last executing test programs:

10m25.575706624s ago: executing program 2 (id=3166):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socketpair$auto(0xf03, 0x5, 0x2e, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32)
socket(0x10, 0x2, 0x14) (rerun: 32)
mmap$auto(0x0, 0x400007, 0xe1, 0x9b72, 0xffffffffffffffff, 0x0) (async)
mprotect$auto(0x0, 0x806121, 0x8) (async)
mmap$auto(0x0, 0x10000, 0x4080000000db, 0xeb1, 0x2, 0x8000)
socket(0x11, 0x80003, 0x300) (async, rerun: 32)
socket(0x1d, 0x2, 0x7) (async, rerun: 32)
socket(0x2, 0x1, 0x0) (async, rerun: 64)
r1 = socket(0x10, 0x2, 0x0) (rerun: 64)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r1)
mmap$auto(0x0, 0x3, 0xb, 0x55becab1, 0x5, 0x0) (async)
socket(0x1d, 0x2, 0x7) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (rerun: 64)
r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x460f, 0x0)
socket(0xa, 0x2, 0x73)
mprotect$auto(0x4, 0xffffffffffffffff, 0x9) (async, rerun: 32)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
socket(0x2, 0x1, 0x0) (async)
socket(0xa, 0x5, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x14) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/igmp\x00', 0xc000, 0x0)

10m24.547980683s ago: executing program 2 (id=3173):
socket(0x23, 0x3, 0x2)
unshare$auto(0x40000080)
unshare$auto(0x7)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/jfs/loglevel\x00', 0xc0000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000180)=""/107, 0x6b)
r1 = io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
shmctl$auto_SHM_UNLOCK(0x15cf, 0xc, &(0x7f0000000180)={{0x5, <r2=>0x0, 0x0, 0x2fb, 0x57a, 0x749, 0x81}, 0xe, 0x3, 0xaa3, 0x4, @inferred, @raw=0xfffffffb, 0x447, 0x0, &(0x7f0000000040)="db8f63e5ad801798d0175ef3f29cb43800c832d2d8f10ad8e23466e6e1975b385084c520784c99ab4cdf8d41b8900f57a19c4a935fc04197e8ecbda9c38c2c71bc512b8bbb2fb1b9da3d21da4f885d6a72e2d6102e4db0372aaa49705db33c13b6abfaca2291d95e523feab2e85d999c1bbf6783eb875fccd5a99f9d18bed5a5d3beedc432b18e0d5b6745320d9cba55fd93afd932110c81c0f469b8d5fbc0f176e8f662c6b26e2a593ca7ca13bf9515fe6a615ee0727baefdc533", &(0x7f0000000100)="b8e0a5cab54e10e9234ee623d8acbd43a428cb8d8466e191abbee95e8a4f8e99fa49d14ce447575716a5e0cd7c0bb8bf2cb525074d381d9dea4c327285ffb5762164dc618110cef5d4bbbadbaeec1768d66c3e3f994f1a2c524897505edd1324017dcd5ce55f1fc961e0663b31"})
unshare$auto(0x6)
r3 = getegid()
msgctl$auto(0x8, 0x8, &(0x7f0000000180)={{0x8, <r4=>0xffffffffffffffff, r3, 0x7ff, 0x2, 0x4c4, 0x2}, 0x0, &(0x7f0000000140)=0x2, 0x8, 0x8000, 0x96e, 0x5, 0x8, 0x7, 0x6c, 0x3, @raw=0x9, @raw=0x7})
shmctl$auto_IPC_STAT(0x5, 0x2, &(0x7f0000000380)={{0x0, r4, r3, 0x8, 0xc0000000, 0x81, 0xc}, 0x80000000, 0x4, 0x3, 0x7, @inferred, @raw=0x4, 0xfd8c, 0x0, &(0x7f00000002c0), 0x0})
ioctl$auto_BLKTRACESETUP2(r1, 0xc0481273, &(0x7f0000000240)={"d4e6f359a6173a80fff6fe299b3a0bf0a82b3c17480a3e6cba4c3af0a3c2bd3e", 0x7, 0x3, 0x87, 0xd4b, 0x1b0, <r5=>0xffffffffffffffff})
shmctl$auto_SHM_UNLOCK(0x5, 0xc, &(0x7f00000003c0)={{0x8000, r2, r3, 0x7ff, 0x80000001, 0x3, 0x3}, 0x4, 0xffffffffffffffff, 0x7, 0x4, @inferred=r5, @inferred, 0x5, 0x0, &(0x7f00000002c0)="7471e4768db75bd82bf4cb590d5c61f653bf44aed015dfc7e176c5856a6e29a299cf0e0465f6", &(0x7f0000000300)="b07ba75ab656f83673286bea664c5059546bed755a670b1ad787dc27efaa6ffe5e529d9c1f6c5fbdeee3b33381a115d1cbd105aba6277c36fa78462e7f84aa482ac2e456283da2a7e5036625214fa18b446311c79a14807e7370eac07ea60fe2f732befe71c630fda045b18b1acce77c3ac6b78e9c2e88cf8776e17f12163d5e0d463c2123c09bb8ad58b50db3411324c5c248bd3e0aa4feccdb6dd8a5ace42b8b50"})
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)

10m23.524835505s ago: executing program 2 (id=3176):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x100000000, 0x66)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0)
move_pages$auto(0x0, 0x8, 0x0, 0x0, 0x0, 0x2)

10m23.346211166s ago: executing program 2 (id=3178):
ioctl$auto_BTRFS_IOC_DEVICES_READY(0xffffffffffffffff, 0x90009427, &(0x7f0000000240)={@inferred, "285ca5ac12ef5c612fb2ada37fca34159d972fb0bcd42e9e8c4c02bd70c8f32a0a7e918dbd01a1616053ece7aa8b695e4ff8ef4112fdda417eb5d303b8e526481617398743e416f0b88d79bbb357e3067cadcfa862a3c60ad1cd47a7a984c052de3b09e488295656f81c01867db6d60ab52836b2fc056f7f27ac0d4a72bace5226df0b629fb40c9ff37cd2d9c7627183824181bc172ca1ca93ab952b77ca7c4797cc32cc572fadc817175c8934c877288c62b6ecdec6cc327470d9c28652fc1234630c4c1f07923a7287c0acf28e470585a6450f5bdff19974c8bf35f01a7de78c37d17550f03c88e3b630e9a4d4f9d263e5fda6501d56980578929ad4c57d385ef0817d6f742bf9e03f6fb9015210cc1f5319f9908b799e5b9ef96dacdd27d07899068a1d06355ab3a2d9ce6f9a9417bd3bbd0dacf4fdb6c1fa0ad2e55c9496716b7378f755e49deca696e6d42b9c1554d3c347df325b958b95f1a5441f3da670d7690e9d3969459ff51a7456218ede2f4c91581d4918e7292d6af05fb59940b1ab6d2ddf3dac7e558d1e62cd9e04512ef2dcd68f6c209ce6a70c3a52a013f4140e584f0257ce5f65c756b66c668b98af272f52fa19bfb69a54d3d3d5c9c8ce14de659dcf10f5f72166f9649b556376b4c914cfc54a5f97568f656699dc04579845e622e539882aa105e970b8d9353bc8cdef5d77318106175890ea9c3d290b8b16987fb1b39861b1f7b30054e1786b4ccf3a05b7875cbc56db02c86d7c3d65e6c4d7b967c670a191771cfe5af6c90b0c8f4bc8d4a884089b1db3d50ea3a1f49bd38134ba49e37c5a9792009b60101eb6ea8a89c2140fde8a310eb2a83b6fc571fa7fd6363b938b473838706f7934da3ea08825e2cbd7f592a1b38b3c494b985cc0d94f5abeaa783b1514157cc813e839a1ec7f2bb97f2b332990d648f3e71a6868791fbaa65dd9295f63bf9235a790a2e4b6baf3c862a02dac6f003b2db869d4b80bb77b5070b7d39cdb5189abd37ef64a9062a23f901ca32eb16c1f6aa78956bf2cb384d1ea531428692cc80a6087981901fe4e86031bd53630613b3420cc08fa99478c24fa981d74e1c5b31465b66e410376457ee50dd28bba3a5351f4accf591b5a0d4ac1cf431688f557b482c30c2bd432985860e46a51ad0d19d8dd5642dd049bb9113167becb0757aa077604da9879d15110e2e8f4ec3266c518986f0f3768fafdee0df01efaeb0f05b8088f198bf41061b0d9ef2a41a6e54d974aad74452aa62c17268b976c6f2225d16109d31ace854357746c7345e8fa71105e8554ad1ae3d40f576bd1ca0f6501e4093bee2cb05951163ce86e1b04a8dfcfdc17670cf254f35c0d01954721c521c90be8b56611280194389ae53d8d3b0623ec8429647770a04fbde6a9c2917e0b24bbd67c3295bb20a56ed0fb2163bbccdbfe7495f06903561ce668e32ced9dc7c7cdd0f3374d93604cdb94edf148b78e7ce27a94d4dfd2873b750673cbef568fb7c8a876e429e1a56de1175fa97c21d15c0b1a08f24db96b208302e953c266e64e14a623323b7bcd3b1749c04fb6a495d313011a73172a84e97293e0a7ed86483e84e53e4a3c1f815aaa63cc20c2588c421eee54f0445bd7d1526b66464000dc17a3563cbf0eff4fb01fc1a94b417dc6c6c6fcdc544e88cf27d3ce040546835a822e1570de37dcf7e4eee19de07db8a071aa7a356e03e795e4a18421a78c742114aa1bb8f032d520cb51a0a248d25e0f6d6268a88fb56be7ab0d73aff95209031a0b252516e4a2291f7af10f3a98d972f23e233ff65250627e7f982f5ee0f5f1746ba1594cab5ccbb8bd1315522d28ca8031a189ffeec8e4d103ae30c942d26262fad9c5253782111858193524380ec037411e67a398aeb38fc0f640c8d6452c32e3a43409f19b406f3c59391ab5fe9a071a1da1bd79c8a0c7d335bea21569b8fa8982431de95da86af7441e9be141d83ceb543f5aa44a69432aee7954151a0d0e062a192823ddb337b6bcbd145459d9ba6de534415bc8108017de8cb0a2ec853ccaa1945526a098b110c7bb366c0b9cf3f13e4dd8d935cb04d50cdb88f08270a900c4062a7e64986ed4ccc5c78dda0c6cc11e60e2965eec4657e90c126af730707635827715f9c35b1880b998f3c41962a05fd23ffab9b2808a4cbb1f9f9abe7b2e2d50f04fa4679e67eeb33406bfc4ce8bd3ad4ba19eb8d9b9525a37174ef2d668e7089a27f05d1c6be9ecbd0449f54ee6243d3d95d7d1cefe01dbc7a343327b0ebd51fd5fb8542160bb17a384a3212ba678959e0d47b826d81f8527b77dc568d70d54ee51da147c5cc0260659a4e69a751e5723ef71991e706a100ef171f8a0e46238683b4ab74b5b8997f676e77619290e1d66e18ffe373a9f107f7a3aa7ed6090186fbd280327cad72e425437bf993ee514ac80ab8a0a45f06fa8bdb54a21d92f8889f85a8f7568a12d9ee17dc58f9755b54a855536eada3a1205c869f1afc2fede6fe1e50e0c0701344e9031bdf76c528ad1ffe520962a1c86ff1b4e464878103e091cf29da161282c38d7400b69f6649b53d7e488082288953fa828d46fe944c4df20c16a0a7a5c9a2c9526bc543e1176bd060f9c6b8f1be23fc6086300740c3b21dfbff64bbf0e3b74a11536719f4eb4a34ec137d3b98f1af89875178dcc00c540fad8ff7539ed72b25082fdf60a600d43b735ab182b8c8a69d8bb06e1743a448ea60189f138a68f481cb1a83abf4c05d017eed977429b516e3ca21959bd5e180f0222fe3a9073bac57d1541c20a014e91375ef0d65c887a44ac0d32491c8202fe0a2915814f648c51ea95f2367518892dd4629eb964e1f643b9ef8bcbbab17dd827398deda6974f665ea1235e95f7403937f26626eb94b2d73a166d889801a8b1719896315ee553f30bb8413786c5e9173ee7f772ae3db01dbb48e90c2efc8e1ab86f535cd5e84f2219b494958d49265a3d0d08c2f4876f0524c597328ac0888cb6c96ab4eb48b3d603e06b035f464c36da923f81977b2ddb0e5f90649fef3e0447b5609ec16dc321b85d43a360794b66dfb3b2b9c794248901425866dd12fb353314511701174a8eb2ce0aed06b177da6577cf88f3136d338c4f2cb7f8104964896b103a33593ed5115dcdc0d252fc2556ba49d65a159a7142437d19d05fef9f6c4bda4c97838fd3e892a7a76873a5f270a34786ec5f727dc2e336d798ad81c5778badf942fbd86c2b2f08b5dad8185f672570c78db617c9a1068f84efad66fd613a1a30fe19d6070efab0ab6dadad285cfba2dc22ce8e10a855d91a670f4fe172ce5d5f14dbdc929a81d78161e3461370ef5a2e97e7ed188c0a6457946cb808404c1a0fc428d50036e1bc038415928771d76094d17248cf254a29e3149e5069287833a1a9c4b4041b1ac987c83b4216e9d0be822657ac6c498ccc2de724586c284abe2c1562c1bab0bd97967854d00144cf7fe132e457119716ce7ef941d357995bc38f972e880e49c2c1cc05acb49826c03ecac94e52d74b28ea99c09893f7fe563083c4ccc8eaf440398879dda3a6d4176406d921ed678eef731be2ac014bf3fa947f2d7ca88f2e6b1df5239e7d98b45103f0949469140f4489c613f3e71b816660003b477c95dee3c89a853d3f9e5c521176b9785d82144144cc2e6facb752727df240ae1f78a69a8b4e33f13c23431087c1410a1e9581264d9233dfbb6e4cfddc01c6e64e4cb9b068f94ed5a5f0fba67305a376ff1017a46a55052cc603200808be7a246553876782afa8fdb58e511febe1de59e16f4d0527f7835655fa863d2d936a7679c621de225a770e7f967a300cb2b38568e58048ef225700e086caae846b29e5bb5af2021a2ec54677aee9d8dc5b0ac50a966eda2660bb43b0fb4d865eff378d6f0a348ecb4b130cff72abb10ff817e956ca2d4ca7179a7512d7bb262e651e23b09f3599dc79cd598666c3c38287939aaf34de5b2315066d020703c48b3649d3697b71dd055c1910193ed5ca3dba16d6b9bed85cfc98f975dcabea369ea8fa484b4615bce9ac40d3621c5a99f86951b22be25cdd7124fcb4b7b4aef109cabd197749c58adb276b4b3e2394bcc569b7deb0f053493458a6b5d2072a15d7711f7a7d0e0bc74fd702b25522ffc3e42a8c09350ea96082e9bff8de275dae7fffbdbbec7bf1248689daca69c5eae06bc57b588e06d08536b6c62f16c0e39440d0db89859ec73d4c7437e988515e2b4355de71b4e0a51be62fcc15afa0271d79851fbeca25b13861ee9bfe5a9acc0b098456e4fab99601bcb3706c7927bc69de255ad8a30788c5e31f6b6a7656a73b076149753547b60417d6bba1b01fc286521ab61ba9f9f7a02728c1ba0529c7428f55859cabb4a35c77c6f5ac071794064d0286dec1adff12e476769d1cb1c24e3c77cae7b0da3588d8cb59411f5516ef1925e5fa415a4e79d395c27a4c6b05b2e19e5e272d868e4f50ee1b5366c089f4bd00b134738fd31ce3ba95e5542e593b8c91ea7dfc92504f947e47ae69a7947cb524d8ac81dca935afb5dafb1b2237e470c00adc516ea13eb7ba689638b6c3c6e132accaa548b6397e848b6c201166569ae347db9a9d43319251a1feeda85a66e9be7a44c53c4727cb8f2c81a400bf12ff58df002e172bd82fe445f1f9e0d7f99e73fbd0aa1c97b85c33c1ef02f458c91c92aac2bd234f78e73b204cf141042ba7304604d0274ad132dc1c324f9af89fe15ddfc0b218d31d00e36c72b652af2542c6e2f4a6e0436fa78ad3f41eb2c9a3fe65ebdda9eefaa6297feb8874d8d7f1b45a9b7b87e6741202a524dfa8e3199976acc0952e20b6718ed902c581503090e92b72c8a29f6394ac69fe34913c8bc7aed3d76af24cebd0b4dd2f72903e65f7e486da36c4124e39fbd452a9cac4418de507d6048fddb91b59ab6a92afca1341af2ed9812616f87d662305a7bacc73883099105cbaf891ea91253a5e734a263ec8b95dc5eaa56493089503f721ec6b3e9176c7af536e9dca108a870ba901af3f12bd14cc7c1f3cb2610aaeafb7e3c142be1acc89d77ba1cd6f2363d7afe589989af81b306185619bec1f25a99e506c488185a2fbe575423000fff2cbd377b87124011caae66351340c9ce1c60d825eb9aa99abddad3ce1ff2218f64d1cda1ca7c8583e8fe431b3dec595ea61de1b13de52fdd0d0c23eea8be8be47d5ff6b696bb32dc86a8e25c0dd9a509308ee4893bfe56ec71d7d46fcda5aa115064c2542d9c935b29818f25ed0462b7a4c24538da26eaf6d8a11f99b2604551671ffe1b35ab3cb01185edd578cb11b25b6fdb57cf4df0e560707b466496c81766c6744c13089e1cd84eb8e1475a5270a8e8dcc86b2d0b3375a573af4f9114f446d9eb66821626a23498bfca34c7feb86a32ee0e61fff1d99653a1e5df46ccaa1e7657aa9a2756ae471d18db52052fb8f83e9163b237ce1d3b5cea4b6f3ec8e1d1351f8b75606fbca67382d9c0dbf2c8196cb938ab8ca04024ac1123c8119518edaa7e47bfc2da56a55f945f53e32e307f84175a33939731bfcb333a99b1ae6e2dca3e347ba0f9902a0f70d0f1d6805f1976ff70a4bc993ee7a836143c1c106c3495a9e6dd586c8626dfdc0b5a4652e9634b915c9413eb4125b861298885031b3ef24fb4541fd092af570850c9dcb2935be55187a2a0774603038144fe565b3e0a6072d46652052d6f8a76b4812b26bb507a9f30b7003604bc0d0d75ec952d4999bcdf3c46b39aae9fb"}) (async)
socket(0xa, 0x1, 0x84) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0xd400) (async)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg0\x00', 0x141040, 0x0)
ioctl$auto_SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f0000000280)) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_SMC_NETLINK_GET_SYS_INFO(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000100), 0xc, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="000011000000efec000000000000", @ANYRES16=r1, @ANYBLOB="04002cbd7000fedbdf250100000081796bfb33a1ef68c301a0287c9313ae8d2082af5f9a11cc"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x8044) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
connect$auto(0x3, 0x0, 0x58) (async)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
close_range$auto(0x2, 0x8, 0x0) (async)
r2 = io_uring_setup$auto(0x6, 0x0) (async)
r3 = socket(0x2, 0x5, 0x0)
close_range$auto(r2, r3, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async)
shutdown$auto(0x200000003, 0x2) (async)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x19ffc}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
write$auto(r3, 0x0, 0xffd8)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) (async)
ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, 0x0)

10m22.766895698s ago: executing program 2 (id=3179):
mmap$auto(0x0, 0x2000d, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x0, 0x0)
pread64$auto(r0, 0x0, 0x40001000f42c, 0x586)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r1, 0x80085502, &(0x7f0000000300)=ANY=[@ANYBLOB="5400000000000000b0a3009f65c2c0b5bc82bb9ea11def93978b52fc380cabc00e5d5200cd2a5b771e9e413d7160b513109e0f09c1cc1847a6da994eacb9610d40a8b768f3e3cfd781e4fdd09f3f31bdf2a02c693ecdfc9b1baa14a27cffe691e4841cfdc5fc3007ed77c110226accf9d1db3bb1c9fa5768963749a78fdd04e6a3a821a532ffe2cf72265983ddc83b673f145cb304b9fb2058561c2a9a6b43bb316677f7a78a8ca13bcd1f8eb0b995b5dd97f4d22ee081c39728fe22e1836eb76adbec170001024ae36931a3cc6a5636482ef2ec6184b3ed1e8b700957b913cdca0faf07f986cd55096db4a9503c2390b1ec9f9304e7954b31e56fc86b027b7972adcf985f67aedbe21c0c249cbd6e86c81f26bdc7fb3dae1b371e5268c82dc9c75b24e716fa2ae50e750a5ac6392ec9eb991c3aa621802f29e10c4723d482578cbbf2b76fd9e6d53f1de7a3b09e06c4de4b93771f45d49418c863784ac38fbf1b81426516fd199f39638b6c699c393a958da2aa82f443824f6acbb8fab833e3933e5a202b2551506d0fcf0002fc7feb0401e6000000b61131db3bf1726e583d99f85b0947832ea50000000000cb3147509283d9a00d1ec16bdb1b1162a49bee5e9de955bc861990ad2036cf1dd332ab778aa52c82b78bba27a97e248813f248722f50fa30072a7038b8f27e44c9f7b0dd4929027ca68f8560873fee66272b724dbaefaa321b74b44f261841034f2b"])
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x7)

10m21.870163074s ago: executing program 2 (id=3185):
mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007ffc, 0x948b, 0x3, 0x15f4da0a, 0x4, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x280803, 0x0)
r1 = ioctl$auto_TUNSETOFFLOAD2(r0, 0x400454d0, &(0x7f0000000100)=0xff)
r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
fchdir$auto(r2)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
getcwd$auto(&(0x7f0000000040)='&\x00', 0x100000001)
r4 = set_tid_address$auto(0x0)
waitid$auto_P_PID(0x1, r4, 0x0, 0x7, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="cb5b"], 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'dvmrp0\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'veth0_to_bond\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'veth1_to_hsr\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r11, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
r12 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r13=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r9, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x1c, r12, 0x1, 0x70bd26, 0x65dfdbfc, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r13}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4d248200}, 0xc, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="28010000", @ANYRES16=r5, @ANYBLOB="040028bd7000fcdbdf2519000000040007801c0007800800020072cc01000800010001040000080001000700000078000180140002007665746830000000000000000000000008000100", @ANYRES32=r6, @ANYBLOB="1400020074756e6c30000000000000000000000008000100", @ANYRES32=r7, @ANYBLOB="140002006261746164765f736c6176655f300000140002007465616d5f736c6176655f30000000001400020076657468305f766972745f77696669001c00018008000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="080003000000000030000180080003001cbb0000080003004aa2000008000100", @ANYRES32=r13, @ANYBLOB="1400020076657468305f746f5f687372000000000c00018008000300040000002400078008000200010000000800020098243c2a0800020008d3c18a673b000000080001"], 0x128}, 0x1, 0x0, 0x0, 0x640b0}, 0x20040000)
ptrace$auto(0x10, r3, 0x4, 0x7ff)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r3, 0x3, 0x1)

10m6.804730187s ago: executing program 32 (id=3185):
mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0xfffffffffffffffd, 0xb, 0xa, 0x40007ffc, 0x948b, 0x3, 0x15f4da0a, 0x4, 0x3, 0x5e, 0x80000001, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x280803, 0x0)
r1 = ioctl$auto_TUNSETOFFLOAD2(r0, 0x400454d0, &(0x7f0000000100)=0xff)
r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64)
fchdir$auto(r2)
getcwd$auto(0x0, 0xffffffffffffffff)
r3 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0)
getcwd$auto(&(0x7f0000000040)='&\x00', 0x100000001)
r4 = set_tid_address$auto(0x0)
waitid$auto_P_PID(0x1, r4, 0x0, 0x7, 0x0)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="cb5b"], 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'dvmrp0\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'veth0_to_bond\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'veth1_to_hsr\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r11, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)
r12 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'macvtap0\x00', <r13=>0x0})
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r9, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x1c, r12, 0x1, 0x70bd26, 0x65dfdbfc, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r13}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4d248200}, 0xc, &(0x7f0000000480)={&(0x7f0000000340)=ANY=[@ANYBLOB="28010000", @ANYRES16=r5, @ANYBLOB="040028bd7000fcdbdf2519000000040007801c0007800800020072cc01000800010001040000080001000700000078000180140002007665746830000000000000000000000008000100", @ANYRES32=r6, @ANYBLOB="1400020074756e6c30000000000000000000000008000100", @ANYRES32=r7, @ANYBLOB="140002006261746164765f736c6176655f300000140002007465616d5f736c6176655f30000000001400020076657468305f766972745f77696669001c00018008000100", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=r13, @ANYBLOB="080003000000000030000180080003001cbb0000080003004aa2000008000100", @ANYRES32=r13, @ANYBLOB="1400020076657468305f746f5f687372000000000c00018008000300040000002400078008000200010000000800020098243c2a0800020008d3c18a673b000000080001"], 0x128}, 0x1, 0x0, 0x0, 0x640b0}, 0x20040000)
ptrace$auto(0x10, r3, 0x4, 0x7ff)
ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r3, 0x3, 0x1)

1m37.238043014s ago: executing program 0 (id=5544):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0)
socket(0x23, 0x80805, 0x0)
ioctl$auto(0x3, 0x89ed, 0xfffffffffffff4e0)
sendfile$auto(r0, r0, &(0x7f0000000100)=0x9, 0xffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = inotify_init1$auto(0x3000000000000)
ioctl$auto_BLKPBSZGET(r1, 0x127b, 0x0)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
mmap$auto(0x9, 0x4, 0xffffffffffffffff, 0xebe, r2, 0x8024)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000380), 0x100, 0x0)
mmap$auto(0x0, 0x2, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
r3 = socket(0xa, 0x3, 0x3b)
getsockopt$auto(r3, 0x29, 0x6, 0x0, 0x0)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0)
r4 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
read$auto(r4, &(0x7f0000000080)='\xbb\x00', 0x3)
ioctl$auto_EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x9})
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer\x00', 0x2, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r5, &(0x7f0000000140)="1dca160c9026f371d6e92319763e11da35ec9f0379e2081bff03000000000000882674a5c0acdadb0ee83a0eac2e06dbfb6ff5efc39f8459cf518c93c02cd2ac800540569e21a7b3ee40aad7376b454ba1da11fb04ba54575684455f33e5292d772e78755a02c9eee52a5584ea33ddb13f11a93d6b4e3d4505f00084", 0x7c)
ioctl$auto(0x3, 0x80004509, 0x10000000000402)
getpgrp(0x0)
getpid()
kcmp$auto_KCMP_EPOLL_TFD(0x0, 0x0, 0x7, r0, 0x5)
sendfile$auto(r0, r0, 0x0, 0x3)
bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0x8000000000ac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0x40000000000fffd, 0x6, 0x81, 0x68198}, 0x6f3)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x6e383, 0x0)

1m36.883467292s ago: executing program 0 (id=5546):
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0)
socket(0x1a, 0x1, 0x0)
r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0xc0403d11, 0x0)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b50", 0xfdef)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D0\x00', 0x80002, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000001c0), r3)
sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x8800)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r4 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r4, 0x6, 0x23, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r5 = socket(0x2b, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r6 = gettid()
tkill$auto(r6, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000240)="4a4e3d83203b4d614775cecce1d0d372430098d28f203b278d6a50f5d635ad413a72f8", 0x10, 0x0, 0x5, 0x0, 0x1e, 0x5}, 0xfffffffb}, 0x7, 0x20000000)
io_uring_setup$auto(0x6, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)

1m35.865119095s ago: executing program 0 (id=5549):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000)
syz_clone3(&(0x7f0000000340)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb3, 0xffffffffffffffff, 0x300000000000)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
waitid$auto(0x80, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_ptr=&(0x7f00000006c0)="d5862b53d01e8d60244e59e3faa3977cdab9dea3cc599bb30a0aadb32e82d4b6ce2e29165cd44d8795051d4e2ad7dda1900ca86714ec2ea6ed6fc9a2ba48fcf268c16ee05a082abba7bf1ea0da9fde4f708b3872e463ff2820f7a82e8bba89782a08cf1b50c3829d5265ccacf6dfcf785b812c9676450d101a3bd272903deb7413a982307f58578460a8d71fd9d7ed3c05ade3321784df33d4b5a8f38c1ba6f51302d12dc19aa3464c7e5ea4305cb76c15ae020be3f5681ec446b5faa3cf942e3c1137f48ba5db93357d84b2cecec6c8ca95e308790f66c9ab2c5c07bf703b85774687774b58447d136c27ecb4b5f9048271a336c6194c50c7c9075beb6e6ddb0f564e6859fe301d8395c00f08b71d2a321bc920736fb62232812df1dce92feb2106651fc9380037fb30f30675b2b7ee78e3540d14de0bda23143bc45192eb9a5befbbdee40050be3ea6c53517250b7ab1e0e69a2e40ed4dedad306c8f5db7b0a73ebb264d58d0fb29c479fdaf2a75273d63a9e481e6acac80435a5784e5ec3900b4551f8a81c8cc7a0abfa4b15994cf303695e3dfd3f983cd1fab7dcb2544eb6c7cdbb5e673fb6e54ccd21aa571613634c736bd3641c6f07f08729e47904584d837e1e4a83dfc0b753272c3b208139a1dad6e63056d5a424033f827ee59f50486cfd6c2b99105d9df98ec19f3b56df30889647389a94e7c7d6006abe425f1afcafc5f70b76281b1186fc2e45f387fd457a159f50d9a6bb21ff4cd7b7b11765b7fbca2bd38e3ea0510b20dc4f98d3201815ba83e33770ee8ed600a0bc707b29719d196e513462fbc84892291975949629aa8a6c9ae7f4a6379a57189be1d6ee001dc34b6b8bba0129c47912a0f27d9926986e2877fe80bdb06d677a87f84e04456677906b8cf6e41b19e91852f62867d45a91b690bb827b53b44ad79edae4cfd909e16f0ec0a8fa142ebc0861ca974b477a4efbf18e59b1c66fcfb5dd42fe98c3f04e38681b9df19554cb4687d1708a00604cd572ab54e164647a502019d7d2643a0deedbc5df1baea1752d2fedb95fab26902ed4699c5da8e878c79349aab81f5dab7250d2def9afbdc0436089c92065dcd074266208146f8ce6966b4f366bce58e95e59be92ea12fa3a79b4a42da41f063c41ccd9ead95316dbacd343412aa4808d2f49677f42155144dbfc1c00c3508bd075cff5f97f7868be40d00053458b8e811ffc8df9ccdf83ab47940db47a0fbcafda7256eddd393ca386e143f13fb98cfa5abc07f20070bfadded5a37735927aa748de4c4a99156ec62e2171afde16d0188006a5c77665b017ac49ff928fddd76384430d9577c4f725850e3d3591cf232cb3d17e9e1c4e0e0faab874a5627efe8e8646d2e65605cb0a3394d6a5009555b2457d9f282c92005ec565c956cae5dd883bec1b5e0bfda96941df743c702778d1ee86042071aa760a231ea96d1df482b97ed67d41d6fa26d7a4cc74d206b3d3fb1af80622bf6786a921b6fc78d846a54f29b52f62b6ed428cb95f540476010c6257eaed2788c2e1e87ae82a1281a34ac7c5c9ee4f372825bbf31e5b270d631682ebfbf8011af664970444680da8bfa12de1e9a3492bcc2c6b62f8bb737c75d9e88358a0f74ee86a08e32fb46419456410dd823ce670d681505a4f40ccf8c2abe9087d414812e1b797efa3c607c978a13cb377fb4c0f10ccd8b39e20dd92ada112df100d1ebf3c4e09d6877bd66c2a2d5ba4a2623c4e79b58887a30688eac8e68eea034db6f16feee35d29bd4e796b371c5301001a8be0dce7fda04a892fd4d73c96fc8505722ab9b1db0c66bf73fa6664c37cdfc5e6d17a2bd7760d42210e42bb219a746ed73bb57d6f864cfee26700a96dc65ce79723e1d6d93b9eceed0244942aef844b1168526faca718a3af9ca12b46c1773ad0614ba98bc482d221df4ebd2898a8e7fee4f8792c8ce78b8cea339aa94df40c6097ed0af2438ad3dbf1a90f77a07c8d5c15f6961007265f9272b22ba56d438a5a65b406dc2670df1899d2936a44f18f0bd22b5d5c6650142d849321b90e76b0b08baff867e0070b934809c1393171c82b82bc146cc152aaed5f5d8b9525fdea47ebdfc4eb1a78ab8ff9147807aca462ad0e17845e2b2a3c1b65703f6d364dd6dc60261d14dec98b554973b712f8c876804c088931fd32da6707485b8f94920cda69503eb01842087ea7172a46420aec03f4d114e45c1b7fb12f9cc901f470ca74a245f912463b5d84381946270cfe89799782b73ca29269a4ba9a7070364d8048cad1944f10d398db186e8fa15ae1f8d5467b6ec8252190d6b498cd8395ea8fd215cc9d45916eee3f60d55e92af60b373f7410ec1eecc531a7140c2b4a703336a9e92aff5641b9c609ee51a068284cc4d3c4e3eeef638f2825361986d489438b7218e2e7ba78d6d7734078f2da10f81b72512a44ccfedbfcb3475fbaadc7a9d8447fe1f1d1834cf10b737d0e4462d4cc2b1f4c2f49f8e81f0f409f20a448325393e6e61d3aef812fec74e78acae8e50c883f805c0dae693040686273f0e44c7874d14bc1752cad578181a177b9cb35149186336b62beeae22abf2cbcca87e5955c98d68c7ead5064897be86dc4fab722a6385a312df84a4b8cb447c4727177a6a568f7057872bb23e7bf7217d054bbfbaf27caca0b5c04783318d320c8110c8da4f7252d4d56752af197fba680804c1bb87932c2382804155301a4324ef9707d755ce1a3a50bda9655f156ba238f214abbd0e3f570e17bb2911ca2bdb8dcd653d98e5d9f371c86ac1c1009a310620832daf9aaaab53231a47badeb0cd21ad7029943014f7c793b9a16443ed9c2759c6a38aee0e263377d731d2d2ed3e37c077a286b8c0e9657e972bc39774370bd38ef7649bbad833b315a791f90787236f4edc688c6fe5d7e689eb1dc7bf68a0c6705a4351717d69fda824c5a3bf4d6976fb4d28ed5e513ec77ea747240a68610b2b577d4deb83f216f07bb8c71bcd1a2687e250709a71ec5ae9fe3c7257650f9da7b662dfb16d9a6192c976d786c61f0226191b312cb4f2be4efeaa6bc384076d24cdab6456aef04528724bd271bed8c279640170a5625ed014897e764140136900af5a1d0abcccba62640fdf95a1efc93adf8d514d502aa6e2d397a17b86cd76a2abb8f7bdff1512af1f5a9e94202b8602a8ea4ce03c0a41628b1d0961503dd521676a92f1f3b42abe3af226f894af6ab465463ad37231cfd87626ece97fc3040db3f0b5a7c72257f0fa9d6bf4cccb348ab07583076255913a59af1126a886b52663ff1cc93fd387a1ce5109729bd33e5ac848526e89b2391e6f6ca697f57ab639bd31ebe1fddfb0b872b1392e4eeb964459c5ef219a8c0515c7ca3173ca4b7aff0bea664175688f6ef08463a165b9c724e4cb2ee704386fe9bae39e431379704b4e8c41e748a3a0e0eae166286bf260c2ee4b043c3184069db020c2aec15a5afcdcf9a49374f70388dfcdeabd68678dd3572eda6481e88ef8ee5b315c9afd9f742d5c3a01f320722a2460d9adfc978640f21e0bdc836667b1b88f14f69c34ed418a3c066062cc5ba69295503e50f735bc873584dd52b16d800d406dc92186b41671638581e199fce8fa3042c8674d2831a6a9caa9299f8d19c1fb27ad0afd4e522a5b103e6a857fd8e5385fee485606debaa4041480d38d3906024ea5a9f5a9d1d5a6568891f1897ae13249e4cfb5f268c06602c5476c76ec8c0a25602a227a8da8e570b7555da1bca7b0c1b897398a5767884a5c295be26a7cb843cc523c2a2168464cac5101e084bf5e92ebbc9a74bd642bda9326101248280efbce99772dc8403c26982e58747246874c8fc8f7d23d4d5d94268fdfd101c552255fcd060f444636d0480ef38b487fc5e1f76b9d13b88f5e78ef04a16f60d480245db569cc53fc5664badcd89ed9fd9b00c3df6ebe5142fae168cf32e0d51518d69041ca07d5169430419a0d13c19fecd60fb8eab19393d2b0d5ac888cc0809bbbc985edefd3fa9e57c9ce3c3eac74609f47c880ffe73c673b5c38bbe7faf5fe99b01c2d777e495d9607c8ab81b82b3cfad34504ba0f280079c8ca61d9ff91de2bc9b7c3c3b659861dd9f79f6d6179f80ee23b5ead2af32bfcd31cf687fb5bc8e76a4f4c5ffe5674518a2fa10da0cb863adfaf8086e269caa4d66e9a104ff165e6885672d421ff500dc872e6d884f9613d4aba2fbb878e2f6db124336e3c3c880b06cb43e6ee17a3af098f0f4ec18629039b09942af41f652dd4806edd363c0e190570ebe85234c145c192a5925a523ab89050163caa9f0092a63ed3665efac039d22e2a5b9b5ae79e665fc2cbc0a30fc64f07df9d5ef3f108c22a18f5f22cc139610d586eeeffcdd4b3f62ea2a1315a39b8611c3ed1e1f67aeb3025fdf73b99573b8ca5d27a2332c79e1884528a90462cfaa741ea0ea3ce2ae8b9363b9ef899062c5a092b2b72ad825b62c75ac43fe4a68306e0056a50242f376984b93f6c919509df79b0c786135a67688ccf7d33bba72fc0562b1a925a88d26dacea03b30a2bd4c549626c98c04346c7e80501823b4aa63e48db9497f2155534e9c3649f2ed1576d34ad547d0ed6c30ec5e015fcfe40a24055ab4e6661ffc8657179bb89c9f555d733b5933a5c118ed660f39c84cef9c59fe5995c8e0f646be1a4fdba694e0942077dee8ce6b5a8b10eb355bcd6475002c9f06798f8ef1e1e3630c48112d85f83551713d395c43907b5a56175c80eb8a50e1100ee4d68bce965659f873165b7ef222d602b3856a157b3cf0ffb824c5d369a3b07157504ab96d10969779376e67eb4af26f092d40fb4f5ccf7cb8bce98bf171bacbf0e33733ee3ef87db6ffbbe3c70e6b3f008b7fded73a8213d9ffbe95d8adf60ed2eb16f93135077b56bcd6bb35d47c464683852518def551540addd60e98f588a6d02891da8a1e7a6efadf4f27a01ff351aa5dc0cf4924b4d5c9e011cb60a6fa08069e1e3b996c14bded4688fee9043f1c2b7ec1f7963223531b49994e65e162f5def227018f6a0e4f26b474048641798ac9bd7d742ba39e72ba698b371c3056cac5476dcf47cff8234e14e1b56a0ee8f4c97f89d1d85024aba26636917800b3348b3a8c96692db9d83d1043980f67345bf832a4f8ef7cfe1b1e9f618056ed80f3bcb0ce02b1a1e0abbbc1e7b60e5d6520d037b0b599cca0c8769b5fe4e520e2af19b9639ddfbcf248cb53f961775fa9c8ce2e7695d8680b93599a42f48afc895f673933e13619f6cc6f73776035d49842ff65f882775db180b98b813053746683283211b87b98e5dae46da376a04aacb27ef6dfbd4f376279b86310be28f6c5f6949ed4591add1b7dee197e08666d1e5b3eac14a708903f4f7860438d619aad65c4b9a59cc6376d53f6d996eee48babeefa125fa582df833203d11859913f8af9ac1e10cc1162ed9160cfdf5f82f17727b83178592d482ec8075838e6101ff54e14c606e0e97309c14bf8c3a9cdd13358f5a328f2a5a2f605c7d96a42f2a43015523ff1bf47cb2293fcb3c0d95e3ebcec4e48c0b9370c6f4420bced87bc88ecf311b21a14c2e2decd4e6fd0b055235a3ef3a935bef4f618733456a4db7186437f539cc4cdeed1dc22efd88d64cb8daf0fca7cb470d135d11b9142dc1b10a72ce98db9d208180fd7e8ef2077cc23c37d93c324826d88f750a1c46f5e14306c3b8fe9b2e41db6cded62349b2a1e2967f6507573750edb2eb61b3c84f22bfe75400a7237de4aaf84e6fc25", 0x2}}}, 0x1ff, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x800000000000002, 0x5}, 0x4000000004, 0x5, 0x1, 0x100000000, 0x1, 0x200008000, 0x401, 0x7, 0x9, 0x5d9, 0x5, 0xd, 0x7, 0x3})
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop7\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x20000000008000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0x8, 0x4, 0x7b)
r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0)
mmap$auto(0x7, 0xe983, 0xe2, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mknod$auto(0x0, 0x63bf, 0x7fb)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, 0x0)
read$auto(r1, 0x0, 0x800)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x10341, 0x0)
mmap$auto(0x3, 0x20009, 0xde, 0xeb1, 0x405, 0x8400)
sysfs$auto(0x2, 0x1a, 0x0)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0)
ioctl$auto(r3, 0xc0285629, r3)
write$auto(0xffffffffffffffff, &(0x7f0000000140)='\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=\x00'/37, 0xd4d0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prctl$auto(0x3e, 0x60, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0x5f1, 0x9b72, 0x2, 0x8000)

1m35.228097632s ago: executing program 0 (id=5550):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/usb/drivers/usbtouchscreen/bind\x00', 0x28580, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x0, 0x0)
ioctl$auto_EVIOCGVERSION(r2, 0x80044501, &(0x7f0000000240)=0xb20)
prctl$auto(0x59616d61, 0x1, 0x0, 0x1, 0x0) (async)
r3 = prctl$auto(0x59616d61, 0x1, 0x0, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r3)
sendmsg$auto_NFC_CMD_ENABLE_SE(r4, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, r5, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x8}, @NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x5}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xf6e}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x8000}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x1}, @NFC_ATTR_IM_PROTOCOLS={0x8, 0xd, 0x81}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, 0xfffffffc}]}, 0x50}, 0x1, 0x0, 0x0, 0x48040}, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)="b2bdcd0ba02dc319efb75166df56ceabd89cfd0685d66f9e94e6fda37b49f86bd30f1aafe9372ae8d7f966549dfc502da4de0d2d5fdbccca6232c78c0b1a444e617816bfcad4df80a68f7dd8ba83961d52fb0c12d68585d756984aba59e7c1e936153c", 0x3d) (async)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)="b2bdcd0ba02dc319efb75166df56ceabd89cfd0685d66f9e94e6fda37b49f86bd30f1aafe9372ae8d7f966549dfc502da4de0d2d5fdbccca6232c78c0b1a444e617816bfcad4df80a68f7dd8ba83961d52fb0c12d68585d756984aba59e7c1e936153c", 0x3d)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002100)=""/4098, 0x1002)

1m34.934905359s ago: executing program 0 (id=5551):
mmap$auto(0x2, 0x40009, 0xe6, 0x9b72, 0x7, 0x8a6)
r0 = socket(0x3, 0x4, 0x1fc)
r1 = socket(0x2c, 0x3, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567)
sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff5f5ffffff00"}, 0x55)
getsockopt$auto_SO_INCOMING_NAPI_ID(r0, 0x101, 0x38, &(0x7f0000000000)='nl80211\x00', &(0x7f0000000080)=0x401)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
bpf$auto_BPF_PROG_ATTACH(0x8, &(0x7f0000000100)=@link_detach={r0}, 0x8565)
socket(0xa, 0x3, 0x3b)
timerfd_create$auto(0x10000, 0x9e)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x7f, 0xffffffffffffffff, 0x0, 0x8, 0xfffffffffffffffe)
msync$auto(0x0, 0x2000000005, 0x6)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0xa, 0x3, 0x3b)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socketpair$auto(0x0, 0x1, 0x100, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0)
socket(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)

1m33.644749767s ago: executing program 0 (id=5556):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x46a8c2, 0x0)
unshare$auto(0x400000a0)
r1 = socket(0xa, 0x800, 0x0)
mmap$auto(0x4000000000004, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/id\x00', 0x0, 0x0)
r3 = prctl$auto(0x3e, 0xfffffffffffffffe, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
close_range$auto(r1, 0x8, 0x0)
mmap$auto(0x0, 0x2a, 0x8001, 0x9b7e, r3, 0x28000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
r5 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
ioctl$auto_UBI_IOCDET(r5, 0x40046f41, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000340)=0x80000005, &(0x7f0000000380)=0x2)
ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f00000003c0))
mmap$auto(0x0, 0x62ff, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x1d6f, 0xfffffffffffffffa, 0x9, 0xfffffffffffffbff)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/idVendor\x00', 0x80000, 0x0)
read$auto(r6, &(0x7f0000000100)='\xcb%)\x00', 0x400000000007)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0xfdd5, 0xd, 0x378, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x8000000003, 0x5e, 0x80000001, 0x9, 0x2, 0xa42, 0x400000001, 0x2]}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)

1m18.507428199s ago: executing program 33 (id=5556):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x46a8c2, 0x0)
unshare$auto(0x400000a0)
r1 = socket(0xa, 0x800, 0x0)
mmap$auto(0x4000000000004, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/id\x00', 0x0, 0x0)
r3 = prctl$auto(0x3e, 0xfffffffffffffffe, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
close_range$auto(r1, 0x8, 0x0)
mmap$auto(0x0, 0x2a, 0x8001, 0x9b7e, r3, 0x28000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r4 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
r5 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
ioctl$auto_UBI_IOCDET(r5, 0x40046f41, 0x0)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000340)=0x80000005, &(0x7f0000000380)=0x2)
ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f00000003c0))
mmap$auto(0x0, 0x62ff, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x1d6f, 0xfffffffffffffffa, 0x9, 0xfffffffffffffbff)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/idVendor\x00', 0x80000, 0x0)
read$auto(r6, &(0x7f0000000100)='\xcb%)\x00', 0x400000000007)
prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0xfdd5, 0xd, 0x378, 0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0)
move_pages$auto(0x0, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0xb, 0xa, 0x6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x8000000003, 0x5e, 0x80000001, 0x9, 0x2, 0xa42, 0x400000001, 0x2]}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)

6.767279385s ago: executing program 3 (id=5875):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0x840000000002, 0x3, 0xff)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29202, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f00000001c0)=""/191, 0x1f8)
r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0)
read$auto(r1, &(0x7f0000000100)='!#\\,^-\x00', 0x9)
r2 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000)
recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0)
write$auto_proc_clear_refs_operations_internal(r2, 0x0, 0xffffff4b)
io_uring_setup$auto(0x6, 0x0)

6.527813263s ago: executing program 5 (id=5879):
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
ioctl$auto(0x4000000000000c8, 0x1, 0x3)
getsockopt$auto_SO_SNDTIMEO_NEW(0xffffffffffffffff, 0x8, 0x43, &(0x7f0000000100)='+\x00', &(0x7f0000000140)=0x6)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4)
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000180)=0x4d)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000004c0)="125fe31320b151bf87ab6a2d47753d91eda3372824e9c02d19559346a0ee28ca857dc0ed24ba24f6bdce369f8c08d29cfbba829aeca098f7954c2c470b570848df8e2708318b75585b8e80538f9e1f12f59bd96411317438fce5dc7d8f41d4837b7292a567672bfc10ac0c0e5c75bba964c59006e6030057eecb956ba5dea6119b8fbe9721e7c723807f8ba420eb9522fc3da7c972acb17ed31cbfdac6420177202ecdfb3ef5c247a7aa4b1f3876b185b78cba69733626ba2c9548287bf38012b30696ebb994c8c52927497cfab5dae6ad8db0c44793270b05094e1e316ffdb790ac9322274b0fbb7488207b05b89795a5b66d745b00880eaa20bed029a2d40597a150788ef8479868fce544ea1e3ca809d3f46e4c326f647a17ad3a4373d99ae4b81ae61bbc254394000000000000", 0x1, &(0x7f0000000380)={&(0x7f0000000280)="f816afe38815b44b5b7a3921bff963064475743d119ea696cbf5b49840570e08a21f021428a85b9b2af3a6cc0cdd41a3d97a3ac5630b72c6dac3782f6eb5a7ef311f043a78645b4fab748224809f40247a651eb45baf14748507d224819ff81c6a35a99f95b126d1ce0ab89f82cbaf7060b14ba30ab1a16c23e6ba533d1c3ac2b723d4ed1ff2e8c0f977a3dbdbd4bbca3ff426d850da16e4e1d6ef310b4ac47a23a271abc15aa984c7946287064c713291371d17a2e8f77a527dc9a81fec807961ad29e110246b1698995e469f0c9e88fac11567", 0x80000054}, 0x20000000001, &(0x7f00000001c0)="2b908c2188e788836f6c6b4d9a5f253c2a202d47a0e848bb2c801fcd2f320a8fde6abe3c3f4719bf4b338c7e55027b17697e864b1d8ccf1adc462de58aaa18818beb8c63108cca4f50b017469d83edba1824359f4e84cbb78f41446c273db5c8713034cf889365d76bc6e3c41d34f2a91e2a74d02810886936c7a79b", 0x9, 0x5}, 0x8}, 0x5, 0x6)
remap_file_pages$auto(0x7fffffff, 0x513e42ea, 0x0, 0xfffffffffffffffe, 0x741a7957)
r0 = socket(0x1e, 0x2, 0x0)
connect$auto(r0, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x8000}, 0x7)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
socket(0x1d, 0x1, 0x8000)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x2, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
cachestat$auto(r1, 0x0, 0x0, 0x5e43d222)
landlock_restrict_self$auto(0xffffffffffffffff, 0x4)
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
setresuid$auto(r2, r3, r2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff)

5.758637055s ago: executing program 3 (id=5882):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000080), r1)
socket(0x28, 0x801, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
shutdown$auto(0x200000003, 0x1)
select$auto(0x8, &(0x7f0000000240)={[0x8, 0x8, 0x3, 0x4, 0xffffffffffff7fff, 0x8000, 0x4, 0x5, 0xd3b, 0x34, 0x5, 0x0, 0x5, 0x5, 0x3, 0x5]}, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r2 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, 0x0, 0x2, 0x0)
io_uring_setup$auto(0x20000000, &(0x7f0000000180)={0x57fffffc, 0x6, 0x200, 0x9, 0x5b662f24, 0x0, r2, [0x5, 0xb26b, 0x2], {0x7, 0x6, 0xe00001, 0x8, 0x401, 0x8, 0x7, 0x8, 0x6}, {0x6, 0x9, 0xea2, 0x9, 0x6, 0x8, 0x80000000, 0xff, 0x5}})
r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(r3, 0x8, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x800, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)

5.050925708s ago: executing program 5 (id=5887):
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xffff7fff, 0x1, 0x6, 0x0, 0x5, 0x1007181, 0xd1, 0xb, 0x7, 0x7ff, 0xc, 0x80000001, 0x5, 0x80200000000001, 0x800000000fbf, 0xde3, 0x0, 0xfffffffd, 0x5, 0x0, 0x864, 0x6, 0x22000, 0x200, 0x0, 0xc3f, 0xc9, 0x0, 0x0, 0x58b, 0x0, [0x0, 0x0, 0x0, 0x7fdf, 0x47, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x44cd98b, 0x0, 0x0, 0x0, 0x8000020000000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6, 0x27, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x6, 0x1, 0x0, 0x0, 0x3, 0x0, 0xfff]}, 0xa, 0xd) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) (async)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 64)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async, rerun: 64)
r3 = openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0xe00, 0x0) (async, rerun: 32)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) (rerun: 32)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x1c, r5, 0x1, 0x70bd2c, 0x25dfdc01, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0xc000) (async, rerun: 64)
read$auto(r3, 0x0, 0x4) (async, rerun: 64)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/cmdline\x00', 0x481, 0x0) (async)
mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002)
close_range$auto(0x2, 0x8, 0x0) (async)
setresuid$auto(0x0, 0x0, 0x0)
keyctl$auto_KEYCTL_GET_PERSISTENT(0x16, 0x0, 0x7fffffffffffffff, 0xffffffffffffe6d6, 0x2)
r6 = getpid()
move_pages$auto(r6, 0xa1, &(0x7f0000000180)=&(0x7f0000000080)="82d63733aebf0db65fe720cfa2e4a1e8e67ca2f772bc9a0ae7e18397ef224514945da35cd14d2fa5b51a0596f77d0655dbae8dad8ec2ab080a24755c42e422e48d0a86116b5a4614804f2a530ad9760dd27ad65813a547d59c6030f62911e9e4b2de798dd8b392963752b581926a8d98599189a8e16ca8ae9df4c7128d979c517e833c2d175e6ff68bd725de790ea55fbcf747224006e56450502d916700398a0b851ef16084e7c954229036477f2342e411f2b3247fca2ffaa0294c8cc97e563f6860dd12df1599275b7ab956da95cd5cc8a3a7310402fe82aac4bb50ac53e093c03e60c4ed3bde3c415b6f9f88dc5fecd678d1cdec7877c94543b48d", &(0x7f00000001c0)=0xa12, &(0x7f0000000200)=0x1, 0x0) (async)
sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000a00)=ANY=[@ANYBLOB="9c05", @ANYRES16=0x0, @ANYRESDEC=r6, @ANYRES32=r3, @ANYRES16=0x0], 0x59c}, 0x1, 0x0, 0x0, 0x20040084}, 0x20000000)
waitid$auto_P_ALL(0x0, 0x468e, 0x0, 0x20003, &(0x7f0000000340)={{0x8, 0x20000000000005}, {0xa, 0xffe}, 0xfffffffffffff801, 0x1af, 0xfffffffffffffffa, 0x2, 0x7, 0x5, 0x402, 0x2, 0xe6, 0x8, 0x7, 0x200006, 0x2, 0x8}) (async, rerun: 64)
r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) (rerun: 64)
pread64$auto(r7, 0x0, 0x8, 0x7fff)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (rerun: 32)

4.842949567s ago: executing program 4 (id=5888):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram12\x00', 0x6e642, 0x0)
write$auto(r0, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
setsockopt$auto_SO_SNDTIMEO_OLD(r1, 0x4fe, 0x15, &(0x7f0000000080)='odev/audio1\x00', 0xfc93)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
unshare$auto(0x40000080)
r2 = inotify_init1$auto(0x2)
prctl$auto(0x20003b, 0x2, 0x0, 0x4, 0x0)
write$auto(0xca, &(0x7f0000000580)='\x04>\x01\x01\x00\x00\x00\x00\x01T\x9eQ\xcc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc7\xa1\x90s\x1d\xfe\x04\b\xacO\x99\x96\xbdf\x05z4~I<@B\x1d]\xbabB\xdc\xff\x03\x00\x00\x00\x00\x00\x00\xa5\xd86\x14\xe5\xfa\x88XCu\x17\xd0\xc58\xa9\xcc\x03I\xff\x13]\xe0\x10\x83hN\x04\xaf\xa8\xfe;$\x81\xb5\'?\xbc\x82\xf6-\xe0\x97\xbe\xba(\xf3\xf4h\x85\xfb\x97\xcd\xb9JS\xf3a\x01\xca\xdb\xb6\xf5\x96\x04\x00\x00\x00\x00\x00\x00\x92\xfc\xe4\xd7\xf4\xaeU\xae\x1aB\xee\xfeTL\xfa\x17Y\xacz\xda\xd4\x9d\xecX@\x1e\x1e\xd2\xc1^\x1d\x80\x10\xca=F\xeb(\x16\xa0B\x1e\xfb\xaa\x87RVdVc:\xb0\x9e\x05\x10\xe1YLP\xe0\xa0\x1d\x8b\x13U\x16\xd9\xde\x8d\xd61\xaef\x9aZ\xecyb\xa4<\x11K\x8dG*\xbb\x06\xb7\x80\xe4\xf8eS\xf4\xd0\x96\x7f\xeaK\xff}O:\x15x\x11\xc1\v\xffW\xeb\xf6\x7f\xd6\xcc\xc8\x99\x92\x8b\x9cg\xf7#\xc8\x0e\x98\xe4\x83\xd0;?\x00\x00\x00\x00\x00\xca_\x05\")7\xdb\xff];oI,\\Y\xd6eL\x90\rb\xe5\xf4\x116O\xd1\x92C\n\x14\xac\x95\xf4m\x92\xb2\xe0\x89O\fdO\x86\x96r\xaa\xcf,\x90\xb0\xcds\x85\xbc\xbc)(\xaa_\x0f\xa6\x8e\x17\x88\xb0\x1c\x15\xbc)\xcc\xcb\xf6\x91\x11\xa9\xe7\xc9 H\xcel\xe9\xcdm/H\x83gJ%I\xd1 q\x92f\xd8f\xa8\x1b\xd7\x1c\x8aMeP\xc1\xfb\xfd\x85\x86<e\x8e\xe7\xab\x8fQ\xa6\xd7\xf3\x02S@Y7Tg\x1d\xef\x90\x99\x99\x85\b\xbcL\xbcO\xb7\t\xb2\xc4\xd1ht\xb0\xe0\a\x7fc\x1a\x12Y\xc9\a\x80r(\x8f$\x1e\xc6\x01`\xd5`(\x1d\xeb\xdf\xb8Be\xde#L\x0f\x9e\x00\x89\x8exz\xc8\xa6\xad\xb6\x13\xf2\x10\xdd\xc3\x80\x16\xeb\x9b\x15\x19\xfe\x96n\x83\xa9\xec\xc5\x85\x7f\xba\x9c\x8b\xb9\xe1\xcc\xf59\xfa^l\xf7\x02\xcf\xe1\x8a\x05\xaf\x8cE\a~\xeb\xa8\"\x1b0\xad>\xc4r\xe4!\x06?\x12\xb0:\x88\\)d+\xfa`.\x8e\x8e\x1b\xba1\x13\x10\xd9n\xea0\x11\xc1l\xb10K\r\x13C#tj', 0x7)
sendmsg$auto_HWSIM_CMD_GET_RADIO(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xffffffffffffff5b, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008001}, 0x20000010)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004)
r3 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000002c0), r2)
msgctl$auto_IPC_INFO(0x800, 0x3, &(0x7f0000000380)={{0x4, <r4=>0xee01, 0xee00, 0x4, 0x8, 0xb2, 0x1}, &(0x7f0000000300)=0x2, &(0x7f0000000340)=0xf8, 0x4, 0xfffffffffffffffe, 0x5, 0x3, 0x10000, 0x0, 0x4, 0x5, @raw=0x67})
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r2, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000a00)={0x1604, r3, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@THERMAL_GENL_ATTR_THRESHOLD_TEMP={0x8, 0x19, 0xb}, @THERMAL_GENL_ATTR_TZ={0x100c, 0x1, 0x0, 0x1, [@generic="5df8769254602266", @generic="1dc05200687ca16cbd8604c650bd671f2c8c34299bf71146759875a13f147d1ac86b62e608fa31d9ca39bd993081eb207b9f1dc9a40d849777a044893f8c422e098339e38e84955a01c830841b70f99b8b95fb7418374b2a9392ae271003a99801e4c6604b619f2d94555629fc486560d0238b5face5b9a1dc9a42ccf80c8302d18756a318fd00aab15886574eac0bda2ba277fe5b5afc05e6662521bcbc45d690edab0b56d6795e5e619cc626d9439415541c47d87a9e2b8ab1994ee134ab138251a013090343463bb46b94ef7fa06a0f522c8da047f4aa5062a15d08478bd6d30768d12817a4a8870dbc1e870bd0a1bfab8a676672b7b24fedaaa9da75b13bbfaf99f4123c393846f3ba8dc7f45f71637a970a73759c2ab2f53f7ee9ecfb9ae2576f97019c798b2912ea7a0e64ee415fecc99d5874e06ca6bb9f23ea9070d4af66269038fd057a5fd94f2de050a592481efc0e448f328d668584dba53a4f3af5288f26435e628549bb226c616c9744333364f1cd3f8ff9ead9c1e6d9bcc6942f97f62b9cdb807aad83631029326380f3684f4a648383fc08d40ce29c2495e368c3904d310b9f317cbb2e70b0543a48fd0317fa8a84b30d76d93c146910ea85b8de0e4207ccd2b1059592b754cdad9d7869c70c47729c194bbfedfab8161679f5f0f21e330dabbc3f4560d72c6700ce6e64d37101c39741122002c1c60360a9318a7316a72af98049a45d05c7473430ba6daa99f192efeb4e4a650268d54d1ead255fee68fdffa3bc5749934dff83c45b1b4597f97466a9a541d65ad4053aed7b163da4e57e64dce2d94dcb1490832436d5852fee317498cfc0fcb521d089c3529a1e648be5fbef146b4bd4980c5a7cc62a522b1d54a4d71dbe5c6280df875fb096196decfe195932a773f268c5dd42334d619a392072f71af20ca29d6c606c042c4cdecef9de84c43859285295c021796337a8857c3632c42be33f7359ed3b2cc464635c29b14762cc02395cce70bba9443eba28c06eaf4c48618ac3d7cf7f24ce0de009481c4d72d1173ca7c4f1411c6dee4e792f12912365661d94723e91bc1a6f2a477b21f6a2aee6299b0a9875fd4dd14b9045558332e3f23e39735ab7825a81b39c35d82b9fbadf5582093f5d71dab2ff355da84f055eb452dbd8d657cbc4ec6dae9d1ceeb6625f5e65a4a6fa98067ea4169c31b4ca8c832840c6cc43d3d0c9986c276aba8b894ec4aa8041ec3eeaa491da2710aee554ea34c094a73cd435c253c796dfcde907396bc66f21e74c793472e1cd6bc015d2cb5d82d9998da95ade9a973f9bd1d16920ecf243fea88a003b906e0087440a4814fe63a2cfb54a09897b06e8017fede69745ac0b9e206f91b531a3ec229b2124b3dcf523639f529f70db95a93a1c33af588bbc2658c2e8741972648d4425217eb4b3603da75904acba205918608f4d51d51671ceba3b95d414f9aefa8898cfdec34f39858f51540b90d81863f75b18c49a460be711d3204a66c926384e24ea8db4986c9882354d64f9e60ce119e7956635e1b9dba645bb9f35ee3146de2e0eb9242662c64dd7840b1c25ce101c7b5827924b6f75f787b07d69bb2a5c12b805f18cb699f79fef119dd80d8fdacacd052ee737344458025719ccbbc82e40850fc0620d70005c9cfe891d19f146a94d99639de0ee06fdd0622f8acccb0bd76a91ce1f41bd7b075142a965c67669f09bb0551cad0bbd1f95df9d34a7cfabbf1f3d4a481724336b4eb788fea22fbc46554394161ba2d26697edb43aaafb08a0550f3f51f6f71d935cee3453e76b4211085d7ba70648215e21bd3c54409c8f4a24ba309149705e0ae7fff93871236042ea65d218201ea941399693c6b899861343a37a4f5d1edb6636a22e2a70114385c1f602ca5b5c5dd99ea23bb272151f733c4dfb83ca54f86c635f2bc97d69533c80ddf5e2bf30fb3c4b255657ad6b24934e5e4b66ccbfca2c7ae1313105f00387b272e4460ebfd95410cac49c0e6a382ad02bba81c30f0b9b24c744877b58e51cf6e76e1fc8b216fbf5a27c2e34b522fa74da1c8bdda6ba4ad0a12cc7f6f435c662f4df92c9c2fe68453ce73b3fee8618d5f09a8add41b2faf3cba1f1fb3eae79a92677b50f86451bb8c8ebfbe06f9a7d5c270ef299f43c600ff1cb4ed1e996da72bf2f2c4439f6c51e5c2ac4c1e8f3871b5072790aa917d7a92a47b75b289e0e380b51763d540f7f7978b52adb5d46fb630e18af0d43814993d9076e5c61d3a346f3fc050c84769d4fabbba08efd5568a73faab52b9804b6dd4a5d5b0c8a76afc08e2212f4980f34023774247877f2eb0b5fa0441b45bf4d9057b62e6f11627fac12f89272b3d09e4cc448fb573e3f277140277cb2a6410ea175c3aaa9ef8420bf36619c3b9eb65057c4fc33b8c136142bb00b95828e00ee7f01bfa2fc44d19d539b6d68fb529e41fa4e0ae7f25207eecb5381962bc161ee79e314f4ca19b8541d04d8d2bf219ab5520d975cb92a7e34886a8985250fe3e11942e505ec2619e816bfc5eee09ff20cc23e7c9719ddc0016b40de71e9c0414807c7c1f03b2bd98f37716d1f84c7c9adb7475eee8606e8bd4c8254699a71c05e360276575998a49b3ff8243451e0aa18374813b16a640229b28644f2fc2918d38c83fea30cd00f5ec623e6b1fe4cf725741a9f9df89bd59a6af11f6c8252a3f633fb70e547d8badd50de77c062c586f9e3241d6fc7f624a623266255b04d1a07407befb90c9ac4001e730a82d90f80dfb1dd2736c0c962c16dbab92bf0330b1aaf828e799d0bfdb6f12092cbc57dca4b13d5586c0e20d820fb9e023927c67e18232c8010d8f6dab961b09a9055051672b93d7f235f0243897fd8869be2cbbcbf7c979413b59f47751cf78951373c0bd98496701aba0e208dc3334ba2959be9c3aeef06728b4fa323f64bd2a833e8288684ee0201dfc243af7fd2fc4a6037c2bc7858385a2c357f92e4c43763f0e08c782622fd57c6f41500c34deabd298e40b90a0296e59b013e75e9e1b2892cf2ee3630b648bf8cff572baf389cf15b1623a150bbd1fac697aa0ea6bc675dc092d11c6fe9254b438dd41eec698e8404e40f19d2eb937ad19b996b991f2b6eda27eb69b2fc1c7eb762026c40c829351bdec65d2a0e3933c03678235090ccaec4ff670d5223a606f18ff709159265ae1085cb5ba3ca04c77d709f8433f43175edf764cbdd6c27d74e171d4cf9882d4c379714b8e77de82912e42203bfe174c13a981b138379ca4cd5ebb37225288c0cdf382a8ada43396c5e8cab7429309b47f533dde412b8d7f9c5923e6f7778e1fe6995d7a26a99e3cd1b981661b458a4bb6cfbed15ca10b5f284ab6a08fc6d495d73d4c2a5ba0c27e97de0dc2cbf883ccb5d1b9b03f8879aafc35c03aab5c7529c4a6d3bf6fef1a783ea668f8f9c1c5721b824c3dae8aeaa5800ae55f691fa2501ce81f0081fe6407ee4e7291316119edf65aefd4661e69dfddfd3c54bf1dd122897f2fb77edb09f284ec6c0c88f277a278112043a78c9ac32cf96d1e21470fc4f0167f69b08c209eedfac6d48e88d53c774967eaf80c139ccbda216c2ab9549e2c207fea547cc25347213183cc0040b065cb777c5950fb3a8f275a68fbd790c65f545b3cb9512f36758d3a2a593b8f3518aaa843e5f33af478c36aca7122b69c20d734b001192c9afef9f4c9f1f110837037f0790e0e9bc42d05f21963a3af3868629bb6aac5e236b91cb2086ff86bf81997ead463b2a26e1f79e6d9f600b2bd16647df49f2fff925ff677ff9f68770858573f4bfe501f386462e150e619967b7597be13b332108d78d80403abbc95d16e25af9162a1c3d0772fae7ed6101cfc76ea6680848f8cb38ff1e48ae2da4673e1b86282b2e356f2c28a6f170012b18d53da4b354f649c372ca79a4779e7bcdbde1d38465842e0d4c7cb3ca59b2761158ac83b0519a133b0a68570db0e2d6042309ad71b0a1634adc96757f5804e93926e52215a1d4cf4373de6b98f6208a27d0655d5305ef3c18e4f74fdcb738f86603d65505270864fb2db82cbadf9b44a157ba723f286c386a18c70deb46284c5d40ce1838ef0dc813cf27f262e077aefc2d1fa23d3fe377aaf856453e45ae8c929eb9c408888a7496846ea31296d0fc522005432cf101c9f8bfb83ed6f672d786da1b5c155e58c8cf0f1e5c8fca660655d3b34690ab4be9138d82f8883ca70426d0eaa4ffb3235105bae84f27a7769ecc2de309a9618fe3a88e9402c8fe767f41b1ac567d271dd6b95a92b7358e8c584dd1f9007f9c02a0a2c4211f703672c47d9b3ed1dba34bc5acf234a6c7e16a50567706a9c9123737111add2da2ff8ef4fe9c1504255f61408b99a3573e0e7f7f10ba39e95d8d6b8102120ab04ead661cd928385cf85cc7f92af7916498c4448cc0da99550485e84130b9cfceef6575e526645fb91786f4926cdd2bdf49ab4a3353baf845decdffc0710644cd82205a8414f173d26ed251d6df03ccf8ebd1fda2de1c483d0368bb39bc23bb1a4b25c23abf609350443d84ca79e85e04ddf6087b0f8a5923ecf648140b9f6f40f2c9045a8cdbfc6eb03d096f54a558a37e88c36685c04f98eb3bde4933fd5855ef87b2a16f3274c2529c608808a7f514fcbf86e605c624a1156229105cff88a8c69727f310a64cdb3cb2bd0b783045625a2bffd0da5ff537e805c088cd1fed1c9328e23917c41e6fb1120a0270113926dccfa4f53219223e2f5394d16db43f94c73f3a98544e5fec3d54d72ff3cc8caf27ec2933d9bbfbbdc17d8ad545a7ab5bbe4a3b56e46c5d49a69f99244b9910dc7fd13c79093012d06ab9e93f6e0352aa374e95835a38dc0ee7b39d42345071ddc3a2aa82547a4ec6d75d0f69bbd753a8b023c964a5b5724e650bccb667745076fae66964917ad2d379b076eee240f54a4a064366bbdda29112fabe5ce33392d2216a780087ac7e39ad94b4b468aaeb97e92d1555053f84572175b074cea1a16aecbf8405c17476a1b353665948c1e5cc0b6e960cc021223aff6d2bf8207b5c18722d9d7cc7c3eddd87879bd198fb28cd9f013025a1c504f5eb0c57c543b56f14c309c6ae66facdc7d041f5b29105130124524fe5a7df6fa0664c294e2bff6c7523549787694e4fdf8940f579f315ecfde59ab1a6ce178dd7610d4336c77a4d723d289a91ceeb16275bddd7ab3f29c6b2dc0dc63b161f343730cbfa75d8115a90b9b7cda63e93223a9b5234a0553f00bf8b2abf84ab8dd647229f563a614d3beb6df5b08a3f3e0a77d44e4dfd6f36433fdb70cc8fc8f033ea596d42e3cb0e1f3ff6953a9720b423815f12bb3062280015f27bee8df2fa7fec0cfe6b94b834a3d668e7cff3724e7d87c0dcae6d9889bbec8faffa436555c5badf371edf41a6c5c3c213e9a6971a440f30488237988fbc4fe276872a58c4329e1a91f7f077f09ea6566268b5e6f05eef31c9558ac39b0b5e9c76ab36e1dbbd1f6430cafe5a87190fc0ab3955accc808502905d864eb4a7320d4a48a72eb6298b91474b6da938774629e46a8b06c44f75dd21951056b496e19b1f62b155ec5ac73966e047bc7850a3828102f955385e648bc49c672918a622d0f35021f49e80608e7381286ce2ee27acb45e983fa74a98c5ac749ce10ca8fa36a84c94f69d88b1166d7299968013c21118ead5bfdac19da343adb1e61db8578e8b1894cffcc20a34fd54f080d406c4b89cfe430740c1574a1c68266b0bdd53fa324b75a8e59ce2938d93"]}, @THERMAL_GENL_ATTR_TZ_TRIP_HYST={0x8, 0x8, 0xa072}, @THERMAL_GENL_ATTR_CDEV_ID={0x8, 0xf, 0xcdd}, @THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x7f}, @THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x6, 0x7}, @THERMAL_GENL_ATTR_TZ={0x5ab, 0x1, 0x0, 0x1, [@nested={0x2b8, 0x34, 0x0, 0x1, [@generic="f56b487f64e13e242b6406f71e207b6cab577c7073cb8a12bf3f53247e57b7fa76cf0680f32e887d02aacc1960abc70f6b1b93b1132d18e368d2061648590a0b510bba3a8134e7d8c6c5c95aea61cec9ac22b42a092f18724cd07a75f6d266a9d8c5d9c4b1b513c866968ec97667", @generic="437d09a083ed753d59dfd4c15d5b2cb0cc7eaca508e33b172f7fe623d03a1a7f0cc4e48eed19b2c35d32efcfd85400f4f411f1699db886c341ae720f5b315727f2375e5d689daa2f809491ee7720a9d0de88e3f6a156ca73a7f74a48aabc8bb4b25c7131e18b034c2428db269f88db7d", @generic="acad39f10f3f77e7a5049c9959a7bb0c68c51f078e6b405358a8e8690956c30adf9d63fe933d39f06fa45e2abd72f2085c134ed6ade75196a61864e1c270125ba891abccb88503163867fe4f15bade36c97566210dbef9ae90e7d51fd39ebaae420a1e90d407795d78b10ff0fbb0faeb03d7bfaa74d12465d09698b0a46941195ad3", @nested={0x4, 0x22}, @typed={0x8, 0xee, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x16}}, @generic="2ce962f1ff425bcd3b193af0ad101a0685828f06d9d4fe4a6f35d52a1300b570d2d1a93952599db60604e29e69637e665f7d25f5a752c5d1df900a8c1da841464c105f501b764d906a3e38d61ca12ef3943fb3283c6373dea37a21835fe73af4107548b53e8fc6c5595f1f0fc8970572be996c961bb2ef0abdb59fdc952ff8f057ebefaacbad0e2647c4ce0a70913423bb19070f5a558696ef2930bfad9e248fb9a52219eaaf7db1ce93cb04aa96ce1cb20d8189c111e926", @typed={0x8, 0x22, 0x0, 0x0, @u32=0x4}, @nested={0x4, 0x27}, @typed={0x7e, 0x13c, 0x0, 0x0, @binary="c843864c02430821dab4e4e5e5edb24c8b5e92d82a9ee27cda3d0add8d3f0c49272946dbce7bc6034be13d69cf5969b5cbe762c3373b6dab3ac490b413df00b907fb7cd54e2fb2bb04dd2d62e182a5a489f787d77baa6f12170a52cace6b782c33dae6e219ed6972b1f248bf55ce636bf16a9ea179c02ccfc71b"}, @nested={0x4, 0x6e}]}, @generic="124811693cc730f9647edf2261be3ba761a415c05fcd790f58a767e42071271d701100bcce33afa3b07d12377502bbd9dee046cdb96ccb866721f37555e889c5c4179522143c6d5b2beac0a30b7b913cd2b84b662944ce7aaf45766a3c8cc2f55bf1710002badc5d89e286fcf72c4dfef1285bdd774e4c8c721b19a9d260116f5cea2dc4b41a7d82468fb19e72b663c3c690273f59c1b3a3b370ff9afe06f8b7111cfaa21980b28deb5bf9a460e212439972b432eb6896", @generic="5f88b1241ed8911485f399f3d45fb15bd5dae885dfaa27afebf103b9ee6c1a8f2c4b7942c84798f58c8988388202de395603830374aa9688036bc06e2a95566fae96027870094a81bdb59995eb6b62", @generic="51806bc089e3f14abc9564e7ff69617e8cc53da107dec90a68b1924befe9b2f302c8b26d6a807150d844803f0deeb5e9541730af6e1e936e0a1ddfa92ae14376d53c237dd63a5f4a60a30333b58a0ad06ca28103fa6b25e282db34d83764e552ff6b84b34c46e11cccafc803a54db1916d886070b90b2f6b37ccd5e37c9c4cd8", @generic="a029010d47af63972f51d95ab54808847f75d312b1016aaad9128e414b099ab902bf08c8f174976c30155514ec00ef30dc74b97710761ac76380973a6e037a68a42594588d1573a8b8449648872773e37283524ecd6dddf7f84aa7ce3995a06b0f226670538dd31abf6bad92bfb94eebd76ecdc37116fb32bb4a6a4faf500a73ecde98b16f", @typed={0x8, 0x66, 0x0, 0x0, @uid=r4}, @typed={0xdb, 0x56, 0x0, 0x0, @binary="02533c046f11a1c1e0364ab8be2321841dbec219127d6531d9445738c13a3cf5d0e55a1f88f87ed7cc8f15f43109cbab50f4f6139c520b184eed2204d096ee5ec3a73a7f99410dcf14e9c48f53580ca792f6ef48f534ba3e8a37aa03ab92a78f2081aa694942cc3f8e587d2b1d098ad33f60061b6551f3a2cc9284492200aedaad39ce0aa9f200d46fe30500638c4a6245fc2474a31e01f805859fa383f6911a4a41ba46de1a4e1c7308381910a9556b001c821461483b19d49fc8d9124e020b4a35b646634b4695af6126b199d276e9469772d66f0071"}]}, @THERMAL_GENL_ATTR_TZ_TRIP_ID={0x8, 0x5, 0x8}, @THERMAL_GENL_ATTR_THRESHOLD_TEMP={0x8, 0x19, 0x5099}]}, 0x1604}, 0x1, 0x0, 0x0, 0x800}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0)
mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0)
mmap$auto(0x800000001, 0x8, 0x4000000000df, 0xebe, r0, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
rmdir$auto(0x0)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)
setrlimit$auto(0x0, 0x0)
sigaltstack$auto(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x0, 0x11, 0x10000002, 0x3)
semctl$auto(0x2, 0x9, 0x939, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)

3.91190569s ago: executing program 1 (id=5889):
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x399d00, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) (async)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0)
mmap$auto(0x4, 0x20007, 0x7, 0x10, r0, 0xfffffffffffffffb)
keyctl$auto_KEYCTL_CAPABILITIES(0x1f, 0x800000000010000, 0x9, 0x10, 0x3fe) (async)
keyctl$auto_KEYCTL_CAPABILITIES(0x1f, 0x800000000010000, 0x9, 0x10, 0x3fe)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000) (async)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) (async)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0)
pread64$auto(r3, 0x0, 0x594c, 0x9fffffffd)
mmap$auto(0x0, 0x20009, 0x2, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_VHOST_SET_MEM_TABLE(r2, 0x4001af84, 0x0)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0)
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_MEM_TABLE(r4, 0x4001af84, 0x0)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) (async)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0)
bpf$auto(0x2, 0x0, 0xb)
close_range$auto(0x2, 0x8, 0x0)
msgget$auto(0x200, 0xfffff40b) (async)
msgget$auto(0x200, 0xfffff40b)
socketcall$auto(0x4, 0x0)
r5 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0xffffffffffffffff, 0xafc, 0xffffffffffffffff)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, 0x0)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) (async)
ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
pipe$auto(&(0x7f0000000080)) (async)
pipe$auto(&(0x7f0000000080)=<r6=>0xffffffffffffffff)
mmap$auto(0x0, 0x402000b, 0x200800e3, 0xe31, r6, 0x81)
msgctl$auto_IPC_STAT(0xfffffff8, 0x2, 0x0)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0)

3.698971715s ago: executing program 5 (id=5890):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0xff)
open(0x0, 0x1e7d43, 0x82)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
mmap$auto(0x0, 0xa, 0xd, 0x9b72, 0x5, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ptyzf/dev\x00', 0x440c80, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0340, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x801, 0x106)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2202, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
unshare$auto(0x40000080)
getsockopt$auto(r2, 0x84, 0x75, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='n\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00042bbd7000fcdbdf250300000014000300fc02000000000000000000000000000014000200fe8000000000000000000000000000bb05000700aa00000014000300fe80000000000000000000000000002808000400e000000108000500ac1414aa140006006e657470636930000000000000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x11}, 0x1)
sendmsg$auto_NLBL_UNLABEL_C_STATICLISTDEF(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="5c0000007b30ce609f5442a5f61bc3b232ea82d03b82dd6859a319208d23a60ffba5fde5875342ef3e62bead0edbaf744996cdc83533fbab64954330f45bf4fde40ee5efa992238d1930cdbf40b067114121a2a031f4c2f921a8b00884b1b32bb6ec5b8755ab3fe9b5860cc45fa6d943bb86dbdda1d885983d914bcb2e73d9faff272f4a1095da1ad6790fc3afb4595f52155393d6e1c3e7a995f6f8d8741cc65bbc5377d13dbcce1ae1dd8797ad34f8ddd1a7d065e6eb2fbca4b7d35ac6bd27", @ANYRES16=r4, @ANYBLOB="00022dbd7000fedbdf250800000014000200fe800000000000000000000000000019050001000100000008000400ffffffff080005007f000001050001000900000014000200fe8000000000000000000000000000aa"], 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/017/001\x00', 0x20000, 0x0)
r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r5, 0x0, 0x1f40)
writev$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6)

3.6245912s ago: executing program 1 (id=5891):
socket(0xf, 0x7e5a77f7a39da9d8, 0x7)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x8905, 0x38) (async, rerun: 64)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (rerun: 64)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) (async)
madvise$auto(0x0, 0x240007, 0x19)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0x5, 0x15) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r2 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010031bd7000fddbdf250c0000000c0003800861038004000580"], 0x20}}, 0x24048084) (async)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kfence/parameters/sample_interval\x00', 0x102, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) (async, rerun: 32)
bpf$auto(0x2, 0x0, 0x1) (async)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) (async)
mmap$auto(0x0, 0x400008, 0x5, 0x2000000049b72, 0xffffffffffffffff, 0x8000)
r5 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x53) (async)
setsockopt$auto(r5, 0x1, 0x2, &(0x7f0000000040)='\x98\x00', 0x7)

3.365529903s ago: executing program 3 (id=5892):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) (async)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async)
futex$auto(0x0, 0x85, 0x8, 0x0, 0x0, 0x80800002)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (async)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
r1 = socket(0x2, 0x1, 0x0)
setsockopt$auto(r1, 0x6, 0x0, 0x0, 0x44) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, r3, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x20, r3, 0x801, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x10}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x4000004) (async)
sendmsg$auto_NL80211_CMD_UPDATE_FT_IES(r1, &(0x7f0000000280)={&(0x7f0000000000), 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00', @ANYRES16=r3, @ANYBLOB="300025bd7000fcdbdf25600000003800fc005651e0d55144840fa69306a0722295c8f659f830a6a3ce7e9586e76a81517902048e099083780d70e16c01b29b10d16171af714e0c0058000b00000000000000"], 0x58}, 0x1, 0x0, 0x0, 0x80}, 0x400c050)
r4 = syz_genetlink_get_family_id$auto_l2tp(0x0, r0)
sendmsg$auto_L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r4, 0x100, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80c1}, 0xc0) (async)
sendmsg$auto_NETDEV_CMD_QSTATS_GET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@NETDEV_A_QSTATS_IFINDEX={0x8}, @NETDEV_A_QSTATS_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20001800}, 0x4004)

3.015739979s ago: executing program 5 (id=5893):
mmap$auto(0x4, 0x27, 0x0, 0xeb1, 0xfffffffffffffffa, 0x5)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0)
ioctl$auto(0x3, 0x40045542, 0xb551)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x201, 0x0)
sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f00000000c0)="35daa43b4631b05b5046ef228bcb6f64ac9f594f0ed837cebcbdfb7eb19207c29f4b33a50e622c815364d8ddddf225cc8aca015bdc89ed3dbdb0f7888e9b1eeb9ebae49091a758d494cf9dc5376ca919b3f82d5b6d7c062dc0d8484bc5fe622239115915644d21", 0x0, &(0x7f0000000140)={&(0x7f0000000040)="48c4b143e08d4609c9ba5099bc6f3355792de3dfada5371dfa13a065a39f57b09b683f4806cfd7d08e21346940ebe66f2e6dd1ff978843f1f44ff08a7d500516", 0x10001}, 0x1, &(0x7f00000001c0)="9675de87820af301f0fd3ca23a3065898a4c7bf3179b72e67d1c6179ca9fdce01b3bf7f08f85f0fddbb8480d80ba638048b44bfea7be1dfaa69e53aae0e64ce236a5a06bb9f057", 0xca, 0x81}, 0x2}, 0x4, 0x9)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x6, 0x1, 0x4, 0x6, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket(0x2, 0xa, 0x1)
r2 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r1, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57699, 0x9b72, 0x2, 0x8000000000008000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
r4 = socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f00000001c0)=0x5)
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r4, 0xffffffff, &(0x7f0000000200)='/\x7f+\x00', &(0x7f00000002c0)="02ca0b6ff846abb95a1163a89c541397446d0b4cd8dd09b62afe76f57b188ab65f174fab9f86fdc44992832baa294bada1aef98da2eb13ac7b34003db767c5977894383aab82a8ae0351020f0aa7d0b6ce290d3585612b63c511ebb0560a68a6611c957fb23f94c2f3bacb8d3471856ad0b80e06b29ed7780a45c99b61025e2b05016b1f4b41f19cac3799eb39544eda22ffd714cfc02b57a798700d3f5950dc9e655afe9168c020962df820a815971b342ba7b3a510ae03da8b6cfef2986a7a833ed0f8c5ee194e2ca74f6b93675dac52874029403c4fa0d00e14cbd54abfa79f08f3e61e8d27e0bd913240", 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/0000:00:03.0/consistent_dma_mask_bits\x00', 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi19\x00', 0x490000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)=""/40, 0x28)
sendmsg$auto_NCSI_CMD_CLEAR_INTERFACE(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c090000", @ANYRES16=0x0, @ANYBLOB="000128bd7000fddbdf25030000000800080001000080"], 0x1c}}, 0x20008004)

2.914900306s ago: executing program 3 (id=5894):
socket(0x10, 0x2, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x2, 0x0) (async)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x2803, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/miimon\x00', 0x143b42, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0xa, 0x2, 0x0) (async)
socket(0x2, 0xa, 0x1) (async)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x2000b, 0x806, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/cgroup.kill\x00', 0xa001, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/time\x00')
io_uring_setup$auto(0x8, 0x0) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x151e81, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
socketpair$auto(0x10010000, 0x1, 0x420000, 0x0) (async)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) (async)
ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)

2.730198806s ago: executing program 1 (id=5895):
setsockopt$auto_SO_KEEPALIVE(0xffffffffffffffff, 0x1, 0x9, &(0x7f0000000080)='%&+#*%-\xfc\x00', 0x9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x201000, 0x0)
r0 = socket(0xa, 0x1, 0x84)
io_uring_setup$auto(0x2, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000425bd7000fcdbdf441400000008000e0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20040000}, 0x4004008)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f49a0a, 0x2, 0x3, 0x5, 0x80000001, 0x40, 0x6d3f, 0x9, 0x2, 0x7]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0x7, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xf]}, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0)
pread64$auto(0xffffffffffffffff, &(0x7f0000000200)='/proc/scsi/sg/devices\x00', 0x100000001, 0x4)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x3)
shmget$auto(0x8, 0x10565, 0x7ff)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
shmctl$auto(0x0, 0x0, 0xfffffffffffffffd)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0)
read$auto(r3, 0x0, 0x20)
mmap$auto(0x2000000000000000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
pipe2$auto(0x0, 0x80)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x1f, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2.627050142s ago: executing program 3 (id=5896):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x7e1b, 0x0)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0)
ioctl$auto(r0, 0x4008550c, 0xffffffffffffffff)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
mlock$auto(0x112, 0x80006)
madvise$auto(0x0, 0x200007, 0x19)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fchdir$auto(r1)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0)

2.410854299s ago: executing program 4 (id=5897):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
madvise$auto(0x6, 0xfffffffffffffffd, 0x8300000)
syz_clone3(&(0x7f0000000040)={0x8224000, 0x0, 0x0, 0x0, {0x29}, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x3}, 0x58)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00 ', @ANYRES16=r1, @ANYBLOB="000225bd7000fddbdf251f0000001e009400305021dd7347a8b561ae7378b45e04ddf34dd8d72ba0e1f45b040000"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40060)
futex$auto(&(0x7f0000000200), 0x9, 0x2, &(0x7f0000000240)={0x10000}, &(0x7f0000000280)=0x80, 0x8)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram4\x00', 0x60743, 0x0)
write$auto(r2, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000340)='/dev/bus/usb/039/001\x00', 0x802, 0x0)
eventfd$auto(0x101)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x63ae, 0xe6, 0xfffffffffffffff5, 0x100000004, 0x948b, 0x3, 0x7, 0x1005ffffffe, 0xa9, 0x62, 0x8000001d, 0x10000000008, 0xfff, 0x1ff, 0x1e48c55d, 0x4]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10007)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c93c2, 0x0)
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x2, 0x1, 0x0)
socket(0x23, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0xa, 0x2, 0x88)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4, @old_map_fd=0x3ff}, 0xa3)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6)
connect$auto(0x3, &(0x7f00000000c0), 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1)

1.936679918s ago: executing program 5 (id=5898):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x40eb4, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x40009, 0x200df, 0x9b72, 0x7, 0x28000)
setreuid$auto(0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
connect$auto(r0, &(0x7f00000000c0)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x1}}, 0x51)
inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x1000e6e)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000)
dup3$auto(0x8000000000000001, 0x5, 0x800080000)
write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040), 0x0)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x2, 0x6)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54e, 0x10000000000005, 0x1, 0x8fd6, 0x948b, 0x5, 0x3392, 0x4, 0x3, 0x3, 0xffffffff, 0x9, 0x3, 0x4, 0x4, 0xfffffffffffffffe]}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_TUNSETGROUP(r2, 0x400454ce, &(0x7f0000000240)=0xcd7)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bond_slave_0\x00', <r4=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r4, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r4, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffff5c, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

1.789295041s ago: executing program 3 (id=5899):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
close_range$auto(r0, 0x8, 0x6)
r1 = io_uring_setup$auto(0xe, 0x0)
r2 = bpf$auto(0x12, 0x0, 0x26)
msgctl$auto_IPC_SET(0xbccf, 0x1, &(0x7f0000000540)={{0x0, <r3=>0xee01, <r4=>0x0, 0x9, 0x4c, 0x1, 0xfff9}, &(0x7f0000000480)=0x7, &(0x7f00000004c0)=0x9, 0xa, 0x0, 0x5b9e290a, 0x7fffffff, 0x4, 0x200, 0xd, 0x38a6, @inferred=<r5=>0x0, @raw=0x400})
sendmsg$auto_TIPC_NL_KEY_SET(r1, &(0x7f0000001c40)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001c00)={&(0x7f0000005dc0)=ANY=[@ANYBLOB="301600006ca2bfcda7ebfe0bc9a141d05d8dd37674b5fecbf9e7e6ddc2b7cea7e6cbe09ef70c00946ed30cec0086a38be60c4b79d10b6a31a53ee121ea3fadb1427a411b04bd352f40c09900af254b17f05e5c62779ff7aebe1edd2bcb6f28a3bd1b241971912d7a1f02415c76058bc0be1429b7e7fabfe05843ad8c558763cc88aa41f46f69f98dc7c6c63eb37ecbfa0e55ee863f711c2808219bf276", @ANYRES16=r4, @ANYBLOB, @ANYRES32=r0, @ANYBLOB], 0x1630}, 0x1, 0x0, 0x0, 0x4000}, 0x8050)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup.cpu/memory.numa_stat\x00', 0xe2080, 0x0)
read$auto(r2, 0x0, 0x9)
r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x136401, 0x0)
writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3)
unshare$auto(0x40000080)
sendmsg$auto_NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f8000000", @ANYRES16=0x0, @ANYBLOB="0800f0888c0c7f97792785313172a125bd7000fddbdf2527000000b80043004a714237eafa0a634ba1a3e2d1f355163df265b48819ba0089980f5e0a4b7cc86b7487469c786eac2ab7e41cd13eff80ddfb68b4ae2adf23242fc9ef717b966165661848003b3283654335201a28f54d466893014fcc1ea1a279ad81ab3d9d8a45dac12de7d637a39dc6c48341b17cbd991b4b3a9123409687ea21e2907a91d29f69846a40ed0238d76658e55f5d93e9e78c8b01f6791d581665cdc3d42bba2052a0fa01050088004000000013002801eb9868929d80bb84f67e7a5107dd5000080026"], 0xf8}, 0x1, 0x0, 0x0, 0x20040894}, 0x4000)
r7 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x8202, 0x0)
r8 = getpid()
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x24040004}, 0x800)
process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r9 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000200), 0x103001, 0x0)
ioctl$auto_I2C_RDWR(r9, 0x707, 0x0)
r10 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x942, 0x0)
r11 = waitid$auto_P_PID(0x1, r5, &(0x7f00000002c0)={@siginfo_0_0={0x7ff, 0x8, 0x4, @_sigpoll={0x0, r7}}}, 0xe10a, &(0x7f0000000340)={{0x47fd143a, 0x2}, {0x7fffffff, 0x8}, 0x4, 0x4, 0x8, 0x38b, 0x0, 0x9, 0x5, 0x837, 0x7fffffff, 0xf3, 0x3, 0x4, 0x5, 0x81})
pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r10, 0x4, &(0x7f0000000400)={@siginfo_0_0={0x9, 0x1, 0x8, @_sigchld={r11, r3, 0x0, 0x6, 0xc0d}}}, 0x2)
mseal$auto(0x0, 0x7dda, 0x0)
madvise$auto(0x0, 0x401000, 0xe)
ioctl$auto_TIOCSBRK2(r10, 0x5427, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_GPARAMS(r7, 0x40485404, &(0x7f00000000c0)={{0x1, 0x40, 0x4202, 0x3}, 0x2, 0x0, "72e00d838b24ff6fd5411f4330fd8fa23cf2b9541bbae501c8312f5733753466"})
syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x8080)
sendto$auto(0x3, 0x0, 0x3, 0x9, &(0x7f0000000180)=@in={0x2, 0x4e20, @multicast1}, 0x22)

1.534887355s ago: executing program 1 (id=5900):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0)
fsync$auto(0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(0x3, 0x0, 0x4)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/miimon\x00', 0x143b42, 0x0)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0)
read$auto(r0, 0x0, 0x20)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0x0, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x20000000000003, 0x8000400, 0x7, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x2, 0x1, 0x84)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x24f81, 0x0)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81)
readv$auto(r1, &(0x7f0000000040)={0x0, 0xfff}, 0x100000005)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) (async)
fsync$auto(0xffffffffffffffff) (async)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
write$auto(0x3, 0x0, 0x4) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/miimon\x00', 0x143b42, 0x0) (async)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) (async)
read$auto(r0, 0x0, 0x20) (async)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xfffffffffffffffd, 0x0, 0xa, 0x40007fff, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x20000000000003, 0x8000400, 0x7, 0x7, 0x2, 0x93, 0x400000001, 0x2]}, 0x0) (async)
writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x1, 0x84) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x24f81, 0x0) (async)
sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81) (async)
readv$auto(r1, &(0x7f0000000040)={0x0, 0xfff}, 0x100000005) (async)

1.093412695s ago: executing program 4 (id=5901):
mmap$auto(0x0, 0x20009, 0xaa, 0xeb1, 0x401, 0x8000)
r0 = fcntl$auto_F_DUPFD(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b)
read$auto(r1, 0x0, 0x1)
ioctl$auto_BTRFS_IOC_SNAP_DESTROY_V2(r0, 0x5000943f, &(0x7f0000000000)={@inferred=r1, 0x5, 0x68d5, @unused, @subvolid=0xb})
r2 = memfd_create$auto(0x0, 0xe)
fallocate$auto(r2, 0x3, 0x2, 0x4)

1.091546808s ago: executing program 1 (id=5909):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440))
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = open(0x0, 0xcd1e23e41b02d660, 0x154)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
execveat$auto(r1, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x11000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)
socket(0x2, 0x3, 0xa)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
unshare$auto(0x8000000)
semget$auto(0x0, 0x2e4a, 0x8000)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x9, 0x1, @relative_fd=0x2, 0x80}, 0x94)
futex_waitv$auto(&(0x7f0000000180)={0x3fb, 0x6, 0x2, 0xfff}, 0x3, 0xbffffffc, 0x0, 0x81)
openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f00000018c0)='/sys/kernel/tracing/error_log\x00', 0x2, 0x0)
mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000)
futex_waitv$auto(&(0x7f0000000000)={0x7ff, 0xd09f}, 0x200, 0x260, &(0x7f0000000040)={0x2}, 0x91)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
io_uring_setup$auto(0x7, 0x0)
io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101)

940.424549ms ago: executing program 4 (id=5902):
statmount$auto(0x0, 0x0, 0x1fe, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x4c080}, 0x800)
r0 = socket(0x2, 0x3, 0x100)
mmap$auto(0x0, 0xfffffffffffffffc, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x400006, 0xdf, 0x10011, r0, 0x800008000)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14ab3f)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
fcntl$auto(r1, 0x400, 0x1)
truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7f)
socket(0x29, 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x8}, 0x7f, 0x0)
mmap$auto(0x0, 0x5, 0x1000002, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0)
write$auto(r2, 0x0, 0x2)
r4 = socket(0x1a, 0x0, 0xffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="05000000", @ANYBLOB="011025bd7000f7dbdf250100003f06770a0998c6000200010700000000070058000000080009000800000008000a000800000014001f000000000000000000000000000000000114002000000000000000"], 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRESOCT=r1, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESHEX=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r5 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc6}, 0x2, &(0x7f0000000340)="36e8e045f632ff4eae90ceb9e0e8c18b3622384dad8202000000000000abc6e2240f3513d083e63505c76873a3a15e793bae92de6d529b284aa0d51395d02cf1e8641385f549caecae452ea82f15fa30", 0xffffffffffffff68, 0x6}, 0x800}, 0x7, 0xfff)
recvmmsg$auto(r4, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
ioctl$auto(0xffffffffffffffff, 0x8914, 0x24)

888.934896ms ago: executing program 5 (id=5903):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4085}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0xf, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x401, 0x1003, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x8009, 0xb, 0x200000100106})
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_REMOVE_LINK(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x40804)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0xffffffff, 0x3, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0x9}, 0x400005, 0x25, 0x4, @raw=0x6, @integer={0xe7, 0x0, 0x81}, "7a9fc199a16a2311eacf2fc7ae1d8778dc610400000001000f00000000b6debe0eda71bdb5adb17884a16f7ce8c57c0eb327ac702b8d7c2d00"})
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
membarrier$auto_MEMBARRIER_CMD_GET_REGISTRATIONS(0x200, 0x9, 0x10000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
rt_sigqueueinfo$auto(0x0, 0x4004, &(0x7f0000000380)={@siginfo_0_0={0xf9, 0x2200, 0x7e73, @_sigfault={&(0x7f0000000080)="cd6a04bca626be972569ae369ded4ada848991a39b7e7c9da4e50f8afbc95199d1f6e3f5e1ca10b4f6cb0cb1ad546283c729465e495eddd1c5cc5470c7c8", @_addr_lsb=0x3}}})
r3 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5b0, &(0x7f0000000100)={&(0x7f0000000200), 0xf}, 0x7, 0x0, 0x3, 0x1000000e}, 0x45}, 0x1, 0xfd)
ioctl$auto_XFS_IOC_FREESP64(0xffffffffffffffff, 0x40305825, 0x0)
setgroups$auto(0xa1, &(0x7f0000000000)=0x8005ea)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

410.293212ms ago: executing program 4 (id=5904):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00', <r1=>0x0})
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000011}, 0x810)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00'}) (async)
sendmsg$auto_WG_CMD_SET_DEVICE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r1}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000011}, 0x810) (async)

227.128179ms ago: executing program 4 (id=5905):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x5, 0x80004, 0x4000000000ff, 0x40000040eb1, 0x401, 0x300000000000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/wg0/ioam6_id\x00', 0x242, 0x0)
sendfile$auto(r4, r3, 0x0, 0x7fffe000)
r5 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r5}, 0x6f4)
read$auto(r1, 0x0, 0x20)
r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/card1/pcm0c/sub0/hw_params\x00', 0x48041, 0x0)
write$auto(r6, 0x0, 0x6)
unshare$auto(0x40000080)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000001c0)="536344708c0c0800000033", 0xb)
r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/ip6gre0/retrans_time_ms\x00', 0x101202, 0x0)
sendfile$auto(r1, r8, 0x0, 0x1)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x1, 0x4a, 0x0, 0x9)
socket(0x10, 0x80002, 0x0)
bind$auto(r2, &(0x7f0000000140)=@generic={0x1a, "9300000004000000000000000091"}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.0/usb9/9-0:1.0/usb9-port7/over_current_count\x00', 0x400000, 0x0)

0s ago: executing program 1 (id=5906):
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x41811}, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r2 = gettid()
rt_sigqueueinfo$auto(r2, 0xe, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0}}})
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x434400, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0)
sendfile$auto(r4, r4, 0x0, 0x8080000001)
mmap$auto(0x36, 0x20009, 0x4000000000df, 0x40000000000eb2, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfdef)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
mmap$auto(0x0, 0x1, 0x2000000df, 0xeb1, 0x40000000000a5, 0x8000)

kernel console output (not intermixed with test programs):

8] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1336.527620][T30978] RSP: 002b:00007f5596767038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1336.527634][T30978] RAX: ffffffffffffffda RBX: 00007f5595be5fa0 RCX: 00007f559598f7c9
[ 1336.527643][T30978] RDX: 00000000000000df RSI: 0000000000400009 RDI: 0000000000000000
[ 1336.527652][T30978] RBP: 00007f5595a13f91 R08: 0000000000000002 R09: 0000000000008000
[ 1336.527661][T30978] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1336.527670][T30978] R13: 00007f5595be6038 R14: 00007f5595be5fa0 R15: 00007ffd090a1ae8
[ 1336.527689][T30978]  </TASK>
[ 1336.884160][T30985] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input43
[ 1336.892932][T30985] FAULT_INJECTION: forcing a failure.
[ 1336.892932][T30985] name failslab, interval 1, probability 0, space 0, times 0
[ 1336.905614][T30985] CPU: 0 UID: 0 PID: 30985 Comm: syz.1.4707 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1336.905640][T30985] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1336.905645][T30985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1336.905654][T30985] Call Trace:
[ 1336.905660][T30985]  <TASK>
[ 1336.905667][T30985]  dump_stack_lvl+0x16c/0x1f0
[ 1336.905694][T30985]  should_fail_ex+0x512/0x640
[ 1336.905711][T30985]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1336.905731][T30985]  should_failslab+0xc2/0x120
[ 1336.905753][T30985]  kmem_cache_alloc_noprof+0x83/0x770
[ 1336.905770][T30985]  ? __kernfs_new_node+0xd2/0x9b0
[ 1336.905789][T30985]  ? __kernfs_new_node+0xd2/0x9b0
[ 1336.905803][T30985]  __kernfs_new_node+0xd2/0x9b0
[ 1336.905822][T30985]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1336.905842][T30985]  ? find_held_lock+0x2b/0x80
[ 1336.905861][T30985]  ? kernfs_root+0xee/0x2a0
[ 1336.905880][T30985]  kernfs_new_node+0x13c/0x1e0
[ 1336.905901][T30985]  kernfs_create_link+0xcc/0x240
[ 1336.905916][T30985]  sysfs_do_create_link_sd+0x90/0x140
[ 1336.905933][T30985]  sysfs_create_link+0x61/0xc0
[ 1336.905949][T30985]  device_add+0x652/0x1980
[ 1336.905972][T30985]  ? __pfx_device_add+0x10/0x10
[ 1336.905990][T30985]  ? __pfx_exact_lock+0x10/0x10
[ 1336.906013][T30985]  ? kobject_get+0xbb/0x150
[ 1336.906029][T30985]  cdev_device_add+0x12b/0x270
[ 1336.906051][T30985]  evdev_connect+0x3a4/0x4c0
[ 1336.906073][T30985]  input_attach_handler.isra.0+0x176/0x250
[ 1336.906094][T30985]  input_register_device+0xab9/0x11b0
[ 1336.906112][T30985]  ? input_ff_create+0x221/0x350
[ 1336.906128][T30985]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[ 1336.906148][T30985]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1336.906165][T30985]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1336.906185][T30985]  ? find_held_lock+0x2b/0x80
[ 1336.906212][T30985]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1336.906229][T30985]  __x64_sys_ioctl+0x18e/0x210
[ 1336.906248][T30985]  do_syscall_64+0xcd/0xf80
[ 1336.906263][T30985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1336.906278][T30985] RIP: 0033:0x7fefa5d8f7c9
[ 1336.906290][T30985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1336.906305][T30985] RSP: 002b:00007fefa6cba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1336.906319][T30985] RAX: ffffffffffffffda RBX: 00007fefa5fe6180 RCX: 00007fefa5d8f7c9
[ 1336.906328][T30985] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000006
[ 1336.906336][T30985] RBP: 00007fefa5e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1336.906344][T30985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1336.906353][T30985] R13: 00007fefa5fe6218 R14: 00007fefa5fe6180 R15: 00007ffc5bade598
[ 1336.906373][T30985]  </TASK>
[ 1337.619082][T30992] FAULT_INJECTION: forcing a failure.
[ 1337.619082][T30992] name failslab, interval 1, probability 0, space 0, times 0
[ 1337.650164][T30992] CPU: 0 UID: 0 PID: 30992 Comm: syz.0.4711 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1337.650193][T30992] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1337.650198][T30992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1337.650207][T30992] Call Trace:
[ 1337.650212][T30992]  <TASK>
[ 1337.650219][T30992]  dump_stack_lvl+0x16c/0x1f0
[ 1337.650247][T30992]  should_fail_ex+0x512/0x640
[ 1337.650264][T30992]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1337.650284][T30992]  should_failslab+0xc2/0x120
[ 1337.650305][T30992]  kmem_cache_alloc_noprof+0x83/0x770
[ 1337.650321][T30992]  ? alloc_empty_file+0x55/0x1e0
[ 1337.650341][T30992]  ? alloc_empty_file+0x55/0x1e0
[ 1337.650355][T30992]  alloc_empty_file+0x55/0x1e0
[ 1337.650370][T30992]  path_openat+0xde/0x3140
[ 1337.650393][T30992]  ? rcu_is_watching+0x12/0xc0
[ 1337.650412][T30992]  ? trace_kmem_cache_alloc+0x28/0xb0
[ 1337.650433][T30992]  ? __pfx_path_openat+0x10/0x10
[ 1337.650451][T30992]  ? getname_kernel+0x52/0x370
[ 1337.650466][T30992]  ? __asan_memcpy+0x3c/0x60
[ 1337.650485][T30992]  do_file_open_root+0x322/0x610
[ 1337.650506][T30992]  ? __pfx_do_file_open_root+0x10/0x10
[ 1337.650540][T30992]  ? __lock_acquire+0x436/0x2890
[ 1337.650555][T30992]  ? vsnprintf+0x331/0x11e0
[ 1337.650577][T30992]  file_open_root+0x2a7/0x450
[ 1337.650599][T30992]  ? __pfx_file_open_root+0x10/0x10
[ 1337.650617][T30992]  ? find_held_lock+0x2b/0x80
[ 1337.650635][T30992]  ? kernel_read_file_from_path_initns+0x17a/0x260
[ 1337.650658][T30992]  kernel_read_file_from_path_initns+0x189/0x260
[ 1337.650687][T30992]  ? __pfx_kernel_read_file_from_path_initns+0x10/0x10
[ 1337.650713][T30992]  _request_firmware+0x737/0x14e0
[ 1337.650738][T30992]  ? __pfx__request_firmware+0x10/0x10
[ 1337.650754][T30992]  ? _request_firmware+0x126/0x14e0
[ 1337.650772][T30992]  request_firmware+0x35/0x50
[ 1337.650788][T30992]  valid_regdb+0x184/0x590
[ 1337.650804][T30992]  ? __pfx_valid_regdb+0x10/0x10
[ 1337.650822][T30992]  reg_reload_regdb+0x11a/0x460
[ 1337.650838][T30992]  ? __pfx_reg_reload_regdb+0x10/0x10
[ 1337.650854][T30992]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1337.650872][T30992]  ? nl80211_pre_doit+0x1b0/0xb10
[ 1337.650892][T30992]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1337.650910][T30992]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1337.650925][T30992]  ? genl_get_cmd+0x194/0x580
[ 1337.650942][T30992]  ? bpf_lsm_capable+0x9/0x10
[ 1337.650959][T30992]  ? security_capable+0x7e/0x260
[ 1337.650977][T30992]  genl_rcv_msg+0x55c/0x800
[ 1337.650993][T30992]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1337.651008][T30992]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1337.651025][T30992]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[ 1337.651039][T30992]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1337.651064][T30992]  netlink_rcv_skb+0x158/0x420
[ 1337.651084][T30992]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1337.651099][T30992]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1337.651127][T30992]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1337.651150][T30992]  genl_rcv+0x28/0x40
[ 1337.651162][T30992]  netlink_unicast+0x5aa/0x870
[ 1337.651185][T30992]  ? __pfx_netlink_unicast+0x10/0x10
[ 1337.651212][T30992]  netlink_sendmsg+0x8c8/0xdd0
[ 1337.651235][T30992]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1337.651258][T30992]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1337.651276][T30992]  ____sys_sendmsg+0xa5d/0xc30
[ 1337.651291][T30992]  ? copy_msghdr_from_user+0x10a/0x160
[ 1337.651309][T30992]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1337.651327][T30992]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1337.651348][T30992]  ___sys_sendmsg+0x134/0x1d0
[ 1337.651368][T30992]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1337.651386][T30992]  ? futex_private_hash_put+0x160/0x1b0
[ 1337.651422][T30992]  __sys_sendmsg+0x16d/0x220
[ 1337.651440][T30992]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1337.651458][T30992]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1337.651484][T30992]  do_syscall_64+0xcd/0xf80
[ 1337.651499][T30992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1337.651513][T30992] RIP: 0033:0x7f63ddd8f7c9
[ 1337.651527][T30992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1337.651540][T30992] RSP: 002b:00007f63decc9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1337.651554][T30992] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa0 RCX: 00007f63ddd8f7c9
[ 1337.651563][T30992] RDX: 00000000000000d0 RSI: 0000200000000580 RDI: 0000000000000005
[ 1337.651572][T30992] RBP: 00007f63dde13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1337.651581][T30992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1337.651589][T30992] R13: 00007f63ddfe6038 R14: 00007f63ddfe5fa0 R15: 00007ffd2a39df38
[ 1337.651609][T30992]  </TASK>
[ 1337.651640][T30992] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db.p7s failed with error -12
[ 1338.571355][T30985] input: failed to attach handler evdev to device input43, error: -12
[ 1339.064373][T30996] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input44
[ 1339.189737][T31017] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4715'.
[ 1341.641543][T31088] FAULT_INJECTION: forcing a failure.
[ 1341.641543][T31088] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1341.705932][T31088] CPU: 0 UID: 0 PID: 31088 Comm: syz.0.4732 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1341.705959][T31088] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1341.705965][T31088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1341.705974][T31088] Call Trace:
[ 1341.705979][T31088]  <TASK>
[ 1341.705985][T31088]  dump_stack_lvl+0x16c/0x1f0
[ 1341.706013][T31088]  should_fail_ex+0x512/0x640
[ 1341.706032][T31088]  get_futex_key+0x1d0/0x15f0
[ 1341.706051][T31088]  ? __pfx_get_futex_key+0x10/0x10
[ 1341.706072][T31088]  futex_wake+0xea/0x530
[ 1341.706089][T31088]  ? __might_fault+0xe3/0x190
[ 1341.706108][T31088]  ? __pfx_futex_wake+0x10/0x10
[ 1341.706128][T31088]  ? _copy_from_user+0x59/0xd0
[ 1341.706144][T31088]  ? post_copy_siginfo_from_user.isra.0+0x209/0x300
[ 1341.706162][T31088]  do_futex+0x1e3/0x350
[ 1341.706178][T31088]  ? __pfx_do_futex+0x10/0x10
[ 1341.706204][T31088]  __x64_sys_futex+0x1e0/0x4c0
[ 1341.706222][T31088]  ? __pfx___x64_sys_rt_tgsigqueueinfo+0x10/0x10
[ 1341.706238][T31088]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1341.706262][T31088]  do_syscall_64+0xcd/0xf80
[ 1341.706278][T31088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1341.706293][T31088] RIP: 0033:0x7f63ddd8f7c9
[ 1341.706305][T31088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1341.706319][T31088] RSP: 002b:00007f63decc90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1341.706333][T31088] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa8 RCX: 00007f63ddd8f7c9
[ 1341.706342][T31088] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f63ddfe5fac
[ 1341.706350][T31088] RBP: 00007f63ddfe5fa0 R08: 00007f63decca000 R09: 0000000000000000
[ 1341.706359][T31088] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1341.706367][T31088] R13: 00007f63ddfe6038 R14: 00007ffd2a39de50 R15: 00007ffd2a39df38
[ 1341.706386][T31088]  </TASK>
[ 1341.905118][T31088] FAULT_INJECTION: forcing a failure.
[ 1341.905118][T31088] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.918599][T31088] CPU: 0 UID: 0 PID: 31088 Comm: syz.0.4732 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1341.918626][T31088] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1341.918631][T31088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1341.918640][T31088] Call Trace:
[ 1341.918646][T31088]  <TASK>
[ 1341.918652][T31088]  dump_stack_lvl+0x16c/0x1f0
[ 1341.918679][T31088]  should_fail_ex+0x512/0x640
[ 1341.918695][T31088]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1341.918716][T31088]  should_failslab+0xc2/0x120
[ 1341.918738][T31088]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1341.918756][T31088]  ? shmem_alloc_inode+0x25/0x50
[ 1341.918779][T31088]  ? __pfx_shmem_alloc_inode+0x10/0x10
[ 1341.918796][T31088]  ? shmem_alloc_inode+0x25/0x50
[ 1341.918813][T31088]  shmem_alloc_inode+0x25/0x50
[ 1341.918830][T31088]  alloc_inode+0x64/0x240
[ 1341.918846][T31088]  new_inode+0x22/0x1c0
[ 1341.918863][T31088]  shmem_get_inode+0x19a/0xfb0
[ 1341.918883][T31088]  ? __vm_enough_memory+0x184/0x3f0
[ 1341.918903][T31088]  __shmem_file_setup+0x290/0x350
[ 1341.918927][T31088]  shmem_zero_setup+0x93/0x1b0
[ 1341.918944][T31088]  __mmap_region+0x2277/0x2a00
[ 1341.918963][T31088]  ? __pfx___mmap_region+0x10/0x10
[ 1341.918994][T31088]  ? finish_task_switch.isra.0+0x202/0xbd0
[ 1341.919014][T31088]  ? rcu_is_watching+0x12/0xc0
[ 1341.919067][T31088]  ? rcu_is_watching+0x12/0xc0
[ 1341.919090][T31088]  mmap_region+0x1ab/0x3f0
[ 1341.919106][T31088]  ? __get_unmapped_area+0x267/0x3f0
[ 1341.919128][T31088]  do_mmap+0xa3e/0x1210
[ 1341.919150][T31088]  ? __pfx_do_mmap+0x10/0x10
[ 1341.919170][T31088]  ? __pfx_down_write_killable+0x10/0x10
[ 1341.919197][T31088]  vm_mmap_pgoff+0x29e/0x470
[ 1341.919221][T31088]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1341.919239][T31088]  ? fdget+0x187/0x210
[ 1341.919259][T31088]  ? __sys_connect+0xe0/0x160
[ 1341.919278][T31088]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1341.919293][T31088]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1341.919311][T31088]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1341.919329][T31088]  ? xfd_validate_state+0x61/0x180
[ 1341.919343][T31088]  ? __pfx_ksys_write+0x10/0x10
[ 1341.919364][T31088]  __x64_sys_mmap+0x125/0x190
[ 1341.919380][T31088]  do_syscall_64+0xcd/0xf80
[ 1341.919395][T31088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1341.919409][T31088] RIP: 0033:0x7f63ddd8f7c9
[ 1341.919423][T31088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1341.919437][T31088] RSP: 002b:00007f63decc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1341.919450][T31088] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa0 RCX: 00007f63ddd8f7c9
[ 1341.919460][T31088] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[ 1341.919469][T31088] RBP: 00007f63dde13f91 R08: fffffffffffffffa R09: 0000000000008000
[ 1341.919478][T31088] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1341.919487][T31088] R13: 00007f63ddfe6038 R14: 00007f63ddfe5fa0 R15: 00007ffd2a39df38
[ 1341.919506][T31088]  </TASK>
[ 1342.595750][T31099] usb usb4: usbfs: process 31099 (syz.1.4734) did not claim interface 0 before use
[ 1343.468610][T31129] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4740'.
[ 1344.903360][T31161] zswap: compressor  not available
[ 1344.930009][T31163] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes
[ 1345.469332][T31179] zswap: compressor  not available
[ 1347.397288][T31254] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4762'.
[ 1348.119265][T31275] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4767'.
[ 1349.372798][T31311] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4774'.
[ 1349.407978][T22729] Bluetooth: hci2: unexpected event 0x22 length: 435 > 260
[ 1349.408003][T22729] Bluetooth: hci2: Malformed HCI Event: 0x22
[ 1349.621397][T31325] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8165a13a (__mcheck_cpu_init_prepare_banks+0x18a/0x380)
[ 1349.637394][T31325] Call Trace:
[ 1349.640690][T31325]  <TASK>
[ 1349.643645][T31325]  ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10
[ 1349.650314][T31325]  ? __pfx___schedule+0x10/0x10
[ 1349.655162][T31325]  ? irqentry_exit+0x1dd/0x8c0
[ 1349.659909][T31325]  mce_cpu_restart+0xd9/0x1f0
[ 1349.664575][T31325]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1349.669842][T31325]  smp_call_function_many_cond+0x1200/0x15e0
[ 1349.675820][T31325]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1349.681094][T31325]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[ 1349.686895][T31325]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1349.693225][T31325]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[ 1349.699198][T31325]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1349.704533][T31325]  on_each_cpu_cond_mask+0x40/0x90
[ 1349.709645][T31325]  set_bank+0x240/0x3a0
[ 1349.713789][T31325]  ? __pfx_set_bank+0x10/0x10
[ 1349.718510][T31325]  ? find_held_lock+0x2b/0x80
[ 1349.723184][T31325]  ? __pfx_set_bank+0x10/0x10
[ 1349.727844][T31325]  dev_attr_store+0x58/0x80
[ 1349.732338][T31325]  ? __pfx_dev_attr_store+0x10/0x10
[ 1349.737523][T31325]  sysfs_kf_write+0xf2/0x150
[ 1349.742101][T31325]  kernfs_fop_write_iter+0x3af/0x570
[ 1349.747379][T31325]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1349.752582][T31325]  vfs_write+0x7d3/0x11d0
[ 1349.756899][T31325]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1349.762710][T31325]  ? __pfx_vfs_write+0x10/0x10
[ 1349.767476][T31325]  ksys_write+0x12a/0x250
[ 1349.771795][T31325]  ? __pfx_ksys_write+0x10/0x10
[ 1349.776730][T31325]  do_syscall_64+0xcd/0xf80
[ 1349.781303][T31325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1349.787181][T31325] RIP: 0033:0x7f63ddd8f7c9
[ 1349.791586][T31325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1349.811196][T31325] RSP: 002b:00007f63decc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1349.819604][T31325] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa0 RCX: 00007f63ddd8f7c9
[ 1349.827565][T31325] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000004
[ 1349.835528][T31325] RBP: 00007f63dde13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1349.843496][T31325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1349.851538][T31325] R13: 00007f63ddfe6038 R14: 00007f63ddfe5fa0 R15: 00007ffd2a39df38
[ 1349.859511][T31325]  </TASK>
[ 1351.875594][T31385] zswap: compressor  not available
[ 1353.146095][T31424] FAULT_INJECTION: forcing a failure.
[ 1353.146095][T31424] name failslab, interval 1, probability 0, space 0, times 0
[ 1353.221211][T31424] CPU: 0 UID: 0 PID: 31424 Comm: syz.0.4799 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1353.221239][T31424] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1353.221245][T31424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1353.221254][T31424] Call Trace:
[ 1353.221260][T31424]  <TASK>
[ 1353.221266][T31424]  dump_stack_lvl+0x16c/0x1f0
[ 1353.221297][T31424]  should_fail_ex+0x512/0x640
[ 1353.221315][T31424]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1353.221334][T31424]  should_failslab+0xc2/0x120
[ 1353.221357][T31424]  __kmalloc_cache_noprof+0x80/0x800
[ 1353.221373][T31424]  ? pkcs7_parse_message+0x15d/0x720
[ 1353.221394][T31424]  ? pkcs7_parse_message+0x15d/0x720
[ 1353.221419][T31424]  pkcs7_parse_message+0x15d/0x720
[ 1353.221440][T31424]  verify_pkcs7_signature+0x30/0xa0
[ 1353.221462][T31424]  valid_regdb+0x211/0x590
[ 1353.221480][T31424]  ? __pfx_valid_regdb+0x10/0x10
[ 1353.221498][T31424]  reg_reload_regdb+0x11a/0x460
[ 1353.221514][T31424]  ? __pfx_reg_reload_regdb+0x10/0x10
[ 1353.221530][T31424]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1353.221548][T31424]  ? nl80211_pre_doit+0x1b0/0xb10
[ 1353.221570][T31424]  genl_family_rcv_msg_doit+0x209/0x2f0
[ 1353.221591][T31424]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1353.221606][T31424]  ? genl_get_cmd+0x194/0x580
[ 1353.221623][T31424]  ? bpf_lsm_capable+0x9/0x10
[ 1353.221642][T31424]  ? security_capable+0x7e/0x260
[ 1353.221661][T31424]  genl_rcv_msg+0x55c/0x800
[ 1353.221678][T31424]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1353.221692][T31424]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1353.221709][T31424]  ? __pfx_nl80211_reload_regdb+0x10/0x10
[ 1353.221723][T31424]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1353.221748][T31424]  netlink_rcv_skb+0x158/0x420
[ 1353.221769][T31424]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1353.221784][T31424]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1353.221812][T31424]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1353.221834][T31424]  genl_rcv+0x28/0x40
[ 1353.221846][T31424]  netlink_unicast+0x5aa/0x870
[ 1353.221869][T31424]  ? __pfx_netlink_unicast+0x10/0x10
[ 1353.221896][T31424]  netlink_sendmsg+0x8c8/0xdd0
[ 1353.221919][T31424]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1353.221942][T31424]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[ 1353.221960][T31424]  ____sys_sendmsg+0xa5d/0xc30
[ 1353.221976][T31424]  ? copy_msghdr_from_user+0x10a/0x160
[ 1353.221994][T31424]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1353.222012][T31424]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1353.222033][T31424]  ___sys_sendmsg+0x134/0x1d0
[ 1353.222059][T31424]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1353.222079][T31424]  ? futex_private_hash_put+0x160/0x1b0
[ 1353.222117][T31424]  __sys_sendmsg+0x16d/0x220
[ 1353.222137][T31424]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1353.222156][T31424]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1353.222184][T31424]  do_syscall_64+0xcd/0xf80
[ 1353.222200][T31424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1353.222214][T31424] RIP: 0033:0x7f63ddd8f7c9
[ 1353.222227][T31424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1353.222240][T31424] RSP: 002b:00007f63decc9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1353.222254][T31424] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa0 RCX: 00007f63ddd8f7c9
[ 1353.222264][T31424] RDX: 00000000000000d0 RSI: 0000200000000580 RDI: 0000000000000005
[ 1353.222273][T31424] RBP: 00007f63dde13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1353.222282][T31424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1353.222291][T31424] R13: 00007f63ddfe6038 R14: 00007f63ddfe5fa0 R15: 00007ffd2a39df38
[ 1353.222311][T31424]  </TASK>
[ 1354.331975][T31433] netlink: 'syz.3.4802': attribute type 5 has an invalid length.
[ 1354.368389][T31433] netlink: 'syz.3.4802': attribute type 1 has an invalid length.
[ 1354.378016][T31433] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4802'.
[ 1355.204633][T31449] FAULT_INJECTION: forcing a failure.
[ 1355.204633][T31449] name failslab, interval 1, probability 0, space 0, times 0
[ 1355.302005][T31449] CPU: 0 UID: 0 PID: 31449 Comm: syz.0.4806 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1355.302032][T31449] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1355.302038][T31449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1355.302047][T31449] Call Trace:
[ 1355.302052][T31449]  <TASK>
[ 1355.302058][T31449]  dump_stack_lvl+0x16c/0x1f0
[ 1355.302086][T31449]  should_fail_ex+0x512/0x640
[ 1355.302103][T31449]  ? __kmalloc_noprof+0xca/0x910
[ 1355.302120][T31449]  should_failslab+0xc2/0x120
[ 1355.302141][T31449]  __kmalloc_noprof+0xeb/0x910
[ 1355.302156][T31449]  ? __asan_memcpy+0x3c/0x60
[ 1355.302170][T31449]  ? handler_new_ref+0x1b0/0xc60
[ 1355.302187][T31449]  ? handler_new_ref+0x1b0/0xc60
[ 1355.302199][T31449]  handler_new_ref+0x1b0/0xc60
[ 1355.302231][T31449]  v4l2_ctrl_new+0x196c/0x2190
[ 1355.302252][T31449]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[ 1355.302273][T31449]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1355.302297][T31449]  v4l2_ctrl_new_std+0x1be/0x290
[ 1355.302317][T31449]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[ 1355.302334][T31449]  ? trace_kmalloc+0x2b/0xb0
[ 1355.302355][T31449]  ? v4l2_ctrl_handler_init_class+0x201/0x350
[ 1355.302379][T31449]  ? media_request_object_init+0x100/0x180
[ 1355.302400][T31449]  vicodec_open+0x1b2/0xf70
[ 1355.302417][T31449]  ? kobject_get_unless_zero+0x156/0x1e0
[ 1355.302436][T31449]  v4l2_open+0x1d2/0x5e0
[ 1355.302456][T31449]  ? __pfx_v4l2_open+0x10/0x10
[ 1355.302474][T31449]  chrdev_open+0x234/0x6a0
[ 1355.302495][T31449]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1355.302510][T31449]  ? __pfx_chrdev_open+0x10/0x10
[ 1355.302531][T31449]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1355.302556][T31449]  do_dentry_open+0x748/0x1590
[ 1355.302575][T31449]  ? __pfx_chrdev_open+0x10/0x10
[ 1355.302600][T31449]  vfs_open+0x82/0x3f0
[ 1355.302617][T31449]  path_openat+0x2078/0x3140
[ 1355.302643][T31449]  ? __pfx_path_openat+0x10/0x10
[ 1355.302669][T31449]  do_filp_open+0x20b/0x470
[ 1355.302690][T31449]  ? __pfx_do_filp_open+0x10/0x10
[ 1355.302723][T31449]  ? alloc_fd+0x471/0x7d0
[ 1355.302748][T31449]  do_sys_openat2+0x121/0x290
[ 1355.302764][T31449]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1355.302786][T31449]  __x64_sys_openat+0x174/0x210
[ 1355.302802][T31449]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1355.302825][T31449]  do_syscall_64+0xcd/0xf80
[ 1355.302840][T31449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1355.302854][T31449] RIP: 0033:0x7f63ddd8f7c9
[ 1355.302866][T31449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1355.302882][T31449] RSP: 002b:00007f63decc9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1355.302895][T31449] RAX: ffffffffffffffda RBX: 00007f63ddfe5fa0 RCX: 00007f63ddd8f7c9
[ 1355.302905][T31449] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1355.302913][T31449] RBP: 00007f63dde13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1355.302922][T31449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1355.302931][T31449] R13: 00007f63ddfe6038 R14: 00007f63ddfe5fa0 R15: 00007ffd2a39df38
[ 1355.302951][T31449]  </TASK>
[ 1356.630105][   T30] audit: type=1800 audit(1768882452.422:43): pid=31486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4813" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1356.948984][T31494] netlink: 350 bytes leftover after parsing attributes in process `syz.4.4816'.
[ 1357.037467][T31504] netlink: 350 bytes leftover after parsing attributes in process `syz.4.4816'.
[ 1358.541985][T31554] zram0: detected capacity change from 0 to 8
[ 1358.574673][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805998f000: rx timeout, send abort
[ 1359.084898][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805998f000: abort rx timeout. Force session deactivation
[ 1361.892454][T31655] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma?
[ 1362.798726][   T30] audit: type=1800 audit(4294967328.729:44): pid=31676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4858" name="dbroot" dev="configfs" ino=139533 res=0 errno=0
[ 1363.942577][T31714] zswap: compressor  not available
[ 1364.983934][T31742] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45
[ 1367.217054][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1367.223454][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1367.724844][T22729] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[ 1367.837095][T31801] netlink: 'syz.0.4886': attribute type 1 has an invalid length.
[ 1369.054929][T31823] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4890'.
[ 1369.467486][T31830] UHID_CREATE from different security context by process 2347 (syz.0.4894), this is not allowed.
[ 1369.716926][T22729] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[ 1370.212757][T31833] zswap: compressor  not available
[ 1370.952914][T31875] zswap: compressor  not available
[ 1371.234396][T31875] zswap: compressor 0 not available
[ 1371.248141][T31888] netlink: 186 bytes leftover after parsing attributes in process `syz.4.4903'.
[ 1371.327791][T31888] netlink: 186 bytes leftover after parsing attributes in process `syz.4.4903'.
[ 1371.445874][T26524] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1371.458483][T26524] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1371.470595][T26524] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1371.478408][T26524] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1371.487159][T26524] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1371.611327][T31875] zswap: compressor 0 not available
[ 1371.776145][T23849] Bluetooth: hci0: command 0x2016 tx timeout
[ 1372.387915][T26215] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1372.593462][T26215] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1372.705618][T26215] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1372.878670][T26215] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1372.945377][T31891] chnl_net:caif_netlink_parms(): no params data found
[ 1373.277968][T31891] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1373.325842][T31891] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1373.354677][T31891] bridge_slave_0: entered allmulticast mode
[ 1373.384314][T31891] bridge_slave_0: entered promiscuous mode
[ 1373.432748][T31891] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1373.439851][T31891] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1373.487602][T31891] bridge_slave_1: entered allmulticast mode
[ 1373.514440][T31891] bridge_slave_1: entered promiscuous mode
[ 1373.531731][T26524] Bluetooth: hci3: command tx timeout
[ 1373.545335][T26215] bridge_slave_1: left allmulticast mode
[ 1373.552766][T26215] bridge_slave_1: left promiscuous mode
[ 1373.572993][T26215] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1373.601159][T26215] bridge_slave_0: left allmulticast mode
[ 1373.623122][T26215] bridge_slave_0: left promiscuous mode
[ 1373.635405][T26215] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1373.855084][T26524] Bluetooth: hci0: command 0x2016 tx timeout
[ 1374.221732][T26215] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1374.251226][T26215] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1374.287695][T26215] bond0 (unregistering): Released all slaves
[ 1374.369350][T26215] ovs_����: left promiscuous mode
[ 1374.453016][T26215] tipc: Left network mode
[ 1374.464620][T31891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1374.514034][T31891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1374.800233][T31891] team0: Port device team_slave_0 added
[ 1374.840469][T31891] team0: Port device team_slave_1 added
[ 1374.986841][T31891] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1375.018441][T31891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1375.108850][T31891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1375.339660][T31891] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1375.362401][T31891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1375.482056][T31891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1375.613101][T23849] Bluetooth: hci3: command tx timeout
[ 1375.721300][T26215] hsr_slave_0: left promiscuous mode
[ 1375.768649][T26215] hsr_slave_1: left promiscuous mode
[ 1375.820220][T26215] veth0_macvtap: left promiscuous mode
[ 1376.952303][T26215]  (unregistering): Port device team_slave_1 removed
[ 1377.050923][T26215]  (unregistering): Port device team_slave_0 removed
[ 1377.693632][T23849] Bluetooth: hci3: command tx timeout
[ 1378.127000][T31986] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1378.133102][T31986] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1378.143429][T31986] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1378.173615][T31891] hsr_slave_0: entered promiscuous mode
[ 1378.180011][T31986] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1378.192344][T31891] hsr_slave_1: entered promiscuous mode
[ 1378.204266][T31986] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1378.245451][T31986] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1378.264317][T31986] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1378.297038][T31986] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1378.326130][T31986] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1378.342313][T31986] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1378.376067][T31986] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1379.477619][T32049] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[ 1379.527586][T32044] nvme_fabrics: missing parameter 'transport=%s'
[ 1379.563501][T32044] nvme_fabrics: missing parameter 'nqn=%s'
[ 1380.087640][T32069] netlink: 'syz.1.4940': attribute type 11 has an invalid length.
[ 1380.136812][T32069] netlink: 'syz.1.4940': attribute type 11 has an invalid length.
[ 1380.175856][T26524] Bluetooth: hci2: command 0x0406 tx timeout
[ 1380.181945][T23849] Bluetooth: hci0: command 0x2016 tx timeout
[ 1380.190948][T32069] netlink: 'syz.1.4940': attribute type 11 has an invalid length.
[ 1380.255079][T23849] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1380.335557][T23849] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1380.353004][T31891] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1380.438765][T31891] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1380.496549][T31891] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1380.547530][T31891] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1380.822393][T32100] Invalid ELF header magic: != ELF
[ 1381.020478][T31891] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1381.127679][T31891] 8021q: adding VLAN 0 to HW filter on device team0
[ 1381.175918][T23682] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1381.183067][T23682] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1381.278461][T23682] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1381.285632][T23682] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1381.982875][T31891] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1382.255736][T26524] Bluetooth: hci2: command 0x0406 tx timeout
[ 1382.261802][T23849] Bluetooth: hci0: command 0x2016 tx timeout
[ 1382.303461][T31891] veth0_vlan: entered promiscuous mode
[ 1382.336172][T23849] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1382.414995][T23849] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1382.616770][T31891] veth1_vlan: entered promiscuous mode
[ 1382.908611][T31891] veth0_macvtap: entered promiscuous mode
[ 1382.966113][T31891] veth1_macvtap: entered promiscuous mode
[ 1383.031624][T31891] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1383.076157][T31891] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1383.151366][T22743] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1383.190528][T22743] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1383.376847][T22743] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1383.423564][T22743] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1383.814002][T26215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1383.864729][T26215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1383.950861][T26215] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1383.977356][T26215] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1384.013990][T32199] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4959'.
[ 1384.191557][   T30] audit: type=1800 audit(4294967350.110:45): pid=32201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4902" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1384.335628][T23849] Bluetooth: hci0: command 0x2016 tx timeout
[ 1384.372535][T32210] netlink: 62 bytes leftover after parsing attributes in process `syz.1.4962'.
[ 1384.416767][T23849] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1384.496586][T23849] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1384.812618][T32229] : Can't lookup blockdev
[ 1384.851716][T32230] FAULT_INJECTION: forcing a failure.
[ 1384.851716][T32230] name failslab, interval 1, probability 0, space 0, times 0
[ 1384.938824][T32230] CPU: 0 UID: 0 PID: 32230 Comm: syz.0.4969 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1384.938852][T32230] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1384.938858][T32230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1384.938867][T32230] Call Trace:
[ 1384.938872][T32230]  <TASK>
[ 1384.938878][T32230]  dump_stack_lvl+0x16c/0x1f0
[ 1384.938906][T32230]  should_fail_ex+0x512/0x640
[ 1384.938923][T32230]  ? fs_reclaim_acquire+0xae/0x150
[ 1384.938947][T32230]  should_failslab+0xc2/0x120
[ 1384.938968][T32230]  __kmalloc_noprof+0xeb/0x910
[ 1384.938984][T32230]  ? tomoyo_encode2+0x100/0x3e0
[ 1384.939006][T32230]  ? tomoyo_encode2+0x100/0x3e0
[ 1384.939023][T32230]  tomoyo_encode2+0x100/0x3e0
[ 1384.939044][T32230]  tomoyo_encode+0x29/0x50
[ 1384.939062][T32230]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1384.939086][T32230]  tomoyo_check_open_permission+0x2ab/0x3c0
[ 1384.939104][T32230]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1384.939139][T32230]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1384.939160][T32230]  tomoyo_file_open+0x6b/0x90
[ 1384.939174][T32230]  security_file_open+0x84/0x1e0
[ 1384.939193][T32230]  do_dentry_open+0x597/0x1590
[ 1384.939214][T32230]  ? security_inode_permission+0xbf/0x260
[ 1384.939234][T32230]  vfs_open+0x82/0x3f0
[ 1384.939258][T32230]  path_openat+0x2078/0x3140
[ 1384.939286][T32230]  ? __pfx_path_openat+0x10/0x10
[ 1384.939313][T32230]  do_filp_open+0x20b/0x470
[ 1384.939334][T32230]  ? __pfx_do_filp_open+0x10/0x10
[ 1384.939368][T32230]  ? alloc_fd+0x471/0x7d0
[ 1384.939393][T32230]  do_sys_openat2+0x121/0x290
[ 1384.939408][T32230]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1384.939430][T32230]  __x64_sys_openat+0x174/0x210
[ 1384.939446][T32230]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1384.939469][T32230]  do_syscall_64+0xcd/0xf80
[ 1384.939483][T32230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.939498][T32230] RIP: 0033:0x7f723d38f7c9
[ 1384.939511][T32230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1384.939524][T32230] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1384.939539][T32230] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1384.939548][T32230] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c
[ 1384.939557][T32230] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1384.939565][T32230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1384.939572][T32230] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1384.939591][T32230]  </TASK>
[ 1384.939607][T32230] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1386.193398][T32238] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1386.228632][T32238] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1386.265626][T32238] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1386.427926][T32238] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1387.076955][T32277] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4978'.
[ 1387.989985][T32297] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4984'.
[ 1388.255652][T26524] Bluetooth: hci2: command 0x0406 tx timeout
[ 1388.261685][T23849] Bluetooth: hci0: command 0x2016 tx timeout
[ 1388.336713][T26524] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1388.495187][T26524] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1388.533335][T32316] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4989'.
[ 1388.601950][T32317] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4989'.
[ 1389.108916][T32325] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4991'.
[ 1390.325398][T32358] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1391.188024][T32389] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5005'.
[ 1391.548738][T32398] FAULT_INJECTION: forcing a failure.
[ 1391.548738][T32398] name failslab, interval 1, probability 0, space 0, times 0
[ 1391.610042][T32398] CPU: 0 UID: 0 PID: 32398 Comm: syz.0.5007 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1391.610069][T32398] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1391.610075][T32398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1391.610083][T32398] Call Trace:
[ 1391.610089][T32398]  <TASK>
[ 1391.610096][T32398]  dump_stack_lvl+0x16c/0x1f0
[ 1391.610124][T32398]  should_fail_ex+0x512/0x640
[ 1391.610141][T32398]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1391.610161][T32398]  should_failslab+0xc2/0x120
[ 1391.610183][T32398]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1391.610199][T32398]  ? dquot_alloc_inode+0x51b/0xb90
[ 1391.610215][T32398]  ? __dquot_initialize+0x299/0xd50
[ 1391.610229][T32398]  ? __d_alloc+0x35/0xa80
[ 1391.610245][T32398]  ? __d_alloc+0x35/0xa80
[ 1391.610256][T32398]  __d_alloc+0x35/0xa80
[ 1391.610270][T32398]  d_alloc_pseudo+0x1c/0xc0
[ 1391.610287][T32398]  alloc_file_pseudo+0xcf/0x230
[ 1391.610303][T32398]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1391.610324][T32398]  __shmem_file_setup+0x1a8/0x350
[ 1391.610347][T32398]  shmem_zero_setup+0x93/0x1b0
[ 1391.610365][T32398]  __mmap_region+0x2277/0x2a00
[ 1391.610384][T32398]  ? __pfx___mmap_region+0x10/0x10
[ 1391.610398][T32398]  ? __lock_acquire+0x436/0x2890
[ 1391.610425][T32398]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1391.610444][T32398]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1391.610457][T32398]  ? finish_task_switch.isra.0+0x207/0xbd0
[ 1391.610510][T32398]  ? rcu_is_watching+0x12/0xc0
[ 1391.610533][T32398]  mmap_region+0x1ab/0x3f0
[ 1391.610550][T32398]  ? __get_unmapped_area+0x267/0x3f0
[ 1391.610571][T32398]  do_mmap+0xa3e/0x1210
[ 1391.610595][T32398]  ? __pfx_do_mmap+0x10/0x10
[ 1391.610614][T32398]  ? __pfx_down_write_killable+0x10/0x10
[ 1391.610633][T32398]  vm_mmap_pgoff+0x29e/0x470
[ 1391.610655][T32398]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1391.610678][T32398]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1391.610693][T32398]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1391.610711][T32398]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1391.610737][T32398]  ? xfd_validate_state+0x61/0x180
[ 1391.610750][T32398]  ? __pfx_ksys_write+0x10/0x10
[ 1391.610772][T32398]  __x64_sys_mmap+0x125/0x190
[ 1391.610789][T32398]  do_syscall_64+0xcd/0xf80
[ 1391.610804][T32398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1391.610818][T32398] RIP: 0033:0x7f723d38f7c9
[ 1391.610830][T32398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1391.610844][T32398] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1391.610858][T32398] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1391.610867][T32398] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[ 1391.610875][T32398] RBP: 00007f723d413f91 R08: fffffffffffffffa R09: 0000000000008000
[ 1391.610884][T32398] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1391.610893][T32398] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1391.610913][T32398]  </TASK>
[ 1392.010871][T32401] openvswitch: netlink: Key type 261 is out of range max 32
[ 1392.975468][T32420] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5009'.
[ 1393.221002][T32426] netlink: 334 bytes leftover after parsing attributes in process `syz.3.5012'.
[ 1393.969486][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.012066][T32443] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.043951][T32448] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1394.070197][T32448] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1394.077488][T32448] IPv6: NLM_F_CREATE should be set when creating new route
[ 1394.084700][T32448] IPv6: NLM_F_CREATE should be set when creating new route
[ 1394.152745][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.182495][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.235195][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.275153][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.321547][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.376327][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.430290][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.488371][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.525162][T32448] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5018'.
[ 1394.836493][T32472] Invalid ELF header magic: != ELF
[ 1395.485853][T32488] binder: BINDER_SET_CONTEXT_MGR already set
[ 1395.492644][T32488] binder: 32485:32488 ioctl 4018620d 9 returned -16
[ 1398.085487][T32573] FAULT_INJECTION: forcing a failure.
[ 1398.085487][T32573] name failslab, interval 1, probability 0, space 0, times 0
[ 1398.126151][T32573] CPU: 0 UID: 0 PID: 32573 Comm: syz.1.5044 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1398.126178][T32573] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1398.126184][T32573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1398.126193][T32573] Call Trace:
[ 1398.126199][T32573]  <TASK>
[ 1398.126205][T32573]  dump_stack_lvl+0x16c/0x1f0
[ 1398.126232][T32573]  should_fail_ex+0x512/0x640
[ 1398.126249][T32573]  ? fs_reclaim_acquire+0xae/0x150
[ 1398.126273][T32573]  should_failslab+0xc2/0x120
[ 1398.126302][T32573]  __kmalloc_noprof+0xeb/0x910
[ 1398.126319][T32573]  ? tomoyo_encode2+0x100/0x3e0
[ 1398.126343][T32573]  ? tomoyo_encode2+0x100/0x3e0
[ 1398.126362][T32573]  tomoyo_encode2+0x100/0x3e0
[ 1398.126384][T32573]  tomoyo_encode+0x29/0x50
[ 1398.126401][T32573]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1398.126426][T32573]  tomoyo_mkdev_perm+0x22b/0x570
[ 1398.126441][T32573]  ? tomoyo_mkdev_perm+0x217/0x570
[ 1398.126458][T32573]  ? __pfx_tomoyo_mkdev_perm+0x10/0x10
[ 1398.126476][T32573]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1398.126497][T32573]  ? do_raw_spin_unlock+0x172/0x230
[ 1398.126522][T32573]  ? __pfx_current_check_access_path+0x10/0x10
[ 1398.126542][T32573]  ? simple_lookup+0x105/0x1d0
[ 1398.126565][T32573]  tomoyo_path_mknod+0x12a/0x190
[ 1398.126579][T32573]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[ 1398.126593][T32573]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1398.126617][T32573]  security_path_mknod+0x161/0x310
[ 1398.126635][T32573]  do_mknodat+0x24e/0x6f0
[ 1398.126655][T32573]  ? __pfx_do_mknodat+0x10/0x10
[ 1398.126675][T32573]  ? getname_flags.part.0+0x1c5/0x550
[ 1398.126694][T32573]  __x64_sys_mknod+0x87/0xb0
[ 1398.126714][T32573]  do_syscall_64+0xcd/0xf80
[ 1398.126729][T32573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1398.126743][T32573] RIP: 0033:0x7fefa5d8f7c9
[ 1398.126756][T32573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1398.126770][T32573] RSP: 002b:00007fefa6cfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[ 1398.126783][T32573] RAX: ffffffffffffffda RBX: 00007fefa5fe5fa0 RCX: 00007fefa5d8f7c9
[ 1398.126792][T32573] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0
[ 1398.126801][T32573] RBP: 00007fefa5e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1398.126809][T32573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1398.126818][T32573] R13: 00007fefa5fe6038 R14: 00007fefa5fe5fa0 R15: 00007ffc5bade598
[ 1398.126838][T32573]  </TASK>
[ 1398.126854][T32573] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1399.112305][T32589] input: f�
 as /devices/virtual/input/input46
[ 1402.356958][T32656] netlink: 226 bytes leftover after parsing attributes in process `syz.4.5066'.
[ 1402.924154][T32676] Invalid ELF header magic: != ELF
[ 1405.995889][T32747] FAULT_INJECTION: forcing a failure.
[ 1405.995889][T32747] name failslab, interval 1, probability 0, space 0, times 0
[ 1406.058399][T32747] CPU: 0 UID: 0 PID: 32747 Comm: syz.0.5083 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1406.058426][T32747] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1406.058432][T32747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1406.058441][T32747] Call Trace:
[ 1406.058446][T32747]  <TASK>
[ 1406.058452][T32747]  dump_stack_lvl+0x16c/0x1f0
[ 1406.058481][T32747]  should_fail_ex+0x512/0x640
[ 1406.058499][T32747]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1406.058519][T32747]  should_failslab+0xc2/0x120
[ 1406.058541][T32747]  __kmalloc_cache_noprof+0x80/0x800
[ 1406.058557][T32747]  ? append_filter_err+0xb8/0x610
[ 1406.058578][T32747]  ? append_filter_err+0xb8/0x610
[ 1406.058594][T32747]  append_filter_err+0xb8/0x610
[ 1406.058615][T32747]  apply_subsystem_event_filter+0x75a/0x17e0
[ 1406.058640][T32747]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[ 1406.058663][T32747]  ? _copy_from_user+0x59/0xd0
[ 1406.058681][T32747]  subsystem_filter_write+0x95/0x120
[ 1406.058701][T32747]  ? __pfx_subsystem_filter_write+0x10/0x10
[ 1406.058718][T32747]  vfs_write+0x2a0/0x11d0
[ 1406.058739][T32747]  ? __pfx___mutex_lock+0x10/0x10
[ 1406.058763][T32747]  ? __pfx_vfs_write+0x10/0x10
[ 1406.058788][T32747]  ? __fget_files+0x20e/0x3c0
[ 1406.058815][T32747]  ksys_write+0x12a/0x250
[ 1406.058835][T32747]  ? __pfx_ksys_write+0x10/0x10
[ 1406.058861][T32747]  do_syscall_64+0xcd/0xf80
[ 1406.058876][T32747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.058890][T32747] RIP: 0033:0x7f723d38f7c9
[ 1406.058903][T32747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1406.058916][T32747] RSP: 002b:00007f723e189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1406.058935][T32747] RAX: ffffffffffffffda RBX: 00007f723d5e6090 RCX: 00007f723d38f7c9
[ 1406.058944][T32747] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007
[ 1406.058953][T32747] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1406.058962][T32747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1406.058971][T32747] R13: 00007f723d5e6128 R14: 00007f723d5e6090 R15: 00007ffd54b7dfb8
[ 1406.058991][T32747]  </TASK>
[ 1406.341589][T32758] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5086'.
[ 1406.393801][T32759] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5086'.
[ 1408.131721][  T328] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5096'.
[ 1408.307011][  T336] random: crng reseeded on system resumption
[ 1408.713918][  T354] random: crng reseeded on system resumption
[ 1408.858231][  T354] netlink: zone id is out of range
[ 1408.874112][  T354] netlink: zone id is out of range
[ 1408.897663][  T365] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5104'.
[ 1408.909105][  T354] netlink: zone id is out of range
[ 1408.914215][  T354] netlink: zone id is out of range
[ 1408.935259][  T354] netlink: zone id is out of range
[ 1408.961775][  T354] netlink: zone id is out of range
[ 1408.985370][  T354] netlink: zone id is out of range
[ 1409.034683][  T354] netlink: zone id is out of range
[ 1409.064160][  T362] can: request_module (can-proto-0) failed.
[ 1409.088390][  T354] netlink: zone id is out of range
[ 1409.124560][  T354] netlink: zone id is out of range
[ 1409.384721][  T381] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5108'.
[ 1409.434187][  T381] netlink: 25 bytes leftover after parsing attributes in process `syz.3.5108'.
[ 1409.642879][  T393] FAULT_INJECTION: forcing a failure.
[ 1409.642879][  T393] name failslab, interval 1, probability 0, space 0, times 0
[ 1409.692348][  T393] CPU: 0 UID: 0 PID: 393 Comm: syz.0.5111 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1409.692374][  T393] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1409.692380][  T393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1409.692389][  T393] Call Trace:
[ 1409.692395][  T393]  <TASK>
[ 1409.692402][  T393]  dump_stack_lvl+0x16c/0x1f0
[ 1409.692429][  T393]  should_fail_ex+0x512/0x640
[ 1409.692446][  T393]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1409.692465][  T393]  should_failslab+0xc2/0x120
[ 1409.692487][  T393]  __kmalloc_cache_noprof+0x80/0x800
[ 1409.692503][  T393]  ? snd_seq_port_connect+0x61/0x580
[ 1409.692535][  T393]  ? snd_seq_port_connect+0x61/0x580
[ 1409.692556][  T393]  snd_seq_port_connect+0x61/0x580
[ 1409.692578][  T393]  ? _raw_read_unlock+0x28/0x50
[ 1409.692599][  T393]  ? check_subscription_permission.isra.0+0xf5/0x240
[ 1409.692623][  T393]  snd_seq_ioctl_subscribe_port+0x209/0x4b0
[ 1409.692639][  T393]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[ 1409.692654][  T393]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1409.692676][  T393]  call_seq_client_ctl+0xa3/0x130
[ 1409.692697][  T393]  snd_seq_kernel_client_ctl+0x7a/0xc0
[ 1409.692719][  T393]  snd_seq_oss_midi_open+0x489/0x6a0
[ 1409.692737][  T393]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[ 1409.692753][  T393]  ? snd_seq_oss_midi_reset+0x11a/0x4c0
[ 1409.692775][  T393]  ? __mutex_lock+0x27b/0x1ca0
[ 1409.692793][  T393]  snd_seq_oss_synth_reset+0x437/0x900
[ 1409.692809][  T393]  ? __pfx___mutex_lock+0x10/0x10
[ 1409.692823][  T393]  ? __pfx_snd_seq_oss_synth_reset+0x10/0x10
[ 1409.692841][  T393]  ? __pfx___fsnotify_parent+0x10/0x10
[ 1409.692866][  T393]  snd_seq_oss_reset+0x73/0x290
[ 1409.692880][  T393]  ? __pfx_odev_release+0x10/0x10
[ 1409.692899][  T393]  snd_seq_oss_release+0x7c/0x180
[ 1409.692914][  T393]  odev_release+0x56/0xa0
[ 1409.692933][  T393]  __fput+0x402/0xb70
[ 1409.692952][  T393]  task_work_run+0x150/0x240
[ 1409.692968][  T393]  ? __pfx_task_work_run+0x10/0x10
[ 1409.692982][  T393]  ? __do_sys_close_range+0x278/0x730
[ 1409.693008][  T393]  exit_to_user_mode_loop+0xfb/0x540
[ 1409.693027][  T393]  do_syscall_64+0x4ee/0xf80
[ 1409.693042][  T393]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1409.693056][  T393] RIP: 0033:0x7f723d38f7c9
[ 1409.693069][  T393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1409.693082][  T393] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1409.693097][  T393] RAX: 0000000000000000 RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1409.693106][  T393] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1409.693115][  T393] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1409.693123][  T393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1409.693132][  T393] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1409.693152][  T393]  </TASK>
[ 1410.096381][  T401] FAULT_INJECTION: forcing a failure.
[ 1410.096381][  T401] name failslab, interval 1, probability 0, space 0, times 0
[ 1410.109097][  T401] CPU: 0 UID: 0 PID: 401 Comm: syz.0.5113 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1410.109123][  T401] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1410.109128][  T401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1410.109138][  T401] Call Trace:
[ 1410.109144][  T401]  <TASK>
[ 1410.109151][  T401]  dump_stack_lvl+0x16c/0x1f0
[ 1410.109178][  T401]  should_fail_ex+0x512/0x640
[ 1410.109195][  T401]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1410.109215][  T401]  should_failslab+0xc2/0x120
[ 1410.109237][  T401]  kmem_cache_alloc_noprof+0x83/0x770
[ 1410.109254][  T401]  ? alloc_empty_file+0x55/0x1e0
[ 1410.109272][  T401]  ? alloc_empty_file+0x55/0x1e0
[ 1410.109285][  T401]  alloc_empty_file+0x55/0x1e0
[ 1410.109300][  T401]  alloc_file_pseudo+0x13a/0x230
[ 1410.109316][  T401]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1410.109331][  T401]  ? alloc_fd+0x471/0x7d0
[ 1410.109353][  T401]  sock_alloc_file+0x50/0x210
[ 1410.109374][  T401]  __sys_socket+0x1c0/0x260
[ 1410.109388][  T401]  ? fput+0x70/0xf0
[ 1410.109400][  T401]  ? __pfx___sys_socket+0x10/0x10
[ 1410.109414][  T401]  ? xfd_validate_state+0x61/0x180
[ 1410.109427][  T401]  ? __pfx_ksys_read+0x10/0x10
[ 1410.109449][  T401]  __x64_sys_socket+0x72/0xb0
[ 1410.109463][  T401]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1410.109476][  T401]  do_syscall_64+0xcd/0xf80
[ 1410.109490][  T401]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1410.109512][  T401] RIP: 0033:0x7f723d38f7c9
[ 1410.109525][  T401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1410.109539][  T401] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1410.109553][  T401] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1410.109563][  T401] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1410.109571][  T401] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1410.109579][  T401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1410.109587][  T401] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1410.109605][  T401]  </TASK>
[ 1410.945145][  T418] Invalid ELF header magic: != ELF
[ 1411.877208][  T437] ovs_����?: entered promiscuous mode
[ 1412.156166][  T444] Invalid ELF header magic: != ELF
[ 1414.432385][  T508] netlink: 504 bytes leftover after parsing attributes in process `syz.4.5142'.
[ 1415.450300][T26524] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[ 1415.523153][  T533] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5150'.
[ 1417.100890][  T560] nvme_fabrics: missing parameter 'transport=%s'
[ 1417.142285][  T560] nvme_fabrics: missing parameter 'nqn=%s'
[ 1422.364650][  T666] net_ratelimit: 29 callbacks suppressed
[ 1422.364664][  T666] netlink: zone id is out of range
[ 1422.440690][  T666] netlink: zone id is out of range
[ 1422.475953][  T666] netlink: zone id is out of range
[ 1422.511753][  T666] netlink: zone id is out of range
[ 1422.549264][  T666] netlink: zone id is out of range
[ 1422.574299][  T666] netlink: zone id is out of range
[ 1422.595246][  T666] netlink: zone id is out of range
[ 1422.620550][  T666] netlink: zone id is out of range
[ 1422.644473][  T666] netlink: zone id is out of range
[ 1422.671678][  T666] netlink: zone id is out of range
[ 1424.309944][  T724] futex_wake_op: syz.4.5194 tries to shift op by -2048; fix this program
[ 1424.552924][  T727] lo: entered allmulticast mode
[ 1424.757841][  T727] lo: left allmulticast mode
[ 1426.296040][  T754] FAULT_INJECTION: forcing a failure.
[ 1426.296040][  T754] name failslab, interval 1, probability 0, space 0, times 0
[ 1426.430657][  T754] CPU: 0 UID: 0 PID: 754 Comm: syz.0.5200 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1426.430685][  T754] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1426.430691][  T754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1426.430700][  T754] Call Trace:
[ 1426.430706][  T754]  <TASK>
[ 1426.430713][  T754]  dump_stack_lvl+0x16c/0x1f0
[ 1426.430745][  T754]  should_fail_ex+0x512/0x640
[ 1426.430762][  T754]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1426.430782][  T754]  should_failslab+0xc2/0x120
[ 1426.430803][  T754]  __kmalloc_cache_noprof+0x80/0x800
[ 1426.430818][  T754]  ? net_alloc_generic+0x1e/0x70
[ 1426.430837][  T754]  ? copy_net_ns+0xe8/0x7c0
[ 1426.430848][  T754]  ? copy_net_ns+0x135/0x7c0
[ 1426.430863][  T754]  ? copy_net_ns+0x135/0x7c0
[ 1426.430874][  T754]  copy_net_ns+0x135/0x7c0
[ 1426.430885][  T754]  ? copy_cgroup_ns+0x71/0x980
[ 1426.430902][  T754]  create_new_namespaces+0x3ea/0xab0
[ 1426.430925][  T754]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1426.430945][  T754]  ksys_unshare+0x45b/0xa40
[ 1426.430959][  T754]  ? __pfx_ksys_unshare+0x10/0x10
[ 1426.430972][  T754]  ? xfd_validate_state+0x61/0x180
[ 1426.430990][  T754]  __x64_sys_unshare+0x31/0x40
[ 1426.431002][  T754]  do_syscall_64+0xcd/0xf80
[ 1426.431017][  T754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1426.431031][  T754] RIP: 0033:0x7f723d38f7c9
[ 1426.431043][  T754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1426.431057][  T754] RSP: 002b:00007f723e189038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1426.431071][  T754] RAX: ffffffffffffffda RBX: 00007f723d5e6090 RCX: 00007f723d38f7c9
[ 1426.431080][  T754] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1426.431088][  T754] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1426.431096][  T754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1426.431104][  T754] R13: 00007f723d5e6128 R14: 00007f723d5e6090 R15: 00007ffd54b7dfb8
[ 1426.431122][  T754]  </TASK>
[ 1427.495116][  T771] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5203'.
[ 1428.667562][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.673920][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1430.090495][  T814] input: jJǸ-���9�%v���J86���hǙn�?aԙ/rk
[ 1430.090495][  T814] l6���x� �b6�Yh$X�.=��_ as /devices/virtual/input/input47
[ 1433.298420][  T899] futex_wake_op: syz.4.5233 tries to shift op by -2048; fix this program
[ 1433.325514][  T899] futex_wake_op: syz.4.5233 tries to shift op by -2048; fix this program
[ 1435.765058][ T1010] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5249'.
[ 1437.110300][ T1043] random: crng reseeded on system resumption
[ 1437.681355][ T1072] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5259'.
[ 1437.753216][ T1072] unsupported nlmsg_type 40
[ 1439.246613][ T1111] FAULT_INJECTION: forcing a failure.
[ 1439.246613][ T1111] name failslab, interval 1, probability 0, space 0, times 0
[ 1439.367635][ T1111] CPU: 0 UID: 0 PID: 1111 Comm: syz.1.5267 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1439.367662][ T1111] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1439.367667][ T1111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1439.367676][ T1111] Call Trace:
[ 1439.367681][ T1111]  <TASK>
[ 1439.367687][ T1111]  dump_stack_lvl+0x16c/0x1f0
[ 1439.367715][ T1111]  should_fail_ex+0x512/0x640
[ 1439.367735][ T1111]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1439.367754][ T1111]  should_failslab+0xc2/0x120
[ 1439.367775][ T1111]  __kmalloc_cache_noprof+0x80/0x800
[ 1439.367791][ T1111]  ? vkms_plane_duplicate_state+0x45/0x130
[ 1439.367814][ T1111]  ? vkms_plane_duplicate_state+0x45/0x130
[ 1439.367834][ T1111]  vkms_plane_duplicate_state+0x45/0x130
[ 1439.367852][ T1111]  drm_atomic_get_plane_state+0x279/0x760
[ 1439.367871][ T1111]  drm_client_modeset_commit_atomic+0x237/0x7e0
[ 1439.367890][ T1111]  ? rcu_is_watching+0x12/0xc0
[ 1439.367914][ T1111]  ? __mutex_lock+0x27b/0x1ca0
[ 1439.367929][ T1111]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 1439.367947][ T1111]  ? trace_contention_end+0xdd/0x110
[ 1439.367982][ T1111]  drm_client_modeset_commit_locked+0x14d/0x580
[ 1439.368004][ T1111]  drm_client_modeset_commit+0x4f/0x80
[ 1439.368023][ T1111]  __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160
[ 1439.368044][ T1111]  drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0
[ 1439.368065][ T1111]  drm_fbdev_client_restore+0x1b/0x30
[ 1439.368080][ T1111]  ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 1439.368094][ T1111]  drm_client_dev_restore+0x200/0x2a0
[ 1439.368115][ T1111]  drm_release+0x2c6/0x360
[ 1439.368134][ T1111]  ? __pfx_drm_release+0x10/0x10
[ 1439.368149][ T1111]  __fput+0x402/0xb70
[ 1439.368169][ T1111]  task_work_run+0x150/0x240
[ 1439.368185][ T1111]  ? __pfx_task_work_run+0x10/0x10
[ 1439.368199][ T1111]  ? __do_sys_close_range+0x278/0x730
[ 1439.368226][ T1111]  exit_to_user_mode_loop+0xfb/0x540
[ 1439.368246][ T1111]  do_syscall_64+0x4ee/0xf80
[ 1439.368261][ T1111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1439.368276][ T1111] RIP: 0033:0x7fefa5d8f7c9
[ 1439.368288][ T1111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1439.368301][ T1111] RSP: 002b:00007fefa6cfc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1439.368315][ T1111] RAX: 0000000000000000 RBX: 00007fefa5fe5fa0 RCX: 00007fefa5d8f7c9
[ 1439.368324][ T1111] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1439.368332][ T1111] RBP: 00007fefa5e13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1439.368340][ T1111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1439.368347][ T1111] R13: 00007fefa5fe6038 R14: 00007fefa5fe5fa0 R15: 00007ffc5bade598
[ 1439.368368][ T1111]  </TASK>
[ 1441.108867][ T1134] program syz.1.5272 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1441.198249][ T1134] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1442.139675][ T1161] netlink: 'syz.4.5282': attribute type 11 has an invalid length.
[ 1442.202085][ T1157] vivid-007: =================  START STATUS  =================
[ 1442.274603][ T1157] vivid-007: Enable Output Cropping: true
[ 1442.338013][ T1157] vivid-007: Enable Output Composing: true
[ 1442.398396][ T1157] vivid-007: Enable Output Scaler: true
[ 1442.470234][ T1157] vivid-007: Tx RGB Quantization Range: Automatic
[ 1442.544853][ T1157] vivid-007: Transmit Mode: HDMI
[ 1442.579769][ T1157] vivid-007: Hotplug Present: 0x00000000
[ 1442.623435][ T1157] vivid-007: RxSense Present: 0x00000000
[ 1442.671708][ T1157] vivid-007: EDID Present: 0x00000000
[ 1442.711622][ T1157] vivid-007: ==================  END STATUS  ==================
[ 1444.092181][ T1220] Unable to find swap-space signature
[ 1446.363575][ T1254] Format for unlinking a device is "netnsfd:ifidx" (int uint).
[ 1446.385710][T26524] Bluetooth: hci3: unexpected event 0x36 length: 123 > 7
[ 1446.409755][ T1253] Format for unlinking a device is "netnsfd:ifidx" (int uint).
[ 1446.582016][ T1253] ptp ptp0: new virtual clock ptp1
[ 1446.621741][ T1253] ptp ptp0: new virtual clock ptp2
[ 1446.658453][ T1253] ptp ptp0: new virtual clock ptp3
[ 1446.682415][ T1253] ptp ptp0: guarantee physical clock free running
[ 1448.683318][ T1305] smc: net device dummy0 applied user defined pnetid DUMMY0
[ 1448.897585][ T1313] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input48
[ 1449.446953][ T1324] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5315'.
[ 1449.531369][ T1324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5315'.
[ 1449.639573][ T1348] No such timeout policy ""
[ 1449.673087][ T1348] net_ratelimit: 19 callbacks suppressed
[ 1449.673100][ T1348] netlink: Failed to associated timeout policy ''
[ 1450.100105][ T1365] Invalid ELF header magic: != ELF
[ 1450.419988][ T1371] Invalid ELF header magic: != ELF
[ 1450.898297][ T1381] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5327'.
[ 1451.116473][T26524] Bluetooth: hci5: unexpected event 0x36 length: 123 > 7
[ 1451.617897][ T1407] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5333'.
[ 1451.697588][ T1407] FAULT_INJECTION: forcing a failure.
[ 1451.697588][ T1407] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.770800][ T1407] CPU: 0 UID: 0 PID: 1407 Comm: syz.0.5333 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1451.770827][ T1407] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1451.770834][ T1407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1451.770843][ T1407] Call Trace:
[ 1451.770849][ T1407]  <TASK>
[ 1451.770855][ T1407]  dump_stack_lvl+0x16c/0x1f0
[ 1451.770883][ T1407]  should_fail_ex+0x512/0x640
[ 1451.770900][ T1407]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1451.770920][ T1407]  should_failslab+0xc2/0x120
[ 1451.770942][ T1407]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1451.770959][ T1407]  ? alloc_inode+0x64/0x240
[ 1451.770979][ T1407]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[ 1451.770992][ T1407]  ? alloc_inode+0x64/0x240
[ 1451.771005][ T1407]  alloc_inode+0x64/0x240
[ 1451.771020][ T1407]  new_inode+0x22/0x1c0
[ 1451.771037][ T1407]  __debugfs_create_file+0x105/0x530
[ 1451.771054][ T1407]  debugfs_create_file_full+0x41/0x60
[ 1451.771070][ T1407]  ref_tracker_dir_debugfs+0x19d/0x2f0
[ 1451.771088][ T1407]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[ 1451.771122][ T1407]  ? lockdep_init_map_type+0x5c/0x270
[ 1451.771140][ T1407]  preinit_net.part.0+0x24e/0x8f0
[ 1451.771161][ T1407]  copy_net_ns+0x4cd/0x7c0
[ 1451.771175][ T1407]  create_new_namespaces+0x3ea/0xab0
[ 1451.771200][ T1407]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1451.771221][ T1407]  ksys_unshare+0x45b/0xa40
[ 1451.771235][ T1407]  ? __pfx_ksys_unshare+0x10/0x10
[ 1451.771248][ T1407]  ? xfd_validate_state+0x61/0x180
[ 1451.771266][ T1407]  __x64_sys_unshare+0x31/0x40
[ 1451.771278][ T1407]  do_syscall_64+0xcd/0xf80
[ 1451.771299][ T1407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1451.771314][ T1407] RIP: 0033:0x7f723d38f7c9
[ 1451.771327][ T1407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1451.771341][ T1407] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1451.771356][ T1407] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1451.771365][ T1407] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1451.771373][ T1407] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1451.771382][ T1407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1451.771390][ T1407] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1451.771408][ T1407]  </TASK>
[ 1451.771414][ T1407] debugfs: out of free dentries, can not create file 'net_refcnt@ffff8880344c27d8'
[ 1452.853815][ T1423] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49
[ 1453.152933][ T1428] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50
[ 1453.611087][ T1445] <
[ 1453.611149][ T1445] <
[ 1454.053724][ T1459] bridge0: port 3(batadv0) entered blocking state
[ 1454.120496][ T1459] bridge0: port 3(batadv0) entered disabled state
[ 1454.157661][ T1459] batadv0: entered allmulticast mode
[ 1454.183111][ T1459] batadv0: entered promiscuous mode
[ 1454.197013][ T1459] bridge0: port 3(batadv0) entered blocking state
[ 1454.203697][ T1459] bridge0: port 3(batadv0) entered forwarding state
[ 1454.644933][T22742] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1454.655559][T22742] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1454.808321][ T1483] can: request_module (can-proto-0) failed.
[ 1455.209146][ T1498] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5355'.
[ 1455.256648][ T1498] netlink: 25 bytes leftover after parsing attributes in process `syz.1.5355'.
[ 1455.805163][ T1527] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[ 1460.674966][T26524] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260
[ 1460.674992][T26524] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5
[ 1461.469663][T26524] Bluetooth: hci2: Malformed LE Event: 0x0b
[ 1462.151270][T26524] Bluetooth: hci0: Malformed LE Event: 0x0b
[ 1463.712499][ T1693] netlink: 334 bytes leftover after parsing attributes in process `syz.0.5391'.
[ 1464.271087][ T1701] FAULT_INJECTION: forcing a failure.
[ 1464.271087][ T1701] name failslab, interval 1, probability 0, space 0, times 0
[ 1464.322634][ T1701] CPU: 0 UID: 0 PID: 1701 Comm: syz.0.5394 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1464.322661][ T1701] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1464.322667][ T1701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1464.322677][ T1701] Call Trace:
[ 1464.322682][ T1701]  <TASK>
[ 1464.322688][ T1701]  dump_stack_lvl+0x16c/0x1f0
[ 1464.322723][ T1701]  should_fail_ex+0x512/0x640
[ 1464.322741][ T1701]  ? __kmalloc_noprof+0xca/0x910
[ 1464.322760][ T1701]  should_failslab+0xc2/0x120
[ 1464.322790][ T1701]  __kmalloc_noprof+0xeb/0x910
[ 1464.322807][ T1701]  ? __register_sysctl_table+0xea2/0x1900
[ 1464.322831][ T1701]  ? __register_sysctl_table+0xea2/0x1900
[ 1464.322850][ T1701]  __register_sysctl_table+0xea2/0x1900
[ 1464.322874][ T1701]  ? __pfx___register_sysctl_table+0x10/0x10
[ 1464.322891][ T1701]  ? is_module_address+0x69/0xf0
[ 1464.322907][ T1701]  ? register_net_sysctl_sz+0x222/0x450
[ 1464.322924][ T1701]  ? __asan_memcpy+0x3c/0x60
[ 1464.322942][ T1701]  sctp_sysctl_net_register+0x15d/0x200
[ 1464.322966][ T1701]  ? __pfx_sctp_defaults_init+0x10/0x10
[ 1464.322987][ T1701]  sctp_defaults_init+0x6d2/0xd90
[ 1464.323008][ T1701]  ? __pfx_sctp_defaults_init+0x10/0x10
[ 1464.323028][ T1701]  ops_init+0x1e2/0x5f0
[ 1464.323051][ T1701]  setup_net+0x11d/0x3a0
[ 1464.323070][ T1701]  ? __pfx_setup_net+0x10/0x10
[ 1464.323087][ T1701]  ? lockdep_init_map_type+0x5c/0x270
[ 1464.323102][ T1701]  ? mutex_init_lockep+0x110/0x150
[ 1464.323119][ T1701]  copy_net_ns+0x351/0x7c0
[ 1464.323133][ T1701]  create_new_namespaces+0x3ea/0xab0
[ 1464.323156][ T1701]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1464.323177][ T1701]  ksys_unshare+0x45b/0xa40
[ 1464.323190][ T1701]  ? __pfx_ksys_unshare+0x10/0x10
[ 1464.323203][ T1701]  ? xfd_validate_state+0x61/0x180
[ 1464.323221][ T1701]  __x64_sys_unshare+0x31/0x40
[ 1464.323233][ T1701]  do_syscall_64+0xcd/0xf80
[ 1464.323248][ T1701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1464.323262][ T1701] RIP: 0033:0x7f723d38f7c9
[ 1464.323274][ T1701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1464.323287][ T1701] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1464.323301][ T1701] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1464.323310][ T1701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1464.323319][ T1701] RBP: 00007f723d413f91 R08: 0000000000000000 R09: 0000000000000000
[ 1464.323327][ T1701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1464.323336][ T1701] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1464.323355][ T1701]  </TASK>
[ 1464.323362][ T1701] sysctl could not get directory: /net/sctp -12
[ 1467.537548][ T1761] FAULT_INJECTION: forcing a failure.
[ 1467.537548][ T1761] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1467.664077][ T1761] CPU: 0 UID: 0 PID: 1761 Comm: syz.1.5407 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1467.664103][ T1761] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1467.664109][ T1761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1467.664117][ T1761] Call Trace:
[ 1467.664123][ T1761]  <TASK>
[ 1467.664129][ T1761]  dump_stack_lvl+0x16c/0x1f0
[ 1467.664155][ T1761]  should_fail_ex+0x512/0x640
[ 1467.664176][ T1761]  should_fail_alloc_page+0xe7/0x130
[ 1467.664200][ T1761]  prepare_alloc_pages+0x401/0x670
[ 1467.664222][ T1761]  ? rcu_is_watching+0x12/0xc0
[ 1467.664243][ T1761]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1467.664262][ T1761]  ? __lock_acquire+0x436/0x2890
[ 1467.664283][ T1761]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1467.664301][ T1761]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1467.664317][ T1761]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1467.664332][ T1761]  ? find_held_lock+0x2b/0x80
[ 1467.664356][ T1761]  ? __lock_acquire+0x436/0x2890
[ 1467.664368][ T1761]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1467.664391][ T1761]  ? policy_nodemask+0xea/0x4e0
[ 1467.664413][ T1761]  alloc_pages_mpol+0x1fb/0x550
[ 1467.664434][ T1761]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1467.664460][ T1761]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1467.664476][ T1761]  shmem_alloc_folio+0x135/0x160
[ 1467.664498][ T1761]  shmem_alloc_and_add_folio+0x494/0xc20
[ 1467.664519][ T1761]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1467.664536][ T1761]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[ 1467.664556][ T1761]  shmem_get_folio_gfp+0x67f/0x1610
[ 1467.664581][ T1761]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1467.664598][ T1761]  ? filemap_map_pages+0x12dd/0x1e00
[ 1467.664617][ T1761]  shmem_fault+0x1fe/0xa00
[ 1467.664633][ T1761]  ? __pfx_shmem_fault+0x10/0x10
[ 1467.664652][ T1761]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1467.664672][ T1761]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1467.664686][ T1761]  __do_fault+0x10d/0x490
[ 1467.664707][ T1761]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1467.664721][ T1761]  do_fault+0xae4/0x1ad0
[ 1467.664740][ T1761]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1467.664759][ T1761]  __handle_mm_fault+0x1919/0x2bb0
[ 1467.664779][ T1761]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1467.664794][ T1761]  ? __pte_offset_map_lock+0x174/0x310
[ 1467.664814][ T1761]  ? find_held_lock+0x2b/0x80
[ 1467.664837][ T1761]  ? follow_page_pte+0x5cf/0x1390
[ 1467.664861][ T1761]  handle_mm_fault+0x3fe/0xad0
[ 1467.664879][ T1761]  __get_user_pages+0x54e/0x3590
[ 1467.664907][ T1761]  ? __pfx___get_user_pages+0x10/0x10
[ 1467.664933][ T1761]  populate_vma_page_range+0x267/0x3f0
[ 1467.664955][ T1761]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1467.664976][ T1761]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1467.664997][ T1761]  ? do_mmap+0x69c/0x1210
[ 1467.665018][ T1761]  __mm_populate+0x1d8/0x380
[ 1467.665040][ T1761]  ? __pfx___mm_populate+0x10/0x10
[ 1467.665062][ T1761]  ? up_write+0x282/0x4e0
[ 1467.665079][ T1761]  vm_mmap_pgoff+0x37f/0x470
[ 1467.665100][ T1761]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1467.665122][ T1761]  ? __fget_files+0x20e/0x3c0
[ 1467.665146][ T1761]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1467.665168][ T1761]  __x64_sys_mmap+0x125/0x190
[ 1467.665186][ T1761]  do_syscall_64+0xcd/0xf80
[ 1467.665200][ T1761]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1467.665214][ T1761] RIP: 0033:0x7fefa5d8f7c9
[ 1467.665226][ T1761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1467.665240][ T1761] RSP: 002b:00007fefa6cdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1467.665253][ T1761] RAX: ffffffffffffffda RBX: 00007fefa5fe6090 RCX: 00007fefa5d8f7c9
[ 1467.665262][ T1761] RDX: 0000000000000ffb RSI: 0000000000810004 RDI: 0000000000000000
[ 1467.665270][ T1761] RBP: 00007fefa5e13f91 R08: 0000000000000003 R09: 0000000000008000
[ 1467.665278][ T1761] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000000
[ 1467.665286][ T1761] R13: 00007fefa5fe6128 R14: 00007fefa5fe6090 R15: 00007ffc5bade598
[ 1467.665305][ T1761]  </TASK>
[ 1469.789193][ T1798] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5414'.
[ 1471.074249][ T1838] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139
[ 1471.156804][ T1838] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum
[ 1471.231135][ T1804] kexec: Could not allocate control_code_buffer
[ 1471.327630][ T1840] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 2: bad block bitmap checksum
[ 1471.952205][T23849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1471.963353][T23849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1471.971420][T23849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1472.015069][T23849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1472.023664][T23849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1472.462213][ T1847] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5424'.
[ 1472.814510][ T1851] chnl_net:caif_netlink_parms(): no params data found
[ 1473.534272][ T1851] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1473.595487][ T1851] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1473.633254][ T1851] bridge_slave_0: entered allmulticast mode
[ 1473.680305][ T1851] bridge_slave_0: entered promiscuous mode
[ 1473.765383][ T1851] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1473.772525][ T1851] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1473.846491][ T1851] bridge_slave_1: entered allmulticast mode
[ 1473.885938][ T1851] bridge_slave_1: entered promiscuous mode
[ 1474.021305][ T1851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1474.087323][ T1851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1474.098272][T26524] Bluetooth: hci1: command tx timeout
[ 1474.539548][ T1851] team0: Port device team_slave_0 added
[ 1474.572477][ T1851] team0: Port device team_slave_1 added
[ 1474.772045][T22743] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1474.905403][ T1851] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1474.936821][ T1851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1475.007053][ T1851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1475.126431][T22743] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.167228][ T1851] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1475.183643][ T1851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1475.267821][ T1851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1475.382677][T22743] bridge0: port 4(netdevsim1) entered disabled state
[ 1475.431775][T22743] netdevsim netdevsim4 netdevsim1 (unregistering): left allmulticast mode
[ 1475.465069][T22743] netdevsim netdevsim4 netdevsim1 (unregistering): left promiscuous mode
[ 1475.500565][T22743] bridge0: port 4(netdevsim1) entered disabled state
[ 1475.542922][T22743] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.640042][T22743] bridge0: port 3(netdevsim0) entered disabled state
[ 1475.693328][T22743] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode
[ 1475.720357][T22743] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode
[ 1475.746386][T22743] bridge0: port 3(netdevsim0) entered disabled state
[ 1475.773763][T22743] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.872818][ T1851] hsr_slave_0: entered promiscuous mode
[ 1475.887265][ T1851] hsr_slave_1: entered promiscuous mode
[ 1475.910087][ T1851] debugfs: 'hsr0' already exists in 'hsr'
[ 1475.929301][ T1851] Cannot create hsr debugfs directory
[ 1476.174973][T26524] Bluetooth: hci1: command tx timeout
[ 1476.221935][ T1930] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5444'.
[ 1476.707214][T22743] bridge_slave_1: left allmulticast mode
[ 1476.743638][T22743] bridge_slave_1: left promiscuous mode
[ 1476.783446][T22743] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1476.878463][T22743] bridge_slave_0: left allmulticast mode
[ 1476.906373][T22743] bridge_slave_0: left promiscuous mode
[ 1476.944013][T22743] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1477.445949][ T1950] netlink: 'syz.3.5452': attribute type 1 has an invalid length.
[ 1478.011056][T22743] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1478.050002][T22743] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1478.078403][T22743] bond0 (unregistering): Released all slaves
[ 1478.197101][T22743] HSR: left promiscuous mode
[ 1478.254826][T26524] Bluetooth: hci1: command tx timeout
[ 1480.338137][T26524] Bluetooth: hci1: command tx timeout
[ 1480.384447][T22743] hsr_slave_0: left promiscuous mode
[ 1480.397532][T22743] hsr_slave_1: left promiscuous mode
[ 1480.438493][T22743] veth1_macvtap: left promiscuous mode
[ 1480.450098][T22743] veth0_macvtap: left promiscuous mode
[ 1480.465304][T22743] veth1_vlan: left promiscuous mode
[ 1480.473899][T22743] veth0_vlan: left promiscuous mode
[ 1481.516901][T22743] team0 (unregistering): Port device team_slave_1 removed
[ 1481.610022][T22743] team0 (unregistering): Port device team_slave_0 removed
[ 1482.503797][T22743] smc: removing net device dummy0 with user defined pnetid DUMMY0
[ 1482.716557][ T1851] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1482.771665][ T1851] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1482.863014][ T1851] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1482.903016][ T1851] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1483.759422][ T1851] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1483.877953][ T1851] 8021q: adding VLAN 0 to HW filter on device team0
[ 1483.928875][T23685] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1483.936154][T23685] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1484.142152][T23685] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1484.149384][T23685] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1484.759969][ T1851] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1485.355790][ T2086] sg_read: process 514 (syz.0.5475) changed security contexts after opening file descriptor, this is not allowed.
[ 1485.521467][ T1851] veth0_vlan: entered promiscuous mode
[ 1485.578111][ T1851] veth1_vlan: entered promiscuous mode
[ 1485.673436][ T1851] veth0_macvtap: entered promiscuous mode
[ 1485.718812][ T1851] veth1_macvtap: entered promiscuous mode
[ 1485.813301][ T2106] futex_wake_op: syz.1.5479 tries to shift op by -2048; fix this program
[ 1485.848459][ T2109] futex_wake_op: syz.1.5479 tries to shift op by -2048; fix this program
[ 1485.928289][ T1851] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1486.096768][ T1851] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1486.235410][T23672] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1486.279046][T23672] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1486.354094][T23672] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1486.389864][T23672] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1487.126004][T22914] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1487.173493][T22914] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1487.466630][T23672] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1487.514519][T23672] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1487.993809][ T2160] FAULT_INJECTION: forcing a failure.
[ 1487.993809][ T2160] name failslab, interval 1, probability 0, space 0, times 0
[ 1488.046815][ T2160] CPU: 0 UID: 0 PID: 2160 Comm: syz.0.5491 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1488.046842][ T2160] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1488.046848][ T2160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1488.046857][ T2160] Call Trace:
[ 1488.046862][ T2160]  <TASK>
[ 1488.046869][ T2160]  dump_stack_lvl+0x16c/0x1f0
[ 1488.046895][ T2160]  should_fail_ex+0x512/0x640
[ 1488.046913][ T2160]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1488.046932][ T2160]  should_failslab+0xc2/0x120
[ 1488.046954][ T2160]  kmem_cache_alloc_noprof+0x83/0x770
[ 1488.046970][ T2160]  ? alloc_empty_file+0x55/0x1e0
[ 1488.046989][ T2160]  ? alloc_empty_file+0x55/0x1e0
[ 1488.047002][ T2160]  alloc_empty_file+0x55/0x1e0
[ 1488.047017][ T2160]  alloc_file_pseudo+0x13a/0x230
[ 1488.047033][ T2160]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1488.047053][ T2160]  __shmem_file_setup+0x1a8/0x350
[ 1488.047077][ T2160]  shmem_zero_setup+0x93/0x1b0
[ 1488.047095][ T2160]  __mmap_region+0x2277/0x2a00
[ 1488.047114][ T2160]  ? __pfx___mmap_region+0x10/0x10
[ 1488.047135][ T2160]  ? trace_ignore_this_task+0xbc/0x100
[ 1488.047165][ T2160]  ? finish_task_switch.isra.0+0x202/0xbd0
[ 1488.047185][ T2160]  ? rcu_is_watching+0x12/0xc0
[ 1488.047238][ T2160]  ? rcu_is_watching+0x12/0xc0
[ 1488.047260][ T2160]  mmap_region+0x1ab/0x3f0
[ 1488.047277][ T2160]  ? __get_unmapped_area+0x267/0x3f0
[ 1488.047298][ T2160]  do_mmap+0xa3e/0x1210
[ 1488.047321][ T2160]  ? __pfx_do_mmap+0x10/0x10
[ 1488.047341][ T2160]  ? __pfx_down_write_killable+0x10/0x10
[ 1488.047360][ T2160]  vm_mmap_pgoff+0x29e/0x470
[ 1488.047382][ T2160]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1488.047413][ T2160]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1488.047430][ T2160]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1488.047448][ T2160]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1488.047468][ T2160]  ? xfd_validate_state+0x61/0x180
[ 1488.047481][ T2160]  ? __pfx_ksys_write+0x10/0x10
[ 1488.047502][ T2160]  __x64_sys_mmap+0x125/0x190
[ 1488.047519][ T2160]  do_syscall_64+0xcd/0xf80
[ 1488.047533][ T2160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1488.047547][ T2160] RIP: 0033:0x7f723d38f7c9
[ 1488.047560][ T2160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1488.047574][ T2160] RSP: 002b:00007f723e1aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1488.047587][ T2160] RAX: ffffffffffffffda RBX: 00007f723d5e5fa0 RCX: 00007f723d38f7c9
[ 1488.047596][ T2160] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[ 1488.047605][ T2160] RBP: 00007f723d413f91 R08: fffffffffffffffa R09: 0000000000008000
[ 1488.047614][ T2160] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1488.047623][ T2160] R13: 00007f723d5e6038 R14: 00007f723d5e5fa0 R15: 00007ffd54b7dfb8
[ 1488.047643][ T2160]  </TASK>
[ 1489.393052][ T2182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5497'.
[ 1489.447328][ T2182] veth0_macvtap: left promiscuous mode
[ 1490.097743][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1490.104103][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1491.012598][ T2203] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1491.848118][ T2232] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1493.705591][ T2295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5516'.
[ 1493.774070][ T2287] netlink: 13 bytes leftover after parsing attributes in process `syz.1.5516'.
[ 1494.570061][ T2323] vhci_hcd vhci_hcd.0: invalid port number 16
[ 1495.705461][ T2354] netlink: 346 bytes leftover after parsing attributes in process `syz.4.5525'.
[ 1496.107019][ T2364] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5527'.
[ 1496.662670][ T2375] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5528'.
[ 1497.259188][ T2386] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5531'.
[ 1497.311088][ T2386] mac80211_hwsim hwsim72 wlan1: entered promiscuous mode
[ 1497.346609][ T2386] mac80211_hwsim hwsim72 wlan1: entered allmulticast mode
[ 1497.919942][T26524] Bluetooth: hci0: unexpected subevent 0x04 length: 122 > 11
[ 1499.798896][ T2449] zswap: compressor  not available
[ 1500.215353][ T2463] random: crng reseeded on system resumption
[ 1500.768006][ T2472] usb usb36: usbfs: process 2472 (syz.4.5545) did not claim interface 0 before use
[ 1503.638155][ T2523] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5553'.
[ 1504.001804][ T2534] netlink: zone id is out of range
[ 1504.114958][ T2534] netlink: zone id is out of range
[ 1504.120458][ T2534] netlink: zone id is out of range
[ 1504.125896][ T2527] could not allocate digest TFM handle 
[ 1504.148897][ T2529] could not allocate digest TFM handle 
[ 1504.206311][ T2534] netlink: zone id is out of range
[ 1504.211448][ T2534] netlink: zone id is out of range
[ 1504.307075][ T2534] netlink: zone id is out of range
[ 1504.312212][ T2534] netlink: zone id is out of range
[ 1504.398485][ T2534] netlink: zone id is out of range
[ 1504.403663][ T2534] netlink: zone id is out of range
[ 1504.572414][ T2534] netlink: zone id is out of range
[ 1507.506123][ T2609] can: request_module (can-proto-4) failed.
[ 1507.953981][   T30] audit: type=1800 audit(4295033010.866:46): pid=2634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.5569" name="discovery_nqn" dev="configfs" ino=157428 res=0 errno=0
[ 1508.537553][ T2666] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5575'.
[ 1509.515049][ T2699] netlink: 130 bytes leftover after parsing attributes in process `syz.3.5579'.
[ 1513.332161][T26524] Bluetooth: hci0: unexpected event 0x31 length: 19 > 6
[ 1513.724380][ T2803] Invalid ELF header magic: != ELF
[ 1513.783809][T26524] Bluetooth: hci1: Unable to find connection for big 0xd2
[ 1516.221249][ T2886] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[ 1516.369364][ T2892] vhci_hcd vhci_hcd.2: invalid port number 252
[ 1516.513722][ T2892] vhci_hcd vhci_hcd.2: default hub control req: 040f v0772 i00fc l2
[ 1517.134321][ T2904] could not allocate digest TFM handle 
[ 1519.010211][ T2939] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5627'.
[ 1519.063219][ T2939] veth0_macvtap: left promiscuous mode
[ 1519.100457][ T2939] macvtap0: entered promiscuous mode
[ 1519.122299][ T2939] macvtap0: entered allmulticast mode
[ 1519.762802][T23849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1519.776321][T23849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1519.784132][T23849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1519.793589][T23849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1519.801236][T23849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1520.505448][ T2959] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5633'.
[ 1521.189021][ T2967] Invalid ELF header magic: != ELF
[ 1521.255153][ T2974] FAULT_INJECTION: forcing a failure.
[ 1521.255153][ T2974] name failslab, interval 1, probability 0, space 0, times 0
[ 1521.340979][ T2974] CPU: 0 UID: 0 PID: 2974 Comm: syz.1.5630 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1521.341007][ T2974] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1521.341012][ T2974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1521.341021][ T2974] Call Trace:
[ 1521.341026][ T2974]  <TASK>
[ 1521.341033][ T2974]  dump_stack_lvl+0x16c/0x1f0
[ 1521.341062][ T2974]  should_fail_ex+0x512/0x640
[ 1521.341079][ T2974]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1521.341099][ T2974]  should_failslab+0xc2/0x120
[ 1521.341121][ T2974]  kmem_cache_alloc_noprof+0x83/0x770
[ 1521.341137][ T2974]  ? __pmd_alloc+0xbf/0x9c0
[ 1521.341170][ T2974]  ? __pmd_alloc+0xbf/0x9c0
[ 1521.341189][ T2974]  __pmd_alloc+0xbf/0x9c0
[ 1521.341212][ T2974]  __handle_mm_fault+0xbeb/0x2bb0
[ 1521.341234][ T2974]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1521.341259][ T2974]  ? find_vma+0xbf/0x140
[ 1521.341277][ T2974]  ? __pfx_find_vma+0x10/0x10
[ 1521.341297][ T2974]  handle_mm_fault+0x3fe/0xad0
[ 1521.341315][ T2974]  fixup_user_fault+0x1b4/0x540
[ 1521.341338][ T2974]  fault_in_user_writeable+0x70/0xe0
[ 1521.341355][ T2974]  futex_lock_pi+0x690/0x7c0
[ 1521.341376][ T2974]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1521.341393][ T2974]  ? __futex_wait+0x24b/0x2f0
[ 1521.341413][ T2974]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1521.341439][ T2974]  ? futex_private_hash_put+0x160/0x1b0
[ 1521.341456][ T2974]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1521.341481][ T2974]  ? ksys_write+0x190/0x250
[ 1521.341511][ T2974]  do_futex+0x11a/0x350
[ 1521.341534][ T2974]  ? __pfx_do_futex+0x10/0x10
[ 1521.341556][ T2974]  __x64_sys_futex+0x1e0/0x4c0
[ 1521.341574][ T2974]  ? fput+0x70/0xf0
[ 1521.341591][ T2974]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1521.341608][ T2974]  ? xfd_validate_state+0x61/0x180
[ 1521.341620][ T2974]  ? __pfx_ksys_write+0x10/0x10
[ 1521.341646][ T2974]  do_syscall_64+0xcd/0xf80
[ 1521.341661][ T2974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1521.341675][ T2974] RIP: 0033:0x7fefa5d8f7c9
[ 1521.341688][ T2974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1521.341702][ T2974] RSP: 002b:00007fefa6cfc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1521.341717][ T2974] RAX: ffffffffffffffda RBX: 00007fefa5fe5fa0 RCX: 00007fefa5d8f7c9
[ 1521.341726][ T2974] RDX: 0000000000000008 RSI: 0000000000000086 RDI: 0000000000000000
[ 1521.341734][ T2974] RBP: 00007fefa5e13f91 R08: 0000000000000000 R09: 0000000000000007
[ 1521.341743][ T2974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1521.341752][ T2974] R13: 00007fefa5fe6038 R14: 00007fefa5fe5fa0 R15: 00007ffc5bade598
[ 1521.341771][ T2974]  </TASK>
[ 1521.976733][T23849] Bluetooth: hci2: command tx timeout
[ 1523.369099][ T2945] chnl_net:caif_netlink_parms(): no params data found
[ 1523.693001][T22728] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1523.895597][ T2989] netlink: 'syz.4.5639': attribute type 2 has an invalid length.
[ 1524.014969][T23849] Bluetooth: hci2: command tx timeout
[ 1524.041821][T22728] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1524.357666][T22728] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1524.589302][T22728] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1524.658444][ T2945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1524.719554][ T2945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1524.746799][ T2945] bridge_slave_0: entered allmulticast mode
[ 1524.769429][ T2945] bridge_slave_0: entered promiscuous mode
[ 1524.799980][ T2945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1524.827619][ T2945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1524.854951][ T2945] bridge_slave_1: entered allmulticast mode
[ 1524.879147][ T2945] bridge_slave_1: entered promiscuous mode
[ 1525.165618][ T2945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1525.223757][ T2945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1525.654098][ T2945] team0: Port device team_slave_0 added
[ 1525.726040][ T2945] team0: Port device team_slave_1 added
[ 1525.805370][T22728] bridge_slave_1: left allmulticast mode
[ 1525.811025][T22728] bridge_slave_1: left promiscuous mode
[ 1525.835081][T22728] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1525.861441][T22728] bridge_slave_0: left allmulticast mode
[ 1525.883088][T22728] bridge_slave_0: left promiscuous mode
[ 1525.899622][T22728] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1526.097547][T23849] Bluetooth: hci2: command tx timeout
[ 1526.821613][T22728] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1526.852897][T22728] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1526.891627][T22728] bond0 (unregistering): Released all slaves
[ 1527.045530][ T2945] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1527.074183][ T2945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1527.157788][ T2945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1527.194906][ T2945] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1527.222196][ T2945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1527.314317][ T2945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1527.754691][ T2945] hsr_slave_0: entered promiscuous mode
[ 1527.786628][ T2945] hsr_slave_1: entered promiscuous mode
[ 1527.808453][ T2945] debugfs: 'hsr0' already exists in 'hsr'
[ 1527.830091][ T2945] Cannot create hsr debugfs directory
[ 1528.007313][T22728] hsr_slave_0: left promiscuous mode
[ 1528.036535][T22728] hsr_slave_1: left promiscuous mode
[ 1528.058629][T22728] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1528.074825][T22728] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1528.106193][T22728] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1528.133457][T22728] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1528.174882][T23849] Bluetooth: hci2: command tx timeout
[ 1528.197885][T22728] veth1_macvtap: left promiscuous mode
[ 1528.226257][T22728] veth0_macvtap: left promiscuous mode
[ 1528.998417][T22728] team0 (unregistering): Port device team_slave_1 removed
[ 1529.041348][T22728] team0 (unregistering): Port device team_slave_0 removed
[ 1529.685547][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1529.750669][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1529.835005][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1529.949298][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.019295][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.083274][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.178385][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.263540][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.322761][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.360557][ T2945] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1530.425118][ T3035] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5646'.
[ 1530.435914][ T2945] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1530.485988][ T2945] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1530.556524][ T2945] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1530.973703][ T2945] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1531.088580][ T2945] 8021q: adding VLAN 0 to HW filter on device team0
[ 1531.166990][T22973] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1531.174113][T22973] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1531.283805][T22973] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1531.290957][T22973] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1532.134364][ T3096] bridge0: port 4(team0) entered blocking state
[ 1532.188956][ T3096] bridge0: port 4(team0) entered disabled state
[ 1532.311620][ T3096] team0: entered allmulticast mode
[ 1532.355436][ T3096] team_slave_0: entered allmulticast mode
[ 1532.361400][ T3096] team_slave_1: entered allmulticast mode
[ 1532.541999][ T3096] team0: entered promiscuous mode
[ 1532.563762][ T3096] team_slave_0: entered promiscuous mode
[ 1532.579391][ T3108] Format for adding new device is "id port_count num_queues" (uint uint unit).
[ 1532.656560][ T3096] team_slave_1: entered promiscuous mode
[ 1532.689546][ T3096] bridge0: port 4(team0) entered blocking state
[ 1532.695949][ T3096] bridge0: port 4(team0) entered forwarding state
[ 1532.882609][ T2945] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1533.953238][ T2945] veth0_vlan: entered promiscuous mode
[ 1534.047506][ T2945] veth1_vlan: entered promiscuous mode
[ 1534.196291][ T2945] veth0_macvtap: entered promiscuous mode
[ 1534.265631][ T2945] veth1_macvtap: entered promiscuous mode
[ 1534.367625][ T2945] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1534.436775][ T2945] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1534.535751][T23677] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.657978][T23677] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1534.991880][T23677] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1535.326129][T23677] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1535.731972][ T2631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1535.786047][ T2631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1536.023398][ T3176] [U] 
[ 1536.026170][ T3176] [U] 
[ 1536.028845][ T3176] [U] 
[ 1536.031524][ T3176] [U] 
[ 1536.083756][ T3176] [U] 
[ 1536.086471][ T3176] [U] 
[ 1536.089146][ T3176] [U] 
[ 1536.091819][ T3176] [U] 
[ 1536.122695][T23679] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1536.170868][T23679] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1536.181431][ T3174] zswap: compressor  not available
[ 1536.244091][ T3176] [U] 
[ 1536.246797][ T3176] [U] 
[ 1536.249469][ T3176] [U] 
[ 1536.252139][ T3176] [U] 
[ 1536.327598][ T3176] [U] 
[ 1536.330319][ T3176] [U] 
[ 1536.332995][ T3176] [U] 
[ 1536.335665][ T3176] [U] 
[ 1536.405302][ T3176] [U] 
[ 1536.408017][ T3176] [U] 
[ 1536.410703][ T3176] [U] 
[ 1536.413380][ T3176] [U] 
[ 1536.465408][ T3176] [U] 
[ 1536.468119][ T3176] [U] 
[ 1536.470790][ T3176] [U] 
[ 1536.473459][ T3176] [U] 
[ 1536.493736][   T30] audit: type=1107 audit(4295033039.406:47): pid=3192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[ 1536.580905][ T3176] [U] 
[ 1536.604819][   T30] audit: type=1107 audit(4295033039.436:48): pid=3192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[ 1536.746951][ T3198] input: jJǸ���;9�%v����l��Q�	J86�� as /devices/virtual/input/input51
[ 1536.791472][ T3198] FAULT_INJECTION: forcing a failure.
[ 1536.791472][ T3198] name failslab, interval 1, probability 0, space 0, times 0
[ 1536.841936][ T3198] CPU: 0 UID: 0 PID: 3198 Comm: syz.4.5666 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1536.841963][ T3198] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1536.841969][ T3198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1536.841978][ T3198] Call Trace:
[ 1536.841984][ T3198]  <TASK>
[ 1536.841990][ T3198]  dump_stack_lvl+0x16c/0x1f0
[ 1536.842018][ T3198]  should_fail_ex+0x512/0x640
[ 1536.842035][ T3198]  ? __kmalloc_noprof+0xca/0x910
[ 1536.842053][ T3198]  should_failslab+0xc2/0x120
[ 1536.842075][ T3198]  __kmalloc_noprof+0xeb/0x910
[ 1536.842090][ T3198]  ? kobject_get_path+0xd2/0x2d0
[ 1536.842108][ T3198]  ? kobject_get_path+0xd2/0x2d0
[ 1536.842121][ T3198]  kobject_get_path+0xd2/0x2d0
[ 1536.842139][ T3198]  kobject_uevent_env+0x289/0x1920
[ 1536.842155][ T3198]  ? __pfx_dev_uevent_name+0x10/0x10
[ 1536.842172][ T3198]  ? kernfs_put+0x35/0x60
[ 1536.842188][ T3198]  ? sysfs_do_create_link_sd+0xbb/0x140
[ 1536.842202][ T3198]  ? bus_to_subsys+0x131/0x160
[ 1536.842218][ T3198]  device_add+0x1103/0x1980
[ 1536.842239][ T3198]  ? __pfx_device_add+0x10/0x10
[ 1536.842258][ T3198]  ? __pfx_exact_lock+0x10/0x10
[ 1536.842281][ T3198]  ? kobject_get+0xbb/0x150
[ 1536.842296][ T3198]  cdev_device_add+0x12b/0x270
[ 1536.842317][ T3198]  evdev_connect+0x3a4/0x4c0
[ 1536.842339][ T3198]  input_attach_handler.isra.0+0x176/0x250
[ 1536.842360][ T3198]  input_register_device+0xab9/0x11b0
[ 1536.842378][ T3198]  ? input_ff_create+0x221/0x350
[ 1536.842394][ T3198]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[ 1536.842412][ T3198]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1536.842428][ T3198]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1536.842448][ T3198]  ? find_held_lock+0x2b/0x80
[ 1536.842481][ T3198]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1536.842498][ T3198]  __x64_sys_ioctl+0x18e/0x210
[ 1536.842516][ T3198]  do_syscall_64+0xcd/0xf80
[ 1536.842531][ T3198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1536.842545][ T3198] RIP: 0033:0x7f3358b8f7c9
[ 1536.842557][ T3198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1536.842571][ T3198] RSP: 002b:00007f3359a05038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1536.842585][ T3198] RAX: ffffffffffffffda RBX: 00007f3358de5fa0 RCX: 00007f3358b8f7c9
[ 1536.842594][ T3198] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 000000000000000b
[ 1536.842602][ T3198] RBP: 00007f3358c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1536.842611][ T3198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1536.842619][ T3198] R13: 00007f3358de6038 R14: 00007f3358de5fa0 R15: 00007ffe8446ec98
[ 1536.842639][ T3198]  </TASK>
[ 1537.138111][ T3209] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5668'.
[ 1537.936684][ T3224] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1537.953190][ T3224] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1538.013012][ T3224] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1538.036878][ T3224] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1538.082460][ T3224] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1538.129668][ T3224] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1538.162429][ T3224] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1538.272459][ T3224] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1538.700982][ T3254] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1539.969017][ T3291] netlink: 'syz.5.5686': attribute type 1 has an invalid length.
[ 1540.017093][T26524] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1540.023179][T23849] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1540.030530][T26524] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1540.063005][ T3291] FAULT_INJECTION: forcing a failure.
[ 1540.063005][ T3291] name failslab, interval 1, probability 0, space 0, times 0
[ 1540.163604][ T3291] CPU: 0 UID: 0 PID: 3291 Comm: syz.5.5686 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1540.163632][ T3291] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1540.163638][ T3291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1540.163655][ T3291] Call Trace:
[ 1540.163661][ T3291]  <TASK>
[ 1540.163669][ T3291]  dump_stack_lvl+0x16c/0x1f0
[ 1540.163697][ T3291]  should_fail_ex+0x512/0x640
[ 1540.163714][ T3291]  ? __kmalloc_cache_noprof+0x5f/0x800
[ 1540.163733][ T3291]  should_failslab+0xc2/0x120
[ 1540.163755][ T3291]  __kmalloc_cache_noprof+0x80/0x800
[ 1540.163772][ T3291]  ? snd_seq_port_connect+0x61/0x580
[ 1540.163797][ T3291]  ? snd_seq_port_connect+0x61/0x580
[ 1540.163817][ T3291]  snd_seq_port_connect+0x61/0x580
[ 1540.163837][ T3291]  ? _raw_read_unlock+0x28/0x50
[ 1540.163858][ T3291]  ? check_subscription_permission.isra.0+0xf5/0x240
[ 1540.163881][ T3291]  snd_seq_ioctl_subscribe_port+0x209/0x4b0
[ 1540.163897][ T3291]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[ 1540.163912][ T3291]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1540.163934][ T3291]  call_seq_client_ctl+0xa3/0x130
[ 1540.163956][ T3291]  snd_seq_kernel_client_ctl+0x7a/0xc0
[ 1540.163978][ T3291]  snd_seq_oss_midi_open+0x489/0x6a0
[ 1540.163996][ T3291]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[ 1540.164012][ T3291]  ? snd_seq_oss_midi_reset+0x11a/0x4c0
[ 1540.164034][ T3291]  ? __mutex_lock+0x27b/0x1ca0
[ 1540.164052][ T3291]  snd_seq_oss_synth_reset+0x437/0x900
[ 1540.164069][ T3291]  ? __pfx___mutex_lock+0x10/0x10
[ 1540.164082][ T3291]  ? __pfx_snd_seq_oss_synth_reset+0x10/0x10
[ 1540.164100][ T3291]  ? __pfx___fsnotify_parent+0x10/0x10
[ 1540.164125][ T3291]  snd_seq_oss_reset+0x73/0x290
[ 1540.164139][ T3291]  ? __pfx_odev_release+0x10/0x10
[ 1540.164158][ T3291]  snd_seq_oss_release+0x7c/0x180
[ 1540.164172][ T3291]  odev_release+0x56/0xa0
[ 1540.164192][ T3291]  __fput+0x402/0xb70
[ 1540.164211][ T3291]  task_work_run+0x150/0x240
[ 1540.164227][ T3291]  ? __pfx_task_work_run+0x10/0x10
[ 1540.164241][ T3291]  ? __do_sys_close_range+0x278/0x730
[ 1540.164266][ T3291]  exit_to_user_mode_loop+0xfb/0x540
[ 1540.164286][ T3291]  do_syscall_64+0x4ee/0xf80
[ 1540.164301][ T3291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1540.164315][ T3291] RIP: 0033:0x7fd724b8f7c9
[ 1540.164328][ T3291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1540.164342][ T3291] RSP: 002b:00007fd725a88038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1540.164356][ T3291] RAX: 0000000000000000 RBX: 00007fd724de5fa0 RCX: 00007fd724b8f7c9
[ 1540.164364][ T3291] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1540.164373][ T3291] RBP: 00007fd724c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1540.164381][ T3291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1540.164390][ T3291] R13: 00007fd724de6038 R14: 00007fd724de5fa0 R15: 00007ffd3a1a92e8
[ 1540.164410][ T3291]  </TASK>
[ 1540.522854][ T3279] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5682'.
[ 1540.582891][ T3302] netlink: 13 bytes leftover after parsing attributes in process `syz.3.5682'.
[ 1540.845121][T22729] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1540.948353][ T3312] random: crng reseeded on system resumption
[ 1541.997035][ T3346] usb usb36: usbfs: process 3346 (syz.1.5696) did not claim interface 0 before use
[ 1542.097635][T22729] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1542.137163][ T3346] Invalid ELF header magic: != ELF
[ 1542.298091][ T3351] hub 3-0:1.0: USB hub found
[ 1542.447046][ T3351] hub 3-0:1.0: 1 port detected
[ 1542.638748][ T3351] usb usb3: authorized to connect
[ 1542.895330][T22729] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1544.175957][T22729] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1544.413996][ T3430] Invalid ELF header magic: != ELF
[ 1544.977319][T22729] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1547.447309][ T3508] netlink: 93 bytes leftover after parsing attributes in process `syz.3.5719'.
[ 1547.549208][ T3512] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5722'.
[ 1547.634567][ T3516] netlink: 'syz.4.5722': attribute type 4 has an invalid length.
[ 1547.680014][ T3516] netlink: 314 bytes leftover after parsing attributes in process `syz.4.5722'.
[ 1548.112612][ T3523] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5725'.
[ 1549.140644][ T3565] delete_channel: no stack
[ 1551.310318][ T3613] bridge0: port 4(team0) entered blocking state
[ 1551.434221][ T3613] bridge0: port 4(team0) entered disabled state
[ 1551.543767][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.555542][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.622989][ T3613] team0: entered allmulticast mode
[ 1551.710907][ T3613] team_slave_0: entered allmulticast mode
[ 1551.840878][ T3613] team_slave_1: entered allmulticast mode
[ 1551.855489][   T30] audit: type=1326 audit(4295033054.776:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3619 comm="syz.5.5741" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd724b8f7c9 code=0x0
[ 1551.994504][ T3613] team0: entered promiscuous mode
[ 1552.092805][ T3613] team_slave_0: entered promiscuous mode
[ 1552.172382][ T3613] team_slave_1: entered promiscuous mode
[ 1552.260025][ T3613] bridge0: port 4(team0) entered blocking state
[ 1552.266413][ T3613] bridge0: port 4(team0) entered forwarding state
[ 1552.381590][ T3632] Invalid ELF header magic: != ELF
[ 1552.727408][ T3641] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52
[ 1553.312221][ T3651] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5743'.
[ 1553.655777][ T3663] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1553.715420][T22729] Bluetooth: hci2: unexpected event 0x23 length: 127 > 13
[ 1553.800630][ T3664] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1553.838022][ T3643] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53
[ 1554.227380][ T3669] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1554.303681][ T3672] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1554.371513][ T3669] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1554.502788][ T3672] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5745'.
[ 1554.780013][ T3663] bond0: (slave bond_slave_1): Releasing backup interface
[ 1554.839835][ T3688] netlink: 'syz.1.5748': attribute type 1 has an invalid length.
[ 1555.992232][ T3717] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1556.069608][ T3717] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1556.174864][ T3717] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1556.245926][ T3717] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1558.014870][T22729] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1558.095440][T22729] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1558.257121][ T3293] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1558.263190][T22729] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1560.401431][ T3808] net_ratelimit: 363 callbacks suppressed
[ 1560.401448][ T3808] netlink: zone id is out of range
[ 1560.559033][ T3812] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5766'.
[ 1560.588548][ T3812] netlink: 354 bytes leftover after parsing attributes in process `syz.5.5766'.
[ 1560.598610][ T3808] netlink: zone id is out of range
[ 1560.662662][ T3808] netlink: zone id is out of range
[ 1560.830586][ T3808] netlink: zone id is out of range
[ 1560.899182][ T3823] Unable to find swap-space signature
[ 1560.931139][ T3808] netlink: zone id is out of range
[ 1561.037182][ T3806] netlink: set zone limit has 8 unknown bytes
[ 1561.065390][ T3807] netlink: set zone limit has 8 unknown bytes
[ 1561.111945][ T3808] netlink: zone id is out of range
[ 1561.217730][ T3808] netlink: zone id is out of range
[ 1561.326859][ T3808] netlink: zone id is out of range
[ 1564.304579][ T3293] Bluetooth: hci0: Malformed LE Event: 0x0b
[ 1564.310827][ T3884] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1564.378885][ T3884] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0
[ 1565.495532][ T3900] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5784'.
[ 1566.173052][ T3915] could not allocate digest TFM handle 
[ 1566.889304][ T3941] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[ 1568.433068][ T3987] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54
[ 1568.790271][ T3994] mkiss: ax0: crc mode is auto.
[ 1569.345694][ T3988] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55
[ 1570.236336][ T4018] netlink: 240 bytes leftover after parsing attributes in process `syz.4.5808'.
[ 1571.058416][ T4037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5810'.
[ 1572.995255][ T4063] zswap: compressor  not available
[ 1574.807816][ T4101] zram0: detected capacity change from 8 to 0
[ 1576.205551][ T4123] zswap: compressor  not available
[ 1576.643381][ T4135] zswap: compressor  not available
[ 1576.915084][ T4132] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub
[ 1579.224903][ T4157] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5839'.
[ 1579.338270][ T4157] netlink: 25 bytes leftover after parsing attributes in process `syz.5.5839'.
[ 1579.891779][ T4174] vivid-007: =================  START STATUS  =================
[ 1579.956633][ T4174] vivid-007: Generate PTS: true
[ 1580.010097][ T4174] vivid-007: Generate SCR: true
[ 1580.066537][ T4174] tpg source WxH: 320x240 (Y'CbCr)
[ 1580.194016][ T4174] tpg field: 1
[ 1580.261789][ T4174] tpg crop: (0,0)/320x240
[ 1580.330763][ T4174] tpg compose: (0,0)/320x240
[ 1580.431186][ T4174] tpg colorspace: 8
[ 1580.501782][ T4174] tpg transfer function: 0/0
[ 1580.580347][ T4174] tpg Y'CbCr encoding: 0/0
[ 1580.647768][ T4174] tpg quantization: 0/0
[ 1580.729111][ T4174] tpg RGB range: 0/2
[ 1580.733038][ T4174] vivid-007: ==================  END STATUS  ==================
[ 1584.582022][ T4249] FAULT_INJECTION: forcing a failure.
[ 1584.582022][ T4249] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1584.646923][ T4249] CPU: 0 UID: 0 PID: 4249 Comm: syz.1.5851 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1584.646949][ T4249] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1584.646954][ T4249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1584.646963][ T4249] Call Trace:
[ 1584.646969][ T4249]  <TASK>
[ 1584.646975][ T4249]  dump_stack_lvl+0x16c/0x1f0
[ 1584.647004][ T4249]  should_fail_ex+0x512/0x640
[ 1584.647020][ T4249]  ? arch_stack_walk+0xa6/0x100
[ 1584.647040][ T4249]  get_futex_key+0x1d0/0x15f0
[ 1584.647058][ T4249]  ? __pfx_get_futex_key+0x10/0x10
[ 1584.647072][ T4249]  ? stack_trace_save+0x8e/0xc0
[ 1584.647096][ T4249]  ? __pfx_stack_trace_save+0x10/0x10
[ 1584.647117][ T4249]  ? stack_depot_save_flags+0x29/0x9b0
[ 1584.647136][ T4249]  futex_wait_setup+0x9d/0x570
[ 1584.647160][ T4249]  __futex_wait+0x193/0x2f0
[ 1584.647180][ T4249]  ? __pfx___futex_wait+0x10/0x10
[ 1584.647201][ T4249]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1584.647222][ T4249]  ? futex_hash+0x2c5/0x380
[ 1584.647238][ T4249]  ? futex_private_hash_put+0x160/0x1b0
[ 1584.647253][ T4249]  futex_wait+0xe8/0x380
[ 1584.647271][ T4249]  ? __pfx_futex_wait+0x10/0x10
[ 1584.647294][ T4249]  ? putname+0xf5/0x1a0
[ 1584.647311][ T4249]  do_futex+0x229/0x350
[ 1584.647327][ T4249]  ? __pfx_do_futex+0x10/0x10
[ 1584.647347][ T4249]  __x64_sys_futex+0x1e0/0x4c0
[ 1584.647364][ T4249]  ? __x64_sys_openat+0x174/0x210
[ 1584.647380][ T4249]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1584.647425][ T4249]  do_syscall_64+0xcd/0xf80
[ 1584.647441][ T4249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1584.647457][ T4249] RIP: 0033:0x7fefa5d8f7c9
[ 1584.647469][ T4249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1584.647483][ T4249] RSP: 002b:00007fefa6cfc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1584.647496][ T4249] RAX: ffffffffffffffda RBX: 00007fefa5fe5fa8 RCX: 00007fefa5d8f7c9
[ 1584.647505][ T4249] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fefa5fe5fa8
[ 1584.647514][ T4249] RBP: 00007fefa5fe5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1584.647522][ T4249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1584.647530][ T4249] R13: 00007fefa5fe6038 R14: 00007ffc5bade4b0 R15: 00007ffc5bade598
[ 1584.647549][ T4249]  </TASK>
[ 1585.702581][ T4272] input: ��9�%v
��J,6�� as /devices/virtual/input/input56
[ 1585.791573][T30473] udevd[30473]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[ 1587.319450][    C0] vcan0: j1939_tp_rxtimer: 0xffff888059976000: rx timeout, send abort
[ 1587.327802][    C0] vcan0: j1939_tp_rxtimer: 0xffff888059975c00: rx timeout, send abort
[ 1587.336273][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059976000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1587.353733][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059975c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1590.358573][ T4345] can: request_module (can-proto-0) failed.
[ 1592.398834][ T4391] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5882'.
[ 1592.525353][   T30] audit: type=1800 audit(4295033095.426:50): pid=4396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.5884" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1593.335722][ T3293] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18
[ 1593.363634][ T4411] NFSD: Failed to start, no listeners configured.
[ 1594.608834][ T4447] futex_wake_op: syz.3.5892 tries to shift op by -2048; fix this program
[ 1594.710114][ T4447] futex_wake_op: syz.3.5892 tries to shift op by -2048; fix this program
[ 1595.770605][ T4462] zswap: compressor  not available
[ 1596.023120][ T4476] FAULT_INJECTION: forcing a failure.
[ 1596.023120][ T4476] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1596.071066][ T4476] CPU: 0 UID: 0 PID: 4476 Comm: syz.5.5898 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1596.071095][ T4476] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1596.071101][ T4476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1596.071109][ T4476] Call Trace:
[ 1596.071116][ T4476]  <TASK>
[ 1596.071123][ T4476]  dump_stack_lvl+0x16c/0x1f0
[ 1596.071152][ T4476]  should_fail_ex+0x512/0x640
[ 1596.071172][ T4476]  get_futex_key+0x1d0/0x15f0
[ 1596.071191][ T4476]  ? __pfx_get_futex_key+0x10/0x10
[ 1596.071205][ T4476]  ? find_held_lock+0x2b/0x80
[ 1596.071229][ T4476]  futex_wake+0xea/0x530
[ 1596.071250][ T4476]  ? __pfx_futex_wake+0x10/0x10
[ 1596.071270][ T4476]  ? __lock_acquire+0x436/0x2890
[ 1596.071287][ T4476]  do_futex+0x1e3/0x350
[ 1596.071303][ T4476]  ? __pfx_do_futex+0x10/0x10
[ 1596.071319][ T4476]  ? find_held_lock+0x2b/0x80
[ 1596.071338][ T4476]  __x64_sys_futex+0x1e0/0x4c0
[ 1596.071355][ T4476]  ? __fget_files+0x20e/0x3c0
[ 1596.071374][ T4476]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1596.071393][ T4476]  ? fdget+0x187/0x210
[ 1596.071414][ T4476]  do_syscall_64+0xcd/0xf80
[ 1596.071429][ T4476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1596.071443][ T4476] RIP: 0033:0x7fd724b8f7c9
[ 1596.071455][ T4476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1596.071469][ T4476] RSP: 002b:00007fd725a880e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1596.071482][ T4476] RAX: ffffffffffffffda RBX: 00007fd724de5fa8 RCX: 00007fd724b8f7c9
[ 1596.071491][ T4476] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fd724de5fac
[ 1596.071500][ T4476] RBP: 00007fd724de5fa0 R08: 00007fd725a89000 R09: 0000000000000000
[ 1596.071508][ T4476] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[ 1596.071517][ T4476] R13: 00007fd724de6038 R14: 00007ffd3a1a9200 R15: 00007ffd3a1a92e8
[ 1596.071535][ T4476]  </TASK>
[ 1596.268446][ T4476] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5898'.
[ 1596.277640][ T4476] �: renamed from bond_slave_0 (while UP)
[ 1596.822158][ T4476] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5898'.
[ 1597.102408][ T4495] misc userio: The device must be registered before sending interrupts
[ 1597.803663][ T4498] bridge0: port 3(bond0) entered blocking state
[ 1597.919738][ T4498] bridge0: port 3(bond0) entered disabled state
[ 1597.981544][ T4505] ==================================================================
[ 1597.981559][ T4505] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70
[ 1597.981588][ T4505] Read of size 256 at addr ffff88803364f860 by task syz.4.5905/4505
[ 1597.981601][ T4505] 
[ 1597.981611][ T4505] CPU: 0 UID: 0 PID: 4505 Comm: syz.4.5905 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1597.981633][ T4505] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1597.981639][ T4505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1597.981647][ T4505] Call Trace:
[ 1597.981653][ T4505]  <TASK>
[ 1597.981659][ T4505]  dump_stack_lvl+0x116/0x1f0
[ 1597.981683][ T4505]  print_report+0xcd/0x630
[ 1597.981703][ T4505]  ? __virt_addr_valid+0x81/0x610
[ 1597.981730][ T4505]  ? __phys_addr+0xe8/0x180
[ 1597.981751][ T4505]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1597.981767][ T4505]  kasan_report+0xe0/0x110
[ 1597.981787][ T4505]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1597.981805][ T4505]  kasan_check_range+0x100/0x1b0
[ 1597.981820][ T4505]  __asan_memcpy+0x23/0x60
[ 1597.981836][ T4505]  fbcon_prepare_logo+0xa03/0xc70
[ 1597.981854][ T4505]  fbcon_init+0xda0/0x1930
[ 1597.981870][ T4505]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1597.981888][ T4505]  visual_init+0x320/0x620
[ 1597.981904][ T4505]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1597.981925][ T4505]  store_bind+0x61d/0x760
[ 1597.981943][ T4505]  ? sysfs_file_kobj+0xe4/0x290
[ 1597.981957][ T4505]  ? __pfx_store_bind+0x10/0x10
[ 1597.981974][ T4505]  dev_attr_store+0x58/0x80
[ 1597.981992][ T4505]  ? __pfx_dev_attr_store+0x10/0x10
[ 1597.982010][ T4505]  sysfs_kf_write+0xf2/0x150
[ 1597.982023][ T4505]  kernfs_fop_write_iter+0x3af/0x570
[ 1597.982042][ T4505]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1597.982056][ T4505]  iter_file_splice_write+0xa24/0x12b0
[ 1597.982081][ T4505]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1597.982103][ T4505]  ? __pfx_copy_splice_read+0x10/0x10
[ 1597.982125][ T4505]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1597.982146][ T4505]  direct_splice_actor+0x192/0x6c0
[ 1597.982166][ T4505]  splice_direct_to_actor+0x345/0xa30
[ 1597.982186][ T4505]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1597.982207][ T4505]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1597.982228][ T4505]  do_splice_direct+0x174/0x240
[ 1597.982247][ T4505]  ? __pfx_do_splice_direct+0x10/0x10
[ 1597.982266][ T4505]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1597.982286][ T4505]  ? rw_verify_area+0xcf/0x6c0
[ 1597.982303][ T4505]  do_sendfile+0xb06/0xe50
[ 1597.982321][ T4505]  ? __pfx_do_sendfile+0x10/0x10
[ 1597.982340][ T4505]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1597.982355][ T4505]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1597.982371][ T4505]  __x64_sys_sendfile64+0x1d8/0x220
[ 1597.982384][ T4505]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1597.982399][ T4505]  do_syscall_64+0xcd/0xf80
[ 1597.982412][ T4505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1597.982426][ T4505] RIP: 0033:0x7f3358b8f7c9
[ 1597.982439][ T4505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1597.982453][ T4505] RSP: 002b:00007f33599e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1597.982468][ T4505] RAX: ffffffffffffffda RBX: 00007f3358de6090 RCX: 00007f3358b8f7c9
[ 1597.982477][ T4505] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000000004
[ 1597.982485][ T4505] RBP: 00007f3358c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1597.982494][ T4505] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1597.982502][ T4505] R13: 00007f3358de6128 R14: 00007f3358de6090 R15: 00007ffe8446ec98
[ 1597.982516][ T4505]  </TASK>
[ 1597.982521][ T4505] 
[ 1597.982525][ T4505] Allocated by task 4505:
[ 1597.982532][ T4505]  kasan_save_stack+0x33/0x60
[ 1597.982550][ T4505]  kasan_save_track+0x14/0x30
[ 1597.982566][ T4505]  __kasan_kmalloc+0xaa/0xb0
[ 1597.982582][ T4505]  __kmalloc_noprof+0x33d/0x910
[ 1597.982596][ T4505]  vc_do_resize+0x1de/0x10e0
[ 1597.982612][ T4505]  fbcon_init+0xd7c/0x1930
[ 1597.982626][ T4505]  visual_init+0x320/0x620
[ 1597.982639][ T4505]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1597.982656][ T4505]  store_bind+0x61d/0x760
[ 1597.982672][ T4505]  dev_attr_store+0x58/0x80
[ 1597.982688][ T4505]  sysfs_kf_write+0xf2/0x150
[ 1597.982700][ T4505]  kernfs_fop_write_iter+0x3af/0x570
[ 1597.982718][ T4505]  iter_file_splice_write+0xa24/0x12b0
[ 1597.982745][ T4505]  direct_splice_actor+0x192/0x6c0
[ 1597.982765][ T4505]  splice_direct_to_actor+0x345/0xa30
[ 1597.982784][ T4505]  do_splice_direct+0x174/0x240
[ 1597.982802][ T4505]  do_sendfile+0xb06/0xe50
[ 1597.982818][ T4505]  __x64_sys_sendfile64+0x1d8/0x220
[ 1597.982831][ T4505]  do_syscall_64+0xcd/0xf80
[ 1597.982842][ T4505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1597.982854][ T4505] 
[ 1597.982858][ T4505] The buggy address belongs to the object at ffff88803364e000
[ 1597.982858][ T4505]  which belongs to the cache kmalloc-4k of size 4096
[ 1597.982873][ T4505] The buggy address is located 2656 bytes to the right of
[ 1597.982873][ T4505]  allocated 3584-byte region [ffff88803364e000, ffff88803364ee00)
[ 1597.982887][ T4505] 
[ 1597.982891][ T4505] The buggy address belongs to the physical page:
[ 1597.982898][ T4505] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x33648
[ 1597.982911][ T4505] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1597.982923][ T4505] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1597.982936][ T4505] page_type: f5(slab)
[ 1597.982949][ T4505] raw: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001
[ 1597.982960][ T4505] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000
[ 1597.982972][ T4505] head: 00fff00000000040 ffff88813ff27140 0000000000000000 dead000000000001
[ 1597.982985][ T4505] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000
[ 1597.982997][ T4505] head: 00fff00000000003 ffffea0000cd9201 00000000ffffffff 00000000ffffffff
[ 1597.983010][ T4505] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1597.983018][ T4505] page dumped because: kasan: bad access detected
[ 1597.983025][ T4505] page_owner tracks the page as allocated
[ 1597.983030][ T4505] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12, tgid 12 (kworker/u8:0), ts 120669211419, free_ts 120565503437
[ 1597.983053][ T4505]  post_alloc_hook+0x1af/0x220
[ 1597.983067][ T4505]  get_page_from_freelist+0xd0b/0x31a0
[ 1597.983082][ T4505]  __alloc_frozen_pages_noprof+0x25f/0x2430
[ 1597.983098][ T4505]  alloc_pages_mpol+0x1fb/0x550
[ 1597.983117][ T4505]  new_slab+0x2c3/0x430
[ 1597.983130][ T4505]  ___slab_alloc+0xe18/0x1c90
[ 1597.983143][ T4505]  __slab_alloc.constprop.0+0x63/0x110
[ 1597.983156][ T4505]  __kmalloc_node_track_caller_noprof+0x4d6/0x930
[ 1597.983174][ T4505]  kmalloc_reserve+0xef/0x2c0
[ 1597.983186][ T4505]  __alloc_skb+0x186/0x410
[ 1597.983200][ T4505]  nsim_dev_trap_report_work+0x2b1/0xcf0
[ 1597.983214][ T4505]  process_one_work+0x9ba/0x1b20
[ 1597.983228][ T4505]  worker_thread+0x6c8/0xf10
[ 1597.983241][ T4505]  kthread+0x3c5/0x780
[ 1597.983252][ T4505]  ret_from_fork+0x983/0xb10
[ 1597.983264][ T4505]  ret_from_fork_asm+0x1a/0x30
[ 1597.983282][ T4505] page last free pid 6332 tgid 6332 stack trace:
[ 1597.983290][ T4505]  __free_frozen_pages+0x7df/0x1170
[ 1597.983302][ T4505]  __put_partials+0x130/0x170
[ 1597.983315][ T4505]  qlist_free_all+0x4c/0xf0
[ 1597.983330][ T4505]  kasan_quarantine_reduce+0x195/0x1e0
[ 1597.983346][ T4505]  __kasan_slab_alloc+0x69/0x90
[ 1597.983364][ T4505]  kmem_cache_alloc_noprof+0x25e/0x770
[ 1597.983378][ T4505]  jbd2__journal_start+0x193/0x6a0
[ 1597.983398][ T4505]  __ext4_journal_start_sb+0x195/0x640
[ 1597.983412][ T4505]  ext4_dirty_inode+0xa1/0x130
[ 1597.983428][ T4505]  __mark_inode_dirty+0x1f7/0x1670
[ 1597.983443][ T4505]  generic_update_time+0xcf/0xf0
[ 1597.983455][ T4505]  file_update_time_flags+0x410/0x520
[ 1597.983467][ T4505]  ext4_page_mkwrite+0x33d/0x1880
[ 1597.983483][ T4505]  do_page_mkwrite+0x174/0x380
[ 1597.983497][ T4505]  do_fault+0x3fc/0x1ad0
[ 1597.983515][ T4505]  __handle_mm_fault+0x1919/0x2bb0
[ 1597.983528][ T4505] 
[ 1597.983532][ T4505] Memory state around the buggy address:
[ 1597.983539][ T4505]  ffff88803364f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1597.983552][ T4505]  ffff88803364f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1597.983561][ T4505] >ffff88803364f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1597.983569][ T4505]                                                        ^
[ 1597.983576][ T4505]  ffff88803364f880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1597.983586][ T4505]  ffff88803364f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1597.983593][ T4505] ==================================================================
[ 1598.006147][ T4505] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1598.006165][ T4505] CPU: 0 UID: 0 PID: 4505 Comm: syz.4.5905 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1598.006188][ T4505] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1598.006194][ T4505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1598.006204][ T4505] Call Trace:
[ 1598.006209][ T4505]  <TASK>
[ 1598.006215][ T4505]  dump_stack_lvl+0x3d/0x1f0
[ 1598.006241][ T4505]  vpanic+0x640/0x6f0
[ 1598.006257][ T4505]  panic+0xca/0xd0
[ 1598.006271][ T4505]  ? __pfx_panic+0x10/0x10
[ 1598.006284][ T4505]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1598.006302][ T4505]  ? preempt_schedule_common+0x44/0xc0
[ 1598.006323][ T4505]  ? preempt_schedule_thunk+0x16/0x30
[ 1598.006337][ T4505]  check_panic_on_warn+0xab/0xb0
[ 1598.006352][ T4505]  end_report+0x107/0x160
[ 1598.006372][ T4505]  kasan_report+0xee/0x110
[ 1598.006392][ T4505]  ? fbcon_prepare_logo+0xa03/0xc70
[ 1598.006409][ T4505]  kasan_check_range+0x100/0x1b0
[ 1598.006423][ T4505]  __asan_memcpy+0x23/0x60
[ 1598.006440][ T4505]  fbcon_prepare_logo+0xa03/0xc70
[ 1598.006458][ T4505]  fbcon_init+0xda0/0x1930
[ 1598.006474][ T4505]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[ 1598.006492][ T4505]  visual_init+0x320/0x620
[ 1598.006529][ T4505]  do_bind_con_driver.isra.0+0x57a/0xbf0
[ 1598.006551][ T4505]  store_bind+0x61d/0x760
[ 1598.006571][ T4505]  ? sysfs_file_kobj+0xe4/0x290
[ 1598.006586][ T4505]  ? __pfx_store_bind+0x10/0x10
[ 1598.006604][ T4505]  dev_attr_store+0x58/0x80
[ 1598.006623][ T4505]  ? __pfx_dev_attr_store+0x10/0x10
[ 1598.006640][ T4505]  sysfs_kf_write+0xf2/0x150
[ 1598.006654][ T4505]  kernfs_fop_write_iter+0x3af/0x570
[ 1598.006673][ T4505]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1598.006688][ T4505]  iter_file_splice_write+0xa24/0x12b0
[ 1598.006713][ T4505]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1598.006742][ T4505]  ? __pfx_copy_splice_read+0x10/0x10
[ 1598.006767][ T4505]  ? __pfx_iter_file_splice_write+0x10/0x10
[ 1598.006789][ T4505]  direct_splice_actor+0x192/0x6c0
[ 1598.006810][ T4505]  splice_direct_to_actor+0x345/0xa30
[ 1598.006832][ T4505]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1598.006854][ T4505]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1598.006875][ T4505]  do_splice_direct+0x174/0x240
[ 1598.006894][ T4505]  ? __pfx_do_splice_direct+0x10/0x10
[ 1598.006913][ T4505]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1598.006933][ T4505]  ? rw_verify_area+0xcf/0x6c0
[ 1598.006951][ T4505]  do_sendfile+0xb06/0xe50
[ 1598.006971][ T4505]  ? __pfx_do_sendfile+0x10/0x10
[ 1598.006989][ T4505]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1598.007005][ T4505]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1598.007021][ T4505]  __x64_sys_sendfile64+0x1d8/0x220
[ 1598.007034][ T4505]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1598.007050][ T4505]  do_syscall_64+0xcd/0xf80
[ 1598.007063][ T4505]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1598.007078][ T4505] RIP: 0033:0x7f3358b8f7c9
[ 1598.007090][ T4505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1598.007105][ T4505] RSP: 002b:00007f33599e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1598.007120][ T4505] RAX: ffffffffffffffda RBX: 00007f3358de6090 RCX: 00007f3358b8f7c9
[ 1598.007131][ T4505] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000000004
[ 1598.007140][ T4505] RBP: 00007f3358c13f91 R08: 0000000000000000 R09: 0000000000000000
[ 1598.007149][ T4505] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1598.007158][ T4505] R13: 00007f3358de6128 R14: 00007f3358de6090 R15: 00007ffe8446ec98
[ 1598.007173][ T4505]  </TASK>
[ 1598.007240][ T4505] Kernel Offset: disabled