last executing test programs:

5m7.321088835s ago: executing program 1 (id=486):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socket(0x2, 0x80802, 0x0) (rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async, rerun: 32)
socket(0x2, 0x2, 0x0) (async, rerun: 32)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffffff, &(0x7f0000000100)=""/169, 0xa9) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) (async, rerun: 64)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async, rerun: 64)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) (async)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r2 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\t\x00', @ANYRES16=r1, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r2, @ANYBLOB="0c002e010010000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae", @ANYRES8, @ANYRESDEC=r0, @ANYRESDEC=0x0, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) (async)
recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) (async, rerun: 64)
openat$auto_fops_x16_ro_(0xffffffffffffff9c, 0x0, 0x8040, 0x0) (async, rerun: 64)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r3 = socket(0x2, 0x3, 0xa)
getsockopt$auto(r3, 0x0, 0x29, 0x0, &(0x7f0000000600)) (async)
fallocate$auto(0xffffffffffffffff, 0x3, 0x8, 0x2)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async, rerun: 32)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async, rerun: 32)
r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
close_range$auto(0x2, r4, 0x0)
socket(0x10, 0x2, 0x4) (async)
socket(0x10, 0x2, 0xc) (async, rerun: 32)
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) (rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)

5m3.053660007s ago: executing program 1 (id=508):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf2508000300080003fe", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80)

5m2.348726789s ago: executing program 1 (id=511):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
pipe2$auto(0x0, 0x80)
ioctl$auto(0x1, 0x5760, 0xffffffffffffffff)
r0 = openat$auto_output_bpc_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/output_bpc\x00', 0x400101, 0x0)
mmap$auto(0x9, 0xab52, 0x7ffffffa, 0xeb1, r0, 0x7fff)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x106)
getsockopt$auto(0x4, 0x6, 0x1e, 0xfffffffffffffffd, 0x0)

5m1.850994039s ago: executing program 1 (id=514):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFC_CMD_GET_SE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x44110}, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3740, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x3000, 0x9}, 0x7}, 0x3, 0xf00)

5m1.484641797s ago: executing program 1 (id=516):
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r0 = socket(0x15, 0x3, 0x0)
connect$auto(r0, &(0x7f0000000000)=@tipc=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10)
mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x400008, 0x9, 0x1009b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
unshare$auto(0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/au0828/parameters/i2c_scan\x00', 0x102, 0x0)
r1 = socket(0xa, 0x80803, 0x6)
bind$auto(r1, &(0x7f0000000040)=@generic={0xa, "2c551d000000fe8000"}, 0x66)
openat$auto_severities_coverage_fops_severity(0xffffffffffffff9c, 0x0, 0x15bb42, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
select$auto(0x8, 0x0, 0x0, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x8003, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents64$auto(r2, 0x0, 0x40002)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)

4m56.715930709s ago: executing program 1 (id=530):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
r2 = socket(0x10, 0x80002, 0x8)
close_range$auto(r2, r2, 0x0)
pipe$auto(0x0)
splice$auto(r2, 0x0, r1, 0x0, 0x3fb, 0x9)
write$auto(0x6, 0x0, 0x100000001)
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0xffffffffffffffff, 0x29, 0x3, 0x0, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
madvise$auto(0x2000, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r5, 0x1, 0xd, &(0x7f0000000300)='\x00', &(0x7f0000000340)=0x6)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000100)=ANY=[@ANYBLOB="28000000ad16e699c11b08546549e81d35ff98e10ca46744c0a1e488b391f9413391d599b51b55c44a2d7412109ccf313a265c21d142198d33d075", @ANYRES16=r4, @ANYBLOB="01002abd700000dcdf25120000000c00018008000300fbffffff0800060000000000"], 0x28}, 0x1, 0x0, 0x0, 0x2404c804}, 0x4)
close_range$auto(r5, r2, 0x10004)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
lseek$auto(r6, 0x0, 0x1)

4m41.429320645s ago: executing program 32 (id=530):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
fanotify_init$auto(0x65, 0x2)
r2 = socket(0x10, 0x80002, 0x8)
close_range$auto(r2, r2, 0x0)
pipe$auto(0x0)
splice$auto(r2, 0x0, r1, 0x0, 0x3fb, 0x9)
write$auto(0x6, 0x0, 0x100000001)
mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000)
getsockopt$auto(0xffffffffffffffff, 0x29, 0x3, 0x0, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
madvise$auto(0x2000, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r3)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r5, 0x1, 0xd, &(0x7f0000000300)='\x00', &(0x7f0000000340)=0x6)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r3, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000100)=ANY=[@ANYBLOB="28000000ad16e699c11b08546549e81d35ff98e10ca46744c0a1e488b391f9413391d599b51b55c44a2d7412109ccf313a265c21d142198d33d075", @ANYRES16=r4, @ANYBLOB="01002abd700000dcdf25120000000c00018008000300fbffffff0800060000000000"], 0x28}, 0x1, 0x0, 0x0, 0x2404c804}, 0x4)
close_range$auto(r5, r2, 0x10004)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
r6 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
lseek$auto(r6, 0x0, 0x1)

2m18.72846069s ago: executing program 0 (id=1017):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\xef\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\b\x00\x00\x00\x00\x00\x00\x00\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x8)

2m18.573918948s ago: executing program 0 (id=1018):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
set_mempolicy$auto(0x6, &(0x7f0000000240)=0x7fffffffffffffff, 0xcd9)
get_mempolicy$auto(0x0, 0x0, 0x400, 0x7, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x80000000)
unshare$auto(0x4000007c)
mmap$auto(0x1002, 0x9, 0x4, 0x200000eb0, 0x401, 0x701cf82a)
unshare$auto(0x7)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0)
read$auto_ptdump_fops_(0xffffffffffffffff, &(0x7f00000000c0)=""/32, 0x20)
sendfile$auto(r0, r0, 0x0, 0x6)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x5, 0x0, 0x0, &(0x7f00000001c0)={[0x1ff, 0x0, 0x7, 0xfff, 0x948b, 0x0, 0x15f4da0a, 0x3, 0x402, 0x62, 0x6, 0x4, 0x6d41, 0x8, 0xa, 0xfffffffffffffdfa]}, 0x0)
write$auto(r1, &(0x7f0000000400), 0x100000a3d9)
socketpair$auto(0x1, 0x2, 0x10000000, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/sctp/eps\x00', 0x181800, 0x0)
pread64$auto(r2, &(0x7f0000000380)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xae\xa7\xec*\xaeH\x13\xfb)\x8b\xe5\xcf\xd14\x1e\xabFH\xd2,\x99PG\xed(\xca\x80\x02\xf9,\xb2\xd6e\xbe0^\x85\xaco\xd0\xf7QJ\xc3E\xfd\x99lr\x92\xf8\x93\f\x82I^Le\x89\xd3\x7fb\x05\xff', 0x3ef, 0x9)
r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x20, 0x0)
ioctl$auto_I2C_RDWR(r3, 0x707, &(0x7f0000000180)="e123297c")
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/tcp6\x00', 0xc0a00, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x12d)
socket(0x2, 0x4, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0xc)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55)
setpriority$auto(0x2, 0x0, 0x8fffd)
prctl$auto_PR_SYS_DISPATCH_ON(0x7, 0x1, 0x0, 0x0, 0x407)

2m17.01861126s ago: executing program 0 (id=1022):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x4, 0x4000020009, 0xdf, 0x80eb1, r0, 0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
setsockopt$auto(r1, 0x104000000000010e, 0xa, 0x0, 0x400)
r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r1)
sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x107, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x4)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x161000, 0x0)
fallocate$auto(r3, 0x2, 0xc5, 0x800)
r4 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010027bd7000fcdbdf250200000200000000000000006f76737400000000000000007b474054e15aeab279705593368ba655407a99133e0d86fb8f6d6c8b69b175e5f021b54c4bf7e1f44b6a228d4ecbbef489c4943980781fe0fa13f301ee9bcdd4de350aa869c16f7f287a953422f956b889d86677882b92e1db450c02254391dc1529d6e8a6f25f21f4898c92ad959fc1f66534164208620f128e5533ec61afb5ff638c8a3949d69a3478e933e9177cbbba5d284788b1c7a80b2dd5daafaf9eb8ff3a8338ea0a51c563a51f86db233216b5b20f5d5b44e639c7d88c8147e66e0573652361"], 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x4000000)
socket$nl_generic(0x10, 0x3, 0x10) (async)
mmap$auto(0x4, 0x4000020009, 0xdf, 0x80eb1, r0, 0x6) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
setsockopt$auto(r1, 0x104000000000010e, 0xa, 0x0, 0x400) (async)
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), r1) (async)
sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x107, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x4) (async)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x161000, 0x0) (async)
fallocate$auto(r3, 0x2, 0xc5, 0x800) (async)
syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) (async)
sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010027bd7000fcdbdf250200000200000000000000006f76737400000000000000007b474054e15aeab279705593368ba655407a99133e0d86fb8f6d6c8b69b175e5f021b54c4bf7e1f44b6a228d4ecbbef489c4943980781fe0fa13f301ee9bcdd4de350aa869c16f7f287a953422f956b889d86677882b92e1db450c02254391dc1529d6e8a6f25f21f4898c92ad959fc1f66534164208620f128e5533ec61afb5ff638c8a3949d69a3478e933e9177cbbba5d284788b1c7a80b2dd5daafaf9eb8ff3a8338ea0a51c563a51f86db233216b5b20f5d5b44e639c7d88c8147e66e0573652361"], 0x28}, 0x1, 0x0, 0x0, 0x8800}, 0x4000000) (async)

2m16.766330315s ago: executing program 0 (id=1024):
socket(0xa, 0x2, 0x0)
pidfd_open$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x400000)
uname$auto(&(0x7f0000000180)={"ad84726f530323e52242c6a93688db926cbfc1df52329ce084257b9e88f3763fb54838f1f32351e3de4dd4d19cea9a1e55f92c76b8e5978d75f9c58a45d8c81aba", "04986eda295453432af666835d32fbc12209644003d240001d1b33e1b356e48cc9f32f6f6892796a7f54c8f602e987294f980934ebbb1d75bfd4978b3f61a500", "382bf3fe479186b41938be067ef57648446f01772f5396103529adfb49d37dd17d6d185aefe183b0c681f7c034ad1c4f6173d92f2dcb73c09afeb346dca00217dc", "c0d3b0a967eef631a8130db3027d9d90680cdaae7b014c340b219e3df22244da8c5970a188bbb4ba9d3eae86fd611f522462665398b71ca368a0d910e404cf64a7", "7eaaa11f4a5f991d3d554d459ab70f3fc9947e3348afcbe228be5279d2ac905668cb3cf3504c577c3e4bc62e06777689462f3ccd49455b84526f04d5ad5fa2667a", "0740565cd2129083d9584fa321770915e771bb111720f212c38bafbec6d9d6e89f0bdd0718eb627debedadebfb69443684364970e41228e894c17c7bcb955761ae"})
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c850)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
close_range$auto(0xffffffffffffffff, 0x8, 0x2)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r6=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fedbdf25040000000c000180080001000200000004000a8008000800", @ANYRES32=r6, @ANYBLOB="0800020001000000"], 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
unshare$auto(0x40000080)
write$auto(0xca, 0x0, 0x7f)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0)
r7 = socket(0x11, 0x3, 0x3a)
ioctl$auto(r7, 0x8912, 0x1)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/nr2/threaded\x00', 0xa001, 0x0)
write$auto(r8, &(0x7f0000000180)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfdf1)
write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, &(0x7f00000005c0)='Y', 0x1)

2m15.534330605s ago: executing program 0 (id=1027):
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0x14, 0xffffffffffffffff, 0x8000)
fcntl$auto(0x3, 0x4, 0xa553)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0)
open(0x0, 0xa0840, 0x55)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x80111500, r1)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0x2, 0x3, 0xa)
bind$auto(0x3, &(0x7f0000000100), 0x6b)

2m11.802414814s ago: executing program 0 (id=1036):
socket(0xa, 0x2, 0x0)
pidfd_open$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x400000)
uname$auto(&(0x7f0000000180)={"ad84726f530323e52242c6a93688db926cbfc1df52329ce084257b9e88f3763fb54838f1f32351e3de4dd4d19cea9a1e55f92c76b8e5978d75f9c58a45d8c81aba", "04986eda295453432af666835d32fbc12209644003d240001d1b33e1b356e48cc9f32f6f6892796a7f54c8f602e987294f980934ebbb1d75bfd4978b3f61a500", "382bf3fe479186b41938be067ef57648446f01772f5396103529adfb49d37dd17d6d185aefe183b0c681f7c034ad1c4f6173d92f2dcb73c09afeb346dca00217dc", "c0d3b0a967eef631a8130db3027d9d90680cdaae7b014c340b219e3df22244da8c5970a188bbb4ba9d3eae86fd611f522462665398b71ca368a0d910e404cf64a7", "7eaaa11f4a5f991d3d554d459ab70f3fc9947e3348afcbe228be5279d2ac905668cb3cf3504c577c3e4bc62e06777689462f3ccd49455b84526f04d5ad5fa2667a", "0740565cd2129083d9584fa321770915e771bb111720f212c38bafbec6d9d6e89f0bdd0718eb627debedadebfb69443684364970e41228e894c17c7bcb955761ae"})
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c850)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
close_range$auto(0xffffffffffffffff, 0x8, 0x2)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r6=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fedbdf25040000000c000180080001000200000004000a8008000800", @ANYRES32=r6, @ANYBLOB="0800020001000000"], 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
unshare$auto(0x40000080)
write$auto(0xca, 0x0, 0x7f)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0)
io_uring_setup$auto(0x0, &(0x7f0000000400)={0x34, 0x4, 0xbaa80000, 0x5, 0x1, 0x9, 0xffffffffffffffff, [0x9, 0x7f00, 0xe], {0x6, 0x7, 0x7, 0x0, 0x4, 0x9, 0x692, 0x0, 0x3}, {0x44, 0xe6b, 0x2, 0x9, 0x3, 0x0, 0x343, 0x3, 0x8}})
ioctl$auto(0xffffffffffffffff, 0x8912, 0x1)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/nr2/threaded\x00', 0xa001, 0x0)
write$auto(r7, &(0x7f0000000180)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfdf1)
write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, &(0x7f00000005c0)='Y', 0x1)

2m0.406290736s ago: executing program 4 (id=1065):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x6, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x80000001, 0x20, 0x309, 0x8, 0x0, 0x2, 0x3, 0x0, 0x3, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x39b, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2000000000000010, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYRESHEX, @ANYRES16=<r0=>0xffffffffffffffff], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x400c050)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r0], 0x1ac}}, 0x40000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0x1c, 0xfffffffffffffffa, 0x80000008000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0xa, 0x2, 0x0)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x40890)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x240202, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/nr_hugepages\x00', 0xe8202, 0x0)
write$auto(r6, &(0x7f0000000080)='9\x00;T\x16\b\x06\x00\x00\x00', 0x10)
socket(0x2, 0x1, 0x0)

1m59.710530444s ago: executing program 4 (id=1069):
socket(0x10, 0x2, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0)
sendfile$auto(r0, r0, 0x0, 0x3)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x5, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
fcntl$auto_F_ADD_SEALS(0xffffffffffffffff, 0x409, 0x4)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram8/queue/iostats\x00', 0xa001, 0x0)
write$auto(r3, &(0x7f0000000180)='7\x81=\"\xad\xff\x8d\xf9;\x18\xa4\xb0&L\xeb=j\a\xb3\"Yq\'R\"\n\x1d\xa1\xff\a\x17\x00'/42, 0x81)
r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
ioctl$auto_UI_SET_RELBIT(r4, 0x40045566, &(0x7f0000000040)=0x7fffffff)
r5 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x82200, 0x0)
pread64$auto(r5, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00 \x00'/21, 0x0, 0x100000001)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x8203f, 0x0)

1m57.557902192s ago: executing program 4 (id=1073):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0xa, 0x3, 0x3b)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0)
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0)
r1 = socket(0x22, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x80044943, 0x0)
ioctl$auto_I2C_SMBUS(r0, 0x720, 0x0)

1m57.3259436s ago: executing program 4 (id=1075):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\xff\xfb\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\b\x00\x00\x00\x00\x00\x00\x00\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x8)

1m57.18665227s ago: executing program 4 (id=1076):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0)
pwrite64$auto(r0, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03?\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\b\x00\x00\x00\x00\x00\x00\x00\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x8)

1m56.990612437s ago: executing program 4 (id=1077):
unshare$auto(0x40000080)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async)
rseq$auto(0x0, 0x8002, 0x0, 0x8) (async)
finit_module$auto(0xffffffffffffffff, 0x0, 0x4) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x40, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x501, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
socket(0x21, 0x4, 0xe79) (async, rerun: 32)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @rand_addr=0x64010101}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x180483, 0x0) (async, rerun: 32)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x121d02, 0x0) (async, rerun: 32)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x622340, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket(0x10, 0x2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x51f5, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
eventfd$auto(0x200003) (async, rerun: 32)
eventfd$auto(0x3)
pipe$auto(0x0) (async)
socketpair$auto(0x1e, 0x1, 0x4, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)

1m56.526806185s ago: executing program 33 (id=1036):
socket(0xa, 0x2, 0x0)
pidfd_open$auto(0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
move_pages$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x400000)
uname$auto(&(0x7f0000000180)={"ad84726f530323e52242c6a93688db926cbfc1df52329ce084257b9e88f3763fb54838f1f32351e3de4dd4d19cea9a1e55f92c76b8e5978d75f9c58a45d8c81aba", "04986eda295453432af666835d32fbc12209644003d240001d1b33e1b356e48cc9f32f6f6892796a7f54c8f602e987294f980934ebbb1d75bfd4978b3f61a500", "382bf3fe479186b41938be067ef57648446f01772f5396103529adfb49d37dd17d6d185aefe183b0c681f7c034ad1c4f6173d92f2dcb73c09afeb346dca00217dc", "c0d3b0a967eef631a8130db3027d9d90680cdaae7b014c340b219e3df22244da8c5970a188bbb4ba9d3eae86fd611f522462665398b71ca368a0d910e404cf64a7", "7eaaa11f4a5f991d3d554d459ab70f3fc9947e3348afcbe228be5279d2ac905668cb3cf3504c577c3e4bc62e06777689462f3ccd49455b84526f04d5ad5fa2667a", "0740565cd2129083d9584fa321770915e771bb111720f212c38bafbec6d9d6e89f0bdd0718eb627debedadebfb69443684364970e41228e894c17c7bcb955761ae"})
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_EEE_GET(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000007c0)={0x2c, r2, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_EEE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x400c850)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0)
writev$auto(r3, &(0x7f0000000080)={0x0, 0x1000}, 0x3)
close_range$auto(0xffffffffffffffff, 0x8, 0x2)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r6=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r4, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fedbdf25040000000c000180080001000200000004000a8008000800", @ANYRES32=r6, @ANYBLOB="0800020001000000"], 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
unshare$auto(0x40000080)
write$auto(0xca, 0x0, 0x7f)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0)
io_uring_setup$auto(0x0, &(0x7f0000000400)={0x34, 0x4, 0xbaa80000, 0x5, 0x1, 0x9, 0xffffffffffffffff, [0x9, 0x7f00, 0xe], {0x6, 0x7, 0x7, 0x0, 0x4, 0x9, 0x692, 0x0, 0x3}, {0x44, 0xe6b, 0x2, 0x9, 0x3, 0x0, 0x343, 0x3, 0x8}})
ioctl$auto(0xffffffffffffffff, 0x8912, 0x1)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/nr2/threaded\x00', 0xa001, 0x0)
write$auto(r7, &(0x7f0000000180)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfdf1)
write$auto_nsim_psample_enable_fops_psample(0xffffffffffffffff, &(0x7f00000005c0)='Y', 0x1)

1m41.88036727s ago: executing program 34 (id=1077):
unshare$auto(0x40000080)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) (async)
rseq$auto(0x0, 0x8002, 0x0, 0x8) (async)
finit_module$auto(0xffffffffffffffff, 0x0, 0x4) (async)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x40, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x501, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
socket(0x21, 0x4, 0xe79) (async, rerun: 32)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @rand_addr=0x64010101}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x180483, 0x0) (async, rerun: 32)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x121d02, 0x0) (async, rerun: 32)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x622340, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
socket(0x10, 0x2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x51f5, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
eventfd$auto(0x200003) (async, rerun: 32)
eventfd$auto(0x3)
pipe$auto(0x0) (async)
socketpair$auto(0x1e, 0x1, 0x4, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)

1m40.536978663s ago: executing program 2 (id=1130):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x2, 0x1, 0x0, 0x0, 0x7f)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x10000)
madvise$auto(0x8, 0x9, 0x2)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c820000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000ffdbdf256a000000220018003eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71000000022c801c0102800c00008008000100000000000c000080080001000a0000002400008008000200020000000800010001000000080001004800000008000200090000002c000080080002000700000008000200000000000800020006000000080002000d00000008000200040000003c00008008000100010400000800020000020000080001000700000008000200001000000800010008000000080001000700000008000100080000001c000080080001000600000008000100fdffffff080001006d1effff0c000080080002005204000024000080080001000400000008000200070000000800020004000000080002000200000004000080240000800800010002bb0000080002000900000008000200190b00000800020020000000e00002803400008008000200ce1978490800020009000000080001000001000008000200000000000800020000000000080001009bc50000340000800800010018000000080001000400000008000200ff070000080002000700000008000200000000c608000200070000003400008008000100090000000800020004000000080001000000020008000100ff7f0000080002000d00000008000100050000001c000080080001000700000008000200ff7f00000800010000010000240000800800020005000000080001000800000008000100ff0f000008000200060000000600fb0003000000050060000400000004008c00"], 0x24c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)

1m37.694939966s ago: executing program 2 (id=1135):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
fsopen$auto(&(0x7f0000000040)='}-,#\x00', 0x81)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000240)={0x0, 0x7}, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r1 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x89e0, 0x2000000000000093)
mount$auto(0x0, 0x0, 0x0, 0x7, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec7\x00', 0x10b101, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x1000, 0x0)
poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108)
ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000000140)=0xd0)
r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x3b70, 0x0)
r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x7, 0x8, 0x4, 0xa2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x0, 0x3, 0x1, 0x381, 0x6, 0x8001, 0x800010, 0x6, 0x10001, 0xefe, 0xfffffffa, 0x5, 0x8001, 0x62f, 0x101, 0x4, 0x200, 0xfffffff0, 0x1000, 0x7, 0x3, 0x3, 0x0, 0x6, 0xb94, 0x0, 0x1, 0x7, 0x3, 0xe8, 0x4, 0x0, 0x9, 0x46f, 0x8, 0x1, 0x6, 0x4, 0x6, 0x8, 0x80, 0x9, 0x65b, 0x9, 0x7, 0x81, 0x1ce8, 0x9, 0x34b5, 0xfff, 0x5, 0x4, 0x2, 0x1000, 0x9, 0x3, 0x400, 0xd, 0x0, 0x0, 0x207d, 0xa7a, 0x5, 0x5, 0x4, 0x80, 0x6ed, 0x0, 0x1, 0x1, 0x6, 0x4, 0x8, 0x1, 0x4003ff, 0x5, 0x8, 0x6, 0x0, 0xa, 0x2, 0x5, 0x400, 0x6, 0x4, 0x9, 0x4, 0x8, 0x30971ad3, 0x9, 0x78e, 0x7f, 0x0, 0x8001, 0x20000, 0x40, 0x0, 0x4, 0x5, 0xfffff43e, 0x0, 0x4f000, 0xfe, 0x5, 0x4, 0xd49e923b, 0x4, 0x80000000, 0x77, 0xf2, 0x0, 0x7fffffff, 0x7f77, 0x9, 0x5b, 0x8, 0x10001, 0x8, 0x0, 0xc2, 0x0, 0x5, 0x1000, 0x1, 0x7, 0x400, 0x8, 0x3], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca54ca1b0aefb60ffa8d501b1329af8d4108ac145aa564c6e7a09ea1b2dfae0f309c6ea508833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"})
bpf$auto(0x11, &(0x7f0000000000)=@batch={0xfffffffffffffffb, 0x44, 0x2, 0x9, 0x1, 0xffffffffffffffff, 0xa, 0x6}, 0xcf)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0xfffffffd, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
socket(0x29, 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRESDEC=r1], 0x1ac}}, 0x40000)
recvmmsg$auto(r5, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
setfsuid$auto(0xee00)
setfsuid$auto(0xee01)

1m36.686549403s ago: executing program 2 (id=1138):
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000)
mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000500)=0xffff, 0xa, 0x1)
futex_wake$auto(0x0, 0x10000, 0xa, 0x1ff)
gettid()
rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8)
read$auto(0x3, 0x0, 0x80)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0)
ioctl$auto_BLKSECTGET(r0, 0x1267, 0x20000000000000)
rt_sigprocmask$auto_SIG_UNBLOCK(0x1, &(0x7f0000000140)={0x9}, &(0x7f0000000180)={0xffffffffffffff60}, 0x8)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x400000000000003, 0xeb2, 0xfffffffffffffffb, 0x7f)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
mmap$auto(0xffff, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000)
timer_create$auto(0x9, 0x0, 0x0)
openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/ns/cgroup\x00', 0x4000, 0x0)
close_range$auto(0x2, 0xa, 0x0)

1m34.183410137s ago: executing program 2 (id=1140):
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0)
write$auto(r0, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/error_log\x00', 0x80000, 0x0)
pread64$auto(r1, 0x0, 0x7e91, 0x7fffffff)
readv$auto(0x3, 0x0, 0x1)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0x1000000, 0x0)
io_uring_setup$auto(0x4c8, 0x0)
clock_adjtime$auto(0x354d, 0x0)
syz_clone3(&(0x7f0000000100)={0x2100000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28001)
rt_sigsuspend$auto(0x0, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r2, 0x29, 0x5, 0x0, 0x56b)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x0)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r4, 0x810c5701, &(0x7f0000000040)={0x1, 0x4, 0x81, 0x8, 0x9, "8eabeb663b572a9f43298902518fc12b85a98855e8529542d4517e62e6d3a8a4a5da485f77dd72ed364947a535dd131f2d605a9d4048ac958301f54472027800", "16fa2d25729a89d38d43d0cf8adeb82aeee33ae39a462f1da4601effe99e3a7f97ca3c5f0b8cfca710b40c925fdda35afe70e310dc02ee15e5f91a3cd9ac0e6d9472360408d0033b8b04dae0ca88793f", "5792826c61c347bf4c2da10c8f236869d0a90f79fcc9659c2102aa3d294011d7", 0x2, 0x968f, 0x3, "abdc4185287359f85b748e2057d6212e6ba06742678a6f406df6659a51580f3089ecb0145b4337bc70fbbf69872df3c6c683085797fa76e5c6639de9"})
sendmsg$auto_IEEE802154_LLSEC_GETPARAMS(r4, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="000828bd7003000000000000000005b8c40004000000185de1ce189580db5c3f4d94308902589285e7b1945972e03b135baf29d839d24e29e09f4224ad4a96f81ecc902524910cf5614bd3f13deec68aac28f8a11b92c1a7dfb8863c08a8095a3a337577d9622adb3eb6b23872c83865ef01e76ba28e472ffc46e015e9240ceaaf0f4e1c0089d03b6f76"], 0x1c}, 0x1, 0x0, 0x0, 0x20000001}, 0x800)
write$auto(r3, &(0x7f0000000040)='\xee\xff\xff\xff', 0x80000000)

1m31.728175558s ago: executing program 2 (id=1146):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x205, 0xffdffffa, 0x4, 0x8)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2a, 0x2, 0x8000)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

1m29.627468448s ago: executing program 2 (id=1149):
statmount$auto(&(0x7f0000000040)={0x6189, @raw=0x7, 0x4, 0x10000004f65b40b, 0xf}, &(0x7f0000000380)={0x55c35ef, 0x2f, 0x3, 0x62, 0x28000, 0xfffffffffffffffe, 0x0, 0x800, 0x13, 0x100000000008, 0x5, 0x20000039, 0xf, 0x1, 0x21fd, 0x0, 0xe7, 0x1000, 0x2, 0xffffffffffffffff, 0x2d8, 0x6, 0x7, 0x2, 0x7, 0xfffffffd, 0x4, 0x4, 0xe, 0x7, 0x8, [0x61, 0xd0e, 0x8, 0x5, 0x3ff, 0x7, 0x10000, 0x1000001ff, 0x3, 0x121980a3, 0x4, 0x8001, 0x5, 0x40, 0x7, 0xb1a3, 0x80000000, 0x400000000000005, 0x2a6, 0x2000000100000000, 0x7, 0xfffffffffffffff9, 0x42c9a10f, 0x3, 0x2000000000, 0x8001, 0xe43, 0x5, 0x9c8, 0x4, 0x2e1, 0x100, 0x1, 0xfffffffffffff538, 0x2, 0x5, 0x8, 0x100000000, 0x7f, 0xfffffffffffffff1, 0x8, 0x0, 0x2]}, 0x9, 0xcc) (async)
r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r0, &(0x7f0000000000)={0x0, 0x10002}, 0x6) (async)
unshare$auto(0x40000080) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x13, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r2 = socket(0x2b, 0x1, 0x0) (async)
r3 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x80, 0x2, 0x0, 0x7f, 0x4)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x66) (async)
sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) (async)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
socket(0x10, 0x2, 0x0) (async)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001400038010000c800c00038008000600", @ANYRES32=r4, @ANYBLOB="1200010089"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0xc800) (async)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a00000808000300000000000800010000000000080002"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c51d50e", @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf250200000008000300800040000800030009"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

1m14.364049809s ago: executing program 35 (id=1149):
statmount$auto(&(0x7f0000000040)={0x6189, @raw=0x7, 0x4, 0x10000004f65b40b, 0xf}, &(0x7f0000000380)={0x55c35ef, 0x2f, 0x3, 0x62, 0x28000, 0xfffffffffffffffe, 0x0, 0x800, 0x13, 0x100000000008, 0x5, 0x20000039, 0xf, 0x1, 0x21fd, 0x0, 0xe7, 0x1000, 0x2, 0xffffffffffffffff, 0x2d8, 0x6, 0x7, 0x2, 0x7, 0xfffffffd, 0x4, 0x4, 0xe, 0x7, 0x8, [0x61, 0xd0e, 0x8, 0x5, 0x3ff, 0x7, 0x10000, 0x1000001ff, 0x3, 0x121980a3, 0x4, 0x8001, 0x5, 0x40, 0x7, 0xb1a3, 0x80000000, 0x400000000000005, 0x2a6, 0x2000000100000000, 0x7, 0xfffffffffffffff9, 0x42c9a10f, 0x3, 0x2000000000, 0x8001, 0xe43, 0x5, 0x9c8, 0x4, 0x2e1, 0x100, 0x1, 0xfffffffffffff538, 0x2, 0x5, 0x8, 0x100000000, 0x7f, 0xfffffffffffffff1, 0x8, 0x0, 0x2]}, 0x9, 0xcc) (async)
r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r0, &(0x7f0000000000)={0x0, 0x10002}, 0x6) (async)
unshare$auto(0x40000080) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x13, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) (async)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r2 = socket(0x2b, 0x1, 0x0) (async)
r3 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x80, 0x2, 0x0, 0x7f, 0x4)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x66) (async)
sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) (async)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
socket(0x10, 0x2, 0x0) (async)
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001400038010000c800c00038008000600", @ANYRES32=r4, @ANYBLOB="1200010089"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0xc800) (async)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a00000808000300000000000800010000000000080002"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c51d50e", @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf250200000008000300800040000800030009"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)

59.186530903s ago: executing program 7 (id=1189):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/vhci_hcd.4/usb17/17-0:1.0/usb17-port5/power/autosuspend_delay_ms\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x401}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x8, 0x7, 0x5}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48c1}, 0x20000000)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0xa0080, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r4, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x4}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xd5}, @NL80211_ATTR_MBSSID_CONFIG={0x24, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0xd}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x2}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x7}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x5}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x7}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x9}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0xd}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x24048800)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r6 = socket(0x2b, 0x1, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000080)={0x4, "b6a20445eb37ba17082a36a540f77e75f99578a1ab02778d76c8fa7cb703baf4", @raw=0x8001})
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

51.26526107s ago: executing program 3 (id=1237):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
set_mempolicy$auto(0x6, &(0x7f0000000240)=0x7fffffffffffffff, 0xcd9)
get_mempolicy$auto(0x0, 0x0, 0x400, 0x7, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x80000000)
unshare$auto(0x4000007c)
mmap$auto(0x1002, 0x9, 0x4, 0x200000eb0, 0x401, 0x701cf82a)
unshare$auto(0x7)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0)
read$auto_ptdump_fops_(0xffffffffffffffff, &(0x7f00000000c0)=""/32, 0x20)
sendfile$auto(r0, r0, 0x0, 0x6)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x5, 0x0, 0x0, &(0x7f00000001c0)={[0x1ff, 0x0, 0x7, 0xfff, 0x948b, 0x0, 0x15f4da0a, 0x3, 0x402, 0x62, 0x6, 0x4, 0x6d41, 0x8, 0xa, 0xfffffffffffffdfa]}, 0x0)
write$auto(r1, &(0x7f0000000400), 0x100000a3d9)
socketpair$auto(0x1, 0x2, 0x10000000, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/sctp/eps\x00', 0x181800, 0x0)
pread64$auto(r2, &(0x7f0000000380)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xae\xa7\xec*\xaeH\x13\xfb)\x8b\xe5\xcf\xd14\x1e\xabFH\xd2,\x99PG\xed(\xca\x80\x02\xf9,\xb2\xd6e\xbe0^\x85\xaco\xd0\xf7QJ\xc3E\xfd\x99lr\x92\xf8\x93\f\x82I^Le\x89\xd3\x7fb\x05\xff', 0x3ef, 0x9)
r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x20, 0x0)
ioctl$auto_I2C_RDWR(r3, 0x707, &(0x7f0000000180)="e123297c")
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x12d)
socket(0x2, 0x4, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0xc)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
setpriority$auto(0x2, 0x0, 0x8fffd)
prctl$auto_PR_SYS_DISPATCH_ON(0x7, 0x1, 0x0, 0x0, 0x407)

50.248658546s ago: executing program 3 (id=1241):
shmctl$auto_IPC_INFO(0x100, 0x3, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0xc000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_GET(0xffffffffffffffff, 0x0, 0x4000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x22, 0x2, 0x1)
fstat$auto(r0, 0x0)
r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000100), 0x80040, 0x0)
ioctl$auto(r1, 0x3b81, 0x38)
close_range$auto(0x2, 0x8, 0x2000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x21, 0x1, 0x2)
madvise$auto(0x7fc, 0xffffffffffff0003, 0x5)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
write$auto(0x3, 0x0, 0xfdef)
open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x40001, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(r2, r2, 0x200001)
socket(0x10, 0x2, 0x0)
socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)

50.075248757s ago: executing program 3 (id=1242):
socket(0xa, 0x801, 0x106) (async)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
ioctl$auto(r0, 0x5601, r0) (async)
arch_prctl$auto(0x1021, 0x3) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev3\x00', 0x169000, 0x0)
ioctl$auto(r1, 0xc0405626, r1)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/max_active\x00', 0x1ab102, 0x0)
write$auto(r2, &(0x7f00000000c0)='\x00', 0x7) (async)
ioctl$auto_USBDEVFS_BULK32(0xffffffffffffffff, 0xc0105502, &(0x7f0000000000)={0xf24, 0x0, 0x6, 0x7}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010329bd700002dcdf25260003000000070006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x8040) (async)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r3)
setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3)

49.770077312s ago: executing program 3 (id=1244):
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x80008000)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0)
ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TCFLSH2(r2, 0xc0285443, 0x0)

49.368936248s ago: executing program 3 (id=1246):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram1\x00', 0x14fa02, 0x0) (async)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) (async)
unshare$auto(0x40000080)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) (async)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
r2 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5)
open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x7}, 0x3) (async)
r3 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r3, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4aeb2ca218", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100)
prctl$auto(0x3e, 0x1, r2, 0x1, 0x0) (async)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
ioctl$auto_FIOASYNC(r4, 0x5452, 0x0) (async)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x8000fff5)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@inferred=r2, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1000000000001}, "6cc1294d63a4f1b4285854c5368de438f8cc142eff0000003373a1183bedbd31b642b4059b078fa181c61c329794e5381121c760cb9611c78e6947a99807bcc1"})
close_range$auto(0x2, 0x8, 0x0) (async)
semctl$auto_SETVAL(0xb5, 0x7, 0x10, 0xfff) (async)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x4682c0, 0x0) (async)
lsm_list_modules$auto(0x0, 0x0, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x14) (async)
r5 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
ioctl$auto_EXT4_IOC_GETVERSION_OLD(r5, 0x80087601, &(0x7f0000000040)="9af375a323f41dcd96c3f85ac4ea73e230236937cd30b3cef7217776f1f02c7bb4")
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nbd13\x00', 0x100, 0x0) (async)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
sendmmsg$auto(r5, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async)
shmctl$auto_SHM_INFO(0x6, 0xe, &(0x7f00000003c0)={{0x1ce, 0xffffffffffffffff, 0x0, 0x6, 0x9, 0x8, 0x6}, 0x400, 0x1, 0xffffffffffffffff, 0x0, @raw=0xffffffff, @inferred=0xffffffffffffffff, 0x80, 0x0, &(0x7f0000000200)="fe347bb384d2a45c4ec7e8ef3b5c4f6fe3d9eb94dd1145a5d1335e6f58a57331526d24773763d8117b9ecdd2f7ae0ab8650d93733200c5eaf61a86413e1d227ea9bdefb1842a3234aa3bf6251f5d63d9f4a6ff4bbc49363e7a1bd506b9fb4982f2105dc0e413e9a98bae7a6d426c4516ca6be1cd09561719214fdb30f02dc24c73599f1ca1b1625113138e8b7b64ae21fa529d28a3bbb1d4c5a72b6c5903736e559ce915499671b5625b0ac76ae98bdff56afe33ef94829bf9e4fb07c3b58b8280feba4bdbafb86d3ee671d4d5cdcb0145349de998043c187ef89d62f627276e24bb442c69a91bb5deb2e2", &(0x7f0000000300)="4c98e0c40932591e1e39e9ca883325d39ffb1f16666b1396585ceb4cfd5abd051f2b086fef3d878a9fdc9591a497fb9e3603e482007b392d39ee8629d00b0666f13b49b0afc451f63ea1b4935d5afe7bb1b89aa4eba57334791b5e80e1971e386897c4bded44aaf74886203f81ceb3e7dea2460eba53cc0785e75dc43218902c9ae4df27f4eb53855286"})

47.365866508s ago: executing program 3 (id=1252):
r0 = socket(0x26, 0x808, 0x1000)
getsockopt$auto(r0, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0)
unshare$auto(0x40000080)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x10000, 0xde, 0x11, 0xffffffffffffffff, 0x28000)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000140), 0x55)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x48)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgrcv$auto(0x0, 0x0, 0x81, 0x9, 0x3)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r3, 0x3b90, r2)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x538, 0x80, 0x10000, 0x0, r1, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, r1, 0x4, 0x6, 0x101, 0x1, r1}, 0x6f3)
ioctl$auto_I2C_RDWR(r1, 0x707, &(0x7f0000000080)="939bf199dbf6d4d4c268f0054a2d91")
close_range$auto(0x2, 0xa, 0x0)
unshare$auto(0x8)
socket(0x1e, 0x4, 0x0)
r4 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0)
pwrite64$auto(r4, 0x0, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)

43.880836887s ago: executing program 36 (id=1189):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/platform/vhci_hcd.4/usb17/17-0:1.0/usb17-port5/power/autosuspend_delay_ms\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x401}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x8, 0x7, 0x5}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x48c1}, 0x20000000)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0xa0080, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r3, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1)
sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x68, r4, 0x4, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x4}, @NL80211_ATTR_WIPHY_RETRY_LONG={0x5}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xd5}, @NL80211_ATTR_MBSSID_CONFIG={0x24, 0x132, 0x0, 0x1, [@NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0xd}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x2}, @NL80211_MBSSID_CONFIG_ATTR_INDEX={0x5, 0x3, 0x7}, @NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY={0x5, 0x2, 0x5}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x7}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x9}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0xd}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x24048800)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r6 = socket(0x2b, 0x1, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000080)={0x4, "b6a20445eb37ba17082a36a540f77e75f99578a1ab02778d76c8fa7cb703baf4", @raw=0x8001})
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a)
sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ff)
recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0)

31.793078195s ago: executing program 37 (id=1252):
r0 = socket(0x26, 0x808, 0x1000)
getsockopt$auto(r0, 0x84, 0xe, 0x0, &(0x7f0000000040)=0xb0)
unshare$auto(0x40000080)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x10000, 0xde, 0x11, 0xffffffffffffffff, 0x28000)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000140), 0x55)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x48)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
msgrcv$auto(0x0, 0x0, 0x81, 0x9, 0x3)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
pidfd_open$auto(0x1, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/netdevsim/netdevsim1/ports/3/pp_hold\x00', 0x101001, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0)
ioctl$auto(r3, 0x3b90, r2)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x538, 0x80, 0x10000, 0x0, r1, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, r1, 0x4, 0x6, 0x101, 0x1, r1}, 0x6f3)
ioctl$auto_I2C_RDWR(r1, 0x707, &(0x7f0000000080)="939bf199dbf6d4d4c268f0054a2d91")
close_range$auto(0x2, 0xa, 0x0)
unshare$auto(0x8)
socket(0x1e, 0x4, 0x0)
r4 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0)
pwrite64$auto(r4, 0x0, 0x2, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)

13.347846917s ago: executing program 6 (id=1324):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x2, 0x1, 0x0, 0x0, 0x7f)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x10000)
madvise$auto(0x8, 0x9, 0x2)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c820000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000ffdbdf256a000000220018003eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71000000022c801c0102800c00008008000100000000000c000080080001000a0000002400008008000200020000000800010001000000080001004800000008000200090000002c000080080002000700000008000200000000000800020006000000080002000d00000008000200040000003c00008008000100010400000800020000020000080001000700000008000200001000000800010008000000080001000700000008000100080000001c000080080001000600000008000100fdffffff080001006d1effff0c000080080002005204000024000080080001000400000008000200070000000800020004000000080002000200000004000080240000800800010002bb0000080002000900000008000200190b00000800020020000000e00002803400008008000200ce1978490800020009000000080001000001000008000200000000000800020000000000080001009bc50000340000800800010018000000080001000400000008000200ff070000080002000700000008000200000000c608000200070000003400008008000100090000000800020004000000080001000000020008000100ff7f0000080002000d00000008000100050000001c000080080001000700000008000200ff7f00000800010000010000240000800800020005000000080001000800000008000100ff0f000008000200060000000600fb0003000000050060000400000004008c00"], 0x24c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)

10.077501906s ago: executing program 6 (id=1328):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2a, 0x2, 0x8000)
connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

10.076488229s ago: executing program 5 (id=1337):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x2, 0x1, 0x0, 0x0, 0x7f)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x10000)
madvise$auto(0x8, 0x9, 0x2)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c820000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000ffdbdf256a000000220018003eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71000000022c801c0102800c00008008000100000000000c000080080001000a0000002400008008000200020000000800010001000000080001004800000008000200090000002c000080080002000700000008000200000000000800020006000000080002000d00000008000200040000003c00008008000100010400000800020000020000080001000700000008000200001000000800010008000000080001000700000008000100080000001c000080080001000600000008000100fdffffff080001006d1effff0c000080080002005204000024000080080001000400000008000200070000000800020004000000080002000200000004000080240000800800010002bb0000080002000900000008000200190b00000800020020000000e00002803400008008000200ce1978490800020009000000080001000001000008000200000000000800020000000000080001009bc50000340000800800010018000000080001000400000008000200ff070000080002000700000008000200000000c608000200070000003400008008000100090000000800020004000000080001000000020008000100ff7f0000080002000d00000008000100050000001c000080080001000700000008000200ff7f00000800010000010000240000800800020005000000080001000800000008000100ff0f000008000200060000000600fb0003000000050060000400000004008c00"], 0x24c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)

9.02517899s ago: executing program 9 (id=1331):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2a, 0x2, 0x8000)
connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

7.265488003s ago: executing program 8 (id=1336):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x2, 0x1, 0x0, 0x0, 0x7f)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x10000)
madvise$auto(0x8, 0x9, 0x2)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c820000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000ffdbdf256a000000220018003eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71000000022c801c0102800c00008008000100000000000c000080080001000a0000002400008008000200020000000800010001000000080001004800000008000200090000002c000080080002000700000008000200000000000800020006000000080002000d00000008000200040000003c00008008000100010400000800020000020000080001000700000008000200001000000800010008000000080001000700000008000100080000001c000080080001000600000008000100fdffffff080001006d1effff0c000080080002005204000024000080080001000400000008000200070000000800020004000000080002000200000004000080240000800800010002bb0000080002000900000008000200190b00000800020020000000e00002803400008008000200ce1978490800020009000000080001000001000008000200000000000800020000000000080001009bc50000340000800800010018000000080001000400000008000200ff070000080002000700000008000200000000c608000200070000003400008008000100090000000800020004000000080001000000020008000100ff7f0000080002000d00000008000100050000001c000080080001000700000008000200ff7f00000800010000010000240000800800020005000000080001000800000008000100ff0f000008000200060000000600fb0003000000050060000400000004008c00"], 0x24c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)

6.831002801s ago: executing program 6 (id=1338):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
semctl$auto(0x205, 0xffdffffa, 0x4, 0x8)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2a, 0x2, 0x8000)
connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

6.734586202s ago: executing program 5 (id=1339):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/set_event\x00', 0x20201, 0x0)
io_uring_setup$auto(0x59, 0x0)
getpid()
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x2, 0x1, 0x0, 0x0, 0x7f)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
fanotify_init$auto(0x65, 0x2)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv4/conf/macvlan0/proxy_arp\x00', 0x8a042, 0x0)
sendfile$auto(r1, r1, 0x0, 0x10000)
madvise$auto(0x8, 0x9, 0x2)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c820000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000ffdbdf256a000000220018003eed9b1465d94ee937d70efbcdd93f95cb35b0d61936ae811703d63b6d71000000022c801c0102800c00008008000100000000000c000080080001000a0000002400008008000200020000000800010001000000080001004800000008000200090000002c000080080002000700000008000200000000000800020006000000080002000d00000008000200040000003c00008008000100010400000800020000020000080001000700000008000200001000000800010008000000080001000700000008000100080000001c000080080001000600000008000100fdffffff080001006d1effff0c000080080002005204000024000080080001000400000008000200070000000800020004000000080002000200000004000080240000800800010002bb0000080002000900000008000200190b00000800020020000000e00002803400008008000200ce1978490800020009000000080001000001000008000200000000000800020000000000080001009bc50000340000800800010018000000080001000400000008000200ff070000080002000700000008000200000000c608000200070000003400008008000100090000000800020004000000080001000000020008000100ff7f0000080002000d00000008000100050000001c000080080001000700000008000200ff7f00000800010000010000240000800800020005000000080001000800000008000100ff0f000008000200060000000600fb0003000000050060000400000004008c00"], 0x24c}, 0x1, 0x0, 0x0, 0x24040081}, 0x40094)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00'/21, 0x100000002, 0x100000001)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0)

5.723379023s ago: executing program 9 (id=1340):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
semctl$auto(0x205, 0xffdffffa, 0x4, 0x8)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2a, 0x2, 0x8000)
connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

4.232023369s ago: executing program 8 (id=1341):
openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x169a02, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x6024c0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
pipe2$auto(0x0, 0x80)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0)
ioctl$auto(r1, 0xc038563b, r0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/nfsd.fh/content\x00', 0x400402, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto(0x3, 0x0, 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/sunrpc/parameters/tcp_max_slot_table_entries\x00', 0x88282, 0x0)
sendfile$auto(r3, r3, 0x0, 0x71)
ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, &(0x7f0000000000)="8855534279b4bcaf0a80e2820192ccedac5a281e064dc292f288956d2277bcbb61275e488f68b1dc5b5216e983baa163668a082552fb6d7f118fa65009674a328dce964d93946c70b1ee1899e1a1b4689609d503cecb79afce7e1231f2c89e8ad51d93838de7e06fe1d91cb95760e5d9424a0d19d356b8b1df49585f71e952143a6f7e70f30c73cfb970b9fe6a6c1a05259692c827f13b36a858f92d538baf4f704b5cd111")
read$auto(r2, &(0x7f0000000200)='/proc/self/net/can/rcvlist_sff\x00', 0x1d2b28d0)

3.741639159s ago: executing program 6 (id=1342):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r5, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x88c0}, 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket(0x2a, 0x2, 0x8000)
connect$auto(r6, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

3.730828325s ago: executing program 5 (id=1350):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
msgctl$auto_MSG_STAT(0x8001, 0xb, &(0x7f00000004c0)={{0x2, 0xee01, 0x0, 0x3, 0xd, 0x3, 0xcd8e}, &(0x7f00000001c0)=0xfb, &(0x7f00000002c0), 0x6, 0x9, 0x3, 0x800000000000000, 0x2, 0x3, 0xffff, 0x1000, @raw=0x389})
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[], 0x1c}}, 0x4000)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
io_uring_setup$auto(0x6, 0x0)
listen$auto(r1, 0x9)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x0, 0x0)
ioctl$auto(r3, 0x64c8, r3)
openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000180), 0x101040, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WOWLAN(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="c5cd06c77f29c407453e62c79acf9a2defd3b73ac500596dc78250bbf00f4c5eb525da3d46f1aab7333917bf7c3a079212455d928b612f3a7301a89f03eb2b857084f32a78eb794bc6c1a50caa429b63975903994e4a91826842395f"], 0x14}, 0x1, 0x0, 0x0, 0xd0}, 0x80)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000280), r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f00000003c0), r4)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r7=>0x0})
sendmsg$auto_NET_SHAPER_CMD_CAP_GET2(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010029bd7000fedbdf250500000008000100", @ANYRES32=r7, @ANYBLOB="1e12362abf63cbcf2f116a9d846e7770f52f774cf0f03c17566ce3ac45a2bf58613a20a7ba5c579f80ed33bd54833d7d6c287d30fee673d1df9e7c5a80629b435fdc01c16cdd1c38837aad6b682e7b0853c394522cb54c425841ba10e52854ccc543d881d06f1aeb4664912d0f1ea72125c5070be8578f8a909645b5c5b0b0d13980d75f18e5b223931d9917f9e6aa4562e4715abfb48ef10075087aa0edcd3162218ed836ba1430cc0f39b6f7435d6ae3cf2fb4bf909fe516d48021dce8100b2f81a4e56ed3689682f7aaf133973bec3d74fa6f78b0710cc9a1ed5b8975a976c13512c02cb232ccd706b430adbe977b0c4a11c23659fbf97a3e3c233f451a3ec0b30c4b0f434439ff7e367529c1836375335062d0d24884616f509007d279d5d8ba7c9e980c3bdc0549250d2c24675cce13d661fd86558ed249fb9c815e4c9f1a0919488976068672616ff32733cb76b6edbe1da42e7d81361c402c1fe193802df1062dade7ba9bc1ab97dca91e865fa81b4d2f8552aa92574cf90c8e8cf51d3fced7ac6d298ad8b914b1f4ed112f8ddd9eadb2af6578ba3c7545cb8da23ec0ba343ba90b8e6fa7859db1d0ad214556fbc6335c6854e1a8c63ab00049908ddac744943ebf2ed118a523f34fbad39d81861552ae2600"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40010)

3.44702105s ago: executing program 8 (id=1343):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd5\x00', 0x0, 0x0)
connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x100)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)

3.413948959s ago: executing program 9 (id=1344):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto_SO_PASSSEC(r0, 0x0, 0x22, 0x0, 0x0)
r1 = socket(0x2, 0x801, 0x100)
listen$auto(r1, 0x200005)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
r2 = memfd_create$auto(0x0, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
connect$auto(r0, &(0x7f0000000000)=@sco={0x1f, @none}, 0x6)
r3 = socket(0x2, 0x1, 0x106)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x38)
write$auto(r2, 0x0, 0x5)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x0)

3.113569034s ago: executing program 8 (id=1345):
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x123042, 0x0)
ioctl$auto(r0, 0x921064b1, 0x8)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
statmount$auto(&(0x7f0000000040)={0x7, @inferred=r1, 0x7fffffff, 0x3c5c00, 0x4}, &(0x7f0000000080)={0x400, 0xc, 0x4c7, 0x8, 0x1, 0x2, 0x4, 0x7, 0x4, 0x6, 0x6d, 0xdf70, 0x6, 0x5, 0x0, 0x3ff, 0x5c, 0x4, 0x5, 0x9, 0xd2c3, 0xfffffffb, 0x101, 0x3, 0xfffffffe, 0x4, 0x0, 0x1, 0x8, 0x655, 0xfff, [0x1ff, 0x3, 0x9, 0xe073d75, 0x5, 0x0, 0x7, 0x8, 0x6, 0x1, 0x0, 0x4, 0x80, 0xa62e, 0x5, 0x5, 0x5, 0x5, 0x2, 0x7, 0xff, 0x8000000000000001, 0x9, 0x10001, 0x85, 0x8001, 0x8, 0x9, 0x8, 0x7fff, 0x84, 0x62, 0x9, 0x3, 0x2, 0xcb, 0x9, 0x3, 0x8, 0x2, 0x2, 0x2, 0x327], "2aa9698fc273014bc2a9cc07b372e1b57e668622c7e08722d7a20bfb1194123a0c86716e943eac39dd10135f3773d48d558d7f953e5c8a2f55d735c85ff1be0f8db5cd0045fb81067f28ebc639ab53c883401372f43914d9e4ef5c249cc2fd200c66a279cb0f4acb7a6e89953070f9a189510bdf0cdfe00bbb5dbb55e09f44737b2116363f330725205215f065f0cc839777e5ec7c28545527bdd23fd78027"}, 0xae46, 0x77)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
r3 = socket(0xa, 0x3, 0xff)
connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
r4 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/uapsd_max_sp_len\x00', 0x0, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r4, 0x0, 0x0)
r5 = gettid()
socket(0x0, 0x1, 0x80)
kill$auto(r5, 0x11)
rt_sigtimedwait$auto(&(0x7f0000000180)={0xfffffffffffffc03}, 0x0, 0x0, 0x8)
r6 = openat2$dir(0xffffffffffffff9c, &(0x7f0000001340)=':,\x00', &(0x7f0000001380)={0x8000, 0x2c, 0x18}, 0x18)
symlinkat$auto(&(0x7f0000000000)='./file0\x00', r6, &(0x7f0000000040)='./file0\x00')
rt_sigprocmask$auto_SIG_BLOCK(0x0, &(0x7f00000013c0)={0x8b}, &(0x7f0000001400)={0x5}, 0x8)
ioctl$auto_BTRFS_IOC_RM_DEV_V2(r2, 0x5000943a, &(0x7f0000000340)={@inferred=r2, 0x1, 0xb6, @unused, @subvolid=0x400})

2.601457539s ago: executing program 9 (id=1346):
mmap$auto(0x4, 0x4020008, 0x6, 0xffffffff9ea6e3b3, 0x401, 0x8000) (async)
rseq$auto(&(0x7f00000005c0)={0x9, 0x6, 0x2c2, 0x821, 0x8007d, 0x80000000, "26c788a7a5024a9859acd358040938d080405e5667c1ebdf247e1520d2c4f723c82081928a325dde6dcc8b2454616a55b9e21620f9c952eb261f1e847bfe4289c4a3d8893fe91794c1a983b7dec4715155f202ff0100000000000091f75a1e4c289bd6c51ca54f1d"}, 0x8000, 0x7fff, 0x6)
r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0)
r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy11/netdev:wlan1/state\x00', 0x822, 0x0)
write$auto(r1, 0x0, 0x5)
ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) (async)
ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0)
ioctl$auto_UI_SET_MSCBIT(r0, 0x40045568, 0x0)
r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x400, 0x0)
keyctl$auto(0x2000000000000016, 0xffffffffffffffff, 0xfffffffe, 0x0, 0x404e) (async)
keyctl$auto_KEYCTL_ASSUME_AUTHORITY(0x10, 0x8000, 0x8, 0x7, 0x3) (async)
mmap$auto(0x6, 0x202000b, 0x9, 0x17, r2, 0x8000) (async)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), r2)
sendmsg$auto_NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYRESDEC], 0x30}, 0x1, 0x0, 0x0, 0x20044809}, 0x8810) (async)
close_range$auto(r0, 0x8, 0x0)
mkdir$auto(0x0, 0x89)
r4 = io_uring_setup$auto(0xfffff7fc, 0x0)
mmap$auto(0x3, 0xe, 0x339, 0xeb1, r2, 0x8000) (async)
madvise$auto(0x8000000000000, 0x8000000000000001, 0x8000000a)
syz_clone3(&(0x7f0000000240)={0x123062000, 0x0, 0x0, 0x0, {0x14}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0xfffffffffffffffc)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x115101, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/memory_tiering/memory_tier4/nodelist\x00', 0x22100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000006c0)=""/260, 0x104) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000004c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xda\xd36\xea\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\\\xf3\x18\xe5\xbc\xa9i[q\xa1_X\xe9\xcd_\xf5x\x01*\a~i\xa8\xd9\xec\xc1\xc8K\xf0\x9e\xca\x81G+\xc0I\xa3T\aG\xef\xef\xfe\x1f\x19\xee\xe4A\xbc\xb2u\xe3\x81#\xfdr\xe7.\xc7h&9ICJ\x0528!$\xbe\x00\x00\x00\x00', 0x3) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048001}, 0x24008800) (async)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0) (async)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/tunl0/disable_policy\x00', 0xd02, 0x0)
sendfile$auto(r6, r7, 0x0, 0x800048)

1.859352521s ago: executing program 8 (id=1347):
r0 = openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x90801, 0x0)
r1 = socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
setsockopt$auto_SO_LINGER(r0, 0xe32, 0xd, &(0x7f0000000080)='/proc/sys/kernel/timer_migration\x00', 0x7)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x1, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x40, 0x0)
getsockopt$auto(r3, 0x40, 0x4, &(0x7f0000000280)='/dev/ttyS2\x00', &(0x7f00000002c0)=0x9)
ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendfile$auto(r0, r1, &(0x7f0000000140), 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r4)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
semctl$auto(0x205, 0xffdffffa, 0x4, 0x8)
ioctl$auto(0xc8, 0x400454d4, 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket(0x2a, 0x2, 0x8000)
connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

1.533868207s ago: executing program 9 (id=1348):
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="010527bd7000fbdbdf250200000008"], 0x34}, 0x1, 0x0, 0x0, 0x4068811}, 0x80)
ppoll$auto(&(0x7f0000000080)={0xffffffffffffffff, 0xfff6, 0x13}, 0x6, 0x0, 0x0, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram0/queue/fua\x00', 0x68e00, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r1 = gettid()
r2 = getpid()
rt_tgsigqueueinfo$auto(r2, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x9, 0xcce3, @_sigfault={0x0, @_trapno=0x3}}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRES64=r4], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x20040894)

1.45201104s ago: executing program 5 (id=1349):
mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x22, 0x2, 0x1)
socket(0x10, 0x3, 0x6)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x240, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x10, 0x2, 0x4)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x80802, 0x0)
ioctl$auto(r1, 0x800064bb, r1)
prctl$auto_PR_SET_MM_BRK(0x7, 0x7, 0xffffffffffffffff, 0xff, 0x0)
mmap$auto(0x6, 0x2da, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4044001)
pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='uete1\x00', 0x200000000006, 0x7)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000040)={0xd, 0x0, 0x0, 0x7fffffffffffffff})
ioctl$auto_FS_IOC_UNRESVSP64(0xffffffffffffffff, 0x4030582b, 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r3 = socket(0x2, 0x1, 0x0)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000001c0), r3)
ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x1c00, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x80000003, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)
socket(0x11, 0x3, 0x2)

1.249593879s ago: executing program 6 (id=1351):
r0 = socket(0xa, 0x5, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty20\x00', 0x109401, 0x0)
unlink$auto(0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x15, r0, 0x6)
mmap$auto(0x0, 0x101, 0xdf, 0x9b72, 0x2, 0x8000)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x118)
socket(0xa, 0x3, 0x3a)
fanotify_init$auto(0x10005, 0xffffafff)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x2, 0x0)
r1 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r2 = socket(0x2, 0x1, 0x0)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
listen$auto(0x3, 0x81)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
accept$auto(r2, 0x0, 0x0)
write$auto(0x6, 0x0, 0x100000001)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)

630.13353ms ago: executing program 6 (id=1352):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0xb5, 0x7000000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/card0/pcm0p/oss\x00', 0x88400, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/209, 0xd1)
read$auto_tracing_cpumask_fops_trace(0xffffffffffffffff, &(0x7f0000001340)=""/48, 0x30)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/snd_hda_intel/parameters/align_buffer_size\x00', 0xc0481, 0x0)
write$auto(r1, &(0x7f0000000000)='\x14\xf4\xb6\xc6\x97\xdb\x18B\f\xef\x1dQZ\xa66\xe7\x06\\\xe0)+\x86\xa7\x9bv\xe1\x18\xf5\x83\b\x11\x19\xdd\x1c', 0x7e)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
write$auto(0x3, 0x0, 0xfdef)
prctl$auto(0x10000, 0x4, 0x0, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129882, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x6d, 0x2, 0x8000000000000000, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x610841, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001380)='/sys/devices/pci0000:00/0000:00:01.3/rescan\x00', 0x1a1181, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mknod$auto(&(0x7f0000001040)=':,\x00', 0xca, 0xfffffffa)
r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r3, &(0x7f0000000040)=""/4096, 0xfffffe82)
copy_file_range$auto(0xffffffffffffffff, 0x0, r3, 0x0, 0xffffffffffffffff, 0x8)
execve$auto(&(0x7f0000000040)=':,\x00', 0x0, &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00')
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x141241, 0x0)
write$auto(0x3, 0x0, 0xfdef)

608.58275ms ago: executing program 9 (id=1353):
r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x8001, 0x0)
write$auto(r2, &(0x7f0000000180)='7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00,X\xb9\x0e\x11\xfb\x00\x00\x00\x00&!\x8f-\xfb\xea=\xc0\\\xec\xe7D\xe5V\xf1b\xa0\x9a\xa1\x88\xb4\x96\xf5\\\xad4\t\xca\x03\xe4\x15\v]\x00'/67, 0x81)
r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff)
r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$auto_RTC_SET_TIME(r4, 0x4024700a, &(0x7f00000001c0)={0x1, 0x7, 0x17, 0x8, 0x1, 0x64, 0x10, 0x3, 0x3})
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x149)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x2, 0x0)
poll$auto(0x0, 0x5, 0x108)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/irq/12/hwirq\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
writev$auto(r5, &(0x7f0000000200)={0x0, 0xb}, 0x200000003)
write$auto(0x3, 0x0, 0x5c8)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000f40)={'batadv0\x00', <r8=>0x0})
sendmsg$auto_BATADV_CMD_SET_MESH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x24, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4)
sendmsg$auto_NETDEV_CMD_QSTATS_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010327bd7000000000000000002b000407000000000000000094c57f9b69cd48d441149b31d4132f2b71d1e1106a7d"], 0x2c}, 0x1, 0x1c00, 0x0, 0x80}, 0x8000)
shmctl$auto_IPC_RMID(0x80, 0x0, &(0x7f0000000580)={{0x3, <r9=>0xee00, 0xee01, 0x6, 0x8, 0xffffffff, 0xffe6}, 0xb2b9, 0x3, 0x80000001, 0x535b, @inferred=0xffffffffffffffff, @raw, 0x2, 0x0, &(0x7f0000000400)="b70a671b0be603c136e7b1e5c4b72d4d4e960af93488cad71ccd3708604e48074ad05ea73ed253e1bb3d99dd1a3dd51288aa8a29f562f3ea3c4287c8a1acbc3168fa2fefcd60673665a9999426c8f0b18149374109722e42613ce1f5761a550ed642e5b693b34b48716a7e59", &(0x7f0000000480)="e1015162a1e15c66912ea91a6cdd42f512c990755fe40c17f59483cd6ecd255f839991ce41da1377f8b0edb162cf3b8f8816df1682c06e74a277ec46fc1d11989dbeb49256202a6403bef55a89383bd47f645ccef7e77c608be0b86eed1f4a5ecc3344d2a057d17b9a18141a1d48a11e3e25be740591689e81ba564200965aec94fdd7d459c95e381f73f95b3b304d2f4b0d77446f1f6a3084d6f3f22789acfb08ad17cc569529ae75e4df2eefbd85ac74c51a0dcd3c638cebb64b53e3b2a0f485c20f5334c30e34949b5379c17fc0a03d"})
setpriority$auto(0xffff91e4, r9, 0xb)
io_uring_setup$auto(0x8b1, &(0x7f0000000180)={0x9, 0x6, 0x3, 0x2, 0x2, 0xffff, 0xffffffffffffffff, [0x0, 0x8001, 0xffffbca2], {0x0, 0x6, 0x24, 0x7, 0x7fff, 0x3, 0x7, 0x7, 0x5}, {0x8, 0x8, 0xc48eb10, 0x8, 0xffffff46, 0x7, 0x5, 0x4, 0x6ec2f111}})
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x0)
r10 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
shutdown$auto(r10, 0x3)
r11 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/can/rcvlist_sff\x00', 0x101000, 0x0)
pread64$auto(r11, 0x0, 0x2, 0x75e6)

463.46907ms ago: executing program 5 (id=1354):
openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/trace_marker\x00', 0x43, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
clone$auto(0x8, 0xffffffffffffff81, 0x0, 0x0, 0x80000000)

90.027836ms ago: executing program 8 (id=1355):
unshare$auto(0x40000080)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000040), r0)
sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x14, r1, 0x1, 0x70bd29, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2, 0x5, 0x0)
ioctl$auto(0x3, 0x8905, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r4 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/tkip_mic_test\x00', 0x822, 0x0)
write$auto(r4, 0x0, 0xfff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[], 0x70}}, 0x24048084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_MPATH(r6, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, 0x0, 0x321, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090)
sendmsg$auto_NL80211_CMD_DEL_PMK(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x14, 0x0, 0x400, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x3400c0c0)
madvise$auto(0x0, 0x200007, 0x19)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x80d5, 0x3, 0x0, 0x2, 0xf)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x51}, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x103400, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)

0s ago: executing program 5 (id=1356):
mkdir$auto(&(0x7f0000000140)='./file0\x00', 0xfffd)
open(&(0x7f0000000080)='./file1\x00', 0x460000, 0x3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0xfffffffd)
r0 = socket(0xa, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x203, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r1, 0x84, 0x6c, 0x0, &(0x7f0000000280)=0x1000c0)
socketpair$auto(0x9, 0x2, 0xf3ac, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
write$auto(r2, 0x0, 0x45c)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x18, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r5, &(0x7f00000000c0)=""/4087, 0xff7)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
ioctl$auto_KVM_CREATE_VM(r3, 0x4048aecb, 0x0)
mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x5, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x55)
listen$auto(0x3, 0x81)

kernel console output (not intermixed with test programs):

loc_inode+0x8c/0x1d0
[  205.233666][ T7862]  hugetlbfs_alloc_inode+0x8c/0x1d0
[  205.233695][ T7862]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  205.233723][ T7862]  alloc_inode+0x68/0x250
[  205.233758][ T7862]  new_inode+0x22/0x1c0
[  205.233794][ T7862]  hugetlbfs_get_inode+0x313/0x750
[  205.233826][ T7862]  hugetlb_file_setup+0x3cc/0x5b0
[  205.233859][ T7862]  newseg+0xabb/0xed0
[  205.233898][ T7862]  ? __pfx_newseg+0x10/0x10
[  205.233931][ T7862]  ? down_write+0x146/0x1f0
[  205.233960][ T7862]  ? ksys_write+0x190/0x250
[  205.233983][ T7862]  ? ksys_write+0x190/0x250
[  205.234011][ T7862]  ipcget+0xee/0xf50
[  205.234044][ T7862]  ? do_futex+0x192/0x350
[  205.234078][ T7862]  ? __pfx_do_futex+0x10/0x10
[  205.234116][ T7862]  ? __pfx_ipcget+0x10/0x10
[  205.234152][ T7862]  ? __x64_sys_futex+0x34f/0x4d0
[  205.234184][ T7862]  ? __x64_sys_futex+0x358/0x4d0
[  205.234222][ T7862]  __x64_sys_shmget+0x13b/0x1b0
[  205.234264][ T7862]  ? __pfx___x64_sys_shmget+0x10/0x10
[  205.234309][ T7862]  do_syscall_64+0x106/0xf80
[  205.234332][ T7862]  ? clear_bhb_loop+0x40/0x90
[  205.234363][ T7862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.234389][ T7862] RIP: 0033:0x7fe91a79c819
[  205.234409][ T7862] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  205.234438][ T7862] RSP: 002b:00007fe91b5a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  205.234461][ T7862] RAX: ffffffffffffffda RBX: 00007fe91aa16180 RCX: 00007fe91a79c819
[  205.234478][ T7862] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000
[  205.234493][ T7862] RBP: 00007fe91a832c91 R08: 0000000000000000 R09: 0000000000000000
[  205.234508][ T7862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  205.234523][ T7862] R13: 00007fe91aa16218 R14: 00007fe91aa16180 R15: 00007ffe92c42a38
[  205.234555][ T7862]  </TASK>
[  205.525422][ T5872] rtc_cmos 00:00: Alarms can be up to one day in the future
[  205.535830][ T5872] rtc_cmos 00:00: Alarms can be up to one day in the future
[  205.543755][ T5872] rtc_cmos 00:00: Alarms can be up to one day in the future
[  205.560843][ T5872] rtc rtc0: __rtc_set_alarm: err=-22
[  206.543730][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.2.469'.
[  206.588015][ T7882] netlink: 13 bytes leftover after parsing attributes in process `syz.2.469'.
[  206.912530][ T7904] FAULT_INJECTION: forcing a failure.
[  206.912530][ T7904] name failslab, interval 1, probability 0, space 0, times 0
[  206.942378][ T7904] CPU: 1 UID: 0 PID: 7904 Comm: syz.2.474 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  206.942433][ T7904] Tainted: [L]=SOFTLOCKUP
[  206.942446][ T7904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  206.942466][ T7904] Call Trace:
[  206.942476][ T7904]  <TASK>
[  206.942488][ T7904]  dump_stack_lvl+0x100/0x190
[  206.942550][ T7904]  should_fail_ex.cold+0x5/0xa
[  206.942592][ T7904]  should_failslab+0xc2/0x120
[  206.942633][ T7904]  __kmalloc_cache_node_noprof+0x7d/0x770
[  206.942670][ T7904]  ? sbitmap_queue_init_node+0x291/0x4a0
[  206.942787][ T7904]  sbitmap_queue_init_node+0x291/0x4a0
[  206.942851][ T7904]  blk_mq_init_tags+0x184/0x300
[  206.942895][ T7904]  blk_mq_alloc_map_and_rqs+0x218/0xeb0
[  206.942938][ T7904]  ? blk_mq_update_queue_map+0x227/0x3a0
[  206.942986][ T7904]  blk_mq_alloc_tag_set+0x848/0x1330
[  206.943039][ T7904]  loop_add+0x3b7/0xb60
[  206.943093][ T7904]  ? __pfx_loop_add+0x10/0x10
[  206.943168][ T7904]  ? __pfx___do_sys_wait4+0x10/0x10
[  206.943220][ T7904]  ? kfree+0x2ec/0x6b0
[  206.943272][ T7904]  loop_control_ioctl+0xae/0x620
[  206.943353][ T7904]  ? __pfx_loop_control_ioctl+0x10/0x10
[  206.943410][ T7904]  ? xfd_validate_state+0x129/0x190
[  206.943465][ T7904]  ? __pfx_loop_control_ioctl+0x10/0x10
[  206.943523][ T7904]  __x64_sys_ioctl+0x18e/0x210
[  206.943580][ T7904]  do_syscall_64+0x106/0xf80
[  206.943614][ T7904]  ? clear_bhb_loop+0x40/0x90
[  206.943657][ T7904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.943692][ T7904] RIP: 0033:0x7fe91a79c819
[  206.943720][ T7904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  206.943753][ T7904] RSP: 002b:00007fe91b5e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  206.943786][ T7904] RAX: ffffffffffffffda RBX: 00007fe91aa15fa0 RCX: 00007fe91a79c819
[  206.943809][ T7904] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002
[  206.943830][ T7904] RBP: 00007fe91a832c91 R08: 0000000000000000 R09: 0000000000000000
[  206.943851][ T7904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  206.943871][ T7904] R13: 00007fe91aa16038 R14: 00007fe91aa15fa0 R15: 00007ffe92c42a38
[  206.943915][ T7904]  </TASK>
[  206.944265][ T7904] blk-mq: reduced tag depth (128 -> 64)
[  208.877279][ T7933] netlink: 8 bytes leftover after parsing attributes in process `syz.3.475'.
[  210.077077][ T7959] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  211.443948][ T7993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.484'.
[  211.982973][ T8008] device-mapper: ioctl: Invalid data size in the ioctl structure: 0
[  213.200237][ T8033] netlink: 12 bytes leftover after parsing attributes in process `syz.2.492'.
[  213.308666][ T8036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.492'.
[  214.355591][ T8082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.497'.
[  214.410323][ T8084] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  214.926890][ T8095] netlink: 342 bytes leftover after parsing attributes in process `syz.0.500'.
[  214.938034][ T8095] Zero length message leads to an empty skb
[  215.757402][ T8111] netlink: 342 bytes leftover after parsing attributes in process `syz.0.505'.
[  216.253265][ T8122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.508'.
[  219.920637][ T8173] type: 65536 invalid
[  220.186121][ T8167] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  220.186121][ T8167] The task syz.3.519 (8167) triggered the difference, watch for misbehavior.
[  225.259381][ T8237] FAULT_INJECTION: forcing a failure.
[  225.259381][ T8237] name failslab, interval 1, probability 0, space 0, times 0
[  225.332623][ T8237] CPU: 1 UID: 0 PID: 8237 Comm: syz.3.536 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  225.332681][ T8237] Tainted: [L]=SOFTLOCKUP
[  225.332693][ T8237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  225.332713][ T8237] Call Trace:
[  225.332724][ T8237]  <TASK>
[  225.332736][ T8237]  dump_stack_lvl+0x100/0x190
[  225.332797][ T8237]  should_fail_ex.cold+0x5/0xa
[  225.332839][ T8237]  should_failslab+0xc2/0x120
[  225.332888][ T8237]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  225.332946][ T8237]  ? alloc_inode+0x183/0x250
[  225.332995][ T8237]  ? find_inode_fast+0x1fa/0x910
[  225.333050][ T8237]  alloc_inode+0x183/0x250
[  225.333098][ T8237]  iget_locked+0x1d9/0x6d0
[  225.333148][ T8237]  ? __pfx_iget_locked+0x10/0x10
[  225.333195][ T8237]  ? kernfs_root+0xee/0x2a0
[  225.333245][ T8237]  ? kernfs_root+0xee/0x2a0
[  225.333304][ T8237]  kernfs_get_inode+0x46/0x470
[  225.333357][ T8237]  kernfs_iop_lookup+0x1a7/0x2d0
[  225.333438][ T8237]  __lookup_slow+0x251/0x460
[  225.333488][ T8237]  ? __pfx___lookup_slow+0x10/0x10
[  225.333559][ T8237]  ? __d_lookup+0x266/0x4a0
[  225.333621][ T8237]  lookup_slow+0x50/0x70
[  225.333669][ T8237]  link_path_walk+0x1377/0x1cc0
[  225.333741][ T8237]  path_openat+0x1be/0x31a0
[  225.333776][ T8237]  ? kasan_save_stack+0x3f/0x50
[  225.333807][ T8237]  ? kasan_save_stack+0x30/0x50
[  225.333835][ T8237]  ? kasan_save_track+0x14/0x30
[  225.333871][ T8237]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  225.333932][ T8237]  ? __pfx_path_openat+0x10/0x10
[  225.333984][ T8237]  do_file_open+0x20e/0x430
[  225.334023][ T8237]  ? __pfx_do_file_open+0x10/0x10
[  225.334090][ T8237]  ? alloc_fd+0x476/0x790
[  225.334134][ T8237]  ? do_getname+0x191/0x390
[  225.334185][ T8237]  do_sys_openat2+0x10d/0x1e0
[  225.334234][ T8237]  ? __pfx_do_sys_openat2+0x10/0x10
[  225.334301][ T8237]  __x64_sys_openat+0x12d/0x210
[  225.334353][ T8237]  ? __pfx___x64_sys_openat+0x10/0x10
[  225.334422][ T8237]  do_syscall_64+0x106/0xf80
[  225.334457][ T8237]  ? clear_bhb_loop+0x40/0x90
[  225.334505][ T8237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.334542][ T8237] RIP: 0033:0x7fb17e39c819
[  225.334576][ T8237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  225.334608][ T8237] RSP: 002b:00007fb17f246028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  225.334640][ T8237] RAX: ffffffffffffffda RBX: 00007fb17e615fa0 RCX: 00007fb17e39c819
[  225.334666][ T8237] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c
[  225.334689][ T8237] RBP: 00007fb17e432c91 R08: 0000000000000000 R09: 0000000000000000
[  225.334710][ T8237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  225.334730][ T8237] R13: 00007fb17e616038 R14: 00007fb17e615fa0 R15: 00007ffdf57fa0a8
[  225.334781][ T8237]  </TASK>
[  226.053280][ T8244] FAULT_INJECTION: forcing a failure.
[  226.053280][ T8244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  226.091530][ T8244] CPU: 0 UID: 0 PID: 8244 Comm: syz.0.539 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  226.091580][ T8244] Tainted: [L]=SOFTLOCKUP
[  226.091591][ T8244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  226.091608][ T8244] Call Trace:
[  226.091618][ T8244]  <TASK>
[  226.091630][ T8244]  dump_stack_lvl+0x100/0x190
[  226.091685][ T8244]  should_fail_ex.cold+0x5/0xa
[  226.091725][ T8244]  _copy_from_user+0x2e/0xd0
[  226.091776][ T8244]  copy_msghdr_from_user+0x9f/0x4f0
[  226.091821][ T8244]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  226.091862][ T8244]  ? kasan_quarantine_put+0x104/0x240
[  226.091921][ T8244]  ? rcu_is_watching+0x12/0xc0
[  226.091972][ T8244]  ? ___sys_sendmsg+0x19d/0x1e0
[  226.092011][ T8244]  ? kfree+0x2ec/0x6b0
[  226.092063][ T8244]  ___sys_sendmsg+0x106/0x1e0
[  226.092108][ T8244]  ? __pfx____sys_sendmsg+0x10/0x10
[  226.092188][ T8244]  ? __pfx___might_resched+0x10/0x10
[  226.092248][ T8244]  __sys_sendmmsg+0x205/0x430
[  226.092283][ T8244]  ? __pfx___sys_sendmmsg+0x10/0x10
[  226.092328][ T8244]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  226.092381][ T8244]  ? fput+0x79/0x100
[  226.092421][ T8244]  ? ksys_write+0x1ac/0x250
[  226.092453][ T8244]  ? __pfx_ksys_write+0x10/0x10
[  226.092493][ T8244]  __x64_sys_sendmmsg+0x9c/0x100
[  226.092524][ T8244]  ? lockdep_hardirqs_on+0x78/0x100
[  226.092556][ T8244]  do_syscall_64+0x106/0xf80
[  226.092587][ T8244]  ? clear_bhb_loop+0x40/0x90
[  226.092627][ T8244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.092660][ T8244] RIP: 0033:0x7efef659c819
[  226.092686][ T8244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.092716][ T8244] RSP: 002b:00007efef7517028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  226.092752][ T8244] RAX: ffffffffffffffda RBX: 00007efef6816090 RCX: 00007efef659c819
[  226.092773][ T8244] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  226.092792][ T8244] RBP: 00007efef7517090 R08: 0000000000000000 R09: 0000000000000000
[  226.092812][ T8244] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  226.092831][ T8244] R13: 00007efef6816128 R14: 00007efef6816090 R15: 00007ffea174ba98
[  226.092873][ T8244]  </TASK>
[  227.472627][ T8263] netlink: 170 bytes leftover after parsing attributes in process `syz.0.544'.
[  230.079594][ T8293] FAULT_INJECTION: forcing a failure.
[  230.079594][ T8293] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  230.205833][ T8293] CPU: 1 UID: 0 PID: 8293 Comm: syz.0.550 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  230.205879][ T8293] Tainted: [L]=SOFTLOCKUP
[  230.205890][ T8293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  230.205907][ T8293] Call Trace:
[  230.205917][ T8293]  <TASK>
[  230.205927][ T8293]  dump_stack_lvl+0x100/0x190
[  230.205979][ T8293]  should_fail_ex.cold+0x5/0xa
[  230.206014][ T8293]  _copy_from_user+0x2e/0xd0
[  230.206052][ T8293]  copy_msghdr_from_user+0x9f/0x4f0
[  230.206091][ T8293]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  230.206137][ T8293]  ? kasan_quarantine_put+0x104/0x240
[  230.206188][ T8293]  ? rcu_is_watching+0x12/0xc0
[  230.206232][ T8293]  ? ___sys_sendmsg+0x19d/0x1e0
[  230.206265][ T8293]  ? kfree+0x2ec/0x6b0
[  230.206308][ T8293]  ___sys_sendmsg+0x106/0x1e0
[  230.206346][ T8293]  ? __pfx____sys_sendmsg+0x10/0x10
[  230.206416][ T8293]  ? __pfx___might_resched+0x10/0x10
[  230.206467][ T8293]  __sys_sendmmsg+0x205/0x430
[  230.206498][ T8293]  ? __pfx___sys_sendmmsg+0x10/0x10
[  230.206535][ T8293]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  230.206580][ T8293]  ? fput+0x79/0x100
[  230.206614][ T8293]  ? ksys_write+0x1ac/0x250
[  230.206641][ T8293]  ? __pfx_ksys_write+0x10/0x10
[  230.206675][ T8293]  __x64_sys_sendmmsg+0x9c/0x100
[  230.206701][ T8293]  ? lockdep_hardirqs_on+0x78/0x100
[  230.206729][ T8293]  do_syscall_64+0x106/0xf80
[  230.206755][ T8293]  ? clear_bhb_loop+0x40/0x90
[  230.206790][ T8293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.206819][ T8293] RIP: 0033:0x7efef659c819
[  230.206844][ T8293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  230.206871][ T8293] RSP: 002b:00007efef7517028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  230.206916][ T8293] RAX: ffffffffffffffda RBX: 00007efef6816090 RCX: 00007efef659c819
[  230.206934][ T8293] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  230.206952][ T8293] RBP: 00007efef7517090 R08: 0000000000000000 R09: 0000000000000000
[  230.206968][ T8293] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  230.206985][ T8293] R13: 00007efef6816128 R14: 00007efef6816090 R15: 00007ffea174ba98
[  230.207021][ T8293]  </TASK>
[  231.496941][ T8327] netlink: 342 bytes leftover after parsing attributes in process `syz.2.554'.
[  232.646833][ T8340] process 'syz.0.556' launched './file0' with NULL argv: empty string added
[  235.669304][ T8367] FAULT_INJECTION: forcing a failure.
[  235.669304][ T8367] name failslab, interval 1, probability 0, space 0, times 0
[  235.701875][ T8367] CPU: 1 UID: 0 PID: 8367 Comm: syz.3.560 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  235.701928][ T8367] Tainted: [L]=SOFTLOCKUP
[  235.701939][ T8367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  235.701957][ T8367] Call Trace:
[  235.701968][ T8367]  <TASK>
[  235.701980][ T8367]  dump_stack_lvl+0x100/0x190
[  235.702037][ T8367]  should_fail_ex.cold+0x5/0xa
[  235.702080][ T8367]  should_failslab+0xc2/0x120
[  235.702119][ T8367]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  235.702174][ T8367]  ? security_inode_alloc+0x3b/0x2c0
[  235.702213][ T8367]  ? lockdep_init_map_type+0x5c/0x250
[  235.702266][ T8367]  security_inode_alloc+0x3b/0x2c0
[  235.702307][ T8367]  inode_init_always_gfp+0xced/0x1040
[  235.702351][ T8367]  alloc_inode+0x8e/0x250
[  235.702401][ T8367]  sock_alloc+0x44/0x280
[  235.702436][ T8367]  ? security_socket_create+0x7f/0x250
[  235.702475][ T8367]  __sock_create+0xc2/0x860
[  235.702527][ T8367]  inet_ctl_sock_create+0x94/0x230
[  235.702571][ T8367]  ? __pfx_inet_ctl_sock_create+0x10/0x10
[  235.702615][ T8367]  ? ndisc_net_init+0x1b1/0x230
[  235.702659][ T8367]  ? __pfx_ndisc_net_init+0x10/0x10
[  235.702706][ T8367]  igmp6_net_init+0x1b2/0x430
[  235.702751][ T8367]  ? __pfx_igmp6_net_init+0x10/0x10
[  235.702793][ T8367]  ops_init+0x1e2/0x5f0
[  235.702833][ T8367]  setup_net+0x118/0x3a0
[  235.702876][ T8367]  ? __pfx_setup_net+0x10/0x10
[  235.702908][ T8367]  ? lockdep_init_map_type+0x5c/0x250
[  235.702959][ T8367]  ? mutex_init_lockep+0x110/0x150
[  235.703016][ T8367]  copy_net_ns+0x46f/0x7c0
[  235.703058][ T8367]  create_new_namespaces+0x3ea/0xac0
[  235.703108][ T8367]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  235.703151][ T8367]  ksys_unshare+0x473/0xad0
[  235.703200][ T8367]  ? __pfx_ksys_unshare+0x10/0x10
[  235.703260][ T8367]  __x64_sys_unshare+0x31/0x40
[  235.703321][ T8367]  do_syscall_64+0x106/0xf80
[  235.703355][ T8367]  ? clear_bhb_loop+0x40/0x90
[  235.703398][ T8367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.703433][ T8367] RIP: 0033:0x7fb17e39c819
[  235.703463][ T8367] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  235.703495][ T8367] RSP: 002b:00007fb17f246028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  235.703528][ T8367] RAX: ffffffffffffffda RBX: 00007fb17e615fa0 RCX: 00007fb17e39c819
[  235.703550][ T8367] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  235.703571][ T8367] RBP: 00007fb17e432c91 R08: 0000000000000000 R09: 0000000000000000
[  235.703591][ T8367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  235.703611][ T8367] R13: 00007fb17e616038 R14: 00007fb17e615fa0 R15: 00007ffdf57fa0a8
[  235.703657][ T8367]  </TASK>
[  235.703698][ T8367] socket: no more sockets
[  236.147330][ T8367] Failed to initialize the IGMP6 autojoin socket (err -23)
[  236.231759][ T8376] netlink: 8 bytes leftover after parsing attributes in process `syz.2.564'.
[  236.571081][ T8381] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  236.847158][ T8382] netlink: 8 bytes leftover after parsing attributes in process `syz.2.565'.
[  237.037536][ T8382] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE�r��҄y�*�"�l-���y–��
[  237.772894][ T8391] netlink: 266 bytes leftover after parsing attributes in process `syz.0.567'.
[  237.844217][ T8391] IPv6: NLM_F_CREATE should be specified when creating new route
[  237.959430][ T5144] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  237.970973][ T5144] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  237.979177][ T5144] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  237.987757][ T5144] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  237.995391][ T5144] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  238.634114][ T8409] netlink: 146 bytes leftover after parsing attributes in process `syz.0.569'.
[  239.315669][ T8412] zswap: compressor  not available
[  239.602424][ T8397] chnl_net:caif_netlink_parms(): no params data found
[  240.144087][ T5834] Bluetooth: hci4: command tx timeout
[  240.479085][ T8397] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.504463][ T8397] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.522581][ T8397] bridge_slave_0: entered allmulticast mode
[  240.544698][ T8397] bridge_slave_0: entered promiscuous mode
[  240.554500][ T8446] tipc: Started in network mode
[  240.560157][ T8446] tipc: Node identity ee00, cluster identity 4711
[  240.569607][ T8446] tipc: Node number set to 60928
[  240.577816][ T8397] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.587434][ T8397] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.597021][ T8397] bridge_slave_1: entered allmulticast mode
[  240.612155][ T8397] bridge_slave_1: entered promiscuous mode
[  240.861659][ T8397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.894341][ T8397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.046740][ T8397] team0: Port device team_slave_0 added
[  241.068822][ T8397] team0: Port device team_slave_1 added
[  241.435501][ T8397] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.482423][ T8397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  241.601638][ T8397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.656748][ T8397] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.688619][ T8397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  241.730781][ T8397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.858906][ T8397] hsr_slave_0: entered promiscuous mode
[  241.900637][ T8397] hsr_slave_1: entered promiscuous mode
[  241.916184][ T8397] debugfs: 'hsr0' already exists in 'hsr'
[  241.928833][ T8397] Cannot create hsr debugfs directory
[  242.220969][ T5834] Bluetooth: hci4: command tx timeout
[  242.656448][ T8397] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  242.741976][ T8397] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  242.753856][ T8477] netlink: 28 bytes leftover after parsing attributes in process `syz.0.582'.
[  242.786693][ T8397] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  243.014029][ T8397] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  243.349042][ T8497] random: crng reseeded on system resumption
[  243.405856][ T8497] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  243.575696][ T8397] 8021q: adding VLAN 0 to HW filter on device bond0
[  243.624123][ T8397] 8021q: adding VLAN 0 to HW filter on device team0
[  243.746501][ T6868] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.753699][ T6868] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.801205][ T6868] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.808390][ T6868] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.300883][ T5834] Bluetooth: hci4: command tx timeout
[  244.446407][ T5872] Process accounting resumed
[  245.139261][ T8397] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.249038][ T8397] veth0_vlan: entered promiscuous mode
[  246.374760][ T8397] veth1_vlan: entered promiscuous mode
[  246.381034][ T5834] Bluetooth: hci4: command tx timeout
[  246.519174][ T8397] veth0_macvtap: entered promiscuous mode
[  246.560555][ T8397] veth1_macvtap: entered promiscuous mode
[  246.623448][ T8397] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.675932][ T8397] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.760922][ T6868] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.810596][ T6868] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.846756][ T6868] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.887456][ T6868] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.282280][ T6868] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.302532][ T6868] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.406237][ T8580] netlink: 28 bytes leftover after parsing attributes in process `syz.0.604'.
[  247.722774][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.841179][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  248.006590][ T8397] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  249.797245][ T8618] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'.
[  249.839900][ T8618] netlink: 13 bytes leftover after parsing attributes in process `syz.0.609'.
[  250.012847][ T8626] FAULT_INJECTION: forcing a failure.
[  250.012847][ T8626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.047294][ T8626] CPU: 1 UID: 0 PID: 8626 Comm: syz.2.610 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  250.047350][ T8626] Tainted: [L]=SOFTLOCKUP
[  250.047361][ T8626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  250.047387][ T8626] Call Trace:
[  250.047402][ T8626]  <TASK>
[  250.047414][ T8626]  dump_stack_lvl+0x100/0x190
[  250.047471][ T8626]  should_fail_ex.cold+0x5/0xa
[  250.047510][ T8626]  _copy_from_user+0x2e/0xd0
[  250.047555][ T8626]  copy_msghdr_from_user+0x9f/0x4f0
[  250.047602][ T8626]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  250.047644][ T8626]  ? kasan_quarantine_put+0x104/0x240
[  250.047702][ T8626]  ? rcu_is_watching+0x12/0xc0
[  250.047754][ T8626]  ? ___sys_sendmsg+0x19d/0x1e0
[  250.047793][ T8626]  ? kfree+0x2ec/0x6b0
[  250.047843][ T8626]  ___sys_sendmsg+0x106/0x1e0
[  250.047888][ T8626]  ? __pfx____sys_sendmsg+0x10/0x10
[  250.047967][ T8626]  ? __pfx___might_resched+0x10/0x10
[  250.048026][ T8626]  __sys_sendmmsg+0x205/0x430
[  250.048062][ T8626]  ? __pfx___sys_sendmmsg+0x10/0x10
[  250.048106][ T8626]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  250.048160][ T8626]  ? fput+0x79/0x100
[  250.048200][ T8626]  ? ksys_write+0x1ac/0x250
[  250.048232][ T8626]  ? __pfx_ksys_write+0x10/0x10
[  250.048272][ T8626]  __x64_sys_sendmmsg+0x9c/0x100
[  250.048302][ T8626]  ? lockdep_hardirqs_on+0x78/0x100
[  250.048341][ T8626]  do_syscall_64+0x106/0xf80
[  250.048373][ T8626]  ? clear_bhb_loop+0x40/0x90
[  250.048414][ T8626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.048448][ T8626] RIP: 0033:0x7fe91a79c819
[  250.048474][ T8626] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  250.048505][ T8626] RSP: 002b:00007fe91b5c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  250.048536][ T8626] RAX: ffffffffffffffda RBX: 00007fe91aa16090 RCX: 00007fe91a79c819
[  250.048557][ T8626] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  250.048577][ T8626] RBP: 00007fe91b5c6090 R08: 0000000000000000 R09: 0000000000000000
[  250.048596][ T8626] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  250.048615][ T8626] R13: 00007fe91aa16128 R14: 00007fe91aa16090 R15: 00007ffe92c42a38
[  250.048658][ T8626]  </TASK>
[  252.160172][ T8672] netlink: 28 bytes leftover after parsing attributes in process `syz.2.619'.
[  252.514860][   T30] audit: type=1800 audit(268435513.090:20): pid=8677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=22336 res=0 errno=0
[  253.326682][ T8689] FAULT_INJECTION: forcing a failure.
[  253.326682][ T8689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.431537][ T8689] CPU: 1 UID: 0 PID: 8689 Comm: syz.2.623 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  253.431588][ T8689] Tainted: [L]=SOFTLOCKUP
[  253.431600][ T8689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  253.431617][ T8689] Call Trace:
[  253.431627][ T8689]  <TASK>
[  253.431639][ T8689]  dump_stack_lvl+0x100/0x190
[  253.431695][ T8689]  should_fail_ex.cold+0x5/0xa
[  253.431735][ T8689]  _copy_from_user+0x2e/0xd0
[  253.431780][ T8689]  copy_msghdr_from_user+0x9f/0x4f0
[  253.431825][ T8689]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  253.431867][ T8689]  ? kasan_quarantine_put+0x104/0x240
[  253.431926][ T8689]  ? rcu_is_watching+0x12/0xc0
[  253.431979][ T8689]  ? ___sys_sendmsg+0x19d/0x1e0
[  253.432017][ T8689]  ? kfree+0x2ec/0x6b0
[  253.432069][ T8689]  ___sys_sendmsg+0x106/0x1e0
[  253.432114][ T8689]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.432202][ T8689]  ? __pfx___might_resched+0x10/0x10
[  253.432262][ T8689]  __sys_sendmmsg+0x205/0x430
[  253.432298][ T8689]  ? __pfx___sys_sendmmsg+0x10/0x10
[  253.432342][ T8689]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  253.432396][ T8689]  ? fput+0x79/0x100
[  253.432435][ T8689]  ? ksys_write+0x1ac/0x250
[  253.432466][ T8689]  ? __pfx_ksys_write+0x10/0x10
[  253.432506][ T8689]  __x64_sys_sendmmsg+0x9c/0x100
[  253.432536][ T8689]  ? lockdep_hardirqs_on+0x78/0x100
[  253.432569][ T8689]  do_syscall_64+0x106/0xf80
[  253.432600][ T8689]  ? clear_bhb_loop+0x40/0x90
[  253.432641][ T8689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.432674][ T8689] RIP: 0033:0x7fe91a79c819
[  253.432700][ T8689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.432731][ T8689] RSP: 002b:00007fe91b5c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  253.432762][ T8689] RAX: ffffffffffffffda RBX: 00007fe91aa16090 RCX: 00007fe91a79c819
[  253.432783][ T8689] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  253.432802][ T8689] RBP: 00007fe91b5c6090 R08: 0000000000000000 R09: 0000000000000000
[  253.432822][ T8689] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  253.432841][ T8689] R13: 00007fe91aa16128 R14: 00007fe91aa16090 R15: 00007ffe92c42a38
[  253.432883][ T8689]  </TASK>
[  255.180636][ T6323] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.435688][ T6323] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.803096][ T6323] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.985370][ T6323] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  256.071458][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  256.077856][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  256.433324][ T8732] bond0: invalid ARP target specified
[  256.452241][ T6323] bridge_slave_1: left allmulticast mode
[  256.458188][ T6323] bridge_slave_1: left promiscuous mode
[  256.475298][ T6323] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.565333][ T6323] bridge_slave_0: left allmulticast mode
[  256.580831][ T6323] bridge_slave_0: left promiscuous mode
[  256.586755][ T6323] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.733437][ T8737] random: crng reseeded on system resumption
[  257.111613][ T8751] netlink: 4 bytes leftover after parsing attributes in process `syz.2.639'.
[  257.227554][ T6323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  257.251285][ T8751] netlink: 13 bytes leftover after parsing attributes in process `syz.2.639'.
[  257.286081][ T6323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  257.313286][ T6323] bond0 (unregistering): Released all slaves
[  259.001159][ T6323] hsr_slave_0: left promiscuous mode
[  259.089147][ T6323] hsr_slave_1: left promiscuous mode
[  259.134990][ T6323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.154718][ T6323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.207959][ T6323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.231008][ T6323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.322783][ T8797] misc userio: Invalid payload size
[  259.331827][ T6323] veth1_macvtap: left promiscuous mode
[  259.331926][ T6323] veth0_macvtap: left promiscuous mode
[  259.332045][ T6323] veth1_vlan: left promiscuous mode
[  259.332151][ T6323] veth0_vlan: left promiscuous mode
[  260.291593][ T6323] team0 (unregistering): Port device team_slave_1 removed
[  260.344719][ T6323] team0 (unregistering): Port device team_slave_0 removed
[  262.681664][ T8842] Invalid ELF header magic: != ELF
[  265.296112][ T8910] bond0: option mode: unable to set because the bond device is up
[  265.485496][   T30] audit: type=1800 audit(268435526.050:21): pid=8924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=23920 res=0 errno=0
[  266.476912][ T8940] Invalid ELF header magic: != ELF
[  266.497214][ T8946] FAULT_INJECTION: forcing a failure.
[  266.497214][ T8946] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.540978][ T8946] CPU: 1 UID: 0 PID: 8946 Comm: syz.0.672 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  266.541029][ T8946] Tainted: [L]=SOFTLOCKUP
[  266.541052][ T8946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  266.541071][ T8946] Call Trace:
[  266.541081][ T8946]  <TASK>
[  266.541092][ T8946]  dump_stack_lvl+0x100/0x190
[  266.541150][ T8946]  should_fail_ex.cold+0x5/0xa
[  266.541189][ T8946]  _copy_from_user+0x2e/0xd0
[  266.541233][ T8946]  copy_msghdr_from_user+0x9f/0x4f0
[  266.541278][ T8946]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  266.541321][ T8946]  ? kasan_quarantine_put+0x104/0x240
[  266.541387][ T8946]  ? rcu_is_watching+0x12/0xc0
[  266.541439][ T8946]  ? ___sys_sendmsg+0x19d/0x1e0
[  266.541478][ T8946]  ? kfree+0x2ec/0x6b0
[  266.541531][ T8946]  ___sys_sendmsg+0x106/0x1e0
[  266.541590][ T8946]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.541668][ T8946]  ? __pfx___might_resched+0x10/0x10
[  266.541727][ T8946]  __sys_sendmmsg+0x205/0x430
[  266.541763][ T8946]  ? __pfx___sys_sendmmsg+0x10/0x10
[  266.541805][ T8946]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  266.541853][ T8946]  ? fput+0x79/0x100
[  266.541887][ T8946]  ? ksys_write+0x1ac/0x250
[  266.541917][ T8946]  ? __pfx_ksys_write+0x10/0x10
[  266.541957][ T8946]  __x64_sys_sendmmsg+0x9c/0x100
[  266.541987][ T8946]  ? lockdep_hardirqs_on+0x78/0x100
[  266.542018][ T8946]  do_syscall_64+0x106/0xf80
[  266.542055][ T8946]  ? clear_bhb_loop+0x40/0x90
[  266.542095][ T8946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.542127][ T8946] RIP: 0033:0x7efef659c819
[  266.542154][ T8946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  266.542183][ T8946] RSP: 002b:00007efef7517028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  266.542214][ T8946] RAX: ffffffffffffffda RBX: 00007efef6816090 RCX: 00007efef659c819
[  266.542233][ T8946] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  266.542252][ T8946] RBP: 00007efef7517090 R08: 0000000000000000 R09: 0000000000000000
[  266.542271][ T8946] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  266.542289][ T8946] R13: 00007efef6816128 R14: 00007efef6816090 R15: 00007ffea174ba98
[  266.542328][ T8946]  </TASK>
[  267.473062][ T5834] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  267.701832][ T8959] [U] ^@
[  268.531104][ T8973] FAULT_INJECTION: forcing a failure.
[  268.531104][ T8973] name failslab, interval 1, probability 0, space 0, times 0
[  268.544099][ T8973] CPU: 0 UID: 0 PID: 8973 Comm: syz.0.679 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  268.544150][ T8973] Tainted: [L]=SOFTLOCKUP
[  268.544162][ T8973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  268.544182][ T8973] Call Trace:
[  268.544193][ T8973]  <TASK>
[  268.544206][ T8973]  dump_stack_lvl+0x100/0x190
[  268.544266][ T8973]  should_fail_ex.cold+0x5/0xa
[  268.544307][ T8973]  should_failslab+0xc2/0x120
[  268.544345][ T8973]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  268.544402][ T8973]  ? security_inode_alloc+0x3b/0x2c0
[  268.544441][ T8973]  ? lockdep_init_map_type+0x5c/0x250
[  268.544494][ T8973]  security_inode_alloc+0x3b/0x2c0
[  268.544535][ T8973]  inode_init_always_gfp+0xced/0x1040
[  268.544577][ T8973]  alloc_inode+0x8e/0x250
[  268.544636][ T8973]  new_inode+0x22/0x1c0
[  268.544686][ T8973]  hugetlbfs_get_inode+0x313/0x750
[  268.544732][ T8973]  hugetlb_file_setup+0x15b/0x5b0
[  268.544777][ T8973]  ksys_mmap_pgoff+0x232/0x650
[  268.544817][ T8973]  ? __x64_sys_futex+0x358/0x4d0
[  268.544865][ T8973]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  268.544903][ T8973]  ? xfd_validate_state+0x129/0x190
[  268.544959][ T8973]  __x64_sys_mmap+0x125/0x190
[  268.545017][ T8973]  do_syscall_64+0x106/0xf80
[  268.545050][ T8973]  ? clear_bhb_loop+0x40/0x90
[  268.545095][ T8973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.545131][ T8973] RIP: 0033:0x7efef659c819
[  268.545158][ T8973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.545191][ T8973] RSP: 002b:00007efef7538028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  268.545224][ T8973] RAX: ffffffffffffffda RBX: 00007efef6815fa0 RCX: 00007efef659c819
[  268.545245][ T8973] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000000
[  268.545265][ T8973] RBP: 00007efef6632c91 R08: 0000000000000401 R09: 0000300000000000
[  268.545287][ T8973] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000
[  268.545308][ T8973] R13: 00007efef6816038 R14: 00007efef6815fa0 R15: 00007ffea174ba98
[  268.545352][ T8973]  </TASK>
[  271.081314][ T9000] netlink: 12 bytes leftover after parsing attributes in process `syz.4.683'.
[  272.548274][ T9020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.687'.
[  273.059458][ T9029] netlink: 330 bytes leftover after parsing attributes in process `syz.0.689'.
[  275.059819][ T9068] futex_wake_op: syz.3.699 tries to shift op by -2048; fix this program
[  275.185888][ T9068] futex_wake_op: syz.3.699 tries to shift op by -2048; fix this program
[  275.241255][ T9068] 0x000000000001-0x000000020000 : ""
[  275.596702][ T9068] ftl_cs: FTL header corrupt!
[  282.047338][ T9192] FAULT_INJECTION: forcing a failure.
[  282.047338][ T9192] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.090762][ T9192] CPU: 0 UID: 0 PID: 9192 Comm: syz.4.715 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  282.090816][ T9192] Tainted: [L]=SOFTLOCKUP
[  282.090828][ T9192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  282.090848][ T9192] Call Trace:
[  282.090858][ T9192]  <TASK>
[  282.090870][ T9192]  dump_stack_lvl+0x100/0x190
[  282.090927][ T9192]  should_fail_ex.cold+0x5/0xa
[  282.090967][ T9192]  _copy_from_user+0x2e/0xd0
[  282.091011][ T9192]  copy_msghdr_from_user+0x9f/0x4f0
[  282.091056][ T9192]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  282.091098][ T9192]  ? kasan_quarantine_put+0x104/0x240
[  282.091158][ T9192]  ? rcu_is_watching+0x12/0xc0
[  282.091209][ T9192]  ? ___sys_sendmsg+0x19d/0x1e0
[  282.091249][ T9192]  ? kfree+0x2ec/0x6b0
[  282.091300][ T9192]  ___sys_sendmsg+0x106/0x1e0
[  282.091346][ T9192]  ? __pfx____sys_sendmsg+0x10/0x10
[  282.091427][ T9192]  ? __pfx___might_resched+0x10/0x10
[  282.091488][ T9192]  __sys_sendmmsg+0x205/0x430
[  282.091526][ T9192]  ? __pfx___sys_sendmmsg+0x10/0x10
[  282.091571][ T9192]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  282.091632][ T9192]  ? fput+0x79/0x100
[  282.091672][ T9192]  ? ksys_write+0x1ac/0x250
[  282.091704][ T9192]  ? __pfx_ksys_write+0x10/0x10
[  282.091744][ T9192]  __x64_sys_sendmmsg+0x9c/0x100
[  282.091775][ T9192]  ? lockdep_hardirqs_on+0x78/0x100
[  282.091808][ T9192]  do_syscall_64+0x106/0xf80
[  282.091840][ T9192]  ? clear_bhb_loop+0x40/0x90
[  282.091881][ T9192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.091914][ T9192] RIP: 0033:0x7f7b8d19c819
[  282.091940][ T9192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  282.091971][ T9192] RSP: 002b:00007f7b8b3d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  282.092002][ T9192] RAX: ffffffffffffffda RBX: 00007f7b8d416090 RCX: 00007f7b8d19c819
[  282.092024][ T9192] RDX: 00000000000009a6 RSI: 0000200000000000 RDI: 0000000000000003
[  282.092044][ T9192] RBP: 00007f7b8b3d5090 R08: 0000000000000000 R09: 0000000000000000
[  282.092064][ T9192] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000002
[  282.092084][ T9192] R13: 00007f7b8d416128 R14: 00007f7b8d416090 R15: 00007ffd41c4bf98
[  282.092124][ T9192]  </TASK>
[  283.167486][ T9205] syz.4.716 uses obsolete (PF_INET,SOCK_PACKET)
[  288.437967][ T9290] netlink: 8 bytes leftover after parsing attributes in process `syz.0.732'.
[  288.935119][ T9295] netlink: 4 bytes leftover after parsing attributes in process `syz.0.733'.
[  289.751139][ T5834] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  290.005560][ T9301] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  290.012211][ T9301] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  290.018212][ T9301] FAULT_INJECTION: forcing a failure.
[  290.018212][ T9301] name failslab, interval 1, probability 0, space 0, times 0
[  290.031105][ T9301] CPU: 1 UID: 0 PID: 9301 Comm: syz.0.735 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  290.031159][ T9301] Tainted: [L]=SOFTLOCKUP
[  290.031171][ T9301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  290.031193][ T9301] Call Trace:
[  290.031204][ T9301]  <TASK>
[  290.031216][ T9301]  dump_stack_lvl+0x100/0x190
[  290.031276][ T9301]  should_fail_ex.cold+0x5/0xa
[  290.031321][ T9301]  should_failslab+0xc2/0x120
[  290.031364][ T9301]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  290.031424][ T9301]  ? __alloc_skb+0x140/0x710
[  290.031487][ T9301]  __alloc_skb+0x140/0x710
[  290.031538][ T9301]  ? __alloc_skb+0x5b7/0x710
[  290.031591][ T9301]  ? __pfx___alloc_skb+0x10/0x10
[  290.031658][ T9301]  mgmt_send_event+0x44/0x180
[  290.031715][ T9301]  mgmt_suspending+0x88/0xc0
[  290.031765][ T9301]  ? __pfx_mgmt_suspending+0x10/0x10
[  290.031808][ T9301]  ? mgmt_pending_find+0x13e/0x1a0
[  290.031876][ T9301]  hci_suspend_dev+0x408/0x540
[  290.031914][ T9301]  ? __pfx_hci_suspend_dev+0x10/0x10
[  290.031953][ T9301]  ? kobject_get+0xbb/0x150
[  290.031978][ T9301]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  290.032006][ T9301]  hci_suspend_notifier+0x21e/0x330
[  290.032046][ T9301]  notifier_call_chain+0x99/0x420
[  290.032087][ T9301]  blocking_notifier_call_chain_robust+0xc8/0x160
[  290.032125][ T9301]  ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10
[  290.032171][ T9301]  pm_notifier_call_chain_robust+0x27/0x60
[  290.032206][ T9301]  snapshot_open+0x189/0x2a0
[  290.032235][ T9301]  ? __pfx_snapshot_open+0x10/0x10
[  290.032265][ T9301]  misc_open+0x26d/0x450
[  290.032297][ T9301]  ? __pfx_misc_open+0x10/0x10
[  290.032328][ T9301]  chrdev_open+0x234/0x6a0
[  290.032353][ T9301]  ? __pfx_apparmor_file_open+0x10/0x10
[  290.032381][ T9301]  ? __pfx_chrdev_open+0x10/0x10
[  290.032410][ T9301]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  290.032462][ T9301]  do_dentry_open+0x6d8/0x1660
[  290.032488][ T9301]  ? __pfx_chrdev_open+0x10/0x10
[  290.032522][ T9301]  vfs_open+0x82/0x3f0
[  290.032557][ T9301]  path_openat+0x208c/0x31a0
[  290.032594][ T9301]  ? __pfx_path_openat+0x10/0x10
[  290.032635][ T9301]  do_file_open+0x20e/0x430
[  290.032664][ T9301]  ? __pfx_do_file_open+0x10/0x10
[  290.032713][ T9301]  ? alloc_fd+0x476/0x790
[  290.032741][ T9301]  ? do_getname+0x191/0x390
[  290.032776][ T9301]  do_sys_openat2+0x10d/0x1e0
[  290.032809][ T9301]  ? __pfx_do_sys_openat2+0x10/0x10
[  290.032845][ T9301]  ? __fget_files+0x21f/0x3d0
[  290.032882][ T9301]  __x64_sys_openat+0x12d/0x210
[  290.032917][ T9301]  ? __pfx___x64_sys_openat+0x10/0x10
[  290.032963][ T9301]  do_syscall_64+0x106/0xf80
[  290.032986][ T9301]  ? clear_bhb_loop+0x40/0x90
[  290.033016][ T9301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.033040][ T9301] RIP: 0033:0x7efef659c819
[  290.033062][ T9301] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  290.033086][ T9301] RSP: 002b:00007efef7538028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  290.033109][ T9301] RAX: ffffffffffffffda RBX: 00007efef6815fa0 RCX: 00007efef659c819
[  290.033125][ T9301] RDX: 0000000000020000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  290.033141][ T9301] RBP: 00007efef6632c91 R08: 0000000000000000 R09: 0000000000000000
[  290.033155][ T9301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  290.033170][ T9301] R13: 00007efef6816038 R14: 00007efef6815fa0 R15: 00007ffea174ba98
[  290.033201][ T9301]  </TASK>
[  290.034201][ T9301] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  290.380234][ T9303] ima: policy update failed
[  290.396963][   T30] audit: type=1802 audit(268435550.970:22): pid=9303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.736" res=0 errno=0
[  290.414011][ T9301] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  290.420114][ T9301] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  290.428200][ T9301] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  290.674512][ T9315] GUP no longer grows the stack in syz.3.738 (9315): 14000-18000 (4000)
[  290.683422][ T9315] CPU: 1 UID: 0 PID: 9315 Comm: syz.3.738 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  290.683475][ T9315] Tainted: [L]=SOFTLOCKUP
[  290.683488][ T9315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  290.683507][ T9315] Call Trace:
[  290.683518][ T9315]  <TASK>
[  290.683530][ T9315]  dump_stack_lvl+0x100/0x190
[  290.683593][ T9315]  gup_vma_lookup.cold+0x83/0x96
[  290.683646][ T9315]  __get_user_pages+0x241/0x34d0
[  290.683703][ T9315]  ? find_held_lock+0x2b/0x80
[  290.683738][ T9315]  ? mtree_load+0x311/0xa40
[  290.683772][ T9315]  ? __pfx___get_user_pages+0x10/0x10
[  290.683836][ T9315]  get_user_pages_remote+0x3d2/0xb10
[  290.683893][ T9315]  ? __pfx_get_user_pages_remote+0x10/0x10
[  290.683940][ T9315]  ? noop_dirty_folio+0x98/0x160
[  290.683991][ T9315]  __access_remote_vm+0x3ba/0xa70
[  290.684037][ T9315]  ? __pfx___access_remote_vm+0x10/0x10
[  290.684086][ T9315]  mem_rw+0x20a/0x640
[  290.684134][ T9315]  vfs_write+0x2aa/0x1070
[  290.684171][ T9315]  ? __pfx_mem_write+0x10/0x10
[  290.684215][ T9315]  ? __pfx_vfs_write+0x10/0x10
[  290.684249][ T9315]  ? __fget_files+0x215/0x3d0
[  290.684294][ T9315]  ? __fget_files+0x21f/0x3d0
[  290.684342][ T9315]  ksys_write+0x12a/0x250
[  290.684376][ T9315]  ? __pfx_ksys_write+0x10/0x10
[  290.684425][ T9315]  do_syscall_64+0x106/0xf80
[  290.684458][ T9315]  ? clear_bhb_loop+0x40/0x90
[  290.684502][ T9315]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.684536][ T9315] RIP: 0033:0x7fb17e39c819
[  290.684566][ T9315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  290.684601][ T9315] RSP: 002b:00007fb17f246028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  290.684634][ T9315] RAX: ffffffffffffffda RBX: 00007fb17e615fa0 RCX: 00007fb17e39c819
[  290.684657][ T9315] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  290.684678][ T9315] RBP: 00007fb17e432c91 R08: 0000000000000000 R09: 0000000000000000
[  290.684700][ T9315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  290.684720][ T9315] R13: 00007fb17e616038 R14: 00007fb17e615fa0 R15: 00007ffdf57fa0a8
[  290.684766][ T9315]  </TASK>
[  291.350893][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  291.463145][ T9340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.744'.
[  292.074894][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  292.081148][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  292.208729][ T9367] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[  292.237065][ T9367] mmap: syz.0.751 (9367) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  292.461070][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  292.774877][ T9380] netlink: 8 bytes leftover after parsing attributes in process `syz.0.754'.
[  294.545262][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  294.605492][ T9412] netlink: 12 bytes leftover after parsing attributes in process `syz.4.763'.
[  295.020499][ T9436] netlink: 8 bytes leftover after parsing attributes in process `syz.2.767'.
[  296.298133][ T9468] syz.3.774 (9468): attempted to duplicate a private mapping with mremap.  This is not supported.
[  296.620815][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  297.155936][ T9485] netlink: 8 bytes leftover after parsing attributes in process `syz.4.780'.
[  298.835892][ T9515] [U] 
[  298.839029][ T9515] [U] 
[  298.842044][ T9515] [U] 
[  298.844898][ T9515] [U] 
[  298.881119][ T9515] [U] 
[  298.883952][ T9515] [U] 
[  298.886741][ T9515] [U] 
[  298.889510][ T9515] [U] 
[  298.922523][ T9520] sd 0:0:1:0: PR command failed: 1026
[  298.936364][ T9515] [U] 
[  298.939174][ T9515] [U] 
[  298.941944][ T9515] [U] 
[  298.944717][ T9515] [U] 
[  298.948523][ T9520] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  298.956969][ T9520] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  299.021557][ T9515] [U] 
[  299.024354][ T9515] [U] 
[  299.027098][ T9515] [U] 
[  299.029833][ T9515] [U] 
[  299.109679][ T9515] [U] 
[  299.163388][ T9526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.790'.
[  299.794976][ T9534] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  299.802577][ T9534] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  299.831041][ T9534] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  299.855772][ T9534] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  300.482424][ T9551] netlink: 8 bytes leftover after parsing attributes in process `syz.2.798'.
[  301.681720][ T9571] netlink: 8 bytes leftover after parsing attributes in process `syz.2.802'.
[  301.842986][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout
[  301.849090][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout
[  301.900920][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout
[  301.901067][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout
[  303.931148][ T9604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00
[  303.940333][ T9604] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  303.961354][ T9604] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  303.969010][ T9604] page_type: f5(slab)
[  303.973867][ T9604] raw: 00fff00000000040 ffff88813fe55500 dead000000000100 dead000000000122
[  303.983389][ T9604] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[  304.016811][ T9604] head: 00fff00000000040 ffff88813fe55500 dead000000000100 dead000000000122
[  304.111054][ T9604] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000
[  304.119847][ T9604] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff
[  304.236629][ T9604] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  304.284278][ T9604] page dumped because: unmovable page
[  304.304717][ T9604] page_owner tracks the page as allocated
[  304.315924][ T9607] cgroup: fork rejected by pids controller in /syz0
[  304.440793][ T9604] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5203, tgid 5203 (udevd), ts 40864551825, free_ts 40850102440
[  304.500776][ T9604]  post_alloc_hook+0x153/0x170
[  304.512322][ T9604]  get_page_from_freelist+0x111d/0x3140
[  304.518097][ T9604]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  304.540920][ T9604]  new_slab+0xa6/0x6b0
[  304.545086][ T9604]  refill_objects+0x26b/0x400
[  304.682209][ T9604]  __pcs_replace_empty_main+0x1ab/0x660
[  304.687907][ T9604]  __kvmalloc_node_noprof+0x7da/0xa00
[  304.701127][ T9604]  seq_read_iter+0x819/0x1270
[  304.706299][ T9604]  kernfs_fop_read_iter+0x46c/0x610
[  304.760568][ T9604]  vfs_read+0x825/0xb30
[  304.771076][ T9604]  ksys_read+0x12a/0x250
[  304.775433][ T9604]  do_syscall_64+0x106/0xf80
[  304.780303][ T9604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  304.863679][ T9604] page last free pid 5198 tgid 5198 stack trace:
[  304.870103][ T9604]  __free_frozen_pages+0x7e1/0x10d0
[  304.940598][ T9604]  qlist_free_all+0x47/0xe0
[  304.945354][ T9604]  kasan_quarantine_reduce+0x1a0/0x1f0
[  304.991483][ T9604]  __kasan_slab_alloc+0x69/0x90
[  304.996442][ T9604]  kmem_cache_alloc_noprof+0x241/0x6e0
[  305.011304][ T9604]  vm_area_dup+0x27/0x8e0
[  305.015749][ T9604]  dup_mmap+0x6f6/0x2180
[  305.020053][ T9604]  copy_process+0x7523/0x7a40
[  305.025617][ T9604]  kernel_clone+0xfc/0x9a0
[  305.030110][ T9604]  __do_sys_clone+0xd9/0x120
[  305.037915][ T9604]  do_syscall_64+0x106/0xf80
[  305.042887][ T9604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.454166][ T9784] netlink: 8 bytes leftover after parsing attributes in process `syz.3.825'.
[  310.344645][ T9789] can: request_module (can-proto-0) failed.
[  311.321723][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.830'.
[  311.359768][ T9801] netlink: 4 bytes leftover after parsing attributes in process `syz.0.830'.
[  312.676340][ T9824] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  315.170184][ T9873] random: crng reseeded on system resumption
[  317.504547][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  317.511087][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  320.757165][ T9941] netlink: 342 bytes leftover after parsing attributes in process `syz.2.856'.
[  320.782692][ T9942] netlink: 294 bytes leftover after parsing attributes in process `syz.2.856'.
[  322.536731][ T9957] FAULT_INJECTION: forcing a failure.
[  322.536731][ T9957] name failslab, interval 1, probability 0, space 0, times 0
[  322.570117][ T9957] CPU: 0 UID: 0 PID: 9957 Comm: syz.0.860 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  322.570168][ T9957] Tainted: [L]=SOFTLOCKUP
[  322.570180][ T9957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  322.570206][ T9957] Call Trace:
[  322.570218][ T9957]  <TASK>
[  322.570230][ T9957]  dump_stack_lvl+0x100/0x190
[  322.570291][ T9957]  should_fail_ex.cold+0x5/0xa
[  322.570334][ T9957]  should_failslab+0xc2/0x120
[  322.570375][ T9957]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  322.570431][ T9957]  ? __proc_create+0x2cb/0x8c0
[  322.570473][ T9957]  __proc_create+0x2cb/0x8c0
[  322.570507][ T9957]  ? __pfx___proc_create+0x10/0x10
[  322.570539][ T9957]  ? __lock_acquire+0x4a5/0x2630
[  322.570598][ T9957]  ? _raw_write_unlock+0x28/0x50
[  322.570659][ T9957]  ? proc_register+0x559/0x8a0
[  322.570698][ T9957]  proc_create_reg+0x75/0x170
[  322.570736][ T9957]  proc_create_data+0x86/0x110
[  322.570774][ T9957]  ? __pfx_proc_create_data+0x10/0x10
[  322.570800][ T9957]  ? net_generic+0xea/0x2a0
[  322.570843][ T9957]  gss_svc_init_net+0x2e7/0x640
[  322.570879][ T9957]  ? __pfx_canbcm_pernet_init+0x10/0x10
[  322.570905][ T9957]  ? __pfx_rpcsec_gss_init_net+0x10/0x10
[  322.570944][ T9957]  ops_init+0x1e2/0x5f0
[  322.570972][ T9957]  setup_net+0x118/0x3a0
[  322.571002][ T9957]  ? __pfx_setup_net+0x10/0x10
[  322.571024][ T9957]  ? lockdep_init_map_type+0x5c/0x250
[  322.571058][ T9957]  ? mutex_init_lockep+0x110/0x150
[  322.571096][ T9957]  copy_net_ns+0x46f/0x7c0
[  322.571126][ T9957]  create_new_namespaces+0x3ea/0xac0
[  322.571160][ T9957]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  322.571189][ T9957]  ksys_unshare+0x473/0xad0
[  322.571223][ T9957]  ? __pfx_ksys_unshare+0x10/0x10
[  322.571264][ T9957]  __x64_sys_unshare+0x31/0x40
[  322.571295][ T9957]  do_syscall_64+0x106/0xf80
[  322.571317][ T9957]  ? clear_bhb_loop+0x40/0x90
[  322.571347][ T9957]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.571371][ T9957] RIP: 0033:0x7efef659c819
[  322.571392][ T9957] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  322.571416][ T9957] RSP: 002b:00007efef7538028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  322.571445][ T9957] RAX: ffffffffffffffda RBX: 00007efef6815fa0 RCX: 00007efef659c819
[  322.571461][ T9957] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  322.571476][ T9957] RBP: 00007efef6632c91 R08: 0000000000000000 R09: 0000000000000000
[  322.571491][ T9957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  322.571506][ T9957] R13: 00007efef6816038 R14: 00007efef6815fa0 R15: 00007ffea174ba98
[  322.571537][ T9957]  </TASK>
[  325.227294][   T30] audit: type=1800 audit(268435585.780:23): pid=9986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.864" name="dbroot" dev="configfs" ino=29023 res=0 errno=0
[  327.517430][T10008] ecryptfs_miscdev_write: Invalid packet size [192]
[  335.223798][T10096] Invalid ELF header magic: != ELF
[  335.705332][   T30] audit: type=1804 audit(268435596.280:24): pid=10083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.883" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=21 res=1 errno=0
[  338.535376][T10133] [U] 
[  338.538190][T10133] [U] 
[  338.540940][T10133] [U] 
[  338.543690][T10133] [U] 
[  338.592020][T10133] [U] 
[  338.594836][T10133] [U] 
[  338.597587][T10133] [U] 
[  338.600338][T10133] [U] 
[  338.918682][T10127] [U] 
[  343.530293][T10184] kexec: Could not allocate control_code_buffer
[  349.977550][T10274] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  353.667921][ T5144] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13
[  353.703050][T10329] netlink: 330 bytes leftover after parsing attributes in process `syz.3.937'.
[  356.249404][T10374] nvme_fcloop: unknown parameter or missing value '�'
[  357.514023][T10399] zswap: compressor  not available
[  363.254891][T10476] FAULT_INJECTION: forcing a failure.
[  363.254891][T10476] name fail_futex, interval 1, probability 0, space 0, times 1
[  363.313206][T10476] CPU: 1 UID: 0 PID: 10476 Comm: syz.2.968 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  363.313255][T10476] Tainted: [L]=SOFTLOCKUP
[  363.313265][T10476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  363.313284][T10476] Call Trace:
[  363.313294][T10476]  <TASK>
[  363.313305][T10476]  dump_stack_lvl+0x100/0x190
[  363.313377][T10476]  should_fail_ex.cold+0x5/0xa
[  363.313409][T10476]  ? rcu_is_watching+0x12/0xc0
[  363.313464][T10476]  get_futex_key+0x107c/0x1620
[  363.313508][T10476]  ? __pfx_get_futex_key+0x10/0x10
[  363.313544][T10476]  ? lock_acquire+0x1cf/0x380
[  363.313600][T10476]  futex_wake+0xea/0x530
[  363.313652][T10476]  ? __pfx_futex_wake+0x10/0x10
[  363.313701][T10476]  ? exit_mm_release+0x19/0x30
[  363.313752][T10476]  do_futex+0x32b/0x350
[  363.313796][T10476]  ? __pfx_do_futex+0x10/0x10
[  363.313836][T10476]  ? __might_fault+0xc5/0x140
[  363.313901][T10476]  mm_release+0x24a/0x2f0
[  363.313936][T10476]  do_exit+0x704/0x2b60
[  363.313984][T10476]  ? __pfx_do_exit+0x10/0x10
[  363.314028][T10476]  ? do_raw_spin_lock+0x128/0x260
[  363.314075][T10476]  ? find_held_lock+0x2b/0x80
[  363.314106][T10476]  ? get_signal+0x7e0/0x21e0
[  363.314144][T10476]  do_group_exit+0xd5/0x2a0
[  363.314191][T10476]  get_signal+0x1ec7/0x21e0
[  363.314240][T10476]  ? __pfx_get_signal+0x10/0x10
[  363.314276][T10476]  ? do_futex+0x192/0x350
[  363.314324][T10476]  arch_do_signal_or_restart+0x91/0x770
[  363.314364][T10476]  ? find_held_lock+0x2b/0x80
[  363.314395][T10476]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  363.314447][T10476]  ? __pfx___x64_sys_futex+0x10/0x10
[  363.314499][T10476]  exit_to_user_mode_loop+0x86/0x4a0
[  363.314547][T10476]  do_syscall_64+0x668/0xf80
[  363.314578][T10476]  ? clear_bhb_loop+0x40/0x90
[  363.314616][T10476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.314649][T10476] RIP: 0033:0x7fe91a79c819
[  363.314674][T10476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  363.314705][T10476] RSP: 002b:00007fe91b5c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  363.314736][T10476] RAX: fffffffffffffe00 RBX: 00007fe91aa16098 RCX: 00007fe91a79c819
[  363.314756][T10476] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe91aa16098
[  363.314775][T10476] RBP: 00007fe91aa16090 R08: 0000000000000000 R09: 0000000000000000
[  363.314795][T10476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  363.314814][T10476] R13: 00007fe91aa16128 R14: 00007ffe92c42950 R15: 00007ffe92c42a38
[  363.314861][T10476]  </TASK>
[  364.828674][T10508] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  365.942596][T10483] kexec: Could not allocate control_code_buffer
[  370.250579][T10600] zswap: compressor  not available
[  370.595732][T10616] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  371.364645][T10635] bridge0: port 3(team0) entered blocking state
[  371.383793][T10635] bridge0: port 3(team0) entered disabled state
[  371.458963][T10635] team0: entered allmulticast mode
[  371.475987][T10635] team_slave_0: entered allmulticast mode
[  371.550011][T10635] team_slave_1: entered allmulticast mode
[  371.591694][T10635] team0: entered promiscuous mode
[  371.596782][T10635] team_slave_0: entered promiscuous mode
[  371.633804][T10635] team_slave_1: entered promiscuous mode
[  371.743109][T10635] bridge0: port 3(team0) entered blocking state
[  371.749739][T10635] bridge0: port 3(team0) entered forwarding state
[  373.211593][T10660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.997'.
[  374.271663][T10657] FAULT_INJECTION: forcing a failure.
[  374.271663][T10657] name fail_futex, interval 1, probability 0, space 0, times 0
[  374.299932][T10657] CPU: 1 UID: 0 PID: 10657 Comm: syz.0.999 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  374.299988][T10657] Tainted: [L]=SOFTLOCKUP
[  374.299999][T10657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  374.300019][T10657] Call Trace:
[  374.300029][T10657]  <TASK>
[  374.300048][T10657]  dump_stack_lvl+0x100/0x190
[  374.300110][T10657]  should_fail_ex.cold+0x5/0xa
[  374.300151][T10657]  get_futex_key+0x1d2/0x1620
[  374.300203][T10657]  ? __pfx_get_futex_key+0x10/0x10
[  374.300249][T10657]  ? blk_finish_plug+0x83/0xa0
[  374.300304][T10657]  ? madvise_do_behavior+0x1fc/0x510
[  374.300357][T10657]  futex_wake+0xea/0x530
[  374.300415][T10657]  ? __pfx___up_read+0x10/0x10
[  374.300463][T10657]  ? madvise_unlock+0x172/0x220
[  374.300506][T10657]  ? __pfx_futex_wake+0x10/0x10
[  374.300565][T10657]  ? madvise_unlock+0xa9/0x220
[  374.300619][T10657]  do_futex+0x32b/0x350
[  374.300662][T10657]  ? __pfx_do_futex+0x10/0x10
[  374.300717][T10657]  __x64_sys_futex+0x34f/0x4d0
[  374.300767][T10657]  ? __pfx___x64_sys_futex+0x10/0x10
[  374.300842][T10657]  do_syscall_64+0x106/0xf80
[  374.300871][T10657]  ? clear_bhb_loop+0x40/0x90
[  374.300909][T10657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.300939][T10657] RIP: 0033:0x7efef659c819
[  374.300964][T10657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  374.300997][T10657] RSP: 002b:00007efef75380e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  374.301026][T10657] RAX: ffffffffffffffda RBX: 00007efef6815fa8 RCX: 00007efef659c819
[  374.301053][T10657] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efef6815fac
[  374.301071][T10657] RBP: 00007efef6815fa0 R08: 0000000000000000 R09: 0000000000000000
[  374.301087][T10657] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  374.301103][T10657] R13: 00007efef6816038 R14: 00007ffea174b9b0 R15: 00007ffea174ba98
[  374.301156][T10657]  </TASK>
[  375.530508][T10688] syz.4.1003: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  375.581129][T10688] CPU: 0 UID: 0 PID: 10688 Comm: syz.4.1003 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  375.581188][T10688] Tainted: [L]=SOFTLOCKUP
[  375.581197][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  375.581211][T10688] Call Trace:
[  375.581220][T10688]  <TASK>
[  375.581228][T10688]  dump_stack_lvl+0x100/0x190
[  375.581270][T10688]  warn_alloc.cold+0x95/0x1c1
[  375.581314][T10688]  ? __pfx_warn_alloc+0x10/0x10
[  375.581354][T10688]  ? __lock_acquire+0x4a5/0x2630
[  375.581402][T10688]  __vmalloc_node_range_noprof+0x1252/0x1530
[  375.581439][T10688]  ? rcu_is_watching+0x12/0xc0
[  375.581478][T10688]  ? trace_contention_end+0x140/0x180
[  375.581514][T10688]  ? dvb_dvr_do_ioctl+0x15d/0x270
[  375.581544][T10688]  ? dvb_dvr_do_ioctl+0x7e/0x270
[  375.581570][T10688]  ? tomoyo_path_number_perm+0x28f/0x580
[  375.581601][T10688]  ? tomoyo_path_number_perm+0x28f/0x580
[  375.581633][T10688]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  375.581666][T10688]  ? __pfx___mutex_lock+0x10/0x10
[  375.581707][T10688]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  375.581737][T10688]  ? futex_wait+0x125/0x380
[  375.581779][T10688]  ? dvb_dvr_do_ioctl+0x15d/0x270
[  375.581805][T10688]  __vmalloc_node_noprof+0xad/0xf0
[  375.581837][T10688]  ? dvb_dvr_do_ioctl+0x15d/0x270
[  375.581868][T10688]  dvb_dvr_do_ioctl+0x15d/0x270
[  375.581901][T10688]  dvb_usercopy+0x167/0x340
[  375.581928][T10688]  ? __pfx_dvb_dvr_do_ioctl+0x10/0x10
[  375.581958][T10688]  ? __pfx_dvb_usercopy+0x10/0x10
[  375.581995][T10688]  ? __fget_files+0x21f/0x3d0
[  375.582026][T10688]  dvb_dvr_ioctl+0x29/0x40
[  375.582051][T10688]  ? __pfx_dvb_dvr_ioctl+0x10/0x10
[  375.582078][T10688]  __x64_sys_ioctl+0x18e/0x210
[  375.582118][T10688]  do_syscall_64+0x106/0xf80
[  375.582179][T10688]  ? clear_bhb_loop+0x40/0x90
[  375.582223][T10688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.582254][T10688] RIP: 0033:0x7f7b8d19c819
[  375.582275][T10688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  375.582298][T10688] RSP: 002b:00007f7b8b3f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.582321][T10688] RAX: ffffffffffffffda RBX: 00007f7b8d415fa0 RCX: 00007f7b8d19c819
[  375.582336][T10688] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000007
[  375.582351][T10688] RBP: 00007f7b8d232c91 R08: 0000000000000000 R09: 0000000000000000
[  375.582366][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  375.582381][T10688] R13: 00007f7b8d416038 R14: 00007f7b8d415fa0 R15: 00007ffd41c4bf98
[  375.582412][T10688]  </TASK>
[  375.582421][T10688] Mem-Info:
[  375.921296][T10688] active_anon:54015 inactive_anon:0 isolated_anon:0
[  375.921296][T10688]  active_file:19715 inactive_file:41466 isolated_file:0
[  375.921296][T10688]  unevictable:768 dirty:369 writeback:425
[  375.921296][T10688]  slab_reclaimable:11626 slab_unreclaimable:95769
[  375.921296][T10688]  mapped:46038 shmem:33627 pagetables:1534
[  375.921296][T10688]  sec_pagetables:0 bounce:0
[  375.921296][T10688]  kernel_misc_reclaimable:0
[  375.921296][T10688]  free:1264034 free_pcp:18846 free_cma:0
[  376.008100][T10688] Node 0 active_anon:216560kB inactive_anon:0kB active_file:78988kB inactive_file:165660kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:189500kB dirty:672kB writeback:0kB shmem:133372kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:24576kB kernel_stack:12804kB pagetables:6056kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  376.139508][T10688] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  376.204266][T10688] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  376.356738][T10688] lowmem_reserve[]: 0 2477 2478 2478 2478
[  376.378601][T10688] Node 0 DMA32 free:1124540kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB free_highatomic:0KB active_anon:218772kB inactive_anon:0kB active_file:88332kB inactive_file:165660kB unevictable:1536kB writepending:676kB zspages:0kB present:3129332kB managed:2537292kB mlocked:0kB bounce:0kB free_pcp:43376kB local_pcp:32204kB free_cma:0kB
[  376.431132][T10688] lowmem_reserve[]: 0 0 1 1 1
[  376.436122][T10688] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1056kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB
[  376.560834][T10688] lowmem_reserve[]: 0 0 0 0 0
[  376.565629][T10688] Node 1 Normal free:3902576kB boost:0kB min:55584kB low:69480kB high:83376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:31440kB local_pcp:19844kB free_cma:0kB
[  376.675549][T10688] lowmem_reserve[]: 0 0 0 0 0
[  376.680393][T10688] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  376.720751][T10688] Node 0 DMA32: 1319*4kB (UME) 2237*8kB (UE) 1007*16kB (UME) 64*32kB (UME) 185*64kB (UME) 413*128kB (UME) 222*256kB (ME) 107*512kB (UME) 60*1024kB (UME) 6*2048kB (UME) 200*4096kB (UM) = 1110580kB
[  376.760792][T10688] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  376.792799][T10688] Node 1 Normal: 2*4kB (U) 2*8kB (U) 2*16kB (U) 1*32kB (U) 4*64kB (UM) 3*128kB (UM) 4*256kB (U) 3*512kB (UM) 4*1024kB (UM) 2*2048kB (UM) 950*4096kB (M) = 3902680kB
[  376.855987][T10688] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  376.884399][T10688] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[  376.904057][T10688] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  376.929825][T10688] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  376.948697][T10688] 104895 total pagecache pages
[  377.070785][T10688] 0 pages in swap cache
[  377.075304][T10688] Free swap  = 124996kB
[  377.079504][T10688] Total swap = 124996kB
[  377.105755][T10688] 2097051 pages RAM
[  377.109660][T10688] 0 pages HighMem/MovableOnly
[  377.148603][T10688] 430849 pages reserved
[  377.158793][T10688] 0 pages cma reserved
[  378.141025][T10718] random: crng reseeded on system resumption
[  378.951528][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  378.957878][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  382.104397][T10776] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1022'.
[  382.743606][T10580] netdevsim netdevsim10 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  384.882040][T10819] openvswitch: netlink: Message has 4 unknown bytes.
[  388.687729][T10857] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1039'.
[  400.627529][T11056] zswap: compressor  not available
[  400.744770][T11052] random: crng reseeded on system resumption
[  403.312430][T11098] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1082'.
[  403.446303][T11088] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  403.452955][T11088] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  403.459616][T11088] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  403.466451][T11088] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  403.510073][T11102] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  403.519833][T11102] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  403.528872][T11102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  403.537421][T11102] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  403.546181][T11102] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  403.572205][   T30] audit: type=1800 audit(268435664.150:25): pid=11106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1083" name="features" dev="configfs" ino=34502 res=0 errno=0
[  403.617929][T11106] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  403.729173][T11106] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  403.790237][T11106] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  403.856693][T11106] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  403.983381][T11091] chnl_net:caif_netlink_parms(): no params data found
[  404.172874][T11091] bridge0: port 1(bridge_slave_0) entered blocking state
[  404.180797][T11091] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.188153][T11091] bridge_slave_0: entered allmulticast mode
[  404.196587][T11091] bridge_slave_0: entered promiscuous mode
[  404.207520][T11091] bridge0: port 2(bridge_slave_1) entered blocking state
[  404.215402][T11091] bridge0: port 2(bridge_slave_1) entered disabled state
[  404.223187][T11091] bridge_slave_1: entered allmulticast mode
[  404.231630][T11091] bridge_slave_1: entered promiscuous mode
[  404.284603][T11091] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  404.337166][T11091] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  404.416103][T11091] team0: Port device team_slave_0 added
[  404.467357][T11091] team0: Port device team_slave_1 added
[  404.733702][T11102] Bluetooth: hci0: command 0x0c1a tx timeout
[  404.803078][T11091] batman_adv: batadv0: Adding interface: batadv_slave_0
[  404.820273][T11091] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  404.890727][T11091] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  404.920199][T11091] batman_adv: batadv0: Adding interface: batadv_slave_1
[  404.938601][T11091] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  405.006587][T11091] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  405.203034][T11091] hsr_slave_0: entered promiscuous mode
[  405.217402][T11091] hsr_slave_1: entered promiscuous mode
[  405.230490][T11091] debugfs: 'hsr0' already exists in 'hsr'
[  405.237295][T11091] Cannot create hsr debugfs directory
[  405.432520][T11132] random: crng reseeded on system resumption
[  405.462053][T11132] Restarting kernel threads ...
[  405.469617][T11132] Done restarting kernel threads.
[  405.503375][T11102] Bluetooth: hci4: command 0x0c1a tx timeout
[  405.509805][T11102] Bluetooth: hci2: command 0x0c1a tx timeout
[  405.518916][T10589] Bluetooth: hci1: command 0x0c1a tx timeout
[  405.565029][T11131] FAULT_INJECTION: forcing a failure.
[  405.565029][T11131] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.581037][T11135] Bluetooth: hci3: command tx timeout
[  405.630756][T11131] CPU: 1 UID: 0 PID: 11131 Comm: syz.3.1087 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  405.630804][T11131] Tainted: [L]=SOFTLOCKUP
[  405.630815][T11131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  405.630834][T11131] Call Trace:
[  405.630844][T11131]  <TASK>
[  405.630855][T11131]  dump_stack_lvl+0x100/0x190
[  405.630920][T11131]  should_fail_ex.cold+0x5/0xa
[  405.630960][T11131]  _copy_from_user+0x2e/0xd0
[  405.631005][T11131]  get_timespec64+0x8b/0x1b0
[  405.631045][T11131]  ? __pfx_get_timespec64+0x10/0x10
[  405.631081][T11131]  ? ktime_get+0x200/0x300
[  405.631126][T11131]  __x64_sys_futex+0x21a/0x4d0
[  405.631179][T11131]  ? __pfx___x64_sys_futex+0x10/0x10
[  405.631241][T11131]  do_syscall_64+0x106/0xf80
[  405.631273][T11131]  ? clear_bhb_loop+0x40/0x90
[  405.631315][T11131]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.631349][T11131] RIP: 0033:0x7fb17e39c819
[  405.631376][T11131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  405.631408][T11131] RSP: 002b:00007ffdf57fa208 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  405.631439][T11131] RAX: ffffffffffffffda RBX: 000000000006300a RCX: 00007fb17e39c819
[  405.631460][T11131] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb17e61609c
[  405.631480][T11131] RBP: 0000000000000032 R08: 0000000000000000 R09: 0000000000000000
[  405.631500][T11131] R10: 00007ffdf57fa310 R11: 0000000000000246 R12: 00007ffdf57fa330
[  405.631521][T11131] R13: 00007fb17e61609c R14: 000000000006303c R15: 00007ffdf57fa310
[  405.631564][T11131]  </TASK>
[  405.831540][T11091] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  405.847463][T11091] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  405.861968][T11091] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  405.874792][T11091] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  406.016894][T11138] mkiss: ax0: crc mode is auto.
[  406.091757][T11091] 8021q: adding VLAN 0 to HW filter on device bond0
[  406.138546][T11091] 8021q: adding VLAN 0 to HW filter on device team0
[  406.182584][T11009] bridge0: port 1(bridge_slave_0) entered blocking state
[  406.189943][T11009] bridge0: port 1(bridge_slave_0) entered forwarding state
[  406.273947][T11009] bridge0: port 2(bridge_slave_1) entered blocking state
[  406.281227][T11009] bridge0: port 2(bridge_slave_1) entered forwarding state
[  406.844033][T11091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  407.552564][T11091] veth0_vlan: entered promiscuous mode
[  407.566531][T11091] veth1_vlan: entered promiscuous mode
[  407.614464][T11091] veth0_macvtap: entered promiscuous mode
[  407.661336][T11135] Bluetooth: hci3: command tx timeout
[  407.665340][T11091] veth1_macvtap: entered promiscuous mode
[  407.742986][T11091] batman_adv: batadv0: Interface activated: batadv_slave_0
[  407.774127][T11091] batman_adv: batadv0: Interface activated: batadv_slave_1
[  407.818513][T11009] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  407.862940][T11009] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  407.873608][T11009] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  407.885632][T11009] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.012414][T10598] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.034559][T10598] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.077321][T10598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  408.091156][T10598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  409.740988][T11135] Bluetooth: hci3: command tx timeout
[  411.821302][T11135] Bluetooth: hci3: command tx timeout
[  412.960919][T11233] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  414.613552][T11256] random: crng reseeded on system resumption
[  414.646586][T11256] Restarting kernel threads ...
[  414.681117][T11256] Done restarting kernel threads.
[  414.762246][T11255] FAULT_INJECTION: forcing a failure.
[  414.762246][T11255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  414.830794][T11255] CPU: 0 UID: 0 PID: 11255 Comm: syz.5.1114 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  414.830844][T11255] Tainted: [L]=SOFTLOCKUP
[  414.830855][T11255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  414.830873][T11255] Call Trace:
[  414.830882][T11255]  <TASK>
[  414.830894][T11255]  dump_stack_lvl+0x100/0x190
[  414.830949][T11255]  should_fail_ex.cold+0x5/0xa
[  414.830988][T11255]  _copy_from_user+0x2e/0xd0
[  414.831032][T11255]  get_timespec64+0x8b/0x1b0
[  414.831078][T11255]  ? __pfx_get_timespec64+0x10/0x10
[  414.831113][T11255]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  414.831159][T11255]  __x64_sys_futex+0x21a/0x4d0
[  414.831209][T11255]  ? __pfx___x64_sys_futex+0x10/0x10
[  414.831269][T11255]  do_syscall_64+0x106/0xf80
[  414.831300][T11255]  ? clear_bhb_loop+0x40/0x90
[  414.831340][T11255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.831373][T11255] RIP: 0033:0x7f25c379c819
[  414.831398][T11255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  414.831428][T11255] RSP: 002b:00007ffe9595d9d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  414.831459][T11255] RAX: ffffffffffffffda RBX: 00000000000653f7 RCX: 00007f25c379c819
[  414.831479][T11255] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f25c3a1609c
[  414.831499][T11255] RBP: 0000000000000032 R08: 0000000000000000 R09: 0000000000000000
[  414.831518][T11255] R10: 00007ffe9595dae0 R11: 0000000000000246 R12: 00007ffe9595db00
[  414.831538][T11255] R13: 00007f25c3a1609c R14: 0000000000065429 R15: 00007ffe9595dae0
[  414.831580][T11255]  </TASK>
[  415.039949][T11261] mkiss: ax0: crc mode is auto.
[  415.090580][T11263] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1117'.
[  416.372162][T11282] FAULT_INJECTION: forcing a failure.
[  416.372162][T11282] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  416.440873][T11282] CPU: 0 UID: 0 PID: 11282 Comm: syz.3.1122 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  416.440930][T11282] Tainted: [L]=SOFTLOCKUP
[  416.440943][T11282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  416.440964][T11282] Call Trace:
[  416.440976][T11282]  <TASK>
[  416.440989][T11282]  dump_stack_lvl+0x100/0x190
[  416.441051][T11282]  should_fail_ex.cold+0x5/0xa
[  416.441087][T11282]  ? prepare_alloc_pages+0x16d/0x5f0
[  416.441132][T11282]  should_fail_alloc_page+0xeb/0x140
[  416.441173][T11282]  prepare_alloc_pages+0x1f0/0x5f0
[  416.441239][T11282]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  416.441306][T11282]  ? __lock_acquire+0x4a5/0x2630
[  416.441359][T11282]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[  416.441419][T11282]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  416.441483][T11282]  ? find_held_lock+0x2b/0x80
[  416.441516][T11282]  ? page_table_check_set+0x49a/0xa10
[  416.441551][T11282]  ? page_table_check_set+0x49a/0xa10
[  416.441593][T11282]  ? page_table_check_set+0x4a9/0xa10
[  416.441634][T11282]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  416.441673][T11282]  ? policy_nodemask+0xed/0x4f0
[  416.441714][T11282]  alloc_pages_mpol+0x1fb/0x550
[  416.441754][T11282]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  416.441790][T11282]  ? find_held_lock+0x2b/0x80
[  416.441836][T11282]  folio_alloc_mpol_noprof+0x36/0x340
[  416.441885][T11282]  vma_alloc_folio_noprof+0xed/0x1d0
[  416.441929][T11282]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  416.441974][T11282]  ? rcu_read_unlock+0x2d/0xb0
[  416.442025][T11282]  ? rcu_read_unlock+0x2d/0xb0
[  416.442075][T11282]  ? __lock_acquire+0x4a5/0x2630
[  416.442127][T11282]  do_wp_page+0x1ef3/0x4e90
[  416.442188][T11282]  ? __pfx_do_wp_page+0x10/0x10
[  416.442236][T11282]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  416.442303][T11282]  __handle_mm_fault+0x1ace/0x2b60
[  416.442361][T11282]  ? reacquire_held_locks+0xce/0x1e0
[  416.442409][T11282]  ? __pfx___handle_mm_fault+0x10/0x10
[  416.442466][T11282]  ? lock_vma_under_rcu+0x17c/0x590
[  416.442542][T11282]  handle_mm_fault+0x36d/0xa20
[  416.442600][T11282]  do_user_addr_fault+0x5a3/0x12f0
[  416.442647][T11282]  exc_page_fault+0x6f/0xd0
[  416.442683][T11282]  asm_exc_page_fault+0x26/0x30
[  416.442716][T11282] RIP: 0033:0x7fb17e35c605
[  416.442746][T11282] Code: 00 00 00 66 90 8b 57 18 64 8b 04 25 d0 02 00 00 39 c2 0f 84 1d 01 00 00 41 54 55 53 83 7f 30 02 48 89 fb 74 28 b8 08 00 00 00 <f0> 0f c1 03 83 c0 08 85 c0 0f 88 0c 01 00 00 a8 01 0f 85 84 00 00
[  416.442781][T11282] RSP: 002b:00007fb17f244de0 EFLAGS: 00010293
[  416.442809][T11282] RAX: 0000000000000008 RBX: 00007fb17f147e20 RCX: 0000000000000000
[  416.442831][T11282] RDX: 0000000000000000 RSI: 00007fb17e44fd33 RDI: 00007fb17f147e20
[  416.442853][T11282] RBP: ffffffffffffffff R08: 0000000000000000 R09: 0000000000000005
[  416.442875][T11282] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb17e44fa4b
[  416.442897][T11282] R13: ffffffffffffffe8 R14: 0000000000000016 R15: 00007fb17e44fd33
[  416.442943][T11282]  </TASK>
[  416.443289][T11282] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  417.506123][T10581] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  417.516504][T10581] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  417.526602][T10581] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  417.534892][T10581] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  417.543715][T10581] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  418.363525][T11312] kvm: kvm [11310]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000004)
[  418.415418][T11300] chnl_net:caif_netlink_parms(): no params data found
[  418.686328][T11300] bridge0: port 1(bridge_slave_0) entered blocking state
[  418.733484][T11300] bridge0: port 1(bridge_slave_0) entered disabled state
[  418.748904][T11300] bridge_slave_0: entered allmulticast mode
[  418.804312][T11300] bridge_slave_0: entered promiscuous mode
[  418.821600][T11300] bridge0: port 2(bridge_slave_1) entered blocking state
[  418.828963][T11300] bridge0: port 2(bridge_slave_1) entered disabled state
[  418.841093][T11300] bridge_slave_1: entered allmulticast mode
[  418.862258][T11300] bridge_slave_1: entered promiscuous mode
[  419.101786][T11300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.333387][T11300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.590728][T10581] Bluetooth: hci5: command tx timeout
[  419.921390][T11300] team0: Port device team_slave_0 added
[  419.955942][T11300] team0: Port device team_slave_1 added
[  420.108705][T11300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.143478][T11300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  420.221085][T11300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  420.311453][T11300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  420.330799][T11300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  420.404955][T11300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  420.674804][T11300] hsr_slave_0: entered promiscuous mode
[  420.703458][T11300] hsr_slave_1: entered promiscuous mode
[  420.725067][T11300] debugfs: 'hsr0' already exists in 'hsr'
[  420.747358][T11300] Cannot create hsr debugfs directory
[  421.661771][T10581] Bluetooth: hci5: command tx timeout
[  421.722317][T11300] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  421.737869][T11300] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  421.749614][T11300] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  421.786160][T11300] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  422.706465][T11300] 8021q: adding VLAN 0 to HW filter on device bond0
[  422.980007][T11300] 8021q: adding VLAN 0 to HW filter on device team0
[  423.368997][T10583] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.376226][T10583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  423.709903][T11300] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  423.744165][T10581] Bluetooth: hci5: command tx timeout
[  423.790087][T11300] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  423.875574][T10590] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.882758][T10590] bridge0: port 2(bridge_slave_1) entered forwarding state
[  424.099003][T11400] smpboot: CPU 1 is now offline
[  424.110928][T11400] crash hp: kexec_trylock() failed, kdump image may be inaccurate
[  424.798345][T11300] 8021q: adding VLAN 0 to HW filter on device batadv0
[  424.836560][T11403] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  424.915012][T11403] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  424.947738][T11403] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  424.997596][T11403] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  425.049806][T11403] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  425.107972][T11403] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  425.204128][T11403] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  425.343403][T11403] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  425.395860][T11403] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  425.493330][T11403] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  426.132465][T11300] veth0_vlan: entered promiscuous mode
[  426.211231][T11300] veth1_vlan: entered promiscuous mode
[  426.360111][T11300] veth0_macvtap: entered promiscuous mode
[  426.457847][T11300] veth1_macvtap: entered promiscuous mode
[  426.554208][T11300] batman_adv: batadv0: Interface activated: batadv_slave_0
[  426.606865][T11300] batman_adv: batadv0: Interface activated: batadv_slave_1
[  426.673445][T10584] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  426.695394][T10584] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  426.754248][T10584] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  426.868014][T10581] Bluetooth: hci0: command 0x0c1a tx timeout
[  426.940758][T10581] Bluetooth: hci1: command 0x0c1a tx timeout
[  427.021083][T10581] Bluetooth: hci4: command 0x0c1a tx timeout
[  427.027180][T11135] Bluetooth: hci2: command 0x0c1a tx timeout
[  427.089968][T10584] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  427.101321][T10581] Bluetooth: hci3: command 0x0c1a tx timeout
[  427.341299][T10581] Bluetooth: hci5: command 0x0c1a tx timeout
[  427.693600][T10584] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  427.728404][T10584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  427.941230][T10580] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  427.995294][T10580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  429.183154][T10581] Bluetooth: hci3: command 0x0c1a tx timeout
[  429.422009][T10581] Bluetooth: hci5: command 0x0c1a tx timeout
[  430.236242][T11495] FAULT_INJECTION: forcing a failure.
[  430.236242][T11495] name failslab, interval 1, probability 0, space 0, times 0
[  430.279832][T11494] FAULT_INJECTION: forcing a failure.
[  430.279832][T11494] name failslab, interval 1, probability 0, space 0, times 0
[  430.315494][T11495] CPU: 0 UID: 0 PID: 11495 Comm: syz.5.1151 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  430.315531][T11495] Tainted: [L]=SOFTLOCKUP
[  430.315539][T11495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  430.315553][T11495] Call Trace:
[  430.315560][T11495]  <TASK>
[  430.315569][T11495]  dump_stack_lvl+0x100/0x190
[  430.315611][T11495]  should_fail_ex.cold+0x5/0xa
[  430.315644][T11495]  ? tomoyo_realpath_from_path+0xb6/0x690
[  430.315678][T11495]  should_failslab+0xc2/0x120
[  430.315705][T11495]  __kmalloc_noprof+0xe0/0x850
[  430.315747][T11495]  tomoyo_realpath_from_path+0xb6/0x690
[  430.315788][T11495]  tomoyo_path_number_perm+0x23c/0x580
[  430.315816][T11495]  ? tomoyo_path_number_perm+0x22e/0x580
[  430.315846][T11495]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  430.315904][T11495]  ? find_held_lock+0x2b/0x80
[  430.315927][T11495]  ? __fget_files+0x215/0x3d0
[  430.315949][T11495]  ? hook_file_ioctl_common+0x146/0x410
[  430.315984][T11495]  ? __fget_files+0x21f/0x3d0
[  430.316012][T11495]  security_file_ioctl+0xd3/0x230
[  430.316042][T11495]  __x64_sys_ioctl+0xb7/0x210
[  430.316080][T11495]  do_syscall_64+0x106/0xf80
[  430.316102][T11495]  ? clear_bhb_loop+0x40/0x90
[  430.316130][T11495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.316154][T11495] RIP: 0033:0x7f25c379c819
[  430.316172][T11495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  430.316195][T11495] RSP: 002b:00007f25c4719028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  430.316217][T11495] RAX: ffffffffffffffda RBX: 00007f25c3a16090 RCX: 00007f25c379c819
[  430.316233][T11495] RDX: 0000000000000000 RSI: 0000000000005408 RDI: 0000000000000002
[  430.316246][T11495] RBP: 00007f25c4719090 R08: 0000000000000000 R09: 0000000000000000
[  430.316260][T11495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  430.316274][T11495] R13: 00007f25c3a16128 R14: 00007f25c3a16090 R15: 00007ffe9595d878
[  430.316303][T11495]  </TASK>
[  430.316323][T11495] ERROR: Out of memory at tomoyo_realpath_from_path.
[  430.552228][T11494] CPU: 0 UID: 0 PID: 11494 Comm: syz.6.1152 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  430.552267][T11494] Tainted: [L]=SOFTLOCKUP
[  430.552276][T11494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  430.552290][T11494] Call Trace:
[  430.552298][T11494]  <TASK>
[  430.552306][T11494]  dump_stack_lvl+0x100/0x190
[  430.552349][T11494]  should_fail_ex.cold+0x5/0xa
[  430.552379][T11494]  ? drm_atomic_state_init+0x190/0x490
[  430.552413][T11494]  should_failslab+0xc2/0x120
[  430.552440][T11494]  __kmalloc_noprof+0xe0/0x850
[  430.552486][T11494]  drm_atomic_state_init+0x190/0x490
[  430.552519][T11494]  ? kasan_save_track+0x14/0x30
[  430.552545][T11494]  drm_atomic_state_alloc+0xd3/0x120
[  430.552580][T11494]  drm_client_modeset_commit_atomic+0xcc/0x7e0
[  430.552633][T11494]  ? trace_contention_end+0x140/0x180
[  430.552670][T11494]  ? __mutex_lock+0x26a/0x1b90
[  430.552697][T11494]  ? __mutex_lock+0x26a/0x1b90
[  430.552722][T11494]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  430.552763][T11494]  ? drm_master_internal_acquire+0x21/0x80
[  430.552826][T11494]  drm_client_modeset_commit_locked+0x14d/0x580
[  430.552871][T11494]  drm_client_modeset_commit+0x4f/0x80
[  430.552911][T11494]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[  430.552953][T11494]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[  430.552995][T11494]  drm_fbdev_client_restore+0x1b/0x30
[  430.553026][T11494]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[  430.553056][T11494]  drm_client_dev_restore+0x205/0x2a0
[  430.553099][T11494]  drm_release+0x2c6/0x360
[  430.553134][T11494]  ? __pfx_drm_release+0x10/0x10
[  430.553168][T11494]  __fput+0x3ff/0xb40
[  430.553205][T11494]  task_work_run+0x150/0x240
[  430.553246][T11494]  ? __pfx_task_work_run+0x10/0x10
[  430.553292][T11494]  exit_to_user_mode_loop+0x100/0x4a0
[  430.553329][T11494]  do_syscall_64+0x668/0xf80
[  430.553352][T11494]  ? clear_bhb_loop+0x40/0x90
[  430.553383][T11494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.553407][T11494] RIP: 0033:0x7fbd90f9c819
[  430.553427][T11494] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  430.553451][T11494] RSP: 002b:00007fbd91f40028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  430.553474][T11494] RAX: 0000000000000000 RBX: 00007fbd91215fa0 RCX: 00007fbd90f9c819
[  430.553490][T11494] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  430.553504][T11494] RBP: 00007fbd91032c91 R08: 0000000000000000 R09: 0000000000000000
[  430.553518][T11494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  430.553532][T11494] R13: 00007fbd91216038 R14: 00007fbd91215fa0 R15: 00007ffd83997818
[  430.553564][T11494]  </TASK>
[  431.390708][T10581] Bluetooth: hci3: command 0x0c1a tx timeout
[  431.614696][T10581] Bluetooth: hci5: command 0x0c1a tx timeout
[  432.550048][T11518] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input10
[  439.106324][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  439.112873][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  439.163608][T11609] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  440.894890][T11630] bond0: invalid ARP target specified
[  441.498252][T10581] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10
[  441.498506][T10581] Bluetooth: hci3: connection err: -111
[  441.518036][T10581] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10
[  441.518082][T10581] Bluetooth: hci3: connection err: -111
[  444.412415][T11670] netlink: 'syz.6.1186': attribute type 33 has an invalid length.
[  445.471740][T11135] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  445.486451][T11135] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  445.494824][T11135] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  445.504659][T11135] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  445.512343][T11135] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  447.460856][T11695] chnl_net:caif_netlink_parms(): no params data found
[  447.581534][T11135] Bluetooth: hci6: command tx timeout
[  448.548112][T11695] bridge0: port 1(bridge_slave_0) entered blocking state
[  448.618103][T11695] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.682700][T11695] bridge_slave_0: entered allmulticast mode
[  448.728399][T11695] bridge_slave_0: entered promiscuous mode
[  448.764280][T11695] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.805679][T11695] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.848191][T11695] bridge_slave_1: entered allmulticast mode
[  448.890807][T11695] bridge_slave_1: entered promiscuous mode
[  449.201803][T11695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  449.283307][T11695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  449.465463][T11695] team0: Port device team_slave_0 added
[  449.527327][T11695] team0: Port device team_slave_1 added
[  449.661093][T11135] Bluetooth: hci6: command tx timeout
[  449.707148][T11695] batman_adv: batadv0: Adding interface: batadv_slave_0
[  449.770670][T11695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  449.944256][T11695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  450.035853][T11695] batman_adv: batadv0: Adding interface: batadv_slave_1
[  450.097065][T11695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  450.308718][T11695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  450.672127][T11695] hsr_slave_0: entered promiscuous mode
[  450.725541][T11695] hsr_slave_1: entered promiscuous mode
[  450.776346][T11695] debugfs: 'hsr0' already exists in 'hsr'
[  450.827403][T11695] Cannot create hsr debugfs directory
[  451.067372][T11785] zswap: compressor  not available
[  451.442688][T11794] FAULT_INJECTION: forcing a failure.
[  451.442688][T11794] name failslab, interval 1, probability 0, space 0, times 0
[  451.657058][T11794] CPU: 0 UID: 0 PID: 11794 Comm: syz.6.1205 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  451.657097][T11794] Tainted: [L]=SOFTLOCKUP
[  451.657106][T11794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  451.657121][T11794] Call Trace:
[  451.657129][T11794]  <TASK>
[  451.657137][T11794]  dump_stack_lvl+0x100/0x190
[  451.657179][T11794]  should_fail_ex.cold+0x5/0xa
[  451.657209][T11794]  should_failslab+0xc2/0x120
[  451.657237][T11794]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  451.657276][T11794]  ? alloc_empty_file+0x55/0x1c0
[  451.657313][T11794]  alloc_empty_file+0x55/0x1c0
[  451.657346][T11794]  alloc_file_pseudo+0x13a/0x230
[  451.657380][T11794]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  451.657413][T11794]  ? alloc_fd+0x476/0x790
[  451.657443][T11794]  sock_alloc_file+0x50/0x210
[  451.657469][T11794]  __sys_socket+0x1c0/0x260
[  451.657500][T11794]  ? __pfx___sys_socket+0x10/0x10
[  451.657541][T11794]  __x64_sys_socket+0x72/0xb0
[  451.657571][T11794]  ? lockdep_hardirqs_on+0x78/0x100
[  451.657595][T11794]  do_syscall_64+0x106/0xf80
[  451.657617][T11794]  ? clear_bhb_loop+0x40/0x90
[  451.657649][T11794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.657674][T11794] RIP: 0033:0x7fbd90f9c819
[  451.657694][T11794] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  451.657717][T11794] RSP: 002b:00007fbd91f40028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  451.657740][T11794] RAX: ffffffffffffffda RBX: 00007fbd91215fa0 RCX: 00007fbd90f9c819
[  451.657756][T11794] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000010
[  451.657770][T11794] RBP: 00007fbd91032c91 R08: 0000000000000000 R09: 0000000000000000
[  451.657785][T11794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  451.657800][T11794] R13: 00007fbd91216038 R14: 00007fbd91215fa0 R15: 00007ffd83997818
[  451.657830][T11794]  </TASK>
[  452.129261][T11135] Bluetooth: hci6: command tx timeout
[  452.776719][T11695] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  452.980396][T11695] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  453.276310][T11695] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  453.459593][T11695] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  454.139195][T11695] 8021q: adding VLAN 0 to HW filter on device bond0
[  454.157494][T11135] Bluetooth: hci6: command tx timeout
[  454.257553][T11695] 8021q: adding VLAN 0 to HW filter on device team0
[  454.357856][T10583] bridge0: port 1(bridge_slave_0) entered blocking state
[  454.365146][T10583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  454.422353][T10583] bridge0: port 2(bridge_slave_1) entered blocking state
[  454.429612][T10583] bridge0: port 2(bridge_slave_1) entered forwarding state
[  455.424587][T11695] 8021q: adding VLAN 0 to HW filter on device batadv0
[  457.223797][T11695] veth0_vlan: entered promiscuous mode
[  457.313881][T11695] veth1_vlan: entered promiscuous mode
[  457.518273][T11695] veth0_macvtap: entered promiscuous mode
[  457.575109][T11695] veth1_macvtap: entered promiscuous mode
[  457.762626][T11695] batman_adv: batadv0: Interface activated: batadv_slave_0
[  457.846787][T11695] batman_adv: batadv0: Interface activated: batadv_slave_1
[  457.947715][T11788] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  458.001034][T11788] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  458.009841][T11788] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  458.138669][T11788] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  458.802998][T11436] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  458.861079][T11436] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  459.153198][T11436] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  459.208749][T11436] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  463.856418][   T30] audit: type=1800 audit(268435724.430:26): pid=11983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1227" name="discovery_nqn" dev="configfs" ino=39751 res=0 errno=0
[  464.451809][T11996] FAULT_INJECTION: forcing a failure.
[  464.451809][T11996] name failslab, interval 1, probability 0, space 0, times 0
[  464.464952][T11996] CPU: 0 UID: 0 PID: 11996 Comm: syz.5.1229 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  464.464990][T11996] Tainted: [L]=SOFTLOCKUP
[  464.464999][T11996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  464.465013][T11996] Call Trace:
[  464.465022][T11996]  <TASK>
[  464.465031][T11996]  dump_stack_lvl+0x100/0x190
[  464.465073][T11996]  should_fail_ex.cold+0x5/0xa
[  464.465104][T11996]  should_failslab+0xc2/0x120
[  464.465131][T11996]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  464.465170][T11996]  ? __send_signal_locked+0x155/0x12d0
[  464.465215][T11996]  __send_signal_locked+0x155/0x12d0
[  464.465259][T11996]  group_send_sig_info+0x2a4/0x300
[  464.465289][T11996]  ? __pfx_group_send_sig_info+0x10/0x10
[  464.465326][T11996]  ? kill_pid_info_type+0x1a/0x290
[  464.465352][T11996]  kill_pid_info_type+0x92/0x290
[  464.465383][T11996]  kill_proc_info+0x6f/0x1b0
[  464.465413][T11996]  kill_something_info+0x2a0/0x310
[  464.465446][T11996]  __x64_sys_kill+0x1c4/0x250
[  464.465484][T11996]  ? __pfx___x64_sys_kill+0x10/0x10
[  464.465529][T11996]  do_syscall_64+0x106/0xf80
[  464.465552][T11996]  ? clear_bhb_loop+0x40/0x90
[  464.465582][T11996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.465607][T11996] RIP: 0033:0x7f25c379c819
[  464.465627][T11996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  464.465651][T11996] RSP: 002b:00007f25c473a028 EFLAGS: 00000246 ORIG_RAX: 000000000000003e
[  464.465674][T11996] RAX: ffffffffffffffda RBX: 00007f25c3a15fa0 RCX: 00007f25c379c819
[  464.465690][T11996] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 00000000000000af
[  464.465704][T11996] RBP: 00007f25c3832c91 R08: 0000000000000000 R09: 0000000000000000
[  464.465719][T11996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  464.465734][T11996] R13: 00007f25c3a16038 R14: 00007f25c3a15fa0 R15: 00007ffe9595d878
[  464.465765][T11996]  </TASK>
[  466.096011][T12012] zswap: compressor � not available
[  469.855548][T12090] FAULT_INJECTION: forcing a failure.
[  469.855548][T12090] name failslab, interval 1, probability 0, space 0, times 0
[  469.980443][T12090] CPU: 0 UID: 0 PID: 12090 Comm: syz.3.1246 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  469.980479][T12090] Tainted: [L]=SOFTLOCKUP
[  469.980487][T12090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  469.980501][T12090] Call Trace:
[  469.980509][T12090]  <TASK>
[  469.980517][T12090]  dump_stack_lvl+0x100/0x190
[  469.980563][T12090]  should_fail_ex.cold+0x5/0xa
[  469.980590][T12090]  ? tomoyo_realpath_from_path+0xb6/0x690
[  469.980625][T12090]  should_failslab+0xc2/0x120
[  469.980652][T12090]  __kmalloc_noprof+0xe0/0x850
[  469.980694][T12090]  tomoyo_realpath_from_path+0xb6/0x690
[  469.980736][T12090]  tomoyo_path_number_perm+0x23c/0x580
[  469.980764][T12090]  ? tomoyo_path_number_perm+0x22e/0x580
[  469.980794][T12090]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  469.980823][T12090]  ? futex_wait+0x125/0x380
[  469.980887][T12090]  ? find_held_lock+0x2b/0x80
[  469.980909][T12090]  ? __fget_files+0x215/0x3d0
[  469.980931][T12090]  ? hook_file_ioctl_common+0x146/0x410
[  469.980973][T12090]  ? __fget_files+0x21f/0x3d0
[  469.981000][T12090]  security_file_ioctl+0xd3/0x230
[  469.981031][T12090]  __x64_sys_ioctl+0xb7/0x210
[  469.981069][T12090]  do_syscall_64+0x106/0xf80
[  469.981091][T12090]  ? clear_bhb_loop+0x40/0x90
[  469.981120][T12090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.981144][T12090] RIP: 0033:0x7fb17e39c819
[  469.981162][T12090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  469.981185][T12090] RSP: 002b:00007fb17f204028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  469.981207][T12090] RAX: ffffffffffffffda RBX: 00007fb17e616180 RCX: 00007fb17e39c819
[  469.981222][T12090] RDX: 0000200000000040 RSI: 0000000080087601 RDI: 0000000000000008
[  469.981237][T12090] RBP: 00007fb17e432c91 R08: 0000000000000000 R09: 0000000000000000
[  469.981250][T12090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.981264][T12090] R13: 00007fb17e616218 R14: 00007fb17e616180 R15: 00007ffdf57fa0a8
[  469.981293][T12090]  </TASK>
[  471.478136][T12090] ERROR: Out of memory at tomoyo_realpath_from_path.
[  471.724946][T12116] HfR: entered promiscuous mode
[  475.591999][T10581] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  475.602443][T10581] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  475.611160][T10581] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  475.619153][T10581] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  475.639238][T10581] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  476.475533][T12189] chnl_net:caif_netlink_parms(): no params data found
[  476.795818][T12189] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.809615][T12183] kexec: Could not allocate control_code_buffer
[  476.820816][T12189] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.841860][T12189] bridge_slave_0: entered allmulticast mode
[  476.888729][T12189] bridge_slave_0: entered promiscuous mode
[  476.915886][T12189] bridge0: port 2(bridge_slave_1) entered blocking state
[  476.963279][T12189] bridge0: port 2(bridge_slave_1) entered disabled state
[  476.991666][T12189] bridge_slave_1: entered allmulticast mode
[  477.012249][T12189] bridge_slave_1: entered promiscuous mode
[  477.087871][T12189] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  477.122646][T12189] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  477.195051][T12189] team0: Port device team_slave_0 added
[  477.212561][T12189] team0: Port device team_slave_1 added
[  477.327717][T12189] batman_adv: batadv0: Adding interface: batadv_slave_0
[  477.350925][T12189] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  477.414363][T12189] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  477.457449][T12189] batman_adv: batadv0: Adding interface: batadv_slave_1
[  477.482408][T12189] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  477.607482][T12189] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  477.740818][T11135] Bluetooth: hci7: command tx timeout
[  477.886777][T12189] hsr_slave_0: entered promiscuous mode
[  477.916672][T12189] hsr_slave_1: entered promiscuous mode
[  477.952724][T12189] debugfs: 'hsr0' already exists in 'hsr'
[  477.958559][T12189] Cannot create hsr debugfs directory
[  478.950546][T12189] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  479.026610][T12189] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  479.112081][T12189] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  479.177195][T12189] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  479.501571][T12243] openvswitch: netlink: IPv4 tunnel dst address is zero
[  479.756776][T12189] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.830800][T11135] Bluetooth: hci7: command tx timeout
[  479.903689][T12189] 8021q: adding VLAN 0 to HW filter on device team0
[  480.013336][T11788] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.020485][T11788] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.121343][T11788] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.128512][T11788] bridge0: port 2(bridge_slave_1) entered forwarding state
[  481.523527][T12189] 8021q: adding VLAN 0 to HW filter on device batadv0
[  481.900790][T11135] Bluetooth: hci7: command tx timeout
[  482.306227][T12275] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  482.344041][T12275] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  482.584453][T12189] veth0_vlan: entered promiscuous mode
[  482.644246][T12189] veth1_vlan: entered promiscuous mode
[  482.738072][T12189] veth0_macvtap: entered promiscuous mode
[  482.793917][T12189] veth1_macvtap: entered promiscuous mode
[  482.886757][T12189] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.923236][T12189] batman_adv: batadv0: Interface activated: batadv_slave_1
[  482.979545][T10580] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  483.049758][T10580] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  483.129615][T10580] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  483.182507][T10580] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  483.510233][T10584] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.554400][T10584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.723122][T10583] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.743785][T10583] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.819123][T12292] Invalid ELF header magic: != ELF
[  483.986606][T11135] Bluetooth: hci7: command tx timeout
[  485.133597][T12310] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1274'.
[  485.499935][T12310] team0: Port device team_slave_1 removed
[  486.510301][T12339] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  488.082305][T10581] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  488.099542][T10581] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  488.108649][T10581] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  488.119923][T10581] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  488.144079][T10581] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  489.595650][T12364] chnl_net:caif_netlink_parms(): no params data found
[  490.176122][T12364] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.211933][T12364] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.221117][T11135] Bluetooth: hci8: command tx timeout
[  490.260167][T12364] bridge_slave_0: entered allmulticast mode
[  490.298970][T12364] bridge_slave_0: entered promiscuous mode
[  490.369004][T12364] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.408197][T12364] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.443513][T12364] bridge_slave_1: entered allmulticast mode
[  490.485378][T12364] bridge_slave_1: entered promiscuous mode
[  490.696401][T12364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.800195][T12364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.895152][T12396] Invalid ELF header magic: != ELF
[  491.050152][T12364] team0: Port device team_slave_0 added
[  491.120234][T12364] team0: Port device team_slave_1 added
[  491.312342][T12364] batman_adv: batadv0: Adding interface: batadv_slave_0
[  491.374985][T12364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  491.521202][T12364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  491.588232][T12364] batman_adv: batadv0: Adding interface: batadv_slave_1
[  491.622366][T12364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  491.737479][T12364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  492.300960][T11135] Bluetooth: hci8: command tx timeout
[  492.309756][T12364] hsr_slave_0: entered promiscuous mode
[  492.346213][T12364] hsr_slave_1: entered promiscuous mode
[  492.384700][T12364] debugfs: 'hsr0' already exists in 'hsr'
[  492.417209][T12364] Cannot create hsr debugfs directory
[  493.119870][T12424] FAULT_INJECTION: forcing a failure.
[  493.119870][T12424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  493.211794][T12424] CPU: 0 UID: 0 PID: 12424 Comm: syz.5.1290 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  493.211831][T12424] Tainted: [L]=SOFTLOCKUP
[  493.211839][T12424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  493.211852][T12424] Call Trace:
[  493.211859][T12424]  <TASK>
[  493.211867][T12424]  dump_stack_lvl+0x100/0x190
[  493.211908][T12424]  should_fail_ex.cold+0x5/0xa
[  493.211935][T12424]  _copy_from_user+0x2e/0xd0
[  493.211964][T12424]  i2cdev_ioctl_smbus+0x15f/0xac0
[  493.211993][T12424]  ? __pfx_i2cdev_ioctl_smbus+0x10/0x10
[  493.212017][T12424]  ? __might_fault+0xc5/0x140
[  493.212057][T12424]  ? __might_fault+0xc5/0x140
[  493.212101][T12424]  i2cdev_ioctl+0x3cf/0x830
[  493.212127][T12424]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  493.212152][T12424]  ? __fget_files+0x21f/0x3d0
[  493.212179][T12424]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  493.212205][T12424]  __x64_sys_ioctl+0x18e/0x210
[  493.212242][T12424]  do_syscall_64+0x106/0xf80
[  493.212264][T12424]  ? clear_bhb_loop+0x40/0x90
[  493.212291][T12424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.212314][T12424] RIP: 0033:0x7f25c379c819
[  493.212332][T12424] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.212354][T12424] RSP: 002b:00007f25c473a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  493.212376][T12424] RAX: ffffffffffffffda RBX: 00007f25c3a15fa0 RCX: 00007f25c379c819
[  493.212391][T12424] RDX: 0000000000000000 RSI: 0000000000000720 RDI: 0000000000000006
[  493.212404][T12424] RBP: 00007f25c473a090 R08: 0000000000000000 R09: 0000000000000000
[  493.212417][T12424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.212430][T12424] R13: 00007f25c3a16038 R14: 00007f25c3a15fa0 R15: 00007ffe9595d878
[  493.212458][T12424]  </TASK>
[  493.573157][T12364] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  493.606375][T12364] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  493.657485][T12364] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  493.689389][T12364] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  494.380765][T11135] Bluetooth: hci8: command tx timeout
[  494.428192][T12364] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.552375][T12364] 8021q: adding VLAN 0 to HW filter on device team0
[  494.664766][T11788] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.672023][T11788] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.767817][T11788] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.775054][T11788] bridge0: port 2(bridge_slave_1) entered forwarding state
[  496.460931][T11135] Bluetooth: hci8: command tx timeout
[  497.098579][T12364] 8021q: adding VLAN 0 to HW filter on device batadv0
[  498.205853][T12364] veth0_vlan: entered promiscuous mode
[  498.290130][T12364] veth1_vlan: entered promiscuous mode
[  498.494159][T12364] veth0_macvtap: entered promiscuous mode
[  498.566691][T12364] veth1_macvtap: entered promiscuous mode
[  498.649093][T12508] Invalid ELF header magic: != ELF
[  498.751629][T12364] batman_adv: batadv0: Interface activated: batadv_slave_0
[  498.851517][T12364] batman_adv: batadv0: Interface activated: batadv_slave_1
[  498.943065][T10590] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  498.983644][T10590] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  499.139931][T10590] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  499.182298][T10590] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  499.252220][T12519] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1303'.
[  499.405890][T12519] veth1_macvtap: left promiscuous mode
[  499.702510][T10580] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.748092][T10580] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  499.870492][T10580] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  499.899666][T10580] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  501.829069][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  501.837273][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  502.086957][T12554] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  502.966181][T12565] zswap: compressor  not available
[  503.612576][T12589] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  504.360972][T12605] FAULT_INJECTION: forcing a failure.
[  504.360972][T12605] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  504.480831][T12605] CPU: 0 UID: 0 PID: 12605 Comm: syz.8.1321 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  504.480868][T12605] Tainted: [L]=SOFTLOCKUP
[  504.480875][T12605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  504.480888][T12605] Call Trace:
[  504.480896][T12605]  <TASK>
[  504.480904][T12605]  dump_stack_lvl+0x100/0x190
[  504.480944][T12605]  should_fail_ex.cold+0x5/0xa
[  504.480966][T12605]  ? prepare_alloc_pages+0x16d/0x5f0
[  504.480997][T12605]  should_fail_alloc_page+0xeb/0x140
[  504.481025][T12605]  prepare_alloc_pages+0x1f0/0x5f0
[  504.481057][T12605]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  504.481100][T12605]  ? __lock_acquire+0x4a5/0x2630
[  504.481133][T12605]  ? __lock_acquire+0x4a5/0x2630
[  504.481164][T12605]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  504.481202][T12605]  ? __lock_acquire+0x4a5/0x2630
[  504.481246][T12605]  ? find_held_lock+0x2b/0x80
[  504.481267][T12605]  ? is_bpf_text_address+0x8a/0x1a0
[  504.481302][T12605]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  504.481327][T12605]  ? policy_nodemask+0xed/0x4f0
[  504.481355][T12605]  alloc_pages_mpol+0x1fb/0x550
[  504.481381][T12605]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  504.481405][T12605]  ? arch_stack_walk+0xa6/0xf0
[  504.481454][T12605]  folio_alloc_mpol_noprof+0x36/0x340
[  504.481486][T12605]  shmem_alloc_folio+0x135/0x160
[  504.481519][T12605]  shmem_alloc_and_add_folio+0x371/0xd40
[  504.481563][T12605]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  504.481602][T12605]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  504.481646][T12605]  shmem_get_folio_gfp+0x6ab/0x1900
[  504.481689][T12605]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  504.481728][T12605]  ? filemap_map_pages+0xe69/0x2020
[  504.481769][T12605]  shmem_fault+0x1f9/0xa20
[  504.481811][T12605]  ? __lock_acquire+0x4a5/0x2630
[  504.481842][T12605]  ? __pfx_shmem_fault+0x10/0x10
[  504.481887][T12605]  ? rcu_is_watching+0x12/0xc0
[  504.481924][T12605]  ? __pfx_filemap_map_pages+0x10/0x10
[  504.481968][T12605]  __do_fault+0x10d/0x550
[  504.481995][T12605]  do_fault+0xabb/0x18e0
[  504.482027][T12605]  __handle_mm_fault+0x1815/0x2b60
[  504.482065][T12605]  ? mt_find+0x45e/0x8e0
[  504.482092][T12605]  ? __pfx___handle_mm_fault+0x10/0x10
[  504.482123][T12605]  ? __pfx_mt_find+0x10/0x10
[  504.482164][T12605]  ? find_vma+0xbf/0x140
[  504.482187][T12605]  ? __pfx_find_vma+0x10/0x10
[  504.482213][T12605]  handle_mm_fault+0x36d/0xa20
[  504.482252][T12605]  do_user_addr_fault+0x74c/0x12f0
[  504.482284][T12605]  exc_page_fault+0x6f/0xd0
[  504.482307][T12605]  asm_exc_page_fault+0x26/0x30
[  504.482329][T12605] RIP: 0010:rep_movs_alternative+0x30/0x90
[  504.482361][T12605] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  504.482384][T12605] RSP: 0018:ffffc900048ffcf0 EFLAGS: 00050212
[  504.482403][T12605] RAX: 0000000000000001 RBX: 0000000000637369 RCX: 0000000000000022
[  504.482418][T12605] RDX: 0000000000000001 RSI: 0000000000637369 RDI: ffffc900048ffd70
[  504.482432][T12605] RBP: 0000000000000022 R08: 0000000000000001 R09: fffff5200091ffb2
[  504.482446][T12605] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  504.482460][T12605] R13: ffffc900048ffd70 R14: 0000000000637369 R15: ffffc900048ffd70
[  504.482489][T12605]  _copy_from_user+0x98/0xd0
[  504.482520][T12605]  i2cdev_ioctl_smbus+0x15f/0xac0
[  504.482551][T12605]  ? __pfx_i2cdev_ioctl_smbus+0x10/0x10
[  504.482576][T12605]  ? __might_fault+0xc5/0x140
[  504.482609][T12605]  ? __might_fault+0xc5/0x140
[  504.482654][T12605]  i2cdev_ioctl+0x3cf/0x830
[  504.482680][T12605]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  504.482706][T12605]  ? __fget_files+0x21f/0x3d0
[  504.482734][T12605]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  504.482761][T12605]  __x64_sys_ioctl+0x18e/0x210
[  504.482803][T12605]  do_syscall_64+0x106/0xf80
[  504.482825][T12605]  ? clear_bhb_loop+0x40/0x90
[  504.482853][T12605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.482877][T12605] RIP: 0033:0x7f34ce39c819
[  504.482895][T12605] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  504.482917][T12605] RSP: 002b:00007f34cf320028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  504.482938][T12605] RAX: ffffffffffffffda RBX: 00007f34ce615fa0 RCX: 00007f34ce39c819
[  504.482953][T12605] RDX: 0000000000000000 RSI: 0000000000000720 RDI: 0000000000000006
[  504.482966][T12605] RBP: 00007f34cf320090 R08: 0000000000000000 R09: 0000000000000000
[  504.482980][T12605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.482993][T12605] R13: 00007f34ce616038 R14: 00007f34ce615fa0 R15: 00007ffce35b2bc8
[  504.483023][T12605]  </TASK>
[  507.960265][T12643] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint
[  515.409647][T12756] zswap: compressor  not available
[  516.854787][T12800] input: f�
 as /devices/virtual/input/input12
[  519.102465][   T31] INFO: task kworker/u8:0:12 blocked for more than 143 seconds.
[  519.110164][   T31]       Tainted: G             L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  519.195427][T12841] FAULT_INJECTION: forcing a failure.
[  519.195427][T12841] name failslab, interval 1, probability 0, space 0, times 0
[  519.240732][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  519.296345][   T31] task:kworker/u8:0    state:D stack:23512 pid:12    tgid:12    ppid:2      task_flags:0x4208060 flags:0x00080000
[  519.420705][   T31] Workqueue: netns cleanup_net
[  519.465719][   T31] Call Trace:
[  519.469087][   T31]  <TASK>
[  519.491866][T12841] CPU: 0 UID: 0 PID: 12841 Comm: syz.9.1353 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  519.491906][T12841] Tainted: [L]=SOFTLOCKUP
[  519.491915][T12841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  519.491929][T12841] Call Trace:
[  519.491937][T12841]  <TASK>
[  519.491947][T12841]  dump_stack_lvl+0x100/0x190
[  519.491990][T12841]  should_fail_ex.cold+0x5/0xa
[  519.492020][T12841]  should_failslab+0xc2/0x120
[  519.492047][T12841]  __kmalloc_cache_noprof+0x7a/0x6f0
[  519.492082][T12841]  ? append_filter_err+0xb8/0x620
[  519.492129][T12841]  ? process_preds+0x93d/0x1d90
[  519.492171][T12841]  append_filter_err+0xb8/0x620
[  519.492208][T12841]  ? create_filter_start.constprop.0+0x134/0x310
[  519.492253][T12841]  create_filter+0x1a6/0x210
[  519.492293][T12841]  ? __pfx_create_filter+0x10/0x10
[  519.492335][T12841]  ? find_held_lock+0x2b/0x80
[  519.492362][T12841]  apply_event_filter+0x220/0x500
[  519.492403][T12841]  ? __pfx_apply_event_filter+0x10/0x10
[  519.492452][T12841]  event_filter_write+0x16d/0x290
[  519.492484][T12841]  vfs_write+0x2aa/0x1070
[  519.492509][T12841]  ? __pfx_event_filter_write+0x10/0x10
[  519.492542][T12841]  ? __pfx_vfs_write+0x10/0x10
[  519.492565][T12841]  ? __fget_files+0x215/0x3d0
[  519.492596][T12841]  ? __fget_files+0x21f/0x3d0
[  519.492635][T12841]  ksys_write+0x12a/0x250
[  519.492659][T12841]  ? __pfx_ksys_write+0x10/0x10
[  519.492693][T12841]  do_syscall_64+0x106/0xf80
[  519.492717][T12841]  ? clear_bhb_loop+0x40/0x90
[  519.492747][T12841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.492772][T12841] RIP: 0033:0x7f639819c819
[  519.492792][T12841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  519.492816][T12841] RSP: 002b:00007f6399010028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  519.492840][T12841] RAX: ffffffffffffffda RBX: 00007f6398416090 RCX: 00007f639819c819
[  519.492856][T12841] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  519.492871][T12841] RBP: 00007f6398232c91 R08: 0000000000000000 R09: 0000000000000000
[  519.492891][T12841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  519.492906][T12841] R13: 00007f6398416128 R14: 00007f6398416090 R15: 00007ffc8123d708
[  519.492937][T12841]  </TASK>
[  520.022807][   T31]  __schedule+0xfee/0x6120
[  520.029235][   T31]  ? __lock_acquire+0x4a5/0x2630
[  520.081060][   T31]  ? __pfx___schedule+0x10/0x10
[  520.086010][   T31]  ? find_held_lock+0x2b/0x80
[  520.140168][   T31]  ? schedule+0x2bf/0x390
[  520.158949][   T31]  schedule+0xdd/0x390
[  520.173368][   T31]  schedule_timeout+0x1b2/0x280
[  520.178301][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  520.214867][   T31]  ? mark_held_locks+0x40/0x70
[  520.219779][   T31]  __wait_for_common+0x2e7/0x4c0
[  520.302348][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  520.307846][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  520.362823][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  520.368212][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  520.420652][   T31]  __flush_workqueue+0x3f7/0x1200
[  520.425765][   T31]  ? __virt_addr_valid+0x32d/0x620
[  520.458893][   T31]  ? find_held_lock+0x2b/0x80
[  520.480834][   T31]  ? find_held_lock+0x2b/0x80
[  520.485606][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[  520.520650][   T31]  ? queue_work_on+0x11b/0x1e0
[  520.525587][   T31]  ? lockdep_hardirqs_on+0x78/0x100
[  520.570711][   T31]  rxrpc_destroy_all_connections+0xf9/0x420
[  520.590647][   T31]  ? __pfx_rxrpc_destroy_all_connections+0x10/0x10
[  520.597244][   T31]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[  520.645056][   T31]  ? __timer_delete_sync+0x151/0x1c0
[  520.650429][   T31]  rxrpc_exit_net+0x7b/0xc0
[  520.677106][   T31]  ? __pfx_rxrpc_exit_net+0x10/0x10
[  520.684142][   T31]  ops_undo_list+0x2ee/0xab0
[  520.692645][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[  520.697897][   T31]  ? cleanup_net+0x332/0x920
[  520.720661][   T31]  ? idr_destroy+0x62/0x2e0
[  520.725539][   T31]  cleanup_net+0x499/0x920
[  520.729986][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  520.744264][   T31]  ? rcu_is_watching+0x12/0xc0
[  520.749192][   T31]  process_one_work+0xa23/0x19a0
[  520.768626][   T31]  ? __pfx_process_one_work+0x10/0x10
[  520.786890][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  520.800649][   T31]  worker_thread+0x5ef/0xe50
[  520.805612][   T31]  ? kthread+0x13a/0x450
[  520.810144][   T31]  ? __pfx_worker_thread+0x10/0x10
[  520.832787][   T31]  kthread+0x370/0x450
[  520.850676][   T31]  ? __pfx_kthread+0x10/0x10
[  520.855370][   T31]  ret_from_fork+0x754/0xd80
[  520.905078][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  520.923646][   T31]  ? __switch_to+0x7b4/0x1120
[  520.928484][   T31]  ? __pfx_kthread+0x10/0x10
[  520.972146][   T31]  ret_from_fork_asm+0x1a/0x30
[  520.993598][   T31]  </TASK>
[  521.072225][   T31] 
[  521.072225][   T31] Showing all locks held in the system:
[  521.080027][   T31] 3 locks held by kworker/u8:0/12:
[  521.179725][   T31]  #0: ffff88801c6b6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[  521.225986][   T31]  #1: ffffc90000117d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[  521.290650][   T31]  #2: ffffffff905fe050 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[  521.300065][   T31] 1 lock held by khungtaskd/31:
[  521.350657][   T31]  #0: ffffffff8e7e7760 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  521.396895][   T31] 2 locks held by getty/5581:
[  521.411781][   T31]  #0: ffff8880383500a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  521.450645][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[  521.480974][   T31] 2 locks held by syz-executor/5811:
[  521.486379][   T31] 3 locks held by kworker/0:4/5886:
[  521.530633][   T31]  #0: ffff88801ba92d48 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[  521.562689][   T31]  #1: ffffc90004397d08 ((work_completion)(&(&ssp->srcu_sup->work)->work)){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[  521.685791][   T31]  #2: ffffffff8e7e6b18 (&ssp->srcu_sup->srcu_gp_mutex){+.+.}-{4:4}, at: process_srcu+0x77/0x1fd0
[  521.790654][   T31] 1 lock held by syz.0.1036/10849:
[  521.795830][   T31]  #0: ffffffff905fe050 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[  521.871794][   T31] 1 lock held by syz.4.1077/11078:
[  521.876965][   T31]  #0: ffffffff905fe050 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[  521.930626][   T31] 1 lock held by syz-executor/11085:
[  521.936288][   T31] 1 lock held by syz-executor/11091:
[  521.982843][   T31]  #0: ffffffff8e7f32b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  522.050814][   T31] 4 locks held by kworker/0:5/11175:
[  522.062755][   T31]  #0: ffff8880b843b360 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140
[  522.120640][   T31]  #1: ffff8880b8424648 (psi_seq){-.-.}-{0:0}, at: __schedule+0x2c11/0x6120
[  522.129467][   T31]  #2: ffff888026499960 (&helper->damage_lock){....}-{3:3}, at: drm_fb_helper_damage_work+0x1ce/0x640
[  522.212408][   T31]  #3: ffff8880264d8130 (&dev->master_mutex){+.+.}-{4:4}, at: drm_master_internal_acquire+0x21/0x80
[  522.275227][   T31] 1 lock held by syz.2.1149/11481:
[  522.309748][   T31]  #0: ffffffff905fe050 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[  522.350661][   T31] 1 lock held by syz.7.1189/11921:
[  522.355857][   T31]  #0: ffffffff905fe050 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[  522.420626][   T31] 1 lock held by syz.3.1252/12126:
[  522.425807][   T31]  #0: ffff88803cd31ec8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260
[  522.484832][   T31] 1 lock held by syz.9.1329/12661:
[  522.502385][   T31] 2 locks held by dhcpcd/12853:
[  522.507381][   T31]  #0: ffff88807b4c2260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf50
[  522.540661][   T31]  #1: ffffffff8e7f32b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  522.649615][   T31] 
[  522.654637][   T31] =============================================
[  522.654637][   T31] 
[  522.710682][   T31] NMI backtrace for cpu 0
[  522.710705][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  522.710740][   T31] Tainted: [L]=SOFTLOCKUP
[  522.710748][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  522.710762][   T31] Call Trace:
[  522.710769][   T31]  <TASK>
[  522.710778][   T31]  dump_stack_lvl+0x100/0x190
[  522.710820][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[  522.710861][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  522.710899][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  522.710937][   T31]  sys_info+0x141/0x190
[  522.710964][   T31]  watchdog+0xd25/0x1050
[  522.710997][   T31]  ? __pfx_watchdog+0x10/0x10
[  522.711022][   T31]  ? __kthread_parkme+0x18c/0x230
[  522.711054][   T31]  ? kthread+0x13a/0x450
[  522.711084][   T31]  ? __pfx_watchdog+0x10/0x10
[  522.711112][   T31]  kthread+0x370/0x450
[  522.711174][   T31]  ? __pfx_kthread+0x10/0x10
[  522.711209][   T31]  ret_from_fork+0x754/0xd80
[  522.711247][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  522.711286][   T31]  ? __switch_to+0x7b4/0x1120
[  522.711314][   T31]  ? __pfx_kthread+0x10/0x10
[  522.711348][   T31]  ret_from_fork_asm+0x1a/0x30
[  522.711390][   T31]  </TASK>
[  523.262834][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  523.269853][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  523.280552][   T31] Tainted: [L]=SOFTLOCKUP
[  523.284882][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  523.294945][   T31] Call Trace:
[  523.298235][   T31]  <TASK>
[  523.301175][   T31]  dump_stack_lvl+0x100/0x190
[  523.305904][   T31]  vpanic+0x552/0x970
[  523.309913][   T31]  ? __pfx_vpanic+0x10/0x10
[  523.314436][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  523.320626][   T31]  panic+0xd1/0xe0
[  523.324366][   T31]  ? __pfx_panic+0x10/0x10
[  523.328800][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  523.335015][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  523.341214][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  523.347480][   T31]  ? watchdog.cold+0x198/0x1ca
[  523.352260][   T31]  ? watchdog+0xd35/0x1050
[  523.356692][   T31]  watchdog.cold+0x1a9/0x1ca
[  523.361307][   T31]  ? __pfx_watchdog+0x10/0x10
[  523.365997][   T31]  ? __kthread_parkme+0x18c/0x230
[  523.371045][   T31]  ? kthread+0x13a/0x450
[  523.375314][   T31]  ? __pfx_watchdog+0x10/0x10
[  523.380004][   T31]  kthread+0x370/0x450
[  523.384100][   T31]  ? __pfx_kthread+0x10/0x10
[  523.388732][   T31]  ret_from_fork+0x754/0xd80
[  523.393367][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  523.398523][   T31]  ? __switch_to+0x7b4/0x1120
[  523.403220][   T31]  ? __pfx_kthread+0x10/0x10
[  523.407851][   T31]  ret_from_fork_asm+0x1a/0x30
[  523.412646][   T31]  </TASK>
[  523.415741][   T31] Kernel Offset: disabled
[  523.420076][   T31] Rebooting in 86400 seconds..