last executing test programs:

5m38.313700682s ago: executing program 3 (id=290):
r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000000c0)={0x18, r0, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}, 0x1, 0x0, 0xf0ffff, 0x40cc}, 0x4048000)

5m37.949276733s ago: executing program 3 (id=291):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000)
mmap$auto(0xfffffffffffffffc, 0x2020005, 0x3, 0x13, 0xffffffffffffffff, 0x8000)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/flags\x00', 0x301483, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000240), 0x143242, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_GET_MSRS(r0, 0xc028ae92, &(0x7f00000001c0)={0xb, 0x0, [{0xffffff47, 0x8, 0xf}]})
openat$auto_urandom_fops_random(0xffffffffffffff9c, 0x0, 0x901, 0x0)
unshare$auto(0x40000080)
ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, 0x0)
mmap$auto(0x0, 0x2020009, 0x1000000000000006, 0xf8, 0xfffffffffffffffa, 0x8000)
r2 = getpid()
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0xfffffffffffffffe, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), 0xffffffffffffffff)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
read$auto(r3, 0x0, 0x7)

5m36.058014198s ago: executing program 3 (id=295):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x82, 0x0)
socket(0x2, 0x1, 0x0)
socket(0x2, 0x5, 0x0)
r0 = epoll_create$auto(0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r1, 0x0)
capset$auto(0x0, 0x0)
epoll_ctl$auto(0x5, 0x3, r1, 0x0)
epoll_wait$auto(r0, 0x0, 0xe007, 0x1)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x389e81, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0xe0182, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x169000, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x800400007, 0x65d, 0xffff, 0xffffffffffffffff, 0x20000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0xa, 0x2, 0x88)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xbff)
write$auto(0x3, 0x0, 0x100082)
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0x8000b, 0x0, 0xf58, 0x3, 0x8000000000000000, 0x8, 0x1000, 0x4, 0x7ff, 0x8000000000000, 0x84c, 0x5, 0x7]}, 0x0)

5m35.064646743s ago: executing program 3 (id=300):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(r0, 0x40104d02, r0)
openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cmdline\x00', 0x60502, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
socket(0xa, 0x2, 0x73)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(r1, 0x1, 0x21, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3)
pwrite64$auto(0xc8, 0x0, 0x4e, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)

5m33.882254015s ago: executing program 3 (id=304):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$auto_minstrel_ht_stat_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy6/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats\x00', 0x0, 0x0)
mmap$auto(0x20000000, 0x9, 0x3, 0xeb1, r1, 0x8000)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/user\x00')
r3 = openat$auto(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x7fff, 0x7ff)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0)
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x880)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/oom_adj\x00', 0x8100, 0x0)
r5 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
fallocate$auto(r5, 0x0, 0x7, 0x4cbd5d)
ioctl$auto_UDF_GETVOLIDENT(r5, 0x80086c42, &(0x7f0000000180)=&(0x7f0000000140)="94bb00d6c6dc5931757cae62b602e06385ecde36195d57802aadff36e60eebf1e86de7697fe99ea29e10c1bd82234543f5b79ea9e16202a7257c")
read$auto(r4, 0x0, 0x1f40)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r6, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ttyr6/power/runtime_status\x00', 0x8000, 0x0)
r7 = fcntl$auto(r2, 0x402, 0x8000007fffffdf)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r7)
fcntl$auto(r2, 0x402, 0x400000fffffffd)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x1, 0x0)
r8 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r8, 0x8, 0x0, 0x0, 0x0)
shmctl$auto(0x0, 0x0, 0xfffffffffffffffd)
ioctl$auto_BLKFRASET(0xffffffffffffffff, 0x1264, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x4, 0x1, 0x8000000000000000, 0x0)
r9 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x4604, 0x0)

5m32.757194943s ago: executing program 3 (id=308):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
mmap$auto(0x9, 0xffffffff, 0x4001008000df, 0x40eb1, 0x401, 0x800000000008000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio1\x00', 0x80e42, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001fc, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0)
write$auto(r2, &(0x7f0000000100)='/dev/audio1\x00\xf6\x89\t\xb6t\xae\x12Q\x15E O\xd8\x8d/\xd9\x13\v_\xbcTd\xe0DS\xef?f\xf1ou\xa4W&^\x80\xb2}\x96K\x16*\xa0\x10[8\xa3\x86\x9a3\xc1\xf7\x89x; 4\x8d,U\xa2\xd8\xd5\xfd\xf8\xd8\xb0\xe0W\xad\xe7\x05l*\xc5Z\x8d\xc88}n\x81\tK\x00\x12\xae\xff\xe5\xf1\xb5w\x81$\xd4\xca\xbe&\x195\xc1\xda>\x8c\x89P\xa1\xdb\xb4g9E\xc8\x92\xf6m\x1c\x9b\xebAzeI\xcb\x16f\xc0@\x978x\xbe\x15\'\xc6d}\xc2\xd3\x9f\xc5F8\x15f\x90\xa2\x84', 0x6051)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x4000, 0x0)
mmap$auto(0x9, 0x400008, 0xe2, 0x9b72, 0x2, 0x8004)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xae}, 0x5, 0x0, 0x3, 0x3a32182}, 0x4}, 0x3, 0x9)
recvmmsg$auto(r4, 0x0, 0x1, 0xe, 0x0)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
clock_gettime$auto(0x4, &(0x7f0000000340)={0x0, 0x8})
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0xfff8, 0x3}, 0xb3, 0x0, 0x0, 0x8)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x8100, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0x8048ae66, r1)

5m17.602041249s ago: executing program 32 (id=308):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})
mmap$auto(0x9, 0xffffffff, 0x4001008000df, 0x40eb1, 0x401, 0x800000000008000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio1\x00', 0x80e42, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001fc, 0x7, 0xd3e, 0x1, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x5, 0x6d3f, 0x7, 0x6, 0x6]}, 0x0)
write$auto(r2, &(0x7f0000000100)='/dev/audio1\x00\xf6\x89\t\xb6t\xae\x12Q\x15E O\xd8\x8d/\xd9\x13\v_\xbcTd\xe0DS\xef?f\xf1ou\xa4W&^\x80\xb2}\x96K\x16*\xa0\x10[8\xa3\x86\x9a3\xc1\xf7\x89x; 4\x8d,U\xa2\xd8\xd5\xfd\xf8\xd8\xb0\xe0W\xad\xe7\x05l*\xc5Z\x8d\xc88}n\x81\tK\x00\x12\xae\xff\xe5\xf1\xb5w\x81$\xd4\xca\xbe&\x195\xc1\xda>\x8c\x89P\xa1\xdb\xb4g9E\xc8\x92\xf6m\x1c\x9b\xebAzeI\xcb\x16f\xc0@\x978x\xbe\x15\'\xc6d}\xc2\xd3\x9f\xc5F8\x15f\x90\xa2\x84', 0x6051)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x4000, 0x0)
mmap$auto(0x9, 0x400008, 0xe2, 0x9b72, 0x2, 0x8004)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xae}, 0x5, 0x0, 0x3, 0x3a32182}, 0x4}, 0x3, 0x9)
recvmmsg$auto(r4, 0x0, 0x1, 0xe, 0x0)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
clock_gettime$auto(0x4, &(0x7f0000000340)={0x0, 0x8})
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0xfff8, 0x3}, 0xb3, 0x0, 0x0, 0x8)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x8100, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto(0x3, 0x8048ae66, r1)

2m29.207632888s ago: executing program 2 (id=883):
close_range$auto(0x2, 0xa, 0x0)
openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, 0x0, 0x8080, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80001, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)

2m28.614301589s ago: executing program 2 (id=884):
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638929210, 0x0)

2m26.843474104s ago: executing program 2 (id=886):
socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="db002cbd7000fbdbdf250af4"], 0x1c}}, 0x20008810)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x20002, 0xea, 0xeb1, 0x8000000000000024, 0x2000008000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r0, 0x80085502, &(0x7f00000001c0)={0x10, 0x1000})
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0xff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0)
r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0)
sendfile$auto(r2, r1, 0x0, 0x10600)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setresuid$auto(0x8, 0x8, 0xee00)

2m25.359527341s ago: executing program 2 (id=892):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x408, 0x80104)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000f7dbdf250100003f060002000100f4000501070058001a00080009000500000008000a000800000014001f000000000000000000000000000000000114002000fe8000000000000000000000000020aa"], 0x5c}, 0x1, 0x0, 0x0, 0x14}, 0x0)
ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8)
open(&(0x7f0000000800)='./file0\x00', 0x1a3342, 0x24)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
timer_create$auto(0x803, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r4, 0x0)
mmap$auto(0x9, 0x1ff, 0x4, 0x14, 0x3, 0x0)
socket(0xa, 0x3, 0x73)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)

2m20.277131988s ago: executing program 2 (id=898):
socket(0x10, 0x2, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="c80d1b5d399b71", 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
copy_file_range$auto(r0, 0x0, r0, &(0x7f0000000080)=0xeb2f, 0xfffffffffffffffe, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000140)={0x5, 0x0, [{0x24cc5c0e, 0x1, 0x3}, {0xcea6, 0x7, 0x8}, {0x4, 0x7}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x5, 0x0)
open(0x0, 0x261c2, 0x84)
r4 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r6=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, r4, @relative_fd=r0, 0xe604}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
socket(0x23, 0x80805, 0x0)

2m19.993585826s ago: executing program 0 (id=899):
read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, 0x0, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000040), r0)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0xc0)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
setrlimit$auto(0x9, 0x0)
mbind$auto(0x4, 0x2, 0x41f, &(0x7f0000000000)=0x8, 0x10001, 0x62c9a1e6)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
io_uring_setup$auto(0x4e61, 0x0)
r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000800)='/dev/snd/pcmC1D1p\x00', 0x200, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT32(r3, 0xc06c4124, &(0x7f0000000840)={0x7, 0x8, 0x2, 0x1, 0x4, 0x3, 0x1, 0x10001, 0x5, 0xffff473f, 0x80000000, 0x4, 0xb, 0x854, 0x64, 0x3ff, 0x0, 0x8, "547d8f774e7ab98e3ccdbad1e13745f260aa6a6264428625532ee28234827d36031da9ab"})
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmsg$auto_MACSEC_CMD_ADD_RXSA(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000140)={0x304, 0x0, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@MACSEC_ATTR_OFFLOAD={0x25d, 0x9, 0x0, 0x1, [@generic="49676b779b2a77a76a060bcd388839c7617a6c0e91505ef4d22e19af93c01df84cf62f00fdf276ac90aa6a448119459bacf16021823ca082454feaf2980e3d4280983336206e0e2bcd304c93c4349168eb968d0f7bdb80a4ac8726e67ac74f5aa17c75abe2e53abed76b3df15090dd50617324cd40d35d04a56ea2cf92b49c748c7e870c12b8835b0c495387e462b728f45daaa02dd2ee3fd577a5796e864e6782b77adc00f13bf3c7d9aad4ecbe8c348b9ed0", @typed={0x16, 0x50, 0x0, 0x0, @str='/dev/input/event1\x00'}, @generic="a62f85abfccfb6b3610b017dbe9f76ac1ff1968b7e9f181348393c747a9fd06325fb950abba24db680a3c0823bc0c7cfd50a2c502a43861176e4e6718dc77fb2b7713b322767d55a85c18d7999a7982e84ae3023ea05e317f8f6742a24f851d6267668adcfab330438f4be7100d2d5a347548f2e5eee2ed1bb5f263d45cc51f008ae913029bbe7f7ee95d6369e3842262ce7ecba99656007d0a4b396d20624fca65a3e773ffdba6236a337b88ba86ea430b1fd2d09d6edb6e4849ceef933d721fffe5f8e51b9531e0cdfe12ae6cc3de9a63841aee0904c05cd9005c0a5c7e17e324798c2c401", @generic="d66561711abf9ea0da97e1ab7327e6f61b786c335d43254a5255802396c0308963a4a84c80ca1d66bcd13f74f54702835494b330e0ca6448d84216c7419810673a33efd44af8b6133ae64f33bf312909fa5a04f78cb135e45553f8ea12384db4b9777a2b791be159d44a0b3f8466e1a74d91adba10728326e55225e157128f7e1522acccc77bae19cd76133c2a3391fd2405f52f12a5bf12a602f92bf7789b3dc8a85afa713447c2"]}, @MACSEC_ATTR_OFFLOAD={0x8d, 0x9, 0x0, 0x1, [@nested={0xc, 0x8b, 0x0, 0x1, [@typed={0x6, 0xd6, 0x0, 0x0, @str=')\x00'}]}, @generic="984d5707fc7f308e4f1bb513c28243af784351615c4e5f795e1dedacf7d10672fb74558096367c9b4db543bcfed7f41fe8ab7cc4b41178e2d71cfda4d85eb1021f9dc3b8c4467cec90019d16824ff8c322f32875ccfef02230599283a0c2c81b93fcdaaab9ab48f25ed10e9d5387aebabb40b01f5fcfbceb6ab14beaf2"]}]}, 0x304}, 0x1, 0x0, 0x0, 0x40014}, 0x48845)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_GET_MSRS(r4, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)

2m19.115936832s ago: executing program 2 (id=900):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
socket(0xa, 0x1, 0x100)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdc01, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xe}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x24}}, 0x4000)
r2 = set_tid_address$auto(&(0x7f0000000000)=0x79b)
move_pages$auto(r2, 0x32, &(0x7f0000000080)=&(0x7f0000000040)="b09d34ce42e34848472ab6ee999fd3f95d6978d14c2e923929dc45256333e415732bf96f0b3c2bf90aa3c0", &(0x7f00000000c0)=0x4, &(0x7f0000000100)=0x9, 0x7)

2m18.932548042s ago: executing program 0 (id=902):
close_range$auto(0x2, 0xa, 0x0)
openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x80001, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)

2m18.39322045s ago: executing program 0 (id=904):
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x73)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0)
ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9})
write$auto(r0, 0x0, 0x47ffffdf2)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x18}, 0x1)

2m17.021885034s ago: executing program 0 (id=906):
mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00')
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="c80d1b5d399b71", 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
copy_file_range$auto(r0, 0x0, r0, &(0x7f0000000080)=0xeb2f, 0xfffffffffffffffe, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000140)={0x5, 0x0, [{0x24cc5c0e, 0x1, 0x3}, {0xcea6, 0x7, 0x8}, {0x4, 0x7}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
socket(0xa, 0x5, 0x0)
open(0x0, 0x261c2, 0x84)
r4 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r6=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, r4, @relative_fd=r0, 0xe604}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc)
socket(0x23, 0x80805, 0x0)

2m15.820267896s ago: executing program 0 (id=910):
mmap$auto(0x2, 0x0, 0xdf, 0x9b72, 0x2, 0xc000)
unshare$auto(0x40000080)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0)
r0 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x300, 0x0)
read$auto_tracing_entries_fops_trace(r0, 0x0, 0x0)
mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffffffffffd03, &(0x7f00000001c0))
connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0)
sendfile$auto(r3, r3, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000040), r1)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x800, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000440)=""/82, 0x52)
ioctl$auto_TIOCSWINSZ2(r4, 0x5414, &(0x7f00000001c0))
ioctl$auto(0xffffffffffffffff, 0x80a86f3d, 0x38)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x204880, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r5)

2m12.634195088s ago: executing program 0 (id=913):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60440, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(r4, &(0x7f00000001c0)=""/155, 0x9b)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000880}, 0x20008000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff)

2m4.045711093s ago: executing program 33 (id=900):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
socket(0xa, 0x1, 0x100)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdc01, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xe}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x24}}, 0x4000)
r2 = set_tid_address$auto(&(0x7f0000000000)=0x79b)
move_pages$auto(r2, 0x32, &(0x7f0000000080)=&(0x7f0000000040)="b09d34ce42e34848472ab6ee999fd3f95d6978d14c2e923929dc45256333e415732bf96f0b3c2bf90aa3c0", &(0x7f00000000c0)=0x4, &(0x7f0000000100)=0x9, 0x7)

1m56.998611186s ago: executing program 34 (id=913):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
r3 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8006, 0x0)
write$auto_proc_uid_map_operations_base(r3, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x1c, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vgem/clients\x00', 0x60440, 0x0)
read$auto_drm_debugfs_entry_fops_drm_debugfs(r4, &(0x7f00000001c0)=""/155, 0x9b)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bpf$auto(0xfffffffe, &(0x7f00000001c0)=@query={@target_fd, 0x8, 0x3, 0x5, 0xff, @count=0xe35c, 0x0, 0x5, 0x80000000000006, 0xd9, 0xffffffff}, 0x6f2)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000880}, 0x20008000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff)

19.925202231s ago: executing program 5 (id=1098):
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0xa, 0x2, 0x3a)
bind$auto(r0, &(0x7f0000000040)=@generic={0xa, "2c551d00"}, 0x66)
openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
clone$auto(0x1, 0x80000001, 0x0, 0x0, 0x8)
r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$auto_NL80211_CMD_SET_CQM(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x1c, r4, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40800)
sendmsg$auto_NL80211_CMD_SET_MAC_ACL(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x90, r4, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'geneve1\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_MAC={0x45, 0x6, "5128266fba189a86d0f8919db2f71c6a3ee6ef63c4f51d4fceb1e57d24c74a02b79d9cde9fc8cbabbae13411e5865bd5cca23ebba29446d4ced557e2b7d1f1b9ab"}, @NL80211_ATTR_BSS_DUMP_INCLUDE_USE_DATA={0x4}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0xffffffff}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x1243}]}, 0x90}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000020c0)=""/4093, 0xffd)
r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/query\x00', 0xc0001, 0x0)
add_key$auto(&(0x7f0000000040)='\xfe\xff$\x9aS8\x93\xa0\xde\xf3#y\xf9;\xe2B~j\x13\xa8\x83b\xc6hSP\xba', 0x0, 0x0, 0x7aef, 0x30)
setsockopt$auto_SO_RCVLOWAT(r7, 0xc, 0x12, &(0x7f0000000000)='/dev/udmabuf\x00', 0x7)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80001, 0x0)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x118, r8, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_SUPPORTED_SELECTORS={0x10, 0x14e, "d8baba8b2848d2d314ee4f7c"}, @NL80211_ATTR_MPATH_NEXT_HOP={0xdf, 0x1a, "f86ed9b0d70c4ebabb7ef6d724512e0d72e509fa0dbeb40ea92d61619addbb8f058e623b5bcaf698f2824a9cad4ef5d9013d29d87a41e7955611cfc1b9969699e77f4c6bf8970c02d52827c540d463fad2298b128366a6b615309b560775aa65b816f2077cfcf41d9cfaf08945cf5cebc5b28f81cedc44f3168e8b5ef43ebeb83c361099b1c8f2378c2198162f56ff544c3c70b5dbd2496e6ca166931d6df89c7b0332a5e34255de3a94c9c3feeed1bf49b19308754b7aa053d326f72801266d7f34baa6f797118b390c879a6e2bf370a4e1f81d3207f178b24881"}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x4}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x118}, 0x1, 0x0, 0x0, 0x4890}, 0x0)
ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0)

17.271954982s ago: executing program 5 (id=1104):
mmap$auto(0x0, 0x3, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x80000000)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x5)
mq_getsetattr$auto(r0, &(0x7f0000000040)={0x5, 0x7, 0xffffffffffffffff}, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638929210, 0xffeb)

15.082403061s ago: executing program 5 (id=1106):
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0)
mmap$auto(0x0, 0x10005, 0xfff, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0)
socket(0x2, 0x1, 0x4)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x212481, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/wg1/retrans_time\x00', 0x82, 0x0)
write$auto(r4, &(0x7f0000000040)='\xd9\xc8f\xc4\xe6', 0x80)
ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0)
madvise$auto(0x0, 0x5, 0x15)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
r5 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x307082, 0x0)
recvmmsg$auto(r5, 0x0, 0xd, 0xc, 0x0)
mmap$auto(0x3, 0x400005, 0x10001, 0x18, 0xffffffffffffffff, 0x40000)
write$auto(0xca, 0x0, 0x2d9)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r2, 0x0, 0x24048810)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x6fffffffffffffe, 0x200007, 0x9)
prctl$auto(0x143, 0x0, 0x0, 0xfffffffffffffffe, 0x5)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)

10.726140952s ago: executing program 5 (id=1110):
socket(0x9, 0x6, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x22, 0x3, 0x0)
ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
write$auto(r0, &(0x7f0000000100)='/dev/audio1\x00\xf6\x89\t\xb6t\xae\x12Q\x15E O\xd8\x8d/\xd9\x13\v_\xbcTd\xe0DS\xef?f\xf1ou\xa4W&^\x80\xb2}\x96K\x16*\xa0\x10[8\xa3\x86\x9a3\xc1\xf7\x89x; 4\x8d,U\xa2\xd8\xd5\xfd\xf8\xd8\xb0\xe0W\xad\xe7\x05l*\xc5Z\x8d\xc88}n\x81\tK\x00\x12\xae\xff\xe5\xf1\xb5w\x81$\xd4\xca\xbe&\x195\xc1\xda>\x8c\x89P\xa1\xdb\xb4g9E\xc8\x92\xf6m\x1c\x9b\xebAzeI\xcb\x16f\xc0@\x978x\xbe\x15\'\xc6d}\xc2\xd3\x9f\xc5F8\x15f\x90\xa2\x84', 0x6051)
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
timer_create$auto(0x3, 0x0, 0x0)
io_uring_setup$auto(0x40000002c55, 0x0)
syz_clone(0x1000c00, 0x0, 0x2d, 0x0, 0x0, 0x0)
r2 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x7f, 0x0, 0x0)
readv$auto(0x3, 0x0, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x00', 0x80000000)
mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0)
shmctl$auto_SHM_INFO(0x0, 0xe, &(0x7f0000000340)={{0x3, 0xffffffffffffffff, 0xffffffffffffffff, 0xff, 0x4, 0x2, 0x3}, 0x0, 0x4c, 0xfffffffffffffffe, 0x6, @inferred, @inferred=0xffffffffffffffff, 0xf29, 0x0, &(0x7f00000003c0)="783374976bc57458676fe4a6a582084b6d5e5d59c35a97ed9276a2f21fdda9c700c6d5eca67f66bab1b05c1e49957dea0025b585bb057a8f5bf807fc285a0572d0dc6dfdca791b75b7167599982b7cee52b42e74002846d0c276f2175280ee0e33e3e2e0cfcb3f16ae4907eab39d01e2963e24fede869a4b7a09ed0f42a063d9cb775429410fd06da2cecabb7f5e0f125ec0c0ca7ec14b6359c8513eb3a7eab8c4b25443aa9f6b011a956658e8fa4cd0b76fc8ac8d9b501730f14a09281c7a27944566a76147f02fa174a98d816388c68c2152e6da2d0ab68b4fd78a4b5b7c84385a35fd96d756710e68fe408649de155873e8228600db7bcffdbdc278388c1020683d6b98230f505e153a18aa12cef39e8f38de9541c0fea029556d7798c786a936f99bdcd53894ee01d9fdd55962b4f81f600ad2e4916055ccce239e0ef28b40ad666b06a825cf777d9133f59bb47434b62c72488fe683b21b260046c3ec75c68c387dffdb7a9269b9e8eb282580ec716d7c7249f19b276cc26486f673ca203dfb6ed588ac60c178777898f8e04ee675542280e3eedbe859aeded747052c7c144ebc3526", &(0x7f00000002c0)="cae4ce1b68d04a281469c9e7f0050860b0a7f842f305f203f9321d4dc5cc51f08bf1b972b76d62bb6b152627ed5db9e04c6b387d5c92cbd50030164d4df5116e3037f05ef282e8"})

9.06563654s ago: executing program 4 (id=1113):
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0)
mmap$auto(0x0, 0x10005, 0xfff, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0)
socket(0x2, 0x1, 0x4)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x212481, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/wg1/retrans_time\x00', 0x82, 0x0)
write$auto(r4, &(0x7f0000000040)='\xd9\xc8f\xc4\xe6', 0x80)
ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0)
madvise$auto(0x0, 0x5, 0x15)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
r5 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x307082, 0x0)
recvmmsg$auto(r5, 0x0, 0xd, 0xc, 0x0)
mmap$auto(0x3, 0x400005, 0x10001, 0x18, 0xffffffffffffffff, 0x40000)
write$auto(0xca, 0x0, 0x2d9)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r2, 0x0, 0x24048810)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0x7bdb, 0x19)
prctl$auto(0x143, 0x0, 0x0, 0xfffffffffffffffe, 0x5)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)

7.883104201s ago: executing program 6 (id=1115):
mmap$auto(0x0, 0x3, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x80000000)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x5)
mq_getsetattr$auto(r0, &(0x7f0000000040)={0x5, 0x7, 0xffffffffffffffff}, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638929210, 0xffff)

7.141759535s ago: executing program 6 (id=1116):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x7, 0x7352, 0x36, 0x65f, 0x80000001, 0x7, 0x3, 0x2, 0x7, 0x7, 0x4, 0x4, 0xb4, 0x3, 0x9, 0x10003, 0x80, 0x8, 0x0, 0x7, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, [0xc, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x4, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x6)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x801, 0x82)
r1 = socket(0x2, 0x3, 0x1)
connect$auto(r1, &(0x7f0000000040)=@hci={0x1f, 0x4}, 0x2)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55)
mmap$auto(0x0, 0xe3b8, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
fsconfig$auto_SHMEM_HUGE_ADVISE(r0, 0x2, &(0x7f0000000740)='/J#)\x00', &(0x7f0000000780)="8011ccff355a1a76182e2efcbed39488acb6b599e9aba20dde819547a3c1b89d0087e5fed8e61ecf29dbc0fcd1dbc1ccb3c1d3ddeec5880c3318ac0207bd4cbc7f9df7d60e90f376929cb8a8533cfcb5dd30bf604a1314af5132d43bad285567cee732909e0489ff375e83f376d7481336ab6fc6144db0e71cec134e20f6c50f03943154f73eccad67a3397d4b5e28c0ccb69dba30cf70c6f5418489d3fd927f349ffb0ba76a7a1b2b7e12242ed175d87baa7cab7d78c15ded720052299c909902b3613d6f046f8110740081aff70fe5791b810b0296ef99c9e019ac71e0ea7ce9e804731d2658bdf8dcee3f93154856e7932f7f482f4f7a928fe30272a6e68ea642e4fa5168e61226092880bbcee0342eee3b6fe38a1e545cb7924f61f1ef1065727933412828ff7c7071e8260f5caaa4a519c5f2eb1cd0338f4c6108a94c406fcac9c38ffd37ec2901c8e6c877399b9bfd1beedc76e7d2e269392aaf4c918106de5d6c0960830c201fe28cd90533c4bab4edc7c681cce79e8675f1a60af95e20b997f6f4c85a853c1c8f32bac9e7703ba1744e8897c36e4646c88ee9ce8133b40b931a58e3a4b02f7138aa7e1255792fe9d0dc7b719f4b7edd729ed847090d87bc36222be5a1a42003a30bd0578629b0cf3abd2f0cbedda86e22662e7bb8917f561435e75742c52e7ce8457b36f416b5e68f4c1059c685aecf97ed3ced093791be0381580273bc1ee526556ca989b423f298fe808e15056486225f01dbb5345b3289113bcd9a9eafd9e833302146f68b49b73f73a673774a7f3dfe5349cd370df71d55f6d435a2e2886fc93c22b4d53c496d14dc6f599c9849f9f3aad301b9ad68fc5048f6ed00011165f8fe43d43e38bb784618ab6d628eb567854d92a2344ca0b2c6aee451f5c35e8247cc67d6ac1ff49786bc7dd58d9de91f97f00685660d337883de7c0d560affee1ccbe6845f64736cdd2e6c93f5e304ace5d3d3792360617a6ee00470d6a901d0e976205a3fb9f6824b6fdbcdbe903451c402956689bee12332fcfcb92580e1ec6ec4573c84471d104405571d3806b306bc430db529b5b1f236b68b75f204c1f4c5beb1c585e10d6a81f91a5f612e1f3750f1fc438c6885300803ef0f25796407d25711c02f4fdd3d8ca82a67647fc88559131b9d30df90bcd465cc636c5438bfd0149c9fb5ca3c776684454ec831c68be26f22b05b182044be7dc28180a5c1c9b5c28a082fa8e9d7dfdb664a49b79360c7e9ed5439b0b1efb96f40abead2ff9d8e95aa3c46da6666a5b1cab585850fc08af119a74676e9b82683f469ff8f66cfe70e29a12163282154f9c64eefbf442a9e695c688a3dc2e0753eb179b315c69086eb079834d84e2940f0adec0f5d1ff377f46f7f7bf951ed7714ca600adb20660c8de905a22a3230accac06a006c4970d63c468bf090da386828a9084da93f5e84ce9987e512858d6da856d6f3cf7760cc0dc7bf4d42183095679abe7f64d22b08a77725f35ba3425f14c1cdb8949ccb364e0fa24085641325e4eaf095e0680e0090073152176fdccc2e2c51123beb25fbbd1dd33174cebdd068f7026dad581bf78bf9d7d44db11fc44d92c7e606c820cb9077bf646131fa12ad7505fa22a0c690e830e4df8267f0625fe3b7f56a0ffef1d763e14a3ef8bb5c79e76d970ef4d8fdada5efe38fe4fe9495dd910248895a7abb0fe24e8960796a4ae6c64f01253c28e23d9ba046b508f821ab1407687c4cdd198d3ce4d48b15d82541a2af6de067bfdecb1c9e7090d7aaf4e958fef4fab75712135013d5a3b50f28d81674005a663bbcc1a5f064fdb866d5bb9feb515624315747bce8478df46d72192c80f5a060d6ec68077843c5639f7034584eb4b6962d9e0d00e3d57fd53f5bcde64d9a810a908d8a94e95e96a8187c0223f749e624520e4630e60309a59357a41e55d32fb1e4ad83a3b43edf50b7eac759318de4a80cf4cf853f597eb922b45db8414b0d9b77dc51a70f419fbea23d14d984c2a8f9d9ab8660c46f3e3c562ec34f0b2e29e0128d7618ac86b55e3fa2c8af9e5e99d6481f5d010704d4a37b56175d36c3123e1c05c33f8b37613f54d195307ee361ed251636774b51356f7839cd96e607060ae18855d4164b3a30c6a3dac628bf2e6a58d88611928828b75b9e5ee8e864c4e1c580b435b43bf7f7afd677c8d6b82af8cf98244ce3b24473f6184e6fb4b2e1dd1039f07c943670cee41a5e288a9fe81755456be400c9313c776ad13f336e1bc22317a3af2b16062b9fffc6ce52970b5747d6187a25c396ffd0c1854fcd36a76af2eb952b436c91774ee92d97edcc33fcbeab6cd0e5cd6e74b751a947bd03b8ed4f841ac2e1e29bddcde381154dde1643e9877e912c7354c4a28d2daabaecd1a989e1dcd978334c0b6b8280d58bf754259e3060a88c7b4485c737a5365cf779916241f7314fb82398f00e1efd63ffe4ddcf94c428a0bc3274edcad68f531faaf1d655fa16fab34197cf5bf1c200f605f7e1446a9f120f0697aaae1072d41d982b18fec86aa17787bd4d382f613171be3e9dd56302be14b46142969cc7c9fcf452db0c33c59299bb3d95a22c55d830febff69d75d551204b48f325bd0d966a07a7f621610a5491a0db3161c3cf332e2672d43768b785cecc165377153aceadfd4713087c09de227cfcd48c6070a1235bd8c23aa77e72d160ffe96716ae8c8d2d09e827b2e514aa300ee5ecaaf8fb7399e68b5d85fe9860b8db399bc9cfb0cee8a6d1731c67efc21b6d41a5b025f3a01023b7cf12c3dc82d9e0620fa0d6a9bba838d222d315e76bcbfb708e90d6c3419f868531c7368bcd72454d4dc76048709a5cb9203bd36a407bd4b102a45a52fb18849d5cb6be8639f097c692aafdf129d61884585c1626c76d463a725daed06df4e04b75ffcf6e751a03136495662443b0db436014ee3a20540932d7c71baa2ae91a6811847f16c70833776238135cde3bdf484c718c208c5012ebceece6ccc4d55f807c33f4937d49fc7a8f49ab33f710ecf3886c1df27cc67cecca3febf3f8a6ccdf38545fbb2396721522fc152383016b12b2b63cb4e3a0451a488fa04e74a4834f540bb3ae45e6a779b72cde671735bdfe2f0db1149f8b57daff691c66bb25307deaed422b86c2ec2ec6f57d5b9b0b030e4dfa562f6ef927ca90a78da3dcb767e43ff3b8e255e0834d19d64dd97c2eef0a9ff4a81927aa3f29cf63143e5fb484e437b26846bf041e61dfac5e4623a4a2667a352ef1d2445c1a476836f4454f7548e500e9916b4d347ddfa9b9a649ff562242a74e88920e0b113162f96609217f6f0788b5ab6c9441d309661a3b551cc06f63277e33585fd88e6824390962d61c24b2ec839b2624fac0fc40c10364efed5d48e7d46b1a3a9634a9f07b1df236adc1578b2b31a7de0813899108e8e84a81d913fde7f876602b154278d4462142f8098787085c002c936bd855260a551c9ba4b15e60454f2118093c865f0d8d890af566e69280e1b5dfcff03937c963023938f9f3cc64a78396798f3796a1b674ce3db6cb6d27906de28fe03e331bd0e69f8e972407631264c670f811d2c17362ba4d8f9d8d09d102e3daf39e14e3260685f7009fa22b622c45c31204a0ff57475c72783d12b0cbb3a66cba1e11f19d7e21971bfae7555d66bdc30eb56dfb46cf8488e978321bfad85c58d991ab6a0166dba0abdbf2f5274046447763b81553dab91c2621adb723f0266a39661562e07a5a7580c8124b096d5e6d1eab102ff7453a635d18554a861d4dfac91015becdcd790ed646c64b86b111e0daa53c33d102b3925d9314ae01a9d88d4e55d4b381018b447a13a894ad13186157be22eae0b49d18d7a6f1dd8e4b9ba852e8ba571d797d936183d90f465ea1a90fdc2d2f6f2fe2728d58afeffa1a98b975a55a19a3228681f4f38050c7d5872a1f818ca7c05336f49a4bd34d4abade7d9cd778e9f73160e95a41b22d9529dde3440f05d009578370e542ca28ed4f5b0bb890603c0a5a56aa6dce6d80a9f27d371348c1eea90462618ad4dd3d36e0b4d69a5b8fe92936da237c929159c63a012bbceed00a1e854a12521321b2fa45a226f1d6aadcbaf6403452541380fb800a6dd3705a5bb156c23f766a5a7d983eea3e16d8515a2e4e677c0baba1e859912f7f5cc3761fe04d3d81978cf232e0c8841a47f4e0924f917116badbc66c0ed93840b2875f36899e253d31feafcfb8a7d314a218c187d9cd12e6ffab120c17247f4598ce06ad8eca3bd41f8cb581ed4f712a3b18c4157af109f66f74512550262fda314aeb7b5c9b2b0d09fc50807c5b405f80458ce1c45bf8e852fa90226e62c31a04fce406730126c7d0ecc193e274f8cd1c7bd968d2428f7d63b1a771ac83c8ea424f3117b0d9980c76daf6fdee8c825d75466392d54993f9869237efa2fc50ade86c1d034ce3836ac10a9b625caa15f5c9d1d1f710a47c4bb2f43e83de4009b52b91d502231768b9716405de33a2ecc58be461f8d9d3edde3a5ec0b7e45502f9f483d3972ab2d651f43ec79cc0b5ea0811082d7885bbede85c8a821973270cfc7d000a336c09ae98386792ea5c344472a6c8e940b1e413a6064449b83c1714f2bfb347b8cd13316fff55f6982a651f4955ae8dd37b08d8111be5d83b32ff304bcf784b96172e836689842353cf28b37d3005fd6c7de7e0a621b191fd9494bd971da32f6c966173cf8f44d71f6d0a0a1603bf54027ff095874ba9fb07f2841e08a94aab4998b5b41dd612a1a28c443c3e909c68d539365b8c00f72abed275b7a1de02ee23e60b3d2d4459df81aa807aed8461561434adcdddab7337308b398d5904cea1da4e9415628e7c1d2bd2394bc2458bcde05c79c2d588dee5afd1b0d9000d4dd30bfc3c3578b2179bf698992c9c54846cfcce05d653e386988dd6c2e0a6f7e2124bfdd0ce3ffb7e3c7c5f164efdd228dcc52aad3d00ec4ce78e6a67a217e201239b9673248a1061c2e2f627562bca100d750734903c1ba03d4f2959e57c0cccce6d21b88a709e0d18b904b719773faf0a9b2789443d4150f0312c08696504903c860aa22512a4d1804aa568a85fb0df2b083aa848727ba151ef44ed4fa3e4096ce2cdbac5b414002be95763ae5a206e5f263aa1ab24922738f2c8bb1f6e887b18c471644464895078a61912d538e66be3b37edef49028d57b4ee36e9b7ee96967c9155a749dc96c0719a58406aad5de37731ddd11781436eec9af9b248e1177a27db9f58638af7fdbd33b530e4e4670dfa8548f36bb0bea073ef3e94614097287b9e0516f975d7fe9f437ecb7aa78c8d923f07a1c803439021abd69cb798fa82a00dc9267af65f22b1b30572c2efc44f9fd6f84515ee8d119a637f8204aae9da83828dd85857ae23cfd051362f784394554280ea0e6fa20278be010b497774ae377a4d6217da5d43a4d66707a102deed0ed6b1e482c56ee89bd62ba5a6713f898f81c6b1847c771397b556336a55171dde7eaa6cce09aec3c5de887ae7ed26c047654be0834a9b57a081a7c39507385e795ac510a65161b4d0c3bd6aaf3db15d77a15f2ad83d4fff4e958ee859e3e3e6be7baabe2bf47c574f99ec48cb0f48128d028d2fbe78bb6d97a0eebd9b42b7a4cdcb41481862fda3dae49f3f5ed503594c5b491bd7a14eb6cb2bf6dd6cb755f86bc66ad2e1a0b95b0742dc445bc7919a327b805dcabfd5265d554082c10055d8887799f68f08e4ba1fdcc0957397bcf4ff639a4fd047684c7b1", 0x3)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendto$auto(0x3, 0x0, 0xfffffffffffffdef, 0x101, 0x0, 0x1c)
ioctl$auto(0x3, 0x541b, 0x38)
shmctl$auto_IPC_INFO(0x1ff, 0x3, &(0x7f0000000380)={{0x60d498c0, 0xee00, 0xee00, 0x9, 0x4, 0x5, 0x5a46}, 0xd6e9, 0x4, 0x5, 0x7fff, @raw=0x1, @inferred, 0x80, 0x0, &(0x7f00000001c0)="8d46acf785", 0x0})
capget$auto(0x0, 0xfffffffffffffffe)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r1)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0xa, 0x2, 0x73)
r3 = io_uring_setup$auto(0x9, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7)
close_range$auto(0x2, r3, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x742, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x94)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)

6.314768723s ago: executing program 1 (id=1117):
r0 = socket(0x1f, 0x3, 0x6)
r1 = creat$auto(&(0x7f0000000000)='./file0\x00', 0x1a)
r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000040)={0x0, 0xffffffffffffff80, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x40}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2000000}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="13002ebd7000dddbdf251500000008000300", @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894)
newfstatat$auto(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)={0x6, 0xffff, 0x1, 0x29cb795c, 0x0, 0xee01, 0x0, 0x60, 0x3, 0x1, 0xffffffffffffffff, 0x4, 0x0, 0x100000001, 0x19a900dc, 0x200000000000, 0xfffffffffffffffd}, 0x10000)
memfd_create$auto(&(0x7f0000000140)='netdev\x00', 0xffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000005c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000580)={&(0x7f00000002c0)={0x1c8, r3, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6}, @NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_CQM={0x1a7, 0x5e, 0x0, 0x1, [@generic="ca309c8d3e764df88b5b5c8e5ce3f837f81952a8c094dc6e87146f0d8164a8c1b2e5ac46570203ab881ca3056519ee3336c8e2b64d869a664ca30ab57bb1f5ad06acfd66661298528d8ee67502c1e48ccc0f8b319d26f1e841bd4aab3a935b482240e4dec2b8ddcfeb82189022086245c58d9fa27749d3dfb2625c2d484cb501468498a03653b4b94520e4f7a10aeb06718112377f49ed805018f19daf94e572c23d61445734d3b2833c4744bf65f43423d37b5771e521e4597e5907e3b6", @typed={0xb, 0x13b, 0x0, 0x0, @str='netdev\x00'}, @typed={0xc, 0x100, 0x0, 0x0, @u64=0xffffffffffffffff}, @typed={0xa1, 0x2f, 0x0, 0x0, @binary="cfdaa7b60fc99d860d68602057fda04eaa9789808cecf1d5f86cfc83cbf84c015372477cc54a75a65f36f0a5436b1df471b6a62d49e33e12cc233788131c5b9dd7d026307f1cf1bdf0ff9ae55ff1a77c99c6ee849dfcd812128f8cf862df67678a9df8b163116d9a1f1211d259a5766264c0876f4f11305f5b05e44501c11d87d233eb119ab17ae9610466551636714336ffac280ca612a6b5ad7532c3"}, @typed={0x8, 0x52, 0x0, 0x0, @fd=r1}, @typed={0x8, 0xa6, 0x0, 0x0, @ipv4=@empty}, @generic="befb1c21ebb3e8d2b8506b9eed4a3077575aefdcad9baff446"]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x860}, 0x40040)

5.742074092s ago: executing program 6 (id=1118):
r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000000c0)={0x18, r0, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}]}, 0x18}, 0x1, 0x0, 0x9000000, 0x40cc}, 0x4048000)

5.55256657s ago: executing program 1 (id=1119):
mmap$auto(0x0, 0x3, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x80000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='/\xc8\xa5\x83\x1c\xe0\x8a\xeb\xce\xfb\xa8\xe3k\xba/>\xa7dev/audio1\x00', 0x100000a3d9)
sysfs$auto(0x2, 0x23, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000008c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x2, 0x0)
socket(0x11, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r3 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r3, 0x0, 0xc3)
write$auto(r2, 0x0, 0x4)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0)
close_range$auto(0x2, 0x8, 0x0)
select$auto(0x79c9, &(0x7f0000000200)={[0x10000000000000, 0x8001, 0x4, 0x7f, 0x8, 0x7, 0x9, 0x7, 0x10000, 0x0, 0x3, 0x7, 0xdb, 0x8, 0x5ae, 0xfffffffffffffffe]}, &(0x7f00000003c0)={[0x4, 0x8, 0x8, 0x6, 0x7, 0x5, 0x6e97, 0x0, 0x0, 0x10, 0x80000000000588, 0xff, 0x7f, 0x8, 0x6, 0x80000001]}, &(0x7f0000000440)={[0x4, 0x5ee7, 0x7, 0x8000000080000, 0xffffffffffffff01, 0xffffffffffffffff, 0x400, 0xe, 0x2, 0x20000000000002, 0x9, 0xbf87, 0x0, 0xffffffffffffffff, 0x3, 0x81]}, &(0x7f0000000140)={0x404, 0x1})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
getsockopt$auto_SO_NETNS_COOKIE(0xffffffffffffffff, 0x7, 0x47, &(0x7f0000000380)='-\xc8\xa5\x83\x1c\xe0\x8a\xeb\xcc\xfb\xa8\xe3k\b/*\xa7dev/audio1\x00q>l.  <\xb0', &(0x7f00000001c0)=0x9)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
mmap$auto(0x1000, 0xffffffffffffff00, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r4, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}})
sendmsg$auto_IPVS_CMD_SET_DEST(r1, &(0x7f0000000a40)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x20040011)
setns$auto(r2, 0xfff)

5.549421266s ago: executing program 4 (id=1120):
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x109500, 0x0)
pread64$auto(r0, 0x0, 0x8, 0xffff)

5.544631762s ago: executing program 6 (id=1127):
unshare$auto(0x2)
io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x8000, 0x6, 0x7, 0x8, <r0=>0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x10000100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x8e1775a98c704b81, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x7fffffff)
r3 = prctl$auto_PR_SCHED_CORE_GET(0x476, 0x0, 0x0, 0x5, 0x7)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
read$auto(r4, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x420802, 0x0)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x80000000004, 0x7, 0x15b61f2, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0xa1, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x3638, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe1, 0x5, 0x6, 0x81, 0x401, 0x400000000084, 0xa, 0xfffffffbfffffffd, 0x6, 0x800, 0xfffffffffffffffd, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x8, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0x5, 0x9, 0x1fd, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x9, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8008000000000001, 0x5, 0x1181, 0xf057, 0x40, 0x5, 0x7, 0x2, 0x8, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf6, 0x0, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x0, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"})
unshare$auto(0x40000080)
mmap$auto(0x10, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x80)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x668381, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
shmctl$auto_SHM_STAT(0x15f, 0xd, &(0x7f0000000140)={{0x10001, 0x0, <r6=>0x0, 0xc, 0x3, 0x3, 0x6}, 0x5, 0x9, 0x0, 0xa, @raw=0x4, @inferred, 0x0, 0x0, &(0x7f0000000000)="a92cc5b95cbadeeec0c80a78f129b552aff38f501076b376c850e3181d7ab078b9c2a74d949545259b5a23079c5ddb423ec48eaac2ce48768e1e", &(0x7f00000001c0)="899f6eff"})
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
setregid$auto(r6, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x12000000000, 0x9e, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8002)
write$auto(r3, &(0x7f0000000080)='$$\x00', 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7)
timer_create$auto(0x9, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000)

4.886090875s ago: executing program 4 (id=1121):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x4, 0x8000)
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0x14, 0xffffffffffffffff, 0x8000)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/flags\x00', 0x301483, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto(0x3, 0x40a0ae49, 0x38)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, 0x0, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0xca, &(0x7f00000001c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', 0x2b)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
write$auto(0x3, 0x0, 0xfdef)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)

4.237828454s ago: executing program 4 (id=1122):
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0)
mmap$auto(0x0, 0x10005, 0xfff, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r0, 0x114, 0x2718, 0xfffffffffffffffc, 0x0)
socket(0x2, 0x1, 0x4)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x212481, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0)
ioctl$auto_BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/wg1/retrans_time\x00', 0x82, 0x0)
write$auto(r4, &(0x7f0000000040)='\xd9\xc8f\xc4\xe6', 0x80)
ioctl$auto_BLKTRACETEARDOWN(r3, 0x1276, 0x0)
madvise$auto(0x0, 0x5, 0x15)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
r5 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x307082, 0x0)
recvmmsg$auto(r5, 0x0, 0xd, 0xc, 0x0)
mmap$auto(0x3, 0x400005, 0x10001, 0x18, 0xffffffffffffffff, 0x40000)
write$auto(0xca, 0x0, 0x2d9)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r2, 0x0, 0x24048810)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0x7bdb, 0x19)
prctl$auto(0x143, 0x0, 0x0, 0xfffffffffffffffe, 0x5)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)

3.795514216s ago: executing program 1 (id=1123):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x82, 0x0)
write$auto(r0, &(0x7f0000000040)='\xd9\xc8f\xc4\xe6', 0x80)

3.133122538s ago: executing program 1 (id=1124):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/7:6/strict_limit\x00', 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/mm/lru_gen/enabled\x00', 0x2062, 0x0)
write$auto(r1, &(0x7f00000001c0)='n\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000100)=""/60, 0x3c)
setuid$auto(0xe)
r3 = socket(0x10, 0x3, 0xb)
bind$auto(r3, &(0x7f0000000040)=@nl=@proc={0x10, 0x0, 0x25dfdbfc, 0x800000}, 0x64)
r4 = socket(0x10, 0x3, 0xa)
sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x24, 0x0, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [@NL80211_ATTR_KEY_CIPHER={0x8}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r5, 0x80204518, r5)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x20002, 0x0)
read$auto(0x3, 0x0, 0x80)
write$auto(r0, 0x0, 0x9)

3.06583003s ago: executing program 5 (id=1125):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYBLOB="040006"], 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x800)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), r0)
r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000005c0), r0)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000001d40)={0x1030, r1, 0x8ff972b65c311bf5, 0x70bd26, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0x8, 0x3, 0x0, 0x1, [@typed={0x4, 0x137, 0x0, 0x0, @binary}]}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_OFFLOAD={0x100c, 0x9, 0x0, 0x1, [@generic="e286ec06496b89f2bbacab08e973d2e7d86222f24830e4260cdd35c2969e5709001d489abf8269680e60f1953a75fcf4adcb59f5ec7c1e45f38363ec9cddecafff673f017dc8c52042654d7aea997086fd56c59dc82bcb9367ddbf7ad99f6ae3c9915a76768db01aca823d88db62ebcd6b26b56ef08fe31500d06f03056348d8516585a5f4c75f39f725df25760bb09b11e892f87745aca6b5a0b38ec418df2a73442967844f0f30a075c29fadb2495102158bebf801d876ee7eaef92ed031bfaefe15e8636230c9e347999541ed482785097c28da7339e4a4e11c953c7cb1f5f852cf351a75e80496ce96f50518fceabfc1e93bf73c3b3bc82811f67fa9b3f59b867a5dc25e55c4882d5a041003f0b773875983f2a9d865d5a3424392e5d33730684e9842ec4e25cc1156a22e1ffdf2b3188e5759c260762a5e6568e9b43cb6746e8683223b548ad192ec628346f27749bfcaa13770f0801105afe13503f7def5cb74883f713cd7cc38c294109ad5601539fbed801b2d1976660ebc4e636675ca6a65d3c0047faed756bb5361ff4a323d5213b685c96f06acb56069aa48363d1db9a26606efcf87287c0b7ad54928e09494f79974b9783a2561716147ad2517fa882dca905fd8d15491d8782a673b394f04cdcf0a362ba19e0aa5652e868a421fce1df2f12e450fc17e8852d2ec7a636c589fcd72264dbef69cc19cdd816f514a8ecbd4a5eb0118445ab1d4d73107b3de774e3208017ae41ca48d491cd18b604552fe4ca8f6f980d7feceedfd9a6a695bd72dffb3cd74671247809bc6ddfbd69df9d1eac7e1aea99cd17e40932cd551db40fb15fba4541dedf0121062e6ddd4fe36c5140dc162ac2cbc0e985508ead04117bebdb9239749b401fb593268a4d67e5dd3ba70ea843c7a67fb48314a581440235f5150df4972313a4357314dae4a997d53917e4ae9b16cf92f4a031bce3494e3576b91d1833664e7f6e5193f2df271ee0a6e2625d442bd62e94dc4337a903db0f61e597374d8a1c494dedc72408c9ed5aac196697023c67e301c71de229b2ab2c795389dd4fbaf750c4c6bb117eea895c0241c8156ee33b83c6e4e27d37166d67ac4d67e61ef97f254dfa508f1b6b1f45fb19439cb5d2cb539cf3664f8106ac17bd9bfe2db9d61f4940a69af9063bb2b0c48759cd20a36a93c85b3c2c8bb978635c926031d76d1adc8feea462271d7559dbe735169dc4b48f42314539e505b57b9b8bee527374f6effa17e293f1a3890af00aa0749645a0ba329782f5a57ee0cb42d7dd061af9ae0d0e5fd6d01cc82c7a7828da4691b051e9cc79e23c4f80a641e8b026fcafab71bdb654dfafac300096c96dccea94f6e277c077fef9f422b6ddc8b8a533f4aa8cb1f37b02ba844fba283b722d8214b2e5d17f6dd27a57ddeb28c2f8a066f1cd826e7db64a71c4055cd18cd840724fd77bbefe1969491ab829f2e35dd94bc7c4fa51a831b743ecdfa93a00a23ae4fb681706b7e47e04241ba7fc369e7c0da6968d21b6855c0a718df88b46c0705f19d1bea4767f7e412fcbc5bf87f6fc25ac8a6f7451a0723141349625bdab4271c62d183829f30f2fa01e82688a6bfee368581d99111f49fb4e3a35aa362afb765fe361e5cfd3ce9929af1669063ce1f6e5babdaa66a077406f751bff67c0f2c7afd8019216311d2bfdc0c7edca326e1c2570b182effad7bf7c22ecf782b4c641bf7b7c5b4316d37cb3bdbbec725ba74175e516980ae6f23c51ea0ff284c760f8fb9b1a4135082083fe9685af4d3966c4b528571b448438c713ffa32440b7974b8db160771ebf633dcb123ac38aa9f073e89e46da00821c487039a8d0e555bb2d779df38f2dfb796057c7df0b1f97d9786f07a164e48f1876de11665405ad258e3a0e799ef8c47785bd2caa61eed09dc00a0122837b2180ed2ba917c7f1501c6b18d80e2659341da947ae9c32631581517b455256327a821a8acf647d71cdf8a4c623bbba8c776edb01fa41e3463448b54c7f2cb29c5accc4d4dc6feae05ffa029a404e8605a2dcf2f9d7e86891d7f2ca24cab49170baa34439732aa3c50f48fbe0d9f003b42534bcc5319e8883611749c6a65b766325aad5204cb8abf712c03d87269f593f8deca7bb42a542ca51dd7be2a99818911be84d5c2b00fdd8178008751702238536c08857ba319bd467a446f70f7f16dbee6f0f6ddbb904314794857acb061751ff8c107b270771998a89afc8044fe70a30a5fda001f01a8d4d29ee3b54d920c2c6f97054c94a295cb614274bbc7cf74533464b8b19fe374a2f42ed9775b010ace47aab9555ac0b25daabd4200329b6681087fa88e0e8acd49e0a8cc9824c0a4ab08ea62632bb9b1bfddbaf4b4355624fe871d058fa8598b3c68352870b2393220a9bec809a8bf7e1dc85968d09c4902677d41e379ffd9603d459c8e74d02ee847fda4352bbdba51fc3e2a143fe730112fe2072e70adbd4a38ee7672d388c2b4a21ced48446a5bee8d909b5f834d105f9a6ce4c2cc7421d13bd198d53f43bae59be37d60e1408db203633a5793699f22e6cf63cab34b1c450aab953b2635ab22daf6b12cd29b82b5fe8890a6a8163110e443bedfa7b198c490a73854ae24584ef2ac4a49425a13d43e401df1692702db4fb9e1d6007ed8ae0f3f1a1d8ac338ba6b871116db5ed78e14aa32b8bee5fb0a2b92ceae54e369160d0f82362138257a1e170dfc267fc0834be1679846ae7309963375cb79c96c148417c15bdb4d24e36c76e3efd036c646951869d63b98eaec4b2e7c795a8628d47fe379e7e9b302dd434212bccc3d260ab9535c50e39a33569069a6502b7394d731868a8d50fb90f7871c9327d38fe2208ec3423d659fb287606f693a0e431961ed2eba40636bad6a8c6a9c824053fd3e516874e580885bc68fcf2714928c7ddda6932148f794a4e275329bb7e49bd453567e4800a1dd9cde7d8748b5f85c5bf3e2016102109daa29eeafbe7209fcde3ee2676662ed30ae690d76810cfa5237954d3fc86e618b605647573e5c791a3b1f2854ae8a157c30f7a05c7deed16ba1ec075c02df691f5b1b03ec9a811fcbfc02bea80b027b1fa8c9857ef20d1b27279455e9c41ce6d9bb9f792d38c15f1b5e3776c68c7d22abc27817d12e948eb4ab693ac4f1e1323da3b834f5e8d2d41b38857f3c26791a841a83e6c3eaa0ca560b70eb611ff574a43ede5e7bcb097ce52454b4eb7a3fc3a61f8e7fa52223cf2c1a1e88c4ecb3f09fd1d2311f3872e3cdc1372a47968bddad6d15e8ce4d168219b33b83edf6e8b6af71a2c4330553d14cdd791cd1a8612f27a5d4c57d610b65a1e60c41cdf01b8963923ffa6acf8d20544ae9847e61e44f20fd4596d3718be72acd19107a3da5a6a815494d8ad7634d87043bf887965cd801ad4625ab22f2a8965f46cabe8fd5c0c09f0bee52884f8a53219f759803aaf69a2f3f5ec1cb4133b8908caaf7fcb927d36e9b75cfc735682ffc66d573da2d44e9b50a595a04394038c96e7790e417405a662dff28e70af26642bf146d7cafc62e47ce4b03a33cb53d314694017347b23ffe389bf3bf10208ada565152fa66a4e7aed511d34745d2e8faa96c7646568ce7898b046294f2599573af36f19b274cda8c1c00ad9892f90ca2411ba42e803fdf8bb057fa8a1a54a8246d8ee03eda82e905010c6a8431c666240fffa65ff85cbf1f2df158a4349b47c274d0840b56ba3bebf2ae63a5ded039b538173fbfc550fd8b89b03355b1dee5691e818560bd2e016ea419759f6af0ca64abce1ad08df07de32379c062078e7ce9b6c412bf31b35c9e1c93370780ace54704a1d69a1348a1c41eee1d34d53d11f672f4105aeaead53d7b12f7dcc187a0c449a59ee23cb9a43ffc6298b77e537c57f2c2261af994715207897d16b87694534a1b164de6ce22494abbe585c208b23ff0ee9f04ee665b0983b68e00db38481f3040166fe13f5f8727034a95a661311f706ff8f368014f60a15c33f723a604fead7427d2cd65ef92c012e8806dae3191217d411e480459627174419b55715f1910ceadd6b27fc1c8637dd8730017ebbad8fa7ae6239e7b4e9fd2137b7461b5654a39bd37fbf58c0d1c12e6d689ab9270e07fadca9c72bd127358fd49d8cb9220ed0c786e166d9fa433d81fc871b7ce44817c767bffb59652a9a0daccc8a874892a83b52e4895459c998763c427d4f7cecb8202bbea3445e65bf160a81b000b2b07ed31b60092ff1f8a06e95a29488cdbbdd13cfbbb3d66eb65a8858a5f14b3c221b052fbdab9337d405912cda10c9734c8e21fc14380fe62a80c8726b87a993ee9e7ea592bc2d5f67e537ec4680a35aef4a41a43b4caf56ae1820784d5df2a9f9700531034c3677c5fc9443dea89e9c3121bf0d699fbacbedec3b62535aadf782523f088d0880392fe653352bbdf4bb66b62c9147a9a2e97da37c41d46e81195264f41d0730a280753026705d509d4659c3cd4e584d581a90ecaab79cf954ed38b84ae2d097bfe6e6a6de3179d81efffaece4a53f00072a0b09d5c508fd7dbdd4328dc6ed7bfd5c34301450e680f6be95aaf8f0be88480384bfc2c4194618a30e50a42c70be8bfcf968e471187006a2aad8d4defe40101a43900a5534af4ad37aad7a1caeb38218a64260b8c19dcfd6a86346f83af37584f107760927986539cd59f7d3209e4441c51c6405c64ca710b33fa42d44401ff5008752f404c08cf7f54938656fd590af1cd793a86d752361d62bd1b4da4a6166e05dce0fcb37edd34df2868d6a5bb45f779c349792ee7ead066c527dfef2b9186498c650f8b03ff7cf681d2aa54da22559a25cc6b7e770881041f42aad2c26bc96486f98aacda0882dac30fa24a746842bbf74a182701266f51cda2f73263dd70e2ab093889fd9affce5ca4fdd3b2c8d51e88115c687b92b4d7be0eff0d530d7496567db9701e75b62217e78a0175929c4a32d3b6ed26d16aaf93d5de3ac8fb322794d820dc1920573626fb645c83a5347c58c8170a19382eb42153a180828aca2a3ff3d3358d6528ee3b62b818f4d4f1d7743b886771551f1fd85a68674ecba00eb16f5c5d70f679f864b0426743218a56f2d05988d8e48c51918e429464456f9a5204999a8b1458ceb4b9f507d72356c718aa81094bb2a517fee9ac57a31dee0401ea02f4c726d4b8501f52a1c52210dac850ce19c1b2f42010c58675494403d8a2a9a24aa9169f825830776e393eca92a8c4e414969e1b9ecb9aa99df7324606711c7fc307794c924156738035f5dbd516fec518d4b3056298701f970149a30ce2a658457910b903198e810a355b6076fd5c52c3458411f2f7fc6b60831ea067f5aca34b3bfa5def5ec1de59383765a00aac76a1cc19cf25817aeb64ce2456d2d9a958efe6f67c56908f2b605546cdcb704d5be3a077c0d87d474b3c982d1fee03b6d0e9f2a13a2a61a06550261e622e55c2f65cc79aa4064554954468e85a8afc451b4d360f8e64f25b7a7ab5eeaa96a5df1d7698f59a8c3d38692d5f2734ce28aa23085de888449431f3919cbf6eb4445d4fcc66d25acffa256354a0152a8609089cd7e8400787a767c2df7f3b117d122881f480c6785d9da5d41d84a844a773a57862f1cb7d4306a23f65e3efac0a4feb4b67aed8df12ba21469f12bc3f683a258ac81751aa863442c5f9ba57e4c8d94d24cf4dfb15d946c3604375febfe67088092ccbc75ed5029947dfc8c5d997b10ed4a472ab4b2b9255f44137a81a11aa4335733b", @typed={0x8, 0xfa, 0x0, 0x0, @u32=0x245}]}]}, 0x1030}, 0x1, 0x0, 0x0, 0x20008090}, 0x4000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r2)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x34, r4, 0xb77b02080cac5bcb, 0x70bd28, 0x259fdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x9}, @ETHTOOL_A_MODULE_EEPROM_PAGE={0x5}, @ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x4c}, @ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0xe}]}, 0x34}}, 0x82)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB=' .\x00\x00', @ANYRES16=r3, @ANYBLOB="01002ebd5100fbcbdf25010012ea03000180072e01805a848d4efe0a6e3148821026af4e7a28a1e7e1af2bae2c7ad5"], 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r6 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mknod$auto(&(0x7f0000000180)='./file0\x00', 0x2cb, 0x4)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x220002, 0x0)
r7 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000240), r6)
sendmsg$auto_NLBL_CIPSOV4_C_LIST(r6, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x9714bc159c570cc}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x24, r7, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1000}]}, 0x24}, 0x1, 0x0, 0x0, 0x8180}, 0x48040)
utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0)
mmap$auto(0x0, 0x2000c, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2.71778081s ago: executing program 1 (id=1126):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
timer_create$auto(0x803, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
epoll_create$auto(0x3e)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0xb, 0x0, 0x17)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
memfd_secret$auto(0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0)
ioctl$auto(0x3, 0x402c542d, r1)
write$auto(0x3, 0x0, 0xfffffdef)

1.825841469s ago: executing program 4 (id=1128):
mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x3fffff, 0x7, 0x11, 0xdd, 0xffff220c11000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0)
r1 = socket(0xa, 0x801, 0x84)
open(&(0x7f00000002c0)='./file0\x00', 0x40000, 0x0)
r2 = fanotify_init$auto(0xc00, 0x2000000000002)
fanotify_mark$auto(r2, 0x5, 0x10000008, 0x4, 0x0)
read$auto(r0, 0x0, 0x9a28)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f00000000c0)={0x0, 0x17}, 0x2)
write$auto_snd_pcm_f_ops_pcm(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE_EXT(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r5, 0x201, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000810)
sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r5, 0x200, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x20000080)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r6 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
mmap$auto(0xfffffffffffffffc, 0x400008, 0x5, 0x35, 0x2, 0x8000)
close_range$auto(r6, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000000)=@phonet={0x23, 0x6, 0x7f, 0x7}, 0xf)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x20e100, 0x0)
ioctl$auto_KVM_GET_MSRS(r7, 0xc008ae88, &(0x7f0000000100)={0x8001, 0x0, [{0x4, 0xa58, 0x5}]})

1.52950552s ago: executing program 6 (id=1129):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
timer_create$auto(0x803, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
epoll_create$auto(0x3e)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0xa)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
memfd_secret$auto(0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0)
ioctl$auto(0x3, 0x402c542d, r1)
write$auto(0x3, 0x0, 0xfffffdef)

448.714475ms ago: executing program 5 (id=1130):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
socket(0x1, 0x3, 0x2)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r1 = socket(0x1e, 0x1, 0x0)
r2 = socket(0x1d, 0x1, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000300), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'veth0_to_bridge\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r7)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r8, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810)
sendmsg$auto_ETHTOOL_MSG_MM_GET(r1, &(0x7f0000000540)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x450000}, 0xc, &(0x7f0000000500)={&(0x7f00000003c0)={0x130, r5, 0x200, 0x70bd29, 0x25dfdbff, {}, [@ETHTOOL_A_MM_HEADER={0x4}, @ETHTOOL_A_MM_HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xc}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}]}, @ETHTOOL_A_MM_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_MM_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_MM_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_MM_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_MM_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xe}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xfffffbff}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_MM_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @ETHTOOL_A_MM_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x130}}, 0x4040)
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
close_range$auto(0x2, 0x8, 0x0)
r9 = socket(0xa, 0x801, 0x84)
socketpair$auto(0xfffffffc, 0x1, 0x8000000000000000, 0x0)
r10 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0)
vmsplice$auto(r0, &(0x7f0000000140)={&(0x7f00000000c0)="bc0e6c90aa18e7a675776ee36eb756c0601842e67a", 0x100000001}, 0x1ff, 0xf)
ioctl$auto(r10, 0xc0045627, r1)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r9, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)

340.669314ms ago: executing program 4 (id=1131):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
getrlimit$auto(0x3, 0x0)
ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
clock_adjtime$auto(0x2, &(0x7f0000000140)={0x16, 0x0, 0x294c, 0x200, 0x8, 0xe6, 0x696b, 0x0, 0x81, 0x5, 0x4, {0x8, 0x2}, 0x7, 0x0, 0xe, 0x7e, 0x0, 0x2, 0x10, 0x8, 0x2, 0x800, 0x1})
lseek$auto(0x3, 0xffffffffff800002, 0x10)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84)

95.240422ms ago: executing program 1 (id=1132):
mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0xba, 0xeb2, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd70090000004a0003000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=<r2=>r1, @ANYBLOB="8b632abd7000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r3, 0x11, 0x66, 0x0, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="72010000", @ANYRES64=r2], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r4 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
write$auto_proc_clear_refs_operations_internal(r4, 0x0, 0xffffff4b)
r6 = prctl$auto(0x23, 0x2, 0x2008, 0x0, 0x0)
r7 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
write$auto_fuse_dev_operations_fuse_i(r7, &(0x7f0000000440)="11000000070000000000000000000e0001", 0x11)
process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0)
setsockopt$auto_SO_PRIORITY(r6, 0x6, 0xc, &(0x7f0000000000)='@&&%]*^\x00', 0x7)

0s ago: executing program 6 (id=1133):
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x15, 0x5, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0)
getrandom$auto(0x0, 0x3, 0x80000001)
statmount$auto(0x0, &(0x7f0000000180)={0x9, 0xfffffffe, 0x44f, 0xa, 0x10, 0x1007181, 0x0, 0x62, 0x7, 0x801, 0x0, 0x26, 0x4, 0x200003fffffe, 0xfffffffffffffff5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x862, 0xf, 0x22002, 0x200, 0x0, 0x62f, 0x6, 0x0, 0x0, 0x0, 0xb626, [0xfffffffffffffffe, 0xffffffffffff04ef, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e, 0x0, 0xa7, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x40, 0x81, 0x8a0, 0xb, 0x81, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100002, 0x0, 0x3ff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4000000000000]}, 0x800000000000b, 0xbc)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd0c, &(0x7f00000001c0))
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x2, 0x80002, 0x73)
r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000100), r0)
sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r2, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x48, r3, 0x100, 0x70bd29, 0x25dfdbff, {}, [@L2TP_ATTR_COOKIE={0xc, 0xf, 0xf5}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x2}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e24}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x2}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, 0x5}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e21}]}, 0x48}, 0x1, 0x0, 0x0, 0x15}, 0x40000)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x8}, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
msync$auto(0x110c230000, 0x200001, 0x6)

kernel console output (not intermixed with test programs):

J‚Ùýª‹<½'
[  243.012884][ T8602] vivid-007: =================  START STATUS  =================
[  243.012908][ T8602] vivid-007: Generate PTS: true
[  243.012972][ T8602] vivid-007: Generate SCR: true
[  243.013001][ T8602] tpg source WxH: 320x240 (Y'CbCr)
[  243.013018][ T8602] tpg field: 1
[  243.013028][ T8602] tpg crop: (0,0)/320x240
[  243.013046][ T8602] tpg compose: (0,0)/320x240
[  243.013064][ T8602] tpg colorspace: 8
[  243.013074][ T8602] tpg transfer function: 0/0
[  243.013088][ T8602] tpg Y'CbCr encoding: 0/0
[  243.013101][ T8602] tpg quantization: 0/0
[  243.013114][ T8602] tpg RGB range: 0/2
[  243.013126][ T8602] vivid-007: ==================  END STATUS  ==================
[  243.193976][ T8606] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10
[  244.708503][ T8626] netlink: zone id is out of range
[  244.759505][ T8626] netlink: zone id is out of range
[  244.806982][ T8626] netlink: zone id is out of range
[  244.888435][ T8626] netlink: zone id is out of range
[  244.944936][ T8626] netlink: zone id is out of range
[  245.001603][ T8626] netlink: zone id is out of range
[  245.050478][ T8626] netlink: zone id is out of range
[  245.072182][ T8626] netlink: zone id is out of range
[  245.104453][ T8629] FAULT_INJECTION: forcing a failure.
[  245.104453][ T8629] name failslab, interval 1, probability 0, space 0, times 0
[  245.105122][ T8626] netlink: zone id is out of range
[  245.148146][ T8629] CPU: 0 UID: 0 PID: 8629 Comm: syz.4.621 Not tainted syzkaller #0 PREEMPT(full) 
[  245.148183][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  245.148212][ T8629] Call Trace:
[  245.148220][ T8629]  <TASK>
[  245.148230][ T8629]  dump_stack_lvl+0x100/0x190
[  245.148333][ T8629]  should_fail_ex.cold+0x5/0xa
[  245.148389][ T8629]  should_failslab+0xc2/0x120
[  245.148442][ T8629]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  245.148496][ T8629]  ? __d_alloc+0x34/0xa80
[  245.148539][ T8629]  __d_alloc+0x34/0xa80
[  245.148573][ T8629]  d_alloc_pseudo+0x1c/0xc0
[  245.148620][ T8629]  alloc_file_pseudo+0xcf/0x230
[  245.148657][ T8629]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  245.148700][ T8629]  __shmem_file_setup+0x221/0x490
[  245.148752][ T8629]  ? __pfx___shmem_file_setup+0x10/0x10
[  245.148795][ T8629]  ? vm_area_alloc+0x1f/0x160
[  245.148835][ T8629]  shmem_zero_setup+0x96/0x1b0
[  245.148878][ T8629]  __mmap_region+0x2198/0x29e0
[  245.148923][ T8629]  ? __pfx___mmap_region+0x10/0x10
[  245.148957][ T8629]  ? process_measurement+0x1f4/0x2350
[  245.149026][ T8629]  ? tomoyo_check_open_permission+0x1db/0x3c0
[  245.149125][ T8629]  ? finish_task_switch.isra.0+0x2c6/0xb80
[  245.149175][ T8629]  ? rcu_is_watching+0x12/0xc0
[  245.149271][ T8629]  ? rcu_is_watching+0x12/0xc0
[  245.149310][ T8629]  ? cap_capable+0x107/0x460
[  245.149373][ T8629]  mmap_region+0x180/0x3e0
[  245.149418][ T8629]  do_mmap+0xc63/0x12f0
[  245.149456][ T8629]  ? __pfx_do_mmap+0x10/0x10
[  245.149486][ T8629]  ? __pfx_down_write_killable+0x10/0x10
[  245.149616][ T8629]  vm_mmap_pgoff+0x29e/0x470
[  245.149654][ T8629]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  245.149686][ T8629]  ? do_futex+0x192/0x350
[  245.149726][ T8629]  ? __pfx_do_futex+0x10/0x10
[  245.149774][ T8629]  ksys_mmap_pgoff+0xe1/0x650
[  245.149802][ T8629]  ? __x64_sys_futex+0x34f/0x4d0
[  245.149834][ T8629]  ? __x64_sys_futex+0x358/0x4d0
[  245.149867][ T8629]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  245.149896][ T8629]  ? xfd_validate_state+0x129/0x190
[  245.149951][ T8629]  __x64_sys_mmap+0x125/0x190
[  245.149994][ T8629]  do_syscall_64+0x106/0xf80
[  245.150051][ T8629]  ? clear_bhb_loop+0x40/0x90
[  245.150095][ T8629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.150123][ T8629] RIP: 0033:0x7f308639c799
[  245.150146][ T8629] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  245.150171][ T8629] RSP: 002b:00007f30871cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  245.150204][ T8629] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639c799
[  245.150221][ T8629] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  245.150237][ T8629] RBP: 00007f3086432bd9 R08: 0000000000000401 R09: 0000000000008000
[  245.150253][ T8629] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  245.150269][ T8629] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  245.150306][ T8629]  </TASK>
[  245.438384][ T8626] netlink: zone id is out of range
[  247.027513][ T8652] vivid-007: =================  START STATUS  =================
[  247.060829][ T8652] vivid-007: Generate PTS: true
[  247.065713][ T8652] vivid-007: Generate SCR: true
[  247.167680][ T8652] tpg source WxH: 320x240 (Y'CbCr)
[  247.210533][ T8652] tpg field: 1
[  247.213958][ T8652] tpg crop: (0,0)/320x240
[  247.254608][ T8652] tpg compose: (0,0)/320x240
[  247.282228][ T8652] tpg colorspace: 8
[  247.330375][ T8652] tpg transfer function: 0/0
[  247.370560][ T8652] tpg Y'CbCr encoding: 0/0
[  247.375019][ T8652] tpg quantization: 0/0
[  247.448563][ T8652] tpg RGB range: 0/2
[  247.478321][ T8652] vivid-007: ==================  END STATUS  ==================
[  248.780670][ T8690] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  249.544591][ T8702] netlink: 8 bytes leftover after parsing attributes in process `syz.0.638'.
[  250.376152][ T8712] FAULT_INJECTION: forcing a failure.
[  250.376152][ T8712] name fail_futex, interval 1, probability 0, space 0, times 1
[  250.412080][ T8712] CPU: 1 UID: 0 PID: 8712 Comm: syz.4.641 Not tainted syzkaller #0 PREEMPT(full) 
[  250.412112][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  250.412126][ T8712] Call Trace:
[  250.412134][ T8712]  <TASK>
[  250.412143][ T8712]  dump_stack_lvl+0x100/0x190
[  250.412183][ T8712]  should_fail_ex.cold+0x5/0xa
[  250.412210][ T8712]  ? rcu_is_watching+0x12/0xc0
[  250.412251][ T8712]  get_futex_key+0x1d2/0x1620
[  250.412283][ T8712]  ? __pfx_get_futex_key+0x10/0x10
[  250.412309][ T8712]  ? lock_acquire+0x1cf/0x380
[  250.412388][ T8712]  futex_wake+0xea/0x530
[  250.412427][ T8712]  ? __pfx_futex_wake+0x10/0x10
[  250.412464][ T8712]  ? exit_mm_release+0x19/0x30
[  250.412519][ T8712]  do_futex+0x32b/0x350
[  250.412551][ T8712]  ? __pfx_do_futex+0x10/0x10
[  250.412573][ T8712]  ? __might_fault+0xc5/0x140
[  250.412598][ T8712]  mm_release+0x24a/0x2f0
[  250.412613][ T8712]  do_exit+0x704/0x2b60
[  250.412634][ T8712]  ? __pfx_do_exit+0x10/0x10
[  250.412660][ T8712]  ? do_raw_spin_lock+0x128/0x260
[  250.412680][ T8712]  ? find_held_lock+0x2b/0x80
[  250.412692][ T8712]  ? get_signal+0x7e0/0x21e0
[  250.412709][ T8712]  do_group_exit+0xd5/0x2a0
[  250.412729][ T8712]  get_signal+0x1ec7/0x21e0
[  250.412751][ T8712]  ? __pfx_get_signal+0x10/0x10
[  250.412766][ T8712]  ? do_futex+0x192/0x350
[  250.412786][ T8712]  arch_do_signal_or_restart+0x91/0x770
[  250.412805][ T8712]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  250.412828][ T8712]  ? __pfx___x64_sys_futex+0x10/0x10
[  250.412845][ T8712]  ? ksys_write+0x1ac/0x250
[  250.412861][ T8712]  exit_to_user_mode_loop+0x86/0x4a0
[  250.412882][ T8712]  do_syscall_64+0x668/0xf80
[  250.412899][ T8712]  ? clear_bhb_loop+0x40/0x90
[  250.412918][ T8712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.412932][ T8712] RIP: 0033:0x7f308639c799
[  250.412945][ T8712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  250.412958][ T8712] RSP: 002b:00007f30871aa0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  250.412973][ T8712] RAX: fffffffffffffe00 RBX: 00007f3086616098 RCX: 00007f308639c799
[  250.412982][ T8712] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3086616098
[  250.412990][ T8712] RBP: 00007f3086616090 R08: 0000000000000000 R09: 0000000000000000
[  250.412999][ T8712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  250.413007][ T8712] R13: 00007f3086616128 R14: 00007ffc2b12f520 R15: 00007ffc2b12f608
[  250.413025][ T8712]  </TASK>
[  251.618574][ T8717] capability: warning: `syz.1.640' uses 32-bit capabilities (legacy support in use)
[  252.502755][ T8750] netlink: 28 bytes leftover after parsing attributes in process `syz.0.647'.
[  252.709107][ T8750] ipvlan0: entered promiscuous mode
[  252.719680][ T8750] ipvlan0: entered allmulticast mode
[  252.726303][ T8750] veth0_vlan: entered allmulticast mode
[  253.767008][ T8775] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'.
[  255.267894][ T8810] FAULT_INJECTION: forcing a failure.
[  255.267894][ T8810] name failslab, interval 1, probability 0, space 0, times 0
[  255.362442][ T8810] CPU: 0 UID: 0 PID: 8810 Comm: syz.4.658 Not tainted syzkaller #0 PREEMPT(full) 
[  255.362485][ T8810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  255.362503][ T8810] Call Trace:
[  255.362513][ T8810]  <TASK>
[  255.362523][ T8810]  dump_stack_lvl+0x100/0x190
[  255.362573][ T8810]  should_fail_ex.cold+0x5/0xa
[  255.362608][ T8810]  should_failslab+0xc2/0x120
[  255.362639][ T8810]  __kmalloc_cache_noprof+0x7a/0x6f0
[  255.362676][ T8810]  ? __hw_addr_add_ex+0x352/0x7e0
[  255.362816][ T8810]  ? trace_contention_end+0x140/0x180
[  255.362858][ T8810]  __hw_addr_add_ex+0x352/0x7e0
[  255.362896][ T8810]  ? stack_depot_init+0x38/0x80
[  255.362942][ T8810]  ? __pfx___hw_addr_add_ex+0x10/0x10
[  255.362982][ T8810]  ? __mutex_unlock_slowpath+0x15c/0x790
[  255.363024][ T8810]  dev_addr_init+0x161/0x250
[  255.363051][ T8810]  ? __pfx_dev_addr_init+0x10/0x10
[  255.363083][ T8810]  ? __pfx_do_setup+0x10/0x10
[  255.363175][ T8810]  ? __pfx_do_setup+0x10/0x10
[  255.363206][ T8810]  alloc_netdev_mqs+0x363/0x14f0
[  255.363267][ T8810]  ? ovs_vport_alloc+0x288/0x3b0
[  255.363314][ T8810]  internal_dev_create+0x8a/0x520
[  255.363352][ T8810]  ovs_vport_add+0x147/0x4d0
[  255.363387][ T8810]  new_vport+0x16/0x1d0
[  255.363483][ T8810]  ovs_dp_cmd_new+0x65d/0xdf0
[  255.363522][ T8810]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  255.363558][ T8810]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[  255.363643][ T8810]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[  255.363691][ T8810]  genl_family_rcv_msg_doit+0x214/0x300
[  255.363735][ T8810]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  255.363775][ T8810]  ? genl_get_cmd+0x3ef/0x720
[  255.363820][ T8810]  ? bpf_lsm_capable+0x9/0x10
[  255.363864][ T8810]  ? security_capable+0x80/0x260
[  255.363902][ T8810]  ? ns_capable+0xd2/0xf0
[  255.363932][ T8810]  genl_rcv_msg+0x560/0x800
[  255.363978][ T8810]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.364018][ T8810]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[  255.364053][ T8810]  netlink_rcv_skb+0x159/0x420
[  255.364091][ T8810]  ? __pfx_genl_rcv_msg+0x10/0x10
[  255.364134][ T8810]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  255.364166][ T8810]  ? rcu_is_watching+0x12/0xc0
[  255.364217][ T8810]  ? __rcu_read_unlock+0x26a/0x5e0
[  255.364252][ T8810]  ? rcu_is_watching+0x12/0xc0
[  255.364308][ T8810]  genl_rcv+0x28/0x40
[  255.364346][ T8810]  netlink_unicast+0x5aa/0x870
[  255.364390][ T8810]  ? __pfx_netlink_unicast+0x10/0x10
[  255.364444][ T8810]  netlink_sendmsg+0x8b0/0xda0
[  255.364484][ T8810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.364517][ T8810]  ? __import_iovec+0x1d2/0x640
[  255.364560][ T8810]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  255.364601][ T8810]  ____sys_sendmsg+0x9e1/0xb70
[  255.364683][ T8810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.364724][ T8810]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.364778][ T8810]  ? __pfx_futex_wake_mark+0x10/0x10
[  255.364825][ T8810]  ___sys_sendmsg+0x190/0x1e0
[  255.364870][ T8810]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.364955][ T8810]  __sys_sendmsg+0x170/0x220
[  255.365020][ T8810]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.365052][ T8810]  ? __x64_sys_futex+0x34f/0x4d0
[  255.365107][ T8810]  do_syscall_64+0x106/0xf80
[  255.365138][ T8810]  ? clear_bhb_loop+0x40/0x90
[  255.365171][ T8810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.365198][ T8810] RIP: 0033:0x7f308639c799
[  255.365222][ T8810] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  255.365247][ T8810] RSP: 002b:00007f30871cb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.365272][ T8810] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639c799
[  255.365297][ T8810] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 000000000000000b
[  255.365313][ T8810] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  255.365330][ T8810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  255.365346][ T8810] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  255.365384][ T8810]  </TASK>
[  255.823052][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  255.925764][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  256.420928][ T8814] __vm_enough_memory: pid: 8814, comm: syz.2.659, bytes: 4398046511104 not enough memory for the allocation
[  257.410971][ T8835] vivid-007: =================  START STATUS  =================
[  257.511407][ T8853] netlink: 8 bytes leftover after parsing attributes in process `syz.2.665'.
[  257.526447][ T8835] vivid-007: Generate PTS: true
[  257.568328][ T8835] vivid-007: Generate SCR: true
[  257.658340][ T8835] tpg source WxH: 320x240 (Y'CbCr)
[  257.692239][ T8835] tpg field: 1
[  257.705741][ T8835] tpg crop: (0,0)/320x240
[  257.745477][ T8835] tpg compose: (0,0)/320x240
[  257.766280][ T8835] tpg colorspace: 8
[  257.775972][ T8835] tpg transfer function: 0/0
[  257.784393][ T8835] tpg Y'CbCr encoding: 0/0
[  257.795422][ T8835] tpg quantization: 0/0
[  257.799959][ T8835] tpg RGB range: 0/2
[  257.803884][ T8835] vivid-007: ==================  END STATUS  ==================
[  259.186234][ T8881] random: crng reseeded on system resumption
[  259.289461][ T8881] FAULT_INJECTION: forcing a failure.
[  259.289461][ T8881] name failslab, interval 1, probability 0, space 0, times 0
[  259.417966][ T8881] CPU: 0 UID: 0 PID: 8881 Comm: syz.2.670 Not tainted syzkaller #0 PREEMPT(full) 
[  259.417989][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  259.417998][ T8881] Call Trace:
[  259.418004][ T8881]  <TASK>
[  259.418010][ T8881]  dump_stack_lvl+0x100/0x190
[  259.418038][ T8881]  should_fail_ex.cold+0x5/0xa
[  259.418057][ T8881]  should_failslab+0xc2/0x120
[  259.418072][ T8881]  __kmalloc_cache_noprof+0x7a/0x6f0
[  259.418091][ T8881]  ? create_basic_memory_bitmaps+0xeb/0x350
[  259.418112][ T8881]  create_basic_memory_bitmaps+0xeb/0x350
[  259.418131][ T8881]  snapshot_open+0x230/0x2a0
[  259.418147][ T8881]  ? __pfx_snapshot_open+0x10/0x10
[  259.418165][ T8881]  misc_open+0x26d/0x450
[  259.418217][ T8881]  ? __pfx_misc_open+0x10/0x10
[  259.418230][ T8881]  chrdev_open+0x234/0x6a0
[  259.418253][ T8881]  ? __pfx_apparmor_file_open+0x10/0x10
[  259.418291][ T8881]  ? __pfx_chrdev_open+0x10/0x10
[  259.418317][ T8881]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  259.418359][ T8881]  do_dentry_open+0x6d8/0x1660
[  259.418380][ T8881]  ? __pfx_chrdev_open+0x10/0x10
[  259.418399][ T8881]  vfs_open+0x82/0x3f0
[  259.418419][ T8881]  path_openat+0x208c/0x31a0
[  259.418441][ T8881]  ? __pfx_path_openat+0x10/0x10
[  259.418463][ T8881]  do_file_open+0x20e/0x430
[  259.418479][ T8881]  ? __pfx_do_file_open+0x10/0x10
[  259.418507][ T8881]  ? alloc_fd+0x476/0x790
[  259.418523][ T8881]  ? do_getname+0x191/0x390
[  259.418542][ T8881]  do_sys_openat2+0x10d/0x1e0
[  259.418561][ T8881]  ? __pfx_do_sys_openat2+0x10/0x10
[  259.418586][ T8881]  __x64_sys_openat+0x12d/0x210
[  259.418606][ T8881]  ? __pfx___x64_sys_openat+0x10/0x10
[  259.418632][ T8881]  do_syscall_64+0x106/0xf80
[  259.418649][ T8881]  ? clear_bhb_loop+0x40/0x90
[  259.418667][ T8881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.418682][ T8881] RIP: 0033:0x7fe83b19c799
[  259.418695][ T8881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.418709][ T8881] RSP: 002b:00007fe83c129028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  259.418723][ T8881] RAX: ffffffffffffffda RBX: 00007fe83b415fa0 RCX: 00007fe83b19c799
[  259.418732][ T8881] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  259.418741][ T8881] RBP: 00007fe83b232bd9 R08: 0000000000000000 R09: 0000000000000000
[  259.418750][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.418759][ T8881] R13: 00007fe83b416038 R14: 00007fe83b415fa0 R15: 00007ffdff4c3ef8
[  259.418778][ T8881]  </TASK>
[  260.069289][ T8891] FAULT_INJECTION: forcing a failure.
[  260.069289][ T8891] name failslab, interval 1, probability 0, space 0, times 0
[  260.089706][ T8891] CPU: 0 UID: 0 PID: 8891 Comm: syz.1.672 Not tainted syzkaller #0 PREEMPT(full) 
[  260.089745][ T8891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  260.089761][ T8891] Call Trace:
[  260.089770][ T8891]  <TASK>
[  260.089781][ T8891]  dump_stack_lvl+0x100/0x190
[  260.089829][ T8891]  should_fail_ex.cold+0x5/0xa
[  260.089863][ T8891]  should_failslab+0xc2/0x120
[  260.089892][ T8891]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  260.089934][ T8891]  ? __pmd_alloc+0xbf/0x9c0
[  260.089973][ T8891]  __pmd_alloc+0xbf/0x9c0
[  260.090020][ T8891]  walk_pgd_range+0x896/0x1eb0
[  260.090065][ T8891]  ? ima_match_policy+0x8c4/0x2350
[  260.090099][ T8891]  ? __pfx_guard_install_set_pte+0x10/0x10
[  260.090133][ T8891]  ? __pfx_guard_install_set_pte+0x10/0x10
[  260.090165][ T8891]  ? __pfx_guard_install_set_pte+0x10/0x10
[  260.090198][ T8891]  ? __pfx_walk_pgd_range+0x10/0x10
[  260.090251][ T8891]  __walk_page_range+0x163/0x820
[  260.090294][ T8891]  ? process_measurement+0x4c8/0x2350
[  260.090347][ T8891]  walk_page_range_vma_unsafe+0x209/0x8f0
[  260.090396][ T8891]  ? __pfx_walk_page_range_vma_unsafe+0x10/0x10
[  260.090441][ T8891]  ? __pfx_css_rstat_updated+0x10/0x10
[  260.090517][ T8891]  madvise_guard_install+0x43f/0x7c0
[  260.090560][ T8891]  ? __pfx_madvise_guard_install+0x10/0x10
[  260.090598][ T8891]  ? __pfx_guard_install_pud_entry+0x10/0x10
[  260.090627][ T8891]  ? __pfx_guard_install_pmd_entry+0x10/0x10
[  260.090657][ T8891]  ? __pfx_guard_install_pte_entry+0x10/0x10
[  260.090692][ T8891]  ? __pfx_guard_install_set_pte+0x10/0x10
[  260.090725][ T8891]  ? __lock_acquire+0x4a5/0x2630
[  260.090769][ T8891]  madvise_vma_behavior+0x11f1/0x3050
[  260.090807][ T8891]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  260.090841][ T8891]  ? reacquire_held_locks+0xce/0x1e0
[  260.090876][ T8891]  ? lock_vma_under_rcu+0x11d/0x590
[  260.090922][ T8891]  ? lock_vma_under_rcu+0x17c/0x590
[  260.090963][ T8891]  ? lock_vma_under_rcu+0x25/0x590
[  260.091005][ T8891]  ? lock_vma_under_rcu+0x1f9/0x590
[  260.091040][ T8891]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  260.091089][ T8891]  ? __futex_wait+0x256/0x300
[  260.091139][ T8891]  madvise_walk_vmas+0x71c/0xa90
[  260.091178][ T8891]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  260.091213][ T8891]  ? futex_hash+0x2c5/0x380
[  260.091250][ T8891]  madvise_do_behavior+0x1ea/0x510
[  260.091287][ T8891]  ? __pfx_madvise_do_behavior+0x10/0x10
[  260.091318][ T8891]  ? futex_wait+0x125/0x380
[  260.091369][ T8891]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  260.091422][ T8891]  do_madvise+0x195/0x240
[  260.091454][ T8891]  ? __pfx_do_madvise+0x10/0x10
[  260.091485][ T8891]  ? do_futex+0x192/0x350
[  260.091528][ T8891]  ? find_held_lock+0x2b/0x80
[  260.091580][ T8891]  __x64_sys_madvise+0xa9/0x110
[  260.091626][ T8891]  ? lockdep_hardirqs_on+0x78/0x100
[  260.091721][ T8891]  do_syscall_64+0x106/0xf80
[  260.091756][ T8891]  ? clear_bhb_loop+0x40/0x90
[  260.091792][ T8891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.091822][ T8891] RIP: 0033:0x7fcf3999c799
[  260.091847][ T8891] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  260.091874][ T8891] RSP: 002b:00007fcf3a8ed028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  260.091901][ T8891] RAX: ffffffffffffffda RBX: 00007fcf39c16090 RCX: 00007fcf3999c799
[  260.091921][ T8891] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000
[  260.091939][ T8891] RBP: 00007fcf39a32bd9 R08: 0000000000000000 R09: 0000000000000000
[  260.091956][ T8891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  260.091973][ T8891] R13: 00007fcf39c16128 R14: 00007fcf39c16090 R15: 00007ffe5716b528
[  260.092020][ T8891]  </TASK>
[  260.854095][ T8886] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  260.861520][ T8886] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  260.889423][ T8886] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  260.947937][ T8886] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  260.989399][ T8886] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  261.810922][ T8908] mkiss: ax0: crc mode is auto.
[  262.908741][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  262.915915][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  262.915924][ T5146] Bluetooth: hci0: command 0x0c1a tx timeout
[  262.989245][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  263.068641][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  265.969784][ T9007] ICMPv6: process `syz.1.685' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  268.109957][ T9036] random: crng reseeded on system resumption
[  268.226150][ T9036] FAULT_INJECTION: forcing a failure.
[  268.226150][ T9036] name failslab, interval 1, probability 0, space 0, times 0
[  268.278563][ T9036] CPU: 0 UID: 0 PID: 9036 Comm: syz.1.694 Not tainted syzkaller #0 PREEMPT(full) 
[  268.278611][ T9036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  268.278628][ T9036] Call Trace:
[  268.278637][ T9036]  <TASK>
[  268.278648][ T9036]  dump_stack_lvl+0x100/0x190
[  268.278696][ T9036]  should_fail_ex.cold+0x5/0xa
[  268.278731][ T9036]  should_failslab+0xc2/0x120
[  268.278761][ T9036]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  268.278802][ T9036]  ? security_file_alloc+0x34/0x2c0
[  268.278832][ T9036]  ? trace_kmem_cache_alloc+0xf3/0x120
[  268.278868][ T9036]  security_file_alloc+0x34/0x2c0
[  268.278899][ T9036]  init_file+0x95/0x480
[  268.278933][ T9036]  alloc_empty_file+0x73/0x1c0
[  268.278970][ T9036]  alloc_file_pseudo+0x13a/0x230
[  268.279007][ T9036]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  268.279053][ T9036]  __shmem_file_setup+0x221/0x490
[  268.279092][ T9036]  ? __pfx___shmem_file_setup+0x10/0x10
[  268.279137][ T9036]  ? vm_area_alloc+0x1f/0x160
[  268.279178][ T9036]  shmem_zero_setup+0x96/0x1b0
[  268.279223][ T9036]  __mmap_region+0x2198/0x29e0
[  268.279266][ T9036]  ? __pfx___mmap_region+0x10/0x10
[  268.279325][ T9036]  ? set_next_entity+0x11e/0x9c0
[  268.279373][ T9036]  ? __lock_acquire+0x4a5/0x2630
[  268.279408][ T9036]  ? find_held_lock+0x2b/0x80
[  268.279454][ T9036]  ? find_held_lock+0x2b/0x80
[  268.279479][ T9036]  ? finish_task_switch.isra.0+0x200/0xb80
[  268.279509][ T9036]  ? finish_task_switch.isra.0+0x200/0xb80
[  268.279553][ T9036]  ? trace_sched_exit_tp+0x13a/0x180
[  268.279587][ T9036]  ? __schedule+0x1000/0x6120
[  268.279666][ T9036]  ? rcu_is_watching+0x12/0xc0
[  268.279707][ T9036]  ? cap_capable+0x107/0x460
[  268.279753][ T9036]  mmap_region+0x180/0x3e0
[  268.279801][ T9036]  do_mmap+0xc63/0x12f0
[  268.279838][ T9036]  ? __pfx_do_mmap+0x10/0x10
[  268.279870][ T9036]  ? __pfx_down_write_killable+0x10/0x10
[  268.279916][ T9036]  vm_mmap_pgoff+0x29e/0x470
[  268.279955][ T9036]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  268.279989][ T9036]  ? do_futex+0x192/0x350
[  268.280025][ T9036]  ? __pfx_do_futex+0x10/0x10
[  268.280067][ T9036]  ksys_mmap_pgoff+0xe1/0x650
[  268.280097][ T9036]  ? __x64_sys_futex+0x34f/0x4d0
[  268.280130][ T9036]  ? __x64_sys_futex+0x358/0x4d0
[  268.280167][ T9036]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  268.280197][ T9036]  ? xfd_validate_state+0x129/0x190
[  268.280244][ T9036]  __x64_sys_mmap+0x125/0x190
[  268.280289][ T9036]  do_syscall_64+0x106/0xf80
[  268.280329][ T9036]  ? clear_bhb_loop+0x40/0x90
[  268.280365][ T9036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.280394][ T9036] RIP: 0033:0x7fcf3999c799
[  268.280419][ T9036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.280446][ T9036] RSP: 002b:00007fcf3a90e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  268.280472][ T9036] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999c799
[  268.280492][ T9036] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  268.280509][ T9036] RBP: 00007fcf39a32bd9 R08: fffffffffffffffa R09: 0000000000008000
[  268.280528][ T9036] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  268.280545][ T9036] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  268.280584][ T9036]  </TASK>
[  269.251462][ T9048] netlink: 326 bytes leftover after parsing attributes in process `syz.2.696'.
[  269.591720][ T9041] netlink: 'syz.4.693': attribute type 2 has an invalid length.
[  271.780327][ T9077] binder: 9076:9077 ioctl 541b fffffffffffff4e0 returned -22
[  274.316373][ T9114] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[  277.521586][ T9153] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[9153]
[  277.568621][ T9152] GUP no longer grows the stack in syz.4.716 (9152): 14000-401000 (4000)
[  277.675404][ T9152] CPU: 1 UID: 0 PID: 9152 Comm: syz.4.716 Not tainted syzkaller #0 PREEMPT(full) 
[  277.675445][ T9152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  277.675462][ T9152] Call Trace:
[  277.675471][ T9152]  <TASK>
[  277.675482][ T9152]  dump_stack_lvl+0x100/0x190
[  277.675533][ T9152]  gup_vma_lookup.cold+0x83/0x96
[  277.675585][ T9152]  __get_user_pages+0x241/0x34d0
[  277.675630][ T9152]  ? down_read_killable+0x30e/0x4c0
[  277.675673][ T9152]  ? __lock_acquire+0x4a5/0x2630
[  277.675710][ T9152]  ? __pfx___get_user_pages+0x10/0x10
[  277.675754][ T9152]  __gup_longterm_locked+0x87d/0x16f0
[  277.675799][ T9152]  ? __pfx___gup_longterm_locked+0x10/0x10
[  277.675835][ T9152]  ? try_get_folio+0x262/0x750
[  277.675862][ T9152]  ? find_held_lock+0x2b/0x80
[  277.675889][ T9152]  ? sanity_check_pinned_pages+0x5f6/0x1250
[  277.675927][ T9152]  gup_fast_fallback+0x18c6/0x2460
[  277.675986][ T9152]  ? __pfx_gup_fast_fallback+0x10/0x10
[  277.676020][ T9152]  ? __lock_acquire+0x4a5/0x2630
[  277.676054][ T9152]  ? bio_associate_blkg_from_css+0xe33/0x13f0
[  277.676116][ T9152]  ? bio_associate_blkg+0x10c/0x2a0
[  277.676159][ T9152]  pin_user_pages_fast+0xa7/0xf0
[  277.676189][ T9152]  ? __pfx_pin_user_pages_fast+0x10/0x10
[  277.676222][ T9152]  ? find_held_lock+0x2b/0x80
[  277.676245][ T9152]  ? __debug_object_init+0x2de/0x3d0
[  277.676290][ T9152]  ? __debug_object_init+0x2de/0x3d0
[  277.676332][ T9152]  iov_iter_extract_pages+0xa0d/0x1ef0
[  277.676370][ T9152]  ? __lock_acquire+0x4a5/0x2630
[  277.676401][ T9152]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[  277.676435][ T9152]  ? __lock_acquire+0x4a5/0x2630
[  277.676476][ T9152]  iov_iter_extract_bvecs+0x10e/0xf40
[  277.676514][ T9152]  ? find_held_lock+0x2b/0x80
[  277.676538][ T9152]  ? bio_associate_blkg_from_css+0x394/0x13f0
[  277.676604][ T9152]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[  277.676633][ T9152]  ? bio_associate_blkg_from_css+0x550/0x13f0
[  277.676667][ T9152]  bio_iov_iter_get_pages+0x26a/0x970
[  277.676732][ T9152]  __blkdev_direct_IO_simple+0x3a7/0x890
[  277.676776][ T9152]  ? __pfx___blkdev_direct_IO_simple+0x10/0x10
[  277.676839][ T9152]  ? ktime_get_coarse_real_ts64_mg+0x249/0x300
[  277.676881][ T9152]  ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300
[  277.676922][ T9152]  blkdev_direct_IO+0xc76/0x1fb0
[  277.676967][ T9152]  ? __pfx_blkdev_direct_IO+0x10/0x10
[  277.676996][ T9152]  ? rcu_is_watching+0x12/0xc0
[  277.677036][ T9152]  ? __mark_inode_dirty+0x55c/0x1790
[  277.677074][ T9152]  ? filemap_check_errors+0xa9/0x150
[  277.677117][ T9152]  blkdev_write_iter+0x703/0xd70
[  277.677161][ T9152]  vfs_write+0x6ac/0x1070
[  277.677205][ T9152]  ? __pfx_blkdev_write_iter+0x10/0x10
[  277.677245][ T9152]  ? __pfx_vfs_write+0x10/0x10
[  277.677286][ T9152]  ? find_held_lock+0x2b/0x80
[  277.677331][ T9152]  ksys_write+0x12a/0x250
[  277.677354][ T9152]  ? __pfx_ksys_write+0x10/0x10
[  277.677388][ T9152]  do_syscall_64+0x106/0xf80
[  277.677423][ T9152]  ? clear_bhb_loop+0x40/0x90
[  277.677460][ T9152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.677490][ T9152] RIP: 0033:0x7f308639c799
[  277.677516][ T9152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  277.677544][ T9152] RSP: 002b:00007f30871aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  277.677581][ T9152] RAX: ffffffffffffffda RBX: 00007f3086616090 RCX: 00007f308639c799
[  277.677601][ T9152] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000004
[  277.677619][ T9152] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  277.677637][ T9152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  277.677655][ T9152] R13: 00007f3086616128 R14: 00007f3086616090 R15: 00007ffc2b12f608
[  277.677695][ T9152]  </TASK>
[  278.551499][ T9165] netlink: 8 bytes leftover after parsing attributes in process `syz.2.721'.
[  280.745750][ T9216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.735'.
[  280.806029][ T8163] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.847947][   T30] audit: type=1326 audit(4294967317.000:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9209 comm="syz.2.734" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe83b19c799 code=0x0
[  280.932582][ T9215] FAULT_INJECTION: forcing a failure.
[  280.932582][ T9215] name fail_futex, interval 1, probability 0, space 0, times 0
[  281.005572][ T9215] CPU: 0 UID: 0 PID: 9215 Comm: syz.1.736 Not tainted syzkaller #0 PREEMPT(full) 
[  281.005612][ T9215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  281.005628][ T9215] Call Trace:
[  281.005638][ T9215]  <TASK>
[  281.005649][ T9215]  dump_stack_lvl+0x100/0x190
[  281.005698][ T9215]  should_fail_ex.cold+0x5/0xa
[  281.005734][ T9215]  get_futex_key+0x1d2/0x1620
[  281.005773][ T9215]  ? __pfx_get_futex_key+0x10/0x10
[  281.005809][ T9215]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  281.005863][ T9215]  futex_wake+0xea/0x530
[  281.005908][ T9215]  ? __pfx_futex_wake+0x10/0x10
[  281.005964][ T9215]  do_futex+0x32b/0x350
[  281.006000][ T9215]  ? __pfx_do_futex+0x10/0x10
[  281.006044][ T9215]  __x64_sys_futex+0x34f/0x4d0
[  281.006080][ T9215]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  281.006112][ T9215]  ? __pfx___x64_sys_futex+0x10/0x10
[  281.006163][ T9215]  do_syscall_64+0x106/0xf80
[  281.006194][ T9215]  ? clear_bhb_loop+0x40/0x90
[  281.006230][ T9215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.006260][ T9215] RIP: 0033:0x7fcf3999c799
[  281.006295][ T9215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  281.006323][ T9215] RSP: 002b:00007fcf3a90e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  281.006351][ T9215] RAX: ffffffffffffffda RBX: 00007fcf39c15fa8 RCX: 00007fcf3999c799
[  281.006371][ T9215] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcf39c15fac
[  281.006388][ T9215] RBP: 00007fcf39c15fa0 R08: 0000000000000000 R09: 0000000000000000
[  281.006406][ T9215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.006422][ T9215] R13: 00007fcf39c16038 R14: 00007ffe5716b440 R15: 00007ffe5716b528
[  281.006457][ T9215]  </TASK>
[  281.251220][ T8163] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.742110][ T8163] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.964962][ T9250] binder: 9247:9250 ioctl 541b fffffffffffff4e0 returned -22
[  282.230017][ T8163] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.859989][ T8163] bridge_slave_1: left allmulticast mode
[  282.881946][ T8163] bridge_slave_1: left promiscuous mode
[  282.897315][ T8163] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.055214][ T8163] bridge_slave_0: left allmulticast mode
[  283.073614][ T8163] bridge_slave_0: left promiscuous mode
[  283.112410][ T8163] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.584830][ T9276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.747'.
[  283.752189][ T8163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  283.774299][ T8163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  283.786991][ T8163] bond0 (unregistering): Released all slaves
[  284.175537][ T9284] ima: policy update failed
[  284.192294][   T30] audit: type=1802 audit(4294967320.350:7): pid=9284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.748" res=0 errno=0
[  285.027679][ T9300] ptrace attach of "./syz-executor exec"[5826] was attempted by ""[9300]
[  285.083055][ T8163] hsr_slave_0: left promiscuous mode
[  285.124316][ T8163] hsr_slave_1: left promiscuous mode
[  285.145954][ T8163] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  285.174847][ T8163] batman_adv: batadv0: Removing interface: batadv_slave_0
[  285.224139][ T8163] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  285.265307][ T8163] batman_adv: batadv0: Removing interface: batadv_slave_1
[  285.397121][ T8163] veth1_macvtap: left promiscuous mode
[  285.420571][ T8163] veth0_macvtap: left promiscuous mode
[  285.426333][ T8163] veth1_vlan: left promiscuous mode
[  285.449748][ T8163] veth0_vlan: left promiscuous mode
[  286.737071][ T8163] team0 (unregistering): Port device team_slave_1 removed
[  286.830249][ T8163] team0 (unregistering): Port device team_slave_0 removed
[  287.195479][ T9329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.756'.
[  287.645253][ T9337] netlink: 20 bytes leftover after parsing attributes in process `syz.1.757'.
[  289.282994][ T9396] netlink: 8 bytes leftover after parsing attributes in process `syz.0.767'.
[  290.586300][ T9423] vivid-007: =================  START STATUS  =================
[  290.625066][ T9423] vivid-007: Generate PTS: true
[  290.632687][ T9423] vivid-007: Generate SCR: true
[  290.648373][ T9423] tpg source WxH: 320x240 (Y'CbCr)
[  290.653601][ T9423] tpg field: 1
[  290.656998][ T9423] tpg crop: (0,0)/320x240
[  290.702616][ T9423] tpg compose: (0,0)/320x240
[  290.722797][ T9423] tpg colorspace: 8
[  290.738767][ T9423] tpg transfer function: 0/0
[  290.751778][ T9423] tpg Y'CbCr encoding: 0/0
[  290.776456][ T9423] tpg quantization: 0/0
[  290.795633][ T9423] tpg RGB range: 0/2
[  290.828181][ T9423] vivid-007: ==================  END STATUS  ==================
[  294.784539][ T9503] binder: 9502:9503 ioctl 541b fffffffffffff4e0 returned -22
[  295.302673][ T9515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.785'.
[  295.972253][ T9527] mmap: syz.0.790 (9527) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  296.825685][ T9550] FAULT_INJECTION: forcing a failure.
[  296.825685][ T9550] name failslab, interval 1, probability 0, space 0, times 0
[  297.109953][ T9550] CPU: 1 UID: 0 PID: 9550 Comm: syz.4.791 Not tainted syzkaller #0 PREEMPT(full) 
[  297.109990][ T9550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  297.110006][ T9550] Call Trace:
[  297.110015][ T9550]  <TASK>
[  297.110024][ T9550]  dump_stack_lvl+0x100/0x190
[  297.110073][ T9550]  should_fail_ex.cold+0x5/0xa
[  297.110107][ T9550]  should_failslab+0xc2/0x120
[  297.110138][ T9550]  __kmalloc_cache_noprof+0x7a/0x6f0
[  297.110177][ T9550]  ? snd_card_file_add+0x52/0x340
[  297.110330][ T9550]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  297.110393][ T9550]  snd_card_file_add+0x52/0x340
[  297.110443][ T9550]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  297.110478][ T9550]  snd_pcm_open+0xf1/0x710
[  297.110510][ T9550]  ? __mutex_unlock_slowpath+0x15c/0x790
[  297.110553][ T9550]  ? __pfx_snd_pcm_open+0x10/0x10
[  297.110603][ T9550]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  297.110646][ T9550]  snd_pcm_capture_open+0x89/0xe0
[  297.110682][ T9550]  snd_open+0x22d/0x4c0
[  297.110726][ T9550]  ? __pfx_snd_open+0x10/0x10
[  297.110768][ T9550]  chrdev_open+0x234/0x6a0
[  297.110798][ T9550]  ? __pfx_apparmor_file_open+0x10/0x10
[  297.110842][ T9550]  ? __pfx_chrdev_open+0x10/0x10
[  297.110873][ T9550]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  297.110910][ T9550]  do_dentry_open+0x6d8/0x1660
[  297.110934][ T9550]  ? __pfx_chrdev_open+0x10/0x10
[  297.110970][ T9550]  vfs_open+0x82/0x3f0
[  297.111009][ T9550]  path_openat+0x208c/0x31a0
[  297.111052][ T9550]  ? __pfx_path_openat+0x10/0x10
[  297.111096][ T9550]  do_file_open+0x20e/0x430
[  297.111127][ T9550]  ? __pfx_do_file_open+0x10/0x10
[  297.111174][ T9550]  ? alloc_fd+0x476/0x790
[  297.111206][ T9550]  ? do_getname+0x191/0x390
[  297.111247][ T9550]  do_sys_openat2+0x10d/0x1e0
[  297.111286][ T9550]  ? __pfx_do_sys_openat2+0x10/0x10
[  297.111327][ T9550]  ? __fget_files+0x21f/0x3d0
[  297.111363][ T9550]  __x64_sys_openat+0x12d/0x210
[  297.111403][ T9550]  ? __pfx___x64_sys_openat+0x10/0x10
[  297.111456][ T9550]  do_syscall_64+0x106/0xf80
[  297.111490][ T9550]  ? clear_bhb_loop+0x40/0x90
[  297.111526][ T9550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.111556][ T9550] RIP: 0033:0x7f308639c799
[  297.111582][ T9550] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  297.111612][ T9550] RSP: 002b:00007f3087189028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  297.111648][ T9550] RAX: ffffffffffffffda RBX: 00007f3086616180 RCX: 00007f308639c799
[  297.111669][ T9550] RDX: 0000000000080042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  297.111688][ T9550] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  297.111706][ T9550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  297.111722][ T9550] R13: 00007f3086616218 R14: 00007f3086616180 R15: 00007ffc2b12f608
[  297.111759][ T9550]  </TASK>
[  298.788689][ T9563] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  298.852548][ T9563] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  298.876849][ T9571] FAULT_INJECTION: forcing a failure.
[  298.876849][ T9571] name failslab, interval 1, probability 0, space 0, times 0
[  298.898425][ T9571] CPU: 1 UID: 0 PID: 9571 Comm: syz.2.795 Not tainted syzkaller #0 PREEMPT(full) 
[  298.898454][ T9571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  298.898464][ T9571] Call Trace:
[  298.898477][ T9571]  <TASK>
[  298.898483][ T9571]  dump_stack_lvl+0x100/0x190
[  298.898511][ T9571]  should_fail_ex.cold+0x5/0xa
[  298.898529][ T9571]  should_failslab+0xc2/0x120
[  298.898545][ T9571]  __kmalloc_cache_noprof+0x7a/0x6f0
[  298.898565][ T9571]  ? proc_self_get_link+0x189/0x1f0
[  298.898624][ T9571]  proc_self_get_link+0x189/0x1f0
[  298.898646][ T9571]  pick_link+0xac2/0x13c0
[  298.898667][ T9571]  ? __pfx_proc_self_get_link+0x10/0x10
[  298.898690][ T9571]  step_into_slowpath+0x9ba/0xf90
[  298.898715][ T9571]  ? __pfx_step_into_slowpath+0x10/0x10
[  298.898739][ T9571]  ? lookup_fast+0x2da/0x600
[  298.898758][ T9571]  ? inode_permission+0x374/0x620
[  298.898778][ T9571]  link_path_walk+0xf28/0x1cc0
[  298.898807][ T9571]  path_openat+0x1be/0x31a0
[  298.898820][ T9571]  ? kasan_save_stack+0x3f/0x50
[  298.898840][ T9571]  ? kasan_save_stack+0x30/0x50
[  298.898860][ T9571]  ? kasan_save_track+0x14/0x30
[  298.898881][ T9571]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  298.898906][ T9571]  ? __pfx_path_openat+0x10/0x10
[  298.898928][ T9571]  do_file_open+0x20e/0x430
[  298.898945][ T9571]  ? __pfx_do_file_open+0x10/0x10
[  298.898976][ T9571]  ? alloc_fd+0x476/0x790
[  298.898993][ T9571]  ? do_getname+0x191/0x390
[  298.899012][ T9571]  do_sys_openat2+0x10d/0x1e0
[  298.899031][ T9571]  ? __pfx_do_sys_openat2+0x10/0x10
[  298.899057][ T9571]  __x64_sys_openat+0x12d/0x210
[  298.899077][ T9571]  ? __pfx___x64_sys_openat+0x10/0x10
[  298.899102][ T9571]  do_syscall_64+0x106/0xf80
[  298.899120][ T9571]  ? clear_bhb_loop+0x40/0x90
[  298.899138][ T9571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.899153][ T9571] RIP: 0033:0x7fe83b15cfce
[  298.899166][ T9571] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  298.899180][ T9571] RSP: 002b:00007fe83c0c5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  298.899195][ T9571] RAX: ffffffffffffffda RBX: 00007fe83c0c66c0 RCX: 00007fe83b15cfce
[  298.899205][ T9571] RDX: 0000000000000002 RSI: 00007fe83c0c5f90 RDI: ffffffffffffff9c
[  298.899214][ T9571] RBP: 00007fe83b232bd9 R08: 0000000000000000 R09: 0000000000000000
[  298.899223][ T9571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  298.899232][ T9571] R13: 00007fe83b416308 R14: 00007fe83b416270 R15: 00007ffdff4c3ef8
[  298.899252][ T9571]  </TASK>
[  298.988529][ T9563] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  299.258668][ T9563] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  299.738826][ T9577] netlink: 8 bytes leftover after parsing attributes in process `syz.0.796'.
[  300.029473][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  300.092226][ T9580] zswap: compressor  not available
[  300.372736][ T9598] usb usb36: usbfs: process 9598 (syz.0.800) did not claim interface 0 before use
[  300.887397][ T9620] netlink: 8 bytes leftover after parsing attributes in process `syz.4.804'.
[  300.918376][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  301.229331][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  301.318347][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  301.339152][ T9612] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  301.339378][ T9612] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  301.339551][ T9612] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  301.339724][ T9612] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  303.068868][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  303.389234][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  303.395323][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  303.395357][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout
[  304.078721][ T9674] netlink: 62 bytes leftover after parsing attributes in process `syz.2.816'.
[  306.471096][ T9694] can: request_module (can-proto-4) failed.
[  307.964208][ T9727] netlink: 8 bytes leftover after parsing attributes in process `syz.2.824'.
[  313.069514][ T5146] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  313.086500][ T9775] Invalid ELF header magic: != ELF
[  313.183292][ T9819] serio: Serial port pty6
[  314.211701][ T9853] netlink: 330 bytes leftover after parsing attributes in process `syz.4.844'.
[  314.289271][ T9850] netlink: 28 bytes leftover after parsing attributes in process `syz.0.843'.
[  315.492233][ T9874] FAULT_INJECTION: forcing a failure.
[  315.492233][ T9874] name failslab, interval 1, probability 0, space 0, times 0
[  315.547498][ T9874] CPU: 0 UID: 0 PID: 9874 Comm: syz.0.847 Not tainted syzkaller #0 PREEMPT(full) 
[  315.547542][ T9874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  315.547565][ T9874] Call Trace:
[  315.547575][ T9874]  <TASK>
[  315.547585][ T9874]  dump_stack_lvl+0x100/0x190
[  315.547635][ T9874]  should_fail_ex.cold+0x5/0xa
[  315.547669][ T9874]  should_failslab+0xc2/0x120
[  315.547700][ T9874]  __kmalloc_cache_noprof+0x7a/0x6f0
[  315.547737][ T9874]  ? tracing_open+0x371/0xef0
[  315.547770][ T9874]  ? seq_open+0x116/0x170
[  315.547819][ T9874]  tracing_open+0x371/0xef0
[  315.547862][ T9874]  do_dentry_open+0x6d8/0x1660
[  315.547890][ T9874]  ? __pfx_tracing_open+0x10/0x10
[  315.547933][ T9874]  vfs_open+0x82/0x3f0
[  315.547973][ T9874]  path_openat+0x208c/0x31a0
[  315.548016][ T9874]  ? __pfx_path_openat+0x10/0x10
[  315.548060][ T9874]  do_file_open+0x20e/0x430
[  315.548092][ T9874]  ? __pfx_do_file_open+0x10/0x10
[  315.548150][ T9874]  ? alloc_fd+0x476/0x790
[  315.548181][ T9874]  ? do_getname+0x191/0x390
[  315.548222][ T9874]  do_sys_openat2+0x10d/0x1e0
[  315.548253][ T9874]  ? __pfx_do_sys_openat2+0x10/0x10
[  315.548299][ T9874]  __x64_sys_openat+0x12d/0x210
[  315.548333][ T9874]  ? __pfx___x64_sys_openat+0x10/0x10
[  315.548379][ T9874]  do_syscall_64+0x106/0xf80
[  315.548413][ T9874]  ? clear_bhb_loop+0x40/0x90
[  315.548449][ T9874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.548479][ T9874] RIP: 0033:0x7f039ef9c799
[  315.548504][ T9874] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  315.548532][ T9874] RSP: 002b:00007f039ff25028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  315.548566][ T9874] RAX: ffffffffffffffda RBX: 00007f039f215fa0 RCX: 00007f039ef9c799
[  315.548586][ T9874] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  315.548605][ T9874] RBP: 00007f039f032bd9 R08: 0000000000000000 R09: 0000000000000000
[  315.548624][ T9874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  315.548640][ T9874] R13: 00007f039f216038 R14: 00007f039f215fa0 R15: 00007ffc7cd91998
[  315.548681][ T9874]  </TASK>

syzkaller
syzkaller login: [  317.162429][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  317.168951][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  317.718655][ T9902] netlink: 8 bytes leftover after parsing attributes in process `syz.4.853'.
[  318.662918][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807a9a2800: rx timeout, send abort
[  318.673837][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88807a9a2800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  320.743521][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880363cb400: rx timeout, send abort
[  320.811601][ T9922] random: crng reseeded on system resumption
[  321.206387][ T9922] pci 0000:00:01.3: enabling device (0000 -> 0001)
[  321.251920][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880363cb400: abort rx timeout. Force session deactivation
[  321.681855][ T9922] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off
[  321.833659][   T30] audit: type=1800 audit(4294967357.990:8): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.857" name="trace_pipe" dev="tracefs" ino=3559 res=0 errno=0
[  321.948487][ T9922] pci 0000:00:01.3: PCI INT A: no GSI
[  324.144484][ T9957] serio: Serial port pty6
[  325.548413][ T5146] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  326.104545][ T9978] netlink: 8 bytes leftover after parsing attributes in process `syz.2.870'.
[  327.228558][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[  327.985176][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807aade800: rx timeout, send abort
[  328.493930][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807aade800: abort rx timeout. Force session deactivation
[  330.119091][T10007] random: crng reseeded on system resumption
[  330.130407][T10007] FAULT_INJECTION: forcing a failure.
[  330.130407][T10007] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  330.194958][T10007] CPU: 1 UID: 0 PID: 10007 Comm: syz.2.875 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  330.195004][T10007] Tainted: [L]=SOFTLOCKUP
[  330.195015][T10007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  330.195033][T10007] Call Trace:
[  330.195044][T10007]  <TASK>
[  330.195056][T10007]  dump_stack_lvl+0x100/0x190
[  330.195107][T10007]  should_fail_ex.cold+0x5/0xa
[  330.195135][T10007]  ? prepare_alloc_pages+0x16d/0x5f0
[  330.195174][T10007]  should_fail_alloc_page+0xeb/0x140
[  330.195208][T10007]  prepare_alloc_pages+0x1f0/0x5f0
[  330.195249][T10007]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  330.195297][T10007]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  330.195353][T10007]  ? stack_trace_save+0x8e/0xc0
[  330.195384][T10007]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  330.195426][T10007]  ? stack_depot_save_flags+0x27/0x9d0
[  330.195459][T10007]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  330.195507][T10007]  ? kasan_save_stack+0x3f/0x50
[  330.195548][T10007]  ? kasan_save_stack+0x30/0x50
[  330.195589][T10007]  ? kasan_save_track+0x14/0x30
[  330.195648][T10007]  ? do_sys_openat2+0x10d/0x1e0
[  330.195683][T10007]  ? __x64_sys_openat+0x12d/0x210
[  330.195720][T10007]  ? do_syscall_64+0x106/0xf80
[  330.195755][T10007]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.195788][T10007]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  330.195837][T10007]  ? policy_nodemask+0xed/0x4f0
[  330.195870][T10007]  alloc_pages_mpol+0x1fb/0x550
[  330.195903][T10007]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  330.195934][T10007]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  330.195971][T10007]  alloc_pages_noprof+0x131/0x390
[  330.196004][T10007]  get_zeroed_page_noprof+0x18/0xb0
[  330.196036][T10007]  get_image_page+0x18/0x1a0
[  330.196081][T10007]  alloc_rtree_node+0x3c/0xb0
[  330.196125][T10007]  memory_bm_create+0x65e/0xba0
[  330.196188][T10007]  create_basic_memory_bitmaps+0x10b/0x350
[  330.196225][T10007]  snapshot_open+0x230/0x2a0
[  330.196256][T10007]  ? __pfx_snapshot_open+0x10/0x10
[  330.196290][T10007]  misc_open+0x26d/0x450
[  330.196319][T10007]  ? __pfx_misc_open+0x10/0x10
[  330.196345][T10007]  chrdev_open+0x234/0x6a0
[  330.196374][T10007]  ? __pfx_apparmor_file_open+0x10/0x10
[  330.196416][T10007]  ? __pfx_chrdev_open+0x10/0x10
[  330.196448][T10007]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  330.196486][T10007]  do_dentry_open+0x6d8/0x1660
[  330.196514][T10007]  ? __pfx_chrdev_open+0x10/0x10
[  330.196553][T10007]  vfs_open+0x82/0x3f0
[  330.196593][T10007]  path_openat+0x208c/0x31a0
[  330.196643][T10007]  ? __pfx_path_openat+0x10/0x10
[  330.196689][T10007]  do_file_open+0x20e/0x430
[  330.196722][T10007]  ? __pfx_do_file_open+0x10/0x10
[  330.196782][T10007]  ? alloc_fd+0x476/0x790
[  330.196814][T10007]  ? do_getname+0x191/0x390
[  330.196854][T10007]  do_sys_openat2+0x10d/0x1e0
[  330.196891][T10007]  ? __pfx_do_sys_openat2+0x10/0x10
[  330.196931][T10007]  ? find_held_lock+0x2b/0x80
[  330.196968][T10007]  __x64_sys_openat+0x12d/0x210
[  330.197007][T10007]  ? __pfx___x64_sys_openat+0x10/0x10
[  330.197061][T10007]  do_syscall_64+0x106/0xf80
[  330.197094][T10007]  ? clear_bhb_loop+0x40/0x90
[  330.197129][T10007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  330.197159][T10007] RIP: 0033:0x7fe83b19c799
[  330.197184][T10007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  330.197214][T10007] RSP: 002b:00007fe83c108028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  330.197241][T10007] RAX: ffffffffffffffda RBX: 00007fe83b416090 RCX: 00007fe83b19c799
[  330.197262][T10007] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  330.197282][T10007] RBP: 00007fe83b232bd9 R08: 0000000000000000 R09: 0000000000000000
[  330.197300][T10007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  330.197318][T10007] R13: 00007fe83b416128 R14: 00007fe83b416090 R15: 00007ffdff4c3ef8
[  330.197359][T10007]  </TASK>
[  331.857553][T10030] QAT: Stopping all acceleration devices.
[  333.963967][T10044] FAULT_INJECTION: forcing a failure.
[  333.963967][T10044] name failslab, interval 1, probability 0, space 0, times 0
[  334.067254][T10044] CPU: 1 UID: 0 PID: 10044 Comm: syz.4.882 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  334.067305][T10044] Tainted: [L]=SOFTLOCKUP
[  334.067316][T10044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  334.067334][T10044] Call Trace:
[  334.067343][T10044]  <TASK>
[  334.067355][T10044]  dump_stack_lvl+0x100/0x190
[  334.067406][T10044]  should_fail_ex.cold+0x5/0xa
[  334.067441][T10044]  ? ops_init+0x77/0x5f0
[  334.067546][T10044]  should_failslab+0xc2/0x120
[  334.067577][T10044]  __kmalloc_noprof+0xe0/0x850
[  334.067629][T10044]  ops_init+0x77/0x5f0
[  334.067669][T10044]  setup_net+0x118/0x3a0
[  334.067707][T10044]  ? __pfx_setup_net+0x10/0x10
[  334.067741][T10044]  ? lockdep_init_map_type+0x5c/0x250
[  334.067787][T10044]  ? mutex_init_lockep+0x110/0x150
[  334.067833][T10044]  copy_net_ns+0x46f/0x7c0
[  334.067878][T10044]  create_new_namespaces+0x3ea/0xac0
[  334.067918][T10044]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  334.067953][T10044]  ksys_unshare+0x473/0xad0
[  334.067991][T10044]  ? __pfx_ksys_unshare+0x10/0x10
[  334.068042][T10044]  __x64_sys_unshare+0x31/0x40
[  334.068077][T10044]  do_syscall_64+0x106/0xf80
[  334.068111][T10044]  ? clear_bhb_loop+0x40/0x90
[  334.068147][T10044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.068177][T10044] RIP: 0033:0x7f308639c799
[  334.068205][T10044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  334.068233][T10044] RSP: 002b:00007f30871cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  334.068259][T10044] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639c799
[  334.068275][T10044] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  334.068289][T10044] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  334.068303][T10044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.068318][T10044] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  334.068350][T10044]  </TASK>
[  334.390028][T10015] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  335.245908][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802bc4a800: rx timeout, send abort
[  335.255408][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802bc4a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  336.588551][T10050] Bluetooth: hci1: command 0x0c1a tx timeout
[  337.164905][T10066] netlink: 342 bytes leftover after parsing attributes in process `syz.2.886'.
[  337.478840][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805c136400: rx timeout, send abort
[  337.540259][T10067] nvme_fabrics: missing parameter 'transport=%s'
[  337.547305][T10067] nvme_fabrics: missing parameter 'nqn=%s'
[  337.753556][T10063] nvme_fabrics: missing parameter 'transport=%s'
[  337.797401][T10063] nvme_fabrics: missing parameter 'nqn=%s'
[  337.987125][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805c136400: abort rx timeout. Force session deactivation
[  338.477584][T10089] netlink: 8 bytes leftover after parsing attributes in process `syz.1.891'.
[  338.538606][T10090] netlink: 64 bytes leftover after parsing attributes in process `syz.2.892'.
[  338.677223][T10015] Bluetooth: hci1: command 0x0c1a tx timeout
[  340.221798][T10101] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  340.264594][T10107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.895'.
[  341.143815][T10116] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11
[  341.920421][   T30] audit: type=1804 audit(4294967378.080:9): pid=10102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.892" name="/newroot/238/file0" dev="tmpfs" ino=1276 res=1 errno=0
[  342.006634][   T30] audit: type=1804 audit(4294967378.110:10): pid=10110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.892" name="/newroot/238/file0" dev="tmpfs" ino=1276 res=1 errno=0
[  343.724430][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.2.898'.
[  345.329381][T10143] FAULT_INJECTION: forcing a failure.
[  345.329381][T10143] name failslab, interval 1, probability 0, space 0, times 0
[  345.437828][T10143] CPU: 1 UID: 0 PID: 10143 Comm: syz.4.903 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  345.437876][T10143] Tainted: [L]=SOFTLOCKUP
[  345.437895][T10143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  345.437911][T10143] Call Trace:
[  345.437921][T10143]  <TASK>
[  345.437932][T10143]  dump_stack_lvl+0x100/0x190
[  345.437982][T10143]  should_fail_ex.cold+0x5/0xa
[  345.438015][T10143]  should_failslab+0xc2/0x120
[  345.438045][T10143]  __kvmalloc_node_noprof+0xfa/0xa00
[  345.438090][T10143]  ? io_uring_setup.cold+0x171/0x1d09
[  345.438131][T10143]  ? __kmalloc_cache_noprof+0x298/0x6f0
[  345.438169][T10143]  ? lockdep_init_map_type+0x5c/0x250
[  345.438213][T10143]  io_uring_setup.cold+0x171/0x1d09
[  345.438253][T10143]  ? __pfx_io_uring_setup+0x10/0x10
[  345.438289][T10143]  ? do_futex+0x192/0x350
[  345.438326][T10143]  ? __pfx_do_futex+0x10/0x10
[  345.438380][T10143]  ? xfd_validate_state+0x129/0x190
[  345.438427][T10143]  __x64_sys_io_uring_setup+0xc2/0x170
[  345.438465][T10143]  do_syscall_64+0x106/0xf80
[  345.438497][T10143]  ? clear_bhb_loop+0x40/0x90
[  345.438530][T10143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.438559][T10143] RIP: 0033:0x7f308639c799
[  345.438583][T10143] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  345.438610][T10143] RSP: 002b:00007f30871cb028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  345.438638][T10143] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639c799
[  345.438657][T10143] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000059
[  345.438675][T10143] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  345.438692][T10143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.438709][T10143] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  345.438746][T10143]  </TASK>
[  345.692284][T10140] FAULT_INJECTION: forcing a failure.
[  345.692284][T10140] name failslab, interval 1, probability 0, space 0, times 0
[  345.705069][T10140] CPU: 1 UID: 0 PID: 10140 Comm: syz.1.901 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  345.705132][T10140] Tainted: [L]=SOFTLOCKUP
[  345.705142][T10140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  345.705158][T10140] Call Trace:
[  345.705166][T10140]  <TASK>
[  345.705177][T10140]  dump_stack_lvl+0x100/0x190
[  345.705226][T10140]  should_fail_ex.cold+0x5/0xa
[  345.705260][T10140]  should_failslab+0xc2/0x120
[  345.705291][T10140]  __kmalloc_cache_noprof+0x7a/0x6f0
[  345.705329][T10140]  ? init_srcu_struct_fields+0x9a2/0xe30
[  345.705374][T10140]  init_srcu_struct_fields+0x9a2/0xe30
[  345.705415][T10140]  blk_mq_alloc_tag_set+0x3cc/0x1330
[  345.705455][T10140]  ? idr_alloc+0xdd/0x130
[  345.705604][T10140]  ? __pfx_idr_alloc+0x10/0x10
[  345.705647][T10140]  loop_add+0x3b7/0xb60
[  345.705700][T10140]  ? __pfx_loop_add+0x10/0x10
[  345.705755][T10140]  ? find_held_lock+0x2b/0x80
[  345.705781][T10140]  ? __fget_files+0x215/0x3d0
[  345.705811][T10140]  loop_control_ioctl+0xae/0x620
[  345.705846][T10140]  ? __pfx_loop_control_ioctl+0x10/0x10
[  345.705885][T10140]  ? __pfx_loop_control_ioctl+0x10/0x10
[  345.705920][T10140]  __x64_sys_ioctl+0x18e/0x210
[  345.705963][T10140]  do_syscall_64+0x106/0xf80
[  345.705997][T10140]  ? clear_bhb_loop+0x40/0x90
[  345.706032][T10140]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.706062][T10140] RIP: 0033:0x7fcf3999c799
[  345.706086][T10140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  345.706113][T10140] RSP: 002b:00007fcf3a90e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  345.706140][T10140] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999c799
[  345.706159][T10140] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008
[  345.706177][T10140] RBP: 00007fcf39a32bd9 R08: 0000000000000000 R09: 0000000000000000
[  345.706194][T10140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  345.706211][T10140] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  345.706249][T10140]  </TASK>
[  346.896726][T10156] netlink: 8 bytes leftover after parsing attributes in process `syz.0.906'.
[  348.004166][T10163] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12
[  348.167777][T10171] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  350.502260][T10168] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13
[  357.642211][T10212] FAULT_INJECTION: forcing a failure.
[  357.642211][T10212] name failslab, interval 1, probability 0, space 0, times 0
[  357.819531][T10212] CPU: 1 UID: 0 PID: 10212 Comm: syz.4.919 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  357.819588][T10212] Tainted: [L]=SOFTLOCKUP
[  357.819599][T10212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  357.819617][T10212] Call Trace:
[  357.819627][T10212]  <TASK>
[  357.819637][T10212]  dump_stack_lvl+0x100/0x190
[  357.819687][T10212]  should_fail_ex.cold+0x5/0xa
[  357.819724][T10212]  should_failslab+0xc2/0x120
[  357.819754][T10212]  __kmalloc_cache_noprof+0x7a/0x6f0
[  357.819792][T10212]  ? ring_buffer_read_start+0x149/0x460
[  357.819843][T10212]  ring_buffer_read_start+0x149/0x460
[  357.819885][T10212]  ? __pfx_ring_buffer_read_start+0x10/0x10
[  357.819926][T10212]  ? lockdep_init_map_type+0x5c/0x250
[  357.819966][T10212]  ? ring_buffer_overruns+0x14e/0x1a0
[  357.820006][T10212]  tracing_open+0x9cd/0xef0
[  357.820046][T10212]  do_dentry_open+0x6d8/0x1660
[  357.820074][T10212]  ? __pfx_tracing_open+0x10/0x10
[  357.820116][T10212]  vfs_open+0x82/0x3f0
[  357.820156][T10212]  path_openat+0x208c/0x31a0
[  357.820200][T10212]  ? __pfx_path_openat+0x10/0x10
[  357.820244][T10212]  do_file_open+0x20e/0x430
[  357.820277][T10212]  ? __pfx_do_file_open+0x10/0x10
[  357.820335][T10212]  ? alloc_fd+0x476/0x790
[  357.820368][T10212]  ? do_getname+0x191/0x390
[  357.820406][T10212]  do_sys_openat2+0x10d/0x1e0
[  357.820443][T10212]  ? __pfx_do_sys_openat2+0x10/0x10
[  357.820487][T10212]  ? __fget_files+0x21f/0x3d0
[  357.820522][T10212]  __x64_sys_openat+0x12d/0x210
[  357.820568][T10212]  ? __pfx___x64_sys_openat+0x10/0x10
[  357.820620][T10212]  do_syscall_64+0x106/0xf80
[  357.820655][T10212]  ? clear_bhb_loop+0x40/0x90
[  357.820691][T10212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.820721][T10212] RIP: 0033:0x7f308639c799
[  357.820745][T10212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  357.820777][T10212] RSP: 002b:00007f30871cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  357.820806][T10212] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639c799
[  357.820826][T10212] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  357.820845][T10212] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  357.820864][T10212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  357.820881][T10212] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  357.820923][T10212]  </TASK>
[  360.139163][T10219] bond0: invalid ARP target specified
[  360.172773][T10050] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  360.183536][T10050] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  360.196946][T10050] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  360.206220][T10050] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  360.233900][T10050] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  360.292528][T10219] netlink: 28 bytes leftover after parsing attributes in process `syz.1.922'.
[  360.461615][T10223] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[  362.055731][T10219] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  362.063413][T10219] batman_adv: batadv0: Removing interface: batadv_slave_0
[  362.085811][T10219] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  362.093425][T10219] batman_adv: batadv0: Removing interface: batadv_slave_1
[  362.275930][T10015] Bluetooth: hci3: command tx timeout
[  362.918807][T10223] input: failed to attach handler evdev to device input14, error: -4
[  363.273631][T10227] ubi31: attaching mtd0
[  363.349978][T10227] ubi31: scanning is finished
[  363.389815][T10227] ubi31 error: ubi_read_volume_table: the layout volume was not found
[  364.047274][T10217] chnl_net:caif_netlink_parms(): no params data found
[  364.347788][T10217] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.348319][T10015] Bluetooth: hci3: command tx timeout
[  364.355232][T10217] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.368173][T10217] bridge_slave_0: entered allmulticast mode
[  364.396331][T10217] bridge_slave_0: entered promiscuous mode
[  364.450434][T10217] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.518461][T10217] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.525916][T10217] bridge_slave_1: entered allmulticast mode
[  364.653791][T10217] bridge_slave_1: entered promiscuous mode
[  364.783365][T10227] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  364.903357][T10217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.947464][T10217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.103427][T10217] team0: Port device team_slave_0 added
[  365.171117][T10217] team0: Port device team_slave_1 added
[  365.402200][T10217] batman_adv: batadv0: Adding interface: batadv_slave_0
[  365.422664][T10217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  365.536114][T10217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  365.584814][T10244] binder: 10238:10244 ioctl 541b fffffffffffff4e0 returned -22
[  365.640082][T10217] batman_adv: batadv0: Adding interface: batadv_slave_1
[  365.763022][T10217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  366.202193][T10217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  366.428287][T10015] Bluetooth: hci3: command tx timeout
[  366.850870][T10217] hsr_slave_0: entered promiscuous mode
[  366.873120][T10217] hsr_slave_1: entered promiscuous mode
[  366.929916][T10217] debugfs: 'hsr0' already exists in 'hsr'
[  366.935731][T10217] Cannot create hsr debugfs directory
[  366.942626][T10251] netlink: 8 bytes leftover after parsing attributes in process `syz.1.929'.
[  367.012537][T10050] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  367.022730][T10050] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  367.047424][T10050] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  367.063744][T10050] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  367.072475][T10050] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  368.508354][T10050] Bluetooth: hci3: command tx timeout
[  369.096824][T10217] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  369.146509][T10217] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  369.211376][T10217] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  369.235193][T10050] Bluetooth: hci5: command tx timeout
[  369.472273][T10252] chnl_net:caif_netlink_parms(): no params data found
[  369.517500][T10217] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  370.182998][T10252] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.428510][T10252] bridge0: port 1(bridge_slave_0) entered disabled state
[  370.435765][T10252] bridge_slave_0: entered allmulticast mode
[  370.444955][T10252] bridge_slave_0: entered promiscuous mode
[  370.459300][T10252] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.466534][T10252] bridge0: port 2(bridge_slave_1) entered disabled state
[  370.488538][T10252] bridge_slave_1: entered allmulticast mode
[  370.557717][T10252] bridge_slave_1: entered promiscuous mode
[  371.305187][T10217] 8021q: adding VLAN 0 to HW filter on device bond0
[  371.310286][T10050] Bluetooth: hci5: command tx timeout
[  371.315692][T10252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  371.340475][T10217] 8021q: adding VLAN 0 to HW filter on device team0
[  371.350723][T10252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  371.602115][T10004] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.609421][T10004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  372.112503][T10025] bridge0: port 2(bridge_slave_1) entered blocking state
[  372.119737][T10025] bridge0: port 2(bridge_slave_1) entered forwarding state
[  372.404049][T10252] team0: Port device team_slave_0 added
[  372.422872][T10252] team0: Port device team_slave_1 added
[  372.585196][T10252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  372.598336][T10252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  372.809542][T10252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  372.822692][T10252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  372.830088][T10252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  372.876774][T10252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  373.390764][T10050] Bluetooth: hci5: command tx timeout
[  373.742278][T10252] hsr_slave_0: entered promiscuous mode
[  373.749388][T10252] hsr_slave_1: entered promiscuous mode
[  373.755772][T10252] debugfs: 'hsr0' already exists in 'hsr'
[  373.762046][T10252] Cannot create hsr debugfs directory
[  374.246672][T10252] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  374.715643][T10252] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  374.903364][T10217] 8021q: adding VLAN 0 to HW filter on device batadv0
[  374.913381][T10252] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  375.120042][T10252] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  375.469378][T10050] Bluetooth: hci5: command tx timeout
[  377.120506][T10252] 8021q: adding VLAN 0 to HW filter on device bond0
[  377.141899][T10252] 8021q: adding VLAN 0 to HW filter on device team0
[  377.559851][ T9996] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.567020][ T9996] bridge0: port 1(bridge_slave_0) entered forwarding state
[  377.633213][ T9996] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.640416][ T9996] bridge0: port 2(bridge_slave_1) entered forwarding state
[  378.532628][T10217] veth0_vlan: entered promiscuous mode
[  378.594113][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  378.600468][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  378.983250][T10217] veth1_vlan: entered promiscuous mode
[  379.572039][T10217] veth0_macvtap: entered promiscuous mode
[  379.591051][T10217] veth1_macvtap: entered promiscuous mode
[  379.812169][T10217] batman_adv: batadv0: Interface activated: batadv_slave_0
[  379.825376][T10217] batman_adv: batadv0: Interface activated: batadv_slave_1
[  379.998376][T10004] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.274657][T10004] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.319769][T10004] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.404348][T10341] netlink: 8 bytes leftover after parsing attributes in process `syz.1.941'.
[  380.513996][T10004] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  380.887428][T10155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.941973][T10155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.073718][T10252] 8021q: adding VLAN 0 to HW filter on device batadv0
[  381.208657][T10155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.260956][T10155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  383.101633][T10252] veth0_vlan: entered promiscuous mode
[  383.147721][T10252] veth1_vlan: entered promiscuous mode
[  383.411936][T10252] veth0_macvtap: entered promiscuous mode
[  383.423728][T10252] veth1_macvtap: entered promiscuous mode
[  383.446232][T10252] batman_adv: batadv0: Interface activated: batadv_slave_0
[  383.459128][T10252] batman_adv: batadv0: Interface activated: batadv_slave_1
[  383.663651][T10026] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  383.716798][T10026] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  383.779774][T10026] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  383.878293][T10026] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  384.020386][T10372] binder: 10369:10372 ioctl 541b fffffffffffff4e0 returned -22
[  384.742692][T10026] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.028539][T10026] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.158317][T10026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  385.166216][T10026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  385.883795][T10395] netlink: 8 bytes leftover after parsing attributes in process `syz.1.948'.
[  386.179163][T10402] netlink: 8 bytes leftover after parsing attributes in process `syz.4.949'.
[  389.694029][T10434] binder: 10433:10434 ioctl c00c6211 fffffffffffff4e0 returned -14
[  390.183332][T10436] FAULT_INJECTION: forcing a failure.
[  390.183332][T10436] name failslab, interval 1, probability 0, space 0, times 0
[  390.320997][T10437] netlink: 8 bytes leftover after parsing attributes in process `syz.4.957'.
[  390.328488][T10436] CPU: 0 UID: 0 PID: 10436 Comm: syz.4.957 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  390.328535][T10436] Tainted: [L]=SOFTLOCKUP
[  390.328545][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  390.328562][T10436] Call Trace:
[  390.328571][T10436]  <TASK>
[  390.328582][T10436]  dump_stack_lvl+0x100/0x190
[  390.328640][T10436]  should_fail_ex.cold+0x5/0xa
[  390.328674][T10436]  should_failslab+0xc2/0x120
[  390.328705][T10436]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  390.328748][T10436]  ? sock_alloc_inode+0x25/0x1c0
[  390.328792][T10436]  ? __pfx_sock_alloc_inode+0x10/0x10
[  390.328833][T10436]  sock_alloc_inode+0x25/0x1c0
[  390.328871][T10436]  alloc_inode+0x68/0x250
[  390.328907][T10436]  sock_alloc+0x44/0x280
[  390.328940][T10436]  ? security_socket_create+0x7f/0x250
[  390.328982][T10436]  __sock_create+0xc2/0x860
[  390.329029][T10436]  __sys_socket+0x14d/0x260
[  390.329054][T10436]  ? exc_page_fault+0x6f/0xd0
[  390.329087][T10436]  ? __pfx___sys_socket+0x10/0x10
[  390.329116][T10436]  ? do_user_addr_fault+0x8d6/0x12f0
[  390.329167][T10436]  __x64_sys_socket+0x72/0xb0
[  390.329192][T10436]  ? lockdep_hardirqs_on+0x78/0x100
[  390.329225][T10436]  do_syscall_64+0x106/0xf80
[  390.329257][T10436]  ? clear_bhb_loop+0x40/0x90
[  390.329292][T10436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.329320][T10436] RIP: 0033:0x7f308639e007
[  390.329344][T10436] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  390.329371][T10436] RSP: 002b:00007f30871c9f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  390.329398][T10436] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639e007
[  390.329416][T10436] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  390.329434][T10436] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  390.329450][T10436] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  390.329468][T10436] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  390.329504][T10436]  </TASK>
[  390.329580][T10436] net_ratelimit: 18 callbacks suppressed
[  390.329606][T10436] socket: no more sockets
[  391.188892][T10446] FAULT_INJECTION: forcing a failure.
[  391.188892][T10446] name failslab, interval 1, probability 0, space 0, times 0
[  391.218323][T10449] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  391.989311][T10446] CPU: 1 UID: 0 PID: 10446 Comm: syz.6.958 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  391.989360][T10446] Tainted: [L]=SOFTLOCKUP
[  391.989372][T10446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  391.989388][T10446] Call Trace:
[  391.989399][T10446]  <TASK>
[  391.989410][T10446]  dump_stack_lvl+0x100/0x190
[  391.989463][T10446]  should_fail_ex.cold+0x5/0xa
[  391.989499][T10446]  ? constrain_params_by_rules+0x175/0xcc0
[  391.989534][T10446]  should_failslab+0xc2/0x120
[  391.989567][T10446]  __kmalloc_noprof+0xe0/0x850
[  391.989609][T10446]  ? unwind_get_return_address+0x59/0xa0
[  391.989677][T10446]  constrain_params_by_rules+0x175/0xcc0
[  391.989720][T10446]  ? stack_trace_save+0x8e/0xc0
[  391.989755][T10446]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  391.989787][T10446]  ? kfree+0x1f6/0x6b0
[  391.989818][T10446]  ? snd_pcm_hw_param_near.constprop.0+0x573/0x850
[  391.990025][T10446]  ? __kasan_kmalloc+0xaa/0xb0
[  391.990068][T10446]  ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850
[  391.990113][T10446]  ? snd_pcm_oss_change_params_locked+0x18d9/0x39f0
[  391.990160][T10446]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  391.990242][T10446]  ? snd_interval_refine+0x2d0/0x580
[  391.990318][T10446]  snd_pcm_hw_refine+0x7e7/0xad0
[  391.990364][T10446]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  391.990414][T10446]  ? _snd_pcm_hw_param_min+0x1ea/0x670
[  391.990465][T10446]  snd_pcm_hw_param_near.constprop.0+0x5d0/0x850
[  391.990518][T10446]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  391.990568][T10446]  ? calc_src_frames.isra.0+0x17c/0x1c0
[  391.990598][T10446]  ? calc_dst_frames.constprop.0.isra.0+0xed/0x120
[  391.990638][T10446]  snd_pcm_oss_change_params_locked+0x18d9/0x39f0
[  391.990704][T10446]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  391.990757][T10446]  ? __pfx___mutex_lock+0x10/0x10
[  391.990819][T10446]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  391.990869][T10446]  snd_pcm_oss_sync+0x265/0x840
[  391.990904][T10446]  snd_pcm_oss_release+0x238/0x300
[  391.990933][T10446]  ? __pfx_snd_pcm_oss_release+0x10/0x10
[  391.990962][T10446]  __fput+0x3ff/0xb40
[  391.991005][T10446]  task_work_run+0x150/0x240
[  391.991048][T10446]  ? __pfx_task_work_run+0x10/0x10
[  391.991100][T10446]  exit_to_user_mode_loop+0x100/0x4a0
[  391.991142][T10446]  do_syscall_64+0x668/0xf80
[  391.991176][T10446]  ? clear_bhb_loop+0x40/0x90
[  391.991213][T10446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  391.991243][T10446] RIP: 0033:0x7f4aff59c799
[  391.991269][T10446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  391.991307][T10446] RSP: 002b:00007f4b003c4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  391.991336][T10446] RAX: 0000000000000000 RBX: 00007f4aff816090 RCX: 00007f4aff59c799
[  391.991355][T10446] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  391.991372][T10446] RBP: 00007f4aff632bd9 R08: 0000000000000000 R09: 0000000000000000
[  391.991390][T10446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  391.991408][T10446] R13: 00007f4aff816128 R14: 00007f4aff816090 R15: 00007ffefc1eb5c8
[  391.991448][T10446]  </TASK>
[  393.166520][T10456] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  395.273135][   T30] audit: type=1326 audit(4294967431.430:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10461 comm="syz.5.962" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff9c759c799 code=0x0
[  398.918784][T10511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.975'.
[  401.593634][T10523] binder: 10522:10523 ioctl 541b fffffffffffff4e0 returned -22
[  402.016343][T10538] blktrace: Concurrent blktraces are not allowed on loop2
[  402.919826][T10551] netlink: 16 bytes leftover after parsing attributes in process `syz.4.985'.
[  403.257658][T10561] netlink: 8 bytes leftover after parsing attributes in process `syz.1.989'.
[  405.166019][T10574] FAULT_INJECTION: forcing a failure.
[  405.166019][T10574] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  405.203615][T10574] CPU: 1 UID: 0 PID: 10574 Comm: syz.1.993 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  405.203661][T10574] Tainted: [L]=SOFTLOCKUP
[  405.203670][T10574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  405.203686][T10574] Call Trace:
[  405.203695][T10574]  <TASK>
[  405.203705][T10574]  dump_stack_lvl+0x100/0x190
[  405.203750][T10574]  should_fail_ex.cold+0x5/0xa
[  405.203784][T10574]  _copy_from_user+0x2e/0xd0
[  405.203815][T10574]  copy_msghdr_from_user+0x9f/0x4f0
[  405.203860][T10574]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  405.203919][T10574]  ___sys_sendmsg+0x106/0x1e0
[  405.203963][T10574]  ? __pfx____sys_sendmsg+0x10/0x10
[  405.204049][T10574]  __sys_sendmsg+0x170/0x220
[  405.204083][T10574]  ? __pfx___sys_sendmsg+0x10/0x10
[  405.204140][T10574]  do_syscall_64+0x106/0xf80
[  405.204172][T10574]  ? clear_bhb_loop+0x40/0x90
[  405.204206][T10574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.204235][T10574] RIP: 0033:0x7fcf3999c799
[  405.204257][T10574] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  405.204284][T10574] RSP: 002b:00007fcf3a90e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  405.204310][T10574] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999c799
[  405.204329][T10574] RDX: 0000000004000010 RSI: 0000200000001a00 RDI: 0000000000000003
[  405.204346][T10574] RBP: 00007fcf3a90e090 R08: 0000000000000000 R09: 0000000000000000
[  405.204370][T10574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.204386][T10574] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  405.204424][T10574]  </TASK>
[  406.064196][T10582] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15
[  407.468854][T10602] FAULT_INJECTION: forcing a failure.
[  407.468854][T10602] name failslab, interval 1, probability 0, space 0, times 0
[  407.518695][T10602] CPU: 1 UID: 0 PID: 10602 Comm: syz.5.997 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.518740][T10602] Tainted: [L]=SOFTLOCKUP
[  407.518749][T10602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  407.518763][T10602] Call Trace:
[  407.518772][T10602]  <TASK>
[  407.518782][T10602]  dump_stack_lvl+0x100/0x190
[  407.518834][T10602]  should_fail_ex.cold+0x5/0xa
[  407.518870][T10602]  should_failslab+0xc2/0x120
[  407.518903][T10602]  __kmalloc_cache_noprof+0x7a/0x6f0
[  407.518941][T10602]  ? proc_self_get_link+0x189/0x1f0
[  407.518992][T10602]  proc_self_get_link+0x189/0x1f0
[  407.519034][T10602]  pick_link+0xac2/0x13c0
[  407.519075][T10602]  ? __pfx_proc_self_get_link+0x10/0x10
[  407.519132][T10602]  step_into_slowpath+0x9ba/0xf90
[  407.519184][T10602]  ? __pfx_step_into_slowpath+0x10/0x10
[  407.519234][T10602]  ? lookup_fast+0x2da/0x600
[  407.519271][T10602]  ? inode_permission+0x374/0x620
[  407.519314][T10602]  link_path_walk+0xf28/0x1cc0
[  407.519371][T10602]  path_openat+0x1be/0x31a0
[  407.519399][T10602]  ? kasan_save_stack+0x3f/0x50
[  407.519441][T10602]  ? kasan_save_stack+0x30/0x50
[  407.519482][T10602]  ? kasan_save_track+0x14/0x30
[  407.519524][T10602]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  407.519576][T10602]  ? __pfx_path_openat+0x10/0x10
[  407.519619][T10602]  do_file_open+0x20e/0x430
[  407.519652][T10602]  ? __pfx_do_file_open+0x10/0x10
[  407.519710][T10602]  ? alloc_fd+0x476/0x790
[  407.519743][T10602]  ? do_getname+0x191/0x390
[  407.519782][T10602]  do_sys_openat2+0x10d/0x1e0
[  407.519820][T10602]  ? __pfx_do_sys_openat2+0x10/0x10
[  407.519873][T10602]  __x64_sys_openat+0x12d/0x210
[  407.519911][T10602]  ? __pfx___x64_sys_openat+0x10/0x10
[  407.519965][T10602]  do_syscall_64+0x106/0xf80
[  407.519999][T10602]  ? clear_bhb_loop+0x40/0x90
[  407.520035][T10602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.520066][T10602] RIP: 0033:0x7ff9c755cfce
[  407.520091][T10602] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  407.520127][T10602] RSP: 002b:00007ff9c8480ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  407.520156][T10602] RAX: ffffffffffffffda RBX: 00007ff9c84816c0 RCX: 00007ff9c755cfce
[  407.520175][T10602] RDX: 0000000000000002 RSI: 00007ff9c8480f90 RDI: ffffffffffffff9c
[  407.520194][T10602] RBP: 00007ff9c7632bd9 R08: 0000000000000000 R09: 0000000000000000
[  407.520212][T10602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  407.520230][T10602] R13: 00007ff9c7816308 R14: 00007ff9c7816270 R15: 00007ffff62215e8
[  407.520270][T10602]  </TASK>
[  407.914193][T10596] zswap: compressor  not available
[  409.459338][T10620] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1005'.
[  410.430709][T10625] FAULT_INJECTION: forcing a failure.
[  410.430709][T10625] name failslab, interval 1, probability 0, space 0, times 0
[  410.635924][T10625] CPU: 1 UID: 0 PID: 10625 Comm: syz.6.1003 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  410.635968][T10625] Tainted: [L]=SOFTLOCKUP
[  410.635988][T10625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  410.636003][T10625] Call Trace:
[  410.636011][T10625]  <TASK>
[  410.636020][T10625]  dump_stack_lvl+0x100/0x190
[  410.636067][T10625]  should_fail_ex.cold+0x5/0xa
[  410.636099][T10625]  should_failslab+0xc2/0x120
[  410.636128][T10625]  __kmalloc_cache_noprof+0x7a/0x6f0
[  410.636163][T10625]  ? landlock_init_hierarchy_log+0xa9/0x820
[  410.636204][T10625]  landlock_init_hierarchy_log+0xa9/0x820
[  410.636231][T10625]  ? inherit_tree+0x197/0x2d0
[  410.636272][T10625]  landlock_merge_ruleset+0x67b/0x830
[  410.636316][T10625]  __do_sys_landlock_restrict_self+0x2a6/0x9e0
[  410.636353][T10625]  ? syscall_user_dispatch+0x30/0x130
[  410.636393][T10625]  do_syscall_64+0x106/0xf80
[  410.636424][T10625]  ? clear_bhb_loop+0x40/0x90
[  410.636458][T10625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.636486][T10625] RIP: 0033:0x7f4aff59c799
[  410.636508][T10625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  410.636536][T10625] RSP: 002b:00007f4b003c4028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  410.636566][T10625] RAX: ffffffffffffffda RBX: 00007f4aff816090 RCX: 00007f4aff59c799
[  410.636584][T10625] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000006
[  410.636599][T10625] RBP: 00007f4aff632bd9 R08: 0000000000000000 R09: 0000000000000000
[  410.636615][T10625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  410.636630][T10625] R13: 00007f4aff816128 R14: 00007f4aff816090 R15: 00007ffefc1eb5c8
[  410.636665][T10625]  </TASK>
[  410.853606][T10628] FAULT_INJECTION: forcing a failure.
[  410.853606][T10628] name failslab, interval 1, probability 0, space 0, times 0
[  410.866310][T10628] CPU: 1 UID: 0 PID: 10628 Comm: syz.1.1002 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  410.866337][T10628] Tainted: [L]=SOFTLOCKUP
[  410.866343][T10628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  410.866352][T10628] Call Trace:
[  410.866358][T10628]  <TASK>
[  410.866364][T10628]  dump_stack_lvl+0x100/0x190
[  410.866392][T10628]  should_fail_ex.cold+0x5/0xa
[  410.866411][T10628]  should_failslab+0xc2/0x120
[  410.866427][T10628]  __kmalloc_cache_noprof+0x7a/0x6f0
[  410.866446][T10628]  ? snd_card_file_add+0x52/0x340
[  410.866473][T10628]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  410.866492][T10628]  snd_card_file_add+0x52/0x340
[  410.866517][T10628]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  410.866534][T10628]  snd_pcm_open+0xf1/0x710
[  410.866549][T10628]  ? __mutex_unlock_slowpath+0x15c/0x790
[  410.866571][T10628]  ? __pfx_snd_pcm_open+0x10/0x10
[  410.866596][T10628]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  410.866613][T10628]  snd_pcm_capture_open+0x89/0xe0
[  410.866630][T10628]  snd_open+0x22d/0x4c0
[  410.866651][T10628]  ? __pfx_snd_open+0x10/0x10
[  410.866672][T10628]  chrdev_open+0x234/0x6a0
[  410.866686][T10628]  ? __pfx_apparmor_file_open+0x10/0x10
[  410.866708][T10628]  ? __pfx_chrdev_open+0x10/0x10
[  410.866723][T10628]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  410.866743][T10628]  do_dentry_open+0x6d8/0x1660
[  410.866758][T10628]  ? __pfx_chrdev_open+0x10/0x10
[  410.866777][T10628]  vfs_open+0x82/0x3f0
[  410.866798][T10628]  path_openat+0x208c/0x31a0
[  410.866820][T10628]  ? __pfx_path_openat+0x10/0x10
[  410.866841][T10628]  do_file_open+0x20e/0x430
[  410.866857][T10628]  ? __pfx_do_file_open+0x10/0x10
[  410.866885][T10628]  ? alloc_fd+0x476/0x790
[  410.866901][T10628]  ? do_getname+0x191/0x390
[  410.866920][T10628]  do_sys_openat2+0x10d/0x1e0
[  410.866938][T10628]  ? __pfx_do_sys_openat2+0x10/0x10
[  410.866958][T10628]  ? __fget_files+0x21f/0x3d0
[  410.866975][T10628]  __x64_sys_openat+0x12d/0x210
[  410.866995][T10628]  ? __pfx___x64_sys_openat+0x10/0x10
[  410.867021][T10628]  do_syscall_64+0x106/0xf80
[  410.867046][T10628]  ? clear_bhb_loop+0x40/0x90
[  410.867065][T10628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.867081][T10628] RIP: 0033:0x7fcf3999c799
[  410.867095][T10628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  410.867109][T10628] RSP: 002b:00007fcf3a8cc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  410.867125][T10628] RAX: ffffffffffffffda RBX: 00007fcf39c16180 RCX: 00007fcf3999c799
[  410.867135][T10628] RDX: 0000000000080042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  410.867145][T10628] RBP: 00007fcf39a32bd9 R08: 0000000000000000 R09: 0000000000000000
[  410.867154][T10628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  410.867163][T10628] R13: 00007fcf39c16218 R14: 00007fcf39c16180 R15: 00007ffe5716b528
[  410.867184][T10628]  </TASK>
[  412.229848][T10646] ICMPv6: process `syz.4.1009' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  416.444032][T10682] FAULT_INJECTION: forcing a failure.
[  416.444032][T10682] name failslab, interval 1, probability 0, space 0, times 0
[  416.584458][T10682] CPU: 1 UID: 0 PID: 10682 Comm: syz.1.1017 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  416.584508][T10682] Tainted: [L]=SOFTLOCKUP
[  416.584519][T10682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  416.584535][T10682] Call Trace:
[  416.584545][T10682]  <TASK>
[  416.584556][T10682]  dump_stack_lvl+0x100/0x190
[  416.584605][T10682]  should_fail_ex.cold+0x5/0xa
[  416.584639][T10682]  should_failslab+0xc2/0x120
[  416.584670][T10682]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  416.584713][T10682]  ? sock_alloc_inode+0x25/0x1c0
[  416.584756][T10682]  ? __pfx_sock_alloc_inode+0x10/0x10
[  416.584798][T10682]  sock_alloc_inode+0x25/0x1c0
[  416.584837][T10682]  alloc_inode+0x68/0x250
[  416.584875][T10682]  sock_alloc+0x44/0x280
[  416.584909][T10682]  ? security_socket_create+0x7f/0x250
[  416.584958][T10682]  __sock_create+0xc2/0x860
[  416.585009][T10682]  __sys_socket+0x14d/0x260
[  416.585034][T10682]  ? exc_page_fault+0x6f/0xd0
[  416.585068][T10682]  ? __pfx___sys_socket+0x10/0x10
[  416.585098][T10682]  ? do_user_addr_fault+0x8d6/0x12f0
[  416.585149][T10682]  __x64_sys_socket+0x72/0xb0
[  416.585174][T10682]  ? lockdep_hardirqs_on+0x78/0x100
[  416.585208][T10682]  do_syscall_64+0x106/0xf80
[  416.585240][T10682]  ? clear_bhb_loop+0x40/0x90
[  416.585275][T10682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  416.585304][T10682] RIP: 0033:0x7fcf3999e007
[  416.585328][T10682] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  416.585356][T10682] RSP: 002b:00007fcf3a90cf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  416.585382][T10682] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999e007
[  416.585402][T10682] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  416.585420][T10682] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  416.585437][T10682] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  416.585454][T10682] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  416.585492][T10682]  </TASK>
[  416.585505][T10682] socket: no more sockets
[  417.054609][T10682] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1017'.
[  417.686729][T10683] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16
[  421.336764][T10734] FAULT_INJECTION: forcing a failure.
[  421.336764][T10734] name failslab, interval 1, probability 0, space 0, times 0
[  421.386796][T10734] CPU: 1 UID: 0 PID: 10734 Comm: syz.5.1024 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  421.386850][T10734] Tainted: [L]=SOFTLOCKUP
[  421.386860][T10734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  421.386878][T10734] Call Trace:
[  421.386887][T10734]  <TASK>
[  421.386899][T10734]  dump_stack_lvl+0x100/0x190
[  421.386949][T10734]  should_fail_ex.cold+0x5/0xa
[  421.386983][T10734]  should_failslab+0xc2/0x120
[  421.387014][T10734]  __kmalloc_cache_noprof+0x7a/0x6f0
[  421.387050][T10734]  ? snd_card_file_add+0x52/0x340
[  421.387101][T10734]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  421.387134][T10734]  snd_card_file_add+0x52/0x340
[  421.387178][T10734]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  421.387212][T10734]  snd_pcm_open+0xf1/0x710
[  421.387242][T10734]  ? __mutex_unlock_slowpath+0x15c/0x790
[  421.387285][T10734]  ? __pfx_snd_pcm_open+0x10/0x10
[  421.387336][T10734]  ? __pfx_snd_pcm_capture_open+0x10/0x10
[  421.387370][T10734]  snd_pcm_capture_open+0x89/0xe0
[  421.387402][T10734]  snd_open+0x22d/0x4c0
[  421.387443][T10734]  ? __pfx_snd_open+0x10/0x10
[  421.387484][T10734]  chrdev_open+0x234/0x6a0
[  421.387512][T10734]  ? __pfx_apparmor_file_open+0x10/0x10
[  421.387554][T10734]  ? __pfx_chrdev_open+0x10/0x10
[  421.387585][T10734]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  421.387623][T10734]  do_dentry_open+0x6d8/0x1660
[  421.387650][T10734]  ? __pfx_chrdev_open+0x10/0x10
[  421.387697][T10734]  vfs_open+0x82/0x3f0
[  421.387736][T10734]  path_openat+0x208c/0x31a0
[  421.387777][T10734]  ? __pfx_path_openat+0x10/0x10
[  421.387819][T10734]  do_file_open+0x20e/0x430
[  421.387852][T10734]  ? __pfx_do_file_open+0x10/0x10
[  421.387906][T10734]  ? alloc_fd+0x476/0x790
[  421.387937][T10734]  ? do_getname+0x191/0x390
[  421.387975][T10734]  do_sys_openat2+0x10d/0x1e0
[  421.388011][T10734]  ? __pfx_do_sys_openat2+0x10/0x10
[  421.388049][T10734]  ? __fget_files+0x21f/0x3d0
[  421.388083][T10734]  __x64_sys_openat+0x12d/0x210
[  421.388120][T10734]  ? __pfx___x64_sys_openat+0x10/0x10
[  421.388168][T10734]  do_syscall_64+0x106/0xf80
[  421.388200][T10734]  ? clear_bhb_loop+0x40/0x90
[  421.388234][T10734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.388263][T10734] RIP: 0033:0x7ff9c759c799
[  421.388284][T10734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  421.388311][T10734] RSP: 002b:00007ff9c84a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  421.388335][T10734] RAX: ffffffffffffffda RBX: 00007ff9c7816180 RCX: 00007ff9c759c799
[  421.388353][T10734] RDX: 0000000000080042 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  421.388372][T10734] RBP: 00007ff9c7632bd9 R08: 0000000000000000 R09: 0000000000000000
[  421.388390][T10734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  421.388407][T10734] R13: 00007ff9c7816218 R14: 00007ff9c7816180 R15: 00007ffff62215e8
[  421.388445][T10734]  </TASK>
[  421.682126][T10735] ptrace attach of "./syz-executor exec"[10252] was attempted by "./syz-executor exec"[10735]
[  422.898297][T10741] ICMPv6: process `syz.1.1030' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  423.881284][T10731] Invalid ELF header magic: != ELF
[  426.215255][T10770] ICMPv6: process `syz.6.1036' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  428.747146][T10788] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1039'.
[  430.572121][T10811] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1043'.
[  430.955655][T10811] ipvlan0: entered promiscuous mode
[  430.992534][T10811] ipvlan0: entered allmulticast mode
[  431.328219][T10820] ICMPv6: process `syz.6.1045' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead
[  431.344854][T10811] veth0_vlan: entered allmulticast mode
[  435.777356][T10845] zswap: compressor  not available
[  435.839170][T10851] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  435.845373][T10851] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  435.921967][T10851] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  436.002988][T10851] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  436.049686][T10851] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  436.089779][T10851] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  436.154471][T10851] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  436.528456][T10851] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  436.568637][T10851] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  436.785324][T10851] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  437.274343][T10858] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1050'.
[  437.573938][T10862] FAULT_INJECTION: forcing a failure.
[  437.573938][T10862] name failslab, interval 1, probability 0, space 0, times 0
[  437.699055][T10862] CPU: 1 UID: 0 PID: 10862 Comm: syz.4.1051 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  437.699100][T10862] Tainted: [L]=SOFTLOCKUP
[  437.699109][T10862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  437.699125][T10862] Call Trace:
[  437.699134][T10862]  <TASK>
[  437.699145][T10862]  dump_stack_lvl+0x100/0x190
[  437.699196][T10862]  should_fail_ex.cold+0x5/0xa
[  437.699228][T10862]  should_failslab+0xc2/0x120
[  437.699257][T10862]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  437.699299][T10862]  ? sock_alloc_inode+0x25/0x1c0
[  437.699344][T10862]  ? __pfx_sock_alloc_inode+0x10/0x10
[  437.699384][T10862]  sock_alloc_inode+0x25/0x1c0
[  437.699421][T10862]  alloc_inode+0x68/0x250
[  437.699458][T10862]  sock_alloc+0x44/0x280
[  437.699492][T10862]  ? security_socket_create+0x7f/0x250
[  437.699535][T10862]  __sock_create+0xc2/0x860
[  437.699582][T10862]  __sys_socket+0x14d/0x260
[  437.699605][T10862]  ? exc_page_fault+0x6f/0xd0
[  437.699634][T10862]  ? __pfx___sys_socket+0x10/0x10
[  437.699661][T10862]  ? do_user_addr_fault+0x8d6/0x12f0
[  437.699706][T10862]  __x64_sys_socket+0x72/0xb0
[  437.699730][T10862]  ? lockdep_hardirqs_on+0x78/0x100
[  437.699759][T10862]  do_syscall_64+0x106/0xf80
[  437.699790][T10862]  ? clear_bhb_loop+0x40/0x90
[  437.699834][T10862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.699865][T10862] RIP: 0033:0x7f308639e007
[  437.699889][T10862] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  437.699917][T10862] RSP: 002b:00007f30871c9f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  437.699943][T10862] RAX: ffffffffffffffda RBX: 00007f3086615fa0 RCX: 00007f308639e007
[  437.699959][T10862] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  437.699973][T10862] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  437.699989][T10862] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  437.700004][T10862] R13: 00007f3086616038 R14: 00007f3086615fa0 R15: 00007ffc2b12f608
[  437.700036][T10862]  </TASK>
[  437.700048][T10862] socket: no more sockets
[  437.868952][T10015] Bluetooth: hci1: command 0x0c1a tx timeout
[  437.920658][T10050] Bluetooth: hci0: command 0x0c1a tx timeout
[  437.955383][T10015] Bluetooth: hci2: command 0x0c1a tx timeout
[  438.028504][T10015] Bluetooth: hci4: command 0x0c1a tx timeout
[  438.082465][T10865] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1051'.
[  438.109446][T10015] Bluetooth: hci3: command 0x0c1a tx timeout
[  438.435134][T10015] Bluetooth: hci5: command 0x0c1a tx timeout
[  438.663412][T10888] FAULT_INJECTION: forcing a failure.
[  438.663412][T10888] name failslab, interval 1, probability 0, space 0, times 0
[  438.878452][T10888] CPU: 1 UID: 0 PID: 10888 Comm: syz.1.1055 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  438.878497][T10888] Tainted: [L]=SOFTLOCKUP
[  438.878506][T10888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  438.878523][T10888] Call Trace:
[  438.878534][T10888]  <TASK>
[  438.878545][T10888]  dump_stack_lvl+0x100/0x190
[  438.878593][T10888]  should_fail_ex.cold+0x5/0xa
[  438.878625][T10888]  should_failslab+0xc2/0x120
[  438.878653][T10888]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  438.878695][T10888]  ? sock_alloc_inode+0x25/0x1c0
[  438.878747][T10888]  ? __pfx_sock_alloc_inode+0x10/0x10
[  438.878787][T10888]  sock_alloc_inode+0x25/0x1c0
[  438.878824][T10888]  alloc_inode+0x68/0x250
[  438.878861][T10888]  sock_alloc+0x44/0x280
[  438.878894][T10888]  ? security_socket_create+0x7f/0x250
[  438.878936][T10888]  __sock_create+0xc2/0x860
[  438.878984][T10888]  __sys_socket+0x14d/0x260
[  438.879009][T10888]  ? exc_page_fault+0x6f/0xd0
[  438.879043][T10888]  ? __pfx___sys_socket+0x10/0x10
[  438.879074][T10888]  ? do_user_addr_fault+0x8d6/0x12f0
[  438.879123][T10888]  __x64_sys_socket+0x72/0xb0
[  438.879148][T10888]  ? lockdep_hardirqs_on+0x78/0x100
[  438.879178][T10888]  do_syscall_64+0x106/0xf80
[  438.879209][T10888]  ? clear_bhb_loop+0x40/0x90
[  438.879242][T10888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.879268][T10888] RIP: 0033:0x7fcf3999e007
[  438.879291][T10888] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  438.879316][T10888] RSP: 002b:00007fcf3a90cf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  438.879342][T10888] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999e007
[  438.879363][T10888] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  438.879383][T10888] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  438.879398][T10888] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  438.879414][T10888] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  438.879450][T10888]  </TASK>
[  438.880118][T10888] socket: no more sockets
[  440.071651][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  440.077935][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  440.189403][T10015] Bluetooth: hci3: command 0x0c1a tx timeout
[  440.508328][T10015] Bluetooth: hci5: command 0x0c1a tx timeout
[  440.697623][T10888] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1055'.
[  441.424968][T10909] FAULT_INJECTION: forcing a failure.
[  441.424968][T10909] name failslab, interval 1, probability 0, space 0, times 0
[  441.437801][T10909] CPU: 1 UID: 0 PID: 10909 Comm: syz.5.1058 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  441.437849][T10909] Tainted: [L]=SOFTLOCKUP
[  441.437859][T10909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  441.437876][T10909] Call Trace:
[  441.437888][T10909]  <TASK>
[  441.437899][T10909]  dump_stack_lvl+0x100/0x190
[  441.437948][T10909]  should_fail_ex.cold+0x5/0xa
[  441.437984][T10909]  should_failslab+0xc2/0x120
[  441.438015][T10909]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  441.438059][T10909]  ? sock_alloc_inode+0x25/0x1c0
[  441.438104][T10909]  ? __pfx_sock_alloc_inode+0x10/0x10
[  441.438149][T10909]  sock_alloc_inode+0x25/0x1c0
[  441.438184][T10909]  alloc_inode+0x68/0x250
[  441.438219][T10909]  sock_alloc+0x44/0x280
[  441.438254][T10909]  ? security_socket_create+0x7f/0x250
[  441.438297][T10909]  __sock_create+0xc2/0x860
[  441.438347][T10909]  __sys_socket+0x14d/0x260
[  441.438372][T10909]  ? exc_page_fault+0x6f/0xd0
[  441.438405][T10909]  ? __pfx___sys_socket+0x10/0x10
[  441.438436][T10909]  ? do_user_addr_fault+0x8d6/0x12f0
[  441.438487][T10909]  __x64_sys_socket+0x72/0xb0
[  441.438512][T10909]  ? lockdep_hardirqs_on+0x78/0x100
[  441.438547][T10909]  do_syscall_64+0x106/0xf80
[  441.438581][T10909]  ? clear_bhb_loop+0x40/0x90
[  441.438616][T10909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.438646][T10909] RIP: 0033:0x7ff9c759e007
[  441.438679][T10909] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  441.438709][T10909] RSP: 002b:00007ff9c84e2f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  441.438736][T10909] RAX: ffffffffffffffda RBX: 00007ff9c7815fa0 RCX: 00007ff9c759e007
[  441.438757][T10909] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  441.438775][T10909] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  441.438793][T10909] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  441.438811][T10909] R13: 00007ff9c7816038 R14: 00007ff9c7815fa0 R15: 00007ffff62215e8
[  441.438850][T10909]  </TASK>
[  441.750723][T10909] socket: no more sockets
[  441.942645][T10909] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1058'.
[  442.268455][T10015] Bluetooth: hci3: command 0x0c1a tx timeout
[  442.598818][T10050] Bluetooth: hci5: command 0x0c1a tx timeout
[  448.288777][T10963] FAULT_INJECTION: forcing a failure.
[  448.288777][T10963] name failslab, interval 1, probability 0, space 0, times 0
[  448.552381][T10963] CPU: 0 UID: 0 PID: 10963 Comm: syz.5.1070 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  448.552432][T10963] Tainted: [L]=SOFTLOCKUP
[  448.552442][T10963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  448.552461][T10963] Call Trace:
[  448.552472][T10963]  <TASK>
[  448.552483][T10963]  dump_stack_lvl+0x100/0x190
[  448.552538][T10963]  should_fail_ex.cold+0x5/0xa
[  448.552577][T10963]  should_failslab+0xc2/0x120
[  448.552609][T10963]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  448.552654][T10963]  ? sock_alloc_inode+0x25/0x1c0
[  448.552700][T10963]  ? __pfx_sock_alloc_inode+0x10/0x10
[  448.552743][T10963]  sock_alloc_inode+0x25/0x1c0
[  448.552782][T10963]  alloc_inode+0x68/0x250
[  448.552820][T10963]  sock_alloc+0x44/0x280
[  448.552856][T10963]  ? security_socket_create+0x7f/0x250
[  448.552900][T10963]  __sock_create+0xc2/0x860
[  448.552951][T10963]  __sys_socket+0x14d/0x260
[  448.552983][T10963]  ? exc_page_fault+0x6f/0xd0
[  448.553023][T10963]  ? __pfx___sys_socket+0x10/0x10
[  448.553054][T10963]  ? do_user_addr_fault+0x8d6/0x12f0
[  448.553105][T10963]  __x64_sys_socket+0x72/0xb0
[  448.553132][T10963]  ? lockdep_hardirqs_on+0x78/0x100
[  448.553166][T10963]  do_syscall_64+0x106/0xf80
[  448.553200][T10963]  ? clear_bhb_loop+0x40/0x90
[  448.553236][T10963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.553266][T10963] RIP: 0033:0x7ff9c759e007
[  448.553291][T10963] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.553319][T10963] RSP: 002b:00007ff9c84e2f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  448.553347][T10963] RAX: ffffffffffffffda RBX: 00007ff9c7815fa0 RCX: 00007ff9c759e007
[  448.553367][T10963] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  448.553384][T10963] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  448.553402][T10963] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  448.553420][T10963] R13: 00007ff9c7816038 R14: 00007ff9c7815fa0 R15: 00007ffff62215e8
[  448.553462][T10963]  </TASK>
[  448.867191][T10963] socket: no more sockets
[  448.904429][T10963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1070'.
[  450.305620][T10984] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1074'.
[  452.077764][T11008] netlink: 17 bytes leftover after parsing attributes in process `syz.4.1080'.
[  452.095605][T11011] FAULT_INJECTION: forcing a failure.
[  452.095605][T11011] name failslab, interval 1, probability 0, space 0, times 0
[  452.548455][T11011] CPU: 1 UID: 0 PID: 11011 Comm: syz.6.1081 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  452.548503][T11011] Tainted: [L]=SOFTLOCKUP
[  452.548514][T11011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  452.548530][T11011] Call Trace:
[  452.548539][T11011]  <TASK>
[  452.548550][T11011]  dump_stack_lvl+0x100/0x190
[  452.548598][T11011]  should_fail_ex.cold+0x5/0xa
[  452.548633][T11011]  should_failslab+0xc2/0x120
[  452.548664][T11011]  __kmalloc_cache_noprof+0x7a/0x6f0
[  452.548724][T11011]  ? tracing_open+0x371/0xef0
[  452.548757][T11011]  ? seq_open+0x116/0x170
[  452.548798][T11011]  tracing_open+0x371/0xef0
[  452.548837][T11011]  do_dentry_open+0x6d8/0x1660
[  452.548865][T11011]  ? __pfx_tracing_open+0x10/0x10
[  452.548909][T11011]  vfs_open+0x82/0x3f0
[  452.548949][T11011]  path_openat+0x208c/0x31a0
[  452.548992][T11011]  ? __pfx_path_openat+0x10/0x10
[  452.549035][T11011]  do_file_open+0x20e/0x430
[  452.549067][T11011]  ? __pfx_do_file_open+0x10/0x10
[  452.549123][T11011]  ? alloc_fd+0x476/0x790
[  452.549154][T11011]  ? do_getname+0x191/0x390
[  452.549190][T11011]  do_sys_openat2+0x10d/0x1e0
[  452.549224][T11011]  ? __pfx_do_sys_openat2+0x10/0x10
[  452.549275][T11011]  __x64_sys_openat+0x12d/0x210
[  452.549314][T11011]  ? __pfx___x64_sys_openat+0x10/0x10
[  452.549365][T11011]  do_syscall_64+0x106/0xf80
[  452.549398][T11011]  ? clear_bhb_loop+0x40/0x90
[  452.549433][T11011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.549464][T11011] RIP: 0033:0x7f4aff59c799
[  452.549489][T11011] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  452.549518][T11011] RSP: 002b:00007f4b003e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  452.549545][T11011] RAX: ffffffffffffffda RBX: 00007f4aff815fa0 RCX: 00007f4aff59c799
[  452.549564][T11011] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  452.549582][T11011] RBP: 00007f4aff632bd9 R08: 0000000000000000 R09: 0000000000000000
[  452.549600][T11011] R10: 00000000000000eb R11: 0000000000000246 R12: 0000000000000000
[  452.549617][T11011] R13: 00007f4aff816038 R14: 00007f4aff815fa0 R15: 00007ffefc1eb5c8
[  452.549655][T11011]  </TASK>
[  456.329061][T11042] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1085'.
[  460.366504][T11077] ptrace attach of "./syz-executor exec"[7366] was attempted by "./syz-executor exec"[11077]
[  460.395044][T11076] FAULT_INJECTION: forcing a failure.
[  460.395044][T11076] name failslab, interval 1, probability 0, space 0, times 0
[  460.496033][T11076] CPU: 0 UID: 0 PID: 11076 Comm: syz.5.1092 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  460.496082][T11076] Tainted: [L]=SOFTLOCKUP
[  460.496093][T11076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  460.496110][T11076] Call Trace:
[  460.496120][T11076]  <TASK>
[  460.496130][T11076]  dump_stack_lvl+0x100/0x190
[  460.496180][T11076]  should_fail_ex.cold+0x5/0xa
[  460.496215][T11076]  should_failslab+0xc2/0x120
[  460.496246][T11076]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  460.496289][T11076]  ? sock_alloc_inode+0x25/0x1c0
[  460.496350][T11076]  ? __pfx_sock_alloc_inode+0x10/0x10
[  460.496393][T11076]  sock_alloc_inode+0x25/0x1c0
[  460.496432][T11076]  alloc_inode+0x68/0x250
[  460.496470][T11076]  sock_alloc+0x44/0x280
[  460.496505][T11076]  ? security_socket_create+0x7f/0x250
[  460.496548][T11076]  __sock_create+0xc2/0x860
[  460.496599][T11076]  __sys_socket+0x14d/0x260
[  460.496666][T11076]  ? exc_page_fault+0x6f/0xd0
[  460.496700][T11076]  ? __pfx___sys_socket+0x10/0x10
[  460.496732][T11076]  ? do_user_addr_fault+0x8d6/0x12f0
[  460.496783][T11076]  __x64_sys_socket+0x72/0xb0
[  460.496809][T11076]  ? lockdep_hardirqs_on+0x78/0x100
[  460.496843][T11076]  do_syscall_64+0x106/0xf80
[  460.496876][T11076]  ? clear_bhb_loop+0x40/0x90
[  460.496911][T11076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  460.496941][T11076] RIP: 0033:0x7ff9c759e007
[  460.496965][T11076] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  460.496994][T11076] RSP: 002b:00007ff9c84e2f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  460.497022][T11076] RAX: ffffffffffffffda RBX: 00007ff9c7815fa0 RCX: 00007ff9c759e007
[  460.497041][T11076] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  460.497058][T11076] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  460.497075][T11076] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  460.497093][T11076] R13: 00007ff9c7816038 R14: 00007ff9c7815fa0 R15: 00007ffff62215e8
[  460.497129][T11076]  </TASK>
[  460.497143][T11076] socket: no more sockets
[  461.166620][T11076] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1092'.
[  461.459286][   T30] audit: type=1804 audit(4294967497.600:12): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.1093" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=7 res=1 errno=0
[  464.811825][T11110] ptrace attach of "./syz-executor exec"[5823] was attempted by "./syz-executor exec"[11110]
[  465.781980][T11116] FAULT_INJECTION: forcing a failure.
[  465.781980][T11116] name failslab, interval 1, probability 0, space 0, times 0
[  465.842103][T11116] CPU: 1 UID: 0 PID: 11116 Comm: syz.1.1102 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  465.842149][T11116] Tainted: [L]=SOFTLOCKUP
[  465.842159][T11116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  465.842174][T11116] Call Trace:
[  465.842184][T11116]  <TASK>
[  465.842194][T11116]  dump_stack_lvl+0x100/0x190
[  465.842249][T11116]  should_fail_ex.cold+0x5/0xa
[  465.842281][T11116]  ? tomoyo_realpath_from_path+0xb6/0x690
[  465.842313][T11116]  should_failslab+0xc2/0x120
[  465.842342][T11116]  __kmalloc_noprof+0xe0/0x850
[  465.842389][T11116]  tomoyo_realpath_from_path+0xb6/0x690
[  465.842430][T11116]  tomoyo_path_number_perm+0x23c/0x580
[  465.842471][T11116]  ? tomoyo_path_number_perm+0x22e/0x580
[  465.842515][T11116]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  465.842595][T11116]  ? find_held_lock+0x2b/0x80
[  465.842621][T11116]  ? __fget_files+0x215/0x3d0
[  465.842644][T11116]  ? hook_file_ioctl_common+0x146/0x410
[  465.842694][T11116]  ? __fget_files+0x21f/0x3d0
[  465.842726][T11116]  security_file_ioctl+0xd3/0x230
[  465.842771][T11116]  __x64_sys_ioctl+0xb7/0x210
[  465.842812][T11116]  do_syscall_64+0x106/0xf80
[  465.842845][T11116]  ? clear_bhb_loop+0x40/0x90
[  465.842878][T11116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.842907][T11116] RIP: 0033:0x7fcf3999c799
[  465.842929][T11116] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  465.842956][T11116] RSP: 002b:00007fcf3a90e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  465.842982][T11116] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999c799
[  465.843001][T11116] RDX: fffffffffffff4e0 RSI: 00000000c00c6211 RDI: 0000000000000003
[  465.843018][T11116] RBP: 00007fcf3a90e090 R08: 0000000000000000 R09: 0000000000000000
[  465.843035][T11116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.843051][T11116] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  465.843092][T11116]  </TASK>
[  466.129140][T11116] ERROR: Out of memory at tomoyo_realpath_from_path.
[  466.136071][T11116] binder: 11113:11116 ioctl c00c6211 fffffffffffff4e0 returned -14
[  467.880018][T11136] FAULT_INJECTION: forcing a failure.
[  467.880018][T11136] name failslab, interval 1, probability 0, space 0, times 0
[  468.198547][T11136] CPU: 1 UID: 0 PID: 11136 Comm: syz.5.1104 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  468.198592][T11136] Tainted: [L]=SOFTLOCKUP
[  468.198619][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  468.198647][T11136] Call Trace:
[  468.198656][T11136]  <TASK>
[  468.198668][T11136]  dump_stack_lvl+0x100/0x190
[  468.198717][T11136]  should_fail_ex.cold+0x5/0xa
[  468.198753][T11136]  should_failslab+0xc2/0x120
[  468.198783][T11136]  __kmalloc_cache_noprof+0x7a/0x6f0
[  468.198820][T11136]  ? tracing_open+0x371/0xef0
[  468.198853][T11136]  ? seq_open+0x116/0x170
[  468.198895][T11136]  tracing_open+0x371/0xef0
[  468.198935][T11136]  do_dentry_open+0x6d8/0x1660
[  468.198964][T11136]  ? __pfx_tracing_open+0x10/0x10
[  468.199007][T11136]  vfs_open+0x82/0x3f0
[  468.199044][T11136]  path_openat+0x208c/0x31a0
[  468.199084][T11136]  ? __pfx_path_openat+0x10/0x10
[  468.199129][T11136]  do_file_open+0x20e/0x430
[  468.199159][T11136]  ? __pfx_do_file_open+0x10/0x10
[  468.199216][T11136]  ? alloc_fd+0x476/0x790
[  468.199249][T11136]  ? do_getname+0x191/0x390
[  468.199287][T11136]  do_sys_openat2+0x10d/0x1e0
[  468.199323][T11136]  ? __pfx_do_sys_openat2+0x10/0x10
[  468.199374][T11136]  __x64_sys_openat+0x12d/0x210
[  468.199413][T11136]  ? __pfx___x64_sys_openat+0x10/0x10
[  468.199462][T11136]  do_syscall_64+0x106/0xf80
[  468.199496][T11136]  ? clear_bhb_loop+0x40/0x90
[  468.199536][T11136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.199566][T11136] RIP: 0033:0x7ff9c759c799
[  468.199591][T11136] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  468.199619][T11136] RSP: 002b:00007ff9c84e4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  468.199658][T11136] RAX: ffffffffffffffda RBX: 00007ff9c7815fa0 RCX: 00007ff9c759c799
[  468.199679][T11136] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  468.199699][T11136] RBP: 00007ff9c7632bd9 R08: 0000000000000000 R09: 0000000000000000
[  468.199717][T11136] R10: 000000000000ffeb R11: 0000000000000246 R12: 0000000000000000
[  468.199735][T11136] R13: 00007ff9c7816038 R14: 00007ff9c7815fa0 R15: 00007ffff62215e8
[  468.199775][T11136]  </TASK>
[  472.184976][T11160] blktrace: Concurrent blktraces are not allowed on loop2
[  473.849084][T11173] random: crng reseeded on system resumption
[  474.534904][T11179] FAULT_INJECTION: forcing a failure.
[  474.534904][T11179] name failslab, interval 1, probability 0, space 0, times 0
[  474.724891][T11179] CPU: 0 UID: 0 PID: 11179 Comm: syz.1.1112 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  474.724940][T11179] Tainted: [L]=SOFTLOCKUP
[  474.724951][T11179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  474.724968][T11179] Call Trace:
[  474.724978][T11179]  <TASK>
[  474.724989][T11179]  dump_stack_lvl+0x100/0x190
[  474.725040][T11179]  should_fail_ex.cold+0x5/0xa
[  474.725075][T11179]  should_failslab+0xc2/0x120
[  474.725106][T11179]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  474.725150][T11179]  ? sock_alloc_inode+0x25/0x1c0
[  474.725196][T11179]  ? __pfx_sock_alloc_inode+0x10/0x10
[  474.725238][T11179]  sock_alloc_inode+0x25/0x1c0
[  474.725277][T11179]  alloc_inode+0x68/0x250
[  474.725316][T11179]  sock_alloc+0x44/0x280
[  474.725350][T11179]  ? security_socket_create+0x7f/0x250
[  474.725394][T11179]  __sock_create+0xc2/0x860
[  474.725443][T11179]  __sys_socket+0x14d/0x260
[  474.725468][T11179]  ? exc_page_fault+0x6f/0xd0
[  474.725509][T11179]  ? __pfx___sys_socket+0x10/0x10
[  474.725540][T11179]  ? do_user_addr_fault+0x8d6/0x12f0
[  474.725592][T11179]  __x64_sys_socket+0x72/0xb0
[  474.725617][T11179]  ? lockdep_hardirqs_on+0x78/0x100
[  474.725651][T11179]  do_syscall_64+0x106/0xf80
[  474.725683][T11179]  ? clear_bhb_loop+0x40/0x90
[  474.725718][T11179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.725748][T11179] RIP: 0033:0x7fcf3999e007
[  474.725772][T11179] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  474.725800][T11179] RSP: 002b:00007fcf3a90cf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  474.725828][T11179] RAX: ffffffffffffffda RBX: 00007fcf39c15fa0 RCX: 00007fcf3999e007
[  474.725847][T11179] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  474.725861][T11179] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  474.725875][T11179] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000
[  474.725889][T11179] R13: 00007fcf39c16038 R14: 00007fcf39c15fa0 R15: 00007ffe5716b528
[  474.725921][T11179]  </TASK>
[  474.725935][T11179] socket: no more sockets
[  475.243000][T11184] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1112'.
[  475.384043][T11192] binder: 11188:11192 ioctl c00c6211 fffffffffffff4e0 returned -14
[  476.046919][T11198] FAULT_INJECTION: forcing a failure.
[  476.046919][T11198] name failslab, interval 1, probability 0, space 0, times 0
[  476.118324][T11198] CPU: 0 UID: 0 PID: 11198 Comm: syz.6.1115 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  476.118370][T11198] Tainted: [L]=SOFTLOCKUP
[  476.118379][T11198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  476.118394][T11198] Call Trace:
[  476.118403][T11198]  <TASK>
[  476.118415][T11198]  dump_stack_lvl+0x100/0x190
[  476.118460][T11198]  should_fail_ex.cold+0x5/0xa
[  476.118491][T11198]  should_failslab+0xc2/0x120
[  476.118518][T11198]  __kmalloc_cache_noprof+0x7a/0x6f0
[  476.118563][T11198]  ? tracing_open+0x371/0xef0
[  476.118598][T11198]  ? seq_open+0x116/0x170
[  476.118642][T11198]  tracing_open+0x371/0xef0
[  476.118684][T11198]  do_dentry_open+0x6d8/0x1660
[  476.118719][T11198]  ? __pfx_tracing_open+0x10/0x10
[  476.118763][T11198]  vfs_open+0x82/0x3f0
[  476.118803][T11198]  path_openat+0x208c/0x31a0
[  476.118847][T11198]  ? __pfx_path_openat+0x10/0x10
[  476.118909][T11198]  do_file_open+0x20e/0x430
[  476.118943][T11198]  ? __pfx_do_file_open+0x10/0x10
[  476.119002][T11198]  ? alloc_fd+0x476/0x790
[  476.119036][T11198]  ? do_getname+0x191/0x390
[  476.119075][T11198]  do_sys_openat2+0x10d/0x1e0
[  476.119113][T11198]  ? __pfx_do_sys_openat2+0x10/0x10
[  476.119171][T11198]  __x64_sys_openat+0x12d/0x210
[  476.119210][T11198]  ? __pfx___x64_sys_openat+0x10/0x10
[  476.119264][T11198]  do_syscall_64+0x106/0xf80
[  476.119299][T11198]  ? clear_bhb_loop+0x40/0x90
[  476.119335][T11198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.119364][T11198] RIP: 0033:0x7f4aff59c799
[  476.119389][T11198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  476.119503][T11198] RSP: 002b:00007f4b003e5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  476.119532][T11198] RAX: ffffffffffffffda RBX: 00007f4aff815fa0 RCX: 00007f4aff59c799
[  476.119553][T11198] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  476.119574][T11198] RBP: 00007f4aff632bd9 R08: 0000000000000000 R09: 0000000000000000
[  476.119592][T11198] R10: 000000000000ffff R11: 0000000000000246 R12: 0000000000000000
[  476.119611][T11198] R13: 00007f4aff816038 R14: 00007f4aff815fa0 R15: 00007ffefc1eb5c8
[  476.119653][T11198]  </TASK>
[  477.752879][T11207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1117'.
[  480.928220][T11238] netlink: 'syz.5.1125': attribute type 9 has an invalid length.
[  481.469448][T11238] netlink: zone id is out of range
[  481.474609][T11238] netlink: zone id is out of range
[  481.513031][T11239] netlink: zone id is out of range
[  481.518596][T11239] netlink: zone id is out of range
[  481.528334][T11239] netlink: zone id is out of range
[  481.533800][T11239] netlink: zone id is out of range
[  481.541008][T11239] netlink: zone id is out of range
[  481.546387][T11239] netlink: zone id is out of range
[  481.608492][T11238] netlink: zone id is out of range
[  481.703560][T11238] netlink: zone id is out of range
[  482.302835][T11247] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  483.958564][T11261] ptrace attach of "./syz-executor exec"[5823] was attempted by "./syz-executor exec"[11261]
[  484.291859][T11270] Console: switching to colour VGA+ 80x25
[  484.461640][T11271] ==================================================================
[  484.461679][T11271] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60
[  484.461747][T11271] Read of size 46 at addr ffff888060105bde by task syz.4.1131/11271
[  484.461778][T11271] 
[  484.461795][T11271] CPU: 1 UID: 0 PID: 11271 Comm: syz.4.1131 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  484.461836][T11271] Tainted: [L]=SOFTLOCKUP
[  484.461846][T11271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  484.461864][T11271] Call Trace:
[  484.461872][T11271]  <TASK>
[  484.461883][T11271]  dump_stack_lvl+0x100/0x190
[  484.461924][T11271]  print_report+0x156/0x4c9
[  484.461964][T11271]  ? __virt_addr_valid+0x81/0x620
[  484.461997][T11271]  ? __phys_addr+0xe8/0x180
[  484.462032][T11271]  ? fbcon_prepare_logo+0x94e/0xc60
[  484.462073][T11271]  kasan_report+0xdf/0x1e0
[  484.462102][T11271]  ? fbcon_prepare_logo+0x94e/0xc60
[  484.462149][T11271]  kasan_check_range+0x10f/0x1e0
[  484.462182][T11271]  __asan_memcpy+0x23/0x60
[  484.462218][T11271]  fbcon_prepare_logo+0x94e/0xc60
[  484.462267][T11271]  fbcon_init+0x10a0/0x1820
[  484.462313][T11271]  visual_init+0x320/0x620
[  484.462342][T11271]  do_bind_con_driver.isra.0+0x636/0x9c0
[  484.462380][T11271]  store_bind+0x609/0x730
[  484.462415][T11271]  ? __pfx_store_bind+0x10/0x10
[  484.462444][T11271]  dev_attr_store+0x58/0x80
[  484.462504][T11271]  ? __pfx_dev_attr_store+0x10/0x10
[  484.462547][T11271]  sysfs_kf_write+0xf2/0x150
[  484.462582][T11271]  kernfs_fop_write_iter+0x3e0/0x5f0
[  484.462608][T11271]  ? __pfx_sysfs_kf_write+0x10/0x10
[  484.462640][T11271]  vfs_write+0x6ac/0x1070
[  484.462683][T11271]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  484.462714][T11271]  ? __pfx_vfs_write+0x10/0x10
[  484.462773][T11271]  ksys_write+0x12a/0x250
[  484.462798][T11271]  ? __pfx_ksys_write+0x10/0x10
[  484.462821][T11271]  ? kcov_ioctl+0x16a/0x720
[  484.462868][T11271]  do_syscall_64+0x106/0xf80
[  484.462902][T11271]  ? clear_bhb_loop+0x40/0x90
[  484.462935][T11271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.462962][T11271] RIP: 0033:0x7f308639c799
[  484.462985][T11271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  484.463012][T11271] RSP: 002b:00007f30841f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  484.463038][T11271] RAX: ffffffffffffffda RBX: 00007f3086616270 RCX: 00007f308639c799
[  484.463057][T11271] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  484.463076][T11271] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  484.463094][T11271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  484.463111][T11271] R13: 00007f3086616308 R14: 00007f3086616270 R15: 00007ffc2b12f608
[  484.463138][T11271]  </TASK>
[  484.463148][T11271] 
[  484.463155][T11271] Allocated by task 11271:
[  484.463223][T11271]  kasan_save_stack+0x30/0x50
[  484.463266][T11271]  kasan_save_track+0x14/0x30
[  484.463304][T11271]  __kasan_kmalloc+0xaa/0xb0
[  484.463341][T11271]  __kmalloc_noprof+0x301/0x850
[  484.463377][T11271]  vc_do_resize+0x1da/0x10f0
[  484.463404][T11271]  fbcon_init+0x10ba/0x1820
[  484.463447][T11271]  visual_init+0x320/0x620
[  484.463470][T11271]  do_bind_con_driver.isra.0+0x636/0x9c0
[  484.463501][T11271]  store_bind+0x609/0x730
[  484.463528][T11271]  dev_attr_store+0x58/0x80
[  484.463567][T11271]  sysfs_kf_write+0xf2/0x150
[  484.463598][T11271]  kernfs_fop_write_iter+0x3e0/0x5f0
[  484.463624][T11271]  vfs_write+0x6ac/0x1070
[  484.463663][T11271]  ksys_write+0x12a/0x250
[  484.463684][T11271]  do_syscall_64+0x106/0xf80
[  484.463715][T11271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.463742][T11271] 
[  484.463749][T11271] The buggy address belongs to the object at ffff888060105800
[  484.463749][T11271]  which belongs to the cache kmalloc-512 of size 512
[  484.463781][T11271] The buggy address is located 714 bytes to the right of
[  484.463781][T11271]  allocated 276-byte region [ffff888060105800, ffff888060105914)
[  484.463811][T11271] 
[  484.463818][T11271] The buggy address belongs to the physical page:
[  484.463831][T11271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x60104
[  484.463869][T11271] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  484.463893][T11271] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  484.463917][T11271] page_type: f5(slab)
[  484.463942][T11271] raw: 00fff00000000040 ffff88813fe3cc80 dead000000000100 dead000000000122
[  484.463974][T11271] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  484.464000][T11271] head: 00fff00000000040 ffff88813fe3cc80 dead000000000100 dead000000000122
[  484.464026][T11271] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  484.464051][T11271] head: 00fff00000000002 ffffea0001804101 00000000ffffffff 00000000ffffffff
[  484.464077][T11271] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  484.464093][T11271] page dumped because: kasan: bad access detected
[  484.464147][T11271] page_owner tracks the page as allocated
[  484.464159][T11271] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5832, tgid 5832 (syz-executor), ts 80861915700, free_ts 23640743379
[  484.464209][T11271]  post_alloc_hook+0x153/0x170
[  484.464246][T11271]  get_page_from_freelist+0x111d/0x3140
[  484.464283][T11271]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  484.464322][T11271]  new_slab+0xa6/0x6c0
[  484.464352][T11271]  refill_objects+0x26b/0x400
[  484.464386][T11271]  __pcs_replace_empty_main+0x1ab/0x600
[  484.464424][T11271]  __kmalloc_noprof+0x688/0x850
[  484.464462][T11271]  fib6_info_alloc+0x40/0x160
[  484.464552][T11271]  ip6_route_info_create+0x14c/0xad0
[  484.464608][T11271]  ip6_route_add+0x4b/0x1d0
[  484.464649][T11271]  addrconf_add_mroute+0x1de/0x350
[  484.464702][T11271]  addrconf_add_dev+0x14e/0x1a0
[  484.464732][T11271]  inet6_addr_add+0xfc/0x9a0
[  484.464772][T11271]  inet6_rtm_newaddr+0x1475/0x1bb0
[  484.464809][T11271]  rtnetlink_rcv_msg+0x95e/0xe90
[  484.464874][T11271]  netlink_rcv_skb+0x159/0x420
[  484.464910][T11271] page last free pid 1 tgid 1 stack trace:
[  484.464924][T11271]  __free_frozen_pages+0x7e1/0x10d0
[  484.464956][T11271]  free_contig_range+0xde/0x1d0
[  484.465022][T11271]  destroy_args+0xa8/0x7a0
[  484.465159][T11271]  debug_vm_pgtable+0x1b66/0x34c0
[  484.465194][T11271]  do_one_initcall+0x11d/0x760
[  484.465220][T11271]  kernel_init_freeable+0x6e5/0x7a0
[  484.465298][T11271]  kernel_init+0x1f/0x1e0
[  484.465336][T11271]  ret_from_fork+0x754/0xd80
[  484.465374][T11271]  ret_from_fork_asm+0x1a/0x30
[  484.465403][T11271] 
[  484.465409][T11271] Memory state around the buggy address:
[  484.465423][T11271]  ffff888060105a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  484.465444][T11271]  ffff888060105b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  484.465464][T11271] >ffff888060105b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  484.465479][T11271]                                                     ^
[  484.465495][T11271]  ffff888060105c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  484.465515][T11271]  ffff888060105c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  484.465531][T11271] ==================================================================
[  484.529721][T11271] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  484.529752][T11271] CPU: 1 UID: 0 PID: 11271 Comm: syz.4.1131 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  484.529796][T11271] Tainted: [L]=SOFTLOCKUP
[  484.529808][T11271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  484.529825][T11271] Call Trace:
[  484.529834][T11271]  <TASK>
[  484.529845][T11271]  dump_stack_lvl+0x100/0x190
[  484.529892][T11271]  vpanic+0x552/0x970
[  484.529919][T11271]  ? __pfx_vpanic+0x10/0x10
[  484.529950][T11271]  ? fbcon_prepare_logo+0x94e/0xc60
[  484.529994][T11271]  panic+0xd1/0xe0
[  484.530021][T11271]  ? __pfx_panic+0x10/0x10
[  484.530050][T11271]  ? fbcon_prepare_logo+0x94e/0xc60
[  484.530092][T11271]  ? preempt_schedule_common+0x42/0xc0
[  484.530129][T11271]  check_panic_on_warn.cold+0x19/0x34
[  484.530161][T11271]  end_report.part.0+0x3a/0x90
[  484.530201][T11271]  kasan_report.cold+0xe/0x18
[  484.530249][T11271]  ? fbcon_prepare_logo+0x94e/0xc60
[  484.530298][T11271]  kasan_check_range+0x10f/0x1e0
[  484.530333][T11271]  __asan_memcpy+0x23/0x60
[  484.530370][T11271]  fbcon_prepare_logo+0x94e/0xc60
[  484.530418][T11271]  fbcon_init+0x10a0/0x1820
[  484.530464][T11271]  visual_init+0x320/0x620
[  484.530494][T11271]  do_bind_con_driver.isra.0+0x636/0x9c0
[  484.530531][T11271]  store_bind+0x609/0x730
[  484.530566][T11271]  ? __pfx_store_bind+0x10/0x10
[  484.530596][T11271]  dev_attr_store+0x58/0x80
[  484.530638][T11271]  ? __pfx_dev_attr_store+0x10/0x10
[  484.530680][T11271]  sysfs_kf_write+0xf2/0x150
[  484.530726][T11271]  kernfs_fop_write_iter+0x3e0/0x5f0
[  484.530787][T11271]  ? __pfx_sysfs_kf_write+0x10/0x10
[  484.530825][T11271]  vfs_write+0x6ac/0x1070
[  484.530870][T11271]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  484.530901][T11271]  ? __pfx_vfs_write+0x10/0x10
[  484.530954][T11271]  ksys_write+0x12a/0x250
[  484.530978][T11271]  ? __pfx_ksys_write+0x10/0x10
[  484.531002][T11271]  ? kcov_ioctl+0x16a/0x720
[  484.531048][T11271]  do_syscall_64+0x106/0xf80
[  484.531083][T11271]  ? clear_bhb_loop+0x40/0x90
[  484.531116][T11271]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.531147][T11271] RIP: 0033:0x7f308639c799
[  484.531171][T11271] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  484.531200][T11271] RSP: 002b:00007f30841f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  484.531254][T11271] RAX: ffffffffffffffda RBX: 00007f3086616270 RCX: 00007f308639c799
[  484.531274][T11271] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[  484.531292][T11271] RBP: 00007f3086432bd9 R08: 0000000000000000 R09: 0000000000000000
[  484.531311][T11271] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  484.531328][T11271] R13: 00007f3086616308 R14: 00007f3086616270 R15: 00007ffc2b12f608
[  484.531355][T11271]  </TASK>
[  484.531820][T11271] Kernel Offset: disabled