last executing test programs:

1m50.865187993s ago: executing program 0 (id=4223):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000003dc0), 0x2002, 0x0)
sync_file_range$auto(r0, 0xffffffff, 0xfffffffffffffffc, 0x2) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
socket(0x2, 0x1, 0x0) (async)
socket(0x1e, 0x1, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0) (async)
mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x180000000) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20) (async)
r2 = clone$auto(0x4, 0x0, 0x0, 0x0, 0x8) (async)
r3 = set_tid_address$auto(0x0)
kcmp$auto(r2, r3, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) (async)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
socketpair$auto(0x1, 0x8, 0x0, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r5, 0x40f, 0x4) (async)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async)
r6 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r6, 0xc004743e, 0x0)

1m49.968066519s ago: executing program 0 (id=4228):
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/nbd9/queue/iosched/read_expire\x00', 0x206a1, 0x0)
getpid()
ioctl$auto_FIONBIO(r0, 0x5421, 0x4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
r3 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x648541, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r3, [0x0, 0x0, 0x4], {0x6, 0x6, 0x8c48, 0x29a, 0x109, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}})
r4 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
read$auto_vhci_fops_hci_vhci(r4, &(0x7f0000000d40)=""/16, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x7, 0x7, 0x9ab, 0x10015f4da0e, 0xd, 0x40, 0x64c1, 0x8000000f, 0x6, 0x6d40, 0xc, 0x1, 0x2]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
ioctl$auto(r3, 0xd, r2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x100, 0x3, 0x7, 0x10}, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_7={@link_id=0x1, 0x3, 0x3}, 0x6f3)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='n\fZs\xec', 0x200, &(0x7f0000000300))

1m46.591317929s ago: executing program 0 (id=4243):
ioprio_set$auto(0x3, 0xee01, 0x4b36)

1m46.50406585s ago: executing program 0 (id=4244):
r0 = epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x41)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0xf}, 0x3, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r3 = socket(0x22, 0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000480)={'dummy0\x00', <r6=>0x0})
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="200010dfa5c76ace1c00001e90e0a1943159e14a1377fcb257b1078ef78f37a514aaee01816329f8653b774e69cbbb66eb01c45a0d71600d9203e783a5345d26a97dba", @ANYRES16=r5, @ANYBLOB="010027bd7000fddbdf252c0000000c00018008000100", @ANYRES32=r6, @ANYBLOB], 0x20}, 0x1, 0x1000060}, 0x400c080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x40000000001]}, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r7 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0)
read$auto_v4l2_fops_v4l2_dev(r7, &(0x7f0000000000)=""/194, 0xc2)
close_range$auto(0x0, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x7, 0x17)

1m45.053428747s ago: executing program 0 (id=4248):
r0 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x82000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x200, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10)
bpf$auto(0x1b, &(0x7f0000000380)=@task_fd_query={<r1=>0x0, 0xffffffffffffffff, 0x2, 0x5, 0x4, 0x8, <r2=>0xffffffffffffffff, 0x8, 0x300}, 0x92)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r3, 0x401c5820, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x4200, 0x4)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000440)={&(0x7f0000001580)=ANY=[@ANYBLOB="24030000", @ANYRES16=0x0, @ANYBLOB="01002abd7000fcdbdf250200000006006d002d8700000800a400010000000400bf000500a200a800000008009a00010000000800c30008000000040073008c000201d5472c0511c0c8fc64309e7b4e13877b50f69d426fc3e1f63e28ccac75333cd93150e31dce2922053187aa9624c7c354f5050eb265f7556b2b32e3281cd3aab95d2317cf929f1fdc57385f23b6de23f4092616742c5afad525ed0b4bbbcab3b99db831cae53c7d44e665454d4c76188d26665efb9eac3f4ee0ca618f80457b50ff6a85a7c0c0c59408007700d09d00004c025a80a8014f8008004500", @ANYRES32=r1, @ANYBLOB="1e0076002f7379732f6b65726e656c2f74726163696e672f74726163650000001706a61e726a077a3e4760f2100eae173f5b4ea5c542673d1a3c793cd744be4874d2c4657b93551b9138b952437978a8fa093a4183ce21a7e0c1c3ea2198a711c6298a9907a86df05fdebf1f34131b43030dba66e4011d1fe2b76f5e8a9c8dd7de38c9c3d1625d3b3a1ae40695cab4f6e78d471116e6e965921f34d382296e1ac1ab83f6cde1224f5109af50fb20a8948ebab725af2635ec6b9f9fc374c226a848a8726e2ff4fafcace52cc762a162530af9c4b3bbee2853dafc2d84eb1f88e95df309bc5daafac6bdfefc76908aafbef8cd436a933099e48442a361a2236e1972e31508c147c6f71cee63c3b169f175d7642861a799089e2c632d4104af15a38f29eab88980055ceb67223c511f2ec51016fc79d11e676028a2ddee31283d9df2263893cecf56bdfa4f73badf084e7cd6c505acc5c10be28099942926989bd463a349ee3fe455c81c043cc2683d760620a527e2cc4041078d8220a3263bec44578a53270400918014006100fc020000000000000000000000000000e8c513594d239474cd19aeafd82650db550de07191f2ea56a0fe39bd68bc963d05e385089f86d03f1aa42837d5dd350fe430cb85583b806f49dfb5eba7cf023c365017dd548826ecf0797ea4440bc0dd8c909c956ce1e71d1c84228e873ac0faf86ffd5b78495c25bd9ee0bb7ae47f28e7d3a040f55056ba24b09f7934bf6ffd2801da805390e0051faa2f33d97f70e29227e202e5756cb7ecb79fb8535053d0"], 0x324}, 0x1, 0x0, 0x0, 0x90}, 0x81)
r4 = creat$auto(&(0x7f0000000140)='./file0\x00', 0x9)
ioctl$auto_BLKTRACESETUP32(r4, 0xc0401273, &(0x7f00000001c0)={"b2a4c33c473dab346bce472c47d1158a4bc0f66c24678a7261c092c45cc82899", 0x5, 0xff000000, 0x6, 0x7fffffff, 0x3ff})
read$auto_tracing_fops_trace(r0, &(0x7f0000000580)=""/4087, 0xff7)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r5)
r7 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(r5, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x178, r6, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x2}, @NL80211_ATTR_PROBE_RESP={0xf7, 0x91, "e6a83d81f891a5c75fd13d82bd71e3c87094540399f29d9d888a5480cf0882c37782327164e06729d2f5a48d37f00af05c3d82e332f90f2c42dda4671d1b497429aac493dcbd21dfce27bad58e8076bbb024c17539d1fe10a485dd052d0894e5b6d61389c83f56dc26ab8d7a78dc08cc9041f40c2b5959ac3878ee8af43acd492431b7a0e59f38e64ff14dc4e3ab24c44708d6517c0d1e061ef0ef8b0ddce64b59a069e57ff4bccb17b1572dece0c2e8d0c2a0d81a1e2e5bd49e3ed40283c9ab4fd79619fea8f5c6a4f2df21bac220feab88e8adfab9ce3976a7844618dc7d95ea94b0b13e8958404e3f4ce5c3002acaddc38c"}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r7}, @NL80211_ATTR_QOS_MAP={0x59, 0xc7, "57e7361239b6eefb7494c3acd74d7545c47af38921172e7a4f792f6433498d984e1e70f324b98a96630b2acace1ee74d91216d54e037c71f7a7d29418a8a40aef301a111ff28500c8d4e3581268d95017bccb321d6"}]}, 0x178}, 0x1, 0x0, 0x0, 0x851}, 0x40)

1m44.78906s ago: executing program 0 (id=4250):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
io_uring_setup$auto(0x6, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(0x0, r2)
sendmsg$auto_ETHTOOL_MSG_MM_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="000229bd708a8761c85eb4afaf3f9ad3a100c8d0dc68032b8be0453badcaa7fddbdf252b000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000855}, 0x8004)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x8102, 0x0)
ioctl$auto_FIBMAP(r0, 0x2284, 0x0)

1m29.667608844s ago: executing program 32 (id=4250):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x82, 0x0)
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40)
io_uring_setup$auto(0x6, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(0x0, r2)
sendmsg$auto_ETHTOOL_MSG_MM_SET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="000229bd708a8761c85eb4afaf3f9ad3a100c8d0dc68032b8be0453badcaa7fddbdf252b000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000855}, 0x8004)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, 0x0)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x8102, 0x0)
ioctl$auto_FIBMAP(r0, 0x2284, 0x0)

12.035029318s ago: executing program 4 (id=4549):
r0 = openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/comm\x00', 0x2, 0x0)
write$auto_proc_pid_set_comm_operations_base(r0, &(0x7f0000000000)="bcba", 0x2)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/adsp1\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0x12, 0xfffffffffffffffa, 0x8003)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x40242, 0x0)
getpriority$auto_PRIO_PROCESS(0x0, 0xffffffffffffffff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000001f80)=ANY=[@ANYBLOB="f0180000", @ANYRES16=0x0, @ANYBLOB="00032cbd7000ffdbdf2508000000b00102802800308008004100640101000400d180040013801400c900fc0000000000000000000000000000007b543a2288e807eb7762955da5ab9678afde7ab70d0bf61baea12915f6917890b13c3ad5ea8cf910622d2f94a524cbd20c006b000a00000000000000fb000c80a6a0b4e761dd34b693f6d9dccfa34ac00076588d3abeecd191797ff61aca28da0ae595439be36563dffdfc601369dfed3aad7303408e65f906acd74c45ec353f392abf7de1f2d8e4953975d3995588a4b6ba3db2470a946d1aae031a8aa030514cc57277e45ae71523771a101a6433f087c06476139ddbc25478111e7469f74881e508b37efe1e55b95c05264f09645a5e5bbee1c6f3d09624f8803994bd944dce4ff01e7b9f2b673b49ca3500d57511a8b17587522204d8f9d0ee4b0df717910a8db5a7e6a6a1c8aff8636e80a4b0f6f08ede56f123e93a2e753e06d685d0c1f4a5eda587d593df00f7c005c0976f434e5441e6029f280004007300700283e7751b321c5fde2cbf8ddc04d0a7b6872051aae350a946c2f6275fd11bbb4289df18796fcf4d161392d2ba071242791d803d6be4b249e29b3944852011b04ddb51dadbe358240001800800030000040000080003000080000008000100", @ANYRES32=0x0, @ANYBLOB="08000300060000003b150280d3096835a2124565611b2a49467f66a79b7cf061b5e487eca39fb55eede05af846feb4bb3ac9bf8ed3e271579ace4453365c6e1d6c905908004f00ac1414aa75e80d96273b4aa4ab10bcdc35987205bd3d01a631314f1a38a5b439c0a7b1ccf9a59b35066a5583c84da70da2808379e999b5863a5757ed5cae0e7c5ed18c1095ef0d87de5a3a61cba7bfd397e18d20b2abcb3d59e3cc98d2207f49e09d17e3227301e58198e0b459e17de9721e853d4541dacd71a6f5161463a435ee7234954d393c8476525b945e36c603f1d2f87b8fcbbac4b9d584c4104aa30d15e896f2797696005f800400e68004006d8008001e00", @ANYRES32, @ANYBLOB="1153f3f53a40f00495176f213a34ae3322789be47582e72e0507ff3c36732dca877b11e9556e9b905fa52cf4d0481dda9768db36cdff251c85cd86aa29660bb57df5a6aad260c54190f7cec39e04f577c856489a723a72cd0d7501bd17203a606ea59f4efe4d7c82b42834ee71ebd78b125027dca7bb0594efdc1ac63cd6b329a609000004002b001c016c80d7796198d8745fa11558b66dd97e2b4379f6fbb859ccbbe10b73dbddf32680dd7436ef1717dccf394aeb67ee2b97efaae68347b28895b8012a2d67927a4223bc140aa9a07926acaef41d06ec4cdf59e0b9bd995472e2762f6de7047e99932223ab6a4f89fac8efcfc3505681c70c3f893144c1464d535e05688681b7008877cfa3c5c693edeb583a1ab9597a8f098398aab89cbfd14de63c9316c4c4e2fb967653f0e4009d7d491365d0a71f53b60c449155fcfc5b4d464e5027f7747ebb673eb95364a9b040e170ee2d07d6358f91fa9291fa3deaf3855bbc9aef4482696e70c1ebed37ffb399cdf85135915202d3d3fdef734bb54381161400eb0000000000000000000000ffffac1414bb0800b4000500000004002b802a120e80bf9ca3d12b7887a0d6632d03ca50e084a81401e1c8444ab5ed44093dadeb5df95aa4952013a244318dba265260b3b069d587ab1de01c99cbd3cfa799fdc5e4e7318ff3c19649d21193c7034307c9855798f66b1b501d733076db8b51e46dd283595695288d95698559afae5e44236df3869c4e03a6cba49e230bc78156ca9b401f66488f0ab35b7756c76037a0347bf2968e3753e53e6796b8ef1572dccc008d25c3c89ff43507126c03bfc4190d0c263f6121ec1b3f1b3952b18c4b5853c96dcdb3bfea7e1ebb3c7b69df887ae519f687a34658edf3c5562d5ef6269677be48bc220400358099eff8bd101dc75e0c3d912176c5bdc3e0cc2eba1ab2afb9e83162d8a3151ce600275ffc9386a973535497dc92b75d9f181b8359011b7ee91b829f45c4d258fcb9eed6807bc35dd1341d4d190c7c24b6931ff9be10c04cb144dd8815dcc1b76ad9de2884746a003dad868ab9511b0f992199835432ef96fb84e7f930074bb32f7ae149df3a696cf898954f69b60a3508246538c146b631d0e0c46330ef2999e58b7b68b6e0f8a4f8e782cf509bf7bdd49c3fef0e8892db386fbaece560de81f86ec4119604ad7761d8de590d7bf537b0e02217d0c8047c2f59f146b6e1188f919d727148bffa34847741673cd6f36e4f627280be6b184a8a3f28ff292c112be79b565bbd9d15395aadd260b9bb3033de3d3f798c3720f72bc821295f8abc3102c00c1c8682b6d8a5973343fc1ef28bed87584174cb45267a446f57c4e5f2e463887ceb5e5184a6e9efc5404eca05d7eef81050056c372e14575df6711fe531f3f5546d134ed9f79c5d5a3b0456b0254ace2e4078d66b3dfa2f117beadecd9984fa5d709d81587e429dc6285f5574ab6f03058cc91fa8026bd715d3ea52a2f0390868e0b4f6b5c8f6f223b0c0e2b79c0e2fba23006d7e3e1ac6bcb748da48cdb5ca99da76490af313427b886b1762f41dc04463f19bcecc65f65b7f9b02557f4522974a5b47cb9910adfe702343ec14c839a8f69b690069d7f6732ad9acb6f92b6fd3def4168bcd4ec2f2cb0561efaec25f7c622e4666d311c2daa84c73fa76922b1882794bf436efdc1e753a50bdfc8785650b31bdbea41589de8b31efe349b94c7e7ed8eb8a8ee29c424f1ce5b11e87e62fdb5b46beb8065d88b4390cdb239e4d054de227e2fdecd73729252b3997e1adde85d0ebf1ef14825d819b01ea37cebe2183d85468239b9a482cff43dfe9176e15e010e2452ad63e57b4ffdfd13709413723dae22b2527216a35cda962633ceb4c4669c9d3767f60cb02d94456229d4cdd40aeb9bf994eb4e7553a2b71fd22e8ba2fd5fb3003231b8e2eb8e5f8abd3572ab05b8a301e351b019187bf688d408cd9c91b3b0c2ec9ffd69756afbe55cba8324def82ebcfba73ed31ff76eba507b301af1664d177b3aea073c474250044c60cf4c30724bfe08db711582c9511465b2f95b2d23c3becd0f5ad07d7c22f4547809a90a8fe26e1ec7d4cda946263072465c80918148ab80eae6e37b83b0ddb25fb683508181f71c28dbc92764b55b0d56dfd79ab490b5c7794692be538561e6464b62b7e79d88647c65aa08d8dd8bf2600954e1d7ae2670bf10c12f12842719359743194892f199b7fa67f05b7bf3019923d8f1111407c8418dc55b2da565890585f9442c16fd4da9cd0588969a1f0cb8c551719f6bac95f30d13308c4f6f7805857b12d7972a1ea44ed842c9168afd9e4f3cf048d9cf64befebe329b0a196a86c8ec0d0040220edb0977a0d4bcd8485cc32ba6dc10695762a350c4744a170a18d78f82158e5ba2e370c8a266943c18829fe8f92d389b63c0c5314aeabda34dea58bdc7d6b4de8eb4018f0f3ec8b69ee3e1b049011d61c551657f8918d8dd2db035adf94e5624caadab4cf2766fe6c58872aae9bdc2ae24c6ada2f8cedde80c958e6486ee138e87aeccebae9e2bfdb836f9574ea228f6264d2f84983d746253da4d881d9ac5c7fa95a0ef2c30fb028a16eb4baf04c8f8da250b8b25a29550d35677464720efe18b4ae3d078e4abb033716284b8631d5f2325b37d243c0385f114e64a9803c9154118c2f1512f2db640d60683af75850b1f89e43cd55649baae6fdbed6fb29b4be6081bc94468cec8ce2efd55893478362ecef89dbd030e91961c67aeb7a0710bb7dcb65617e4566892ad1627328257c00495deff283d23c9beb398589c0b109a4b7cd94127c3cec660ea7c0c7e8ab354dbf8397c7af49b8349c3b2d9ef060cb490a8716cde4379540d48a19beb00c9810ed1e9f28f527abc4784c4b31d35bbcb79a5dc206c49e3439b05e0ab985aace09dd27f3a67c1927075b1eff3d7310047bdfb0ad8cace6df6b8a05adf19563646b2e1892c62ed0ebd52409a4bdd210be511b5fe32ffeafd92b7b32e11fae7d6a75ac1dd9233fe5681f67ed41a7c45eb71cb98cfcc5601c7f5e5fa79d822463a49c461e9e203e55646fbe8291fdc32672ec319f1d48841594b53c248dcfe83ba538d63dd66f6f9ce57de541841819031b5dffbd4813457220b5a6b7de93e234d06feb4fff6d26753de7e2828390ed9bc6664436e21c83eb81167fdf0889165ca75594a3b1bec31ed295d39c6791cbeacc22fe56fda4137ccd3e00cff69b5ff6f642733f935d1286a736ce4c833a1795c7c747faa8c69138e934ee77dcde055d11f9c4ed7271b29fd313de3b3a8824d393b94af618e793088216457623904f492d599237a93f1a39b9ba6ee4e542d6f7b00f46e2e8b92c2c3c435d4eb83f99fdf20bbbf58e6f1cdc2fa283617b4f01e666e4627ad8c305ffc0ec8ffd622bca53c11befb1d67f9ca641bd033829762f80e34ef754106230ee7e05dd723c824a53b4143ce9517872d923ca1cb089ffdee6545ae6134465b92aa01c940e8c0a4aeef54eb936908bd47dd232040b605ed07488e2fc1a65126001da4b474abc7ae83e4dbf05880437801f9668133db604b3ca1a08d65038f74bafabb484a9f4fbd84f4db9118732ced5fd952f057bba70a36fb1740ed8a112a3790fd20831c0ab5f9396102537ec2b98ced3d46d74009c900f02c9c65900efad9e06e1bb9f0223345921523de1bdc7304b3c1f51731413f11b9237e0a8048e76b07a8d4588a2954e6f089d2de50adde1d7f1b590a9808c9b56b48c697efc530e5116e0008e1a01facff0430c552154dd2d061c0b8e3ad53ccecfa0cc9d3e82667b11cbc3b129bed994ec11668a1a3f321cc4a20f82300f9208a4cf731f1950274b059efcfed0377c485c0078c036844a224a080ad6b55169010bafdbb5fbf0a853dc31d9a18d84c27410cf009a3ba467c47198cdd9487fa15a2a7e5e22d0884d15d4d28ca00d9f405903f045acbfa794302d91f608c10efff4ac4c77599a7741f5b23be6e30f9da473df9dc40d46c787e060f1548bc1ae4726f9db470753701719e452b476fd17f93764966c7717c30e7f33d97e2330ce0d007c1fa93b86d143fe8a3dee470f740ae75d0677740517141de748dac8c3b92b16375098d6ab9c15ca0ce02d6d8786e9ad4f7979dbefaef2e164f41b3b163fd48d893a39243db45d5f434c932e1f8a1e692761d875dc59bc1f3680afa8f300b689a332f34e44476b6f6022f1c8c1c90c841360c4028f362c57ee8800784ed11ee22dbe7b50843c830a0fd9056d027fa52a1dfa60b1359897e911df6a0318bc05a5c2082311fc6c92e6ca4e0b095b92d2556f6768af9a436270dff083159feb8694b3ea048a1279d2354dc19f82130cfcf542668208e56ef51328b6464742df112d55dbb7291fa7c8612ba73c1005aaec94e5fe634b3fd48fae82f8906a7ab1e213403be6a46f6272ba34b883731e091d5aba8da6db0a5bcfd82e8fb8a9b7b2e4bc5b6bdf1886a89023f0ef799a74234dc1265c878401446ae99f79542d0a1795eb7615d279ca9d4df8c31f941e5e4a99f5e0c71bf7eb6eff997f94bfa84210a5b1a1080adc03520936ad7c08523e4270be27d117fe2b251f5d25f1cb71545d20c1117cdfc0569e874237ef161b7948a10e263a149ca561698a271b6840433e4d74cbe9979f349b14a9b4d49094c1f150f2b729933d502f885789dad03b18ed9b7724e3878100c28e670fdcee544c1c34e2942baa3a0e5c9c1c3e589755d47c0d07a41d1c7ef88ec2d1450258d4cc045422fc5576f3cd876b39faf8818490a7051712432134d48ce963800e999d09bb0ae50486e8a64b03939f4b2ac045811efdcaa732e741534b5181141472c7465c26c459207925df0d89f015447b3b49bb49479d6e63dbf4195d4f3c53ef5145034ffa81e38de93dd91c81d24142c5ed6c4b15148902a1c92f6c89d66ddccf1c4df703b7187c0ff41770f07e8744cb0c6a58a70fbfa7c39b41f02b3d525e53f73e0b6f3a8b58cf6f4880ec37532b2d5a4dd52a48605e525002c1add6ba4a88ca62a875d6a35f73f8f0bb4a29647c8494787bf424ab77d784bc9fe8797aa292052572afd8e9e617b72c197df00f543d256aff61a10f7c2f779167abf643c699d479a72b0204cf52179077d3b1af057091d2aa172b1f67735f606e36880502dc1662fc747f7af3bc7736fdc854042339888f4fbdcf0810fa1f1e39e161ebadd3517d1340302a3acdb0495e79385a5bb5a7578a7ba0114a98cda86fb498515580e535502f4600b9a2af84c7e048ccbd6a03271790366887fc4caf93503955b461ce0ac706a3bb650cfd98089a188f1694810109536f963003b8843b60e0f822b9ee592c7e039644a807052b8fa49180686b8c2982850d05236cbd41430bcc728a77f443b5f164584ac04f9b404296628c986f13497de08062c6022668c731b6bbc60537a3c53ca9a3fda31ac4d945ebf7f025e6832bb8aa3cb63f6f516c072acd85c778269cb5ac2190e01b8ec65f8409d822ee731599a404ee2b392ca84244c762e2c46140be5db7a3e8b8f71059411bcab2da215807fcf37f069e0ca443587056bd71e4e97a431f56bb3b7739f94081505e85b75e4da9335b731aa47b912e28bafb7a87d11604172039e269ad19d6e527ea4d637368348e2f98e748eee169c7250d0d1b161e0ed300df4fdf7afa9a357fccd46e388afcb8584e1a1caf8b565df0a7c56374e8bc1011417450a45b346b7538a0c9ec677239c2655567e394e3c56bbb87ab6512f642fc883f14854e915ff6c309573ff405217a2dd972ae1e657fd99073ca61faf0757a36f2a5ef0bfdc2251eac46636cff45e5edcf57163899e335fb94200f84871a85362ba7a49834841b5bf2c186fa07fc23518ef24810e74e6b8097c517740d9cf4a976629025c6d83fded6e80db795e27442d13271b2ec46403d61b20a3e1eb42099838f1cf9807edb561e13f465aabab0be6632bb009315fbf78a88bc2e9fc0c3d246cc538001c0fa6412a5a6388a64788e6f6b6fb0f6ed47245fccdd6624abc42c613b4c121bf25675cbdd2427192df139c1b1ca28cdebb3920d05997358ac01b7c852770b41fdb57b236574be8189b880f60ca2f9dc19a1c567e7c9a60921bd8a459d34a1fee6ec834bbd14ed0f43f290d9796a3ab05f69bec9ad12a40103ba82c8f201c4b2e780e3e4e26192fea9f9b696d39d12c4ec1c519db0dda715074a107d73e996a004705f7e1a2d14a7f4d8c77a37731622ac795e11e425de45c84cbf92d088ab9d80be7eca15a698d7d39e1b123d9447e08dde77819c25b75b92868e06ab775da9dd6b26c18d6bb57bd4f390eaf09646c70545547cbbc8a0873a9bcc4c2d913f096b37ea6b9f2160328decfcffef0e974864a2bfc6526304f02d4d31857fc5b0cbc09f2245b8d4da5aa4b16339057ea58271afc859b45768466fe92db0fbaa0ba91d4a394a6c5342a6b31f1c5b43e4a633fbf82f02f57c79d6a1c29aeaa42679df0404ee28da4ffd3438b9a5d2337f9e6824f4fa9f62dc23c10f23416f547305702f2c3e2c01380f5d5951d49f777e5722a38f454658ca1da20feb6e073b2ed17d3924bd1b8a174fe1d86ca0786008cd5c0cbff70be32c2456a47d17dbff860476186f83b650d82b00bff5253140eeee2a771131492b10960d520a91c00249920a06ab8bbde40824fc408055e61de31140dfd90047d011f3cf000b1f378e88cbcbe260371502b5d09caa8c29bf953e798e74eccfaf83142ffd2737635f8f14d570884278a8d30af9e6656f1e63f732b1f70bfd00d550f7f28e7b3d35f255fffe235ec7cedb4d1a0123f72e505f6cfb3e21a515d5c1079af2036a8666e9afc4e5662e5f0bd5a92e06de4e2f32055a541c66262864bb064174a9f9651ae01f469b90bf99bfd7c389f551b349e4f33a7c41f123c23944c67490bc5f1019271783bf55d71eb2abbb164ba75a90e17baa350beb1eff8ba4e43121709f62b13eac0106b3498f0bb51fd13c674834569046393664e0d63830c9f4d92eba42bd183305a1d5ab5af514aabe0e400709a0645e140e7e2658493b9b8c1e2c4750fec9cfb48315b03e571b75e4b90400088004008180040003800c00010000010000000000000000c7810c2725899cc60469b24489a4eea13cbec47a7df0ab04a9588f8175e367cd80ef668556f8460c4a08ed265d38ad1e332b7fb5b2ca0b1fdc05496e1c8fe09c185b5d9f205fc4c90d4087f3742e2cd0653ae0fadf9d46255f3b5d0ca597081b437e080000000000004e0721a72734eced6a003c0102801400b800fe800000000000000000000000000016a3ab044ba966901e033968d85232808ee135968b274564f1a14ddec8601d2b7510dc93309148a2e473d353ea6ef698e7c85ed19c1090d5a8493a47993b5d64bfa384deb01cc3e7c7f8c2f466e1ba8d0e9b5fe8356b520b7e3ce2f5ec293e0d2d024cea86e1fb0fdabda91df286a60cc2da94adec95bb68647a8e9f33d573d2a144b6ad5467a965a1c8474cc8e88310bb6a397896283e04891365f4b852c6156aceb7948d8195f968319484a34ae3ade47c022bda061ebf14826e1755904ff4205ee727d50e63418e304fc8938a3f66dadb67ca74111e143f890b85c943651a21f124e51a59dccad52d123b1d9cfad5dabd893b3854c82ea7688b5fbf4525542b59db29c5671af2f7879345956f7dde27453ccd281000f68008000900", @ANYRES32, @ANYBLOB="04002b8060000180080003000600000014000200687372300000000000000000000000001400020076657468315f746f5f7465616d00000008000100", @ANYRES32=0x0, @ANYBLOB="14000200766972745f7769666930000000000000080003000100000008000300090000000c0002800800420002000000180001801400020064766d727031000000000000000000000c00018008000100", @ANYRES32=r4, @ANYBLOB="a2c03ca0683e492f8a8ac3f5692287bc4f8371b7a88f35df5d0fb2e21e7dcaf8399b2c9c24c438944fb4afbb232c0fe946f93a9a35d97c6b83aa58529e8a0e86d7784ba9981f4bd5ed3f6796a067cd73f46bbc9118af"], 0x18f0}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="020027bd7000ffdbdf250200000008000100", @ANYRES32=r4, @ANYBLOB="30e14b8035612e0685d9f415fb94605107b3033a93f4fdb5cb34765e9821d55d9d8f5010d44ac472cea6ba582ce0923ed3ce72eb10b1a004177791f8a1b66b8c0b78b18144bd7430ba97c8d4a3522b8bb44bc839e476a9bd9793e5cc1a56e30c6d0b8c858b943b943fcbcb79cf9c"], 0x1c}, 0x1, 0x0, 0x0, 0x20048881}, 0x8844)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f00000000c0)={0x0, 0x10}, 0x3)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/dfscache\x00', 0x101000, 0x0)
symlink$auto(0x0, 0x0)
socket(0xa, 0x1, 0x84)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff)
r5 = getpid()
r6 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
r7 = socketcall$auto_SYS_ACCEPT4(0x12, 0x0)
sendfile$auto(r7, r6, 0x0, 0x4a)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/veth1/accept_ra_rtr_pref\x00', 0x424602, 0x0)
process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0x20000001002}, 0x1, &(0x7f0000000040)={&(0x7f0000000080), 0xffffffff}, 0x4, 0x0)
rename$auto(0x0, 0x0)

11.457532092s ago: executing program 4 (id=4552):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
r1 = socket(0x28, 0x5, 0x0)
mmap$auto(0x0, 0xfe2, 0x7, 0xeb1, 0x404, 0x10008000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r4 = fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0xa, 0x3, 0x6)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r3, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r5, 0xd}, 0x92)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x400000000005, r4, 0x0, 0x40003}, 0x4)
open(0x0, 0x261c2, 0x84)
bpf$auto(0x8, &(0x7f00000001c0)=@batch={0xc, 0xa8, 0x2182, 0x101, 0x3d, 0xffffffffffffffff, 0x9, 0x9}, 0x9)
mmap$auto(0x0, 0x400008, 0x7, 0x18, 0x2, 0x6b6)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x1)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0)
write$auto(r7, &(0x7f0000000080)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8)
socket(0xa, 0x2, 0x3a)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp6\x00', 0x0, 0x0)
syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0)
get_mempolicy$auto(0x0, 0x0, 0x3ff, 0x5, 0x100)
getsockopt$auto_SO_PASSSEC(r1, 0x1, 0x22, 0x0, &(0x7f0000000080)=0x101)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400400007, 0x1000000000000df, 0xffffffff, r0, 0x0)
read$auto(0x3, 0x0, 0x8080)

11.079696539s ago: executing program 4 (id=4555):
sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000)
socket(0x2, 0x3, 0xa)
mmap$auto(0x0, 0xe983, 0x3, 0xeb3, 0xffffffffffffffff, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00))
mmap$auto(0x2000, 0x8c2e, 0x24000000000df, 0xeb1, 0x401, 0x7ffc)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = clone3$auto(&(0x7f0000000040)={0x43, 0x4, 0x1, 0x10000, 0x4, 0x9, 0x3, 0x5, 0x1000, 0x1ff, 0x5185}, 0x1)
r3 = prctl$auto(0x3e, 0x1, r2, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VF\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xa2\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
fsconfig$auto_SHMEM_HUGE_NEVER(r3, 0x1, &(0x7f0000000180)='@.%&@\x00', &(0x7f00000001c0)="d4102f2b8592d50ded023abf401967933a5bd59dcae6ccd405ec1d53d8b60a628724298871c134fc774140b25c430aa51eac6b82caf4f98584961606b6efc0b9124a8d02d9ad5fbfc10ed0877922bf94fd423f16cb3eaaf95c2dcca443510bd1012f10c9f70faa908f0c9571ec046ea24ebd5d9c03d373470857536e1737f4e072236b57bf1a759d1a3819f5dad06c2524b3bf54fdc344574f208c93719b9c6c2f65127e9a5e08a0be3defead3e3628dd465ce5180052e69debb8c26dcc392814bb74c98", 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fffffffffffffff)
r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0)
ioctl$auto_SNDCTL_DSP_GETBLKSIZE(r4, 0xc0045004, &(0x7f00000002c0)="49e521cbb02ff8b42fabc71ed383c99fec0800000000000000a7bc4ea922415bd2c09903c301a6d4e2b6c159a22d0223bf0249cdeeb438df6716857483a2dca058cc6093acbdc2a94d7c15692c19bb5ff8b03e143e20b669e462d0863b770aa0258071f28e15e447d0d54499bb320c6c2fb6978e49ac9330479fc703e2a535be4e2b223e247023d762844ee0548ebd2fecc2372c988981f6222c572d085eceba84d3c5ce30064ec72bf1360f239edd926dcf4812694023a977cd4f2a77cb8316a93feb9b3e66bc0cc1d5a842fec21e969cfbe70eaee337b0030e406bed5c7e4a60d136de84b57364253216c1666e0bb6b8dc7b359977de370e5af75ad3a615f8c59e66be0b3ee3528f6848e466acbd70aec49586b058bb2562ad13eae9e66ea69d22b67e67e1")
mmap$auto(0x0, 0x2020009, 0x3, 0xebf, 0xfffffffffffffffa, 0x80000001)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0xfffffffffffffffe, 0x240007, 0x17)
r5 = prctl$auto(0x800003b, 0x1, 0x0, 0x5, 0x100000000008007)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/netstat\x00', 0xe0000, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0xbd8)
openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0)
ioctl$auto(r5, 0xab07, 0xffffffffffffffff)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x8, 0x3, 0x0, 0x1ffd, 0x0)
write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21)

9.110135201s ago: executing program 2 (id=4557):
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
read$auto(0xffffffffffffffff, 0x0, 0x7f)
mprotect$auto(0x8000, 0x8, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
r2 = socket(0x2, 0x1, 0x100)
r3 = getsockopt$auto(r2, 0x0, 0x50, 0x0, &(0x7f0000000240)=0x1e)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
read$auto(r0, 0x0, 0xa)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x6, 0x400008, 0xdf, 0x9b72, 0x2, 0xfffffffffffff8b9)
ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, &(0x7f00000001c0)={"61dcfce06bb953e72885c4417e77c714264fe596da9267160c78c055e268542b", 0x35f, 0x10, 0x9, 0x2, 0x4, <r5=>0xffffffffffffffff})
wait4$auto(r5, &(0x7f0000000180)=0x8, 0x7, &(0x7f0000000440)={{0x55}, {0x101, 0x1}, 0x8, 0x8, 0x80000000, 0xfffffffffffffff8, 0x2, 0x8000, 0xfffffffffffffffc, 0x7, 0x7a1, 0x5, 0x0, 0xc, 0x8, 0xa})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r7, 0x0, 0x80000001, 0x0)
msgctl$auto_IPC_STAT(0x1ff, 0x2, &(0x7f0000000340)={{0xfff, 0x0, 0x0, 0x10, 0x1fb, 0x2, 0x42}, &(0x7f0000000140)=0x8, 0x0, 0x0, 0x1, 0x7, 0x9e31, 0x1000091d, 0x3, 0x7, 0x39a, @inferred=r5, @raw=0x580000})
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r6, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x408c0}, 0x24040080)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/veth1_to_bridge/accept_ra_from_local\x00', 0x189302, 0x0)
lseek$auto(0x3, 0x8, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
getpgid$auto(0xffffffffffffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)

8.902526855s ago: executing program 4 (id=4559):
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
read$auto(0xffffffffffffffff, 0x0, 0x7f)
mprotect$auto(0x8000, 0x8, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0)
r2 = socket(0x2, 0x1, 0x100)
r3 = getsockopt$auto(r2, 0x0, 0x50, 0x0, &(0x7f0000000240)=0x1e)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x300, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
read$auto(r0, 0x0, 0xa)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x6, 0x400008, 0xdf, 0x9b72, 0x2, 0xfffffffffffff8b9)
ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, &(0x7f00000001c0)={"61dcfce06bb953e72885c4417e77c714264fe596da9267160c78c055e268542b", 0x35f, 0x10, 0x9, 0x2, 0x4, <r5=>0xffffffffffffffff})
wait4$auto(r5, &(0x7f0000000180)=0x8, 0x7, &(0x7f0000000440)={{0x55}, {0x101, 0x1}, 0x8, 0x8, 0x80000000, 0xfffffffffffffff8, 0x2, 0x8000, 0xfffffffffffffffc, 0x7, 0x7a1, 0x5, 0x0, 0xc, 0x8, 0xa})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r7, 0x0, 0x80000001, 0x0)
msgctl$auto_IPC_STAT(0x1ff, 0x2, &(0x7f0000000340)={{0xfff, 0x0, 0x0, 0x10, 0x1fb, 0x2, 0x42}, &(0x7f0000000140)=0x8, 0x0, 0x0, 0x1, 0x7, 0x9e31, 0x1000091d, 0x3, 0x1000, 0x39a, @inferred=r5, @raw=0x580000})
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r6, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x408c0}, 0x24040080)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/veth1_to_bridge/accept_ra_from_local\x00', 0x189302, 0x0)
lseek$auto(0x3, 0x8, 0x1)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
getpgid$auto(0xffffffffffffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)

8.334957609s ago: executing program 3 (id=4560):
mmap$auto(0x0, 0x20009, 0x2, 0x40000000000eb1, 0xffffffffffffffff, 0x400008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd6/queue/iosched/prio_aging_expire\x00', 0x88282, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)
r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/block/nbd1/sched/dispatch1\x00', 0x2000, 0x0)
read$auto(r1, &(0x7f0000000040)='\x00', 0x4)
r2 = socketpair$auto(0x10805, 0x6, 0x6, 0x0)
r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000001c0), r2)
sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r2, &(0x7f0000000380)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYRESOCT=r3, @ANYRESOCT=r0], 0x54}, 0x1, 0x0, 0x0, 0x20004805}, 0x84)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/rpc/auth.unix.gid/flush\x00', 0x1a9601, 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = socket(0x2, 0x1, 0x106)
open_tree_attr$auto(r2, &(0x7f00000002c0)='./file0\x00', 0x3, &(0x7f0000000300)={0x4, 0x1000, 0x2, @raw=0x101}, 0x100000000)
sendmsg$auto_OVS_DP_CMD_NEW(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x4000880}, 0x20040000)
r6 = openat$auto_proc_mountstats_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000500), 0x10000, 0x0)
r7 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/tracing/available_events\x00', 0x100000, 0x0)
setsockopt$auto(r2, 0x109, 0x60, &(0x7f00000004c0)='\'-+\x002x\xf9\xdf\x94\x9dp_\x0f\xfbUV4\xd9[\x93\xb12\xff\x8a\xc0\xecf\x02\xa6KH]Cv\xbf\xf2\xc1\xbda\v', 0x9)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x5e8042, 0x0)
lseek$auto(r2, 0x0, 0x3)
fsconfig$auto_FSCONFIG_CMD_CREATE(r6, 0x6, &(0x7f0000000280)='/proc/self/mountstats\x00', &(0x7f0000000740)="ec98490b51f87a0afde1b54855e598cad980baf015774eb9465433d8c1f2b4ad876e95351132a58fdfeaa97f5579f7fb3e7034f46d9cbc4d354e4057fdd8db7af737d6e88b8c231c4ee93e1aaec2d8b3a421255884d9", 0x3)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000600)={'macvtap0\x00', <r8=>0x0})
sendmsg$auto_NETDEV_CMD_BIND_RX(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042bbd7000fedbdf250d00000008000300", @ANYRES32=r7, @ANYBLOB="140002800ce8b77aadb8422a9d0003000600000008002100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000300", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="08000300", @ANYRES32=r4, @ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x8891)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r9 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000003c0), 0x2c00, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r9, 0x5, &(0x7f0000000400)="4a09396dd91f7a7a232d02c60735ee4fef1acacd5beafbe0a1a2eeb768b25fa46c25b7aaf4fb1ba49da077f2b3e8bf31265ba7766b9e2e24dc29b17aa2ae47a70da4bbb4acba7a48f82c1944fe89da86fc25ffc75f4b28febef92f889e9dadf128b012")
r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r10, 0x0, 0x20)
r11 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x4c2842, 0x0)
writev$auto(r11, &(0x7f0000000480)={0x0, 0x7}, 0x3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x6e642, 0x0)

7.801878061s ago: executing program 3 (id=4562):
r0 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x12}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4001)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
shmctl$auto_IPC_STAT(0x1ff000, 0x2, &(0x7f0000000340)={{0x9, <r2=>0xee00, 0x0, 0x7, 0xe3, 0x10001, 0xffc1}, 0xc, 0x8, 0x2b, 0xff0000000, @inferred=<r3=>0x0, @inferred, 0x6, 0x0, &(0x7f00000001c0)="7fb228c89d462ccca0c9d900873d419a2f1aad235ca9e1847651a1c3c15bf412c536ddfe490a5d9be9a20ccac23757e67dc109bec4622e503f3527a3f81c81465add7a64fb4fc4c51dd8923af7f51e3f6983e009a74d87d289da6702b993887aeb6d7ac89607c4805dd2f24d372b9ac5c45fc6e208f9c24c1c5935382b3b8b1f654241a5ff8eddf38311412174f5bd75aea3f21dd1572c68a51a3d00ec8be27e5fd403b158f6735226df74d13dd88d78627c7e0c4061dc3258dab381f89e35e2df45e2f4dc50c573a76db656c4f17fff6b5ba3", &(0x7f00000002c0)="396126de948c03d1016299fa82c133ae9f8ec13226894f252e0403a708dca6d50208d52febfe66427c8dbfacd885e2d54ff3af67aec5202b0be1b2307d4cd438b552b80e15b078cdac8626f3774a3fa1a552ccbf5734c20aa2f8d42246af81d962555f"})
sendmsg$auto_NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000800)={&(0x7f00000003c0)={0x428, r1, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x3}, @NL80211_ATTR_FILS_CACHE_ID={0xde, 0xfd, "5ae97340d1f5881a9e89d61af80c04667ac0fabf47f0f0d5ab51f22afc04e28600836c5e351400d61aab24bd8f06614ab8706dc67c6474e3722007914571b356c12c85e80d8fa988c202bd4a23a3b3e72dd7f4b3d8200fbdcfbbfc6faf7f34f58408c3980154c27bf65c657e128ed388e23daeb16899408906d2e81f8c082b217c7285b01af918ec9ee00e02a9ba148dd14766c911ab97787a09fa46ad05cd148a52bc83df5ad7ab84c367842c0da42bb8913f2c7ee0001fc97523d31403026e8ddb75809f64ad061705fd0adfd14c747c96331ac9074bd0de04"}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xc043}, @NL80211_ATTR_REG_ALPHA2={0x101, 0x21, "f771514a8b5a3377e2ba2c02daa038c677191ae3070939baef26b62ba283e5482efcc07a9ac89022b70d8feba9474b15327ec6e0e21b0da98288f0df4c62f6e4a0bf96f56c907ff526ae86ca746a0408faa4ded32c436172b660977d430c6661adae73fdbb17f3b4093edd1da83396f5e08504b956b12c88ed0def9610555eb302d3fb42920d6e9db022e9796977db87bb3b29f2e0ea7ad967ce8f577138c5225cfe9aac6f170c8c4175e69ecd2548e4584830927e48a9ea3ae0e32147e09ce0108179a3da194b025d057ccffa42eaf456b4db720317c0a9c08eb19e1c4ece982fb0b1a74bbd9d201fecf96bfa346609018be42ed88a30a49bf5acd0a2"}, @NL80211_ATTR_NAN_FUNC={0x88, 0xf0, 0x0, 0x1, [@typed={0x14, 0xc4, 0x0, 0x0, @ipv6=@loopback}, @typed={0xc, 0xa8, 0x0, 0x0, @u64=0x200}, @typed={0xc, 0xa6, 0x0, 0x0, @u64=0x8000}, @typed={0xc, 0x4, 0x0, 0x0, @u64=0x8}, @nested={0x4a, 0x5b, 0x0, 0x1, [@nested={0x4, 0x26}, @nested={0x4, 0xe0}, @typed={0x8, 0xbe, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0x8, 0x130, 0x0, 0x0, @ipv4=@empty}, @typed={0x4, 0x12d}, @typed={0x8, 0xe6, 0x0, 0x0, @uid=r2}, @generic="4b3c319c7bc2db22d811cee6c6c046eb1a750b8e22b0b9ece4e409d1fe352b5b2841"]}]}, @NL80211_ATTR_SAR_SPEC={0x194, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x44, 0x2, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x44}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7ff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9e}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}]}]}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS={0x13c, 0x2, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x200}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1f9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xffffff00}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1000}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffff}]}, {0x4c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xd}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xfffffff1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xff}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x10000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xffffffff}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x4}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x2}]}]}]}]}, 0x428}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000940)={&(0x7f0000000880), 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x34, r1, 0x90a7a05dfd7f7bee, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "2e0ffb51e74843b1d5fbb4c4c2024ae918730ce1bb9595a35e37"}]}, 0x34}, 0x1, 0x0, 0x0, 0x400c081}, 0x20000080)
r5 = prctl$auto(0x7, 0x7, r3, 0xfffffffffffffff9, 0x2ff)
r6 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000009c0), r4)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x1c, r6, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_TZ_NAME={0x6, 0xa, '&\x03'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48015}, 0x44080)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r7, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x30, 0x0, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x4}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5}]}, 0x30}}, 0x14008802)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/input/mouse0\x00', 0x404000, 0x0)
r8 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000c40), r7)
sendmsg$auto_IEEE802154_LIST_PHY(r7, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x4c, r8, 0x200, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEST_HW_ADDR={0xc, 0xf, 0x6}, @IEEE802154_ATTR_COORD_SHORT_ADDR={0x6, 0x8, 0x4}, @IEEE802154_ATTR_DEV_NAME={0x14, 0x1, 'batadv0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x40}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0xa}]}, 0x4c}}, 0x850)
write$auto_tracing_iter_fops_trace(r5, &(0x7f0000000d80)="af2a4ebbb025e5c9d42b3b9fc4946432f2e1948d9e2a4ecd5229ee04cf832f7f864460c9b24c2ea72070e13f3c459d9fb652da2210023ceebc094dd4447e87dc9e35fec6237d806cb3792f5013b968699f61e275b22443bf273183a5631b79539a1bd71dec48c43c6a6c992f5d87d4a4f281f25c25548b4825c54f9e0031700ae7b84bfca6061ff0b4f9cb119be2a88b069118c10ecbc8208e3d4c8f50e4c399886eb17d027486215eca5d41f7a409e71b67abde42f43497c01f729101af7d6f8241ba90dcd74b3b40a8d72cbf6064d7a16416a1603c05366229314abae7589758cafbb7e47e4e8c0328bffa45e501207b", 0xf1)
ioctl$auto_MON_IOCX_MFETCH(r5, 0xc0109207, &(0x7f0000000ec0)={&(0x7f0000000e80)=0x7, 0x7, 0x39})
r9 = signalfd$auto(r5, &(0x7f0000000f00)={0x4}, 0x7fffffffffffffff)
io_uring_register$auto_IORING_REGISTER_BUFFERS(r9, 0x0, &(0x7f0000000f40)="1b4108d57eae942a1501bbeaa63c64e9eb7195451e44985c369023b95a50113c5ab2aacac33a5842129ccfa53be061fc703b83a6a39f9bd2df2c2571358bfc6d2162ff0047e1be2bca4308b920f8cdff722c31bab8133d0a8637174667fe24ba1614b0b4d6689629d44fcd02f42b3fedf4cba006ab753ec4584b383f4f941d2137fa477b09a2300b5459ed30e68214ad5ca292c9f8e4f4aa86755a6986ef07e579a66c28427b62c196f917a7ab20d2c43ff4aae5c25825c8ea9c33879f93cdcaa19acb94100a6ef31cc4a5dc6363ce6e89a231f454ccbe124557e767e8177bbd861843ec8abb616a6b59eeccd28ecb4333432956a933c992d95e94fe4dbee834405ed4b581408a7f3c9626eab2a7ac82f216468db625e0883773e4be4ddd30d83d7121bac370bdc960716f2a58c425cad84c62d5197eea7e28db71fae0daa4f661a32d653b303ec521ac7f4e60395b7f9da1e8446011930b5a7163789a6034129c11e38395da243f4775f321933b43a341f2b2e5b39d8c13aa41034632453ff8565e6a02e82128630717736ac2f5f8389b8b956353278f78d090c35aca15df9c81009513bb550a4936cf9b20b824ef3856838e25743e2269e187ad1072bcbcb46dcbfb3bfd8367f0900b2a71d32fe3b18d3b2339468e0de37a3e23703aa45a737771be999f330eb347dc1806da7a192a3af69b85a61b9838b6a69a96a3ff4d2ca80ae58e6c4b9306970fc0bd2f9778d08cd8b79fb0382408cec89a4fa9aced9184139191f44cd6047ee534051c034178adbc558db126819b6b40cda0b39667c2f62b83ff19a74c225ef982599f54f8aa5f3d8f56eb245c06967d52972452d577c0a67667f2f43ba90c155c0ab5fe491f84315702c82d375bd06a2e4e71a5789d55ecbd76200ce09fb079e63e269442af33da040da284f4078f2c89a8f6bf63199b9a8bdd45115359bbd849e452971551c9b3bb4d27f96091804e15021fddde064d0638658d0b68f7b8ae8aa23cb2aab0800ed2a7b13c47c03cc94a7a06f0501bacd5b62ddc769a613c686f09f24e52b7150a3ab77e94de9428a1469ef6e26092d1a71fdd0009dc2f31cd4d45b776c48d2152f0a7e692137ea2cb966050fc621a6b576cc8aa1f2c41cc74a5fdb3781b7734b607e65db25f1c5c654d1c1d97c0c891f1a8e0491291ecf5590da02e7fd99b061f822d32e3392581f2f7d0188888380934f2109775a4999cbc67043ed1d5c88e07342c8dd37c731cf1d4aae7e6d78790a6ec1a7285f798cc40958713966f51eab8c1d6f40b8a087a2174c719cb8aa353613f3f3ee04915b30f7be9e2523f00ba84dfebeed91cadcb1f50e34487aab163ac3750284c38a706746fa83e628020f900eceb021a1f1238bcf5bce87cab010eea10bbc8d99f4fd8af340d6ffe29eba642390a546cee6af100c3391fd1ebd3b8aa1ef60c89dd1463c3c2fec3e61bb6165fcc931c2272beb7dfdec002732b31591c8eee2b4e82a489cd3d6a8f34aeef558e91b356b702a77fefe4dfa20eeb92e8f24fa71a6c65a6f9746c289736c2fbbe2c764ffbe24a479390f0b09f7cab81a6ebaeef78c6e9d13441b0276891581511c0d3a349bc7d7261370c11b12b6259db2099287963d8fb5950f7f0ad295e8543e6339d40f42162d89ae0491d7a59657d6eb7db7e402ee801fd7b131b1275eae1e2b82b639be6df9206a69f3cb7c900a731ebd1e02a8229c2272905e28ea62ee3baaeff7e5fa7091235c2e04eb700d60db6760df7e3b9cf8c1ffb1b502a2bdfdb13f8b33fbde12f7b61572bccd317c486321f7e1ba7c5a9423ae416d13423b48774f846ef6c1a5e6379c5e1dca2ec68bd4ec55a9e85192b6c41821b72ac24ab402bc43f2a730ebe6dd347435bdf505bc50cbc6d29f0193f10eef9d72ef4c6019d22a9ce3bf8018d473f13620af8c994a3dd097658d8117c15e1d6a7276309ccd3969395818b448c9ccba10124caabc36c7e887ec276fe4ae60634bf89cca29710e306f7dad8803460a66d14886ef1ef76ecc67cb0d1e116bbe53b0fc8f6165f85ff9beabeb765afdbf9ce949ca44a7e1ed3f250a00734839cfa0ae570117f5707db5d79a55d9e9e1a96d211ebba1537d4d0d4218475f7744aa7bdd577bd08ea8ecf8d6b1881eb34f100e614e6dbce7f411b52379388d2953ef74b3a7d0bd4d249651e0e57385491c9921e299e7be68660bec42192281421d2d22204435dc2e668a939c774bd9852e762fe6a971eae339550e68c19cac2e76da2e0b74184cbf79dfe1610da175a0a3fd42818a919c87eacbb19b557190d65500a3ed64825afdff36f712699cb96c85bf4a1d91b529563e96284bee3032fcd59da363136d3b90152fd31de35c51d7d3acbe5d7cd745f8a895f8b2163407e79a9ccce044b4b6ab01ced3bc15efb1974a7ac96da8b7378bd4a34ee13b0a7899af08c213625f4ba5c3ef2763c0c1e7a96baa80bbc11d36b5b77a103d7dc7d58f7ee11877f3b4a3f591d076d1415a5d7d00f2af0da50d023855846aa0bab466aed316d1402265bc5af61fa46b6d27a68659be59687f1470c7b033437fe38d96117b9f29801b844a9c9410fbe43803a32265795b370bb4434d09cdfb730aa2d8d2471e27d4e95c3fd89468e04254afbf93e48c5cdad8a59495229bc7c32b8a0c19c4524ebf94dcccd50f2a4020822727770de16eb1a79358e6c2db8ca0fabb2f6030add0f14863ffdd58eada1af31f2c29da1a11d9111862e7f0d0e6b5acf4f042e6c33a214cc9375fdad332ec71964cec6b8bd2fd9fd14df0d8e2564949970772e557d54bd3e95404c54ddc9709ff4342666928d4500d1b726dac77039b20b68619cef689489b36b7b3e7e98deaf5cb1b99d5b260fee2c3ab645e3841ee6f6bc93b54a39b8d1672fa985f33068c211f646e6ff02b0a771dae483544ae7be07fd045fa5cb0799719f145660addc5bd6777bad8b0484bcce7c7d9a153043b878af7ccd146b2b2ec42ec29f294acfb296627f2557f7642a63423fa599c597ae1c90383594004bb95f2b92b847cad46a0d318a2f644e897533532e0fb7c5953136934a43001b2f783c1bf71667803ecd4405de650848a63234729326753abb79f3d9303f81585f16dc7dcb7d241f457229594402954b4b2d941221b8c6e985e027c91fd0f69477feacf3d37dff4cfd5f2f39d322f7566f0fd3f829aed99cac74cec28d009cc4c319bad209240ba6a6fed089a22c82c63608e83ef4dbc99ffc1f2ed65b856c60715a58dd56a481a4e319ff6b633f4c25c52c49247add7407e0104cace7d2083527a561ce18d6f9905705399db8ad6a62dcdb04cc17b55a388a5ab4ce658d340b3fcefc279985082a46e99048bfa6bdefbcfb524987084a34f6161d8393ed3a5a1ec0f012a339ec50981216822b1ecc1bf293c5da2ec7f04603adcb24eb7dc76506cd1efd953dcdfb46d0635ceae0f771d773ac0cb7d6cd982b6c5a6876c0e357dd6a30beb9222a9b84b6733222f60d2fe3b85f2fa688fa57d7e533c69f68ed8f9918fbe505c6bbce0bf85897a836bb100dad8c18218b470ff8b0553343b1320bdcae0da886d75088cd9f366c632e1d2ed5494739e018906575f502fef5d5cf9692ca7ee5ec280990b961edf48e18b4465d853a656b7c08153e54912dc1e19309635a6c967857a7e4a6d54472137a604d36f95c87a8e0463342626d9a3aa716ffeb9046800b964e39e7e70b6d6bc1b344f96c08b26d7d0a26103da524fe0ae076c0232afcce7b39b2f7080c636993efea01909ad495f783d30f9f0f1be1d1e9d3b46332d9318f75cca2da2447d177824b22d44a9c97aa6e11b3bf7fdf2aff4c229f9ba26face1209c4ac1ceda8eceb7478140ac6f6352e7c249a147ab67b6f659e842e4f2e7ee52cec1e417bef503b67604cc6c29f4bd8c50ff428ba3dba851eb8949c8832f890c85dc3cb534984bf9d93e1021a1cffb110b02c17867abe5877d44b2c713b70537d6d79e4f47008b211bc427dca09eb2118f71e02b0dc584ac2c440a790de26bc805746e8d6550b83803193652964451f454587597d272b03e2367f0cc66acb386ed3112eb10c7bc6e4c08d3cf3b5bd5354b5815bd66f3d822259e524a5e56ee22ee4010a809644a2fa5a20a48a5da428219c343b4f33671c9178f625eb3ab8f88dbd9483dc8c94c33c6aeb930498f8bc7002756a88ad40682c21a1efbe3229fd5b5fa44083f86e8ee081ef2e42a78f61617b3684462c7c828d608715350a850a380d4602372c933d2e8ecae1d12bad734557c8d08033bbd69bd4423c90167c2b8d320639f7684d21a285e3555805afc2138f237a52cf47ba2d7436fcedbc3f99796c275f39b5db9146b35a4e26d9bb15c0ebc0b65efafee1bba33bf0ce26759811d87ca78d4448195b9d9d1229b99297ac1b6caa1d01683c414b227dfd86e94dac1f38fe1fb0190de146dae29ac7e3c19fbe33410e1e59753011786b9bb636566efad460a4c7fa81e7fabd9b7b6da5e036042d13e6aebf85492000fa0c1fd812729ef08b5c86d96bfff10ecea0793f1c2ca3d47e37770e04b1e56f4393cdfdec4afe732c4144c884a7c2e22d069602dc5e6f2a0690749665eaf2c49eeb3a5b1a90e1fbfcbaef6b7b22966a246e9482c23b220e47c0543b306874c1f884ea22fa4d730a1d4da7abe098c918ec060acd5d36c92a042c975d0f5bac401a402627b996cf9c01133faacc32418f0df322dabbce0370a205b525313fdae1a96c95ced801df3d3c95bf366651f87a0e9019ff3a9815f136d537d956c1e03a2555124a5af56fd6bfe391c105c0325d4c8aed480a0dc836cf68de0890d23c635c1e0b2b512f19a327b116d07b21829f427576e74f5d8cfd953cfd02bd4638924e69a21a36478cfd0368f2223fb6ec952a6e413f1d57f9f87da2778abba26efdc5396bb1adff4dc2957aa34de2d53f2252f951115291dc4a599b7ec6eade9ce79812757821b05f69baace52780c01b975eec8f628cb6c51d4b20120c0ce428cc556f179d008fdfa5dac46527779b5417d6918da6a2fcb2ed82ca9e0fd8024aa8d72e300828bceb19bdfc8b164d813aca92c1cf878924cd43e23d9fb2282cb966b408882d02b90415b7cea8e243c00accb2c51a19143fcabfcd605185d24a94350a250c358c7c9e4ff8af12697becb545922af4e45dda28ea397f3b5bee7a072f4af8ca86c16635177075347f5f443c7a8a35c920ec4cffdff222b0088c2e6d736d68eb1ef927da248ad975066e5ae35acc07fc49c641a4270a14d12e738ae95a92b1479edb3c90f8082dbb857bf28d51989d1d3d415c228ed0a3d4188e044daace193fa7805d763cff1195f0bee58c2862f5c865ae35ed7340595c6a60b0c105a36eb4a1e52ba75079c2098e0c0de2f76cceae33b9a4544ddd51c269d96cfaa7ab949f69e1917fef2ec78322b7aaf467af6d310c5687d6e1aa2282f0f13055c9a5dd1cda286b10ba0ed1990ae4ce96edc5588b4a6834b75bd60c09d95ac881f341acf804668739e80d651c322e9b53804b14e2697c4596927c800c21b5183ccf85b842ae7b2d7639fd7929f78e3ff905227dc37644c4e6d72d25aa75af2a35d5e72ff4a132cb8a2c65a159265a74987c13776825b71f290109b2a2dbc85e8508afee42473f3628641aabd5d6fea5e825d5800951ac93635050e6265c57a865d97fa3c87e6c6b0f5a3ff7744f4a0093801044f08ef50d5b0b79ec244346f787da82051ffebd3b22e0ec328b8c214d55fb73f49dc", 0x7)
timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000001f40)={@sival_int=0x10000, @inferred=<r10=>r4, 0x4}, &(0x7f0000001f80)=0x3)
mremap$auto(0x5, 0x2, 0x1, 0x8, 0x3)
r11 = socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000001fc0)=0x2)
write$auto_event_trigger_fops_trace(r10, &(0x7f0000002000)="7da92104b237164aed06884df439b011974cca29b74e43469343aae7b1d0b16675f549f079649a2ffd2cf81554fdbd3386168678d3b42244796bd1daa9ad62f58ea9ea5c607fe45a9f6e8aaf13918e10d8b479cc7372b60eeb992911fbce492556f11a02c2c1ec88d941733a4c2a021681061e34607c450f5d5231ea016cab7d1bad3d5955585908422f00f48c4a4cb5c3af17cfff0007db783f0e90b53f9a6cf21d5d", 0xa3)
r12 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000002100), r7)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000002140)={'bond0\x00', <r13=>0x0})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000002180)={'batadv_slave_0\x00', <r14=>0x0})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000021c0)={'syzkaller0\x00', <r15=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GET(r10, &(0x7f0000002300)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000022c0)={&(0x7f0000002200)={0xc0, r12, 0x10, 0x70bd26, 0x25dfdbfd, {}, [@NET_SHAPER_A_HANDLE={0x44, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x80}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x7}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0xfffffff9}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0xe}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x6}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x1}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x8}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x10000}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r13}, @NET_SHAPER_A_HANDLE={0x44, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x6865}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x2}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x7f64}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x5}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x7}, @NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x800}, @NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0xfd}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r14}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r15}, @NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_ID={0x8, 0x2, 0x6}]}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4}, 0x80)
sendmsg$auto_NFC_CMD_GET_DEVICE(r5, &(0x7f0000002400)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000023c0)={&(0x7f0000002380)={0x24, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_NAME={0x5, 0x2, '\x00'}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x3ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x4004000)
close_range$auto(r10, r10, 0x8)

7.587215093s ago: executing program 1 (id=4563):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x276, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000)
setsockopt$auto(0x200000000000003, 0x1, 0x2c, 0x0, 0x300)
r1 = socket(0x28, 0x5, 0x0)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/security/tomoyo/query\x00', 0x20002, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
connect$auto(0x3, 0x0, 0x54)
adjtimex$auto(&(0x7f00000005c0)={0xffff, 0x0, 0x6, 0x9, 0x7, 0x7f, 0xfff, 0x0, 0xc15, 0x7, 0x592efafe, {0x3, 0xffffffffffffff57}, 0x100000001, 0x3, 0x857e, 0x5, 0x0, 0x3, 0x9, 0x240000000000, 0x400000, 0x10000, 0x7ff})
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x1ff, 0x7fa, 0x22104, 0x9, 0x7, 0x7ff, 0x20010180, 0x4000000f}, 0x198)
mmap$auto(0x4000, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f00000012c0)="0a1b", 0x2)
get_mempolicy$auto(0x0, 0x0, 0x3ff, 0x5, 0x100)
getsockopt$auto_SO_PASSSEC(r1, 0x1, 0x22, 0x0, &(0x7f0000000080)=0x101)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
r3 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
mmap$auto(0x0, 0x400400007, 0x1000000000000df, 0xffffffff, r0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/xt_recent/parameters/ip_list_uid\x00', 0x10b142, 0x0)
sendfile$auto(r4, r4, 0x0, 0x1000200)
read$auto(0x3, 0x0, 0x8080)
bpf$auto_BPF_MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)=@batch={0xe6cf, 0x100, 0x400, 0xf8, 0x100, r3, 0x3ff, 0x5}, 0x4)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
modify_ldt$auto(0x1, 0x0, 0x10)
modify_ldt$auto(0x807ff0000000000, 0x0, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)

7.429863323s ago: executing program 3 (id=4564):
r0 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r0, 0x0, 0x17)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
r2 = socket(0x18, 0x80004, 0x1)
socket(0x2, 0x3, 0xa)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0)
fcntl$auto_F_SETFL(r3, 0x4, 0x2)
sendfile$auto(r3, r3, 0x0, 0x1)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x1000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
shmget$auto(0x9, 0x0, 0xffffee9e)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = socket(0x2c, 0x3, 0x0)
getsockopt$auto(r5, 0x11b, 0x1, 0x0, 0x0)
close_range$auto(0x2, r4, 0x80)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r4, 0xc008ae88, &(0x7f0000000100)={0x3, 0x0, [{0x4b564d05, 0x10, 0x1}]})
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x1008000)
sendfile$auto(r2, r1, &(0x7f0000000180)=0xa, 0x6)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x100)
setsockopt$auto(0x400000000000003, 0x29, 0x1c, 0x0, 0x56b)

7.30365097s ago: executing program 2 (id=4565):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x244a80, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket(0x11, 0x3, 0x9)
unshare$auto(0x40000080)
mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0)
fadvise64$auto(r0, 0x0, 0xffffffff80000001, 0x8)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0)
futex_waitv$auto(&(0x7f0000000000)={0xb, 0x7ffffffff000, 0x6}, 0x1, 0x0, 0x0, 0x623d)
close_range$auto(0x2, 0x8, 0x0)
msgget$auto(0x0, 0x5)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x14, r6, 0x5, 0x82f5)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r6, 0x3, 0x1)
r7 = clone$auto(0x1, 0x6f2, &(0x7f0000000500)=0x81, &(0x7f0000000540)=0x11, 0x100000000)
sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r2, &(0x7f0000000d40)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)={0x738, 0x0, 0x202, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_REKEY_DATA={0x5b5, 0x7a, 0x0, 0x1, [@generic="85dd678f46424baec1c56a9912aa09bc81f122cc86b1e5d93f599d88acfe884d83ce92dbed01be4a2abaed86f9e507ac346a", @typed={0x8, 0x14, 0x0, 0x0, @pid=r6}, @nested={0x190, 0x69, 0x0, 0x1, [@typed={0x4, 0x8c}, @typed={0xc, 0x4c, 0x0, 0x0, @u64=0x624}, @typed={0x5, 0xb6, 0x0, 0x0, @str='\x00'}, @generic="4c4b4d57884776b4a11467d1f34e2ffbdb6449e6ac0dd94a91d3b6476305dd9ba358e5630cbf2e5d679469be09f89b38b7eb2a9f6bdf21b913cad8b9347e199a5ddebcc14d84c59b6e5833f8e49ef6026e7302d2d9d9ab0bfd30bf081a2e4016da467d537496aa2b8d9c7327e3ea1149e4c95f48def47229a2e211c5e19b836d74fced89d216a277094593743389561364e0b61f3c92f76433424c0514e1f68606e6eb3aed9f39879534f58dfc5ab415f50548c98c3f8061", @generic="64323bcf3986b961a3f4798ea950544f60a9807e566c6bb1ac5888113cda4689d71d6e37447afc1dd0ea2b36216076e1262de55a679057968b8fcb7701409b954997b769487d92113301f8adb78d706cb50af1a160e46108d9b5461934a29890f12f6f7309bcc8cc5454cc4d036cc33ddaa1b2221c8752f64222ce1a7c34ec04dbe699217c19d75e23fada2837f3e28f59fba32e78ec27417131a1b1fede8ed9926487db", @typed={0x8, 0xc4, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @nested={0x4, 0xb4}, @typed={0xb, 0x122, 0x0, 0x0, @str='[}$}\'-\x00'}]}, @generic="a7f33eb83bc7679b1078f154d38d7845c1382ba6811da3d3f69c701e16caa7513c3f827c87e03bc6545a858f584df6c6604b0e46e2ca27a768c5ba6daf95be273f9b931ff3f9b9f60e6302b4283b9fd0d62d91839570106df06ccdf391f439c27f95f8a1767c6b5f86bacbef9182d648c19562ad975ddd6e0bb99fdfe3f733cbbdb757c347e0a4e45f46809a6457a5fb20c49b88742038a7930fc704f6866416920768d57f5bce6d00797300783560dc5c48a18562e2945b7bc33a7fcab8a75652134660cde09482b6e6ae1a8cfa25ebbcd3bc", @nested={0x167, 0xe6, 0x0, 0x1, [@nested={0x4, 0x131}, @nested={0x4, 0x3d}, @nested={0x4, 0xb2}, @typed={0x8, 0xc7, 0x0, 0x0, @fd=r5}, @typed={0x8, 0x137, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="5dab538a6c2eecb8bffcb9fd0b3dd0f31e51485e2263a93a50480e626fef6ed0a6df827a6b203a0c497bd9aa418d225b81e79933d5f040fdf44f3ca1c87426650b231f7ff0242662f6b4967fd1759a7dab395dd3b24ca4e5401b6ee40a11809915e5c35618db34db766b4b376b096fa603402ee0b617e95e5b6450848f8dc75b96a6c2b65a7b9f38eaa55394c2fe66562e9db16c36c517ea938ba70270e21869ccb456905484f440dccc133410d2dcf9eba437903c539d3f7eb2036f594729577f11970bb048981e1dfa84025d785f89401a", @generic="764f6a7220c67c208584cb1258abf01aa82440076dcc32c6f3c04dbebb8b6f955ee48c5839d6e020b18f39f571d3e5ce92b4d9f1d895fac057b965b324078aa25005649a9979e51b273c4b2e614dda16a4b0477a27050a36317933e2cfc5ed9e220620cfef29bcd115", @nested={0x4, 0x61}, @typed={0x8, 0x10e, 0x0, 0x0, @pid=r7}]}, @typed={0xc, 0x92, 0x0, 0x0, @u64=0xc4}, @typed={0x8, 0x31, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @typed={0x8, 0x80, 0x0, 0x0, @u32=0x6}, @nested={0x18e, 0x33, 0x0, 0x1, [@generic="5a155467eef30886b74458dba7e522f10a66730b67f115", @nested={0x4, 0xac}, @generic="98ba8e847524e87a863784d91c46d4931f886c031814ca3a73c6d0060b6e62f55f6ef862655db91bd067f4de15aacf9153f45c5df2ebc8071cdfd632f357059d23d7c7876a84dca27a4c47cba5615b2decdd494fc5465f09636eb04c04e70bc9e00c8c6818e658b034128d01", @generic="0ae43c116a0f7bd9be8c12d59ff816d12c4887e2a0b8b2f1477832e3aa49a118ab29d633aeb8cd8d766e8d5c6e18eecaf1d3560a18dba91a9c9db156004ac56f180b992c57ec2961c09c5c08bd68022934aca3c57a7c7b8bec2466273b5953b99290d06590a39d06192bf31b15d78393d57f90a22f1e800f49119da7e7dcb0fe94b6bee032e390c54d38b6b409ccc93904a281", @generic="c10a5585760addf566ae82c3280f1379b601b48dba4856b6163278cbb0c5c0a158937d3de31f183063ee738c6b1e41fa837bb49fd2c46c3d9eeaea97d95ed2ac5d5ee9cd98ff5cb6be6a5e4914f170abaa8c496ead123a8cf32017b85c73a733519f98e0448f62db3ddc7d9d", @nested={0x4}]}]}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x1}, @NL80211_ATTR_MAC_HINT={0xa2, 0xc8, "8750ff2d184d826815247d83e870177556b4d99c7c9f2b5f72a22e88041433f27a19959864bf67cb6436a95721bc48bcef71affc778bfe842b6f420252f5e9b23d1a7be55b61e041f8ae25fa155a1d4e26d59d33ea340ce9ae5de1bdb609a82b4e566be120d79dc1074bd19d18d1e884a79eef96a38480833986c8190917d05966733d778d71af4ec480a23328cf7897d1a22795bd64992225e64a67e164"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "9497f974801e57f6f944af761ca2699da6aa393777a5900083f9"}, @NL80211_ATTR_TIMEOUT_REASON={0x8, 0xf8, 0x16b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}, @NL80211_ATTR_MAC_MASK={0x8a, 0xd7, "2f81608640a0255f8cbcfe8c135fb04a9bd03d323beb9628417cd60ea8983a0de88f8ab4e7ac6eccd24c387c32520fa32154e0e0680941a9080c2da2a764944e0d767faa70c6ba663a9c13e300eb50776359aef86811a19c0a617145cc764c688944c9b33c5dcdb2cc6b4b6e888a619d7c41416f4ad9d78a6af00bc35e8d458b8a99c6d024ec"}]}, 0x738}, 0x1, 0x0, 0x0, 0x800}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9800000074b75f669fe7be0fe4cb15", @ANYBLOB], 0x98}, 0x1, 0x0, 0x0, 0x40000}, 0x4c010)
sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r4, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xdbbdf56d382648f6}, 0xc, &(0x7f0000000440)={&(0x7f0000000100)={0x310, 0x0, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_VENDOR_DATA={0x4d, 0xc5, "1b85f6557295e955d0571dce6c3accea43cc68c8af50ef07f32d84f895fb02068dc70c83622fe2a11c487a37c881e8f3aeb7c2c0ba06d2741880425a57138a10bb7aa73fdc764efc41"}, @NL80211_ATTR_MESH_CONFIG={0x282, 0x23, 0x0, 0x1, [@nested={0x1cf, 0x114, 0x0, 0x1, [@typed={0x7a, 0x136, 0x0, 0x0, @binary="2c450e4674e004f051c8c874c67d09ad061a3f60672c65a6c4695f67842afd43c0da2a66ba4695d190327465f98e536fb19c022e867707026eeeb1ee4f5a024995b1a72999d4ef6db9404f0c8663fe7cffc5b04ef6650240a622f778303ccdb4bd0c5f83a4ea7617f7cb480bcd3c2475677b9dc12fba"}, @generic="5ebb3f1141f78ec7a990aa9494489884f47cc712abfc6e0ce4ff58ddbfff4a9b357f3d82a7d58123d3b0b25ba766f3a6af1d2ce7155a4882a6218e17fb8f5e22104ec8f35801c3f5c482e3332a48375e040631af40918c996719209861166bccfe930b3254af317b06ef63a3aa74a9a752f85e3d565a11c30a844f29dbe4f3dd5e7810a4aac15663a06f44ed3a0d8baa7fb3ee951273828c84d62d87cac8acb2098e382f24ee2cc2f56897f90acb0b84c3cbd0a81195b0c8f8a892b8fd0129abf3645dfd08d548fffc8fec6c19c4a99eed03c14bdcdf3bf332e824a969b41f014bcfb19a852e00bc0c46eabd805cce", @generic="56a37ba80bc4a1f7bd5d03b20c5fd1ab6649241b68abe18d325a5eef4b2c020e2d4ac5db30bad23df2d836f2163c3b3b3798b56340bc0aa94cca476ea9cd8c1cb4f836f20949a6ad68dc1c0ec8cec1fb1bb78e8bae5fb54d", @nested={0x4, 0x126}, @nested={0x4, 0x132}]}, @generic="57fc5e8d8d1c5022d587066f8d5d8a25187f78c38de588bec42c484ed0d23fafe11a2753bc64a8ce36a9c740c0f49ac949912467dae83d1319728b3750c5f5149fd4fe0ef509b2bb5a69cb4ef335f663454238c2ef0c94dbc6ff6a0bad1f6092f2e089cb13f99595ae2131bd2bc0906525558720e00079acb52cf17aee90eb26b0d336d875713229e67f557db8b5c58f67e871ecaf26e0c452289d9b167da50fc50a37c94d8f771805ee241a17e5"]}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x8}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x401}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_WIPHY_COVERAGE_CLASS={0x5, 0x59, 0x1}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x8}]}, 0x310}, 0x1, 0x0, 0x0, 0xc0}, 0x800)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x20602, 0x0)
bpf$auto_BPF_LINK_DETACH(0x22, &(0x7f0000000d80)=@bpf_attr_11={0x20fc, 0xe1, 0x0, 0xdf75, 0x4, 0x87ec, 0x1, r3}, 0xb)
msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4)
msgctl$auto(0x0, 0x0, 0x0)

7.023106212s ago: executing program 4 (id=4566):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x3, 0x4)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
capset$auto(0x0, 0x0)
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000080), 0x101802, 0x0)
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/gretap0/unres_qlen_bytes\x00', 0x446880, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
read$auto(r2, 0x0, 0x9)
write$auto(r0, 0x0, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(r2, 0x0, 0xfdef)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
socket(0x10, 0x2, 0x0)
mmap$auto(0xfffffffffffffffc, 0x2, 0x101, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
write$auto(r1, 0x0, 0x100)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
getsockopt$auto_SO_DEBUG(r3, 0x404, 0x1, 0x0, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0)
sendfile$auto(r4, r3, 0x0, 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f00000002c0), 0xc9}, 0x43cf, 0x0, 0x80000000, 0x6}, 0x80010009}, 0x7, 0x200, 0x0)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)

6.533466149s ago: executing program 1 (id=4567):
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = open(&(0x7f00000000c0)='&&\x00', 0x595282, 0xa4)
write$auto(r0, 0x0, 0xfffffdf1)
linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
mmap$auto(0x0, 0x2000c, 0x7fffffff, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x100000000000031, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0xaaf, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0)
mmap$auto(0x400000000, 0x6, 0xdf, 0x9b76, 0x2, 0x72)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x7fff}, 0x6a)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket(0x2b, 0x1, 0x1)
socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x89a0, 0x4)
madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000340)="000000000000000008d57137b670548072a564ef92511eb134ea109407e098217afaf01967a2abb4f9f862f8ebd2941bb068", 0xffffffff}, 0x6, 0x0)
prctl$auto(0x3f, 0x2, r3, 0x102349d1, 0xfa)
write$auto(r2, &(0x7f00000001c0)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r5 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/smaps\x00', 0x121002, 0x0)
ioctl$auto(r4, 0x4b41, r5)
close_range$auto(0x2, 0x8, 0x0)

5.588051204s ago: executing program 4 (id=4568):
r0 = socket(0xa, 0x5, 0x73)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0)
mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vivid.0/video4linux/video42/power/control\x00', 0xc2902, 0x0)
read$auto(r3, 0x0, 0x20)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0)
write$auto(0x3, 0x0, 0xffd8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'veth0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r5, &(0x7f0000006940)={0x0, 0x0, &(0x7f0000006900)={&(0x7f0000000000)={0x3c, r6, 0x1, 0x70bd29, 0x25dfdbff, {}, [@HWSIM_ATTR_FLAGS={0x8, 0x4, 0x1}, @HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "a060292f83d9"}, @HWSIM_ATTR_COOKIE={0xc}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0xffffffcc}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000041}, 0x800)
sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xc0, r1, 0x800, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x48b8}, @NL80211_ATTR_VHT_CAPABILITY={0x86, 0x9d, "aa17e3053381c3ca699e86a1a7a63ea1c57f617045301d3a1942ffc25354c45092a95ae6ff29d2b369ee2a8c0a682528d27c202819d4980ac07392ab853a9bc1c4eb8b60294c92be80b322cbe019578ef56675ac962044ec8876d65ab181ef5c6a5a40cf65b97eec9639878eeebc8458647784db6e95204bb83e4c870695c57cef8b"}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x2}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x8000}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0xc0}, 0x1, 0x0, 0x0, 0x1000408c}, 0x2004000)
syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff)
unshare$auto(0x20000080)
unshare$auto(0x8)
r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0)
preadv$auto(r7, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001)

4.680972407s ago: executing program 2 (id=4569):
r0 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim4/trap_flow_action_cookie\x00', 0x440, 0x0)
setsockopt$auto_SO_RXQ_OVFL(r0, 0x491, 0x28, &(0x7f0000000080)='/dev/ttyS2\x00', 0x7fff)
socket(0x28, 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="13002cbd7000dddbdf250200000008000300", @ANYRES32=r3, @ANYBLOB='\b\x00a'], 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r4 = getsockopt$auto(0x3, 0x200000000001, 0x41, 0x0, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x841, 0x0)
msgctl$auto_IPC_INFO(0x8, 0x3, 0x0)
ioctl$auto(r5, 0x560a, 0x7)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
r6 = socket(0x2, 0x2, 0x88)
mmap$auto(0x0, 0x1000004020009, 0x7, 0x1d, r4, 0x7ffc)
close_range$auto(0x2, 0xa, 0x0)
prctl$auto(0x1d, 0xfffffffffffffffb, 0x8, 0x10000005, 0xfffffffffffffff9)
clock_nanosleep$auto(0xb, 0x8000, 0x0, 0x0)
settimeofday$auto(0x0, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cpuacct.stat\x00', 0x800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000200)=""/163, 0xa3)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x7)
mmap$auto(0x0, 0x100000001, 0x1000000003, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0x10000000000002d, 0x0)
fallocate$auto(r6, 0x9, 0x10000, 0x7fffffffffffffff)

3.867886487s ago: executing program 2 (id=4570):
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sda1\x00', 0x149e42, 0x0)
mmap$auto(0xfffffffffffffffd, 0x810002, 0xffb, 0x8000000008011, r0, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x101)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x8500, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0x8000000eb1, 0x401, 0x8000)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5)
ioctl$auto(r2, 0x4008af12, r1)
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
migrate_pages$auto(0x0, 0x4, &(0x7f0000000100)=0x5, &(0x7f0000000080)=0x298)
mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, r3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x80000003, 0x0)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x80011, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r4, &(0x7f0000000840)="fda203ba", 0x4)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb-serial/drivers/cyphidcom/uevent\x00', 0x180, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r6 = socketpair$auto(0x3, 0x5, 0x8000000000000000, 0x0)
close_range$auto(r4, r6, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r5)
r8 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0xc375111f31e0b3fc, 0x0)
ioctl$auto_PPPIOCSNPMODE(r8, 0x4008744b, 0x0)
readv$auto(0xffffffffffffffff, 0x0, 0x9)

3.721420099s ago: executing program 3 (id=4571):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129882, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x610841, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:01.3/rescan\x00', 0x7a3280, 0x0)
mmap$auto(0x7, 0x2000c, 0x6, 0x20eb1, r0, 0x8000) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80404, 0x0) (async)
mmap$auto(0x0, 0x7, 0x71df, 0x40eb6, 0x401, 0x300000000100) (async)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x40040, 0x0)
ioctl$auto_EVIOCSKEYCODE(r1, 0x40084504, &(0x7f00000000c0)=[0xa, 0x6])
eventfd$auto(0x80000002)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r2, 0x0, 0x0) (async)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(r2, 0x4020ae76, r3)
read$auto_clear_warn_once_fops_(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001080)=ANY=[@ANYRESOCT=r3], 0x1ac}}, 0x40000) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x200003, 0x1)
semctl$auto_GETPID(0x0, 0xfffffff6, 0xb, 0xffffffffffff8335)
write$auto(0xffffffffffffffff, &(0x7f00000012c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00J\xd1\x8cz2\xfc\xea\v\x05\xa2\x01+\x13\xe1\xe1[2\x931f\x9a\x89\xab\xcc\xee\xe7b\x8d\xc0\xb9m\xa3\xd6W\xd9\xd6\xe2\xff\xce`\x11\x82\x9d\xf9\x9e\xdb\x7f\x02G\xb1Z\x957\xdb\x99\xf7q\xe4\xd9\xd8f\x8c\xf2\x02j\x8dG\xb1Qa~\xf9T\xecK\x86\x05b&\xf2d\xbe\x94O\xb3\xb8^\x1f\xb3\xcb\x9a\xc1\x8c9\x82T%\x88`\xb1\xae\x96v\x04\xe6\xf3\x18\xea\"\xf4\xd8\xb4P9]\vF\x1a\xe3\x15\xd8t\xed\xb3\v\xb9\xc6:+\xc9\\MB\xbf\xdd\xdeit\xc5\xea\xbe\x96\xec\x93\b\xb81\xbda\xd9\xeez\x90\x1d\x17\xfavt@\x04\x1f\x955gv\xd45\xa4\xe6f\x9b\"\xee\xc1\x0e;\xd6\xd8\x8e\xc4o\xfb\xb7\t\f\"W\x94p-\x8b^\x9c\xd2\x8ah\xcaa\xc8:P-D\xed\xdc\xbc\xec\xac@dO\xa9\x8c\xbd\x93\xbfE)8\xd1\xf8R\xd9a\x9c\x88\xaa\xc8\xdc\xf9\x93tc%\x11\\\x1c\x95\x99\n', 0x10081) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) (async)
mknod$auto(&(0x7f0000001040)=':,\x00', 0xca, 0xfffffffa) (async)
r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) (async)
openat2$dir(0xffffffffffffff9c, &(0x7f00000011c0)=':,\x00', &(0x7f0000001200)={0x503240, 0x86, 0x14}, 0x18)

3.339162333s ago: executing program 1 (id=4572):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) (async)
openat$auto_show_traces_fops_trace(0xffffffffffffff9c, 0x0, 0x826c0, 0x0)
writev$auto(0xffffffffffffffff, 0x0, 0x3)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x40100, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0) (async, rerun: 64)
r1 = socket(0x1e, 0x4, 0x0) (rerun: 64)
get_robust_list$auto(0x0, 0x0, 0x0) (async, rerun: 32)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) (async, rerun: 32)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000040)={0x0, 0x4da}, 0x3, 0x0, 0x8, 0xf31}, 0x1000}, 0xffffffff, 0x4, 0x0) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x3ff, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) (async, rerun: 32)
mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/hidden\x00', 0x800c0, 0x0)
read$auto(r2, 0x0, 0xb) (async)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r4, 0x28000) (async)
r5 = io_uring_setup$auto(0x20e, 0x0)
close_range$auto(r2, r5, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket(0x2b, 0x1, 0x0) (rerun: 64)

3.104330202s ago: executing program 3 (id=4573):
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/vm/dirty_background_bytes\x00', 0x81, 0x0)
r0 = clone3$auto(0x0, 0x1)
prctl$auto(0x8, 0x1, r0, 0x9, 0x0)
waitid$auto_P_PID(0x1, r0, &(0x7f0000000140)={@_si_pad}, 0x6, &(0x7f00000001c0)={{0x3, 0xcefc}, {0x80, 0x7}, 0x66d, 0x8, 0x8, 0xe, 0x2, 0xb, 0x5, 0x2, 0x18, 0x1, 0x8, 0x5, 0xffffffffffffffc0})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x14282, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x10, 0x3, 0x2)
io_uring_register$auto(0x2, 0x8, &(0x7f0000000000), 0x3)

2.554903139s ago: executing program 3 (id=4574):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ram15\x00', 0x400080, 0x0)
unshare$auto(0x40000080)
r1 = socket(0xa, 0x5, 0x0)
mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r1, 0x7ffe)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/card0/pcm0p/sub6/status\x00', 0x402a82, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x6, 0x8)
write$auto(r2, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2a, 0x8001, 0x200000009b7e, r0, 0x2000028000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0)
poll$auto(&(0x7f0000000180)={<r5=>r3, 0xfff7, 0x9816}, 0x8, 0x7)
ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x0)
r6 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x9c, 0x602, 0x300000000000)
ioctl$auto_UBI_IOCDET(r6, 0x40046f41, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f00000003c0))
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x8, 0xfffffffffffffffa, 0x9, 0xfffffffffffffbff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/dummy_hcd.5/usb6/idVendor\x00', 0x7b1300, 0x0)
read$auto(r3, &(0x7f0000000240)='\xcb%)\x00', 0x400000000007)
splice$auto(r1, &(0x7f0000000040)=0x5, 0xffffffffffffffff, &(0x7f00000002c0)=0x9, 0x7ff, 0x895)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x7, 0x24, 0x1037b, 0x80000003)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_VDPA_CMD_DEV_VSTATS_GET(r7, &(0x7f00000000c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[], 0x158}, 0x1, 0x0, 0x0, 0x8080}, 0x84)
sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x40010}, 0x800)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)

2.440841832s ago: executing program 1 (id=4575):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x1a, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0)
pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/tty/ttyaa/dev\x00', 0x0, 0x0)
preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x4, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x4b13], {0x3ff, 0x3, 0xf, 0x6, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0x7, 0x1, 0x52, 0x1, 0xffffffff, 0x40, 0x4, 0x8, 0x100000004}})
io_uring_register$auto(0x2, 0x1d, 0x0, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000)
mremap$auto(0x1, 0x4, 0x6, 0xb0f, 0x6)
socket(0x2, 0x1, 0x0)
clone$auto(0x5, 0x2, 0x0, 0x0, 0x92)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)

1.256456433s ago: executing program 1 (id=4576):
rename$auto(0x0, 0x0)

779.311161ms ago: executing program 2 (id=4577):
r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40802, 0x0)
read$auto(r0, 0x0, 0xb4d3) (async)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x202682, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x88b02, 0x0)
write$auto(r2, &(0x7f00000001c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x100000002)
r3 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$auto_UBI_IOCATT(r3, 0x40186f40, &(0x7f0000000080)={0x7b1, 0x0, 0x80000203, 0x8000, 0x1, 0x4})
bpf$auto_BPF_LINK_GET_NEXT_ID(0x1f, &(0x7f0000000240)=@bpf_attr_7={@link_id=0x5, 0xfffffff8, 0x80000000, r1}, 0x8000000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000140)="3318cb") (async, rerun: 64)
read$auto(0xffffffffffffffff, 0x0, 0x20) (async, rerun: 64)
bpf$auto(0x0, 0x0, 0x94)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x1)

724.069652ms ago: executing program 1 (id=4578):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x319001, 0x0)
r4 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r4}, 0x6f4)
read$auto(r3, 0x0, 0x20)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x48041, 0x0)
write$auto(r5, 0x0, 0x6)
unshare$auto(0x40000080)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000000)="b2", 0x1)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r1, r7, 0x0, 0x1)
pread64$auto(r3, &(0x7f0000000180)='TIPCv2\x00', 0xffff, 0x8)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x1, 0x4a, 0x0, 0x9)
socket(0x10, 0x80002, 0x0)
bind$auto(r2, &(0x7f0000000140)=@generic={0x1a, "9300000004000000000000000091"}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.0/usb9/9-0:1.0/usb9-port7/over_current_count\x00', 0x400000, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000)

0s ago: executing program 2 (id=4579):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r1=>0x0})
socket(0x10, 0x2, 0x4)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/sockstat6\x00', 0x141100, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000200)=""/92, 0x5c)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek$auto(r4, 0x7fd, 0x1)
sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x400007ffff000)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x0)
set_mempolicy$auto(0x6, 0x0, 0x21)
r5 = pidfd_open$auto(0x1, 0x0)
setns(r5, 0x0)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
sendmsg$auto_OVS_VPORT_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r7, 0x0, 0xb4d3)
r8 = getpid()
process_vm_readv$auto(r8, &(0x7f0000000180)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={0x0, 0x401}, 0x6, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002668f42a8eb796bd7000fbdbdf2502000000050001438157174a12a31492a989a9016f770000000000080005000000", @ANYRES32=0x0, @ANYBLOB="08000500ffffff7f08000900", @ANYRES32=r1, @ANYBLOB="08000200", @ANYRES32=r8, @ANYBLOB="0800070002000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4850}, 0x50)
write$auto(0x3, 0x0, 0xffd8)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
fsconfig$auto(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket(0x2, 0x3, 0xa)

kernel console output (not intermixed with test programs):

][ T9994]  vfs_write+0x7d3/0x11d0
[  999.024292][ T9994]  ? __pfx_sock_write_iter+0x10/0x10
[  999.024345][ T9994]  ? __pfx_vfs_write+0x10/0x10
[  999.024388][ T9994]  ? find_held_lock+0x2b/0x80
[  999.024451][ T9994]  ksys_write+0x1f8/0x250
[  999.024486][ T9994]  ? __pfx_ksys_write+0x10/0x10
[  999.024527][ T9994]  do_syscall_64+0xcd/0xf80
[  999.024551][ T9994]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  999.024574][ T9994] RIP: 0033:0x7f27c3d8f7c9
[  999.024592][ T9994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  999.024615][ T9994] RSP: 002b:00007f27c4cca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  999.024637][ T9994] RAX: ffffffffffffffda RBX: 00007f27c3fe6090 RCX: 00007f27c3d8f7c9
[  999.024652][ T9994] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002
[  999.024666][ T9994] RBP: 00007f27c4cca090 R08: 0000000000000000 R09: 0000000000000000
[  999.024680][ T9994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  999.024693][ T9994] R13: 00007f27c3fe6128 R14: 00007f27c3fe6090 R15: 00007ffe2c853138
[  999.024729][ T9994]  </TASK>
[ 1000.434451][T10026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3722'.
[ 1000.445217][T10026] netlink: 13 bytes leftover after parsing attributes in process `syz.3.3722'.
[ 1000.634110][T10054] FAULT_INJECTION: forcing a failure.
[ 1000.634110][T10054] name failslab, interval 1, probability 0, space 0, times 0
[ 1000.650802][T10054] CPU: 1 UID: 0 PID: 10054 Comm: syz.0.3724 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1000.650853][T10054] Tainted: [L]=SOFTLOCKUP
[ 1000.650864][T10054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1000.650894][T10054] Call Trace:
[ 1000.650905][T10054]  <TASK>
[ 1000.650919][T10054]  dump_stack_lvl+0x16c/0x1f0
[ 1000.650983][T10054]  should_fail_ex+0x512/0x640
[ 1000.651021][T10054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1000.651067][T10054]  should_failslab+0xc2/0x120
[ 1000.651118][T10054]  kmem_cache_alloc_noprof+0x83/0x770
[ 1000.651158][T10054]  ? skb_clone+0x190/0x3f0
[ 1000.651217][T10054]  ? skb_clone+0x190/0x3f0
[ 1000.651259][T10054]  skb_clone+0x190/0x3f0
[ 1000.651313][T10054]  netlink_deliver_tap+0xabd/0xd30
[ 1000.651370][T10054]  netlink_unicast+0x64c/0x870
[ 1000.651426][T10054]  ? __pfx_netlink_unicast+0x10/0x10
[ 1000.651500][T10054]  netlink_sendmsg+0x8c8/0xdd0
[ 1000.651564][T10054]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1000.651633][T10054]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1000.651683][T10054]  ____sys_sendmsg+0xa5d/0xc30
[ 1000.651718][T10054]  ? copy_msghdr_from_user+0x10a/0x160
[ 1000.651763][T10054]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1000.651816][T10054]  ___sys_sendmsg+0x134/0x1d0
[ 1000.651864][T10054]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1000.651968][T10054]  __sys_sendmsg+0x16d/0x220
[ 1000.652015][T10054]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1000.652088][T10054]  do_syscall_64+0xcd/0xf80
[ 1000.652123][T10054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1000.652156][T10054] RIP: 0033:0x7f27c3d8f7c9
[ 1000.652182][T10054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1000.652213][T10054] RSP: 002b:00007f27c4ceb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1000.652244][T10054] RAX: ffffffffffffffda RBX: 00007f27c3fe5fa0 RCX: 00007f27c3d8f7c9
[ 1000.652265][T10054] RDX: 0000000004000050 RSI: 0000200000000180 RDI: 0000000000000004
[ 1000.652286][T10054] RBP: 00007f27c4ceb090 R08: 0000000000000000 R09: 0000000000000000
[ 1000.652306][T10054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1000.652325][T10054] R13: 00007f27c3fe6038 R14: 00007f27c3fe5fa0 R15: 00007ffe2c853138
[ 1000.652370][T10054]  </TASK>
[ 1000.652397][T10054] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3724'.
[ 1001.859234][T10097] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1002.375847][T10121] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3731'.
[ 1002.385484][T10121] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3731'.
[ 1002.713209][T10129] FAULT_INJECTION: forcing a failure.
[ 1002.713209][T10129] name failslab, interval 1, probability 0, space 0, times 0
[ 1002.772833][T10129] CPU: 1 UID: 0 PID: 10129 Comm: syz.1.3734 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1002.772882][T10129] Tainted: [L]=SOFTLOCKUP
[ 1002.772894][T10129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1002.772913][T10129] Call Trace:
[ 1002.772924][T10129]  <TASK>
[ 1002.772936][T10129]  dump_stack_lvl+0x16c/0x1f0
[ 1002.772992][T10129]  should_fail_ex+0x512/0x640
[ 1002.773031][T10129]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1002.773075][T10129]  should_failslab+0xc2/0x120
[ 1002.773126][T10129]  kmem_cache_alloc_noprof+0x83/0x770
[ 1002.773181][T10129]  ? skb_clone+0x190/0x3f0
[ 1002.773234][T10129]  ? skb_clone+0x190/0x3f0
[ 1002.773278][T10129]  skb_clone+0x190/0x3f0
[ 1002.773326][T10129]  netlink_deliver_tap+0xabd/0xd30
[ 1002.773382][T10129]  netlink_unicast+0x64c/0x870
[ 1002.773440][T10129]  ? __pfx_netlink_unicast+0x10/0x10
[ 1002.773509][T10129]  netlink_sendmsg+0x8c8/0xdd0
[ 1002.773579][T10129]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1002.773634][T10129]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1002.773675][T10129]  ____sys_sendmsg+0xa5d/0xc30
[ 1002.773706][T10129]  ? copy_msghdr_from_user+0x10a/0x160
[ 1002.773765][T10129]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1002.773818][T10129]  ___sys_sendmsg+0x134/0x1d0
[ 1002.773866][T10129]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1002.773962][T10129]  __sys_sendmsg+0x16d/0x220
[ 1002.774008][T10129]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1002.774077][T10129]  do_syscall_64+0xcd/0xf80
[ 1002.774111][T10129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1002.774150][T10129] RIP: 0033:0x7fd42038f7c9
[ 1002.774176][T10129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1002.774207][T10129] RSP: 002b:00007fd421160038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1002.774237][T10129] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038f7c9
[ 1002.774258][T10129] RDX: 0000000004000050 RSI: 0000200000000180 RDI: 0000000000000004
[ 1002.774279][T10129] RBP: 00007fd421160090 R08: 0000000000000000 R09: 0000000000000000
[ 1002.774297][T10129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1002.774317][T10129] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1002.774359][T10129]  </TASK>
[ 1002.776082][T10129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3734'.
[ 1004.269901][T10202] Invalid ELF header magic: != ELF
[ 1004.332151][T10206] netlink: zone id is out of range
[ 1004.381778][T10206] netlink: zone id is out of range
[ 1004.469201][T10206] netlink: zone id is out of range
[ 1004.523730][T10206] netlink: zone id is out of range
[ 1004.524825][T10242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3741'.
[ 1004.540328][T10206] netlink: zone id is out of range
[ 1004.545517][T10206] netlink: zone id is out of range
[ 1004.551454][T10206] netlink: zone id is out of range
[ 1004.556616][T10206] netlink: zone id is out of range
[ 1004.563071][T10206] netlink: zone id is out of range
[ 1004.566529][T10242] netlink: 25 bytes leftover after parsing attributes in process `syz.0.3741'.
[ 1004.568240][T10206] netlink: zone id is out of range
[ 1004.919502][T10256] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3743'.
[ 1006.824599][T10420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3751'.
[ 1007.519510][T10459] FAULT_INJECTION: forcing a failure.
[ 1007.519510][T10459] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1007.535518][T10459] CPU: 0 UID: 0 PID: 10459 Comm: syz.2.3755 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1007.535571][T10459] Tainted: [L]=SOFTLOCKUP
[ 1007.535584][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1007.535604][T10459] Call Trace:
[ 1007.535615][T10459]  <TASK>
[ 1007.535628][T10459]  dump_stack_lvl+0x16c/0x1f0
[ 1007.535686][T10459]  should_fail_ex+0x512/0x640
[ 1007.535724][T10459]  get_futex_key+0x1d0/0x15f0
[ 1007.535759][T10459]  ? __sys_setfsuid+0x2d5/0x350
[ 1007.535796][T10459]  ? do_syscall_64+0xcd/0xf80
[ 1007.535822][T10459]  ? __pfx_get_futex_key+0x10/0x10
[ 1007.535863][T10459]  futex_wake+0xea/0x530
[ 1007.535903][T10459]  ? __pfx_futex_wake+0x10/0x10
[ 1007.535954][T10459]  do_futex+0x1e3/0x350
[ 1007.535985][T10459]  ? __pfx_do_futex+0x10/0x10
[ 1007.536033][T10459]  __x64_sys_futex+0x1e0/0x4c0
[ 1007.536071][T10459]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1007.536104][T10459]  ? safesetid_task_fix_setuid+0x64/0x1e0
[ 1007.536159][T10459]  do_syscall_64+0xcd/0xf80
[ 1007.536187][T10459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1007.536215][T10459] RIP: 0033:0x7fd86758f7c9
[ 1007.536236][T10459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1007.536263][T10459] RSP: 002b:00007fd8684dc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1007.536289][T10459] RAX: ffffffffffffffda RBX: 00007fd8677e5fa8 RCX: 00007fd86758f7c9
[ 1007.536307][T10459] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd8677e5fac
[ 1007.536324][T10459] RBP: 00007fd8677e5fa0 R08: 00007fd8684dd000 R09: 0000000000000000
[ 1007.536341][T10459] R10: 000000000000ee00 R11: 0000000000000246 R12: 0000000000000000
[ 1007.536358][T10459] R13: 00007fd8677e6038 R14: 00007ffd7a158b60 R15: 00007ffd7a158c48
[ 1007.536394][T10459]  </TASK>
[ 1007.943860][T10463] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3757'.
[ 1007.973752][T10463] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3757'.
[ 1007.995851][T10463] FAULT_INJECTION: forcing a failure.
[ 1007.995851][T10463] name failslab, interval 1, probability 0, space 0, times 0
[ 1008.031623][T10463] CPU: 1 UID: 0 PID: 10463 Comm: syz.2.3757 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1008.031661][T10463] Tainted: [L]=SOFTLOCKUP
[ 1008.031669][T10463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1008.031682][T10463] Call Trace:
[ 1008.031690][T10463]  <TASK>
[ 1008.031706][T10463]  dump_stack_lvl+0x16c/0x1f0
[ 1008.031748][T10463]  should_fail_ex+0x512/0x640
[ 1008.031780][T10463]  should_failslab+0xc2/0x120
[ 1008.031816][T10463]  kmem_cache_alloc_noprof+0x83/0x770
[ 1008.031844][T10463]  ? skb_clone+0x190/0x3f0
[ 1008.031880][T10463]  ? skb_clone+0x190/0x3f0
[ 1008.031908][T10463]  skb_clone+0x190/0x3f0
[ 1008.031941][T10463]  netlink_deliver_tap+0xabd/0xd30
[ 1008.031983][T10463]  netlink_dump+0x881/0xd30
[ 1008.032019][T10463]  ? __pfx_netlink_dump+0x10/0x10
[ 1008.032050][T10463]  ? __pfx___mutex_lock+0x10/0x10
[ 1008.032073][T10463]  ? __netlink_lookup+0x65e/0x900
[ 1008.032122][T10463]  __netlink_dump_start+0x6d6/0x990
[ 1008.032156][T10463]  ? nft_netlink_dump_start_rcu+0x63/0x1f0
[ 1008.032194][T10463]  nft_netlink_dump_start_rcu+0x81/0x1f0
[ 1008.032232][T10463]  nf_tables_getchain+0x50a/0x6e0
[ 1008.032264][T10463]  ? __pfx_nf_tables_getchain+0x10/0x10
[ 1008.032291][T10463]  ? __pfx_nf_tables_dump_chains+0x10/0x10
[ 1008.032324][T10463]  ? __nla_parse+0x40/0x60
[ 1008.032356][T10463]  ? __pfx_nf_tables_getchain+0x10/0x10
[ 1008.032384][T10463]  nfnetlink_rcv_msg+0x583/0x1200
[ 1008.032421][T10463]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1008.032452][T10463]  ? kfree_skbmem+0x1a4/0x1f0
[ 1008.032473][T10463]  ? kfree_skbmem+0x1a4/0x1f0
[ 1008.032522][T10463]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1008.032551][T10463]  netlink_rcv_skb+0x158/0x420
[ 1008.032586][T10463]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1008.032615][T10463]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1008.032668][T10463]  ? ns_capable+0xd7/0x110
[ 1008.032703][T10463]  nfnetlink_rcv+0x1b3/0x430
[ 1008.032730][T10463]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1008.032757][T10463]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1008.032795][T10463]  netlink_unicast+0x5aa/0x870
[ 1008.032834][T10463]  ? __pfx_netlink_unicast+0x10/0x10
[ 1008.032902][T10463]  ? __asan_memset+0x23/0x50
[ 1008.032940][T10463]  ? __build_skb_around+0x278/0x390
[ 1008.032977][T10463]  ? is_vmalloc_addr+0x86/0xa0
[ 1008.033018][T10463]  netlink_sendmsg+0x8c8/0xdd0
[ 1008.033071][T10463]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1008.033123][T10463]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1008.033165][T10463]  sock_write_iter+0x566/0x610
[ 1008.033198][T10463]  ? __pfx_sock_write_iter+0x10/0x10
[ 1008.033243][T10463]  ? bpf_lsm_file_permission+0x9/0x10
[ 1008.033280][T10463]  ? security_file_permission+0x71/0x210
[ 1008.033325][T10463]  ? rw_verify_area+0xcf/0x6c0
[ 1008.033372][T10463]  vfs_write+0x7d3/0x11d0
[ 1008.033417][T10463]  ? __pfx_sock_write_iter+0x10/0x10
[ 1008.033453][T10463]  ? __pfx_vfs_write+0x10/0x10
[ 1008.033496][T10463]  ? find_held_lock+0x2b/0x80
[ 1008.033560][T10463]  ksys_write+0x1f8/0x250
[ 1008.033605][T10463]  ? __pfx_ksys_write+0x10/0x10
[ 1008.033662][T10463]  do_syscall_64+0xcd/0xf80
[ 1008.033704][T10463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.033737][T10463] RIP: 0033:0x7fd86758f7c9
[ 1008.033764][T10463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1008.033796][T10463] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1008.033827][T10463] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1008.033848][T10463] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002
[ 1008.033868][T10463] RBP: 00007fd8684dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1008.033887][T10463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1008.033906][T10463] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1008.033949][T10463]  </TASK>
[ 1011.394797][T10515] FAULT_INJECTION: forcing a failure.
[ 1011.394797][T10515] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1011.434095][T10515] CPU: 0 UID: 0 PID: 10515 Comm: syz.1.3769 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1011.434146][T10515] Tainted: [L]=SOFTLOCKUP
[ 1011.434158][T10515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1011.434177][T10515] Call Trace:
[ 1011.434188][T10515]  <TASK>
[ 1011.434200][T10515]  dump_stack_lvl+0x16c/0x1f0
[ 1011.434258][T10515]  should_fail_ex+0x512/0x640
[ 1011.434303][T10515]  get_futex_key+0x1d0/0x15f0
[ 1011.434355][T10515]  ? __pfx_get_futex_key+0x10/0x10
[ 1011.434392][T10515]  ? trace_sched_set_need_resched_tp+0xf3/0x130
[ 1011.434450][T10515]  futex_wait_setup+0x9d/0x570
[ 1011.434506][T10515]  __futex_wait+0x193/0x2f0
[ 1011.434554][T10515]  ? __pfx___futex_wait+0x10/0x10
[ 1011.434607][T10515]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1011.434659][T10515]  ? futex_hash+0x2c5/0x380
[ 1011.434699][T10515]  ? futex_private_hash_put+0x160/0x1b0
[ 1011.434739][T10515]  futex_wait+0xe8/0x380
[ 1011.434781][T10515]  ? __pfx_futex_wait+0x10/0x10
[ 1011.434842][T10515]  ? kmem_cache_free+0x171/0x770
[ 1011.434891][T10515]  do_futex+0x229/0x350
[ 1011.434930][T10515]  ? __pfx_do_futex+0x10/0x10
[ 1011.434966][T10515]  ? __pfx___might_resched+0x10/0x10
[ 1011.435012][T10515]  ? blkcg_maybe_throttle_current+0x650/0xf30
[ 1011.435056][T10515]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1011.435109][T10515]  __x64_sys_futex+0x1e0/0x4c0
[ 1011.435150][T10515]  ? __do_sys_close_range+0x278/0x730
[ 1011.435202][T10515]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1011.435240][T10515]  ? xfd_validate_state+0x61/0x180
[ 1011.435284][T10515]  do_syscall_64+0xcd/0xf80
[ 1011.435318][T10515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.435358][T10515] RIP: 0033:0x7fd42038f7c9
[ 1011.435385][T10515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1011.435418][T10515] RSP: 002b:00007fd4211600e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1011.435450][T10515] RAX: ffffffffffffffda RBX: 00007fd4205e5fa8 RCX: 00007fd42038f7c9
[ 1011.435471][T10515] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd4205e5fa8
[ 1011.435492][T10515] RBP: 00007fd4205e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1011.435511][T10515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1011.435530][T10515] R13: 00007fd4205e6038 R14: 00007ffe55084df0 R15: 00007ffe55084ed8
[ 1011.435580][T10515]  </TASK>
[ 1012.209297][T10549] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3773'.
[ 1013.402238][T10572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3777'.
[ 1014.085341][T10604] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3779'.
[ 1015.143113][T10678] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3785'.
[ 1015.293805][T10679] input: jJǸ-�¶š9ã%vø“û¨l�ÐQ 	J86Ö‘ as /devices/virtual/input/input22
[ 1015.569049][T10697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3787'.
[ 1016.897184][   T30] audit: type=1326 audit(2147483699.139:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10691 comm="syz.2.3788" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd86758f7c9 code=0x0
[ 1017.519328][T10726] FAULT_INJECTION: forcing a failure.
[ 1017.519328][T10726] name failslab, interval 1, probability 0, space 0, times 0
[ 1017.572739][T10726] CPU: 1 UID: 0 PID: 10726 Comm: syz.1.3790 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1017.572792][T10726] Tainted: [L]=SOFTLOCKUP
[ 1017.572805][T10726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1017.572830][T10726] Call Trace:
[ 1017.572838][T10726]  <TASK>
[ 1017.572847][T10726]  dump_stack_lvl+0x16c/0x1f0
[ 1017.572891][T10726]  should_fail_ex+0x512/0x640
[ 1017.572920][T10726]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1017.572950][T10726]  should_failslab+0xc2/0x120
[ 1017.572987][T10726]  __kmalloc_cache_noprof+0x80/0x800
[ 1017.573051][T10726]  ? mISDN_open+0x99/0x2a0
[ 1017.573109][T10726]  ? mISDN_open+0x99/0x2a0
[ 1017.573149][T10726]  mISDN_open+0x99/0x2a0
[ 1017.573190][T10726]  ? __pfx_mISDN_open+0x10/0x10
[ 1017.573233][T10726]  misc_open+0x26d/0x450
[ 1017.573274][T10726]  ? __pfx_misc_open+0x10/0x10
[ 1017.573314][T10726]  chrdev_open+0x234/0x6a0
[ 1017.573365][T10726]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1017.573403][T10726]  ? __pfx_chrdev_open+0x10/0x10
[ 1017.573457][T10726]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1017.573519][T10726]  do_dentry_open+0x748/0x1590
[ 1017.573566][T10726]  ? __pfx_chrdev_open+0x10/0x10
[ 1017.573629][T10726]  vfs_open+0x82/0x3f0
[ 1017.573669][T10726]  path_openat+0x2078/0x3140
[ 1017.573731][T10726]  ? __pfx_path_openat+0x10/0x10
[ 1017.573795][T10726]  do_filp_open+0x20b/0x470
[ 1017.573845][T10726]  ? __pfx_do_filp_open+0x10/0x10
[ 1017.573926][T10726]  ? alloc_fd+0x471/0x7d0
[ 1017.573988][T10726]  do_sys_openat2+0x121/0x290
[ 1017.574025][T10726]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1017.574088][T10726]  __x64_sys_openat+0x174/0x210
[ 1017.574126][T10726]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1017.574183][T10726]  do_syscall_64+0xcd/0xf80
[ 1017.574219][T10726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1017.574253][T10726] RIP: 0033:0x7fd42038f7c9
[ 1017.574280][T10726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1017.574311][T10726] RSP: 002b:00007fd42113f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1017.574342][T10726] RAX: ffffffffffffffda RBX: 00007fd4205e6090 RCX: 00007fd42038f7c9
[ 1017.574363][T10726] RDX: 0000000000101000 RSI: 0000200000000200 RDI: ffffffffffffff9c
[ 1017.574384][T10726] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1017.574403][T10726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1017.574422][T10726] R13: 00007fd4205e6128 R14: 00007fd4205e6090 R15: 00007ffe55084ed8
[ 1017.574466][T10726]  </TASK>
[ 1019.312432][T10824] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3795'.
[ 1019.791117][T10841] zswap: compressor  not available
[ 1021.032486][T10910] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3804'.
[ 1021.331209][T10928] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3805'.
[ 1021.707616][T10970] netlink: 'syz.1.3808': attribute type 33 has an invalid length.
[ 1021.727569][T10970] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3808'.
[ 1022.141951][T24007] smpboot: CPU 1 is now offline
[ 1022.293940][T11000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3812'.
[ 1022.322441][T10996] can: request_module (can-proto-0) failed.
[ 1022.690809][   T30] audit: type=1800 audit(2147483648.196:223): pid=11020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3813" name="trace_pipe" dev="tracefs" ino=1312 res=0 errno=0
[ 1026.189179][T11094] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3824'.
[ 1026.293020][   T30] audit: type=1800 audit(2147483648.728:224): pid=11103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3825" name="dbroot" dev="configfs" ino=104903 res=0 errno=0
[ 1026.345495][T11103] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1026.446404][T11103] db_root: cannot open: /dev/audio1
[ 1028.349836][T11201] sd 0:0:1:0: PR command failed: 1026
[ 1028.375263][T11201] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1028.411948][T11201] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1028.969439][T11217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3838'.
[ 1029.375335][   T30] audit: type=1800 audit(2147483647.975:225): pid=11227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3840" name="sr0" dev="devtmpfs" ino=2859 res=0 errno=0
[ 1031.291676][T11321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3851'.
[ 1031.980832][T11329] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1032.014950][T11329] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1032.040385][T11329] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1032.089981][T11329] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1032.163016][T11337] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1032.516448][T11350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3862'.
[ 1033.103491][ T8507] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 1033.529184][ T8507] Bluetooth: hci4: command 0x0406 tx timeout
[ 1033.583751][T11360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3864'.
[ 1034.010798][ T8507] Bluetooth: hci2: command 0x0406 tx timeout
[ 1034.085829][ T5837] Bluetooth: hci1: command 0x0406 tx timeout
[ 1034.091935][ T8507] Bluetooth: hci0: command 0x0406 tx timeout
[ 1034.366063][T11462] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1034.395268][T11462] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1034.476881][T11462] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1034.526323][T11462] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1034.561867][T11462] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1035.561651][T11545] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3878'.
[ 1035.766050][T11551] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[ 1036.351319][T11557] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[ 1036.396496][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[ 1036.402574][ T8507] Bluetooth: hci2: command 0x0406 tx timeout
[ 1036.473330][ T8507] Bluetooth: hci1: command 0x0406 tx timeout
[ 1036.552907][ T8507] Bluetooth: hci0: command 0x0406 tx timeout
[ 1036.622002][T11597] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1036.936726][T11619] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1036.951087][T11613] FAULT_INJECTION: forcing a failure.
[ 1036.951087][T11613] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1036.996872][T11613] CPU: 0 UID: 0 PID: 11613 Comm: syz.2.3887 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1036.996911][T11613] Tainted: [L]=SOFTLOCKUP
[ 1036.996920][T11613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1036.996935][T11613] Call Trace:
[ 1036.996943][T11613]  <TASK>
[ 1036.996952][T11613]  dump_stack_lvl+0x16c/0x1f0
[ 1036.996996][T11613]  should_fail_ex+0x512/0x640
[ 1036.997030][T11613]  get_futex_key+0x1d0/0x15f0
[ 1036.997059][T11613]  ? __pfx_get_futex_key+0x10/0x10
[ 1036.997095][T11613]  futex_wait_setup+0x9d/0x570
[ 1036.997146][T11613]  __futex_wait+0x193/0x2f0
[ 1036.997181][T11613]  ? __pfx___futex_wait+0x10/0x10
[ 1036.997212][T11613]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1036.997260][T11613]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1036.997285][T11613]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1036.997320][T11613]  ? find_held_lock+0x2b/0x80
[ 1036.997354][T11613]  ? futex_private_hash_put+0x160/0x1b0
[ 1036.997380][T11613]  futex_wait+0xe8/0x380
[ 1036.997411][T11613]  ? __pfx_futex_wait+0x10/0x10
[ 1036.997457][T11613]  do_futex+0x229/0x350
[ 1036.997503][T11613]  ? __pfx_do_futex+0x10/0x10
[ 1036.997530][T11613]  ? find_held_lock+0x2b/0x80
[ 1036.997565][T11613]  __x64_sys_futex+0x1e0/0x4c0
[ 1036.997597][T11613]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1036.997623][T11613]  ? safesetid_task_fix_setgid+0x70/0x220
[ 1036.997670][T11613]  do_syscall_64+0xcd/0xf80
[ 1036.997694][T11613]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.997718][T11613] RIP: 0033:0x7fd86758f7c9
[ 1036.997737][T11613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1036.997759][T11613] RSP: 002b:00007fd8684dc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1036.997781][T11613] RAX: ffffffffffffffda RBX: 00007fd8677e5fa8 RCX: 00007fd86758f7c9
[ 1036.997797][T11613] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd8677e5fa8
[ 1036.997811][T11613] RBP: 00007fd8677e5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1036.997825][T11613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1036.997839][T11613] R13: 00007fd8677e6038 R14: 00007ffd7a158b60 R15: 00007ffd7a158c48
[ 1036.997869][T11613]  </TASK>
[ 1038.622296][ T8507] Bluetooth: hci0: command 0x0406 tx timeout
[ 1039.390728][T11771] ovs_: entered promiscuous mode
[ 1039.601877][T11781] openvswitch: ovs_: Dropping previously announced user features
[ 1039.829202][T11796] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3900'.
[ 1039.886760][T11796] netlink: 13 bytes leftover after parsing attributes in process `syz.3.3900'.
[ 1041.689131][T11861] Invalid ELF header magic: != ELF
[ 1042.638053][T11910] zswap: compressor  not available
[ 1042.851521][T11922] FAULT_INJECTION: forcing a failure.
[ 1042.851521][T11922] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1042.918811][T11922] CPU: 0 UID: 0 PID: 11922 Comm: syz.0.3913 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1042.918848][T11922] Tainted: [L]=SOFTLOCKUP
[ 1042.918856][T11922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1042.918873][T11922] Call Trace:
[ 1042.918881][T11922]  <TASK>
[ 1042.918890][T11922]  dump_stack_lvl+0x16c/0x1f0
[ 1042.918944][T11922]  should_fail_ex+0x512/0x640
[ 1042.918976][T11922]  _copy_from_user+0x2e/0xd0
[ 1042.919004][T11922]  kstrtouint_from_user+0xd6/0x1d0
[ 1042.919040][T11922]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1042.919073][T11922]  ? __lock_acquire+0x436/0x2890
[ 1042.919100][T11922]  ? lock_acquire+0x179/0x330
[ 1042.919128][T11922]  proc_fail_nth_write+0x83/0x220
[ 1042.919152][T11922]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1042.919183][T11922]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1042.919204][T11922]  vfs_write+0x2a0/0x11d0
[ 1042.919240][T11922]  ? __pfx___mutex_lock+0x10/0x10
[ 1042.919266][T11922]  ? __pfx_vfs_write+0x10/0x10
[ 1042.919307][T11922]  ? __fget_files+0x20e/0x3c0
[ 1042.919349][T11922]  ksys_write+0x12a/0x250
[ 1042.919382][T11922]  ? __pfx_ksys_write+0x10/0x10
[ 1042.919423][T11922]  do_syscall_64+0xcd/0xf80
[ 1042.919448][T11922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1042.919472][T11922] RIP: 0033:0x7f27c3d8e27f
[ 1042.919493][T11922] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1042.919516][T11922] RSP: 002b:00007f27c4ceb030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1042.919541][T11922] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f27c3d8e27f
[ 1042.919556][T11922] RDX: 0000000000000001 RSI: 00007f27c4ceb0a0 RDI: 0000000000000004
[ 1042.919570][T11922] RBP: 00007f27c4ceb090 R08: 0000000000000000 R09: 0000000000000000
[ 1042.919589][T11922] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1042.919602][T11922] R13: 00007f27c3fe6038 R14: 00007f27c3fe5fa0 R15: 00007ffe2c853138
[ 1042.919632][T11922]  </TASK>
[ 1044.156307][   T30] audit: type=1326 audit(2147483662.841:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11931 comm="syz.1.3920" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd42038f7c9 code=0x0
[ 1045.254844][T11961] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3921'.
[ 1047.350143][T12033] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3936'.
[ 1048.353702][T12075] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3938'.
[ 1050.908551][T12193] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1051.263923][T12211] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3950'.
[ 1051.521123][ T8507] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[ 1053.480627][T12328] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1053.512367][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1053.518789][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1053.779217][T12339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3963'.
[ 1057.638902][T12493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3988'.
[ 1057.862705][T12467] FAULT_INJECTION: forcing a failure.
[ 1057.862705][T12467] name failslab, interval 1, probability 0, space 0, times 0
[ 1058.029071][T12467] CPU: 0 UID: 0 PID: 12467 Comm: syz.2.3980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.029110][T12467] Tainted: [L]=SOFTLOCKUP
[ 1058.029118][T12467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1058.029134][T12467] Call Trace:
[ 1058.029141][T12467]  <TASK>
[ 1058.029151][T12467]  dump_stack_lvl+0x16c/0x1f0
[ 1058.029195][T12467]  should_fail_ex+0x512/0x640
[ 1058.029227][T12467]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1058.029260][T12467]  should_failslab+0xc2/0x120
[ 1058.029297][T12467]  kmem_cache_alloc_noprof+0x83/0x770
[ 1058.029326][T12467]  ? __kernfs_new_node+0xd2/0x9b0
[ 1058.029359][T12467]  ? __kernfs_new_node+0xd2/0x9b0
[ 1058.029386][T12467]  __kernfs_new_node+0xd2/0x9b0
[ 1058.029417][T12467]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1058.029459][T12467]  ? find_held_lock+0x2b/0x80
[ 1058.029491][T12467]  ? kernfs_root+0xee/0x2a0
[ 1058.029538][T12467]  kernfs_new_node+0x13c/0x1e0
[ 1058.029574][T12467]  __kernfs_create_file+0x53/0x350
[ 1058.029617][T12467]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1058.029649][T12467]  internal_create_group+0x597/0xf70
[ 1058.029685][T12467]  ? __pfx_internal_create_group+0x10/0x10
[ 1058.029718][T12467]  ? kernfs_create_link+0x1bd/0x240
[ 1058.029762][T12467]  internal_create_groups+0x9d/0x150
[ 1058.029794][T12467]  device_add+0x6f7/0x1980
[ 1058.029833][T12467]  ? __pfx_device_add+0x10/0x10
[ 1058.029868][T12467]  ? lockdep_init_map_type+0x5c/0x270
[ 1058.029892][T12467]  ? __init_waitqueue_head+0xca/0x150
[ 1058.029927][T12467]  netdev_register_kobject+0x1a9/0x3d0
[ 1058.029955][T12467]  register_netdevice+0x13c1/0x21e0
[ 1058.029999][T12467]  ? __pfx_register_netdevice+0x10/0x10
[ 1058.030043][T12467]  ? __pfx_loopback_net_init+0x10/0x10
[ 1058.030073][T12467]  register_netdev+0x34/0x50
[ 1058.030114][T12467]  loopback_net_init+0x7a/0x170
[ 1058.030143][T12467]  ? __pfx_loopback_net_init+0x10/0x10
[ 1058.030172][T12467]  ops_init+0x1e2/0x5f0
[ 1058.030209][T12467]  setup_net+0x11d/0x3a0
[ 1058.030244][T12467]  ? __pfx_setup_net+0x10/0x10
[ 1058.030277][T12467]  ? lockdep_init_map_type+0x5c/0x270
[ 1058.030301][T12467]  ? mutex_init_lockep+0x110/0x150
[ 1058.030330][T12467]  copy_net_ns+0x351/0x7c0
[ 1058.030354][T12467]  create_new_namespaces+0x3ea/0xab0
[ 1058.030393][T12467]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1058.030429][T12467]  ksys_unshare+0x45b/0xa40
[ 1058.030456][T12467]  ? __pfx_ksys_unshare+0x10/0x10
[ 1058.030478][T12467]  ? xfd_validate_state+0x61/0x180
[ 1058.030509][T12467]  __x64_sys_unshare+0x31/0x40
[ 1058.030530][T12467]  do_syscall_64+0xcd/0xf80
[ 1058.030555][T12467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.030579][T12467] RIP: 0033:0x7fd86758f7c9
[ 1058.030598][T12467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1058.030621][T12467] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1058.030643][T12467] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1058.030658][T12467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1058.030672][T12467] RBP: 00007fd867613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1058.030687][T12467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1058.030701][T12467] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1058.030731][T12467]  </TASK>
[ 1058.530221][T12505] FAULT_INJECTION: forcing a failure.
[ 1058.530221][T12505] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1058.543418][T12505] CPU: 0 UID: 0 PID: 12505 Comm: syz.1.3991 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1058.543452][T12505] Tainted: [L]=SOFTLOCKUP
[ 1058.543461][T12505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1058.543474][T12505] Call Trace:
[ 1058.543482][T12505]  <TASK>
[ 1058.543490][T12505]  dump_stack_lvl+0x16c/0x1f0
[ 1058.543533][T12505]  should_fail_ex+0x512/0x640
[ 1058.543566][T12505]  _copy_to_user+0x32/0xd0
[ 1058.543595][T12505]  simple_read_from_buffer+0xcb/0x170
[ 1058.543631][T12505]  proc_fail_nth_read+0x197/0x240
[ 1058.543672][T12505]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1058.543712][T12505]  ? rw_verify_area+0xcf/0x6c0
[ 1058.543743][T12505]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1058.543781][T12505]  vfs_read+0x1e4/0xcf0
[ 1058.543815][T12505]  ? __pfx___mutex_lock+0x10/0x10
[ 1058.543842][T12505]  ? __pfx_vfs_read+0x10/0x10
[ 1058.543881][T12505]  ? __fget_files+0x20e/0x3c0
[ 1058.543923][T12505]  ksys_read+0x12a/0x250
[ 1058.543955][T12505]  ? __pfx_ksys_read+0x10/0x10
[ 1058.543996][T12505]  do_syscall_64+0xcd/0xf80
[ 1058.544020][T12505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.544044][T12505] RIP: 0033:0x7fd42038e1dc
[ 1058.544062][T12505] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1058.544084][T12505] RSP: 002b:00007fd421160030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1058.544105][T12505] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038e1dc
[ 1058.544121][T12505] RDX: 000000000000000f RSI: 00007fd4211600a0 RDI: 0000000000000004
[ 1058.544135][T12505] RBP: 00007fd421160090 R08: 0000000000000000 R09: 0000000000000000
[ 1058.544149][T12505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1058.544163][T12505] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1058.544193][T12505]  </TASK>
[ 1059.583129][   T30] audit: type=1326 audit(2147483678.332:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12510 comm="syz.1.3992" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd42038f7c9 code=0x0
[ 1062.761316][T12637] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4008'.
[ 1065.504803][T12718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4020'.
[ 1066.048586][T12727] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1066.750705][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1066.902157][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.048569][T12774] Process accounting resumed
[ 1067.075469][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.219637][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.369894][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.524591][T12804] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.598323][T12804] netlink: 'syz.1.4038': attribute type 10 has an invalid length.
[ 1067.621890][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.646743][T12804] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4038'.
[ 1067.890744][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1067.899145][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1068.243132][T12772] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1069.379850][T12877] NFSD: Failed to start, no listeners configured.
[ 1070.268677][T12925] block nbd7: not configured, cannot reconfigure
[ 1071.247616][T12994] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1071.304955][T12996] net_ratelimit: 18 callbacks suppressed
[ 1071.304982][T12996] netlink: NAT attribute type 6 has unexpected length (4 != 2)
[ 1072.736585][T13067] raw_sendmsg: syz.0.4068 forgot to set AF_INET. Fix it!
[ 1073.580613][T13102] input: f¬
 as /devices/virtual/input/input26
[ 1073.899789][T13113] FAULT_INJECTION: forcing a failure.
[ 1073.899789][T13113] name failslab, interval 1, probability 0, space 0, times 0
[ 1074.022852][T13113] CPU: 0 UID: 0 PID: 13113 Comm: syz.2.4078 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1074.022887][T13113] Tainted: [L]=SOFTLOCKUP
[ 1074.022895][T13113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1074.022909][T13113] Call Trace:
[ 1074.022917][T13113]  <TASK>
[ 1074.022926][T13113]  dump_stack_lvl+0x16c/0x1f0
[ 1074.022969][T13113]  should_fail_ex+0x512/0x640
[ 1074.022995][T13113]  ? fs_reclaim_acquire+0xae/0x150
[ 1074.023034][T13113]  should_failslab+0xc2/0x120
[ 1074.023070][T13113]  __kmalloc_noprof+0xeb/0x910
[ 1074.023095][T13113]  ? tomoyo_encode2+0x100/0x3e0
[ 1074.023132][T13113]  ? tomoyo_encode2+0x100/0x3e0
[ 1074.023162][T13113]  tomoyo_encode2+0x100/0x3e0
[ 1074.023197][T13113]  tomoyo_encode+0x29/0x50
[ 1074.023227][T13113]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1074.023269][T13113]  tomoyo_path_number_perm+0x245/0x580
[ 1074.023295][T13113]  ? tomoyo_path_number_perm+0x237/0x580
[ 1074.023325][T13113]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1074.023355][T13113]  ? find_held_lock+0x2b/0x80
[ 1074.023408][T13113]  ? find_held_lock+0x2b/0x80
[ 1074.023436][T13113]  ? hook_file_ioctl_common+0x144/0x410
[ 1074.023471][T13113]  ? __fget_files+0x20e/0x3c0
[ 1074.023508][T13113]  security_file_ioctl+0x9b/0x240
[ 1074.023538][T13113]  __x64_sys_ioctl+0xb7/0x210
[ 1074.023569][T13113]  do_syscall_64+0xcd/0xf80
[ 1074.023593][T13113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1074.023616][T13113] RIP: 0033:0x7fd86758f7c9
[ 1074.023634][T13113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1074.023656][T13113] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1074.023677][T13113] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1074.023692][T13113] RDX: ffffffffffffffff RSI: 0000000000004c81 RDI: 0000000000000003
[ 1074.023706][T13113] RBP: 00007fd8684dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1074.023720][T13113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1074.023733][T13113] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1074.023767][T13113]  </TASK>
[ 1074.023787][T13113] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1074.750786][T13152] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1074.781883][T13152] netlink: 'syz.0.4083': attribute type 10 has an invalid length.
[ 1074.824186][T13152] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4083'.
[ 1075.022185][T13157] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4085'.
[ 1075.398923][T13162] FAULT_INJECTION: forcing a failure.
[ 1075.398923][T13162] name failslab, interval 1, probability 0, space 0, times 0
[ 1075.495709][T13162] CPU: 0 UID: 0 PID: 13162 Comm: syz.1.4086 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1075.495748][T13162] Tainted: [L]=SOFTLOCKUP
[ 1075.495757][T13162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1075.495772][T13162] Call Trace:
[ 1075.495780][T13162]  <TASK>
[ 1075.495789][T13162]  dump_stack_lvl+0x16c/0x1f0
[ 1075.495833][T13162]  should_fail_ex+0x512/0x640
[ 1075.495862][T13162]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1075.495896][T13162]  should_failslab+0xc2/0x120
[ 1075.495934][T13162]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1075.495966][T13162]  ? __d_alloc+0x35/0xa80
[ 1075.495993][T13162]  ? __d_alloc+0x35/0xa80
[ 1075.496013][T13162]  __d_alloc+0x35/0xa80
[ 1075.496038][T13162]  d_alloc_pseudo+0x1c/0xc0
[ 1075.496066][T13162]  alloc_file_pseudo+0xcf/0x230
[ 1075.496099][T13162]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1075.496126][T13162]  ? alloc_fd+0x471/0x7d0
[ 1075.496165][T13162]  sock_alloc_file+0x50/0x210
[ 1075.496202][T13162]  __sys_socket+0x1c0/0x260
[ 1075.496228][T13162]  ? __pfx___sys_socket+0x10/0x10
[ 1075.496253][T13162]  ? xfd_validate_state+0x61/0x180
[ 1075.496282][T13162]  __x64_sys_socket+0x72/0xb0
[ 1075.496306][T13162]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1075.496328][T13162]  do_syscall_64+0xcd/0xf80
[ 1075.496352][T13162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1075.496376][T13162] RIP: 0033:0x7fd42038f7c9
[ 1075.496395][T13162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1075.496419][T13162] RSP: 002b:00007fd421160038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1075.496440][T13162] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038f7c9
[ 1075.496456][T13162] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1075.496471][T13162] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1075.496485][T13162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1075.496499][T13162] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1075.496529][T13162]  </TASK>
[ 1075.726817][T13169] : Can't lookup blockdev
[ 1076.556803][T13183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4092'.
[ 1076.652706][ T8507] Bluetooth: hci4: unexpected event 0x23 length: 127 > 13
[ 1076.703816][T13183] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4092'.
[ 1076.764428][T13191] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1076.814460][T13191] netlink: 'syz.2.4096': attribute type 10 has an invalid length.
[ 1076.846131][T13191] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4096'.
[ 1078.444165][T13243] FAULT_INJECTION: forcing a failure.
[ 1078.444165][T13243] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.547267][T13243] CPU: 0 UID: 0 PID: 13243 Comm: syz.2.4104 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1078.547305][T13243] Tainted: [L]=SOFTLOCKUP
[ 1078.547313][T13243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1078.547327][T13243] Call Trace:
[ 1078.547335][T13243]  <TASK>
[ 1078.547344][T13243]  dump_stack_lvl+0x16c/0x1f0
[ 1078.547387][T13243]  should_fail_ex+0x512/0x640
[ 1078.547414][T13243]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1078.547453][T13243]  should_failslab+0xc2/0x120
[ 1078.547489][T13243]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1078.547520][T13243]  ? shmem_alloc_inode+0x25/0x50
[ 1078.547556][T13243]  ? __pfx_shmem_alloc_inode+0x10/0x10
[ 1078.547588][T13243]  ? shmem_alloc_inode+0x25/0x50
[ 1078.547618][T13243]  shmem_alloc_inode+0x25/0x50
[ 1078.547649][T13243]  alloc_inode+0x64/0x240
[ 1078.547676][T13243]  new_inode+0x22/0x1c0
[ 1078.547704][T13243]  shmem_get_inode+0x19a/0xfb0
[ 1078.547740][T13243]  ? __vm_enough_memory+0x184/0x3f0
[ 1078.547776][T13243]  __shmem_file_setup+0x290/0x350
[ 1078.547816][T13243]  shmem_zero_setup+0x93/0x1b0
[ 1078.547846][T13243]  __mmap_region+0x2277/0x2a00
[ 1078.547878][T13243]  ? __pfx___mmap_region+0x10/0x10
[ 1078.547903][T13243]  ? __lock_acquire+0x436/0x2890
[ 1078.547945][T13243]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1078.547977][T13243]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1078.547999][T13243]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1078.548083][T13243]  ? rcu_is_watching+0x12/0xc0
[ 1078.548122][T13243]  mmap_region+0x1ab/0x3f0
[ 1078.548151][T13243]  ? __get_unmapped_area+0x267/0x3f0
[ 1078.548188][T13243]  do_mmap+0xa3e/0x1210
[ 1078.548227][T13243]  ? __pfx_do_mmap+0x10/0x10
[ 1078.548266][T13243]  ? __pfx_down_write_killable+0x10/0x10
[ 1078.548297][T13243]  vm_mmap_pgoff+0x29e/0x470
[ 1078.548335][T13243]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1078.548375][T13243]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1078.548401][T13243]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1078.548436][T13243]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1078.548469][T13243]  ? xfd_validate_state+0x61/0x180
[ 1078.548495][T13243]  __x64_sys_mmap+0x125/0x190
[ 1078.548521][T13243]  do_syscall_64+0xcd/0xf80
[ 1078.548546][T13243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1078.548569][T13243] RIP: 0033:0x7fd86758f7c9
[ 1078.548588][T13243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1078.548610][T13243] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1078.548632][T13243] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1078.548648][T13243] RDX: 0000000000000006 RSI: 0000000004020009 RDI: 0000000000000000
[ 1078.548661][T13243] RBP: 00007fd867613f91 R08: 0000000000000401 R09: 0000000000008000
[ 1078.548675][T13243] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1078.548689][T13243] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1078.548718][T13243]  </TASK>
[ 1079.235599][   T30] audit: type=1800 audit(2147483697.712:228): pid=13246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4104" name="dbroot" dev="configfs" ino=110506 res=0 errno=0
[ 1081.037536][   T30] audit: type=1800 audit(2147483699.913:229): pid=13325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4117" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1081.545260][T13347] Invalid ELF header magic: != ELF
[ 1083.648212][T13471] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1085.037518][T13547] netlink: 'syz.3.4137': attribute type 10 has an invalid length.
[ 1085.109348][T13547] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4137'.
[ 1086.576468][T13642] NFSD: Failed to start, no listeners configured.
[ 1087.142887][T13665] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[ 1087.976034][T13706] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1088.026291][T13706] netlink: 'syz.0.4146': attribute type 10 has an invalid length.
[ 1088.057344][T13706] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4146'.
[ 1088.271578][T13709] FAULT_INJECTION: forcing a failure.
[ 1088.271578][T13709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1088.324813][T13709] CPU: 0 UID: 0 PID: 13709 Comm: syz.2.4147 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1088.324849][T13709] Tainted: [L]=SOFTLOCKUP
[ 1088.324857][T13709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1088.324870][T13709] Call Trace:
[ 1088.324878][T13709]  <TASK>
[ 1088.324886][T13709]  dump_stack_lvl+0x16c/0x1f0
[ 1088.324928][T13709]  should_fail_ex+0x512/0x640
[ 1088.324963][T13709]  _copy_to_user+0x32/0xd0
[ 1088.324991][T13709]  simple_read_from_buffer+0xcb/0x170
[ 1088.325027][T13709]  proc_fail_nth_read+0x197/0x240
[ 1088.325066][T13709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1088.325106][T13709]  ? rw_verify_area+0xcf/0x6c0
[ 1088.325135][T13709]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1088.325172][T13709]  vfs_read+0x1e4/0xcf0
[ 1088.325205][T13709]  ? __pfx___mutex_lock+0x10/0x10
[ 1088.325230][T13709]  ? __pfx_vfs_read+0x10/0x10
[ 1088.325269][T13709]  ? __fget_files+0x20e/0x3c0
[ 1088.325309][T13709]  ksys_read+0x12a/0x250
[ 1088.325340][T13709]  ? __pfx_ksys_read+0x10/0x10
[ 1088.325379][T13709]  do_syscall_64+0xcd/0xf80
[ 1088.325402][T13709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1088.325425][T13709] RIP: 0033:0x7fd86758e1dc
[ 1088.325442][T13709] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1088.325469][T13709] RSP: 002b:00007fd8684dc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1088.325490][T13709] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758e1dc
[ 1088.325505][T13709] RDX: 000000000000000f RSI: 00007fd8684dc0a0 RDI: 0000000000000004
[ 1088.325518][T13709] RBP: 00007fd8684dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1088.325532][T13709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1088.325545][T13709] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1088.325574][T13709]  </TASK>
[ 1088.601473][T13712] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[ 1088.797827][T13740] netlink: 334 bytes leftover after parsing attributes in process `syz.3.4152'.
[ 1089.850865][T13804] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[ 1089.924246][T13804] netlink: 'syz.0.4158': attribute type 10 has an invalid length.
[ 1089.973841][T13804] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4158'.
[ 1090.118459][T13810] =======================================================
[ 1090.118459][T13810] WARNING: The mand mount option has been deprecated and
[ 1090.118459][T13810]          and is ignored by this kernel. Remove the mand
[ 1090.118459][T13810]          option from the mount to silence this warning.
[ 1090.118459][T13810] =======================================================
[ 1090.550161][T13826] __vm_enough_memory: pid: 13826, comm: syz.0.4162, bytes: 4398046511104 not enough memory for the allocation
[ 1090.567645][   T30] audit: type=1800 audit(2147483709.499:230): pid=13825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4163" name="dbroot" dev="configfs" ino=111681 res=0 errno=0
[ 1091.241690][T13861] netlink: 62 bytes leftover after parsing attributes in process `syz.3.4166'.
[ 1091.551053][T13870] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4169'.
[ 1093.569247][T13970] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1093.981100][   T30] audit: type=1800 audit(2147483712.917:231): pid=14019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4183" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1094.462616][T14025] usb usb36: usbfs: process 14025 (syz.1.4182) did not claim interface 0 before use
[ 1094.705411][T14061] Invalid ELF header magic: != ELF
[ 1095.965469][T14113] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4190'.
[ 1097.287981][T14153] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1097.321194][T14153] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1097.365104][T14153] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1097.419672][T14153] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1097.448141][T14153] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1097.564944][T14161] [U] 	
[ 1097.567800][T14161] [U] 
[ 1097.570542][T14161] [U] 
[ 1097.573256][T14161] [U] 
[ 1097.575971][T14161] [U] 
[ 1097.656037][T14161] [U] 
[ 1097.658797][T14161] [U] 
[ 1097.661510][T14161] [U] 
[ 1097.664242][T14161] [U] 
[ 1097.772676][T14161] [U] 
[ 1097.775440][T14161] [U] 
[ 1097.778162][T14161] [U] 
[ 1097.780876][T14161] [U] 
[ 1097.840146][T14161] [U] 
[ 1097.842911][T14161] [U] 
[ 1097.845636][T14161] [U] 
[ 1097.848356][T14161] [U] 
[ 1097.899431][T14161] [U] 
[ 1097.902235][T14161] [U] 
[ 1097.904958][T14161] [U] 
[ 1097.907686][T14161] [U] 
[ 1097.966677][T14161] [U] 
[ 1097.969529][T14161] [U] 
[ 1097.972247][T14161] [U] 
[ 1097.974967][T14161] [U] 
[ 1098.027570][T14161] [U] 
[ 1098.030353][T14161] [U] 
[ 1098.033070][T14161] [U] 
[ 1098.035790][T14161] [U] 
[ 1098.068899][T14161] [U] 
[ 1098.071756][T14161] [U] 
[ 1098.074476][T14161] [U] 
[ 1098.077210][T14161] [U] 
[ 1098.108109][T14161] [U] 
[ 1098.110871][T14161] [U] 
[ 1098.113610][T14161] [U] 
[ 1098.116325][T14161] [U] 
[ 1098.174083][T14161] [U] 
[ 1098.176841][T14161] [U] 
[ 1098.179559][T14161] [U] 
[ 1098.182314][T14161] [U] 
[ 1098.233211][T14161] [U] 
[ 1098.235980][T14161] [U] 
[ 1098.238699][T14161] [U] 
[ 1098.241419][T14161] [U] 
[ 1098.282868][T14161] [U] 
[ 1098.285629][T14161] [U] 
[ 1098.288361][T14161] [U] 
[ 1098.291075][T14161] [U] 
[ 1098.342818][T14161] [U] 
[ 1098.345596][T14161] [U] 
[ 1098.348311][T14161] [U] 
[ 1098.351019][T14161] [U] 
[ 1098.409459][T14161] [U] 
[ 1099.127141][T14266] Invalid ELF header magic: != ELF
[ 1099.346455][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[ 1099.352553][ T8507] Bluetooth: hci2: command 0x0406 tx timeout
[ 1099.425996][ T5837] Bluetooth: hci1: command 0x0406 tx timeout
[ 1099.505629][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[ 1100.270137][T14286] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4210'.
[ 1101.358026][ T5837] Bluetooth: hci1: Unexpected cc 0x7c89 with no status
[ 1101.415679][ T5837] Bluetooth: hci2: command 0x0406 tx timeout
[ 1102.593492][ T5837] Bluetooth: hci1: Malformed HCI Event
[ 1104.758293][T14472] FAULT_INJECTION: forcing a failure.
[ 1104.758293][T14472] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.851928][T14480] FAULT_INJECTION: forcing a failure.
[ 1104.851928][T14480] name failslab, interval 1, probability 0, space 0, times 0
[ 1104.943216][T14472] CPU: 0 UID: 0 PID: 14472 Comm: syz.1.4236 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1104.943252][T14472] Tainted: [L]=SOFTLOCKUP
[ 1104.943261][T14472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1104.943274][T14472] Call Trace:
[ 1104.943282][T14472]  <TASK>
[ 1104.943291][T14472]  dump_stack_lvl+0x16c/0x1f0
[ 1104.943333][T14472]  should_fail_ex+0x512/0x640
[ 1104.943361][T14472]  ? __kmalloc_noprof+0xca/0x910
[ 1104.943390][T14472]  should_failslab+0xc2/0x120
[ 1104.943426][T14472]  __kmalloc_noprof+0xeb/0x910
[ 1104.943452][T14472]  ? lsm_blob_alloc+0x68/0x90
[ 1104.943492][T14472]  ? lsm_blob_alloc+0x68/0x90
[ 1104.943526][T14472]  lsm_blob_alloc+0x68/0x90
[ 1104.943561][T14472]  security_prepare_creds+0x2f/0x270
[ 1104.943597][T14472]  prepare_creds+0x5d6/0x940
[ 1104.943626][T14472]  __sys_setfsuid+0xda/0x350
[ 1104.943657][T14472]  ? rcu_is_watching+0x12/0xc0
[ 1104.943693][T14472]  do_syscall_64+0xcd/0xf80
[ 1104.943716][T14472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1104.943740][T14472] RIP: 0033:0x7fd42038f7c9
[ 1104.943758][T14472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1104.943780][T14472] RSP: 002b:00007fd42113f038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a
[ 1104.943803][T14472] RAX: ffffffffffffffda RBX: 00007fd4205e6090 RCX: 00007fd42038f7c9
[ 1104.943818][T14472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01
[ 1104.943832][T14472] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1104.943846][T14472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1104.943860][T14472] R13: 00007fd4205e6128 R14: 00007fd4205e6090 R15: 00007ffe55084ed8
[ 1104.943889][T14472]  </TASK>
[ 1105.345660][T14480] CPU: 0 UID: 0 PID: 14480 Comm: syz.2.4235 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1105.345699][T14480] Tainted: [L]=SOFTLOCKUP
[ 1105.345707][T14480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1105.345721][T14480] Call Trace:
[ 1105.345729][T14480]  <TASK>
[ 1105.345739][T14480]  dump_stack_lvl+0x16c/0x1f0
[ 1105.345782][T14480]  should_fail_ex+0x512/0x640
[ 1105.345811][T14480]  ? __kmalloc_noprof+0xca/0x910
[ 1105.345840][T14480]  should_failslab+0xc2/0x120
[ 1105.345878][T14480]  __kmalloc_noprof+0xeb/0x910
[ 1105.345905][T14480]  ? lsm_blob_alloc+0x68/0x90
[ 1105.345954][T14480]  ? lsm_blob_alloc+0x68/0x90
[ 1105.345988][T14480]  lsm_blob_alloc+0x68/0x90
[ 1105.346025][T14480]  security_sk_alloc+0x2f/0x270
[ 1105.346054][T14480]  sk_prot_alloc+0xfb/0x2a0
[ 1105.346079][T14480]  sk_alloc+0x36/0xe30
[ 1105.346110][T14480]  tipc_sk_create+0xce/0x2280
[ 1105.346149][T14480]  ? find_held_lock+0x2b/0x80
[ 1105.346181][T14480]  ? __sock_create+0x2f3/0x8a0
[ 1105.346208][T14480]  __sock_create+0x339/0x8a0
[ 1105.346238][T14480]  __sys_socket+0x14d/0x260
[ 1105.346261][T14480]  ? __fget_files+0x20e/0x3c0
[ 1105.346295][T14480]  ? __pfx___sys_socket+0x10/0x10
[ 1105.346321][T14480]  ? xfd_validate_state+0x61/0x180
[ 1105.346350][T14480]  __x64_sys_socket+0x72/0xb0
[ 1105.346374][T14480]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1105.346396][T14480]  do_syscall_64+0xcd/0xf80
[ 1105.346420][T14480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1105.346445][T14480] RIP: 0033:0x7fd86758f7c9
[ 1105.346463][T14480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1105.346487][T14480] RSP: 002b:00007fd8684bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1105.346509][T14480] RAX: ffffffffffffffda RBX: 00007fd8677e6090 RCX: 00007fd86758f7c9
[ 1105.346525][T14480] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[ 1105.346540][T14480] RBP: 00007fd867613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1105.346554][T14480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1105.346569][T14480] R13: 00007fd8677e6128 R14: 00007fd8677e6090 R15: 00007ffd7a158c48
[ 1105.346599][T14480]  </TASK>
[ 1105.582602][T14473] zswap: compressor  not available
[ 1105.995892][T14527] FAULT_INJECTION: forcing a failure.
[ 1105.995892][T14527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1106.009134][T14527] CPU: 0 UID: 0 PID: 14527 Comm: syz.1.4242 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1106.009170][T14527] Tainted: [L]=SOFTLOCKUP
[ 1106.009178][T14527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1106.009192][T14527] Call Trace:
[ 1106.009200][T14527]  <TASK>
[ 1106.009209][T14527]  dump_stack_lvl+0x16c/0x1f0
[ 1106.009253][T14527]  should_fail_ex+0x512/0x640
[ 1106.009286][T14527]  _copy_to_user+0x32/0xd0
[ 1106.009314][T14527]  simple_read_from_buffer+0xcb/0x170
[ 1106.009350][T14527]  proc_fail_nth_read+0x197/0x240
[ 1106.009390][T14527]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1106.009431][T14527]  ? rw_verify_area+0xcf/0x6c0
[ 1106.009461][T14527]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1106.009499][T14527]  vfs_read+0x1e4/0xcf0
[ 1106.009533][T14527]  ? __pfx___mutex_lock+0x10/0x10
[ 1106.009560][T14527]  ? __pfx_vfs_read+0x10/0x10
[ 1106.009600][T14527]  ? __fget_files+0x20e/0x3c0
[ 1106.009641][T14527]  ksys_read+0x12a/0x250
[ 1106.009673][T14527]  ? __pfx_ksys_read+0x10/0x10
[ 1106.009715][T14527]  do_syscall_64+0xcd/0xf80
[ 1106.009738][T14527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.009762][T14527] RIP: 0033:0x7fd42038e1dc
[ 1106.009780][T14527] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1106.009803][T14527] RSP: 002b:00007fd421160030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1106.009825][T14527] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038e1dc
[ 1106.009840][T14527] RDX: 000000000000000f RSI: 00007fd4211600a0 RDI: 0000000000000003
[ 1106.009855][T14527] RBP: 00007fd421160090 R08: 0000000000000000 R09: 0000000000000000
[ 1106.009869][T14527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.009888][T14527] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1106.009919][T14527]  </TASK>
[ 1106.213812][ T5837] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1106.998938][T14542] FAULT_INJECTION: forcing a failure.
[ 1106.998938][T14542] name failslab, interval 1, probability 0, space 0, times 0
[ 1107.132489][T14549] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1107.157106][T14548] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4246'.
[ 1107.223869][T14542] CPU: 0 UID: 0 PID: 14542 Comm: syz.1.4245 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1107.223907][T14542] Tainted: [L]=SOFTLOCKUP
[ 1107.223915][T14542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1107.223929][T14542] Call Trace:
[ 1107.223938][T14542]  <TASK>
[ 1107.223947][T14542]  dump_stack_lvl+0x16c/0x1f0
[ 1107.223991][T14542]  should_fail_ex+0x512/0x640
[ 1107.224019][T14542]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1107.224063][T14542]  should_failslab+0xc2/0x120
[ 1107.224102][T14542]  kmem_cache_alloc_noprof+0x83/0x770
[ 1107.224131][T14542]  ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10
[ 1107.224164][T14542]  ? acpi_ut_create_thread_state+0x6d/0x170
[ 1107.224200][T14542]  ? acpi_ut_create_thread_state+0x6d/0x170
[ 1107.224228][T14542]  acpi_ut_create_thread_state+0x6d/0x170
[ 1107.224259][T14542]  acpi_ps_parse_aml+0x12e/0x1170
[ 1107.224289][T14542]  ? acpi_ut_ptr_exit+0xfe/0x180
[ 1107.224326][T14542]  acpi_ps_execute_method+0x5c4/0xe90
[ 1107.224365][T14542]  acpi_ns_evaluate+0x98c/0x16d0
[ 1107.224408][T14542]  acpi_evaluate_object+0x4ca/0xdf0
[ 1107.224435][T14542]  ? ksys_read+0x12a/0x250
[ 1107.224473][T14542]  ? __pfx_acpi_evaluate_object+0x10/0x10
[ 1107.224504][T14542]  ? __pfx___might_resched+0x10/0x10
[ 1107.224541][T14542]  acpi_evaluate_integer+0xdd/0x230
[ 1107.224579][T14542]  ? __pfx_acpi_evaluate_integer+0x10/0x10
[ 1107.224629][T14542]  ? __pfx_status_show+0x10/0x10
[ 1107.224655][T14542]  status_show+0xa0/0x120
[ 1107.224681][T14542]  ? __pfx_status_show+0x10/0x10
[ 1107.224715][T14542]  dev_attr_show+0x56/0xe0
[ 1107.224751][T14542]  ? __pfx_dev_attr_show+0x10/0x10
[ 1107.224783][T14542]  sysfs_kf_seq_show+0x216/0x3e0
[ 1107.224814][T14542]  seq_read_iter+0x50e/0x12d0
[ 1107.224859][T14542]  kernfs_fop_read_iter+0x46c/0x610
[ 1107.224897][T14542]  ? rw_verify_area+0xcf/0x6c0
[ 1107.224930][T14542]  vfs_read+0x8bf/0xcf0
[ 1107.224969][T14542]  ? __pfx_vfs_read+0x10/0x10
[ 1107.225022][T14542]  ksys_read+0x12a/0x250
[ 1107.225062][T14542]  ? __pfx_ksys_read+0x10/0x10
[ 1107.225106][T14542]  do_syscall_64+0xcd/0xf80
[ 1107.225131][T14542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1107.225155][T14542] RIP: 0033:0x7fd42038f7c9
[ 1107.225174][T14542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1107.225198][T14542] RSP: 002b:00007fd42113f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1107.225220][T14542] RAX: ffffffffffffffda RBX: 00007fd4205e6090 RCX: 00007fd42038f7c9
[ 1107.225235][T14542] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005
[ 1107.225250][T14542] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1107.225264][T14542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1107.225279][T14542] R13: 00007fd4205e6128 R14: 00007fd4205e6090 R15: 00007ffe55084ed8
[ 1107.225315][T14542]  </TASK>
[ 1108.369469][ T5837] Bluetooth: hci4: Malformed HCI Event
[ 1109.097111][T14542] ACPI Error: ffff888025327000 walk still has a scope list (20250807/dswstate-694)
[ 1109.638579][T14614] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4260'.
[ 1109.898853][T14603] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1109.938760][T14603] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1109.961370][T14603] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1109.992578][T14603] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1110.815953][T14657] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1110.865778][T14657] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4266'.
[ 1111.284644][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[ 1112.002005][ T5834] Bluetooth: hci2: command 0x0406 tx timeout
[ 1112.008164][ T8507] Bluetooth: hci1: command 0x0406 tx timeout
[ 1112.015318][ T5837] Bluetooth: hci0: command 0x0406 tx timeout
[ 1112.028903][T14717] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4279'.
[ 1115.588784][T14857] netlink: Conntrack attr has 4 unknown bytes
[ 1115.637421][T14857] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[ 1115.685806][T14857] CPU: 0 UID: 0 PID: 14857 Comm: syz.3.4282 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1115.685843][T14857] Tainted: [L]=SOFTLOCKUP
[ 1115.685851][T14857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1115.685864][T14857] Call Trace:
[ 1115.685872][T14857]  <TASK>
[ 1115.685881][T14857]  dump_stack_lvl+0x16c/0x1f0
[ 1115.685924][T14857]  sysfs_warn_dup+0x7f/0xa0
[ 1115.685952][T14857]  sysfs_do_create_link_sd+0x124/0x140
[ 1115.685982][T14857]  sysfs_create_link+0x61/0xc0
[ 1115.686009][T14857]  device_add+0x652/0x1980
[ 1115.686048][T14857]  ? __pfx_device_add+0x10/0x10
[ 1115.686091][T14857]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1115.686129][T14857]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[ 1115.686173][T14857]  wiphy_register+0x1ea1/0x2cc0
[ 1115.686197][T14857]  ? __rtnl_unlock+0x68/0xf0
[ 1115.686220][T14857]  ? __netdev_update_features+0x1c80/0x1fe0
[ 1115.686263][T14857]  ? __pfx_wiphy_register+0x10/0x10
[ 1115.686288][T14857]  ? __asan_memset+0x23/0x50
[ 1115.686326][T14857]  ? ieee80211_init_rate_ctrl_alg+0x125/0x680
[ 1115.686355][T14857]  ieee80211_register_hw+0x2bb2/0x4160
[ 1115.686392][T14857]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1115.686418][T14857]  ? __pfx___debug_object_init+0x10/0x10
[ 1115.686461][T14857]  ? find_held_lock+0x2b/0x80
[ 1115.686493][T14857]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1115.686529][T14857]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1115.686566][T14857]  ? __hrtimer_setup+0x176/0x280
[ 1115.686598][T14857]  mac80211_hwsim_new_radio+0x3323/0x5150
[ 1115.686645][T14857]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1115.686684][T14857]  hwsim_new_radio_nl+0xba2/0x1330
[ 1115.686716][T14857]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1115.686755][T14857]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1115.686782][T14857]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1115.686815][T14857]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1115.686847][T14857]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1115.686873][T14857]  ? genl_get_cmd+0x194/0x580
[ 1115.686901][T14857]  ? bpf_lsm_capable+0x9/0x10
[ 1115.686933][T14857]  ? security_capable+0x7e/0x260
[ 1115.686958][T14857]  ? ns_capable+0xd7/0x110
[ 1115.686989][T14857]  genl_rcv_msg+0x55c/0x800
[ 1115.687017][T14857]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1115.687043][T14857]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1115.687087][T14857]  netlink_rcv_skb+0x158/0x420
[ 1115.687123][T14857]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1115.687150][T14857]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1115.687198][T14857]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1115.687237][T14857]  genl_rcv+0x28/0x40
[ 1115.687258][T14857]  netlink_unicast+0x5aa/0x870
[ 1115.687298][T14857]  ? __pfx_netlink_unicast+0x10/0x10
[ 1115.687335][T14857]  ? __pfx___might_resched+0x10/0x10
[ 1115.687367][T14857]  ? __lock_acquire+0x436/0x2890
[ 1115.687396][T14857]  netlink_sendmsg+0x8c8/0xdd0
[ 1115.687438][T14857]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1115.687478][T14857]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1115.687508][T14857]  ____sys_sendmsg+0xa5d/0xc30
[ 1115.687532][T14857]  ? copy_msghdr_from_user+0x10a/0x160
[ 1115.687565][T14857]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1115.687587][T14857]  ? preempt_schedule_thunk+0x16/0x30
[ 1115.687615][T14857]  ? try_to_wake_up+0xa67/0x1860
[ 1115.687651][T14857]  ___sys_sendmsg+0x134/0x1d0
[ 1115.687686][T14857]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1115.687718][T14857]  ? futex_private_hash_put+0x160/0x1b0
[ 1115.687777][T14857]  __sys_sendmsg+0x16d/0x220
[ 1115.687810][T14857]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1115.687842][T14857]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1115.687887][T14857]  do_syscall_64+0xcd/0xf80
[ 1115.687911][T14857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1115.687934][T14857] RIP: 0033:0x7f449018f7c9
[ 1115.687953][T14857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1115.687975][T14857] RSP: 002b:00007f4490fdc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1115.687997][T14857] RAX: ffffffffffffffda RBX: 00007f44903e5fa0 RCX: 00007f449018f7c9
[ 1115.688013][T14857] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1115.688027][T14857] RBP: 00007f4490213f91 R08: 0000000000000000 R09: 0000000000000000
[ 1115.688041][T14857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1115.688054][T14857] R13: 00007f44903e6038 R14: 00007f44903e5fa0 R15: 00007ffd7fe513d8
[ 1115.688092][T14857]  </TASK>
[ 1116.791280][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.815972][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.751644][T14930] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1117.764669][T14928] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4287'.
[ 1117.803714][T14930] netlink: 'syz.2.4288': attribute type 10 has an invalid length.
[ 1117.813301][T14929] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1117.843159][T14930] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4288'.
[ 1117.861397][T14929] netlink: 'syz.1.4283': attribute type 10 has an invalid length.
[ 1117.902368][T14929] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4283'.
[ 1118.426690][T14945] binder: 14936:14945 ioctl 4018620d ffffffffffffffff returned -22
[ 1118.435681][T14966] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4292'.
[ 1119.350122][T15005] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4294'.
[ 1121.822285][T15124] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4299'.
[ 1121.956951][T15124] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1121.964374][T15124] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.405938][T15138] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4304'.
[ 1122.567949][T15152] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1124.049134][T14821] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1124.061799][T14821] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1124.075994][T14821] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1124.084219][T14821] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1124.108069][T14821] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1126.030590][T15190] chnl_net:caif_netlink_parms(): no params data found
[ 1126.175307][T14790] Bluetooth: hci3: command tx timeout
[ 1126.335273][T14919] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1126.964808][T15340] block2mtd: Using custom MTD label '' for dev 
[ 1127.024355][T15340] block2mtd: error: cannot open device 
[ 1127.035787][T14919] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.415382][T14919] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1127.431627][T15366] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4318'.
[ 1127.594052][T15190] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1127.636551][T15190] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1127.679171][T15190] bridge_slave_0: entered allmulticast mode
[ 1127.722737][T15190] bridge_slave_0: entered promiscuous mode
[ 1127.771554][T15190] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1127.818426][T15190] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1127.868679][T15190] bridge_slave_1: entered allmulticast mode
[ 1127.908047][T15190] bridge_slave_1: entered promiscuous mode
[ 1128.088282][T15190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1128.169318][T15190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1128.225541][T15396] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4319'.
[ 1128.240224][T14790] Bluetooth: hci3: command tx timeout
[ 1128.498392][T15190] team0: Port device team_slave_0 added
[ 1128.529298][T15190] team0: Port device team_slave_1 added
[ 1128.892380][T15190] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1128.932206][T15190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1129.037059][T15190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1129.082843][T15463] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4322'.
[ 1129.129295][T15190] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1129.149943][T15190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1129.216421][T15190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1129.262837][T14919] bridge_slave_1: left allmulticast mode
[ 1129.278556][T14919] bridge_slave_1: left promiscuous mode
[ 1129.294389][T14919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1129.315973][T14919] bridge_slave_0: left allmulticast mode
[ 1129.328637][T14919] bridge_slave_0: left promiscuous mode
[ 1129.341783][T14919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1129.949707][T14919] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1129.969694][T14919] bond0 (unregistering): Released all slaves
[ 1130.117943][T14919] ovs_: left promiscuous mode
[ 1130.305938][T14790] Bluetooth: hci3: command tx timeout
[ 1130.399416][T15190] hsr_slave_0: entered promiscuous mode
[ 1130.416376][T15190] hsr_slave_1: entered promiscuous mode
[ 1130.432915][T15190] debugfs: 'hsr0' already exists in 'hsr'
[ 1130.445041][T15190] Cannot create hsr debugfs directory
[ 1131.035185][T15579] FAULT_INJECTION: forcing a failure.
[ 1131.035185][T15579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1131.132836][T15579] CPU: 0 UID: 0 PID: 15579 Comm: syz.1.4331 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1131.132872][T15579] Tainted: [L]=SOFTLOCKUP
[ 1131.132880][T15579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1131.132894][T15579] Call Trace:
[ 1131.132901][T15579]  <TASK>
[ 1131.132911][T15579]  dump_stack_lvl+0x16c/0x1f0
[ 1131.132952][T15579]  should_fail_ex+0x512/0x640
[ 1131.132983][T15579]  _copy_from_user+0x2e/0xd0
[ 1131.133011][T15579]  copy_msghdr_from_user+0x98/0x160
[ 1131.133044][T15579]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1131.133080][T15579]  ? __pfx__kstrtoull+0x10/0x10
[ 1131.133118][T15579]  ___sys_sendmsg+0xfe/0x1d0
[ 1131.133150][T15579]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1131.133193][T15579]  ? find_held_lock+0x2b/0x80
[ 1131.133239][T15579]  __sys_sendmmsg+0x200/0x420
[ 1131.133274][T15579]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1131.133314][T15579]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1131.133349][T15579]  ? fput+0x70/0xf0
[ 1131.133371][T15579]  ? ksys_write+0x1ac/0x250
[ 1131.133402][T15579]  ? __pfx_ksys_write+0x10/0x10
[ 1131.133439][T15579]  __x64_sys_sendmmsg+0x9c/0x100
[ 1131.133470][T15579]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1131.133491][T15579]  do_syscall_64+0xcd/0xf80
[ 1131.133514][T15579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1131.133537][T15579] RIP: 0033:0x7fd42038f7c9
[ 1131.133554][T15579] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1131.133576][T15579] RSP: 002b:00007fd421160038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1131.133597][T15579] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038f7c9
[ 1131.133612][T15579] RDX: 0000000000003b8b RSI: 0000200000000180 RDI: 0000000000000003
[ 1131.133626][T15579] RBP: 00007fd421160090 R08: 0000000000000000 R09: 0000000000000000
[ 1131.133659][T15579] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001
[ 1131.133672][T15579] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1131.133708][T15579]  </TASK>
[ 1131.445988][T15190] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1131.691545][T15633] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4325'.
[ 1132.108599][T15190] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1132.235772][T15190] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1132.373321][T15190] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1132.385051][T14790] Bluetooth: hci3: command tx timeout
[ 1132.971010][T15696] netlink: 'syz.2.4329': attribute type 11 has an invalid length.
[ 1133.085942][T15696] netlink: 'syz.2.4329': attribute type 11 has an invalid length.
[ 1133.441675][T15190] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1133.670476][T15190] 8021q: adding VLAN 0 to HW filter on device team0
[ 1133.689218][T15723] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4332'.
[ 1134.033612][T14872] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1134.040908][T14872] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1134.456625][T14896] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1134.463853][T14896] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1134.875061][T15787] zero sized request
[ 1136.088074][T15859] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1137.140669][T15910] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4344'.
[ 1137.313325][T15190] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1138.212750][T15973] Invalid ELF header magic: != ELF
[ 1138.637181][T14919] hsr_slave_0: left promiscuous mode
[ 1138.711811][T14919] hsr_slave_1: left promiscuous mode
[ 1138.808375][T14919] veth1_macvtap: left promiscuous mode
[ 1138.857105][T14919] veth0_macvtap: left promiscuous mode
[ 1141.041117][T14919] team0 (unregistering): Port device team_slave_1 removed
[ 1141.189552][T14919] team0 (unregistering): Port device team_slave_0 removed
[ 1141.427379][T16076] Invalid ELF header magic: != ELF
[ 1141.524008][T16075] FAULT_INJECTION: forcing a failure.
[ 1141.524008][T16075] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1141.595890][T16075] CPU: 0 UID: 0 PID: 16075 Comm: syz.1.4361 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1141.595928][T16075] Tainted: [L]=SOFTLOCKUP
[ 1141.595937][T16075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1141.595957][T16075] Call Trace:
[ 1141.595965][T16075]  <TASK>
[ 1141.595974][T16075]  dump_stack_lvl+0x16c/0x1f0
[ 1141.596018][T16075]  should_fail_ex+0x512/0x640
[ 1141.596050][T16075]  get_futex_key+0x1d0/0x15f0
[ 1141.596077][T16075]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1141.596100][T16075]  ? __pfx_get_futex_key+0x10/0x10
[ 1141.596126][T16075]  ? kmem_cache_free+0x2d8/0x770
[ 1141.596162][T16075]  ? fcntl_setlk+0x63d/0xdf0
[ 1141.596202][T16075]  futex_wake+0xea/0x530
[ 1141.596233][T16075]  ? fcntl_setlk+0x642/0xdf0
[ 1141.596270][T16075]  ? __pfx_futex_wake+0x10/0x10
[ 1141.596301][T16075]  ? __pfx_fcntl_setlk+0x10/0x10
[ 1141.596339][T16075]  ? __might_fault+0xe3/0x190
[ 1141.596366][T16075]  ? __might_fault+0xe3/0x190
[ 1141.596391][T16075]  ? __might_fault+0x13b/0x190
[ 1141.596423][T16075]  do_futex+0x1e3/0x350
[ 1141.596451][T16075]  ? __pfx_do_futex+0x10/0x10
[ 1141.596478][T16075]  ? do_fcntl+0x268/0x1660
[ 1141.596508][T16075]  __x64_sys_futex+0x1e0/0x4c0
[ 1141.596540][T16075]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1141.596568][T16075]  ? xfd_validate_state+0x61/0x180
[ 1141.596600][T16075]  do_syscall_64+0xcd/0xf80
[ 1141.596624][T16075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1141.596648][T16075] RIP: 0033:0x7fd42038f7c9
[ 1141.596667][T16075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1141.596690][T16075] RSP: 002b:00007fd41ddb00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1141.596712][T16075] RAX: ffffffffffffffda RBX: 00007fd4205e6368 RCX: 00007fd42038f7c9
[ 1141.596728][T16075] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd4205e636c
[ 1141.596743][T16075] RBP: 00007fd4205e6360 R08: 00007fd421161000 R09: 0000000000000000
[ 1141.596758][T16075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1141.596772][T16075] R13: 00007fd4205e63f8 R14: 00007ffe55084df0 R15: 00007ffe55084ed8
[ 1141.596801][T16075]  </TASK>
[ 1142.369764][T15190] veth0_vlan: entered promiscuous mode
[ 1142.694205][T15190] veth1_vlan: entered promiscuous mode
[ 1143.029595][T15190] veth0_macvtap: entered promiscuous mode
[ 1143.102624][T15190] veth1_macvtap: entered promiscuous mode
[ 1143.244934][T15190] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1143.305935][T15190] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1143.370165][T14824] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.408408][T14824] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.454259][T14824] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.495619][T14824] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1143.699392][T14872] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1143.749095][T14872] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1143.817109][T16128] bridge_slave_1: left allmulticast mode
[ 1143.845139][T16128] bridge_slave_1: left promiscuous mode
[ 1143.856461][T16128] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1143.907150][T14919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1143.927383][T14919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1144.266910][T16152] netlink: zone id is out of range
[ 1144.312780][T14790] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1144.355304][T16152] netlink: zone id is out of range
[ 1144.360488][T16152] netlink: zone id is out of range
[ 1144.405786][T16148] netlink: set zone limit has 8 unknown bytes
[ 1144.479163][T16152] netlink: zone id is out of range
[ 1144.514365][T16152] netlink: zone id is out of range
[ 1144.579662][T16152] netlink: zone id is out of range
[ 1144.618216][T16152] netlink: zone id is out of range
[ 1144.649780][T16152] netlink: zone id is out of range
[ 1144.676831][T16152] netlink: zone id is out of range
[ 1144.993374][T16164] zswap: compressor  not available
[ 1145.336779][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.398118][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.441446][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.508061][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.577948][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.631141][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.687335][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1145.762418][T16192] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4372'.
[ 1146.286837][T16220] zram: Added device: zram1
[ 1146.601646][T16233] futex_wake_op: syz.4.4379 tries to shift op by -2048; fix this program
[ 1147.739924][T16304] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4383'.
[ 1149.708882][T16399] zswap: compressor  not available
[ 1151.997652][T16522] netlink: 'syz.4.4400': attribute type 10 has an invalid length.
[ 1152.056575][T16522] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4400'.
[ 1152.662549][T16543] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1152.755311][T16544] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4404'.
[ 1152.817172][T16544] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4404'.
[ 1154.462351][T16643] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1155.115753][T16660] netlink: 'syz.3.4413': attribute type 10 has an invalid length.
[ 1155.214191][T16660] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4413'.
[ 1155.501911][T16665] FAULT_INJECTION: forcing a failure.
[ 1155.501911][T16665] name failslab, interval 1, probability 0, space 0, times 0
[ 1155.599625][T16665] CPU: 0 UID: 0 PID: 16665 Comm: syz.2.4415 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1155.599663][T16665] Tainted: [L]=SOFTLOCKUP
[ 1155.599671][T16665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1155.599685][T16665] Call Trace:
[ 1155.599693][T16665]  <TASK>
[ 1155.599703][T16665]  dump_stack_lvl+0x16c/0x1f0
[ 1155.599745][T16665]  should_fail_ex+0x512/0x640
[ 1155.599773][T16665]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1155.599805][T16665]  should_failslab+0xc2/0x120
[ 1155.599842][T16665]  kmem_cache_alloc_noprof+0x83/0x770
[ 1155.599871][T16665]  ? __pmd_alloc+0xbf/0x9c0
[ 1155.599912][T16665]  ? __pmd_alloc+0xbf/0x9c0
[ 1155.599946][T16665]  __pmd_alloc+0xbf/0x9c0
[ 1155.599985][T16665]  huge_pte_alloc+0x41d/0x5b0
[ 1155.600013][T16665]  hugetlb_fault+0x36b/0x1730
[ 1155.600043][T16665]  ? __pfx_hugetlb_fault+0x10/0x10
[ 1155.600078][T16665]  ? find_vma+0xbf/0x140
[ 1155.600109][T16665]  ? __pfx_find_vma+0x10/0x10
[ 1155.600144][T16665]  handle_mm_fault+0x95d/0xad0
[ 1155.600175][T16665]  do_user_addr_fault+0x7a6/0x1370
[ 1155.600205][T16665]  ? __lock_acquire+0x436/0x2890
[ 1155.600227][T16665]  ? rcu_is_watching+0x12/0xc0
[ 1155.600264][T16665]  exc_page_fault+0x64/0xc0
[ 1155.600301][T16665]  asm_exc_page_fault+0x26/0x30
[ 1155.600324][T16665] RIP: 0010:rep_movs_alternative+0x4a/0x90
[ 1155.600356][T16665] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[ 1155.600379][T16665] RSP: 0018:ffffc900050c7ba8 EFLAGS: 00050206
[ 1155.600398][T16665] RAX: 0000000000000001 RBX: 0000000000400000 RCX: 0000000000400000
[ 1155.600412][T16665] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888071c00000
[ 1155.600426][T16665] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed100e3fffff
[ 1155.600440][T16665] R10: ffff888071ffffff R11: 0000000000000000 R12: 0000000000000000
[ 1155.600462][T16665] R13: 0000000000000000 R14: ffffc900050c7d88 R15: ffff888071c00000
[ 1155.600491][T16665]  _copy_from_iter+0x355/0x16c0
[ 1155.600528][T16665]  ? __pfx__copy_from_iter+0x10/0x10
[ 1155.600555][T16665]  ? rcu_is_watching+0x12/0xc0
[ 1155.600587][T16665]  ? trace_kmalloc+0x2b/0xb0
[ 1155.600623][T16665]  ? __kmalloc_noprof.cold+0x5d/0x62
[ 1155.600655][T16665]  ? common_file_perm+0x1b1/0x500
[ 1155.600684][T16665]  ? qrtr_tun_write_iter+0xc1/0x1b0
[ 1155.600719][T16665]  qrtr_tun_write_iter+0xe7/0x1b0
[ 1155.600750][T16665]  vfs_write+0x7d3/0x11d0
[ 1155.600786][T16665]  ? __pfx_qrtr_tun_write_iter+0x10/0x10
[ 1155.600818][T16665]  ? __pfx_vfs_write+0x10/0x10
[ 1155.600849][T16665]  ? find_held_lock+0x2b/0x80
[ 1155.600898][T16665]  __x64_sys_pwrite64+0x1eb/0x250
[ 1155.600935][T16665]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[ 1155.600980][T16665]  do_syscall_64+0xcd/0xf80
[ 1155.601003][T16665]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.601027][T16665] RIP: 0033:0x7fd86758f7c9
[ 1155.601044][T16665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1155.601066][T16665] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[ 1155.601087][T16665] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1155.601103][T16665] RDX: 0000000000400000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1155.601117][T16665] RBP: 00007fd8684dc090 R08: 0000000000000000 R09: 0000000000000000
[ 1155.601131][T16665] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000001
[ 1155.601145][T16665] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1155.601176][T16665]  </TASK>
[ 1156.320369][T16670] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1156.441805][T16670] FAULT_INJECTION: forcing a failure.
[ 1156.441805][T16670] name failslab, interval 1, probability 0, space 0, times 0
[ 1156.512055][T16670] CPU: 0 UID: 0 PID: 16670 Comm: syz.4.4417 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1156.512094][T16670] Tainted: [L]=SOFTLOCKUP
[ 1156.512102][T16670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1156.512117][T16670] Call Trace:
[ 1156.512125][T16670]  <TASK>
[ 1156.512135][T16670]  dump_stack_lvl+0x16c/0x1f0
[ 1156.512180][T16670]  should_fail_ex+0x512/0x640
[ 1156.512209][T16670]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1156.512241][T16670]  should_failslab+0xc2/0x120
[ 1156.512280][T16670]  kmem_cache_alloc_noprof+0x83/0x770
[ 1156.512308][T16670]  ? __lock_acquire+0x436/0x2890
[ 1156.512330][T16670]  ? __pmd_alloc+0xbf/0x9c0
[ 1156.512372][T16670]  ? __pmd_alloc+0xbf/0x9c0
[ 1156.512407][T16670]  __pmd_alloc+0xbf/0x9c0
[ 1156.512447][T16670]  walk_pgd_range+0x89a/0x1f80
[ 1156.512482][T16670]  ? mt_find+0x749/0xa20
[ 1156.512508][T16670]  ? __pfx_guard_install_set_pte+0x10/0x10
[ 1156.512547][T16670]  ? mt_find+0x3e2/0xa20
[ 1156.512572][T16670]  ? __pfx_guard_install_set_pte+0x10/0x10
[ 1156.512610][T16670]  ? __pfx_guard_install_set_pte+0x10/0x10
[ 1156.512658][T16670]  ? __pfx_walk_pgd_range+0x10/0x10
[ 1156.512697][T16670]  __walk_page_range+0x163/0x820
[ 1156.512731][T16670]  ? find_vma+0xbf/0x140
[ 1156.512764][T16670]  ? __pfx_find_vma+0x10/0x10
[ 1156.512800][T16670]  ? walk_page_test+0x9b/0x180
[ 1156.512833][T16670]  walk_page_range_mm_unsafe+0x461/0xb40
[ 1156.512871][T16670]  ? __pfx_walk_page_range_mm_unsafe+0x10/0x10
[ 1156.512913][T16670]  ? __anon_vma_prepare+0x2e2/0x5e0
[ 1156.512944][T16670]  madvise_guard_install+0x31f/0x860
[ 1156.512990][T16670]  ? __pfx_madvise_guard_install+0x10/0x10
[ 1156.513031][T16670]  ? __pfx_guard_install_pud_entry+0x10/0x10
[ 1156.513068][T16670]  ? __pfx_guard_install_pmd_entry+0x10/0x10
[ 1156.513106][T16670]  ? __pfx_guard_install_pte_entry+0x10/0x10
[ 1156.513131][T16670]  ? __pfx_guard_install_set_pte+0x10/0x10
[ 1156.513178][T16670]  madvise_vma_behavior+0x8f8/0x29e0
[ 1156.513204][T16670]  ? mas_prev_setup.constprop.0+0xb6/0x9d0
[ 1156.513245][T16670]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1156.513270][T16670]  ? mas_prev+0x9b/0xf0
[ 1156.513296][T16670]  ? __pfx_mas_prev+0x10/0x10
[ 1156.513327][T16670]  ? find_vma_prev+0xd3/0x150
[ 1156.513361][T16670]  ? lock_vma_under_rcu+0x1f3/0x580
[ 1156.513387][T16670]  ? __pfx_find_vma_prev+0x10/0x10
[ 1156.513433][T16670]  ? madvise_do_behavior+0x1e2/0x530
[ 1156.513462][T16670]  madvise_walk_vmas+0x31f/0xac0
[ 1156.513491][T16670]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1156.513516][T16670]  ? futex_hash+0x2c5/0x380
[ 1156.513545][T16670]  madvise_do_behavior+0x1e2/0x530
[ 1156.513567][T16670]  ? futex_private_hash_put+0x160/0x1b0
[ 1156.513594][T16670]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1156.513618][T16670]  ? futex_wait+0x120/0x380
[ 1156.513666][T16670]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1156.513707][T16670]  do_madvise+0x176/0x240
[ 1156.513730][T16670]  ? __pfx_do_madvise+0x10/0x10
[ 1156.513752][T16670]  ? do_futex+0x122/0x350
[ 1156.513799][T16670]  ? xfd_validate_state+0x61/0x180
[ 1156.513820][T16670]  ? __pfx_ksys_write+0x10/0x10
[ 1156.513861][T16670]  __x64_sys_madvise+0xa9/0x110
[ 1156.513885][T16670]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1156.513908][T16670]  do_syscall_64+0xcd/0xf80
[ 1156.513932][T16670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1156.513957][T16670] RIP: 0033:0x7fbd3818f7c9
[ 1156.513977][T16670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1156.514001][T16670] RSP: 002b:00007fbd38f9b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1156.514023][T16670] RAX: ffffffffffffffda RBX: 00007fbd383e6090 RCX: 00007fbd3818f7c9
[ 1156.514039][T16670] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000
[ 1156.514053][T16670] RBP: 00007fbd38213f91 R08: 0000000000000000 R09: 0000000000000000
[ 1156.514068][T16670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1156.514082][T16670] R13: 00007fbd383e6128 R14: 00007fbd383e6090 R15: 00007fffc5a9db18
[ 1156.514113][T16670]  </TASK>
[ 1158.298549][T16691] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4419'.
[ 1158.347869][T16691] FAULT_INJECTION: forcing a failure.
[ 1158.347869][T16691] name failslab, interval 1, probability 0, space 0, times 0
[ 1158.390993][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.2.4419 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1158.391049][T16691] Tainted: [L]=SOFTLOCKUP
[ 1158.391058][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1158.391072][T16691] Call Trace:
[ 1158.391080][T16691]  <TASK>
[ 1158.391090][T16691]  dump_stack_lvl+0x16c/0x1f0
[ 1158.391133][T16691]  should_fail_ex+0x512/0x640
[ 1158.391162][T16691]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1158.391195][T16691]  should_failslab+0xc2/0x120
[ 1158.391233][T16691]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1158.391261][T16691]  ? __pfx___debug_object_init+0x10/0x10
[ 1158.391300][T16691]  ? __d_alloc+0x35/0xa80
[ 1158.391326][T16691]  ? __d_alloc+0x35/0xa80
[ 1158.391345][T16691]  __d_alloc+0x35/0xa80
[ 1158.391369][T16691]  d_alloc_pseudo+0x1c/0xc0
[ 1158.391398][T16691]  alloc_file_pseudo+0xcf/0x230
[ 1158.391426][T16691]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1158.391452][T16691]  ? alloc_fd+0x471/0x7d0
[ 1158.391500][T16691]  sock_alloc_file+0x50/0x210
[ 1158.391537][T16691]  __sys_socket+0x1c0/0x260
[ 1158.391563][T16691]  ? __pfx___sys_socket+0x10/0x10
[ 1158.391587][T16691]  ? xfd_validate_state+0x61/0x180
[ 1158.391609][T16691]  ? __pfx_ksys_write+0x10/0x10
[ 1158.391648][T16691]  __x64_sys_socket+0x72/0xb0
[ 1158.391672][T16691]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1158.391694][T16691]  do_syscall_64+0xcd/0xf80
[ 1158.391719][T16691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1158.391742][T16691] RIP: 0033:0x7fd86758f7c9
[ 1158.391761][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1158.391785][T16691] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1158.391807][T16691] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1158.391822][T16691] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015
[ 1158.391837][T16691] RBP: 00007fd867613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1158.391851][T16691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1158.391865][T16691] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1158.391895][T16691]  </TASK>
[ 1158.619231][T16693] tipc: Enabling of bearer <@):^\/\> rejected, media not registered
[ 1159.291241][T16714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4420'.
[ 1159.967353][T16730] zswap: compressor  not available
[ 1160.030569][T16747] netlink: 'syz.2.4424': attribute type 10 has an invalid length.
[ 1160.065664][T16747] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4424'.
[ 1162.683453][T16884] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4428'.
[ 1164.554919][T16936] FAULT_INJECTION: forcing a failure.
[ 1164.554919][T16936] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1164.633177][T16936] CPU: 0 UID: 0 PID: 16936 Comm: syz.2.4439 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1164.633215][T16936] Tainted: [L]=SOFTLOCKUP
[ 1164.633223][T16936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1164.633239][T16936] Call Trace:
[ 1164.633247][T16936]  <TASK>
[ 1164.633256][T16936]  dump_stack_lvl+0x16c/0x1f0
[ 1164.633304][T16936]  should_fail_ex+0x512/0x640
[ 1164.633338][T16936]  should_fail_alloc_page+0xe7/0x130
[ 1164.633379][T16936]  prepare_alloc_pages+0x401/0x670
[ 1164.633418][T16936]  ? rcu_is_watching+0x12/0xc0
[ 1164.633454][T16936]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1164.633490][T16936]  ? __lock_acquire+0x436/0x2890
[ 1164.633512][T16936]  ? css_rstat_updated+0x1d1/0x590
[ 1164.633536][T16936]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1164.633562][T16936]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1164.633597][T16936]  ? rcu_is_watching+0x12/0xc0
[ 1164.633639][T16936]  ? __lock_acquire+0x436/0x2890
[ 1164.633661][T16936]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1164.633708][T16936]  ? policy_nodemask+0xea/0x4e0
[ 1164.633747][T16936]  alloc_pages_mpol+0x1fb/0x550
[ 1164.633786][T16936]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1164.633825][T16936]  ? filemap_get_entry+0x1a7/0x3b0
[ 1164.633857][T16936]  folio_alloc_noprof+0x20/0x2d0
[ 1164.633882][T16936]  filemap_alloc_folio_noprof.part.0+0x39d/0x470
[ 1164.633919][T16936]  ? filemap_add_folio+0x110/0x610
[ 1164.633948][T16936]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[ 1164.633987][T16936]  ? rcu_is_watching+0x12/0xc0
[ 1164.634025][T16936]  __filemap_get_folio_mpol+0x610/0xc60
[ 1164.634062][T16936]  ioctx_alloc+0x788/0x2230
[ 1164.634098][T16936]  ? __pfx_ioctx_alloc+0x10/0x10
[ 1164.634119][T16936]  ? __might_fault+0x13b/0x190
[ 1164.634154][T16936]  __x64_sys_io_setup+0xc9/0x230
[ 1164.634180][T16936]  do_syscall_64+0xcd/0xf80
[ 1164.634204][T16936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1164.634228][T16936] RIP: 0033:0x7fd86758f7c9
[ 1164.634248][T16936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1164.634271][T16936] RSP: 002b:00007fd8684bb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[ 1164.634293][T16936] RAX: ffffffffffffffda RBX: 00007fd8677e6090 RCX: 00007fd86758f7c9
[ 1164.634309][T16936] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff
[ 1164.634324][T16936] RBP: 00007fd867613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1164.634339][T16936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1164.634353][T16936] R13: 00007fd8677e6128 R14: 00007fd8677e6090 R15: 00007ffd7a158c48
[ 1164.634384][T16936]  </TASK>
[ 1165.270470][T16980] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1165.300103][T16980] netlink: 'syz.2.4442': attribute type 10 has an invalid length.
[ 1165.333271][T16980] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4442'.
[ 1165.795269][T16998] NFSD: Failed to start, no listeners configured.
[ 1166.333589][T17025] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4447'.
[ 1168.731150][T17141] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1169.158588][   T30] audit: type=1804 audit(2147483788.498:232): pid=17145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4459" name="/newroot/sys/kernel/tracing/trace" dev="tracefs" ino=1261 res=1 errno=0
[ 1169.458384][T17187] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1169.503467][T17187] FAULT_INJECTION: forcing a failure.
[ 1169.503467][T17187] name failslab, interval 1, probability 0, space 0, times 0
[ 1169.530515][T17189] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1169.562394][T17187] CPU: 0 UID: 0 PID: 17187 Comm: syz.1.4463 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1169.562432][T17187] Tainted: [L]=SOFTLOCKUP
[ 1169.562440][T17187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1169.562455][T17187] Call Trace:
[ 1169.562463][T17187]  <TASK>
[ 1169.562472][T17187]  dump_stack_lvl+0x16c/0x1f0
[ 1169.562515][T17187]  should_fail_ex+0x512/0x640
[ 1169.562544][T17187]  ? __kmalloc_noprof+0xca/0x910
[ 1169.562573][T17187]  should_failslab+0xc2/0x120
[ 1169.562611][T17187]  __kmalloc_noprof+0xeb/0x910
[ 1169.562638][T17187]  ? sk_prot_alloc+0x1a8/0x2a0
[ 1169.562664][T17187]  ? sk_prot_alloc+0x1a8/0x2a0
[ 1169.562685][T17187]  sk_prot_alloc+0x1a8/0x2a0
[ 1169.562709][T17187]  sk_alloc+0x36/0xe30
[ 1169.562740][T17187]  pppoe_create+0x32/0x360
[ 1169.562774][T17187]  pppox_create+0x15c/0x2c0
[ 1169.562808][T17187]  __sock_create+0x339/0x8a0
[ 1169.562838][T17187]  __sys_socket+0x14d/0x260
[ 1169.562862][T17187]  ? __fget_files+0x20e/0x3c0
[ 1169.562896][T17187]  ? __pfx___sys_socket+0x10/0x10
[ 1169.562921][T17187]  ? xfd_validate_state+0x61/0x180
[ 1169.562950][T17187]  __x64_sys_socket+0x72/0xb0
[ 1169.562974][T17187]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1169.562996][T17187]  do_syscall_64+0xcd/0xf80
[ 1169.563020][T17187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.563044][T17187] RIP: 0033:0x7fd42038f7c9
[ 1169.563063][T17187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1169.563085][T17187] RSP: 002b:00007fd421160038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1169.563107][T17187] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038f7c9
[ 1169.563123][T17187] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018
[ 1169.563137][T17187] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1169.563151][T17187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1169.563165][T17187] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1169.563195][T17187]  </TASK>
[ 1170.427915][T17189] netlink: 'syz.2.4464': attribute type 10 has an invalid length.
[ 1170.466289][T17189] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4464'.
[ 1171.132475][T17202] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4465'.
[ 1171.235493][T17221] Invalid ELF header magic: != ELF
[ 1174.228351][T17353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4487'.
[ 1175.342438][T17382] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1175.493663][T17392] FAULT_INJECTION: forcing a failure.
[ 1175.493663][T17392] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1175.628818][T17392] CPU: 0 UID: 0 PID: 17392 Comm: syz.1.4491 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1175.628856][T17392] Tainted: [L]=SOFTLOCKUP
[ 1175.628864][T17392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1175.628878][T17392] Call Trace:
[ 1175.628886][T17392]  <TASK>
[ 1175.628895][T17392]  dump_stack_lvl+0x16c/0x1f0
[ 1175.628939][T17392]  should_fail_ex+0x512/0x640
[ 1175.628971][T17392]  _copy_to_user+0x32/0xd0
[ 1175.629000][T17392]  simple_read_from_buffer+0xcb/0x170
[ 1175.629036][T17392]  proc_fail_nth_read+0x197/0x240
[ 1175.629076][T17392]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1175.629117][T17392]  ? rw_verify_area+0xcf/0x6c0
[ 1175.629148][T17392]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1175.629187][T17392]  vfs_read+0x1e4/0xcf0
[ 1175.629220][T17392]  ? __pfx___mutex_lock+0x10/0x10
[ 1175.629247][T17392]  ? __pfx_vfs_read+0x10/0x10
[ 1175.629287][T17392]  ? __fget_files+0x20e/0x3c0
[ 1175.629329][T17392]  ksys_read+0x12a/0x250
[ 1175.629361][T17392]  ? __pfx_ksys_read+0x10/0x10
[ 1175.629402][T17392]  do_syscall_64+0xcd/0xf80
[ 1175.629426][T17392]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.629450][T17392] RIP: 0033:0x7fd42038e1dc
[ 1175.629469][T17392] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1175.629491][T17392] RSP: 002b:00007fd421160030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1175.629513][T17392] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038e1dc
[ 1175.629529][T17392] RDX: 000000000000000f RSI: 00007fd4211600a0 RDI: 0000000000000004
[ 1175.629543][T17392] RBP: 00007fd421160090 R08: 0000000000000000 R09: 0000000000000000
[ 1175.629560][T17392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1175.629573][T17392] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1175.629603][T17392]  </TASK>
[ 1177.029985][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.036850][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.424385][T17452] Ignoring unsupported numa_zonelist_order value:  
[ 1178.322748][T14821] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1178.335165][T14821] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1178.343766][T14821] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1178.351992][T14821] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1178.360560][T14821] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1179.781319][T14808] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1180.450997][T14821] Bluetooth: hci2: command tx timeout
[ 1180.566204][T14808] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1180.913949][T14808] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1180.953552][T17587] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4508'.
[ 1181.000036][T17479] chnl_net:caif_netlink_parms(): no params data found
[ 1181.585381][T14808] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1181.702567][T17640] FAULT_INJECTION: forcing a failure.
[ 1181.702567][T17640] name failslab, interval 1, probability 0, space 0, times 0
[ 1181.825638][T17640] CPU: 0 UID: 0 PID: 17640 Comm: syz.2.4511 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1181.825677][T17640] Tainted: [L]=SOFTLOCKUP
[ 1181.825685][T17640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1181.825700][T17640] Call Trace:
[ 1181.825707][T17640]  <TASK>
[ 1181.825716][T17640]  dump_stack_lvl+0x16c/0x1f0
[ 1181.825759][T17640]  should_fail_ex+0x512/0x640
[ 1181.825786][T17640]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1181.825818][T17640]  should_failslab+0xc2/0x120
[ 1181.825854][T17640]  kmem_cache_alloc_noprof+0x83/0x770
[ 1181.825882][T17640]  ? getname_flags.part.0+0x4c/0x550
[ 1181.825913][T17640]  ? getname_flags.part.0+0x4c/0x550
[ 1181.825938][T17640]  getname_flags.part.0+0x4c/0x550
[ 1181.825983][T17640]  getname_flags+0x93/0xf0
[ 1181.826014][T17640]  __x64_sys_link+0x65/0xa0
[ 1181.826038][T17640]  do_syscall_64+0xcd/0xf80
[ 1181.826063][T17640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.826086][T17640] RIP: 0033:0x7fd86758f7c9
[ 1181.826105][T17640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1181.826138][T17640] RSP: 002b:00007fd8684bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[ 1181.826160][T17640] RAX: ffffffffffffffda RBX: 00007fd8677e6090 RCX: 00007fd86758f7c9
[ 1181.826176][T17640] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000001200
[ 1181.826191][T17640] RBP: 00007fd8684bb090 R08: 0000000000000000 R09: 0000000000000000
[ 1181.826206][T17640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1181.826220][T17640] R13: 00007fd8677e6128 R14: 00007fd8677e6090 R15: 00007ffd7a158c48
[ 1181.826250][T17640]  </TASK>
[ 1182.220948][T17479] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1182.265248][T17479] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1182.285229][T17479] bridge_slave_0: entered allmulticast mode
[ 1182.327824][T17479] bridge_slave_0: entered promiscuous mode
[ 1182.516725][T17479] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1182.543880][T17479] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1182.551146][T17479] bridge_slave_1: entered allmulticast mode
[ 1182.559033][T14821] Bluetooth: hci2: command tx timeout
[ 1182.604816][T17479] bridge_slave_1: entered promiscuous mode
[ 1182.940516][T17692] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1183.013472][T17479] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1183.069680][T17479] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1183.112391][T17712] Process accounting resumed
[ 1183.256632][T17728] netlink: 25 bytes leftover after parsing attributes in process `syz.2.4514'.
[ 1183.348657][T17479] team0: Port device team_slave_0 added
[ 1183.411837][T17479] team0: Port device team_slave_1 added
[ 1183.543997][T14808] bridge_slave_0: left allmulticast mode
[ 1183.557626][T14808] bridge_slave_0: left promiscuous mode
[ 1183.572528][T14808] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1184.387127][T14808] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1184.408015][T14808] bond0 (unregistering): Released all slaves
[ 1184.465006][T17479] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1184.471990][T17479] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1184.568573][T17479] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1184.588277][T14821] Bluetooth: hci2: command tx timeout
[ 1184.653747][T17479] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1184.671044][T17479] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1184.742334][T17479] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1185.104875][T17799] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4520'.
[ 1185.206989][T17479] hsr_slave_0: entered promiscuous mode
[ 1185.260099][T17479] hsr_slave_1: entered promiscuous mode
[ 1186.652505][T14821] Bluetooth: hci2: command tx timeout
[ 1186.841869][T17979] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1186.939271][T17919] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1187.080668][T18054] netlink: 'syz.1.4524': attribute type 10 has an invalid length.
[ 1187.106165][T18054] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4524'.
[ 1189.481075][T17479] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1189.567960][T17479] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1189.657966][T17479] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1189.762306][T18163] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1190.060926][T17479] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1191.585348][T18254] FAULT_INJECTION: forcing a failure.
[ 1191.585348][T18254] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1191.659253][T18254] CPU: 0 UID: 0 PID: 18254 Comm: syz.2.4532 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1191.659292][T18254] Tainted: [L]=SOFTLOCKUP
[ 1191.659301][T18254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1191.659316][T18254] Call Trace:
[ 1191.659325][T18254]  <TASK>
[ 1191.659334][T18254]  dump_stack_lvl+0x16c/0x1f0
[ 1191.659379][T18254]  should_fail_ex+0x512/0x640
[ 1191.659412][T18254]  should_fail_alloc_page+0xe7/0x130
[ 1191.659451][T18254]  prepare_alloc_pages+0x401/0x670
[ 1191.659489][T18254]  ? rcu_is_watching+0x12/0xc0
[ 1191.659526][T18254]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1191.659558][T18254]  ? __lock_acquire+0x436/0x2890
[ 1191.659592][T18254]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1191.659623][T18254]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1191.659651][T18254]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1191.659679][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.659717][T18254]  ? __lock_acquire+0x436/0x2890
[ 1191.659739][T18254]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1191.659778][T18254]  ? policy_nodemask+0xea/0x4e0
[ 1191.659816][T18254]  alloc_pages_mpol+0x1fb/0x550
[ 1191.659854][T18254]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1191.659899][T18254]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1191.659926][T18254]  shmem_alloc_folio+0x135/0x160
[ 1191.659966][T18254]  shmem_alloc_and_add_folio+0x494/0xc20
[ 1191.660000][T18254]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1191.660030][T18254]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 1191.660064][T18254]  shmem_get_folio_gfp+0x67f/0x1610
[ 1191.660097][T18254]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1191.660125][T18254]  ? filemap_map_pages+0x12dd/0x1e00
[ 1191.660158][T18254]  shmem_fault+0x1fe/0xa00
[ 1191.660186][T18254]  ? __pfx_shmem_fault+0x10/0x10
[ 1191.660218][T18254]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1191.660261][T18254]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1191.660289][T18254]  __do_fault+0x10d/0x490
[ 1191.660321][T18254]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1191.660347][T18254]  do_fault+0xae4/0x1ad0
[ 1191.660381][T18254]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1191.660414][T18254]  __handle_mm_fault+0x1919/0x2bb0
[ 1191.660447][T18254]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1191.660474][T18254]  ? __pte_offset_map_lock+0x174/0x310
[ 1191.660510][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.660549][T18254]  ? follow_page_pte+0x5cf/0x1390
[ 1191.660590][T18254]  handle_mm_fault+0x3fe/0xad0
[ 1191.660621][T18254]  __get_user_pages+0x54e/0x3590
[ 1191.660666][T18254]  ? down_read_killable+0x313/0x4c0
[ 1191.660693][T18254]  ? __lock_acquire+0x436/0x2890
[ 1191.660715][T18254]  ? __pfx___get_user_pages+0x10/0x10
[ 1191.660750][T18254]  ? __lock_acquire+0x436/0x2890
[ 1191.660779][T18254]  __gup_longterm_locked+0xa92/0x17e0
[ 1191.660825][T18254]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1191.660865][T18254]  ? try_get_folio+0x255/0x730
[ 1191.660898][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.660929][T18254]  ? sanity_check_pinned_pages+0x58a/0x11d0
[ 1191.660970][T18254]  gup_fast_fallback+0xf5f/0x2350
[ 1191.661027][T18254]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1191.661065][T18254]  ? kasan_save_stack+0x33/0x60
[ 1191.661096][T18254]  ? kasan_save_track+0x14/0x30
[ 1191.661127][T18254]  ? __kasan_slab_alloc+0x89/0x90
[ 1191.661160][T18254]  ? mempool_alloc_noprof+0x1b4/0x2f0
[ 1191.661192][T18254]  ? bvec_alloc+0x192/0x210
[ 1191.661228][T18254]  ? bio_alloc_bioset+0x5f1/0x8c0
[ 1191.661270][T18254]  ? blkdev_write_iter+0x703/0xe00
[ 1191.661300][T18254]  ? vfs_write+0x7d3/0x11d0
[ 1191.661333][T18254]  ? ksys_write+0x12a/0x250
[ 1191.661365][T18254]  ? do_syscall_64+0xcd/0xf80
[ 1191.661385][T18254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1191.661413][T18254]  pin_user_pages_fast+0xa7/0xf0
[ 1191.661451][T18254]  ? __pfx_pin_user_pages_fast+0x10/0x10
[ 1191.661496][T18254]  iov_iter_extract_pages+0x3a2/0x1ed0
[ 1191.661537][T18254]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[ 1191.661572][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.661603][T18254]  ? bio_associate_blkg_from_css+0x394/0x13e0
[ 1191.661640][T18254]  bio_iov_iter_get_pages+0x395/0x1300
[ 1191.661663][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.661709][T18254]  ? __pfx_bio_iov_iter_get_pages+0x10/0x10
[ 1191.661734][T18254]  ? __pfx_bio_alloc_bioset+0x10/0x10
[ 1191.661770][T18254]  ? ktime_get_coarse_real_ts64_mg+0x1d4/0x300
[ 1191.661809][T18254]  blkdev_direct_IO+0x1232/0x1fe0
[ 1191.661853][T18254]  ? __pfx_blkdev_direct_IO+0x10/0x10
[ 1191.661889][T18254]  ? filemap_check_errors+0xa9/0x160
[ 1191.661930][T18254]  blkdev_write_iter+0x703/0xe00
[ 1191.661968][T18254]  vfs_write+0x7d3/0x11d0
[ 1191.662003][T18254]  ? __pfx_blkdev_write_iter+0x10/0x10
[ 1191.662037][T18254]  ? __pfx_vfs_write+0x10/0x10
[ 1191.662070][T18254]  ? find_held_lock+0x2b/0x80
[ 1191.662118][T18254]  ksys_write+0x12a/0x250
[ 1191.662151][T18254]  ? __pfx_ksys_write+0x10/0x10
[ 1191.662194][T18254]  do_syscall_64+0xcd/0xf80
[ 1191.662218][T18254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1191.662248][T18254] RIP: 0033:0x7fd86758f7c9
[ 1191.662269][T18254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1191.662293][T18254] RSP: 002b:00007fd8684dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1191.662315][T18254] RAX: ffffffffffffffda RBX: 00007fd8677e5fa0 RCX: 00007fd86758f7c9
[ 1191.662331][T18254] RDX: 000000100000a3d9 RSI: 0000000000000000 RDI: 000000000000000a
[ 1191.662345][T18254] RBP: 00007fd867613f91 R08: 0000000000000000 R09: 0000000000000000
[ 1191.662359][T18254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1191.662374][T18254] R13: 00007fd8677e6038 R14: 00007fd8677e5fa0 R15: 00007ffd7a158c48
[ 1191.662405][T18254]  </TASK>
[ 1194.574314][T17479] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1194.847354][T17479] 8021q: adding VLAN 0 to HW filter on device team0
[ 1194.902169][T14808] hsr_slave_0: left promiscuous mode
[ 1194.916332][T14808] hsr_slave_1: left promiscuous mode
[ 1194.955604][T14808] veth1_macvtap: left promiscuous mode
[ 1194.972051][T14808] veth0_macvtap: left promiscuous mode
[ 1195.744385][T14808] team0 (unregistering): Port device team_slave_1 removed
[ 1195.793115][T14808] team0 (unregistering): Port device team_slave_0 removed
[ 1196.162224][T17157] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1196.169412][T17157] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1196.335385][T17157] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1196.342585][T17157] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1196.467112][T18357] FAULT_INJECTION: forcing a failure.
[ 1196.467112][T18357] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1196.534936][T18357] CPU: 0 UID: 0 PID: 18357 Comm: syz.1.4534 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1196.534975][T18357] Tainted: [L]=SOFTLOCKUP
[ 1196.534984][T18357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1196.534998][T18357] Call Trace:
[ 1196.535007][T18357]  <TASK>
[ 1196.535016][T18357]  dump_stack_lvl+0x16c/0x1f0
[ 1196.535061][T18357]  should_fail_ex+0x512/0x640
[ 1196.535094][T18357]  should_fail_alloc_page+0xe7/0x130
[ 1196.535134][T18357]  prepare_alloc_pages+0x401/0x670
[ 1196.535172][T18357]  ? rcu_is_watching+0x12/0xc0
[ 1196.535210][T18357]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1196.535242][T18357]  ? __lock_acquire+0x436/0x2890
[ 1196.535276][T18357]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1196.535307][T18357]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1196.535335][T18357]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1196.535362][T18357]  ? find_held_lock+0x2b/0x80
[ 1196.535401][T18357]  ? __lock_acquire+0x436/0x2890
[ 1196.535423][T18357]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1196.535462][T18357]  ? policy_nodemask+0xea/0x4e0
[ 1196.535500][T18357]  alloc_pages_mpol+0x1fb/0x550
[ 1196.535538][T18357]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1196.535584][T18357]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1196.535611][T18357]  shmem_alloc_folio+0x135/0x160
[ 1196.535651][T18357]  shmem_alloc_and_add_folio+0x494/0xc20
[ 1196.535693][T18357]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1196.535723][T18357]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 1196.535758][T18357]  shmem_get_folio_gfp+0x67f/0x1610
[ 1196.535798][T18357]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1196.535829][T18357]  ? __lock_acquire+0x436/0x2890
[ 1196.535854][T18357]  shmem_write_begin+0x1a4/0x3b0
[ 1196.535884][T18357]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1196.535915][T18357]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[ 1196.535957][T18357]  generic_perform_write+0x3c4/0x900
[ 1196.535991][T18357]  ? __pfx_generic_perform_write+0x10/0x10
[ 1196.536016][T18357]  ? generic_update_time+0xcf/0xf0
[ 1196.536039][T18357]  ? mnt_put_write_access_file+0x45/0xf0
[ 1196.536075][T18357]  ? file_update_time_flags+0x35c/0x520
[ 1196.536105][T18357]  shmem_file_write_iter+0x10e/0x140
[ 1196.536140][T18357]  vfs_write+0x7d3/0x11d0
[ 1196.536175][T18357]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1196.536212][T18357]  ? __pfx_vfs_write+0x10/0x10
[ 1196.536265][T18357]  ksys_write+0x12a/0x250
[ 1196.536299][T18357]  ? __pfx_ksys_write+0x10/0x10
[ 1196.536342][T18357]  do_syscall_64+0xcd/0xf80
[ 1196.536367][T18357]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.536392][T18357] RIP: 0033:0x7fd42038f7c9
[ 1196.536411][T18357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1196.536435][T18357] RSP: 002b:00007fd421160038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1196.536458][T18357] RAX: ffffffffffffffda RBX: 00007fd4205e5fa0 RCX: 00007fd42038f7c9
[ 1196.536474][T18357] RDX: 000000100000a3d9 RSI: 00002000000002c0 RDI: 000000000000000a
[ 1196.536489][T18357] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1196.536504][T18357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1196.536518][T18357] R13: 00007fd4205e6038 R14: 00007fd4205e5fa0 R15: 00007ffe55084ed8
[ 1196.536549][T18357]  </TASK>
[ 1197.019820][T18364] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4535'.
[ 1197.410594][T17479] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1197.504868][T17479] veth0_vlan: entered promiscuous mode
[ 1197.688220][T17479] veth1_vlan: entered promiscuous mode
[ 1197.978069][T17479] veth0_macvtap: entered promiscuous mode
[ 1198.095579][T18420] __vm_enough_memory: pid: 18420, comm: syz.2.4539, bytes: 4398046511104 not enough memory for the allocation
[ 1198.157198][T17479] veth1_macvtap: entered promiscuous mode
[ 1198.270784][T18437] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1198.317850][T18437] netlink: 'syz.4.4541': attribute type 10 has an invalid length.
[ 1198.355502][T18437] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4541'.
[ 1198.370397][T17479] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1198.479490][T17479] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1198.588403][T14808] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.801029][T14808] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.853910][T18472] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1198.912644][T14808] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.940373][T14808] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1199.342573][T15596] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1199.395759][T15596] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1199.526117][T16978] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1199.563349][T16978] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1199.915982][T18509] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1199.980561][T18509] netlink: 'syz.3.4501': attribute type 10 has an invalid length.
[ 1200.019787][T18509] netlink: 330 bytes leftover after parsing attributes in process `syz.3.4501'.
[ 1200.509389][T18515] hub 1-0:1.0: USB hub found
[ 1200.550780][T18515] hub 1-0:1.0: 1 port detected
[ 1200.922826][T18544] net_ratelimit: 5 callbacks suppressed
[ 1200.922849][T18544] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1200.952269][T18547] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1201.569879][T18575] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1201.662352][T18580] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1201.865730][T18590] random: crng reseeded on system resumption
[ 1202.131325][T18602] snd_aloop snd_aloop.0: Parsing timer source 'de' failed with -22
[ 1203.972628][T18702] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4557'.
[ 1204.092609][T18714] ICMPv6: process `syz.3.4558' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[ 1208.539262][T18892] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4569'.
[ 1213.538980][T19007] ==================================================================
[ 1213.538999][T19007] BUG: KASAN: use-after-free in fbcon_prepare_logo+0xa03/0xc70
[ 1213.539035][T19007] Read of size 256 at addr ffff88805d3423c0 by task syz.1.4578/19007
[ 1213.539055][T19007] 
[ 1213.539070][T19007] CPU: 0 UID: 0 PID: 19007 Comm: syz.1.4578 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1213.539104][T19007] Tainted: [L]=SOFTLOCKUP
[ 1213.539112][T19007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1213.539128][T19007] Call Trace:
[ 1213.539136][T19007]  <TASK>
[ 1213.539145][T19007]  dump_stack_lvl+0x116/0x1f0
[ 1213.539185][T19007]  print_report+0xcd/0x630
[ 1213.539221][T19007]  ? __virt_addr_valid+0x81/0x610
[ 1213.539264][T19007]  ? __phys_addr+0xe8/0x180
[ 1213.539302][T19007]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1213.539331][T19007]  kasan_report+0xe0/0x110
[ 1213.539367][T19007]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1213.539398][T19007]  kasan_check_range+0x100/0x1b0
[ 1213.539423][T19007]  __asan_memcpy+0x23/0x60
[ 1213.539452][T19007]  fbcon_prepare_logo+0xa03/0xc70
[ 1213.539485][T19007]  fbcon_init+0xda0/0x1930
[ 1213.539512][T19007]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1213.539544][T19007]  visual_init+0x320/0x620
[ 1213.539573][T19007]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1213.539612][T19007]  store_bind+0x61d/0x760
[ 1213.539646][T19007]  ? sysfs_file_kobj+0xe4/0x290
[ 1213.539670][T19007]  ? __pfx_store_bind+0x10/0x10
[ 1213.539701][T19007]  dev_attr_store+0x58/0x80
[ 1213.539734][T19007]  ? __pfx_dev_attr_store+0x10/0x10
[ 1213.539767][T19007]  sysfs_kf_write+0xf2/0x150
[ 1213.539791][T19007]  kernfs_fop_write_iter+0x3af/0x570
[ 1213.539826][T19007]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1213.539851][T19007]  iter_file_splice_write+0xa24/0x12b0
[ 1213.539897][T19007]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1213.539949][T19007]  ? __pfx_copy_splice_read+0x10/0x10
[ 1213.539989][T19007]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1213.540026][T19007]  direct_splice_actor+0x192/0x6c0
[ 1213.540062][T19007]  splice_direct_to_actor+0x345/0xa30
[ 1213.540096][T19007]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1213.540133][T19007]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1213.540172][T19007]  do_splice_direct+0x174/0x240
[ 1213.540205][T19007]  ? __pfx_do_splice_direct+0x10/0x10
[ 1213.540239][T19007]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1213.540280][T19007]  ? rw_verify_area+0xcf/0x6c0
[ 1213.540311][T19007]  do_sendfile+0xb06/0xe50
[ 1213.540344][T19007]  ? __pfx_do_sendfile+0x10/0x10
[ 1213.540377][T19007]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1213.540403][T19007]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1213.540430][T19007]  __x64_sys_sendfile64+0x1d8/0x220
[ 1213.540453][T19007]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1213.540480][T19007]  do_syscall_64+0xcd/0xf80
[ 1213.540502][T19007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.540525][T19007] RIP: 0033:0x7fd42038f7c9
[ 1213.540544][T19007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1213.540566][T19007] RSP: 002b:00007fd42113f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1213.540588][T19007] RAX: ffffffffffffffda RBX: 00007fd4205e6090 RCX: 00007fd42038f7c9
[ 1213.540603][T19007] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004
[ 1213.540617][T19007] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1213.540631][T19007] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1213.540644][T19007] R13: 00007fd4205e6128 R14: 00007fd4205e6090 R15: 00007ffe55084ed8
[ 1213.540667][T19007]  </TASK>
[ 1213.540675][T19007] 
[ 1213.540681][T19007] The buggy address belongs to the physical page:
[ 1213.540692][T19007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d342
[ 1213.540712][T19007] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1213.540744][T19007] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[ 1213.540765][T19007] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000
[ 1213.540778][T19007] page dumped because: kasan: bad access detected
[ 1213.540789][T19007] page_owner tracks the page as freed
[ 1213.540796][T19007] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x10cc0(GFP_KERNEL|__GFP_NORETRY), pid 25276, tgid 25271 (syz.1.2358), ts 634665608716, free_ts 634817042084
[ 1213.540851][T19007]  post_alloc_hook+0x1af/0x220
[ 1213.540876][T19007]  get_page_from_freelist+0xd0b/0x31a0
[ 1213.540903][T19007]  __alloc_frozen_pages_noprof+0x25f/0x2430
[ 1213.540930][T19007]  alloc_pages_mpol+0x1fb/0x550
[ 1213.540963][T19007]  alloc_pages_noprof+0x131/0x390
[ 1213.540997][T19007]  kimage_alloc_pages+0x74/0x350
[ 1213.541030][T19007]  kimage_alloc_control_pages+0x153/0xa00
[ 1213.541065][T19007]  do_kexec_load+0x439/0x860
[ 1213.541085][T19007]  __x64_sys_kexec_load+0x1bf/0x230
[ 1213.541106][T19007]  do_syscall_64+0xcd/0xf80
[ 1213.541125][T19007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.541147][T19007] page last free pid 25276 tgid 25271 stack trace:
[ 1213.541160][T19007]  __free_frozen_pages+0x7df/0x1170
[ 1213.541181][T19007]  kimage_free_page_list+0x130/0x230
[ 1213.541216][T19007]  kimage_alloc_control_pages+0x3d3/0xa00
[ 1213.541251][T19007]  do_kexec_load+0x439/0x860
[ 1213.541279][T19007]  __x64_sys_kexec_load+0x1bf/0x230
[ 1213.541300][T19007]  do_syscall_64+0xcd/0xf80
[ 1213.541319][T19007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.541342][T19007] 
[ 1213.541347][T19007] Memory state around the buggy address:
[ 1213.541359][T19007]  ffff88805d342280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1213.541376][T19007]  ffff88805d342300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1213.541393][T19007] >ffff88805d342380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1213.541406][T19007]                                            ^
[ 1213.541418][T19007]  ffff88805d342400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1213.541435][T19007]  ffff88805d342480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[ 1213.541448][T19007] ==================================================================
[ 1213.642041][T19007] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1213.642067][T19007] CPU: 0 UID: 0 PID: 19007 Comm: syz.1.4578 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1213.642101][T19007] Tainted: [L]=SOFTLOCKUP
[ 1213.642111][T19007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1213.642126][T19007] Call Trace:
[ 1213.642134][T19007]  <TASK>
[ 1213.642143][T19007]  dump_stack_lvl+0x3d/0x1f0
[ 1213.642186][T19007]  vpanic+0x640/0x6f0
[ 1213.642211][T19007]  panic+0xca/0xd0
[ 1213.642233][T19007]  ? __pfx_panic+0x10/0x10
[ 1213.642263][T19007]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1213.642292][T19007]  ? preempt_schedule_common+0x44/0xc0
[ 1213.642331][T19007]  ? preempt_schedule_thunk+0x16/0x30
[ 1213.642357][T19007]  check_panic_on_warn+0xab/0xb0
[ 1213.642383][T19007]  end_report+0x107/0x160
[ 1213.642420][T19007]  kasan_report+0xee/0x110
[ 1213.642457][T19007]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1213.642489][T19007]  kasan_check_range+0x100/0x1b0
[ 1213.642515][T19007]  __asan_memcpy+0x23/0x60
[ 1213.642544][T19007]  fbcon_prepare_logo+0xa03/0xc70
[ 1213.642578][T19007]  fbcon_init+0xda0/0x1930
[ 1213.642606][T19007]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1213.642638][T19007]  visual_init+0x320/0x620
[ 1213.642668][T19007]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1213.642707][T19007]  store_bind+0x61d/0x760
[ 1213.642742][T19007]  ? sysfs_file_kobj+0xe4/0x290
[ 1213.642767][T19007]  ? __pfx_store_bind+0x10/0x10
[ 1213.642800][T19007]  dev_attr_store+0x58/0x80
[ 1213.642834][T19007]  ? __pfx_dev_attr_store+0x10/0x10
[ 1213.642868][T19007]  sysfs_kf_write+0xf2/0x150
[ 1213.642892][T19007]  kernfs_fop_write_iter+0x3af/0x570
[ 1213.642928][T19007]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1213.642954][T19007]  iter_file_splice_write+0xa24/0x12b0
[ 1213.643001][T19007]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1213.643042][T19007]  ? __pfx_copy_splice_read+0x10/0x10
[ 1213.643085][T19007]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1213.643142][T19007]  direct_splice_actor+0x192/0x6c0
[ 1213.643180][T19007]  splice_direct_to_actor+0x345/0xa30
[ 1213.643217][T19007]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1213.643261][T19007]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1213.643302][T19007]  do_splice_direct+0x174/0x240
[ 1213.643338][T19007]  ? __pfx_do_splice_direct+0x10/0x10
[ 1213.643374][T19007]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1213.643412][T19007]  ? rw_verify_area+0xcf/0x6c0
[ 1213.643445][T19007]  do_sendfile+0xb06/0xe50
[ 1213.643480][T19007]  ? __pfx_do_sendfile+0x10/0x10
[ 1213.643515][T19007]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1213.643544][T19007]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1213.643573][T19007]  __x64_sys_sendfile64+0x1d8/0x220
[ 1213.643598][T19007]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1213.643627][T19007]  do_syscall_64+0xcd/0xf80
[ 1213.643650][T19007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1213.643676][T19007] RIP: 0033:0x7fd42038f7c9
[ 1213.643695][T19007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1213.643720][T19007] RSP: 002b:00007fd42113f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1213.643743][T19007] RAX: ffffffffffffffda RBX: 00007fd4205e6090 RCX: 00007fd42038f7c9
[ 1213.643760][T19007] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004
[ 1213.643775][T19007] RBP: 00007fd420413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1213.643791][T19007] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1213.643806][T19007] R13: 00007fd4205e6128 R14: 00007fd4205e6090 R15: 00007ffe55084ed8
[ 1213.643829][T19007]  </TASK>
[ 1213.643903][T19007] Kernel Offset: disabled