last executing test programs:

6.357949382s ago: executing program 1 (id=759):
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_setup$auto(0x2, 0x0)
mlockall$auto(0x7)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000100)={{@inferred, 0x85, 0x20e, 0x1, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0xffffffffffff8000, 0x7, 0xf1, 0xba3, 0x8, 0x8000000000000001, 0xc925, 0x7, 0x6, 0x0, 0x82, 0x9f38, 0x5, 0x6, 0x3, 0xf799, 0x17fb, 0x8000, 0x9, 0x1, 0x1, 0x3, 0x7, 0x7ff, 0xffffffff, 0x2, 0x400, 0x7, 0x5dbd, 0x9, 0x3, 0x7c, 0x2, 0x0, 0x0, 0x0, 0x4, 0x8000000000000001, 0x86e, 0x8, 0x9, 0x6, 0x10, 0x3, 0x101, 0x9, 0xdc4, 0x1, 0x2, 0x2, 0x9, 0x6, 0x140000000000000, 0x4, 0x2, 0x6d7, 0x825, 0x1, 0x4, 0x0, 0xb7, 0x0, 0x3, 0x2000000000000006, 0x6, 0x7, 0xd085, 0xc36, 0xffffffffffffffff, 0x8, 0x6, 0x6fd7, 0x9, 0x6, 0x1, 0xdd15, 0x4, 0x8, 0x7fffffffffffffff, 0x2, 0x1, 0x9, 0x1, 0x2, 0x5, 0x2, 0x2c05, 0x9, 0x100, 0x6, 0xd2, 0x4, 0x8000, 0x7, 0x0, 0x8, 0x0, 0x2, 0x4, 0x6, 0x6, 0xf39, 0x9, 0xfffffffffffffff2, 0x2, 0x9, 0x5045da72, 0x8, 0x100000001, 0x1, 0xbff, 0x3bb, 0x30, 0x7ff, 0x7, 0x6, 0xaf6, 0x4, 0x9, 0x3fff80000, 0x3, 0x6, 0x7, 0xb, 0xb, 0x0, 0x7f, 0x9], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"})
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000640), 0x4c4ac3, 0x0)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xa8000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0)
read$auto(0x3, 0x0, 0x80)
r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0)
write$auto(r2, 0x0, 0xc70)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(0xffffffffffffffff, 0x0, 0x41)
r4 = socket(0x2, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x406a)
mmap$auto(0xfffffffffffffffd, 0x200400006, 0xdf, 0x9b74, 0xffffffffffffffff, 0x40000000000000d)
io_setup$auto(0x1, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0x8)
sendmmsg$auto(r4, &(0x7f0000000600)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x30e)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
madvise$auto(0x0, 0x2003f0, 0x17)

5.604418777s ago: executing program 2 (id=761):
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800)
sendmsg$auto_SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000002c40)={0x0, 0x0, &(0x7f0000002c00)={&(0x7f0000002bc0)=ANY=[@ANYBLOB="1400", @ANYRES16, @ANYBLOB="0d0027bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x20044000}, 0x8040)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x9, 0x402, 0x101}, 0x6, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000100)="15")
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
modify_ldt$auto(0x1, 0x0, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xe, &(0x7f0000000340)="a8bfb76df65d2a4d5c6aee3aac7a134db2fb9f1c0e5730cba6d3a57050b020c2b05b25d4bb1cf8d2e66dcabc5c1878dfb4407ad13783e91caab4582691c74fa3834ae16ec5682993dafbbac7dff695a47fadb92124c44885a42095844c52a2b97ee406e99d6d194fa87dd5163e53ee8545e9d363436c1755a69fdeebb44b2f31b8b71cb2e14d05037b43d217548c28f5ac7c501efe5fe5f7771b5fee0b834a685df5a1c1da2d3855ae746725e78e63fa92af38d1d905112ff0366c8e78b860cf27d74e5e01882f3f48543446c5cd88f07104d03af1d9ab", 0x7fff)
pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x7, 0x2)
prctl$auto(0x2, 0x80000001, 0x0, 0x2, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0x2, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x6, 0x7, 0x5, 0xd, 0x2, 0x6]}, 0x0)
write$auto(0x3, 0x0, 0xffd8)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x4)
r2 = socket(0xa, 0x801, 0x84)
listen$auto(r2, 0x3)
getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x17d)
ioctl$auto_VHOST_SET_VRING_ENDIAN2(0xffffffffffffffff, 0x4008af13, &(0x7f0000000000)={0x5, 0x10000})

5.515591889s ago: executing program 0 (id=762):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0) (async)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
socket(0x10, 0x2, 0xc)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003ec, 0x14)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r3 = clone$auto(0x100000000021, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x100)
openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0)
r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f0000000080)={@inferred=r3, 0xd6, 0x3ff, 0x0, "d200da80f6bcf819d85cbeebcb2931c197dbd49a72117ad2b6fd0758da8544d87727950eb6c878fe59bbbc9c", @inferred=r3}) (async)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r2, 0x40405515, &(0x7f0000000080)={@inferred=r3, 0xd6, 0x3ff, 0x0, "d200da80f6bcf819d85cbeebcb2931c197dbd49a72117ad2b6fd0758da8544d87727950eb6c878fe59bbbc9c", @inferred=r3})
ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0)
ioctl$auto_PPPIOCSPASS(r4, 0x40107447, 0x0)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) (async)
openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.627187738s ago: executing program 3 (id=765):
socket(0x10, 0x2, 0x0) (async)
socket(0xa, 0x801, 0x106) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (rerun: 32)
getrandom$auto(0x0, 0x6000000, 0x3)
write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296", 0x2e)
ioctl$auto(0xffffffffffffffff, 0x8912, 0x38)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto_sg_fops_sg(r0, 0x0, 0x0)
creat$auto(0x0, 0x3)
mmap$auto(0x0, 0x60000000, 0xa3, 0xeb1, 0xffffffffffffffff, 0x7ffe) (async)
r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x1902, 0x0)
ioctl$auto_BLKPG2(r1, 0x1269, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) (rerun: 32)
openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0)
unshare$auto(0x8000000) (async)
semget$auto(0x0, 0x2e46, 0x1)
semtimedop$auto(0x0, 0x0, 0x1f4, 0x0) (async)
unshare$auto(0x8000400) (async)
socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x282700, 0x0) (async)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x2080, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdffb, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x10001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24008054}, 0x40)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000)
r2 = socket(0x2, 0x801, 0x106)
setsockopt$auto(r2, 0x6, 0x12, 0x0, 0xa1) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

4.505125021s ago: executing program 1 (id=766):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/khugepaged/pages_to_scan\x00', 0x1e2102, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
socket(0x11, 0x3, 0x80000001)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0xfffffffffffffffd, 0x3, 0x15f4da07, 0x3, 0x7, 0x65, 0x5, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0)
connect$auto(0x3, 0x0, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/module/dvb_usb_cinergyT2/parameters/debug\x00', 0x2002, 0x0)
setgroups$auto(0x3, 0xfffffffffffffffc)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x488182, 0x0)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0xffd8)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0)
pread64$auto(r1, &(0x7f00000001c0)='/sys/kernel/mm/transparent_hugepage/khugepaged/pages_to_scan\x00', 0xd901, 0x4)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/mounts\x00', 0x30a00, 0x0)
read$auto(r1, 0x0, 0xe8)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="b4000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a00000a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)

4.388194885s ago: executing program 2 (id=767):
r0 = socket(0x2c, 0x3, 0x0) (async)
mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000)
getsockopt$auto(r0, 0x11b, 0xb, 0x0, 0x0) (async)
openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/available_tracers\x00', 0x20000, 0x0)

4.105906051s ago: executing program 2 (id=768):
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, 0x0, 0x58) (async)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r2, 0x114, 0x8, 0x0, 0x4)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async)
r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x8002, 0x0)
ioctl$auto_SNDCTL_TMR_TIMEBASE(r3, 0xc0045401, &(0x7f00000000c0)="58f9fb") (async)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002dbd7000fbdbdf25020000000c002e0101040000000000000800a000ffffff7f08000300", @ANYRES32=0x0, @ANYBLOB="0500f6000300000008002600bce10000200045801c007e801000d0007463705f6d6574726963730008041f00020000000c00f080080061000a010102050074007f0000f104004400"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x44) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000020)
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r4, 0x1, 0x0) (async)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000340), r0)
set_mempolicy$auto(0x3, &(0x7f0000000040)=0x9, 0xc72) (async)
r5 = socket(0x1d, 0x2, 0x7) (async)
r6 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r7=>0x0})
bind$auto(r5, &(0x7f0000000000)=@can={0x1d, r7}, 0x6a)
pidfd_send_signal$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0xffff, &(0x7f0000000180)={@_si_pad}, 0x0)
r8 = openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000100), 0x10880, 0x0) (async)
r9 = openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0) (async)
r10 = ioctl$auto_TUNSETGROUP(r1, 0x400454ce, &(0x7f0000000180)=0x29ca61ac)
bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000280)=@bpf_attr_3={0x1, 0x4, 0x4, 0x1, 0x9, 0x0, 0xf, 0xb98e, 0x2b, "ae7090b9a93430fd014619aab2053930", r7, 0x5, r8, 0x0, 0x3, 0xfffffff7, 0x4, 0x2, 0xd, 0x1, @attach_prog_fd=r9, 0x6, 0xea3a, 0x9, 0xfffffffb, 0x2, r10, r3}, 0x8000) (async)
mmap$auto(0xfff, 0x4, 0x6, 0x1010, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xffff, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", <r11=>0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r11, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)

4.077502927s ago: executing program 0 (id=769):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x51, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf2501000000060002000100000005000700570000000800090108000000050004000300000014001f00fe88000000000000000000000000000114002000ff010000000000000000000000000001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r1 = getpid()
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x40101286, 0x0)
write$auto(r0, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0xe4, 0x0, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_RADIO_NAME={0xd0, 0x11, 'u)(\xa0\xb66s\xec\xbe\f\x19\"\xbfW:L\x15\x94\x1a\x06\xb27\b\xb7;\x1eF\xe0 .\xdfB\xbb\xe11\xea\xfdX\x95\xa5\x01\xd62\xf4E\xa5O\x1a\x950\xacJkD\xa39\x11\x11\xb4\xb1,>\xc7\xf97=\xe7\x98\xa9\xefPq\'\xc9\x8doJ$2\xae\xd1\xeaF\xd7os7\xffr\n#\x00\x00\x04\x00\xc3\x9fx\a\xc3f\xb1\xc1i\xa4\xaf8y\xf2\x0f\xa3\xcaa\xaf%\xe1\xd3j;U\xd8t\xc9\xf7\xbf\xbf\xb4$\xbb\x8eM\x17c\x9c\xc2\xbfn\x83\r\xcbY\xb4O(\x05[\x90\x9di\xbb\xd3oC\x1f\a\xd7\x1f\xeb\xb1pBr\x8e\a<\xa7?\x05\xf7UI\x92\xa4pt\x9b\xee\x904\x91\xd8\xa4\xcb\x83o\\\xdf&\xae\xe8\xe9\x80nmy\xf0\r[:\xf2\xf3\x1f\x1d\xa4'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
fchdir$auto(0xffffffffffffffff)

3.94657203s ago: executing program 3 (id=770):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
mremap$auto(0x0, 0x6, 0x3fd6, 0x0, 0x1ffffffe)
connect$auto(0x3, 0x0, 0x54)
open(0x0, 0x2a4c0, 0x40)
execve$auto(0x0, 0x0, 0x0)
io_uring_setup$auto(0x1, &(0x7f0000000000)={0x3, 0x10002, 0x7f, 0x5, 0x6, 0x5, 0xffffffffffffffff, [], {0x2, 0x2005, 0x2, 0x8, 0x400, 0xb533, 0x7, 0x5, 0x80000000}, {0x7, 0xd, 0x6e68, 0x8, 0x6b, 0x86fe, 0x0, 0x0, 0xb1}})

3.562070833s ago: executing program 0 (id=771):
r0 = socket(0x25, 0x1, 0x0)
sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3)
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
fallocate$auto(r1, 0x1, 0x2, 0x6653)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
ioctl$auto(0x3, 0x2287, 0xffffffffffffffff)
socket(0x23, 0x80805, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0xc2481, 0x0)
write$auto(r3, &(0x7f0000000040)='\xdb\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x8)
r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000)
prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0)
prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x1ff000, 0x100008, 0x843, 0x3, 0xfffff000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/pagemap\x00', 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="a8120000", @ANYRES16, @ANYBLOB="010029bd7000fbdbdf250300000004000800901201808c1204808712fa8008005d0000000000869a440e7e4ae3b96191edd0aea0625c434804bf63276fbaa4c64045687cbd06f6f9f46c08236f886d42134c9c979d626708f048d1904171c41a9d7d7dd96337ee7eaef79ea10a7135f8333f75c0208bc84c99b86429491afd3a5584e4f3a88e8cf96786268dfb063f41c3f6aaaf31b3980e86c3aa001f05f094c0b40eefd1c4e9cdae5508ac25c20f2e826aef50726f17369059bae0f23fcab983dd8fcb2a8bdcf10d5c40b6d3e6c4e4fd21c92164e51815b5790f76a7907469aba37280e08c9a64818eed31960dbfdabbd434aa11fd800800d000", @ANYRES32=0x0, @ANYBLOB="0bd2d8af69978ed98ca761f15051f725bb28dc17aee2c98e19d577785262eaf5bf1e3253f1acd7a44d8d5b8b893f273e22fb7473f66df95dbf29024d1326675fb70ba8365b187586dda2ebd800029fe4d7eef070f3c7367eaa15885771c3053d663c92156d5cc5b420a1aaa78daa6847fb27bacffc1ba13158bc7027579cb0ab01dc95f74f9b057003d25b7e42c8373b8b422ba512433ab098bf8a72b2fff1d1bb4e075be9b845cbf52b5d0e0deeeeba0ec76c37715ab5512a3144afff911e309fbffe47c8cbfe81c8e0dea865305282ec96805d6f295f3624cc0ad262246e7918b9d51ad96f7909635723c713243c181ddaefacb6c47d6ba9bd3afb67330bc941e1303e859e748ed12221fb5888142552f96bb654453c06891668c56b0c87cd54c4fb6ac577a0b8b1e9b2a1da3c2aa2f3c1bd5d8af6b15808031df88ffb0fc71f643f9ebee9ef2a0700765eb5907b3bde2b301c251b784d673f7407f167414f0a7d4c3c9da3d64dd9994568904ad7a787d4d413e2f4f70ac29feb8e60ef3b5517a9c81c2b4064a5f1bce3dfe2fb63f0f0695952fe4694f9dc0bf6cb06af0b4a8827dac8087a4c2bf9694fcbe377198e4f39276a92d837f3c293cc687f42e621f984878cc23aa74e098f5a8dc9fccc74b483b3a6d655c56508ef6edaafa47116799745b1110737e6f9cecc29d752b82f2e27a9a6dec23c285f6c0448892352be830d2b621ccefa0dc5649d2c3b32ec8ea6d1ac5ac9618f81eb12d9f4e11c6c11471c1bcf9c6d5af27f998c0f56e0763271c745dbf660db21469f1b49ae9916e67627c3e6edecbe4c6bf4a76fb01bcf0c8aaffe3f24dfe8b61b507555af6fd6870eb6da9ab4b4f404f4c830c458e88dfc77e694fb1e6731ef23501198ca7a4096c5ba27c5bfba9844971e2b75cd882e5d518c1dbe89259e23cff30af606495a1bfc98a0b46a73cc729cc7e3f6cda594e2397897cd903ef8f64082c1c18ee9b480cae14e95c6588c58946d3a5a12e78ae149b35384a8636c000a7ab7b12a7aa8cd51497b0242dcc5c838636db0a2e6e0fc59a53c58f54bb8d0a583417f29c924747e3582935f248d3253bd7a113677dd6186ef449cbcd11f253e09139dbe5a628c4da4187526c8e25861cabb3e24349f59a8c7798af9fca37ebf8a6bee33c5598fec47e11e4a70693f7969662f6deab134c065d479aa6a576809a5f00fa2bbe410edbbed83dd996db9d93c4bcedec4952881796d2fdff0ba7e1a5c8e9cd1e0b6e1c172505972bf1fe3d9d6f2ecd4f51c33588318b1bb7112a148b416bb70dd4f4dc2902adca8794fa6244652bf87828538462db5c5d0e3c033b110cfd55e0ff59e5f85b53571678cd29086ea510c65903c559ef53089bd624ff780fb9b494e3da28a11cf7fc50c095dbdee5999ac8e6b9836aa9c7948d6d5a1d32f2e7460ad316824336e45d24177b239f54f25f7425773ada59f146b971750c51f25fa541d99d7e50e7b07d7631f29b59896dd9a8acf170f004befcaeb2deb47cfa46ae3964b19f0ee788a9130e29d4d8cb34341ecf587b696edc0e08798c9ac7db2ef52bfa93541ebc7f047a5781ccca7d22c418f498ae29a15b7e56d1a59ccb3302dea4ad5dc459c490a9d39e23a17a76ce57c471227a9064e47ba4ee16582f41fa185ebdb935b1b69059d7abd7e95f024c6d63fe9dafdc0cf4fbb90306af69a9b012f5d0994ef21c7697ac4e7b5fce2d527bdeb0c6d84f381d49ca356af22a21eb5cc4cfc56f77d64b4ea2202f96d23f5c92377ac8e2ea8d059a4642fd951c7e560e207a96731d65f07ed15497269b726fc1af48f6ae1bc01ff83cb38b835fbb6de0eabc32255fc3b666df8efacbe007938e1dffee28b3993236b43642aa36c4ac158425720618a038dcb8fb4664eb5804651c492a4be2d466ed64a0088208e0bdc0c656073bd38294de46eb9eb86268fe86730213024868884c167cbb625e0459086a41b972ffa0f3c7fc8c67c2388f155628aa47da4be26420640b8a1c482969faad5d7ff6e8a2499b7248e5acee8238c8c37209cf82f941470f5e2c72486ffc681bb50d795ea44ade8294a0aa642687ac5c5868a0e5d50a65a344202128a7ea60873cdcee0d54cf493bb862f86158ef3abe98054d9102e1f25fdc34bae84de65a672c56f1f598478d3f30a541fa3866ce26840ef94e79c2feaae49fb82388c840c0f93eef097f17366109dc93e204dc3439fe819c04a2dc424cf47e72db99bc2861f8189f45bb8583074a02118fd05f74fc3db8ecafd044c64a13187967d29e0f4822db7d82d7219b04efd3a7d70b3021f63d80e195d4d94e5fcbf7f0bac20e4060008063ea08d5fe8e090804fbcbedf1a55bc2b987aead927adb30e4bc7f3d5ebada3956b1c49b873e9dd062d78c6d78c9f5d8d955c4b05214fed3ad880d7764c356c6287c01fdcb9e812af6ff6b24156cb463371aba2291b038317bdd77053c49ba1cb275767eee03d6f5aa97e6ffaee1a9b76d52e1d074274200824a5b614df877cdb6f4315cc99e37c593bd24bb5a58f4cc22fefa93f08045e00eebba5b5caebfc30105c5016f4d26446de58604a6f197c18e1716b8d16bcc0c06b5dd51a0f40f5e09625fe17e727c9b50a2282be3a32aeb031c4b55cbc604ef1e8fd5de8fef82b0d652904f162ad139b3fbc7a43d583ed0e73da2cf6e4e8063236344ec2aee3852d0a54c4ba8cd4a97d7f84e402c305e39340d1c4f9a34c0b34ec997d162272751db59b08b669db1402c3cc0e44997e5262c2b28a20037471fe953954d23cec121ac6beaa2f73da3b746168693fa76d6591e91045e143849e388fb48739e57162752e81e721f1e27fa69faf2cd2dd6919468a4d9a6e2e99de33dc3f1e1ad0c51a0901fac8d42bd1cfeff04732424c0023750b045785c27caaa0e03a99cc70f667e2ad749d9269530e044357356b7a51760b8d6102ab4b37d476d05cff68bd3ce75dee2e65ff489cec46d5f95181049094cff0c4442415ab727739e8882831ffa1ce0ab63d8850c6b46d956f6940513fe8c0f40159eea0aba996d4cc4186536872dda6654d920681b1455284f7926197fc46773719e88ad4bcd6371a476a22458ed7eef82af46e436d2332f190cddafe00401bbae86c579b63aa7fedac03c6c7352a8f35cc3b6e00aeee6f493c743614fa2c7814528f2c32594620824c6f40af74a431766f2dc2d405eef44e94a18ea29dfaf0185a0fcfa5f0cb6e9284178081fe8562d4060d570ca00caba316aaba2e53af664cffe924180ca86fc8bd7f78b962ab362ae1106ed42b1997937cef98b729d98d4f9db995ec6acbdbb3aafa061c1d9d62f54fe3e8ba917ef54057ed8358b3bc8b0b35a87469a410ec8c0e3008806c04120591de089205ae4a849e2eb87ec2d1bdb3f6468caec7a3283a25342c4d6ff81c45184dc104f187ee3516b0a0d081544f11f2634ec6411da3289e07d25777926b764f01105389c6f9b9d8829dd1f5c09ca354e754bc35562090da8fc5060b656a1fac4a196a36a367fa308286b3d5a905bb2cb1237532e523bd0beb58bc4204803ccfdf64d6b0d8cb048410752343b475f66f127acd09f1887264b61304bf5296f8cec4ebe3a7b3977dd61e96d2e3c138edf40981c80b354600755397cd491a6d107c73c35f8d6d10d90864edde4a4cbb7b0b25950c0dbbce1ecc6261fb2d585a75718f9b1493097a088588632062a7ebfc647e7dc7ed6ebd145b28b39d62b4b754e0617a445895571fcf5a312cf67709698b545ab332e5e9e4510e251f606f455b455f999ab20afb5ea5a085a259fd5a1ff06384957ac2e3ee9ed4ed872d6f83b5103b003b0d1716f4aaa29767266757b09b65ac83cac2af82e20a823f9f0077da2ca5ae092acac68ad02bcfadc6ff66c30e4cf6c3010b6fa88184ebf9917b0f524e3233d5ba85691a506d825502b93c9a2559b420ade7f3126fa75504fb32ada0eade56e8f03be319403fb41344da0c7f65255f4e8d27a044809de5cbfd73f70428630930b77b7e8275ab6792f9c12ec0a0a8a61da5adef5d49481462837cc22ba9cdf99afb020962c05a04fef51d70b48441348bdf029cff20060962a6c57bf10abb8b1dd49911d4bf1556074dc900b63d047a86ecc85e159e471393d72da1ea7af92986cdca7865d4e9c54ff9eebfe314da4c04668ebea558acbda240bbf3aa02d81d151370033bdb222da144b97ab95e85a4a54bf9a32525b323046b386de98fa3f7b13115474db19a8844115cb36d20b95375ac5205ebbefc793ea6e2447e11cf50e84af040865921546c4de08d01b69cf975f25dad072223c4f9e76e308b9b35ac3de7a6a1cc950c784bc598d602873f9a8c3e10cbbda90645c079affab8c97f9096f2f521d1c60750bb75022f23b64cd83b16db398a6dcd67aa977afdfd9f047f56f671b1746dbe6c5717f972323d239a038c83756e19d35fc3518c163f796f24dc3f767f731db6d8ed23deb370fb8b8497521a99862856e29f21bada7d2a016407f4fda266798b265ddf93a8ad0f0f0636419be844c736e4f2a753633173afeee00de096442dbbcc1f4a2bb85728809f0b83d1845e638fc09055fb0d5a1ad8c9fd3aa318727f56df1a7b74a2f93dea5629971af9985cd7bae8b456b7f8cdba540680a7b0aa8b449fd23c010234e29565cbab2edede5a46a982dbd1969e3db6d8078c095257aaba8aeb613f1fcbf047b87700962983d6174c174b3c7202a73548c457049a9ce878b40cbfdf720805c04292a2619da356b100e23784557d55e92293c17ff589f8ef226a63d314235654242c3dea83211cc3c26889c4995d10940b8a3e709db5adcee7a49e5e0b7b64d9beb203e0ba00100381d6611be3dcd304bc3c12d19c0e328fe8db61507a7a26d01f0ab4e45aebae8deeaadaa2be517b08aa02384afea99fcb35da101808e772a73bcee2aae0b64a371e72e5c61dc213b49d73a495a64374ba960d5956b24b5f945eb5c699b8b7ba92e9b7471d5e1cf3667024f40f7fce822226b3d6743accd319beba943e4d095648e7df8d2fab040d00ab793cae69ba0087e7ed3c568af423e25b23002f2e770acdbef624cf28af6fe7f9ea8d47e4da1e5e5b5d74ffa993bbfaabf4175cf0599861b65aef045e83d856a88c82e2e7f6c4ab1e4ec3c4860c1a4f5e15f16e8718acbde90ad9945eaf5803910bd3deb6182d940f87005fc6209cab20499b0a2d46bbf38e60539817d5faf56fb0a725b1810761bef7d9903e9929ab40d2174b5c0adc9a3a80555f4d1a7fa526157b6659c8aa1be505a34cd5fc75150c3786adb9177cff8e86672757815797847a44621dfd6d232541519936194e974bf08e3d1cce9a565ab8c733d3dc4cc39b53b268ff3243e1f0c94af0ca6e2cf99cb2bfdd5447046715ce0739a6ad7bc2f9cb9b2b827bc42268310b4687d485ad0b2f4ac00dcd49c0173de949b1a5ccede096c719a2aecdeae7396ac6c8669ac611900487e041b1d8460fb32cf8764d0f002b9cc8067c9d3734f35cf13841193d2254ba61c1423d6d2dfa205963c3c2f256ea1f43c632d236a84b49f95f4ff7117a92a2fc628c2f79ac5ac473626e56e46f784e36a616be6fff4e40c6a01c953d88121245c808330843f67b2f0d94824b3e01520dd454faff059d536a82a46ea3d164ffff87758c6d836ec93ca9e69080a04aa7236267e664a32de572a3bc5a1549875aff622d01eef9865c34750a1d0bd45ec12a4c4e5e8332bb0842aef9ac6bcd50370d53aec0318bcb6c09d6fcd5fdbe86f412394125e60f211855b790dc767be2ccb3e2954ef828099a882220afc4f1048188e0cd71939c9410392ba2a62f7fd15c41b7a12f56c9e2bbcc0bea059f84556263d88c1d84eef8cb900bca956aead15cc48417c22307f64641c4b65e02241bc2c9255b6951aa4e87a61e16571a4ebad108004e00", @ANYRES32, @ANYBLOB="0400d480f200da00529f4979733ec90bf4fa3b8db3515707ba013b28e3e0613070d9258112e309de31b219dba700afa443b617b50a9bf584ce905d4692b1ca3c55d5691e5a75c4f6c5fc489db1cac5f1ad0c806a8fbfe5d3169bcd9fb55eddeba91e3529e99803881b565d2d9ed38148b690d5fec9a5362e184205b75b830e8282b6d602f3a1bfa94d3d9078b0d931d43e93794ff0d824e6e72e415732d412afede0bf9fd7e39995a56678e1d3d57f550e2eb1143d3281ec1f21370eb569bda9e3f4cb59c978a693572a9b748d8ad765c1ec65967f2db62208aadb7bf34cf3011f10f26582e16245b3024f1b7486b4dd71bcfc88bbe700000800e600", @ANYRES32=0x0, @ANYBLOB="04004b803acb8073360cf7b8ba2f53d8910111e8229251a1a543472fb7f6b90000291900"], 0x12a8}, 0x1, 0x0, 0x0, 0x40010}, 0x4000800)
msgctl$auto(0x7, 0xa3, 0x0)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r6, 0x4b40, 0x1)

3.290189137s ago: executing program 1 (id=772):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) (async, rerun: 32)
r0 = socket(0x2, 0xa, 0xa) (rerun: 32)
sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, &(0x7f0000000000)={0x0, 0x4e}, 0xa, 0x0, 0x89, 0x3}, 0x7}, 0x8, 0x7fff) (async)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto_SNDCTL_SYNTH_ID(r1, 0xc08c5114, &(0x7f0000000340)) (async)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)=<r2=>0x0)
connect$auto(0x3, &(0x7f0000000080)=@nfc={0x27, <r3=>r2, 0x0, 0x6}, 0x54)
accept4$auto(r1, &(0x7f0000000040)=@nfc={0x27, r3, 0x1, 0x5}, &(0x7f00000000c0)=0x3, 0x9)

3.049893862s ago: executing program 2 (id=773):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setsockopt$auto(0x3, 0x1, 0x8, 0x0, 0x89)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000a18369c8896b0437d55ad0d7165b7469c35184b62a46fa753babce9035dd090b122fccba8febbb65e604bb129a90000d92f3bb15800357c0883adc08a77c718e81974e99bca80b8226ce99a7a121925793c4cb2f4642b564ddeb1218b0be39b6d6ab08020a199dd587fa359e4d137290172e553a686a91a280306729944bb42c96e6c5ccec75517b9880c15a318c3938c7375f543b73f359925cc024b57c9ab5f12c5c7ef39eefdd24f7f439991cc7f456d9845f94cbd7b8ca8062e3e5ad66b630d71273f250d84b92896274aa1f4c6c18b3c456e9db32ab", @ANYRES16=r1, @ANYBLOB="2f212cbd7000fddbdf2521000000"], 0x14}}, 0x20000040)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0)
mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
inotify_init1$auto(0x3000000000000)
openat$auto_generic(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/bluetooth/hci3/hci3:200/power/runtime_status\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40942, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x280, 0x0)
openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x20000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
inotify_init1$auto(0x3000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x880, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x1c8b40, 0x0)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x800, 0x0)
socketpair$auto(0x1e, 0x9, 0x7, 0x0)

2.931445197s ago: executing program 1 (id=774):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73) (async)
socket(0x2, 0x80002, 0x73)
openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/smaps\x00', 0xc0000, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0xa, 0x5, 0x0)
setsockopt$auto(r0, 0x10000000084, 0x7f, 0x0, 0x6) (async)
setsockopt$auto(r0, 0x10000000084, 0x7f, 0x0, 0x6)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
connect$auto(0x3, 0x0, 0x54) (async)
connect$auto(0x3, 0x0, 0x54)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (async)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r1 = socket(0x11, 0x80003, 0x300)
sendmmsg$auto(r1, 0x0, 0x4, 0x100) (async)
sendmmsg$auto(r1, 0x0, 0x4, 0x100)
mmap$auto(0x0, 0x2020009, 0x5, 0xeb2, 0xfffffffffffffffb, 0x40000000008000)
mprotect$auto(0x110c230000, 0xa588, 0x6)
mremap$auto(0x110c231000, 0xfffffffffffffffc, 0x101, 0x3, 0x0)
prctl$auto(0x3e, 0xba7, 0x0, 0x1000001, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0) (async)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0)
read$auto(r3, 0x0, 0x20)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x3}, 0x3)
mmap$auto(0xb, 0xfffffffffffffffd, 0x8, 0x7eff, r3, 0x5)
getpid()
gettid() (async)
gettid()
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x101402, 0x0)
mmap$auto(0x10001, 0x400008, 0x10000000000000df, 0x10, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x10001, 0x400008, 0x10000000000000df, 0x10, 0xffffffffffffffff, 0x8000)

2.810431756s ago: executing program 2 (id=775):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
rseq$auto(0x0, 0x1c, 0x5d7, 0x9)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
ioperm$auto(0x7, 0x6, 0x2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/uvcvideo/parameters/nodrop\x00', 0xa3182, 0x0)
sendfile$auto(r1, r1, 0x0, 0x3)
sendto$auto(0x3, 0x0, 0x2000f, 0x0, 0x0, 0x1c)
sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x8000800)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r2 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x103041, 0x0)
writev$auto(r2, 0x0, 0x5)
socket(0x15, 0x5, 0x0)
getpeername$auto(0x200000003, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f0000000180)={"b59972bd", 0x6, 0x6, 0x9, 0x3, 0x5c6, "4f55f06e68fd134961365573898cee", "04c06ad8", "484f27eb", "1a75adc6", ["6976c8d5c655ff5ca19f24bb", "ed49fbefe9761b47938ee0d1", "03cfb0987a0c82ecb5ef617e", "99959f34168990161550d6a1"]})
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f000000adc0)=ANY=[@ANYBLOB, @ANYRES16=r4], 0x48}, 0x1, 0x0, 0x0, 0x4044}, 0xc800)
r5 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/io\x00', 0x800, 0x0)
read$auto_proc_single_file_operations_base(r5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40401, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_MON_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000000140)={0x18, r7, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000010}, 0xc050)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x60040, 0x0)

2.697324156s ago: executing program 3 (id=776):
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/8/affinity_hint\x00', 0x0, 0x0) (async)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty49\x00', 0x40001, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004000)='/dev/audio\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000004040)) (async)
write$auto(0x3, 0x0, 0xfdef) (async)
ioctl$auto(0x3, 0x540a, r0) (async, rerun: 32)
rseq$auto(&(0x7f0000000300)={0x12, 0x401, 0x9, 0x6, 0xffffffff, 0x2}, 0xfffd, 0x0, 0x6) (async, rerun: 32)
socket(0x2, 0x801, 0x84) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = memfd_secret$auto(0x2)
write$auto_fops_ulong_ro_(r2, &(0x7f0000000080)="f7ca0dde365875c9674c06b20a120a38b97aa66b331d5116aa743a3e89d96a84fb6f6cb418bc1c8687695e1946e30dff1665bb4e5aecb2e742e97177dc953bf54cd0cc246b2a87cf2a82304cb54b9cb7aea089a78e9c0c00096a5d0ea4f7a6a52ba71708037eb9ded8191895ac469f9b0aa2eac9b55df003b42fe0f9", 0x7c)
mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x10001) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0)

2.531301604s ago: executing program 0 (id=777):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000023c0)='/proc/self/net/tls_stat\x00', 0x0, 0x0)
readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x800605, 0x2, &(0x7f0000000500)=0xffff, 0xa, 0x3)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mkdir$auto(&(0x7f0000000040)='}[,&*}\x00', 0x8001)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
r1 = socket(0x10, 0x2, 0xc)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f00000002c0)={0x0, 0xf5, &(0x7f0000000180)={&(0x7f0000000240)={0x14, r2, 0x1f5, 0x70bd28, 0x25dfdbfb, {0xa, 0x0, 0xa00}}, 0xfdef}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000000)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'nicvf0\x00'})
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000180), 0x410080, 0x0)
futex_wake$auto(0x0, 0x5, 0x4, 0xa)
madvise$auto(0x9, 0x2, 0xf06)

2.365825036s ago: executing program 3 (id=778):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) (async)
socket(0x2, 0x2, 0x0) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x482b01, 0x0) (async)
openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/bluetooth/hci0/force_suspend\x00', 0x480802, 0x0)
r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
mmap$auto(0x0, 0x400008, 0xde, 0x9b72, r3, 0x8000)
r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0)
pread64$auto(r4, 0x0, 0x7ff, 0x400) (async)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000340), 0x40000, 0x0)
r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r6 = prctl$auto(0x5, 0x1, 0x0, 0x1, 0xfffffffffffffffd) (async)
select$auto(0xf, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x7, 0x2a, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x7, 0x40, 0x3, 0x1, 0x5, 0x8d, 0xffffffdffffffffe]}, 0x0) (async)
write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/block/nullb0/hctx0/cpu0/poll_rq_list\x00', 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_GETTRIGGER(r6, 0x80045010, &(0x7f0000000440)="27239bc10a93c0c5abd822ceab923ef8f6419f7277c8592b8ab9c79e9386feb8a84ecf5f4c2737d4184277ae0086f9357c96a8507d753981ce540bca2308806ee40fbd497f77c2f36266e74814cd07798685ae256195cdbcef0457cc9690d3d0fc93ac32b713905849eeca7454a8b74ad1a65884fdcafe40ba66aeb3642af82452a199615fc56d0bc9cbf015f4e4d6df086ccc709f2aeb669cbf9073d1d9e7a74fd3b8b9e44bc8cf88cb3db11b1c")
r7 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/media1\x00', 0x101080, 0x0)
read$auto_media_devnode_fops_mc_devnode(r7, &(0x7f0000000700)=""/8, 0x8) (async)
unshare$auto(0x40000080) (async)
socket(0xf, 0x3, 0x2)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_AUTOFS_IOC_PROTOVER(r6, 0x80049363, &(0x7f00000003c0)=0xfff)
fsconfig$auto_EROFS_MOUNT_DAX_NEVER(r2, 0x0, &(0x7f0000000380)='TIPCv2\x00', &(0x7f0000000500)="745564adafe6a295b7242223459ba005d5d72c51044c539ece5ef156e2ac1f0dcc5dd3827b4ad310d74d4ab5f660257e5674af130aeb35586e5ca2d193843aa305ea1a38558751fd8b69758f11d65b70f028de042b04d8d4ece14438d39917841ff01ce5226b5b57c1a04ddd8458195ee425ce222cb6acaf12d7cecaa7c483b90b07f2a4cc4faf38b561ad9a27bf4278171e690018bdc51c9ac7e24c34cfd9fee866cdf9be0aeaf7087e84cd8855d8f03cddcef9441fec3dbc2527322960d9ed2962fe16dfeb630b40115a714bd297dd6416a02e09b6c568019e2a83e7587ef765dba34848f965c9a7ee50b2c47dff4bc3", 0x80) (async)
socket(0x1a, 0x5, 0xfffffffd) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000680)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010030bd7000fbdbdf251f00000008000b01c60000000600ab0000ddff00"], 0x24}}, 0x40) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x20000000001ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x6, 0xfffffffffffffffd, 0x10001, 0xaa9, 0x7ffffffd, 0x3, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0) (async)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000740)=ANY=[@ANYBLOB="f40000006f0926ac048151faac9a2e425bfc09a8900c6654f410407109d6132debe770abf8af535f4aa9036bcf9304678f5b5e5efe6bbc2d27257fa9453d4b23c18d7d2d1d37b0e4f7d09070203fa29021ff642930a6d515151c0b7341e52cf2e0173c92615b41dea8a5d0ddd0019b3998d21ad230a047d340a0765259dddfe818a65354", @ANYRES16=r1, @ANYBLOB="01002ebd7000fbdbdf2503000000e0000180191f2b3bb61559b8863a0830fb9b7d4cd53aa5699902c003ce255c1f3826ea1b3ec710787c64603cbe0f5a033292c417d2bf3a7c4ca36d3f83113bdec7812a34b2c1e2702518186063d8adf6d715b7eac582bf1f80743bd8680642b84c2f6bed094f561b6505fadeb4d58dc627eb41a45355f363e508bd38feef76b774a0165c943c9daa2a5f67127d131049366f623211e9eef03fd62a96d03f101afbb38d3b00300a216d61d728c95a6145d6bbe49090e0eafa63ce9f86e349733ac6a4fcdb9b87e2ba1e52d303ac6339b8214d0d4979734e633dbf00894eb2a4f2"], 0xf4}, 0x1, 0x0, 0x0, 0x1}, 0x24040804) (async, rerun: 64)
r8 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x2400, 0x0) (rerun: 64)
ioctl$auto_RTC_SET_TIME(r8, 0x4024700a, &(0x7f00000001c0)={0x3, 0x6, 0x9, 0x1b, 0x7, 0x81, 0xffffffff, 0x4fa, 0x8})

2.06474826s ago: executing program 0 (id=779):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async, rerun: 32)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/version\x00', 0x0, 0x0) (rerun: 32)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) (async)
syz_clone(0x280, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) (rerun: 64)

1.874893054s ago: executing program 2 (id=780):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socket(0x1, 0x2, 0x0)
socket(0xa, 0x3, 0xff)
r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, r0, 0x8000)
openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/snd_usb_variax/unbind\x00', 0x654b82, 0x0)
r1 = socket(0x18, 0x80000, 0x0)
connect$auto(r1, 0x0, 0x1e)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/nr11/tx_queue_len\x00', 0x2000, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001940), 0x80643, 0x0)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x24040, 0x0)
write$auto(0xca, &(0x7f00000002c0)='\x04=\x01\r\xfb\a\x00\x00\x00\x00\x00\x00\x00\xa2\x00\x00\xccb\xc9\x19AWL\x00\b2\xa7e\xbd\x97\x9c\x05z\xccs\xba\xa2,&\xe9\x11\xfe{ai\x8a\x86V \x8eb=OJC\xaf.D\x8f\x97\x03g*\x1c\x98~\x15\xc3\\\xcbed\xff\xb1\x92~\x89S\"\xdac\x99\xf7!\a\xfb\xf8Vf\x18\xc8\xbbu\xcd\xf6\x80\x92\xa9\xda(\xa2\x93p\n\xe5t\x1b$\x9f\xa3\x1a\x82\x06\x12\xa6\a\"\xba\x8a\x88t\xf2A\xb9g$H\xcc\xc7\x8eoi\xf5\x02\n\"\xdf9\xa5>\x91\xf2\xde\xa8\xd3\x9f\x9d\xba6\xc0\xcb!w\a\xdd\xbb\xf1kox\x04\xe8a\x93\xf3\x12eE]\f\a\xf7N\xb7\x85\a\xf1+\x05\xe7\xb5\xa9m-+(\xaf\xf9\xa4r\x0fX~\v\xa7\xf3\x9cD\t\x80\x8b\x9d6\x1f\xdc\xc4y\x1d\x9a\xff\x0e\xbb\x8c^\xb9\x06\xcd\xa1\xf9\xec\xc1\xc3\xd7\x0fr\x16Hf\xb5\x17\x10\xf9\x03H\x19\x1a\xa8\xd1\xad\xa2\xd3\xe7\xa7\x883Y\x7fS\x80|\x9e\x91O\xca@\xe45\x80\x95\xdf\xdbn\x01\xde\xfd\vH\xfc\xe6o\xf5\x1c\x034\xf5\xd8\xb1}JX{\xf0\x89\x1d\xb5P`j\x10I\xf2\x16PQ\x85\xa7\t\x98\x1c\xe2Y\xa1\x03\x9b\xdd4VQF\x8d\xc9\xa5\fm\xca\xfd\x92\n\\\xf8\xb5C\xce\xa9\xdc\xddg\x8e2x\xde\xdf\x14zd\x01s\xaa\xd7v\xfa\xe3\x99\v|2', 0x2d9)
ioctl$auto_BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={"ef65ce7cb454168d6c0000000000002713df81000000ffffffffffffff2900", 0x3ff, 0x402, 0xffc, 0x400004, 0x200000000040000d})

1.801784886s ago: executing program 1 (id=781):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sysfs$auto(0x2, 0x4c, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dmmidi2\x00', 0x1, 0x0)
msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf})
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8)
write$auto(r2, 0x0, 0x100000a3d9)
ioctl$auto(0xffffffffffffffff, 0x540a, 0x0)
close_range$auto(0x2, 0x8, 0x0)
msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x15)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, &(0x7f00000002c0)={0x9, 0x695036b8, "342abaf860ff924b8b6a566a1cafbe11d456cf911218a1b4039a7def9592eaa8de4ef37a3f5d223cc10f5baca7c6e1611a0f2469a679d4b7edde30515e224e9c", "0dd9bc7fe2d44031d763ff4cc57c43bf00102c96505727b2b05af6a58e1f62b13de5e5d3614a629ffc5c02ed8b6926cabb76f60e2b6b8b323cfb2b1d82f247f98d29e635cb7aebbd7a595dd426980888", 0x81, 0xea3, "3234873e9d8370188fca0655818cdc614378957367eff7eb10fc4cdb501a6403a1265cbf90ad6fd714566bde37d6a4752d6c1dbddae8853a6a8be38d61cb2dd4"})
madvise$auto(0xa, 0x9, 0xf)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0004008ebcda8a3a0a7329a67a812b90034af83e4ffd57cb570bdfcebb9fcc9f2e9a6096bcaca0b5357fac4899", @ANYRES32=r1, @ANYBLOB="010029bd440bb2017000fbdbdf250300000004000800140001800800028004001d8008001400"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800)
r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
read$auto(r4, 0x0, 0x0)
write$auto(0x3, 0x0, 0xffd8)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)

1.331681689s ago: executing program 3 (id=782):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/msr\x00', 0x181f82, 0x0)
readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
ioctl$auto(r1, 0x41045508, r1)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000140), 0x203, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x6, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
socket(0xa, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r3 = clone$auto(0x6, 0x8000000000000001, &(0x7f0000000080)=0xcf, &(0x7f00000000c0)=0xffff7fff, 0x1000)
prctl$auto(0xa134, 0x22, r3, 0x800, 0x5)
socket(0x2, 0x1, 0x106)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x4, 0x0, 0x3, &(0x7f0000000000)='!/*:(*\'\x00', 0x800000e)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
setresuid$auto(0x60, 0x1000, 0x607)
ioctl$auto(r4, 0x2284, 0xffffffffffffffff)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, r2, 0x300000000000)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0)
statmount$auto(&(0x7f0000000040)={0xffff, @raw=0x2, 0x6, 0x4, 0xfffffffffffffff8}, &(0x7f0000000340)={0x3ff, 0x1, 0x7fff, 0x8, 0x6, 0x3, 0x0, 0x5, 0x8, 0x8, 0x3, 0x690, 0x1604000000000, 0x2, 0x100, 0xfff, 0x2, 0x9, 0xfffff1a0, 0x8, 0xc, 0xfff, 0x3, 0x9501, 0x0, 0x9, 0xeb, 0x5c1f, 0x1, 0x9, 0x20000000, [0x9, 0x1ff, 0x8, 0x2, 0x0, 0x2, 0x2, 0x7, 0x6, 0x7f, 0x100, 0x2, 0x9, 0x1, 0x4, 0x3, 0x0, 0x10001, 0x8, 0x0, 0x7, 0xa5, 0xc, 0x1, 0x8000000000000000, 0x7, 0x3, 0x80000001, 0x2, 0x2, 0x0, 0x9, 0xe23f, 0x7fff, 0x3, 0x0, 0x9, 0x800, 0x6, 0x0, 0x7, 0xfff, 0xffffffff], "0d4da07757fc0a8e5de18bd363ce4cd41558fdae0643974f4f329960f2cb8c8e546a2541ef8227735f9d60e3cb50f6712c580dab3d8d1876a632fbe3c7bc8983b2033f3e94ce99928fb6f63d6a5d00427e16356cd2bb5ac7332f15102dfa643a2ac8b0a2354713be651e33e04d87dc8db31dee05bda730841ad8c01c925cfb6c19c83be19a876ab65f124cbd4bf03702b919b3334dc9"}, 0x6, 0x7)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

23.617448ms ago: executing program 0 (id=783):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/mode\x00', 0x121102, 0x0)
read$auto(r0, &(0x7f0000000180)='!]\x00', 0x7fff)
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0xb, 0x0)
ioctl$auto_BTRFS_IOC_ENCODED_WRITE(r1, 0x40809440, &(0x7f0000000280)={&(0x7f0000000000)={&(0x7f00000001c0)="d7d4f7c75af3704571c9ea3d5dda097d897e5cc2bc986a5e66b41ac4417e3fa087745f34677eb6388cd35e18a8be7fd97c700bacd7f41925e613af3849c493cee0f1df51a38a4d7cfdbfaab7de2faddfac6eb2428351e33eea0a043d49cc8700fdbf5169ebafa9e6de6301aa36c7b6cc2fee1d7a4ffd322f7997787c9d956eeac3c069b25cbb38db4c8412effa0770a71c9e3b97ec8c30beb4add5", 0x81}, 0x400, 0x1, 0x5, 0xf, 0x8001, 0x6, 0x6, 0xffffffb8, "30e568ec981e1f432b89c7c33469cba03d36c92201d6434681dc86c3cef2ab6b92b4b0e507619defb76cab61e61d47b6c56c02e6553f9f2d43266b0d25fe9938"})
r2 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_fops_u16_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/psample/out_tc\x00', 0x101002, 0x0)
write$auto(r3, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x03\x00\x00\x00\xc7\xd9\x88t?$\xe4W\x88Q\xe6e\xb2\xa5\xbbZ$\xc9\xa4@\xfb\xca|I\xb9\xdf\xb9\x81K\x02\xcb\t\x9f\x80\x187\xab\b\xd22\x14\xacj\x11\xd0\xa5E\x14\xc4n\xb7\xa4C\xb2C\x02\xb5L!\xc9_8\xe0r\xa8\a\x1d\x03/\xb0x\x83\xd8\x1d\xd3\x1e\xd0\xdd\x131\xca\x98\x96\xbc`\x06\a,\x88\x9dhT\xc6\x88\xa1\xd7\xe0\xb7\n\xbc\xbc\xf3\xd6\xf4g&\xed\xc2n\xee\x89\xfc\xf7F@\xf2\xddW;/%@\x185\x1ab\xf4*\xb8\x9a`D\xa3\xd0\xc3\x10\xff>\x87(\xba\xb4\xa0\x84\x89n9\x85\xa1\x8a\xce\x00'/176, 0x100081)
socket(0xa, 0x1, 0x84)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0)
unshare$auto(0x40000080)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)

16.623758ms ago: executing program 1 (id=784):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
ustat$auto(0x801, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x1, 0x3fc, 0x1000000000012, r0, 0xf50)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000)
r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r1, &(0x7f0000000840)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b40", 0xd4f)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_SET(r4, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
setsockopt$auto_SO_TYPE(r3, 0xd, 0x3, &(0x7f0000000140)='--\x00', 0xd55)
io_uring_register$auto(0x2, 0xa, 0x0, 0x20)
r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0\x00', 0x940, 0x0)
ioctl$auto_MEMGETBADBLOCK(r5, 0x40084d0b, &(0x7f0000000040)=0x7)
ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), r4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r6)
capget$auto(&(0x7f0000000000)={0x3, 0xffffffffffffffff}, &(0x7f0000000040)={0x9, 0x8, 0x61c00000})
r7 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/ns/cgroup\x00', 0x1e000, 0x0)
dup2$auto(r7, r7)
mmap$auto(0x0, 0x8, 0xdf, 0xe31, 0x40000000000a5, 0x8000)
open(&(0x7f0000000100)='.\x00', 0x0, 0x408)

0s ago: executing program 3 (id=785):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone3(&(0x7f0000000300)={0x12a004080, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1}, 0x58)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), r0)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100253d7000fddbdf2501000000100007800c0001000600000000000000fc28617b9cf12386b858b6b88732d46b2e7213e25cbc05fabc612902777dc493cdc695ab7b0ee004dad1bb56bbf27149a5828c62cc10ccb5dddab64672236e2f4e1c007703703908bacd2419563aa83d38bd3e846d544c108f0044039e15dc5c70cc8f6ec84d65d8d700"/147], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x8880)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.251' (ED25519) to the list of known hosts.
[   98.817109][ T5816] cgroup: Unknown subsys name 'net'
[   98.984996][ T5816] cgroup: Unknown subsys name 'cpuset'
[   98.994925][ T5816] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[  100.848517][ T5816] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[  102.312109][ T1208] cfg80211: failed to load regulatory.db
[  103.110845][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  103.120161][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  103.128171][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  103.136154][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  103.144901][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  103.153666][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  103.161898][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  103.189707][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  103.201797][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  103.211140][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  103.248183][   T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  103.259131][   T52] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  103.267342][   T52] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  103.275688][   T52] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  103.283998][   T52] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  103.314385][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  103.324065][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  103.336744][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  103.350546][ T5834] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  103.360864][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  103.737734][ T5832] chnl_net:caif_netlink_parms(): no params data found
[  103.929908][ T5835] chnl_net:caif_netlink_parms(): no params data found
[  104.064622][ T5840] chnl_net:caif_netlink_parms(): no params data found
[  104.099421][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.107232][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.114775][ T5832] bridge_slave_0: entered allmulticast mode
[  104.122338][ T5832] bridge_slave_0: entered promiscuous mode
[  104.149682][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.157099][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.164630][ T5832] bridge_slave_1: entered allmulticast mode
[  104.173180][ T5832] bridge_slave_1: entered promiscuous mode
[  104.275283][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.285823][ T5842] chnl_net:caif_netlink_parms(): no params data found
[  104.300636][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.315764][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.323005][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.330160][ T5835] bridge_slave_0: entered allmulticast mode
[  104.337751][ T5835] bridge_slave_0: entered promiscuous mode
[  104.377971][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.385410][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.392730][ T5835] bridge_slave_1: entered allmulticast mode
[  104.400059][ T5835] bridge_slave_1: entered promiscuous mode
[  104.474146][ T5832] team0: Port device team_slave_0 added
[  104.514293][ T5832] team0: Port device team_slave_1 added
[  104.527453][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.535029][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.542896][ T5840] bridge_slave_0: entered allmulticast mode
[  104.550491][ T5840] bridge_slave_0: entered promiscuous mode
[  104.561276][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.589592][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.597023][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.604455][ T5840] bridge_slave_1: entered allmulticast mode
[  104.611800][ T5840] bridge_slave_1: entered promiscuous mode
[  104.621412][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.699013][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  104.706074][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.733674][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  104.745664][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state
[  104.752999][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.760815][ T5842] bridge_slave_0: entered allmulticast mode
[  104.768480][ T5842] bridge_slave_0: entered promiscuous mode
[  104.807710][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  104.814751][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  104.840792][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  104.852104][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state
[  104.859269][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.867023][ T5842] bridge_slave_1: entered allmulticast mode
[  104.874578][ T5842] bridge_slave_1: entered promiscuous mode
[  104.884332][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.895579][ T5835] team0: Port device team_slave_0 added
[  104.926652][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.953001][ T5835] team0: Port device team_slave_1 added
[  105.028987][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.041514][ T5840] team0: Port device team_slave_0 added
[  105.061542][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.068542][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.094904][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.107858][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.115030][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.141020][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.154480][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.165704][ T5840] team0: Port device team_slave_1 added
[  105.177585][ T5832] hsr_slave_0: entered promiscuous mode
[  105.184123][ T5832] hsr_slave_1: entered promiscuous mode
[  105.191239][   T52] Bluetooth: hci1: command tx timeout
[  105.271428][   T52] Bluetooth: hci0: command tx timeout
[  105.286221][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.293328][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.319648][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.333640][ T5842] team0: Port device team_slave_0 added
[  105.340183][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.347251][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.373322][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.380431][   T52] Bluetooth: hci2: command tx timeout
[  105.413143][ T5842] team0: Port device team_slave_1 added
[  105.430503][   T52] Bluetooth: hci3: command tx timeout
[  105.484398][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.491805][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.520069][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.542196][ T5835] hsr_slave_0: entered promiscuous mode
[  105.548634][ T5835] hsr_slave_1: entered promiscuous mode
[  105.555150][ T5835] debugfs: 'hsr0' already exists in 'hsr'
[  105.560982][ T5835] Cannot create hsr debugfs directory
[  105.581217][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.588205][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  105.614290][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.692007][ T5840] hsr_slave_0: entered promiscuous mode
[  105.698665][ T5840] hsr_slave_1: entered promiscuous mode
[  105.705494][ T5840] debugfs: 'hsr0' already exists in 'hsr'
[  105.711352][ T5840] Cannot create hsr debugfs directory
[  105.846504][ T5842] hsr_slave_0: entered promiscuous mode
[  105.853579][ T5842] hsr_slave_1: entered promiscuous mode
[  105.859703][ T5842] debugfs: 'hsr0' already exists in 'hsr'
[  105.865811][ T5842] Cannot create hsr debugfs directory
[  106.164242][ T5832] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  106.177700][ T5832] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  106.210296][ T5832] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  106.228124][ T5832] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  106.295447][ T5835] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  106.306694][ T5835] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  106.318955][ T5835] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  106.331385][ T5835] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  106.430815][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  106.449912][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  106.461538][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  106.493337][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  106.589244][ T5842] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  106.600092][ T5842] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  106.622742][ T5842] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  106.636682][ T5842] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  106.676262][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.715459][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.749521][ T5832] 8021q: adding VLAN 0 to HW filter on device team0
[  106.774776][ T4888] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.782206][ T4888] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.796742][ T5835] 8021q: adding VLAN 0 to HW filter on device team0
[  106.826499][ T2908] bridge0: port 1(bridge_slave_0) entered blocking state
[  106.833706][ T2908] bridge0: port 1(bridge_slave_0) entered forwarding state
[  106.845297][ T2908] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.852493][ T2908] bridge0: port 2(bridge_slave_1) entered forwarding state
[  106.894359][ T2908] bridge0: port 2(bridge_slave_1) entered blocking state
[  106.901555][ T2908] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.013813][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.024397][ T5835] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  107.045412][ T5832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  107.084969][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[  107.149716][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.156952][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.183808][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.191027][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.212119][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.271201][   T52] Bluetooth: hci1: command tx timeout
[  107.281962][ T5842] 8021q: adding VLAN 0 to HW filter on device team0
[  107.322534][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.329741][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.351218][   T52] Bluetooth: hci0: command tx timeout
[  107.357403][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.364617][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.431337][   T52] Bluetooth: hci2: command tx timeout
[  107.515489][   T52] Bluetooth: hci3: command tx timeout
[  107.554496][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.592840][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0
[  107.727262][ T5835] veth0_vlan: entered promiscuous mode
[  107.752707][ T5832] veth0_vlan: entered promiscuous mode
[  107.776990][ T5835] veth1_vlan: entered promiscuous mode
[  107.803810][ T5832] veth1_vlan: entered promiscuous mode
[  107.866900][ T5835] veth0_macvtap: entered promiscuous mode
[  107.917232][ T5835] veth1_macvtap: entered promiscuous mode
[  107.939348][ T5832] veth0_macvtap: entered promiscuous mode
[  107.962221][ T5832] veth1_macvtap: entered promiscuous mode
[  107.995814][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.008495][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.028485][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.048141][ T2908] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.061564][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.074683][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.088309][ T2908] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.098371][ T2908] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.122962][ T2908] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.133158][ T2908] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.158963][ T2908] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.168112][ T2908] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.178459][ T2908] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.196330][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.308495][ T5840] veth0_vlan: entered promiscuous mode
[  108.356165][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.362131][ T5840] veth1_vlan: entered promiscuous mode
[  108.364625][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.425547][ T5842] veth0_vlan: entered promiscuous mode
[  108.444155][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.460893][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.498105][ T5842] veth1_vlan: entered promiscuous mode
[  108.514405][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.529203][ T5840] veth0_macvtap: entered promiscuous mode
[  108.532214][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.563970][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.572036][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.589036][ T5840] veth1_macvtap: entered promiscuous mode
[  108.648801][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[  108.683656][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.697640][ T5842] veth0_macvtap: entered promiscuous mode
[  108.717491][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.727406][ T5842] veth1_macvtap: entered promiscuous mode
[  108.797971][ T2908] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.820789][ T2908] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.860390][ T2908] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.869208][ T2908] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.933764][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.969667][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.001355][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  109.019434][ T5918] usb usb23: usbfs: interface 0 claimed by hub while 'syz.0.1' sets config #1
[  109.127910][ T2908] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.148744][ T2908] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.200509][ T2908] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.221225][ T2908] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.355774][   T52] Bluetooth: hci1: command tx timeout
[  109.414109][ T2908] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.430423][   T52] Bluetooth: hci0: command tx timeout
[  109.471554][ T2908] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.510634][   T52] Bluetooth: hci2: command tx timeout
[  109.595770][   T52] Bluetooth: hci3: command tx timeout
[  109.631886][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.651311][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.737553][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.750421][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.844468][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.869568][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.219359][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.
[  110.258977][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.
[  110.285407][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.
[  110.307005][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.
[  110.335891][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.
[  110.345020][ T5932] netlink: 'syz.3.4': attribute type 11 has an invalid length.

syzkaller
syzkaller login: [  110.530531][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.540655][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  110.563473][ T5940] Zero length message leads to an empty skb
[  110.690656][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.699033][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  110.823165][ T5944] netlink: 'syz.1.7': attribute type 11 has an invalid length.
[  110.910487][ T5944] netlink: 'syz.1.7': attribute type 11 has an invalid length.
[  111.043626][ T5944] netlink: 'syz.1.7': attribute type 11 has an invalid length.
[  111.210530][ T5944] netlink: 'syz.1.7': attribute type 11 has an invalid length.
[  111.240649][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.380796][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.441032][   T52] Bluetooth: hci1: command tx timeout
[  111.510615][   T52] Bluetooth: hci0: command tx timeout
[  111.591062][   T52] Bluetooth: hci2: command tx timeout
[  111.600815][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.609129][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.670756][   T52] Bluetooth: hci3: command tx timeout
[  112.053676][   T30] audit: type=1800 audit(1762168736.627:2): pid=5957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.10" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  112.258365][ T5967] input: f�
 as /devices/virtual/input/input5
[  112.518234][ T5952] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  113.527613][ T5986] vivid-003: =================  START STATUS  =================
[  113.527686][ T5986] vivid-003: Radio HW Seek Mode: Bounded
[  113.527749][ T5986] vivid-003: Radio Programmable HW Seek: false
[  113.527785][ T5986] vivid-003: RDS Rx I/O Mode: Block I/O
[  113.527819][ T5986] vivid-003: Generate RBDS Instead of RDS: false
[  113.527854][ T5986] vivid-003: RDS Reception: true
[  113.527885][ T5986] vivid-003: RDS Program Type: 0 inactive
[  113.527925][ T5986] vivid-003: RDS PS Name:  inactive
[  113.527964][ T5986] vivid-003: RDS Radio Text:  inactive
[  113.528004][ T5986] vivid-003: RDS Traffic Announcement: false inactive
[  113.528045][ T5986] vivid-003: RDS Traffic Program: false inactive
[  113.528094][ T5986] vivid-003: RDS Music: false inactive
[  113.528134][ T5986] vivid-003: ==================  END STATUS  ==================
[  113.559620][ T5994] netlink: 'syz.3.17': attribute type 27 has an invalid length.
[  113.559715][ T5994] netlink: 146 bytes leftover after parsing attributes in process `syz.3.17'.
[  113.779347][ T5995] HfR: entered promiscuous mode
[  113.817938][ T5991] netlink: set zone limit has 8 unknown bytes
[  113.820934][ T5988] random: crng reseeded on system resumption
[  114.903689][ T6020] vhci_hcd: invalid port number 16
[  114.977828][   T30] audit: type=1800 audit(1762168739.557:3): pid=6026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.21" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  115.048592][ T6020] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  115.221985][ T6023] process 'syz.1.22' launched './file0' with NULL argv: empty string added
[  115.590643][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  115.835592][ T6031] capability: warning: `syz.2.18' uses 32-bit capabilities (legacy support in use)
[  116.247631][ T6047] HfR: entered promiscuous mode
[  116.319349][ T6044] netlink: set zone limit has 8 unknown bytes
[  118.030706][ T6069] FAULT_INJECTION: forcing a failure.
[  118.030706][ T6069] name failslab, interval 1, probability 0, space 0, times 1
[  118.080635][ T6069] CPU: 0 UID: 0 PID: 6069 Comm: syz.1.32 Not tainted syzkaller #0 PREEMPT(full) 
[  118.080678][ T6069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  118.080708][ T6069] Call Trace:
[  118.080718][ T6069]  <TASK>
[  118.080730][ T6069]  dump_stack_lvl+0x16c/0x1f0
[  118.080773][ T6069]  should_fail_ex+0x512/0x640
[  118.080820][ T6069]  ? __kmalloc_node_noprof+0xcd/0x8a0
[  118.080864][ T6069]  should_failslab+0xc2/0x120
[  118.080906][ T6069]  __kmalloc_node_noprof+0xe0/0x8a0
[  118.080946][ T6069]  ? alloc_slab_obj_exts+0x43/0xf0
[  118.081003][ T6069]  ? alloc_slab_obj_exts+0x43/0xf0
[  118.081050][ T6069]  alloc_slab_obj_exts+0x43/0xf0
[  118.081100][ T6069]  new_slab+0x283/0x360
[  118.081152][ T6069]  ___slab_alloc+0xdae/0x1a60
[  118.081206][ T6069]  ? copy_net_ns+0xe9/0x690
[  118.081257][ T6069]  ? copy_net_ns+0xe9/0x690
[  118.081290][ T6069]  ? __slab_alloc.constprop.0+0x63/0x110
[  118.081342][ T6069]  __slab_alloc.constprop.0+0x63/0x110
[  118.081397][ T6069]  kmem_cache_alloc_noprof+0x43f/0x6e0
[  118.081424][ T6069]  ? net_alloc_generic+0x1e/0x70
[  118.081449][ T6069]  ? copy_net_ns+0xe9/0x690
[  118.081483][ T6069]  ? copy_net_ns+0xe9/0x690
[  118.081512][ T6069]  copy_net_ns+0xe9/0x690
[  118.081543][ T6069]  ? copy_cgroup_ns+0x71/0x6b0
[  118.081578][ T6069]  create_new_namespaces+0x3ea/0xa90
[  118.081620][ T6069]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  118.081659][ T6069]  ksys_unshare+0x45b/0xa40
[  118.081715][ T6069]  ? __pfx_ksys_unshare+0x10/0x10
[  118.081761][ T6069]  ? xfd_validate_state+0x61/0x180
[  118.081817][ T6069]  __x64_sys_unshare+0x31/0x40
[  118.081860][ T6069]  do_syscall_64+0xcd/0xfa0
[  118.081899][ T6069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.081933][ T6069] RIP: 0033:0x7fb3bd18efc9
[  118.081958][ T6069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.081989][ T6069] RSP: 002b:00007fb3be02a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  118.082020][ T6069] RAX: ffffffffffffffda RBX: 00007fb3bd3e5fa0 RCX: 00007fb3bd18efc9
[  118.082042][ T6069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  118.082061][ T6069] RBP: 00007fb3bd211f91 R08: 0000000000000000 R09: 0000000000000000
[  118.082081][ T6069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  118.082100][ T6069] R13: 00007fb3bd3e6038 R14: 00007fb3bd3e5fa0 R15: 00007ffd78a79798
[  118.082144][ T6069]  </TASK>
[  118.328903][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.474539][ T6071] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  118.869695][ T6085] nla_validate_range_unsigned: 13 callbacks suppressed
[  118.869719][ T6085] netlink: 'syz.1.36': attribute type 11 has an invalid length.
[  118.936578][ T6085] netlink: 'syz.1.36': attribute type 11 has an invalid length.
[  118.963014][ T6085] netlink: 'syz.1.36': attribute type 11 has an invalid length.
[  119.008696][ T6085] netlink: 'syz.1.36': attribute type 11 has an invalid length.
[  119.060590][ T6085] netlink: 'syz.1.36': attribute type 11 has an invalid length.
[  120.490447][ T6113] zswap: compressor  not available
[  122.368967][ T6132] syz.3.46 (6132) used greatest stack depth: 17928 bytes left
[  122.699962][ T6143] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  122.816861][   T30] audit: type=1800 audit(1762168747.397:4): pid=6145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.49" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  123.088741][ T6147] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  124.845494][ T6172] futex_wake_op: syz.1.57 tries to shift op by -2048; fix this program
[  125.136738][ T6177] zswap: compressor 5���hH���X^rRO�ת��WCn#ТڪeBH�V�����Q.V�dl��M�_ not available
[  125.519717][ T6192] random: crng reseeded on system resumption
[  126.345154][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  126.360366][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  126.467896][ T6206] vivid-003: =================  START STATUS  =================
[  126.563916][ T6206] vivid-003: Radio HW Seek Mode: Bounded
[  126.634250][ T6206] vivid-003: Radio Programmable HW Seek: false
[  126.717375][ T6206] vivid-003: RDS Rx I/O Mode: Block I/O
[  126.760599][ T6206] vivid-003: Generate RBDS Instead of RDS: false
[  126.767142][ T6206] vivid-003: RDS Reception: true
[  126.857317][ T6206] vivid-003: RDS Program Type: 0 inactive
[  126.867456][ T6213] mmap: syz.1.64 (6213) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  127.036989][ T6206] vivid-003: RDS PS Name:  inactive
[  127.062605][ T6206] vivid-003: RDS Radio Text:  inactive
[  127.088040][ T6206] vivid-003: RDS Traffic Announcement: false inactive
[  127.250310][ T6206] vivid-003: RDS Traffic Program: false inactive
[  127.317062][ T6206] vivid-003: RDS Music: false inactive
[  127.403617][ T6206] vivid-003: ==================  END STATUS  ==================
[  128.164324][ T6231] netlink: 'syz.1.68': attribute type 11 has an invalid length.
[  128.183393][ T6231] netlink: 'syz.1.68': attribute type 11 has an invalid length.
[  128.222744][ T6231] netlink: 'syz.1.68': attribute type 11 has an invalid length.
[  128.258834][ T6233] netlink: 'syz.0.69': attribute type 11 has an invalid length.
[  128.308940][ T6233] netlink: 'syz.0.69': attribute type 11 has an invalid length.
[  128.340478][ T6233] netlink: 'syz.0.69': attribute type 11 has an invalid length.
[  128.437900][ T6235] netlink: 'syz.3.70': attribute type 11 has an invalid length.
[  128.479380][ T6235] netlink: 'syz.3.70': attribute type 11 has an invalid length.
[  128.530567][ T6235] netlink: 'syz.3.70': attribute type 11 has an invalid length.
[  128.684601][ T6239] random: crng reseeded on system resumption
[  129.860334][    C1] sd 0:0:1:0: [sda] tag#6488 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[  129.870953][    C1] sd 0:0:1:0: [sda] tag#6488 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00
[  131.488111][ T6285] netlink: 'syz.0.83': attribute type 11 has an invalid length.
[  131.618161][ T6287] syz.1.84 uses obsolete (PF_INET,SOCK_PACKET)
[  133.455866][ T6320] nla_validate_range_unsigned: 7 callbacks suppressed
[  133.455891][ T6320] netlink: 'syz.0.101': attribute type 11 has an invalid length.
[  133.483782][ T6320] netlink: 'syz.0.101': attribute type 11 has an invalid length.
[  133.510406][ T6320] netlink: 'syz.0.101': attribute type 11 has an invalid length.
[  133.818421][ T6328] netlink: 342 bytes leftover after parsing attributes in process `syz.0.95'.
[  133.898840][ T6326] random: crng reseeded on system resumption
[  136.029910][ T6355] zswap: compressor  not available
[  136.430098][ T6364] ptrace attach of "./syz-executor exec"[6366] was attempted by "./syz-executor exec"[6364]
[  136.675166][ T6373] FAULT_INJECTION: forcing a failure.
[  136.675166][ T6373] name fail_futex, interval 1, probability 0, space 0, times 1
[  136.740451][ T6373] CPU: 0 UID: 0 PID: 6373 Comm: syz.0.104 Not tainted syzkaller #0 PREEMPT(full) 
[  136.740491][ T6373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  136.740509][ T6373] Call Trace:
[  136.740518][ T6373]  <TASK>
[  136.740529][ T6373]  dump_stack_lvl+0x16c/0x1f0
[  136.740568][ T6373]  should_fail_ex+0x512/0x640
[  136.740620][ T6373]  get_futex_key+0x1d0/0x1560
[  136.740662][ T6373]  ? __pfx_get_futex_key+0x10/0x10
[  136.740703][ T6373]  ? __pfx_free_one_page+0x10/0x10
[  136.740756][ T6373]  futex_wake+0xea/0x530
[  136.740807][ T6373]  ? do_getxattr+0x1fc/0x360
[  136.740836][ T6373]  ? __pfx_futex_wake+0x10/0x10
[  136.740887][ T6373]  ? path_getxattrat+0x139/0x2d0
[  136.740919][ T6373]  ? __pfx_path_getxattrat+0x10/0x10
[  136.740965][ T6373]  do_futex+0x1e3/0x350
[  136.741008][ T6373]  ? __pfx_do_futex+0x10/0x10
[  136.741061][ T6373]  __x64_sys_futex+0x1e0/0x4c0
[  136.741110][ T6373]  ? __pfx___x64_sys_futex+0x10/0x10
[  136.741164][ T6373]  ? xfd_validate_state+0x61/0x180
[  136.741210][ T6373]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  136.741259][ T6373]  do_syscall_64+0xcd/0xfa0
[  136.741298][ T6373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.741331][ T6373] RIP: 0033:0x7fa74c38efc9
[  136.741367][ T6373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.741395][ T6373] RSP: 002b:00007fa74d22d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  136.741441][ T6373] RAX: ffffffffffffffda RBX: 00007fa74c5e6188 RCX: 00007fa74c38efc9
[  136.741461][ T6373] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa74c5e618c
[  136.741480][ T6373] RBP: 00007fa74c5e6180 R08: 00007fa74d270000 R09: 0000000000000000
[  136.741499][ T6373] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  136.741518][ T6373] R13: 00007fa74c5e6218 R14: 00007ffd3b0f1940 R15: 00007ffd3b0f1a28
[  136.741560][ T6373]  </TASK>
[  138.257779][ T6402] random: crng reseeded on system resumption
[  138.514004][ T6411] FAULT_INJECTION: forcing a failure.
[  138.514004][ T6411] name failslab, interval 1, probability 0, space 0, times 0
[  138.540437][ T6411] CPU: 0 UID: 0 PID: 6411 Comm: syz.1.113 Not tainted syzkaller #0 PREEMPT(full) 
[  138.540477][ T6411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  138.540493][ T6411] Call Trace:
[  138.540503][ T6411]  <TASK>
[  138.540514][ T6411]  dump_stack_lvl+0x16c/0x1f0
[  138.540553][ T6411]  should_fail_ex+0x512/0x640
[  138.540597][ T6411]  ? fs_reclaim_acquire+0xae/0x150
[  138.540630][ T6411]  should_failslab+0xc2/0x120
[  138.540661][ T6411]  __kmalloc_noprof+0xdd/0x880
[  138.540697][ T6411]  ? kfree+0x252/0x6d0
[  138.540715][ T6411]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  138.540747][ T6411]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  138.540773][ T6411]  tomoyo_realpath_from_path+0xc2/0x6e0
[  138.540808][ T6411]  tomoyo_check_open_permission+0x2ab/0x3c0
[  138.540851][ T6411]  ? _raw_spin_unlock+0x28/0x50
[  138.540873][ T6411]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  138.540938][ T6411]  ? lock_acquire+0x179/0x350
[  138.540970][ T6411]  ? find_held_lock+0x2b/0x80
[  138.540994][ T6411]  ? mnt_get_write_access+0x52/0x2f0
[  138.541035][ T6411]  tomoyo_file_open+0x6b/0x90
[  138.541077][ T6411]  security_file_open+0x84/0x1e0
[  138.541111][ T6411]  do_dentry_open+0x596/0x1530
[  138.541147][ T6411]  vfs_open+0x82/0x3f0
[  138.541183][ T6411]  path_openat+0x1de4/0x2cb0
[  138.541218][ T6411]  ? __pfx_path_openat+0x10/0x10
[  138.541244][ T6411]  ? __lock_acquire+0xb8a/0x1c90
[  138.541279][ T6411]  do_filp_open+0x20b/0x470
[  138.541304][ T6411]  ? __pfx_do_filp_open+0x10/0x10
[  138.541350][ T6411]  ? alloc_fd+0x471/0x7d0
[  138.541391][ T6411]  do_sys_openat2+0x11b/0x1d0
[  138.541441][ T6411]  ? __pfx_do_sys_openat2+0x10/0x10
[  138.541486][ T6411]  __x64_sys_openat+0x174/0x210
[  138.541521][ T6411]  ? __pfx___x64_sys_openat+0x10/0x10
[  138.541567][ T6411]  do_syscall_64+0xcd/0xfa0
[  138.541599][ T6411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.541621][ T6411] RIP: 0033:0x7fb3bd18efc9
[  138.541639][ T6411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.541660][ T6411] RSP: 002b:00007fb3be009038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  138.541681][ T6411] RAX: ffffffffffffffda RBX: 00007fb3bd3e6090 RCX: 00007fb3bd18efc9
[  138.541696][ T6411] RDX: 0000000000000062 RSI: 0000200000000340 RDI: ffffffffffffff9c
[  138.541722][ T6411] RBP: 00007fb3bd211f91 R08: 0000000000000000 R09: 0000000000000000
[  138.541736][ T6411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  138.541767][ T6411] R13: 00007fb3bd3e6128 R14: 00007fb3bd3e6090 R15: 00007ffd78a79798
[  138.541798][ T6411]  </TASK>
[  138.541817][ T6411] ERROR: Out of memory at tomoyo_realpath_from_path.
[  138.835170][ T6411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.113'.
[  138.965242][ T6415] netlink: 12 bytes leftover after parsing attributes in process `syz.1.113'.
[  139.767531][ T6426] random: crng reseeded on system resumption
[  140.290515][ T6435] Invalid ELF header magic: != ELF
[  140.291542][   T52] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18
[  140.373932][ T6437] binder: 6436:6437 ioctl 541b 38 returned -22
[  142.273702][ T6473] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  142.300743][ T6473] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  142.314875][ T6473] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  142.337298][ T6473] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  142.354147][ T6473] netlink: 'syz.1.128': attribute type 11 has an invalid length.
[  142.390667][ T5834] Bluetooth: hci3: command tx timeout
[  143.223663][ T6500] openvswitch: netlink: nsh attr 36 is out of range max 3
[  143.261735][ T6499] openvswitch: netlink: nsh attr 36 is out of range max 3
[  143.275979][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  143.282468][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  143.343587][ T6507] netlink: 302 bytes leftover after parsing attributes in process `syz.1.136'.
[  143.740363][ T6513] netlink: 'syz.0.138': attribute type 11 has an invalid length.
[  143.790461][ T6513] netlink: 'syz.0.138': attribute type 11 has an invalid length.
[  143.835872][ T6513] netlink: 'syz.0.138': attribute type 11 has an invalid length.
[  143.880443][ T6513] netlink: 'syz.0.138': attribute type 11 has an invalid length.
[  143.911945][ T6513] netlink: 'syz.0.138': attribute type 11 has an invalid length.
[  145.130391][ T6524] random: crng reseeded on system resumption
[  147.495825][ T6561] syz.1.145 (6561): attempted to duplicate a private mapping with mremap.  This is not supported.
[  147.586935][ T6561] FAULT_INJECTION: forcing a failure.
[  147.586935][ T6561] name failslab, interval 1, probability 0, space 0, times 0
[  147.659155][ T6561] CPU: 0 UID: 0 PID: 6561 Comm: syz.1.145 Not tainted syzkaller #0 PREEMPT(full) 
[  147.659201][ T6561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  147.659221][ T6561] Call Trace:
[  147.659231][ T6561]  <TASK>
[  147.659243][ T6561]  dump_stack_lvl+0x16c/0x1f0
[  147.659286][ T6561]  should_fail_ex+0x512/0x640
[  147.659335][ T6561]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  147.659373][ T6561]  should_failslab+0xc2/0x120
[  147.659417][ T6561]  kmem_cache_alloc_noprof+0x75/0x6e0
[  147.659451][ T6561]  ? key_alloc+0x3e0/0x1330
[  147.659490][ T6561]  ? key_alloc+0x3e0/0x1330
[  147.659521][ T6561]  key_alloc+0x3e0/0x1330
[  147.659567][ T6561]  ? __pfx_key_alloc+0x10/0x10
[  147.659602][ T6561]  ? aa_get_newest_label+0xd2/0x250
[  147.659656][ T6561]  keyring_alloc+0x44/0xc0
[  147.659697][ T6561]  lookup_user_key+0xc51/0x1300
[  147.659775][ T6561]  ? __pfx_lookup_user_key+0x10/0x10
[  147.659848][ T6561]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  147.659947][ T6561]  keyctl_setperm_key+0x9d/0x3a0
[  147.659995][ T6561]  ? __pfx_keyctl_setperm_key+0x10/0x10
[  147.660043][ T6561]  ? xfd_validate_state+0x61/0x180
[  147.660095][ T6561]  __do_sys_keyctl+0x29a/0x590
[  147.660145][ T6561]  do_syscall_64+0xcd/0xfa0
[  147.660184][ T6561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.660219][ T6561] RIP: 0033:0x7fb3bd18efc9
[  147.660244][ T6561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.660275][ T6561] RSP: 002b:00007fb3bdfc7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  147.660303][ T6561] RAX: ffffffffffffffda RBX: 00007fb3bd3e6270 RCX: 00007fb3bd18efc9
[  147.660324][ T6561] RDX: 0000000000000005 RSI: ffffffffffffffff RDI: 0000000000000005
[  147.660343][ T6561] RBP: 00007fb3bd211f91 R08: 0000000000000008 R09: 0000000000000000
[  147.660362][ T6561] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  147.660380][ T6561] R13: 00007fb3bd3e6308 R14: 00007fb3bd3e6270 R15: 00007ffd78a79798
[  147.660422][ T6561]  </TASK>
[  148.024589][ T6559] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  148.040168][ T6559] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  148.114252][ T6559] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  148.144874][ T6559] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  148.161989][ T6559] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  148.178909][ T6559] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  148.199919][ T6559] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  148.244312][ T6559] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  148.266120][ T6559] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  148.296485][ T6559] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  148.317236][ T6559] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  148.355007][ T6559] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  148.381093][ T6559] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  149.071284][ T6587] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  149.217945][ T6590] =======================================================
[  149.217945][ T6590] WARNING: The mand mount option has been deprecated and
[  149.217945][ T6590]          and is ignored by this kernel. Remove the mand
[  149.217945][ T6590]          option from the mount to silence this warning.
[  149.217945][ T6590] =======================================================
[  149.277526][ T6580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.151'.
[  149.287831][ T6580] FAULT_INJECTION: forcing a failure.
[  149.287831][ T6580] name failslab, interval 1, probability 0, space 0, times 0
[  149.300783][ T6580] CPU: 0 UID: 0 PID: 6580 Comm: syz.3.151 Not tainted syzkaller #0 PREEMPT(full) 
[  149.300829][ T6580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  149.300849][ T6580] Call Trace:
[  149.300861][ T6580]  <TASK>
[  149.300873][ T6580]  dump_stack_lvl+0x16c/0x1f0
[  149.300917][ T6580]  should_fail_ex+0x512/0x640
[  149.300966][ T6580]  ? fs_reclaim_acquire+0xae/0x150
[  149.301021][ T6580]  should_failslab+0xc2/0x120
[  149.301065][ T6580]  kmem_cache_alloc_noprof+0x75/0x6e0
[  149.301098][ T6580]  ? __pfx_map_id_range_down+0x10/0x10
[  149.301150][ T6580]  ? security_inode_alloc+0x3b/0x2b0
[  149.301208][ T6580]  ? security_inode_alloc+0x3b/0x2b0
[  149.301256][ T6580]  security_inode_alloc+0x3b/0x2b0
[  149.301308][ T6580]  inode_init_always_gfp+0xce4/0x1030
[  149.301348][ T6580]  alloc_inode+0x86/0x240
[  149.301394][ T6580]  sock_alloc+0x40/0x280
[  149.301431][ T6580]  __sock_create+0xc1/0x8d0
[  149.301482][ T6580]  __sys_socket+0x14d/0x260
[  149.301526][ T6580]  ? __pfx___sys_socket+0x10/0x10
[  149.301568][ T6580]  ? xfd_validate_state+0x61/0x180
[  149.301613][ T6580]  ? __pfx_ksys_write+0x10/0x10
[  149.301657][ T6580]  __x64_sys_socket+0x72/0xb0
[  149.301699][ T6580]  ? lockdep_hardirqs_on+0x7c/0x110
[  149.301736][ T6580]  do_syscall_64+0xcd/0xfa0
[  149.301782][ T6580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.301815][ T6580] RIP: 0033:0x7f201b58efc9
[  149.301842][ T6580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.301874][ T6580] RSP: 002b:00007f20197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  149.301905][ T6580] RAX: ffffffffffffffda RBX: 00007f201b7e6090 RCX: 00007f201b58efc9
[  149.301926][ T6580] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  149.301946][ T6580] RBP: 00007f201b611f91 R08: 0000000000000000 R09: 0000000000000000
[  149.301965][ T6580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  149.301985][ T6580] R13: 00007f201b7e6128 R14: 00007f201b7e6090 R15: 00007fff2ad6f7c8
[  149.302035][ T6580]  </TASK>
[  149.302099][ T6580] socket: no more sockets
[  150.071248][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.150403][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  150.236021][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  150.307467][ T6601] Invalid ELF header magic: != ELF
[  150.310507][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  150.815738][ T6610] netlink: 294 bytes leftover after parsing attributes in process `syz.3.160'.
[  151.970440][ T6629] netlink: 'syz.0.163': attribute type 11 has an invalid length.
[  152.015796][ T6629] netlink: 'syz.0.163': attribute type 11 has an invalid length.
[  152.133735][ T6629] netlink: 'syz.0.163': attribute type 11 has an invalid length.
[  152.158860][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  152.172918][ T6629] netlink: 'syz.0.163': attribute type 11 has an invalid length.
[  152.181240][ T6629] netlink: 'syz.0.163': attribute type 11 has an invalid length.
[  152.231128][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  152.310344][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  152.390329][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.019601][ T6663] netlink: 5184 bytes leftover after parsing attributes in process `syz.1.173'.
[  154.230348][ T5834] Bluetooth: hci0: command 0x0c1a tx timeout
[  154.310485][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout
[  154.311039][ T6671] random: crng reseeded on system resumption
[  154.390444][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  154.470436][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  154.885165][ T5913] Process accounting resumed
[  156.577915][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  157.179404][ T6702] random: crng reseeded on system resumption

syzkaller
syzkaller login: [  161.414944][ T6750] netlink: 'syz.3.194': attribute type 11 has an invalid length.
[  161.463313][ T6750] netlink: 'syz.3.194': attribute type 11 has an invalid length.
[  161.545600][ T6750] netlink: 'syz.3.194': attribute type 11 has an invalid length.
[  161.720848][ T6750] netlink: 'syz.3.194': attribute type 11 has an invalid length.
[  161.729382][ T6750] netlink: 'syz.3.194': attribute type 11 has an invalid length.
[  162.846041][ T6754] FAULT_INJECTION: forcing a failure.
[  162.846041][ T6754] name fail_futex, interval 1, probability 0, space 0, times 0
[  163.579672][ T6754] CPU: 0 UID: 0 PID: 6754 Comm: syz.2.195 Not tainted syzkaller #0 PREEMPT(full) 
[  163.579715][ T6754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  163.579732][ T6754] Call Trace:
[  163.579741][ T6754]  <TASK>
[  163.579752][ T6754]  dump_stack_lvl+0x16c/0x1f0
[  163.579790][ T6754]  should_fail_ex+0x512/0x640
[  163.579841][ T6754]  get_futex_key+0xff0/0x1560
[  163.579882][ T6754]  ? find_held_lock+0x2b/0x80
[  163.579913][ T6754]  ? __pfx_get_futex_key+0x10/0x10
[  163.579950][ T6754]  ? __mutex_trylock_common+0xe9/0x250
[  163.579995][ T6754]  ? __pfx___mutex_trylock_common+0x10/0x10
[  163.580045][ T6754]  futex_wake+0xea/0x530
[  163.580096][ T6754]  ? __pfx_futex_wake+0x10/0x10
[  163.580141][ T6754]  ? __lock_acquire+0xb8a/0x1c90
[  163.580202][ T6754]  do_futex+0x1e3/0x350
[  163.580244][ T6754]  ? __pfx_do_futex+0x10/0x10
[  163.580281][ T6754]  ? __might_fault+0xe3/0x190
[  163.580326][ T6754]  mm_release+0x24e/0x300
[  163.580360][ T6754]  do_exit+0x68e/0x2bf0
[  163.580412][ T6754]  ? __pfx_do_exit+0x10/0x10
[  163.580454][ T6754]  ? preempt_schedule_thunk+0x16/0x30
[  163.580511][ T6754]  do_group_exit+0xd3/0x2a0
[  163.580558][ T6754]  __x64_sys_exit_group+0x3e/0x50
[  163.580603][ T6754]  x64_sys_call+0x150b/0x1730
[  163.580643][ T6754]  do_syscall_64+0xcd/0xfa0
[  163.580689][ T6754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.580718][ T6754] RIP: 0033:0x7f08a658efc9
[  163.580741][ T6754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.580772][ T6754] RSP: 002b:00007ffcc37c80a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  163.580800][ T6754] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f08a658efc9
[  163.580820][ T6754] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[  163.580837][ T6754] RBP: 00007ffcc37c810c R08: 0000001dc37c819f R09: 00000000000927c0
[  163.580856][ T6754] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000020
[  163.580874][ T6754] R13: 00000000000927c0 R14: 0000000000027792 R15: 00007ffcc37c8160
[  163.580915][ T6754]  </TASK>
[  167.357789][ T6800] netlink: 'syz.0.205': attribute type 11 has an invalid length.
[  167.392084][ T6800] netlink: 'syz.0.205': attribute type 11 has an invalid length.
[  167.430456][ T6800] netlink: 'syz.0.205': attribute type 11 has an invalid length.
[  167.494150][ T6800] netlink: 'syz.0.205': attribute type 11 has an invalid length.
[  167.549921][ T6800] netlink: 'syz.0.205': attribute type 11 has an invalid length.
[  168.826705][ T6833] random: crng reseeded on system resumption
[  171.300563][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.219'.
[  171.557307][ T6862] netlink: 'syz.2.220': attribute type 11 has an invalid length.
[  171.573308][ T6862] netlink: 'syz.2.220': attribute type 11 has an invalid length.
[  171.640443][ T6862] netlink: 'syz.2.220': attribute type 11 has an invalid length.
[  171.684814][ T6862] netlink: 'syz.2.220': attribute type 11 has an invalid length.
[  171.692877][ T6862] netlink: 'syz.2.220': attribute type 11 has an invalid length.
[  171.971182][ T6865] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  172.778223][ T6892] random: crng reseeded on system resumption
[  173.036400][ T6898] netlink: 40 bytes leftover after parsing attributes in process `syz.3.228'.
[  173.873060][ T6905] random: crng reseeded on system resumption
[  175.660329][ T6939] random: crng reseeded on system resumption
[  176.915990][ T6953] random: crng reseeded on system resumption
[  179.484087][ T6973] random: crng reseeded on system resumption
[  180.351817][ T6976] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  180.678005][ T6986] netlink: zone id is out of range
[  181.000470][ T6986] netlink: zone id is out of range
[  181.015464][ T6986] netlink: zone id is out of range
[  181.086241][ T6986] netlink: zone id is out of range
[  181.552591][ T6986] netlink: zone id is out of range
[  181.620483][ T6986] netlink: zone id is out of range
[  181.756599][ T6986] netlink: zone id is out of range
[  181.770270][ T6986] netlink: zone id is out of range
[  181.780614][ T6986] netlink: zone id is out of range
[  181.785832][ T6986] netlink: zone id is out of range
[  181.835321][ T6993] random: crng reseeded on system resumption
[  183.133797][   T30] audit: type=1800 audit(1762168807.717:5): pid=7006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.252" name="dbroot" dev="configfs" ino=14482 res=0 errno=0
[  183.987159][ T7018] netlink: 56 bytes leftover after parsing attributes in process `syz.0.257'.
[  184.010448][ T7018] nbd: must specify at least one socket
[  184.741655][ T7027] netlink: 'syz.3.259': attribute type 11 has an invalid length.
[  184.749627][ T7027] netlink: 'syz.3.259': attribute type 11 has an invalid length.
[  186.625177][ T7044] random: crng reseeded on system resumption
[  190.686776][   T30] audit: type=1800 audit(1762168815.237:6): pid=7070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=14645 res=0 errno=0
[  191.078071][ T7080] futex_wake_op: syz.0.265 tries to shift op by -2048; fix this program
[  191.459125][ T7086] syz.0.265(7086): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  192.203754][ T7104] netlink: 'syz.0.270': attribute type 11 has an invalid length.
[  192.271638][ T7104] netlink: 'syz.0.270': attribute type 11 has an invalid length.
[  193.666513][ T7123] netlink: 'syz.2.273': attribute type 7 has an invalid length.
[  193.695223][ T7123] netlink: 9 bytes leftover after parsing attributes in process `syz.2.273'.
[  193.751040][ T7123] zswap: compressor O�ֹ���?J�J<bcW\]�oNNU07K�*��q�=כ��b�����L�� not available
[  193.801808][ T7127] netlink: 8 bytes leftover after parsing attributes in process `syz.0.272'.
[  194.935774][ T7144] can: request_module (can-proto-5) failed.
[  195.395770][ T7151] netlink: 8 bytes leftover after parsing attributes in process `syz.1.277'.
[  196.357133][ T7171] random: crng reseeded on system resumption
[  196.811481][ T5834] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  197.919972][ T7188] netlink: 'syz.1.282': attribute type 11 has an invalid length.
[  197.965355][ T7188] netlink: 'syz.1.282': attribute type 11 has an invalid length.
[  197.990675][ T7188] netlink: 'syz.1.282': attribute type 11 has an invalid length.
[  198.027860][ T7188] netlink: 'syz.1.282': attribute type 11 has an invalid length.
[  198.057672][ T7190] random: crng reseeded on system resumption
[  199.189018][ T7218] random: crng reseeded on system resumption
[  199.694319][ T7226] netlink: 'syz.0.288': attribute type 11 has an invalid length.
[  199.757851][ T7226] netlink: 'syz.0.288': attribute type 11 has an invalid length.
[  199.800667][ T7226] netlink: 'syz.0.288': attribute type 11 has an invalid length.
[  199.870375][ T7226] netlink: 'syz.0.288': attribute type 11 has an invalid length.
[  201.022092][ T7250] ptrace attach of "./syz-executor exec"[7253] was attempted by "./syz-executor exec"[7250]
[  201.576536][ T7262] FAULT_INJECTION: forcing a failure.
[  201.576536][ T7262] name failslab, interval 1, probability 0, space 0, times 0
[  201.590669][ T7262] CPU: 1 UID: 0 PID: 7262 Comm: syz.2.292 Not tainted syzkaller #0 PREEMPT(full) 
[  201.590711][ T7262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  201.590729][ T7262] Call Trace:
[  201.590739][ T7262]  <TASK>
[  201.590751][ T7262]  dump_stack_lvl+0x16c/0x1f0
[  201.590793][ T7262]  should_fail_ex+0x512/0x640
[  201.590850][ T7262]  ? __kmalloc_cache_node_noprof+0x62/0x7a0
[  201.590908][ T7262]  should_failslab+0xc2/0x120
[  201.590949][ T7262]  __kmalloc_cache_node_noprof+0x75/0x7a0
[  201.590987][ T7262]  ? init_rescuer+0x1a4/0x640
[  201.591028][ T7262]  ? __alloc_workqueue+0xcda/0x1810
[  201.591075][ T7262]  ? init_rescuer+0x1a4/0x640
[  201.591120][ T7262]  init_rescuer+0x1a4/0x640
[  201.591165][ T7262]  ? __pfx_init_rescuer+0x10/0x10
[  201.591222][ T7262]  ? wq_adjust_max_active+0x39d/0x4a0
[  201.591275][ T7262]  __alloc_workqueue+0xda1/0x1810
[  201.591324][ T7262]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  201.591361][ T7262]  alloc_workqueue_noprof+0xd2/0x200
[  201.591402][ T7262]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[  201.591457][ T7262]  ? __pfx___debug_object_init+0x10/0x10
[  201.591504][ T7262]  nci_register_device+0x394/0xb80
[  201.591558][ T7262]  ? __pfx_nci_register_device+0x10/0x10
[  201.591612][ T7262]  ? lockdep_init_map_type+0x5c/0x280
[  201.591665][ T7262]  virtual_ncidev_open+0x141/0x220
[  201.591699][ T7262]  ? __pfx_virtual_ncidev_open+0x10/0x10
[  201.591733][ T7262]  misc_open+0x26d/0x450
[  201.591782][ T7262]  ? __pfx_misc_open+0x10/0x10
[  201.591829][ T7262]  chrdev_open+0x234/0x6a0
[  201.591892][ T7262]  ? __pfx_apparmor_file_open+0x10/0x10
[  201.591942][ T7262]  ? __pfx_chrdev_open+0x10/0x10
[  201.591984][ T7262]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  201.592028][ T7262]  do_dentry_open+0x982/0x1530
[  201.592067][ T7262]  ? __pfx_chrdev_open+0x10/0x10
[  201.592115][ T7262]  vfs_open+0x82/0x3f0
[  201.592169][ T7262]  path_openat+0x1de4/0x2cb0
[  201.592215][ T7262]  ? look_up_lock_class+0x6b/0x150
[  201.592253][ T7262]  ? __pfx_path_openat+0x10/0x10
[  201.592302][ T7262]  do_filp_open+0x20b/0x470
[  201.592338][ T7262]  ? __pfx_do_filp_open+0x10/0x10
[  201.592406][ T7262]  ? alloc_fd+0x471/0x7d0
[  201.592450][ T7262]  do_sys_openat2+0x11b/0x1d0
[  201.592497][ T7262]  ? __pfx_do_sys_openat2+0x10/0x10
[  201.592547][ T7262]  ? ksys_unshare+0x687/0xa40
[  201.592601][ T7262]  __x64_sys_openat+0x174/0x210
[  201.592650][ T7262]  ? __pfx___x64_sys_openat+0x10/0x10
[  201.592716][ T7262]  do_syscall_64+0xcd/0xfa0
[  201.592755][ T7262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.592787][ T7262] RIP: 0033:0x7f08a658efc9
[  201.592813][ T7262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.592851][ T7262] RSP: 002b:00007f08a749e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  201.592891][ T7262] RAX: ffffffffffffffda RBX: 00007f08a67e5fa0 RCX: 00007f08a658efc9
[  201.592913][ T7262] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  201.592933][ T7262] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  201.592954][ T7262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  201.592974][ T7262] R13: 00007f08a67e6038 R14: 00007f08a67e5fa0 R15: 00007ffcc37c7d48
[  201.593020][ T7262]  </TASK>
[  201.593033][ T7262] workqueue: Failed to allocate a rescuer for wq "nfc3_nci_rx_wq"
[  202.691175][ T7283] random: crng reseeded on system resumption
[  204.714452][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  204.720924][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  204.977582][ T7318] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  205.009353][ T7320] random: crng reseeded on system resumption
[  205.406332][ T7329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.297'.
[  205.837525][ T7323] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  206.796837][ T7351] netlink: 'syz.0.301': attribute type 1 has an invalid length.
[  207.150051][ T7369] random: crng reseeded on system resumption
[  208.763933][ T7395] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  208.770537][ T7395] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  208.778055][ T7395] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  208.784938][ T7395] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  210.518951][ T7409] random: crng reseeded on system resumption
[  210.700681][ T7430] netlink: 25 bytes leftover after parsing attributes in process `syz.2.315'.
[  210.800396][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  210.806487][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout
[  210.812631][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  210.818667][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  211.077583][ T7435] __vm_enough_memory: pid: 7435, comm: syz.2.317, bytes: 4398046511104 not enough memory for the allocation
[  211.747043][ T7450] ICMPv6: process `syz.2.319' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead
[  212.063563][ T7456] netlink: 20 bytes leftover after parsing attributes in process `syz.2.321'.
[  212.139243][ T7459] random: crng reseeded on system resumption
[  212.390298][ T1208] smpboot: CPU 1 is now offline
[  212.571548][ T7469] netlink: 'syz.2.324': attribute type 11 has an invalid length.
[  212.634352][ T7469] netlink: 'syz.2.324': attribute type 11 has an invalid length.
[  212.677433][ T7469] netlink: 'syz.2.324': attribute type 11 has an invalid length.
[  212.719312][ T7469] netlink: 'syz.2.324': attribute type 11 has an invalid length.
[  212.787369][ T7469] netlink: 'syz.2.324': attribute type 11 has an invalid length.
[  214.019658][ T7490] syz.1.329 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  214.569426][ T7497] FAULT_INJECTION: forcing a failure.
[  214.569426][ T7497] name failslab, interval 1, probability 0, space 0, times 0
[  214.623872][ T7497] CPU: 0 UID: 0 PID: 7497 Comm: syz.0.330 Not tainted syzkaller #0 PREEMPT(full) 
[  214.623905][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  214.623920][ T7497] Call Trace:
[  214.623927][ T7497]  <TASK>
[  214.623936][ T7497]  dump_stack_lvl+0x16c/0x1f0
[  214.623967][ T7497]  should_fail_ex+0x512/0x640
[  214.624003][ T7497]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  214.624030][ T7497]  should_failslab+0xc2/0x120
[  214.624062][ T7497]  kmem_cache_alloc_noprof+0x75/0x6e0
[  214.624085][ T7497]  ? vm_area_dup+0x27/0x8d0
[  214.624128][ T7497]  ? vm_area_dup+0x27/0x8d0
[  214.624163][ T7497]  vm_area_dup+0x27/0x8d0
[  214.624202][ T7497]  __split_vma+0x18e/0x1070
[  214.624244][ T7497]  ? __pfx___split_vma+0x10/0x10
[  214.624291][ T7497]  ? lock_acquire+0x179/0x350
[  214.624328][ T7497]  vms_gather_munmap_vmas+0x1cb/0x1340
[  214.624367][ T7497]  ? move_page_tables+0x140d/0x4230
[  214.624393][ T7497]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  214.624431][ T7497]  ? move_page_tables+0xf9e/0x4230
[  214.624469][ T7497]  do_vmi_align_munmap+0x286/0x7e0
[  214.624496][ T7497]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  214.624561][ T7497]  do_vmi_munmap+0x204/0x3e0
[  214.624599][ T7497]  move_vma+0xb5f/0x1770
[  214.624626][ T7497]  ? __pfx_move_vma+0x10/0x10
[  214.624664][ T7497]  ? vrm_set_new_addr+0x208/0x290
[  214.624695][ T7497]  mremap_to+0x1b7/0x450
[  214.624718][ T7497]  do_mremap+0x13a8/0x2020
[  214.624742][ T7497]  ? futex_private_hash_put+0x130/0x300
[  214.624779][ T7497]  ? __pfx_do_mremap+0x10/0x10
[  214.624807][ T7497]  ? do_writev+0x218/0x340
[  214.624837][ T7497]  __do_sys_mremap+0x119/0x170
[  214.624860][ T7497]  ? __pfx___do_sys_mremap+0x10/0x10
[  214.624890][ T7497]  ? __x64_sys_futex+0x1e0/0x4c0
[  214.624938][ T7497]  do_syscall_64+0xcd/0xfa0
[  214.624966][ T7497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.624989][ T7497] RIP: 0033:0x7fa74c38efc9
[  214.625007][ T7497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.625029][ T7497] RSP: 002b:00007fa74d26f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  214.625051][ T7497] RAX: ffffffffffffffda RBX: 00007fa74c5e5fa0 RCX: 00007fa74c38efc9
[  214.625066][ T7497] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000004000
[  214.625080][ T7497] RBP: 00007fa74c411f91 R08: 0000000100000000 R09: 0000000000000000
[  214.625094][ T7497] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  214.625107][ T7497] R13: 00007fa74c5e6038 R14: 00007fa74c5e5fa0 R15: 00007ffd3b0f1a28
[  214.625138][ T7497]  </TASK>
[  214.955273][ T7506] FAULT_INJECTION: forcing a failure.
[  214.955273][ T7506] name failslab, interval 1, probability 0, space 0, times 0
[  214.968321][ T7506] CPU: 0 UID: 0 PID: 7506 Comm: syz.2.332 Not tainted syzkaller #0 PREEMPT(full) 
[  214.968353][ T7506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  214.968367][ T7506] Call Trace:
[  214.968374][ T7506]  <TASK>
[  214.968382][ T7506]  dump_stack_lvl+0x16c/0x1f0
[  214.968413][ T7506]  should_fail_ex+0x512/0x640
[  214.968451][ T7506]  ? __kmalloc_noprof+0xca/0x880
[  214.968493][ T7506]  should_failslab+0xc2/0x120
[  214.968530][ T7506]  __kmalloc_noprof+0xdd/0x880
[  214.968568][ T7506]  ? splice_from_pipe_next+0x1f7/0x5d0
[  214.968592][ T7506]  ? copy_splice_read+0x1a8/0xc20
[  214.968618][ T7506]  ? copy_splice_read+0x1a8/0xc20
[  214.968638][ T7506]  copy_splice_read+0x1a8/0xc20
[  214.968666][ T7506]  ? __pfx_pipe_to_null+0x10/0x10
[  214.968699][ T7506]  ? __pfx_copy_splice_read+0x10/0x10
[  214.968737][ T7506]  ? pipe_unlock+0x4a/0x70
[  214.968764][ T7506]  ? __pfx_splice_from_pipe+0x10/0x10
[  214.968794][ T7506]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  214.968820][ T7506]  ? __pfx_copy_splice_read+0x10/0x10
[  214.968857][ T7506]  do_splice_read+0x285/0x370
[  214.968881][ T7506]  splice_direct_to_actor+0x2a1/0xa30
[  214.968905][ T7506]  ? __pfx_direct_splice_actor+0x10/0x10
[  214.968933][ T7506]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  214.968964][ T7506]  do_splice_direct+0x174/0x240
[  214.968986][ T7506]  ? __pfx_do_splice_direct+0x10/0x10
[  214.969009][ T7506]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  214.969048][ T7506]  ? bpf_lsm_file_permission+0x9/0x10
[  214.969076][ T7506]  ? security_file_permission+0x71/0x210
[  214.969101][ T7506]  ? rw_verify_area+0xcf/0x6c0
[  214.969125][ T7506]  do_sendfile+0xb06/0xe50
[  214.969153][ T7506]  ? __pfx_do_sendfile+0x10/0x10
[  214.969180][ T7506]  ? __x64_sys_futex+0x1e0/0x4c0
[  214.969211][ T7506]  ? __x64_sys_futex+0x1e9/0x4c0
[  214.969245][ T7506]  __x64_sys_sendfile64+0x1d8/0x220
[  214.969276][ T7506]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  214.969315][ T7506]  do_syscall_64+0xcd/0xfa0
[  214.969343][ T7506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.969366][ T7506] RIP: 0033:0x7f08a658efc9
[  214.969384][ T7506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.969406][ T7506] RSP: 002b:00007f08a747d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  214.969428][ T7506] RAX: ffffffffffffffda RBX: 00007f08a67e6090 RCX: 00007f08a658efc9
[  214.969444][ T7506] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001
[  214.969458][ T7506] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  214.969472][ T7506] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000
[  214.969487][ T7506] R13: 00007f08a67e6128 R14: 00007f08a67e6090 R15: 00007ffcc37c7d48
[  214.969518][ T7506]  </TASK>
[  215.990834][ T7514] random: crng reseeded on system resumption
[  216.562874][ T7522] random: crng reseeded on system resumption
[  216.850527][ T7509] block nbd9: NBD_DISCONNECT
[  216.936090][ T5148] Bluetooth: hci1: unexpected event 0x0f length: 440 > 4
[  216.936788][ T5148] Bluetooth: hci1: unexpected event for opcode 0x0010

getty: ttyS0: read error: Resource temporarily unavailable
[  218.542496][ T7545] netlink: 'syz.1.340': attribute type 21 has an invalid length.
[  218.589655][ T7545] netlink: 334 bytes leftover after parsing attributes in process `syz.1.340'.
[  220.333521][ T7592] random: crng reseeded on system resumption
[  220.951799][ T5148] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  220.961105][ T5148] Bluetooth: hci1: Injecting HCI hardware error event
[  220.969366][ T5834] Bluetooth: hci1: hardware error 0x00
[  222.718612][ T7630] netlink: 346 bytes leftover after parsing attributes in process `syz.0.356'.
[  222.760242][   T30] audit: type=1800 audit(1762168847.337:7): pid=7633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.358" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  222.792325][ T7628] FAULT_INJECTION: forcing a failure.
[  222.792325][ T7628] name failslab, interval 1, probability 0, space 0, times 0
[  222.865949][ T7628] CPU: 0 UID: 0 PID: 7628 Comm: syz.0.356 Not tainted syzkaller #0 PREEMPT(full) 
[  222.865979][ T7628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  222.865993][ T7628] Call Trace:
[  222.866000][ T7628]  <TASK>
[  222.866008][ T7628]  dump_stack_lvl+0x16c/0x1f0
[  222.866037][ T7628]  should_fail_ex+0x512/0x640
[  222.866073][ T7628]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  222.866100][ T7628]  should_failslab+0xc2/0x120
[  222.866131][ T7628]  kmem_cache_alloc_noprof+0x75/0x6e0
[  222.866154][ T7628]  ? __proc_create+0x2ce/0x8e0
[  222.866193][ T7628]  ? __proc_create+0x2ce/0x8e0
[  222.866224][ T7628]  __proc_create+0x2ce/0x8e0
[  222.866258][ T7628]  ? __pfx___proc_create+0x10/0x10
[  222.866300][ T7628]  ? _raw_write_unlock+0x28/0x50
[  222.866324][ T7628]  ? proc_register+0x559/0x8b0
[  222.866362][ T7628]  proc_create_reg+0x7d/0x180
[  222.866401][ T7628]  proc_create_net_data+0x8e/0x1c0
[  222.866438][ T7628]  ? __pfx_proc_create_net_data+0x10/0x10
[  222.866481][ T7628]  ? __pfx_kcm_proc_init_net+0x10/0x10
[  222.866505][ T7628]  kcm_proc_init_net+0xa3/0x120
[  222.866529][ T7628]  ops_init+0x1e2/0x5f0
[  222.866556][ T7628]  setup_net+0x100/0x390
[  222.866580][ T7628]  ? __pfx_setup_net+0x10/0x10
[  222.866605][ T7628]  ? debug_mutex_init+0x37/0x70
[  222.866633][ T7628]  copy_net_ns+0x2f8/0x690
[  222.866663][ T7628]  create_new_namespaces+0x3ea/0xa90
[  222.866696][ T7628]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  222.866726][ T7628]  ksys_unshare+0x45b/0xa40
[  222.866757][ T7628]  ? __pfx_ksys_unshare+0x10/0x10
[  222.866790][ T7628]  ? xfd_validate_state+0x61/0x180
[  222.866840][ T7628]  __x64_sys_unshare+0x31/0x40
[  222.866871][ T7628]  do_syscall_64+0xcd/0xfa0
[  222.866900][ T7628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.866924][ T7628] RIP: 0033:0x7fa74c38efc9
[  222.866941][ T7628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.866963][ T7628] RSP: 002b:00007fa74d26f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  222.866985][ T7628] RAX: ffffffffffffffda RBX: 00007fa74c5e5fa0 RCX: 00007fa74c38efc9
[  222.867000][ T7628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  222.867014][ T7628] RBP: 00007fa74c411f91 R08: 0000000000000000 R09: 0000000000000000
[  222.867028][ T7628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  222.867049][ T7628] R13: 00007fa74c5e6038 R14: 00007fa74c5e5fa0 R15: 00007ffd3b0f1a28
[  222.867080][ T7628]  </TASK>
[  223.113620][    C0] vkms_vblank_simulate: vblank timer overrun
[  223.473987][ T5834] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  224.360394][ T7643] ptrace attach of "./syz-executor exec"[5840] was attempted by ""[7643]
[  224.641394][ T7654] netlink: 350 bytes leftover after parsing attributes in process `syz.1.361'.
[  225.282109][ T7663] random: crng reseeded on system resumption
[  225.402490][ T7665] MTRR 1 not used
[  225.496392][ T7667] MTRR 1 not used
[  226.005162][ T7651] x86/mm: Checked W+X mappings: passed, no W+X pages found.

syzkaller
syzkaller login: [  230.462634][ T7754] random: crng reseeded on system resumption
[  233.377710][ T7805] random: crng reseeded on system resumption
[  234.472636][ T7815] block loop15: the capability attribute has been deprecated.
[  234.600824][ T7817] net_ratelimit: 5 callbacks suppressed
[  234.600903][ T7817] netlink: zone id is out of range
[  234.720684][ T7821] netlink: 4 bytes leftover after parsing attributes in process `syz.2.396'.
[  235.137047][ T7825] cifs: Unknown parameter '���'
[  235.931179][ T7842] binder: BINDER_SET_CONTEXT_MGR already set
[  235.976075][ T7842] binder: 7835:7842 ioctl 4018620d 9 returned -16
[  239.291230][ T7898] __vm_enough_memory: pid: 7898, comm: syz.0.413, bytes: 4398046511104 not enough memory for the allocation
[  239.508843][ T7893] zswap: compressor  not available
[  239.881947][ T7918] sd 0:0:1:0: PR command failed: 1026
[  239.994779][ T7918] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  240.219701][ T7918] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  240.319968][ T7932] futex_wake_op: syz.0.417 tries to shift op by -2048; fix this program
[  240.361241][ T7932] futex_wake_op: syz.0.417 tries to shift op by -2048; fix this program
[  242.517946][ T7982] netlink: 4 bytes leftover after parsing attributes in process `syz.0.427'.
[  242.564250][ T7982] netlink: 354 bytes leftover after parsing attributes in process `syz.0.427'.
[  242.592616][ T7984] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  242.616506][ T7984] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  242.644513][ T7984] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  242.669958][ T7984] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  242.708293][ T7984] netlink: 'syz.2.428': attribute type 11 has an invalid length.
[  243.157880][ T7994] netlink: 28 bytes leftover after parsing attributes in process `syz.3.433'.
[  243.242100][ T7994] veth1_macvtap: left promiscuous mode
[  243.441699][ T8004] random: crng reseeded on system resumption
[  243.552021][ T8004] FAULT_INJECTION: forcing a failure.
[  243.552021][ T8004] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  243.623000][ T8004] CPU: 0 UID: 0 PID: 8004 Comm: syz.3.433 Not tainted syzkaller #0 PREEMPT(full) 
[  243.623033][ T8004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  243.623052][ T8004] Call Trace:
[  243.623060][ T8004]  <TASK>
[  243.623069][ T8004]  dump_stack_lvl+0x16c/0x1f0
[  243.623101][ T8004]  should_fail_ex+0x512/0x640
[  243.623143][ T8004]  should_fail_alloc_page+0xe7/0x130
[  243.623179][ T8004]  prepare_alloc_pages+0x3c2/0x610
[  243.623211][ T8004]  ? rcu_is_watching+0x12/0xc0
[  243.623240][ T8004]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  243.623266][ T8004]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  243.623298][ T8004]  ? __pfx___schedule+0x10/0x10
[  243.623321][ T8004]  ? __lock_acquire+0x622/0x1c90
[  243.623358][ T8004]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  243.623393][ T8004]  ? lockdep_hardirqs_on+0x7c/0x110
[  243.623427][ T8004]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  243.623470][ T8004]  ? policy_nodemask+0xea/0x4e0
[  243.623505][ T8004]  alloc_pages_mpol+0x1fb/0x550
[  243.623538][ T8004]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  243.623569][ T8004]  ? trace_kmalloc+0x2b/0xd0
[  243.623600][ T8004]  ? trace_kmalloc+0x2b/0xd0
[  243.623629][ T8004]  ? __kmalloc_noprof.cold+0x5d/0x62
[  243.623664][ T8004]  ? relay_open_buf.part.0+0x194/0xc40
[  243.623702][ T8004]  alloc_pages_noprof+0x131/0x390
[  243.623736][ T8004]  relay_open_buf.part.0+0x262/0xc40
[  243.623782][ T8004]  relay_open+0x653/0xad0
[  243.623822][ T8004]  ? debugfs_create_file_full+0x41/0x60
[  243.623849][ T8004]  do_blk_trace_setup+0x4c5/0xb00
[  243.623884][ T8004]  blk_trace_setup+0xed/0x1b0
[  243.623916][ T8004]  ? __pfx_blk_trace_setup+0x10/0x10
[  243.623946][ T8004]  ? __pfx_snprintf+0x10/0x10
[  243.623984][ T8004]  ? do_vfs_ioctl+0x128/0x14f0
[  243.624024][ T8004]  blk_trace_ioctl+0x146/0x280
[  243.624056][ T8004]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  243.624093][ T8004]  ? find_held_lock+0x2b/0x80
[  243.624117][ T8004]  ? hook_file_ioctl_common+0x145/0x410
[  243.624146][ T8004]  blkdev_ioctl+0x108/0x6d0
[  243.624171][ T8004]  ? __pfx_blkdev_ioctl+0x10/0x10
[  243.624201][ T8004]  ? __pfx_blkdev_ioctl+0x10/0x10
[  243.624227][ T8004]  __x64_sys_ioctl+0x18e/0x210
[  243.624265][ T8004]  do_syscall_64+0xcd/0xfa0
[  243.624294][ T8004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  243.624318][ T8004] RIP: 0033:0x7f201b58efc9
[  243.624337][ T8004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  243.624360][ T8004] RSP: 002b:00007f20197d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  243.624382][ T8004] RAX: ffffffffffffffda RBX: 00007f201b7e6180 RCX: 00007f201b58efc9
[  243.624398][ T8004] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 000000000000000a
[  243.624413][ T8004] RBP: 00007f201b611f91 R08: 0000000000000000 R09: 0000000000000000
[  243.624427][ T8004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  243.624441][ T8004] R13: 00007f201b7e6218 R14: 00007f201b7e6180 R15: 00007fff2ad6f7c8
[  243.624473][ T8004]  </TASK>
[  244.123678][ T8012] binder: 8011:8012 ioctl 5380 2000000000c0 returned -22
[  244.158901][ T8012] sd 0:0:1:0: PR command failed: 1026
[  244.168383][ T8012] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  244.180003][ T8012] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  245.508793][ T8050] Invalid ELF header magic: != ELF
[  246.187196][ T8077] netlink: 13 bytes leftover after parsing attributes in process `syz.3.450'.
[  247.484839][ T8130] blktrace: Concurrent blktraces are not allowed on sg0
[  248.156140][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.1.462'.
[  249.028341][ T5834] Bluetooth: hci3: unknown advertising packet type: 0xea
[  249.203685][ T8175] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  249.538725][ T8179] netlink: 'syz.3.468': attribute type 11 has an invalid length.
[  249.577037][ T8179] netlink: 'syz.3.468': attribute type 11 has an invalid length.
[  249.622296][ T8179] netlink: 'syz.3.468': attribute type 11 has an invalid length.
[  249.662770][ T8179] netlink: 'syz.3.468': attribute type 11 has an invalid length.
[  249.706014][ T8179] netlink: 'syz.3.468': attribute type 11 has an invalid length.
[  250.886439][ T8213] futex_wake_op: syz.2.472 tries to shift op by -2048; fix this program
[  251.034389][ T8213] futex_wake_op: syz.2.472 tries to shift op by -2048; fix this program
[  251.165919][ T8213] FAULT_INJECTION: forcing a failure.
[  251.165919][ T8213] name failslab, interval 1, probability 0, space 0, times 0
[  251.300654][ T8213] CPU: 0 UID: 0 PID: 8213 Comm: syz.2.472 Not tainted syzkaller #0 PREEMPT(full) 
[  251.300688][ T8213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  251.300702][ T8213] Call Trace:
[  251.300710][ T8213]  <TASK>
[  251.300719][ T8213]  dump_stack_lvl+0x16c/0x1f0
[  251.300749][ T8213]  should_fail_ex+0x512/0x640
[  251.300786][ T8213]  ? __kmalloc_cache_noprof+0x5f/0x780
[  251.300829][ T8213]  should_failslab+0xc2/0x120
[  251.300862][ T8213]  __kmalloc_cache_noprof+0x72/0x780
[  251.300903][ T8213]  ? snd_timer_instance_new+0x47/0x2e0
[  251.300939][ T8213]  ? snd_timer_instance_new+0x47/0x2e0
[  251.300968][ T8213]  snd_timer_instance_new+0x47/0x2e0
[  251.301000][ T8213]  snd_seq_timer_open+0x1cc/0x600
[  251.301025][ T8213]  ? __pfx_snd_seq_timer_open+0x10/0x10
[  251.301052][ T8213]  ? find_held_lock+0x2b/0x80
[  251.301081][ T8213]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  251.301106][ T8213]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.301133][ T8213]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  251.301161][ T8213]  queue_use+0xe3/0x250
[  251.301205][ T8213]  snd_seq_queue_alloc+0x2e5/0x5a0
[  251.301246][ T8213]  snd_seq_ioctl_create_queue+0xa9/0x390
[  251.301278][ T8213]  call_seq_client_ctl+0x9f/0x110
[  251.301306][ T8213]  snd_seq_kernel_client_ctl+0x77/0xd0
[  251.301334][ T8213]  alloc_seq_queue+0xda/0x180
[  251.301364][ T8213]  ? __pfx_alloc_seq_queue+0x10/0x10
[  251.301409][ T8213]  ? mark_held_locks+0x49/0x80
[  251.301441][ T8213]  ? _raw_spin_unlock_irq+0x23/0x50
[  251.301463][ T8213]  ? lockdep_hardirqs_on+0x7c/0x110
[  251.301493][ T8213]  snd_seq_oss_open+0x38c/0xa20
[  251.301529][ T8213]  odev_open+0x79/0xc0
[  251.301555][ T8213]  ? __pfx_odev_open+0x10/0x10
[  251.301582][ T8213]  soundcore_open+0x40c/0x580
[  251.301612][ T8213]  ? __pfx_soundcore_open+0x10/0x10
[  251.301640][ T8213]  chrdev_open+0x234/0x6a0
[  251.301669][ T8213]  ? __pfx_apparmor_file_open+0x10/0x10
[  251.301709][ T8213]  ? __pfx_chrdev_open+0x10/0x10
[  251.301740][ T8213]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  251.301773][ T8213]  do_dentry_open+0x982/0x1530
[  251.301802][ T8213]  ? __pfx_chrdev_open+0x10/0x10
[  251.301838][ T8213]  vfs_open+0x82/0x3f0
[  251.301876][ T8213]  path_openat+0x1de4/0x2cb0
[  251.301912][ T8213]  ? __pfx_path_openat+0x10/0x10
[  251.301940][ T8213]  ? __lock_acquire+0xb8a/0x1c90
[  251.301976][ T8213]  do_filp_open+0x20b/0x470
[  251.302003][ T8213]  ? __pfx_do_filp_open+0x10/0x10
[  251.302051][ T8213]  ? alloc_fd+0x471/0x7d0
[  251.302082][ T8213]  do_sys_openat2+0x11b/0x1d0
[  251.302118][ T8213]  ? __pfx_do_sys_openat2+0x10/0x10
[  251.302165][ T8213]  __x64_sys_openat+0x174/0x210
[  251.302208][ T8213]  ? __pfx___x64_sys_openat+0x10/0x10
[  251.302257][ T8213]  do_syscall_64+0xcd/0xfa0
[  251.302286][ T8213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.302311][ T8213] RIP: 0033:0x7f08a658efc9
[  251.302329][ T8213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.302352][ T8213] RSP: 002b:00007f08a747d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  251.302374][ T8213] RAX: ffffffffffffffda RBX: 00007f08a67e6090 RCX: 00007f08a658efc9
[  251.302390][ T8213] RDX: 0000000000004000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  251.302405][ T8213] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  251.302420][ T8213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.302434][ T8213] R13: 00007f08a67e6128 R14: 00007f08a67e6090 R15: 00007ffcc37c7d48
[  251.302465][ T8213]  </TASK>
[  251.387434][ T8221] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  257.978079][ T8317] netlink: 'syz.1.495': attribute type 11 has an invalid length.
[  257.995900][ T8317] netlink: 'syz.1.495': attribute type 11 has an invalid length.
[  258.012861][ T8317] netlink: 'syz.1.495': attribute type 11 has an invalid length.
[  258.028656][ T8317] netlink: 'syz.1.495': attribute type 11 has an invalid length.
[  259.215652][ T8338] random: crng reseeded on system resumption
[  259.409393][ T8342] FAULT_INJECTION: forcing a failure.
[  259.409393][ T8342] name failslab, interval 1, probability 0, space 0, times 0
[  259.598004][ T8342] CPU: 0 UID: 0 PID: 8342 Comm: syz.0.500 Not tainted syzkaller #0 PREEMPT(full) 
[  259.598037][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  259.598051][ T8342] Call Trace:
[  259.598059][ T8342]  <TASK>
[  259.598068][ T8342]  dump_stack_lvl+0x16c/0x1f0
[  259.598098][ T8342]  should_fail_ex+0x512/0x640
[  259.598135][ T8342]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  259.598164][ T8342]  should_failslab+0xc2/0x120
[  259.598197][ T8342]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  259.598224][ T8342]  ? __d_alloc+0x32/0xae0
[  259.598257][ T8342]  ? __d_alloc+0x32/0xae0
[  259.598283][ T8342]  __d_alloc+0x32/0xae0
[  259.598314][ T8342]  d_alloc_parallel+0x111/0x1510
[  259.598362][ T8342]  ? __pfx_d_alloc_parallel+0x10/0x10
[  259.598409][ T8342]  ? lockdep_init_map_type+0x5c/0x280
[  259.598446][ T8342]  ? lockdep_init_map_type+0x5c/0x280
[  259.598487][ T8342]  __lookup_slow+0x193/0x460
[  259.598525][ T8342]  ? __pfx___lookup_slow+0x10/0x10
[  259.598568][ T8342]  ? __next_zones_zonelist+0x10/0x150
[  259.598609][ T8342]  ? __next_zones_zonelist+0x10/0x150
[  259.598644][ T8342]  ? d_lookup+0xe7/0x190
[  259.598684][ T8342]  lookup_noperm+0xe1/0x110
[  259.598720][ T8342]  simple_start_creating+0xd1/0x1b0
[  259.598764][ T8342]  debugfs_start_creating.part.0+0x82/0x190
[  259.598807][ T8342]  __debugfs_create_file+0xa7/0x6b0
[  259.598834][ T8342]  debugfs_create_file_full+0x41/0x60
[  259.598861][ T8342]  ref_tracker_dir_debugfs+0x19d/0x290
[  259.598902][ T8342]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  259.598970][ T8342]  ? lockdep_init_map_type+0x5c/0x280
[  259.599013][ T8342]  preinit_net.part.0+0x437/0x8a0
[  259.599040][ T8342]  copy_net_ns+0x3ba/0x690
[  259.599070][ T8342]  create_new_namespaces+0x3ea/0xa90
[  259.599104][ T8342]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  259.599134][ T8342]  ksys_unshare+0x45b/0xa40
[  259.599166][ T8342]  ? __pfx_ksys_unshare+0x10/0x10
[  259.599199][ T8342]  ? xfd_validate_state+0x61/0x180
[  259.599242][ T8342]  __x64_sys_unshare+0x31/0x40
[  259.599273][ T8342]  do_syscall_64+0xcd/0xfa0
[  259.599302][ T8342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.599326][ T8342] RIP: 0033:0x7fa74c38efc9
[  259.599344][ T8342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.599366][ T8342] RSP: 002b:00007fa74d24e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  259.599389][ T8342] RAX: ffffffffffffffda RBX: 00007fa74c5e6090 RCX: 00007fa74c38efc9
[  259.599408][ T8342] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  259.599422][ T8342] RBP: 00007fa74c411f91 R08: 0000000000000000 R09: 0000000000000000
[  259.599436][ T8342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  259.599450][ T8342] R13: 00007fa74c5e6128 R14: 00007fa74c5e6090 R15: 00007ffd3b0f1a28
[  259.599481][ T8342]  </TASK>
[  260.510749][ T8354] netlink: 'syz.2.505': attribute type 11 has an invalid length.
[  260.560332][ T8354] netlink: 'syz.2.505': attribute type 11 has an invalid length.
[  260.588426][ T8354] netlink: 'syz.2.505': attribute type 11 has an invalid length.
[  260.610272][ T8354] netlink: 'syz.2.505': attribute type 11 has an invalid length.
[  262.253543][ T8392] netlink: 28 bytes leftover after parsing attributes in process `syz.0.514'.
[  262.378940][ T8392] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.423733][ T8394] netlink: 186 bytes leftover after parsing attributes in process `syz.0.514'.
[  262.469481][ T8395] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  262.485606][ T8392] batman_adv: batadv0: Removing interface: batadv_slave_0
[  265.159651][ T8392] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  265.178727][ T8392] batman_adv: batadv0: Removing interface: batadv_slave_1
[  265.403004][ T8403] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  265.537316][ T8403] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  265.586504][ T8403] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  266.160792][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  266.171414][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  268.092674][ T8434] qrtr: Invalid version 0
[  268.340215][ T8438] random: crng reseeded on system resumption
[  268.623048][ T8447] netlink: 28 bytes leftover after parsing attributes in process `syz.3.529'.
[  268.725914][ T8448] : Can't lookup blockdev
[  268.744205][ T8448] FAULT_INJECTION: forcing a failure.
[  268.744205][ T8448] name failslab, interval 1, probability 0, space 0, times 0
[  268.800306][ T8448] CPU: 0 UID: 0 PID: 8448 Comm: syz.3.529 Not tainted syzkaller #0 PREEMPT(full) 
[  268.800339][ T8448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.800354][ T8448] Call Trace:
[  268.800361][ T8448]  <TASK>
[  268.800370][ T8448]  dump_stack_lvl+0x16c/0x1f0
[  268.800400][ T8448]  should_fail_ex+0x512/0x640
[  268.800437][ T8448]  ? __kmalloc_noprof+0xca/0x880
[  268.800479][ T8448]  should_failslab+0xc2/0x120
[  268.800512][ T8448]  __kmalloc_noprof+0xdd/0x880
[  268.800558][ T8448]  ? snd_pcm_plugin_build+0x64/0x650
[  268.800600][ T8448]  ? snd_pcm_plugin_build+0x64/0x650
[  268.800635][ T8448]  snd_pcm_plugin_build+0x64/0x650
[  268.800670][ T8448]  ? snd_pcm_plugin_build+0x4b7/0x650
[  268.800709][ T8448]  snd_pcm_plugin_build_linear+0x29d/0x850
[  268.800753][ T8448]  ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10
[  268.800797][ T8448]  ? snd_pcm_hw_params+0xcd/0x1ba0
[  268.800839][ T8448]  snd_pcm_plug_format_plugins+0x614/0x1430
[  268.800881][ T8448]  ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10
[  268.800923][ T8448]  ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10
[  268.800967][ T8448]  snd_pcm_oss_change_params_locked+0x2df1/0x3a30
[  268.801016][ T8448]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  268.801074][ T8448]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  268.801118][ T8448]  snd_pcm_oss_ioctl+0x2212/0x37c0
[  268.801154][ T8448]  ? hook_file_ioctl_common+0x145/0x410
[  268.801180][ T8448]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  268.801218][ T8448]  ? __fget_files+0x20e/0x3c0
[  268.801246][ T8448]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  268.801282][ T8448]  __x64_sys_ioctl+0x18e/0x210
[  268.801321][ T8448]  do_syscall_64+0xcd/0xfa0
[  268.801351][ T8448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.801375][ T8448] RIP: 0033:0x7f201b58efc9
[  268.801394][ T8448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.801417][ T8448] RSP: 002b:00007f20197f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  268.801439][ T8448] RAX: ffffffffffffffda RBX: 00007f201b7e6090 RCX: 00007f201b58efc9
[  268.801457][ T8448] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 000000000000000a
[  268.801471][ T8448] RBP: 00007f201b611f91 R08: 0000000000000000 R09: 0000000000000000
[  268.801486][ T8448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  268.801500][ T8448] R13: 00007f201b7e6128 R14: 00007f201b7e6090 R15: 00007fff2ad6f7c8
[  268.801531][ T8448]  </TASK>
[  269.243186][ T8451] netlink: 'syz.1.530': attribute type 11 has an invalid length.
[  271.278013][ T8495] random: crng reseeded on system resumption
[  271.329596][ T8497] netlink: 'syz.1.540': attribute type 11 has an invalid length.
[  272.434110][ T8511] netlink: 8 bytes leftover after parsing attributes in process `syz.1.543'.
[  272.508945][ T5834] Bluetooth: hci3: Malformed LE Event: 0x1d
[  272.659930][ T8518] FAULT_INJECTION: forcing a failure.
[  272.659930][ T8518] name fail_futex, interval 1, probability 0, space 0, times 0
[  272.869311][ T8518] CPU: 0 UID: 0 PID: 8518 Comm: syz.2.545 Not tainted syzkaller #0 PREEMPT(full) 
[  272.869344][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  272.869358][ T8518] Call Trace:
[  272.869365][ T8518]  <TASK>
[  272.869374][ T8518]  dump_stack_lvl+0x16c/0x1f0
[  272.869406][ T8518]  should_fail_ex+0x512/0x640
[  272.869447][ T8518]  get_futex_key+0x1d0/0x1560
[  272.869482][ T8518]  ? __pfx_get_futex_key+0x10/0x10
[  272.869515][ T8518]  ? __pick_eevdf+0x30a/0x670
[  272.869548][ T8518]  futex_wait_setup+0x9d/0x550
[  272.869594][ T8518]  __futex_wait+0x193/0x2f0
[  272.869633][ T8518]  ? __pfx___futex_wait+0x10/0x10
[  272.869669][ T8518]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  272.869693][ T8518]  ? lockdep_hardirqs_on+0x7c/0x110
[  272.869722][ T8518]  ? __pfx_futex_wake_mark+0x10/0x10
[  272.869764][ T8518]  ? futex_private_hash_put+0x176/0x300
[  272.869798][ T8518]  ? futex_private_hash_put+0x18a/0x300
[  272.869830][ T8518]  futex_wait+0xe8/0x380
[  272.869851][ T8518]  ? __pfx_futex_wait+0x10/0x10
[  272.869904][ T8518]  do_futex+0x229/0x350
[  272.869937][ T8518]  ? __pfx_do_futex+0x10/0x10
[  272.869968][ T8518]  ? map_id_range_up+0x2ce/0x3b0
[  272.869997][ T8518]  __x64_sys_futex+0x1e0/0x4c0
[  272.870033][ T8518]  ? __pfx___x64_sys_futex+0x10/0x10
[  272.870065][ T8518]  ? from_kgid_munged+0xab/0x130
[  272.870088][ T8518]  ? __pfx_from_kgid_munged+0x10/0x10
[  272.870120][ T8518]  do_syscall_64+0xcd/0xfa0
[  272.870157][ T8518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.870182][ T8518] RIP: 0033:0x7f08a658efc9
[  272.870201][ T8518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.870223][ T8518] RSP: 002b:00007f08a747d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  272.870246][ T8518] RAX: ffffffffffffffda RBX: 00007f08a67e6098 RCX: 00007f08a658efc9
[  272.870261][ T8518] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f08a67e6098
[  272.870276][ T8518] RBP: 00007f08a67e6090 R08: 0000000000000000 R09: 0000000000000000
[  272.870290][ T8518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  272.870304][ T8518] R13: 00007f08a67e6128 R14: 00007ffcc37c7c60 R15: 00007ffcc37c7d48
[  272.870336][ T8518]  </TASK>
[  273.416048][   T30] audit: type=1800 audit(1762168897.807:8): pid=8524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.547" name="file0" dev="tmpfs" ino=773 res=0 errno=0
[  275.645937][   T30] audit: type=1804 audit(1762168900.227:9): pid=8557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.554" name="/newroot/149/file0" dev="tmpfs" ino=792 res=1 errno=0
[  276.196700][ T8562] FAULT_INJECTION: forcing a failure.
[  276.196700][ T8562] name failslab, interval 1, probability 0, space 0, times 0
[  276.340819][ T8562] CPU: 0 UID: 0 PID: 8562 Comm: syz.2.555 Not tainted syzkaller #0 PREEMPT(full) 
[  276.340852][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  276.340890][ T8562] Call Trace:
[  276.340898][ T8562]  <TASK>
[  276.340906][ T8562]  dump_stack_lvl+0x16c/0x1f0
[  276.340938][ T8562]  should_fail_ex+0x512/0x640
[  276.340975][ T8562]  ? __kmalloc_noprof+0xca/0x880
[  276.341015][ T8562]  should_failslab+0xc2/0x120
[  276.341047][ T8562]  __kmalloc_noprof+0xdd/0x880
[  276.341085][ T8562]  ? __register_sysctl_table+0xb3/0x1900
[  276.341126][ T8562]  ? __register_sysctl_table+0xb3/0x1900
[  276.341164][ T8562]  __register_sysctl_table+0xb3/0x1900
[  276.341201][ T8562]  ? is_module_address+0x5f/0xf0
[  276.341241][ T8562]  ? __pfx___register_sysctl_table+0x10/0x10
[  276.341277][ T8562]  ? is_module_address+0x69/0xf0
[  276.341312][ T8562]  ? register_net_sysctl_sz+0x228/0x3e0
[  276.341347][ T8562]  ? __asan_memcpy+0x3c/0x60
[  276.341375][ T8562]  ipv6_frags_init_net+0x217/0x350
[  276.341406][ T8562]  ? __pfx_ipv6_frags_init_net+0x10/0x10
[  276.341434][ T8562]  ops_init+0x1e2/0x5f0
[  276.341462][ T8562]  setup_net+0x100/0x390
[  276.341487][ T8562]  ? __pfx_setup_net+0x10/0x10
[  276.341513][ T8562]  ? debug_mutex_init+0x37/0x70
[  276.341541][ T8562]  copy_net_ns+0x2f8/0x690
[  276.341572][ T8562]  create_new_namespaces+0x3ea/0xa90
[  276.341607][ T8562]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  276.341638][ T8562]  ksys_unshare+0x45b/0xa40
[  276.341670][ T8562]  ? __pfx_ksys_unshare+0x10/0x10
[  276.341704][ T8562]  ? xfd_validate_state+0x61/0x180
[  276.341748][ T8562]  __x64_sys_unshare+0x31/0x40
[  276.341780][ T8562]  do_syscall_64+0xcd/0xfa0
[  276.341809][ T8562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.341834][ T8562] RIP: 0033:0x7f08a658efc9
[  276.341852][ T8562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.341881][ T8562] RSP: 002b:00007f08a749e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  276.341903][ T8562] RAX: ffffffffffffffda RBX: 00007f08a67e5fa0 RCX: 00007f08a658efc9
[  276.341919][ T8562] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  276.341933][ T8562] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  276.341948][ T8562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.341962][ T8562] R13: 00007f08a67e6038 R14: 00007f08a67e5fa0 R15: 00007ffcc37c7d48
[  276.341993][ T8562]  </TASK>
[  277.123427][ T8569] ALUA LU Group already has a valid ID, ignoring request
[  277.201757][   T30] audit: type=1800 audit(1762168901.697:10): pid=8569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.558" name="lu_gp_id" dev="configfs" ino=21696 res=0 errno=0
[  277.485918][ T8575] netlink: 'syz.3.561': attribute type 11 has an invalid length.
[  277.507866][ T8575] netlink: 'syz.3.561': attribute type 11 has an invalid length.
[  277.530593][ T8575] netlink: 'syz.3.561': attribute type 11 has an invalid length.
[  277.538373][ T8575] netlink: 'syz.3.561': attribute type 11 has an invalid length.
[  277.592729][ T8575] netlink: 'syz.3.561': attribute type 11 has an invalid length.
[  279.799454][ T8629] netlink: 'syz.2.573': attribute type 11 has an invalid length.
[  279.860464][ T8629] netlink: 'syz.2.573': attribute type 11 has an invalid length.
[  279.905268][ T8629] netlink: 'syz.2.573': attribute type 11 has an invalid length.
[  279.950276][ T8629] netlink: 'syz.2.573': attribute type 11 has an invalid length.
[  280.005183][ T8629] netlink: 'syz.2.573': attribute type 11 has an invalid length.
[  280.523690][ T8643] syz.2.576 (8643): /proc/8641/oom_adj is deprecated, please use /proc/8641/oom_score_adj instead.
[  281.979466][ T8665] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  282.014030][ T8665] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  284.351691][ T8686] random: crng reseeded on system resumption
[  284.422073][ T8684] netlink: 708 bytes leftover after parsing attributes in process `syz.2.588'.
[  284.527365][ T5834] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1
[  285.282945][ T8702] random: crng reseeded on system resumption
[  286.864281][ T8712] zswap: compressor  not available
[  287.648069][ T8728] netlink: 'syz.2.597': attribute type 11 has an invalid length.
[  287.679260][ T8728] netlink: 'syz.2.597': attribute type 11 has an invalid length.
[  287.714994][ T8728] netlink: 'syz.2.597': attribute type 11 has an invalid length.
[  287.746998][ T8728] netlink: 'syz.2.597': attribute type 11 has an invalid length.
[  287.777782][ T8728] netlink: 'syz.2.597': attribute type 11 has an invalid length.
[  290.811086][ T8766] random: crng reseeded on system resumption
[  290.907105][ T8769] futex_wake_op: syz.1.607 tries to shift op by -2048; fix this program
[  290.950558][ T8769] futex_wake_op: syz.1.607 tries to shift op by -2048; fix this program
[  291.003507][ T8769] 0x000000000001-0x000000020000 : ""
[  291.071698][ T8769] ftl_cs: FTL header corrupt!
[  295.544884][ T8835] futex_wake_op: syz.3.621 tries to shift op by -2048; fix this program
[  296.457624][ T8847] random: crng reseeded on system resumption
[  296.853913][ T8851] netlink: 28 bytes leftover after parsing attributes in process `syz.1.624'.
[  298.215760][ T8871] random: crng reseeded on system resumption
[  298.302197][ T8871] vhci_hcd: invalid port number 23
[  298.307355][ T8871] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  298.484024][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  298.530260][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  298.603727][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  298.682632][ T8881] zero sized request
[  298.705350][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  298.760857][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  298.848211][ T8880] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE�r��҄y�*�"�l-���y–��
[  298.867306][ T8887] random: crng reseeded on system resumption
[  298.932800][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  299.023791][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  299.139220][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  299.237940][ T8875] futex_wake_op: syz.0.631 tries to shift op by -2048; fix this program
[  299.391422][ T8892] netlink: 'syz.2.635': attribute type 11 has an invalid length.
[  299.433128][ T8892] netlink: 'syz.2.635': attribute type 11 has an invalid length.
[  299.472601][ T8892] netlink: 'syz.2.635': attribute type 11 has an invalid length.
[  299.508122][ T8892] netlink: 'syz.2.635': attribute type 11 has an invalid length.
[  299.546142][ T8892] netlink: 'syz.2.635': attribute type 11 has an invalid length.
[  301.448308][ T8931] netlink: 330 bytes leftover after parsing attributes in process `syz.1.642'.
[  301.562660][ T8931] mac80211_hwsim hwsim25 �: renamed from wlan0
[  302.000831][ T8940] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input9
[  302.509291][ T8957] random: crng reseeded on system resumption
[  302.727953][ T8966] netlink: 25 bytes leftover after parsing attributes in process `syz.0.649'.
[  303.553179][ T8975] sd 0:0:1:0: PR command failed: 1026
[  303.573786][ T8975] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  303.612592][ T8975] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  306.480507][ T9033] zswap: compressor 000 not available
[  307.067473][ T9046] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  307.736548][ T9059] random: crng reseeded on system resumption
[  310.256915][ T9123] netlink: 10 bytes leftover after parsing attributes in process `syz.1.676'.
[  310.862738][ T9132] netlink: 216 bytes leftover after parsing attributes in process `syz.2.678'.
[  310.920335][ T9134] netlink: 216 bytes leftover after parsing attributes in process `syz.2.678'.
[  311.687245][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.843860][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.844085][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.844293][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.844501][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.844742][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  311.844952][ T9148] netlink: 342 bytes leftover after parsing attributes in process `syz.0.682'.
[  313.201423][ T9169] random: crng reseeded on system resumption
[  313.341712][ T9179] netlink: 'syz.1.687': attribute type 11 has an invalid length.
[  314.468975][ T9182] ima: policy update failed
[  314.475087][   T30] audit: type=1802 audit(1762168939.057:11): pid=9182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.691" res=0 errno=0
[  315.633187][ T9218] scsi_strcpy_devinfo: vendor string '��/&c��~n]	�|
[  315.633187][ T9218] M�' is too long
[  315.692507][ T9218] scsi_strcpy_devinfo: model string '�Dd5��K�2b�
[  315.692507][ T9218] ���W����� ��' is too long
[  316.961354][ T9230] random: crng reseeded on system resumption
[  318.780691][ T9249] __nla_validate_parse: 58 callbacks suppressed
[  318.780710][ T9249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.706'.
[  319.196189][ T9264] FAULT_INJECTION: forcing a failure.
[  319.196189][ T9264] name failslab, interval 1, probability 0, space 0, times 0
[  319.295414][ T9264] CPU: 0 UID: 0 PID: 9264 Comm: syz.3.710 Not tainted syzkaller #0 PREEMPT(full) 
[  319.295446][ T9264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  319.295460][ T9264] Call Trace:
[  319.295467][ T9264]  <TASK>
[  319.295476][ T9264]  dump_stack_lvl+0x16c/0x1f0
[  319.295507][ T9264]  should_fail_ex+0x512/0x640
[  319.295545][ T9264]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  319.295573][ T9264]  ? __pfx_ptdump_curusr_open+0x10/0x10
[  319.295609][ T9264]  should_failslab+0xc2/0x120
[  319.295642][ T9264]  kmem_cache_alloc_noprof+0x75/0x6e0
[  319.295666][ T9264]  ? seq_open+0x55/0x170
[  319.295701][ T9264]  ? __pfx_ptdump_curusr_open+0x10/0x10
[  319.295736][ T9264]  ? __pfx_ptdump_curusr_show+0x10/0x10
[  319.295771][ T9264]  ? seq_open+0x55/0x170
[  319.295801][ T9264]  seq_open+0x55/0x170
[  319.295840][ T9264]  ? __pfx_ptdump_curusr_show+0x10/0x10
[  319.295877][ T9264]  single_open+0xfc/0x1f0
[  319.295911][ T9264]  full_proxy_open_regular+0x1b9/0x360
[  319.295951][ T9264]  do_dentry_open+0x982/0x1530
[  319.295980][ T9264]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  319.296022][ T9264]  vfs_open+0x82/0x3f0
[  319.296060][ T9264]  path_openat+0x1de4/0x2cb0
[  319.296096][ T9264]  ? __pfx_path_openat+0x10/0x10
[  319.296124][ T9264]  ? __lock_acquire+0xb8a/0x1c90
[  319.296160][ T9264]  do_filp_open+0x20b/0x470
[  319.296187][ T9264]  ? __pfx_do_filp_open+0x10/0x10
[  319.296234][ T9264]  ? alloc_fd+0x471/0x7d0
[  319.296265][ T9264]  do_sys_openat2+0x11b/0x1d0
[  319.296301][ T9264]  ? __pfx_do_sys_openat2+0x10/0x10
[  319.296348][ T9264]  __x64_sys_openat+0x174/0x210
[  319.296385][ T9264]  ? __pfx___x64_sys_openat+0x10/0x10
[  319.296434][ T9264]  do_syscall_64+0xcd/0xfa0
[  319.296463][ T9264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.296487][ T9264] RIP: 0033:0x7f201b58efc9
[  319.296506][ T9264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.296529][ T9264] RSP: 002b:00007f201c34b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  319.296551][ T9264] RAX: ffffffffffffffda RBX: 00007f201b7e5fa0 RCX: 00007f201b58efc9
[  319.296567][ T9264] RDX: 0000000000002040 RSI: 0000200000001f40 RDI: ffffffffffffff9c
[  319.296582][ T9264] RBP: 00007f201b611f91 R08: 0000000000000000 R09: 0000000000000000
[  319.296596][ T9264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  319.296610][ T9264] R13: 00007f201b7e6038 R14: 00007f201b7e5fa0 R15: 00007fff2ad6f7c8
[  319.296641][ T9264]  </TASK>
[  320.331045][ T9278] random: crng reseeded on system resumption
[  320.399592][    C0] vcan0: j1939_tp_rxtimer: 0xffff88802874f800: rx timeout, send abort
[  320.409350][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88802874f800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  321.383070][ T9295] netlink: 'syz.3.718': attribute type 1 has an invalid length.
[  322.221032][ T9306] netlink: 342 bytes leftover after parsing attributes in process `syz.0.721'.
[  322.326891][ T9307] netlink: 342 bytes leftover after parsing attributes in process `syz.0.721'.
[  324.748563][   T30] audit: type=1326 audit(1762168949.327:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9368 comm="syz.0.734" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa74c38efc9 code=0x0
[  325.177165][ T9380] Debayer A: =================  START STATUS  =================
[  325.203368][ T9380] Debayer A: Debayer Mean Window Size: 3
[  325.223415][ T9380] Debayer A: ==================  END STATUS  ==================
[  325.910126][ T5834] Bluetooth: hci3: unexpected event 0x2c length: 42 > 17
[  326.081733][ T9397] Unable to find swap-space signature
[  326.200798][ T9410] netlink: 330 bytes leftover after parsing attributes in process `syz.2.744'.
[  326.816462][ T9426] random: crng reseeded on system resumption
[  326.945879][ T9436] Restarting kernel threads ...
[  326.991736][ T9426] hub 1-0:1.0: USB hub found
[  327.024153][ T9436] Done restarting kernel threads.
[  327.081177][ T9437] FAULT_INJECTION: forcing a failure.
[  327.081177][ T9437] name fail_futex, interval 1, probability 0, space 0, times 0
[  327.143143][ T9426] hub 1-0:1.0: 1 port detected
[  327.216364][ T9437] CPU: 0 UID: 0 PID: 9437 Comm: syz.3.747 Not tainted syzkaller #0 PREEMPT(full) 
[  327.216398][ T9437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  327.216412][ T9437] Call Trace:
[  327.216420][ T9437]  <TASK>
[  327.216428][ T9437]  dump_stack_lvl+0x16c/0x1f0
[  327.216458][ T9437]  should_fail_ex+0x512/0x640
[  327.216499][ T9437]  get_futex_key+0x1d0/0x1560
[  327.216530][ T9437]  ? get_pid_task+0x106/0x250
[  327.216562][ T9437]  ? __pfx_get_futex_key+0x10/0x10
[  327.216589][ T9437]  ? rcu_is_watching+0x12/0xc0
[  327.216614][ T9437]  ? kfree+0x252/0x6d0
[  327.216641][ T9437]  futex_wake+0xea/0x530
[  327.216679][ T9437]  ? __pfx_futex_wake+0x10/0x10
[  327.216715][ T9437]  ? __pfx_vfs_writev+0x10/0x10
[  327.216736][ T9437]  ? __mutex_lock+0x1c5/0x1060
[  327.216767][ T9437]  ? do_writev+0x218/0x340
[  327.216794][ T9437]  do_futex+0x1e3/0x350
[  327.216825][ T9437]  ? __pfx_do_futex+0x10/0x10
[  327.216854][ T9437]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  327.216891][ T9437]  __x64_sys_futex+0x1e0/0x4c0
[  327.216926][ T9437]  ? __pfx___x64_sys_futex+0x10/0x10
[  327.216959][ T9437]  ? __pfx_do_writev+0x10/0x10
[  327.216990][ T9437]  do_syscall_64+0xcd/0xfa0
[  327.217017][ T9437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.217040][ T9437] RIP: 0033:0x7f201b58efc9
[  327.217066][ T9437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.217089][ T9437] RSP: 002b:00007f20197d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  327.217111][ T9437] RAX: ffffffffffffffda RBX: 00007f201b7e6188 RCX: 00007f201b58efc9
[  327.217127][ T9437] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f201b7e618c
[  327.217141][ T9437] RBP: 00007f201b7e6180 R08: 00007f201c34c000 R09: 0000000000000000
[  327.217156][ T9437] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000
[  327.217170][ T9437] R13: 00007f201b7e6218 R14: 00007fff2ad6f6e0 R15: 00007fff2ad6f7c8
[  327.217201][ T9437]  </TASK>
[  327.702366][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  327.702765][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  328.148111][ T9450] netlink: 28 bytes leftover after parsing attributes in process `syz.1.753'.
[  328.308440][ T9454] Format for deleting device is "id" (uint).
[  328.346591][ T9454] FAULT_INJECTION: forcing a failure.
[  328.346591][ T9454] name failslab, interval 1, probability 0, space 0, times 0
[  328.402158][ T9454] CPU: 0 UID: 0 PID: 9454 Comm: syz.2.754 Not tainted syzkaller #0 PREEMPT(full) 
[  328.402191][ T9454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  328.402205][ T9454] Call Trace:
[  328.402213][ T9454]  <TASK>
[  328.402222][ T9454]  dump_stack_lvl+0x16c/0x1f0
[  328.402252][ T9454]  should_fail_ex+0x512/0x640
[  328.402288][ T9454]  ? fs_reclaim_acquire+0xae/0x150
[  328.402322][ T9454]  should_failslab+0xc2/0x120
[  328.402354][ T9454]  kmem_cache_alloc_noprof+0x75/0x6e0
[  328.402377][ T9454]  ? __pfx_map_id_range_down+0x10/0x10
[  328.402415][ T9454]  ? security_inode_alloc+0x3b/0x2b0
[  328.402457][ T9454]  ? security_inode_alloc+0x3b/0x2b0
[  328.402491][ T9454]  security_inode_alloc+0x3b/0x2b0
[  328.402549][ T9454]  inode_init_always_gfp+0xce4/0x1030
[  328.402578][ T9454]  alloc_inode+0x86/0x240
[  328.402612][ T9454]  sock_alloc+0x40/0x280
[  328.402639][ T9454]  sock_create_lite+0x82/0x120
[  328.402669][ T9454]  __netlink_kernel_create+0xbd/0x750
[  328.402697][ T9454]  ? __pfx___netlink_kernel_create+0x10/0x10
[  328.402732][ T9454]  uevent_net_init+0xf8/0x350
[  328.402766][ T9454]  ? __pfx_uevent_net_init+0x10/0x10
[  328.402799][ T9454]  ? rcu_is_watching+0x12/0xc0
[  328.402825][ T9454]  ? __pfx_uevent_net_rcv+0x10/0x10
[  328.402859][ T9454]  ? ops_init+0x77/0x5f0
[  328.402887][ T9454]  ? __pfx_uevent_net_init+0x10/0x10
[  328.402920][ T9454]  ops_init+0x1e2/0x5f0
[  328.402947][ T9454]  setup_net+0x100/0x390
[  328.402979][ T9454]  ? __pfx_setup_net+0x10/0x10
[  328.403006][ T9454]  ? debug_mutex_init+0x37/0x70
[  328.403036][ T9454]  copy_net_ns+0x2f8/0x690
[  328.403066][ T9454]  create_new_namespaces+0x3ea/0xa90
[  328.403101][ T9454]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  328.403133][ T9454]  ksys_unshare+0x45b/0xa40
[  328.403166][ T9454]  ? __pfx_ksys_unshare+0x10/0x10
[  328.403200][ T9454]  ? xfd_validate_state+0x61/0x180
[  328.403243][ T9454]  __x64_sys_unshare+0x31/0x40
[  328.403275][ T9454]  do_syscall_64+0xcd/0xfa0
[  328.403305][ T9454]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.403330][ T9454] RIP: 0033:0x7f08a658efc9
[  328.403348][ T9454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.403373][ T9454] RSP: 002b:00007f08a749e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  328.403395][ T9454] RAX: ffffffffffffffda RBX: 00007f08a67e5fa0 RCX: 00007f08a658efc9
[  328.403412][ T9454] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  328.403427][ T9454] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  328.403442][ T9454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  328.403456][ T9454] R13: 00007f08a67e6038 R14: 00007f08a67e5fa0 R15: 00007ffcc37c7d48
[  328.403489][ T9454]  </TASK>
[  328.403524][ T9454] kobject_uevent: unable to create netlink socket!
[  328.918490][ T9464] random: crng reseeded on system resumption
[  331.224080][ T9512] netlink: 342 bytes leftover after parsing attributes in process `syz.3.765'.
[  331.491270][ T9522] program syz.2.768 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  332.006899][ T9533] random: crng reseeded on system resumption
[  332.834343][ T9553] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed.
[  334.011385][ T9585] random: crng reseeded on system resumption
[  334.232609][ T5834] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14
[  334.375354][ T9585] FAULT_INJECTION: forcing a failure.
[  334.375354][ T9585] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  334.721252][ T9585] CPU: 0 UID: 0 PID: 9585 Comm: syz.2.780 Not tainted syzkaller #0 PREEMPT(full) 
[  334.721286][ T9585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  334.721300][ T9585] Call Trace:
[  334.721308][ T9585]  <TASK>
[  334.721317][ T9585]  dump_stack_lvl+0x16c/0x1f0
[  334.721349][ T9585]  should_fail_ex+0x512/0x640
[  334.721399][ T9585]  should_fail_alloc_page+0xe7/0x130
[  334.721435][ T9585]  prepare_alloc_pages+0x3c2/0x610
[  334.721468][ T9585]  ? rcu_is_watching+0x12/0xc0
[  334.721497][ T9585]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  334.721526][ T9585]  ? __pfx_stack_trace_save+0x10/0x10
[  334.721559][ T9585]  ? __lock_acquire+0x622/0x1c90
[  334.721596][ T9585]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  334.721634][ T9585]  ? rcu_read_unlock+0x17/0x60
[  334.721671][ T9585]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  334.721714][ T9585]  ? policy_nodemask+0xea/0x4e0
[  334.721749][ T9585]  alloc_pages_mpol+0x1fb/0x550
[  334.721783][ T9585]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  334.721814][ T9585]  ? trace_kmalloc+0x2b/0xd0
[  334.721845][ T9585]  ? trace_kmalloc+0x2b/0xd0
[  334.721874][ T9585]  ? __kmalloc_noprof.cold+0x5d/0x62
[  334.721909][ T9585]  ? relay_open_buf.part.0+0x194/0xc40
[  334.721948][ T9585]  alloc_pages_noprof+0x131/0x390
[  334.721982][ T9585]  relay_open_buf.part.0+0x262/0xc40
[  334.722028][ T9585]  relay_open+0x653/0xad0
[  334.722063][ T9585]  ? debugfs_create_file_full+0x41/0x60
[  334.722091][ T9585]  do_blk_trace_setup+0x4c5/0xb00
[  334.722126][ T9585]  blk_trace_setup+0xed/0x1b0
[  334.722157][ T9585]  ? __pfx_blk_trace_setup+0x10/0x10
[  334.722188][ T9585]  ? __pfx_snprintf+0x10/0x10
[  334.722220][ T9585]  ? do_vfs_ioctl+0x128/0x14f0
[  334.722260][ T9585]  blk_trace_ioctl+0x146/0x280
[  334.722293][ T9585]  ? __pfx_blk_trace_ioctl+0x10/0x10
[  334.722330][ T9585]  ? find_held_lock+0x2b/0x80
[  334.722354][ T9585]  ? hook_file_ioctl_common+0x145/0x410
[  334.722389][ T9585]  blkdev_ioctl+0x108/0x6d0
[  334.722415][ T9585]  ? __pfx_blkdev_ioctl+0x10/0x10
[  334.722445][ T9585]  ? __pfx_blkdev_ioctl+0x10/0x10
[  334.722473][ T9585]  __x64_sys_ioctl+0x18e/0x210
[  334.722512][ T9585]  do_syscall_64+0xcd/0xfa0
[  334.722541][ T9585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.722566][ T9585] RIP: 0033:0x7f08a658efc9
[  334.722585][ T9585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.722609][ T9585] RSP: 002b:00007f08a745c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  334.722633][ T9585] RAX: ffffffffffffffda RBX: 00007f08a67e6180 RCX: 00007f08a658efc9
[  334.722649][ T9585] RDX: 0000200000000240 RSI: 00000000c0481273 RDI: 000000000000000b
[  334.722665][ T9585] RBP: 00007f08a6611f91 R08: 0000000000000000 R09: 0000000000000000
[  334.722680][ T9585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.722695][ T9585] R13: 00007f08a67e6218 R14: 00007f08a67e6180 R15: 00007ffcc37c7d48
[  334.722727][ T9585]  </TASK>
[  335.017753][    C0] vkms_vblank_simulate: vblank timer overrun
[  335.638511][ T9603] netlink: 12 bytes leftover after parsing attributes in process `syz.3.785'.
[  335.672675][ T9609] ==================================================================
[  335.672689][ T9609] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60
[  335.672725][ T9609] Write of size 8 at addr ffffc900037b9000 by task syz.1.784/9609
[  335.672745][ T9609] 
[  335.672755][ T9609] CPU: 0 UID: 0 PID: 9609 Comm: syz.1.784 Not tainted syzkaller #0 PREEMPT(full) 
[  335.672785][ T9609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  335.672800][ T9609] Call Trace:
[  335.672807][ T9609]  <TASK>
[  335.672816][ T9609]  dump_stack_lvl+0x116/0x1f0
[  335.672844][ T9609]  print_report+0xcd/0x630
[  335.672876][ T9609]  ? __virt_addr_valid+0x81/0x610
[  335.672910][ T9609]  ? sys_imageblit+0x1a6f/0x1e60
[  335.672938][ T9609]  kasan_report+0xe0/0x110
[  335.672970][ T9609]  ? sys_imageblit+0x1a6f/0x1e60
[  335.673002][ T9609]  sys_imageblit+0x1a6f/0x1e60
[  335.673034][ T9609]  ? __pfx_sys_imageblit+0x10/0x10
[  335.673061][ T9609]  ? __pfx__prb_read_valid+0x10/0x10
[  335.673097][ T9609]  ? find_held_lock+0x2b/0x80
[  335.673122][ T9609]  ? up+0xcb/0x140
[  335.673151][ T9609]  ? do_raw_spin_unlock+0x172/0x230
[  335.673194][ T9609]  ? prb_read_valid+0x78/0xa0
[  335.673231][ T9609]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  335.673259][ T9609]  soft_cursor+0x524/0xa10
[  335.673300][ T9609]  ? fb_get_color_depth+0x120/0x250
[  335.673343][ T9609]  bit_cursor+0xe8c/0x17e0
[  335.673384][ T9609]  ? __pfx_bit_cursor+0x10/0x10
[  335.673427][ T9609]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  335.673470][ T9609]  ? get_color+0x1da/0x450
[  335.673503][ T9609]  ? __pfx_bit_cursor+0x10/0x10
[  335.673540][ T9609]  fbcon_cursor+0x40c/0x5a0
[  335.673573][ T9609]  ? do_blank_screen+0x591/0x5a0
[  335.673596][ T9609]  set_cursor+0x1db/0x250
[  335.673617][ T9609]  con_write+0x89/0xb0
[  335.673642][ T9609]  do_output_char+0x5d9/0x840
[  335.673673][ T9609]  n_tty_write+0x4fe/0x11e0
[  335.673712][ T9609]  ? __pfx_n_tty_write+0x10/0x10
[  335.673745][ T9609]  ? trace_kmalloc+0x2b/0xd0
[  335.673774][ T9609]  ? __pfx_woken_wake_function+0x10/0x10
[  335.673814][ T9609]  ? kfree+0x252/0x6d0
[  335.673834][ T9609]  ? __pfx_n_tty_write+0x10/0x10
[  335.673867][ T9609]  file_tty_write.constprop.0+0x503/0x9b0
[  335.673898][ T9609]  redirected_tty_write+0xd4/0x150
[  335.673924][ T9609]  vfs_write+0x7d3/0x11d0
[  335.673949][ T9609]  ? __pfx_redirected_tty_write+0x10/0x10
[  335.673978][ T9609]  ? __pfx_vfs_write+0x10/0x10
[  335.674001][ T9609]  ? find_held_lock+0x2b/0x80
[  335.674034][ T9609]  ksys_write+0x12a/0x250
[  335.674058][ T9609]  ? __pfx_ksys_write+0x10/0x10
[  335.674088][ T9609]  do_syscall_64+0xcd/0xfa0
[  335.674115][ T9609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.674139][ T9609] RIP: 0033:0x7fb3bd18efc9
[  335.674158][ T9609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.674182][ T9609] RSP: 002b:00007fb3be009038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  335.674205][ T9609] RAX: ffffffffffffffda RBX: 00007fb3bd3e6090 RCX: 00007fb3bd18efc9
[  335.674222][ T9609] RDX: 0000000000000d4f RSI: 0000200000000840 RDI: 0000000000000002
[  335.674238][ T9609] RBP: 00007fb3bd211f91 R08: 0000000000000000 R09: 0000000000000000
[  335.674254][ T9609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.674269][ T9609] R13: 00007fb3bd3e6128 R14: 00007fb3bd3e6090 R15: 00007ffd78a79798
[  335.674293][ T9609]  </TASK>
[  335.674301][ T9609] 
[  335.674307][ T9609] The buggy address belongs to a 0-page vmalloc region starting at 0xffffc900034b9000 allocated at drm_gem_shmem_vmap_locked+0x561/0x7e0
[  335.674355][ T9609] Memory state around the buggy address:
[  335.674373][ T9609]  ffffc900037b8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  335.674390][ T9609]  ffffc900037b8f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  335.674406][ T9609] >ffffc900037b9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  335.674419][ T9609]                    ^
[  335.674431][ T9609]  ffffc900037b9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  335.674448][ T9609]  ffffc900037b9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  335.674461][ T9609] ==================================================================
[  335.674473][ T9609] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  335.674488][ T9609] CPU: 0 UID: 0 PID: 9609 Comm: syz.1.784 Not tainted syzkaller #0 PREEMPT(full) 
[  335.674516][ T9609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  335.674531][ T9609] Call Trace:
[  335.674538][ T9609]  <TASK>
[  335.674546][ T9609]  dump_stack_lvl+0x3d/0x1f0
[  335.674573][ T9609]  vpanic+0x640/0x6f0
[  335.674608][ T9609]  panic+0xca/0xd0
[  335.674643][ T9609]  ? __pfx_panic+0x10/0x10
[  335.674684][ T9609]  check_panic_on_warn+0xab/0xb0
[  335.674725][ T9609]  end_report+0x107/0x170
[  335.674756][ T9609]  kasan_report+0xee/0x110
[  335.674788][ T9609]  ? sys_imageblit+0x1a6f/0x1e60
[  335.674819][ T9609]  sys_imageblit+0x1a6f/0x1e60
[  335.674852][ T9609]  ? __pfx_sys_imageblit+0x10/0x10
[  335.674880][ T9609]  ? __pfx__prb_read_valid+0x10/0x10
[  335.674915][ T9609]  ? find_held_lock+0x2b/0x80
[  335.674940][ T9609]  ? up+0xcb/0x140
[  335.674968][ T9609]  ? do_raw_spin_unlock+0x172/0x230
[  335.675011][ T9609]  ? prb_read_valid+0x78/0xa0
[  335.675048][ T9609]  drm_fbdev_shmem_defio_imageblit+0x20/0x130
[  335.675076][ T9609]  soft_cursor+0x524/0xa10
[  335.675116][ T9609]  ? fb_get_color_depth+0x120/0x250
[  335.675154][ T9609]  bit_cursor+0xe8c/0x17e0
[  335.675195][ T9609]  ? __pfx_bit_cursor+0x10/0x10
[  335.675238][ T9609]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  335.675280][ T9609]  ? get_color+0x1da/0x450
[  335.675312][ T9609]  ? __pfx_bit_cursor+0x10/0x10
[  335.675354][ T9609]  fbcon_cursor+0x40c/0x5a0
[  335.675388][ T9609]  ? do_blank_screen+0x591/0x5a0
[  335.675412][ T9609]  set_cursor+0x1db/0x250
[  335.675433][ T9609]  con_write+0x89/0xb0
[  335.675460][ T9609]  do_output_char+0x5d9/0x840
[  335.675491][ T9609]  n_tty_write+0x4fe/0x11e0
[  335.675531][ T9609]  ? __pfx_n_tty_write+0x10/0x10
[  335.675564][ T9609]  ? trace_kmalloc+0x2b/0xd0
[  335.675595][ T9609]  ? __pfx_woken_wake_function+0x10/0x10
[  335.675635][ T9609]  ? kfree+0x252/0x6d0
[  335.675656][ T9609]  ? __pfx_n_tty_write+0x10/0x10
[  335.675690][ T9609]  file_tty_write.constprop.0+0x503/0x9b0
[  335.675723][ T9609]  redirected_tty_write+0xd4/0x150
[  335.675750][ T9609]  vfs_write+0x7d3/0x11d0
[  335.675776][ T9609]  ? __pfx_redirected_tty_write+0x10/0x10
[  335.675806][ T9609]  ? __pfx_vfs_write+0x10/0x10
[  335.675830][ T9609]  ? find_held_lock+0x2b/0x80
[  335.675864][ T9609]  ksys_write+0x12a/0x250
[  335.675889][ T9609]  ? __pfx_ksys_write+0x10/0x10
[  335.675920][ T9609]  do_syscall_64+0xcd/0xfa0
[  335.675948][ T9609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.675973][ T9609] RIP: 0033:0x7fb3bd18efc9
[  335.675990][ T9609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.676014][ T9609] RSP: 002b:00007fb3be009038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  335.676036][ T9609] RAX: ffffffffffffffda RBX: 00007fb3bd3e6090 RCX: 00007fb3bd18efc9
[  335.676053][ T9609] RDX: 0000000000000d4f RSI: 0000200000000840 RDI: 0000000000000002
[  335.676068][ T9609] RBP: 00007fb3bd211f91 R08: 0000000000000000 R09: 0000000000000000
[  335.676083][ T9609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  335.676098][ T9609] R13: 00007fb3bd3e6128 R14: 00007fb3bd3e6090 R15: 00007ffd78a79798
[  335.676122][ T9609]  </TASK>
[  335.676199][ T9609] Kernel Offset: disabled