last executing test programs:

6.844257001s ago: executing program 1 (id=731):
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r4, 0x80004507, 0x10000000000402)
madvise$auto(0x8000, 0x87fff, 0xc)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7)

5.082456688s ago: executing program 1 (id=743):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x101440, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0xffffffffffffffff, 0x0, 0xbed)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x8)
execveat$auto(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=&(0x7f00000000c0)='$})%{\'-+\x10#\x00', &(0x7f0000000200)=&(0x7f00000001c0)='\x00', 0x7)
ioctl$auto(r1, 0x8100451b, r1)
openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000500), 0x8000, 0x0)
acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00')
syz_clone3(&(0x7f00000002c0)={0x2000000, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f0000000440)={0x2, 0x1, 0x3, &(0x7f0000000240)='\x8a(){}{@.\x00', {0x9, 0xb}, {0x0, 0x9, 0xfffffff8, 0x74, 0x2, 0x1, 0x2, &(0x7f0000000280)='/dev/snd/timer\x00', {0x5, 0x9, &(0x7f0000000340)=0x36e7, &(0x7f0000000380)=0x1, &(0x7f00000003c0)=0x8000, &(0x7f0000000400)=0x10}}})
ioperm$auto(0x4, 0xbc6, 0x81)
mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000)
futex_waitv$auto(&(0x7f0000000000)={0x0, 0x7e4, 0x2}, 0x1, 0x0, 0x0, 0x623d)
ioctl$auto_IOC_PR_RESERVE(0xffffffffffffffff, 0x401070c9, 0x0)

3.959650237s ago: executing program 2 (id=745):
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r4, 0x80004507, 0x10000000000402)
madvise$auto(0x8000, 0x87fff, 0xc)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7)

3.938733303s ago: executing program 1 (id=753):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x3, 0xfff, 0x9b72, 0xffffffffffffffff, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
madvise$auto(0x0, 0x3, 0x15)
madvise$auto(0x108000, 0x800032, 0x4)
unshare$auto(0x40000080)
close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002)
rt_sigsuspend$auto(&(0x7f00000000c0)={0x4}, 0x8)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(0x3, 0x80004509, 0x10000000000402)
ioctl$auto(0x3, 0x800005411, 0x38)
mmap$auto(0x0, 0x20009, 0x200, 0x18, 0x401, 0x40000008000)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
socket(0x2, 0xa, 0xe)
ioctl$auto(0x1, 0x890b, 0x8)

3.695396441s ago: executing program 0 (id=746):
r0 = memfd_secret$auto(0x0)
copy_file_range$auto(r0, &(0x7f0000000140)=0x5b28f6b6, r0, &(0x7f00000001c0)=0x7f, 0x2, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_MPATH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="07ae89a0", @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf251600000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0x800)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r3, 0x4, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x8, 0x2, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r6 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r6, 0x7a7, 0x0)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYRES32=r6, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbff, {0x11, 0x0, 0xfcff}}, 0x14}}, 0x400c0)
r7 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, 0x6)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000003c0), 0x410840, 0x0)
sysfs$auto(0x2, 0x2000000000040, 0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r6, 0x7a4, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
prctl$auto(0x23, 0xe, 0x0, 0x68, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getsockopt$auto_SO_SNDLOWAT(r1, 0x1, 0x13, &(0x7f0000000000)='\x00', &(0x7f0000000080)=0x8000)

3.485368708s ago: executing program 0 (id=747):
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r4, 0x80004507, 0x10000000000402)
madvise$auto(0x8000, 0x87fff, 0xc)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7)

2.290747818s ago: executing program 0 (id=751):
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
r0 = io_uring_setup$auto(0x999, 0x0)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0)
r2 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), r0)
r3 = getpgid(0xffffffffffffffff)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f00000002c0)={0x220, r2, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@THERMAL_GENL_ATTR_CPU_CAPABILITY={0xc, 0x14, 0x0, 0x1, [@typed={0x8, 0x6c, 0x0, 0x0, @pid=r3}]}, @THERMAL_GENL_ATTR_THRESHOLD={0x1ae, 0x18, 0x0, 0x1, [@generic="fb8e12143267c576828313051d9098f6265f856aaa1470c6c9b840becee3889720bd8ea756157f7da199cd1dbcce0aa55d980474eece00390a6a099ca6376626f3122d805e1e9b726a8d94d73fcaa61c03b46e6a450f586af153a04a349b59dabde360a87c12b7d73e95de236f0834ecfef7e3d1a58891cdc779ed9af419154c0028756569acfc4c0cae98613d00c04ccf660508d56b2c26e03fc4c12d896a67fcb69475506e83cd61b7d4f0486296dcd56486b221a0e389606b", @nested={0x8, 0x33, 0x0, 0x1, [@nested={0x4, 0x14d}]}, @typed={0x4, 0x48}, @nested={0x85, 0x89, 0x0, 0x1, [@typed={0x4, 0x80}, @generic="0bc926e89cab52851a8e42099fcca8e03f91fc3f3b9c0dfc53c536817dc92b69ac589bfbab60a12e49577674f44f24a8ff09c279796467bda75d3ba3125170a34c5441d6c8d7dd8ef39f3c8b872f3c51af520b539a87df26dbabd053c769b4e740d55d0cfa7ede07e0ee04ea3d58e509d7f0f50da50437f846b59c7bfe"]}, @nested={0x5a, 0x24, 0x0, 0x1, [@nested={0x4, 0x127}, @typed={0x8, 0x72, 0x0, 0x0, @fd=r1}, @generic="8a9a6ce3dbe0862361731184b576e3f1170de2e2e9bdc7e0cdf6ae09d87517433990", @typed={0x14, 0x2c, 0x0, 0x0, @ipv6=@mcast1}, @typed={0x14, 0xb, 0x0, 0x0, @ipv6=@private1}]}]}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x16, 0x80}, @THERMAL_GENL_ATTR_TZ_GOV_NAME={0x9, 0xd, ']-!\x86:'}, @THERMAL_GENL_ATTR_CDEV={0x18, 0xe, 0x0, 0x1, [@typed={0xc, 0x48, 0x0, 0x0, @u64=0x2}, @typed={0x8, 0xca, 0x0, 0x0, @uid=0xee00}]}, @THERMAL_GENL_ATTR_TZ_TRIP_HYST={0x8, 0x8, 0x9}, @THERMAL_GENL_ATTR_TZ_GOV={0x18, 0xc, 0x0, 0x1, [@nested={0x14, 0x68, 0x0, 0x1, [@typed={0x8, 0xbc, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x0, 0x0, 0x0, @u32=0x1}]}]}, @THERMAL_GENL_ATTR_TZ_GOV_NAME={0x4}]}, 0x220}, 0x1, 0x0, 0x0, 0x4014}, 0x1)
io_uring_setup$auto(0x58, 0x0)
r4 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x20202, 0x0)
pread64$auto(r4, 0x0, 0x0, 0x9)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0x22240, 0x155)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001f80), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_NAPI_GET2(r5, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000001fc0)={0x14, r6, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}}, 0x800)
socket(0x2, 0x2, 0x0)
r7 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
socket(0x2, 0x1, 0x106)
listen$auto(0x3, 0x81)
sendmmsg$auto(r7, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
accept$auto(r0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)

2.11645959s ago: executing program 1 (id=754):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', <r2=>0x0})
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002fbd7000fddbdf250c00000014000380100003800c00058008000100", @ANYRES32=0x0, @ANYBLOB="0c00018008000100", @ANYRES32=r2], 0x34}, 0x1, 0x8000000000000}, 0x24048084)

1.95818204s ago: executing program 1 (id=755):
r0 = pidfd_open$auto(0x1, 0x0)
setns(r0, 0x60020000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r4, 0x80004507, 0x10000000000402)
madvise$auto(0x8000, 0x87fff, 0xc)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
mmap$auto(0x13, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r5 = socket(0x2a, 0x2, 0x1)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55)
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7)

1.883275701s ago: executing program 2 (id=756):
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=<r0=>0xffffffffffffffff, @ANYBLOB="010329bf700002dcdf2505000000feabb1471aa987110c00010005000000000000000c0001"], 0x38}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES8=r0, @ANYRES32=0x0, @ANYBLOB, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x23, 0x80805, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
preadv2$auto(r1, &(0x7f0000000040)={&(0x7f0000000380), 0x6}, 0x2, 0x1000, 0x3, 0x8)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x3, 0x19, 0x1001, 0x5, 0x717e, 0x0, 0x7, 0x8, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb5, 0xfffffffffffffffe, 0x7, 0x0, 0x7f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffffffffffe, 0x88000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8000000, 0x20000, 0xffffffffffffffff, 0x3]}, 0x1fe, 0xd)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8)
syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000040), r3)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty43\x00', 0x800, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000440)=""/82, 0x52)
ioctl$auto_TIOCSWINSZ2(r5, 0x5414, &(0x7f00000001c0))
ioctl$auto(0xffffffffffffffff, 0x80a86f3d, 0x38)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)

1.696590808s ago: executing program 3 (id=757):
r0 = memfd_secret$auto(0x0)
copy_file_range$auto(r0, &(0x7f0000000140)=0x5b28f6b6, r0, &(0x7f00000001c0)=0x7f, 0x2, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_SET_MPATH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="07ae89a0", @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf251600000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}}, 0x800)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r3, 0x4, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x8, 0x2, 0xeb1, 0x401, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r6 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r6, 0x7a7, 0x0)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYRES32=r6, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbff, {0x11, 0x0, 0xfcff}}, 0x14}}, 0x400c0)
r7 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, 0x6)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000003c0), 0x410840, 0x0)
sysfs$auto(0x2, 0x2000000000040, 0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r6, 0x7a4, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
prctl$auto(0x23, 0xe, 0x0, 0x68, 0x0)
close_range$auto(0x2, 0x8, 0x0)
getsockopt$auto_SO_SNDLOWAT(r1, 0x1, 0x13, &(0x7f0000000000)='\x00', &(0x7f0000000080)=0x8000)

1.46182428s ago: executing program 3 (id=758):
close_range$auto(0x0, 0x5, 0x0)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000d40)='/sys/devices/pci0000:00/0000:00:00.0/driver_override\x00', 0x4a401, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000400), 0x189d82, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketcall$auto(0x4, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0xf00)

1.24647151s ago: executing program 3 (id=759):
r0 = socket(0xa, 0x1, 0x84)
r1 = setfsuid$auto(0xee00)
setreuid$auto(r1, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f00000001c0)=':,\x00', 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x9dc, 0x500000, 0x4, 0x18, r0, 0x2)
listen$auto(0xffffffffffffffff, 0x9)
rt_sigqueueinfo$auto(0x0, 0xe, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0}}})
msgctl$auto_MSG_STAT_ANY(0x2, 0xd, &(0x7f0000000500)={{0xc3f, 0x0, 0x0, 0xfff, 0xe00000, 0x8000, 0x365b}, &(0x7f0000000480), &(0x7f00000004c0)=0x7, 0x2, 0x0, 0xf, 0x4, 0x6, 0x6, 0x81d7, 0x6, @raw=0x100})
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
unshare$auto(0x40000080)
mmap$auto(0x4, 0x200004, 0x4000000000e7, 0x40eb2, 0xd, 0x300000000000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8000, 0x0)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto(r3, 0xc0045520, r2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bpq2/gro_flush_timeout\x00', 0x0, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x7b, 0x1, 0x4c})
r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef)

1.088083217s ago: executing program 0 (id=760):
r0 = socket(0x2b, 0x1, 0xf7d)
r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_DUMPHMAC(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="e0010000", @ANYRES16=r1, @ANYBLOB="000828bd7000ffdbdf250200000008000200feffffffe60004000de2960fb4292c183d9c9b983494b49d470418d51a51e062ac9c43fda7f48ab76d1ab916f129892f4e6d9a75b53aec9e4f61b1dbc9b7c2acd17f9a44cac3b5aa54928d5e002d0feb4f564cea961abbd7de6e39c6bbc94326b5b1ee0b81e3dbfae0cac52bb491986cbb61960dab14aaaa37af8987fc5f40d1e55047a932b2da660d2f4b30120c9f4d81396ccfc024f929394d176cc5010496d839396cbfbb88dc69086c24d0f9d32f7ab075f61ec96654bdf7ff3d59a4db04022d0f97d347bddae4740806fef9a65208f16d9c23524a2163e287abb3d44cd28bae3af9b9b6d92fda6500001400010000000000000000000000000000000001c6000400d9cdfb4ebdb1ee86f926e838dfcfdd072ae253f9bd0d5e001933d68de0c170ee0c8c5d96c90d790985229df81c0f24bb996d4fa72b37fe37acb0e87fb301ee3e424fe3ee1627500321ab316138da5d32eda390f73ee2d4750e7443262ca04726b3dd72f826debddd68911fadb460c734ebaa868cf295c26972acf0c2fc4e107ff58958216b82fcc03284e56f4f2d6a3b56b22193e621d135d8580fd2b1b326fb3f4af4f28bb14247348491724429691885d807684bf17a49f37c1eeaac53f217577b0000"], 0x1e0}, 0x1, 0x0, 0x0, 0x4000}, 0x2000c410)
r2 = open(&(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x80400, 0xb5d1af1605322ddc)
dup3$auto(0x8000000000000001, 0x5, 0x800080000)
r3 = open_by_handle_at$auto(r2, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6)
read$auto_ctl_device_fops_user(r3, &(0x7f0000000000)=""/53, 0x35)

822.419188ms ago: executing program 2 (id=761):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x84503, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000240)="f6e6812018deadf7e88f819e30236ce79200b01532f2ed0d", 0x18)
readv$auto(r0, &(0x7f0000000a80)={0x0, 0x5}, 0x8)
mmap$auto(0x2, 0x400005, 0xe2, 0x9b72, 0x2, 0x6)
r1 = io_uring_setup$auto(0x10001, 0x0)
sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000300)={0x0, 0x9}, 0x1, 0x0, 0x0, 0x9}, 0xa}, 0x8, 0xb46)
r2 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
readv$auto(r2, &(0x7f0000000280)={&(0x7f0000000140)="a72aa02bab67e8d7c41e2527d18cc24ccc51b57c8befbd44fcd4eb61f9a482820507535cf1fe6215fb082882f68061ba722f69d12640dc9f08008f6193d64900582ea03aef0e15445aeb3d1f3422b5209ac3ed4d5db02983ebb41291a28d765652bf424100ea30c7b5a41411546ed3a6e1d1f10f406d907569ace0f9d1edfc41cbc0fc109c962bd9bc54a499b8d963ee72be6c2b2d3efdaa57a083704212f65e0b1e0d4e310b8cd7e490cb62895a45fbf3b5ee264994838635270e96e203330562f73cfab347594a8741bc9c6779b3b86432b8cd04b3439bd07045e9dcf1909426077d91021ec4e316d96349e47a6022ea1e7d461852cb1baa6fe80a", 0x8007}, 0x4006)
ustat$auto(0x801, 0x0)
ioctl$auto_FIOCLEX(r2, 0x5451, 0x6)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/dax/drivers/device_dax/remove_id\x00', 0xa081, 0x0)
write$auto(r3, &(0x7f0000000000)='\x01\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4a\xb5\x1b\xad0\x10\x19b\xbf\xb7\xa5`\x97\xddzG\x01[{\x17\x05I\xe0\xb1d\x00\x00\x00\x00L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2z\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a\x00\x00\x00', 0x33)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x2240, 0x81)
socket(0x2, 0x2, 0x0)
fcntl$auto_F_GETSIG(r3, 0xb, 0xb)
socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x15d)
socket(0xb, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@phonet={0x23, 0xf9, 0x0, 0x10}, 0x6a)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400000000000400, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r4, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
landlock_create_ruleset$auto(&(0x7f00000000c0)={0xb92, 0x2, 0x399}, 0x9, 0x9)
landlock_restrict_self$auto(r5, 0x6)

813.067387ms ago: executing program 0 (id=762):
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000240)={{0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)="8e62e3859d05dd675e940337d1fa453baf629ed0842221aa36400f1c2cd92b3693fac67c28580f7f82f1317d16ba77c4080be406200f92de1c704a603400cecff43070fe69968cfef97f", 0x1}, 0x6f, 0x0, 0x3, 0x710}, 0x1}, 0x8, 0x71)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r0 = socket(0x2, 0x1, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
get_robust_list$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0)
setresuid$auto(0x0, 0x7, 0x8080)
bpf$auto(0x3, &(0x7f00000001c0)=@query={@target_fd, 0x1, 0x86e6, 0x9, 0x63, @count=0x4, 0x0, 0x6, 0x2, 0x10004, 0xb716}, 0xc)
bpf$auto(0x0, &(0x7f00000001c0)=@token_create={0x1}, 0x6f6)
mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)

717.110448ms ago: executing program 2 (id=763):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{0x0, 0x5aa, 0x0, 0x8, 0x0, 0x6, 0x1000}, 0x5}, 0x2, 0xfd)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00)
ppoll$auto(&(0x7f0000000140)={<r0=>0xffffffffffffffff, 0xfff8, 0x3}, 0xb3, 0x0, 0x0, 0x8)
r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = semctl$auto(0xff, 0x5, 0x75, 0x0)
r4 = geteuid()
sendmsg$auto_IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)={0x7c, 0x0, 0x200, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x5c, 0x2, 0x0, 0x1, [@nested={0x30, 0xe0, 0x0, 0x1, [@typed={0x7, 0x123, 0x0, 0x0, @str='${\x00'}, @typed={0x4, 0xfd}, @nested={0x4, 0x127}, @nested={0x4, 0xe2}, @nested={0x4, 0x91}, @typed={0xc, 0xc3, 0x0, 0x0, @u64=0x8001}, @nested={0x4, 0x4c}, @nested={0x4, 0x30}]}, @typed={0x8, 0x41, 0x0, 0x0, @pid=r3}, @typed={0x14, 0x1d, 0x0, 0x0, @ipv6=@remote}, @typed={0xc, 0xe7, 0x0, 0x0, @u64=0x4}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x3e, 0x0, 0x0, @uid=r4}]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x90}, 0x14)
sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYRESHEX=r1, @ANYRES16=r1, @ANYBLOB="01bd700001dcdf2503000000040006000010000400060000000000"], 0x24}, 0x1, 0x0, 0x0, 0x84}, 0x840)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu3\x00', 0x1, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$auto_TIOCSETD2(r5, 0x5423, &(0x7f0000000080))
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x6}, 0x3, 0x0)

606.738427ms ago: executing program 3 (id=764):
r0 = ioctl$auto_NS_GET_NSTYPE(0xffffffffffffffff, 0xb703, 0x0)
bind$auto(r0, 0x0, 0x6a)
connect$auto(0x3, 0x0, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/ns/cgroup\x00', 0x80, 0x0)
ioctl$auto_NS_GET_USERNS(r1, 0xb701, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = getpid()
process_vm_readv$auto(r2, 0x0, 0x1, 0x0, 0x6, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20)
socket(0x11, 0x3, 0x9)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0x10, 0x2, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vcsa1\x00', 0x101041, 0x0)
lseek$auto(0x3, 0x0, 0x1)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/mnt\x00')
listmount$auto(&(0x7f0000000100)={0x20, @inferred=r3, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0x0, 0x1)
getsockopt$auto_SO_TYPE(r4, 0x7124, 0x3, &(0x7f0000000080)='\\/]\x00', &(0x7f00000000c0)=0xf1)

507.383406ms ago: executing program 2 (id=765):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x26dc2, 0x84)
io_uring_setup$auto(0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r0, 0x0, 0x4000000)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', <r4=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x401, r2, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc)
bpf$auto(0x4, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x3ff, 0x8}, 0x9)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x1, 0x42, 0x200000000065f, 0x401ffde, 0x7, 0x3, 0x2, 0x100, 0x3eb, 0x5, 0x2, 0x3000, 0x2, 0x6, 0x10003, 0x82, 0x4, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x80000000, 0x4, 0xfffffffffffffffc, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x3]}, 0x7, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000040)={0x0, 0x8d}, 0x1, 0x0, 0x7, 0xa505}, 0x800}, 0x400, 0x4004)

286.700459ms ago: executing program 0 (id=766):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
open(0x0, 0x161342, 0x100)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x4ab8f800, 0xa0009, 0x4000000000db, 0x11, 0xffffffffffffffff, 0x18002)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xfff)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r1, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6a982, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0)
ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
select$auto(0x1, 0x0, 0x0, 0x0, 0x0)
r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0)
read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0)

231.370306ms ago: executing program 3 (id=767):
r0 = pidfd_open$auto(0x1, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'macsec0\x00', <r3=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x3f}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) (async)
setns(r0, 0x60020000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8) (async)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4) (async)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) (async)
r6 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r5, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r6}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async)
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) (async)
r7 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
ioctl$auto(r7, 0x80004507, 0x10000000000402) (async)
madvise$auto(0x8000, 0x87fff, 0xc) (async)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x2a, 0x2, 0x0) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
io_uring_setup$auto(0x1, 0x0) (async)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) (async)
openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket(0x2a, 0x2, 0x1)

184.014005ms ago: executing program 2 (id=768):
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0xa, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
open(0x0, 0x161342, 0x100)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x4ab8f800, 0xa0009, 0x4000000000db, 0x11, 0xffffffffffffffff, 0x18002)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xfff)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000)
read$auto(r1, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6a982, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0)
ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
select$auto(0x1, 0x0, 0x0, 0x0, 0x0)
r3 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0)
read$auto_state_fops_(r3, &(0x7f0000000180)=""/61, 0xfffffeeb) (fail_nth: 2)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x18, 0x401, 0x300000000000)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0)

24.051999ms ago: executing program 3 (id=769):
r0 = socket(0x21, 0x2, 0x2)
mmap$auto(0x0, 0x28da, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/devices/virtual/block/loop15/queue/zoned\x00', 0x20000, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8000000008)
ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x9})
get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1)
accept4$auto(r0, &(0x7f0000000340)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x1, 0x4}}, &(0x7f0000000380)=0x9, 0xc)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101a82, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfdef)
socket(0x21, 0x2, 0x2) (async)
mmap$auto(0x0, 0x28da, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) (async)
io_uring_setup$auto(0x6, 0x0) (async)
set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/devices/virtual/block/loop15/queue/zoned\x00', 0x20000, 0x0) (async)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8000000008) (async)
ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x9}) (async)
get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) (async)
accept4$auto(r0, &(0x7f0000000340)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x1, 0x4}}, &(0x7f0000000380)=0x9, 0xc) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101a82, 0x0) (async)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
write$auto(0x3, 0x0, 0xfffffdef) (async)
write$auto(0x3, 0x0, 0xfdef) (async)

0s ago: executing program 1 (id=770):
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=<r0=>0xffffffffffffffff, @ANYBLOB="010329bf700002dcdf2505000000feabb1471aa987110c00010005000000000000000c0001"], 0x38}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES8=r0, @ANYRES32=0x0, @ANYBLOB, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x23, 0x80805, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
preadv2$auto(r1, &(0x7f0000000040)={&(0x7f0000000380), 0x6}, 0x2, 0x1000, 0x3, 0x8)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x3, 0x19, 0x1001, 0x5, 0x717e, 0x0, 0x7, 0x8, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb5, 0xfffffffffffffffe, 0x7, 0x0, 0x7f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffffffffffe, 0x88000000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8000000, 0x20000, 0xffffffffffffffff, 0x3]}, 0x1fe, 0xd)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd03, &(0x7f00000001c0))
connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8)
syz_genetlink_get_family_id$auto_vdpa(&(0x7f0000000040), r3)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty43\x00', 0x800, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000440)=""/82, 0x52)
ioctl$auto_TIOCSWINSZ2(r5, 0x5414, &(0x7f00000001c0))
ioctl$auto(0xffffffffffffffff, 0x80a86f3d, 0x38)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.14' (ED25519) to the list of known hosts.
[   74.959612][ T5811] cgroup: Unknown subsys name 'net'
[   75.048126][ T5811] cgroup: Unknown subsys name 'cpuset'
[   75.056828][ T5811] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   76.468450][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[   76.474961][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[   76.527464][ T5811] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   78.257319][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   78.265556][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   78.273423][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   78.275059][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   78.281739][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   78.287933][ T5834] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   78.295466][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   78.309257][ T5834] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   78.314528][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   78.316756][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   78.332069][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   78.332426][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   78.339903][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   78.346227][ T5834] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   78.355368][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   78.362195][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   78.374967][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   78.375701][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   78.382168][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   78.404106][ T5829] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   78.911023][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   78.947228][ T5825] chnl_net:caif_netlink_parms(): no params data found
[   79.014246][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   79.069691][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   79.211591][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.219299][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.227111][ T5825] bridge_slave_0: entered allmulticast mode
[   79.234331][ T5825] bridge_slave_0: entered promiscuous mode
[   79.242271][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.249458][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.256675][ T5822] bridge_slave_0: entered allmulticast mode
[   79.263623][ T5822] bridge_slave_0: entered promiscuous mode
[   79.287460][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.294719][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.301868][ T5824] bridge_slave_0: entered allmulticast mode
[   79.309083][ T5824] bridge_slave_0: entered promiscuous mode
[   79.316371][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.323501][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.330703][ T5825] bridge_slave_1: entered allmulticast mode
[   79.337783][ T5825] bridge_slave_1: entered promiscuous mode
[   79.345272][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.352385][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.360156][ T5822] bridge_slave_1: entered allmulticast mode
[   79.367267][ T5822] bridge_slave_1: entered promiscuous mode
[   79.387513][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.394846][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.402082][ T5824] bridge_slave_1: entered allmulticast mode
[   79.409248][ T5824] bridge_slave_1: entered promiscuous mode
[   79.475019][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.484351][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.491516][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.499617][ T5823] bridge_slave_0: entered allmulticast mode
[   79.507349][ T5823] bridge_slave_0: entered promiscuous mode
[   79.515646][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.522715][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.530000][ T5823] bridge_slave_1: entered allmulticast mode
[   79.537114][ T5823] bridge_slave_1: entered promiscuous mode
[   79.555052][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.566720][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.578432][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.600654][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.630358][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.683214][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   79.695008][ T5825] team0: Port device team_slave_0 added
[   79.702309][ T5822] team0: Port device team_slave_0 added
[   79.720629][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   79.731363][ T5825] team0: Port device team_slave_1 added
[   79.738672][ T5822] team0: Port device team_slave_1 added
[   79.759170][ T5824] team0: Port device team_slave_0 added
[   79.796354][ T5824] team0: Port device team_slave_1 added
[   79.826399][ T5823] team0: Port device team_slave_0 added
[   79.832886][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.839930][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.865960][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.895851][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[   79.902802][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.929674][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   79.942221][ T5823] team0: Port device team_slave_1 added
[   79.948491][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[   79.955607][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   79.981804][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   79.993934][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.001549][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.028375][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.077617][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.084721][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.110670][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.131992][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.139033][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.165186][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.177888][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.184935][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.211071][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.222608][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.230294][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.256476][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.346225][ T5822] hsr_slave_0: entered promiscuous mode
[   80.353047][ T5822] hsr_slave_1: entered promiscuous mode
[   80.365516][ T5825] hsr_slave_0: entered promiscuous mode
[   80.371862][ T5825] hsr_slave_1: entered promiscuous mode
[   80.378347][ T5825] debugfs: 'hsr0' already exists in 'hsr'
[   80.384238][ T5825] Cannot create hsr debugfs directory
[   80.405527][ T5823] hsr_slave_0: entered promiscuous mode
[   80.411731][ T5823] hsr_slave_1: entered promiscuous mode
[   80.418443][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   80.424210][ T5823] Cannot create hsr debugfs directory
[   80.465047][ T5831] Bluetooth: hci1: command tx timeout
[   80.465063][ T5834] Bluetooth: hci0: command tx timeout
[   80.465225][ T5834] Bluetooth: hci3: command tx timeout
[   80.470741][ T5829] Bluetooth: hci2: command tx timeout
[   80.488972][ T5824] hsr_slave_0: entered promiscuous mode
[   80.495297][ T5824] hsr_slave_1: entered promiscuous mode
[   80.501296][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[   80.507132][ T5824] Cannot create hsr debugfs directory
[   80.930504][ T5825] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   80.943312][ T5825] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   80.965993][ T5825] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   80.985880][ T5825] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   81.040348][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   81.051659][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   81.063782][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   81.075848][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   81.201998][ T5823] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   81.212824][ T5823] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   81.237305][ T5823] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   81.262038][ T5823] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   81.331797][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   81.343190][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   81.356426][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.366716][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   81.387702][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   81.422930][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[   81.455322][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.462493][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.481208][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.507009][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.514177][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.563370][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   81.598888][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.606032][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.629017][ T1165] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.636206][ T1165] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.650360][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   81.704518][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.771147][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   81.807210][   T33] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.814408][   T33] bridge0: port 1(bridge_slave_0) entered forwarding state
[   81.823940][   T33] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.831091][   T33] bridge0: port 2(bridge_slave_1) entered forwarding state
[   81.871062][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.941120][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   81.988166][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.995389][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.039355][ T1165] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.046535][ T1165] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.121849][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.248635][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.280736][ T5825] veth0_vlan: entered promiscuous mode
[   82.318537][ T5825] veth1_vlan: entered promiscuous mode
[   82.382799][ T5822] veth0_vlan: entered promiscuous mode
[   82.413607][ T5825] veth0_macvtap: entered promiscuous mode
[   82.439210][ T5825] veth1_macvtap: entered promiscuous mode
[   82.451311][ T5822] veth1_vlan: entered promiscuous mode
[   82.475805][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.509065][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.539217][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.546816][ T5829] Bluetooth: hci3: command tx timeout
[   82.556668][ T5829] Bluetooth: hci2: command tx timeout
[   82.556689][ T5834] Bluetooth: hci1: command tx timeout
[   82.562076][ T5832] Bluetooth: hci0: command tx timeout
[   82.597263][ T3567] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.608949][ T3567] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.627735][ T3567] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.636737][ T3567] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.676747][ T5822] veth0_macvtap: entered promiscuous mode
[   82.686445][ T5823] veth0_vlan: entered promiscuous mode
[   82.712228][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   82.738329][ T5822] veth1_macvtap: entered promiscuous mode
[   82.748086][ T5823] veth1_vlan: entered promiscuous mode
[   82.817496][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   82.835132][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.844743][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.847408][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.902688][ T4404] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.917708][ T5823] veth0_macvtap: entered promiscuous mode
[   82.933543][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.933999][ T4404] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.942458][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.954454][ T5824] veth0_vlan: entered promiscuous mode
[   82.969939][ T5823] veth1_macvtap: entered promiscuous mode
[   82.978769][ T4404] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.989131][ T4404] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.017185][ T5824] veth1_vlan: entered promiscuous mode
[   83.073180][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.077311][ T5825] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.126726][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.170434][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.191323][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.236836][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.247290][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.272563][ T5908] tipc: Can't bind to reserved service type 0
[   83.280630][ T5824] veth0_macvtap: entered promiscuous mode
[   83.293141][ T5824] veth1_macvtap: entered promiscuous mode
[   83.311308][ T1165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.335550][ T1165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.415787][ T3567] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.437702][ T3567] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.463639][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.559422][ T5912] Zero length message leads to an empty skb
[   83.580090][ T1165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.611014][ T1165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.645162][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.807346][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.863369][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.881495][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.925459][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.935558][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.981175][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.067958][ T5915] capability: warning: `syz.0.1' uses 32-bit capabilities (legacy support in use)
[   84.173061][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.213339][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.294673][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.384521][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.508790][ T5929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6'.
[   84.627496][ T5832] Bluetooth: hci1: command tx timeout
[   84.627766][ T5834] Bluetooth: hci2: command tx timeout
[   84.633031][ T5832] Bluetooth: hci0: command tx timeout
[   84.638585][ T5829] Bluetooth: hci3: command tx timeout
[   84.805044][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   84.855726][   T29] audit: type=1800 audit(1770873164.625:2): pid=5938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3" name="lu_gp_id" dev="configfs" ino=6842 res=0 errno=0
[   84.919704][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   84.924226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   85.476269][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.484854][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.495121][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.503552][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   85.517046][   T29] audit: type=1800 audit(1770873165.285:3): pid=5949 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4" name="lu_gp_id" dev="configfs" ino=6910 res=0 errno=0
[   85.786805][  T115] cfg80211: failed to load regulatory.db
[   85.914527][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.070861][   T29] audit: type=1800 audit(1770873165.835:4): pid=5960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7" name="lu_gp_id" dev="configfs" ino=8176 res=0 errno=0
[   86.128368][ T5959] ecryptfs_miscdev_write: Invalid packet size [192]
[   86.250916][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   86.274888][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.724209][ T5829] Bluetooth: hci0: command tx timeout
[   86.729658][ T5829] Bluetooth: hci1: command tx timeout
[   86.735444][ T5834] Bluetooth: hci3: command tx timeout
[   86.740839][ T5834] Bluetooth: hci2: command tx timeout
[   86.860015][ T5965] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11'.
[   87.735933][ T5987] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   87.812157][   T29] audit: type=1800 audit(1770873167.575:5): pid=5985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.10" name="lu_gp_id" dev="configfs" ino=8239 res=0 errno=0
[   90.097010][ T5964] syz.2.11 (5964) used greatest stack depth: 19672 bytes left
[   90.232377][ T6023] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input5
[   90.771648][   T29] audit: type=1800 audit(1770873170.535:6): pid=6031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.20" name="lu_gp_id" dev="configfs" ino=8391 res=0 errno=0
[   91.559022][ T6037] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   92.557865][ T5834] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[   92.903427][ T6060] FAULT_INJECTION: forcing a failure.
[   92.903427][ T6060] name failslab, interval 1, probability 0, space 0, times 1
[   92.944422][ T6060] CPU: 0 UID: 0 PID: 6060 Comm: syz.1.27 Not tainted syzkaller #0 PREEMPT(full) 
[   92.944451][ T6060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[   92.944463][ T6060] Call Trace:
[   92.944469][ T6060]  <TASK>
[   92.944476][ T6060]  dump_stack_lvl+0x100/0x190
[   92.944507][ T6060]  should_fail_ex.cold+0x5/0xa
[   92.944524][ T6060]  should_failslab+0xc2/0x120
[   92.944542][ T6060]  __kmalloc_cache_noprof+0x80/0x810
[   92.944565][ T6060]  ? vidtv_channel_si_init+0xa42/0x18d0
[   92.944591][ T6060]  ? vidtv_channel_si_init+0xa42/0x18d0
[   92.944611][ T6060]  vidtv_channel_si_init+0xa42/0x18d0
[   92.944640][ T6060]  vidtv_mux_init+0x526/0xbf0
[   92.944664][ T6060]  vidtv_start_feed+0x33e/0x4c0
[   92.944681][ T6060]  ? __pfx_vidtv_start_feed+0x10/0x10
[   92.944698][ T6060]  ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10
[   92.944719][ T6060]  ? mark_held_locks+0x40/0x70
[   92.944737][ T6060]  ? __pfx_vidtv_start_feed+0x10/0x10
[   92.944753][ T6060]  dmx_ts_feed_start_filtering+0xf6/0x220
[   92.944774][ T6060]  dvb_dmxdev_start_feed+0x273/0x3f0
[   92.944792][ T6060]  dvb_dmxdev_filter_start+0x1b6/0xdd0
[   92.944810][ T6060]  ? dvb_dmxdev_add_pid+0x2a1/0x380
[   92.944828][ T6060]  dvb_demux_do_ioctl+0xe64/0x1200
[   92.944850][ T6060]  dvb_usercopy+0x167/0x340
[   92.944863][ T6060]  ? __pfx_dvb_demux_do_ioctl+0x10/0x10
[   92.944880][ T6060]  ? __pfx_dvb_usercopy+0x10/0x10
[   92.944902][ T6060]  ? __fget_files+0x21f/0x3d0
[   92.944920][ T6060]  dvb_demux_ioctl+0x29/0x40
[   92.944933][ T6060]  ? __pfx_dvb_demux_ioctl+0x10/0x10
[   92.944948][ T6060]  __x64_sys_ioctl+0x18e/0x210
[   92.944971][ T6060]  do_syscall_64+0x106/0xf80
[   92.944985][ T6060]  ? clear_bhb_loop+0x40/0x90
[   92.945003][ T6060]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.945018][ T6060] RIP: 0033:0x7f75ccd9bf79
[   92.945030][ T6060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   92.945044][ T6060] RSP: 002b:00007f75cdd19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   92.945059][ T6060] RAX: ffffffffffffffda RBX: 00007f75cd016090 RCX: 00007f75ccd9bf79
[   92.945068][ T6060] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002
[   92.945076][ T6060] RBP: 00007f75cce327e0 R08: 0000000000000000 R09: 0000000000000000
[   92.945085][ T6060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   92.945093][ T6060] R13: 00007f75cd016128 R14: 00007f75cd016090 R15: 00007ffc43e147e8
[   92.945113][ T6060]  </TASK>
[   93.734431][ T6061] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [35]
[   95.291152][   T29] audit: type=1800 audit(1770873175.055:7): pid=6090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.34" name="lu_gp_id" dev="configfs" ino=8590 res=0 errno=0
[   95.312472][ T6085] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.334650][ T6097] netlink: 346 bytes leftover after parsing attributes in process `syz.2.35'.
[   95.603657][ T6105] sd 0:0:1:0: PR command failed: 1026
[   95.616138][ T6105] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[   95.630430][ T6105] sd 0:0:1:0: Add. Sense: Invalid command operation code
[   95.735995][ T6100] Process accounting resumed
[   97.761428][ T6135] netlink: 28 bytes leftover after parsing attributes in process `syz.0.43'.
[   98.055340][ T6143] process 'syz.3.45' launched ':,' with NULL argv: empty string added
[   99.617727][   T29] audit: type=1800 audit(1770873179.365:8): pid=6179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.50" name="lu_gp_id" dev="configfs" ino=8980 res=0 errno=0
[  100.513148][ T6190] WARNING! power/level is deprecated; use power/control instead
[  100.640243][ T6192] __vm_enough_memory: pid: 6192, comm: syz.2.53, bytes: 4398046511104 not enough memory for the allocation
[  101.164205][ T6193] netlink: 346 bytes leftover after parsing attributes in process `syz.1.54'.
[  101.661741][ T6195] Process accounting resumed
[  103.985496][ T6234] zswap: compressor � not available
[  105.300750][ T6257] netlink: 28 bytes leftover after parsing attributes in process `syz.0.65'.
[  105.454122][ T6257] bridge_slave_1: left allmulticast mode
[  105.474428][ T6257] bridge_slave_1: left promiscuous mode
[  105.497242][ T6257] bridge0: port 2(bridge_slave_1) entered disabled state
[  105.566961][ T6257] bridge_slave_0: left allmulticast mode
[  105.572739][ T6257] bridge_slave_0: left promiscuous mode
[  105.578552][ T6257] bridge0: port 1(bridge_slave_0) entered disabled state
[  105.683437][   T29] audit: type=1800 audit(1770873185.445:9): pid=6268 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.66" name="lu_gp_id" dev="configfs" ino=9139 res=0 errno=0
[  106.967962][   T29] audit: type=1800 audit(1770873186.735:10): pid=6285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.70" name="lu_gp_id" dev="configfs" ino=10001 res=0 errno=0
[  108.278736][   T29] audit: type=1800 audit(1770873188.045:11): pid=6308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.75" name="dbroot" dev="configfs" ino=10032 res=0 errno=0
[  108.344679][   T29] audit: type=1800 audit(1770873188.105:12): pid=6293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.72" name="lu_gp_id" dev="configfs" ino=10316 res=0 errno=0
[  109.318814][ T6320] Process accounting resumed
[  109.513405][   T29] audit: type=1800 audit(1770873189.235:13): pid=6331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.79" name="dbroot" dev="configfs" ino=10091 res=0 errno=0
[  109.582984][   T29] audit: type=1800 audit(1770873189.345:14): pid=6313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.76" name="lu_gp_id" dev="configfs" ino=10441 res=0 errno=0
[  110.893316][   T29] audit: type=1800 audit(1770873190.655:15): pid=6353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.82" name="lu_gp_id" dev="configfs" ino=10228 res=0 errno=0
[  112.434841][   T29] audit: type=1800 audit(1770873192.205:16): pid=6378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.88" name="dbroot" dev="configfs" ino=10560 res=0 errno=0
[  112.880282][   T29] audit: type=1800 audit(1770873192.645:17): pid=6388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.87" name="lu_gp_id" dev="configfs" ino=10705 res=0 errno=0
[  113.148751][   T29] audit: type=1800 audit(1770873192.905:18): pid=6396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.91" name="dbroot" dev="configfs" ino=10713 res=0 errno=0
[  113.536450][   T29] audit: type=1800 audit(1770873193.305:19): pid=6402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.92" name="dbroot" dev="configfs" ino=11364 res=0 errno=0
[  114.044939][ T6411] vhci_hcd vhci_hcd.2: invalid port number 16
[  114.065183][ T6411] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  114.562125][   T29] audit: type=1800 audit(1770873194.325:20): pid=6421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.94" name="lu_gp_id" dev="configfs" ino=10840 res=0 errno=0
[  115.410978][ T6430] Process accounting resumed
[  116.566043][ T6441] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  116.592853][ T6441] mmap: syz.2.102 (6441) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  117.190035][   T29] audit: type=1804 audit(1770873196.925:21): pid=6458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.105" name="/newroot/sys/kernel/tracing/saved_cmdlines_size" dev="tracefs" ino=1115 res=1 errno=0
[  118.970985][ T6482] ecryptfs_miscdev_write: Invalid packet size [192]
[  121.347515][   T29] audit: type=1800 audit(1770873201.115:22): pid=6525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.117" name="lu_gp_id" dev="configfs" ino=11090 res=0 errno=0
[  123.690100][   T29] audit: type=1800 audit(1770873203.425:23): pid=6560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.124" name="dbroot" dev="configfs" ino=11153 res=0 errno=0
[  125.697920][ T6591] Process accounting resumed
[  126.722822][   T29] audit: type=1800 audit(1770873206.485:24): pid=6613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.133" name="lu_gp_id" dev="configfs" ino=12431 res=0 errno=0
[  126.914716][   T29] audit: type=1800 audit(1770873206.675:25): pid=6619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.137" name="dbroot" dev="configfs" ino=12452 res=0 errno=0
[  127.264126][   T29] audit: type=1800 audit(1770873207.015:26): pid=6620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.136" name="lu_gp_id" dev="configfs" ino=12464 res=0 errno=0
[  128.506020][ T6640] Process accounting resumed
[  128.772779][   T29] audit: type=1800 audit(1770873208.535:27): pid=6635 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.141" name="lu_gp_id" dev="configfs" ino=12530 res=0 errno=0
[  129.244441][   T29] audit: type=1800 audit(1770873209.005:28): pid=6657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.144" name="lu_gp_id" dev="configfs" ino=13336 res=0 errno=0
[  131.209132][   T29] audit: type=1800 audit(1770873210.975:29): pid=6690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.149" name="lu_gp_id" dev="configfs" ino=13432 res=0 errno=0
[  133.294987][ T6730] Process accounting resumed
[  133.322742][   T29] audit: type=1800 audit(1770873213.085:30): pid=6732 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.157" name="lu_gp_id" dev="configfs" ino=13629 res=0 errno=0
[  136.332669][   T29] audit: type=1800 audit(1770873216.095:31): pid=6779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.167" name="lu_gp_id" dev="configfs" ino=13797 res=0 errno=0
[  137.633008][ T6788] Process accounting resumed
[  137.908227][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  137.914663][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  138.574434][ T6807] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  138.834844][   T29] audit: type=1800 audit(1770873218.585:32): pid=6810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.175" name="lu_gp_id" dev="configfs" ino=13880 res=0 errno=0
[  141.210309][   T29] audit: type=1800 audit(1770873220.965:33): pid=6847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.181" name="lu_gp_id" dev="configfs" ino=14009 res=0 errno=0
[  141.903837][   T29] audit: type=1800 audit(1770873221.665:34): pid=6842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.182" name="lu_gp_id" dev="configfs" ino=14034 res=0 errno=0
[  143.780995][   T29] audit: type=1800 audit(1770873223.505:35): pid=6880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.188" name="lu_gp_id" dev="configfs" ino=13222 res=0 errno=0
[  147.060982][ T6933] Process accounting resumed
[  147.426451][ T6943] Process accounting resumed
[  148.631060][   T29] audit: type=1800 audit(1770873228.395:36): pid=6958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.206" name="lu_gp_id" dev="configfs" ino=14603 res=0 errno=0
[  149.935159][   T29] audit: type=1800 audit(1770873229.705:37): pid=6983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.209" name="lu_gp_id" dev="configfs" ino=14644 res=0 errno=0
[  150.293248][   T29] audit: type=1326 audit(1770873230.055:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6977 comm="syz.2.211" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6fe1d9bf79 code=0x0
[  150.464910][ T6985] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  150.464910][ T6985] The task syz.2.211 (6985) triggered the difference, watch for misbehavior.
[  152.322193][   T29] audit: type=1800 audit(1770873232.085:39): pid=7015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.214" name="lu_gp_id" dev="configfs" ino=14686 res=0 errno=0
[  152.660587][ T7025] FAULT_INJECTION: forcing a failure.
[  152.660587][ T7025] name failslab, interval 1, probability 0, space 0, times 0
[  152.728062][ T7025] CPU: 1 UID: 0 PID: 7025 Comm: syz.3.220 Not tainted syzkaller #0 PREEMPT(full) 
[  152.728102][ T7025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  152.728119][ T7025] Call Trace:
[  152.728129][ T7025]  <TASK>
[  152.728139][ T7025]  dump_stack_lvl+0x100/0x190
[  152.728194][ T7025]  should_fail_ex.cold+0x5/0xa
[  152.728225][ T7025]  should_failslab+0xc2/0x120
[  152.728265][ T7025]  kmem_cache_alloc_lru_noprof+0x8e/0x7d0
[  152.728300][ T7025]  ? __d_alloc+0x34/0xa80
[  152.728340][ T7025]  ? __d_alloc+0x34/0xa80
[  152.728370][ T7025]  __d_alloc+0x34/0xa80
[  152.728408][ T7025]  d_alloc_pseudo+0x1c/0xc0
[  152.728449][ T7025]  alloc_file_pseudo+0xcf/0x230
[  152.728483][ T7025]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  152.728519][ T7025]  ? alloc_fd+0x476/0x790
[  152.728552][ T7025]  sock_alloc_file+0x50/0x210
[  152.728591][ T7025]  __sys_socket+0x1c0/0x260
[  152.728615][ T7025]  ? fput+0x79/0x100
[  152.728647][ T7025]  ? __pfx___sys_socket+0x10/0x10
[  152.728671][ T7025]  ? xfd_validate_state+0x129/0x190
[  152.728715][ T7025]  __x64_sys_socket+0x72/0xb0
[  152.728740][ T7025]  ? lockdep_hardirqs_on+0x78/0x100
[  152.728767][ T7025]  do_syscall_64+0x106/0xf80
[  152.728793][ T7025]  ? clear_bhb_loop+0x40/0x90
[  152.728826][ T7025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.728853][ T7025] RIP: 0033:0x7fa690f9bf79
[  152.728883][ T7025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  152.728909][ T7025] RSP: 002b:00007fa691df3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  152.728939][ T7025] RAX: ffffffffffffffda RBX: 00007fa691215fa0 RCX: 00007fa690f9bf79
[  152.728958][ T7025] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000001
[  152.728973][ T7025] RBP: 00007fa6910327e0 R08: 0000000000000000 R09: 0000000000000000
[  152.728989][ T7025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.729004][ T7025] R13: 00007fa691216038 R14: 00007fa691215fa0 R15: 00007ffd240d1ac8
[  152.729041][ T7025]  </TASK>
[  153.840503][   T29] audit: type=1800 audit(1770873233.605:40): pid=7033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.221" name="lu_gp_id" dev="configfs" ino=15795 res=0 errno=0
[  154.296706][   T29] audit: type=1800 audit(1770873234.065:41): pid=7057 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.222" name="lu_gp_id" dev="configfs" ino=15902 res=0 errno=0
[  157.650371][   T29] audit: type=1800 audit(1770873237.415:42): pid=7098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.234" name="lu_gp_id" dev="configfs" ino=14946 res=0 errno=0
[  158.078095][ T7105] Process accounting resumed
[  159.602231][   T29] audit: type=1800 audit(1770873239.365:43): pid=7131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.239" name="lu_gp_id" dev="configfs" ino=15069 res=0 errno=0
[  160.197751][ T7108] Process accounting paused
[  160.764586][   T29] audit: type=1800 audit(1770873240.525:44): pid=7153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.242" name="lu_gp_id" dev="configfs" ino=15198 res=0 errno=0
[  162.434145][   T29] audit: type=1800 audit(1770873242.195:45): pid=7178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.248" name="lu_gp_id" dev="configfs" ino=15270 res=0 errno=0
[  162.661840][ T7181] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input6
[  163.014162][ T5834] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260
[  163.014197][ T5834] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260
[  163.029039][ T5834] Bluetooth: hci0: Dropping invalid advertising data
[  163.036563][ T5834] Bluetooth: hci0: Dropping invalid advertising data
[  163.043263][ T5834] Bluetooth: hci0: Malformed LE Event: 0x02
[  163.210095][   T29] audit: type=1800 audit(1770873242.975:46): pid=7189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.252" name="lu_gp_id" dev="configfs" ino=15320 res=0 errno=0
[  163.527825][ T7166] Process accounting paused
[  165.472014][   T29] audit: type=1800 audit(1770873245.235:47): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.258" name="lu_gp_id" dev="configfs" ino=16364 res=0 errno=0
[  166.524844][ T7233] Process accounting resumed
[  167.453306][   T29] audit: type=1800 audit(1770873247.215:48): pid=7259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.264" name="lu_gp_id" dev="configfs" ino=17523 res=0 errno=0
[  169.099870][ T7279] Process accounting resumed
[  169.534920][ T7288] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input7
[  169.968082][ T5834] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260
[  169.968118][ T5834] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260
[  169.983338][ T5834] Bluetooth: hci1: Dropping invalid advertising data
[  169.991529][ T5834] Bluetooth: hci1: Dropping invalid advertising data
[  170.004356][ T5834] Bluetooth: hci1: Malformed LE Event: 0x02
[  170.668919][ T7314] Process accounting resumed
[  171.383968][ T7327] Process accounting resumed
[  171.444718][   T29] audit: type=1800 audit(1770873251.215:49): pid=7328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.282" name="lu_gp_id" dev="configfs" ino=16825 res=0 errno=0
[  172.220120][ T7345] Process accounting resumed
[  172.291246][ T7350] sd 0:0:1:0: PR command failed: 1026
[  172.320269][ T7350] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  172.342428][ T7350] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  173.411429][ T7367] Process accounting resumed
[  174.679580][   T29] audit: type=1800 audit(1770873254.445:50): pid=7385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.294" name="lu_gp_id" dev="configfs" ino=16996 res=0 errno=0
[  175.235801][   T29] audit: type=1800 audit(1770873255.005:51): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.296" name="lu_gp_id" dev="configfs" ino=18159 res=0 errno=0
[  175.261509][ T7397] zswap: compressor � not available
[  176.890243][ T7424] Process accounting resumed
[  177.130860][   T29] audit: type=1800 audit(1770873256.895:52): pid=7433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.303" name="lu_gp_id" dev="configfs" ino=18256 res=0 errno=0
[  179.635354][   T29] audit: type=1800 audit(1770873259.405:53): pid=7485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.314" name="lu_gp_id" dev="configfs" ino=17226 res=0 errno=0
[  180.090711][   T29] audit: type=1800 audit(1770873259.845:54): pid=7493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.315" name="lu_gp_id" dev="configfs" ino=17265 res=0 errno=0
[  180.181913][ T7495] FAULT_INJECTION: forcing a failure.
[  180.181913][ T7495] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  180.224507][ T7495] CPU: 0 UID: 0 PID: 7495 Comm: syz.3.319 Not tainted syzkaller #0 PREEMPT(full) 
[  180.224534][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  180.224549][ T7495] Call Trace:
[  180.224554][ T7495]  <TASK>
[  180.224560][ T7495]  dump_stack_lvl+0x100/0x190
[  180.224585][ T7495]  should_fail_ex.cold+0x5/0xa
[  180.224598][ T7495]  ? prepare_alloc_pages+0x16d/0x5f0
[  180.224618][ T7495]  should_fail_alloc_page+0xeb/0x140
[  180.224636][ T7495]  prepare_alloc_pages+0x1f0/0x5f0
[  180.224656][ T7495]  __alloc_frozen_pages_noprof+0x193/0x2410
[  180.224675][ T7495]  ? find_held_lock+0x2b/0x80
[  180.224692][ T7495]  ? is_bpf_text_address+0x8a/0x1a0
[  180.224708][ T7495]  ? is_bpf_text_address+0x8a/0x1a0
[  180.224723][ T7495]  ? bpf_ksym_find+0x124/0x1c0
[  180.224742][ T7495]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  180.224762][ T7495]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  180.224775][ T7495]  ? is_bpf_text_address+0x94/0x1a0
[  180.224791][ T7495]  ? __kernel_text_address+0xd/0x30
[  180.224807][ T7495]  ? unwind_get_return_address+0x59/0xa0
[  180.224836][ T7495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  180.224855][ T7495]  ? policy_nodemask+0xed/0x4f0
[  180.224873][ T7495]  alloc_pages_mpol+0x1fb/0x550
[  180.224890][ T7495]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  180.224904][ T7495]  ? kasan_save_stack+0x30/0x50
[  180.224918][ T7495]  ? __kasan_kmalloc+0xaa/0xb0
[  180.224930][ T7495]  ? __get_vm_area_node+0x101/0x330
[  180.224946][ T7495]  ? __vmalloc_node_range_noprof+0x213/0x1530
[  180.224964][ T7495]  ? __vmalloc_node_noprof+0xad/0xf0
[  180.224981][ T7495]  ? copy_process+0x5ec/0x79b0
[  180.224996][ T7495]  alloc_pages_noprof+0x131/0x390
[  180.225013][ T7495]  get_free_pages_noprof+0x10/0xb0
[  180.225029][ T7495]  __kasan_populate_vmalloc+0xa0/0x210
[  180.225047][ T7495]  alloc_vmap_area+0x935/0x2a00
[  180.225073][ T7495]  ? __pfx_alloc_vmap_area+0x10/0x10
[  180.225095][ T7495]  __get_vm_area_node+0x1ca/0x330
[  180.225116][ T7495]  __vmalloc_node_range_noprof+0x213/0x1530
[  180.225135][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.225150][ T7495]  ? local_lock_release+0x99/0x130
[  180.225176][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.225206][ T7495]  ? rcu_read_unlock+0x17/0x60
[  180.225233][ T7495]  ? obj_cgroup_charge_account+0x46d/0x640
[  180.225266][ T7495]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  180.225302][ T7495]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[  180.225346][ T7495]  ? rcu_is_watching+0x12/0xc0
[  180.225381][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.225408][ T7495]  __vmalloc_node_noprof+0xad/0xf0
[  180.225442][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.225472][ T7495]  copy_process+0x5ec/0x79b0
[  180.225496][ T7495]  ? __pfx_copy_process+0x10/0x10
[  180.225512][ T7495]  ? lockdep_init_map_type+0x5c/0x250
[  180.225528][ T7495]  ? lockdep_init_map_type+0x5c/0x250
[  180.225543][ T7495]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  180.225561][ T7495]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  180.225577][ T7495]  vhost_task_create+0x1db/0x370
[  180.225593][ T7495]  ? __pfx_vhost_task_create+0x10/0x10
[  180.225614][ T7495]  ? __pfx_vhost_task_fn+0x10/0x10
[  180.225632][ T7495]  ? __pfx___mutex_lock+0x10/0x10
[  180.225652][ T7495]  kvm_mmu_post_init_vm+0x1b3/0x370
[  180.225666][ T7495]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  180.225680][ T7495]  ? kvm_vcpu_ioctl+0x150f/0x16d0
[  180.225701][ T7495]  kvm_vcpu_ioctl+0x730/0x16d0
[  180.225720][ T7495]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  180.225737][ T7495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  180.225756][ T7495]  ? do_vfs_ioctl+0x226/0x13e0
[  180.225776][ T7495]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  180.225800][ T7495]  ? find_held_lock+0x2b/0x80
[  180.225817][ T7495]  ? __fget_files+0x215/0x3d0
[  180.225830][ T7495]  ? hook_file_ioctl_common+0x146/0x410
[  180.225849][ T7495]  ? __fget_files+0x21f/0x3d0
[  180.225864][ T7495]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  180.225882][ T7495]  __x64_sys_ioctl+0x18e/0x210
[  180.225903][ T7495]  do_syscall_64+0x106/0xf80
[  180.225916][ T7495]  ? clear_bhb_loop+0x40/0x90
[  180.225933][ T7495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.225946][ T7495] RIP: 0033:0x7fa690f9bf79
[  180.225959][ T7495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  180.225972][ T7495] RSP: 002b:00007fa691df3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  180.225986][ T7495] RAX: ffffffffffffffda RBX: 00007fa691215fa0 RCX: 00007fa690f9bf79
[  180.225995][ T7495] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000004
[  180.226003][ T7495] RBP: 00007fa691df3090 R08: 0000000000000000 R09: 0000000000000000
[  180.226011][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.226019][ T7495] R13: 00007fa691216038 R14: 00007fa691215fa0 R15: 00007ffd240d1ac8
[  180.226037][ T7495]  </TASK>
[  180.226274][ T7495] syz.3.319: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  180.896611][ T7495] CPU: 0 UID: 0 PID: 7495 Comm: syz.3.319 Not tainted syzkaller #0 PREEMPT(full) 
[  180.896645][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  180.896659][ T7495] Call Trace:
[  180.896666][ T7495]  <TASK>
[  180.896676][ T7495]  dump_stack_lvl+0x100/0x190
[  180.896716][ T7495]  warn_alloc.cold+0x95/0x1c1
[  180.896757][ T7495]  ? __pfx_warn_alloc+0x10/0x10
[  180.896783][ T7495]  ? kfree+0x1c7/0x690
[  180.896818][ T7495]  ? __get_vm_area_node+0x2c5/0x330
[  180.896856][ T7495]  ? __get_vm_area_node+0x2c5/0x330
[  180.896885][ T7495]  ? __get_vm_area_node+0x1dc/0x330
[  180.896916][ T7495]  ? __get_vm_area_node+0x208/0x330
[  180.896961][ T7495]  __vmalloc_node_range_noprof+0xbf4/0x1530
[  180.896996][ T7495]  ? local_lock_release+0x99/0x130
[  180.897045][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.897077][ T7495]  ? rcu_read_unlock+0x17/0x60
[  180.897107][ T7495]  ? obj_cgroup_charge_account+0x46d/0x640
[  180.897142][ T7495]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  180.897178][ T7495]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[  180.897219][ T7495]  ? rcu_is_watching+0x12/0xc0
[  180.897255][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.897282][ T7495]  __vmalloc_node_noprof+0xad/0xf0
[  180.897316][ T7495]  ? vhost_task_create+0x1db/0x370
[  180.897349][ T7495]  copy_process+0x5ec/0x79b0
[  180.897392][ T7495]  ? __pfx_copy_process+0x10/0x10
[  180.897422][ T7495]  ? lockdep_init_map_type+0x5c/0x250
[  180.897451][ T7495]  ? lockdep_init_map_type+0x5c/0x250
[  180.897479][ T7495]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  180.897514][ T7495]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  180.897543][ T7495]  vhost_task_create+0x1db/0x370
[  180.897573][ T7495]  ? __pfx_vhost_task_create+0x10/0x10
[  180.897614][ T7495]  ? __pfx_vhost_task_fn+0x10/0x10
[  180.897646][ T7495]  ? __pfx___mutex_lock+0x10/0x10
[  180.897684][ T7495]  kvm_mmu_post_init_vm+0x1b3/0x370
[  180.897710][ T7495]  kvm_arch_vcpu_ioctl_run+0x66/0x1830
[  180.897734][ T7495]  ? kvm_vcpu_ioctl+0x150f/0x16d0
[  180.897774][ T7495]  kvm_vcpu_ioctl+0x730/0x16d0
[  180.897808][ T7495]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  180.897840][ T7495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  180.897876][ T7495]  ? do_vfs_ioctl+0x226/0x13e0
[  180.897913][ T7495]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  180.897960][ T7495]  ? find_held_lock+0x2b/0x80
[  180.897991][ T7495]  ? __fget_files+0x215/0x3d0
[  180.898015][ T7495]  ? hook_file_ioctl_common+0x146/0x410
[  180.898058][ T7495]  ? __fget_files+0x21f/0x3d0
[  180.898088][ T7495]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  180.898122][ T7495]  __x64_sys_ioctl+0x18e/0x210
[  180.898161][ T7495]  do_syscall_64+0x106/0xf80
[  180.898184][ T7495]  ? clear_bhb_loop+0x40/0x90
[  180.898216][ T7495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  180.898240][ T7495] RIP: 0033:0x7fa690f9bf79
[  180.898260][ T7495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  180.898283][ T7495] RSP: 002b:00007fa691df3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  180.898306][ T7495] RAX: ffffffffffffffda RBX: 00007fa691215fa0 RCX: 00007fa690f9bf79
[  180.898323][ T7495] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000004
[  180.898337][ T7495] RBP: 00007fa691df3090 R08: 0000000000000000 R09: 0000000000000000
[  180.898352][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  180.898366][ T7495] R13: 00007fa691216038 R14: 00007fa691215fa0 R15: 00007ffd240d1ac8
[  180.898401][ T7495]  </TASK>
[  180.898421][ T7495] Mem-Info:
[  181.384396][ T7506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.322'.
[  181.444930][ T7495] active_anon:46249 inactive_anon:0 isolated_anon:0
[  181.444930][ T7495]  active_file:13838 inactive_file:40845 isolated_file:0
[  181.444930][ T7495]  unevictable:768 dirty:329 writeback:0
[  181.444930][ T7495]  slab_reclaimable:11155 slab_unreclaimable:91434
[  181.444930][ T7495]  mapped:29110 shmem:35619 pagetables:1204
[  181.444930][ T7495]  sec_pagetables:0 bounce:0
[  181.444930][ T7495]  kernel_misc_reclaimable:0
[  181.444930][ T7495]  free:1283441 free_pcp:19046 free_cma:0
[  181.551121][ T7495] Node 0 active_anon:180496kB inactive_anon:0kB active_file:55352kB inactive_file:163180kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:116940kB dirty:1316kB writeback:0kB shmem:138540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11768kB pagetables:4580kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  181.609497][ T7495] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  181.647543][ T7495] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  181.678917][ T7495] lowmem_reserve[]: 0 2479 2480 2480 2480
[  181.705690][ T7495] Node 0 DMA32 free:1229592kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:178696kB inactive_anon:0kB active_file:55352kB inactive_file:163180kB unevictable:1536kB writepending:1316kB zspages:0kB present:3129332kB managed:2539016kB mlocked:0kB bounce:0kB free_pcp:60448kB local_pcp:29784kB free_cma:0kB
[  181.768262][ T7495] lowmem_reserve[]: 0 0 1 1 1
[  181.774537][ T7495] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1368kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  181.873522][ T7495] lowmem_reserve[]: 0 0 0 0 0
[  181.883718][ T7495] Node 1 Normal free:3888500kB boost:0kB min:55808kB low:69760kB high:83712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:21920kB local_pcp:8928kB free_cma:0kB
[  181.920351][ T7495] lowmem_reserve[]: 0 0 0 0 0
[  181.948882][ T7495] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  181.963030][ T7495] Node 0 DMA32: 4839*4kB (UME) 1872*8kB (UME) 666*16kB (UE) 141*32kB (U) 68*64kB (UM) 74*128kB (UM) 33*256kB (UME) 14*512kB (UM) 2*1024kB (UM) 4*2048kB (UME) 279*4096kB (M) = 1231964kB
[  182.003769][ T7495] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  182.016394][ T7495] Node 1 Normal: 211*4kB (UME) 55*8kB (UME) 49*16kB (UME) 103*32kB (UME) 26*64kB (UME) 8*128kB (UME) 4*256kB (UM) 5*512kB (UME) 2*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3888500kB
[  182.067805][ T7495] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  182.091908][ T7495] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  182.132548][ T7495] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  182.147152][ T7495] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  182.174122][ T7495] 93326 total pagecache pages
[  182.178807][ T7495] 27 pages in swap cache
[  182.183027][ T7495] Free swap  = 124888kB
[  182.200290][ T7495] Total swap = 124996kB
[  182.205747][ T7495] 2097051 pages RAM
[  182.213840][ T7495] 0 pages HighMem/MovableOnly
[  182.229015][ T7495] 430340 pages reserved
[  182.233234][ T7495] 0 pages cma reserved
[  182.700426][ T7533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.328'.
[  184.011418][   T29] audit: type=1800 audit(1770873263.775:55): pid=7556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.329" name="lu_gp_id" dev="configfs" ino=19533 res=0 errno=0
[  184.650127][ T7570] FAULT_INJECTION: forcing a failure.
[  184.650127][ T7570] name failslab, interval 1, probability 0, space 0, times 0
[  184.690156][ T7570] CPU: 0 UID: 0 PID: 7570 Comm: syz.0.333 Not tainted syzkaller #0 PREEMPT(full) 
[  184.690185][ T7570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  184.690194][ T7570] Call Trace:
[  184.690200][ T7570]  <TASK>
[  184.690206][ T7570]  dump_stack_lvl+0x100/0x190
[  184.690232][ T7570]  should_fail_ex.cold+0x5/0xa
[  184.690249][ T7570]  should_failslab+0xc2/0x120
[  184.690267][ T7570]  ? inotify_handle_inode_event+0x1a5/0x6a0
[  184.690286][ T7570]  __kmalloc_noprof+0xf6/0x9c0
[  184.690306][ T7570]  ? kasan_save_stack+0x3f/0x50
[  184.690320][ T7570]  ? kasan_save_stack+0x30/0x50
[  184.690333][ T7570]  ? kasan_record_aux_stack+0xa7/0xc0
[  184.690352][ T7570]  ? task_work_add+0x28b/0x3b0
[  184.690368][ T7570]  ? __fput_deferred+0x168/0x490
[  184.690389][ T7570]  ? inotify_handle_inode_event+0x1a5/0x6a0
[  184.690408][ T7570]  inotify_handle_inode_event+0x1a5/0x6a0
[  184.690431][ T7570]  ? __pfx_inotify_handle_inode_event+0x10/0x10
[  184.690451][ T7570]  fsnotify_handle_inode_event.isra.0+0x1e3/0x410
[  184.690470][ T7570]  fsnotify+0x187d/0x3550
[  184.690490][ T7570]  ? __pfx_fsnotify+0x10/0x10
[  184.690508][ T7570]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  184.690531][ T7570]  __fsnotify_parent+0x704/0xca0
[  184.690551][ T7570]  ? __pfx___fsnotify_parent+0x10/0x10
[  184.690570][ T7570]  ? __pfx___might_resched+0x10/0x10
[  184.690591][ T7570]  ? __fput+0x30d/0xb40
[  184.690606][ T7570]  __fput+0x30d/0xb40
[  184.690628][ T7570]  task_work_run+0x150/0x240
[  184.690645][ T7570]  ? __pfx_task_work_run+0x10/0x10
[  184.690667][ T7570]  exit_to_user_mode_loop+0x100/0x4a0
[  184.690681][ T7570]  ? rcu_is_watching+0x12/0xc0
[  184.690700][ T7570]  do_syscall_64+0x668/0xf80
[  184.690714][ T7570]  ? clear_bhb_loop+0x40/0x90
[  184.690732][ T7570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.690748][ T7570] RIP: 0033:0x7f726af9bf79
[  184.690760][ T7570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  184.690775][ T7570] RSP: 002b:00007f726be91028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  184.690789][ T7570] RAX: 0000000000000000 RBX: 00007f726b216090 RCX: 00007f726af9bf79
[  184.690798][ T7570] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  184.690805][ T7570] RBP: 00007f726b0327e0 R08: 0000000000000000 R09: 0000000000000000
[  184.690821][ T7570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  184.690830][ T7570] R13: 00007f726b216128 R14: 00007f726b216090 R15: 00007ffd61649718
[  184.690849][ T7570]  </TASK>
[  185.224166][ T7575] netlink: 504 bytes leftover after parsing attributes in process `syz.2.334'.
[  185.282125][ T7575] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  185.552540][ T7581] Process accounting resumed
[  185.699827][ T7584] Process accounting resumed
[  187.298629][   T29] audit: type=1800 audit(1770873267.065:56): pid=7618 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.341" name="lu_gp_id" dev="configfs" ino=19197 res=0 errno=0
[  188.806143][   T29] audit: type=1800 audit(1770873268.575:57): pid=7656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.349" name="lu_gp_id" dev="configfs" ino=19262 res=0 errno=0
[  189.619315][   T29] audit: type=1800 audit(1770873269.385:58): pid=7672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.352" name="lu_gp_id" dev="configfs" ino=19325 res=0 errno=0
[  190.080730][ T7675] netlink: 504 bytes leftover after parsing attributes in process `syz.0.355'.
[  190.113270][ T7675] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  191.422638][   T29] audit: type=1800 audit(1770873271.185:59): pid=7707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.366" name="lu_gp_id" dev="configfs" ino=20230 res=0 errno=0
[  191.591392][ T7715] netlink: 504 bytes leftover after parsing attributes in process `syz.3.368'.
[  191.655538][ T7715] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  191.782134][ T7719] netlink: 8 bytes leftover after parsing attributes in process `syz.3.369'.
[  192.794869][ T7736] ecryptfs_miscdev_write: Invalid packet size [192]
[  195.176876][   T29] audit: type=1800 audit(1770873274.945:60): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.378" name="lu_gp_id" dev="configfs" ino=20630 res=0 errno=0
[  195.995590][ T7776] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  196.002769][ T7776] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  196.022340][ T7776] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  196.041172][ T7776] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  196.047324][ T7776] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  196.062469][ T7776] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  196.075492][ T7776] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  196.084109][ T7776] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  196.097896][ T7776] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  196.129333][ T7776] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  196.154340][ T7776] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  196.203543][ T7776] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  196.428414][ T7785] netlink: 8 bytes leftover after parsing attributes in process `syz.1.385'.
[  196.470757][ T7788] FAULT_INJECTION: forcing a failure.
[  196.470757][ T7788] name failslab, interval 1, probability 0, space 0, times 0
[  196.507437][ T7788] CPU: 1 UID: 0 PID: 7788 Comm: syz.3.386 Not tainted syzkaller #0 PREEMPT(full) 
[  196.507471][ T7788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  196.507485][ T7788] Call Trace:
[  196.507493][ T7788]  <TASK>
[  196.507502][ T7788]  dump_stack_lvl+0x100/0x190
[  196.507542][ T7788]  should_fail_ex.cold+0x5/0xa
[  196.507572][ T7788]  should_failslab+0xc2/0x120
[  196.507603][ T7788]  ? read_kcore_iter+0x115b/0x18e0
[  196.507626][ T7788]  __kmalloc_noprof+0xf6/0x9c0
[  196.507662][ T7788]  ? __pfx_down_read+0x10/0x10
[  196.507701][ T7788]  ? read_kcore_iter+0x115b/0x18e0
[  196.507725][ T7788]  read_kcore_iter+0x115b/0x18e0
[  196.507747][ T7788]  ? __lock_acquire+0x4a5/0x2630
[  196.507784][ T7788]  ? __pfx_read_kcore_iter+0x10/0x10
[  196.507827][ T7788]  ? find_held_lock+0x2b/0x80
[  196.507866][ T7788]  ? __lock_acquire+0x4a5/0x2630
[  196.507893][ T7788]  ? is_bpf_text_address+0x94/0x1a0
[  196.507923][ T7788]  ? kernel_text_address+0x8d/0x100
[  196.507953][ T7788]  ? __kernel_text_address+0xd/0x30
[  196.507982][ T7788]  ? unwind_get_return_address+0x59/0xa0
[  196.508029][ T7788]  ? find_held_lock+0x2b/0x80
[  196.508062][ T7788]  ? aa_file_perm+0x268/0x1530
[  196.508092][ T7788]  ? aa_file_perm+0x268/0x1530
[  196.508130][ T7788]  ? aa_file_perm+0x277/0x1530
[  196.508163][ T7788]  ? _kstrtoull+0x13c/0x1f0
[  196.508201][ T7788]  ? __pfx__kstrtoull+0x10/0x10
[  196.508235][ T7788]  ? __pfx_aa_file_perm+0x10/0x10
[  196.508278][ T7788]  ? proc_reg_read_iter+0x11b/0x310
[  196.508311][ T7788]  proc_reg_read_iter+0x11b/0x310
[  196.508352][ T7788]  do_iter_readv_writev+0x60d/0x920
[  196.508393][ T7788]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  196.508430][ T7788]  ? common_file_perm+0x1ab/0x4f0
[  196.508466][ T7788]  ? rw_verify_area+0xce/0x6d0
[  196.508507][ T7788]  vfs_readv+0x4d3/0x8d0
[  196.508540][ T7788]  ? __pfx_vfs_readv+0x10/0x10
[  196.508580][ T7788]  ? find_held_lock+0x2b/0x80
[  196.508634][ T7788]  ? __fget_files+0x21f/0x3d0
[  196.508670][ T7788]  ? do_preadv+0x1ac/0x270
[  196.508690][ T7788]  do_preadv+0x1ac/0x270
[  196.508714][ T7788]  ? __pfx_do_preadv+0x10/0x10
[  196.508748][ T7788]  do_syscall_64+0x106/0xf80
[  196.508772][ T7788]  ? clear_bhb_loop+0x40/0x90
[  196.508803][ T7788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.508828][ T7788] RIP: 0033:0x7fa690f9bf79
[  196.508848][ T7788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  196.508872][ T7788] RSP: 002b:00007fa691dd2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  196.508896][ T7788] RAX: ffffffffffffffda RBX: 00007fa691216090 RCX: 00007fa690f9bf79
[  196.508913][ T7788] RDX: 0000000000000005 RSI: 00002000000002c0 RDI: 0000000000000002
[  196.508928][ T7788] RBP: 00007fa691dd2090 R08: 0000008100000001 R09: 0000000000000000
[  196.508943][ T7788] R10: 00000000000000fb R11: 0000000000000246 R12: 0000000000000001
[  196.508958][ T7788] R13: 00007fa691216128 R14: 00007fa691216090 R15: 00007ffd240d1ac8
[  196.508994][ T7788]  </TASK>
[  196.870795][ T7680] Process accounting paused
[  196.910337][ T7771] could not allocate digest TFM handle 
[  198.069582][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  198.077169][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  198.151505][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  198.157620][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  198.849275][   T29] audit: type=1800 audit(1770873278.615:61): pid=7822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.391" name="lu_gp_id" dev="configfs" ino=21596 res=0 errno=0
[  199.359237][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  199.368297][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  199.665652][   T29] audit: type=1800 audit(1770873279.435:62): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.393" name="lu_gp_id" dev="configfs" ino=20981 res=0 errno=0
[  200.144968][ T5829] Bluetooth: hci3: command 0x0c1a tx timeout
[  200.151114][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  200.234390][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  200.240475][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  201.924132][   T29] audit: type=1800 audit(1770873281.255:63): pid=7862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.402" name="lu_gp_id" dev="configfs" ino=21100 res=0 errno=0
[  202.225309][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  202.231426][ T5829] Bluetooth: hci1: command 0x0c1a tx timeout
[  202.304710][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  202.310779][ T5829] Bluetooth: hci2: command 0x0c1a tx timeout
[  202.710234][   T29] audit: type=1800 audit(1770873282.475:64): pid=7865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.411" name="lu_gp_id" dev="configfs" ino=21774 res=0 errno=0
[  202.755512][ T7846] Process accounting paused
[  203.566929][ T7883] Process accounting paused
[  203.860229][   T29] audit: type=1800 audit(1770873283.625:65): pid=7882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.406" name="lu_gp_id" dev="configfs" ino=21828 res=0 errno=0
[  204.129987][   T29] audit: type=1800 audit(1770873283.895:66): pid=7895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.415" name="lu_gp_id" dev="configfs" ino=21171 res=0 errno=0
[  206.730342][   T29] audit: type=1800 audit(1770873286.495:67): pid=7937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.419" name="lu_gp_id" dev="configfs" ino=21984 res=0 errno=0
[  207.659616][   T29] audit: type=1800 audit(1770873287.425:68): pid=7962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.430" name="lu_gp_id" dev="configfs" ino=22052 res=0 errno=0
[  208.462077][ T7966] could not allocate digest TFM handle 
[  209.471456][   T29] audit: type=1800 audit(1770873289.235:69): pid=8000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.434" name="lu_gp_id" dev="configfs" ino=22650 res=0 errno=0
[  210.929154][ T8040] ecryptfs_miscdev_write: Invalid packet size [192]
[  211.060192][ T8042] openvswitch: netlink: Key 12 has unexpected len 4 expected 2
[  211.128865][ T8042] FAULT_INJECTION: forcing a failure.
[  211.128865][ T8042] name failslab, interval 1, probability 0, space 0, times 0
[  211.351820][ T8042] CPU: 1 UID: 0 PID: 8042 Comm: syz.3.443 Not tainted syzkaller #0 PREEMPT(full) 
[  211.351850][ T8042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  211.351859][ T8042] Call Trace:
[  211.351865][ T8042]  <TASK>
[  211.351872][ T8042]  dump_stack_lvl+0x100/0x190
[  211.351897][ T8042]  should_fail_ex.cold+0x5/0xa
[  211.351914][ T8042]  should_failslab+0xc2/0x120
[  211.351936][ T8042]  kmem_cache_alloc_noprof+0x83/0x780
[  211.351953][ T8042]  ? __pfx_map_id_range_down+0x10/0x10
[  211.351970][ T8042]  ? security_inode_alloc+0x3b/0x2c0
[  211.351996][ T8042]  ? security_inode_alloc+0x3b/0x2c0
[  211.352017][ T8042]  security_inode_alloc+0x3b/0x2c0
[  211.352040][ T8042]  inode_init_always_gfp+0xced/0x1040
[  211.352059][ T8042]  alloc_inode+0x8e/0x250
[  211.352078][ T8042]  sock_alloc+0x44/0x280
[  211.352096][ T8042]  ? security_socket_create+0x7f/0x250
[  211.352120][ T8042]  __sock_create+0xc2/0x860
[  211.352145][ T8042]  __sys_socket+0x14d/0x260
[  211.352159][ T8042]  ? __pfx___sys_socket+0x10/0x10
[  211.352179][ T8042]  ? xfd_validate_state+0x129/0x190
[  211.352197][ T8042]  ? __task_pid_nr_ns+0x1f5/0x500
[  211.352216][ T8042]  __x64_sys_socket+0x72/0xb0
[  211.352230][ T8042]  ? lockdep_hardirqs_on+0x78/0x100
[  211.352245][ T8042]  do_syscall_64+0x106/0xf80
[  211.352258][ T8042]  ? clear_bhb_loop+0x40/0x90
[  211.352276][ T8042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.352291][ T8042] RIP: 0033:0x7fa690f9bf79
[  211.352303][ T8042] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  211.352317][ T8042] RSP: 002b:00007fa691df3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  211.352332][ T8042] RAX: ffffffffffffffda RBX: 00007fa691215fa0 RCX: 00007fa690f9bf79
[  211.352341][ T8042] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 080000000000000a
[  211.352349][ T8042] RBP: 00007fa6910327e0 R08: 0000000000000000 R09: 0000000000000000
[  211.352358][ T8042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  211.352366][ T8042] R13: 00007fa691216038 R14: 00007fa691215fa0 R15: 00007ffd240d1ac8
[  211.352385][ T8042]  </TASK>
[  211.352418][ T8042] socket: no more sockets
[  213.048492][ T8086] Process accounting resumed
[  213.164563][   T29] audit: type=1800 audit(1770873292.915:70): pid=8062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.447" name="lu_gp_id" dev="configfs" ino=23554 res=0 errno=0
[  213.425646][ T8100] FAULT_INJECTION: forcing a failure.
[  213.425646][ T8100] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  213.491323][ T8100] CPU: 0 UID: 0 PID: 8100 Comm: syz.2.453 Not tainted syzkaller #0 PREEMPT(full) 
[  213.491357][ T8100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  213.491371][ T8100] Call Trace:
[  213.491379][ T8100]  <TASK>
[  213.491388][ T8100]  dump_stack_lvl+0x100/0x190
[  213.491428][ T8100]  should_fail_ex.cold+0x5/0xa
[  213.491459][ T8100]  _copy_to_iter+0x5a4/0x1720
[  213.491494][ T8100]  ? __pfx__copy_to_iter+0x10/0x10
[  213.491519][ T8100]  ? rcu_is_watching+0x12/0xc0
[  213.491549][ T8100]  ? read_kcore_iter+0x115b/0x18e0
[  213.491573][ T8100]  ? trace_kmalloc+0x83/0xb0
[  213.491601][ T8100]  ? __kmalloc_noprof+0x365/0x9c0
[  213.491634][ T8100]  ? __pfx_down_read+0x10/0x10
[  213.491674][ T8100]  read_kcore_iter+0x15d6/0x18e0
[  213.491697][ T8100]  ? __lock_acquire+0x4a5/0x2630
[  213.491732][ T8100]  ? __pfx_read_kcore_iter+0x10/0x10
[  213.491769][ T8100]  ? find_held_lock+0x2b/0x80
[  213.491805][ T8100]  ? __lock_acquire+0x4a5/0x2630
[  213.491831][ T8100]  ? is_bpf_text_address+0x94/0x1a0
[  213.491860][ T8100]  ? kernel_text_address+0x8d/0x100
[  213.491890][ T8100]  ? __kernel_text_address+0xd/0x30
[  213.491918][ T8100]  ? unwind_get_return_address+0x59/0xa0
[  213.491964][ T8100]  ? find_held_lock+0x2b/0x80
[  213.491996][ T8100]  ? aa_file_perm+0x268/0x1530
[  213.492026][ T8100]  ? aa_file_perm+0x268/0x1530
[  213.492071][ T8100]  ? aa_file_perm+0x277/0x1530
[  213.492106][ T8100]  ? _kstrtoull+0x13c/0x1f0
[  213.492137][ T8100]  ? __pfx__kstrtoull+0x10/0x10
[  213.492171][ T8100]  ? __pfx_aa_file_perm+0x10/0x10
[  213.492213][ T8100]  ? proc_reg_read_iter+0x11b/0x310
[  213.492245][ T8100]  proc_reg_read_iter+0x11b/0x310
[  213.492282][ T8100]  do_iter_readv_writev+0x60d/0x920
[  213.492326][ T8100]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  213.492364][ T8100]  ? common_file_perm+0x1ab/0x4f0
[  213.492400][ T8100]  ? rw_verify_area+0xce/0x6d0
[  213.492441][ T8100]  vfs_readv+0x4d3/0x8d0
[  213.492474][ T8100]  ? __pfx_vfs_readv+0x10/0x10
[  213.492514][ T8100]  ? find_held_lock+0x2b/0x80
[  213.492569][ T8100]  ? __fget_files+0x21f/0x3d0
[  213.492606][ T8100]  ? do_preadv+0x1ac/0x270
[  213.492626][ T8100]  do_preadv+0x1ac/0x270
[  213.492651][ T8100]  ? __pfx_do_preadv+0x10/0x10
[  213.492685][ T8100]  do_syscall_64+0x106/0xf80
[  213.492710][ T8100]  ? clear_bhb_loop+0x40/0x90
[  213.492741][ T8100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.492766][ T8100] RIP: 0033:0x7f6fe1d9bf79
[  213.492787][ T8100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  213.492810][ T8100] RSP: 002b:00007f6fe2c4b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  213.492835][ T8100] RAX: ffffffffffffffda RBX: 00007f6fe2016090 RCX: 00007f6fe1d9bf79
[  213.492852][ T8100] RDX: 0000000000000005 RSI: 00002000000002c0 RDI: 0000000000000002
[  213.492868][ T8100] RBP: 00007f6fe2c4b090 R08: 0000008100000001 R09: 0000000000000000
[  213.492884][ T8100] R10: 00000000000000fb R11: 0000000000000246 R12: 0000000000000001
[  213.492899][ T8100] R13: 00007f6fe2016128 R14: 00007f6fe2016090 R15: 00007ffd767d9688
[  213.492935][ T8100]  </TASK>
[  213.556311][ T8098] zswap: compressor � not available
[  214.311037][ T8113] netlink: 342 bytes leftover after parsing attributes in process `syz.0.457'.
[  214.362443][ T8113] netlink: 342 bytes leftover after parsing attributes in process `syz.0.457'.
[  214.449914][ T8114] Process accounting resumed
[  215.308695][ T8138] netlink: 28 bytes leftover after parsing attributes in process `syz.2.463'.
[  215.318647][ T8138] veth1_macvtap: left promiscuous mode
[  215.324252][ T8138] macsec0: entered promiscuous mode
[  215.340095][ T8138] macsec0: entered allmulticast mode
[  215.960312][   T29] audit: type=1800 audit(1770873295.725:71): pid=8147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.460" name="lu_gp_id" dev="configfs" ino=23102 res=0 errno=0
[  216.692478][ T8132] Process accounting paused
[  218.213604][ T8174] program syz.2.472 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  218.303116][ T8179] FAULT_INJECTION: forcing a failure.
[  218.303116][ T8179] name failslab, interval 1, probability 0, space 0, times 0
[  218.324296][ T8179] CPU: 1 UID: 0 PID: 8179 Comm: syz.1.474 Not tainted syzkaller #0 PREEMPT(full) 
[  218.324334][ T8179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  218.324350][ T8179] Call Trace:
[  218.324360][ T8179]  <TASK>
[  218.324370][ T8179]  dump_stack_lvl+0x100/0x190
[  218.324414][ T8179]  should_fail_ex.cold+0x5/0xa
[  218.324445][ T8179]  should_failslab+0xc2/0x120
[  218.324481][ T8179]  ? process_vm_rw_core.constprop.0+0x1d7/0x950
[  218.324520][ T8179]  __kmalloc_noprof+0xf6/0x9c0
[  218.324572][ T8179]  ? process_vm_rw_core.constprop.0+0x1d7/0x950
[  218.324601][ T8179]  process_vm_rw_core.constprop.0+0x1d7/0x950
[  218.324635][ T8179]  ? futex_unqueue+0x13d/0x2c0
[  218.324691][ T8179]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[  218.324727][ T8179]  ? import_ubuf+0x1b6/0x220
[  218.324769][ T8179]  ? iovec_from_user+0xbb/0x140
[  218.324803][ T8179]  process_vm_rw+0x226/0x2d0
[  218.324836][ T8179]  ? __pfx_process_vm_rw+0x10/0x10
[  218.324876][ T8179]  ? ksys_write+0x190/0x250
[  218.324933][ T8179]  ? xfd_validate_state+0x129/0x190
[  218.324973][ T8179]  __x64_sys_process_vm_readv+0xe2/0x1c0
[  218.325004][ T8179]  ? do_syscall_64+0x95/0xf80
[  218.325031][ T8179]  ? lockdep_hardirqs_on+0x78/0x100
[  218.325058][ T8179]  do_syscall_64+0x106/0xf80
[  218.325082][ T8179]  ? clear_bhb_loop+0x40/0x90
[  218.325116][ T8179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.325141][ T8179] RIP: 0033:0x7f75ccd9bf79
[  218.325162][ T8179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.325189][ T8179] RSP: 002b:00007f75cdd3a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[  218.325215][ T8179] RAX: ffffffffffffffda RBX: 00007f75cd015fa0 RCX: 00007f75ccd9bf79
[  218.325233][ T8179] RDX: 0000040000000001 RSI: 0000200000000000 RDI: 0000000000000000
[  218.325250][ T8179] RBP: 00007f75cce327e0 R08: 0000000000000004 R09: 0000000000000000
[  218.325266][ T8179] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[  218.325282][ T8179] R13: 00007f75cd016038 R14: 00007f75cd015fa0 R15: 00007ffc43e147e8
[  218.325319][ T8179]  </TASK>
[  218.627838][ T8185] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[8185]
[  218.728067][ T8185] FAULT_INJECTION: forcing a failure.
[  218.728067][ T8185] name fail_futex, interval 1, probability 0, space 0, times 1
[  218.854226][ T8185] CPU: 0 UID: 0 PID: 8185 Comm: syz.1.474 Not tainted syzkaller #0 PREEMPT(full) 
[  218.854263][ T8185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  218.854280][ T8185] Call Trace:
[  218.854289][ T8185]  <TASK>
[  218.854300][ T8185]  dump_stack_lvl+0x100/0x190
[  218.854344][ T8185]  should_fail_ex.cold+0x5/0xa
[  218.854382][ T8185]  get_futex_key+0x1d2/0x1620
[  218.854431][ T8185]  ? __pfx_get_futex_key+0x10/0x10
[  218.854486][ T8185]  futex_wake+0xea/0x530
[  218.854517][ T8185]  ? kasan_quarantine_put+0x104/0x240
[  218.854546][ T8185]  ? __pfx_futex_wake+0x10/0x10
[  218.854581][ T8185]  ? fd_install+0x223/0x580
[  218.854607][ T8185]  ? putname+0xb1/0x110
[  218.854645][ T8185]  do_futex+0x32b/0x350
[  218.854672][ T8185]  ? __pfx_do_futex+0x10/0x10
[  218.854695][ T8185]  ? __pfx_do_sys_openat2+0x10/0x10
[  218.854733][ T8185]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  218.854774][ T8185]  __x64_sys_futex+0x34f/0x4d0
[  218.854802][ T8185]  ? __x64_sys_openat+0x12d/0x210
[  218.854838][ T8185]  ? __pfx___x64_sys_futex+0x10/0x10
[  218.854866][ T8185]  ? xfd_validate_state+0x129/0x190
[  218.854913][ T8185]  do_syscall_64+0x106/0xf80
[  218.854940][ T8185]  ? clear_bhb_loop+0x40/0x90
[  218.854974][ T8185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.855002][ T8185] RIP: 0033:0x7f75ccd9bf79
[  218.855025][ T8185] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.855052][ T8185] RSP: 002b:00007f75cdd190e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  218.855079][ T8185] RAX: ffffffffffffffda RBX: 00007f75cd016098 RCX: 00007f75ccd9bf79
[  218.855097][ T8185] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f75cd01609c
[  218.855115][ T8185] RBP: 00007f75cd016090 R08: 0000000000000000 R09: 0000000000000000
[  218.855133][ T8185] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000000
[  218.855149][ T8185] R13: 00007f75cd016128 R14: 00007ffc43e14700 R15: 00007ffc43e147e8
[  218.855187][ T8185]  </TASK>
[  219.634813][ T8192] random: crng reseeded on system resumption
[  220.115874][   T29] audit: type=1800 audit(1770873299.885:72): pid=8212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.479" name="lu_gp_id" dev="configfs" ino=23296 res=0 errno=0
[  220.588926][ T8219] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 8 out of range (51000000..2150000000)
[  221.034894][ T8229] FAULT_INJECTION: forcing a failure.
[  221.034894][ T8229] name fail_futex, interval 1, probability 0, space 0, times 0
[  221.048129][ T8229] CPU: 1 UID: 0 PID: 8229 Comm: syz.1.485 Not tainted syzkaller #0 PREEMPT(full) 
[  221.048161][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  221.048175][ T8229] Call Trace:
[  221.048183][ T8229]  <TASK>
[  221.048192][ T8229]  dump_stack_lvl+0x100/0x190
[  221.048239][ T8229]  should_fail_ex.cold+0x5/0xa
[  221.048268][ T8229]  get_futex_key+0x1d2/0x1620
[  221.048311][ T8229]  ? __pfx_get_futex_key+0x10/0x10
[  221.048350][ T8229]  ? futex_private_hash+0x198/0x470
[  221.048387][ T8229]  ? futex_private_hash+0x324/0x470
[  221.048429][ T8229]  futex_wait_multiple_setup+0x106/0x720
[  221.048471][ T8229]  futex_wait_multiple+0xe5/0x460
[  221.048507][ T8229]  ? __pfx_futex_wait_multiple+0x10/0x10
[  221.048536][ T8229]  ? __fget_files+0x215/0x3d0
[  221.048571][ T8229]  __do_sys_futex_waitv+0x269/0x2c0
[  221.048600][ T8229]  ? __pfx___do_sys_futex_waitv+0x10/0x10
[  221.048627][ T8229]  ? native_tss_update_io_bitmap+0x3d6/0x740
[  221.048680][ T8229]  do_syscall_64+0x106/0xf80
[  221.048704][ T8229]  ? clear_bhb_loop+0x40/0x90
[  221.048734][ T8229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.048759][ T8229] RIP: 0033:0x7f75ccd9bf79
[  221.048779][ T8229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.048802][ T8229] RSP: 002b:00007f75cdd3a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1
[  221.048826][ T8229] RAX: ffffffffffffffda RBX: 00007f75cd015fa0 RCX: 00007f75ccd9bf79
[  221.048842][ T8229] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000
[  221.048857][ T8229] RBP: 00007f75cdd3a090 R08: 000000000000623d R09: 0000000000000000
[  221.048872][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.048886][ T8229] R13: 00007f75cd016038 R14: 00007f75cd015fa0 R15: 00007ffc43e147e8
[  221.048921][ T8229]  </TASK>
[  221.562189][ T8230] Process accounting resumed
[  221.794762][ T8234] Process accounting resumed
[  222.667505][ T8248] FAULT_INJECTION: forcing a failure.
[  222.667505][ T8248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  222.694247][ T8248] CPU: 0 UID: 0 PID: 8248 Comm: syz.3.490 Not tainted syzkaller #0 PREEMPT(full) 
[  222.694279][ T8248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  222.694292][ T8248] Call Trace:
[  222.694300][ T8248]  <TASK>
[  222.694309][ T8248]  dump_stack_lvl+0x100/0x190
[  222.694348][ T8248]  should_fail_ex.cold+0x5/0xa
[  222.694376][ T8248]  _copy_to_user+0x32/0xd0
[  222.694405][ T8248]  simple_read_from_buffer+0xcb/0x170
[  222.694446][ T8248]  proc_fail_nth_read+0x1af/0x230
[  222.694476][ T8248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.694507][ T8248]  ? rw_verify_area+0xce/0x6d0
[  222.694543][ T8248]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  222.694571][ T8248]  vfs_read+0x1e4/0xb30
[  222.694600][ T8248]  ? __pfx_vfs_read+0x10/0x10
[  222.694624][ T8248]  ? __fget_files+0x215/0x3d0
[  222.694657][ T8248]  ? __fget_files+0x21f/0x3d0
[  222.694693][ T8248]  ksys_read+0x12a/0x250
[  222.694717][ T8248]  ? __pfx_ksys_read+0x10/0x10
[  222.694752][ T8248]  do_syscall_64+0x106/0xf80
[  222.694776][ T8248]  ? clear_bhb_loop+0x40/0x90
[  222.694807][ T8248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.694832][ T8248] RIP: 0033:0x7fa690f5c84e
[  222.694852][ T8248] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  222.694875][ T8248] RSP: 002b:00007fa691dd1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  222.694898][ T8248] RAX: ffffffffffffffda RBX: 00007fa691dd26c0 RCX: 00007fa690f5c84e
[  222.694915][ T8248] RDX: 000000000000000f RSI: 00007fa691dd20a0 RDI: 0000000000000003
[  222.694930][ T8248] RBP: 00007fa691dd2090 R08: 0000000000000000 R09: 0000000000000000
[  222.694945][ T8248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.694959][ T8248] R13: 00007fa691216128 R14: 00007fa691216090 R15: 00007ffd240d1ac8
[  222.694995][ T8248]  </TASK>
[  223.654125][   T29] audit: type=1800 audit(1770873303.405:73): pid=8262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.489" name="lu_gp_id" dev="configfs" ino=24580 res=0 errno=0
[  224.952713][ T8281] ecryptfs_miscdev_write: Invalid packet size [192]
[  226.992110][   T29] audit: type=1800 audit(1770873306.755:74): pid=8314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.505" name="lu_gp_id" dev="configfs" ino=24769 res=0 errno=0
[  227.355850][ T8330] ecryptfs_miscdev_write: Invalid packet size [192]
[  228.100990][   T29] audit: type=1800 audit(1770873307.815:75): pid=8338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.507" name="lu_gp_id" dev="configfs" ino=24360 res=0 errno=0
[  228.253039][ T8334] ecryptfs_miscdev_write: Invalid packet size [192]
[  228.494390][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.2.511'.
[  231.797871][   T29] audit: type=1800 audit(1770873311.565:76): pid=8382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.521" name="lu_gp_id" dev="configfs" ino=24915 res=0 errno=0
[  232.277830][ T8408] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input8
[  233.059449][ T8419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.528'.
[  235.626618][ T8456] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [35]
[  236.147960][   T29] audit: type=1800 audit(1770873315.915:77): pid=8450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.535" name="lu_gp_id" dev="configfs" ino=25687 res=0 errno=0
[  237.059958][ T8480] netlink: 346 bytes leftover after parsing attributes in process `syz.3.540'.
[  237.327371][ T8482] sd 0:0:1:0: PR command failed: 1026
[  237.353620][   T29] audit: type=1800 audit(1770873317.115:78): pid=8487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.546" name="lu_gp_id" dev="configfs" ino=25237 res=0 errno=0
[  237.374551][ T8482] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  237.392308][ T8482] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  237.485865][ T8484] Process accounting resumed
[  238.271704][ T8497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'.
[  238.902609][ T8508] netlink: 28 bytes leftover after parsing attributes in process `syz.2.549'.
[  239.319702][   T29] audit: type=1800 audit(1770873319.085:79): pid=8506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.548" name="lu_gp_id" dev="configfs" ino=25872 res=0 errno=0
[  240.869713][ T8541] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [35]
[  242.143541][   T29] audit: type=1800 audit(1770873321.905:80): pid=8565 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.558" name="lu_gp_id" dev="configfs" ino=26102 res=0 errno=0
[  243.222919][ T8578] Process accounting paused
[  243.423579][   T29] audit: type=1800 audit(1770873323.185:81): pid=8585 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.561" name="lu_gp_id" dev="configfs" ino=25521 res=0 errno=0
[  245.090835][ T8610] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input9
[  245.281445][   T29] audit: type=1800 audit(1770873325.045:82): pid=8612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.564" name="lu_gp_id" dev="configfs" ino=26347 res=0 errno=0
[  245.974102][   T29] audit: type=1800 audit(1770873325.725:83): pid=8623 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.567" name="lu_gp_id" dev="configfs" ino=26391 res=0 errno=0
[  247.212068][ T8641] __vm_enough_memory: pid: 8641, comm: syz.0.572, bytes: 4398046511104 not enough memory for the allocation
[  247.980313][ T8650] zswap: compressor � not available
[  248.424195][ T8667] netlink: 4 bytes leftover after parsing attributes in process `syz.0.576'.
[  248.443289][   T29] audit: type=1800 audit(1770873328.205:84): pid=8648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.573" name="lu_gp_id" dev="configfs" ino=26492 res=0 errno=0
[  249.810499][   T29] audit: type=1800 audit(1770873329.575:85): pid=8692 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.587" name="lu_gp_id" dev="configfs" ino=26766 res=0 errno=0
[  250.738152][ T8705] netlink: 28 bytes leftover after parsing attributes in process `syz.3.582'.
[  251.077362][ T8705] bridge_slave_1: left allmulticast mode
[  251.083171][ T8705] bridge_slave_1: left promiscuous mode
[  251.118354][ T8705] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.125267][ T8705] bridge_slave_0: left allmulticast mode
[  251.127961][ T8705] bridge_slave_0: left promiscuous mode
[  251.129356][ T8705] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.285768][ T8733] snd_aloop snd_aloop.0: Parsing timer source '
' failed with -22
[  252.314837][ T8721] Process accounting paused
[  252.514613][ T8723] Process accounting paused
[  252.852204][ T8742] ecryptfs_miscdev_write: Invalid packet size [192]
[  253.114692][   T29] audit: type=1800 audit(1770873332.885:86): pid=8740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.592" name="lu_gp_id" dev="configfs" ino=27842 res=0 errno=0
[  254.167943][   T29] audit: type=1800 audit(1770873333.925:87): pid=8773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.593" name="lu_gp_id" dev="configfs" ino=27882 res=0 errno=0
[  254.710982][   T29] audit: type=1800 audit(1770873334.475:88): pid=8784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.605" name="dbroot" dev="configfs" ino=27902 res=0 errno=0
[  255.924930][ T8807] vhci_hcd vhci_hcd.2: invalid port number 16
[  255.931881][ T8807] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  256.296136][   T29] audit: type=1800 audit(1770873336.065:89): pid=8801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.600" name="lu_gp_id" dev="configfs" ino=27957 res=0 errno=0
[  257.653089][   T29] audit: type=1800 audit(1770873337.415:90): pid=8838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.609" name="dbroot" dev="configfs" ino=28009 res=0 errno=0
[  257.979023][   T29] audit: type=1800 audit(1770873337.745:91): pid=8843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.606" name="lu_gp_id" dev="configfs" ino=27134 res=0 errno=0
[  258.949652][ T8853] Process accounting resumed
[  260.787829][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  260.794233][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  265.773597][   T29] audit: type=1800 audit(1770873345.535:92): pid=8931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.624" name="lu_gp_id" dev="configfs" ino=28674 res=0 errno=0
[  267.581207][   T29] audit: type=1800 audit(1770873347.345:93): pid=8962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.630" name="lu_gp_id" dev="configfs" ino=28692 res=0 errno=0
[  267.865242][ T8960] Process accounting paused
[  268.994722][   T29] audit: type=1800 audit(1770873348.755:94): pid=8984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.636" name="lu_gp_id" dev="configfs" ino=28534 res=0 errno=0
[  271.104105][   T29] audit: type=1800 audit(1770873350.825:95): pid=9030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.646" name="lu_gp_id" dev="configfs" ino=28956 res=0 errno=0
[  271.416186][   T29] audit: type=1800 audit(1770873351.175:96): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.655" name="lu_gp_id" dev="configfs" ino=28962 res=0 errno=0
[  271.743789][ T9041] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  271.985202][ T9047] FAULT_INJECTION: forcing a failure.
[  271.985202][ T9047] name fail_futex, interval 1, probability 0, space 0, times 0
[  272.002180][ T9047] CPU: 1 UID: 0 PID: 9047 Comm: syz.1.653 Not tainted syzkaller #0 PREEMPT(full) 
[  272.002211][ T9047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  272.002226][ T9047] Call Trace:
[  272.002233][ T9047]  <TASK>
[  272.002241][ T9047]  dump_stack_lvl+0x100/0x190
[  272.002280][ T9047]  should_fail_ex.cold+0x5/0xa
[  272.002309][ T9047]  get_futex_key+0x295/0x1620
[  272.002350][ T9047]  ? __pfx_get_futex_key+0x10/0x10
[  272.002387][ T9047]  ? futex_private_hash+0x198/0x470
[  272.002423][ T9047]  ? futex_private_hash+0x324/0x470
[  272.002461][ T9047]  futex_wait_multiple_setup+0x106/0x720
[  272.002501][ T9047]  futex_wait_multiple+0xe5/0x460
[  272.002530][ T9047]  ? __pfx_futex_wait_multiple+0x10/0x10
[  272.002557][ T9047]  ? __fget_files+0x215/0x3d0
[  272.002588][ T9047]  __do_sys_futex_waitv+0x269/0x2c0
[  272.002615][ T9047]  ? __pfx___do_sys_futex_waitv+0x10/0x10
[  272.002637][ T9047]  ? native_tss_update_io_bitmap+0x3d6/0x740
[  272.002684][ T9047]  do_syscall_64+0x106/0xf80
[  272.002708][ T9047]  ? clear_bhb_loop+0x40/0x90
[  272.002744][ T9047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.002768][ T9047] RIP: 0033:0x7f75ccd9bf79
[  272.002787][ T9047] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  272.002810][ T9047] RSP: 002b:00007f75cdd3a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1
[  272.002832][ T9047] RAX: ffffffffffffffda RBX: 00007f75cd015fa0 RCX: 00007f75ccd9bf79
[  272.002847][ T9047] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000
[  272.002862][ T9047] RBP: 00007f75cdd3a090 R08: 000000000000623d R09: 0000000000000000
[  272.002876][ T9047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.002889][ T9047] R13: 00007f75cd016038 R14: 00007f75cd015fa0 R15: 00007ffc43e147e8
[  272.002921][ T9047]  </TASK>
[  272.261693][ T9049] Process accounting resumed
[  272.950755][   T29] audit: type=1800 audit(1770873352.715:97): pid=9068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.654" name="lu_gp_id" dev="configfs" ino=29029 res=0 errno=0
[  273.476799][ T9060] Process accounting resumed
[  273.719990][ T9079] Process accounting resumed
[  276.166313][ T9137] Process accounting resumed
[  277.956808][   T29] audit: type=1800 audit(1770873357.715:98): pid=9163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.676" name="lu_gp_id" dev="configfs" ino=30146 res=0 errno=0
[  282.082431][   T29] audit: type=1800 audit(1770873361.835:99): pid=9203 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.691" name="lu_gp_id" dev="configfs" ino=29387 res=0 errno=0
[  282.395331][ T9230] FAULT_INJECTION: forcing a failure.
[  282.395331][ T9230] name failslab, interval 1, probability 0, space 0, times 0
[  282.495089][ T9230] CPU: 0 UID: 0 PID: 9230 Comm: syz.3.694 Not tainted syzkaller #0 PREEMPT(full) 
[  282.495110][ T9230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  282.495119][ T9230] Call Trace:
[  282.495124][ T9230]  <TASK>
[  282.495130][ T9230]  dump_stack_lvl+0x100/0x190
[  282.495158][ T9230]  should_fail_ex.cold+0x5/0xa
[  282.495175][ T9230]  should_failslab+0xc2/0x120
[  282.495194][ T9230]  kmem_cache_alloc_noprof+0x83/0x780
[  282.495219][ T9230]  ? __mpol_dup+0x74/0x370
[  282.495241][ T9230]  ? __mpol_dup+0x74/0x370
[  282.495257][ T9230]  __mpol_dup+0x74/0x370
[  282.495274][ T9230]  ? __pfx___mpol_dup+0x10/0x10
[  282.495292][ T9230]  ? anon_vma_name+0x81/0x2c0
[  282.495311][ T9230]  vma_dup_policy+0x42/0xb0
[  282.495328][ T9230]  __split_vma+0x35e/0xe30
[  282.495351][ T9230]  ? __pfx___split_vma+0x10/0x10
[  282.495376][ T9230]  ? __pfx_mas_prev+0x10/0x10
[  282.495396][ T9230]  vms_gather_munmap_vmas+0x3aa/0x1320
[  282.495420][ T9230]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  282.495444][ T9230]  ? mas_walk+0x6ef/0x9b0
[  282.495470][ T9230]  __mmap_region+0x46e/0x2820
[  282.495486][ T9230]  ? __pfx___mmap_region+0x10/0x10
[  282.495506][ T9230]  ? lock_acquire+0x17c/0x330
[  282.495520][ T9230]  ? find_held_lock+0x2b/0x80
[  282.495536][ T9230]  ? finish_task_switch.isra.0+0x200/0xb80
[  282.495556][ T9230]  ? finish_task_switch.isra.0+0x200/0xb80
[  282.495576][ T9230]  ? rcu_is_watching+0x12/0xc0
[  282.495592][ T9230]  ? finish_task_switch.isra.0+0x205/0xb80
[  282.495612][ T9230]  ? finish_task_switch.isra.0+0x2c6/0xb80
[  282.495666][ T9230]  ? rcu_is_watching+0x12/0xc0
[  282.495686][ T9230]  mmap_region+0x180/0x3e0
[  282.495703][ T9230]  do_mmap+0xc63/0x12f0
[  282.495725][ T9230]  ? __pfx_do_mmap+0x10/0x10
[  282.495742][ T9230]  ? __pfx_down_write_killable+0x10/0x10
[  282.495761][ T9230]  vm_mmap_pgoff+0x29e/0x470
[  282.495782][ T9230]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  282.495803][ T9230]  ? __x64_sys_futex+0x34f/0x4d0
[  282.495816][ T9230]  ? __x64_sys_futex+0x358/0x4d0
[  282.495831][ T9230]  ksys_mmap_pgoff+0x7d/0x5b0
[  282.495851][ T9230]  __x64_sys_mmap+0x125/0x190
[  282.495870][ T9230]  do_syscall_64+0x106/0xf80
[  282.495883][ T9230]  ? clear_bhb_loop+0x40/0x90
[  282.495899][ T9230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.495939][ T9230] RIP: 0033:0x7fa690f9bf79
[  282.495951][ T9230] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  282.495964][ T9230] RSP: 002b:00007fa691db1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  282.495978][ T9230] RAX: ffffffffffffffda RBX: 00007fa691216180 RCX: 00007fa690f9bf79
[  282.495987][ T9230] RDX: 00000000000000e3 RSI: 0000000000000007 RDI: 0000000000000000
[  282.495995][ T9230] RBP: 00007fa6910327e0 R08: 0000000000000002 R09: 0000000000008000
[  282.496003][ T9230] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  282.496011][ T9230] R13: 00007fa691216218 R14: 00007fa691216180 R15: 00007ffd240d1ac8
[  282.496030][ T9230]  </TASK>
[  284.338683][   T29] audit: type=1800 audit(1770873364.105:100): pid=9256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.697" name="lu_gp_id" dev="configfs" ino=30474 res=0 errno=0
[  286.354956][   T29] audit: type=1800 audit(1770873366.115:101): pid=9282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.712" name="lu_gp_id" dev="configfs" ino=29521 res=0 errno=0
[  288.789232][   T29] audit: type=1800 audit(1770873368.555:102): pid=9319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.713" name="lu_gp_id" dev="configfs" ino=29592 res=0 errno=0
[  290.865767][ T9342] netlink: 302 bytes leftover after parsing attributes in process `syz.2.719'.
[  291.244987][ T9346] netlink: 16 bytes leftover after parsing attributes in process `syz.0.720'.
[  291.299787][ T9346] mac80211_hwsim hwsim5 wlan1: entered promiscuous mode
[  291.312582][ T9348] FAULT_INJECTION: forcing a failure.
[  291.312582][ T9348] name failslab, interval 1, probability 0, space 0, times 0
[  291.314194][ T9346] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  291.351177][ T9348] CPU: 0 UID: 0 PID: 9348 Comm: syz.2.729 Not tainted syzkaller #0 PREEMPT(full) 
[  291.351218][ T9348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  291.351235][ T9348] Call Trace:
[  291.351245][ T9348]  <TASK>
[  291.351255][ T9348]  dump_stack_lvl+0x100/0x190
[  291.351312][ T9348]  should_fail_ex.cold+0x5/0xa
[  291.351345][ T9348]  should_failslab+0xc2/0x120
[  291.351378][ T9348]  kmem_cache_alloc_noprof+0x83/0x780
[  291.351408][ T9348]  ? lockdep_init_map_type+0x5c/0x250
[  291.351437][ T9348]  ? copy_process+0x72ff/0x79b0
[  291.351470][ T9348]  ? copy_process+0x72ff/0x79b0
[  291.351495][ T9348]  copy_process+0x72ff/0x79b0
[  291.351539][ T9348]  ? __pfx_copy_process+0x10/0x10
[  291.351566][ T9348]  ? find_held_lock+0x2b/0x80
[  291.351608][ T9348]  ? futex_private_hash_put+0x107/0x1c0
[  291.351656][ T9348]  kernel_clone+0xfc/0x930
[  291.351685][ T9348]  ? __pfx_kernel_clone+0x10/0x10
[  291.351733][ T9348]  __do_sys_clone+0xd9/0x120
[  291.351760][ T9348]  ? __pfx___do_sys_clone+0x10/0x10
[  291.351802][ T9348]  ? xfd_validate_state+0x129/0x190
[  291.351847][ T9348]  do_syscall_64+0x106/0xf80
[  291.351875][ T9348]  ? clear_bhb_loop+0x40/0x90
[  291.351909][ T9348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.351935][ T9348] RIP: 0033:0x7f6fe1d9bf79
[  291.351957][ T9348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  291.351984][ T9348] RSP: 002b:00007f6fe2c6c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  291.352011][ T9348] RAX: ffffffffffffffda RBX: 00007f6fe2015fa0 RCX: 00007f6fe1d9bf79
[  291.352030][ T9348] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  291.352046][ T9348] RBP: 00007f6fe1e327e0 R08: 0000000000000000 R09: 0000000000000000
[  291.352063][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  291.352079][ T9348] R13: 00007f6fe2016038 R14: 00007f6fe2015fa0 R15: 00007ffd767d9688
[  291.352117][ T9348]  </TASK>
[  292.635529][ T9372] futex_wake_op: syz.1.725 tries to shift op by -2048; fix this program
[  292.644457][ T9372] futex_wake_op: syz.1.725 tries to shift op by -2048; fix this program
[  293.490944][   T29] audit: type=1800 audit(1770873373.245:103): pid=9384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.724" name="lu_gp_id" dev="configfs" ino=30923 res=0 errno=0
[  293.910471][ T9390] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0
[  293.967557][ T9392] Process accounting resumed
[  295.055312][ T9415] Process accounting resumed
[  295.329789][ T9425] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0
[  295.417964][ T9423] netlink: 354 bytes leftover after parsing attributes in process `syz.0.738'.
[  296.097351][ T9440] Process accounting resumed
[  296.537112][   T29] audit: type=1800 audit(1770873376.305:104): pid=9433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.740" name="lu_gp_id" dev="configfs" ino=31873 res=0 errno=0
[  298.211489][ T9464] syz.1.753 uses obsolete (PF_INET,SOCK_PACKET)
[  300.452704][ T9520] netlink: 28 bytes leftover after parsing attributes in process `syz.2.765'.
[  300.883748][ T9535] FAULT_INJECTION: forcing a failure.
[  300.883748][ T9535] name failslab, interval 1, probability 0, space 0, times 0
[  300.899077][ T9535] CPU: 0 UID: 0 PID: 9535 Comm: syz.3.769 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  300.899113][ T9535] Tainted: [L]=SOFTLOCKUP
[  300.899122][ T9535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  300.899135][ T9535] Call Trace:
[  300.899143][ T9535]  <TASK>
[  300.899153][ T9535]  dump_stack_lvl+0x100/0x190
[  300.899191][ T9535]  should_fail_ex.cold+0x5/0xa
[  300.899217][ T9535]  should_failslab+0xc2/0x120
[  300.899245][ T9535]  ? udp_init_sock+0x24e/0x450
[  300.899267][ T9535]  __kmalloc_noprof+0xf6/0x9c0
[  300.899311][ T9535]  ? udp_init_sock+0x24e/0x450
[  300.899335][ T9535]  udp_init_sock+0x24e/0x450
[  300.899358][ T9535]  ? __pfx_udp_init_sock+0x10/0x10
[  300.899386][ T9535]  inet_create+0x94c/0x1060
[  300.899409][ T9535]  ? inet_create+0x94/0x1060
[  300.899437][ T9535]  __sock_create+0x339/0x860
[  300.899483][ T9535]  udp_sock_create4+0xa6/0x450
[  300.899515][ T9535]  ? __pfx_udp_sock_create4+0x10/0x10
[  300.899551][ T9535]  ? lockdep_hardirqs_on+0x78/0x100
[  300.899573][ T9535]  ? crng_make_state+0x2b0/0x6c0
[  300.899609][ T9535]  rxrpc_open_socket+0x4ef/0x6b0
[  300.899644][ T9535]  ? __pfx_rxrpc_open_socket+0x10/0x10
[  300.899696][ T9535]  ? rcu_is_watching+0x12/0xc0
[  300.899729][ T9535]  rxrpc_lookup_local+0xac7/0x1220
[  300.899771][ T9535]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[  300.899810][ T9535]  ? __local_bh_enable_ip+0x9e/0x120
[  300.899850][ T9535]  rxrpc_sendmsg+0x34a/0x680
[  300.899880][ T9535]  sock_write_iter+0x566/0x610
[  300.899927][ T9535]  ? __pfx_sock_write_iter+0x10/0x10
[  300.899979][ T9535]  ? bpf_lsm_file_permission+0x9/0x10
[  300.900008][ T9535]  ? security_file_permission+0x76/0x210
[  300.900038][ T9535]  ? rw_verify_area+0xce/0x6d0
[  300.900080][ T9535]  vfs_write+0x6ac/0x1070
[  300.900106][ T9535]  ? __pfx_sock_write_iter+0x10/0x10
[  300.900148][ T9535]  ? __pfx_vfs_write+0x10/0x10
[  300.900172][ T9535]  ? find_held_lock+0x2b/0x80
[  300.900229][ T9535]  ksys_write+0x1f8/0x250
[  300.900254][ T9535]  ? __pfx_ksys_write+0x10/0x10
[  300.900290][ T9535]  do_syscall_64+0x106/0xf80
[  300.900314][ T9535]  ? clear_bhb_loop+0x40/0x90
[  300.900345][ T9535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.900370][ T9535] RIP: 0033:0x7fa690f9bf79
[  300.900391][ T9535] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  300.900415][ T9535] RSP: 002b:00007fa691df3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  300.900440][ T9535] RAX: ffffffffffffffda RBX: 00007fa691215fa0 RCX: 00007fa690f9bf79
[  300.900457][ T9535] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  300.900473][ T9535] RBP: 00007fa6910327e0 R08: 0000000000000000 R09: 0000000000000000
[  300.900489][ T9535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  300.900504][ T9535] R13: 00007fa691216038 R14: 00007fa691215fa0 R15: 00007ffd240d1ac8
[  300.900540][ T9535]  </TASK>
[  301.568138][ T9535] page: refcount:3 mapcount:1 mapping:ffff888022bd1708 index:0x0 pfn:0x3de20
[  301.577535][ T9535] memcg:ffff888058da0d40
[  301.581764][ T9535] aops:shmem_aops ino:1c3
[  301.586085][ T9535] flags: 0xfff6000002002d(locked|referenced|uptodate|lru|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  301.596946][ T9535] raw: 00fff6000002002d ffffea0001442948 ffff88801dab2390 ffff888022bd1708
[  301.605537][ T9535] raw: 0000000000000000 0000000000000000 0000000300000000 ffff888058da0d40
[  301.614109][ T9535] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[  301.621377][ T9535] page_owner tracks the page as allocated
[  301.627610][ T9535] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 9539, tgid 9534 (syz.3.769), ts 301320064029, free_ts 291356703457
[  301.645249][ T9535]  post_alloc_hook+0x1e1/0x250
[  301.650026][ T9535]  get_page_from_freelist+0x111d/0x3140
[  301.655565][ T9535]  __alloc_frozen_pages_noprof+0x26c/0x2410
[  301.661452][ T9535]  alloc_pages_mpol+0x1fb/0x550
[  301.666300][ T9535]  folio_alloc_mpol_noprof+0x36/0x340
[  301.671673][ T9535]  shmem_alloc_folio+0x135/0x160
[  301.676612][ T9535]  shmem_alloc_and_add_folio+0x371/0xd40
[  301.682241][ T9535]  shmem_get_folio_gfp+0x6ab/0x1900
[  301.687431][ T9535]  shmem_fault+0x1f9/0xa20
[  301.691846][ T9535]  __do_fault+0x10d/0x550
[  301.696172][ T9535]  do_fault+0x2db/0x1990
[  301.700416][ T9535]  __handle_mm_fault+0x1807/0x2b50
[  301.705531][ T9535]  handle_mm_fault+0x36d/0xa20
[  301.710297][ T9535]  do_user_addr_fault+0x5a3/0x12f0
[  301.715408][ T9535]  exc_page_fault+0x6f/0xd0
[  301.719908][ T9535]  asm_exc_page_fault+0x26/0x30
[  301.724754][ T9535] page last free pid 9185 tgid 9185 stack trace:
[  301.731066][ T9535]  free_unref_folios+0xb2a/0x1760
[  301.736094][ T9535]  folios_put_refs+0x53c/0x840
[  301.740854][ T9535]  shmem_undo_range+0x5e5/0x1570
[  301.745790][ T9535]  shmem_evict_inode+0x39e/0xbd0
[  301.750724][ T9535]  evict+0x3c2/0xad0
[  301.754620][ T9535]  iput.part.0+0x605/0xf50
[  301.759034][ T9535]  iput+0x35/0x40
[  301.762664][ T9535]  dentry_unlink_inode+0x2a1/0x490
[  301.767771][ T9535]  __dentry_kill+0x1d0/0x600
[  301.772357][ T9535]  finish_dput+0x76/0x480
[  301.776685][ T9535]  dput.part.0+0x456/0x570
[  301.781098][ T9535]  dput+0x1f/0x30
[  301.784728][ T9535]  __fput+0x519/0xb40
[  301.788708][ T9535]  task_work_run+0x150/0x240
[  301.793291][ T9535]  do_exit+0x829/0x2a30
[  301.797440][ T9535]  do_group_exit+0xd5/0x2a0
[  301.802091][ T9535] ------------[ cut here ]------------
[  301.807533][ T9535] kernel BUG at mm/filemap.c:155!
[  301.812573][ T9535] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  301.818810][ T9535] CPU: 1 UID: 0 PID: 9535 Comm: syz.3.769 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.829753][ T9535] Tainted: [L]=SOFTLOCKUP
[  301.834066][ T9535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  301.844114][ T9535] RIP: 0010:filemap_unaccount_folio+0x728/0xb30
[  301.850354][ T9535] Code: 00 48 8b b5 a0 01 00 00 48 89 df e8 b2 7d 03 00 e9 3c fd ff ff e8 98 3e c7 ff 48 c7 c6 80 22 9d 8b 48 89 df e8 89 9a 12 00 90 <0f> 0b e8 81 3e c7 ff 48 c7 c6 20 1d 9d 8b 48 89 df e8 72 9a 12 00
[  301.869954][ T9535] RSP: 0018:ffffc9000b49f208 EFLAGS: 00010093
[  301.876015][ T9535] RAX: 0000000000000000 RBX: ffffea0000f78800 RCX: ffffc9000b49f0ec
[  301.884066][ T9535] RDX: ffff88802daf8000 RSI: ffffffff8251f0a8 RDI: ffff88802daf8484
[  301.892028][ T9535] RBP: ffffea0000f78830 R08: 0000000000000001 R09: 0000000000000000
[  301.899986][ T9535] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888022bd1708
[  301.907946][ T9535] R13: ffffea0000f78808 R14: 0000000000000001 R15: ffffea0000f78818
[  301.915907][ T9535] FS:  0000000000000000(0000) GS:ffff8881246b1000(0000) knlGS:0000000000000000
[  301.924827][ T9535] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  301.931401][ T9535] CR2: 0000000000000000 CR3: 0000000074bf6000 CR4: 00000000003526f0
[  301.939365][ T9535] Call Trace:
[  301.942634][ T9535]  <TASK>
[  301.945554][ T9535]  __filemap_remove_folio+0xae/0x660
[  301.950838][ T9535]  ? __pfx___filemap_remove_folio+0x10/0x10
[  301.956724][ T9535]  ? do_raw_spin_lock+0x128/0x260
[  301.961745][ T9535]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  301.967116][ T9535]  filemap_remove_folio+0xfc/0x270
[  301.972223][ T9535]  truncate_inode_folio+0x49/0x70
[  301.977242][ T9535]  shmem_undo_range+0x3ae/0x1570
[  301.982175][ T9535]  ? __pfx_shmem_undo_range+0x10/0x10
[  301.987536][ T9535]  ? __pfx_stack_trace_save+0x10/0x10
[  301.992916][ T9535]  ? __lock_acquire+0x4a5/0x2630
[  301.997855][ T9535]  ? find_held_lock+0x2b/0x80
[  302.002536][ T9535]  ? is_bpf_text_address+0x8a/0x1a0
[  302.007731][ T9535]  ? percpu_counter_add_batch+0xb9/0x230
[  302.013360][ T9535]  shmem_evict_inode+0x39e/0xbd0
[  302.018292][ T9535]  ? inode_wait_for_writeback+0x171/0x390
[  302.024013][ T9535]  ? __pfx_shmem_evict_inode+0x10/0x10
[  302.029480][ T9535]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  302.035567][ T9535]  ? find_held_lock+0x2b/0x80
[  302.040256][ T9535]  ? evict+0x37e/0xad0
[  302.044320][ T9535]  ? evict+0x37e/0xad0
[  302.048387][ T9535]  ? __pfx_shmem_evict_inode+0x10/0x10
[  302.053849][ T9535]  evict+0x3c2/0xad0
[  302.057749][ T9535]  ? find_held_lock+0x2b/0x80
[  302.062428][ T9535]  ? __pfx_evict+0x10/0x10
[  302.066852][ T9535]  ? iput.part.0+0x5fd/0xf50
[  302.071442][ T9535]  iput.part.0+0x605/0xf50
[  302.075856][ T9535]  ? __pfx_inode_just_drop+0x10/0x10
[  302.081135][ T9535]  iput+0x35/0x40
[  302.084764][ T9535]  dentry_unlink_inode+0x2a1/0x490
[  302.089872][ T9535]  __dentry_kill+0x1d0/0x600
[  302.094458][ T9535]  finish_dput+0x76/0x480
[  302.098808][ T9535]  dput.part.0+0x456/0x570
[  302.103242][ T9535]  dput+0x1f/0x30
[  302.106882][ T9535]  __fput+0x519/0xb40
[  302.110873][ T9535]  ? _raw_spin_unlock_irq+0x23/0x50
[  302.116090][ T9535]  task_work_run+0x150/0x240
[  302.120683][ T9535]  ? __pfx_task_work_run+0x10/0x10
[  302.125798][ T9535]  ? do_raw_spin_unlock+0x145/0x1e0
[  302.130996][ T9535]  do_exit+0x829/0x2a30
[  302.135149][ T9535]  ? __pfx_do_exit+0x10/0x10
[  302.139733][ T9535]  ? do_raw_spin_lock+0x128/0x260
[  302.144751][ T9535]  ? find_held_lock+0x2b/0x80
[  302.149430][ T9535]  ? get_signal+0x7e0/0x21e0
[  302.154020][ T9535]  do_group_exit+0xd5/0x2a0
[  302.158524][ T9535]  get_signal+0x1ec7/0x21e0
[  302.163034][ T9535]  ? __pfx_get_signal+0x10/0x10
[  302.167883][ T9535]  ? do_futex+0x192/0x350
[  302.172212][ T9535]  arch_do_signal_or_restart+0x91/0x770
[  302.177751][ T9535]  ? blkcg_maybe_throttle_current+0x5df/0xeb0
[  302.183820][ T9535]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  302.189970][ T9535]  ? __pfx___x64_sys_futex+0x10/0x10
[  302.195246][ T9535]  ? xfd_validate_state+0x129/0x190
[  302.200442][ T9535]  exit_to_user_mode_loop+0x86/0x4a0
[  302.205726][ T9535]  ? rcu_is_watching+0x12/0xc0
[  302.210486][ T9535]  do_syscall_64+0x668/0xf80
[  302.215072][ T9535]  ? clear_bhb_loop+0x40/0x90
[  302.219749][ T9535]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.225637][ T9535] RIP: 0033:0x7fa690f9bf79
[  302.230049][ T9535] Code: Unable to access opcode bytes at 0x7fa690f9bf4f.
[  302.237052][ T9535] RSP: 002b:00007fa691df30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  302.245455][ T9535] RAX: fffffffffffffe00 RBX: 00007fa691215fa8 RCX: 00007fa690f9bf79
[  302.253417][ T9535] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa691215fa8
[  302.261378][ T9535] RBP: 00007fa691215fa0 R08: 0000000000000000 R09: 0000000000000000
[  302.269336][ T9535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  302.277306][ T9535] R13: 00007fa691216038 R14: 00007ffd240d19e0 R15: 00007ffd240d1ac8
[  302.285287][ T9535]  </TASK>
[  302.288296][ T9535] Modules linked in:
[  302.292202][ T9535] ---[ end trace 0000000000000000 ]---
[  302.297653][ T9535] RIP: 0010:filemap_unaccount_folio+0x728/0xb30
[  302.303898][ T9535] Code: 00 48 8b b5 a0 01 00 00 48 89 df e8 b2 7d 03 00 e9 3c fd ff ff e8 98 3e c7 ff 48 c7 c6 80 22 9d 8b 48 89 df e8 89 9a 12 00 90 <0f> 0b e8 81 3e c7 ff 48 c7 c6 20 1d 9d 8b 48 89 df e8 72 9a 12 00
[  302.323503][ T9535] RSP: 0018:ffffc9000b49f208 EFLAGS: 00010093
[  302.329568][ T9535] RAX: 0000000000000000 RBX: ffffea0000f78800 RCX: ffffc9000b49f0ec
[  302.337532][ T9535] RDX: ffff88802daf8000 RSI: ffffffff8251f0a8 RDI: ffff88802daf8484
[  302.345499][ T9535] RBP: ffffea0000f78830 R08: 0000000000000001 R09: 0000000000000000
[  302.353461][ T9535] R10: 0000000000000001 R11: 0000000000000001 R12: ffff888022bd1708
[  302.361421][ T9535] R13: ffffea0000f78808 R14: 0000000000000001 R15: ffffea0000f78818
[  302.369382][ T9535] FS:  0000000000000000(0000) GS:ffff8881246b1000(0000) knlGS:0000000000000000
[  302.378308][ T9535] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  302.384883][ T9535] CR2: 0000000000000000 CR3: 0000000074bf6000 CR4: 00000000003526f0
[  302.392847][ T9535] Kernel panic - not syncing: Fatal exception
[  302.399224][ T9535] Kernel Offset: disabled
[  302.403533][ T9535] Rebooting in 86400 seconds..