400] lo: left allmulticast mode
[  197.191410][ T7440] futex_wake_op: syz.1.339 tries to shift op by -2048; fix this program
[  197.208421][ T7440] futex_wake_op: syz.1.339 tries to shift op by -2048; fix this program
[  197.229504][ T7440] 0x000000000001-0x000000020000 : ""
[  197.251331][ T7440] ftl_cs: FTL header corrupt!
[  204.564663][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  204.571772][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  242.190913][   T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  242.202666][   T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  242.211246][   T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  242.219559][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  242.234253][   T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  242.995113][ T9977] chnl_net:caif_netlink_parms(): no params data found
[  243.343821][ T9977] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.352316][ T9977] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.360231][ T9977] bridge_slave_0: entered allmulticast mode
[  243.370955][ T9977] bridge_slave_0: entered promiscuous mode
[  243.381289][ T9977] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.389001][ T9977] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.396898][ T9977] bridge_slave_1: entered allmulticast mode
[  243.405764][ T9977] bridge_slave_1: entered promiscuous mode
[  243.488456][ T9977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.527086][ T9977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.700722][ T9977] team0: Port device team_slave_0 added
[  243.740058][ T9977] team0: Port device team_slave_1 added
[  243.779954][ T9977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.806119][ T9977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  243.865118][ T9977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.890859][ T9977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.915180][ T9977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  243.984656][ T9977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.159088][ T9977] hsr_slave_0: entered promiscuous mode
[  244.185254][ T9977] hsr_slave_1: entered promiscuous mode
[  244.194545][ T9977] debugfs: 'hsr0' already exists in 'hsr'
[  244.200355][ T9977] Cannot create hsr debugfs directory
[  244.269006][ T5838] Bluetooth: hci4: command tx timeout
[  244.781495][ T9977] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.963554][ T9977] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.123854][ T9977] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.261189][ T9977] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.394887][ T9977] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  245.433042][ T9977] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  245.482195][ T9977] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  245.518658][ T9977] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  245.867506][ T9977] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.942140][ T9977] 8021q: adding VLAN 0 to HW filter on device team0
[  245.972527][ T3487] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.979806][ T3487] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.033774][ T3487] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.041068][ T3487] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.338765][ T5838] Bluetooth: hci4: command tx timeout
[  246.776251][ T9977] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.921413][ T9977] veth0_vlan: entered promiscuous mode
[  246.964472][ T9977] veth1_vlan: entered promiscuous mode
[  247.043947][ T9977] veth0_macvtap: entered promiscuous mode
[  247.066161][ T9977] veth1_macvtap: entered promiscuous mode
[  247.130434][ T9977] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.164491][ T9977] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.239966][   T30] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.310411][   T30] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.355952][   T30] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.409822][   T30] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.545913][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.601470][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.699474][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.731067][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.411940][ T5838] Bluetooth: hci4: command tx timeout
[  248.428074][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  248.438539][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  248.446932][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  248.457902][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  248.465888][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  249.493860][T10288] chnl_net:caif_netlink_parms(): no params data found
[  250.220504][T10288] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.244449][T10288] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.261825][T10288] bridge_slave_0: entered allmulticast mode
[  250.276407][T10288] bridge_slave_0: entered promiscuous mode
[  250.317220][T10288] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.326095][T10288] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.352430][T10288] bridge_slave_1: entered allmulticast mode
[  250.360550][T10288] bridge_slave_1: entered promiscuous mode
[  250.473713][ T5838] Bluetooth: hci4: command tx timeout
[  250.479641][   T52] Bluetooth: hci0: command tx timeout
[  250.551015][T10288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  250.564368][T10288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  250.718621][T10288] team0: Port device team_slave_0 added
[  250.736138][T10288] team0: Port device team_slave_1 added
[  250.874881][T10288] batman_adv: batadv0: Adding interface: batadv_slave_0
[  250.908369][T10288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.957503][T10288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  250.987052][T10288] batman_adv: batadv0: Adding interface: batadv_slave_1
[  250.994970][T10288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  251.031783][T10288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  251.311462][T10288] hsr_slave_0: entered promiscuous mode
[  251.326152][T10288] hsr_slave_1: entered promiscuous mode
[  251.333178][T10288] debugfs: 'hsr0' already exists in 'hsr'
[  251.339179][T10288] Cannot create hsr debugfs directory
[  251.840575][T10417] =======================================================
[  251.840575][T10417] WARNING: The mand mount option has been deprecated and
[  251.840575][T10417]          and is ignored by this kernel. Remove the mand
[  251.840575][T10417]          option from the mount to silence this warning.
[  251.840575][T10417] =======================================================
[  252.000184][T10288] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.176834][T10288] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.374753][T10288] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.543903][   T52] Bluetooth: hci0: command tx timeout
[  252.987057][T10288] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  253.068998][T10288] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  253.125231][T10288] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  253.175267][T10288] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  253.445125][T10288] 8021q: adding VLAN 0 to HW filter on device bond0
[  253.474984][T10288] 8021q: adding VLAN 0 to HW filter on device team0
[  253.544963][ T4556] bridge0: port 1(bridge_slave_0) entered blocking state
[  253.552278][ T4556] bridge0: port 1(bridge_slave_0) entered forwarding state
[  253.574613][ T4556] bridge0: port 2(bridge_slave_1) entered blocking state
[  253.581944][ T4556] bridge0: port 2(bridge_slave_1) entered forwarding state
[  254.298611][T10288] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.469204][T10288] veth0_vlan: entered promiscuous mode
[  254.538453][T10288] veth1_vlan: entered promiscuous mode
[  254.610091][   T52] Bluetooth: hci0: command tx timeout
[  254.835797][T10288] veth0_macvtap: entered promiscuous mode
[  254.850052][T10288] veth1_macvtap: entered promiscuous mode
[  254.885932][T10288] batman_adv: batadv0: Interface activated: batadv_slave_0
[  254.904144][T10288] batman_adv: batadv0: Interface activated: batadv_slave_1
[  254.993282][   T30] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.021949][   T30] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.066322][   T30] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.398172][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.445323][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.541531][T10494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.573323][T10494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.181257][T10577] input: jJǸ-�¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input8
[  256.369290][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  256.379153][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  256.387932][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  256.398048][ T5838] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  256.406229][ T5838] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  256.681152][ T5838] Bluetooth: hci0: command tx timeout
[  257.073372][   T62] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.318860][   T62] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.450708][   T62] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.572846][   T62] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  257.859563][T10608] zswap: compressor û not available
[  258.170469][T10579] chnl_net:caif_netlink_parms(): no params data found
[  258.227596][   T62] bridge_slave_1: left allmulticast mode
[  258.240947][   T62] bridge_slave_1: left promiscuous mode
[  258.265483][   T62] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.372693][   T62] bridge_slave_0: left allmulticast mode
[  258.417760][   T62] bridge_slave_0: left promiscuous mode
[  258.430734][ T5838] Bluetooth: hci2: command tx timeout
[  258.453092][   T62] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.562156][   T62] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.597244][   T62] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.657166][   T62] bond0 (unregistering): Released all slaves
[  259.824124][   T62] HSR: left promiscuous mode
[  260.400348][T10579] bridge0: port 1(bridge_slave_0) entered blocking state
[  260.407654][T10579] bridge0: port 1(bridge_slave_0) entered disabled state
[  260.433478][T10579] bridge_slave_0: entered allmulticast mode
[  260.442166][T10579] bridge_slave_0: entered promiscuous mode
[  260.462264][T10579] bridge0: port 2(bridge_slave_1) entered blocking state
[  260.479455][T10579] bridge0: port 2(bridge_slave_1) entered disabled state
[  260.486828][T10579] bridge_slave_1: entered allmulticast mode
[  260.495572][T10579] bridge_slave_1: entered promiscuous mode
[  260.503812][ T5838] Bluetooth: hci2: command tx timeout
[  260.705503][T10579] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  260.813660][T10579] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  261.025353][   T62] hsr_slave_0: left promiscuous mode
[  261.086247][   T62] hsr_slave_1: left promiscuous mode
[  261.097113][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  261.122445][   T62] batman_adv: batadv0: Removing interface: batadv_slave_0
[  261.151796][   T62] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  261.177144][   T62] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.238993][   T62] veth1_macvtap: left promiscuous mode
[  261.247831][   T62] veth0_macvtap: left promiscuous mode
[  261.265698][   T62] veth1_vlan: left promiscuous mode
[  261.271475][   T62] veth0_vlan: left promiscuous mode
[  262.568696][ T5838] Bluetooth: hci2: command tx timeout
[  262.633942][   T62] team0 (unregistering): Port device team_slave_1 removed
[  262.692250][   T62] team0 (unregistering): Port device team_slave_0 removed
[  263.250179][T10579] team0: Port device team_slave_0 added
[  263.259650][T10579] team0: Port device team_slave_1 added
[  263.451932][T10579] batman_adv: batadv0: Adding interface: batadv_slave_0
[  263.462817][T10579] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.492902][T10579] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  263.532726][T10579] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.540418][T10579] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  263.570365][T10579] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  263.789540][T10579] hsr_slave_0: entered promiscuous mode
[  263.804516][T10579] hsr_slave_1: entered promiscuous mode
[  263.820134][T10579] debugfs: 'hsr0' already exists in 'hsr'
[  263.851538][T10579] Cannot create hsr debugfs directory
[  264.015697][T10823] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2882'.
[  264.641107][ T5838] Bluetooth: hci2: command tx timeout
[  265.280106][T10874] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2899'.
[  265.313751][T10874] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  265.373340][T10579] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  265.424102][T10579] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  265.571148][T10579] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  265.628830][T10579] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  265.677987][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  265.684663][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  266.316364][T10906] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2907'.
[  266.351885][T10579] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.438811][T10579] 8021q: adding VLAN 0 to HW filter on device team0
[  266.467309][ T3841] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.474583][ T3841] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.585271][ T3841] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.592612][ T3841] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.839989][T10579] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  267.464138][T10960] zram0: detected capacity change from 0 to 8
[  267.702719][T10579] 8021q: adding VLAN 0 to HW filter on device batadv0
[  268.132055][T10579] veth0_vlan: entered promiscuous mode
[  268.190900][T10579] veth1_vlan: entered promiscuous mode
[  268.406888][T10579] veth0_macvtap: entered promiscuous mode
[  268.428542][T10985] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(16.0.16384), cmd(3)
[  268.484220][T10579] veth1_macvtap: entered promiscuous mode
[  268.667862][T10579] batman_adv: batadv0: Interface activated: batadv_slave_0
[  268.771229][T10579] batman_adv: batadv0: Interface activated: batadv_slave_1
[  268.844912][  T148] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.947179][  T148] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.988305][  T148] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.038050][  T148] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.416723][   T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.463663][   T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  269.622808][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  269.630717][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  271.061294][T11048] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  271.172981][   T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  271.183243][   T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  271.200740][   T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  271.210336][   T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  271.223873][   T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  271.687706][T11058] program syz.0.2963 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  272.546130][ T3841] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.834013][ T3841] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.323133][ T5838] Bluetooth: hci3: command tx timeout
[  273.666562][ T3841] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.875311][T11049] chnl_net:caif_netlink_parms(): no params data found
[  274.090713][ T3841] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.237188][T11086] __vm_enough_memory: pid: 11086, comm: syz.1.2967, bytes: 4398046511104 not enough memory for the allocation
[  274.307812][T11069] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  274.708292][T11049] bridge0: port 1(bridge_slave_0) entered blocking state
[  274.743210][T11049] bridge0: port 1(bridge_slave_0) entered disabled state
[  274.762959][T11049] bridge_slave_0: entered allmulticast mode
[  274.791571][T11049] bridge_slave_0: entered promiscuous mode
[  275.008239][T11049] bridge0: port 2(bridge_slave_1) entered blocking state
[  275.043458][T11049] bridge0: port 2(bridge_slave_1) entered disabled state
[  275.050861][T11049] bridge_slave_1: entered allmulticast mode
[  275.233003][T11049] bridge_slave_1: entered promiscuous mode
[  275.381775][ T5838] Bluetooth: hci3: command tx timeout
[  275.638727][T11049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  275.666252][T11049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  275.960154][T11049] team0: Port device team_slave_0 added
[  275.986669][T11049] team0: Port device team_slave_1 added
[  276.064649][ T3841] bridge_slave_1: left allmulticast mode
[  276.079882][ T3841] bridge_slave_1: left promiscuous mode
[  276.085690][ T3841] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.156935][ T3841] bridge_slave_0: left allmulticast mode
[  276.177539][ T3841] bridge_slave_0: left promiscuous mode
[  276.197705][ T3841] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.213246][T11122] __vm_enough_memory: pid: 11122, comm: syz.3.2973, bytes: 4398046511104 not enough memory for the allocation
[  277.453024][ T5838] Bluetooth: hci3: command tx timeout
[  277.834353][ T3841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  277.865153][ T3841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  277.886593][ T3841] bond0 (unregistering): Released all slaves
[  278.014616][T11049] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.047755][T11049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  278.086783][T11049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.108349][ T3841] tipc: Left network mode
[  278.121293][T11049] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.129958][T11049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  278.179017][T11049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.206297][T11137] FAULT_INJECTION: forcing a failure.
[  278.206297][T11137] name failslab, interval 1, probability 0, space 0, times 0
[  278.219759][T11137] CPU: 1 UID: 0 PID: 11137 Comm: syz.0.2975 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  278.219810][T11137] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  278.219821][T11137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  278.219851][T11137] Call Trace:
[  278.219861][T11137]  <TASK>
[  278.219873][T11137]  dump_stack_lvl+0x16c/0x1f0
[  278.219925][T11137]  should_fail_ex+0x512/0x640
[  278.219957][T11137]  ? __kmalloc_noprof+0xca/0x910
[  278.219993][T11137]  should_failslab+0xc2/0x120
[  278.220040][T11137]  __kmalloc_noprof+0xeb/0x910
[  278.220070][T11137]  ? __pfx_sprintf+0x10/0x10
[  278.220109][T11137]  ? kernel_read_file_from_path_initns+0x189/0x260
[  278.220151][T11137]  ? ima_write_template_field_data+0x5d/0x1f0
[  278.220201][T11137]  ? ima_write_template_field_data+0x5d/0x1f0
[  278.220249][T11137]  ? do_syscall_64+0xcd/0xf80
[  278.220293][T11137]  ima_write_template_field_data+0x5d/0x1f0
[  278.220338][T11137]  ima_eventdigest_init_common+0x154/0x430
[  278.220383][T11137]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  278.220452][T11137]  ? trace_kmalloc+0x2b/0xb0
[  278.220496][T11137]  ? __kmalloc_noprof+0x35d/0x910
[  278.220526][T11137]  ? __pfx_prepend_path+0x10/0x10
[  278.220561][T11137]  ? ima_alloc_init_template+0x19d/0x720
[  278.220603][T11137]  ima_alloc_init_template+0x3a0/0x720
[  278.220646][T11137]  ima_store_measurement+0x1eb/0x5c0
[  278.220684][T11137]  ? __pfx_ima_store_measurement+0x10/0x10
[  278.220720][T11137]  ? vfs_getxattr_alloc+0xec/0x350
[  278.220782][T11137]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  278.220838][T11137]  process_measurement+0x17fa/0x22d0
[  278.220905][T11137]  ? __pfx_process_measurement+0x10/0x10
[  278.220963][T11137]  ? find_held_lock+0x2b/0x80
[  278.221050][T11137]  ? __pfx___fsnotify_parent+0x10/0x10
[  278.221106][T11137]  ima_file_check+0xc7/0x110
[  278.221156][T11137]  ? __pfx_ima_file_check+0x10/0x10
[  278.221210][T11137]  ? vfs_open+0x2e3/0x3f0
[  278.221252][T11137]  security_file_post_open+0x8e/0x210
[  278.221292][T11137]  path_openat+0xe5f/0x3140
[  278.221352][T11137]  ? __pfx_path_openat+0x10/0x10
[  278.221395][T11137]  ? getname_kernel+0x52/0x370
[  278.221430][T11137]  ? __asan_memcpy+0x3c/0x60
[  278.221473][T11137]  do_file_open_root+0x322/0x610
[  278.221525][T11137]  ? __pfx_do_file_open_root+0x10/0x10
[  278.221569][T11137]  ? __bfs+0x148/0x290
[  278.221641][T11137]  ? __lock_acquire+0x436/0x2890
[  278.221673][T11137]  ? vsnprintf+0x331/0x11e0
[  278.221719][T11137]  file_open_root+0x2a7/0x450
[  278.221767][T11137]  ? __pfx_file_open_root+0x10/0x10
[  278.221812][T11137]  ? find_held_lock+0x2b/0x80
[  278.221855][T11137]  ? kernel_read_file_from_path_initns+0x17a/0x260
[  278.221905][T11137]  kernel_read_file_from_path_initns+0x189/0x260
[  278.221952][T11137]  ? __pfx_kernel_read_file_from_path_initns+0x10/0x10
[  278.221993][T11137]  ? kmem_cache_alloc_noprof+0x2af/0x770
[  278.222030][T11137]  ? _request_firmware+0x4f6/0x14e0
[  278.222069][T11137]  _request_firmware+0x737/0x14e0
[  278.222114][T11137]  ? __pfx__request_firmware+0x10/0x10
[  278.222144][T11137]  ? __pfx_netdev_run_todo+0x10/0x10
[  278.222202][T11137]  request_firmware+0x35/0x50
[  278.222239][T11137]  reg_reload_regdb+0x85/0x460
[  278.222272][T11137]  ? __pfx_reg_reload_regdb+0x10/0x10
[  278.222306][T11137]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  278.222343][T11137]  ? nl80211_pre_doit+0x1b0/0xb10
[  278.222386][T11137]  genl_family_rcv_msg_doit+0x209/0x2f0
[  278.222442][T11137]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  278.222500][T11137]  ? genl_get_cmd+0x194/0x580
[  278.222556][T11137]  ? bpf_lsm_capable+0x9/0x10
[  278.222595][T11137]  ? security_capable+0x7e/0x260
[  278.222651][T11137]  genl_rcv_msg+0x55c/0x800
[  278.222684][T11137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  278.222713][T11137]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  278.222749][T11137]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[  278.222774][T11137]  ? __pfx_nl80211_post_doit+0x10/0x10
[  278.222828][T11137]  netlink_rcv_skb+0x158/0x420
[  278.222872][T11137]  ? __pfx_genl_rcv_msg+0x10/0x10
[  278.222902][T11137]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  278.222962][T11137]  ? netlink_deliver_tap+0x1ae/0xd30
[  278.223008][T11137]  genl_rcv+0x28/0x40
[  278.223053][T11137]  netlink_unicast+0x5aa/0x870
[  278.223102][T11137]  ? __pfx_netlink_unicast+0x10/0x10
[  278.223171][T11137]  netlink_sendmsg+0x8c8/0xdd0
[  278.223227][T11137]  ? __pfx_netlink_sendmsg+0x10/0x10
[  278.223286][T11137]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  278.223350][T11137]  ____sys_sendmsg+0xa5d/0xc30
[  278.223404][T11137]  ? copy_msghdr_from_user+0x10a/0x160
[  278.223445][T11137]  ? __pfx_____sys_sendmsg+0x10/0x10
[  278.223496][T11137]  ? preempt_schedule_thunk+0x16/0x30
[  278.223534][T11137]  ? try_to_wake_up+0xa67/0x1860
[  278.223588][T11137]  ___sys_sendmsg+0x134/0x1d0
[  278.223635][T11137]  ? __pfx____sys_sendmsg+0x10/0x10
[  278.223673][T11137]  ? futex_private_hash_put+0x160/0x1b0
[  278.223759][T11137]  __sys_sendmsg+0x16d/0x220
[  278.223802][T11137]  ? __pfx___sys_sendmsg+0x10/0x10
[  278.223843][T11137]  ? __x64_sys_futex+0x1e0/0x4c0
[  278.223909][T11137]  do_syscall_64+0xcd/0xf80
[  278.223961][T11137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.223993][T11137] RIP: 0033:0x7fb92d58f7c9
[  278.224030][T11137] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.224059][T11137] RSP: 002b:00007fb92e477038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  278.224093][T11137] RAX: ffffffffffffffda RBX: 00007fb92d7e5fa0 RCX: 00007fb92d58f7c9
[  278.224113][T11137] RDX: 00000000000000d0 RSI: 0000200000000580 RDI: 0000000000000007
[  278.224131][T11137] RBP: 00007fb92d613f91 R08: 0000000000000000 R09: 0000000000000000
[  278.224149][T11137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  278.224165][T11137] R13: 00007fb92d7e6038 R14: 00007fb92d7e5fa0 R15: 00007fff0d82f5e8
[  278.224211][T11137]  </TASK>
[  278.226524][   T31] audit: type=1804 audit(1767030224.247:11): pid=11137 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.2975" name="/lib/firmware/regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  278.919079][T11137] syz.0.2975 (11137) used greatest stack depth: 19688 bytes left
[  279.156791][T11049] hsr_slave_0: entered promiscuous mode
[  279.182365][T11049] hsr_slave_1: entered promiscuous mode
[  279.200545][T11049] debugfs: 'hsr0' already exists in 'hsr'
[  279.217007][T11049] Cannot create hsr debugfs directory
[  279.325502][ T3841] hsr_slave_0: left promiscuous mode
[  279.369907][ T3841] hsr_slave_1: left promiscuous mode
[  279.392682][ T3841] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  279.418991][ T3841] batman_adv: batadv0: Removing interface: batadv_slave_0
[  279.431782][ T3841] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  279.445713][ T3841] batman_adv: batadv0: Removing interface: batadv_slave_1
[  279.499779][ T3841] veth1_macvtap: left promiscuous mode
[  279.511084][ T3841] veth0_macvtap: left promiscuous mode
[  279.520074][ T5838] Bluetooth: hci3: command tx timeout
[  279.525073][ T3841] veth1_vlan: left promiscuous mode
[  279.540306][ T3841] veth0_vlan: left promiscuous mode
[  280.802133][ T3841] team0 (unregistering): Port device team_slave_1 removed
[  280.938296][ T3841] team0 (unregistering): Port device team_slave_0 removed
[  282.272986][T11173] FAULT_INJECTION: forcing a failure.
[  282.272986][T11173] name failslab, interval 1, probability 0, space 0, times 0
[  282.296113][T11173] CPU: 0 UID: 0 PID: 11173 Comm: syz.3.2979 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  282.296166][T11173] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  282.296177][T11173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  282.296194][T11173] Call Trace:
[  282.296205][T11173]  <TASK>
[  282.296216][T11173]  dump_stack_lvl+0x16c/0x1f0
[  282.296267][T11173]  should_fail_ex+0x512/0x640
[  282.296301][T11173]  ? __kmalloc_cache_noprof+0x5f/0x800
[  282.296341][T11173]  should_failslab+0xc2/0x120
[  282.296390][T11173]  __kmalloc_cache_noprof+0x80/0x800
[  282.296424][T11173]  ? find_held_lock+0x2b/0x80
[  282.296464][T11173]  ? uevent_net_init+0xd3/0x350
[  282.296503][T11173]  ? uevent_net_init+0xd3/0x350
[  282.296547][T11173]  uevent_net_init+0xd3/0x350
[  282.296579][T11173]  ? __pfx_uevent_net_init+0x10/0x10
[  282.296618][T11173]  ? rcu_is_watching+0x12/0xc0
[  282.296660][T11173]  ? __pfx_uevent_net_rcv+0x10/0x10
[  282.296695][T11173]  ? ops_init+0x77/0x5f0
[  282.296743][T11173]  ? __pfx_uevent_net_init+0x10/0x10
[  282.296774][T11173]  ops_init+0x1e2/0x5f0
[  282.296821][T11173]  setup_net+0x11d/0x3a0
[  282.296863][T11173]  ? __pfx_setup_net+0x10/0x10
[  282.296903][T11173]  ? lockdep_init_map_type+0x5c/0x270
[  282.296935][T11173]  ? mutex_init_lockep+0x110/0x150
[  282.296972][T11173]  copy_net_ns+0x351/0x7c0
[  282.297023][T11173]  create_new_namespaces+0x3ea/0xab0
[  282.297077][T11173]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  282.297125][T11173]  ksys_unshare+0x45b/0xa40
[  282.297176][T11173]  ? __pfx_ksys_unshare+0x10/0x10
[  282.297230][T11173]  ? xfd_validate_state+0x61/0x180
[  282.297272][T11173]  __x64_sys_unshare+0x31/0x40
[  282.297300][T11173]  do_syscall_64+0xcd/0xf80
[  282.297350][T11173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.297383][T11173] RIP: 0033:0x7fb1d118f7c9
[  282.297408][T11173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.297438][T11173] RSP: 002b:00007fb1d201c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  282.297467][T11173] RAX: ffffffffffffffda RBX: 00007fb1d13e5fa0 RCX: 00007fb1d118f7c9
[  282.297488][T11173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  282.297507][T11173] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  282.297533][T11173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  282.297551][T11173] R13: 00007fb1d13e6038 R14: 00007fb1d13e5fa0 R15: 00007ffed7689cb8
[  282.297603][T11173]  </TASK>
[  282.570686][T11179] FAULT_INJECTION: forcing a failure.
[  282.570686][T11179] name failslab, interval 1, probability 0, space 0, times 0
[  282.604143][T11179] CPU: 0 UID: 0 PID: 11179 Comm: syz.3.2979 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  282.604197][T11179] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  282.604208][T11179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  282.604226][T11179] Call Trace:
[  282.604236][T11179]  <TASK>
[  282.604248][T11179]  dump_stack_lvl+0x16c/0x1f0
[  282.604296][T11179]  should_fail_ex+0x512/0x640
[  282.604326][T11179]  ? __kmalloc_cache_noprof+0x5f/0x800
[  282.604360][T11179]  should_failslab+0xc2/0x120
[  282.604404][T11179]  __kmalloc_cache_noprof+0x80/0x800
[  282.604435][T11179]  ? alloc_pipe_info+0x10e/0x590
[  282.604482][T11179]  ? alloc_pipe_info+0x10e/0x590
[  282.604522][T11179]  alloc_pipe_info+0x10e/0x590
[  282.604578][T11179]  splice_direct_to_actor+0x77d/0xa30
[  282.604621][T11179]  ? __lock_acquire+0x436/0x2890
[  282.604644][T11179]  ? __pfx_direct_splice_actor+0x10/0x10
[  282.604684][T11179]  ? __pfx_aa_file_perm+0x10/0x10
[  282.604723][T11179]  ? futex_hash+0x2c5/0x380
[  282.604750][T11179]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  282.604802][T11179]  do_splice_direct+0x174/0x240
[  282.604843][T11179]  ? __pfx_do_splice_direct+0x10/0x10
[  282.604884][T11179]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  282.604928][T11179]  ? rw_verify_area+0xcf/0x6c0
[  282.604965][T11179]  do_sendfile+0xb06/0xe50
[  282.605007][T11179]  ? __pfx_do_sendfile+0x10/0x10
[  282.605049][T11179]  ? __x64_sys_futex+0x1e0/0x4c0
[  282.605078][T11179]  ? __x64_sys_futex+0x1e9/0x4c0
[  282.605112][T11179]  __x64_sys_sendfile64+0x1d8/0x220
[  282.605139][T11179]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  282.605163][T11179]  ? syscall_user_dispatch+0x78/0x140
[  282.605206][T11179]  do_syscall_64+0xcd/0xf80
[  282.605249][T11179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.605276][T11179] RIP: 0033:0x7fb1d118f7c9
[  282.605298][T11179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.605323][T11179] RSP: 002b:00007fb1d1ffb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  282.605348][T11179] RAX: ffffffffffffffda RBX: 00007fb1d13e6090 RCX: 00007fb1d118f7c9
[  282.605365][T11179] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  282.605380][T11179] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  282.605395][T11179] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000
[  282.605411][T11179] R13: 00007fb1d13e6128 R14: 00007fb1d13e6090 R15: 00007ffed7689cb8
[  282.605445][T11179]  </TASK>
[  283.273900][T11179] zswap: compressor  not available
[  284.672750][T11049] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  284.727309][T11049] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  284.744582][T11049] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  284.891165][T11049] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  286.271070][T11256] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  286.637167][T11049] 8021q: adding VLAN 0 to HW filter on device bond0
[  286.963675][T11049] 8021q: adding VLAN 0 to HW filter on device team0
[  287.016226][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.023492][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.110389][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.117685][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  288.222800][T11248] __vm_enough_memory: pid: 11248, comm: syz.3.2986, bytes: 8589938688 not enough memory for the allocation
[  288.335563][T11049] 8021q: adding VLAN 0 to HW filter on device batadv0
[  288.492366][T11049] veth0_vlan: entered promiscuous mode
[  288.544420][T11049] veth1_vlan: entered promiscuous mode
[  288.642858][T11049] veth0_macvtap: entered promiscuous mode
[  288.669910][T11049] veth1_macvtap: entered promiscuous mode
[  288.746328][T11049] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.870609][T11049] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.100747][T10690] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.148678][T10690] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.190830][T10690] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.211144][T10690] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.449758][ T3487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.488300][ T3487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.616640][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.684752][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.647951][T11360] input: jJǸ-�¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input11
[  292.009027][T11372] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3002'.
[  292.931792][   T31] audit: type=1806 audit(1767030239.013:12): xattr="P" res=-22
[  294.441437][T11404] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  294.496818][T11404] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  294.622686][T11404] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  294.802737][T11404] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  294.860520][T11404] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  295.026313][T11404] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  295.223018][T11404] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  295.269498][T11404] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  295.397580][T11404] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  295.529586][T11404] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  295.567771][T11404] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  295.755900][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  295.839790][T11428] Invalid ELF header magic: != ELF
[  295.862473][T11404] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  295.911328][T11428] Invalid ELF header magic: != ELF
[  295.979079][T11428] Invalid ELF header magic: != ELF
[  296.042644][T11428] Invalid ELF header magic: != ELF
[  296.081352][T11428] Invalid ELF header magic: != ELF
[  296.165098][T11428] Invalid ELF header magic: != ELF
[  296.213882][T11428] Invalid ELF header magic: != ELF
[  296.314253][T11428] Invalid ELF header magic: != ELF
[  296.354752][T11428] Invalid ELF header magic: != ELF
[  296.437491][T11428] Invalid ELF header magic: != ELF
[  296.879856][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  297.019178][   T31] audit: type=1800 audit(1767030243.084:13): pid=11450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3015" name="members" dev="configfs" ino=37826 res=0 errno=0
[  297.215590][T11458] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  297.267709][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout
[  297.586415][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  297.718333][T11470] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3017'.
[  297.816242][T11466] zswap: compressor  not available
[  297.841765][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  297.872647][T11471] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead.
[  298.012303][T11467] zswap: compressor  not available
[  298.949237][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  299.337186][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout
[  299.677115][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  299.895965][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  301.009303][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout
[  301.406585][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout
[  301.730444][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  303.152423][T11516] capability: warning: `syz.3.3028' uses 32-bit capabilities (legacy support in use)
[  303.679277][T11525] Unable to find swap-space signature
[  304.089078][T11531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  304.359861][T11522] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  304.383732][T11522] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  304.430611][T11522] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  304.505803][T11522] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  306.114397][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  306.420304][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout
[  306.436546][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  306.499965][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout
[  307.740076][T10494] bridge_slave_1: left allmulticast mode
[  307.747329][T10494] bridge_slave_1: left promiscuous mode
[  307.753484][T10494] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.794116][T10494] bridge_slave_0: left allmulticast mode
[  307.800015][T10494] bridge_slave_0: left promiscuous mode
[  307.813297][T10494] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.391109][T10494] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  308.436290][T10494] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  308.446610][T10494] bond0 (unregistering): Released all slaves
[  310.951237][T10494] hsr_slave_0: left promiscuous mode
[  311.019914][T10494] hsr_slave_1: left promiscuous mode
[  311.034893][T10494] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  311.074254][T10494] batman_adv: batadv0: Removing interface: batadv_slave_0
[  311.093723][T11589] random: crng reseeded on system resumption
[  311.101784][T11587] can: request_module (can-proto-3) failed.
[  311.110590][T10494] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  311.128626][T10494] batman_adv: batadv0: Removing interface: batadv_slave_1
[  311.200651][T10494] veth1_macvtap: left promiscuous mode
[  311.210522][T10494] veth0_macvtap: left promiscuous mode
[  311.229244][T10494] veth1_vlan: left promiscuous mode
[  311.254998][T10494] veth0_vlan: left promiscuous mode
[  311.570968][T11587] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[  313.288590][T10494] team0 (unregistering): Port device team_slave_1 removed
[  313.351127][T10494] team0 (unregistering): Port device team_slave_0 removed
[  315.117647][ T5838] Bluetooth: hci3: ACL packet for unknown connection handle 0
[  315.433386][T11633] page: refcount:8 mapcount:0 mapping:0000000000000000 index:0xffff888078006600 pfn:0x78000
[  315.505757][T11633] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  315.514679][T11633] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  315.552723][T11633] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  315.561555][T11633] raw: ffff888078006600 0000000000000000 00000008ffffffff 0000000000000000
[  315.630126][T11633] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  315.762781][T11639] queue_state_write: unsupported operation '1'
[  315.769474][T11633] head: ffff888078006600 0000000000000000 00000008ffffffff 0000000000000000
[  315.793165][T11633] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  315.811442][T11639] queue_state_write: use 'run', 'start' or 'kick'
[  315.824342][T11633] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  315.851772][T11633] page dumped because: unmovable page
[  315.908982][T11633] page_owner tracks the page as allocated
[  315.916955][T11633] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5795, tgid 5795 (sshd-session), ts 85706907772, free_ts 84823333826
[  315.980243][T11633]  post_alloc_hook+0x1af/0x220
[  316.052979][T11633]  get_page_from_freelist+0xd0b/0x31a0
[  316.068638][T11633]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  316.159628][T11633]  alloc_pages_mpol+0x1fb/0x550
[  316.164636][T11633]  alloc_pages_noprof+0x131/0x390
[  316.184717][T11633]  skb_page_frag_refill+0x186/0x5c0
[  316.223765][T11633]  try_fill_recv+0x7e4/0x2930
[  316.249296][T11633]  virtnet_poll+0x18d5/0x3e00
[  316.254186][T11633]  __napi_poll.constprop.0+0xb3/0x540
[  316.383907][T11633]  net_rx_action+0x9f9/0xfa0
[  316.434099][T11633]  handle_softirqs+0x219/0x950
[  316.452688][T11633]  __irq_exit_rcu+0x109/0x170
[  316.481194][T11633]  irq_exit_rcu+0x9/0x30
[  316.489719][T11633]  common_interrupt+0xbf/0xe0
[  316.552228][T11633]  asm_common_interrupt+0x26/0x40
[  316.571229][T11633] page last free pid 5776 tgid 5776 stack trace:
[  316.591461][T11633]  __free_frozen_pages+0x7df/0x1170
[  316.596768][T11633]  __put_partials+0x130/0x170
[  316.653972][T11633]  qlist_free_all+0x4c/0xf0
[  316.684567][T11633]  kasan_quarantine_reduce+0x195/0x1e0
[  316.755586][T11633]  __kasan_slab_alloc+0x69/0x90
[  316.771168][T11633]  kmem_cache_alloc_noprof+0x25e/0x770
[  316.786018][T11633]  getname_flags.part.0+0x4c/0x550
[  316.826083][T11633]  getname_flags+0x93/0xf0
[  316.859278][T11633]  vfs_fstatat+0xe1/0xf0
[  316.863627][T11633]  __do_sys_newfstatat+0x97/0x120
[  316.899554][T11633]  do_syscall_64+0xcd/0xf80
[  316.904222][T11633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.564457][T11660] FAULT_INJECTION: forcing a failure.
[  317.564457][T11660] name failslab, interval 1, probability 0, space 0, times 0
[  317.680947][T11660] CPU: 1 UID: 0 PID: 11660 Comm: syz.0.3059 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  317.681003][T11660] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  317.681016][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  317.681035][T11660] Call Trace:
[  317.681046][T11660]  <TASK>
[  317.681068][T11660]  dump_stack_lvl+0x16c/0x1f0
[  317.681123][T11660]  should_fail_ex+0x512/0x640
[  317.681159][T11660]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  317.681205][T11660]  should_failslab+0xc2/0x120
[  317.681255][T11660]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  317.681295][T11660]  ? __pfx___might_resched+0x10/0x10
[  317.681341][T11660]  ? sock_alloc_inode+0x25/0x1c0
[  317.681395][T11660]  ? __pfx_sock_alloc_inode+0x10/0x10
[  317.681439][T11660]  ? sock_alloc_inode+0x25/0x1c0
[  317.681480][T11660]  sock_alloc_inode+0x25/0x1c0
[  317.681520][T11660]  alloc_inode+0x64/0x240
[  317.681549][T11660]  sock_alloc+0x40/0x280
[  317.681586][T11660]  __sock_create+0xc2/0x8a0
[  317.681635][T11660]  __sys_socket+0x14d/0x260
[  317.681659][T11660]  ? __fget_files+0x20e/0x3c0
[  317.681696][T11660]  ? __pfx___sys_socket+0x10/0x10
[  317.681723][T11660]  ? xfd_validate_state+0x61/0x180
[  317.681758][T11660]  __x64_sys_socket+0x72/0xb0
[  317.681783][T11660]  ? lockdep_hardirqs_on+0x7c/0x110
[  317.681823][T11660]  do_syscall_64+0xcd/0xf80
[  317.681869][T11660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.681899][T11660] RIP: 0033:0x7fb92d58f7c9
[  317.681923][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.681953][T11660] RSP: 002b:00007fb92e3f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  317.681982][T11660] RAX: ffffffffffffffda RBX: 00007fb92d7e6360 RCX: 00007fb92d58f7c9
[  317.682002][T11660] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000023
[  317.682019][T11660] RBP: 00007fb92d613f91 R08: 0000000000000000 R09: 0000000000000000
[  317.682036][T11660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  317.682052][T11660] R13: 00007fb92d7e63f8 R14: 00007fb92d7e6360 R15: 00007fff0d82f5e8
[  317.682106][T11660]  </TASK>
[  318.159554][T11660] socket: no more sockets
[  318.348628][T11665] warning: `syz.2.3060' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  318.955252][T11675] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  321.729621][T11706] sctp: [Deprecated]: syz.1.3070 (pid 11706) Use of struct sctp_assoc_value in delayed_ack socket option.
[  321.729621][T11706] Use struct sctp_sack_info instead
[  322.069286][T11720] usb usb36: usbfs: process 11720 (syz.3.3074) did not claim interface 0 before use
[  324.731156][ T5838] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  325.044954][T11753] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  325.044954][T11753] The task syz.3.3080 (11753) triggered the difference, watch for misbehavior.
[  325.878924][T11770] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [2147479552].
[  325.953231][T11774] KVM: debugfs: duplicate directory 11774-3
[  326.801611][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  326.809830][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  327.357480][T11789] zram0: detected capacity change from 8 to 0
[  329.768919][T11823] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3094'.
[  330.127919][T11830] netlink: 338 bytes leftover after parsing attributes in process `syz.1.3095'.
[  331.815930][T11856] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3099'.
[  335.766185][   T31] audit: type=1800 audit(1767048626.078:14): pid=11907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3109" name=310A dev="tmpfs" ino=320 res=0 errno=0
[  336.397412][T11934] FAULT_INJECTION: forcing a failure.
[  336.397412][T11934] name failslab, interval 1, probability 0, space 0, times 0
[  336.437026][T11934] CPU: 1 UID: 0 PID: 11934 Comm: syz.1.3114 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  336.437080][T11934] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  336.437093][T11934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  336.437112][T11934] Call Trace:
[  336.437123][T11934]  <TASK>
[  336.437135][T11934]  dump_stack_lvl+0x16c/0x1f0
[  336.437199][T11934]  should_fail_ex+0x512/0x640
[  336.437234][T11934]  ? __kmalloc_node_track_caller_noprof+0xcb/0x930
[  336.437288][T11934]  should_failslab+0xc2/0x120
[  336.437338][T11934]  __kmalloc_node_track_caller_noprof+0xec/0x930
[  336.437387][T11934]  ? kstrdup_const+0x63/0x80
[  336.437422][T11934]  ? check_irq_usage+0xe8/0xbc0
[  336.437477][T11934]  ? kstrdup+0x53/0x100
[  336.437507][T11934]  kstrdup+0x53/0x100
[  336.437545][T11934]  kstrdup_const+0x63/0x80
[  336.437582][T11934]  __kernfs_new_node+0x9b/0x9b0
[  336.437624][T11934]  ? __pfx___kernfs_new_node+0x10/0x10
[  336.437671][T11934]  ? find_held_lock+0x2b/0x80
[  336.437712][T11934]  ? kernfs_root+0xee/0x2a0
[  336.437756][T11934]  kernfs_new_node+0x13c/0x1e0
[  336.437797][T11934]  ? net_ns_get_ownership+0xf8/0x1b0
[  336.437841][T11934]  kernfs_create_dir_ns+0x4c/0x1a0
[  336.437888][T11934]  sysfs_create_dir_ns+0x13a/0x2b0
[  336.437923][T11934]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  336.437956][T11934]  ? find_held_lock+0x2b/0x80
[  336.437999][T11934]  ? net_namespace+0x12/0x50
[  336.438044][T11934]  ? device_namespace+0x76/0xa0
[  336.438087][T11934]  kobject_add_internal+0x2c4/0x9d0
[  336.438125][T11934]  kobject_add+0x16e/0x240
[  336.438164][T11934]  ? __pfx_kobject_add+0x10/0x10
[  336.438198][T11934]  ? get_device_parent+0x1c5/0x4e0
[  336.438237][T11934]  ? kobject_put+0xaf/0x6f0
[  336.438300][T11934]  device_add+0x288/0x1980
[  336.438339][T11934]  ? __pfx_dev_set_name+0x10/0x10
[  336.438386][T11934]  ? __pfx_device_add+0x10/0x10
[  336.438430][T11934]  ? lockdep_init_map_type+0x5c/0x270
[  336.438464][T11934]  ? __init_waitqueue_head+0xca/0x150
[  336.438512][T11934]  netdev_register_kobject+0x1a9/0x3d0
[  336.438571][T11934]  register_netdevice+0x13ac/0x21d0
[  336.438624][T11934]  ? rcu_is_watching+0x12/0xc0
[  336.438669][T11934]  ? __pfx_register_netdevice+0x10/0x10
[  336.438729][T11934]  slip_open+0xb86/0x1150
[  336.438787][T11934]  ? __pfx_slip_open+0x10/0x10
[  336.438837][T11934]  ? down_write+0x14d/0x200
[  336.438871][T11934]  ? __pfx_slip_open+0x10/0x10
[  336.438921][T11934]  tty_ldisc_open+0x9f/0x120
[  336.438963][T11934]  tty_set_ldisc+0x32b/0x780
[  336.439010][T11934]  tty_ioctl+0xc2d/0x1650
[  336.439059][T11934]  ? __pfx_tty_ioctl+0x10/0x10
[  336.439118][T11934]  ? find_held_lock+0x2b/0x80
[  336.439170][T11934]  ? hook_file_ioctl_common+0x144/0x410
[  336.439221][T11934]  ? __fget_files+0x20e/0x3c0
[  336.439274][T11934]  ? __pfx_tty_ioctl+0x10/0x10
[  336.439322][T11934]  __x64_sys_ioctl+0x18e/0x210
[  336.439365][T11934]  do_syscall_64+0xcd/0xf80
[  336.439415][T11934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.439448][T11934] RIP: 0033:0x7f71fe58f7c9
[  336.439474][T11934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.439508][T11934] RSP: 002b:00007f71ff3ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.439540][T11934] RAX: ffffffffffffffda RBX: 00007f71fe7e5fa0 RCX: 00007f71fe58f7c9
[  336.439561][T11934] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008
[  336.439580][T11934] RBP: 00007f71fe613f91 R08: 0000000000000000 R09: 0000000000000000
[  336.439600][T11934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  336.439619][T11934] R13: 00007f71fe7e6038 R14: 00007f71fe7e5fa0 R15: 00007ffca0a28d18
[  336.439663][T11934]  </TASK>
[  336.897684][T11934] kobject: kobject_add_internal failed for sl0 (error: -12 parent: net)
[  337.611608][   T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  337.621750][   T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  337.630042][   T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  337.640890][   T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  337.648826][   T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  338.507037][T10690] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.836290][T10690] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.086709][T10690] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.317208][T11956] chnl_net:caif_netlink_parms(): no params data found
[  339.697438][ T5838] Bluetooth: hci5: command tx timeout
[  339.977011][T11956] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.024873][T11956] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.077048][T11956] bridge_slave_0: entered allmulticast mode
[  340.144864][T11956] bridge_slave_0: entered promiscuous mode
[  340.279034][T11956] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.293591][T11956] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.301423][T12008] syz.1.3127 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  340.306073][T11956] bridge_slave_1: entered allmulticast mode
[  340.321108][T11956] bridge_slave_1: entered promiscuous mode
[  340.418162][T11956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  340.453407][T10690] bridge_slave_1: left allmulticast mode
[  340.459135][T10690] bridge_slave_1: left promiscuous mode
[  340.514326][T10690] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.602085][T10690] bridge_slave_0: left allmulticast mode
[  340.607965][T10690] bridge_slave_0: left promiscuous mode
[  340.614409][T10690] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.401536][T12019] slcan: can't register candev
[  341.756654][ T5838] Bluetooth: hci5: command tx timeout
[  342.415768][T10690] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  342.540488][T10690] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  342.570030][T10690] bond0 (unregistering): Released all slaves
[  342.611677][T11956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  343.038960][T11956] team0: Port device team_slave_0 added
[  343.080299][T11956] team0: Port device team_slave_1 added
[  343.123885][T11956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  343.138089][T11956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.226943][T11956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  343.448065][T11956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  343.455094][T11956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  343.529602][T11956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.826688][ T5838] Bluetooth: hci5: command tx timeout
[  343.898622][T11956] hsr_slave_0: entered promiscuous mode
[  343.914989][T11956] hsr_slave_1: entered promiscuous mode
[  343.950327][T11956] debugfs: 'hsr0' already exists in 'hsr'
[  343.989692][T11956] Cannot create hsr debugfs directory
[  344.423482][T10690] hsr_slave_0: left promiscuous mode
[  344.429880][T10690] hsr_slave_1: left promiscuous mode
[  344.437566][T10690] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  344.457781][T10690] batman_adv: batadv0: Removing interface: batadv_slave_0
[  344.470101][T10690] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  344.492756][T10690] batman_adv: batadv0: Removing interface: batadv_slave_1
[  344.560820][T10690] veth1_macvtap: left promiscuous mode
[  344.581824][T10690] veth0_macvtap: left promiscuous mode
[  344.589029][T10690] veth1_vlan: left promiscuous mode
[  344.640478][T10690] veth0_vlan: left promiscuous mode
[  345.403033][T10690] team0 (unregistering): Port device team_slave_1 removed
[  345.450939][T10690] team0 (unregistering): Port device team_slave_0 removed
[  345.895342][ T5838] Bluetooth: hci5: command tx timeout
[  346.413451][T12092] netlink: 'syz.3.3139': attribute type 19 has an invalid length.
[  346.421346][T12092] netlink: 226 bytes leftover after parsing attributes in process `syz.3.3139'.
[  346.678134][T11956] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  346.702107][T12099] serio: Serial port pty6
[  346.734745][T11956] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  346.758095][T11956] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  346.809175][T11956] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  347.108920][T11956] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.204744][T11956] 8021q: adding VLAN 0 to HW filter on device team0
[  347.302288][ T3964] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.309590][ T3964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  347.402273][ T3964] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.409580][ T3964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.738926][T11956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.167608][T11956] veth0_vlan: entered promiscuous mode
[  350.253578][T11956] veth1_vlan: entered promiscuous mode
[  350.263667][T12187] Invalid ELF header magic: != ELF
[  350.440530][T11956] veth0_macvtap: entered promiscuous mode
[  350.458583][T11956] veth1_macvtap: entered promiscuous mode
[  350.679498][T11956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  350.728368][T11956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  350.818537][ T1055] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  350.891230][ T1055] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  350.942727][ T1055] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.002400][ T1055] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.107919][ T1055] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.115830][ T1055] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.290212][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.315755][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.827748][   T31] audit: type=1800 audit(1767066986.236:15): pid=12220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3154" name="lu_gp_id" dev="configfs" ino=43143 res=0 errno=0
[  352.615679][   T31] audit: type=1804 audit(1767066987.030:16): pid=12242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.3158" name="/newroot/sys/kernel/debug/tracing/buffer_subbuf_size_kb" dev="tracefs" ino=1079 res=1 errno=0
[  352.841209][T12234] zswap: compressor  not available
[  353.326533][T12234] zswap: compressor  not available
[  353.396821][T12250] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  353.407805][T12250] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  354.345065][T12265] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3162'.
[  355.080456][T12273] ima: policy update failed
[  355.097162][   T31] audit: type=1802 audit(1767066989.503:17): pid=12273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.3164" res=0 errno=0
[  355.343029][T12286] cougar: G6 mapped to space
[  355.482728][T12286] cougar: G6 mapped to space
[  355.851687][T12289] [U] 
[  355.910634][T12306] blktrace: Concurrent blktraces are not allowed on nbd8
[  357.253859][   T31] audit: type=1806 audit(1767066991.684:18): xattr="." res=0
[  357.659285][T12350] syz.2.3176 (12350): drop_caches: 0
[  359.445835][T12385] misc userio: Invalid payload size
[  359.519694][T12385] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input14
[  360.647820][T12403] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3187'.
[  361.056243][T12411] FAULT_INJECTION: forcing a failure.
[  361.056243][T12411] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  361.180841][T12411] CPU: 1 UID: 0 PID: 12411 Comm: syz.3.3189 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  361.180894][T12411] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  361.180907][T12411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  361.180926][T12411] Call Trace:
[  361.180976][T12411]  <TASK>
[  361.180989][T12411]  dump_stack_lvl+0x16c/0x1f0
[  361.181041][T12411]  should_fail_ex+0x512/0x640
[  361.181082][T12411]  should_fail_alloc_page+0xe7/0x130
[  361.181133][T12411]  prepare_alloc_pages+0x401/0x670
[  361.181181][T12411]  ? rcu_is_watching+0x12/0xc0
[  361.181229][T12411]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  361.181266][T12411]  ? __lock_acquire+0x436/0x2890
[  361.181295][T12411]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  361.181347][T12411]  ? is_bpf_text_address+0x94/0x1a0
[  361.181387][T12411]  ? kernel_text_address+0x8d/0x100
[  361.181421][T12411]  ? __kernel_text_address+0xd/0x40
[  361.181459][T12411]  ? do_raw_spin_lock+0x12c/0x2b0
[  361.181495][T12411]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  361.181539][T12411]  ? rcu_is_watching+0x12/0xc0
[  361.181585][T12411]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  361.181628][T12411]  ? stack_depot_save_flags+0x3de/0x9b0
[  361.181671][T12411]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  361.181716][T12411]  ? policy_nodemask+0xea/0x4e0
[  361.181760][T12411]  alloc_pages_mpol+0x1fb/0x550
[  361.181807][T12411]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  361.181863][T12411]  alloc_pages_noprof+0x131/0x390
[  361.181911][T12411]  kimage_alloc_pages+0x74/0x350
[  361.181969][T12411]  kimage_alloc_control_pages+0x153/0xa00
[  361.182029][T12411]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  361.182091][T12411]  do_kexec_load+0x439/0x860
[  361.182123][T12411]  ? __pfx_do_kexec_load+0x10/0x10
[  361.182156][T12411]  ? _copy_from_user+0x59/0xd0
[  361.182193][T12411]  __x64_sys_kexec_load+0x1bf/0x230
[  361.182226][T12411]  do_syscall_64+0xcd/0xf80
[  361.182277][T12411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.182309][T12411] RIP: 0033:0x7fb1d118f7c9
[  361.182334][T12411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  361.182365][T12411] RSP: 002b:00007fb1d1ffb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  361.182395][T12411] RAX: ffffffffffffffda RBX: 00007fb1d13e6090 RCX: 00007fb1d118f7c9
[  361.182414][T12411] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000007
[  361.182433][T12411] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  361.182451][T12411] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  361.182470][T12411] R13: 00007fb1d13e6128 R14: 00007fb1d13e6090 R15: 00007ffed7689cb8
[  361.182513][T12411]  </TASK>
[  361.182547][T12411] kexec: Could not allocate control_code_buffer
[  362.301157][T12426] zswap: compressor  not available
[  362.915027][T12426] FAULT_INJECTION: forcing a failure.
[  362.915027][T12426] name failslab, interval 1, probability 0, space 0, times 0
[  362.964251][T12426] CPU: 0 UID: 0 PID: 12426 Comm: syz.2.3191 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  362.964310][T12426] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  362.964323][T12426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  362.964342][T12426] Call Trace:
[  362.964353][T12426]  <TASK>
[  362.964365][T12426]  dump_stack_lvl+0x16c/0x1f0
[  362.964420][T12426]  should_fail_ex+0x512/0x640
[  362.964456][T12426]  ? fs_reclaim_acquire+0xae/0x150
[  362.964544][T12426]  should_failslab+0xc2/0x120
[  362.964595][T12426]  kmem_cache_alloc_noprof+0x83/0x770
[  362.964633][T12426]  ? __pfx_map_id_range_down+0x10/0x10
[  362.964679][T12426]  ? security_inode_alloc+0x3b/0x2b0
[  362.964722][T12426]  ? security_inode_alloc+0x3b/0x2b0
[  362.964755][T12426]  security_inode_alloc+0x3b/0x2b0
[  362.964791][T12426]  inode_init_always_gfp+0xced/0x1040
[  362.964848][T12426]  alloc_inode+0x86/0x240
[  362.964884][T12426]  sock_alloc+0x40/0x280
[  362.964930][T12426]  sock_create_lite+0x82/0x120
[  362.964974][T12426]  __netlink_kernel_create+0xbd/0x750
[  362.965015][T12426]  ? __pfx___netlink_kernel_create+0x10/0x10
[  362.965052][T12426]  ? find_held_lock+0x2b/0x80
[  362.965088][T12426]  ? audit_net_init+0x190/0x440
[  362.965124][T12426]  audit_net_init+0x1ae/0x440
[  362.965154][T12426]  ? __pfx_audit_net_init+0x10/0x10
[  362.965186][T12426]  ? rcu_is_watching+0x12/0xc0
[  362.965222][T12426]  ? __pfx_audit_receive+0x10/0x10
[  362.965258][T12426]  ? __pfx_audit_multicast_bind+0x10/0x10
[  362.965294][T12426]  ? __pfx_audit_multicast_unbind+0x10/0x10
[  362.965331][T12426]  ? __pfx_genl_unbind+0x10/0x10
[  362.965371][T12426]  ? ops_init+0x77/0x5f0
[  362.965409][T12426]  ? __pfx_audit_net_init+0x10/0x10
[  362.965439][T12426]  ops_init+0x1e2/0x5f0
[  362.965478][T12426]  setup_net+0x11d/0x3a0
[  362.965515][T12426]  ? __pfx_setup_net+0x10/0x10
[  362.965555][T12426]  ? lockdep_init_map_type+0x5c/0x270
[  362.965583][T12426]  ? mutex_init_lockep+0x110/0x150
[  362.965615][T12426]  copy_net_ns+0x351/0x7c0
[  362.965659][T12426]  create_new_namespaces+0x3ea/0xab0
[  362.965706][T12426]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  362.965746][T12426]  ksys_unshare+0x45b/0xa40
[  362.965792][T12426]  ? __pfx_ksys_unshare+0x10/0x10
[  362.965838][T12426]  ? do_user_addr_fault+0x843/0x1370
[  362.965878][T12426]  __x64_sys_unshare+0x31/0x40
[  362.965901][T12426]  do_syscall_64+0xcd/0xf80
[  362.965950][T12426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.965979][T12426] RIP: 0033:0x7f1fee78f7c9
[  362.966004][T12426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  362.966033][T12426] RSP: 002b:00007f1fef629038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  362.966060][T12426] RAX: ffffffffffffffda RBX: 00007f1fee9e5fa0 RCX: 00007f1fee78f7c9
[  362.966078][T12426] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  362.966095][T12426] RBP: 00007f1fee813f91 R08: 0000000000000000 R09: 0000000000000000
[  362.966111][T12426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  362.966127][T12426] R13: 00007f1fee9e6038 R14: 00007f1fee9e5fa0 R15: 00007ffd599376d8
[  362.966163][T12426]  </TASK>
[  363.683859][T12426] audit: cannot initialize netlink socket in namespace
[  364.692100][T12464] [U] 
[  364.695205][T12464] [U] 
[  364.697976][T12464] [U] 
[  364.700748][T12464] [U] 
[  364.725554][T12464] [U] 
[  364.728357][T12464] [U] 
[  364.731109][T12464] [U] 
[  364.733860][T12464] [U] 
[  366.438351][T12499] FAULT_INJECTION: forcing a failure.
[  366.438351][T12499] name failslab, interval 1, probability 0, space 0, times 0
[  366.657034][T12499] CPU: 1 UID: 0 PID: 12499 Comm: syz.3.3199 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  366.657097][T12499] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  366.657111][T12499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  366.657130][T12499] Call Trace:
[  366.657141][T12499]  <TASK>
[  366.657154][T12499]  dump_stack_lvl+0x16c/0x1f0
[  366.657221][T12499]  should_fail_ex+0x512/0x640
[  366.657257][T12499]  ? __kmalloc_noprof+0xca/0x910
[  366.657297][T12499]  should_failslab+0xc2/0x120
[  366.657348][T12499]  __kmalloc_noprof+0xeb/0x910
[  366.657385][T12499]  ? usb_hcd_submit_urb+0x5cf/0x1cf0
[  366.657437][T12499]  ? usb_hcd_submit_urb+0x5cf/0x1cf0
[  366.657482][T12499]  usb_hcd_submit_urb+0x5cf/0x1cf0
[  366.657536][T12499]  usb_submit_urb+0x899/0x1970
[  366.657592][T12499]  ? __init_swait_queue_head+0xca/0x150
[  366.657638][T12499]  usb_start_wait_urb+0x104/0x4e0
[  366.657692][T12499]  ? __pfx_usb_start_wait_urb+0x10/0x10
[  366.657758][T12499]  ? __asan_memset+0x23/0x50
[  366.657804][T12499]  usb_control_msg+0x326/0x4a0
[  366.657856][T12499]  ? __pfx_usb_control_msg+0x10/0x10
[  366.657906][T12499]  ? schedule_timeout+0x160/0x290
[  366.657961][T12499]  hub_ext_port_status+0x14e/0x670
[  366.658024][T12499]  hub_activate+0x6e5/0x1d90
[  366.658066][T12499]  ? __pfx_hub_activate+0x10/0x10
[  366.658093][T12499]  ? find_held_lock+0x2b/0x80
[  366.658138][T12499]  ? usbdev_ioctl+0x1a80/0x4070
[  366.658205][T12499]  hub_resume+0xa8/0x400
[  366.658236][T12499]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  366.658290][T12499]  ? __pfx_hub_resume+0x10/0x10
[  366.658320][T12499]  ? __pfx_hcd_bus_resume+0x10/0x10
[  366.658375][T12499]  usb_resume_interface.constprop.0.isra.0+0x2c5/0x400
[  366.658424][T12499]  usb_resume_both+0x237/0x9b0
[  366.658468][T12499]  ? __pfx_usb_resume_both+0x10/0x10
[  366.658509][T12499]  ? __pfx_usb_runtime_resume+0x10/0x10
[  366.658556][T12499]  ? __pfx_usb_runtime_resume+0x10/0x10
[  366.658602][T12499]  __rpm_callback+0xc8/0x610
[  366.658642][T12499]  ? __pfx_usb_runtime_resume+0x10/0x10
[  366.658688][T12499]  rpm_callback+0x1b7/0x200
[  366.658723][T12499]  ? __pfx_usb_runtime_resume+0x10/0x10
[  366.658768][T12499]  rpm_resume+0xceb/0x12f0
[  366.658815][T12499]  ? __pfx_rpm_resume+0x10/0x10
[  366.658849][T12499]  ? do_raw_spin_lock+0x12c/0x2b0
[  366.658888][T12499]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  366.658940][T12499]  __pm_runtime_resume+0xb6/0x170
[  366.658982][T12499]  usb_autoresume_device+0x23/0xe0
[  366.659031][T12499]  usbdev_open+0x228/0x8b0
[  366.659077][T12499]  ? kobject_get_unless_zero+0x156/0x1e0
[  366.659130][T12499]  ? __pfx_usbdev_open+0x10/0x10
[  366.659175][T12499]  ? chrdev_open+0x10b/0x6a0
[  366.659241][T12499]  ? __pfx_usbdev_open+0x10/0x10
[  366.659286][T12499]  chrdev_open+0x234/0x6a0
[  366.659335][T12499]  ? __pfx_apparmor_file_open+0x10/0x10
[  366.659369][T12499]  ? __pfx_chrdev_open+0x10/0x10
[  366.659422][T12499]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  366.659483][T12499]  do_dentry_open+0x748/0x1590
[  366.659530][T12499]  ? __pfx_chrdev_open+0x10/0x10
[  366.659593][T12499]  vfs_open+0x82/0x3f0
[  366.659633][T12499]  path_openat+0x2078/0x3140
[  366.659695][T12499]  ? __pfx_path_openat+0x10/0x10
[  366.659759][T12499]  do_filp_open+0x20b/0x470
[  366.659809][T12499]  ? __pfx_do_filp_open+0x10/0x10
[  366.659890][T12499]  ? alloc_fd+0x471/0x7d0
[  366.659949][T12499]  do_sys_openat2+0x121/0x290
[  366.659986][T12499]  ? __pfx_do_sys_openat2+0x10/0x10
[  366.660039][T12499]  __x64_sys_openat+0x174/0x210
[  366.660077][T12499]  ? __pfx___x64_sys_openat+0x10/0x10
[  366.660131][T12499]  do_syscall_64+0xcd/0xf80
[  366.660183][T12499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  366.660225][T12499] RIP: 0033:0x7fb1d118f7c9
[  366.660252][T12499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  366.660285][T12499] RSP: 002b:00007fb1d1ffb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  366.660317][T12499] RAX: ffffffffffffffda RBX: 00007fb1d13e6090 RCX: 00007fb1d118f7c9
[  366.660338][T12499] RDX: 000000000000a901 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  366.660357][T12499] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  366.660376][T12499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  366.660395][T12499] R13: 00007fb1d13e6128 R14: 00007fb1d13e6090 R15: 00007ffed7689cb8
[  366.660438][T12499]  </TASK>
[  367.105063][T12499] hub 36-0:1.0: hub_ext_port_status failed (err = -12)
[  367.917897][T12523] zswap: compressor  not available
[  368.371443][T12541] FAULT_INJECTION: forcing a failure.
[  368.371443][T12541] name failslab, interval 1, probability 0, space 0, times 0
[  368.426878][T12541] CPU: 1 UID: 0 PID: 12541 Comm: syz.3.3203 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  368.426937][T12541] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  368.426948][T12541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  368.426968][T12541] Call Trace:
[  368.426978][T12541]  <TASK>
[  368.426991][T12541]  dump_stack_lvl+0x16c/0x1f0
[  368.427048][T12541]  should_fail_ex+0x512/0x640
[  368.427089][T12541]  should_failslab+0xc2/0x120
[  368.427141][T12541]  __kmalloc_cache_noprof+0x80/0x800
[  368.427181][T12541]  ? bdi_split_work_to_wbs+0x1c1/0xfc0
[  368.427228][T12541]  ? bdi_split_work_to_wbs+0x1c1/0xfc0
[  368.427267][T12541]  bdi_split_work_to_wbs+0x1c1/0xfc0
[  368.427326][T12541]  ? __pfx_bdi_split_work_to_wbs+0x10/0x10
[  368.427388][T12541]  ? __lock_acquire+0x436/0x2890
[  368.427431][T12541]  __writeback_inodes_sb_nr+0x200/0x2b0
[  368.427473][T12541]  ? __pfx___writeback_inodes_sb_nr+0x10/0x10
[  368.427533][T12541]  ? get_nr_dirty_inodes+0x170/0x1e0
[  368.427576][T12541]  ? __pfx_fs_bdev_sync+0x10/0x10
[  368.427623][T12541]  sync_filesystem+0xbb/0x290
[  368.427653][T12541]  ? __pfx_fs_bdev_sync+0x10/0x10
[  368.427694][T12541]  fs_bdev_sync+0x2c/0x40
[  368.427736][T12541]  blkdev_common_ioctl+0x2250/0x2b80
[  368.427783][T12541]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  368.427834][T12541]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  368.427885][T12541]  ? do_vfs_ioctl+0x128/0x14f0
[  368.427926][T12541]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  368.427977][T12541]  ? find_held_lock+0x2b/0x80
[  368.428028][T12541]  blkdev_ioctl+0x2b5/0x6e0
[  368.428067][T12541]  ? __pfx_blkdev_ioctl+0x10/0x10
[  368.428112][T12541]  ? __pfx_blkdev_ioctl+0x10/0x10
[  368.428154][T12541]  __x64_sys_ioctl+0x18e/0x210
[  368.428197][T12541]  do_syscall_64+0xcd/0xf80
[  368.428249][T12541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.428306][T12541] RIP: 0033:0x7fb1d118f7c9
[  368.428333][T12541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.428367][T12541] RSP: 002b:00007fb1d1fb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  368.428398][T12541] RAX: ffffffffffffffda RBX: 00007fb1d13e6270 RCX: 00007fb1d118f7c9
[  368.428421][T12541] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 0000000000000009
[  368.428441][T12541] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  368.428461][T12541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  368.428481][T12541] R13: 00007fb1d13e6308 R14: 00007fb1d13e6270 R15: 00007ffed7689cb8
[  368.428525][T12541]  </TASK>
[  370.495222][ T5903] Process accounting resumed
[  370.687315][T12574] FAULT_INJECTION: forcing a failure.
[  370.687315][T12574] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  370.746313][T12574] CPU: 0 UID: 0 PID: 12574 Comm: syz.3.3206 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  370.746354][T12574] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  370.746363][T12574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  370.746377][T12574] Call Trace:
[  370.746385][T12574]  <TASK>
[  370.746394][T12574]  dump_stack_lvl+0x16c/0x1f0
[  370.746434][T12574]  should_fail_ex+0x512/0x640
[  370.746465][T12574]  should_fail_alloc_page+0xe7/0x130
[  370.746504][T12574]  prepare_alloc_pages+0x401/0x670
[  370.746542][T12574]  ? rcu_is_watching+0x12/0xc0
[  370.746578][T12574]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  370.746610][T12574]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  370.746649][T12574]  ? is_bpf_text_address+0x94/0x1a0
[  370.746681][T12574]  ? kernel_text_address+0x8d/0x100
[  370.746708][T12574]  ? __kernel_text_address+0xd/0x40
[  370.746734][T12574]  ? unwind_get_return_address+0x59/0xa0
[  370.746772][T12574]  ? arch_stack_walk+0xa6/0x100
[  370.746803][T12574]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  370.746844][T12574]  ? stack_depot_save_flags+0x29/0x9b0
[  370.746871][T12574]  ? __pfx_stack_trace_save+0x10/0x10
[  370.746912][T12574]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  370.746950][T12574]  ? policy_nodemask+0xea/0x4e0
[  370.746989][T12574]  alloc_pages_mpol+0x1fb/0x550
[  370.747026][T12574]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  370.747071][T12574]  alloc_pages_noprof+0x131/0x390
[  370.747109][T12574]  kimage_alloc_pages+0x74/0x350
[  370.747151][T12574]  kimage_alloc_control_pages+0x153/0xa00
[  370.747197][T12574]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  370.747243][T12574]  do_kexec_load+0x439/0x860
[  370.747267][T12574]  ? __pfx_do_kexec_load+0x10/0x10
[  370.747291][T12574]  ? _copy_from_user+0x59/0xd0
[  370.747319][T12574]  __x64_sys_kexec_load+0x1bf/0x230
[  370.747344][T12574]  do_syscall_64+0xcd/0xf80
[  370.747382][T12574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.747406][T12574] RIP: 0033:0x7fb1d118f7c9
[  370.747425][T12574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  370.747448][T12574] RSP: 002b:00007fb1d201c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  370.747470][T12574] RAX: ffffffffffffffda RBX: 00007fb1d13e5fa0 RCX: 00007fb1d118f7c9
[  370.747486][T12574] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000007
[  370.747500][T12574] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  370.747514][T12574] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  370.747527][T12574] R13: 00007fb1d13e6038 R14: 00007fb1d13e5fa0 R15: 00007ffed7689cb8
[  370.747558][T12574]  </TASK>
[  370.750853][T12574] kexec: Could not allocate control_code_buffer
[  372.102814][T12610] FAULT_INJECTION: forcing a failure.
[  372.102814][T12610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.158450][T12610] CPU: 1 UID: 0 PID: 12610 Comm: syz.1.3211 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  372.158500][T12610] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  372.158511][T12610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.158529][T12610] Call Trace:
[  372.158538][T12610]  <TASK>
[  372.158550][T12610]  dump_stack_lvl+0x16c/0x1f0
[  372.158600][T12610]  should_fail_ex+0x512/0x640
[  372.158647][T12610]  _copy_from_user+0x2e/0xd0
[  372.158682][T12610]  get_timespec64+0x8b/0x1b0
[  372.158713][T12610]  ? __pfx_get_timespec64+0x10/0x10
[  372.158741][T12610]  ? ktime_get+0x200/0x310
[  372.158780][T12610]  __x64_sys_futex+0x288/0x4c0
[  372.158819][T12610]  ? __pfx___x64_sys_futex+0x10/0x10
[  372.158854][T12610]  ? xfd_validate_state+0x61/0x180
[  372.158896][T12610]  do_syscall_64+0xcd/0xf80
[  372.158946][T12610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.158978][T12610] RIP: 0033:0x7f71fe58f7c9
[  372.158999][T12610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.159028][T12610] RSP: 002b:00007ffca0a28e78 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  372.159055][T12610] RAX: ffffffffffffffda RBX: 000000000005b1f2 RCX: 00007f71fe58f7c9
[  372.159075][T12610] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f71fe7e609c
[  372.159093][T12610] RBP: 0000000000000032 R08: 00007f71ff3bb000 R09: 0000001ca0a2916f
[  372.159113][T12610] R10: 00007ffca0a28f70 R11: 0000000000000246 R12: 00007f71fe7e609c
[  372.159132][T12610] R13: 00007ffca0a28f70 R14: 000000000005b224 R15: 00007ffca0a28f90
[  372.159174][T12610]  </TASK>
[  372.460637][T12485] [U] 
[  373.866437][T12633] zswap: compressor  not available
[  373.982892][ T5838] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  373.982936][ T5838] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15
[  374.000223][ T5838] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  374.104416][T12643] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3217'.
[  374.580398][T12653] hub 1-0:1.0: USB hub found
[  374.599614][T12653] hub 1-0:1.0: 1 port detected
[  377.006967][T12704] sp0: Synchronizing with TNC
[  377.048841][T12706] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  377.878733][T12707] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  377.899985][T12707] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  377.934807][T12707] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  377.945359][T12707] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  377.968227][T12707] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  377.991843][T12707] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  378.586706][T12726] ima: policy update failed
[  378.599452][   T31] audit: type=1802 audit(1767067013.145:19): pid=12726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.3237" res=0 errno=0
[  378.623981][T12726] netlink: 25 bytes leftover after parsing attributes in process `syz.4.3237'.
[  378.932505][T12739] bond0: option all_slaves_active: invalid value ()
[  379.010212][T12743] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3241'.
[  379.242455][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout
[  379.928644][T12752] snd_virmidi snd_virmidi.0: control 61678:131081:3:yª:1 is already present
[  379.960382][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  379.960392][ T5844] Bluetooth: hci2: command 0x0c1a tx timeout
[  379.978491][ T5838] Bluetooth: hci5: command 0x0c1a tx timeout
[  382.031367][ T5838] Bluetooth: hci5: command 0x0c1a tx timeout
[  382.042399][T12780] kexec: Could not allocate control_code_buffer
[  382.106618][   T52] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  382.408533][T12800] ptrace attach of "./syz-executor exec"[9977] was attempted by ""[12800]
[  383.233788][T12819] netlink: 776 bytes leftover after parsing attributes in process `syz.2.3253'.
[  384.096606][   T52] Bluetooth: hci5: command 0x0c1a tx timeout
[  384.684907][T12828] zswap: compressor  not available
[  385.999596][T12856] [U] ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ
[  387.926071][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  387.936289][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  388.488459][T12894] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  388.498333][T12894] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  388.563992][T12894] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  388.635290][T12894] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  389.071322][   T52] Bluetooth: hci5: unexpected event 0x0f length: 438 > 4
[  389.075861][   T52] Bluetooth: hci5: unexpected event for opcode 0x0010
[  390.144798][   T52] Bluetooth: hci4: command 0x0c1a tx timeout
[  390.184641][T12909] 0x000200000001-0xa29656a63616329 : ""
[  390.190282][T12909] mtd: partition "" is out of reach -- disabled
[  390.266738][T12909] ftl_cs: FTL header not found.
[  390.543171][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  390.622219][   T52] Bluetooth: hci3: command 0x0c1a tx timeout
[  390.631570][T12930] FAULT_INJECTION: forcing a failure.
[  390.631570][T12930] name failslab, interval 1, probability 0, space 0, times 0
[  390.666917][T12930] CPU: 0 UID: 0 PID: 12930 Comm: syz.2.3276 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  390.666976][T12930] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  390.666990][T12930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  390.667010][T12930] Call Trace:
[  390.667021][T12930]  <TASK>
[  390.667033][T12930]  dump_stack_lvl+0x16c/0x1f0
[  390.667098][T12930]  should_fail_ex+0x512/0x640
[  390.667134][T12930]  ? fs_reclaim_acquire+0xae/0x150
[  390.667189][T12930]  should_failslab+0xc2/0x120
[  390.667240][T12930]  kmem_cache_alloc_noprof+0x83/0x770
[  390.667278][T12930]  ? __pfx_map_id_range_down+0x10/0x10
[  390.667324][T12930]  ? security_inode_alloc+0x3b/0x2b0
[  390.667366][T12930]  ? security_inode_alloc+0x3b/0x2b0
[  390.667398][T12930]  security_inode_alloc+0x3b/0x2b0
[  390.667433][T12930]  inode_init_always_gfp+0xced/0x1040
[  390.667488][T12930]  alloc_inode+0x86/0x240
[  390.667524][T12930]  sock_alloc+0x40/0x280
[  390.667570][T12930]  __sock_create+0xc2/0x8a0
[  390.667635][T12930]  inet_ctl_sock_create+0x94/0x230
[  390.667673][T12930]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  390.667705][T12930]  ? lockdep_init_map_type+0x5c/0x270
[  390.667739][T12930]  ? do_init_timer+0xc9/0x110
[  390.667790][T12930]  ? __pfx_sctp_ctrlsock_init+0x10/0x10
[  390.667834][T12930]  sctp_ctrlsock_init+0x40/0xf0
[  390.667878][T12930]  ops_init+0x1e2/0x5f0
[  390.667925][T12930]  setup_net+0x11d/0x3a0
[  390.667968][T12930]  ? __pfx_setup_net+0x10/0x10
[  390.668007][T12930]  ? lockdep_init_map_type+0x5c/0x270
[  390.668039][T12930]  ? mutex_init_lockep+0x110/0x150
[  390.668082][T12930]  copy_net_ns+0x351/0x7c0
[  390.668134][T12930]  create_new_namespaces+0x3ea/0xab0
[  390.668188][T12930]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  390.668235][T12930]  ksys_unshare+0x45b/0xa40
[  390.668284][T12930]  ? __pfx_ksys_unshare+0x10/0x10
[  390.668336][T12930]  ? xfd_validate_state+0x61/0x180
[  390.668379][T12930]  __x64_sys_unshare+0x31/0x40
[  390.668407][T12930]  do_syscall_64+0xcd/0xf80
[  390.668459][T12930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.668492][T12930] RIP: 0033:0x7f1fee78f7c9
[  390.668517][T12930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.668550][T12930] RSP: 002b:00007f1fef629038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  390.668582][T12930] RAX: ffffffffffffffda RBX: 00007f1fee9e5fa0 RCX: 00007f1fee78f7c9
[  390.668603][T12930] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  390.668622][T12930] RBP: 00007f1fee813f91 R08: 0000000000000000 R09: 0000000000000000
[  390.668642][T12930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  390.668661][T12930] R13: 00007f1fee9e6038 R14: 00007f1fee9e5fa0 R15: 00007ffd599376d8
[  390.668705][T12930]  </TASK>
[  390.668746][T12930] socket: no more sockets
[  391.019418][T12935] zswap: compressor  not available
[  392.169707][ T5928] Process accounting resumed
[  392.237675][T12952] netlink: 'syz.2.3279': attribute type 1 has an invalid length.
[  392.481017][T12960] FAULT_INJECTION: forcing a failure.
[  392.481017][T12960] name failslab, interval 1, probability 0, space 0, times 0
[  392.552415][T12960] CPU: 1 UID: 0 PID: 12960 Comm: syz.3.3281 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  392.552479][T12960] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  392.552490][T12960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  392.552509][T12960] Call Trace:
[  392.552520][T12960]  <TASK>
[  392.552531][T12960]  dump_stack_lvl+0x16c/0x1f0
[  392.552582][T12960]  should_fail_ex+0x512/0x640
[  392.552606][T12960]  ? kmem_cache_alloc_noprof+0x62/0x770
[  392.552642][T12960]  should_failslab+0xc2/0x120
[  392.552679][T12960]  kmem_cache_alloc_noprof+0x83/0x770
[  392.552707][T12960]  ? security_file_alloc+0x34/0x2b0
[  392.552742][T12960]  ? security_file_alloc+0x34/0x2b0
[  392.552770][T12960]  security_file_alloc+0x34/0x2b0
[  392.552800][T12960]  init_file+0x93/0x4c0
[  392.552823][T12960]  alloc_empty_file+0x73/0x1e0
[  392.552849][T12960]  path_openat+0xde/0x3140
[  392.552883][T12960]  ? do_syscall_64+0xcd/0xf80
[  392.552917][T12960]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.552949][T12960]  ? __pfx_path_openat+0x10/0x10
[  392.552994][T12960]  do_filp_open+0x20b/0x470
[  392.553029][T12960]  ? __pfx_do_filp_open+0x10/0x10
[  392.553084][T12960]  ? alloc_fd+0x471/0x7d0
[  392.553126][T12960]  do_sys_openat2+0x121/0x290
[  392.553152][T12960]  ? __pfx_do_sys_openat2+0x10/0x10
[  392.553188][T12960]  __x64_sys_openat+0x174/0x210
[  392.553215][T12960]  ? __pfx___x64_sys_openat+0x10/0x10
[  392.553253][T12960]  do_syscall_64+0xcd/0xf80
[  392.553289][T12960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.553311][T12960] RIP: 0033:0x7fb1d118f7c9
[  392.553329][T12960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.553352][T12960] RSP: 002b:00007fb1d1ffb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  392.553374][T12960] RAX: ffffffffffffffda RBX: 00007fb1d13e6090 RCX: 00007fb1d118f7c9
[  392.553389][T12960] RDX: 0000000000029202 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  392.553403][T12960] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  392.553417][T12960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.553431][T12960] R13: 00007fb1d13e6128 R14: 00007fb1d13e6090 R15: 00007ffed7689cb8
[  392.553461][T12960]  </TASK>
[  393.096582][   T52] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  393.126869][   T52] Bluetooth: hci5: Injecting HCI hardware error event
[  393.137062][   T52] Bluetooth: hci5: hardware error 0x00
[  393.642474][T12970] sp0: Synchronizing with TNC
[  393.706352][T12968] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock
[  395.158991][   T52] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  395.596054][T13004] FAULT_INJECTION: forcing a failure.
[  395.596054][T13004] name failslab, interval 1, probability 0, space 0, times 0
[  395.646536][T13004] CPU: 0 UID: 0 PID: 13004 Comm: syz.2.3290 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  395.646596][T13004] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  395.646609][T13004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  395.646631][T13004] Call Trace:
[  395.646642][T13004]  <TASK>
[  395.646654][T13004]  dump_stack_lvl+0x16c/0x1f0
[  395.646711][T13004]  should_fail_ex+0x512/0x640
[  395.646747][T13004]  ? __kmalloc_cache_noprof+0x5f/0x800
[  395.646790][T13004]  should_failslab+0xc2/0x120
[  395.646842][T13004]  __kmalloc_cache_noprof+0x80/0x800
[  395.646877][T13004]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  395.646932][T13004]  ? vim2m_open+0xad/0x890
[  395.646986][T13004]  ? vim2m_open+0xad/0x890
[  395.647034][T13004]  vim2m_open+0xad/0x890
[  395.647090][T13004]  v4l2_open+0x1d2/0x5e0
[  395.647134][T13004]  ? __pfx_v4l2_open+0x10/0x10
[  395.647178][T13004]  chrdev_open+0x234/0x6a0
[  395.647228][T13004]  ? __pfx_apparmor_file_open+0x10/0x10
[  395.647262][T13004]  ? __pfx_chrdev_open+0x10/0x10
[  395.647314][T13004]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  395.647375][T13004]  do_dentry_open+0x748/0x1590
[  395.647422][T13004]  ? __pfx_chrdev_open+0x10/0x10
[  395.647483][T13004]  vfs_open+0x82/0x3f0
[  395.647522][T13004]  path_openat+0x2078/0x3140
[  395.647594][T13004]  ? __pfx_path_openat+0x10/0x10
[  395.647659][T13004]  do_filp_open+0x20b/0x470
[  395.647712][T13004]  ? __pfx_do_filp_open+0x10/0x10
[  395.647793][T13004]  ? alloc_fd+0x471/0x7d0
[  395.647853][T13004]  do_sys_openat2+0x121/0x290
[  395.647890][T13004]  ? __pfx_do_sys_openat2+0x10/0x10
[  395.647942][T13004]  __x64_sys_openat+0x174/0x210
[  395.647981][T13004]  ? __pfx___x64_sys_openat+0x10/0x10
[  395.648036][T13004]  do_syscall_64+0xcd/0xf80
[  395.648090][T13004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.648123][T13004] RIP: 0033:0x7f1fee78f7c9
[  395.648149][T13004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.648181][T13004] RSP: 002b:00007f1fef5e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  395.648211][T13004] RAX: ffffffffffffffda RBX: 00007f1fee9e6180 RCX: 00007f1fee78f7c9
[  395.648232][T13004] RDX: 000000000002aa81 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  395.648253][T13004] RBP: 00007f1fee813f91 R08: 0000000000000000 R09: 0000000000000000
[  395.648272][T13004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  395.648291][T13004] R13: 00007f1fee9e6218 R14: 00007f1fee9e6180 R15: 00007ffd599376d8
[  395.648334][T13004]  </TASK>
[  396.331651][T13018] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3294'.
[  396.610579][   T31] audit: type=1800 audit(1767067031.249:20): pid=13028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3296" name="features" dev="configfs" ino=45844 res=0 errno=0
[  396.902497][T13032] FAULT_INJECTION: forcing a failure.
[  396.902497][T13032] name failslab, interval 1, probability 0, space 0, times 0
[  396.951115][T13032] CPU: 1 UID: 0 PID: 13032 Comm: syz.1.3298 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  396.951157][T13032] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  396.951166][T13032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  396.951181][T13032] Call Trace:
[  396.951189][T13032]  <TASK>
[  396.951238][T13032]  dump_stack_lvl+0x16c/0x1f0
[  396.951278][T13032]  should_fail_ex+0x512/0x640
[  396.951305][T13032]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  396.951338][T13032]  should_failslab+0xc2/0x120
[  396.951375][T13032]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  396.951406][T13032]  ? __d_alloc+0x35/0xa80
[  396.951432][T13032]  ? __d_alloc+0x35/0xa80
[  396.951450][T13032]  __d_alloc+0x35/0xa80
[  396.951473][T13032]  d_alloc_parallel+0x111/0x1510
[  396.951503][T13032]  ? kasan_save_track+0x14/0x30
[  396.951534][T13032]  ? kasan_save_free_info+0x3b/0x60
[  396.951559][T13032]  ? kfree+0x2f8/0x6e0
[  396.951581][T13032]  ? link_path_walk+0x160a/0x1c70
[  396.951610][T13032]  ? path_openat+0x1bd/0x3140
[  396.951644][T13032]  ? do_sys_openat2+0x121/0x290
[  396.951670][T13032]  ? do_syscall_64+0xcd/0xf80
[  396.951704][T13032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.951732][T13032]  ? __pfx_d_alloc_parallel+0x10/0x10
[  396.951764][T13032]  ? lockdep_init_map_type+0x5c/0x270
[  396.951790][T13032]  ? lockdep_init_map_type+0x5c/0x270
[  396.951819][T13032]  __lookup_slow+0x193/0x460
[  396.951845][T13032]  ? __pfx___lookup_slow+0x10/0x10
[  396.951896][T13032]  lookup_slow+0x50/0x70
[  396.951921][T13032]  link_path_walk+0x12d8/0x1c70
[  396.951963][T13032]  path_openat+0x1bd/0x3140
[  396.951997][T13032]  ? do_syscall_64+0xcd/0xf80
[  396.952031][T13032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.952066][T13032]  ? __pfx_path_openat+0x10/0x10
[  396.952114][T13032]  do_filp_open+0x20b/0x470
[  396.952150][T13032]  ? __pfx_do_filp_open+0x10/0x10
[  396.952202][T13032]  ? __pfx_kfree_link+0x10/0x10
[  396.952239][T13032]  ? alloc_fd+0x471/0x7d0
[  396.952282][T13032]  do_sys_openat2+0x121/0x290
[  396.952308][T13032]  ? __pfx_do_sys_openat2+0x10/0x10
[  396.952346][T13032]  __x64_sys_openat+0x174/0x210
[  396.952374][T13032]  ? __pfx___x64_sys_openat+0x10/0x10
[  396.952413][T13032]  do_syscall_64+0xcd/0xf80
[  396.952450][T13032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.952474][T13032] RIP: 0033:0x7f71fe58f7c9
[  396.952493][T13032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.952516][T13032] RSP: 002b:00007f71ff3ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  396.952538][T13032] RAX: ffffffffffffffda RBX: 00007f71fe7e5fa0 RCX: 00007f71fe58f7c9
[  396.952554][T13032] RDX: 000000000004a141 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  396.952570][T13032] RBP: 00007f71fe613f91 R08: 0000000000000000 R09: 0000000000000000
[  396.952584][T13032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  396.952598][T13032] R13: 00007f71fe7e6038 R14: 00007f71fe7e5fa0 R15: 00007ffca0a28d18
[  396.952628][T13032]  </TASK>
[  398.196125][T13044] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[  399.665775][   T52] Bluetooth: hci2: Unable to find connection for big 0xd2
[  403.231081][T13125] FAULT_INJECTION: forcing a failure.
[  403.231081][T13125] name fail_futex, interval 1, probability 0, space 0, times 0
[  403.267479][T13125] CPU: 1 UID: 0 PID: 13125 Comm: syz.3.3313 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  403.267535][T13125] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  403.267547][T13125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  403.267565][T13125] Call Trace:
[  403.267574][T13125]  <TASK>
[  403.267584][T13125]  dump_stack_lvl+0x16c/0x1f0
[  403.267641][T13125]  should_fail_ex+0x512/0x640
[  403.267679][T13125]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  403.267731][T13125]  get_futex_key+0x1d0/0x15f0
[  403.267768][T13125]  ? __pfx_get_futex_key+0x10/0x10
[  403.267797][T13125]  ? mas_next_slot+0x12d3/0x1cb0
[  403.267842][T13125]  futex_wait_setup+0x9d/0x570
[  403.267895][T13125]  __futex_wait+0x193/0x2f0
[  403.267937][T13125]  ? __pfx___futex_wait+0x10/0x10
[  403.267983][T13125]  ? __pfx_futex_wake_mark+0x10/0x10
[  403.268033][T13125]  ? futex_hash+0x2c5/0x380
[  403.268072][T13125]  ? futex_private_hash_put+0x160/0x1b0
[  403.268110][T13125]  futex_wait+0xe8/0x380
[  403.268152][T13125]  ? __pfx_futex_wait+0x10/0x10
[  403.268209][T13125]  ? up_write+0x282/0x4e0
[  403.268251][T13125]  do_futex+0x229/0x350
[  403.268288][T13125]  ? __pfx_do_futex+0x10/0x10
[  403.268337][T13125]  __x64_sys_futex+0x1e0/0x4c0
[  403.268376][T13125]  ? fput+0x70/0xf0
[  403.268406][T13125]  ? __pfx___x64_sys_futex+0x10/0x10
[  403.268442][T13125]  ? ksys_mmap_pgoff+0x85/0x5c0
[  403.268488][T13125]  ? __pfx_ksys_write+0x10/0x10
[  403.268545][T13125]  do_syscall_64+0xcd/0xf80
[  403.268596][T13125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.268628][T13125] RIP: 0033:0x7fb1d118f7c9
[  403.268654][T13125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.268687][T13125] RSP: 002b:00007fb1d1ffb0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  403.268717][T13125] RAX: ffffffffffffffda RBX: 00007fb1d13e6098 RCX: 00007fb1d118f7c9
[  403.268738][T13125] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb1d13e6098
[  403.268756][T13125] RBP: 00007fb1d13e6090 R08: 0000000000000000 R09: 0000000000000000
[  403.268775][T13125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  403.268794][T13125] R13: 00007fb1d13e6128 R14: 00007ffed7689bd0 R15: 00007ffed7689cb8
[  403.268844][T13125]  </TASK>
[  403.581561][T13131] random: crng reseeded on system resumption
[  405.018936][T13154] zswap: compressor  not available
[  405.424121][T13133] FAULT_INJECTION: forcing a failure.
[  405.424121][T13133] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  405.451661][T13133] CPU: 0 UID: 0 PID: 13133 Comm: syz.4.3314 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  405.451719][T13133] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  405.451731][T13133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  405.451751][T13133] Call Trace:
[  405.451762][T13133]  <TASK>
[  405.451775][T13133]  dump_stack_lvl+0x16c/0x1f0
[  405.451831][T13133]  should_fail_ex+0x512/0x640
[  405.451875][T13133]  should_fail_alloc_page+0xe7/0x130
[  405.451931][T13133]  prepare_alloc_pages+0x401/0x670
[  405.451982][T13133]  ? find_held_lock+0x2b/0x80
[  405.452029][T13133]  __alloc_frozen_pages_noprof+0x18b/0x2430
[  405.452072][T13133]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  405.452118][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  405.452167][T13133]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  405.452215][T13133]  ? stack_depot_save_flags+0x3de/0x9b0
[  405.452261][T13133]  ? kasan_save_stack+0x42/0x60
[  405.452303][T13133]  ? kasan_save_stack+0x33/0x60
[  405.452348][T13133]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  405.452389][T13133]  ? alloc_vmap_area+0xded/0x2a50
[  405.452436][T13133]  ? __vmalloc_node_range_noprof+0x247/0x16b0
[  405.452469][T13133]  ? __vmalloc_noprof+0xa3/0x120
[  405.452498][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  405.452539][T13133]  ? bpf_prog_alloc+0x3b/0x230
[  405.452575][T13133]  ? bpf_prog_load+0x19bc/0x2cc0
[  405.452638][T13133]  ? __sys_bpf+0x3e72/0x4980
[  405.452664][T13133]  ? __x64_sys_bpf+0x78/0xc0
[  405.452692][T13133]  ? do_syscall_64+0xcd/0xf80
[  405.452785][T13133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  405.452840][T13133]  ? policy_nodemask+0xea/0x4e0
[  405.452894][T13133]  alloc_pages_mpol+0x1fb/0x550
[  405.452946][T13133]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  405.453008][T13133]  alloc_pages_noprof+0x131/0x390
[  405.453060][T13133]  get_free_pages_noprof+0x10/0xb0
[  405.453106][T13133]  __kasan_populate_vmalloc+0xa0/0x220
[  405.453159][T13133]  alloc_vmap_area+0x98d/0x2a50
[  405.453225][T13133]  ? __pfx_alloc_vmap_area+0x10/0x10
[  405.453284][T13133]  __get_vm_area_node+0x1ca/0x330
[  405.453342][T13133]  __vmalloc_node_range_noprof+0x247/0x16b0
[  405.453377][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  405.453418][T13133]  ? css_rstat_updated+0x1d1/0x590
[  405.453450][T13133]  ? __pfx_css_rstat_updated+0x10/0x10
[  405.453488][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  405.453541][T13133]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  405.453575][T13133]  ? rcu_is_watching+0x12/0xc0
[  405.453627][T13133]  ? irqentry_exit+0x1dd/0x8c0
[  405.453676][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  405.453725][T13133]  ? rcu_is_watching+0x12/0xc0
[  405.453779][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  405.453820][T13133]  __vmalloc_node_noprof+0xad/0xf0
[  405.453852][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  405.453899][T13133]  __vmalloc_noprof+0xa3/0x120
[  405.453931][T13133]  ? __pfx___vmalloc_noprof+0x10/0x10
[  405.453962][T13133]  ? finish_task_switch.isra.0+0x207/0xbd0
[  405.454013][T13133]  ? apparmor_capable+0x1d7/0x4e0
[  405.454044][T13133]  ? __schedule+0x10b9/0x6150
[  405.454090][T13133]  bpf_prog_alloc_no_stats+0x58/0x600
[  405.454131][T13133]  ? security_capable+0x7e/0x260
[  405.454187][T13133]  bpf_prog_alloc+0x3b/0x230
[  405.454226][T13133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  405.454277][T13133]  bpf_prog_load+0x19bc/0x2cc0
[  405.454339][T13133]  ? __pfx_bpf_prog_load+0x10/0x10
[  405.454389][T13133]  ? __lock_acquire+0x436/0x2890
[  405.454454][T13133]  ? bpf_lsm_bpf+0x9/0x10
[  405.454498][T13133]  __sys_bpf+0x3e72/0x4980
[  405.454526][T13133]  ? futex_private_hash_put+0x160/0x1b0
[  405.454564][T13133]  ? __pfx___sys_bpf+0x10/0x10
[  405.454592][T13133]  ? __pfx_futex_wait+0x10/0x10
[  405.454669][T13133]  ? do_futex+0x122/0x350
[  405.454727][T13133]  ? fput+0x70/0xf0
[  405.454760][T13133]  ? xfd_validate_state+0x61/0x180
[  405.454788][T13133]  ? __pfx_ksys_write+0x10/0x10
[  405.454839][T13133]  __x64_sys_bpf+0x78/0xc0
[  405.454868][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  405.454915][T13133]  do_syscall_64+0xcd/0xf80
[  405.454967][T13133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.454997][T13133] RIP: 0033:0x7f26e5d8f7c9
[  405.455026][T13133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  405.455058][T13133] RSP: 002b:00007f26e6cd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  405.455090][T13133] RAX: ffffffffffffffda RBX: 00007f26e5fe5fa0 RCX: 00007f26e5d8f7c9
[  405.455111][T13133] RDX: 000000000000000d RSI: 0000200000000080 RDI: 0000000000000005
[  405.455131][T13133] RBP: 00007f26e5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  405.455151][T13133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  405.455169][T13133] R13: 00007f26e5fe6038 R14: 00007f26e5fe5fa0 R15: 00007ffddff20e78
[  405.455213][T13133]  </TASK>
[  406.040530][T13133] syz.4.3314: vmalloc error: size 303104, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  406.057293][T13133] CPU: 1 UID: 0 PID: 13133 Comm: syz.4.3314 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  406.057350][T13133] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  406.057361][T13133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  406.057377][T13133] Call Trace:
[  406.057386][T13133]  <TASK>
[  406.057396][T13133]  dump_stack_lvl+0x16c/0x1f0
[  406.057443][T13133]  warn_alloc+0x248/0x3a0
[  406.057477][T13133]  ? __pfx_warn_alloc+0x10/0x10
[  406.057509][T13133]  ? kfree+0x2f8/0x6e0
[  406.057536][T13133]  ? __get_vm_area_node+0x2cd/0x330
[  406.057585][T13133]  ? __get_vm_area_node+0x2cd/0x330
[  406.057625][T13133]  ? __get_vm_area_node+0x1dc/0x330
[  406.057665][T13133]  ? __get_vm_area_node+0x208/0x330
[  406.057713][T13133]  __vmalloc_node_range_noprof+0xbe0/0x16b0
[  406.057743][T13133]  ? __pfx_css_rstat_updated+0x10/0x10
[  406.057775][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  406.057818][T13133]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  406.057845][T13133]  ? rcu_is_watching+0x12/0xc0
[  406.057882][T13133]  ? irqentry_exit+0x1dd/0x8c0
[  406.057921][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  406.057961][T13133]  ? rcu_is_watching+0x12/0xc0
[  406.058004][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  406.058037][T13133]  __vmalloc_node_noprof+0xad/0xf0
[  406.058062][T13133]  ? bpf_prog_alloc_no_stats+0x58/0x600
[  406.058100][T13133]  __vmalloc_noprof+0xa3/0x120
[  406.058125][T13133]  ? __pfx___vmalloc_noprof+0x10/0x10
[  406.058151][T13133]  ? finish_task_switch.isra.0+0x207/0xbd0
[  406.058192][T13133]  ? apparmor_capable+0x1d7/0x4e0
[  406.058218][T13133]  ? __schedule+0x10b9/0x6150
[  406.058256][T13133]  bpf_prog_alloc_no_stats+0x58/0x600
[  406.058288][T13133]  ? security_capable+0x7e/0x260
[  406.058341][T13133]  bpf_prog_alloc+0x3b/0x230
[  406.058372][T13133]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  406.058416][T13133]  bpf_prog_load+0x19bc/0x2cc0
[  406.058468][T13133]  ? __pfx_bpf_prog_load+0x10/0x10
[  406.058510][T13133]  ? __lock_acquire+0x436/0x2890
[  406.058565][T13133]  ? bpf_lsm_bpf+0x9/0x10
[  406.058602][T13133]  __sys_bpf+0x3e72/0x4980
[  406.058626][T13133]  ? futex_private_hash_put+0x160/0x1b0
[  406.058657][T13133]  ? __pfx___sys_bpf+0x10/0x10
[  406.058681][T13133]  ? __pfx_futex_wait+0x10/0x10
[  406.058735][T13133]  ? do_futex+0x122/0x350
[  406.058781][T13133]  ? fput+0x70/0xf0
[  406.058808][T13133]  ? xfd_validate_state+0x61/0x180
[  406.058832][T13133]  ? __pfx_ksys_write+0x10/0x10
[  406.058875][T13133]  __x64_sys_bpf+0x78/0xc0
[  406.058900][T13133]  ? lockdep_hardirqs_on+0x7c/0x110
[  406.058939][T13133]  do_syscall_64+0xcd/0xf80
[  406.058981][T13133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.059009][T13133] RIP: 0033:0x7f26e5d8f7c9
[  406.059030][T13133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.059058][T13133] RSP: 002b:00007f26e6cd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  406.059083][T13133] RAX: ffffffffffffffda RBX: 00007f26e5fe5fa0 RCX: 00007f26e5d8f7c9
[  406.059102][T13133] RDX: 000000000000000d RSI: 0000200000000080 RDI: 0000000000000005
[  406.059119][T13133] RBP: 00007f26e5e13f91 R08: 0000000000000000 R09: 0000000000000000
[  406.059135][T13133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.059151][T13133] R13: 00007f26e5fe6038 R14: 00007f26e5fe5fa0 R15: 00007ffddff20e78
[  406.059187][T13133]  </TASK>
[  406.059203][T13133] Mem-Info:
[  406.401603][T13133] active_anon:10514 inactive_anon:3998 isolated_anon:0
[  406.401603][T13133]  active_file:18878 inactive_file:39573 isolated_file:0
[  406.401603][T13133]  unevictable:768 dirty:811 writeback:0
[  406.401603][T13133]  slab_reclaimable:11641 slab_unreclaimable:97865
[  406.401603][T13133]  mapped:27925 shmem:2592 pagetables:1297
[  406.401603][T13133]  sec_pagetables:0 bounce:0
[  406.401603][T13133]  kernel_misc_reclaimable:0
[  406.401603][T13133]  free:1304243 free_pcp:11431 free_cma:0
[  406.479496][T13133] Node 0 active_anon:42056kB inactive_anon:15292kB active_file:75456kB inactive_file:158164kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:111700kB dirty:3244kB writeback:0kB shmem:8132kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12604kB pagetables:5040kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  406.706841][T13133] Node 1 active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  406.748457][T13165] bond0: option all_slaves_active: invalid value ()
[  406.770161][T13133] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  406.853823][T13164] nvme_fcloop: unknown parameter or missing value '7'
[  406.858105][T13133] lowmem_reserve[]: 0 2481 2483 2483 2483
[  406.866885][T13133] Node 0 DMA32 free:1309136kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42056kB inactive_anon:15296kB active_file:75456kB inactive_file:158164kB unevictable:1536kB writepending:3272kB zspages:0kB present:3129332kB managed:2541032kB mlocked:0kB bounce:0kB free_pcp:39132kB local_pcp:20256kB free_cma:0kB
[  407.006463][T13133] lowmem_reserve[]: 0 0 1 1 1
[  407.021295][T13133] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  407.226414][T13133] lowmem_reserve[]: 0 0 0 0 0
[  407.244969][T13133] Node 1 Normal free:3898384kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:56kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:3056kB local_pcp:2860kB free_cma:0kB
[  407.371734][T13133] lowmem_reserve[]: 0 0 0 0 0
[  407.382485][T13133] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  407.444750][T13133] Node 0 DMA32: 4476*4kB (UM) 2245*8kB (UM) 1648*16kB (UME) 778*32kB (UME) 776*64kB (UME) 513*128kB (UME) 246*256kB (UME) 189*512kB (UME) 118*1024kB (UM) 10*2048kB (UME) 198*4096kB (M) = 1314520kB
[  407.489347][T13133] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  407.542483][T13133] Node 1 Normal: 200*4kB (UME) 72*8kB (UME) 51*16kB (UME) 236*32kB (UME) 96*64kB (UME) 46*128kB (UME) 19*256kB (UM) 6*512kB (UME) 2*1024kB (ME) 2*2048kB (UE) 943*4096kB (M) = 3898384kB
[  407.594357][T13133] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  407.601387][T13184] 0x000000000001-0x0000fffffff1 : ""
[  407.609837][T13184] mtd: partition "" extends beyond the end of device "mtdram test device" -- size truncated to 0x1ffff
[  407.616643][T13133] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  407.670922][T13133] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  407.690076][T13184] FAULT_INJECTION: forcing a failure.
[  407.690076][T13184] name failslab, interval 1, probability 0, space 0, times 0
[  407.754710][T13184] CPU: 1 UID: 0 PID: 13184 Comm: syz.3.3325 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  407.754768][T13184] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  407.754782][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  407.754801][T13184] Call Trace:
[  407.754812][T13184]  <TASK>
[  407.754825][T13184]  dump_stack_lvl+0x16c/0x1f0
[  407.754914][T13184]  should_fail_ex+0x512/0x640
[  407.754951][T13184]  ? kmem_cache_alloc_noprof+0x62/0x770
[  407.754997][T13184]  should_failslab+0xc2/0x120
[  407.755048][T13184]  kmem_cache_alloc_noprof+0x83/0x770
[  407.755088][T13184]  ? __kernfs_new_node+0xd2/0x9b0
[  407.755134][T13184]  ? __kernfs_new_node+0xd2/0x9b0
[  407.755169][T13184]  __kernfs_new_node+0xd2/0x9b0
[  407.755213][T13184]  ? __pfx___kernfs_new_node+0x10/0x10
[  407.755262][T13184]  ? find_held_lock+0x2b/0x80
[  407.755304][T13184]  ? kernfs_root+0xee/0x2a0
[  407.755357][T13184]  kernfs_new_node+0x13c/0x1e0
[  407.755410][T13184]  __kernfs_create_file+0x53/0x350
[  407.755466][T13184]  sysfs_add_file_mode_ns+0x207/0x3c0
[  407.755514][T13184]  internal_create_group+0x597/0xf70
[  407.755561][T13184]  ? sysfs_create_file_ns+0x154/0x1d0
[  407.755596][T13184]  ? __pfx_internal_create_group+0x10/0x10
[  407.755633][T13184]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  407.755666][T13184]  ? down_read+0x13d/0x460
[  407.755703][T13184]  ? acpi_device_notify+0x351/0x4d0
[  407.755736][T13184]  ? lockdep_init_map_type+0x5c/0x270
[  407.755775][T13184]  internal_create_groups+0x9d/0x150
[  407.755819][T13184]  device_add+0x7a5/0x1980
[  407.755867][T13184]  ? __pfx_device_add+0x10/0x10
[  407.755910][T13184]  ? mark_held_locks+0x49/0x80
[  407.755938][T13184]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  407.755984][T13184]  ? lockdep_hardirqs_on+0x7c/0x110
[  407.756032][T13184]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  407.756083][T13184]  nvmem_register+0xcfb/0x1a50
[  407.756137][T13184]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  407.756187][T13184]  mtd_nvmem_add+0x1ab/0x2f0
[  407.756228][T13184]  ? __pfx_mtd_nvmem_add+0x10/0x10
[  407.756280][T13184]  ? __pfx_mtd_nvmem_reg_read+0x10/0x10
[  407.756341][T13184]  ? lockdep_init_map_type+0x5c/0x270
[  407.756388][T13184]  add_mtd_device+0x9b9/0x1830
[  407.756448][T13184]  ? __pfx_add_mtd_device+0x10/0x10
[  407.756509][T13184]  mtd_add_partition+0x30c/0x670
[  407.756546][T13184]  ? __pfx_mtd_add_partition+0x10/0x10
[  407.756583][T13184]  ? __might_fault+0xe3/0x190
[  407.756621][T13184]  ? __might_fault+0xe3/0x190
[  407.756675][T13184]  mtdchar_blkpg_ioctl+0x20b/0x250
[  407.756717][T13184]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  407.756789][T13184]  mtdchar_ioctl+0xc09/0x20f0
[  407.756833][T13184]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  407.756869][T13184]  ? lock_acquire+0x179/0x330
[  407.756904][T13184]  ? __pfx___might_resched+0x10/0x10
[  407.756955][T13184]  ? trace_contention_end+0xdd/0x110
[  407.756994][T13184]  ? do_vfs_ioctl+0x128/0x14f0
[  407.757031][T13184]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  407.757068][T13184]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  407.757110][T13184]  ? __pfx___mutex_lock+0x10/0x10
[  407.757168][T13184]  ? find_held_lock+0x2b/0x80
[  407.757231][T13184]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  407.757267][T13184]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  407.757307][T13184]  __x64_sys_ioctl+0x18e/0x210
[  407.757359][T13184]  do_syscall_64+0xcd/0xf80
[  407.757411][T13184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.757444][T13184] RIP: 0033:0x7fb1d118f7c9
[  407.757470][T13184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  407.757503][T13184] RSP: 002b:00007fb1d201c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  407.757534][T13184] RAX: ffffffffffffffda RBX: 00007fb1d13e5fa0 RCX: 00007fb1d118f7c9
[  407.757555][T13184] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000005
[  407.757573][T13184] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  407.757592][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.757611][T13184] R13: 00007fb1d13e6038 R14: 00007fb1d13e5fa0 R15: 00007ffed7689cb8
[  407.757653][T13184]  </TASK>
[  408.168733][T13184] ------------[ cut here ]------------
[  408.174430][T13184] WARNING: drivers/mtd/mtdpart.c:37 at release_mtd_partition+0x71/0x90, CPU#1: syz.3.3325/13184
[  408.185005][T13184] Modules linked in:
[  408.189202][T13184] CPU: 1 UID: 0 PID: 13184 Comm: syz.3.3325 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  408.200212][T13184] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  408.205461][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  408.215898][T13184] RIP: 0010:release_mtd_partition+0x71/0x90
[  408.222290][T13184] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f f8 d3 fb 48 89 df 5b 5d e9 95 f8 d3 fb e8 e0 d3 76 fb 90 <0f> 0b 90 eb c2 e8 25 b6 df fb eb db 48 89 ef e8 1b b6 df fb eb a5
[  408.242550][T13184] RSP: 0018:ffffc90004e6f820 EFLAGS: 00010287
[  408.248685][T13184] RAX: 0000000000033ddd RBX: ffff888052273000 RCX: ffffc900187a3000
[  408.257213][T13184] RDX: 0000000000080000 RSI: ffffffff86478570 RDI: ffff888052273000
[  408.265380][T13184] RBP: ffff888052273650 R08: 0000000000000001 R09: 0000000000000001
[  408.273510][T13184] R10: 0000000000000008 R11: 0000000000000000 R12: ffff88805b61a800
[  408.281674][T13184] R13: dffffc0000000000 R14: ffff88807d13d0a0 R15: 0000000000000000
[  408.289823][T13184] FS:  00007fb1d201c6c0(0000) GS:ffff8881249fc000(0000) knlGS:0000000000000000
[  408.300782][T13184] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  408.307440][T13184] CR2: 00007f1fef5e6f98 CR3: 000000005d47c000 CR4: 00000000003526f0
[  408.316256][T13184] Call Trace:
[  408.319600][T13184]  <TASK>
[  408.322987][T13184]  mtd_release+0xa0/0xd0
[  408.327290][T13184]  ? __pfx_mtd_release+0x10/0x10
[  408.332291][T13184]  device_release+0xa4/0x240
[  408.337431][T13184]  kobject_put+0x1ef/0x6f0
[  408.342403][T13184]  device_unregister+0x2f/0xe0
[  408.347231][T13184]  add_mtd_device+0x1472/0x1830
[  408.352253][T13184]  ? __pfx_add_mtd_device+0x10/0x10
[  408.357503][T13184]  mtd_add_partition+0x30c/0x670
[  408.362537][T13184]  ? __pfx_mtd_add_partition+0x10/0x10
[  408.368045][T13184]  ? __might_fault+0xe3/0x190
[  408.372782][T13184]  ? __might_fault+0xe3/0x190
[  408.377583][T13184]  mtdchar_blkpg_ioctl+0x20b/0x250
[  408.382771][T13184]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  408.388456][T13184]  mtdchar_ioctl+0xc09/0x20f0
[  408.393203][T13184]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  408.398340][T13184]  ? lock_acquire+0x179/0x330
[  408.403110][T13184]  ? __pfx___might_resched+0x10/0x10
[  408.408430][T13184]  ? trace_contention_end+0xdd/0x110
[  408.414089][T13184]  ? do_vfs_ioctl+0x128/0x14f0
[  408.418881][T13184]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  408.424647][T13184]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  408.429784][T13184]  ? __pfx___mutex_lock+0x10/0x10
[  408.434860][T13184]  ? find_held_lock+0x2b/0x80
[  408.440078][T13184]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  408.445316][T13184]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  408.451915][T13184]  __x64_sys_ioctl+0x18e/0x210
[  408.456713][T13184]  do_syscall_64+0xcd/0xf80
[  408.461316][T13184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.467229][T13184] RIP: 0033:0x7fb1d118f7c9
[  408.471689][T13184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.491386][T13184] RSP: 002b:00007fb1d201c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  408.499853][T13184] RAX: ffffffffffffffda RBX: 00007fb1d13e5fa0 RCX: 00007fb1d118f7c9
[  408.507931][T13184] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000005
[  408.516311][T13184] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  408.524635][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  408.533149][T13184] R13: 00007fb1d13e6038 R14: 00007fb1d13e5fa0 R15: 00007ffed7689cb8
[  408.541697][T13184]  </TASK>
[  408.544758][T13184] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  408.552053][T13184] CPU: 1 UID: 0 PID: 13184 Comm: syz.3.3325 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  408.563014][T13184] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  408.568213][T13184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  408.578281][T13184] Call Trace:
[  408.581576][T13184]  <TASK>
[  408.584525][T13184]  dump_stack_lvl+0x3d/0x1f0
[  408.589156][T13184]  vpanic+0x640/0x6f0
[  408.593162][T13184]  ? release_mtd_partition+0x71/0x90
[  408.598468][T13184]  panic+0xca/0xd0
[  408.602208][T13184]  ? __pfx_panic+0x10/0x10
[  408.606743][T13184]  check_panic_on_warn+0xab/0xb0
[  408.611707][T13184]  __warn+0x108/0x3c0
[  408.615716][T13184]  __report_bug+0x2a0/0x520
[  408.620251][T13184]  ? release_mtd_partition+0x71/0x90
[  408.625572][T13184]  ? __pfx___report_bug+0x10/0x10
[  408.630629][T13184]  ? find_held_lock+0x2b/0x80
[  408.635445][T13184]  ? cleanup_glue_dir+0x1cd/0x250
[  408.640499][T13184]  ? delete_node+0x207/0x8d0
[  408.645176][T13184]  ? release_mtd_partition+0x71/0x90
[  408.650497][T13184]  report_bug+0xb2/0x220
[  408.654770][T13184]  ? release_mtd_partition+0x71/0x90
[  408.660076][T13184]  handle_bug+0x127/0x260
[  408.664596][T13184]  exc_invalid_op+0x17/0x50
[  408.669122][T13184]  asm_exc_invalid_op+0x1a/0x20
[  408.673990][T13184] RIP: 0010:release_mtd_partition+0x71/0x90
[  408.679904][T13184] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f f8 d3 fb 48 89 df 5b 5d e9 95 f8 d3 fb e8 e0 d3 76 fb 90 <0f> 0b 90 eb c2 e8 25 b6 df fb eb db 48 89 ef e8 1b b6 df fb eb a5
[  408.699745][T13184] RSP: 0018:ffffc90004e6f820 EFLAGS: 00010287
[  408.705827][T13184] RAX: 0000000000033ddd RBX: ffff888052273000 RCX: ffffc900187a3000
[  408.713812][T13184] RDX: 0000000000080000 RSI: ffffffff86478570 RDI: ffff888052273000
[  408.721800][T13184] RBP: ffff888052273650 R08: 0000000000000001 R09: 0000000000000001
[  408.729786][T13184] R10: 0000000000000008 R11: 0000000000000000 R12: ffff88805b61a800
[  408.737770][T13184] R13: dffffc0000000000 R14: ffff88807d13d0a0 R15: 0000000000000000
[  408.745785][T13184]  ? release_mtd_partition+0x70/0x90
[  408.751108][T13184]  mtd_release+0xa0/0xd0
[  408.755388][T13184]  ? __pfx_mtd_release+0x10/0x10
[  408.760356][T13184]  device_release+0xa4/0x240
[  408.764999][T13184]  kobject_put+0x1ef/0x6f0
[  408.769467][T13184]  device_unregister+0x2f/0xe0
[  408.774255][T13184]  add_mtd_device+0x1472/0x1830
[  408.779153][T13184]  ? __pfx_add_mtd_device+0x10/0x10
[  408.784444][T13184]  mtd_add_partition+0x30c/0x670
[  408.789438][T13184]  ? __pfx_mtd_add_partition+0x10/0x10
[  408.794927][T13184]  ? __might_fault+0xe3/0x190
[  408.799631][T13184]  ? __might_fault+0xe3/0x190
[  408.804358][T13184]  mtdchar_blkpg_ioctl+0x20b/0x250
[  408.809497][T13184]  ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10
[  408.815178][T13184]  mtdchar_ioctl+0xc09/0x20f0
[  408.819884][T13184]  ? __pfx_mtdchar_ioctl+0x10/0x10
[  408.825036][T13184]  ? lock_acquire+0x179/0x330
[  408.829826][T13184]  ? __pfx___might_resched+0x10/0x10
[  408.835146][T13184]  ? trace_contention_end+0xdd/0x110
[  408.840481][T13184]  ? do_vfs_ioctl+0x128/0x14f0
[  408.845280][T13184]  ? mtdchar_unlocked_ioctl+0xa2/0xf0
[  408.850708][T13184]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  408.855772][T13184]  ? __pfx___mutex_lock+0x10/0x10
[  408.860927][T13184]  ? find_held_lock+0x2b/0x80
[  408.865650][T13184]  mtdchar_unlocked_ioctl+0xb0/0xf0
[  408.870920][T13184]  ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10
[  408.876844][T13184]  __x64_sys_ioctl+0x18e/0x210
[  408.881654][T13184]  do_syscall_64+0xcd/0xf80
[  408.886190][T13184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.892109][T13184] RIP: 0033:0x7fb1d118f7c9
[  408.896539][T13184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.916166][T13184] RSP: 002b:00007fb1d201c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  408.924688][T13184] RAX: ffffffffffffffda RBX: 00007fb1d13e5fa0 RCX: 00007fb1d118f7c9
[  408.932703][T13184] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000005
[  408.940709][T13184] RBP: 00007fb1d1213f91 R08: 0000000000000000 R09: 0000000000000000
[  408.948786][T13184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  408.956794][T13184] R13: 00007fb1d13e6038 R14: 00007fb1d13e5fa0 R15: 00007ffed7689cb8
[  408.964852][T13184]  </TASK>
[  408.968491][T13184] Kernel Offset: disabled
[  408.972833][T13184] Rebooting in 86400 seconds..