last executing test programs:

2m4.11924078s ago: executing program 3 (id=1524):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
read$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x3, 0x0, 0xfffffdef)
openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x181441, 0x0)
socket(0x2, 0x1, 0x106)
connect$auto(0x3, 0x0, 0x54)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x9, 0xffffffffffffffff, 0x0)
r2 = open(&(0x7f0000000100)='.\x00', 0x40a00, 0x40a)
getdents$auto(r2, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
r3 = getpid()
process_vm_readv$auto(r3, 0x0, 0x1, &(0x7f0000000280)={0x0, 0x10ffffffff}, 0x6, 0x0)

2m2.922247462s ago: executing program 3 (id=1530):
close_range$auto(0x2, 0x8, 0x0)

2m2.782653202s ago: executing program 3 (id=1531):
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r1 = socket(0x29, 0x2, 0x0)
ioctl$auto(r1, 0x8923, 0x24)

2m2.470167038s ago: executing program 3 (id=1534):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffebffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0)
mmap$auto(0x0, 0x20005, 0xa, 0x200eb1, 0x401, 0x8000)
r1 = socket(0xa, 0x2, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4)
r2 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x4a)
prctl$auto_PR_SET_TSC(0x1a, 0x2f, 0xf, 0x9, 0x9)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/021/001\x00', 0x80802, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty44\x00', 0x282080, 0x0)
r4 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto(r4, 0x0, 0x80000000006)
signalfd$auto(r4, 0x0, 0x8)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0)
ioctl$auto_USBDEVFS_DISCSIGNAL32(r3, 0x8008550e, &(0x7f0000000040)={0xfffffff7})
ppoll$auto(&(0x7f0000000200)={0xffffffffffffffff, 0x23ff, 0x104}, 0xd9, 0x0, 0x0, 0x8)
pread64$auto(r2, 0x0, 0x80, 0x6)
getsockopt$auto(r1, 0x29, 0x41, 0x0, 0x0)

2m1.402589387s ago: executing program 3 (id=1537):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
bpf$auto(0x9, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x7e, 0x8, 0x4, 0x10000001, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xc28}, 0xda)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1\x06\x00\x00\x00P\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x1bP\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\xa4\xa1\x91\x12a\x95j+\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x95=-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?\x00\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d6)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r1, 0x0, 0x24000000)
r3 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/devices\x00', 0x0, 0x0)
preadv$auto(r3, &(0x7f0000009180)={&(0x7f0000008180), 0x7}, 0x26, 0x80, 0x5)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r5=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f00000001c0)=ANY=[@ANYRESDEC=r3, @ANYRESHEX=r2, @ANYBLOB="291928dd0d0300000008", @ANYRES32=r5, @ANYBLOB="0a000100bbbbbbbbbbbb0000"], 0x28}}, 0x4054)
write$auto(r2, 0x0, 0x81)
write$auto(0xffffffffffffffff, &(0x7f0000000340)='0\x00\xa6\xcc\x19\xf4\xa7s\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xab,!o\x9e\xb0\xadT\xfbR\xa2Y\x94V[8\x04c\b\x00]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xed\x8d\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\x9d\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\x04\x00\x00\x00\x00\x00\x00\x00\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xaf\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xfcu\xd9]\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:j[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x89\xbe\xdeL/\x06(\x1d`\xe7\xd5Y\a\xc1\xe9(\x95\x81\x00\xf9\v\xf3Cxz\x909m7f\xa5\x9a\xbbzEWRqnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xfc\xae\xf0\xaa@\xea\xef^\xb2\xdf\xfc\x9a\xbe\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5Hp48\xb7\xfb\xd3\xb3\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb!\xf17S)\xf4\xe6\xb3\x06\xb4<\xe9\xe8', 0x98c3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x2, 0x20009, 0x2000008, 0x40000eb1, 0xffffffffffffffff, 0x8001)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/i8042/serio0/softraw\x00', 0x141042, 0x0)
read$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfdef)
unshare$auto(0x40000080)
mmap$auto(0xffffffffffffffff, 0x2000d, 0x8, 0xeb1, 0x404, 0x80000000)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r6 = syz_clone(0x892a0840, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x3, 0x3b)
socket(0xa, 0x3, 0x3b)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x400100, 0x0)
socketpair$auto(0x1, 0x1, 0x2a340, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x1ff, 0x3, 0x1, 0x7, 0xfffffffffffffffb, 0x15f4da05, 0x10, 0x1000, 0x3, 0x4000008000001f, 0x7fffffffffffffff, 0x6d41, 0x8cfb7, 0x9, 0x400000006]}, 0x0)
wait4$auto(r6, 0x0, 0xd, 0x0)

1m57.693536311s ago: executing program 3 (id=1548):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x8, 0x810004, 0xf7b, 0x8000000008011, 0x3, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000180)={0xd8bf, 0x6, 0x8, 0x9, 0x1, 0x4, 0x6, 0x3e06})
r2 = socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
close_range$auto(r0, r2, 0x8)
unshare$auto(0x40000080)
write$auto(r1, 0x0, 0x8000)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket(0x3, 0x3, 0x7)
socket(0xa, 0x2, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)
r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
preadv$auto(0x3, 0x0, 0x3, 0x3, 0x10)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
mmap$auto(0x4, 0x61, 0x6688, 0x9b72, r3, 0x2)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, 0x0)
r4 = socket(0xa, 0x801, 0x106)
setsockopt$auto(r4, 0x6, 0x24, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x9, 0x0, 0x0)

1m42.405470399s ago: executing program 32 (id=1548):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x8, 0x810004, 0xf7b, 0x8000000008011, 0x3, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000180)={0xd8bf, 0x6, 0x8, 0x9, 0x1, 0x4, 0x6, 0x3e06})
r2 = socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)
close_range$auto(r0, r2, 0x8)
unshare$auto(0x40000080)
write$auto(r1, 0x0, 0x8000)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket(0x3, 0x3, 0x7)
socket(0xa, 0x2, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)
r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
preadv$auto(0x3, 0x0, 0x3, 0x3, 0x10)
close_range$auto(0x2, 0xa, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
mmap$auto(0x4, 0x61, 0x6688, 0x9b72, r3, 0x2)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, 0x0)
r4 = socket(0xa, 0x801, 0x106)
setsockopt$auto(r4, 0x6, 0x24, 0x0, 0x9)
recvmmsg$auto(0x3, 0x0, 0x9, 0x0, 0x0)

47.384718949s ago: executing program 0 (id=1779):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, 0x0, 0x5, 0xd)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
futex$auto(0x0, 0x6, 0x80000001, 0x0, 0x0, 0x0)
r0 = socket(0x1d, 0x3, 0x1)
getsockopt$auto(r0, 0x65, 0x1, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$auto(0x3, 0x0, 0x5c8)

47.042686989s ago: executing program 0 (id=1784):
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x7, 0x7ff, 0x89, 0x26, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffa, 0x8, 0x0, 0x30, 0x0, 0x864, 0xe, 0x22000, 0x9, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0xba85, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x9, 0xd)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0x80b02, 0x0)
sendfile$auto(r0, r0, 0x0, 0x1)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd05, &(0x7f00000001c0))

43.994231048s ago: executing program 0 (id=1795):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
socket(0x18, 0xa, 0x1)
socket(0x2, 0x3, 0xa)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0)
write$auto(r0, &(0x7f0000000140)='0[.[\x00', 0xcd04)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.3/usb4/power/active_duration\x00', 0x80200, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
statmount$auto(0x0, &(0x7f00000002c0)={0x0, 0x2, 0x2005ae, 0x5, 0x7, 0x26, 0x10004, 0x1, 0xffffffffffffffff, 0x8, 0x6, 0x5, 0x5, 0x1, 0x0, 0x100000000000002, 0x8, 0x10000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200, 0xbba, 0x4, 0x80000, 0xd1f5, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x9, 0x0, 0x10, 0x0, 0x4, 0x0, 0x0, 0x0, 0xcd2c, 0x0, 0x8000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff]}, 0x6, 0x1000000)
bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000004c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xb0r\x93\x8d\x9b&C\xa7R\xe1\"\xdb \x19\x02\x11c\xdbWS\x01\xb6\xd8\xba\xeasp\xeaL\xde\xfb`\xc4\x1dDm5\xeeYEq+\x17ZEW\xfb\x8fdJ\aQ\xcc1M\x13k\xd6P\xd27\xf2\xc6E\xad1i\xf7\xab\xc3\'\x1ahq\xb1`E\xe7\xe4[\x00[\xf7gx\xe4\x9bK\xa8\xd7\x8a\x7f\x8a$E\xad5%?\xce~\x01E\x9a\x0f\xa1e]\xc9D\xc5p\xf6L\xef\xd6]\xbb\xc8\x1d\xeb\xef,\xab\x1dHk\x87\x95$\xc1\"\x98I!\x81\b\x9a6\xfa\xda\xf5\xe5l\xd9\x10\f:\x99\x0f\xea\xc4\x03h\xc6y\x1f\xb5f,\xa6*\xa2\"7i\xd0+mr\xd1\'\x9b\xd1\b\xef\xa6\xaa\xa3o\xa0', 0x81)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
socket(0xa, 0x2, 0x88)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0xa, 0x2, 0x88)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'team0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1, r3, @relative_id=0x13, 0xe600}, 0xf)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$auto(0x3, 0x4030ae7b, r6)
bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc)

41.06153087s ago: executing program 0 (id=1807):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x1, 0x0, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r0, 0x540b, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x12}}, 0x54)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
eventfd$auto(0x4)
request_key$auto_KEY_SPEC_PROCESS_KEYRING(&(0x7f00000002c0)=',*\x00', &(0x7f0000000300)='/sys/kernel/debug/dri/vkms/crtc-0/crc/control\x00', &(0x7f0000000340)='@/\x00', 0xfffffffffffffffe)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00')
ioctl$auto(r1, 0x9004b70b, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000003500), 0x40002, 0x0)
write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r2, &(0x7f0000003540), 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r3, 0x80083314, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
fallocate$auto(r3, 0x1, 0x2, 0x6653)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8, 0x80000001, 0x7, 0x1, 0xfff, 0x1, 0x1]}, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0)
unshare$auto(0x40000080)
setrlimit$auto(0x7, &(0x7f0000000080)={0x0, 0x6})

38.023290994s ago: executing program 0 (id=1820):
r0 = pidfd_open$auto(0x1, 0x0)
writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000080)="289ebcf2365925b9b0047b11e7eb056486cd5ef067167520e8798fd374cf9f", 0xffffffffab26f442}, 0x0)
memfd_create$auto(&(0x7f0000000100)='\xa7\xe0\xd0\xc5\xf26\xfc\xfbm\xc5dP\xec\x80I\x81\xee\xe3W9\xb2\xa0\xac$9\xd25%\xc8pn\xae\x06i', 0x9)
write$auto_buffer_percent_fops_trace(0xffffffffffffffff, &(0x7f0000000300)="6d1d621ff5a556b606000000000000001d3c7ff3d1be02723c0fa860f0a9bb5379bcf547ba130b51d2175f25eeab8bcde079ef2edad0fe6341e26112141e03c07279455ff84827", 0x47)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x800, 0x0)
ioctl$auto_FBIOPUTCMAP(r1, 0x4605, &(0x7f0000000340))
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x88b02, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x20)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5)
ioctl$auto(r3, 0x4008af24, r3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4041, 0x0)
write$auto(r2, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81)
setns(r0, 0x60020000)
umount2$auto(&(0x7f0000000000)='.\x00', 0x8)

37.20475927s ago: executing program 0 (id=1822):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = getpid()
r3 = gettid()
rt_tgsigqueueinfo$auto(r2, r3, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}})
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={r3, 0x2, 0x14, 0x2, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x7)

36.053206161s ago: executing program 2 (id=1823):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200803, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f0000000180)={0x7fffffff, 0xf27, "05d60a70fc5d37a1c28406fdda746d5be92810cf5f4a3ff3925330a65c37ccfc8f874868df0ec09fd0690800e8e07c1bc8dbb03fa30c0de194bacf63786f940e", "dea5cc950cb87ccdf14c47364e2ed322ae8f623fd82f55d1613d6fd818a5c48b9167bbb44facad6dde4acba0421f75255e3bbb605655af477ca5d3e38ccf245803b91c1e36b08a8e12a7cea8eac45f64", 0xc, 0xfffffffffffff572, "dacd8a34c62476a70fe394aaf0e28eb8770b1858d9800f52f4ede77d32c327c97488fcb86dbdab461a6850954ecc9c4e67d47c31c74335840f1fab72f88d703c"})

34.996458575s ago: executing program 2 (id=1826):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/oom_score_adj\x00', 0x80100, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000001c0), 0x8000, 0x0)
socket(0x10, 0x3, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x10b802, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x541c, r2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket(0x27, 0x8080f, 0xffbffffc)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
fanotify_init$auto(0x5, 0x2000000000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x0, 0x80805, 0x8000d8)
clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto(r4, 0xc10c5541, r3)
mmap$auto(0x0, 0x3, 0x0, 0xeb2, r0, 0x8000)
r5 = io_uring_setup$auto(0x3ff, 0x0)
mmap$auto(0x0, 0x8004008, 0x2000000329, 0x2000000010011, r5, 0x8000)
read$auto_proc_pid_smaps_operations_internal(r5, &(0x7f0000000000)=""/48, 0x30)
capset$auto(&(0x7f0000000180)={0x19980330}, 0x0)

34.561564567s ago: executing program 2 (id=1827):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|3\x1ck\x00'/24, 0x5)
read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, &(0x7f0000000280)=""/40, 0x28)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r1, 0x0)
r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/snd_virmidi.0/sound/card2/admmidi2/power/runtime_status\x00', 0x93a03, 0x0)
sendfile$auto(r3, r3, 0x0, 0x3)
rseq$auto(&(0x7f0000000200)={0xe, 0x6, 0x5fc, 0x10000006, 0xffffffff, 0x9}, 0x80000040, 0x0, 0x6)
futex$auto(0x0, 0x4, 0x0, 0x0, 0x0, 0x440a48d2)
close_range$auto(0x2, r2, 0x0)
open(0x0, 0x22040, 0x75)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0)
shutdown$auto(0xffffffffffffffff, 0x0)
msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x7)
msgsnd$auto(0x0, &(0x7f0000000040)={0x40000007fc, 0x8}, 0x3ff, 0x2)
msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

32.969676988s ago: executing program 2 (id=1831):
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0xffffffffffffff80, 0x6, 0xbc, 0x79b86eb0, 0x602, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x96141, 0x0)
socket(0x2b, 0x800, 0x76)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0x80100, 0x0)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000b00), r2)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/122, 0x7a)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
fsetxattr$auto(0x1, 0x0, 0x0, 0x0, 0x2)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000002c0), r0)
shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000000500)={{0x2, 0x0, 0xffffffffffffffff, 0x80, 0x38cb, 0x1, 0x1}, 0xe44, 0x7, 0xffffffffffffffff, 0x28, @inferred, @raw=0x1, 0x73c, 0x0, &(0x7f0000000240)="fd683e63025f8b65954c19e3414772f4d09eec96611720ea05094b772e19345731c54b547d0b5aacf1ee3def038114f474fbdf75c55aa8da271d2ca062668777bebd53e4225cf62dbbbc1f8b", &(0x7f0000000400)="51abaff804a0f24de290a35755a98bf8d533cf2fc4686c81977b4e151eaca2a08390c94ece0d5166568b3114e6240b337623418575f06448b94a147e196113e435e64841a059a5695d8d39e2beb6668c72a2094a4a78aabb325d01ba9455d8523e05fd4454a70fe85cff8ff410666bd8874ff0c36b7141c0651fe69ed4636fa1278f1d1897cf96ad8db3a668f2b6c8b45314b1c4a51cc8cedd6efb5de0b52659ddd1eaca9710b2bacba6ec555da89dc6d6bfff3b0258376c9539eba6d12f52be4c0b21eed67fe462"})
sendmsg$auto_TIPC_NL_BEARER_ADD(r3, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r4, @ANYBLOB="00042515000000040004800800098004007b800c0005800800a5002c122f005d010480f4828adf6f6bd020180aa426500a978a2d0718d2c5fdc6987418a0e2726dfecb5e215ceb34ff877a5b3eedfee5e4f02e40ab12930b5e080ccd5d4e3cb44189d08f1ab9ec77a5d418aa2b8e4f6c0aa1e27a58bfca78563cb061ffe34b3d1fe7b78e3db995011272e5e3498980cb2c30c606c1b2f68e4df1c2ea0c1c4c25470828ed62c589bec1832e04aa1063c42aa8dae2c50f4580353efc3db98fe69df8ab129fe072c8d3b30488a6701f83bc0ab3b4db69465cad436b09cac804a658f5f7df7d023ac1d5d92a59407512e6d95b00d486291a07786bdc80752f0ce4eb9f4fe34178bd67c652d9122e0314497ee219038f63c4353c7894e9d64e880c8d3a5d2888a732ca999741d3c934b14538ff308ff0e57033fac7dd9024743adfce19b7d0aeba4d2dab24c6a6147e0f832e8216f4c5650cb75f43c64ec7b845f8a463cab44326412daf42f075a3fec3040f989bf410cea1f4912817e3e6634c5fcfdf000000f46c3a29d1e0dd4831108f58c730bd11538d025cb9fdc98c0c0e5027a2e34b1786f611f0aaaab025ec5009b143c7c7552e8ca028a44f0d2d1d33dad2748f13a2df6787ab4458a6b67400e72bea191d083f5c26e44d035dbc4ea91f3014ace47ae74e4c1f5e17d91e9c2fc1dbc7ab744fa3d2b100"/525], 0x18c}, 0x1, 0x0, 0x0, 0x40030}, 0xd0)
pread64$auto(0xffffffffffffffff, 0x0, 0x87ff, 0x5)
mmap$auto(0x0, 0x400008, 0x3, 0xffffffff, 0xffffffffffffffff, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r5, 0x8, 0x1)
fcntl$auto(r5, 0x11, 0x2)

31.923336206s ago: executing program 2 (id=1833):
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0xffffffffffffff80, 0x6, 0xbc, 0x79b86eb0, 0x602, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x96141, 0x0)
socket(0x2b, 0x800, 0x76)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0x80100, 0x0)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000b00), r2)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000140)=""/122, 0x7a)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
fsetxattr$auto(0x1, 0x0, 0x0, 0x0, 0x2)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000002c0), r0)
shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f0000000500)={{0x2, 0x0, 0xffffffffffffffff, 0x80, 0x38cb, 0x1, 0x1}, 0xe44, 0x7, 0xffffffffffffffff, 0x28, @inferred, @raw=0x1, 0x73c, 0x0, &(0x7f0000000240)="fd683e63025f8b65954c19e3414772f4d09eec96611720ea05094b772e19345731c54b547d0b5aacf1ee3def038114f474fbdf75c55aa8da271d2ca062668777bebd53e4225cf62dbbbc1f8b", &(0x7f0000000400)="51abaff804a0f24de290a35755a98bf8d533cf2fc4686c81977b4e151eaca2a08390c94ece0d5166568b3114e6240b337623418575f06448b94a147e196113e435e64841a059a5695d8d39e2beb6668c72a2094a4a78aabb325d01ba9455d8523e05fd4454a70fe85cff8ff410666bd8874ff0c36b7141c0651fe69ed4636fa1278f1d1897cf96ad8db3a668f2b6c8b45314b1c4a51cc8cedd6efb5de0b52659ddd1eaca9710b2bacba6ec555da89dc6d6bfff3b0258376c9539eba6d12f52be4c0b21eed67fe462"})
sendmsg$auto_TIPC_NL_BEARER_ADD(r3, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="8c010000", @ANYRES16=r4, @ANYBLOB="00042515000000040004800800098004007b800c0005800800a5002c122f005d010480f4828adf6f6bd020180aa426500a978a2d0718d2c5fdc6987418a0e2726dfecb5e215ceb34ff877a5b3eedfee5e4f02e40ab12930b5e080ccd5d4e3cb44189d08f1ab9ec77a5d418aa2b8e4f6c0aa1e27a58bfca78563cb061ffe34b3d1fe7b78e3db995011272e5e3498980cb2c30c606c1b2f68e4df1c2ea0c1c4c25470828ed62c589bec1832e04aa1063c42aa8dae2c50f4580353efc3db98fe69df8ab129fe072c8d3b30488a6701f83bc0ab3b4db69465cad436b09cac804a658f5f7df7d023ac1d5d92a59407512e6d95b00d486291a07786bdc80752f0ce4eb9f4fe34178bd67c652d9122e0314497ee219038f63c4353c7894e9d64e880c8d3a5d2888a732ca999741d3c934b14538ff308ff0e57033fac7dd9024743adfce19b7d0aeba4d2dab24c6a6147e0f832e8216f4c5650cb75f43c64ec7b845f8a463cab44326412daf42f075a3fec3040f989bf410cea1f4912817e3e6634c5fcfdf000000f46c3a29d1e0dd4831108f58c730bd11538d025cb9fdc98c0c0e5027a2e34b1786f611f0aaaab025ec5009b143c7c7552e8ca028a44f0d2d1d33dad2748f13a2df6787ab4458a6b67400e72bea191d083f5c26e44d035dbc4ea91f3014ace47ae74e4c1f5e17d91e9c2fc1dbc7ab744fa3d2b100"/525], 0x18c}, 0x1, 0x0, 0x0, 0x40030}, 0xd0)
pread64$auto(0xffffffffffffffff, 0x0, 0x87ff, 0x5)
mmap$auto(0x0, 0x400008, 0x3, 0xffffffff, 0xffffffffffffffff, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r5, 0x8, 0x1)
fcntl$auto(r5, 0x11, 0x2)

31.498222125s ago: executing program 2 (id=1834):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r1, 0x0, 0x20)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0)
pread64$auto(r2, 0x0, 0x1000f42d, 0x100)
r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r3, &(0x7f0000000040)={0x0, 0x2}, 0x2)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendfile$auto(0xffffffffffffffff, r1, 0x0, 0x1000000000001bf)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c06, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/queue/nomerges\x00', 0x80302, 0x0)
ioctl$auto_FS_IOC_GETFSUUID(r0, 0x80111500, 0x3326)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$auto_KVM_GET_EMULATED_CPUID(r5, 0xc008ae09, &(0x7f0000000100)={0x1ff})
unshare$auto(0x40000080)

22.245152303s ago: executing program 33 (id=1822):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = getpid()
r3 = gettid()
rt_tgsigqueueinfo$auto(r2, r3, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}})
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={r3, 0x2, 0x14, 0x2, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x7)

17.479933119s ago: executing program 5 (id=1859):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x11, 0x3, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
fspick$auto(0xffffffffffffffff, 0x0, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f0000000840)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB, @ANYRESOCT=r0, @ANYRESOCT, @ANYRES16, @ANYRES64=r1, @ANYRES16], 0xb4}}, 0x20000054)
write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfff)
write$auto(r1, 0x0, 0x98c7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x4, 0x15)
unshare$auto(0x40000080)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r2, 0x402, 0x8000007fffffdf)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r3, 0x402, 0x2)
getdents64$auto(r3, 0x0, 0x7)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0)
r4 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000400), 0x181040, 0x0)
ppoll$auto(&(0x7f0000000440)={r4, 0x4, 0x1}, 0x6, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r5, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb133", 0x930)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_register$auto(0x2, 0xe, 0x0, 0x20)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)

15.847476469s ago: executing program 34 (id=1834):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r1, 0x0, 0x20)
mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0)
pread64$auto(r2, 0x0, 0x1000f42d, 0x100)
r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r3, &(0x7f0000000040)={0x0, 0x2}, 0x2)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
sendfile$auto(0xffffffffffffffff, r1, 0x0, 0x1000000000001bf)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x4c06, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/queue/nomerges\x00', 0x80302, 0x0)
ioctl$auto_FS_IOC_GETFSUUID(r0, 0x80111500, 0x3326)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
ioctl$auto_KVM_GET_EMULATED_CPUID(r5, 0xc008ae09, &(0x7f0000000100)={0x1ff})
unshare$auto(0x40000080)

5.727171263s ago: executing program 6 (id=1904):
mq_unlink$auto(&(0x7f0000000080)='/dev/ram6\x00')
futex$auto(&(0x7f00000003c0)=0x58, 0x5, 0x3, 0x0, &(0x7f0000000440)=0x2, 0x2000005)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x2c4140, 0x0)
preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e)
mmap$auto(0x0, 0xa, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
ustat$auto(0x801, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x200000000040}, 0x8)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
r1 = socket(0x15, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000200)=@qipcrtr={0x2a, 0xffffffff, 0x1}, 0x6b)
ustat$auto(0x801, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
unshare$auto(0x20000080)
syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
bpf$auto(0x5, 0x0, 0x102)
getpid()
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x40802, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_GET_SCAN(r3, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={0x0}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
read$auto(r2, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0xffd8)

5.382837869s ago: executing program 4 (id=1906):
r0 = pidfd_open$auto(0x1, 0x0)
writev$auto(r0, &(0x7f00000000c0)={&(0x7f0000000080)="289ebcf2365925b9b0047b11e7eb056486cd5ef067167520e8798fd374cf9f", 0xffffffffab26f442}, 0x0)
memfd_create$auto(&(0x7f0000000100)='\xa7\xe0\xd0\xc5\xf26\xfc\xfbm\xc5dP\xec\x80I\x81\xee\xe3W9\xb2\xa0\xac$9\xd25%\xc8pn\xae\x06i', 0x9)
write$auto_buffer_percent_fops_trace(0xffffffffffffffff, &(0x7f0000000300)="6d1d621ff5a556b606000000000000001d3c7ff3d1be02723c0fa860f0a9bb5379bcf547ba130b51d2175f25eeab8bcde079ef2edad0fe6341e26112141e03c07279455ff8482787fc", 0x49)
r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0\x00', 0x800, 0x0)
ioctl$auto_FBIOPUTCMAP(r1, 0x4605, &(0x7f0000000340))
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88b02, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x20)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x5)
ioctl$auto(r3, 0x4008af24, r3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4041, 0x0)
write$auto(r2, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81)
setns(r0, 0x60020000)
umount2$auto(&(0x7f0000000000)='.\x00', 0x8)

5.120317264s ago: executing program 1 (id=1907):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
pread64$auto(r0, 0x0, 0x800003, 0x270)
close_range$auto(0x2, r0, 0x7ff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x5, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0xa788}, 0x6, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r4, 0x0, 0xb4d3)
r5 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing/printk_formats\x00', 0xc0002, 0x0)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r3)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r6, 0x624, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xffff}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x20008008)
pread64$auto(r5, 0x0, 0x1, 0xb29e)
write$auto(0x3, 0x0, 0xffd8)

4.193835248s ago: executing program 4 (id=1908):
mmap$auto(0xff00000000000000, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x0, 0x33, 0x0, 0x4)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r1=>0x0})
connect$auto(r0, &(0x7f0000000080)=@can={0x1d, r1}, 0x3)
r2 = socket(0x29, 0x2, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
lseek$auto(r3, 0xffffffffffffbaeb, 0xcd06)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(r2, 0x0, 0x4048010)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
listen$auto(0x3, 0x83)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
mmap$auto(0x0, 0x40009, 0xca2, 0x9b72, 0xffffffffffffffff, 0x28001)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}})
write$auto(r5, 0x0, 0x6)
r6 = getpid()
mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000)
process_vm_readv$auto(r6, &(0x7f0000000180)={0x0, 0x4}, 0x3ffffffffff, &(0x7f0000000100)={&(0x7f0000000280)="91d04987a19757812fbdb6db03347f6aaee89e8ac11f7775e9156d17c6f75fb1417c663a75c133c23cf5f4c90c18d5ff4bd7751be69bdefe6dad4180c3219abff424fd08bb67455464c3d31a775c24f35f50124395125a806e12d04d6f4eb6908936909cc938903fecb6ce122a424beb1d7f4fa8abf5dc3ea60ed2784bdd9ad7f69a85b14e613b7144fb9d2fe154f6bc6780183fa4061c2a1de30ab681f3e5a0dd", 0x40000000001243}, 0xa, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)

3.750090506s ago: executing program 6 (id=1909):
r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0)
r1 = socket(0x15, 0x5, 0x0)
recvmmsg$auto(r1, &(0x7f0000001180)={{0x0, 0x3, &(0x7f0000000140)={0x0, 0x100}, 0x3, 0x0, 0x9, 0xc201}, 0x100}, 0x3, 0xb9, &(0x7f00000011c0)={0x0, 0x7})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/nfs/exports\x00', 0x400, 0x0)
r2 = prctl$auto_PR_SET_VMA_ANON_NAME(0x1, 0x0, 0x0, 0x3, 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r3 = socket(0xa, 0x5, 0x0)
getsockopt$auto(r3, 0x84, 0x20, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8020200}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x84884}, 0x14)
close_range$auto(0x0, 0x5, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/disable_ipv6\x00', 0x82002, 0x0)
r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv6/conf/veth0_to_bond/router_solicitations\x00', 0x0, 0x0)
sendfile$auto(r4, r5, 0x0, 0x1)
socket(0x23, 0x80805, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x2, 0x73)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/version\x00', 0x8cc02, 0x0)
mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0x81)
writev$auto(r0, &(0x7f0000001200)={0x0, 0x80000001}, 0xf)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cpu.pressure\x00', 0x183142, 0x0)
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/clear_refs\x00', 0x103000, 0x0)
sendfile$auto(r6, r6, 0x0, 0xc01)

3.392933795s ago: executing program 6 (id=1910):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0xa, 0x2, 0x88)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x7fffffffffffffff, 0xeb1, r3, 0x8000)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1, r2, @relative_id=0x13, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc)
r6 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x2, 0x0)
recvmmsg$auto(r6, &(0x7f0000000280)={{&(0x7f0000000080)="09bb17606d430709bace10e46c0f68eaf3784c7c29b4e2648ef5f6f3e9a64b2cf2777b0e9bda6b41802d5cd846e3d81257212161018b2ab18381b1ae", 0x1ff, &(0x7f00000001c0)={&(0x7f00000000c0)="a65b5867ce9136e086de1667c29f51c0520933640ef8a15582234792cd4d8e5e232d584af8882cc23ac7905593367935986f299fc4ca43214a2112cc0aba113ad1b723592fa7fd97d9e08c12e522541490e66d7264a23e8a8140a2389d0f26272410f7145afce04b8471692403737bd20de0159d431109693b57e60c4f9c45c96912b233dce27bb6e49d93f7d5b00e9097b159ed3133d6799dd0e2a6a9732e0c8f5c585be9960707038c0ce5385b23bec67dd5bbdb08ebc55fefb36a8486b167c4c05978fa213212d46e02cfdbf6679bd17d861810cabc48207223ddc5201eb726a51f9fd62c83042f5e4b0f8bc95c98920252237c4a404e777793", 0xd7}, 0x3, &(0x7f0000000200)="6e18c33b94cd5f448ad5c92b1c5b5ef08ad665b2a5262bfed7fd57284e0a76500ee803fb1b05920a17f747b51eb27681c9377fbfc0d5656115267b101a34a7092cb1d03b773e17dc61ab84dd7ceb893ea0175b595a2fb2c0d2b53928118d1a789fabb567ae5c646ab30da92a3f6959", 0x0, 0x8}, 0x5}, 0x78c1214d, 0xa, &(0x7f00000002c0)={0xfffffffffffffbff, 0x7})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r7)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r7, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r8, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
recvmmsg$auto(r7, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0)
socket(0x10, 0x2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
socketpair$auto(0x20004, 0x1, 0x1, 0x0)
r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r9, 0x5423, 0x0)

2.888502634s ago: executing program 6 (id=1911):
mmap$auto(0xfffffffffffffffe, 0x8001, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8)
r0 = open(0x0, 0x261c2, 0x194)
bind$auto(0x3, 0x0, 0x6a)
statx$auto(r0, 0x0, 0x9, 0x74bc, 0x0)
timerfd_settime$auto(r0, 0x3, 0x0, 0x0)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/oom_adj\x00', 0x24a742, 0x0)
read$auto(r1, 0x0, 0x1f40)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bpf$auto(0x0, 0x0, 0x6f3)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r2)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x561503, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = socket(0x1, 0x2, 0x1000c)
connect$auto(r3, &(0x7f0000000180)=@in={0x2, 0x4e24, @empty}, 0x54)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x538, 0x80, 0x10000, 0x0, r5, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, r5, 0x4, 0x6, 0x101, 0x1, r5}, 0x6f3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x10, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x605}, 0xf}, 0x2220004, 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0))
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x7ffe)
recvmmsg$auto(r4, 0x0, 0x400fffd, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000400)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0)
read$auto(0xffffffffffffffff, 0x0, 0x20)

2.796420148s ago: executing program 4 (id=1912):
mmap$auto(0xff00000000000000, 0xe983, 0x4, 0x14, 0xffffffffffffffff, 0x8000)
r0 = socket(0x15, 0x5, 0x0)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0xc, 0x0, 0xf58, 0x4, 0x4412d, 0x8, 0x0, 0x4, 0xf, 0x8000000000000, 0x84c, 0x1, 0x7]}, 0x0)
sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x404240, 0x0)
r1 = socketpair$auto(0x1e, 0x5, 0x9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x82043, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000580), 0xffffffffffffffff)
mkdir$auto(&(0x7f00000021c0)='./file0\x00', 0x4)
utimes$auto(&(0x7f0000002340)='./file0\x00', &(0x7f0000002380)={0x7fffffffffffffff, 0x7})
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x3}, 0x3)
preadv2$auto(r5, &(0x7f0000000100)={&(0x7f00000000c0)="388a19183c5062783dbb2ecea730417348606405", 0x5}, 0x9, 0x6, 0x7, 0xfffffff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NFSD_CMD_POOL_MODE_SET(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000000)={0x14, r4, 0x1, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x4004054)
r7 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000001c0), r2)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000380)={&(0x7f00000002c0)={0x3c, r7, 0x300, 0x70bd28, 0x1000, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x3}, @NFSD_A_SERVER_SCOPE={0xe, 0x4, '/dev/zero\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000)
mount_setattr$auto(r1, &(0x7f0000000000)='./file0\x00', 0x8, &(0x7f0000000040)={0x1, 0x1, 0x48, @inferred=r6}, 0x4)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000300)="dc000000")

2.617849011s ago: executing program 1 (id=1913):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000e00)={0x1984, r1, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_RADIO_NAME={0x2d, 0x11, '/P\x13jE\f\xf9r\xf5\xa3\xd2\x84y\xf9*\x9b\"\x1c\xa4l-\x19\xfd\xa4\xf4y\x02\xc2\x96\xfa\x84L\x12\xcd\x83\xf7\x12\xd3\xc4\x1e]'}, @HWSIM_ATTR_PMSR_RESULT={0x1940, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x193c, 0x5, 0x0, 0x1, [{0x438, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x84, 0x1, "c73126dd9db2e002460f91c725a75ab044c6c4a6a8cd937f684410d6256954657011f85be6a64d1e32ca452344be25cad38b142a62de792026d9eb043e87419e64e71fa41e9c7350c05c862300c62deb4ced02812c322f185461d85422426034f73997478b60f1b4b0d86b26e7e627946b22e99c14464c3251e750a9132eede5"}, @NL80211_PMSR_PEER_ATTR_RESP={0xd8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x7f}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x2}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xff}, @NL80211_PMSR_RESP_ATTR_DATA={0x9c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x30, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x2af5}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x8, 0x13, '!]--'}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x14, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0xff}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x2}]}]}, @NL80211_PMSR_TYPE_FTM={0x24, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x6, 0x13, '\x05+'}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0xc}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x4}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x34, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_MCS={0x5}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0xff}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x9}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x9}, @HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0xeb}, @HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0x8}]}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x30}]}]}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x4}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x2b4, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_DATA={0x10c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc}]}, @NL80211_PMSR_TYPE_FTM={0x28, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0x5a}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x70}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x5}]}, @NL80211_PMSR_TYPE_FTM={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x14, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x4}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x80}]}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x34, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x20}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x7}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x61}, @HWSIM_RATE_INFO_ATTR_BW={0x5, 0x5, 0x9}, @HWSIM_RATE_INFO_ATTR_HE_GI={0x5, 0x6, 0x8}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x40}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0xd}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5}]}]}, @NL80211_PMSR_RESP_ATTR_DATA={0x1a0, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x2c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0xd}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x7fffffff}]}, @NL80211_PMSR_TYPE_FTM={0x50, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x80000001}]}, @NL80211_PMSR_TYPE_FTM={0x4}, @NL80211_PMSR_TYPE_FTM={0x38, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x5, 0x13, '}'}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0xc, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x4}]}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0xc0}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x1}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x5}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0x8}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x7}]}, @NL80211_PMSR_TYPE_FTM={0x74, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x2c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x6}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x2}, @HWSIM_RATE_INFO_ATTR_MCS={0x5, 0x2, 0x8}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0x9b}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x6}]}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0xfffffffc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x3f6c}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_DURATION={0x5, 0x7, 0xe}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x3}]}]}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x800}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8}]}]}, {0x6c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x24, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x6}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x3}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x3}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x14, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x7}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x30, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x3}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xc}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0xffffffffffffffff}]}]}, {0x48c, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_RESP={0x148, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0x28}, @NL80211_PMSR_RESP_ATTR_DATA={0x120, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x64, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x40}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_BUSY_RETRY_TIME={0x5, 0x5, 0x9}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x10001}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x2}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x5, 0x13, ':'}, @NL80211_PMSR_FTM_RESP_ATTR_BURST_INDEX={0x6, 0x2, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x100000001}]}, @NL80211_PMSR_TYPE_FTM={0x98, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x2c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_N_BOUNDED_CH={0x5, 0x9, 0x6}, @HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x80}, @HWSIM_RATE_INFO_ATTR_N_BOUNDED_CH={0x5, 0x9, 0x7a}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x4}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0xc}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x4bc5}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x100}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x7, 0x13, '@-\\'}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x2c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_EHT_GI={0x5, 0xa, 0x8}, @HWSIM_RATE_INFO_ATTR_MCS={0x5, 0x2, 0x9c}, @HWSIM_RATE_INFO_ATTR_HE_GI={0x5, 0x6, 0xf8}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x1}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0xfd}]}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x4}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x9}]}, @NL80211_PMSR_TYPE_FTM={0x20, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x1}]}]}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x8}, @NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x9}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x1f, 0x1, "16cc36a694cb0bf7d21f9f7e7f8a6266e901475d1720387dc31804"}, @NL80211_PMSR_PEER_ATTR_RESP={0x188, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_DATA={0x184, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x5c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0x6}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_AVG={0x8, 0x9, 0x81}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x1c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_LEGACY={0x6, 0x3, 0xf25b}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x40}, @HWSIM_RATE_INFO_ATTR_NSS={0x5, 0x4, 0xb5}]}, @NL80211_PMSR_FTM_RESP_ATTR_FAIL_REASON={0x8, 0x1, 0xeeb7}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0xc}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x7ff}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x8be5}]}, @NL80211_PMSR_TYPE_FTM={0x60, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_SPREAD={0xc, 0xf, 0x1000000000004b}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_ATTEMPTS={0x8, 0x3, 0xd17}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x100000001}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x6}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x7}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x5}]}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x80000000}]}, @NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x7}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x3}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_FTMS_PER_BURST={0x5, 0x8, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_VARIANCE={0xc, 0xe, 0x1}, @NL80211_PMSR_FTM_RESP_ATTR_RX_RATE={0x1c, 0xc, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_N_BOUNDED_CH={0x5, 0x9, 0x6}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x8}, @HWSIM_RATE_INFO_ATTR_EHT_RU_ALLOC={0x5, 0xb, 0x1}]}, @NL80211_PMSR_FTM_RESP_ATTR_RSSI_SPREAD={0x8, 0xa, 0x200}]}, @NL80211_PMSR_TYPE_FTM={0x44, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x765bfe45}, @NL80211_PMSR_FTM_RESP_ATTR_RTT_AVG={0xc, 0xd, 0x7f}, @NL80211_PMSR_FTM_RESP_ATTR_LCI={0x19, 0x13, '/dev/bus/usb/037/001\x00'}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x2}]}]}]}, @NL80211_PMSR_PEER_ATTR_RESP={0xc0, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_AP_TSF={0xc, 0x4, 0xf}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x2}, @NL80211_PMSR_RESP_ATTR_DATA={0x9c, 0x1, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x3c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_NUM_BURSTS_EXP={0x5, 0x6, 0xd1}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_VARIANCE={0xc, 0x11, 0x4}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x8}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x7f}, @NL80211_PMSR_FTM_RESP_ATTR_DIST_AVG={0xc, 0x10, 0x4}]}, @NL80211_PMSR_TYPE_FTM={0x10, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x2}]}, @NL80211_PMSR_TYPE_FTM={0x4c, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_RESP_ATTR_DIST_SPREAD={0xc, 0x12, 0x5}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x7b}, @NL80211_PMSR_FTM_RESP_ATTR_TX_RATE={0x2c, 0xb, 0x0, 0x1, [@HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x7}, @HWSIM_RATE_INFO_ATTR_HE_DCM={0x5, 0x7, 0x6}, @HWSIM_RATE_INFO_ATTR_N_BOUNDED_CH={0x5, 0x9, 0xd0}, @HWSIM_RATE_INFO_ATTR_HE_RU_ALLOC={0x5, 0x8, 0x2}, @HWSIM_RATE_INFO_ATTR_FLAGS={0x5, 0x1, 0x5}]}, @NL80211_PMSR_FTM_RESP_ATTR_NUM_FTMR_SUCCESSES={0x8, 0x4, 0x9}]}]}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x4}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x87, 0x1, "2a9742dcbd5c5d0bb60dcad6c2d6d05efa73d5ca4660ebba8174a8cb5ee681174a17d6f5dde8881aca507b321ce44a280341bf9c3aceb74043b1e0fce804e802cae28e281304a2d30f2195dad11d6a9fe0d3460257d4d646ea86c03ff2eb7efe76ff4df93481b0e82766aa8fe84fe6834e93e8392a158e75ace5c6fe40294b939ff593"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x50, 0x1, "b6de6a0609691c37916fe2e012c557da8e9c67dc20ea8d20b7f4e26667c945b11c42276f6feb2ab8d18b69f3c1fc084b127e43f8ff5f9e2c154fd11c91201b6a29a9cccf11368e62ecae0e16"}]}, {0x1008, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "e04a2882b355cca047735d692aa68676c185594ba158fad32c17c6226d455c04f26576a8eed8003f2d53cc2db4e5d2d2d0c4d90f1ed2b079cfcf8a88c646d76095d1f7c59939c47bd7eb446b335938015e91c320b8560eadb1c6da468a1434c261b14d1ea620f4217d843da1a1bebce3bba90f05afc836cab6266b20c3fbdc989d35769f58c399f82fd8e9aeff2c3e299e034b3db802c4e99a7a583c30c1f019aa7fd2c900498c14ea88be5c3fe511d48f139a3af9e424ac636bd5fb109a324831f6de45d1e4aeb525af27b70360e302f932c859086f1e6a6f3652e6d566948e6de5c8026a1bb06ce236ec7ce012325d011b269349ba4f9ed0cb7edae1bb253d8158bea1a418628612590218e7857c0fd5cb73d5f199fb6154c0e9418c909af0c1ebcc8a8b89325b142212454d710f474b33a86cafb11bad49d902a9e56686dc650b2c85ea5bf78ef1cb088c8c672c9489baea7d66bc3de7ef9c61ae7bc7417d9887728ae3f57effbe249940896e4a9bd68a36d261521f20e99065cc3a90a2400d53ececc30b264181c4f142e399cb3a92100a40e6b8ae5379a381b40ce6ae5673b6d9411ba08adfb3eaf68a59140b181dec3e6e04cf00cd589b69bb4543cd139e72a1c24dfd86f8bc8401afcd2e04d229043ce09da6baf5a0ac6f67aaeedee278f97fc18d89200691d6e0e2ce254d18dc01ce022d7fa92518c8fdebbc095dc5fcf7ae3cce681a3fea86aae8e1eb24417513c7a081b6deba60a1f569f507700a2f8cc0553c58634013700211b1fb7bc4a99276357e4c863aa626a0553d4cd1ae7461837a8841d137187282ce79f69d153e51b93a9c92b138c2b66499ab1ba90ddfb23c9dd2325d845a4c058b55023e0202f1d313e2dec9ab1785460786e6723d014c3324ab62914c73b6be1ab10d627204e6630bbe7484f5110c4cb888baf9610b89d6a47aaa34863fbe0fb50d44e70de737d69197294e3ba68e31809f8ed76dca6b0ae58ef8f17e51953d0a7a012689bdae78508b83c83d1f28a5c4aaa9c6a1079fa494a4369eeace895a6f93e9187de5c43637c35273ba80e91211a3bf3ff897aecacf4bb99394aed7243cd0cedeedd99731a721f3157eabc082ba831333553853589985306c04698859f8c9d80a6a3cf7e6c8c45ac3d2776656d8784589e9aa7195e0512eb9687093a2806770aad3c99bf4cc34d7dfa103964d638a9f341e6dfcf35d53ff18c491c4ce4b1e282a7ed852882e37cd94b145448e911ceff2ffeece7c5e9d1439ddcd29ca9479952dbe70a9b9e2d6c60fda257660a38138eac77e306c4d66b60276c11a99d81fb44f831bf6073d60b7912422a06c8a7d4ec2809459c1b98716290c5f3fcebbeeea29adf7013d6c37ad19da0fb761789a1c4134dcaa9a3b5bb1c54a01106a895d76e458b212e08a4d5389178d4f3d6755423f8c33bf0552d84e3126a576746b26afd85ce4d61dcf9e4b86eb301893697f9ee27d5f7a597ea5a8ebd102ac6f4fe888e55c5a7534f53f3f250cb0d9ef03e7a8ba8263bcb97452e46054a8574825fdc55d66ea7873c360fb54d1306d7e5f8ac436a7ca77d8c2344f17ca28ad7f2e4eaee0a931359d741432b97865872ec4538e335a0b99a7c4879a0ea82247563f8c98b49b926504fbab234fe0046e7f08e04b43a21ff3244123a7fe284da845d99a1e4d2919386b08df17eec52c25b344f4c9c22e355894d970be3cec71272cc18dbb51c572676da49851c14192a64754a161272bfa2b25e9cec9fa8d91cdd21386fd8f461b40b559afe0a6d7564dc8f24357d8efe289b65b3482d9c9d59c054bac3d5027c309509d7b2689d7b4d7f714f9fd1ca2c7efbcacc890cad8816d220d6aa627a02bd7cae5026ee50af9a8711af9af29ecfcfe0ad92cdd29f3960a4883ec0025a04799f37cc6c59fe13eba69ece53cbdf515b547be7df49003a954a94f2d68b10f3efc1ff9b64acdc38aab670341820419fd8ace22a480362300be7ff79c5df86f52f1616c1f4a6c850f7920ce8516815e0d2846562a648cbf74a7efe6798b1e0d3d13c05819034901be9a0ccf78cf3dbb250c96bf07f7dc7f8afb70d26d1e489b80bd86cba7046f8130ffb948b17fbb3f94efc60bb9d22f8f6b5d3bc1eacf2098d5b30dfbb0dea42003f171534b70c40e77878d1b10b25767f1ef26e8a792daf3e6e9c61712c5a7fb694227829a6fbde58185c3d8b4a533e9178393e5ff23ab14a3055bf359e26ad98fe2e6bd2aacdb044ac6132696c7b8e61b6331cf91dd07dcffdd89572cb6f4b743d4729ec52c8c585f4deccccaf8ec4557b3268f9cbd99a2cb3285e60a04dfc01b3dbe29ed0fe51189987bc4a1a11bd06ffafb508b27de5f8e32800e62ca8de6fcf0c2679f57e05b2c0b65b451809f14dd589f1d94e37c6bd780eba6527f36bc2df30679abaf32e98416d6f5a731ce72ae3ec85b7d59786ef1c381aaf1c1704106b8bfc460a078543428820e65b6ad92c9873f46e0661b4da599ea722e08b333feea661b0c2e723f8cf9f431a3ae06f1c848cb0b72999ade46e28f6d33fe77848da5341ab269c0104c7ac336d64fb218239503b43deb34304dee295b2a76e6c5905fd83447264ea53fc9ee2abd546ffca761f56cbabaf2f645ff20c3073c9f0e34e356752669cdea65b638bdda067fca54481f1edb16535061b0eb68f354d0a11d4ec8208db960609188de4d76d4dc612e3e4a28d015b011e8547d7d3286ab1479e014f4ffb514db5e980badeb8cbe23f14573af67c5f727f520882c7af061decf4644845a52d892211f3f689ae283e011d74234e15dbe70e6a30f8c3f75f4581d16410add827276f9c0e5252b28e5710086af5c225910cb459694a158d23bbc0ce955c55c61c42876ebef15d6bbc827dbedd0dfa62b3bb0534c510e35edb0c58bd41743dbaf54c0eadca197650f7e0180fe77a239fb0441cdd2466b3b45d1e218dcdeb534f92bc81f13f9e22e59065123cb20c30467bf23584dc59f09617472ed18b541dd7fc8697dd21b30755ea490fe5bccfe07015cb3d42bce4b838102e90c7bcbb98e99fbd4d525889f0d263ee824b034c74338cd0465ed7c382fe1ae6c4414fc74d5ab1afad8fb7b1345ea6dc678aaafa5d2079113b8e7f03863e04301f764e339dbf41d5775e2ec52246736b892f6d6e042f4f5a4c4a606496c7aa29e1dd0003044c76e47086168b12e5a4564531867cd32bce200a87ace47f0b80fe161c2ee4fb402b53cd6ab4ae521f8e71914ac07eaa8d9cd9ca8619141950d77f51be2667c8ed815c0c62a42f93f035f5e045430959d531e45836b869359d65185b93fc2d843b14f38694fe1ab21e8d89b6a5823be1b4f46d0610a8528ebe18d043c89e72df177a74b1c4d7f694e0f523cbbb82427da775d0e4c0d404f2fece3313633767f67c811a82e9761a49a369a257e103008a5c2c948c3fe81b316f4ecce47fde57bee92de0dcd5417398c9fdd55cd3981b72ec8a15ffaf8bf8250e4f9a2aacf1fd60f9ff2f6c9f0a5ca3ee3aa974a1783bf4f2e447f07604adfa7f40853075a16639aa254862ca3f47d1e49dbd0dd67f9d146f4d8579c85de9b38d96fbe44680d678246974099b327b9d4aedc0027d5725614ac2aab5d5ed7c5d683d7b75f5931623d806befbce7ca2c2418ed89cc5e1648d94c49fb64d6b7816e335c7d74465f0d1810ca17056891b2bb3e47510c699ce431537c95cffef13a7e5da5e584c01d7f20e078bdbc51205ce3b30968f10d688d582d27fa986e5cb556fed5de11d3fcffd62e3748eaeea5a65eadee6330add6af7a6c0ade7b74039cea6c18b2025cc56402d08ae95bbce1af0c1c46109968c0eae3adb6375b93f4209a0012cb6d837b5e36f7321f32152934e1f575f8fe77cd27d76b53c622983b294c40ccb61315d011594a021aa490005706e5dc2d043b225a9c68a7ba73a8db245eccb51fe5d9dcce7c61efb05317992386a5a0e869f40edf6f135a4f2889eb8a9918b0d4650b0f4d4a32039f8d49b1fb2c0c3c69ad363a735632253095c23137a7c6b70b59cd8f5b0f4894525dcc87e5dcb497af95dc1391c9fa107291d4b0816aca20a914fab851e7e790534119e413326576b9918caac559ed7c211e4d93b56a5ba9244b5889f7666dedee25da679bb8b55cd93341689a53f474bab47181fe7caf32a7a3f2851961caa5732e5c202585c207830a251be0b449a1ecf3e1e5cd91992082998095b1618af9d285dbfc4230ed3dcd8491aa55d694057e2c72645821c426ab2c74f635f0e914825e843cd65fe6664bc6431e75d32292c5192543164cf3b3242ae9b710ec7a76740e8be168c33c22825966910b961ec0e9a91299e9077f484bb889cb1d7f610a2440ce542a6d43b0faebe8ca5e7c8fb10a00d72958f0356043c4c399d416abb951d3893f4f8082979473529ed54fe89f31d73b67bfbf4c73dc18a34395d7613baa25b98d853047cb477f8650ccfd1192edb118dfba960a1cd613c2efe846c4dd3908e97ab7cd57e5758361a06344b06951c4dc5cd5cf1532d120924f80aa1d0c7a2346233d3cc3013e113fd7b76cde6074721f969e822aa88c4327a53bc12c065d3d133ec9809b02118f020eeddf89859241e190524005cb4fa0819080830eddef6cd218c30510275758022371a1fac890f661202643789969a88ba820465e0bee82fad54f3292034d8cebd39abea2b2d10702ab7c69d5088f05d4c5c702c93df2ffd2477ade7c7846c285b1a389d3282cbc7cf8a16b3afac310bcf924a97ea9569b002f303dcd62647fe61d363cbd662cfaaeae9e1c35a27c6e4f211a363e99f248715fed656035ddd12683b2a931b163331144269de01b30528ed49bff00b1203762140bc7d273ca0c4d36461a6bf472fb3a20217e84633f4312bcb0abd802c61e4cc2398a67c4c8ad3323197bba8f9e4ed4c88e085d6d1639c990be9efd31a18e5632c904f9e43919ededfe293e4d25abd0c8a8252abf4d6919f9755bcc77aa6ca87c49089ddffe91091be475f8c99160eed0947338b8ca49de1b843c476ef6ed1686a6e94bfba48fc36c5d69e74affd068c866e952149dcd229d3524b77537ad0345db69a6a38c21b0299b5c08476a65642b693f0528a4bbb9baa18c9e5586b0f8535788d185c0072f32cc463c44c37cde167b23f1f18d4e36f60ab1b23274b7dc1771db3eb8fce2ff5bb838f7284304e25a676daeabed669c430313b356f131883cb26a4ddb07191ded502ab00bb1f761bb05412716378da6214df1d3bdc8fc3b89a0a41519d692e1e70c994a09da02850b8186fd44dc6cf1c9fb7ab665b557db5af8d5d4a4ec9d89968ed031ebe3ba6d11c8d321cff7fc08d533c30677560e258795000b9f43af0a7c3d25c51e3c87c97e4c5e3b6eff91e08ac5018172edd8832b0d587577c90a219588629cbce01684b509d091d83fcc34ff2d8a6f4587120e324901eb64a49fdc107cbeaa49b6183d5685e135f6430db230ada939f7b43c7e273179665c81a6de2b5c9b542e4ce7d11e96d0213b2e4cb04f782b522bc7be512e480d273e7e7822d0b4ad63843a7763588047e3cebed0a7c75e8176ea27164b5d38e4e5f46e73183fccd63be0126d2929a7ec6411ebc3124196cfd407a7b22791f9d2a48c951dabdc5e0b5700b776aad9a6d647918725b4fc1e4b333d524b617370e2bcda1503efa3732d2b1998c79b02f7d8f104f77a7124958e82512345cf79d89b47ebdc44324ff09fb87972912f47051a634ae2556cba2716288c3c"}]}]}]}]}, 0x1984}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800)

2.005516412s ago: executing program 35 (id=1859):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x11, 0x3, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
fspick$auto(0xffffffffffffffff, 0x0, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000600)={&(0x7f0000000840)=ANY=[@ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB, @ANYRESOCT=r0, @ANYRESOCT, @ANYRES16, @ANYRES64=r1, @ANYRES16], 0xb4}}, 0x20000054)
write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfff)
write$auto(r1, 0x0, 0x98c7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x4, 0x15)
unshare$auto(0x40000080)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r2, 0x402, 0x8000007fffffdf)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r3, 0x402, 0x2)
getdents64$auto(r3, 0x0, 0x7)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0)
r4 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000400), 0x181040, 0x0)
ppoll$auto(&(0x7f0000000440)={r4, 0x4, 0x1}, 0x6, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r5, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb133", 0x930)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_register$auto(0x2, 0xe, 0x0, 0x20)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)

1.993954866s ago: executing program 1 (id=1915):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r0 = socket(0x2, 0x801, 0x106)
io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(r0, 0x11c, 0x1, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x1d, 0x2, 0x2)
connect$auto(0x3, 0x0, 0x55)
socket(0x10, 0x3, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mlock$auto(0x800, 0x85fc)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
sync_file_range$auto(0xffffffffffffffff, 0x1, 0xa31e, 0x7)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
timer_create$auto(0x9, 0x0, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
write$auto(0x3, 0x0, 0x100082)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000003180), 0xffffffffffffffff)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x214000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
mmap$auto(0x0, 0xffffffffffffffd9, 0xdf, 0xdc, 0x7, 0xfffffffffffffffc)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r2, 0x4b71, 0x1)
connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x54)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

1.635603969s ago: executing program 6 (id=1916):
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
fcntl$auto_F_UNLCK(r0, 0x5, 0x2)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2000a, 0x7e, 0xeb2, 0xffffffffffffffff, 0xfa0c)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mlock$auto(0xfbe8, 0x4)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0001, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0xa, 0x401, 0x7)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
shmctl$auto_SHM_STAT(0xe70, 0xd, &(0x7f0000000140)={{0x1, <r1=>0xee00, 0x0, 0x7fff, 0x4, 0x9, 0xf001}, 0x92b, 0xfffffffffffffff9, 0x3, 0x9, @inferred, @raw=0x5, 0x1000, 0x0, &(0x7f0000000000)="608c", &(0x7f00000000c0)="3d076b3901f21033575eb1d2e7a77f94f2f505e27008094ccfbeaa0ae3de4704e1ac559afd57d630da487841251fbf1ad117d584e6ae8eaa4c00107f2e2f77b0a7224ed8b6942b46f350b209853935ca490ca9f8845950bbee143e0490a6f8001280d6238f6e20ffec4c7a0101444f1fae"})
setreuid$auto(0xee01, r1)

1.632362302s ago: executing program 4 (id=1917):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
r1 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(r1, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140), 0x55)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, 0x0, 0x4008000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/ocfs2/dlm_recover_callback_support\x00', 0x880080, 0x0)
r2 = socket(0xa, 0x2, 0x3a)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
bpf$auto(0x5, &(0x7f0000001080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa)
setsockopt$auto(r2, 0x29, 0x4e, &(0x7f0000000040)='!\x00', 0x1ff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2f212cbd7000c9edd8fa6574a16208000300", @ANYRES32=r5], 0x2c}}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="20002dbd7000fddbdf2521000000"], 0x14}, 0x1, 0x0, 0x0, 0x4008894}, 0x0)

886.680404ms ago: executing program 6 (id=1918):
msgctl$auto_IPC_STAT(0xfffffff8, 0x2, 0x0)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f00000098c0)='/dev/sg0\x00', 0x40, 0x0)
ioctl$auto_BLKTRACESETUP2(r0, 0xc0481273, &(0x7f0000009900)={"9c79bece76127589a33a968f51b2aaadc76a2d360a5d6917323688f527ff0804", 0x5, 0x2, 0x0, 0xe57, 0x7fff})
mmap$auto(0xffffffffffffffff, 0x20009, 0x4000000000db, 0x40000000000eb1, 0xffffffffffffffff, 0xc5e)
r1 = io_uring_setup$auto(0x6, 0x0)
semget$auto(0x0, 0x13c, 0x1ff)
semtimedop$auto(0x0, 0x0, 0x1f4, 0x0)
semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0)
mmap$auto(0x7fffffff9000, 0x1, 0x7ffffffffffffffb, 0x3132, r1, 0xfffffffffffffffe)
mmap$auto(0x7fffffffa000, 0x5, 0x7fffffffffffffff, 0x3132, 0x8d73, 0x0)
close_range$auto(0x2, 0xa, 0x0)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000200), r1)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x48, r2, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@CTRL_ATTR_FAMILY_NAME={0x5, 0x2, '\x00'}, @CTRL_ATTR_FAMILY_NAME={0x9, 0x2, '+*\\}\x00'}, @CTRL_ATTR_OP={0x8, 0xa, 0xb06}, @CTRL_ATTR_FAMILY_NAME={0xb, 0x2, '{,%]-\\\x00'}, @CTRL_ATTR_FAMILY_NAME={0xb, 0x2, '^*/]\x8b\\\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x48889)
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x200, 0x0)
ioctl$auto_FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000140)={0x7, 0xd, 0x2, 0xd, 0x3, 0x800, 0x0, 0x6})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0)
mmap$auto(0x0, 0x40000d, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000380), 0x103800, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x600, 0x0)
ioctl$auto_RTC_PARAM_SET(r4, 0x40187014, &(0x7f00000000c0)={0x1, @ptr=0x7, 0x1})
write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000240)="22edd92f26639ec07e6e5d09f20c7c160a4dc5023a92446435820bd54b8004043262db0a8686bd579dcf16f50e9bfa20abfa3a", 0x33)
read$auto(r3, 0x0, 0x20)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc)
semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff)

820.098698ms ago: executing program 1 (id=1919):
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(r2, 0x5, 0x8)
r3 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x13, &(0x7f0000000000), 0x2)
sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f0000000000)={0x0, 0x45, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYRES16=r3, @ANYRESHEX=r1, @ANYRES8=r1], 0x28}, 0x1, 0x0, 0x0, 0x24040071}, 0x800)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x2, 0x0)
r4 = socket(0xa, 0x3, 0x3)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x6)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x0)
socket(0x5, 0x1, 0x200002)
socket(0x2, 0x3, 0x104)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
bind$auto(r4, 0x0, 0x6f)
connect$auto(r4, 0x0, 0x55)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)

523.621982ms ago: executing program 1 (id=1920):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000580)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9\xe8\xb2\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6E*\xc9\xdd.q\xdbAX\xf6\xfaD\xcdz\xbc~\xf30LE\xb5\x18Wf\xd3\x9b\\\x1c\xbb^\xfb9\xe5\x1b:\xa4\xdd\x81\x91\\\xbc\x1fUl\xfa)\xbf\x9dPV\xae\xa9\x9c)\x01|\xfe\xd0!Rx\a\xc4\xb1$\x8eE\xc2j\x83sLS\xa8H\xf6\xf2,R\x90:\x8fx\xab\x90\xfe$h\x80!\xe2\nY#\xee\x1b}O=\x8bn\xd7zZ\x18\xa7\x9e~\x94k\x8e\xdba\xf2\xc3G\x8egR3\x1d\x01J\x87\x14(}\f\xb1}%N|z,\xbe\x1fB\xd3\xeb\xec\x83X\x8f\x97\x95\xfd\xed\xe6wt\x1d\xb3\xa8\xfb)L~}\x9f\xbf\xd0\xc9\x9d\x82-C\xc3Ez@\x8c\xbf\xa2 \x88\\\r6M\x83', 0x4, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000)
pread64$auto(0xffffffffffffffff, 0x0, 0x10, 0xfffefffffffff72f)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x2, 0x1, 0x8, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x80a, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
write$auto_force_suspend_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto(0xffffffffffffffff, 0x4b45, 0x0)
rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/usb/usbmon/35u\x00', 0x20100, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0)
r2 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8, @ANYRES32=0x0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x2400c0c0}, 0x2004c802)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)

244.536773ms ago: executing program 4 (id=1921):
get_mempolicy$auto(&(0x7f0000000040)=0x589, &(0x7f0000000080)=0x9, 0x100, 0x8, 0xea5d)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/tdls_wider_bw\x00', 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
read$auto(0x3, 0x0, 0x7)

36.676822ms ago: executing program 4 (id=1922):
mkdir$auto(&(0x7f0000000180)='}[,&*}\x00', 0x8001)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0x100082)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
sysfs$auto(0x2, 0x10000000000002e, 0x0)
fsopen$auto(0x0, 0x1)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x10b142, 0x0)
write$auto(r0, &(0x7f0000000140)='0\x00\xb9:\xaa\xc1\r\x02T\xf5\b\x00\x00\x00\x00\x00\x00\x00\xa1\xd0\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xcc!\"\xa6\"jH\xcd\x10&b/\x9a\xf1w\xddS\x87\xd1vi\xa9\xeaM\x1dY\xa6\x8d\xf2\\\xac\xe1\xcf\xf7\xff\xff\x148\t\xba\xa0Z\x00M\xbcHM{\xa9\xf1R3X\xdfMbe\t\t\x86\x11v\xa2W\x93m\xd9\x93\x98.7Z\xe7|\x9f\x88\x05\x9ej\xc5\xfaT\xa0\x9a\\i\xd1\xb3\x02\xfa\xfeaq\x8d\xf1\xba\xaf\xcc\xce\xb2\xd3~TR\xf1\xad\xd0\x90n\xb6\xd0\xfc(p\xa3\xabk\x19\xcb\xfda\xff&\xad1\x95\xc5\xa9Gb\xe3\xa4\xf1\xe2\x91\x0e\x91iy\xba%+=\xb7\xd3D,\x19\b\x00\x00\x00\x00\x00\x00\x00\xadG\x94\v\xff\xa4\xfc\x95\x00By\xe9\x80\xd3U\xcd9\xe0\xbc\x8cK\xf3\xfd\x89\xda\xaeH.\xe3\x95Xbw\x02\x99\x03\x00\x00\x00\x00\x00\x00\x00\xaf\xc3\x89\x91\x19\xfc+\xe9l\xd3\xf5\x00\x00\x00\x00\x00\x00\x00\x85%c\xa6\x0f\xcfI\xb4a\x1d\xc4\x8f\x12X\xdf\xc2\xd7\x8e\xf4\xb9_\xf6\x10\xfc\x9b\xce\xab\xcf\xa9_\x88\xf4\x1b\x12\x12N\f\x84\r\vsI\x86\xe9\xe6J\xb8\xe4\x8f\x02\x9e\xf45\xd9\xf1\xbd\xfd\x97\xd8OU\t\x9e2K\xe2*~\x9dIe\x00\x00\x00\x00\x00\x00\xce;E\x8c\x05~\x1f\xa5\xa4\x9d\xf6\'\xc4\xf7\xa3\xf2\xfb\x85z>\xd71\xb8\x83\x8e\xa9c6I\x8f\x00\xb2\x03\xfd3\xb8\xe9Xo\xaa\xaeg\xb3\x9e\x8fM:\xa5\x1c \xbe\xfe\"\xa1\x11\xf4~\xa1\x90D/e\xe1\xb1C:}\xd2\x9dT\xc1\xd6[Ld\x06\xee\xc6\xe4\x99uT\xfdl\x94\xe1:\'2aO\xf1\xfa8l\n\xe0l\x1c\x89\xd7U\x99\xe9d?\x04\xd8\xf3\x9c\xd8t\x88@\x89\x15p\x84\xad\xa3V=,U\xa4_\xb9\xa7\xd7O\x91\xb2\x03\xbe\xd5\xa8\x03o\x0e\xa7\x93\xabubg\x10\x19\x82D\xa7\xae9\xf1\xc0\n\xfe;n)OAV\xfe\x8fE-\xea\x7fzO0\xde\xc0WK\xe1\x9b\xfe\xbfR\x8c$p\xf0\xe4\xa5\xbe_\x8d:\xd6\xc5\xf5\x80+\xe6O\xbeH\x86<\xdcJq\xe9\xab\x00\xab\x8e\xff\xd0\xb2\t\x14\xc0\xe5\xce\xe4\b\xc3qB', 0x7e)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd.', 0xd, 0x0)

0s ago: executing program 1 (id=1923):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
mq_notify$auto(0x4, &(0x7f0000000040)={@sival_int=0x5de7, @inferred, 0x2, @_tid})
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040), 0x8000, 0x1}, 0x8}, 0x1, 0x9)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/admmidi2\x00', 0x200802, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000200), 0x49643, 0x0)
r2 = openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim2/psample/out_tc\x00', 0x4300, 0x0)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x6, 0xfffffffa, 0x0, 0x85)
shutdown$auto(r2, 0x6)
connect$auto(0x3, &(0x7f00000018c0)=@ethernet={0x1, @remote}, 0x8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_rfcomm_sock_debugfs_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)

kernel console output (not intermixed with test programs):

T12819]  <TASK>
[  508.097272][T12819]  dump_stack_lvl+0x16c/0x1f0
[  508.097304][T12819]  dump_header+0x101/0x930
[  508.097332][T12819]  oom_kill_process+0x272/0xa40
[  508.097363][T12819]  out_of_memory+0x350/0x1700
[  508.097398][T12819]  ? __pfx_out_of_memory+0x10/0x10
[  508.097433][T12819]  mem_cgroup_out_of_memory+0x118/0x130
[  508.097473][T12819]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  508.097519][T12819]  ? do_raw_spin_unlock+0x172/0x230
[  508.097550][T12819]  try_charge_memcg+0x695/0xd30
[  508.097589][T12819]  ? __pfx_try_charge_memcg+0x10/0x10
[  508.097621][T12819]  ? __print_lock_name+0xb1/0xe0
[  508.097648][T12819]  ? rcu_read_unlock+0x17/0x60
[  508.097690][T12819]  charge_memcg+0x8a/0x230
[  508.097722][T12819]  __mem_cgroup_charge+0x2b/0x1e0
[  508.097758][T12819]  shmem_alloc_and_add_folio+0x50c/0xc20
[  508.097794][T12819]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  508.097824][T12819]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[  508.097861][T12819]  shmem_get_folio_gfp+0x67f/0x1610
[  508.097904][T12819]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  508.097931][T12819]  ? timestamp_truncate+0x21e/0x2d0
[  508.097967][T12819]  shmem_write_begin+0x160/0x300
[  508.097999][T12819]  ? __pfx_shmem_write_begin+0x10/0x10
[  508.098023][T12819]  ? inode_set_ctime_current+0x2a1/0x8f0
[  508.098056][T12819]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  508.098098][T12819]  generic_perform_write+0x3c4/0x900
[  508.098147][T12819]  ? __pfx_generic_perform_write+0x10/0x10
[  508.098189][T12819]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  508.098219][T12819]  ? generic_update_time+0xcf/0xf0
[  508.098248][T12819]  ? mnt_put_write_access_file+0x45/0xf0
[  508.098278][T12819]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  508.098308][T12819]  shmem_file_write_iter+0x10e/0x140
[  508.098341][T12819]  __kernel_write_iter+0x31a/0xb10
[  508.098374][T12819]  ? __pfx___kernel_write_iter+0x10/0x10
[  508.098402][T12819]  ? __up_read+0x1f8/0x750
[  508.098443][T12819]  ? dump_user_range+0x756/0xb70
[  508.098467][T12819]  ? __kernel_write_iter+0x396/0xb10
[  508.098501][T12819]  dump_user_range+0x413/0xb70
[  508.098536][T12819]  ? __pfx_dump_user_range+0x10/0x10
[  508.098564][T12819]  ? elf_coredump_extra_notes_write+0xbd/0x4f0
[  508.098610][T12819]  ? __pfx_writenote+0x10/0x10
[  508.098647][T12819]  elf_core_dump+0x29c3/0x3c00
[  508.098694][T12819]  ? __pfx_elf_core_dump+0x10/0x10
[  508.098728][T12819]  ? trace_sched_exit_tp+0xd1/0x120
[  508.098773][T12819]  ? 0xffffffffff600000
[  508.098799][T12819]  ? lockdep_hardirqs_on+0x7c/0x110
[  508.098838][T12819]  ? __pfx___schedule+0x10/0x10
[  508.098914][T12819]  ? vfs_coredump+0x2b9f/0x5670
[  508.098938][T12819]  vfs_coredump+0x2b9f/0x5670
[  508.098978][T12819]  ? __pfx_vfs_coredump+0x10/0x10
[  508.099005][T12819]  ? __lock_acquire+0x622/0x1c90
[  508.099052][T12819]  ? lock_acquire+0x179/0x350
[  508.099101][T12819]  ? is_bpf_text_address+0x8a/0x1a0
[  508.099135][T12819]  ? bpf_ksym_find+0x124/0x1c0
[  508.099172][T12819]  ? unwind_get_return_address+0x59/0xa0
[  508.099200][T12819]  ? arch_stack_walk+0xa6/0x100
[  508.099241][T12819]  ? stack_trace_save+0x8e/0xc0
[  508.099269][T12819]  ? __pfx_stack_trace_save+0x10/0x10
[  508.099299][T12819]  ? stack_depot_save_flags+0x29/0x9c0
[  508.099339][T12819]  ? __lock_acquire+0xb8a/0x1c90
[  508.099434][T12819]  ? proc_coredump_connector+0x2d1/0x4f0
[  508.099463][T12819]  ? __pfx_proc_coredump_connector+0x10/0x10
[  508.099500][T12819]  ? rcu_is_watching+0x12/0xc0
[  508.099531][T12819]  get_signal+0x22e1/0x26d0
[  508.099573][T12819]  ? __pfx_get_signal+0x10/0x10
[  508.099603][T12819]  ? force_sig_fault+0xc4/0x100
[  508.099630][T12819]  ? __pfx_force_sig_fault+0x10/0x10
[  508.099663][T12819]  arch_do_signal_or_restart+0x8f/0x790
[  508.099696][T12819]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  508.099750][T12819]  irqentry_exit_to_user_mode+0x176/0x310
[  508.099784][T12819]  asm_exc_page_fault+0x26/0x30
[  508.099809][T12819] RIP: 0033:0x7f94fd18f7d1
[  508.099829][T12819] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  508.099853][T12819] RSP: 002b:fffffffffffffffa EFLAGS: 00010217
[  508.099873][T12819] RAX: 0000000000000000 RBX: 00007f94fd3e6090 RCX: 00007f94fd18f7c9
[  508.099897][T12819] RDX: ffffffffffffffff RSI: fffffffffffffffa RDI: 0000000000008ffe
[  508.099913][T12819] RBP: 00007f94fd213f91 R08: 0000000000000008 R09: 0000000000000000
[  508.099929][T12819] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000
[  508.099944][T12819] R13: 00007f94fd3e6128 R14: 00007f94fd3e6090 R15: 00007ffc1470bb58
[  508.099968][T12819]  ? 0xffffffffff600000
[  508.099999][T12819]  </TASK>
[  508.100009][T12819] memory: usage 307200kB, limit 307200kB, failcnt 22612
[  508.636358][T12819] memory+swap: usage 432180kB, limit 9007199254740988kB, failcnt 0
[  508.662499][T12988] chnl_net:caif_netlink_parms(): no params data found
[  508.684038][T12819] kmem: usage 6712kB, limit 9007199254740988kB, failcnt 0
[  508.730887][T12819] Memory cgroup stats for /syz2:
[  508.731184][T12819] cache 307552256
[  508.739783][T12819] rss 139264
[  509.148460][T12819] rss_huge 0
[  509.168621][T12819] shmem 307531776
[  509.172310][T12819] mapped_file 0
[  509.175776][T12819] dirty 0
[  509.178764][T12819] writeback 0
[  509.184623][T12819] workingset_refault_anon 3288
[  509.190003][T12819] workingset_refault_file 566
[  509.194696][T12819] swap 127979520
[  509.214272][T12819] swapcached 8192
[  509.218038][T12819] pgpgin 597282
[  509.333476][T12819] pgpgout 524839
[  509.337076][T12819] pgfault 513568
[  509.437324][T12819] pgmajfault 522
[  509.440912][T12819] inactive_anon 43180032
[  509.445152][T12819] active_anon 264499200
[  509.460311][T12819] inactive_file 16384
[  509.463319][T12988] bridge0: port 1(bridge_slave_0) entered blocking state
[  509.467169][T12819] active_file 4096
[  509.475072][T12819] unevictable 0
[  509.477273][T12988] bridge0: port 1(bridge_slave_0) entered disabled state
[  509.485842][T12988] bridge_slave_0: entered allmulticast mode
[  509.495487][T12988] bridge_slave_0: entered promiscuous mode
[  509.497738][T12819] hierarchical_memory_limit 314572800
[  509.505738][T12988] bridge0: port 2(bridge_slave_1) entered blocking state
[  509.514803][T12988] bridge0: port 2(bridge_slave_1) entered disabled state
[  509.522159][T12988] bridge_slave_1: entered allmulticast mode
[  509.531877][T12988] bridge_slave_1: entered promiscuous mode
[  509.539952][T12819] hierarchical_memsw_limit 9223372036854771712
[  509.546118][T12819] total_cache 307552256
[  509.586700][T12819] total_rss 139264
[  509.590461][T12819] total_rss_huge 0
[  509.594181][T12819] total_shmem 307531776
[  509.626561][T12819] total_mapped_file 0
[  509.630584][T12819] total_dirty 0
[  509.634041][T12819] total_writeback 0
[  509.679007][T12988] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  509.688295][T12819] total_workingset_refault_anon 3288
[  509.693600][T12819] total_workingset_refault_file 566
[  509.766292][T12236] Bluetooth: hci4: command tx timeout
[  509.776018][T12819] total_swap 127979520
[  509.780113][T12819] total_swapcached 8192
[  509.784278][T12819] total_pgpgin 597282
[  509.802328][T12988] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  509.843532][T12988] team0: Port device team_slave_0 added
[  509.852419][T12988] team0: Port device team_slave_1 added
[  509.858540][T12819] total_pgpgout 524839
[  509.862614][T12819] total_pgfault 513568
[  509.895314][T12819] total_pgmajfault 522
[  509.899424][T12819] total_inactive_anon 43180032
[  509.904182][T12819] total_active_anon 264499200
[  509.911125][T12988] batman_adv: batadv0: Adding interface: batadv_slave_0
[  509.918791][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  509.945931][T12988] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  509.968444][T12988] batman_adv: batadv0: Adding interface: batadv_slave_1
[  509.984927][T12819] total_inactive_file 16384
[  509.989524][T12988] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  510.017563][T12819] total_active_file 4096
[  510.022361][T12819] total_unevictable 0
[  510.074466][T12819] anon_cost 0
[  510.077788][T12819] file_cost 0
[  510.081075][T12819] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.1554,pid=12835,uid=0
[  510.101603][T12988] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  510.157093][T12819] Memory cgroup out of memory: Killed process 12835 (syz.2.1554) total-vm:102688kB, anon-rss:1264kB, file-rss:43504kB, shmem-rss:0kB, UID:0 pgtables:196kB oom_score_adj:1000
[  510.189010][T12988] hsr_slave_0: entered promiscuous mode
[  510.195913][T12988] hsr_slave_1: entered promiscuous mode
[  510.202304][T12988] debugfs: 'hsr0' already exists in 'hsr'
[  510.208102][T12988] Cannot create hsr debugfs directory
[  510.397814][T12835] Process accounting paused
[  511.836781][T12236] Bluetooth: hci4: command tx timeout
[  512.456340][T12988] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  512.722543][   T32] oom_reaper: reaped process 12835 (syz.2.1554), now anon-rss:108kB, file-rss:42292kB, shmem-rss:0kB
[  513.060381][T12813] syz.2.1554 (12813) used greatest stack depth: 19256 bytes left
[  513.865253][T12988] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  513.906874][T12236] Bluetooth: hci4: command tx timeout
[  513.956296][T12825] syz.2.1554 (12825) used greatest stack depth: 19240 bytes left
[  514.090337][T12988] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  514.331021][T12823] syz.2.1554 (12823) used greatest stack depth: 17880 bytes left
[  514.364273][T12988] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  514.375987][T13022] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  514.382036][T13022] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  514.390327][T13022] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  514.404112][T13022] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  514.424169][T13022] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  514.433970][T13022] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  514.577289][T13022] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  514.618890][T12807] syz.2.1554 (12807) used greatest stack depth: 17864 bytes left
[  514.647731][T12988] 8021q: adding VLAN 0 to HW filter on device bond0
[  514.720234][T12988] 8021q: adding VLAN 0 to HW filter on device team0
[  514.753708][T12118] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.760875][T12118] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.798930][T12118] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.806172][T12118] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.318142][T13056] device-mapper: ioctl: only supply one of name or uuid, cmd(12)
[  515.328029][T12988] 8021q: adding VLAN 0 to HW filter on device batadv0
[  516.102224][T12988] veth0_vlan: entered promiscuous mode
[  516.119064][T12988] veth1_vlan: entered promiscuous mode
[  516.199022][T12988] veth0_macvtap: entered promiscuous mode
[  516.215139][T12988] veth1_macvtap: entered promiscuous mode
[  516.259826][T12988] batman_adv: batadv0: Interface activated: batadv_slave_0
[  516.270540][T12988] batman_adv: batadv0: Interface activated: batadv_slave_1
[  516.280917][T12136] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  516.280979][T12136] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  516.281003][T12136] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  516.281027][T12136] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  516.464547][T12119] Bluetooth: hci2: command 0x0c1a tx timeout
[  516.464612][T12119] Bluetooth: hci0: command 0x0406 tx timeout
[  516.464651][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  516.464698][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  516.464774][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  516.542153][T12136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  516.542203][T12136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  516.719849][T12122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  516.735115][T12122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  516.873360][T13079] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„
[  516.900790][T13067] FAULT_INJECTION: forcing a failure.
[  516.900790][T13067] name fail_futex, interval 1, probability 0, space 0, times 0
[  516.935417][T13067] CPU: 1 UID: 7 PID: 13067 Comm: syz.0.1606 Not tainted syzkaller #0 PREEMPT(full) 
[  516.935440][T13067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  516.935449][T13067] Call Trace:
[  516.935454][T13067]  <TASK>
[  516.935460][T13067]  dump_stack_lvl+0x16c/0x1f0
[  516.935483][T13067]  should_fail_ex+0x512/0x640
[  516.935513][T13067]  get_futex_key+0x1d0/0x1560
[  516.935534][T13067]  ? __pfx_get_futex_key+0x10/0x10
[  516.935558][T13067]  futex_wake+0xea/0x530
[  516.935578][T13067]  ? lock_acquire+0x179/0x350
[  516.935599][T13067]  ? __pfx_futex_wake+0x10/0x10
[  516.935623][T13067]  ? find_ucounts+0x222/0x3e0
[  516.935650][T13067]  do_futex+0x1e3/0x350
[  516.935675][T13067]  ? __pfx_do_futex+0x10/0x10
[  516.935694][T13067]  ? dec_rlimit_ucounts+0x114/0x170
[  516.935716][T13067]  __x64_sys_futex+0x1e0/0x4c0
[  516.935737][T13067]  ? __pfx___x64_sys_futex+0x10/0x10
[  516.935758][T13067]  ? __sys_setresuid+0x6ad/0x1160
[  516.935777][T13067]  do_syscall_64+0xcd/0xfa0
[  516.935794][T13067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.935808][T13067] RIP: 0033:0x7f6c6bd8f7c9
[  516.935820][T13067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.935833][T13067] RSP: 002b:00007f6c6cbc10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  516.935846][T13067] RAX: ffffffffffffffda RBX: 00007f6c6bfe6098 RCX: 00007f6c6bd8f7c9
[  516.935856][T13067] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6c6bfe609c
[  516.935864][T13067] RBP: 00007f6c6bfe6090 R08: 00007f6c6cbe3000 R09: 0000000000000000
[  516.935872][T13067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  516.935880][T13067] R13: 00007f6c6bfe6128 R14: 00007ffcb3c17100 R15: 00007ffcb3c171e8
[  516.935898][T13067]  </TASK>
[  518.374728][T13124] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  518.408844][T13124] CPU: 0 UID: 0 PID: 13124 Comm: syz.2.1621 Not tainted syzkaller #0 PREEMPT(full) 
[  518.408868][T13124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  518.408876][T13124] Call Trace:
[  518.408881][T13124]  <TASK>
[  518.408888][T13124]  dump_stack_lvl+0x16c/0x1f0
[  518.408910][T13124]  sysfs_warn_dup+0x7f/0xa0
[  518.408929][T13124]  sysfs_do_create_link_sd+0x124/0x140
[  518.408948][T13124]  sysfs_create_link+0x61/0xc0
[  518.408965][T13124]  device_add+0x62c/0x1aa0
[  518.408988][T13124]  ? __pfx_device_add+0x10/0x10
[  518.409007][T13124]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  518.409031][T13124]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  518.409052][T13124]  wiphy_register+0x1eb0/0x2b20
[  518.409070][T13124]  ? netdev_run_todo+0x864/0x1320
[  518.409091][T13124]  ? __pfx_wiphy_register+0x10/0x10
[  518.409119][T13124]  ieee80211_register_hw+0x253d/0x4120
[  518.409145][T13124]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  518.409163][T13124]  ? __pfx___debug_object_init+0x10/0x10
[  518.409183][T13124]  ? find_held_lock+0x2b/0x80
[  518.409198][T13124]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  518.409219][T13124]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  518.409237][T13124]  ? __hrtimer_setup+0x176/0x280
[  518.409259][T13124]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  518.409286][T13124]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  518.409302][T13124]  ? __asan_memcpy+0x3c/0x60
[  518.409319][T13124]  hwsim_new_radio_nl+0xba2/0x1330
[  518.409336][T13124]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  518.409357][T13124]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  518.409375][T13124]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  518.409410][T13124]  genl_family_rcv_msg_doit+0x209/0x2f0
[  518.409431][T13124]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  518.409455][T13124]  ? bpf_lsm_capable+0x9/0x10
[  518.409473][T13124]  ? security_capable+0x7e/0x260
[  518.409493][T13124]  ? ns_capable+0xd7/0x110
[  518.409509][T13124]  genl_rcv_msg+0x55c/0x800
[  518.409528][T13124]  ? __pfx_genl_rcv_msg+0x10/0x10
[  518.409545][T13124]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  518.409567][T13124]  netlink_rcv_skb+0x158/0x420
[  518.409581][T13124]  ? __pfx_genl_rcv_msg+0x10/0x10
[  518.409598][T13124]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  518.409626][T13124]  genl_rcv+0x28/0x40
[  518.409640][T13124]  netlink_unicast+0x5aa/0x870
[  518.409657][T13124]  ? __pfx_netlink_unicast+0x10/0x10
[  518.409671][T13124]  ? __pfx___might_resched+0x10/0x10
[  518.409692][T13124]  netlink_sendmsg+0x8c8/0xdd0
[  518.409710][T13124]  ? __pfx_netlink_sendmsg+0x10/0x10
[  518.409727][T13124]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  518.409750][T13124]  ____sys_sendmsg+0xa98/0xc70
[  518.409768][T13124]  ? copy_msghdr_from_user+0x10a/0x160
[  518.409781][T13124]  ? __pfx_____sys_sendmsg+0x10/0x10
[  518.409803][T13124]  ? __pfx_futex_wake_mark+0x10/0x10
[  518.409826][T13124]  ___sys_sendmsg+0x134/0x1d0
[  518.409838][T13124]  ? find_held_lock+0x2b/0x80
[  518.409853][T13124]  ? __pfx____sys_sendmsg+0x10/0x10
[  518.409864][T13124]  ? __lock_acquire+0x622/0x1c90
[  518.409905][T13124]  __sys_sendmsg+0x16d/0x220
[  518.409919][T13124]  ? __pfx___sys_sendmsg+0x10/0x10
[  518.409932][T13124]  ? __x64_sys_futex+0x1e0/0x4c0
[  518.409961][T13124]  do_syscall_64+0xcd/0xfa0
[  518.409979][T13124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.409994][T13124] RIP: 0033:0x7f94fd18f7c9
[  518.410007][T13124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.410020][T13124] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  518.410034][T13124] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  518.410043][T13124] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  518.410052][T13124] RBP: 00007f94fd213f91 R08: 0000000000000000 R09: 0000000000000000
[  518.410060][T13124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  518.410068][T13124] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  518.410088][T13124]  </TASK>
[  518.828864][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  519.281943][T13130] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  519.307777][T13130] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  519.318408][T13130] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  519.352491][T13130] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  519.358917][T13130] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  520.805154][T13155] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  520.814090][T13155] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  520.827569][T13155] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  520.834385][T13155] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  520.840594][T13155] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  521.538768][T13177] openvswitch: netlink: nsh attr 36 is out of range max 3
[  521.918630][T13182] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  521.931609][T13182] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  521.999487][T13182] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  522.015252][T13182] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  522.067410][T13182] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  522.896172][T13207] FAULT_INJECTION: forcing a failure.
[  522.896172][T13207] name fail_futex, interval 1, probability 0, space 0, times 0
[  522.909452][T13207] CPU: 0 UID: 0 PID: 13207 Comm: syz.2.1637 Not tainted syzkaller #0 PREEMPT(full) 
[  522.909490][T13207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  522.909506][T13207] Call Trace:
[  522.909515][T13207]  <TASK>
[  522.909525][T13207]  dump_stack_lvl+0x16c/0x1f0
[  522.909565][T13207]  should_fail_ex+0x512/0x640
[  522.909609][T13207]  get_futex_key+0x1d0/0x1560
[  522.909647][T13207]  ? __pfx_get_futex_key+0x10/0x10
[  522.909693][T13207]  futex_wake+0xea/0x530
[  522.909736][T13207]  ? __pfx_futex_wake+0x10/0x10
[  522.909779][T13207]  ? sctp_setsockopt+0x173/0xb870
[  522.909825][T13207]  do_futex+0x1e3/0x350
[  522.909860][T13207]  ? __pfx_do_futex+0x10/0x10
[  522.909892][T13207]  ? rcu_is_watching+0x12/0xc0
[  522.909920][T13207]  ? kfree+0x252/0x6d0
[  522.909943][T13207]  ? aa_sock_opt_perm+0xfd/0x1c0
[  522.909990][T13207]  __x64_sys_futex+0x1e0/0x4c0
[  522.910032][T13207]  ? __pfx___x64_sys_futex+0x10/0x10
[  522.910068][T13207]  ? __sys_setsockopt+0x140/0x1a0
[  522.910116][T13207]  do_syscall_64+0xcd/0xfa0
[  522.910148][T13207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.910174][T13207] RIP: 0033:0x7f94fd18f7c9
[  522.910194][T13207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.910219][T13207] RSP: 002b:00007f94fb3d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  522.910242][T13207] RAX: ffffffffffffffda RBX: 00007f94fd3e6098 RCX: 00007f94fd18f7c9
[  522.910260][T13207] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f94fd3e609c
[  522.910275][T13207] RBP: 00007f94fd3e6090 R08: 00007f94fdf3e000 R09: 0000000000000000
[  522.910291][T13207] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  522.910307][T13207] R13: 00007f94fd3e6128 R14: 00007ffc1470ba70 R15: 00007ffc1470bb58
[  522.910343][T13207]  </TASK>
[  523.939285][T12236] Bluetooth: hci3: command 0x0406 tx timeout
[  523.945425][T12133] Bluetooth: hci1: command 0x0406 tx timeout
[  524.020341][T12133] Bluetooth: hci0: command 0x0406 tx timeout
[  524.026390][T12236] Bluetooth: hci2: command 0x0c1a tx timeout
[  524.099238][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  524.608722][T13237] FAULT_INJECTION: forcing a failure.
[  524.608722][T13237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.666044][T13237] CPU: 1 UID: 0 PID: 13237 Comm: syz.2.1646 Not tainted syzkaller #0 PREEMPT(full) 
[  524.666099][T13237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  524.666115][T13237] Call Trace:
[  524.666123][T13237]  <TASK>
[  524.666133][T13237]  dump_stack_lvl+0x16c/0x1f0
[  524.666176][T13237]  should_fail_ex+0x512/0x640
[  524.666218][T13237]  _copy_from_user+0x2e/0xd0
[  524.666258][T13237]  memdup_user+0x6b/0xe0
[  524.666287][T13237]  nvram_misc_write+0x92/0xf0
[  524.666319][T13237]  ? __pfx_nvram_misc_write+0x10/0x10
[  524.666349][T13237]  vfs_write+0x2a0/0x11d0
[  524.666385][T13237]  ? __pfx_vfs_write+0x10/0x10
[  524.666416][T13237]  ? find_held_lock+0x2b/0x80
[  524.666444][T13237]  ? __fget_files+0x204/0x3c0
[  524.666476][T13237]  ? __fget_files+0x20e/0x3c0
[  524.666512][T13237]  ksys_write+0x12a/0x250
[  524.666540][T13237]  ? __pfx_ksys_write+0x10/0x10
[  524.666578][T13237]  do_syscall_64+0xcd/0xfa0
[  524.666611][T13237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.666638][T13237] RIP: 0033:0x7f94fd18f7c9
[  524.666658][T13237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  524.666682][T13237] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  524.666705][T13237] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  524.666721][T13237] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  524.666736][T13237] RBP: 00007f94fb3f6090 R08: 0000000000000000 R09: 0000000000000000
[  524.666751][T13237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.666766][T13237] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  524.666800][T13237]  </TASK>
[  524.847148][    C1] vkms_vblank_simulate: vblank timer overrun
[  525.132495][T13199] kexec: Could not allocate control_code_buffer
[  525.925109][T13249] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1652'.
[  526.721144][T13268] netlink: 21 bytes leftover after parsing attributes in process `syz.2.1654'.
[  526.854629][T13275] netlink: 'syz.1.1656': attribute type 1 has an invalid length.
[  526.890848][T13275] netlink: 190 bytes leftover after parsing attributes in process `syz.1.1656'.
[  526.969585][T13280] FAULT_INJECTION: forcing a failure.
[  526.969585][T13280] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  527.011786][T13280] CPU: 1 UID: 0 PID: 13280 Comm: syz.2.1657 Not tainted syzkaller #0 PREEMPT(full) 
[  527.011821][T13280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  527.011837][T13280] Call Trace:
[  527.011845][T13280]  <TASK>
[  527.011855][T13280]  dump_stack_lvl+0x16c/0x1f0
[  527.011891][T13280]  should_fail_ex+0x512/0x640
[  527.011931][T13280]  should_fail_alloc_page+0xe7/0x130
[  527.011967][T13280]  prepare_alloc_pages+0x3c2/0x610
[  527.012006][T13280]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  527.012044][T13280]  ? __pfx___might_resched+0x10/0x10
[  527.012073][T13280]  ? find_held_lock+0x2b/0x80
[  527.012102][T13280]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  527.012199][T13280]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  527.012243][T13280]  ? policy_nodemask+0xea/0x4e0
[  527.012279][T13280]  alloc_pages_mpol+0x1fb/0x550
[  527.012314][T13280]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  527.012359][T13280]  alloc_pages_noprof+0x131/0x390
[  527.012394][T13280]  __pmd_alloc+0x3b/0x8b0
[  527.012431][T13280]  __handle_mm_fault+0xada/0x2aa0
[  527.012480][T13280]  ? mt_find+0x3e2/0xa20
[  527.012513][T13280]  ? __pfx___handle_mm_fault+0x10/0x10
[  527.012547][T13280]  ? __pfx_mt_find+0x10/0x10
[  527.012599][T13280]  ? find_vma+0xbf/0x140
[  527.012627][T13280]  ? __pfx_find_vma+0x10/0x10
[  527.012661][T13280]  handle_mm_fault+0x589/0xd10
[  527.012700][T13280]  ? __pkru_allows_pkey+0x21/0xb0
[  527.012751][T13280]  do_user_addr_fault+0x7a6/0x1370
[  527.012780][T13280]  ? rcu_is_watching+0x12/0xc0
[  527.012812][T13280]  exc_page_fault+0x64/0xc0
[  527.012843][T13280]  asm_exc_page_fault+0x26/0x30
[  527.012867][T13280] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  527.012904][T13280] Code: 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  527.012929][T13280] RSP: 0018:ffffc9000bd97c90 EFLAGS: 00050202
[  527.012950][T13280] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000072
[  527.012965][T13280] RDX: ffffed100b9cc26e RSI: 0000000000000000 RDI: ffff88805ce61300
[  527.012981][T13280] RBP: 0000000000000072 R08: 0000000000000001 R09: ffffed100b9cc26e
[  527.012996][T13280] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[  527.013010][T13280] R13: ffff88805ce61300 R14: 0000000000000000 R15: 0000000000000000
[  527.013045][T13280]  _copy_from_user+0x98/0xd0
[  527.013084][T13280]  memdup_user+0x6b/0xe0
[  527.013112][T13280]  nvram_misc_write+0x92/0xf0
[  527.013145][T13280]  ? __pfx_nvram_misc_write+0x10/0x10
[  527.013174][T13280]  vfs_write+0x2a0/0x11d0
[  527.013210][T13280]  ? __pfx_vfs_write+0x10/0x10
[  527.013235][T13280]  ? find_held_lock+0x2b/0x80
[  527.013261][T13280]  ? __fget_files+0x204/0x3c0
[  527.013294][T13280]  ? __fget_files+0x20e/0x3c0
[  527.013329][T13280]  ksys_write+0x12a/0x250
[  527.013356][T13280]  ? __pfx_ksys_write+0x10/0x10
[  527.013395][T13280]  do_syscall_64+0xcd/0xfa0
[  527.013428][T13280]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  527.013459][T13280] RIP: 0033:0x7f94fd18f7c9
[  527.013479][T13280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  527.013502][T13280] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  527.013525][T13280] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  527.013542][T13280] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  527.013557][T13280] RBP: 00007f94fb3f6090 R08: 0000000000000000 R09: 0000000000000000
[  527.013572][T13280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  527.013587][T13280] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  527.013624][T13280]  </TASK>
[  527.377349][    C1] vkms_vblank_simulate: vblank timer overrun
[  527.454529][T13277] ima: policy update failed
[  527.461021][   T30] audit: type=1802 audit(4294968496.129:11): pid=13277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1656" res=0 errno=0
[  530.589371][T13321] FAULT_INJECTION: forcing a failure.
[  530.589371][T13321] name failslab, interval 1, probability 0, space 0, times 0
[  530.617783][T13321] CPU: 1 UID: 0 PID: 13321 Comm: syz.4.1667 Not tainted syzkaller #0 PREEMPT(full) 
[  530.617816][T13321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  530.617829][T13321] Call Trace:
[  530.617837][T13321]  <TASK>
[  530.617845][T13321]  dump_stack_lvl+0x16c/0x1f0
[  530.617877][T13321]  should_fail_ex+0x512/0x640
[  530.617910][T13321]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  530.617937][T13321]  should_failslab+0xc2/0x120
[  530.617967][T13321]  kmem_cache_alloc_noprof+0x75/0x6e0
[  530.617991][T13321]  ? __pmd_alloc+0xbf/0x8b0
[  530.618038][T13321]  ? __pmd_alloc+0xbf/0x8b0
[  530.618068][T13321]  __pmd_alloc+0xbf/0x8b0
[  530.618103][T13321]  __handle_mm_fault+0xada/0x2aa0
[  530.618144][T13321]  ? mt_find+0x3e2/0xa20
[  530.618178][T13321]  ? __pfx___handle_mm_fault+0x10/0x10
[  530.618212][T13321]  ? __pfx_mt_find+0x10/0x10
[  530.618262][T13321]  ? find_vma+0xbf/0x140
[  530.618290][T13321]  ? __pfx_find_vma+0x10/0x10
[  530.618322][T13321]  handle_mm_fault+0x589/0xd10
[  530.618361][T13321]  ? __pkru_allows_pkey+0x21/0xb0
[  530.618400][T13321]  do_user_addr_fault+0x7a6/0x1370
[  530.618428][T13321]  ? rcu_is_watching+0x12/0xc0
[  530.618459][T13321]  exc_page_fault+0x64/0xc0
[  530.618490][T13321]  asm_exc_page_fault+0x26/0x30
[  530.618514][T13321] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  530.618552][T13321] Code: 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  530.618575][T13321] RSP: 0018:ffffc9000ed3fc90 EFLAGS: 00050202
[  530.618595][T13321] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000072
[  530.618610][T13321] RDX: ffffed10113567ae RSI: 0000000000000000 RDI: ffff888089ab3d00
[  530.618626][T13321] RBP: 0000000000000072 R08: 0000000000000001 R09: ffffed10113567ae
[  530.618641][T13321] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000
[  530.618655][T13321] R13: ffff888089ab3d00 R14: 0000000000000000 R15: 0000000000000000
[  530.618689][T13321]  _copy_from_user+0x98/0xd0
[  530.618727][T13321]  memdup_user+0x6b/0xe0
[  530.618756][T13321]  nvram_misc_write+0x92/0xf0
[  530.618789][T13321]  ? __pfx_nvram_misc_write+0x10/0x10
[  530.618818][T13321]  vfs_write+0x2a0/0x11d0
[  530.618854][T13321]  ? __pfx_vfs_write+0x10/0x10
[  530.618878][T13321]  ? find_held_lock+0x2b/0x80
[  530.618905][T13321]  ? __fget_files+0x204/0x3c0
[  530.618935][T13321]  ? __fget_files+0x20e/0x3c0
[  530.618968][T13321]  ksys_write+0x12a/0x250
[  530.618993][T13321]  ? __pfx_ksys_write+0x10/0x10
[  530.619036][T13321]  do_syscall_64+0xcd/0xfa0
[  530.619068][T13321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.619094][T13321] RIP: 0033:0x7fae5578f7c9
[  530.619113][T13321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.619136][T13321] RSP: 002b:00007fae5665f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  530.619158][T13321] RAX: ffffffffffffffda RBX: 00007fae559e5fa0 RCX: 00007fae5578f7c9
[  530.619175][T13321] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[  530.619190][T13321] RBP: 00007fae5665f090 R08: 0000000000000000 R09: 0000000000000000
[  530.619206][T13321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.619222][T13321] R13: 00007fae559e6038 R14: 00007fae559e5fa0 R15: 00007fffe902b958
[  530.619258][T13321]  </TASK>
[  530.956334][    C1] vkms_vblank_simulate: vblank timer overrun
[  532.354037][T13329] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  532.460270][T13329] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  532.680653][T13329] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  532.686693][T13329] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  532.757948][T13329] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  533.313372][T13344] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  533.357017][T13344] CPU: 1 UID: 0 PID: 13344 Comm: syz.2.1673 Not tainted syzkaller #0 PREEMPT(full) 
[  533.357055][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  533.357072][T13344] Call Trace:
[  533.357081][T13344]  <TASK>
[  533.357092][T13344]  dump_stack_lvl+0x16c/0x1f0
[  533.357132][T13344]  sysfs_warn_dup+0x7f/0xa0
[  533.357166][T13344]  sysfs_do_create_link_sd+0x124/0x140
[  533.357204][T13344]  sysfs_create_link+0x61/0xc0
[  533.357238][T13344]  device_add+0x62c/0x1aa0
[  533.357282][T13344]  ? __pfx_device_add+0x10/0x10
[  533.357319][T13344]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  533.357365][T13344]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  533.357406][T13344]  wiphy_register+0x1eb0/0x2b20
[  533.357441][T13344]  ? netdev_run_todo+0x864/0x1320
[  533.357482][T13344]  ? __pfx_wiphy_register+0x10/0x10
[  533.357538][T13344]  ieee80211_register_hw+0x253d/0x4120
[  533.357590][T13344]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  533.357627][T13344]  ? __pfx___debug_object_init+0x10/0x10
[  533.357667][T13344]  ? find_held_lock+0x2b/0x80
[  533.357703][T13344]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  533.357748][T13344]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  533.357784][T13344]  ? __hrtimer_setup+0x176/0x280
[  533.357830][T13344]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  533.357884][T13344]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  533.357917][T13344]  ? __asan_memcpy+0x3c/0x60
[  533.357951][T13344]  hwsim_new_radio_nl+0xba2/0x1330
[  533.357984][T13344]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  533.358026][T13344]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  533.358075][T13344]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  533.358121][T13344]  genl_family_rcv_msg_doit+0x209/0x2f0
[  533.358159][T13344]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  533.358204][T13344]  ? bpf_lsm_capable+0x9/0x10
[  533.358238][T13344]  ? security_capable+0x7e/0x260
[  533.358276][T13344]  ? ns_capable+0xd7/0x110
[  533.358308][T13344]  genl_rcv_msg+0x55c/0x800
[  533.358346][T13344]  ? __pfx_genl_rcv_msg+0x10/0x10
[  533.358380][T13344]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  533.358423][T13344]  netlink_rcv_skb+0x158/0x420
[  533.358451][T13344]  ? __pfx_genl_rcv_msg+0x10/0x10
[  533.358485][T13344]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  533.358531][T13344]  ? netlink_deliver_tap+0x1ae/0xd30
[  533.358564][T13344]  genl_rcv+0x28/0x40
[  533.358592][T13344]  netlink_unicast+0x5aa/0x870
[  533.358626][T13344]  ? __pfx_netlink_unicast+0x10/0x10
[  533.358655][T13344]  ? __pfx___might_resched+0x10/0x10
[  533.358701][T13344]  netlink_sendmsg+0x8c8/0xdd0
[  533.358737][T13344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  533.358772][T13344]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  533.358819][T13344]  ____sys_sendmsg+0xa98/0xc70
[  533.358855][T13344]  ? copy_msghdr_from_user+0x10a/0x160
[  533.358882][T13344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  533.358925][T13344]  ? __pfx_futex_wake_mark+0x10/0x10
[  533.358971][T13344]  ___sys_sendmsg+0x134/0x1d0
[  533.359002][T13344]  ? __pfx____sys_sendmsg+0x10/0x10
[  533.359026][T13344]  ? __lock_acquire+0x622/0x1c90
[  533.359110][T13344]  __sys_sendmsg+0x16d/0x220
[  533.359138][T13344]  ? __pfx___sys_sendmsg+0x10/0x10
[  533.359163][T13344]  ? __x64_sys_futex+0x1e0/0x4c0
[  533.359223][T13344]  do_syscall_64+0xcd/0xfa0
[  533.359258][T13344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.359285][T13344] RIP: 0033:0x7f94fd18f7c9
[  533.359307][T13344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.359331][T13344] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  533.359357][T13344] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  533.359375][T13344] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  533.359391][T13344] RBP: 00007f94fd213f91 R08: 0000000000000000 R09: 0000000000000000
[  533.359406][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  533.359421][T13344] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  533.359460][T13344]  </TASK>
[  533.834992][T13349] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[  534.374428][T12236] Bluetooth: hci1: command 0x0406 tx timeout
[  534.529991][T12236] Bluetooth: hci3: command 0x0406 tx timeout
[  534.708058][T12236] Bluetooth: hci2: command 0x0c1a tx timeout
[  534.715021][T12236] Bluetooth: hci0: command 0x0406 tx timeout
[  534.769940][T12133] Bluetooth: hci4: command 0x0c1a tx timeout
[  535.494353][T13382] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1680'.
[  536.054299][T13380] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  536.096139][T13380] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  536.278180][T13380] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  536.400819][T13380] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  536.408184][T13380] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  536.610697][T13388] nla_validate_range_unsigned: 2 callbacks suppressed
[  536.610720][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.655491][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.789604][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.848609][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.898231][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.946460][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.965345][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  536.977879][T13388] netlink: 'syz.1.1682': attribute type 11 has an invalid length.
[  537.027363][T13388] debugfs: '!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211'
[  538.113927][T12236] Bluetooth: hci3: command 0x0406 tx timeout
[  538.122671][T12133] Bluetooth: hci1: command 0x0406 tx timeout
[  538.273344][T12236] Bluetooth: hci0: command 0x0406 tx timeout
[  538.436286][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  538.449246][T12133] Bluetooth: hci2: command 0x0c1a tx timeout
[  538.466348][T13424] overlayfs: missing 'lowerdir'
[  538.703249][T13426] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  538.713807][T13426] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  538.746434][T13426] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  538.788893][T13426] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  538.840477][T13426] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  539.302845][T13434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1692'.
[  540.425167][T13460] FAULT_INJECTION: forcing a failure.
[  540.425167][T13460] name failslab, interval 1, probability 0, space 0, times 0
[  540.461732][T13460] CPU: 0 UID: 0 PID: 13460 Comm: syz.1.1700 Not tainted syzkaller #0 PREEMPT(full) 
[  540.461772][T13460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  540.461788][T13460] Call Trace:
[  540.461797][T13460]  <TASK>
[  540.461808][T13460]  dump_stack_lvl+0x16c/0x1f0
[  540.461847][T13460]  should_fail_ex+0x512/0x640
[  540.461885][T13460]  ? fs_reclaim_acquire+0xae/0x150
[  540.461935][T13460]  should_failslab+0xc2/0x120
[  540.461972][T13460]  kmem_cache_alloc_noprof+0x75/0x6e0
[  540.462000][T13460]  ? __pfx_map_id_range_down+0x10/0x10
[  540.462025][T13460]  ? security_inode_alloc+0x3b/0x2b0
[  540.462069][T13460]  ? security_inode_alloc+0x3b/0x2b0
[  540.462106][T13460]  security_inode_alloc+0x3b/0x2b0
[  540.462146][T13460]  inode_init_always_gfp+0xce4/0x1030
[  540.462179][T13460]  alloc_inode+0x86/0x240
[  540.462215][T13460]  path_from_stashed+0x25b/0x750
[  540.462243][T13460]  ? do_raw_read_unlock+0x44/0xe0
[  540.462274][T13460]  ns_get_path+0x60/0x80
[  540.462301][T13460]  proc_ns_get_link+0x121/0x230
[  540.462333][T13460]  ? __pfx_proc_ns_get_link+0x10/0x10
[  540.462369][T13460]  ? atime_needs_update+0x8b/0x710
[  540.462407][T13460]  ? __pfx_proc_ns_get_link+0x10/0x10
[  540.462440][T13460]  step_into+0x196c/0x21a0
[  540.462473][T13460]  ? __pfx_step_into+0x10/0x10
[  540.462497][T13460]  ? find_held_lock+0x2b/0x80
[  540.462535][T13460]  path_openat+0x6db/0x2cb0
[  540.462581][T13460]  ? __pfx_path_openat+0x10/0x10
[  540.462610][T13460]  ? __lock_acquire+0xb8a/0x1c90
[  540.462647][T13460]  do_filp_open+0x20b/0x470
[  540.462676][T13460]  ? __pfx_do_filp_open+0x10/0x10
[  540.462729][T13460]  ? alloc_fd+0x471/0x7d0
[  540.462763][T13460]  do_sys_openat2+0x11b/0x1d0
[  540.462798][T13460]  ? __pfx_do_sys_openat2+0x10/0x10
[  540.462847][T13460]  __x64_sys_openat+0x174/0x210
[  540.462885][T13460]  ? __pfx___x64_sys_openat+0x10/0x10
[  540.462948][T13460]  do_syscall_64+0xcd/0xfa0
[  540.462984][T13460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.463011][T13460] RIP: 0033:0x7efec258e010
[  540.463032][T13460] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  540.463057][T13460] RSP: 002b:00007efec33dff10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  540.463084][T13460] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007efec258e010
[  540.463102][T13460] RDX: 0000000000000002 RSI: 00007efec33dffa0 RDI: 00000000ffffff9c
[  540.463119][T13460] RBP: 00007efec33dffa0 R08: 0000000000000000 R09: 0000000000000000
[  540.463136][T13460] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  540.463152][T13460] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  540.463190][T13460]  </TASK>
[  540.766225][T12133] Bluetooth: hci3: command 0x0406 tx timeout
[  540.772305][T12133] Bluetooth: hci1: command 0x0406 tx timeout
[  541.027303][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  541.033846][T12236] Bluetooth: hci2: command 0x0c1a tx timeout
[  541.040260][T12236] Bluetooth: hci0: command 0x0406 tx timeout
[  541.067379][T13457] Process accounting resumed
[  541.274357][T12133] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  541.512282][T13475] HfR: entered promiscuous mode
[  541.664087][T13473] netlink: set zone limit has 8 unknown bytes
[  541.988805][T13472] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  541.996807][T13472] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  542.242677][T13472] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  542.257378][T13472] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  542.271860][T13472] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  542.281235][T13472] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  542.701100][T13496] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  542.715675][T13496] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  542.735845][T13496] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  542.754099][T13496] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  542.763827][T13496] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  542.781842][T13503] netlink: zone id is out of range
[  542.789362][T13501] netlink: zone id is out of range
[  544.038920][T13526] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  544.059287][T13526] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  544.068414][T13526] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  544.075163][T13526] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  544.082368][T13526] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  544.788076][T13531] zswap: compressor  not available
[  545.654906][T13556] FAULT_INJECTION: forcing a failure.
[  545.654906][T13556] name failslab, interval 1, probability 0, space 0, times 0
[  545.719274][T13556] CPU: 0 UID: 0 PID: 13556 Comm: syz.2.1719 Not tainted syzkaller #0 PREEMPT(full) 
[  545.719314][T13556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  545.719330][T13556] Call Trace:
[  545.719339][T13556]  <TASK>
[  545.719349][T13556]  dump_stack_lvl+0x16c/0x1f0
[  545.719398][T13556]  should_fail_ex+0x512/0x640
[  545.719436][T13556]  ? __kmalloc_cache_noprof+0x5f/0x780
[  545.719465][T13556]  should_failslab+0xc2/0x120
[  545.719500][T13556]  __kmalloc_cache_noprof+0x72/0x780
[  545.719526][T13556]  ? landlock_merge_ruleset+0x118/0x870
[  545.719558][T13556]  ? landlock_merge_ruleset+0x118/0x870
[  545.719583][T13556]  landlock_merge_ruleset+0x118/0x870
[  545.719609][T13556]  ? prepare_creds+0x583/0x7d0
[  545.719650][T13556]  __do_sys_landlock_restrict_self+0x2a2/0x910
[  545.719697][T13556]  do_syscall_64+0xcd/0xfa0
[  545.719730][T13556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.719757][T13556] RIP: 0033:0x7f94fd18f7c9
[  545.719778][T13556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.719803][T13556] RSP: 002b:00007f94fb3d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
[  545.719828][T13556] RAX: ffffffffffffffda RBX: 00007f94fd3e6090 RCX: 00007f94fd18f7c9
[  545.719846][T13556] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000006
[  545.719861][T13556] RBP: 00007f94fd213f91 R08: 0000000000000000 R09: 0000000000000000
[  545.719878][T13556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  545.719894][T13556] R13: 00007f94fd3e6128 R14: 00007f94fd3e6090 R15: 00007ffc1470bb58
[  545.719928][T13556]  </TASK>
[  546.075476][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  546.081543][T12236] Bluetooth: hci2: command 0x0c1a tx timeout
[  546.087785][T12133] Bluetooth: hci0: command 0x0406 tx timeout
[  546.095070][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  546.098100][T13563] input: f¬
 as /devices/virtual/input/input17
[  546.101105][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  546.656870][T13573] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  546.659582][T13569] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1722'.
[  546.685814][T13573] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  546.692879][T13573] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  546.887896][T13573] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  547.090660][T13573] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  547.514243][T13589] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1728'.
[  548.702829][T12236] Bluetooth: hci0: command 0x0406 tx timeout
[  548.708910][T12236] Bluetooth: hci3: command 0x0406 tx timeout
[  548.715100][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  548.865827][T12236] Bluetooth: hci2: command 0x0c1a tx timeout
[  549.107289][T12236] Bluetooth: hci4: command 0x0c1a tx timeout
[  550.008352][T13637] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  550.261194][T13637] FAULT_INJECTION: forcing a failure.
[  550.261194][T13637] name fail_futex, interval 1, probability 0, space 0, times 0
[  550.345131][T13637] CPU: 0 UID: 0 PID: 13637 Comm: syz.4.1740 Not tainted syzkaller #0 PREEMPT(full) 
[  550.345167][T13637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  550.345181][T13637] Call Trace:
[  550.345190][T13637]  <TASK>
[  550.345200][T13637]  dump_stack_lvl+0x16c/0x1f0
[  550.345249][T13637]  should_fail_ex+0x512/0x640
[  550.345291][T13637]  get_futex_key+0x293/0x1560
[  550.345329][T13637]  ? __pfx_get_futex_key+0x10/0x10
[  550.345361][T13637]  ? __mutex_trylock_common+0xe9/0x250
[  550.345406][T13637]  futex_wake+0xea/0x530
[  550.345446][T13637]  ? __pfx_futex_wake+0x10/0x10
[  550.345480][T13637]  ? __lock_acquire+0xb8a/0x1c90
[  550.345528][T13637]  do_futex+0x1e3/0x350
[  550.345562][T13637]  ? __pfx_do_futex+0x10/0x10
[  550.345592][T13637]  ? __might_fault+0xe3/0x190
[  550.345627][T13637]  mm_release+0x24e/0x300
[  550.345657][T13637]  do_exit+0x68e/0x2bf0
[  550.345697][T13637]  ? __pfx_do_exit+0x10/0x10
[  550.345730][T13637]  ? do_raw_spin_lock+0x12c/0x2b0
[  550.345766][T13637]  ? find_held_lock+0x2b/0x80
[  550.345798][T13637]  do_group_exit+0xd3/0x2a0
[  550.345834][T13637]  get_signal+0x2671/0x26d0
[  550.345883][T13637]  ? __pfx_get_signal+0x10/0x10
[  550.345911][T13637]  ? do_futex+0x122/0x350
[  550.345944][T13637]  ? __pfx_do_futex+0x10/0x10
[  550.345980][T13637]  arch_do_signal_or_restart+0x8f/0x790
[  550.346014][T13637]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  550.346055][T13637]  ? xfd_validate_state+0x61/0x180
[  550.346088][T13637]  ? __pfx_do_writev+0x10/0x10
[  550.346121][T13637]  exit_to_user_mode_loop+0x85/0x130
[  550.346160][T13637]  do_syscall_64+0x426/0xfa0
[  550.346193][T13637]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.346219][T13637] RIP: 0033:0x7fae5578f7c9
[  550.346240][T13637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  550.346264][T13637] RSP: 002b:00007fae5665f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  550.346288][T13637] RAX: fffffffffffffe00 RBX: 00007fae559e5fa8 RCX: 00007fae5578f7c9
[  550.346304][T13637] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fae559e5fa8
[  550.346321][T13637] RBP: 00007fae559e5fa0 R08: 0000000000000000 R09: 0000000000000000
[  550.346337][T13637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  550.346352][T13637] R13: 00007fae559e6038 R14: 00007fffe902b870 R15: 00007fffe902b958
[  550.346389][T13637]  </TASK>
[  551.000701][T13634] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  551.007131][T13634] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  551.022640][T13634] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  551.028933][T13634] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  551.073600][T13634] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  551.482966][T13651] FAULT_INJECTION: forcing a failure.
[  551.482966][T13651] name failslab, interval 1, probability 0, space 0, times 0
[  551.505154][T13651] CPU: 0 UID: 0 PID: 13651 Comm: syz.1.1742 Not tainted syzkaller #0 PREEMPT(full) 
[  551.505188][T13651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  551.505202][T13651] Call Trace:
[  551.505210][T13651]  <TASK>
[  551.505220][T13651]  dump_stack_lvl+0x16c/0x1f0
[  551.505252][T13651]  should_fail_ex+0x512/0x640
[  551.505284][T13651]  ? __kmalloc_cache_noprof+0x5f/0x780
[  551.505313][T13651]  should_failslab+0xc2/0x120
[  551.505343][T13651]  __kmalloc_cache_noprof+0x72/0x780
[  551.505366][T13651]  ? ptrace_may_access+0x35/0x50
[  551.505395][T13651]  ? sched_core_share_pid+0x3c1/0x9d0
[  551.505423][T13651]  ? do_raw_spin_unlock+0x172/0x230
[  551.505449][T13651]  ? sched_core_share_pid+0x3c1/0x9d0
[  551.505476][T13651]  sched_core_share_pid+0x3c1/0x9d0
[  551.505503][T13651]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  551.505544][T13651]  ? __pfx_sched_core_share_pid+0x10/0x10
[  551.505572][T13651]  ? static_key_count+0x5a/0x70
[  551.505604][T13651]  ? security_task_prctl+0x11c/0x160
[  551.505639][T13651]  __do_sys_prctl+0x317/0x2250
[  551.505687][T13651]  ? __pfx___do_sys_prctl+0x10/0x10
[  551.505741][T13651]  do_syscall_64+0xcd/0xfa0
[  551.505773][T13651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.505798][T13651] RIP: 0033:0x7efec258f7c9
[  551.505819][T13651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  551.505843][T13651] RSP: 002b:00007efec339e038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  551.505867][T13651] RAX: ffffffffffffffda RBX: 00007efec27e6180 RCX: 00007efec258f7c9
[  551.505884][T13651] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e
[  551.505899][T13651] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  551.505914][T13651] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  551.505929][T13651] R13: 00007efec27e6218 R14: 00007efec27e6180 R15: 00007ffcfdba1138
[  551.505965][T13651]  </TASK>
[  552.110964][T13657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  553.083850][T12169] Bluetooth: hci4: command 0x0c1a tx timeout
[  553.089963][T12169] Bluetooth: hci2: command 0x0c1a tx timeout
[  553.096124][T12236] Bluetooth: hci0: command 0x0406 tx timeout
[  553.102271][T12236] Bluetooth: hci3: command 0x0406 tx timeout
[  553.108278][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  553.540252][T13684] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  553.546437][T13684] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  553.556982][T13684] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  553.564474][T13684] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  553.573724][T13684] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  555.561194][T13679] Bluetooth: hci3: command 0x0406 tx timeout
[  555.567240][T13679] Bluetooth: hci1: command 0x0406 tx timeout
[  555.573967][T12133] Bluetooth: hci0: command 0x0406 tx timeout
[  555.630169][T13679] Bluetooth: hci4: command 0x0c1a tx timeout
[  555.636317][T12133] Bluetooth: hci2: command 0x0c1a tx timeout
[  556.675919][T13723] FAULT_INJECTION: forcing a failure.
[  556.675919][T13723] name failslab, interval 1, probability 0, space 0, times 0
[  556.692962][T13723] CPU: 0 UID: 0 PID: 13723 Comm: syz.2.1760 Not tainted syzkaller #0 PREEMPT(full) 
[  556.692998][T13723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  556.693015][T13723] Call Trace:
[  556.693023][T13723]  <TASK>
[  556.693033][T13723]  dump_stack_lvl+0x16c/0x1f0
[  556.693082][T13723]  should_fail_ex+0x512/0x640
[  556.693121][T13723]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  556.693154][T13723]  should_failslab+0xc2/0x120
[  556.693188][T13723]  kmem_cache_alloc_noprof+0x75/0x6e0
[  556.693216][T13723]  ? security_file_alloc+0x34/0x2b0
[  556.693247][T13723]  ? security_file_alloc+0x34/0x2b0
[  556.693270][T13723]  security_file_alloc+0x34/0x2b0
[  556.693299][T13723]  init_file+0x93/0x4c0
[  556.693332][T13723]  alloc_empty_file+0x73/0x1e0
[  556.693367][T13723]  alloc_file_pseudo+0x13a/0x230
[  556.693403][T13723]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  556.693436][T13723]  ? tipc_sk_finish_conn+0x580/0x790
[  556.693478][T13723]  sock_alloc_file+0x50/0x210
[  556.693509][T13723]  __sys_socketpair+0x31c/0x5a0
[  556.693546][T13723]  ? __pfx___sys_socketpair+0x10/0x10
[  556.693580][T13723]  ? __sys_socket+0xac/0x260
[  556.693616][T13723]  ? xfd_validate_state+0x61/0x180
[  556.693660][T13723]  __x64_sys_socketpair+0x96/0x100
[  556.693695][T13723]  ? lockdep_hardirqs_on+0x7c/0x110
[  556.693726][T13723]  do_syscall_64+0xcd/0xfa0
[  556.693759][T13723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.693786][T13723] RIP: 0033:0x7f94fd18f7c9
[  556.693807][T13723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.693832][T13723] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  556.693857][T13723] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  556.693875][T13723] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  556.693891][T13723] RBP: 00007f94fd213f91 R08: 0000000000000000 R09: 0000000000000000
[  556.693908][T13723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  556.693923][T13723] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  556.693961][T13723]  </TASK>
[  558.129281][T13733] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  558.135616][T13733] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  558.142015][T13733] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  558.148329][T13733] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  558.154922][T13733] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  558.650053][T13753] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  558.683367][T13753] CPU: 0 UID: 0 PID: 13753 Comm: syz.1.1770 Not tainted syzkaller #0 PREEMPT(full) 
[  558.683407][T13753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  558.683423][T13753] Call Trace:
[  558.683432][T13753]  <TASK>
[  558.683442][T13753]  dump_stack_lvl+0x16c/0x1f0
[  558.683484][T13753]  sysfs_warn_dup+0x7f/0xa0
[  558.683520][T13753]  sysfs_do_create_link_sd+0x124/0x140
[  558.683557][T13753]  sysfs_create_link+0x61/0xc0
[  558.683592][T13753]  device_add+0x62c/0x1aa0
[  558.683636][T13753]  ? __pfx_device_add+0x10/0x10
[  558.683672][T13753]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  558.683722][T13753]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  558.683765][T13753]  wiphy_register+0x1eb0/0x2b20
[  558.683801][T13753]  ? netdev_run_todo+0x864/0x1320
[  558.683840][T13753]  ? __pfx_wiphy_register+0x10/0x10
[  558.683897][T13753]  ieee80211_register_hw+0x253d/0x4120
[  558.683947][T13753]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  558.683984][T13753]  ? __pfx___debug_object_init+0x10/0x10
[  558.684023][T13753]  ? find_held_lock+0x2b/0x80
[  558.684049][T13753]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  558.684088][T13753]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  558.684123][T13753]  ? __hrtimer_setup+0x176/0x280
[  558.684175][T13753]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  558.684225][T13753]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  558.684255][T13753]  ? __asan_memcpy+0x3c/0x60
[  558.684288][T13753]  hwsim_new_radio_nl+0xba2/0x1330
[  558.684322][T13753]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  558.684364][T13753]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  558.684400][T13753]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  558.684443][T13753]  genl_family_rcv_msg_doit+0x209/0x2f0
[  558.684480][T13753]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  558.684526][T13753]  ? bpf_lsm_capable+0x9/0x10
[  558.684559][T13753]  ? security_capable+0x7e/0x260
[  558.684598][T13753]  ? ns_capable+0xd7/0x110
[  558.684629][T13753]  genl_rcv_msg+0x55c/0x800
[  558.684663][T13753]  ? __pfx_genl_rcv_msg+0x10/0x10
[  558.684693][T13753]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  558.684734][T13753]  netlink_rcv_skb+0x158/0x420
[  558.684762][T13753]  ? __pfx_genl_rcv_msg+0x10/0x10
[  558.684797][T13753]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  558.684842][T13753]  ? netlink_deliver_tap+0x1ae/0xd30
[  558.684875][T13753]  genl_rcv+0x28/0x40
[  558.684902][T13753]  netlink_unicast+0x5aa/0x870
[  558.684935][T13753]  ? __pfx_netlink_unicast+0x10/0x10
[  558.684963][T13753]  ? __pfx___might_resched+0x10/0x10
[  558.685003][T13753]  netlink_sendmsg+0x8c8/0xdd0
[  558.685039][T13753]  ? __pfx_netlink_sendmsg+0x10/0x10
[  558.685073][T13753]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  558.685118][T13753]  ____sys_sendmsg+0xa98/0xc70
[  558.685159][T13753]  ? copy_msghdr_from_user+0x10a/0x160
[  558.685186][T13753]  ? __pfx_____sys_sendmsg+0x10/0x10
[  558.685217][T13753]  ? preempt_schedule_thunk+0x16/0x30
[  558.685266][T13753]  ? try_to_wake_up+0xa67/0x1870
[  558.685301][T13753]  ___sys_sendmsg+0x134/0x1d0
[  558.685324][T13753]  ? find_held_lock+0x2b/0x80
[  558.685353][T13753]  ? __pfx____sys_sendmsg+0x10/0x10
[  558.685376][T13753]  ? __lock_acquire+0x622/0x1c90
[  558.685458][T13753]  __sys_sendmsg+0x16d/0x220
[  558.685485][T13753]  ? __pfx___sys_sendmsg+0x10/0x10
[  558.685511][T13753]  ? __x64_sys_futex+0x1e0/0x4c0
[  558.685570][T13753]  do_syscall_64+0xcd/0xfa0
[  558.685606][T13753]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.685632][T13753] RIP: 0033:0x7efec258f7c9
[  558.685654][T13753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  558.685679][T13753] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  558.685702][T13753] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  558.685719][T13753] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  558.685734][T13753] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  558.685751][T13753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  558.685767][T13753] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  558.685806][T13753]  </TASK>
[  559.527913][T12133] Bluetooth: hci1: command 0x0406 tx timeout
[  560.184393][T12133] Bluetooth: hci4: command 0x0c1a tx timeout
[  560.190687][T13679] Bluetooth: hci2: command 0x0c1a tx timeout
[  560.197109][T12169] Bluetooth: hci0: command 0x0406 tx timeout
[  560.203234][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  560.483973][T13783] FAULT_INJECTION: forcing a failure.
[  560.483973][T13783] name failslab, interval 1, probability 0, space 0, times 0
[  560.520294][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.4.1775 Not tainted syzkaller #0 PREEMPT(full) 
[  560.520333][T13783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  560.520349][T13783] Call Trace:
[  560.520358][T13783]  <TASK>
[  560.520369][T13783]  dump_stack_lvl+0x16c/0x1f0
[  560.520408][T13783]  should_fail_ex+0x512/0x640
[  560.520447][T13783]  ? __kmalloc_noprof+0xca/0x880
[  560.520476][T13783]  should_failslab+0xc2/0x120
[  560.520510][T13783]  __kmalloc_noprof+0xdd/0x880
[  560.520535][T13783]  ? lsm_blob_alloc+0x68/0x90
[  560.520573][T13783]  ? lsm_blob_alloc+0x68/0x90
[  560.520603][T13783]  lsm_blob_alloc+0x68/0x90
[  560.520641][T13783]  security_prepare_creds+0x30/0x270
[  560.520676][T13783]  prepare_creds+0x56f/0x7d0
[  560.520722][T13783]  set_current_groups+0x15/0xd0
[  560.520758][T13783]  __do_sys_setgroups+0x3e0/0x4f0
[  560.520800][T13783]  do_syscall_64+0xcd/0xfa0
[  560.520836][T13783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.520862][T13783] RIP: 0033:0x7fae5578f7c9
[  560.520883][T13783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.520909][T13783] RSP: 002b:00007fae5665f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000074
[  560.520934][T13783] RAX: ffffffffffffffda RBX: 00007fae559e5fa0 RCX: 00007fae5578f7c9
[  560.520951][T13783] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000008
[  560.520967][T13783] RBP: 00007fae55813f91 R08: 0000000000000000 R09: 0000000000000000
[  560.520983][T13783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  560.520999][T13783] R13: 00007fae559e6038 R14: 00007fae559e5fa0 R15: 00007fffe902b958
[  560.521034][T13783]  </TASK>
[  561.051282][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  561.057913][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  562.109193][T13810] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1480].
[  562.197438][T13812] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1781'.
[  562.790433][T13827] warning: `syz.4.1785' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  563.125251][T13831] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  563.478033][T13833] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  563.705377][T13833] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  563.721251][T13833] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  563.734393][T13833] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  563.746497][T13833] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  563.792780][T13840] FAULT_INJECTION: forcing a failure.
[  563.792780][T13840] name failslab, interval 1, probability 0, space 0, times 0
[  563.876230][T13840] CPU: 1 UID: 0 PID: 13840 Comm: syz.1.1787 Not tainted syzkaller #0 PREEMPT(full) 
[  563.876269][T13840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  563.876286][T13840] Call Trace:
[  563.876295][T13840]  <TASK>
[  563.876306][T13840]  dump_stack_lvl+0x16c/0x1f0
[  563.876344][T13840]  should_fail_ex+0x512/0x640
[  563.876384][T13840]  ? __kmalloc_cache_noprof+0x5f/0x780
[  563.876414][T13840]  should_failslab+0xc2/0x120
[  563.876450][T13840]  __kmalloc_cache_noprof+0x72/0x780
[  563.876475][T13840]  ? vhost_net_open+0x2d/0x8a0
[  563.876512][T13840]  ? vhost_net_open+0x73/0x8a0
[  563.876564][T13840]  ? __pfx_vhost_net_open+0x10/0x10
[  563.876602][T13840]  ? vhost_net_open+0x73/0x8a0
[  563.876639][T13840]  vhost_net_open+0x73/0x8a0
[  563.876679][T13840]  ? __pfx_vhost_net_open+0x10/0x10
[  563.876718][T13840]  misc_open+0x26d/0x450
[  563.876756][T13840]  ? __pfx_misc_open+0x10/0x10
[  563.876792][T13840]  chrdev_open+0x234/0x6a0
[  563.876823][T13840]  ? __pfx_apparmor_file_open+0x10/0x10
[  563.876861][T13840]  ? __pfx_chrdev_open+0x10/0x10
[  563.876893][T13840]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  563.876930][T13840]  do_dentry_open+0x982/0x1530
[  563.876962][T13840]  ? __pfx_chrdev_open+0x10/0x10
[  563.877000][T13840]  vfs_open+0x82/0x3f0
[  563.877040][T13840]  path_openat+0x1de4/0x2cb0
[  563.877081][T13840]  ? __pfx_path_openat+0x10/0x10
[  563.877113][T13840]  ? __lock_acquire+0xb8a/0x1c90
[  563.877151][T13840]  do_filp_open+0x20b/0x470
[  563.877181][T13840]  ? __pfx_do_filp_open+0x10/0x10
[  563.877236][T13840]  ? alloc_fd+0x471/0x7d0
[  563.877272][T13840]  do_sys_openat2+0x11b/0x1d0
[  563.877308][T13840]  ? __pfx_do_sys_openat2+0x10/0x10
[  563.877359][T13840]  __x64_sys_openat+0x174/0x210
[  563.877409][T13840]  ? __pfx___x64_sys_openat+0x10/0x10
[  563.877467][T13840]  do_syscall_64+0xcd/0xfa0
[  563.877503][T13840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.877535][T13840] RIP: 0033:0x7efec258f7c9
[  563.877556][T13840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.877583][T13840] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  563.877608][T13840] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  563.877626][T13840] RDX: 0000000000101600 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  563.877644][T13840] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  563.877660][T13840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.877676][T13840] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  563.877714][T13840]  </TASK>
[  564.138931][    C1] vkms_vblank_simulate: vblank timer overrun
[  565.433007][T13864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1793'.
[  565.622212][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  565.742803][T13679] Bluetooth: hci2: command 0x0c1a tx timeout
[  565.748876][T13679] Bluetooth: hci0: command 0x0406 tx timeout
[  565.755069][T12133] Bluetooth: hci3: command 0x0406 tx timeout
[  565.761145][T12119] Bluetooth: hci4: command 0x0c1a tx timeout
[  565.863285][T13873] page: refcount:22 mapcount:0 mapping:0000000000000000 index:0xffff888078006000 pfn:0x78000
[  565.875950][T13873] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  565.891941][T13873] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  565.900513][T13873] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  565.932189][T13873] raw: ffff888078006000 0000000000000000 00000016ffffffff 0000000000000000
[  565.948926][T13873] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  565.971571][T13873] head: ffff888078006000 0000000000000000 00000016ffffffff 0000000000000000
[  566.188404][T13883] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  566.200600][T13883] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  566.213767][T13883] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  566.225458][T13883] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  566.239490][T13883] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  566.345011][T13873] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  566.472896][T13873] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  566.628566][T13873] page dumped because: unmovable page
[  566.678979][T13873] page_owner tracks the page as allocated
[  566.994320][T13873] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 23, tgid 23 (ksoftirqd/1), ts 282769149967, free_ts 281784708181
[  567.122307][T13873]  post_alloc_hook+0x1af/0x220
[  567.140810][T13873]  get_page_from_freelist+0x10a3/0x3a30
[  567.214692][T13894] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(16)
[  567.228038][T13894] device-mapper: ioctl: Invalid data size in the ioctl structure: 0
[  567.238214][T13873]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  567.245632][T13873]  alloc_pages_mpol+0x1fb/0x550
[  567.250575][T13873]  alloc_pages_noprof+0x131/0x390
[  567.256885][T13873]  skb_page_frag_refill+0x186/0x5c0
[  567.262131][T13873]  try_fill_recv+0x7e4/0x2930
[  567.269792][T13873]  virtnet_poll+0x18d5/0x3e10
[  567.279881][T13873]  __napi_poll.constprop.0+0xba/0x550
[  567.285633][T13873]  net_rx_action+0x97f/0xef0
[  567.297299][T13873]  handle_softirqs+0x219/0x8e0
[  567.303522][T13873]  run_ksoftirqd+0x3a/0x60
[  567.345561][T13873]  smpboot_thread_fn+0x3f7/0xae0
[  567.352122][T13873]  kthread+0x3c5/0x780
[  567.357654][T13873]  ret_from_fork+0x675/0x7d0
[  567.363421][T13873]  ret_from_fork_asm+0x1a/0x30
[  567.368578][T13873] page last free pid 9373 tgid 9368 stack trace:
[  567.374980][T13873]  __free_frozen_pages+0x7df/0x1160
[  567.380970][T13873]  __put_partials+0x130/0x170
[  567.394860][T13873]  qlist_free_all+0x4d/0x120
[  567.414468][T13873]  kasan_quarantine_reduce+0x195/0x1e0
[  567.420922][T13873]  __kasan_slab_alloc+0x69/0x90
[  567.426179][T13873]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  567.432886][T13873]  __alloc_skb+0x2b2/0x380
[  567.444732][T13873]  sock_wmalloc+0xd4/0x120
[  567.454852][T13873]  l2tp_ip_sendmsg+0x1b6/0x1980
[  567.459754][T13873]  inet_sendmsg+0x11c/0x140
[  567.464849][T13873]  ____sys_sendmsg+0x973/0xc70
[  567.474642][T13873]  ___sys_sendmsg+0x134/0x1d0
[  567.499797][T13873]  __sys_sendmmsg+0x200/0x420
[  567.515246][T13873]  __x64_sys_sendmmsg+0x9c/0x100
[  567.723412][T13873]  do_syscall_64+0xcd/0xfa0
[  567.727971][T13873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.103453][T13908] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  568.144294][T13908] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  568.172014][T13908] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  568.245263][T13908] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  568.275274][T13908] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  569.161170][T13932] netlink: 'syz.1.1810': attribute type 11 has an invalid length.
[  569.186636][T13932] netlink: 'syz.1.1810': attribute type 11 has an invalid length.
[  569.194524][T13932] netlink: 'syz.1.1810': attribute type 11 has an invalid length.
[  569.218081][T13935] netlink: 186 bytes leftover after parsing attributes in process `syz.4.1811'.
[  569.239903][T13928] random: crng reseeded on system resumption
[  569.250588][T13932] netlink: 'syz.1.1810': attribute type 11 has an invalid length.
[  569.286975][T13932] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  569.315921][T13932] CPU: 0 UID: 0 PID: 13932 Comm: syz.1.1810 Not tainted syzkaller #0 PREEMPT(full) 
[  569.315966][T13932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  569.315983][T13932] Call Trace:
[  569.315993][T13932]  <TASK>
[  569.316005][T13932]  dump_stack_lvl+0x16c/0x1f0
[  569.316043][T13932]  sysfs_warn_dup+0x7f/0xa0
[  569.316077][T13932]  sysfs_do_create_link_sd+0x124/0x140
[  569.316116][T13932]  sysfs_create_link+0x61/0xc0
[  569.316151][T13932]  device_add+0x62c/0x1aa0
[  569.316194][T13932]  ? __pfx_device_add+0x10/0x10
[  569.316232][T13932]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  569.316278][T13932]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  569.316318][T13932]  wiphy_register+0x1eb0/0x2b20
[  569.316353][T13932]  ? netdev_run_todo+0x864/0x1320
[  569.316393][T13932]  ? __pfx_wiphy_register+0x10/0x10
[  569.316446][T13932]  ieee80211_register_hw+0x253d/0x4120
[  569.316497][T13932]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  569.316535][T13932]  ? __pfx___debug_object_init+0x10/0x10
[  569.316577][T13932]  ? find_held_lock+0x2b/0x80
[  569.316607][T13932]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  569.316652][T13932]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  569.316689][T13932]  ? __hrtimer_setup+0x176/0x280
[  569.316732][T13932]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  569.316786][T13932]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  569.316820][T13932]  ? __asan_memcpy+0x3c/0x60
[  569.316856][T13932]  hwsim_new_radio_nl+0xba2/0x1330
[  569.316890][T13932]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  569.316933][T13932]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  569.316981][T13932]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  569.317028][T13932]  genl_family_rcv_msg_doit+0x209/0x2f0
[  569.317067][T13932]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  569.317116][T13932]  ? bpf_lsm_capable+0x9/0x10
[  569.317151][T13932]  ? security_capable+0x7e/0x260
[  569.317190][T13932]  ? ns_capable+0xd7/0x110
[  569.317222][T13932]  genl_rcv_msg+0x55c/0x800
[  569.317261][T13932]  ? __pfx_genl_rcv_msg+0x10/0x10
[  569.317295][T13932]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  569.317340][T13932]  netlink_rcv_skb+0x158/0x420
[  569.317370][T13932]  ? __pfx_genl_rcv_msg+0x10/0x10
[  569.317406][T13932]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  569.317450][T13932]  ? netlink_deliver_tap+0x1ae/0xd30
[  569.317481][T13932]  genl_rcv+0x28/0x40
[  569.317509][T13932]  netlink_unicast+0x5aa/0x870
[  569.317545][T13932]  ? __pfx_netlink_unicast+0x10/0x10
[  569.317575][T13932]  ? __pfx___might_resched+0x10/0x10
[  569.317618][T13932]  netlink_sendmsg+0x8c8/0xdd0
[  569.317653][T13932]  ? __pfx_netlink_sendmsg+0x10/0x10
[  569.317688][T13932]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  569.317733][T13932]  ____sys_sendmsg+0xa98/0xc70
[  569.317770][T13932]  ? copy_msghdr_from_user+0x10a/0x160
[  569.317799][T13932]  ? __pfx_____sys_sendmsg+0x10/0x10
[  569.317831][T13932]  ? preempt_schedule_thunk+0x16/0x30
[  569.317881][T13932]  ? try_to_wake_up+0xa67/0x1870
[  569.317916][T13932]  ___sys_sendmsg+0x134/0x1d0
[  569.317941][T13932]  ? find_held_lock+0x2b/0x80
[  569.317978][T13932]  ? __pfx____sys_sendmsg+0x10/0x10
[  569.318002][T13932]  ? __lock_acquire+0x622/0x1c90
[  569.318079][T13932]  __sys_sendmsg+0x16d/0x220
[  569.318108][T13932]  ? __pfx___sys_sendmsg+0x10/0x10
[  569.318136][T13932]  ? __x64_sys_futex+0x1e0/0x4c0
[  569.318198][T13932]  do_syscall_64+0xcd/0xfa0
[  569.318233][T13932]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.318259][T13932] RIP: 0033:0x7efec258f7c9
[  569.318279][T13932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  569.318306][T13932] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  569.318331][T13932] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  569.318348][T13932] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  569.318365][T13932] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  569.318381][T13932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  569.318397][T13932] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  569.318436][T13932]  </TASK>
[  570.122065][T12119] Bluetooth: hci1: command 0x0406 tx timeout
[  570.201788][T12119] Bluetooth: hci0: command 0x0406 tx timeout
[  570.207850][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  570.281809][T13679] Bluetooth: hci2: command 0x0c1a tx timeout
[  570.288114][T12119] Bluetooth: hci4: command 0x0c1a tx timeout
[  571.201172][T13963] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  571.238560][T13961] Process accounting paused
[  571.257973][T13963] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  571.305347][T13963] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  571.311718][T13963] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  571.328745][T13963] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  571.595310][T13971] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  571.630352][T13971] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  571.687751][T13971] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  571.693991][T13971] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  571.704029][T13975] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1821'.
[  571.829427][T13971] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  572.467902][T13967] Line length is too long: Should be less than 4094
[  573.626112][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  573.632182][T13679] Bluetooth: hci1: command 0x0406 tx timeout
[  573.705427][T13679] Bluetooth: hci2: command 0x0c1a tx timeout
[  573.711494][T12119] Bluetooth: hci0: command 0x0406 tx timeout
[  573.864772][T13679] Bluetooth: hci4: command 0x0c1a tx timeout
[  574.183231][T13991] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1824'.
[  575.193677][T14003] FAULT_INJECTION: forcing a failure.
[  575.193677][T14003] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  575.280254][T14003] CPU: 0 UID: 0 PID: 14003 Comm: syz.2.1827 Not tainted syzkaller #0 PREEMPT(full) 
[  575.280281][T14003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  575.280289][T14003] Call Trace:
[  575.280295][T14003]  <TASK>
[  575.280302][T14003]  dump_stack_lvl+0x16c/0x1f0
[  575.280324][T14003]  should_fail_ex+0x512/0x640
[  575.280349][T14003]  should_fail_alloc_page+0xe7/0x130
[  575.280371][T14003]  prepare_alloc_pages+0x3c2/0x610
[  575.280393][T14003]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  575.280417][T14003]  ? mas_find+0x156/0x6d0
[  575.280434][T14003]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  575.280448][T14003]  ? validate_mm+0x403/0x560
[  575.280463][T14003]  ? __pfx_validate_mm+0x10/0x10
[  575.280480][T14003]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  575.280501][T14003]  ? vma_wants_writenotify+0x10b/0x390
[  575.280516][T14003]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  575.280538][T14003]  ? policy_nodemask+0xea/0x4e0
[  575.280558][T14003]  alloc_pages_mpol+0x1fb/0x550
[  575.280577][T14003]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  575.280601][T14003]  alloc_pages_noprof+0x131/0x390
[  575.280619][T14003]  __pmd_alloc+0x3b/0x8b0
[  575.280636][T14003]  ? find_held_lock+0x2b/0x80
[  575.280652][T14003]  __handle_mm_fault+0xada/0x2aa0
[  575.280677][T14003]  ? __pfx___handle_mm_fault+0x10/0x10
[  575.280713][T14003]  handle_mm_fault+0x589/0xd10
[  575.280737][T14003]  __get_user_pages+0x54e/0x3530
[  575.280763][T14003]  ? __pfx___get_user_pages+0x10/0x10
[  575.280786][T14003]  populate_vma_page_range+0x267/0x3f0
[  575.280807][T14003]  ? __pfx_populate_vma_page_range+0x10/0x10
[  575.280825][T14003]  ? __pfx_find_vma_intersection+0x10/0x10
[  575.280844][T14003]  ? do_mmap+0x69c/0x1210
[  575.280862][T14003]  __mm_populate+0x1d8/0x380
[  575.280882][T14003]  ? __pfx___mm_populate+0x10/0x10
[  575.280902][T14003]  ? up_write+0x1b2/0x520
[  575.280923][T14003]  vm_mmap_pgoff+0x37f/0x470
[  575.280943][T14003]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  575.280964][T14003]  ? __x64_sys_futex+0x1e0/0x4c0
[  575.280989][T14003]  ? __x64_sys_futex+0x1e9/0x4c0
[  575.281011][T14003]  ksys_mmap_pgoff+0x7d/0x5c0
[  575.281031][T14003]  ? xfd_validate_state+0x61/0x180
[  575.281062][T14003]  ? __pfx_ksys_read+0x10/0x10
[  575.281092][T14003]  __x64_sys_mmap+0x125/0x190
[  575.281130][T14003]  do_syscall_64+0xcd/0xfa0
[  575.281163][T14003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.281188][T14003] RIP: 0033:0x7f94fd18f7c9
[  575.281209][T14003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.281235][T14003] RSP: 002b:00007f94fb3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  575.281261][T14003] RAX: ffffffffffffffda RBX: 00007f94fd3e5fa0 RCX: 00007f94fd18f7c9
[  575.281277][T14003] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  575.281294][T14003] RBP: 00007f94fd213f91 R08: ffffffffffffffff R09: 0000000000000000
[  575.281316][T14003] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  575.281333][T14003] R13: 00007f94fd3e6038 R14: 00007f94fd3e5fa0 R15: 00007ffc1470bb58
[  575.281372][T14003]  </TASK>
[  576.902958][T14018] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  577.142008][T14018] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  577.199491][T14018] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  577.240160][T14018] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  577.277352][T14018] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  577.335001][T14022] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1832'.
[  577.646860][T14024] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  577.653040][T14024] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  577.694341][T14024] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  577.707634][T14024] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  577.718845][T14024] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  578.209117][T14027] zswap: compressor  not available
[  579.677202][T13679] Bluetooth: hci3: command 0x0406 tx timeout
[  579.683274][T13679] Bluetooth: hci1: command 0x0406 tx timeout
[  579.766887][T12119] Bluetooth: hci2: command 0x0c1a tx timeout
[  579.772956][T12119] Bluetooth: hci0: command 0x0406 tx timeout
[  579.779196][T13679] Bluetooth: hci4: command 0x0c1a tx timeout
[  579.849946][T14062] ptp ptp0: only physical clock in use now
[  581.491228][T14074] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  581.611463][T14077] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  582.371597][T14082] kexec: Could not allocate control_code_buffer
[  582.758383][T14097] netlink: 'syz.1.1847': attribute type 11 has an invalid length.
[  582.766884][T14097] netlink: 'syz.1.1847': attribute type 11 has an invalid length.
[  582.775310][T14097] netlink: 'syz.1.1847': attribute type 11 has an invalid length.
[  582.784385][T14097] netlink: 'syz.1.1847': attribute type 11 has an invalid length.
[  582.828041][T14097] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  582.839745][T14097] CPU: 1 UID: 0 PID: 14097 Comm: syz.1.1847 Not tainted syzkaller #0 PREEMPT(full) 
[  582.839780][T14097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  582.839798][T14097] Call Trace:
[  582.839809][T14097]  <TASK>
[  582.839819][T14097]  dump_stack_lvl+0x16c/0x1f0
[  582.839858][T14097]  sysfs_warn_dup+0x7f/0xa0
[  582.839894][T14097]  sysfs_do_create_link_sd+0x124/0x140
[  582.839931][T14097]  sysfs_create_link+0x61/0xc0
[  582.839967][T14097]  device_add+0x62c/0x1aa0
[  582.840011][T14097]  ? __pfx_device_add+0x10/0x10
[  582.840051][T14097]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  582.840098][T14097]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  582.840139][T14097]  wiphy_register+0x1eb0/0x2b20
[  582.840175][T14097]  ? netdev_run_todo+0x864/0x1320
[  582.840214][T14097]  ? __pfx_wiphy_register+0x10/0x10
[  582.840274][T14097]  ieee80211_register_hw+0x253d/0x4120
[  582.840328][T14097]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  582.840360][T14097]  ? __pfx___debug_object_init+0x10/0x10
[  582.840392][T14097]  ? find_held_lock+0x2b/0x80
[  582.840409][T14097]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  582.840432][T14097]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  582.840452][T14097]  ? __hrtimer_setup+0x176/0x280
[  582.840483][T14097]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  582.840511][T14097]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  582.840529][T14097]  ? __asan_memcpy+0x3c/0x60
[  582.840547][T14097]  hwsim_new_radio_nl+0xba2/0x1330
[  582.840564][T14097]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  582.840585][T14097]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  582.840603][T14097]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  582.840625][T14097]  genl_family_rcv_msg_doit+0x209/0x2f0
[  582.840644][T14097]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  582.840668][T14097]  ? bpf_lsm_capable+0x9/0x10
[  582.840685][T14097]  ? security_capable+0x7e/0x260
[  582.840705][T14097]  ? ns_capable+0xd7/0x110
[  582.840722][T14097]  genl_rcv_msg+0x55c/0x800
[  582.840741][T14097]  ? __pfx_genl_rcv_msg+0x10/0x10
[  582.840758][T14097]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  582.840780][T14097]  netlink_rcv_skb+0x158/0x420
[  582.840795][T14097]  ? __pfx_genl_rcv_msg+0x10/0x10
[  582.840818][T14097]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  582.840841][T14097]  ? netlink_deliver_tap+0x1ae/0xd30
[  582.840858][T14097]  genl_rcv+0x28/0x40
[  582.840874][T14097]  netlink_unicast+0x5aa/0x870
[  582.840893][T14097]  ? __pfx_netlink_unicast+0x10/0x10
[  582.840908][T14097]  ? __pfx___might_resched+0x10/0x10
[  582.840930][T14097]  netlink_sendmsg+0x8c8/0xdd0
[  582.840953][T14097]  ? __pfx_netlink_sendmsg+0x10/0x10
[  582.840970][T14097]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  582.840994][T14097]  ____sys_sendmsg+0xa98/0xc70
[  582.841013][T14097]  ? copy_msghdr_from_user+0x10a/0x160
[  582.841027][T14097]  ? __pfx_____sys_sendmsg+0x10/0x10
[  582.841049][T14097]  ? __pfx_futex_wake_mark+0x10/0x10
[  582.841072][T14097]  ___sys_sendmsg+0x134/0x1d0
[  582.841088][T14097]  ? __pfx____sys_sendmsg+0x10/0x10
[  582.841099][T14097]  ? __lock_acquire+0x622/0x1c90
[  582.841141][T14097]  __sys_sendmsg+0x16d/0x220
[  582.841155][T14097]  ? __pfx___sys_sendmsg+0x10/0x10
[  582.841168][T14097]  ? __x64_sys_futex+0x1e0/0x4c0
[  582.841198][T14097]  do_syscall_64+0xcd/0xfa0
[  582.841219][T14097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  582.841234][T14097] RIP: 0033:0x7efec258f7c9
[  582.841247][T14097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  582.841260][T14097] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  582.841275][T14097] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  582.841285][T14097] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  582.841294][T14097] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  582.841303][T14097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  582.841316][T14097] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  582.841336][T14097]  </TASK>
[  583.482050][T14107] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  583.488225][T14107] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  583.494816][T14107] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  583.501504][T14107] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  583.507629][T14107] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  585.489920][T12119] Bluetooth: hci0: command 0x0406 tx timeout
[  585.498145][T13679] Bluetooth: hci3: command 0x0406 tx timeout
[  585.504218][T12169] Bluetooth: hci1: command 0x0406 tx timeout
[  585.571248][T12119] Bluetooth: hci4: command 0x0c1a tx timeout
[  585.577467][T12119] Bluetooth: hci2: command 0x0c1a tx timeout
[  586.149814][T14130] serio: Serial port ttyS2
[  586.597075][T14143] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1857'.
[  586.613035][T14146] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1857'.
[  587.575771][T13679] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  587.585907][T13679] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  587.594757][T13679] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  587.604884][T13679] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  587.614149][T13679] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  587.843658][T14158] chnl_net:caif_netlink_parms(): no params data found
[  588.004996][T14158] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.012364][T14158] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.020759][T14158] bridge_slave_0: entered allmulticast mode
[  588.032273][T14158] bridge_slave_0: entered promiscuous mode
[  588.058808][T14158] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.065993][T14158] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.094475][T14158] bridge_slave_1: entered allmulticast mode
[  588.109476][T14158] bridge_slave_1: entered promiscuous mode
[  588.124463][T14172] FAULT_INJECTION: forcing a failure.
[  588.124463][T14172] name fail_futex, interval 1, probability 0, space 0, times 0
[  588.137587][T14172] CPU: 1 UID: 0 PID: 14172 Comm: syz.4.1863 Not tainted syzkaller #0 PREEMPT(full) 
[  588.137624][T14172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  588.137641][T14172] Call Trace:
[  588.137650][T14172]  <TASK>
[  588.137661][T14172]  dump_stack_lvl+0x16c/0x1f0
[  588.137700][T14172]  should_fail_ex+0x512/0x640
[  588.137744][T14172]  get_futex_key+0x1d0/0x1560
[  588.137781][T14172]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  588.137820][T14172]  ? __pfx_get_futex_key+0x10/0x10
[  588.137857][T14172]  ? blk_finish_plug+0x53/0xa0
[  588.137885][T14172]  ? madvise_do_behavior+0x1f4/0x530
[  588.137926][T14172]  futex_wake+0xea/0x530
[  588.137969][T14172]  ? __pfx_futex_wake+0x10/0x10
[  588.138008][T14172]  ? up_write+0x1b2/0x520
[  588.138051][T14172]  ? madvise_unlock+0x7c/0x220
[  588.138092][T14172]  do_futex+0x1e3/0x350
[  588.138129][T14172]  ? __pfx_do_futex+0x10/0x10
[  588.138167][T14172]  ? do_fcntl+0x1eb/0x15a0
[  588.138205][T14172]  __x64_sys_futex+0x1e0/0x4c0
[  588.138246][T14172]  ? __pfx___x64_sys_futex+0x10/0x10
[  588.138282][T14172]  ? xfd_validate_state+0x61/0x180
[  588.138330][T14172]  do_syscall_64+0xcd/0xfa0
[  588.138366][T14172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.138393][T14172] RIP: 0033:0x7fae5578f7c9
[  588.138416][T14172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  588.138443][T14172] RSP: 002b:00007fae5665f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  588.138468][T14172] RAX: ffffffffffffffda RBX: 00007fae559e5fa8 RCX: 00007fae5578f7c9
[  588.138487][T14172] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fae559e5fac
[  588.138504][T14172] RBP: 00007fae559e5fa0 R08: 00007fae56660000 R09: 0000000000000000
[  588.138531][T14172] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  588.138548][T14172] R13: 00007fae559e6038 R14: 00007fffe902b870 R15: 00007fffe902b958
[  588.138587][T14172]  </TASK>
[  588.147952][T14158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  588.371976][T14158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  588.421918][T14158] team0: Port device team_slave_0 added
[  588.438002][T14158] team0: Port device team_slave_1 added
[  588.480684][T14158] batman_adv: batadv0: Adding interface: batadv_slave_0
[  588.487860][T14158] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  588.542658][T14158] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  588.558365][T14158] batman_adv: batadv0: Adding interface: batadv_slave_1
[  588.570240][T14158] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  588.606314][T14158] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  588.709260][T14158] hsr_slave_0: entered promiscuous mode
[  588.717225][T14158] hsr_slave_1: entered promiscuous mode
[  588.723362][T14158] debugfs: 'hsr0' already exists in 'hsr'
[  588.730542][T14158] Cannot create hsr debugfs directory
[  589.065642][T14158] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  589.086001][T14158] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  589.168905][T14158] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  589.208097][T14158] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  589.465970][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.487663][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.536309][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.548642][T14158] 8021q: adding VLAN 0 to HW filter on device bond0
[  589.571439][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.583417][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.631645][T13679] Bluetooth: hci5: command tx timeout
[  589.652668][T14158] 8021q: adding VLAN 0 to HW filter on device team0
[  589.668397][T13482] bridge0: port 1(bridge_slave_0) entered blocking state
[  589.675561][T13482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  589.685806][T14197] netlink: 'syz.1.1868': attribute type 11 has an invalid length.
[  589.709833][T13482] bridge0: port 2(bridge_slave_1) entered blocking state
[  589.717012][T13482] bridge0: port 2(bridge_slave_1) entered forwarding state
[  589.774212][T14197] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  589.789956][T14197] CPU: 1 UID: 0 PID: 14197 Comm: syz.1.1868 Not tainted syzkaller #0 PREEMPT(full) 
[  589.789993][T14197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  589.790010][T14197] Call Trace:
[  589.790021][T14197]  <TASK>
[  589.790032][T14197]  dump_stack_lvl+0x16c/0x1f0
[  589.790072][T14197]  sysfs_warn_dup+0x7f/0xa0
[  589.790105][T14197]  sysfs_do_create_link_sd+0x124/0x140
[  589.790140][T14197]  sysfs_create_link+0x61/0xc0
[  589.790174][T14197]  device_add+0x62c/0x1aa0
[  589.790218][T14197]  ? __pfx_device_add+0x10/0x10
[  589.790257][T14197]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  589.790303][T14197]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  589.790341][T14197]  wiphy_register+0x1eb0/0x2b20
[  589.790388][T14197]  ? netdev_run_todo+0x864/0x1320
[  589.790431][T14197]  ? __pfx_wiphy_register+0x10/0x10
[  589.790489][T14197]  ieee80211_register_hw+0x253d/0x4120
[  589.790542][T14197]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  589.790579][T14197]  ? __pfx___debug_object_init+0x10/0x10
[  589.790618][T14197]  ? find_held_lock+0x2b/0x80
[  589.790647][T14197]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  589.790691][T14197]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  589.790727][T14197]  ? __hrtimer_setup+0x176/0x280
[  589.790770][T14197]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  589.790824][T14197]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  589.790858][T14197]  ? __asan_memcpy+0x3c/0x60
[  589.790893][T14197]  hwsim_new_radio_nl+0xba2/0x1330
[  589.790925][T14197]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  589.790967][T14197]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  589.791004][T14197]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  589.791046][T14197]  genl_family_rcv_msg_doit+0x209/0x2f0
[  589.791081][T14197]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  589.791129][T14197]  ? bpf_lsm_capable+0x9/0x10
[  589.791162][T14197]  ? security_capable+0x7e/0x260
[  589.791200][T14197]  ? ns_capable+0xd7/0x110
[  589.791233][T14197]  genl_rcv_msg+0x55c/0x800
[  589.791270][T14197]  ? __pfx_genl_rcv_msg+0x10/0x10
[  589.791300][T14197]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  589.791346][T14197]  netlink_rcv_skb+0x158/0x420
[  589.791383][T14197]  ? __pfx_genl_rcv_msg+0x10/0x10
[  589.791418][T14197]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  589.791463][T14197]  ? netlink_deliver_tap+0x1ae/0xd30
[  589.791497][T14197]  genl_rcv+0x28/0x40
[  589.791525][T14197]  netlink_unicast+0x5aa/0x870
[  589.791560][T14197]  ? __pfx_netlink_unicast+0x10/0x10
[  589.791587][T14197]  ? __asan_memset+0x23/0x50
[  589.791612][T14197]  ? __build_skb_around+0x278/0x3b0
[  589.791649][T14197]  ? is_vmalloc_addr+0x86/0xa0
[  589.791679][T14197]  netlink_sendmsg+0x8c8/0xdd0
[  589.791715][T14197]  ? __pfx_netlink_sendmsg+0x10/0x10
[  589.791748][T14197]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  589.791794][T14197]  ____sys_sendmsg+0xa98/0xc70
[  589.791828][T14197]  ? copy_msghdr_from_user+0x10a/0x160
[  589.791855][T14197]  ? __pfx_____sys_sendmsg+0x10/0x10
[  589.791897][T14197]  ? __pfx_futex_wake_mark+0x10/0x10
[  589.791942][T14197]  ___sys_sendmsg+0x134/0x1d0
[  589.791966][T14197]  ? find_held_lock+0x2b/0x80
[  589.791995][T14197]  ? __pfx____sys_sendmsg+0x10/0x10
[  589.792019][T14197]  ? __lock_acquire+0x622/0x1c90
[  589.792101][T14197]  __sys_sendmsg+0x16d/0x220
[  589.792128][T14197]  ? __pfx___sys_sendmsg+0x10/0x10
[  589.792153][T14197]  ? __x64_sys_futex+0x1e0/0x4c0
[  589.792211][T14197]  do_syscall_64+0xcd/0xfa0
[  589.792246][T14197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.792274][T14197] RIP: 0033:0x7efec258f7c9
[  589.792296][T14197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  589.792323][T14197] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  589.792348][T14197] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  589.792376][T14197] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  589.792393][T14197] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  589.792409][T14197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  589.792425][T14197] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  589.792461][T14197]  </TASK>
[  590.634467][T14158] 8021q: adding VLAN 0 to HW filter on device batadv0
[  591.185499][T14158] veth0_vlan: entered promiscuous mode
[  591.219949][T14158] veth1_vlan: entered promiscuous mode
[  591.258996][T14226] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1873'.
[  591.324939][T14158] veth0_macvtap: entered promiscuous mode
[  591.350120][T14158] veth1_macvtap: entered promiscuous mode
[  591.403361][T14158] batman_adv: batadv0: Interface activated: batadv_slave_0
[  591.428886][T14158] batman_adv: batadv0: Interface activated: batadv_slave_1
[  591.457602][T12136] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  591.483490][T12136] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  591.529429][T12136] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  591.568595][T12136] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  591.669627][T14044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.686103][T14044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.701110][T13679] Bluetooth: hci5: command tx timeout
[  591.748439][T12136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  591.758326][T12136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  591.936845][T14237] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  592.746451][T14243] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  592.752562][T14243] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  592.827718][T14243] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  592.833751][T14243] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  592.875475][T14243] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  592.893185][T14243] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  592.902448][T14243] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  592.956097][T14243] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  593.972710][T14229] kexec: Could not allocate control_code_buffer
[  593.999358][T12119] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  594.013368][T12119] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  594.021861][T12119] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  594.041961][T12119] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  594.060163][T12119] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  594.553328][T14254] chnl_net:caif_netlink_parms(): no params data found
[  594.674316][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.682914][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.697776][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.705624][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.736693][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.746652][T14263] netlink: 'syz.1.1879': attribute type 11 has an invalid length.
[  594.800750][T14263] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  594.813925][T12119] Bluetooth: hci3: command 0x0406 tx timeout
[  594.820309][T13679] Bluetooth: hci1: command 0x0406 tx timeout
[  594.839225][T14263] CPU: 0 UID: 0 PID: 14263 Comm: syz.1.1879 Not tainted syzkaller #0 PREEMPT(full) 
[  594.839264][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  594.839282][T14263] Call Trace:
[  594.839292][T14263]  <TASK>
[  594.839304][T14263]  dump_stack_lvl+0x16c/0x1f0
[  594.839343][T14263]  sysfs_warn_dup+0x7f/0xa0
[  594.839379][T14263]  sysfs_do_create_link_sd+0x124/0x140
[  594.839419][T14263]  sysfs_create_link+0x61/0xc0
[  594.839453][T14263]  device_add+0x62c/0x1aa0
[  594.839500][T14263]  ? __pfx_device_add+0x10/0x10
[  594.839538][T14263]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  594.839585][T14263]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  594.839626][T14263]  wiphy_register+0x1eb0/0x2b20
[  594.839662][T14263]  ? netdev_run_todo+0x864/0x1320
[  594.839703][T14263]  ? __pfx_wiphy_register+0x10/0x10
[  594.839759][T14263]  ieee80211_register_hw+0x253d/0x4120
[  594.839811][T14263]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  594.839848][T14263]  ? __pfx___debug_object_init+0x10/0x10
[  594.839890][T14263]  ? find_held_lock+0x2b/0x80
[  594.839920][T14263]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  594.839963][T14263]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  594.839999][T14263]  ? __hrtimer_setup+0x176/0x280
[  594.840042][T14263]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  594.840105][T14263]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  594.840139][T14263]  ? __asan_memcpy+0x3c/0x60
[  594.840175][T14263]  hwsim_new_radio_nl+0xba2/0x1330
[  594.840210][T14263]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  594.840255][T14263]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  594.840292][T14263]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  594.840336][T14263]  genl_family_rcv_msg_doit+0x209/0x2f0
[  594.840375][T14263]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  594.840422][T14263]  ? bpf_lsm_capable+0x9/0x10
[  594.840457][T14263]  ? security_capable+0x7e/0x260
[  594.840495][T14263]  ? ns_capable+0xd7/0x110
[  594.840528][T14263]  genl_rcv_msg+0x55c/0x800
[  594.840565][T14263]  ? __pfx_genl_rcv_msg+0x10/0x10
[  594.840600][T14263]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  594.840642][T14263]  netlink_rcv_skb+0x158/0x420
[  594.840671][T14263]  ? __pfx_genl_rcv_msg+0x10/0x10
[  594.840707][T14263]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  594.840753][T14263]  ? netlink_deliver_tap+0x1ae/0xd30
[  594.840787][T14263]  genl_rcv+0x28/0x40
[  594.840814][T14263]  netlink_unicast+0x5aa/0x870
[  594.840849][T14263]  ? __pfx_netlink_unicast+0x10/0x10
[  594.840876][T14263]  ? __asan_memset+0x23/0x50
[  594.840903][T14263]  ? __build_skb_around+0x278/0x3b0
[  594.840941][T14263]  ? is_vmalloc_addr+0x86/0xa0
[  594.840973][T14263]  netlink_sendmsg+0x8c8/0xdd0
[  594.841009][T14263]  ? __pfx_netlink_sendmsg+0x10/0x10
[  594.841044][T14263]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  594.841099][T14263]  ____sys_sendmsg+0xa98/0xc70
[  594.841136][T14263]  ? copy_msghdr_from_user+0x10a/0x160
[  594.841164][T14263]  ? __pfx_____sys_sendmsg+0x10/0x10
[  594.841208][T14263]  ? __pfx_futex_wake_mark+0x10/0x10
[  594.841254][T14263]  ___sys_sendmsg+0x134/0x1d0
[  594.841278][T14263]  ? find_held_lock+0x2b/0x80
[  594.841309][T14263]  ? __pfx____sys_sendmsg+0x10/0x10
[  594.841334][T14263]  ? __lock_acquire+0x622/0x1c90
[  594.841414][T14263]  __sys_sendmsg+0x16d/0x220
[  594.841443][T14263]  ? __pfx___sys_sendmsg+0x10/0x10
[  594.841469][T14263]  ? __x64_sys_futex+0x1e0/0x4c0
[  594.841529][T14263]  do_syscall_64+0xcd/0xfa0
[  594.841564][T14263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.841594][T14263] RIP: 0033:0x7efec258f7c9
[  594.841618][T14263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  594.841644][T14263] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  594.841671][T14263] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  594.841689][T14263] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  594.841707][T14263] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  594.841724][T14263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  594.841741][T14263] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  594.841780][T14263]  </TASK>
[  594.842552][T14254] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.886157][T12119] Bluetooth: hci5: command 0x0419 tx timeout
[  594.928453][T14268] FAULT_INJECTION: forcing a failure.
[  594.928453][T14268] name failslab, interval 1, probability 0, space 0, times 0
[  594.932405][T13679] Bluetooth: hci4: command 0x0c1a tx timeout
[  594.955385][T14268] CPU: 1 UID: 0 PID: 14268 Comm: syz.4.1880 Not tainted syzkaller #0 PREEMPT(full) 
[  594.955422][T14268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  594.955438][T14268] Call Trace:
[  594.955448][T14268]  <TASK>
[  594.955459][T14268]  dump_stack_lvl+0x16c/0x1f0
[  594.955501][T14268]  should_fail_ex+0x512/0x640
[  594.955540][T14268]  ? fs_reclaim_acquire+0xae/0x150
[  594.955578][T14268]  should_failslab+0xc2/0x120
[  594.955613][T14268]  __kmalloc_noprof+0xdd/0x880
[  594.955636][T14268]  ? kfree+0x252/0x6d0
[  594.955657][T14268]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  594.955695][T14268]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  594.955724][T14268]  tomoyo_realpath_from_path+0xc2/0x6e0
[  594.955765][T14268]  tomoyo_check_open_permission+0x2ab/0x3c0
[  594.955793][T14268]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  594.955863][T14268]  ? do_raw_spin_lock+0x12c/0x2b0
[  594.955913][T14268]  tomoyo_file_open+0x6b/0x90
[  594.955950][T14268]  security_file_open+0x84/0x1e0
[  594.955981][T14268]  do_dentry_open+0x596/0x1530
[  594.956022][T14268]  vfs_open+0x82/0x3f0
[  594.956062][T14268]  path_openat+0x1de4/0x2cb0
[  594.956103][T14268]  ? __pfx_path_openat+0x10/0x10
[  594.956133][T14268]  ? __lock_acquire+0xb8a/0x1c90
[  594.956170][T14268]  do_filp_open+0x20b/0x470
[  594.956200][T14268]  ? __pfx_do_filp_open+0x10/0x10
[  594.956253][T14268]  ? alloc_fd+0x471/0x7d0
[  594.956290][T14268]  do_sys_openat2+0x11b/0x1d0
[  594.956326][T14268]  ? __pfx_do_sys_openat2+0x10/0x10
[  594.956377][T14268]  __x64_sys_openat+0x174/0x210
[  594.956414][T14268]  ? __pfx___x64_sys_openat+0x10/0x10
[  594.956465][T14268]  do_syscall_64+0xcd/0xfa0
[  594.956498][T14268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  594.956525][T14268] RIP: 0033:0x7fae5578f7c9
[  594.956545][T14268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  594.956570][T14268] RSP: 002b:00007fae5665f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  594.956595][T14268] RAX: ffffffffffffffda RBX: 00007fae559e5fa0 RCX: 00007fae5578f7c9
[  594.956613][T14268] RDX: 0000000000000200 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  594.956630][T14268] RBP: 00007fae55813f91 R08: 0000000000000000 R09: 0000000000000000
[  594.956646][T14268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  594.956662][T14268] R13: 00007fae559e6038 R14: 00007fae559e5fa0 R15: 00007fffe902b958
[  594.956699][T14268]  </TASK>
[  594.956847][T14268] ERROR: Out of memory at tomoyo_realpath_from_path.
[  594.960560][T12169] Bluetooth: hci2: command 0x0c1a tx timeout
[  595.051238][T14254] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.054416][T12133] Bluetooth: hci0: command 0x0406 tx timeout
[  595.075713][T14254] bridge_slave_0: entered allmulticast mode
[  595.583784][T14254] bridge_slave_0: entered promiscuous mode
[  595.586878][T14254] bridge0: port 2(bridge_slave_1) entered blocking state
[  595.601197][T14254] bridge0: port 2(bridge_slave_1) entered disabled state
[  595.608846][T14254] bridge_slave_1: entered allmulticast mode
[  595.616823][T14254] bridge_slave_1: entered promiscuous mode
[  595.675249][T14254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  595.696146][T14254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  595.745734][T14254] team0: Port device team_slave_0 added
[  595.765825][T14254] team0: Port device team_slave_1 added
[  595.833460][T14254] batman_adv: batadv0: Adding interface: batadv_slave_0
[  595.840449][T14254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  595.870363][T14254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  595.903546][T14254] batman_adv: batadv0: Adding interface: batadv_slave_1
[  595.910616][T14254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  595.937576][T14254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  596.081592][T12169] Bluetooth: hci6: command tx timeout
[  596.149017][T14254] hsr_slave_0: entered promiscuous mode
[  596.156169][T14254] hsr_slave_1: entered promiscuous mode
[  596.164962][T14254] debugfs: 'hsr0' already exists in 'hsr'
[  596.172032][T14254] Cannot create hsr debugfs directory
[  596.446252][T14254] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  596.462958][T14254] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  596.476334][T14254] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  596.491734][T14254] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  596.705278][T14254] 8021q: adding VLAN 0 to HW filter on device bond0
[  596.750398][T14254] 8021q: adding VLAN 0 to HW filter on device team0
[  596.768438][T12121] bridge0: port 1(bridge_slave_0) entered blocking state
[  596.775631][T12121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  596.816447][T12121] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.823771][T12121] bridge0: port 2(bridge_slave_1) entered forwarding state
[  596.937929][T14296] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1886'.
[  597.116520][T12133] Bluetooth: hci5: command 0x0419 tx timeout
[  597.191743][T14310] hub 1-0:1.0: USB hub found
[  597.199402][T14310] hub 1-0:1.0: 1 port detected
[  597.219743][T14312] hub 1-0:1.0: USB hub found
[  597.228404][T14312] hub 1-0:1.0: 1 port detected
[  597.243988][T14254] 8021q: adding VLAN 0 to HW filter on device batadv0
[  597.281089][T14310] hub 1-0:1.0: USB hub found
[  597.321103][T14310] hub 1-0:1.0: 1 port detected
[  597.755367][T14254] veth0_vlan: entered promiscuous mode
[  597.776073][T14254] veth1_vlan: entered promiscuous mode
[  597.819448][T14254] veth0_macvtap: entered promiscuous mode
[  597.857335][T14254] veth1_macvtap: entered promiscuous mode
[  597.887762][T14254] batman_adv: batadv0: Interface activated: batadv_slave_0
[  597.939730][T14254] batman_adv: batadv0: Interface activated: batadv_slave_1
[  597.969141][T12141] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  597.985813][T12141] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  598.035261][T12141] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  598.062591][T12141] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  598.143666][T12121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  598.151956][T12133] Bluetooth: hci6: command tx timeout
[  598.175013][T12121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  598.217851][T12121] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  598.227852][T12121] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  598.807198][T14339] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  599.166738][T14348] netlink: 'syz.1.1893': attribute type 11 has an invalid length.
[  599.185794][T12133] Bluetooth: hci5: command 0x0419 tx timeout
[  599.238747][T14348] netlink: 'syz.1.1893': attribute type 11 has an invalid length.
[  599.257121][T14348] netlink: 'syz.1.1893': attribute type 11 has an invalid length.
[  599.297029][T14348] netlink: 'syz.1.1893': attribute type 11 has an invalid length.
[  599.372109][T14348] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  599.410253][T14348] CPU: 1 UID: 0 PID: 14348 Comm: syz.1.1893 Not tainted syzkaller #0 PREEMPT(full) 
[  599.410299][T14348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  599.410317][T14348] Call Trace:
[  599.410327][T14348]  <TASK>
[  599.410338][T14348]  dump_stack_lvl+0x16c/0x1f0
[  599.410377][T14348]  sysfs_warn_dup+0x7f/0xa0
[  599.410412][T14348]  sysfs_do_create_link_sd+0x124/0x140
[  599.410449][T14348]  sysfs_create_link+0x61/0xc0
[  599.410483][T14348]  device_add+0x62c/0x1aa0
[  599.410526][T14348]  ? __pfx_device_add+0x10/0x10
[  599.410563][T14348]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  599.410607][T14348]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  599.410645][T14348]  wiphy_register+0x1eb0/0x2b20
[  599.410677][T14348]  ? netdev_run_todo+0x864/0x1320
[  599.410718][T14348]  ? __pfx_wiphy_register+0x10/0x10
[  599.410775][T14348]  ieee80211_register_hw+0x253d/0x4120
[  599.410830][T14348]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  599.410867][T14348]  ? __pfx___debug_object_init+0x10/0x10
[  599.410908][T14348]  ? find_held_lock+0x2b/0x80
[  599.410938][T14348]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  599.410982][T14348]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  599.411017][T14348]  ? __hrtimer_setup+0x176/0x280
[  599.411059][T14348]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  599.411112][T14348]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  599.411146][T14348]  ? __asan_memcpy+0x3c/0x60
[  599.411181][T14348]  hwsim_new_radio_nl+0xba2/0x1330
[  599.411214][T14348]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  599.411256][T14348]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  599.411301][T14348]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  599.411349][T14348]  genl_family_rcv_msg_doit+0x209/0x2f0
[  599.411387][T14348]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  599.411435][T14348]  ? bpf_lsm_capable+0x9/0x10
[  599.411469][T14348]  ? security_capable+0x7e/0x260
[  599.411507][T14348]  ? ns_capable+0xd7/0x110
[  599.411539][T14348]  genl_rcv_msg+0x55c/0x800
[  599.411577][T14348]  ? __pfx_genl_rcv_msg+0x10/0x10
[  599.411612][T14348]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  599.411655][T14348]  netlink_rcv_skb+0x158/0x420
[  599.411683][T14348]  ? __pfx_genl_rcv_msg+0x10/0x10
[  599.411714][T14348]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  599.411756][T14348]  ? netlink_deliver_tap+0x1ae/0xd30
[  599.411790][T14348]  genl_rcv+0x28/0x40
[  599.411818][T14348]  netlink_unicast+0x5aa/0x870
[  599.411854][T14348]  ? __pfx_netlink_unicast+0x10/0x10
[  599.411880][T14348]  ? __asan_memset+0x23/0x50
[  599.411908][T14348]  ? __build_skb_around+0x278/0x3b0
[  599.411946][T14348]  ? is_vmalloc_addr+0x86/0xa0
[  599.411978][T14348]  netlink_sendmsg+0x8c8/0xdd0
[  599.412012][T14348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  599.412047][T14348]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  599.412093][T14348]  ____sys_sendmsg+0xa98/0xc70
[  599.412128][T14348]  ? copy_msghdr_from_user+0x10a/0x160
[  599.412156][T14348]  ? __pfx_____sys_sendmsg+0x10/0x10
[  599.412199][T14348]  ? __pfx_futex_wake_mark+0x10/0x10
[  599.412246][T14348]  ___sys_sendmsg+0x134/0x1d0
[  599.412270][T14348]  ? find_held_lock+0x2b/0x80
[  599.412330][T14348]  ? __pfx____sys_sendmsg+0x10/0x10
[  599.412354][T14348]  ? __lock_acquire+0x622/0x1c90
[  599.412441][T14348]  __sys_sendmsg+0x16d/0x220
[  599.412469][T14348]  ? __pfx___sys_sendmsg+0x10/0x10
[  599.412495][T14348]  ? __x64_sys_futex+0x1e0/0x4c0
[  599.412540][T14348]  ? xfd_validate_state+0x61/0x180
[  599.412587][T14348]  do_syscall_64+0xcd/0xfa0
[  599.412623][T14348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  599.412651][T14348] RIP: 0033:0x7efec258f7c9
[  599.412673][T14348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  599.412699][T14348] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  599.412725][T14348] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  599.412745][T14348] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  599.412762][T14348] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  599.412778][T14348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  599.412792][T14348] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  599.412828][T14348]  </TASK>
[  600.221906][T12133] Bluetooth: hci6: command tx timeout
[  601.256304][T12133] Bluetooth: hci5: command 0x0419 tx timeout
[  601.542908][T14352] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  602.304868][T12133] Bluetooth: hci6: command tx timeout
[  603.699176][T14397] nla_validate_range_unsigned: 1 callbacks suppressed
[  603.699201][T14397] netlink: 'syz.1.1903': attribute type 11 has an invalid length.
[  603.724279][T14397] netlink: 'syz.1.1903': attribute type 11 has an invalid length.
[  603.732156][T14397] netlink: 'syz.1.1903': attribute type 11 has an invalid length.
[  603.794593][T14397] netlink: 'syz.1.1903': attribute type 11 has an invalid length.
[  606.215219][T14421] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1910'.
[  606.742397][T14431] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  606.753868][T14431] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  606.761821][T14431] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  606.770701][T14431] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  606.778551][T14431] netlink: 'syz.1.1913': attribute type 11 has an invalid length.
[  606.790120][T14431] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  606.802006][T14431] CPU: 0 UID: 0 PID: 14431 Comm: syz.1.1913 Not tainted syzkaller #0 PREEMPT(full) 
[  606.802042][T14431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  606.802059][T14431] Call Trace:
[  606.802069][T14431]  <TASK>
[  606.802080][T14431]  dump_stack_lvl+0x16c/0x1f0
[  606.802119][T14431]  sysfs_warn_dup+0x7f/0xa0
[  606.802152][T14431]  sysfs_do_create_link_sd+0x124/0x140
[  606.802188][T14431]  sysfs_create_link+0x61/0xc0
[  606.802220][T14431]  device_add+0x62c/0x1aa0
[  606.802265][T14431]  ? __pfx_device_add+0x10/0x10
[  606.802325][T14431]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  606.802373][T14431]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  606.802415][T14431]  wiphy_register+0x1eb0/0x2b20
[  606.802452][T14431]  ? netdev_run_todo+0x864/0x1320
[  606.802493][T14431]  ? __pfx_wiphy_register+0x10/0x10
[  606.802559][T14431]  ieee80211_register_hw+0x253d/0x4120
[  606.802613][T14431]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  606.802647][T14431]  ? __pfx___debug_object_init+0x10/0x10
[  606.802685][T14431]  ? find_held_lock+0x2b/0x80
[  606.802714][T14431]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  606.802758][T14431]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  606.802794][T14431]  ? __hrtimer_setup+0x176/0x280
[  606.802838][T14431]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  606.802891][T14431]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  606.802925][T14431]  ? __asan_memcpy+0x3c/0x60
[  606.802960][T14431]  hwsim_new_radio_nl+0xba2/0x1330
[  606.802995][T14431]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  606.803037][T14431]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  606.803074][T14431]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  606.803118][T14431]  genl_family_rcv_msg_doit+0x209/0x2f0
[  606.803156][T14431]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  606.803204][T14431]  ? bpf_lsm_capable+0x9/0x10
[  606.803238][T14431]  ? security_capable+0x7e/0x260
[  606.803276][T14431]  ? ns_capable+0xd7/0x110
[  606.803309][T14431]  genl_rcv_msg+0x55c/0x800
[  606.803346][T14431]  ? __pfx_genl_rcv_msg+0x10/0x10
[  606.803381][T14431]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  606.803425][T14431]  netlink_rcv_skb+0x158/0x420
[  606.803454][T14431]  ? __pfx_genl_rcv_msg+0x10/0x10
[  606.803490][T14431]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  606.803547][T14431]  ? netlink_deliver_tap+0x1ae/0xd30
[  606.803583][T14431]  genl_rcv+0x28/0x40
[  606.803612][T14431]  netlink_unicast+0x5aa/0x870
[  606.803649][T14431]  ? __pfx_netlink_unicast+0x10/0x10
[  606.803676][T14431]  ? __asan_memset+0x23/0x50
[  606.803705][T14431]  ? __build_skb_around+0x278/0x3b0
[  606.803739][T14431]  ? is_vmalloc_addr+0x86/0xa0
[  606.803768][T14431]  netlink_sendmsg+0x8c8/0xdd0
[  606.803802][T14431]  ? __pfx_netlink_sendmsg+0x10/0x10
[  606.803837][T14431]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  606.803883][T14431]  ____sys_sendmsg+0xa98/0xc70
[  606.803916][T14431]  ? copy_msghdr_from_user+0x10a/0x160
[  606.803943][T14431]  ? __pfx_____sys_sendmsg+0x10/0x10
[  606.803986][T14431]  ? __pfx_futex_wake_mark+0x10/0x10
[  606.804033][T14431]  ___sys_sendmsg+0x134/0x1d0
[  606.804058][T14431]  ? find_held_lock+0x2b/0x80
[  606.804087][T14431]  ? __pfx____sys_sendmsg+0x10/0x10
[  606.804110][T14431]  ? __lock_acquire+0x622/0x1c90
[  606.804195][T14431]  __sys_sendmsg+0x16d/0x220
[  606.804224][T14431]  ? __pfx___sys_sendmsg+0x10/0x10
[  606.804251][T14431]  ? __x64_sys_futex+0x1e0/0x4c0
[  606.804312][T14431]  do_syscall_64+0xcd/0xfa0
[  606.804350][T14431]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  606.804378][T14431] RIP: 0033:0x7efec258f7c9
[  606.804401][T14431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  606.804430][T14431] RSP: 002b:00007efec33e0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  606.804456][T14431] RAX: ffffffffffffffda RBX: 00007efec27e5fa0 RCX: 00007efec258f7c9
[  606.804476][T14431] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  606.804493][T14431] RBP: 00007efec2613f91 R08: 0000000000000000 R09: 0000000000000000
[  606.804517][T14431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  606.804534][T14431] R13: 00007efec27e6038 R14: 00007efec27e5fa0 R15: 00007ffcfdba1138
[  606.804575][T14431]  </TASK>
[  607.593122][T14436] random: crng reseeded on system resumption
[  608.084996][T12169] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  608.097294][T12169] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  608.123798][T12169] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  608.134121][T12169] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  608.141950][T12169] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  608.567871][T14451] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1917'.
[  608.619608][T14444] chnl_net:caif_netlink_parms(): no params data found
[  608.925216][T14444] bridge0: port 1(bridge_slave_0) entered blocking state
[  608.938124][T14444] bridge0: port 1(bridge_slave_0) entered disabled state
[  608.950411][T14444] bridge_slave_0: entered allmulticast mode
[  608.963211][T14444] bridge_slave_0: entered promiscuous mode
[  608.980648][T14444] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.018818][T14444] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.035625][T14444] bridge_slave_1: entered allmulticast mode
[  609.065034][T14444] bridge_slave_1: entered promiscuous mode
[  609.221004][T14444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  609.239329][T14444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  609.328932][T14444] team0: Port device team_slave_0 added
[  609.338600][T14444] team0: Port device team_slave_1 added
[  609.390764][T14444] batman_adv: batadv0: Adding interface: batadv_slave_0
[  609.404167][T14444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  609.438061][T14444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  609.451628][T14444] batman_adv: batadv0: Adding interface: batadv_slave_1
[  609.468343][   T31] INFO: task kworker/u8:25:8994 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  609.471470][T14444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  609.497012][   T31]       Not tainted syzkaller #0
[  609.506693][T14444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  609.530860][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  609.574855][   T31] task:kworker/u8:25   state:D stack:24376 pid:8994  tgid:8994  ppid:2      task_flags:0x4208160 flags:0x00080000
[  609.625487][   T31] Workqueue: netns cleanup_net
[  609.631246][   T31] Call Trace:
[  609.634553][   T31]  <TASK>
[  609.656023][   T31]  __schedule+0x1190/0x5de0
[  609.661470][   T31]  ? __pfx___schedule+0x10/0x10
[  609.676282][   T31]  ? find_held_lock+0x2b/0x80
[  609.687835][   T31]  ? schedule+0x2d7/0x3a0
[  609.698366][   T31]  schedule+0xe7/0x3a0
[  609.715525][   T31]  schedule_timeout+0x257/0x290
[  609.762028][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  609.777420][   T31]  ? mark_held_locks+0x49/0x80
[  609.787990][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  609.813756][   T31]  __wait_for_common+0x2fc/0x4e0
[  609.835141][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  609.857285][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  609.880220][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  609.895066][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  609.910115][   T31]  __flush_workqueue+0x3e2/0x1230
[  609.920785][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[  609.933921][   T31]  ? reacquire_held_locks+0xcd/0x1f0
[  609.947320][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  609.961517][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[  609.973769][   T31]  rds_tcp_listen_stop+0x104/0x150
[  609.986417][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  610.000956][   T31]  rds_tcp_exit_net+0xcb/0x810
[  610.014363][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  610.026426][   T31]  ? __pfx___might_resched+0x10/0x10
[  610.039158][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[  610.051231][   T31]  ops_undo_list+0x2ee/0xab0
[  610.061251][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[  610.072467][   T31]  ? cleanup_net+0x347/0x8b0
[  610.087650][   T31]  ? idr_destroy+0x62/0x2e0
[  610.100662][   T31]  cleanup_net+0x41b/0x8b0
[  610.112084][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  610.122736][   T31]  ? rcu_is_watching+0x12/0xc0
[  610.134553][   T31]  process_one_work+0x9cf/0x1b70
[  610.144963][   T31]  ? __pfx_cleanup_net+0x10/0x10
[  610.156662][   T31]  ? __pfx_process_one_work+0x10/0x10
[  610.168837][   T31]  ? assign_work+0x1a0/0x250
[  610.175268][T12169] Bluetooth: hci7: command tx timeout
[  610.179611][   T31]  worker_thread+0x6c8/0xf10
[  610.191916][   T31]  ? __pfx_worker_thread+0x10/0x10
[  610.208180][   T31]  kthread+0x3c5/0x780
[  610.242579][   T31]  ? __pfx_kthread+0x10/0x10
[  610.323122][   T31]  ? rcu_is_watching+0x12/0xc0
[  610.327916][   T31]  ? __pfx_kthread+0x10/0x10
[  610.332497][   T31]  ret_from_fork+0x675/0x7d0
[  610.402839][   T31]  ? __pfx_kthread+0x10/0x10
[  610.422947][   T31]  ret_from_fork_asm+0x1a/0x30
[  610.432675][   T31]  </TASK>
[  610.436800][   T31] 
[  610.436800][   T31] Showing all locks held in the system:
[  610.445440][   T31] 1 lock held by khungtaskd/31:
[  610.450355][   T31]  #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  610.461710][   T31] 3 locks held by kworker/u8:25/8994:
[  610.467237][   T31]  #0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  610.477788][   T31]  #1: ffffc9000519fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  610.493023][   T31]  #2: ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0
[  610.507601][   T31] 2 locks held by getty/9315:
[  610.527158][   T31]  #0: ffff88803453f0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  610.547437][   T31]  #1: ffffc9000b59b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  610.568745][   T31] 2 locks held by syz.1.1227/11358:
[  610.574814][   T31] 3 locks held by kworker/u10:4/12141:
[  610.580290][   T31]  #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  610.592064][   T31]  #1: ffffc90003d9fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  610.603555][   T31]  #2: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  610.614189][   T31] 1 lock held by syz.3.1548/12770:
[  610.622381][   T31]  #0: ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690
[  610.637811][   T31] 1 lock held by syz-executor/12988:
[  610.644096][   T31]  #0: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  610.655207][   T31] 1 lock held by syz.0.1822/13982:
[  610.660334][   T31]  #0: ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690
[  610.670205][   T31] 1 lock held by syz.2.1834/14031:
[  610.677547][   T31]  #0: ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690
[  610.687266][   T31] 1 lock held by syz.5.1859/14237:
[  610.692699][   T31]  #0: ffffffff900d52b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690
[  610.702452][   T31] 2 locks held by syz-executor/14250:
[  610.707830][   T31] 1 lock held by syz-executor/14254:
[  610.714594][   T31]  #0: ffffffff8e3cfb78 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0
[  610.727677][   T31] 2 locks held by syz-executor/14444:
[  610.739485][   T31]  #0: ffffffff8f492c00 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x113/0x2c0
[  610.751138][   T31]  #1: ffffffff900eb6c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x600/0x2000
[  610.760296][   T31] 1 lock held by syz.1.1923/14474:
[  610.765442][   T31]  #0: ffff888079f17ac8 (&sb->s_type->i_mutex_key#11){+.+.}-{4:4}, at: __sock_release+0x86/0x270
[  610.802112][   T31] 
[  610.804481][   T31] =============================================
[  610.804481][   T31] 
[  610.882249][   T31] NMI backtrace for cpu 1
[  610.882270][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  610.882299][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  610.882312][   T31] Call Trace:
[  610.882320][   T31]  <TASK>
[  610.882329][   T31]  dump_stack_lvl+0x116/0x1f0
[  610.882361][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  610.882391][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  610.882416][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  610.882446][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  610.882479][   T31]  watchdog+0xf3f/0x1170
[  610.882503][   T31]  ? rcu_is_watching+0x12/0xc0
[  610.882526][   T31]  ? __pfx_watchdog+0x10/0x10
[  610.882544][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  610.882570][   T31]  ? __kthread_parkme+0x19e/0x250
[  610.882597][   T31]  ? __pfx_watchdog+0x10/0x10
[  610.882616][   T31]  kthread+0x3c5/0x780
[  610.882644][   T31]  ? __pfx_kthread+0x10/0x10
[  610.882674][   T31]  ? rcu_is_watching+0x12/0xc0
[  610.882695][   T31]  ? __pfx_kthread+0x10/0x10
[  610.882724][   T31]  ret_from_fork+0x675/0x7d0
[  610.882751][   T31]  ? __pfx_kthread+0x10/0x10
[  610.882780][   T31]  ret_from_fork_asm+0x1a/0x30
[  610.882822][   T31]  </TASK>
[  610.882834][   T31] Sending NMI from CPU 1 to CPUs 0:
[  611.010202][    C0] NMI backtrace for cpu 0
[  611.010221][    C0] CPU: 0 UID: 0 PID: 12988 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  611.010255][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  611.010271][    C0] RIP: 0010:lookup_page_ext+0xa3/0x1d0
[  611.010300][    C0] Code: 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 0f 85 30 01 00 00 4c 8b 2d 7b 0b 83 18 4d 85 ed 0f 84 f1 00 00 00 e8 bd c3 8c ff <49> 8d 6c ed 00 48 b8 00 00 00 00 00 fc ff df 48 89 ea 48 c1 ea 03
[  611.010323][    C0] RSP: 0018:ffffc90002ec7ac0 EFLAGS: 00000293
[  611.010343][    C0] RAX: 0000000000000000 RBX: 0000000000055d08 RCX: ffffffff822f9391
[  611.010359][    C0] RDX: ffff88807ea51e40 RSI: ffffffff822f93d3 RDI: 0000000000000006
[  611.010374][    C0] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000001000
[  611.010389][    C0] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000000a
[  611.010403][    C0] R13: ffff88823ffef400 R14: 0000000000000000 R15: dffffc0000000000
[  611.010420][    C0] FS:  0000000000000000(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000
[  611.010443][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  611.010459][    C0] CR2: 00002000006d8000 CR3: 000000007eeea000 CR4: 00000000003526f0
[  611.010475][    C0] Call Trace:
[  611.010482][    C0]  <TASK>
[  611.010493][    C0]  __page_table_check_zero+0x1a4/0x5d0
[  611.010522][    C0]  ? __pfx___page_table_check_zero+0x10/0x10
[  611.010551][    C0]  ? __reset_page_owner+0x137/0x1a0
[  611.010579][    C0]  __free_frozen_pages+0x7d0/0x1160
[  611.010615][    C0]  ? ___free_pages+0xcd/0x220
[  611.010647][    C0]  vfree+0x1fd/0xb50
[  611.010676][    C0]  ? find_held_lock+0x2b/0x80
[  611.010702][    C0]  ? rcu_is_watching+0x12/0xc0
[  611.010726][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  611.010755][    C0]  ? __pfx_kcov_close+0x10/0x10
[  611.010776][    C0]  kcov_close+0x34/0x60
[  611.010796][    C0]  __fput+0x402/0xb70
[  611.010827][    C0]  ? cleanup_mnt+0x26b/0x450
[  611.010849][    C0]  task_work_run+0x150/0x240
[  611.010884][    C0]  ? __pfx_task_work_run+0x10/0x10
[  611.010922][    C0]  do_exit+0x86f/0x2bf0
[  611.010954][    C0]  ? do_raw_spin_lock+0x12c/0x2b0
[  611.010987][    C0]  ? __pfx_do_exit+0x10/0x10
[  611.011018][    C0]  ? rcu_is_watching+0x12/0xc0
[  611.011044][    C0]  do_group_exit+0xd3/0x2a0
[  611.011076][    C0]  __x64_sys_exit_group+0x3e/0x50
[  611.011107][    C0]  x64_sys_call+0x150b/0x1730
[  611.011138][    C0]  do_syscall_64+0xcd/0xfa0
[  611.011166][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  611.011190][    C0] RIP: 0033:0x7fae5578f7c9
[  611.011207][    C0] Code: Unable to access opcode bytes at 0x7fae5578f79f.
[  611.011218][    C0] RSP: 002b:00007fffe902bbb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  611.011245][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fae5578f7c9
[  611.011261][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000043
[  611.011276][    C0] RBP: 00007fae55815619 R08: 00007fffe9029956 R09: 00000000000927c0
[  611.011291][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020
[  611.011305][    C0] R13: 00000000000927c0 R14: 00000000000957b8 R15: 00007fffe902bd70
[  611.011330][    C0]  </TASK>