last executing test programs:

10m39.312928326s ago: executing program 2 (id=1748):
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0)
dup$auto(r0)
socket(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f0000000080)='/de}/audio1\x00', 0x2100000a3d9)
unshare$auto(0x40000080)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0)
sysfs$auto(0x2, 0x23, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x4)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r5=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
pipe$auto(0x0)
pipe$auto(0x0)
tee$auto(0x2000000000000, 0x3, 0x3ff, 0x9)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
socketpair$auto(0x2, 0xc, 0x400, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)

10m37.360502355s ago: executing program 2 (id=1752):
mmap$auto(0x8, 0x40009, 0xdf, 0x86b1, 0x7, 0x28000)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000280)=""/65, 0x41)
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop2\x00', 0x18dd01, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r3 = ioctl$auto_TUNSETVNETBE2(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)=0xffff)
ioctl$auto_USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000100)={0xff, 0x3, 0x7, 0x1, &(0x7f0000000240)="a14ed8e1ce3ae76e08de4465706f8abae66899ce6edfb92d35c2ddc9091b50aa4f55c29e980c0e103ff33f022b3ccfd9af19ca05cb50c5487e9ff4a9654f3bc32cde83ff4d32ebec2bbec0962a49d58da3dae62f3dc05105aee79b8e3ecb9df42c29898b8fdcdb5366fe2977f78cd8ecaa3d697ad4d91070ab8d5fb63a098ecaaee8a89df32da820165aa3e107ed9074617563a8b06f150842af53a568a3d99b2e1f59a73044bc972c9e7defae64bff41dc603f1ade41e3d76da9094555bd1203dc28880cdbf906c8077d264ed401239c3e1043b7f05ccfe0226174be7d3c4e8b5a2dd2531548d12121694650579e858828db07133d795e3823af5dd524fb766cc6c05528a9876948a0825c01aa9eb1c3e965b674f07a7fa474aafecc3dff6c1db9b3d1c56e5d3499027016de6ebf2975b4e8c56950dcb9c2e8761c60cc3c6c9248a583646902081172c7f805984ceeca9228ec50b3ed6f12a9c5465abb1581b35d9074c833da1ec02f56d543947ace19dae53b4ee2bf81efe4845383b34b1e35c955fa572230ba2f70147a4410b8ab5f00739678335e43738250e708dfda315cc8c6c96cea64ea42508e6d3ffe94ce3828b491b6e261f4f222a335cf7e78c14f2d3ca57a0a5ce067e4e8633345a11d38b5183be2873df05612efdaa22c5c90246823de26bba62e43c758372b403b481209561f9dc973573217dbd457da1c3e02414c33cab6f517c6d352b320e0d908f3cfa205dfada57355807c641c81f3cef849f43dfc465f9e33d745e4683db7f40e7c0aa13a667fca9ccb36e7b4c81a33cef09eb984452bef86b25ea0403535c716694ca649dce59e9408e5392d34742703b81045cfff3acdfcf6f01c4d5366c3f83cea8762c3d6bd6aedfbf77708af1fc365f4cecc0fc3b38123e4b71740b0e61fd279b2bf5386c8942ebaaacf47ccfb7937307879a6e220ff6f9bb38b9638b46f0b2bca95620acfc8bc196259f9dde790d0b17d8f7497a864d4ca22be9cfd437515b4d9f31b0157a94de04c13cc325bfbb34ef77ebd093f65f040f0598b2392a78a92bed5181c3a494901bec168e9ee3a0793d923e992f62129e6c6baa3c96e0a628067021c9acc856fdc9808ee02ece51c47bee1d8a47d8ac2a6bb482db58ffd088dbc3e59064fb0a54bf461a47c434e3c4e6dc6733790ec0611973f434da26ca9f7b1e70da36403260023c54bbba29dd6ce654fd1363e3f2654e6d3bbe63810696e95463a7edf4297f5cc5a4ccf747dac1ebfe5b0087fcfeaf4da66262214d4ac2b6e2fa8c9969bf740457343ad432ec565ee1bc16b984b6c16c0430c36978da223912c571604cab4b5e67e9127ec11ff7ff40e7f70caef2f915cf6c4c7e7b2760c00503f06878ce9384de609bb330ccb100c0c33c530d7bdb8245ccc77915c7f59b72add007cb1b6d749d033bc805b7e53ff994a025e8ac7a631bd66271206fe995acb95ee8528c45fb6353375088b3717fa716efd02b16dd31fedb9fb3b920d582a361fc8fa806aad58d794cde9e820d6b467d4875a0718ec67449cfc9e4ca45bec2749ca69a8c7da69715b715ff3b8edc278ec256a3755e92114ae54bf624fec9e02f5448bbeab9a7178d78ade7214a76adb95d8b2a6887c5e0a1230cdf0885d4926658aa53af6c2a9927069f1057365bfb34b884048ea97808ab91ac3bc7b6bafbaf15fff91309543f4b7333a4fade7e390572502fbbad10339d56510290c76e2c7d53cebb8eb17085595e48b4db734c80023f297ab71a05f9e96efdb05867ddf6f82fc695f9268777c29b7e0d89ce7c36e1cfe0fec4d7a52e008e82b8b8748f951a409cb1aa43a003b8b4dc7e2c86c18df533e4369f2e71e433276fa2e30110b0572b6a64091b9e6dc1005f6fed0f4d6e73f5f2eeac16af6e40b3765647adfbbdc841ed09308c7add02e8b2695e08d7fd5ca3ffb839f8e951d3ab97bb2742fefdf13a8aada13ede20f178b39dba9fece76b762df5e6566d2af3e5777e70fc0d5b3e1d59957f28cde0286558f0a4ee623bc5df666ab4c9e01fce022c69b0d355ccd56af8b76591e6cdc366bb89a7ae0bb70f13f9f15f627790feaef53a3be432e2e0f36679af1872b4ff949e2cc47bc6ca2c044fcc6adc57d2e87aac93779256460c9ca9e8efbb723a33bea1e906b749990cb1b47c57652ab83a2c14582fc2e141a7411b8c49233e8f417f4fa2b0b7b4778d26ef8eaabf120d50363003dfec8cc57d5eabb3ca230cd180e7583b54e4c1d3edaa39e5408b616a353a1626648982fa3f7bc00d5b21b3b3a908b92e3b86a78f5ded2a9a8494a7514074082152f3b4905b45f58bfe345c3c8924334b2ca6e915edc165a08ad33dbac0a532d3733d424ee3fa1e33a0bbe3e776d184f98bdb438ba4b3beca23469d17aff149233563b1d6d86c7af3e75b60f5d6e30168f78cfae38e2c0e6d15f8a331b20f5ddf88718e3a0c58cee3aa077a0408ac961684b192ec3f6c1ecf0175f813d80c74a6b2980d2c22d658fe3995757fd8878b03c9d38d8afe91a0389268c31dcbdffa68a0c0b2f9af0cabc886aba5752c6dd10f37adfce7b3f771d7395956dbe69382df6a1ee431ca5ce17d401b456c6b98eb0b772b6d8e05a7d962cdcf1cf6407d97b0a331dbba03b440330bc8022406b3479ff5e0bf63ca1f7985e40150b4412cc172a2ca1cc1cff99ed4dd24985f051cf335a71480aac3407c94ba6f199064f8c7174c3d57404057266fbc2840febb1f1520e2c0acb643d6e9cb4a4f29239bed27cca786980bcc91bdef579e239fff615aa82c0c600d79d825b3ebd1ad33a16e9f29aaf689eb1d18d9b0acf41994a965ad187e7558f9b0394db43918316de97f2a0613910dd00999019df8cf55207931fc199414d4d30c89410dc81ab4448105f13bd61e9f62f5f64906ca793587848669a216ab78c20ca8fe0b2afd3ba42321a70cf46a90ddda1a7120efac0d567084c0465b30e8103619284c5997ed2de7172c639dcd717a2aaf8fc81e3f0950b5e1679e68eccbe76cb830979935803d501b0c7662d62267a5e6abc3a92391923391ce722a5642aae8be884993f032e8963520d22233dafe096ff446b8c7409977bc331bfc0e1045eb7a3d66fa1d937638d24679aa64bbeb3104e445edfd03d32c541b63534e16f5f9f62b4184feef63140883ad9ce19dbc536f6323e7480d3658d5baccd0940b77ad83b96483e9afd93adc382056c1c33cf4cf6ded701dffa73f6e79b6e2561cb184c86325e495e60411c355317c45ebad3f867c2969280f8b28836ee8c8d1012e8e03645efe6daae797e266f113a5e6841ada8ca812a5014350ba382bbd8656d049f9e97295e8c0e663e42a72df695d0ae78e1862e1cf17c6b5731bf6362b58700ccbe72230e25dd52fb049075f1ae57bf31780b6433eabacaa212a43245ebdd65e16bde51c00fe7725b67038900e880c06ca3cc964d85c9e81824197fd8fc2e0a5e2d2c216d5bd81170f6dd64cd7c814f92bad492efd419a2980713b5a6ac8850bab8ac9463eb244ffeec7be2e6f10e5ef97ca08661c5ef580073d2bc21c8b61fdd0041d9201d9712e1fed060928d44ccfd3f2758cc4e86af84ffd1be002770712dd9bb73d99419a95673a203d7a62e84241b7bac30735e6666b6b813edc536585653a68fa165cb1f9c7ad18df52bd1f4667b411531702544d44fae5676c9f97be688fc6c14312ebc37bc14bbdcb575f694a97e142ea0839175ffebf87b43c6994299be07c961499cca6aef214d68d4d6755d2b29c6669e25b995260b3d7ddf124f223abb37ee3cfce522e1eaeb53c98f0cf37ad912a566efbe5fccc68791fbe262f179660510644b6aee5df656f0aed8f35abf002202573627eaed5c318bf34cc2ac3467faf3a91b536f7d4117dd16d6bb66e33ecd8d0e6d5cd61f1157019f9a477e05ef89905f52ba0da605f9c1b95d0f117bde4d39a512e623ae915196dc0c60d3aed92203a213c3fc9a7809ceea90cf62289b5406d6eefb1ca8d6f53705bdf6d833bb9b36b49eee9190762db99a7d4e98821b1074db486b3937dadeac96aa300cb37fa02f03c31866450a62ba893672b56ffe3c0eb52593c31a3a2d97cdb28cd707b7629ef19fc6c917a0473627cf0105204088c213c1d3a8e77c316041b51ccb4d01f464e00c4c18b6605995cf7ccb09a3550b4c23389067deba504858591da42cc955210b9532658db35c684074c3f91f9667818bbb7d1a41c0abde016b97758dcd260f55523ac860df0a893b34c4de106852a5ce5b3e07a1b33cf542f83299c8b33ea50f59c4605f2ff9e7c20c4e1414436553786776c37d8f0217cc177a3b42d92a255b2609b3987c1dd2e67eb745669ebd3ba64a1ae7a23114821f95596bf69c767856d5db66ff8fd80395ff3a976ea5818a8eb512c14db24ee3c9677d9071b238a797bd474ba9ca58137993e967558fce26de98c2ea145531e32ba7102e39499255b81b9935c6e1e05c2be1ddf883482ac0f568568eecf5758d8e7e12a784c1a653d1a03ca536dc981364b8305dd07e8229a9b45bea6f2d2a5301a605b765c7963a085ae4a523bb7fc63eed028bb85b79e8b271951e5e09072301830e81f0d8f7a11e46166c4b8f3980b476b8b29f4423c4251ee760c39e5cd9ab7a56ff8958568f92b37e1ff28d06f6745ffbad72db58a594bdb98126e6b1e5ca34fdb77a1963d99ed345c4c9d48fa0f0cf62394b64eb816b7300f70fc9f8012fa92aebbd61926656f9b98838ca1e2b68db0c3c9ab41974d5b3abea785691779ddd7d3076e835d0dd38b2c8c73783f830d888e96ecefbddba7dd0f5dcfb61342fea6798308793703aa2855d522e142c83eb0948b98d406934b328321cbc18e60a22ca11b41e7edf6fd409f6f50abf000acd16a4c29546719c4ce9747005893ecd94b4f3dd70ad85ecc21a90f4d1d7a389746b65a5a1d65b5f9c2e0edf51533d88cbc40a332aea7b88894aacbea53f2ef202982ec2899b1b62e1fefdd88cff8b45d13205c493b903d071379dc12d342c5676840a5484a489c8331b5cda42c56f4f81f42876c7fc544ac7134744835f025a9e2e0d4dd1aaef850bfd879575b2810c8834eff6716430d3963b71c60a533335f4873b54000750c184f15b4b65bf5123ab64c4efd95928deaa140b0a623e6373ebf18183ec3bae48440c3047c95f500fbb13cbc298f446f3c4316961fade57b2d72fce36fdc339ba559a379e76b033c1dd46ffd53005a73f002a27c1e4cfbed534ca28b735990d94729557b943fe8877786d9856fb4cee3ee388833ed828f2c2b6fc1a83aba77c2ebfac3ef626b4f34aa9a294af37f78e66e8d1e4e0bfad8f2f66b447426dfbdfd3df0827a23422bdad04ba2cf078dd6ccbaf9725da60905433862f127446bd62c82c5ba6baeb7045c25c2df9c1eabeacd4ace84f084a19045c420dbc73f0b0bed5dfd561404ba6508559102ed64582b9359b683916cef67707c54ac4342a35995fbaf70f1022e3fead8ce40083aa8faa043fa4f3e8525c23a12f58d7a0487efdd6882b4af1cc58089861936baae7c5ca819e18c604c76a501f71e45f20ae1a5fba04bb313369fbfdf0ddc2dd2fc9641a3363edc2f1aca2191ece19e1a3fea4eb5aeaea927e535c6d9c52754110fd067646473b6c8f3d3c3f60f061dc6752d8f75c1fd9658ea01c48dd2a5f3c92171be22eb40d0e5d1a5348ee43e26c21ffa13c418f1aeea109a5b7a1f9887865c13d5bb3ddd60d3261443d8ab3b97cc236ea79b9a514073b5", 0x5, 0x3, 0x800, @stream_id=0x100, 0xfc, 0xf, &(0x7f00000000c0)="05", [{0x0, 0x0, 0x3}, {0x1, 0x9, 0xc50e}, {0x81, 0x7fff}, {0xe, 0x101, 0x8000}]})
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101200, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c06, 0x0)
mmap$auto(0x0, 0x7fff, 0xe4, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x8102, 0x0)
io_uring_setup$auto(0x5d, 0x0)
socket(0x1, 0x803, 0x0)
connect$auto(0x3, 0x0, 0x54)
unshare$auto(0x40000080)
r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x6)
mmap$auto(0x0, 0x400008, 0x100000001, 0xba, 0x2, 0x8000)
adjtimex$auto(0x0)
ioctl$auto_USBDEVFS_SUBMITURB(r4, 0x8038550a, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0x10, 0x2, 0x1, 0x1000, 0x0, 0x0, 0x0, 0xfa98, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffefff, 0x20000000000008, 0x0, 0x7, 0x3, 0x5})
socket$nl_generic(0x10, 0x3, 0x10)

10m36.250883544s ago: executing program 2 (id=1754):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x93f, 0x1fee1, 0x3, 0x6, 0xfffffffffffffffe, 0x9, 0x5, 0x8005, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x8, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x7fffffffffff, 0x9, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x82)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000380), 0x404081, 0x0)
ioctl$auto_RTC_WKALM_SET(r0, 0x4028700f, &(0x7f00000003c0)={0x1, 0x8, {0x4, 0x3, 0x1000, 0x1ff, 0x0, 0xff, 0x8, 0xea, 0xffff259c}})
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timerfd_gettime$auto(r0, &(0x7f0000000400)={{0xa6d1, 0x20000000}, {0x3, 0x10001}})
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
ioperm$auto(0x800, 0x5, 0xd)
r2 = prctl$auto_SECCOMP_MODE_STRICT(0x1, 0x1, 0x0, 0x7ff, 0x3)
setxattrat$auto(r2, 0x0, 0x2df9, 0x0, 0x0, 0x2000000006b)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x1ab101, 0x0)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
sendmsg$auto_NET_DM_CMD_CONFIG_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NET_DM_ATTR_SW_DROPS={0x4}, @NET_DM_ATTR_ALERT_MODE={0x5, 0x1, 0x9}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

10m35.525611768s ago: executing program 2 (id=1756):
socket(0x18, 0x2, 0x0)
write$auto(0x3, 0x0, 0x7fffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x80000, 0x0) (async)
r1 = pidfd_open$auto(0x1, 0x0)
pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r1, 0x8, &(0x7f0000000440)={@siginfo_0_0={0x8, 0x80, 0x676164a5, @_rt={0x0, 0x0, @sival_ptr=0x0}}}, 0x2) (async)
ioctl$auto_BTRFS_IOC_SNAP_CREATE_V2(r1, 0x50009417, &(0x7f0000000480)={@raw=0x3bd4, 0x8, 0x564c, @btrfs_ioctl_vol_args_v2_3_0={0x7f, &(0x7f0000000080)={0x200, 0x2, 0x3ff, 0x48, {0x2, 0x0, 0xffffffffffffffff, 0x400, 0xff80}, [0x75cf2d7e, 0x18, 0x38c0000000000000, 0x40, 0x7ff, 0x2, 0x3, 0x5]}}, @devid=0x10})
sendfile$auto(0x1, 0x3, 0x0, 0xc01) (async)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x2100, 0x0)
pread64$auto(r2, 0x0, 0x1a7, 0x78) (async)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
ioctl$auto_RTC_IRQP_READ(r3, 0x8008700b, &(0x7f0000000200)=0x9) (async)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fedbdf250400000043001100008742fe50c6ae168e439fdf2a7824e4c19bfd948b59b5cb5d1f1c5226f1765e67fe5b823201455e285a5af9b14f8ef62d60727e86f000"/82], 0x58}, 0x1, 0x0, 0x0, 0x801}, 0x4044820)

10m35.069177674s ago: executing program 2 (id=1757):
getitimer$auto(0x80000001, 0x0)
setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000000)={{0x1, 0x3}, {0x5, 0x7f}}, &(0x7f0000000040)={{0x400, 0xc}, {0x0, 0x5}})
setitimer$auto_ITIMER_PROF(0x2, &(0x7f0000000180)={{0xffff, 0x2}, {0xec8, 0x24}}, &(0x7f00000001c0)={{0x7, 0xfffffffffffffffd}, {0x6, 0x7fff}})

10m34.914917428s ago: executing program 2 (id=1758):
r0 = socket(0x10, 0x2, 0x200c)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff)
adjtimex$auto(&(0x7f0000000300)={0x3, 0x0, 0x7fffffff, 0x55d, 0x12, 0xf2, 0x9, 0x0, 0x5, 0x0, 0xfffffffffffffffb, {0x9, 0xa7}, 0x9, 0x7, 0x1, 0x8, 0x0, 0x8, 0xce34, 0x6, 0x3, 0xfff, 0x3})
getsockopt$auto_SO_TIMESTAMPING_NEW(r0, 0x40f4, 0x41, &(0x7f0000000100)='nlctrl\x00', &(0x7f0000000140)=0x2)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(r0, 0x0, 0x100082)
ioctl$auto_SG_GET_NUM_WAITING(r2, 0x227d, 0x0)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x2)
mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x10000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
r4 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
r5 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0)
waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000740)={@siginfo_0_0={0xfffffe00, 0xfffffffd, 0x6, @_sigpoll={0x3, r2}}}, 0x80000000, &(0x7f00000007c0)={{0xffff, 0x1}, {0x9, 0xffffffffffffffff}, 0x800, 0x10, 0x7, 0xfffffffffffffffb, 0xfff, 0x7, 0x401, 0xfffffffffffff001, 0x100, 0x10000000000000, 0xfff, 0x1, 0x4, 0x3})
pread64$auto(r5, &(0x7f0000000140)=']}\x00', 0x101, 0x8)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, r4, 0x454f, 0x5f, 0x0, 0x0, r4, 0x80000001}, 0x6d4)
mmap$auto(0x1, 0x2000a, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r6 = socket(0x15, 0x5, 0x0)
r7 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg1\x00', 0x224a00, 0x0)
ioctl$auto_SG_SET_FORCE_PACK_ID(r7, 0x227b, &(0x7f0000000500)="4b6ae5a86f3e0896077902fc8f82ac5cb8f94c1757788661e5ada565ee130f2b21dcd686d6b7bde10f9b118083c706021357747ec7d9b1d7b1434d4b6e8231f6700860eaf8cd33328886a3ccba4f6664af143341598b695ccde77fbb68e441242248de69729a6bc2d5c85cbb16360ce93c7826e93bf96e10d76f8eac711ac0f68dfc18ab026af1875a9e618fe36dbf3c79cb9b8e79dba179b23be9de0c69918f0d71603abf9bb1b8894e65c338b9320b5502561bedb5e5bc608a305e7fd0b3e966a277478be2373c73b9cbc62ade124976")
setsockopt$auto(r6, 0x114, 0x8, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
lsm_get_self_attr$auto(0xad2, &(0x7f0000000400)={0x7, 0x0, 0x0, 0xa6, "27aeab7b97f28a830d14acb4dc1b98b43e60ba140404888593d1583b4ed6af8562e854222f03cbc3443df095aca5ecee5c9f40a5feaefabcebc7d7d7b4b54dfb680e773e70b0e5ce2b094cbeea1517608701e5b13060497bb11a2f859e56a0323df29ca42c20daddc8251b2800a8a545eb787ea54b159864069e9384173133cc7e56915050c933a0f538214224ae79433c1d4b68916176f2b4709a0060d5b9888b4fb9cd6a8b"}, &(0x7f0000000000), 0x4)
sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="000128bd7000fbdbdf250a0000074be4a5cd904d5ddbf747098a03440e0f6848e8a274cc7365e1837a2bc926f6fed91187f2d434287e5487057d98b9551e8b56d15df2ae8ccc5f9b40491c6ff8b35ffb1699"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000000)
link$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00')

10m19.138203653s ago: executing program 32 (id=1758):
r0 = socket(0x10, 0x2, 0x200c)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff)
adjtimex$auto(&(0x7f0000000300)={0x3, 0x0, 0x7fffffff, 0x55d, 0x12, 0xf2, 0x9, 0x0, 0x5, 0x0, 0xfffffffffffffffb, {0x9, 0xa7}, 0x9, 0x7, 0x1, 0x8, 0x0, 0x8, 0xce34, 0x6, 0x3, 0xfff, 0x3})
getsockopt$auto_SO_TIMESTAMPING_NEW(r0, 0x40f4, 0x41, &(0x7f0000000100)='nlctrl\x00', &(0x7f0000000140)=0x2)
r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto(r0, 0x0, 0x100082)
ioctl$auto_SG_GET_NUM_WAITING(r2, 0x227d, 0x0)
mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x2)
mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x10000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
r4 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
r5 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0)
waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000740)={@siginfo_0_0={0xfffffe00, 0xfffffffd, 0x6, @_sigpoll={0x3, r2}}}, 0x80000000, &(0x7f00000007c0)={{0xffff, 0x1}, {0x9, 0xffffffffffffffff}, 0x800, 0x10, 0x7, 0xfffffffffffffffb, 0xfff, 0x7, 0x401, 0xfffffffffffff001, 0x100, 0x10000000000000, 0xfff, 0x1, 0x4, 0x3})
pread64$auto(r5, &(0x7f0000000140)=']}\x00', 0x101, 0x8)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, r4, 0x454f, 0x5f, 0x0, 0x0, r4, 0x80000001}, 0x6d4)
mmap$auto(0x1, 0x2000a, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r6 = socket(0x15, 0x5, 0x0)
r7 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg1\x00', 0x224a00, 0x0)
ioctl$auto_SG_SET_FORCE_PACK_ID(r7, 0x227b, &(0x7f0000000500)="4b6ae5a86f3e0896077902fc8f82ac5cb8f94c1757788661e5ada565ee130f2b21dcd686d6b7bde10f9b118083c706021357747ec7d9b1d7b1434d4b6e8231f6700860eaf8cd33328886a3ccba4f6664af143341598b695ccde77fbb68e441242248de69729a6bc2d5c85cbb16360ce93c7826e93bf96e10d76f8eac711ac0f68dfc18ab026af1875a9e618fe36dbf3c79cb9b8e79dba179b23be9de0c69918f0d71603abf9bb1b8894e65c338b9320b5502561bedb5e5bc608a305e7fd0b3e966a277478be2373c73b9cbc62ade124976")
setsockopt$auto(r6, 0x114, 0x8, 0x0, 0x4)
close_range$auto(0x2, 0x8, 0x0)
lsm_get_self_attr$auto(0xad2, &(0x7f0000000400)={0x7, 0x0, 0x0, 0xa6, "27aeab7b97f28a830d14acb4dc1b98b43e60ba140404888593d1583b4ed6af8562e854222f03cbc3443df095aca5ecee5c9f40a5feaefabcebc7d7d7b4b54dfb680e773e70b0e5ce2b094cbeea1517608701e5b13060497bb11a2f859e56a0323df29ca42c20daddc8251b2800a8a545eb787ea54b159864069e9384173133cc7e56915050c933a0f538214224ae79433c1d4b68916176f2b4709a0060d5b9888b4fb9cd6a8b"}, &(0x7f0000000000), 0x4)
sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="000128bd7000fbdbdf250a0000074be4a5cd904d5ddbf747098a03440e0f6848e8a274cc7365e1837a2bc926f6fed91187f2d434287e5487057d98b9551e8b56d15df2ae8ccc5f9b40491c6ff8b35ffb1699"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000000)
link$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='./file0\x00')

1m45.606717517s ago: executing program 0 (id=2956):
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101)
mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0)
getpid()
clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x3, 0x6]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0)
ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0)
read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0)
close_range$auto(0x2, 0x8, 0x0)

1m42.136028387s ago: executing program 0 (id=2960):
r0 = socket(0x11, 0x2, 0x300)
mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4)
rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)')
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
capset$auto(0x0, &(0x7f0000000000)={0xfffffffe, 0x41, 0x4a})
r1 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000002c0), r0)
sendmsg$auto_KSMBD_EVENT_TREE_CONNECT_RESPONSE(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, r1, 0x200, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x20058880)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x30, 0x0, 0x9, 0x8}, 0x5}, 0x20000002, 0x100)

1m41.444008508s ago: executing program 0 (id=2962):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0xd90, 0x400, 0x2}]})
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x6, 0x3)

1m39.741717853s ago: executing program 0 (id=2963):
madvise$auto(0x0, 0x2000040080000004, 0xe)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = socket(0xa, 0x2, 0x73)
fcntl$auto_F_GETOWNER_UIDS(r2, 0x11, 0xffffffffffff0001)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptyu8\x00', 0x6984c0, 0x0)
ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x1)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x2, 0x801, 0x6)
setsockopt$auto(r4, 0x1, 0x12, 0x0, 0xa4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
socket(0x11, 0xa, 0x300)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
keyctl$auto(0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x101)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r4, @ANYRES16, @ANYBLOB="01002dbd7000ffdbdf25020000000800010009000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800)
capset$auto(&(0x7f00000002c0)={0xfffffffd, <r5=>0xffffffffffffffff}, &(0x7f0000000380)={0x5, 0xf, 0x80000000})
r6 = prctl$auto(0x3, 0xb, r5, 0x8000000000000000, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_USBDEVFS_BULK(r6, 0xc0185502, &(0x7f00000003c0)={0x1ff, 0x9, 0x0, &(0x7f0000000440)="a3e9177a47235f555dc81b2805aa80b035b6399213780497b49fe426efd65a4c6b3b8790d490d3af6a50b99494322324f105012171714f62c09df6691f498d39f90ec972c982b26c1014ae13b09c5dd4988d95d7976d6cc0af5ff6e0b376a6f7cc479d90fa762aba58b6481587a4f637b34ac47c2b4c806d9fe00775bb93f14a42c5e89b741dc77a7ef3bcc72491b610b36af57335ef3e70a429a9e39c8ec681a000ff3781318ad7463a5af93be99f3c81ddebac532cc73d2133b0a9aee8f9adee382a47543ba2a8f2f9aa42613b14f480de0bbd2dbef5"})
syslog$auto(0x3, 0x0, 0x5)
poll$auto(0x0, 0x5, 0x100009)
socket(0x25, 0x5, 0x4)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)

1m34.517979274s ago: executing program 0 (id=2970):
r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x2400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/7, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
socket(0xf, 0x3, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x70)
socket(0x2, 0x1, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
ioctl$auto(r4, 0x5646, r4)
read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f0000000280)=""/40, 0x28)
socket(0x1e, 0x1, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9)
copy_file_range$auto(r3, 0x0, r3, 0x0, 0x2, 0x0)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0)
ioctl$auto(r5, 0x5457, 0xd8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="c8000000", @ANYRES16=0x0, @ANYBLOB="000229bd7000fddbdf2511000000a3002a00221ada28c3b835ac22c9b00bfd5894dca7ed19c82e324edbb5dec7289433783809e7692cdc8b70348d4980009499f433a7f57c95279dd2f6114495580c2740d7ac0ffeac969a8ac19fa27d50ca2fe215e2f7bb9fdda4377076d1587807cf6d419d45e665031c12784793f345375f76b3413e50acdc8fdf7186893d701e1a6f3f2a94fd921137d651a30c0e2f1399694a65614814fae66807b99f30922bb6fe70fbc727000800c3000300000005003e00c11d82b4630535483ce6e1"], 0xc8}, 0x1, 0x0, 0x0, 0x800}, 0x840)
socket(0x1d, 0x2, 0x3)
ioctl$auto_PROCMAP_QUERY(0xffffffffffffffff, 0xc0686611, 0x0)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x110c230000, 0x8031ca, 0x9)

1m32.782488375s ago: executing program 0 (id=2974):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
socket(0xa, 0x2, 0x3a)
mmap$auto(0x1f00, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
io_uring_setup$auto(0x52, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
close_range$auto(0x0, 0xfffff004, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r2 = socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0xf, r3, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x4)
select$auto(0x2b16, 0x0, &(0x7f0000000300)={[0x1, 0x0, 0x5, 0x6, 0x88, 0x8, 0x10001, 0x5d, 0x6, 0x100000001, 0x81, 0x5, 0x0, 0x4, 0x0, 0x8b]}, 0x0, 0x0)

1m17.194119239s ago: executing program 33 (id=2974):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xfffffffc}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0xffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4002000}, 0x40010)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
socket(0xa, 0x2, 0x3a)
mmap$auto(0x1f00, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
io_uring_setup$auto(0x52, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
close_range$auto(0x0, 0xfffff004, 0x2)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
r2 = socket(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0xf, r3, @relative_fd, 0xe600}, 0xf)
bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x4)
select$auto(0x2b16, 0x0, &(0x7f0000000300)={[0x1, 0x0, 0x5, 0x6, 0x88, 0x8, 0x10001, 0x5d, 0x6, 0x100000001, 0x81, 0x5, 0x0, 0x4, 0x0, 0x8b]}, 0x0, 0x0)

12.437095676s ago: executing program 5 (id=3170):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
symlink$auto(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
write$auto(r1, 0x0, 0x4)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x0, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000010c0)={'lo\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
dup$auto(r3)
sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, &(0x7f0000002840)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002800)={&(0x7f00000028c0)=ANY=[], 0x14f4}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)
write$auto(r1, &(0x7f0000002880)=')&#-\x00', 0x8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="1c002d800400"], 0x38}}, 0x4000000)

11.899004805s ago: executing program 5 (id=3171):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f682, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fsconfig$auto_SHMEM_HUGE_FORCE(r0, 0x7, &(0x7f0000000100)='@+\\!\x00', &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50ca46", 0xfffffffffffffffe)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf25030000001400010000000003000000000000000000000001a84b4dea1dc32b08c9cab8bf5cc1eac6f3e2"], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
open(&(0x7f0000000080)='./file0\x00', 0x8082, 0x105)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9)
r4 = socket(0xa, 0x5, 0x84)
sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
socket(0x1, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1d, 0x2, 0x2)
socket(0xa, 0x3, 0x100)
fanotify_mark$auto(0x0, 0x1, 0x7, 0x4, 0x0)
fanotify_mark$auto(0x0, 0x201, 0x9, 0x4, 0x0)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000000)=""/65, 0x41)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000040)=""/9, 0x9)

10.287238532s ago: executing program 5 (id=3180):
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6}, 0x1fe, 0x81)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/thread-self/net/pppol2tp\x00', 0x0, 0x0)
pread64$auto(r0, 0x0, 0xd, 0x6e9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, r1, 0x10008000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, r4, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0)

9.29800954s ago: executing program 5 (id=3182):
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0xa, 0x2, 0x73)
socket(0xa, 0x3, 0x3b)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/raw6\x00', 0x0, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000e80)=""/215, 0xd7)
socket(0xa, 0x1, 0x84)
ioprio_set$auto(0x3, 0x0, 0x4b34)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0)
r1 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b)
msgctl$auto_MSG_STAT(0x91b, 0xb, &(0x7f0000000140)={{0x8, <r2=>0x0, 0xee01, 0x8, 0x38a2, 0x40, 0x7}, &(0x7f0000000080)=0x7f, &(0x7f00000001c0)=0x8, 0x0, 0x0, 0x80000000, 0x8, 0x7fffffff, 0xd, 0x400, 0x3, @raw=0x2})
setuid$auto(r2)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000200), 0x221400, 0x0)
read$auto(r1, 0x0, 0x1)
write$auto(0x3, 0x0, 0xffd8)
close_range$auto(0x2, 0xa, 0x0)
socket(0x2, 0x1, 0x106)
set_tid_address$auto(&(0x7f0000000300)=0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0)
mmap$auto(0x0, 0x6, 0x100000004000de, 0x9b72, 0x2, 0x9)
madvise$auto(0x0, 0x2003f0, 0x15)
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
read$auto(r3, 0x0, 0xb4d3)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000340), 0x4180, 0x0)
write$auto(0x3, 0x0, 0xffd8)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/input/handlers\x00', 0x200, 0x0)

8.496063983s ago: executing program 1 (id=3186):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x111000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_NL80211_CMD_SET_PMK(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x444, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_TID_CONFIG={0x3e0, 0x11d, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x6}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xd}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x8}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0xb}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x81}]}, {0x4}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x10}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x3}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0xc3}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x40}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x3}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x3}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}]}, {0x344, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xd4, 0xd, 0x0, 0x1, [@NL80211_TXRATE_VHT={0xc0, 0x3, "5456333188e2dd4b955f17337cd84ab7aa135b5c48b582ab1594005fb79c85acc4771354e9c8ee329cf9050e15b7858a7757aff35629aa7dfa00b1d00b43a2cfb23fbf7fe26b0c6e5e552608549332de5deaa301f2935da28cb23648f0d8b0438eb3e2d49f297d8161a30a227281f4d2abdbce5755184500182acd3bcdb8f455f709699dbbe6d9f5e6dae3ef9dcbff0145f5abf14b76361d06dcbe188f19604bec8ff034ac179eeafc788b3b02893939c46ce40cc7477ebf846e96c8"}, @NL80211_TXRATE_HT={0x10, 0x2, "ec2fd0a8618a20e1fca6fb98"}]}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x258, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x50}, @NL80211_TXRATE_HE={0xde, 0x5, "3f193206bb3208044d5a950d0f0a2208baf195d1283986d89d6548797043228ab7ffcbc165c5e5e97f434308caebab2ec15415014a2d169f11df77bc5647c694f1af20eab9ddf467feb40a5028ebde0694793f9a0d9353c6b7678c0c5f94809f177a6305439915d9ff4ff60c5f5dfcef91d05f7d0dd73fee2a70517c11c52e60f7778d8dd8221f79dafcd5dfbb847f80e2a0e2e135a9c48b7f1202642e53148ccb0eec89792bcee559548f658e5de171e4b68450101db9a0a5a3e0e34e7d761e2296514e277950d55d1a9004c132b0b422f275e8bbc8369be104"}, @NL80211_TXRATE_VHT={0xe3, 0x3, "650ff00983c58cd36294d205eda8a443c6093d2ca1c4a595e0d6b51daaa1ae0eb2db79850ab155dfc266a47ed557d52a670c2c36e6ba3422c6570e6fe10a699dbe043c6367c0cc420f07736de131732211fb8e704b8a8eed41889b985827c7823d9ac3c81582a176e9efb2c48a0cae58c5b23d0888023cab13ce6a6d6a2835c3249dec42bae2801e287a13b2a5aa5c4f0d987e49092ecff79554a62a3ee740d93b272f76b18aaf8aa5d483acd9597ab10c0d0b8eed8fbea4269e73e933a44d6db27e99e8f04a604a16f66ab157847dbf0ac60f9e5a856f70b50b944ee470c8"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x1}, @NL80211_TXRATE_VHT={0x55, 0x3, "0018ebcd73d9615c2e3683957f0b2e4a2b6d8de03706b7a8c3e07d39be44517e8129599d3ca3a98f7e39ace3211c3f90a49726cc600ef518e52cb9b7389d99cab52baef594b2826e73156484b771e8436d"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0xff}, @NL80211_TXRATE_LEGACY={0xe, 0x1, "a1084b4e3c21a9b5902c"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x10}]}]}]}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x6}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x9}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x39, 0xbd, "4777091ade84143a7c7d07deb1ed6e28d0bbb3b7c7623791658a4d3f7fa7832572c43a2482f989b7f84d4df798b8cb088a3f87cd2f"}]}, 0x444}, 0x1, 0x0, 0x0, 0x84818}, 0x44011)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
r1 = socket(0x2, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
r4 = dup$auto(r2)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r5)
ioctl$auto_KVM_CREATE_VM(r3, 0x4004ae8b, 0x1000000)
close_range$auto(0x2, 0xa, 0x0)
connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@generic={0xa}, 0x55)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r1)
sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(r4, &(0x7f00000007c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x3c, r6, 0xa00, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_WPA_VERSIONS={0x8, 0x4b, 0x8}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x3}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0xffffffff}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x9}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x24014094)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)

7.161306703s ago: executing program 1 (id=3188):
mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x2, 0x0)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x100000000000000)
mount$auto(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x5, 0x0)

7.138173765s ago: executing program 5 (id=3189):
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/softnet_stat\x00', 0x10b402, 0x0)
pread64$auto(r0, &(0x7f0000000380)='/proc/Nes\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a', 0x100000001, 0x100)

6.83602956s ago: executing program 5 (id=3191):
mmap$auto(0x0, 0x1c932b54, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xc004ae02, 0x88)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
writev$auto(0xffffffffffffffff, 0x0, 0x1)
madvise$auto(0x0, 0x20499d, 0x9)
r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000140), 0x100, 0x0)
ioctl$auto_RNDGETENTCNT(r3, 0x80045200, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xc008ae88, 0x88)
set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4)
clone$auto(0x81, 0x5, 0xfffffffffffffffd, 0xffffffffffffffff, 0x1)
move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000001140), 0x0, 0x2)

6.481580697s ago: executing program 1 (id=3193):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x12, 0x0, 0xa4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x2000c800)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x2, 0x2003f2, 0x15)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000080), 0x4040, 0x0)
madvise$auto(0xffffffffffffffff, 0x200007, 0x19)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
syslog$auto(0x3, 0x0, 0x5)
poll$auto(0x0, 0x7f, 0x9)
socket(0x25, 0x5, 0x6)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x10\b\x00\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001)

5.806124638s ago: executing program 4 (id=3196):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r0, @ANYBLOB="010025bd7000fbdbdf0002"], 0x1c}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r1 = socket(0x23, 0x2, 0x101)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x189002, 0x0)
r3 = creat$auto(&(0x7f00000000c0)='./file0\x00', 0x0)
setfsuid$auto(0xee00)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0)
sendfile$auto(r2, r3, 0x0, 0x0)
sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, 0x0, 0x24040000)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r5, 0x0, 0x20)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x10}, 0x3)
fsconfig$auto(r2, 0x8, 0x0, 0x0, 0xee01)
close_range$auto(0x2, 0x8, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0)

5.143008133s ago: executing program 4 (id=3198):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0)
read$auto(r0, 0x0, 0x42)
mmap$auto(0x0, 0x4, 0x76, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x101)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$auto(0xffffffff, 0xfffffffffffffffa, r1, 0x4, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x10000000000000e, 0x0)
fsopen$auto(0x0, 0x1)
recvmmsg$auto(0x3, 0x0, 0x8, 0x6ec, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x38, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r2 = socket(0x1d, 0x3, 0x1)
getsockopt$auto(r2, 0x65, 0x8, 0x0, 0x0)

4.768029715s ago: executing program 3 (id=3199):
socket(0x29, 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
statmount$auto(0x0, &(0x7f0000000380)={0x5, 0x1, 0x9, 0x7, 0x5, 0x80, 0x8, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x7, 0x10000000000, 0x0, 0x3, 0x22000, 0x203, 0x9, 0x84, 0x0, 0x4, 0xb7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x7, 0x6, 0x4, 0x8, 0xfffffffffffffffd, 0x0, 0x0, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x1], "f5c3b7bb6ae7a3f5bc51c312e69f3337b32e51569360b7d75005732961ac873511f6591e3617498a4ef7dd6570560a1ef01f034eb0a9c37b75e999bb53cbe7d28b6e39db5e77a30ecd0d0b3d16c75ac4e10f260222d5da3c60d378f3552379502473f8701129292265e6f6a9117822fc5028f450616f0ad9f82daad3b2ed73c8a7de8aeda0072bdd2f3d63fd1486d738061538169ba2b119b4fe1f04307660"}, 0x81, 0x968c)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
mmap$auto(0x3, 0x400008, 0xb71, 0x13, r0, 0x7fffffffffffffff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x101142, 0x0)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
futimesat$auto(0x2, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff)
ioctl$auto(0x3, 0x4040ae77, 0x38)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
read$auto(r2, 0x0, 0x9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, 0x0, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100)
pivot_root$auto(0x0, 0x0)
open(0x0, 0x7ffd, 0x12)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x6, 0x9, 0x0, 0x0, 0x6)

4.653982666s ago: executing program 1 (id=3200):
socket(0x29, 0x2, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x0)
statmount$auto(0x0, &(0x7f0000000380)={0x5, 0x1, 0x9, 0x7, 0x5, 0x80, 0x8, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x7, 0x10000000000, 0x0, 0x3, 0x22000, 0x203, 0x9, 0x84, 0x0, 0x4, 0xb7, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x7, 0x6, 0x4, 0x8, 0xfffffffffffffffd, 0x0, 0x0, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x1], "f5c3b7bb6ae7a3f5bc51c312e69f3337b32e51569360b7d75005732961ac873511f6591e3617498a4ef7dd6570560a1ef01f034eb0a9c37b75e999bb53cbe7d28b6e39db5e77a30ecd0d0b3d16c75ac4e10f260222d5da3c60d378f3552379502473f8701129292265e6f6a9117822fc5028f450616f0ad9f82daad3b2ed73c8a7de8aeda0072bdd2f3d63fd1486d738061538169ba2b119b4fe1f04307660"}, 0x81, 0x968c)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9)
mmap$auto(0x3, 0x400008, 0xb71, 0x13, r0, 0x7fffffffffffffff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x101142, 0x0)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000)
futimesat$auto(0x2, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0xffffffffffffffff)
ioctl$auto(0x3, 0x4040ae77, 0x38)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
read$auto(r2, 0x0, 0x9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, 0x0, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100)
pivot_root$auto(0x0, 0x0)
open(0x0, 0x7ffd, 0x12)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x6, 0x9, 0x0, 0x0, 0x6)

4.590849581s ago: executing program 4 (id=3201):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
statmount$auto(0x0, &(0x7f0000000180)={0x4, 0x1, 0x1ff, 0x7, 0x8, 0x717e, 0x1ffde, 0x8, 0x3, 0x9, 0x8, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x9, 0x80000001, 0x10007, 0xb, 0x4, 0xe3f, 0xa, 0x22000, 0x201, 0x6, 0x84, 0x0, 0x0, 0x40, 0x0, 0x0, [0x0, 0x0, 0x1fa, 0x200, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffc, 0x100, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x80000000040000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x201, 0xd)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd0\x00', 0x551ee0, 0x0)
mmap$auto(0x1, 0x810004, 0x8, 0x7f, 0xffffffffffffffff, 0x8000)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010002000500000000000a000000100003800c0001000100000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x2a8600, 0x0)
write$auto(r3, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k#\x92\xe3q\xa0\xf0@\r\xa7w\xc3\f\xb9\xeb\b\xae\xea\x18U^zc&\x05\x00\x00\x00\xee\xf8\xa6\xf4_\f\x12\x1f\x9d\x1c\xbe\t\x95\xfa:\xa3\xaf\x8a\x9e\x82\x9e\xd8\xf3\r\x8f\xce\xe3\x865\xdf\x97{\xac\xb5`k\xa1ys\xff\xce\xf0H\x97L\xff3\xab\x05-\xff]>%b7Sw!\"\xfc\xe1\x84\xf3\x00\xee\fH\xc0\xb66\x12\xd8\x99\xd6\x90a\"\t \xa7\x1dJ\xd0\xd7\n\xd5\xe6VT\xbf\x9e\x89\xd3\'J\x1b\x10\xc6\xc4\\\xba\xb1\x10g~\xea\xd4\xae#\xae\xc7\xbd\xfaY\xb1W\x8cj\xd6R\x87\x85\xf5\xb1\xdd\vh#\xa5\x1b\xa3wL\x1c\xdd\xd0N\xfb\x83iSa\xa7-\x8db\x04\xc3\x89\xe029\xdd\xf1\xc6\x18\x0e\xf4\x1eP\x04\x9a\xad5\xce\x95\xe6y\x1c\xe4\x1aJ\xdb\x8f\x8b\x85\x13\xeb\x94\x10\xf6\xe0|\xa9 \r\xe6\xe54\xee\xb9\xcb\x92\xb5\xa9K\v\r3\v\xe7\x81$5\xee,F\xea[]\xc5\xee3\xafA\xc5\x7fxQ\xa6\xa2i\xdb#\xf5G;\x8d\xa1d/\xc1\xc9\xc73\xcc\b\x882JTf\xa8i\xbf\xd6\'\x8f', 0x80)
connect$auto(r3, 0x0, 0x7f)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
rseq$auto(0x0, 0xfffffff4, 0x1, 0x5)
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x44940, 0x0)
ioctl$auto_VHOST_SET_BACKEND_FEATURES(r4, 0x4008af25, 0x0)
mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
rseq$auto(&(0x7f0000000580)={0x0, 0x85, 0x9416, 0x1, 0x7, 0x6}, 0x6, 0x3, 0xff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
mmap$auto(0xffffffffffdffffc, 0xfcf, 0x1, 0xeb2, 0xffffffffffffffff, 0x20000007)
socket(0xa, 0x2, 0x0)

3.688093013s ago: executing program 4 (id=3202):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/pci/devices\x00', 0x10b402, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = open(0x0, 0x22240, 0x154)
bpf$auto(0x0, &(0x7f0000000400)=@link_update={r1, @new_map_fd, 0x4, @old_map_fd=0x3ff}, 0xa3)
ioctl$auto_VFIO_IOMMU_MAP_DMA(r1, 0x3b71, 0x0)
fcntl$auto_F_GET_RW_HINT(r0, 0x40b, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r2 = setfsuid$auto(0xee01)
setresuid$auto(r2, r2, r2)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
open(0x0, 0x22240, 0x155)
access$auto(0x0, 0x7)
getrandom$auto(0x0, 0x6000000, 0x3)
mount$auto(&(0x7f00000000c0)='rose0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='*[#%-]]\x00', 0x4, &(0x7f00000001c0)="29a768ec84eebb83b19a674d53ae7a5b5f2674d5bdc68e08864a12a67d")
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3)
r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x6)
mmap$auto(0x0, 0xda, 0x1, 0xeb1, 0x40000000000a5, 0x8000)
ioctl$auto_IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r3, 0x7a6, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mmap$auto(0x0, 0x84d9, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = getpid()
process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000100)="58e7a2329fbdfb4986a26faf4182257497e4856e4a66e5177fa5d4eb558a61b740471c000000007e973d778cb0026ab17c9fe9252ff86e659e", 0xffffffff}, 0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r5 = signalfd$auto(0xffffffff, 0x0, 0x8)
fchown$auto(r5, 0x0, 0x0)

1.909320442s ago: executing program 4 (id=3203):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000)
r1 = socket(0x0, 0x1, 0x0)
setsockopt$auto(r1, 0x6, 0x1d, 0x0, 0x3f)
mknod$auto(0x0, 0x20e9, 0x103)
r2 = socket(0xa, 0x5, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
setsockopt$auto(r2, 0x10000000084, 0x0, 0x0, 0x10)
arch_prctl$auto(0x80, 0xd6d)
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x202082, 0x0)
mmap$auto(0x4417, 0x9, 0x6, 0x11, r3, 0x7)
r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r4, 0x400, 0x1)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa)
socket(0xa, 0x1, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r6, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x2, 0x400, 0x1, 0x1, 0x948b, 0x5, 0x15f4da09, 0x3, 0x3, 0x5e, 0x8000001f, 0x3, 0x101, 0x8, 0x0, 0x6]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)

1.808788475s ago: executing program 1 (id=3204):
r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/ext4/sda1/last_trim_minblks\x00', 0x2400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/7, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51)
socket(0xf, 0x3, 0x2)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x70)
socket(0x2, 0x1, 0x0)
r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
ioctl$auto(r4, 0x5646, r4)
read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f0000000280)=""/40, 0x28)
socket(0x1e, 0x1, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9)
copy_file_range$auto(r3, 0x0, r3, 0x0, 0x2, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x68140, 0x0)
ioctl$auto(r5, 0x5457, 0xd8)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$auto_NL80211_CMD_GET_STATION(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="c8000000", @ANYRES16=0x0, @ANYBLOB="000229bd7000fddbdf2511000000a3002a00221ada28c3b835ac22c9b00bfd5894dca7ed19c82e324edbb5dec7289433783809e7692cdc8b70348d4980009499f433a7f57c95279dd2f6114495580c2740d7ac0ffeac969a8ac19fa27d50ca2fe215e2f7bb9fdda4377076d1587807cf6d419d45e665031c12784793f345375f76b3413e50acdc8fdf7186893d701e1a6f3f2a94fd921137d651a30c0e2f1399694a65614814fae66807b99f30922bb6fe70fbc727000800c3000300000005003e00c11d82b4630535483ce6e1"], 0xc8}, 0x1, 0x0, 0x0, 0x800}, 0x840)
socket(0x1d, 0x2, 0x3)
r6 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0)
ioctl$auto_PROCMAP_QUERY(r6, 0xc0686611, 0x0)
close_range$auto(0x2, 0x8, 0x0)
madvise$auto(0x110c230000, 0x8031ca, 0x9)

1.763295826s ago: executing program 3 (id=3205):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x100, 0x0)
pread64$auto(r0, 0x0, 0x6, 0x3)

1.349586354s ago: executing program 3 (id=3206):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x10, 0x2, 0xc)
socket(0xa, 0x801, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x3, "2fb8d53a684220946b27852c0e2ecdb4ae4749a095f31e20fa396eeb89f4aae8", @raw=0x6})
signalfd4$auto(r0, &(0x7f0000000080)={0x7fffffff}, 0x56, 0x6)
socket(0x2, 0x1, 0x0)
finit_module$auto(0x3, 0xfffffffffffffffe, 0x2)
mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x22, 0x2, 0x2)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x40)
r2 = socket(0xa, 0x1, 0x84)
getsockopt$auto(r2, 0xe, 0x9, 0x0, &(0x7f0000000000)=0x1)

1.020105312s ago: executing program 3 (id=3207):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6})
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000)
sysfs$auto(0x2, 0x6, 0x5)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close_range$auto(r0, r1, 0xf)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55)
ioctl$auto(0x3, 0x5411, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0x8000000000000000, 0x4, 0x80000000081, 0x8, 0x2, 0xffffffffeffffff8})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf25030000000400080008000380090012"], 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x4)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000fbdbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1ff}, 0x7}, 0xffffffff, 0x0)

375.744799ms ago: executing program 3 (id=3208):
r0 = socket(0x2, 0x1, 0x0)
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
getsockopt$auto(r0, 0x6, 0x6, 0x0, 0x0)

74.799897ms ago: executing program 4 (id=3209):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/macvlan0/unres_qlen\x00', 0x602, 0x0)
mmap$auto(0x0, 0x1002000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x18, 0xa, 0x1)
socket(0x1, 0x2, 0x0)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex, 0x7f, 0x9c, 0x0, 0x1, @relative_fd, 0x80}, 0x8096)
getrusage$auto_RUSAGE_SELF(0x0, &(0x7f0000000240)={{0xfffffffffffffff8, 0x100000000}, {0xd, 0x7}, 0x5, 0x80, 0x0, 0xc800000000000000, 0x5, 0x3, 0x4, 0xa, 0x81, 0x0, 0x2, 0x4, 0x5, 0x4})
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
madvise$auto(0x0, 0x2000000080000001, 0x3)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
r2 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/ubifs/chk_index\x00', 0x7843c1, 0x0)
ioctl$auto(r1, 0x4030582a, r2)
write$auto(r0, &(0x7f0000000040)='{{*-\x06-\x00', 0xb898)
r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
mmap$auto(0x5, 0x2020009, 0x1, 0xeb1, r3, 0x7ffd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0)
mmap$auto(0x0, 0x580f, 0x1000000000001, 0x8000000008011, 0x3, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)
socket(0xa, 0x3, 0xb190)

62.402229ms ago: executing program 1 (id=3210):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
writev$auto(0x3, 0x0, 0x8009)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800)
mmap$auto(0x5, 0x4020009, 0xdf, 0xeb1, r0, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x2085c2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x81, 0x0, 0x0, 0x0, 0x0)
write$auto(r1, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0xfffffffffffff3b3)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto_VHOST_SET_FEATURES2(r2, 0x4008af00, &(0x7f0000000300)=0x8)
syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000000), r4)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0, 0x20}, 0x1, 0x3000700, 0x0, 0x1}, 0x8010)
pread64$auto(r3, 0x0, 0x8, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, 0x0)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0x902, 0x0)
pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9)

0s ago: executing program 3 (id=3211):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0xf, 0x5, 0x106)
sendmsg$auto_NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x1)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
getsockopt$auto_SO_TXREHASH(r0, 0x2, 0x4a, &(0x7f00000004c0)='/dev/cec4\x00\xe6\xa7j\xd2\xac\tdp\xf3D\xa1\xb4\xe7\xb8%{n%\x9b\xa2\xe5s\xa06\xa20\r\xbcN\x9b\x8c\x89\xee<\x06\xac\xa7\x9bYbA\xd2\xdf\xd3\x7fseq\xa7\xde\xf3U\xbc\x9a\x94\x84}>\x97\xc5\xc5\xfb}\x1a\xd0\x0f\x8d\xb8\'\xec.7\b\xcb,Hm\x16\x87C<\xa108\xe1\xac\x18\x80nc\xf0\xb8\xeb*\xbe0\x1f\xb35\x8c\xab\x15\r\xfes!\xac\xf9\x1a\xdfW\x19\xc3\x11\xee\xe8\xed\x06\xad\x1cT\xd9\x80q\xbc\xf9\t\xb0\x10\xd7 \x17\x81\xc7g\xb8\x97\x10\x9f\x1f\x1c\x95\x1a\x8a\xeb\xeb\x9aa~\xf0\x86x)#\xdd\xdf\x13\x9eI\x03\x18\xb7`\xb7N\xdfDV&\\\x93', &(0x7f0000000040)=0x4)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0)
ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r1, 0x80045105, 0x0)
r2 = socket(0x10, 0x2, 0x0)
read$auto_proc_oom_adj_operations_base(0xffffffffffffffff, &(0x7f0000000240)=""/153, 0x99)
r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, &(0x7f0000000100)={"00000600", 0x4, 0x6, 0xc, 0x9b3, 0x9, "05000100000000000000763f222ce1", "eab0779e", "1001410c", "00800030", ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00", '\x00\x00\x00\x00\x00\x00\x00\x00\b\x00']})
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptyv4\x00', 0x103e81, 0x0)
fallocate$auto(0x8000000000000003, 0x3, 0x40000005, 0x5)
mmap$auto(0x9, 0x810006, 0xffb, 0x8000000008019, r2, 0x1c000)
ioctl$auto_CEC_TRANSMIT(r3, 0xc0386105, &(0x7f0000000340)={0x8f0, 0x2, 0xa, 0x5, 0x7a000000, 0xbb, "ffab6d9e766230af5a9eb64140295715", 0x7, 0x42, 0x7, 0x9c, 0x6, 0x7, 0x40})
write$auto(0xffffffffffffffff, 0x0, 0x100082)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0)
mmap$auto(0x0, 0x20009, 0x80000003, 0xebe, 0xffffffffffffffff, 0x8000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0x5f5a42, 0x0)
read$auto(r4, 0x0, 0x20)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0)
writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=r2, 0x8004007, @old_prog_fd=0x13b}, 0xa2)
memfd_secret$auto(0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)

kernel console output (not intermixed with test programs):

__pfx_ip_vs_stats_show+0x10/0x10
[ 1171.621100][T20151]  proc_create_net_single+0x86/0x180
[ 1171.621153][T20151]  ? __pfx_proc_create_net_single+0x10/0x10
[ 1171.621221][T20151]  ip_vs_control_net_init+0x457/0x1d20
[ 1171.621255][T20151]  ? debug_mutex_init+0x37/0x70
[ 1171.621299][T20151]  __ip_vs_init+0x217/0x520
[ 1171.621338][T20151]  ? __pfx___ip_vs_init+0x10/0x10
[ 1171.621375][T20151]  ops_init+0x1df/0x5f0
[ 1171.621429][T20151]  setup_net+0x10f/0x380
[ 1171.621471][T20151]  ? lockdep_init_map_type+0x5c/0x280
[ 1171.621517][T20151]  ? __pfx_setup_net+0x10/0x10
[ 1171.621566][T20151]  ? debug_mutex_init+0x37/0x70
[ 1171.621604][T20151]  copy_net_ns+0x2a6/0x5f0
[ 1171.621658][T20151]  create_new_namespaces+0x3ea/0xa90
[ 1171.621706][T20151]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1171.621846][T20151]  ksys_unshare+0x45b/0xa40
[ 1171.621897][T20151]  ? __pfx_ksys_unshare+0x10/0x10
[ 1171.621945][T20151]  ? xfd_validate_state+0x61/0x180
[ 1171.622006][T20151]  __x64_sys_unshare+0x31/0x40
[ 1171.622065][T20151]  do_syscall_64+0xcd/0x490
[ 1171.622115][T20151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1171.622148][T20151] RIP: 0033:0x7fea3c58ebe9
[ 1171.622173][T20151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1171.622204][T20151] RSP: 002b:00007fea3d408038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1171.622269][T20151] RAX: ffffffffffffffda RBX: 00007fea3c7b5fa0 RCX: 00007fea3c58ebe9
[ 1171.622296][T20151] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1171.622322][T20151] RBP: 00007fea3c611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1171.622341][T20151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1171.622366][T20151] R13: 00007fea3c7b6038 R14: 00007fea3c7b5fa0 R15: 00007ffe3cb27428
[ 1171.622409][T20151]  </TASK>
[ 1171.895312][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1173.282587][T20133] Process accounting paused
[ 1186.794991][T20338] random: crng reseeded on system resumption
[ 1186.804495][   T31] audit: type=1800 audit(6050872341.736:21): pid=20326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2317" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1187.742455][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1187.749757][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1189.750404][T20366] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2325'.
[ 1189.865849][T20366] mac80211_hwsim hwsim16 �: renamed from wlan0 (while UP)
[ 1194.942885][T20445] : Can't lookup blockdev
[ 1195.453928][T20456] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2344'.
[ 1198.241558][T20485] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1198.254207][T20485] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1198.263395][T20485] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1198.307105][T20485] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1198.319298][T20485] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1200.377692][T20485] Bluetooth: hci2: command tx timeout
[ 1200.752344][T20483] chnl_net:caif_netlink_parms(): no params data found
[ 1201.652177][T20483] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1201.687957][T20483] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1201.735898][T20483] bridge_slave_0: entered allmulticast mode
[ 1201.754693][T20483] bridge_slave_0: entered promiscuous mode
[ 1201.818226][T20483] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1201.832232][T20483] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1201.904115][T20483] bridge_slave_1: entered allmulticast mode
[ 1201.958281][T20483] bridge_slave_1: entered promiscuous mode
[ 1202.257738][T20483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1202.328023][T20483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1202.490858][T20485] Bluetooth: hci2: command tx timeout
[ 1203.031147][T20483] team0: Port device team_slave_0 added
[ 1203.123162][T20483] team0: Port device team_slave_1 added
[ 1203.198130][T20519] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1203.217799][T20519] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1203.224000][T20519] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1203.231067][T20519] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1203.248480][T20519] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1203.291000][T20519] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1203.352631][T20519] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1203.398799][T20483] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1203.425909][T20483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1203.535651][T20483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1203.696557][T20483] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1203.709693][T20483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1203.795198][T20483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1204.452744][T20483] hsr_slave_0: entered promiscuous mode
[ 1204.489378][T20483] hsr_slave_1: entered promiscuous mode
[ 1204.524183][T20483] debugfs: 'hsr0' already exists in 'hsr'
[ 1204.543482][T20483] Cannot create hsr debugfs directory
[ 1204.553975][T20516] Process accounting resumed
[ 1204.743921][T20538] : Can't lookup blockdev
[ 1205.256320][T20485] Bluetooth: hci2: command 0x0419 tx timeout
[ 1205.256914][T20192] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1205.263197][T20485] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1205.268543][T20192] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1205.274607][T20485] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1206.064636][T20483] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.567462][T20483] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.850547][T20483] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1207.002405][T20562] XFS: Clearing xfsstats
[ 1207.338572][T20547] Bluetooth: hci2: command 0x0419 tx timeout
[ 1207.370859][T20483] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1207.561052][T20574] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2369'.
[ 1209.146325][T20483] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1209.455742][T20547] Bluetooth: hci2: command 0x0419 tx timeout
[ 1209.716891][T20483] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1209.755128][T20483] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1210.155701][T20483] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1211.505966][T20547] Bluetooth: hci2: command 0x0419 tx timeout
[ 1212.253520][T20483] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1212.563108][T20483] 8021q: adding VLAN 0 to HW filter on device team0
[ 1212.624845][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1212.632046][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1212.860824][   T30] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1212.868037][   T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1213.942231][T20483] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1214.140634][T20483] veth0_vlan: entered promiscuous mode
[ 1214.642067][T20483] veth1_vlan: entered promiscuous mode
[ 1214.845342][T20483] veth0_macvtap: entered promiscuous mode
[ 1214.990152][T20483] veth1_macvtap: entered promiscuous mode
[ 1215.208992][T20483] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1215.224058][T20483] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1215.251246][T20547] Bluetooth: hci3: unexpected event 0x3d length: 726 > 14
[ 1215.283864][T15713] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1215.364989][T15713] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1215.489512][T15713] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1215.545734][   T51] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1216.338803][T15714] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1216.354034][T15714] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1216.583839][T15714] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1216.627563][T15714] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1217.070894][T20660] openvswitch: netlink: Message has 4 unknown bytes.
[ 1217.217948][T20666] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2386'.
[ 1217.298438][T20660] FAULT_INJECTION: forcing a failure.
[ 1217.298438][T20660] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1217.323671][T20660] CPU: 0 UID: 0 PID: 20660 Comm: syz.3.2385 Not tainted syzkaller #0 PREEMPT(full) 
[ 1217.323711][T20660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1217.323728][T20660] Call Trace:
[ 1217.323737][T20660]  <TASK>
[ 1217.323749][T20660]  dump_stack_lvl+0x16c/0x1f0
[ 1217.323793][T20660]  should_fail_ex+0x512/0x640
[ 1217.323842][T20660]  get_futex_key+0x293/0x1560
[ 1217.323884][T20660]  ? __pfx_get_futex_key+0x10/0x10
[ 1217.323922][T20660]  ? __mutex_trylock_common+0xe9/0x250
[ 1217.323979][T20660]  futex_wake+0xea/0x530
[ 1217.324031][T20660]  ? __pfx_futex_wake+0x10/0x10
[ 1217.324095][T20660]  do_futex+0x1e3/0x350
[ 1217.324136][T20660]  ? __pfx_do_futex+0x10/0x10
[ 1217.324173][T20660]  ? __might_fault+0xe3/0x190
[ 1217.324221][T20660]  mm_release+0x24e/0x300
[ 1217.324261][T20660]  do_exit+0x68e/0x2bf0
[ 1217.324313][T20660]  ? __pfx_do_exit+0x10/0x10
[ 1217.324358][T20660]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1217.324404][T20660]  ? find_held_lock+0x2b/0x80
[ 1217.324442][T20660]  do_group_exit+0xd3/0x2a0
[ 1217.324502][T20660]  get_signal+0x2673/0x26d0
[ 1217.324552][T20660]  ? __pfx_get_signal+0x10/0x10
[ 1217.324589][T20660]  ? do_futex+0x122/0x350
[ 1217.324630][T20660]  ? __pfx_do_futex+0x10/0x10
[ 1217.324670][T20660]  arch_do_signal_or_restart+0x8f/0x790
[ 1217.324709][T20660]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1217.324753][T20660]  ? ksys_mmap_pgoff+0x85/0x5c0
[ 1217.324790][T20660]  ? xfd_validate_state+0x61/0x180
[ 1217.324830][T20660]  ? __pfx_do_writev+0x10/0x10
[ 1217.324866][T20660]  exit_to_user_mode_loop+0x84/0x110
[ 1217.324909][T20660]  do_syscall_64+0x3f6/0x490
[ 1217.324950][T20660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1217.324977][T20660] RIP: 0033:0x7fa94f18ebe9
[ 1217.324999][T20660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1217.325025][T20660] RSP: 002b:00007fa94d3f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1217.325050][T20660] RAX: fffffffffffffe00 RBX: 00007fa94f3b5fa8 RCX: 00007fa94f18ebe9
[ 1217.325068][T20660] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa94f3b5fa8
[ 1217.325085][T20660] RBP: 00007fa94f3b5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1217.325100][T20660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1217.325116][T20660] R13: 00007fa94f3b6038 R14: 00007ffda70f6400 R15: 00007ffda70f64e8
[ 1217.325150][T20660]  </TASK>
[ 1220.306282][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1220.313130][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1220.335446][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1220.346346][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1220.369422][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1220.376580][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1220.397157][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1220.403814][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1225.844661][T20776] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2406'.
[ 1230.055906][T20547] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1235.855250][T20485] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1235.887305][T20485] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1235.897801][T20485] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1235.916438][T20485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1235.930816][T20485] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1237.152574][T20876] chnl_net:caif_netlink_parms(): no params data found
[ 1237.823469][T20876] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1237.868545][T20876] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1237.909368][T20876] bridge_slave_0: entered allmulticast mode
[ 1237.957078][T20876] bridge_slave_0: entered promiscuous mode
[ 1238.055876][T20485] Bluetooth: hci0: command tx timeout
[ 1238.065465][T20876] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1238.125794][T20876] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1238.175961][T20876] bridge_slave_1: entered allmulticast mode
[ 1238.209634][T20876] bridge_slave_1: entered promiscuous mode
[ 1238.901853][T20876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1238.934010][T20876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1239.174360][T20876] team0: Port device team_slave_0 added
[ 1239.208943][T20876] team0: Port device team_slave_1 added
[ 1239.710491][T20876] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1239.717821][T20876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1239.749106][T20876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1239.792629][T20876] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1239.803902][T20876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1239.831447][T20876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1240.103905][T20876] hsr_slave_0: entered promiscuous mode
[ 1240.137100][T20485] Bluetooth: hci0: command tx timeout
[ 1240.222552][T20876] hsr_slave_1: entered promiscuous mode
[ 1240.323424][T20876] debugfs: 'hsr0' already exists in 'hsr'
[ 1240.395245][T20876] Cannot create hsr debugfs directory
[ 1241.690076][T20876] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.007546][T20876] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.215794][T20485] Bluetooth: hci0: command tx timeout
[ 1242.358610][T20876] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1242.544606][T20876] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1243.499793][T20876] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1243.538788][T20876] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1243.603922][T20876] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1243.722835][T20876] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1244.030787][T20964] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2438'.
[ 1244.090221][T20965] netlink: 302 bytes leftover after parsing attributes in process `syz.0.2438'.
[ 1244.298213][T20485] Bluetooth: hci0: command tx timeout
[ 1244.533404][T20876] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1244.690444][T20876] 8021q: adding VLAN 0 to HW filter on device team0
[ 1244.804216][T20876] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1244.849223][T20876] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1244.884832][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1244.892099][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1244.941759][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1244.949020][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1246.066960][T20876] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1246.242233][T20876] veth0_vlan: entered promiscuous mode
[ 1246.317099][T20876] veth1_vlan: entered promiscuous mode
[ 1246.437623][T20876] veth0_macvtap: entered promiscuous mode
[ 1246.515899][T20876] veth1_macvtap: entered promiscuous mode
[ 1246.609241][T20876] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1246.659472][T20876] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1246.749392][T15714] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1246.823305][T15714] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1246.867173][T15714] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1246.928165][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.191472][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1247.325674][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1247.397794][T15714] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1247.443407][T15714] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1249.179156][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1249.185616][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1250.320798][T20547] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1250.332815][T20547] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1250.345512][T20547] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1250.373575][T20547] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1250.436506][T20547] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1252.615696][T20547] Bluetooth: hci5: command tx timeout
[ 1252.646513][   T51] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1253.125205][   T51] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1253.174034][T21035] chnl_net:caif_netlink_parms(): no params data found
[ 1253.540997][   T51] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1253.755154][T21035] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1253.762504][T21035] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1253.777214][T21035] bridge_slave_0: entered allmulticast mode
[ 1253.808075][T21035] bridge_slave_0: entered promiscuous mode
[ 1253.940183][T21035] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1253.975476][T21035] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1254.035458][T21035] bridge_slave_1: entered allmulticast mode
[ 1254.115879][T21035] bridge_slave_1: entered promiscuous mode
[ 1254.397941][   T51] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1254.558826][T21035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1254.617612][T21035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1254.701140][T20547] Bluetooth: hci5: command tx timeout
[ 1255.127972][T21035] team0: Port device team_slave_0 added
[ 1255.391859][T21035] team0: Port device team_slave_1 added
[ 1256.168191][T21035] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1256.196063][T21035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1256.224165][T21035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1256.237571][T21035] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1256.244732][T21035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1256.290301][T21035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1256.775862][T20547] Bluetooth: hci5: command tx timeout
[ 1257.223548][   T51] bridge_slave_1: left allmulticast mode
[ 1257.245714][   T51] bridge_slave_1: left promiscuous mode
[ 1257.280632][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1257.372108][   T51] bridge_slave_0: left allmulticast mode
[ 1257.461871][   T51] bridge_slave_0: left promiscuous mode
[ 1257.475880][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1258.848083][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1258.857913][T20547] Bluetooth: hci5: command tx timeout
[ 1258.916395][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1258.943761][   T51] bond0 (unregistering): Released all slaves
[ 1259.000474][T21035] hsr_slave_0: entered promiscuous mode
[ 1259.007502][T21035] hsr_slave_1: entered promiscuous mode
[ 1259.014111][T21035] debugfs: 'hsr0' already exists in 'hsr'
[ 1259.021195][T21035] Cannot create hsr debugfs directory
[ 1261.050016][   T51] hsr_slave_0: left promiscuous mode
[ 1261.087322][T21123] FAULT_INJECTION: forcing a failure.
[ 1261.087322][T21123] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1261.106975][   T51] hsr_slave_1: left promiscuous mode
[ 1261.115813][T21123] CPU: 1 UID: 0 PID: 21123 Comm: syz.4.2468 Not tainted syzkaller #0 PREEMPT(full) 
[ 1261.115855][T21123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1261.115875][T21123] Call Trace:
[ 1261.115885][T21123]  <TASK>
[ 1261.115897][T21123]  dump_stack_lvl+0x16c/0x1f0
[ 1261.115945][T21123]  should_fail_ex+0x512/0x640
[ 1261.115999][T21123]  should_fail_alloc_page+0xe7/0x130
[ 1261.116047][T21123]  prepare_alloc_pages+0x3c2/0x610
[ 1261.116099][T21123]  ? rcu_is_watching+0x12/0xc0
[ 1261.116137][T21123]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1261.116198][T21123]  ? kasan_save_stack+0x42/0x60
[ 1261.116235][T21123]  ? kasan_save_stack+0x33/0x60
[ 1261.116272][T21123]  ? kasan_save_track+0x14/0x30
[ 1261.116319][T21123]  ? __kasan_kmalloc+0xaa/0xb0
[ 1261.116353][T21123]  ? __kvmalloc_node_noprof+0x27b/0x620
[ 1261.116387][T21123]  ? relay_open_buf.part.0+0x18f/0xc30
[ 1261.116427][T21123]  ? relay_open+0x653/0xad0
[ 1261.116504][T21123]  ? do_blk_trace_setup+0x4c5/0xb00
[ 1261.116536][T21123]  ? blk_trace_setup+0xed/0x1b0
[ 1261.116570][T21123]  ? blk_trace_ioctl+0x146/0x280
[ 1261.116604][T21123]  ? blkdev_ioctl+0x108/0x6d0
[ 1261.116639][T21123]  ? __x64_sys_ioctl+0x18e/0x210
[ 1261.116689][T21123]  ? do_syscall_64+0xcd/0x490
[ 1261.116731][T21123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1261.116771][T21123]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1261.116842][T21123]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1261.116906][T21123]  ? policy_nodemask+0xea/0x4e0
[ 1261.116952][T21123]  alloc_pages_mpol+0x1fb/0x550
[ 1261.116998][T21123]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1261.117041][T21123]  ? trace_kmalloc+0x2b/0xd0
[ 1261.117085][T21123]  ? __kvmalloc_node_noprof+0x298/0x620
[ 1261.117121][T21123]  ? flush_all_cpus_locked+0x170/0x210
[ 1261.117176][T21123]  alloc_pages_noprof+0x131/0x390
[ 1261.117222][T21123]  relay_open_buf.part.0+0x25d/0xc30
[ 1261.117277][T21123]  relay_open+0x653/0xad0
[ 1261.117319][T21123]  ? debugfs_create_file_full+0x41/0x60
[ 1261.117363][T21123]  do_blk_trace_setup+0x4c5/0xb00
[ 1261.117403][T21123]  blk_trace_setup+0xed/0x1b0
[ 1261.117438][T21123]  ? __pfx_blk_trace_setup+0x10/0x10
[ 1261.117482][T21123]  ? __pfx_snprintf+0x10/0x10
[ 1261.117535][T21123]  ? do_vfs_ioctl+0x128/0x14f0
[ 1261.117592][T21123]  blk_trace_ioctl+0x146/0x280
[ 1261.117629][T21123]  ? __pfx_blk_trace_ioctl+0x10/0x10
[ 1261.117673][T21123]  ? find_held_lock+0x2b/0x80
[ 1261.117703][T21123]  ? hook_file_ioctl_common+0x145/0x410
[ 1261.117750][T21123]  blkdev_ioctl+0x108/0x6d0
[ 1261.117787][T21123]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1261.117830][T21123]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1261.117880][T21123]  __x64_sys_ioctl+0x18e/0x210
[ 1261.117963][T21123]  do_syscall_64+0xcd/0x490
[ 1261.118007][T21123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1261.118055][T21123] RIP: 0033:0x7ff87998ebe9
[ 1261.118081][T21123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1261.118113][T21123] RSP: 002b:00007ff87a81f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1261.118143][T21123] RAX: ffffffffffffffda RBX: 00007ff879bb5fa0 RCX: 00007ff87998ebe9
[ 1261.118163][T21123] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 0000000000000008
[ 1261.118181][T21123] RBP: 00007ff879a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1261.118199][T21123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1261.118216][T21123] R13: 00007ff879bb6038 R14: 00007ff879bb5fa0 R15: 00007ffee34bc8b8
[ 1261.118257][T21123]  </TASK>
[ 1261.126878][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1261.485965][T21123] vhci_hcd: invalid port number 23
[ 1261.491128][T21123] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[ 1261.532500][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1261.567074][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1261.574517][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1261.731456][   T51] veth1_macvtap: left promiscuous mode
[ 1261.753765][   T51] veth0_macvtap: left promiscuous mode
[ 1261.770488][   T51] veth1_vlan: left promiscuous mode
[ 1261.786020][   T51] veth0_vlan: left promiscuous mode
[ 1263.247120][   T51] team0 (unregistering): Port device team_slave_1 removed
[ 1263.344597][   T51] team0 (unregistering): Port device team_slave_0 removed
[ 1266.038536][T21035] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1266.201760][T21035] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1266.403603][T21035] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1266.549418][T21035] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1267.639272][T21035] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1267.903276][T21035] 8021q: adding VLAN 0 to HW filter on device team0
[ 1268.265017][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1268.272200][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1268.323221][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1268.330445][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1269.325888][T21212] ICMPv6: process `syz.4.2477' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead
[ 1270.798156][T21035] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1271.872166][T21251] openvswitch: netlink: ufid size 17 bytes exceeds the range (1, 16)
[ 1271.921485][T21251] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1272.440156][T21035] veth0_vlan: entered promiscuous mode
[ 1272.499251][T21252] Invalid ELF header magic: != ELF
[ 1272.562371][T21035] veth1_vlan: entered promiscuous mode
[ 1272.924438][T21035] veth0_macvtap: entered promiscuous mode
[ 1273.007142][T21035] veth1_macvtap: entered promiscuous mode
[ 1273.208857][T21035] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1273.340579][T21035] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1273.470008][T15715] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.506577][T21262] vivid-003: =================  START STATUS  =================
[ 1273.514285][T21262] vivid-003: Radio HW Seek Mode: Bounded
[ 1273.521021][T21262] vivid-003: Radio Programmable HW Seek: false
[ 1273.530018][T15713] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.594673][T21262] vivid-003: RDS Rx I/O Mode: Block I/O
[ 1273.612820][T21262] vivid-003: Generate RBDS Instead of RDS: false
[ 1273.630441][T15713] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.650410][T15713] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1273.666024][T21262] vivid-003: RDS Reception: true
[ 1273.779695][T21262] vivid-003: RDS Program Type: 0 inactive
[ 1273.785525][T21262] vivid-003: RDS PS Name:  inactive
[ 1273.973365][T21262] vivid-003: RDS Radio Text:  inactive
[ 1274.021747][T21262] vivid-003: RDS Traffic Announcement: false inactive
[ 1274.029183][T21262] vivid-003: RDS Traffic Program: false inactive
[ 1274.048853][T21262] vivid-003: RDS Music: false inactive
[ 1274.055374][T21262] vivid-003: ==================  END STATUS  ==================
[ 1274.365799][   T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1274.405772][   T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1274.646953][   T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1274.705844][   T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1280.430619][T21353] blktrace: Concurrent blktraces are not allowed on loop2
[ 1281.150214][T21361] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2498'.
[ 1282.000511][T21369] ICMPv6: process `syz.1.2501' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead

syzkaller
syzkaller login: [ 1286.477962][T21423] : Can't lookup blockdev
[ 1286.820059][T21427] mkiss: ax0: crc mode is auto.
[ 1287.096320][T21434] mkiss: ax0: crc mode is auto.
[ 1287.179137][T21437] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2515'.
[ 1287.255203][T21437] hsr_slave_0: left promiscuous mode
[ 1287.266981][T21437] hsr_slave_1: left promiscuous mode
[ 1287.688529][T21449] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2517'.
[ 1288.801646][T21473] block nbd9: NBD_DISCONNECT
[ 1288.873398][T21473] openvswitch: netlink: Tunnel attr 242 out of range max 16
[ 1289.286308][T21480] netlink: 122 bytes leftover after parsing attributes in process `syz.1.2523'.
[ 1289.875883][T21495] FAULT_INJECTION: forcing a failure.
[ 1289.875883][T21495] name failslab, interval 1, probability 0, space 0, times 0
[ 1289.915780][T21495] CPU: 1 UID: 0 PID: 21495 Comm: syz.4.2527 Not tainted syzkaller #0 PREEMPT(full) 
[ 1289.915822][T21495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1289.915841][T21495] Call Trace:
[ 1289.915853][T21495]  <TASK>
[ 1289.915865][T21495]  dump_stack_lvl+0x16c/0x1f0
[ 1289.915915][T21495]  should_fail_ex+0x512/0x640
[ 1289.915959][T21495]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1289.915993][T21495]  should_failslab+0xc2/0x120
[ 1289.916027][T21495]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1289.916057][T21495]  ? __alloc_skb+0x2b2/0x380
[ 1289.916093][T21495]  __alloc_skb+0x2b2/0x380
[ 1289.916122][T21495]  ? __pfx___alloc_skb+0x10/0x10
[ 1289.916154][T21495]  ? kasan_quarantine_put+0x10a/0x240
[ 1289.916189][T21495]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1289.916230][T21495]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1289.916273][T21495]  inetdev_event+0xed5/0x18a0
[ 1289.916313][T21495]  ? ib_netdevice_event+0xfc/0x330
[ 1289.916336][T21495]  ? __pfx_inetdev_event+0x10/0x10
[ 1289.916376][T21495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1289.916418][T21495]  notifier_call_chain+0xb9/0x410
[ 1289.916450][T21495]  ? __pfx_inetdev_event+0x10/0x10
[ 1289.916493][T21495]  call_netdevice_notifiers_info+0xbe/0x140
[ 1289.916537][T21495]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1289.916586][T21495]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1289.916625][T21495]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1289.916664][T21495]  ? __fsnotify_parent+0x24b/0xc40
[ 1289.916691][T21495]  ? __pfx___mutex_lock+0x10/0x10
[ 1289.916730][T21495]  unregister_netdevice_queue+0x305/0x3f0
[ 1289.916768][T21495]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1289.916807][T21495]  ? __pfx_locks_remove_file+0x10/0x10
[ 1289.916837][T21495]  ? __pfx_ppp_release+0x10/0x10
[ 1289.916870][T21495]  ppp_release+0x209/0x230
[ 1289.916904][T21495]  __fput+0x3ff/0xb70
[ 1289.916949][T21495]  task_work_run+0x14d/0x240
[ 1289.916990][T21495]  ? __pfx_task_work_run+0x10/0x10
[ 1289.917029][T21495]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1289.917066][T21495]  exit_to_user_mode_loop+0xeb/0x110
[ 1289.917105][T21495]  do_syscall_64+0x3f6/0x490
[ 1289.917141][T21495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1289.917175][T21495] RIP: 0033:0x7ff87998ebe9
[ 1289.917194][T21495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1289.917219][T21495] RSP: 002b:00007ff87a7fe038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1289.917241][T21495] RAX: 0000000000000000 RBX: 00007ff879bb6090 RCX: 00007ff87998ebe9
[ 1289.917257][T21495] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1289.917271][T21495] RBP: 00007ff879a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1289.917286][T21495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1289.917301][T21495] R13: 00007ff879bb6128 R14: 00007ff879bb6090 R15: 00007ffee34bc8b8
[ 1289.917332][T21495]  </TASK>
[ 1291.675771][T21522] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2532'.
[ 1292.898876][T21543] netlink: 'syz.1.2533': attribute type 1 has an invalid length.
[ 1294.010499][T21567] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535
[ 1294.365919][T21573] : Can't lookup blockdev
[ 1294.710543][T21575] : Can't lookup blockdev
[ 1295.482976][T21589] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1296.893769][T21610] : Can't lookup blockdev
[ 1297.110860][T21617] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2555'.
[ 1297.354152][T21620] openvswitch: netlink: Port -2134900732 exceeds max allowable 65535
[ 1301.887669][T21678] block nbd9: NBD_DISCONNECT
[ 1301.905971][T21678] openvswitch: netlink: Tunnel attr 242 out of range max 16

syzkaller
syzkaller login: [ 1302.793518][T21683] FAULT_INJECTION: forcing a failure.
[ 1302.793518][T21683] name failslab, interval 1, probability 0, space 0, times 0
[ 1302.826012][T21683] CPU: 0 UID: 0 PID: 21683 Comm: syz.4.2574 Not tainted syzkaller #0 PREEMPT(full) 
[ 1302.826054][T21683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1302.826072][T21683] Call Trace:
[ 1302.826082][T21683]  <TASK>
[ 1302.826094][T21683]  dump_stack_lvl+0x16c/0x1f0
[ 1302.826140][T21683]  should_fail_ex+0x512/0x640
[ 1302.826185][T21683]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1302.826230][T21683]  should_failslab+0xc2/0x120
[ 1302.826274][T21683]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1302.826311][T21683]  ? __proc_create+0xc3/0x8e0
[ 1302.826357][T21683]  ? __proc_create+0x2ce/0x8e0
[ 1302.826409][T21683]  __proc_create+0x2ce/0x8e0
[ 1302.826458][T21683]  ? __pfx___proc_create+0x10/0x10
[ 1302.826512][T21683]  ? _raw_write_unlock+0x28/0x50
[ 1302.826549][T21683]  ? proc_register+0x314/0x5f0
[ 1302.826601][T21683]  proc_create_reg+0x7d/0x180
[ 1302.826654][T21683]  proc_create_net_data+0x8e/0x1c0
[ 1302.826705][T21683]  ? __pfx_proc_create_net_data+0x10/0x10
[ 1302.826753][T21683]  ? __pfx_proc_create_net_data+0x10/0x10
[ 1302.826805][T21683]  ? __kasan_kmalloc+0xaa/0xb0
[ 1302.826858][T21683]  ip_vs_conn_net_init+0x13f/0x200
[ 1302.826908][T21683]  __ip_vs_init+0x27d/0x520
[ 1302.826943][T21683]  ? __pfx___ip_vs_init+0x10/0x10
[ 1302.826976][T21683]  ops_init+0x1df/0x5f0
[ 1302.827040][T21683]  setup_net+0x10f/0x380
[ 1302.827082][T21683]  ? lockdep_init_map_type+0x5c/0x280
[ 1302.827129][T21683]  ? __pfx_setup_net+0x10/0x10
[ 1302.827176][T21683]  ? debug_mutex_init+0x37/0x70
[ 1302.827213][T21683]  copy_net_ns+0x2a6/0x5f0
[ 1302.827286][T21683]  create_new_namespaces+0x3ea/0xa90
[ 1302.827335][T21683]  unshare_nsproxy_namespaces+0xc0/0x1f0
[ 1302.827379][T21683]  ksys_unshare+0x45b/0xa40
[ 1302.827426][T21683]  ? __pfx_ksys_unshare+0x10/0x10
[ 1302.827474][T21683]  ? xfd_validate_state+0x61/0x180
[ 1302.827535][T21683]  __x64_sys_unshare+0x31/0x40
[ 1302.827583][T21683]  do_syscall_64+0xcd/0x490
[ 1302.827631][T21683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1302.827665][T21683] RIP: 0033:0x7ff87998ebe9
[ 1302.827692][T21683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1302.827725][T21683] RSP: 002b:00007ff87a81f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1302.827756][T21683] RAX: ffffffffffffffda RBX: 00007ff879bb5fa0 RCX: 00007ff87998ebe9
[ 1302.827777][T21683] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1302.827796][T21683] RBP: 00007ff879a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1302.827815][T21683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1302.827840][T21683] R13: 00007ff879bb6038 R14: 00007ff879bb5fa0 R15: 00007ffee34bc8b8
[ 1302.827883][T21683]  </TASK>
[ 1303.250465][T21686] FAULT_INJECTION: forcing a failure.
[ 1303.250465][T21686] name failslab, interval 1, probability 0, space 0, times 0
[ 1303.268855][T21692] FAULT_INJECTION: forcing a failure.
[ 1303.268855][T21692] name failslab, interval 1, probability 0, space 0, times 0
[ 1303.406186][T21686] CPU: 1 UID: 0 PID: 21686 Comm: syz.1.2573 Not tainted syzkaller #0 PREEMPT(full) 
[ 1303.406231][T21686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1303.406250][T21686] Call Trace:
[ 1303.406261][T21686]  <TASK>
[ 1303.406273][T21686]  dump_stack_lvl+0x16c/0x1f0
[ 1303.406321][T21686]  should_fail_ex+0x512/0x640
[ 1303.406367][T21686]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1303.406413][T21686]  should_failslab+0xc2/0x120
[ 1303.406458][T21686]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1303.406496][T21686]  ? __alloc_skb+0x2b2/0x380
[ 1303.406544][T21686]  __alloc_skb+0x2b2/0x380
[ 1303.406582][T21686]  ? __pfx___alloc_skb+0x10/0x10
[ 1303.406621][T21686]  ? kasan_quarantine_put+0x10a/0x240
[ 1303.406658][T21686]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1303.406710][T21686]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1303.406767][T21686]  inetdev_event+0xed5/0x18a0
[ 1303.406832][T21686]  ? ib_netdevice_event+0xfc/0x330
[ 1303.406863][T21686]  ? __pfx_inetdev_event+0x10/0x10
[ 1303.406933][T21686]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1303.406991][T21686]  notifier_call_chain+0xb9/0x410
[ 1303.407033][T21686]  ? __pfx_inetdev_event+0x10/0x10
[ 1303.407093][T21686]  call_netdevice_notifiers_info+0xbe/0x140
[ 1303.407149][T21686]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1303.407221][T21686]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1303.407273][T21686]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1303.407327][T21686]  ? __fsnotify_parent+0x24b/0xc40
[ 1303.407362][T21686]  ? __pfx___mutex_lock+0x10/0x10
[ 1303.407417][T21686]  unregister_netdevice_queue+0x305/0x3f0
[ 1303.407469][T21686]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1303.407523][T21686]  ? __pfx_locks_remove_file+0x10/0x10
[ 1303.407564][T21686]  ? __pfx_ppp_release+0x10/0x10
[ 1303.407610][T21686]  ppp_release+0x209/0x230
[ 1303.407657][T21686]  __fput+0x3ff/0xb70
[ 1303.407716][T21686]  task_work_run+0x14d/0x240
[ 1303.407771][T21686]  ? __pfx_task_work_run+0x10/0x10
[ 1303.407836][T21686]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1303.407888][T21686]  exit_to_user_mode_loop+0xeb/0x110
[ 1303.407953][T21686]  do_syscall_64+0x3f6/0x490
[ 1303.408019][T21686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.408068][T21686] RIP: 0033:0x7f645398ebe9
[ 1303.408094][T21686] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1303.408124][T21686] RSP: 002b:00007f64548de038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1303.408155][T21686] RAX: 0000000000000000 RBX: 00007f6453bb5fa0 RCX: 00007f645398ebe9
[ 1303.408174][T21686] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1303.408192][T21686] RBP: 00007f6453a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1303.408222][T21686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1303.408240][T21686] R13: 00007f6453bb6038 R14: 00007f6453bb5fa0 R15: 00007ffe2fcf84d8
[ 1303.408280][T21686]  </TASK>
[ 1303.700239][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1303.731775][T21692] CPU: 1 UID: 0 PID: 21692 Comm: syz.0.2575 Not tainted syzkaller #0 PREEMPT(full) 
[ 1303.731808][T21692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1303.731822][T21692] Call Trace:
[ 1303.731830][T21692]  <TASK>
[ 1303.731838][T21692]  dump_stack_lvl+0x16c/0x1f0
[ 1303.731874][T21692]  should_fail_ex+0x512/0x640
[ 1303.731907][T21692]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1303.731938][T21692]  should_failslab+0xc2/0x120
[ 1303.731970][T21692]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1303.731997][T21692]  ? vma_merge_new_range+0x3ae/0xa50
[ 1303.732023][T21692]  ? vm_area_alloc+0x1f/0x160
[ 1303.732051][T21692]  vm_area_alloc+0x1f/0x160
[ 1303.732074][T21692]  __mmap_region+0xf90/0x27b0
[ 1303.732105][T21692]  ? __pfx___mmap_region+0x10/0x10
[ 1303.732140][T21692]  ? is_bpf_text_address+0x8a/0x1a0
[ 1303.732170][T21692]  ? bpf_ksym_find+0x124/0x1c0
[ 1303.732192][T21692]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1303.732220][T21692]  ? is_bpf_text_address+0x94/0x1a0
[ 1303.732249][T21692]  ? kernel_text_address+0x8d/0x100
[ 1303.732271][T21692]  ? __kernel_text_address+0xd/0x40
[ 1303.732338][T21692]  ? trace_cap_capable+0x18d/0x200
[ 1303.732373][T21692]  mmap_region+0x1ab/0x3f0
[ 1303.732401][T21692]  ? __get_unmapped_area+0x267/0x440
[ 1303.732438][T21692]  do_mmap+0xa3e/0x1210
[ 1303.732478][T21692]  ? __pfx_do_mmap+0x10/0x10
[ 1303.732512][T21692]  ? __pfx_down_write_killable+0x10/0x10
[ 1303.732553][T21692]  vm_mmap_pgoff+0x29e/0x470
[ 1303.732592][T21692]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1303.732628][T21692]  ? __fget_files+0x20e/0x3c0
[ 1303.732662][T21692]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1303.732695][T21692]  ? __pfx_ksys_write+0x10/0x10
[ 1303.732726][T21692]  __x64_sys_mmap+0x125/0x190
[ 1303.732773][T21692]  do_syscall_64+0xcd/0x490
[ 1303.732808][T21692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1303.732832][T21692] RIP: 0033:0x7f9dedf8ebe9
[ 1303.732850][T21692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1303.732873][T21692] RSP: 002b:00007f9dec1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1303.732895][T21692] RAX: ffffffffffffffda RBX: 00007f9dee1b6090 RCX: 00007f9dedf8ebe9
[ 1303.732912][T21692] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000
[ 1303.732926][T21692] RBP: 00007f9dec1f6090 R08: 0000000000000401 R09: 0000000000008000
[ 1303.732941][T21692] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001
[ 1303.732955][T21692] R13: 00007f9dee1b6128 R14: 00007f9dee1b6090 R15: 00007ffd4ff812d8
[ 1303.732985][T21692]  </TASK>
[ 1303.985421][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1304.915629][T21706] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2579'.
[ 1306.212310][T21729] block nbd9: NBD_DISCONNECT
[ 1306.218576][T21729] openvswitch: netlink: Tunnel attr 242 out of range max 16
[ 1306.252184][T21715] sd 0:0:1:0: PR command failed: 1026
[ 1306.351023][T21715] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1306.557160][T21715] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1307.075668][   T31] audit: type=1800 audit(6050872462.006:22): pid=21715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2580" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1307.805180][T21748] : Can't lookup blockdev
[ 1310.574538][T21807] blktrace: Concurrent blktraces are not allowed on loop12
[ 1310.621868][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1310.628599][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1318.036143][T21908] FAULT_INJECTION: forcing a failure.
[ 1318.036143][T21908] name failslab, interval 1, probability 0, space 0, times 0
[ 1318.146161][T21908] CPU: 1 UID: 0 PID: 21908 Comm: syz.1.2623 Not tainted syzkaller #0 PREEMPT(full) 
[ 1318.146205][T21908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1318.146223][T21908] Call Trace:
[ 1318.146233][T21908]  <TASK>
[ 1318.146245][T21908]  dump_stack_lvl+0x16c/0x1f0
[ 1318.146288][T21908]  should_fail_ex+0x512/0x640
[ 1318.146331][T21908]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1318.146374][T21908]  should_failslab+0xc2/0x120
[ 1318.146416][T21908]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1318.146454][T21908]  ? mas_alloc_nodes+0x18b/0x8b0
[ 1318.146504][T21908]  mas_alloc_nodes+0x18b/0x8b0
[ 1318.146548][T21908]  mas_node_count_gfp+0x105/0x130
[ 1318.146588][T21908]  mas_preallocate+0x7e0/0xde0
[ 1318.146643][T21908]  ? __pfx_mas_preallocate+0x10/0x10
[ 1318.146701][T21908]  ? vma_merge_new_range+0x3ae/0xa50
[ 1318.146735][T21908]  ? vm_area_alloc+0x1f/0x160
[ 1318.146768][T21908]  ? lockdep_init_map_type+0x5c/0x280
[ 1318.146817][T21908]  __mmap_region+0x118a/0x27b0
[ 1318.146860][T21908]  ? __pfx___mmap_region+0x10/0x10
[ 1318.146909][T21908]  ? is_bpf_text_address+0x8a/0x1a0
[ 1318.146948][T21908]  ? bpf_ksym_find+0x124/0x1c0
[ 1318.146978][T21908]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1318.147017][T21908]  ? is_bpf_text_address+0x94/0x1a0
[ 1318.147057][T21908]  ? kernel_text_address+0x8d/0x100
[ 1318.147086][T21908]  ? __kernel_text_address+0xd/0x40
[ 1318.147178][T21908]  ? trace_cap_capable+0x18d/0x200
[ 1318.147225][T21908]  mmap_region+0x1ab/0x3f0
[ 1318.147262][T21908]  ? __get_unmapped_area+0x267/0x440
[ 1318.147311][T21908]  do_mmap+0xa3e/0x1210
[ 1318.147361][T21908]  ? __pfx_do_mmap+0x10/0x10
[ 1318.147407][T21908]  ? __pfx_down_write_killable+0x10/0x10
[ 1318.147464][T21908]  vm_mmap_pgoff+0x29e/0x470
[ 1318.147527][T21908]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1318.147577][T21908]  ? __fget_files+0x20e/0x3c0
[ 1318.147609][T21908]  ? rcu_watching_snap_stopped_since+0x100/0x110
[ 1318.147656][T21908]  ksys_mmap_pgoff+0x7d/0x5c0
[ 1318.147701][T21908]  ? __pfx_ksys_write+0x10/0x10
[ 1318.147742][T21908]  __x64_sys_mmap+0x125/0x190
[ 1318.147799][T21908]  do_syscall_64+0xcd/0x490
[ 1318.147845][T21908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1318.147876][T21908] RIP: 0033:0x7f645398ebe9
[ 1318.147901][T21908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1318.147931][T21908] RSP: 002b:00007f64548de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1318.147959][T21908] RAX: ffffffffffffffda RBX: 00007f6453bb5fa0 RCX: 00007f645398ebe9
[ 1318.147978][T21908] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000
[ 1318.147995][T21908] RBP: 00007f64548de090 R08: 0000000000000401 R09: 0000000000008000
[ 1318.148013][T21908] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000001
[ 1318.148030][T21908] R13: 00007f6453bb6038 R14: 00007f6453bb5fa0 R15: 00007ffe2fcf84d8
[ 1318.148069][T21908]  </TASK>
[ 1319.795841][T21932] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1322.556168][T21968] : Can't lookup blockdev
[ 1323.010944][T21970] FAULT_INJECTION: forcing a failure.
[ 1323.010944][T21970] name failslab, interval 1, probability 0, space 0, times 0
[ 1323.061298][T21970] CPU: 1 UID: 0 PID: 21970 Comm: syz.3.2640 Not tainted syzkaller #0 PREEMPT(full) 
[ 1323.061343][T21970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1323.061362][T21970] Call Trace:
[ 1323.061377][T21970]  <TASK>
[ 1323.061389][T21970]  dump_stack_lvl+0x16c/0x1f0
[ 1323.061435][T21970]  should_fail_ex+0x512/0x640
[ 1323.061480][T21970]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1323.061524][T21970]  should_failslab+0xc2/0x120
[ 1323.061567][T21970]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1323.061606][T21970]  ? __alloc_skb+0x2b2/0x380
[ 1323.061654][T21970]  __alloc_skb+0x2b2/0x380
[ 1323.061694][T21970]  ? __pfx___alloc_skb+0x10/0x10
[ 1323.061733][T21970]  ? kasan_quarantine_put+0x10a/0x240
[ 1323.061770][T21970]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1323.061822][T21970]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1323.061879][T21970]  inetdev_event+0xed5/0x18a0
[ 1323.061930][T21970]  ? ib_netdevice_event+0xfc/0x330
[ 1323.061959][T21970]  ? __pfx_inetdev_event+0x10/0x10
[ 1323.062010][T21970]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1323.062075][T21970]  notifier_call_chain+0xb9/0x410
[ 1323.062114][T21970]  ? __pfx_inetdev_event+0x10/0x10
[ 1323.062169][T21970]  call_netdevice_notifiers_info+0xbe/0x140
[ 1323.062227][T21970]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1323.062290][T21970]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1323.062341][T21970]  ? ppp_release+0x167/0x230
[ 1323.062394][T21970]  ? __pfx___mutex_lock+0x10/0x10
[ 1323.062445][T21970]  unregister_netdevice_queue+0x305/0x3f0
[ 1323.062495][T21970]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1323.062549][T21970]  ? __pfx_locks_remove_file+0x10/0x10
[ 1323.062589][T21970]  ? __pfx_ppp_release+0x10/0x10
[ 1323.062631][T21970]  ppp_release+0x209/0x230
[ 1323.062676][T21970]  __fput+0x3ff/0xb70
[ 1323.062730][T21970]  task_work_run+0x14d/0x240
[ 1323.062783][T21970]  ? __pfx_task_work_run+0x10/0x10
[ 1323.062834][T21970]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1323.062882][T21970]  exit_to_user_mode_loop+0xeb/0x110
[ 1323.062931][T21970]  do_syscall_64+0x3f6/0x490
[ 1323.062977][T21970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1323.063009][T21970] RIP: 0033:0x7fa07378ebe9
[ 1323.063034][T21970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1323.063076][T21970] RSP: 002b:00007fa07465c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1323.063108][T21970] RAX: 0000000000000000 RBX: 00007fa0739b5fa0 RCX: 00007fa07378ebe9
[ 1323.063127][T21970] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1323.063145][T21970] RBP: 00007fa073811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1323.063164][T21970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1323.063182][T21970] R13: 00007fa0739b6038 R14: 00007fa0739b5fa0 R15: 00007fff12efc208
[ 1323.063220][T21970]  </TASK>
[ 1324.295817][T21998] FAULT_INJECTION: forcing a failure.
[ 1324.295817][T21998] name failslab, interval 1, probability 0, space 0, times 0
[ 1324.295863][T21998] CPU: 0 UID: 0 PID: 21998 Comm: syz.3.2646 Not tainted syzkaller #0 PREEMPT(full) 
[ 1324.295898][T21998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1324.295916][T21998] Call Trace:
[ 1324.295934][T21998]  <TASK>
[ 1324.295945][T21998]  dump_stack_lvl+0x16c/0x1f0
[ 1324.295991][T21998]  should_fail_ex+0x512/0x640
[ 1324.296036][T21998]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1324.296081][T21998]  should_failslab+0xc2/0x120
[ 1324.296123][T21998]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1324.296163][T21998]  ? __alloc_skb+0x2b2/0x380
[ 1324.296208][T21998]  __alloc_skb+0x2b2/0x380
[ 1324.296247][T21998]  ? __pfx___alloc_skb+0x10/0x10
[ 1324.296286][T21998]  ? kasan_quarantine_put+0x10a/0x240
[ 1324.296323][T21998]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1324.296374][T21998]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1324.296429][T21998]  inetdev_event+0xed5/0x18a0
[ 1324.296481][T21998]  ? ib_netdevice_event+0xfc/0x330
[ 1324.296511][T21998]  ? __pfx_inetdev_event+0x10/0x10
[ 1324.296562][T21998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1324.296620][T21998]  notifier_call_chain+0xb9/0x410
[ 1324.296670][T21998]  ? __pfx_inetdev_event+0x10/0x10
[ 1324.296724][T21998]  call_netdevice_notifiers_info+0xbe/0x140
[ 1324.296776][T21998]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1324.296835][T21998]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1324.296882][T21998]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1324.296940][T21998]  ? __fsnotify_parent+0x24b/0xc40
[ 1324.296974][T21998]  ? __pfx___mutex_lock+0x10/0x10
[ 1324.297023][T21998]  unregister_netdevice_queue+0x305/0x3f0
[ 1324.297072][T21998]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1324.297119][T21998]  ? __pfx_locks_remove_file+0x10/0x10
[ 1324.297156][T21998]  ? __pfx_ppp_release+0x10/0x10
[ 1324.297198][T21998]  ppp_release+0x209/0x230
[ 1324.297241][T21998]  __fput+0x3ff/0xb70
[ 1324.297294][T21998]  task_work_run+0x14d/0x240
[ 1324.297345][T21998]  ? __pfx_task_work_run+0x10/0x10
[ 1324.297395][T21998]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1324.297441][T21998]  exit_to_user_mode_loop+0xeb/0x110
[ 1324.297487][T21998]  do_syscall_64+0x3f6/0x490
[ 1324.297529][T21998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1324.297558][T21998] RIP: 0033:0x7fa07378ebe9
[ 1324.297580][T21998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1324.297609][T21998] RSP: 002b:00007fa07463b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1324.297636][T21998] RAX: 0000000000000000 RBX: 00007fa0739b6090 RCX: 00007fa07378ebe9
[ 1324.297654][T21998] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1324.297669][T21998] RBP: 00007fa073811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1324.297686][T21998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1324.297702][T21998] R13: 00007fa0739b6128 R14: 00007fa0739b6090 R15: 00007fff12efc208
[ 1324.297738][T21998]  </TASK>
[ 1325.626480][T21974] tty tty17: ldisc open failed (-12), clearing slot 16
[ 1325.635289][T21978] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1330.008485][T22067] FAULT_INJECTION: forcing a failure.
[ 1330.008485][T22067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1330.066239][T22067] CPU: 1 UID: 0 PID: 22067 Comm: syz.4.2661 Not tainted syzkaller #0 PREEMPT(full) 
[ 1330.066271][T22067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1330.066285][T22067] Call Trace:
[ 1330.066293][T22067]  <TASK>
[ 1330.066301][T22067]  dump_stack_lvl+0x16c/0x1f0
[ 1330.066336][T22067]  should_fail_ex+0x512/0x640
[ 1330.066374][T22067]  _copy_to_user+0x32/0xd0
[ 1330.066397][T22067]  tomoyo_flush+0x161/0x520
[ 1330.066445][T22067]  tomoyo_set_string+0xaf/0xe0
[ 1330.066481][T22067]  tomoyo_read_exception+0x2c8/0xc30
[ 1330.066527][T22067]  tomoyo_read_control+0x299/0x540
[ 1330.066554][T22067]  ? __pfx_tomoyo_read+0x10/0x10
[ 1330.066588][T22067]  vfs_readv+0x5be/0x8b0
[ 1330.066620][T22067]  ? __pfx_vfs_readv+0x10/0x10
[ 1330.066642][T22067]  ? __mutex_lock+0x1c5/0x1060
[ 1330.066682][T22067]  ? __pfx___mutex_lock+0x10/0x10
[ 1330.066724][T22067]  ? __fget_files+0x20e/0x3c0
[ 1330.066748][T22067]  ? __fget_files+0x140/0x3c0
[ 1330.066780][T22067]  ? do_readv+0x132/0x340
[ 1330.066802][T22067]  do_readv+0x132/0x340
[ 1330.066825][T22067]  ? __pfx_do_readv+0x10/0x10
[ 1330.066858][T22067]  do_syscall_64+0xcd/0x490
[ 1330.066892][T22067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1330.066916][T22067] RIP: 0033:0x7ff87998ebe9
[ 1330.066934][T22067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1330.066957][T22067] RSP: 002b:00007ff87a81f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1330.066979][T22067] RAX: ffffffffffffffda RBX: 00007ff879bb5fa0 RCX: 00007ff87998ebe9
[ 1330.066994][T22067] RDX: 0000000000000003 RSI: 0000200000001d40 RDI: 0000000000000003
[ 1330.067008][T22067] RBP: 00007ff87a81f090 R08: 0000000000000000 R09: 0000000000000000
[ 1330.067022][T22067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1330.067035][T22067] R13: 00007ff879bb6038 R14: 00007ff879bb5fa0 R15: 00007ffee34bc8b8
[ 1330.067064][T22067]  </TASK>
[ 1330.267176][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1330.906445][T22074] : Can't lookup blockdev
[ 1333.504918][T22108] FAULT_INJECTION: forcing a failure.
[ 1333.504918][T22108] name failslab, interval 1, probability 0, space 0, times 0
[ 1333.525875][T22108] CPU: 0 UID: 0 PID: 22108 Comm: syz.1.2678 Not tainted syzkaller #0 PREEMPT(full) 
[ 1333.525919][T22108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1333.525938][T22108] Call Trace:
[ 1333.525949][T22108]  <TASK>
[ 1333.525962][T22108]  dump_stack_lvl+0x16c/0x1f0
[ 1333.526008][T22108]  should_fail_ex+0x512/0x640
[ 1333.526055][T22108]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1333.526092][T22108]  should_failslab+0xc2/0x120
[ 1333.526134][T22108]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1333.526177][T22108]  ? loopback_open+0x145/0x13a0
[ 1333.526227][T22108]  loopback_open+0x145/0x13a0
[ 1333.526277][T22108]  snd_pcm_open_substream+0xa60/0x17f0
[ 1333.526318][T22108]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[ 1333.526368][T22108]  snd_pcm_oss_open+0x735/0x1400
[ 1333.526435][T22108]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1333.526487][T22108]  ? __lock_acquire+0xb97/0x1ce0
[ 1333.526530][T22108]  ? __pfx_default_wake_function+0x10/0x10
[ 1333.526564][T22108]  ? __lock_acquire+0xb97/0x1ce0
[ 1333.526614][T22108]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1333.526664][T22108]  ? soundcore_open+0x35a/0x580
[ 1333.526710][T22108]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[ 1333.526763][T22108]  soundcore_open+0x409/0x580
[ 1333.526809][T22108]  ? __pfx_soundcore_open+0x10/0x10
[ 1333.526852][T22108]  chrdev_open+0x231/0x6a0
[ 1333.526892][T22108]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1333.526928][T22108]  ? __pfx_chrdev_open+0x10/0x10
[ 1333.526973][T22108]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[ 1333.527016][T22108]  do_dentry_open+0x97f/0x1530
[ 1333.527056][T22108]  ? __pfx_chrdev_open+0x10/0x10
[ 1333.527105][T22108]  vfs_open+0x82/0x3f0
[ 1333.527163][T22108]  path_openat+0x1de4/0x2cb0
[ 1333.527215][T22108]  ? __pfx_path_openat+0x10/0x10
[ 1333.527262][T22108]  do_filp_open+0x20b/0x470
[ 1333.527300][T22108]  ? __pfx_do_filp_open+0x10/0x10
[ 1333.527367][T22108]  ? alloc_fd+0x471/0x7d0
[ 1333.527411][T22108]  do_sys_openat2+0x11b/0x1d0
[ 1333.527458][T22108]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1333.527522][T22108]  __x64_sys_openat+0x174/0x210
[ 1333.527570][T22108]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1333.527635][T22108]  do_syscall_64+0xcd/0x490
[ 1333.527679][T22108]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1333.527710][T22108] RIP: 0033:0x7f645398ebe9
[ 1333.527734][T22108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1333.527764][T22108] RSP: 002b:00007f64548bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1333.527792][T22108] RAX: ffffffffffffffda RBX: 00007f6453bb6090 RCX: 00007f645398ebe9
[ 1333.527813][T22108] RDX: 0000000000080502 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[ 1333.527833][T22108] RBP: 00007f6453a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1333.527852][T22108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1333.527870][T22108] R13: 00007f6453bb6128 R14: 00007f6453bb6090 R15: 00007ffe2fcf84d8
[ 1333.527910][T22108]  </TASK>
[ 1334.303074][T22114] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2672'.
[ 1337.379154][T22161] Process accounting resumed
[ 1337.624888][T22165] : Can't lookup blockdev
[ 1339.157735][T22194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2694'.
[ 1339.327193][T22197] FAULT_INJECTION: forcing a failure.
[ 1339.327193][T22197] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1339.458119][T22197] CPU: 1 UID: 0 PID: 22197 Comm: syz.1.2695 Not tainted syzkaller #0 PREEMPT(full) 
[ 1339.458150][T22197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1339.458163][T22197] Call Trace:
[ 1339.458171][T22197]  <TASK>
[ 1339.458180][T22197]  dump_stack_lvl+0x16c/0x1f0
[ 1339.458215][T22197]  should_fail_ex+0x512/0x640
[ 1339.458254][T22197]  _copy_to_user+0x32/0xd0
[ 1339.458279][T22197]  tomoyo_flush+0x161/0x520
[ 1339.458322][T22197]  tomoyo_set_string+0xaf/0xe0
[ 1339.458359][T22197]  tomoyo_read_exception+0x2ff/0xc30
[ 1339.458407][T22197]  tomoyo_read_control+0x299/0x540
[ 1339.458435][T22197]  ? __pfx_tomoyo_read+0x10/0x10
[ 1339.458469][T22197]  vfs_readv+0x5be/0x8b0
[ 1339.458501][T22197]  ? __pfx_vfs_readv+0x10/0x10
[ 1339.458525][T22197]  ? __mutex_lock+0x1c5/0x1060
[ 1339.458565][T22197]  ? __pfx___mutex_lock+0x10/0x10
[ 1339.458614][T22197]  ? __fget_files+0x20e/0x3c0
[ 1339.458639][T22197]  ? __fget_files+0x140/0x3c0
[ 1339.458672][T22197]  ? do_readv+0x132/0x340
[ 1339.458695][T22197]  do_readv+0x132/0x340
[ 1339.458720][T22197]  ? __pfx_do_readv+0x10/0x10
[ 1339.458754][T22197]  do_syscall_64+0xcd/0x490
[ 1339.458789][T22197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1339.458814][T22197] RIP: 0033:0x7f645398ebe9
[ 1339.458832][T22197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1339.458855][T22197] RSP: 002b:00007f64548de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1339.458877][T22197] RAX: ffffffffffffffda RBX: 00007f6453bb5fa0 RCX: 00007f645398ebe9
[ 1339.458893][T22197] RDX: 0000000000000003 RSI: 0000200000001d40 RDI: 0000000000000003
[ 1339.458908][T22197] RBP: 00007f64548de090 R08: 0000000000000000 R09: 0000000000000000
[ 1339.458923][T22197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1339.458937][T22197] R13: 00007f6453bb6038 R14: 00007f6453bb5fa0 R15: 00007ffe2fcf84d8
[ 1339.458967][T22197]  </TASK>
[ 1339.984034][T22194] zswap: compressor � not available
[ 1340.037832][T22202] i2c i2c-0: delete_device: Can't parse I2C address
[ 1342.640364][T22249] svc: failed to register nfsdv3 RPC service (errno 111).
[ 1342.860370][T22249] svc: failed to register nfsaclv3 RPC service (errno 111).
[ 1343.691994][T22259] sd 0:0:1:0: PR command failed: 1026
[ 1343.776312][T22259] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1343.783357][T22259] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1344.833407][   T31] audit: type=1800 audit(6050872499.766:23): pid=22248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2710" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1345.971055][T22295] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2719'.
[ 1346.583251][ T5880] Bluetooth: hci5: unexpected subevent 0x05 length: 123 > 12
[ 1348.615756][ T5880] Bluetooth: hci5: command tx timeout
[ 1350.638909][T22370] netlink: 10 bytes leftover after parsing attributes in process `syz.3.2734'.
[ 1351.910061][T22396] : Can't lookup blockdev
[ 1352.496498][T22400] kexec: Could not allocate control_code_buffer
[ 1352.619733][    C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163f829 (__mcheck_cpu_init_clear_banks+0x109/0x1f0)
[ 1352.635130][    C0] Call Trace:
[ 1352.638443][    C0]  <IRQ>
[ 1352.641306][    C0]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1352.646615][    C0]  mce_cpu_restart+0x98/0xb0
[ 1352.651230][    C0]  __flush_smp_call_function_queue+0x27a/0x8c0
[ 1352.657506][    C0]  __sysvec_call_function_single+0x87/0x400
[ 1352.663446][    C0]  sysvec_call_function_single+0x9f/0xc0
[ 1352.669116][    C0]  </IRQ>
[ 1352.672063][    C0]  <TASK>
[ 1352.675010][    C0]  asm_sysvec_call_function_single+0x1a/0x20
[ 1352.681012][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1352.686676][    C0] Code: 0c 65 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 63 71 19 00 fb f4 <e9> 3c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1352.706391][    C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c6
[ 1352.712483][    C0] RAX: 0000000000e77fd5 RBX: 0000000000000000 RCX: ffffffff8b909bf9
[ 1352.720466][    C0] RDX: 0000000000000000 RSI: ffffffff8de4c5c9 RDI: ffffffff8c162d00
[ 1352.728478][    C0] RBP: fffffbfff1c52ef8 R08: 0000000000000001 R09: ffffed1017086655
[ 1352.736462][    C0] R10: ffff8880b84332ab R11: 0000000000000000 R12: 0000000000000000
[ 1352.744451][    C0] R13: ffffffff8e2977c0 R14: ffffffff90ab7990 R15: 0000000000000000
[ 1352.752537][    C0]  ? ct_kernel_exit+0x139/0x190
[ 1352.757441][    C0]  default_idle+0x13/0x20
[ 1352.761812][    C0]  default_idle_call+0x6d/0xb0
[ 1352.766607][    C0]  do_idle+0x391/0x510
[ 1352.770708][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1352.775314][    C0]  ? trace_sched_exit_tp+0x2f/0x120
[ 1352.780555][    C0]  cpu_startup_entry+0x4f/0x60
[ 1352.785341][    C0]  rest_init+0x16b/0x2b0
[ 1352.789617][    C0]  ? acpi_subsystem_init+0x133/0x180
[ 1352.794953][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 1352.800546][    C0]  start_kernel+0x3ee/0x4d0
[ 1352.805096][    C0]  x86_64_start_reservations+0x18/0x30
[ 1352.810601][    C0]  x86_64_start_kernel+0x130/0x190
[ 1352.815756][    C0]  common_startup_64+0x13e/0x148
[ 1352.820739][    C0]  </TASK>
[ 1357.318967][T20192] Bluetooth: hci0: Malformed Event: 0x02
[ 1357.756157][T22476] sd 0:0:1:0: PR command failed: 1026
[ 1357.895320][T22476] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1358.058143][T22476] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1358.357294][T22488] : Can't lookup blockdev
[ 1358.778847][T20192] Bluetooth: hci0: command 0x0406 tx timeout
[ 1359.250211][T22499] vivid-007: =================  START STATUS  =================
[ 1359.325750][T22499] vivid-007: Generate PTS: true
[ 1359.330881][T22499] vivid-007: Generate SCR: true
[ 1359.355925][T22499] tpg source WxH: 320x240 (Y'CbCr)
[ 1359.361198][T22499] tpg field: 1
[ 1359.364604][T22499] tpg crop: (0,0)/320x240
[ 1359.425398][T22499] tpg compose: (0,0)/320x240
[ 1359.480463][T22499] tpg colorspace: 8
[ 1359.535766][T22499] tpg transfer function: 0/0
[ 1359.597251][T22499] tpg Y'CbCr encoding: 0/0
[ 1359.608213][T22506] FAULT_INJECTION: forcing a failure.
[ 1359.608213][T22506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1359.622590][T22499] tpg quantization: 0/0
[ 1359.628927][T22506] CPU: 0 UID: 0 PID: 22506 Comm: syz.1.2770 Not tainted syzkaller #0 PREEMPT(full) 
[ 1359.628965][T22506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1359.628984][T22506] Call Trace:
[ 1359.628994][T22506]  <TASK>
[ 1359.629006][T22506]  dump_stack_lvl+0x16c/0x1f0
[ 1359.629064][T22506]  should_fail_ex+0x512/0x640
[ 1359.629143][T22506]  _copy_to_user+0x32/0xd0
[ 1359.629177][T22506]  simple_read_from_buffer+0xcb/0x170
[ 1359.629214][T22506]  proc_fail_nth_read+0x197/0x240
[ 1359.629249][T22506]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1359.629289][T22506]  ? rw_verify_area+0xcf/0x6c0
[ 1359.629321][T22506]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1359.629357][T22506]  vfs_read+0x1e4/0xcf0
[ 1359.629401][T22506]  ? __pfx___mutex_lock+0x10/0x10
[ 1359.629447][T22506]  ? __pfx_vfs_read+0x10/0x10
[ 1359.629497][T22506]  ? __fget_files+0x20e/0x3c0
[ 1359.629546][T22506]  ksys_read+0x12a/0x250
[ 1359.629583][T22506]  ? __pfx_ksys_read+0x10/0x10
[ 1359.629635][T22506]  do_syscall_64+0xcd/0x490
[ 1359.629693][T22506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1359.629723][T22506] RIP: 0033:0x7f645398d5fc
[ 1359.629747][T22506] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1359.629774][T22506] RSP: 002b:00007f64548de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1359.629803][T22506] RAX: ffffffffffffffda RBX: 00007f6453bb5fa0 RCX: 00007f645398d5fc
[ 1359.629823][T22506] RDX: 000000000000000f RSI: 00007f64548de0a0 RDI: 0000000000000004
[ 1359.629843][T22506] RBP: 00007f64548de090 R08: 0000000000000000 R09: 0000000000000000
[ 1359.629862][T22506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1359.629880][T22506] R13: 00007f6453bb6038 R14: 00007f6453bb5fa0 R15: 00007ffe2fcf84d8
[ 1359.629922][T22506]  </TASK>
[ 1359.845670][T22499] tpg RGB range: 0/2
[ 1359.849733][T22499] vivid-007: ==================  END STATUS  ==================
[ 1360.525798][T22507] can: request_module (can-proto-3) failed.
[ 1360.916703][T22519] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2772'.
[ 1361.003190][T22519] hsr_slave_0: left promiscuous mode
[ 1361.087549][T22519] hsr_slave_1: left promiscuous mode
[ 1361.996383][T22528] : Can't lookup blockdev
[ 1362.036045][T22531] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2775'.
[ 1362.665371][T22543] FAULT_INJECTION: forcing a failure.
[ 1362.665371][T22543] name failslab, interval 1, probability 0, space 0, times 0
[ 1362.726357][T22543] CPU: 1 UID: 0 PID: 22543 Comm: syz.0.2778 Not tainted syzkaller #0 PREEMPT(full) 
[ 1362.726391][T22543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1362.726406][T22543] Call Trace:
[ 1362.726414][T22543]  <TASK>
[ 1362.726423][T22543]  dump_stack_lvl+0x16c/0x1f0
[ 1362.726460][T22543]  should_fail_ex+0x512/0x640
[ 1362.726495][T22543]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1362.726529][T22543]  should_failslab+0xc2/0x120
[ 1362.726563][T22543]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1362.726604][T22543]  ? __alloc_skb+0x2b2/0x380
[ 1362.726639][T22543]  __alloc_skb+0x2b2/0x380
[ 1362.726670][T22543]  ? __pfx___alloc_skb+0x10/0x10
[ 1362.726700][T22543]  ? kasan_quarantine_put+0x10a/0x240
[ 1362.726727][T22543]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1362.726767][T22543]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1362.726810][T22543]  inetdev_event+0xed5/0x18a0
[ 1362.726850][T22543]  ? ib_netdevice_event+0xfc/0x330
[ 1362.726873][T22543]  ? __pfx_inetdev_event+0x10/0x10
[ 1362.726913][T22543]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1362.726956][T22543]  notifier_call_chain+0xb9/0x410
[ 1362.726987][T22543]  ? __pfx_inetdev_event+0x10/0x10
[ 1362.727031][T22543]  call_netdevice_notifiers_info+0xbe/0x140
[ 1362.727075][T22543]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1362.727123][T22543]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1362.727162][T22543]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1362.727201][T22543]  ? __fsnotify_parent+0x24b/0xc40
[ 1362.727228][T22543]  ? __pfx___mutex_lock+0x10/0x10
[ 1362.727267][T22543]  unregister_netdevice_queue+0x305/0x3f0
[ 1362.727306][T22543]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1362.727348][T22543]  ? __pfx_locks_remove_file+0x10/0x10
[ 1362.727378][T22543]  ? __pfx_ppp_release+0x10/0x10
[ 1362.727412][T22543]  ppp_release+0x209/0x230
[ 1362.727446][T22543]  __fput+0x3ff/0xb70
[ 1362.727488][T22543]  task_work_run+0x14d/0x240
[ 1362.727529][T22543]  ? __pfx_task_work_run+0x10/0x10
[ 1362.727583][T22543]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1362.727620][T22543]  exit_to_user_mode_loop+0xeb/0x110
[ 1362.727660][T22543]  do_syscall_64+0x3f6/0x490
[ 1362.727696][T22543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1362.727721][T22543] RIP: 0033:0x7f9dedf8ebe9
[ 1362.727739][T22543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1362.727764][T22543] RSP: 002b:00007f9dec1f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1362.727787][T22543] RAX: 0000000000000000 RBX: 00007f9dee1b6090 RCX: 00007f9dedf8ebe9
[ 1362.727802][T22543] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1362.727817][T22543] RBP: 00007f9dee011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1362.727831][T22543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1362.727846][T22543] R13: 00007f9dee1b6128 R14: 00007f9dee1b6090 R15: 00007ffd4ff812d8
[ 1362.727878][T22543]  </TASK>
[ 1364.428753][T22572] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2786'.
[ 1364.976065][T22580] FAULT_INJECTION: forcing a failure.
[ 1364.976065][T22580] name failslab, interval 1, probability 0, space 0, times 0
[ 1365.024193][T22580] CPU: 0 UID: 0 PID: 22580 Comm: syz.3.2788 Not tainted syzkaller #0 PREEMPT(full) 
[ 1365.024231][T22580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1365.024246][T22580] Call Trace:
[ 1365.024254][T22580]  <TASK>
[ 1365.024263][T22580]  dump_stack_lvl+0x16c/0x1f0
[ 1365.024300][T22580]  should_fail_ex+0x512/0x640
[ 1365.024336][T22580]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1365.024366][T22580]  should_failslab+0xc2/0x120
[ 1365.024405][T22580]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1365.024431][T22580]  ? bpf_lsm_capable+0x9/0x10
[ 1365.024454][T22580]  ? evm_write_xattrs+0x1ab/0x8d0
[ 1365.024490][T22580]  evm_write_xattrs+0x1ab/0x8d0
[ 1365.024522][T22580]  ? __pfx_evm_write_xattrs+0x10/0x10
[ 1365.024570][T22580]  ? __pfx_evm_write_xattrs+0x10/0x10
[ 1365.024601][T22580]  vfs_write+0x29d/0x11d0
[ 1365.024635][T22580]  ? __pfx___mutex_lock+0x10/0x10
[ 1365.024669][T22580]  ? __pfx_vfs_write+0x10/0x10
[ 1365.024706][T22580]  ? __fget_files+0x20e/0x3c0
[ 1365.024741][T22580]  ksys_write+0x12a/0x250
[ 1365.024769][T22580]  ? __pfx_ksys_write+0x10/0x10
[ 1365.024807][T22580]  do_syscall_64+0xcd/0x490
[ 1365.024842][T22580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1365.024880][T22580] RIP: 0033:0x7fa07378ebe9
[ 1365.024898][T22580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1365.024921][T22580] RSP: 002b:00007fa07465c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1365.024943][T22580] RAX: ffffffffffffffda RBX: 00007fa0739b5fa0 RCX: 00007fa07378ebe9
[ 1365.024959][T22580] RDX: 000000000000001a RSI: 0000000000000000 RDI: 0000000000000006
[ 1365.024972][T22580] RBP: 00007fa073811e19 R08: 0000000000000000 R09: 0000000000000000
[ 1365.024987][T22580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1365.025001][T22580] R13: 00007fa0739b6038 R14: 00007fa0739b5fa0 R15: 00007fff12efc208
[ 1365.025031][T22580]  </TASK>
[ 1365.217117][   T31] audit: type=1806 audit(6050872519.916:24):  res=-12
[ 1365.406298][T22578] : Can't lookup blockdev
[ 1368.206873][T22607] sd 0:0:1:0: PR command failed: 1026
[ 1368.212345][T22607] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1368.492239][T22607] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1368.702906][T22623] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2796'.
[ 1369.019184][   T31] audit: type=1800 audit(6050872523.956:25): pid=22607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2794" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1370.485790][T22629] svc: failed to register nfsdv3 RPC service (errno 111).
[ 1370.565659][T22629] svc: failed to register nfsaclv3 RPC service (errno 111).
[ 1371.355181][T22655] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2806'.
[ 1372.098539][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1372.128952][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1372.543131][T22676] sd 0:0:1:0: PR command failed: 1026
[ 1372.709637][T22676] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1372.844625][T22676] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1373.906310][T22684] random: crng reseeded on system resumption
[ 1374.148934][T20192] Bluetooth: hci5: command 0x0406 tx timeout
[ 1374.850480][T22700] : Can't lookup blockdev
[ 1375.499869][T22707] mkiss: ax0: crc mode is auto.
[ 1375.701480][T22709] mkiss: ax0: crc mode is auto.
[ 1376.089042][T22717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2819'.
[ 1376.678144][T22720] sd 0:0:1:0: PR command failed: 1026
[ 1376.683624][T22720] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1376.737433][T22720] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1378.917075][T22766] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1379.259725][T22771] : Can't lookup blockdev
[ 1379.632568][T22782] netlink: 'syz.4.2838': attribute type 1 has an invalid length.
[ 1379.756851][T22784] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input18
[ 1382.348913][T22822] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2845'.
[ 1383.593205][T22832] : Can't lookup blockdev
[ 1383.706923][T22836] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2848'.
[ 1383.803318][T22833] random: crng reseeded on system resumption
[ 1383.833564][T22836] veth0_macvtap: left promiscuous mode
[ 1386.371038][T22872] random: crng reseeded on system resumption
[ 1386.516254][T22872] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2856'.
[ 1388.966071][T22884] sd 0:0:1:0: PR command failed: 1026
[ 1388.978160][T22884] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1389.000384][T22884] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1389.071468][   T31] audit: type=1800 audit(6050938081.005:26): pid=22884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2859" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1390.239615][T22907] sd 0:0:1:0: PR command failed: 1026
[ 1390.245084][T22907] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1390.636487][T22907] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1393.732019][T22954] : Can't lookup blockdev
[ 1393.802521][T22958] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1396.716562][T22985] random: crng reseeded on system resumption
[ 1398.163412][T23006] vivid-007: =================  START STATUS  =================
[ 1398.171465][T23006] vivid-007: Generate PTS: true
[ 1398.176417][T23006] vivid-007: Generate SCR: true
[ 1398.181313][T23006] tpg source WxH: 320x240 (Y'CbCr)
[ 1398.218620][T23006] tpg field: 1
[ 1398.222056][T23006] tpg crop: (0,0)/320x240
[ 1398.268396][T23006] tpg compose: (0,0)/320x240
[ 1398.278715][T23006] tpg colorspace: 8
[ 1398.294426][T23006] tpg transfer function: 0/0
[ 1398.301753][T23006] tpg Y'CbCr encoding: 0/0
[ 1398.307134][T23006] tpg quantization: 0/0
[ 1398.315099][T23006] tpg RGB range: 0/2
[ 1398.365312][T23006] vivid-007: ==================  END STATUS  ==================
[ 1398.904945][T23008] can: request_module (can-proto-3) failed.
[ 1401.313598][T23027] sd 0:0:1:0: PR command failed: 1026
[ 1401.415698][T23027] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1401.575865][T23027] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1402.957389][T23066] vivid-007: =================  START STATUS  =================
[ 1402.975680][T23066] vivid-007: Generate PTS: true
[ 1402.980613][T23066] vivid-007: Generate SCR: true
[ 1402.985737][T23066] tpg source WxH: 320x240 (Y'CbCr)
[ 1402.990867][T23066] tpg field: 1
[ 1402.994245][T23066] tpg crop: (0,0)/320x240
[ 1403.035685][T23066] tpg compose: (0,0)/320x240
[ 1403.045994][T23066] tpg colorspace: 8
[ 1403.057584][T23066] tpg transfer function: 0/0
[ 1403.099616][T23066] tpg Y'CbCr encoding: 0/0
[ 1403.155051][T23066] tpg quantization: 0/0
[ 1403.215759][T23066] tpg RGB range: 0/2
[ 1403.219731][T23066] vivid-007: ==================  END STATUS  ==================
[ 1403.619790][T23069] can: request_module (can-proto-3) failed.
[ 1405.042861][T23079] FAULT_INJECTION: forcing a failure.
[ 1405.042861][T23079] name failslab, interval 1, probability 0, space 0, times 0
[ 1405.146046][T23079] CPU: 0 UID: 0 PID: 23079 Comm: syz.0.2895 Not tainted syzkaller #0 PREEMPT(full) 
[ 1405.146090][T23079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1405.146111][T23079] Call Trace:
[ 1405.146122][T23079]  <TASK>
[ 1405.146135][T23079]  dump_stack_lvl+0x16c/0x1f0
[ 1405.146185][T23079]  should_fail_ex+0x512/0x640
[ 1405.146230][T23079]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1405.146277][T23079]  should_failslab+0xc2/0x120
[ 1405.146322][T23079]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1405.146365][T23079]  ? alloc_vfsmnt+0x23/0x6b0
[ 1405.146420][T23079]  alloc_vfsmnt+0x23/0x6b0
[ 1405.146470][T23079]  clone_mnt+0x6d/0xbf0
[ 1405.146498][T23079]  ? copy_mnt_ns+0x1a9/0xac0
[ 1405.146548][T23079]  copy_tree+0x31d/0xbd0
[ 1405.146598][T23079]  copy_mnt_ns+0x1a9/0xac0
[ 1405.146638][T23079]  ? trace_kmem_cache_alloc+0x28/0xc0
[ 1405.146693][T23079]  ? create_new_namespaces+0x30/0xa90
[ 1405.146738][T23079]  create_new_namespaces+0xd3/0xa90
[ 1405.146775][T23079]  ? bpf_lsm_capable+0x9/0x10
[ 1405.146806][T23079]  ? security_capable+0x7e/0x260
[ 1405.146846][T23079]  copy_namespaces+0x468/0x560
[ 1405.146887][T23079]  copy_process+0x2822/0x7690
[ 1405.146966][T23079]  ? __pfx_copy_process+0x10/0x10
[ 1405.147009][T23079]  ? futex_private_hash_put+0x176/0x300
[ 1405.147057][T23079]  ? futex_private_hash_put+0x18a/0x300
[ 1405.147106][T23079]  kernel_clone+0xfc/0x930
[ 1405.147153][T23079]  ? __pfx_kernel_clone+0x10/0x10
[ 1405.147222][T23079]  __do_sys_clone+0xce/0x120
[ 1405.147266][T23079]  ? __pfx___do_sys_clone+0x10/0x10
[ 1405.147331][T23079]  ? xfd_validate_state+0x61/0x180
[ 1405.147384][T23079]  ? __pfx_do_writev+0x10/0x10
[ 1405.147434][T23079]  do_syscall_64+0xcd/0x490
[ 1405.147484][T23079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1405.147518][T23079] RIP: 0033:0x7f9dedf8ebe9
[ 1405.147545][T23079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1405.147579][T23079] RSP: 002b:00007f9deed26fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[ 1405.147611][T23079] RAX: ffffffffffffffda RBX: 00007f9dee1b5fa0 RCX: 00007f9dedf8ebe9
[ 1405.147632][T23079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000082360411
[ 1405.147652][T23079] RBP: 00007f9dee011e19 R08: 0000000000000000 R09: 0000000000000000
[ 1405.147671][T23079] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1405.147690][T23079] R13: 00007f9dee1b6038 R14: 00007f9dee1b5fa0 R15: 00007ffd4ff812d8
[ 1405.147732][T23079]  </TASK>
[ 1406.274774][T23094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2897'.
[ 1408.994211][T23104] sd 0:0:1:0: PR command failed: 1026
[ 1409.066515][T23104] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1409.160209][T23104] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1411.631263][T23140] vivid-007: =================  START STATUS  =================
[ 1411.678646][T23140] vivid-007: Generate PTS: true
[ 1411.728769][T23140] vivid-007: Generate SCR: true
[ 1411.734396][T23140] tpg source WxH: 320x240 (Y'CbCr)
[ 1411.786193][T23140] tpg field: 1
[ 1411.842703][T23140] tpg crop: (0,0)/320x240
[ 1411.847900][T23140] tpg compose: (0,0)/320x240
[ 1411.852575][T23140] tpg colorspace: 8
[ 1411.884805][T23140] tpg transfer function: 0/0
[ 1411.890151][T23145] [U] 
[ 1411.892996][T23145] [U] 
[ 1411.895754][T23145] [U] 
[ 1411.898500][T23145] [U] 
[ 1411.901531][T23140] tpg Y'CbCr encoding: 0/0
[ 1411.964538][T23140] tpg quantization: 0/0
[ 1411.986284][T23140] tpg RGB range: 0/2
[ 1412.014233][T23140] vivid-007: ==================  END STATUS  ==================
[ 1412.091103][T23145] [U] 
[ 1412.093896][T23145] [U] 
[ 1412.096642][T23145] [U] 
[ 1412.099354][T23145] [U] 
[ 1412.297515][T23148] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2905'.
[ 1412.310045][T23145] [U] 
[ 1412.312838][T23145] [U] 
[ 1412.315592][T23145] [U] 
[ 1412.318337][T23145] [U] 
[ 1412.488699][T23145] [U] 
[ 1412.491497][T23145] [U] 
[ 1412.494244][T23145] [U] 
[ 1412.496989][T23145] [U] 
[ 1412.500653][T23145] [U] 
[ 1412.503410][T23145] [U] 
[ 1412.506153][T23145] [U] 
[ 1412.508892][T23145] [U] 
[ 1412.512665][T23145] [U] 
[ 1412.515425][T23145] [U] 
[ 1412.518171][T23145] [U] 
[ 1412.520916][T23145] [U] 
[ 1412.524053][T23145] [U] 
[ 1412.526808][T23145] [U] 
[ 1412.529565][T23145] [U] 
[ 1412.532314][T23145] [U] 
[ 1412.535921][T23145] [U] 
[ 1412.538681][T23145] [U] 
[ 1412.541434][T23145] [U] 
[ 1412.544182][T23145] [U] 
[ 1412.547818][T23145] [U] 
[ 1412.550563][T23145] [U] 
[ 1412.553274][T23145] [U] 
[ 1412.555988][T23145] [U] 
[ 1412.563729][T23145] [U] 
[ 1412.566511][T23145] [U] 
[ 1412.569259][T23145] [U] 
[ 1412.572000][T23145] [U] 
[ 1412.595839][T23145] [U] 
[ 1412.598631][T23145] [U] 
[ 1412.601379][T23145] [U] 
[ 1412.604126][T23145] [U] 
[ 1412.669175][T23140] can: request_module (can-proto-3) failed.
[ 1412.710143][T23145] [U] 
[ 1412.712950][T23145] [U] 
[ 1412.715686][T23145] [U] 
[ 1412.718401][T23145] [U] 
[ 1412.721590][T23145] [U] 
[ 1412.724336][T23145] [U] 
[ 1412.727045][T23145] [U] 
[ 1412.729754][T23145] [U] 
[ 1412.732882][T23145] [U] 
[ 1412.735644][T23145] [U] 
[ 1412.738369][T23145] [U] 
[ 1412.741076][T23145] [U] 
[ 1412.744255][T23145] [U] 
[ 1412.746993][T23145] [U] 
[ 1412.749705][T23145] [U] 
[ 1412.752419][T23145] [U] 
[ 1412.815882][T23145] [U] 
[ 1412.818654][T23145] [U] 
[ 1412.821369][T23145] [U] 
[ 1412.824084][T23145] [U] 
[ 1412.941730][T23145] [U] 
[ 1412.944487][T23145] [U] 
[ 1412.947201][T23145] [U] 
[ 1412.949925][T23145] [U] 
[ 1413.170692][T23145] [U] 
[ 1413.173482][T23145] [U] 
[ 1413.176236][T23145] [U] 
[ 1413.178972][T23145] [U] 
[ 1413.534666][T23145] [U] 
[ 1413.537482][T23145] [U] 
[ 1413.540225][T23145] [U] 
[ 1413.542964][T23145] [U] 
[ 1413.645885][T23145] [U] 
[ 1413.648679][T23145] [U] 
[ 1413.651422][T23145] [U] 
[ 1413.654173][T23145] [U] 
[ 1413.834346][T23145] [U] 
[ 1413.837099][T23145] [U] 
[ 1413.839813][T23145] [U] 
[ 1413.842520][T23145] [U] 
[ 1413.926473][T23145] [U] 
[ 1413.929241][T23145] [U] 
[ 1413.931954][T23145] [U] 
[ 1413.934660][T23145] [U] 
[ 1414.062260][T23145] [U] 
[ 1414.065026][T23145] [U] 
[ 1414.067762][T23145] [U] 
[ 1414.070498][T23145] [U] 
[ 1414.073552][T23145] [U] 
[ 1414.076294][T23145] [U] 
[ 1414.079018][T23145] [U] 
[ 1414.079257][T23173] vivid-007: =================  START STATUS  =================
[ 1414.081753][T23145] [U] 
[ 1414.185782][T23145] [U] 
[ 1414.188533][T23145] [U] 
[ 1414.191244][T23145] [U] 
[ 1414.193950][T23145] [U] 
[ 1414.205868][T23173] vivid-007: Generate PTS: true
[ 1414.211791][T23173] vivid-007: Generate SCR: true
[ 1414.276577][T23173] tpg source WxH: 320x240 (Y'CbCr)
[ 1414.303463][T23173] tpg field: 1
[ 1414.388702][T23173] tpg crop: (0,0)/320x240
[ 1414.417875][T23173] tpg compose: (0,0)/320x240
[ 1414.459342][T23145] [U] 
[ 1414.462134][T23145] [U] 
[ 1414.464889][T23145] [U] 
[ 1414.467625][T23145] [U] 
[ 1414.500006][T23173] tpg colorspace: 8
[ 1414.529301][T23173] tpg transfer function: 0/0
[ 1414.565663][T23173] tpg Y'CbCr encoding: 0/0
[ 1414.570486][T23145] [U] 
[ 1414.573258][T23145] [U] 
[ 1414.576011][T23145] [U] 
[ 1414.578774][T23145] [U] 
[ 1414.582021][T23145] [U] 
[ 1414.584788][T23145] [U] 
[ 1414.587530][T23145] [U] 
[ 1414.590271][T23145] [U] 
[ 1414.593991][T23145] [U] 
[ 1414.596763][T23145] [U] 
[ 1414.599507][T23145] [U] 
[ 1414.602253][T23145] [U] 
[ 1414.605436][T23145] [U] 
[ 1414.608203][T23145] [U] 
[ 1414.610946][T23145] [U] 
[ 1414.613722][T23145] [U] 
[ 1414.618529][T23145] [U] 
[ 1414.621287][T23145] [U] 
[ 1414.624038][T23145] [U] 
[ 1414.626783][T23145] [U] 
[ 1414.629940][T23145] [U] 
[ 1414.632702][T23145] [U] 
[ 1414.635449][T23145] [U] 
[ 1414.641010][T23174] sd 0:0:1:0: PR command failed: 1026
[ 1414.646628][T23174] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1414.653523][T23174] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1414.670090][T23173] tpg quantization: 0/0
[ 1414.674305][T23173] tpg RGB range: 0/2
[ 1414.719249][T23173] vivid-007: ==================  END STATUS  ==================
[ 1414.925962][T23148] [U] 
[ 1415.641222][T23177] can: request_module (can-proto-3) failed.
[ 1418.483090][T23219] vivid-007: =================  START STATUS  =================
[ 1418.531865][T23219] vivid-007: Generate PTS: true
[ 1418.544412][T23219] vivid-007: Generate SCR: true
[ 1418.573349][T23219] tpg source WxH: 320x240 (Y'CbCr)
[ 1418.595620][T23219] tpg field: 1
[ 1418.602797][T23219] tpg crop: (0,0)/320x240
[ 1418.653655][T23219] tpg compose: (0,0)/320x240
[ 1418.751546][T23219] tpg colorspace: 8
[ 1418.755421][T23219] tpg transfer function: 0/0
[ 1418.895844][T23219] tpg Y'CbCr encoding: 0/0
[ 1418.900331][T23219] tpg quantization: 0/0
[ 1418.904487][T23219] tpg RGB range: 0/2
[ 1419.085718][T23219] vivid-007: ==================  END STATUS  ==================
[ 1419.715724][T23219] can: request_module (can-proto-3) failed.
[ 1420.862893][T23240] FAULT_INJECTION: forcing a failure.
[ 1420.862893][T23240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1420.976915][T23240] CPU: 1 UID: 0 PID: 23240 Comm: syz.1.2924 Not tainted syzkaller #0 PREEMPT(full) 
[ 1420.976965][T23240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1420.976986][T23240] Call Trace:
[ 1420.976997][T23240]  <TASK>
[ 1420.977009][T23240]  dump_stack_lvl+0x16c/0x1f0
[ 1420.977060][T23240]  should_fail_ex+0x512/0x640
[ 1420.977115][T23240]  __fpu_restore_sig+0xfe/0x13a0
[ 1420.977167][T23240]  ? __lock_acquire+0xb97/0x1ce0
[ 1420.977212][T23240]  ? __pfx___fpu_restore_sig+0x10/0x10
[ 1420.977282][T23240]  ? __might_fault+0xe3/0x190
[ 1420.977319][T23240]  ? __might_fault+0x13b/0x190
[ 1420.977365][T23240]  fpu__restore_sig+0x151/0x190
[ 1420.977416][T23240]  restore_sigcontext+0x4c9/0x6a0
[ 1420.977460][T23240]  ? __pfx_restore_sigcontext+0x10/0x10
[ 1420.977534][T23240]  ? __pfx_restore_altstack+0x10/0x10
[ 1420.977586][T23240]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1420.977622][T23240]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1420.977671][T23240]  __do_sys_rt_sigreturn+0x1bb/0x230
[ 1420.977714][T23240]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1420.977771][T23240]  do_syscall_64+0xcd/0x490
[ 1420.977826][T23240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1420.977860][T23240] RIP: 0033:0x7f645398ebe9
[ 1420.977886][T23240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1420.977919][T23240] RSP: 002b:00007f64548de038 EFLAGS: 00000246
[ 1420.977958][T23240] RAX: 0000000000000000 RBX: 00007f6453bb5fa0 RCX: 00007f645398ebe9
[ 1420.977978][T23240] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000201
[ 1420.977996][T23240] RBP: 00007f6453a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1420.978014][T23240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1420.978032][T23240] R13: 00007f6453bb6038 R14: 00007f6453bb5fa0 R15: 00007ffe2fcf84d8
[ 1420.978091][T23240]  </TASK>
[ 1421.567966][T23243] : Can't lookup blockdev
[ 1421.805251][T23250] vivid-007: =================  START STATUS  =================
[ 1421.846604][T23250] vivid-007: Generate PTS: true
[ 1421.898460][T23250] vivid-007: Generate SCR: true
[ 1421.903459][T23250] tpg source WxH: 320x240 (Y'CbCr)
[ 1421.959372][T23250] tpg field: 1
[ 1421.973335][T23250] tpg crop: (0,0)/320x240
[ 1422.028255][T23250] tpg compose: (0,0)/320x240
[ 1422.051366][T23250] tpg colorspace: 8
[ 1422.056072][T23250] tpg transfer function: 0/0
[ 1422.061367][T23250] tpg Y'CbCr encoding: 0/0
[ 1422.070101][T23250] tpg quantization: 0/0
[ 1422.078304][T23250] tpg RGB range: 0/2
[ 1422.089072][T23250] vivid-007: ==================  END STATUS  ==================
[ 1422.617454][T23262] can: request_module (can-proto-3) failed.
[ 1423.506198][T23265] FAULT_INJECTION: forcing a failure.
[ 1423.506198][T23265] name failslab, interval 1, probability 0, space 0, times 0
[ 1423.547941][T23265] CPU: 0 UID: 0 PID: 23265 Comm: syz.4.2930 Not tainted syzkaller #0 PREEMPT(full) 
[ 1423.547985][T23265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1423.548004][T23265] Call Trace:
[ 1423.548014][T23265]  <TASK>
[ 1423.548026][T23265]  dump_stack_lvl+0x16c/0x1f0
[ 1423.548074][T23265]  should_fail_ex+0x512/0x640
[ 1423.548119][T23265]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1423.548162][T23265]  should_failslab+0xc2/0x120
[ 1423.548203][T23265]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1423.548240][T23265]  ? __alloc_skb+0x2b2/0x380
[ 1423.548285][T23265]  __alloc_skb+0x2b2/0x380
[ 1423.548334][T23265]  ? __pfx___alloc_skb+0x10/0x10
[ 1423.548371][T23265]  ? kasan_quarantine_put+0x10a/0x240
[ 1423.548407][T23265]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1423.548459][T23265]  inet_netconf_notify_devconf+0x8b/0x1f0
[ 1423.548514][T23265]  inetdev_event+0xed5/0x18a0
[ 1423.548566][T23265]  ? ib_netdevice_event+0xfc/0x330
[ 1423.548596][T23265]  ? __pfx_inetdev_event+0x10/0x10
[ 1423.548645][T23265]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1423.548700][T23265]  notifier_call_chain+0xb9/0x410
[ 1423.548739][T23265]  ? __pfx_inetdev_event+0x10/0x10
[ 1423.548794][T23265]  call_netdevice_notifiers_info+0xbe/0x140
[ 1423.548849][T23265]  unregister_netdevice_many_notify+0xf76/0x24c0
[ 1423.548917][T23265]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1423.548969][T23265]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1423.549022][T23265]  ? __fsnotify_parent+0x24b/0xc40
[ 1423.549058][T23265]  ? __pfx___mutex_lock+0x10/0x10
[ 1423.549108][T23265]  unregister_netdevice_queue+0x305/0x3f0
[ 1423.549158][T23265]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1423.549208][T23265]  ? __pfx_locks_remove_file+0x10/0x10
[ 1423.549247][T23265]  ? __pfx_ppp_release+0x10/0x10
[ 1423.549291][T23265]  ppp_release+0x209/0x230
[ 1423.549352][T23265]  __fput+0x3ff/0xb70
[ 1423.549409][T23265]  task_work_run+0x14d/0x240
[ 1423.549464][T23265]  ? __pfx_task_work_run+0x10/0x10
[ 1423.549517][T23265]  ? __pfx___do_sys_close_range+0x10/0x10
[ 1423.549566][T23265]  exit_to_user_mode_loop+0xeb/0x110
[ 1423.549617][T23265]  do_syscall_64+0x3f6/0x490
[ 1423.549666][T23265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1423.549699][T23265] RIP: 0033:0x7ff87998ebe9
[ 1423.549724][T23265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1423.549756][T23265] RSP: 002b:00007ff87a81f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1423.549787][T23265] RAX: 0000000000000000 RBX: 00007ff879bb5fa0 RCX: 00007ff87998ebe9
[ 1423.549807][T23265] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[ 1423.549826][T23265] RBP: 00007ff879a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1423.549846][T23265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1423.549866][T23265] R13: 00007ff879bb6038 R14: 00007ff879bb5fa0 R15: 00007ffee34bc8b8
[ 1423.549908][T23265]  </TASK>
[ 1426.044143][T23298] FAULT_INJECTION: forcing a failure.
[ 1426.044143][T23298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1426.112851][T23296] : Can't lookup blockdev
[ 1426.113003][T23298] CPU: 0 UID: 0 PID: 23298 Comm: syz.0.2938 Not tainted syzkaller #0 PREEMPT(full) 
[ 1426.113050][T23298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1426.113071][T23298] Call Trace:
[ 1426.113080][T23298]  <TASK>
[ 1426.113093][T23298]  dump_stack_lvl+0x16c/0x1f0
[ 1426.113143][T23298]  should_fail_ex+0x512/0x640
[ 1426.113201][T23298]  _copy_to_iter+0x29f/0x1710
[ 1426.113240][T23298]  ? kfree+0x2b4/0x4d0
[ 1426.113271][T23298]  ? traverse.part.0.constprop.0+0x392/0x640
[ 1426.113310][T23298]  ? traverse.part.0.constprop.0+0x2c0/0x640
[ 1426.113357][T23298]  ? __pfx__copy_to_iter+0x10/0x10
[ 1426.113396][T23298]  ? traverse.part.0.constprop.0+0x2c5/0x640
[ 1426.113448][T23298]  seq_read_iter+0x719/0x12c0
[ 1426.113501][T23298]  proc_reg_read_iter+0x220/0x310
[ 1426.113555][T23298]  vfs_read+0x8bf/0xcf0
[ 1426.113607][T23298]  ? __pfx_vfs_read+0x10/0x10
[ 1426.113650][T23298]  ? find_held_lock+0x2b/0x80
[ 1426.113713][T23298]  __x64_sys_pread64+0x1eb/0x250
[ 1426.113769][T23298]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 1426.113829][T23298]  do_syscall_64+0xcd/0x490
[ 1426.113879][T23298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1426.113917][T23298] RIP: 0033:0x7f9dedf8ebe9
[ 1426.113943][T23298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1426.113978][T23298] RSP: 002b:00007f9deed27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 1426.114012][T23298] RAX: ffffffffffffffda RBX: 00007f9dee1b5fa0 RCX: 00007f9dedf8ebe9
[ 1426.114041][T23298] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004
[ 1426.114064][T23298] RBP: 00007f9deed27090 R08: 0000000000000000 R09: 0000000000000000
[ 1426.114085][T23298] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[ 1426.114105][T23298] R13: 00007f9dee1b6038 R14: 00007f9dee1b5fa0 R15: 00007ffd4ff812d8
[ 1426.114151][T23298]  </TASK>
[ 1427.068201][T23310] netlink: 'syz.4.2949': attribute type 1 has an invalid length.
[ 1429.545702][T23327] sd 0:0:1:0: PR command failed: 1026
[ 1429.735664][T23327] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1429.742471][T23327] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1432.220212][T23358] vivid-007: =================  START STATUS  =================
[ 1432.316068][T23358] vivid-007: Generate PTS: true
[ 1432.380032][T23358] vivid-007: Generate SCR: true
[ 1432.385112][T23358] tpg source WxH: 320x240 (Y'CbCr)
[ 1432.401277][T23358] tpg field: 1
[ 1432.405833][T23358] tpg crop: (0,0)/320x240
[ 1432.427081][T23358] tpg compose: (0,0)/320x240
[ 1432.509438][T23358] tpg colorspace: 8
[ 1432.513285][T23358] tpg transfer function: 0/0
[ 1432.578717][T23358] tpg Y'CbCr encoding: 0/0
[ 1432.583206][T23358] tpg quantization: 0/0
[ 1432.685777][T23351] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1432.732459][T23351] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1432.742952][T23358] tpg RGB range: 0/2
[ 1432.766159][T23351] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1432.793404][T23358] vivid-007: ==================  END STATUS  ==================
[ 1432.837134][T23351] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1432.843860][T23351] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1433.358133][T23351] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1433.422270][T23362] can: request_module (can-proto-3) failed.
[ 1433.455661][T23351] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1433.516193][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1433.522548][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1433.821436][T23354] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1434.089899][T23376] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2951'.
[ 1434.297455][T23380] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1434.697262][T20192] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1434.798631][T20192] Bluetooth: hci2: command 0x0419 tx timeout
[ 1434.815564][T20192] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1434.855755][T20192] Bluetooth: hci0: command 0x0406 tx timeout
[ 1435.359560][T23390] vivid-007: =================  START STATUS  =================
[ 1435.415624][T23384] Bluetooth: hci5: command 0x0406 tx timeout
[ 1435.532207][T23390] vivid-007: Generate PTS: true
[ 1435.545624][T23390] vivid-007: Generate SCR: true
[ 1435.597025][T23390] tpg source WxH: 320x240 (Y'CbCr)
[ 1435.858067][T23390] tpg field: 1
[ 1435.861492][T23390] tpg crop: (0,0)/320x240
[ 1436.125624][T23390] tpg compose: (0,0)/320x240
[ 1436.130293][T23390] tpg colorspace: 8
[ 1436.157703][T23390] tpg transfer function: 0/0
[ 1436.317780][T23390] tpg Y'CbCr encoding: 0/0
[ 1436.322330][T23390] tpg quantization: 0/0
[ 1436.406467][T23390] tpg RGB range: 0/2
[ 1436.422482][T23390] vivid-007: ==================  END STATUS  ==================
[ 1436.937830][T23384] Bluetooth: hci0: command 0x0406 tx timeout
[ 1437.206178][T23395] can: request_module (can-proto-3) failed.
[ 1437.495654][T23384] Bluetooth: hci5: command 0x0406 tx timeout
[ 1438.396733][T23411] vivid-007: =================  START STATUS  =================
[ 1438.404436][T23411] vivid-007: Generate PTS: true
[ 1438.415991][T23411] vivid-007: Generate SCR: true
[ 1438.440127][T23411] tpg source WxH: 320x240 (Y'CbCr)
[ 1438.483768][T23411] tpg field: 1
[ 1438.507558][T23411] tpg crop: (0,0)/320x240
[ 1438.525578][T23411] tpg compose: (0,0)/320x240
[ 1438.535870][T23411] tpg colorspace: 8
[ 1438.596089][T23411] tpg transfer function: 0/0
[ 1438.635581][T23411] tpg Y'CbCr encoding: 0/0
[ 1438.640064][T23411] tpg quantization: 0/0
[ 1438.686429][T23411] tpg RGB range: 0/2
[ 1438.693366][T23411] vivid-007: ==================  END STATUS  ==================
[ 1440.240918][T23419] can: request_module (can-proto-3) failed.
[ 1446.395090][T23465] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1446.412930][T23468] vivid-007: =================  START STATUS  =================
[ 1446.455648][T23468] vivid-007: Generate PTS: true
[ 1446.476378][T23468] vivid-007: Generate SCR: true
[ 1446.520374][T23468] tpg source WxH: 320x240 (Y'CbCr)
[ 1446.535561][T23468] tpg field: 1
[ 1446.540682][T23468] tpg crop: (0,0)/320x240
[ 1446.550766][T23468] tpg compose: (0,0)/320x240
[ 1446.611674][T23468] tpg colorspace: 8
[ 1446.636048][T23468] tpg transfer function: 0/0
[ 1446.640872][T23468] tpg Y'CbCr encoding: 0/0
[ 1446.654425][T23468] tpg quantization: 0/0
[ 1446.667619][T23468] tpg RGB range: 0/2
[ 1446.679064][T23468] vivid-007: ==================  END STATUS  ==================
[ 1447.120473][T23469] can: request_module (can-proto-3) failed.
[ 1448.014002][T23484] : Can't lookup blockdev
[ 1449.284517][T23503] sd 0:0:1:0: PR command failed: 1026
[ 1449.415718][T23503] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1449.422527][T23503] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1452.554216][T23535] vivid-007: =================  START STATUS  =================
[ 1452.581844][T23535] vivid-007: Generate PTS: true
[ 1452.595644][T23535] vivid-007: Generate SCR: true
[ 1452.604280][T23535] tpg source WxH: 320x240 (Y'CbCr)
[ 1452.615868][T23535] tpg field: 1
[ 1452.619299][T23535] tpg crop: (0,0)/320x240
[ 1452.672028][T23535] tpg compose: (0,0)/320x240
[ 1452.730908][T23535] tpg colorspace: 8
[ 1452.755800][T23535] tpg transfer function: 0/0
[ 1452.780924][T23535] tpg Y'CbCr encoding: 0/0
[ 1452.806179][T23535] tpg quantization: 0/0
[ 1452.872444][T23535] tpg RGB range: 0/2
[ 1452.922010][T23535] vivid-007: ==================  END STATUS  ==================
[ 1453.566061][T23543] vivid-007: =================  START STATUS  =================
[ 1453.573886][T23543] vivid-007: Generate PTS: true
[ 1453.579423][T23543] vivid-007: Generate SCR: true
[ 1453.585858][T23543] tpg source WxH: 320x240 (Y'CbCr)
[ 1453.591223][T23543] tpg field: 1
[ 1453.595233][T23543] tpg crop: (0,0)/320x240
[ 1453.616044][T23543] tpg compose: (0,0)/320x240
[ 1453.625648][T23543] tpg colorspace: 8
[ 1453.629805][T23543] tpg transfer function: 0/0
[ 1453.705092][T23543] tpg Y'CbCr encoding: 0/0
[ 1454.079895][T23543] tpg quantization: 0/0
[ 1454.135759][T23543] tpg RGB range: 0/2
[ 1454.139729][T23543] vivid-007: ==================  END STATUS  ==================
[ 1454.639150][T23543] can: request_module (can-proto-3) failed.
[ 1458.459587][T23585] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2993'.
[ 1458.492724][T23585] bridge_slave_1: left allmulticast mode
[ 1458.517020][T23585] bridge_slave_1: left promiscuous mode
[ 1458.576649][T23583] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input19
[ 1458.645918][T23585] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1458.666832][T23585] bridge_slave_0: left allmulticast mode
[ 1458.673339][T23585] bridge_slave_0: left promiscuous mode
[ 1458.729988][T23585] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1459.217869][T23588] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 1459.275642][T23588] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 1459.319354][T23582] sd 0:0:1:0: PR command failed: 1026
[ 1459.324949][T23582] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1459.352797][T23588] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1459.361984][T23582] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1460.290490][T22464] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[ 1464.927011][T22464] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1464.955964][T22464] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1464.977242][T22464] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1465.004236][T22464] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1465.013837][T22464] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1466.118036][T23650] chnl_net:caif_netlink_parms(): no params data found
[ 1466.825418][T23650] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1466.861693][T23650] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1466.908624][T23650] bridge_slave_0: entered allmulticast mode
[ 1466.948562][T23650] bridge_slave_0: entered promiscuous mode
[ 1467.065391][T23650] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1467.096137][T22464] Bluetooth: hci3: command tx timeout
[ 1467.136504][T23650] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.189167][T23650] bridge_slave_1: entered allmulticast mode
[ 1467.225168][T23650] bridge_slave_1: entered promiscuous mode
[ 1467.443539][T23650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1467.653757][T23650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1468.007936][T23650] team0: Port device team_slave_0 added
[ 1468.066230][T23650] team0: Port device team_slave_1 added
[ 1468.535984][T23650] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1468.558036][T23650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1468.630222][T23650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1468.729532][T23650] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1468.765577][T23650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1468.882838][T23650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1469.212626][T22464] Bluetooth: hci3: command tx timeout
[ 1469.601057][T23650] hsr_slave_0: entered promiscuous mode
[ 1469.636586][T23650] hsr_slave_1: entered promiscuous mode
[ 1469.657037][T23650] debugfs: 'hsr0' already exists in 'hsr'
[ 1469.685674][T23650] Cannot create hsr debugfs directory
[ 1471.262756][T22464] Bluetooth: hci3: command tx timeout
[ 1471.428587][T23729] vivid-007: =================  START STATUS  =================
[ 1471.475811][T23729] vivid-007: Generate PTS: true
[ 1471.509745][T23729] vivid-007: Generate SCR: true
[ 1471.514668][T23729] tpg source WxH: 320x240 (Y'CbCr)
[ 1471.583889][T23729] tpg field: 1
[ 1471.594020][T23729] tpg crop: (0,0)/320x240
[ 1471.634018][T23650] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1471.665995][T23650] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1471.683734][T23729] tpg compose: (0,0)/320x240
[ 1471.726112][T23729] tpg colorspace: 8
[ 1471.730074][T23729] tpg transfer function: 0/0
[ 1471.777610][T23729] tpg Y'CbCr encoding: 0/0
[ 1471.782108][T23729] tpg quantization: 0/0
[ 1471.797711][T23650] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1471.853444][T23729] tpg RGB range: 0/2
[ 1471.908813][T23650] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1471.916133][T23729] vivid-007: ==================  END STATUS  ==================
[ 1472.519466][T23733] can: request_module (can-proto-3) failed.
[ 1472.636894][T23749] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3019'.
[ 1472.713639][T23650] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1472.819282][T23650] 8021q: adding VLAN 0 to HW filter on device team0
[ 1472.911013][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1472.918228][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1473.060134][T15715] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1473.067350][T15715] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1473.336033][T22464] Bluetooth: hci3: command tx timeout
[ 1473.944462][T23763] vivid-007: =================  START STATUS  =================
[ 1473.998180][T23763] vivid-007: Generate PTS: true
[ 1474.010400][T23763] vivid-007: Generate SCR: true
[ 1474.041888][T23763] tpg source WxH: 320x240 (Y'CbCr)
[ 1474.074261][T23763] tpg field: 1
[ 1474.081144][T23763] tpg crop: (0,0)/320x240
[ 1474.145580][T23763] tpg compose: (0,0)/320x240
[ 1474.162573][T23763] tpg colorspace: 8
[ 1474.168645][T23763] tpg transfer function: 0/0
[ 1474.175625][T23763] tpg Y'CbCr encoding: 0/0
[ 1474.185543][T23763] tpg quantization: 0/0
[ 1474.224130][T23763] tpg RGB range: 0/2
[ 1474.274325][T23763] vivid-007: ==================  END STATUS  ==================
[ 1475.167517][T23766] can: request_module (can-proto-3) failed.
[ 1475.313933][T23650] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1476.501328][T23650] veth0_vlan: entered promiscuous mode
[ 1476.580262][T23650] veth1_vlan: entered promiscuous mode
[ 1476.810235][T23650] veth0_macvtap: entered promiscuous mode
[ 1476.885124][T23650] veth1_macvtap: entered promiscuous mode
[ 1476.979424][T23650] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1477.007776][T23802] : Can't lookup blockdev
[ 1477.105438][T23650] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1477.216019][   T49] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.235729][   T49] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.317708][   T49] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.395004][   T49] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1477.769777][T23808] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3030'.
[ 1477.869192][T15714] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1477.903859][T15714] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1478.081256][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1478.136704][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1478.590119][T23820] FAULT_INJECTION: forcing a failure.
[ 1478.590119][T23820] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1478.640449][T23820] CPU: 1 UID: 0 PID: 23820 Comm: syz.1.3034 Not tainted syzkaller #0 PREEMPT(full) 
[ 1478.640502][T23820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1478.640520][T23820] Call Trace:
[ 1478.640530][T23820]  <TASK>
[ 1478.640542][T23820]  dump_stack_lvl+0x16c/0x1f0
[ 1478.640588][T23820]  should_fail_ex+0x512/0x640
[ 1478.640639][T23820]  _copy_to_user+0x32/0xd0
[ 1478.640672][T23820]  simple_read_from_buffer+0xcb/0x170
[ 1478.640703][T23820]  proc_fail_nth_read+0x197/0x240
[ 1478.640730][T23820]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1478.640763][T23820]  ? rw_verify_area+0xcf/0x6c0
[ 1478.640786][T23820]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1478.640811][T23820]  vfs_read+0x1e4/0xcf0
[ 1478.640841][T23820]  ? __pfx___mutex_lock+0x10/0x10
[ 1478.640874][T23820]  ? __pfx_vfs_read+0x10/0x10
[ 1478.640907][T23820]  ? __fget_files+0x20e/0x3c0
[ 1478.640942][T23820]  ksys_read+0x12a/0x250
[ 1478.640967][T23820]  ? __pfx_ksys_read+0x10/0x10
[ 1478.641002][T23820]  do_syscall_64+0xcd/0x490
[ 1478.641036][T23820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1478.641060][T23820] RIP: 0033:0x7f645398d5fc
[ 1478.641077][T23820] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1478.641099][T23820] RSP: 002b:00007f64548bd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1478.641121][T23820] RAX: ffffffffffffffda RBX: 00007f6453bb6090 RCX: 00007f645398d5fc
[ 1478.641136][T23820] RDX: 000000000000000f RSI: 00007f64548bd0a0 RDI: 0000000000000003
[ 1478.641150][T23820] RBP: 00007f64548bd090 R08: 0000000000000000 R09: 0000000000000002
[ 1478.641164][T23820] R10: 0000200000001140 R11: 0000000000000246 R12: 0000000000000001
[ 1478.641178][T23820] R13: 00007f6453bb6128 R14: 00007f6453bb6090 R15: 00007ffe2fcf84d8
[ 1478.641211][T23820]  </TASK>
[ 1479.810590][T23836] synth uevent: /devices/virtual/tty/ptyc1: unknown uevent action string
[ 1479.939704][T23836] tty ptyc1: uevent: failed to send synthetic uevent: -22
[ 1480.111551][T23836] perf: Dynamic interrupt throttling disabled, can hang your system!
[ 1481.650822][T23866] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3042'.
[ 1484.331977][T23887] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078001dc0 pfn:0x78001
[ 1484.430948][T23892] vivid-007: =================  START STATUS  =================
[ 1484.455679][T23887] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1484.462904][T23887] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[ 1484.468126][T23892] vivid-007: Generate PTS: true
[ 1484.502591][T23892] vivid-007: Generate SCR: true
[ 1484.559900][T23892] tpg source WxH: 320x240 (Y'CbCr)
[ 1484.585654][T23887] raw: ffff888078001dc0 0000000000000000 00000001ffffffff 0000000000000000
[ 1484.606776][T23892] tpg field: 1
[ 1484.614609][T23887] page dumped because: unmovable page
[ 1484.632048][T23887] page_owner tracks the page as allocated
[ 1484.644963][T23892] tpg crop: (0,0)/320x240
[ 1484.665593][T23892] tpg compose: (0,0)/320x240
[ 1484.675631][T23887] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 7822, tgid 7822 (syz.0.276), ts 250171283058, free_ts 250046813281
[ 1484.718193][T23892] tpg colorspace: 8
[ 1484.722074][T23892] tpg transfer function: 0/0
[ 1484.755646][T23887]  post_alloc_hook+0x1c0/0x230
[ 1484.785703][T23887]  get_page_from_freelist+0x132b/0x38e0
[ 1484.805703][T23887]  __alloc_frozen_pages_noprof+0x261/0x23f0
[ 1484.811809][T23892] tpg Y'CbCr encoding: 0/0
[ 1484.816427][T23887]  alloc_pages_bulk_noprof+0x71c/0x1410
[ 1484.822099][T23892] tpg quantization: 0/0
[ 1484.832091][T23892] tpg RGB range: 0/2
[ 1484.836616][T23887]  kasan_populate_vmalloc+0xf1/0x1f0
[ 1484.847940][T23887]  alloc_vmap_area+0x959/0x29c0
[ 1484.852942][T23892] vivid-007: ==================  END STATUS  ==================
[ 1484.867062][T23887]  __get_vm_area_node+0x1ca/0x330
[ 1484.875682][T23887]  __vmalloc_node_range_noprof+0x271/0x14b0
[ 1484.885632][T23887]  __vmalloc_node_noprof+0xad/0xf0
[ 1484.890831][T23887]  copy_process+0x2c70/0x7690
[ 1484.895811][T23887]  kernel_clone+0xfc/0x930
[ 1484.900297][T23887]  __do_sys_clone3+0x212/0x290
[ 1484.906411][T23887]  do_syscall_64+0xcd/0x490
[ 1484.911011][T23887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1484.917229][T23887] page last free pid 23 tgid 23 stack trace:
[ 1484.923263][T23887]  __free_frozen_pages+0x7d5/0x10f0
[ 1484.928715][T23887]  tlb_remove_table_rcu+0x116/0x1a0
[ 1484.933970][T23887]  rcu_core+0x799/0x1530
[ 1484.938841][T23887]  handle_softirqs+0x219/0x8e0
[ 1484.943662][T23887]  run_ksoftirqd+0x3a/0x60
[ 1484.948153][T23887]  smpboot_thread_fn+0x3f7/0xae0
[ 1484.955626][T23887]  kthread+0x3c5/0x780
[ 1484.960478][T23887]  ret_from_fork+0x5d4/0x6f0
[ 1484.965243][T23887]  ret_from_fork_asm+0x1a/0x30
[ 1485.690951][T23897] can: request_module (can-proto-3) failed.
[ 1492.749818][T23986] vivid-007: =================  START STATUS  =================
[ 1492.811520][T23986] vivid-007: Generate PTS: true
[ 1492.889390][T23986] vivid-007: Generate SCR: true
[ 1492.906925][T23986] tpg source WxH: 320x240 (Y'CbCr)
[ 1492.957314][T23986] tpg field: 1
[ 1492.960740][T23986] tpg crop: (0,0)/320x240
[ 1492.965080][T23986] tpg compose: (0,0)/320x240
[ 1493.025522][T23986] tpg colorspace: 8
[ 1493.070303][T23986] tpg transfer function: 0/0
[ 1493.078206][T23986] tpg Y'CbCr encoding: 0/0
[ 1493.104073][T23986] tpg quantization: 0/0
[ 1493.113738][T23986] tpg RGB range: 0/2
[ 1493.135786][T23986] vivid-007: ==================  END STATUS  ==================
[ 1493.614772][T23990] can: request_module (can-proto-3) failed.
[ 1494.942602][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 1494.949013][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 1497.134472][T24036] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3079'.
[ 1498.359531][T24047] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1498.575657][T24047] CIFS mount error: No usable UNC path provided in device string!
[ 1498.575657][T24047] 
[ 1498.733698][T24047] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1502.910205][T24107] vivid-007: =================  START STATUS  =================
[ 1502.966204][T24107] vivid-007: Generate PTS: true
[ 1502.975796][T24107] vivid-007: Generate SCR: true
[ 1503.023174][T24107] tpg source WxH: 320x240 (Y'CbCr)
[ 1503.051579][T24107] tpg field: 1
[ 1503.055007][T24107] tpg crop: (0,0)/320x240
[ 1503.095866][T24107] tpg compose: (0,0)/320x240
[ 1503.100549][T24107] tpg colorspace: 8
[ 1503.135646][T24107] tpg transfer function: 0/0
[ 1503.156334][T24107] tpg Y'CbCr encoding: 0/0
[ 1503.206041][T24107] tpg quantization: 0/0
[ 1503.210283][T24107] tpg RGB range: 0/2
[ 1503.275827][T24107] vivid-007: ==================  END STATUS  ==================
[ 1503.855671][T24107] can: request_module (can-proto-3) failed.
[ 1505.683305][T24147] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3103'.
[ 1508.392370][T24169] vivid-007: =================  START STATUS  =================
[ 1508.400186][T24169] vivid-007: Generate PTS: true
[ 1508.405077][T24169] vivid-007: Generate SCR: true
[ 1508.415494][T24169] tpg source WxH: 320x240 (Y'CbCr)
[ 1508.425644][T24169] tpg field: 1
[ 1508.475366][T24169] tpg crop: (0,0)/320x240
[ 1508.486534][T24169] tpg compose: (0,0)/320x240
[ 1508.518481][T24169] tpg colorspace: 8
[ 1508.555672][T24169] tpg transfer function: 0/0
[ 1508.560763][T24169] tpg Y'CbCr encoding: 0/0
[ 1508.599948][T24169] tpg quantization: 0/0
[ 1508.631219][T24169] tpg RGB range: 0/2
[ 1508.662909][T24169] vivid-007: ==================  END STATUS  ==================
[ 1509.133616][T24169] can: request_module (can-proto-3) failed.
[ 1509.671682][T24185] vivid-007: =================  START STATUS  =================
[ 1509.703187][T24185] vivid-007: Generate PTS: true
[ 1509.760902][T24185] vivid-007: Generate SCR: true
[ 1509.775777][T24185] tpg source WxH: 320x240 (Y'CbCr)
[ 1509.781013][T24185] tpg field: 1
[ 1509.784399][T24185] tpg crop: (0,0)/320x240
[ 1509.805914][T24185] tpg compose: (0,0)/320x240
[ 1509.816175][T24185] tpg colorspace: 8
[ 1509.820844][T24185] tpg transfer function: 0/0
[ 1509.826385][T24185] tpg Y'CbCr encoding: 0/0
[ 1509.876831][T24185] tpg quantization: 0/0
[ 1509.902194][T24185] tpg RGB range: 0/2
[ 1510.021690][T24185] vivid-007: ==================  END STATUS  ==================
[ 1510.306640][T24186] can: request_module (can-proto-3) failed.
[ 1511.966081][T24206] HfR: entered promiscuous mode
[ 1512.668590][T24226] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3120'.
[ 1512.732199][T24230] cougar: G6 mapped to space
[ 1513.268878][T24226] bond0: (slave bond_slave_1): Releasing backup interface
[ 1513.925710][T24246] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1514.642697][T24254] netlink: 13832 bytes leftover after parsing attributes in process `syz.3.3128'.
[ 1514.921409][T24252] FAULT_INJECTION: forcing a failure.
[ 1514.921409][T24252] name failslab, interval 1, probability 0, space 0, times 0
[ 1514.963065][T24252] CPU: 1 UID: 0 PID: 24252 Comm: syz.5.3127 Not tainted syzkaller #0 PREEMPT(full) 
[ 1514.963113][T24252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1514.963134][T24252] Call Trace:
[ 1514.963146][T24252]  <TASK>
[ 1514.963159][T24252]  dump_stack_lvl+0x16c/0x1f0
[ 1514.963210][T24252]  should_fail_ex+0x512/0x640
[ 1514.963256][T24252]  ? fs_reclaim_acquire+0xae/0x150
[ 1514.963309][T24252]  ? mempool_init_node+0x305/0x6e0
[ 1514.963360][T24252]  should_failslab+0xc2/0x120
[ 1514.963405][T24252]  __kmalloc_noprof+0xd2/0x510
[ 1514.963445][T24252]  ? lockdep_init_map_type+0x11/0x280
[ 1514.963490][T24252]  ? mempool_init_node+0x11f/0x6e0
[ 1514.963539][T24252]  ? __init_waitqueue_head+0xca/0x150
[ 1514.963596][T24252]  ? __pfx_mempool_kmalloc+0x10/0x10
[ 1514.963651][T24252]  mempool_init_node+0x305/0x6e0
[ 1514.963715][T24252]  ? __pfx_mempool_kmalloc+0x10/0x10
[ 1514.963763][T24252]  ? __pfx_mempool_kfree+0x10/0x10
[ 1514.963811][T24252]  mempool_init_noprof+0x3a/0x50
[ 1514.963872][T24252]  do_fanotify_mark+0x2db2/0x3600
[ 1514.963947][T24252]  ? __pfx_do_fanotify_mark+0x10/0x10
[ 1514.964005][T24252]  ? __x64_sys_futex+0x1e9/0x4c0
[ 1514.964057][T24252]  ? xfd_validate_state+0x61/0x180
[ 1514.964105][T24252]  ? __pfx_ksys_write+0x10/0x10
[ 1514.964153][T24252]  __x64_sys_fanotify_mark+0xbd/0x160
[ 1514.964207][T24252]  ? do_syscall_64+0x91/0x490
[ 1514.964251][T24252]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1514.964293][T24252]  do_syscall_64+0xcd/0x490
[ 1514.964341][T24252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1514.964377][T24252] RIP: 0033:0x7f423f58ebe9
[ 1514.964404][T24252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1514.964437][T24252] RSP: 002b:00007f4240316038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d
[ 1514.964469][T24252] RAX: ffffffffffffffda RBX: 00007f423f7b5fa0 RCX: 00007f423f58ebe9
[ 1514.964492][T24252] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000
[ 1514.964512][T24252] RBP: 00007f423f611e19 R08: 0000000000000000 R09: 0000000000000000
[ 1514.964533][T24252] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[ 1514.964554][T24252] R13: 00007f423f7b6038 R14: 00007f423f7b5fa0 R15: 00007ffd5f365a88
[ 1514.964598][T24252]  </TASK>
[ 1516.037566][T24265] random: crng reseeded on system resumption
[ 1518.309241][T24301] can: request_module (can-proto-0) failed.
[ 1519.591492][T24315] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3139'.
[ 1520.226084][T24322] vivid-007: =================  START STATUS  =================
[ 1520.315710][T24322] vivid-007: Generate PTS: true
[ 1520.320628][T24322] vivid-007: Generate SCR: true
[ 1520.326335][T24322] tpg source WxH: 320x240 (Y'CbCr)
[ 1520.371334][T24322] tpg field: 1
[ 1520.375605][T24322] tpg crop: (0,0)/320x240
[ 1520.406751][T24322] tpg compose: (0,0)/320x240
[ 1520.429278][T24322] tpg colorspace: 8
[ 1520.466053][T24322] tpg transfer function: 0/0
[ 1520.470691][T24322] tpg Y'CbCr encoding: 0/0
[ 1520.475111][T24322] tpg quantization: 0/0
[ 1520.531050][T24322] tpg RGB range: 0/2
[ 1520.535024][T24322] vivid-007: ==================  END STATUS  ==================
[ 1520.987665][T24322] can: request_module (can-proto-3) failed.
[ 1521.413942][T24338] vivid-007: =================  START STATUS  =================
[ 1521.486155][T24338] vivid-007: Generate PTS: true
[ 1521.525635][T24338] vivid-007: Generate SCR: true
[ 1521.551936][T24338] tpg source WxH: 320x240 (Y'CbCr)
[ 1521.588157][T24338] tpg field: 1
[ 1521.598274][T24338] tpg crop: (0,0)/320x240
[ 1521.620253][T24338] tpg compose: (0,0)/320x240
[ 1521.624890][T24338] tpg colorspace: 8
[ 1521.649153][T24338] tpg transfer function: 0/0
[ 1521.691307][T24338] tpg Y'CbCr encoding: 0/0
[ 1521.774245][T24338] tpg quantization: 0/0
[ 1521.805727][T24338] tpg RGB range: 0/2
[ 1521.816014][T24338] vivid-007: ==================  END STATUS  ==================
[ 1521.957551][T24347] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3144'.
[ 1522.318677][T24341] can: request_module (can-proto-3) failed.
[ 1522.759391][T24365] netlink: 'syz.1.3149': attribute type 1 has an invalid length.
[ 1523.449260][T24378] : Can't lookup blockdev
[ 1524.329498][T24393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3155'.
[ 1525.947315][T24427] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[ 1525.982081][T24430] vivid-007: =================  START STATUS  =================
[ 1526.048755][T24430] vivid-007: Generate PTS: true
[ 1526.081021][T24430] vivid-007: Generate SCR: true
[ 1526.100823][T24430] tpg source WxH: 320x240 (Y'CbCr)
[ 1526.133471][T24430] tpg field: 1
[ 1526.147218][T24430] tpg crop: (0,0)/320x240
[ 1526.207406][T24430] tpg compose: (0,0)/320x240
[ 1526.212070][T24430] tpg colorspace: 8
[ 1526.220926][T24430] tpg transfer function: 0/0
[ 1526.230662][T24430] tpg Y'CbCr encoding: 0/0
[ 1526.235141][T24430] tpg quantization: 0/0
[ 1526.242631][T24430] tpg RGB range: 0/2
[ 1526.247173][T24430] vivid-007: ==================  END STATUS  ==================
[ 1526.738327][T24430] can: request_module (can-proto-3) failed.
[ 1529.379331][T24482] : Can't lookup blockdev
[ 1531.634441][T24512] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3183'.
[ 1533.716489][T24541] : Can't lookup blockdev
[ 1534.206403][T24553] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3192'.
[ 1535.709282][T24575] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[ 1536.536609][T24588] netlink: 'syz.4.3201': attribute type 1 has an invalid length.
[ 1538.952130][T24607] vivid-007: =================  START STATUS  =================
[ 1538.977326][T24607] vivid-007: Generate PTS: true
[ 1539.002174][T24607] vivid-007: Generate SCR: true
[ 1539.058557][T24607] tpg source WxH: 320x240 (Y'CbCr)
[ 1539.105079][T24607] tpg field: 1
[ 1539.112047][T24607] tpg crop: (0,0)/320x240
[ 1539.120671][T24607] tpg compose: (0,0)/320x240
[ 1539.221875][T24607] tpg colorspace: 8
[ 1539.270583][T24607] tpg transfer function: 0/0
[ 1539.290543][T24607] tpg Y'CbCr encoding: 0/0
[ 1539.307685][T24607] tpg quantization: 0/0
[ 1539.326278][T24607] tpg RGB range: 0/2
[ 1539.332363][T24607] vivid-007: ==================  END STATUS  ==================
[ 1539.774794][T24607] can: request_module (can-proto-3) failed.
[ 1540.458136][T24629] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3208'.
[ 1541.118734][T24631] ------------[ cut here ]------------
[ 1541.124394][T24631] WARNING: CPU: 0 PID: 24631 at kernel/trace/trace.c:8594 tracing_buffers_mmap_close+0xdd/0x130
[ 1541.136402][T24631] Modules linked in:
[ 1541.140788][T24631] CPU: 0 UID: 0 PID: 24631 Comm: syz.4.3209 Not tainted syzkaller #0 PREEMPT(full) 
[ 1541.151552][T24631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1541.162610][T24631] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130
[ 1541.169822][T24631] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 81 bd 60 00 eb 87 e8 aa
[ 1541.193287][T24631] RSP: 0018:ffffc9000450fbb8 EFLAGS: 00010293
[ 1541.201058][T24631] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfaae9
[ 1541.210426][T24631] RDX: ffff888027203c00 RSI: ffffffff81bfaafc RDI: 0000000000000005
[ 1541.219316][T24631] RBP: ffffffff81bfaa20 R08: 0000000000000005 R09: 0000000000000000
[ 1541.227966][T24631] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88805faccb88
[ 1541.236782][T24631] R13: dffffc0000000000 R14: ffffc9000450fc50 R15: 0000000000000000
[ 1541.247037][T24631] FS:  0000000000000000(0000) GS:ffff8881246c3000(0000) knlGS:0000000000000000
[ 1541.257550][T24631] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1541.264607][T24631] CR2: 0000001b32bf8ff8 CR3: 000000003f7dc000 CR4: 00000000003526f0
[ 1541.274207][T24631] Call Trace:
[ 1541.278576][T24631]  <TASK>
[ 1541.281620][T24631]  remove_vma+0x88/0x160
[ 1541.286921][T24631]  exit_mmap+0x511/0xb90
[ 1541.291497][T24631]  ? __pfx_exit_mmap+0x10/0x10
[ 1541.296757][T24631]  ? __lock_acquire+0xb97/0x1ce0
[ 1541.302123][T24631]  __mmput+0x12a/0x410
[ 1541.306814][T24631]  mmput+0x62/0x70
[ 1541.311550][T24631]  do_exit+0x7c7/0x2bf0
[ 1541.316291][T24631]  ? __pfx_do_exit+0x10/0x10
[ 1541.321545][T24631]  ? preempt_schedule_thunk+0x16/0x30
[ 1541.327241][T24631]  do_group_exit+0xd3/0x2a0
[ 1541.332380][T24631]  __x64_sys_exit_group+0x3e/0x50
[ 1541.338734][T24631]  x64_sys_call+0x14fa/0x1720
[ 1541.343902][T24631]  do_syscall_64+0xcd/0x490
[ 1541.349125][T24631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1541.356002][T24631] RIP: 0033:0x7ff87998ebe9
[ 1541.360663][T24631] Code: Unable to access opcode bytes at 0x7ff87998ebbf.
[ 1541.367989][T24631] RSP: 002b:00007ffee34bcc18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1541.377096][T24631] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff87998ebe9
[ 1541.387137][T24631] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 1541.396423][T24631] RBP: 00007ffee34bcc7c R08: 0000001ee34bcd0f R09: 00000000000927c0
[ 1541.405519][T24631] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000016e
[ 1541.413998][T24631] R13: 00000000000927c0 R14: 0000000000178087 R15: 00007ffee34bccd0
[ 1541.423811][T24631]  </TASK>
[ 1541.427117][T24631] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1541.434869][T24631] CPU: 0 UID: 0 PID: 24631 Comm: syz.4.3209 Not tainted syzkaller #0 PREEMPT(full) 
[ 1541.444656][T24631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1541.454918][T24631] Call Trace:
[ 1541.458248][T24631]  <TASK>
[ 1541.461297][T24631]  dump_stack_lvl+0x3d/0x1f0
[ 1541.466570][T24631]  vpanic+0x6e8/0x7a0
[ 1541.470793][T24631]  ? __pfx_vpanic+0x10/0x10
[ 1541.475659][T24631]  ? tracing_buffers_mmap_close+0xdd/0x130
[ 1541.481766][T24631]  panic+0xca/0xd0
[ 1541.485639][T24631]  ? __pfx_panic+0x10/0x10
[ 1541.490388][T24631]  ? check_panic_on_warn+0x1f/0xb0
[ 1541.495751][T24631]  check_panic_on_warn+0xab/0xb0
[ 1541.501200][T24631]  __warn+0xf6/0x3c0
[ 1541.505245][T24631]  ? tracing_buffers_mmap_close+0xdd/0x130
[ 1541.512366][T24631]  report_bug+0x3c3/0x580
[ 1541.516842][T24631]  ? tracing_buffers_mmap_close+0xdd/0x130
[ 1541.523558][T24631]  handle_bug+0x184/0x210
[ 1541.528815][T24631]  exc_invalid_op+0x17/0x50
[ 1541.534290][T24631]  asm_exc_invalid_op+0x1a/0x20
[ 1541.540043][T24631] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130
[ 1541.548045][T24631] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 81 bd 60 00 eb 87 e8 aa
[ 1541.571448][T24631] RSP: 0018:ffffc9000450fbb8 EFLAGS: 00010293
[ 1541.577905][T24631] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfaae9
[ 1541.587051][T24631] RDX: ffff888027203c00 RSI: ffffffff81bfaafc RDI: 0000000000000005
[ 1541.596266][T24631] RBP: ffffffff81bfaa20 R08: 0000000000000005 R09: 0000000000000000
[ 1541.605233][T24631] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88805faccb88
[ 1541.614815][T24631] R13: dffffc0000000000 R14: ffffc9000450fc50 R15: 0000000000000000
[ 1541.623553][T24631]  ? __pfx_tracing_buffers_mmap_close+0x10/0x10
[ 1541.630497][T24631]  ? tracing_buffers_mmap_close+0xc9/0x130
[ 1541.637205][T24631]  ? tracing_buffers_mmap_close+0xdc/0x130
[ 1541.644984][T24631]  ? tracing_buffers_mmap_close+0xdc/0x130
[ 1541.651827][T24631]  remove_vma+0x88/0x160
[ 1541.656307][T24631]  exit_mmap+0x511/0xb90
[ 1541.660722][T24631]  ? __pfx_exit_mmap+0x10/0x10
[ 1541.666366][T24631]  ? __lock_acquire+0xb97/0x1ce0
[ 1541.671767][T24631]  __mmput+0x12a/0x410
[ 1541.675986][T24631]  mmput+0x62/0x70
[ 1541.679818][T24631]  do_exit+0x7c7/0x2bf0
[ 1541.684332][T24631]  ? __pfx_do_exit+0x10/0x10
[ 1541.689400][T24631]  ? preempt_schedule_thunk+0x16/0x30
[ 1541.695554][T24631]  do_group_exit+0xd3/0x2a0
[ 1541.701932][T24631]  __x64_sys_exit_group+0x3e/0x50
[ 1541.707631][T24631]  x64_sys_call+0x14fa/0x1720
[ 1541.712580][T24631]  do_syscall_64+0xcd/0x490
[ 1541.717864][T24631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1541.724893][T24631] RIP: 0033:0x7ff87998ebe9
[ 1541.729537][T24631] Code: Unable to access opcode bytes at 0x7ff87998ebbf.
[ 1541.738449][T24631] RSP: 002b:00007ffee34bcc18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1541.748983][T24631] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff87998ebe9
[ 1541.757192][T24631] RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
[ 1541.765976][T24631] RBP: 00007ffee34bcc7c R08: 0000001ee34bcd0f R09: 00000000000927c0
[ 1541.774470][T24631] R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000016e
[ 1541.782571][T24631] R13: 00000000000927c0 R14: 0000000000178087 R15: 00007ffee34bccd0
[ 1541.790786][T24631]  </TASK>
[ 1541.794317][T24631] Kernel Offset: disabled
[ 1541.798737][T24631] Rebooting in 86400 seconds..