last executing test programs:

20.335552858s ago: executing program 1 (id=552):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0) (async)
r0 = socket(0x2, 0x1, 0x0)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async)
r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) (async)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
readv$auto(r1, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1000, 0x1c9}, 0x2, 0x7) (async)
poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1000, 0x1c9}, 0x2, 0x7)
io_uring_setup$auto(0x6, 0x0)
set_mempolicy$auto(0x1, &(0x7f00000000c0)=0x6, 0x21)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x1, 0x0) (async)
io_uring_setup$auto(0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) (async)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
lseek$auto(0x3, 0x2, 0x4)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@phonet={0x23, 0x5, 0x9, 0x1}, 0x6a) (async)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@phonet={0x23, 0x5, 0x9, 0x1}, 0x6a)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) (async)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
r2 = socket(0x10, 0x2, 0x0)
recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x8}, 0x400}, 0x7, 0x7, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x710f}, 0xa)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x80000007, 0x20020000)
write$auto(0x3, 0x0, 0x7fffffff)
setsockopt$auto(0x3, 0x6, 0x13, 0x0, 0xfb1)
io_uring_setup$auto(0x1, 0x0)
prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0)
openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000100), 0x401, 0x0) (async)
r3 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000100), 0x401, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)

19.207170872s ago: executing program 1 (id=556):
mmap$auto(0x0, 0x4, 0x61, 0x80000010, 0xffffffffffffffff, 0x5) (async)
mmap$auto(0x0, 0x2, 0xedf, 0x1810, 0xffffffffffffffff, 0x3) (async)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) (async)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async)
execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) (async, rerun: 32)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (rerun: 32)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
adjtimex$auto(0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) (async, rerun: 64)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/drvctl\x00', 0x28001, 0x0) (rerun: 64)
write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)='\r', 0x1)
r1 = socket(0xa, 0x1, 0x84) (async)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
io_uring_setup$auto(0x6, 0x0) (async)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) (async, rerun: 32)
getsockopt$auto(r1, 0x84, 0x16, 0x0, 0x0) (async, rerun: 32)
r2 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0)
ioctl$auto_I2C_SMBUS(r2, 0x720, 0xfffffffffffffffe) (async)
r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0xc0403d11, 0x0) (async)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/power/level\x00', 0x2881, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)="c9ae9b661c", 0x5) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x5, 0x3, 0x14, r3, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)

18.806320669s ago: executing program 1 (id=559):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptya1\x00', 0x20080, 0x0)
openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'team_slave_0\x00', <r3=>0x0})
clock_getres$auto(0x2, 0x0)
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x3, 0x24, 0xf, 0x63, 0x400, 0x0, 0xffffffffffffffff, 0x80f0c8, 0x20, "38c1d5cbcb9f6b5e511f0cd8ed068f65", r3, 0x5, <r4=>0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x4, 0x8, 0x0, 0x3, @attach_prog_fd, 0x4, 0xffff, 0x8, 0x4}, 0x47)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5)
sendmsg$auto_NL802154_CMD_SET_PAN_ID(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r7 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="ff55ffff", @ANYRES16=r6, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00657d23001ba134a0fc5ed0c2886fa9132dcd3756b5d94db1d50bffa1e1d50d77e0cd7ce64aa666698eee59451c4b6c3d01004ba515283c9fad17419599e1849b4244bae2729281a837daa35178e2e56805023671fa338116152ab7751411684fddada529e0c6adbc0b6cb906fe2161a8f07f75557603c0921aa0516e3e27442700e290ed91967e427241dfab985cce659df334fbfd05d3ba172447ea9e62b857bd5af327a2a383b88412e8f342a2ba2c724959e2136a653bbcce617afb3af8a2cb981194db4be5e0d0d7576237cfed7b5fb7afb03bb4920c74110b91a3b1e23f743f81af9c308c6d4bc8b8dcce2a", @ANYRES32=r7, @ANYRES64=r4], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_WIPHY(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004)
sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f00000002c0)={&(0x7f0000000040), 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x50, r6, 0x200, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_WME={0x2c, 0x81, 0x0, 0x1, [@NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x2}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x7}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0xeb}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x5}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x6}]}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x7}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x50}}, 0x4407c)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r8 = mq_open$auto(&(0x7f00000006c0)='\xfe4\xd7\x1f\xefo\"lw\x17\xbb\xb9ugN\x17\x01\x1e%\x84\x93BQR]\xcc\tQD=\xf5\xa4\x16]\x9e\b\x8bz\x9d*8\xb0\xd6?\xf6\xf3K2\xaf=e&\xf2\f\xda\xf9\x16\xa4\x95n\x7f\x1cJ*\x13\x0e\x85\t4y\xacW\xa0\x90\xdd\r\xe6\xaex;\xbe\x96E\xcanq=\x10\xd7\xf9~\r\x11\x87\x06\x9a\f>\x12\xa0\xa5\xf1\xaa\xbb_\xcd\x97\xdb(d\xa2\x82:\x98\x01z\xd7\xd4\xa8-bZ\xf6\x01\xaax\xa4\x18\xb0\xc3\x8aH\x1c\x96\x90u\xa3\xa7;<3\v\xf4]\xda\x91\xb3\x97\xb5\x8dq[\xbe\x84v\xff|\xf9{\xa6\xdd\xac7\xd9\x96\xf0\xad\xec\x92g\xd3<\x987\xb37\xb1\xa48\x16Ej\xcb\xbd\x89P\x8b{[\xa0tcVH\xc6\xa7\xf4>\x01\xebvB\xbf]Q4\x98%\x83\xdd\xdc\xb8\xcfy`\xf1RZQ}\xe4\xae\x8co\xdd\xbe\xe6\xc5\xf1\xd3\x882\xac>\x94\x10\x9b2\x18o\x1d*4\xc6Z\xe17\xfa\xcc\xcfA$jo\x03B\xa3ks7\x9c\xb3\x183\xfcy\xfb\x87\xc7)dZWi\xbas\xfb{B\xdf\xb1\xe0\n\xe4\x10\xe7\xd1\xa3LE\x93\xa1\x03\x1b\xcd\xb7\xa6\x04wj\xa1\xde\xae\x8eS^\x18\xafgmy\x95R.\x9f4\xc6\'\xd4U}\xdd\xe6\xac\t\xa4\x13F\xdf\x05{G\x93\x8a\xfc)\xd3\xb8\xcf\xcf\n\xe5}&\x9dzz\x94Z\xa7q*\x97Jwt\x06\xfc\r\x119|\f\aW\xb8[\'^dP\xde\x15\xd7\x00\xe1m\xcc\x99M\xc4\xdf&\xcc\x157Q\x14\xb9YDp\xa6\x15\xd8t<\xf9LP', 0x7e, 0x9, 0x0)
mq_notify$auto(r8, &(0x7f0000000180)={@sival_ptr=0x0, @inferred=r8, 0x0, @_sigev_thread={0x0, 0x0}})
r9 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)
mq_timedsend$auto(r9, 0x0, 0x2, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(r5, &(0x7f00000008c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000880)={&(0x7f0000000540)={0xe0, r6, 0x0, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_MBSSID_ELEMS={0xbb, 0x133, 0x0, 0x1, [@generic="9b30bb1fa468a50d3b7c0713e898f804d3d15dbe9617dfb90e196baeb00d4e54c3ec9c87c1ca11188bc6433e33a83b026ea85439cb27b269df6ea87906a2e2682810a9bae4ca242781d99d666bdd04d2bdb978de17908ce47ad4df714ba3893100f2a83ef2765d94e256efe2e272a9904f1bddb9c6585ada1b8bc149fcfccfb9c667efcb7b400fb0b8acc38c98f68f63323b295eefb36fe8051595f5bf670c5bd5949b566d571c8a59b3c45baf145586f2b65af1467e19"]}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0xb}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4040}, 0xc080)
ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x802c542a, 0x0)

18.13280541s ago: executing program 1 (id=562):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x1, 0xd, 0xfffffffffffffffb, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
r1 = memfd_secret$auto(0x1)
close_range$auto(r1, r0, 0xffffffff)
openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/setgroups\x00', 0x149002, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0xffffffffffffffff, 0x80000017, r1, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r3 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000630000000000007eb79e2892a3998a2b89cf92c25ec94ea398440000000044508530c159143b37f13ebc454ef8b3cf40ef54719def7fe30edb83250600e57accfe7b5446875e3c382852fcee0639592a9afe5354302caee9b2574655416d89b5249631a8909f545e25fa481b33686f00cdffb23d3f61c4452cb500c71303d9c77dd2cf60d7d49c08e432f7fa4a782631377bb8e19c18cb868b897063b149f18c75b4652824be0000000000000000000000000000004655110cda19f2f7bc09a84ba8d63fbd072f268d170c7199bb2683327387428f64bfb21355012b715ce4371913", @ANYRES16=r3, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_ptr=0x0, @inferred, 0x0, @_sigev_thread={0x0, 0x0}})
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)

16.695845652s ago: executing program 1 (id=565):
write$auto(0x3, 0x0, 0x100082)
r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL80211_CMD_SET_STATION(0xffffffffffffffff, 0x0, 0x2000c040)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(0xffffffffffffffff, 0x0, 0x44044093)
socket(0x11, 0x80003, 0x300)
r1 = socket(0x11, 0x80003, 0x300)
sendto$auto(r1, 0x0, 0x13, 0x2, 0x0, 0x1e)
write$auto(r0, 0x0, 0xfffffdf1)
linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
fsetxattr$auto(r1, &(0x7f0000000140)='?\xb6\xd0\x13\xcc0kb\x02\x8e\xec\x13\x89\xb0\x04\xc7\xf6\xe3\x1f\xd7C\x97X9\xf8C\x12\\\xb2\xec\xa1\xa2\a{]r\xec?LU\x8c\xc1\xb4\xc4\x04\xaf\xa3\xc5]\xc9\xb1\x0e\xc78\x89\x80(\xe6-N\xc7\xc7\xbfQcZ\xe8H\f\xd7p\x9c\x9e\xa2\xea\xe9\xfbu\xfc\xfd\xa9dpT|\x88\xf6\x04\x95\xcekd\x1c5\xe5\x95\x1c\x13\xce\x1bP\xf9\xa8\xfb\xecj\xa6K\xb9\xc32\x9f,\x1a\b\x0e@\xf59?\x8fC\xee`&H\x0e*}%\x1a\xaa\xf6/8\x8b\xa5\xb5\'\xe9g\nR\xc0\xca\x8d\xba\x88}\x14Z\xe9\xd2\xe8o\x141\x96\x8f+m\xd4\xbe:\xc6\x93\x1b\xa0:?\xc66K\xf9/+\xbc\xa7_u', 0x0, 0x7bf, 0xfe48)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x0, 0x25, 0x0, 0xc)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)

16.196497425s ago: executing program 1 (id=567):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x80) (async)
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r2, 0x0, 0x400018)
mknod$auto(0x0, 0x1081, 0x3)
creat$auto(0x0, 0x1000)
creat$auto(0x0, 0x8d00) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) (async, rerun: 32)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 32)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
setreuid$auto(0x0, 0x7fffffffffffffff)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000) (async)
r4 = socket(0x2, 0x1, 0x0)
ppoll$auto(&(0x7f0000000000)={<r5=>r4, 0x4, 0x5}, 0x7, 0x0, 0x0, 0x8)
setsockopt$auto(r5, 0x6, 0x13, &(0x7f0000000040)=')[\x00', 0x9) (async)
sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x0, 0x70bd27, 0x25dfdbfe}, 0x14}}, 0x0) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38)
read$auto(0x3, 0x0, 0x7fffffff) (async)
ioctl$auto(0x3, 0x402c542b, 0x38) (async)
ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0)

7.539772027s ago: executing program 0 (id=590):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.14/usb38/38-0:1.0/usb38-port1/location\x00', 0x111000, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x5, 0x100000000000000c, 0x8e4a, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0xa, 0x801, 0x106)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
arch_prctl$auto(0x1021, 0x3)
setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3)
getrlimit$auto(0x3, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram1\x00', 0x6281, 0x0)
ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
mmap$auto(0x800000, 0x202000b, 0x4, 0x15, r0, 0x9f76)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000dc, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x400007, 0x80000df, 0x8000009b72, r1, 0x7)
sysfs$auto(0x2, 0x23, 0x0)
r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r4, 0x0, 0x3)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_TIOCSETD2(r5, 0x5423, &(0x7f0000000240)="6f95c35aa91e61e014cbfe0d8dc17a5e0605cf30acebb1d45c9f88fe677de887a3d7c3e171e1f864e49e92a490a52e9252d8cf6687a77eff1d5928f1076a8fd0d8a7125ff0361a2b")
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0x3, 0x0, 0x101, 0x7000000)

7.129410176s ago: executing program 0 (id=594):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
getsockopt$auto_SO_RCVMARK(r1, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
mmap$auto(0x0, 0x800400007, 0x7, 0xffff, 0xffffffffffffffff, 0x20000000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
r2 = epoll_create$auto(0x5)
pselect6$auto(0xa29, &(0x7f0000000340)={[0x909, 0x0, 0x7fffffff, 0xffffffffffffffff, 0x5, 0x7b5a, 0x5, 0x4, 0x2, 0x3, 0x4, 0x7f, 0x2, 0xb79, 0xfffffffffffffff8, 0x2]}, &(0x7f00000003c0)={[0x7, 0x7, 0x6, 0x6, 0xfffffffffffffc01, 0x7, 0x4, 0x9, 0x2, 0x9, 0xffff, 0xf, 0x5, 0x8, 0x2, 0xb]}, &(0x7f0000000440)={[0x8000, 0x2, 0x100000000, 0x9, 0x101, 0x17, 0x8, 0x7, 0x81, 0x0, 0x3, 0x4, 0xec86, 0x5, 0x100, 0x80000001]}, &(0x7f0000000040)={0x1, 0x800}, &(0x7f00000004c0)="4848f376332c19b9284061b53f76b503f9e73768c20fc1287a2aea2e89d03e490f38de853c376d878f0b1f5bfcf5d6733ab0ad2b37dc59bff1f0d836cf3f5b95a73d0b092b7850811bc74dc27fb39a4bd626d28f7d6bfdb563683d01c1fd84874e6607e10807c6d6fd4715b7f18b977f3b0d3f8ca3924aab1dfbbfb160fa4fb72d19044d63")
fremovexattr$auto(r2, &(0x7f0000000000)='&\x00')
read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000000280)=""/54, 0x36)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0xa, 0x2, 0x88)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xbff)

6.035636461s ago: executing program 2 (id=596):
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
r0 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0)
ioctl$auto_USBDEVFS_DISCONNECT_CLAIM(r2, 0x8108551b, &(0x7f0000000540)={0x0, 0x6, "7636151d9b02ba4db36efb8adaeb205490055c8160618a793bc0ef02be6b53ab874d163664e76626154e19585266b4280ac77b4953f03208c9d0d81de29f87c95b44caf734b5f2e59f69b0fe4a5494f48d5300607cd488d34e391975e1aa7743568be0d261cfaa4f9b6174c390954234be5d151787f0c9c66dc02b5a5a89a56682d58f67fb6efb456c4569af2df4c3e2fe0f9223c43727d728cc77183d2ceb9a4b6797048cd4d028ae420b7deabcd6b4a367d87ec44bbe2522223a45c3c8c504c1bae057da778451ca39ef604724c73e5f577cda46ab42dd3392401d1c9bf8ba15c8299371980687c12430b63a504592439e0580a6f2a60bed1efbb23b7596b3"})
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800)
socketpair$auto(0x2426, 0x9e6, 0x5, &(0x7f0000000140)=0x3)
unshare$auto(0x40000080)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001280)={&(0x7f0000001140)={0x108, r5, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x17, 0x13, "13c366f9244357d432f6e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e9"}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x5c, 0x75, 0x0, 0x1, [@generic="ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b", @typed={0x8, 0x138, 0x0, 0x0, @u32=0x400}, @typed={0x8, 0xe6, 0x0, 0x0, @fd=r1}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10)
ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0)
mlockall$auto(0x7)
mprotect$auto(0x0, 0x806121, 0x6)
bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa)
ptrace$auto(0x10, r0, 0x2, 0x1007ff)
ptrace$auto_PTRACE_SETREGSET(0x4205, r0, 0x2, 0x9193)
arch_prctl$auto_ARCH_GET_XCOMP_GUEST_PERM(0x1024, 0x1)

5.782945704s ago: executing program 0 (id=597):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003d40), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r2, 0x0, 0x4000050)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
socket(0x2, 0x3, 0x1)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f4)
bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0xffffffff, 0x800}, 0x92)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x22, 0x2, 0x4)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0x20000fffffdef)
madvise$auto(0x0, 0x2003f2, 0x7ff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x1)
madvise$auto(0x0, 0x200007, 0x19)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)

5.142179721s ago: executing program 3 (id=598):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x0, @remote}, 0x6a)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/usb/drivers/cdc_mbim/remove_id\x00', 0x1c0b02, 0x0)
read$auto_proc_mountstats_operations_mnt_namespace(r1, &(0x7f0000001c40)=""/112, 0x70)
r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r2, &(0x7f0000000040)={0x8, 0x2, '\v\x00\x00\x00\x00\x00\x00\x00'}, 0x200002)
bind$auto(r0, &(0x7f0000000240)=@sco, 0xfffffffb)
getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', &(0x7f00000000c0)=0x7)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYRES16=0x0, @ANYBLOB="010028bd7000610e1fa10000000014000b00"/32], 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram6\x00', 0xc6fc1, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
r3 = epoll_create$auto(0x5)
fremovexattr$auto(r3, &(0x7f0000000000)='&\x00')
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000280)=""/54, 0x36)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
close_range$auto(0x2, 0x8000, 0x0)

4.02958131s ago: executing program 3 (id=599):
unshare$auto(0x40000080)
setregid$auto(0xffffffffffffffff, 0xfffe)
setresgid$auto(0x0, 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='\x91Eecm\xeb\a\xe7v/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7n$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\x9d\xe5\xd7G\x7f\x13\x8e\xcb?(\xfaI\xe2\xae,\x95', 0x7)
r1 = socket(0x29, 0x2, 0x0)
ioctl$auto(r1, 0x89f2, 0x24)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
capset$auto(0x0, 0x0)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xffbff024}})
write$auto(r2, 0x0, 0x6)
io_uring_enter$auto(r0, 0xc0000000, 0x7fffffff, 0x2, &(0x7f0000000200)="c89c32b861d4396f4bff662180ba8b917df0ee880f977639ea2605af4854875e925324216306c85369b104f1458714177be8024674aeac0ce5c1fc524e066ae4e68c33aa6f4de8fb40005758c0b5ab2123c3ef7039829e4c377565b5aa42b059779b9001c96cda21934ed196276353fae7a387630f2c8b1cd45edc", 0x5)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(&(0x7f0000000180)=0x8, &(0x7f0000000280)=0x2, 0xfffffff8)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
madvise$auto(0xfffffffffffffffd, 0xffffffffffff0001, 0x1)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
socket(0xa, 0x1, 0x84)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x305340, 0x0)
prctl$auto(0x100003e, 0x1, 0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0)

3.872094484s ago: executing program 0 (id=600):
unshare$auto(0x20000)
unshare$auto(0x20000)
mmap$auto(0x0, 0x202000d, 0x3, 0x200000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/mac80211_hwsim/hwsim0/net/wlan0/flags\x00', 0x189082, 0x0)
sendfile$auto(r0, r0, 0x0, 0x9)
r1 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/fail_page_alloc/times\x00', 0x2, 0x0)
r2 = socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
setsockopt$auto(r2, 0x10000000084, 0x22, 0x0, 0x10)
read$auto_fops_atomic_t_(r1, 0x0, 0x0)
r3 = prctl$auto_PR_SET_MM_ARG_START(0x9, 0x8, 0x0, 0x3, 0x527)
r4 = bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000240)=@raw_tracepoint={0x5, r3, 0x0, 0x401}, 0x401)
mmap$auto(0x7, 0x8000000040000001, 0x3, 0xeb1, r4, 0x8000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x7ffd)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r5, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
timer_gettime$auto(0xa, &(0x7f0000000080)={{0x7, 0xd0}, {0x5, 0x1}})
r6 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x284001, 0x0)
read$auto_null_fops_mem(r6, &(0x7f00000001c0)=""/123, 0x7b)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a)
r7 = socket(0x26, 0x2, 0x0)
sendmmsg$auto(r7, &(0x7f0000000180)={{&(0x7f0000000040), 0xbb, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x9}, 0x1, 0x208008)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb2, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400, 0xe2, 0xbc7e, 0x1272, 0x7fff)
r8 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x36)
r9 = ioctl$auto_TUNSETTXFILTER(r8, 0x400454d1, &(0x7f0000000000)=0x80000001)
ioctl$auto(r9, 0x3, r8)

3.709137573s ago: executing program 2 (id=601):
r0 = socket(0xa, 0x3, 0xff)
mmap$auto(0x1, 0x39000000000, 0x8, 0x18, r0, 0x4)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0)
setresuid$auto(0x0, 0x0, 0x0)
ioctl$auto_BLKALIGNOFF(r1, 0x127a, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x41811}, 0x20000000)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xc0})
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0)
sendfile$auto(r4, r4, 0x0, 0x8080000001)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xfdef)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)

3.38582892s ago: executing program 0 (id=602):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x1c, 0x2, 0x8, 0x7fa, &(0x7f0000001800)})
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
r2 = io_uring_setup$auto(0x59, &(0x7f0000000280)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, <r3=>0xffffffffffffffff, [0x0, 0x0, 0x4], {0x6, 0x6, 0x8c48, 0x29a, 0x109, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}})
r4 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
read$auto_vhci_fops_hci_vhci(r4, &(0x7f0000000d40)=""/16, 0x10)
readv$auto(r4, &(0x7f0000000080)={&(0x7f0000000180)="87fca51d4a476166cd2ac211eeabd18e6a6faa52f8f2d7121476b330a68f9bd502a08d54c7fbd7d36ac3bdf2fbb5039ff566daf2249b2178a5f4f2393cfbb32dc2963e67ab28421acfea0bbe422f47251a00a352a2a793286b48829daf7cba", 0x7}, 0x5)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x7, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xc, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0x100c, 0x2, 0x2]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000000540), 0x8000, 0x0)
sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(r2, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000700)={&(0x7f0000000840)={0x318, 0x0, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x200, 0x1, 0x0, 0x1, [@generic="eb8e492034bbeb9e4726cec516e30a514d5891d3ae5defc409d0a8c4492c1eda93aabe9197464698b56ac692", @typed={0x9, 0x4e, 0x0, 0x0, @str='\'(]{\x00'}, @typed={0xb, 0x1d, 0x0, 0x0, @str='})+.\xd0#\x00'}, @typed={0x8, 0x106, 0x0, 0x0, @uid}, @generic="09fa5fa5f30222d571dd1b9e50b5a2a874ea16a1eb3713fed69f5fab4b85c0f22658f6cfcc279796efee706f0d2bcf5c22d8a1ce6b3373c11cb86bfb40628fd8d82d0e41442820da89c421ca3dd7bceb709166e94749c882897faf430bbcd045e0d9f34cac5ae7930036d7bcddf208450a2b9ba637a41299fe249d85eb063632aaa448ae43e263271678987a1ffde2de9cc746dbaa87f2e4dd7fa8de620a45c15e151b95bbfa032da864964ebaacb909caf9e9b14d8f9bc73f4591d38702b80ba0cf09c5", @typed={0x8, 0x4d, 0x0, 0x0, @pid}, @generic="b74a56368e4921cdbd5d070b751edb2fffb1509d1aad5ff822e980f871aa5e3858d5f78ffa005eadd6efb4bac90ee7df5adc4708f009b41ef8de631ba3a44e0bec6ad01a5b3092a295c630e909a7355b46ab98cc9bb4510a537dd6ec9f374af4bae3c734e494c4563d6816ebfb7562bb44398ed147c1e2a3723e862d", @typed={0x8, 0x147, 0x0, 0x0, @uid}, @generic="4e5bb941b92a78060793eaf36663f499ce3e991af7ba33587fcd94278fae9fdd59a8177766a7409b344b6c4f5f34c8f3358e9a6cc5e6f938d074d5d7211fd4d6e3c91ef0f300fe1d5e78380ef5fc954379a4b9ba22be6a64", @typed={0x8, 0x63, 0x0, 0x0, @fd=r5}]}, @TIPC_NLA_PUBL={0x104, 0x3, 0x0, 0x1, [@typed={0x8, 0x78, 0x0, 0x0, @u32=0x8001}, @nested={0xe8, 0x139, 0x0, 0x1, [@generic="749696a2d650d28ff448ffeccc3cbe2f082aa6ccab0e5e4c68da2c57d63c595d61a8922b07e44cde8335d4871d90565d2480271510d8e2271d36c993a5ea12ade632ed746995eae9c9f6ad1d8eae31103fff48bca5aeeaab640fc622374aa0405f7fd723906256a2f54bcc505b8702c94d7c08ecd4bc8a5842b688c52638df4282c31e9c42b6cb30f044801f7a9bd0c79a3e63cf7c04474b", @generic="27dda6b05ffed7456d15f711d4e50c731ffa0664e0431646c9c0136c39f2316bbe713a938194f61aabf8ae95ea23505f90d80011c6079ab6e586da221c7bcdf5e2737013a7b1082e1368ad98"]}, @typed={0x5, 0x55, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0x7, 0x0, 0x0, @ipv4=@loopback}]}]}, 0x318}, 0x1, 0x0, 0x0, 0x8001}, 0x240400e5)
socket(0x2b, 0x1, 0x1)
close_range$auto(0xffffffffffffffff, r3, 0x8)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r6 = socket(0xa, 0x3, 0x6)
getsockopt$auto(r6, 0x40000000029, 0x4c, 0xfffffffffffffffe, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r7 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=r7, 0x4005, @old_prog_fd=r7}, 0xa3)

3.020145198s ago: executing program 3 (id=603):
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/sys/net/sctp/rto_alpha_exp_divisor\x00', 0x900, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/rpc/auth.unix.ip/channel\x00', 0x8f3b7a51b8162d21, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="f320f820c75c20d9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x1e)
r1 = socket(0x23, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4, 0xeb1, 0x401, 0x8000)
prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0)
mprotect$auto(0x0, 0x8, 0x9)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/phonet\x00', 0x90602, 0x0)
mmap$auto(0x0, 0xf, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x2, 0x1)
connect$auto(r3, &(0x7f00000000c0), 0x55)
io_uring_setup$auto(0x6, 0x0)
write$auto(0x3, 0x0, 0xfdef)
openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ubifs/chk_lprops\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_to_hsr\x00', <r4=>0x0})
socket(0x1, 0x1, 0x0)
r5 = socket(0x10, 0x2, 0x4)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="21022cbc7000ebdbdf2501"], 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r5, &(0x7f0000000000)='-\x00', 0x2fb)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r1, 0x3, 0x400, r1, @relative_id=0x3ff, 0x6}, 0xffffffff)
syz_genetlink_get_family_id$auto_hsr(&(0x7f0000002540), r1)
clock_getres$auto(0x6, 0x0)
pread64$auto(r2, 0x0, 0x200000000003, 0x2f4a3a23)

2.740946643s ago: executing program 3 (id=604):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8a940, 0x0)
mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x1000, 0x400050, 0x9)
r1 = prctl$auto_PR_SET_MM_START_BRK(0x9, 0x6, 0x0, 0x6, 0x4)
fcntl$auto_F_SETSIG(r1, 0xa, 0x1)
write$auto(0x1, 0x0, 0x80000000)
munmap$auto(0x8000, 0xffffffff)
ioctl$auto(0x4000000000000c8, 0x3, 0x3)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x2003f0, 0x18)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r2 = socket(0x2, 0x1, 0x0)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/tcp\x00', 0x400, 0x0)
pread64$auto(r3, 0x0, 0x202, 0xfffff000)
read$auto(r0, 0x0, 0x8)

2.048613787s ago: executing program 2 (id=605):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r0 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r0, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x14)
r1 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x130, r1, 0x400, 0x70bd25, 0x25dfdbfd, {}, [@NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xb}, @NFC_ATTR_SE_APDU={0x103, 0x19, "e82ab0bf9424bb6688436c7f6d568f397c553e9f066c1b4916f574300052da66ca68f48f547636d9e3c85d1a50e7985e51729b979947ce9f9df3af2a1a7f6f98226df62f81b5f89a7c7d6d066d85fce38f185bd51e5cad757660d32670446811bf3db543060545aecc531d5af877225c0d85361e6c921cc08cb74b7787e40f88e2c97f17e35ed1b2a339c99223a0244ee24cd2923ec8c5ead1d2a9469700c2b2dddb74ded6c555bff5d06e17ebf0843659ad62c01143982ee752057fe91b89a85a5b51fd0c3176fdea1e2d7aa6e343d3e516fcb4da68a6a10093fb8138d9f3f833aed59f4d29846b8d3ce3849fa32b64cc8a22086591ecb71772160f36dc48"}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x4}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0xff}]}, 0x130}, 0x1, 0x0, 0x0, 0x4000805}, 0x20008010)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card0/pcm0c/sub3/xrun_injection\x00', 0x800, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x28102, 0x0)
write$auto(r3, &(0x7f0000000180)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
write$auto(r2, 0x0, 0xc3)

1.80209254s ago: executing program 0 (id=606):
unshare$auto(0x2)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x20342, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x7fffffff)
prctl$auto_PR_SCHED_CORE_GET(0x476, 0x0, 0x0, 0x5, 0x7)
read$auto(0xffffffffffffffff, 0x0, 0x20)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
socket(0xa, 0x2, 0x88)
msync$auto(0x6, 0x5, 0x400)
socket(0xa, 0x2, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x2, 0x5, 0x0)
setsockopt$auto(r1, 0x10000000084, 0x9, 0x0, 0x101)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0xfffffffc, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=r2, 0x1, @old_prog_fd=r2}, 0x7)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x18, &(0x7f0000000000), 0x1)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)

1.755804093s ago: executing program 2 (id=607):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0xffffffffffffff7d, 0x0)
socket(0xa, 0x1, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dsp\x00', 0x101001, 0x0)
poll$auto(&(0x7f0000000040)={0x3, 0x0, 0xa}, 0x5, 0x108)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x9e)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x208f80, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00!\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3)
fsopen$auto(0x0, 0x2)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x8002)
open(0x0, 0x261c2, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x84)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setreuid$auto(0x0, 0x0)

1.309188454s ago: executing program 3 (id=608):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x1, 0x0)
io_uring_setup$auto(0x6, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r1, 0x400, 0x1)
futex_waitv$auto(0x0, 0x81, 0x0, &(0x7f0000000340)={0x92, 0x6}, 0x8)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2902, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x6b, 0x3, 0xfffffffffffffffe, 0x0)
write$auto(0x3, 0x0, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(0x3, 0x400, 0x2)
getsockopt$auto(0x4, 0x6, 0x1e, 0xfffffffffffffffd, 0x0)
setsockopt$auto(0x3, 0x0, 0x33, 0x0, 0x4)
recvmmsg$auto(r0, &(0x7f0000000380)={{&(0x7f00000001c0)="9e0decec393aaa8544c533279f55ae179d9e547bd9c9dcb97f0cae1e2b03efb989a2cf9eba5b1c9fd90803e872c477a8e6058ad1a867e4a57d83a8916c7c05e458b25b8479a87a11d5b1d30f58d09f064e8e4f2e5de355a4016ba62bde34bc78be846e7bfa06d2824bf061a9951d60b3d73a5eb37f4d14d47ebab60537f337173ebfd8c7cded9a1bceff723b94cab82cd3aba0e57964c0aeab95a5e81da0b84bb10d418e41c3bf402e19ec86ec380df632da354ccf79beb1ef82eac433cc6268af87d3a9a7f7044b", 0x6, &(0x7f0000000140)={&(0x7f0000000040)="55ef1b68df02437d64a623c96775eed461a7fdcb617ff449ba5ba0578f679eb5edf886719e4a9988e497ead032dedb9880cb45441043473f3e61b191ce63ba233f35ee45c86dc067b5653127a3a7c52c66965ff609e8d2b1d1f9462c9084ae1834", 0x100}, 0xff3, &(0x7f00000002c0)="f87c2a63d8ac25986632c86dc4b2d5ce96c110b437f02a49d81ca4af4c30274852874e94dbbe8a365d35acd542f6c1cb13960e88ff99b2223ae8afc7daaab6dddae55cfcbd7a2093264e0d18e43c56189db47489207e07514d2b3467fb5ccf527684032e0d9192618f733589f15cbea7a66877c981d28ba13af6d3d542511549efd824b750e3e5129702811497e904cb8595a62f44c5677a00f81323f26adf", 0xa57, 0x2}, 0x10}, 0x8b, 0x9, &(0x7f00000003c0)={0x91, 0x3})
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x5, 0x0)
shutdown$auto(0x200000003, 0x2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r2)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000f7dbdf2503000000180001801400020073797a5f74756e00000000000000000005000300050000000500050008000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840)

967.218049ms ago: executing program 32 (id=567):
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x80) (async)
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r2, 0x0, 0x400018)
mknod$auto(0x0, 0x1081, 0x3)
creat$auto(0x0, 0x1000)
creat$auto(0x0, 0x8d00) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) (async, rerun: 32)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 32)
write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
setreuid$auto(0x0, 0x7fffffffffffffff)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000) (async)
r4 = socket(0x2, 0x1, 0x0)
ppoll$auto(&(0x7f0000000000)={<r5=>r4, 0x4, 0x5}, 0x7, 0x0, 0x0, 0x8)
setsockopt$auto(r5, 0x6, 0x13, &(0x7f0000000040)=')[\x00', 0x9) (async)
sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0x0, 0x70bd27, 0x25dfdbfe}, 0x14}}, 0x0) (async)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async)
ioctl$auto(0x3, 0x400454ca, 0x38)
read$auto(0x3, 0x0, 0x7fffffff) (async)
ioctl$auto(0x3, 0x402c542b, 0x38) (async)
ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0)

955.595731ms ago: executing program 2 (id=610):
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000100)='B\x00\x00\x00\x00\x00\x00\x001\x00', 0xe, 0x7)
semctl$auto(0x1, 0x7, 0x2, 0xffffffffffffff80)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'netdevsim0\x00'})
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000800)=ANY=[], 0x4c}}, 0x4005)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x4d})
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f000001f300), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r3], 0x1ac}}, 0x40000)
ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x30, 0xff, 0x0, @raw=0xfffff030}})
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000380)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fcdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d00000015001a8000000200200004801c000180050007000900000004000a00040004000400020004000400f275ff4d291d8835f0708cbbec7b610c4a676c362c893086142c3861bd8edbfe0cd6c2a94814bd0570d01201b51747b57fd29b76c692e02073b3e496971a960f5dcb590b7bd196a1a7f09ad3b1b3c2b66764b375f9ac4655a3b2ff1d68ab63ba5c29117ddbd4ca2ce2b9b3338b4718ea8a452f23c4573960b3fd6f0a184b9feec600e58922b7dd7d0634a708b638f4a4190a9497b23326866af5de08fe0319d420ec09f23b0afd220a724961f9faeeedd05b519d68ff79c6a8c4e12a69e1e37347b02dca17ca2062c2e0d090b735d171241bbc9bf99aeababaed4b97de5aa363d50fa4fd67bccb56b0f5667a92fde3cdca8f1d5e5bd5fca6dda77981df37c2d15243dab7e0deeeaee987763726dc2441fd169bc317fab92ff2fca9ca9f11495ce5"], 0x70}, 0x1, 0x0, 0x0, 0x4008845}, 0x40800)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x84)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0x1, 0x7)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(r4, r5, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r6)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4040aea0, 0x0)

233.503417ms ago: executing program 3 (id=611):
adjtimex$auto(0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0x1002}, 0x9e9, &(0x7f0000000280)={&(0x7f0000000080), 0x401}, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0)
r1 = socket(0x1d, 0x3, 0x1)
setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x800)
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a)
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, <r4=>0x0, 0xfd}, 0x6a)
mmap$auto(0x0, 0x2000a, 0x4000000000df, 0xeb5, 0x401, 0x8000)
futex_waitv$auto(&(0x7f0000000180)={0x3fb, 0x6, 0x2, 0xfff}, 0x3, 0xbffffffc, 0x0, 0x81)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x83)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/clk/clk_summary\x00', 0x0, 0x0)
bpf$auto(0x5, &(0x7f0000000100)=@query={@target_ifindex=r4, 0x5, 0x10, 0x4, 0xbbc, @prog_cnt=0xff, 0x0, 0x3c26, 0xaae1, 0x9, 0xf}, 0x101)
r5 = openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000340), 0x7ff7969646e276e5, 0x0)
recvmmsg$auto(r5, 0x0, 0x8, 0x9aac, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x11b440, 0x0)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f00000001c0), r1)
sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r1, 0x0, 0x1)

0s ago: executing program 2 (id=612):
mmap$auto(0x2, 0x2820008, 0x1, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
tee$auto(0x2000000000000, 0x3, 0x402, 0xd) (async)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL802154_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000001240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000001200)={&(0x7f0000000080)={0x115c, 0x0, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_PEER={0x1048, 0x28, 0x0, 0x1, [@nested={0x8, 0x128, 0x0, 0x1, [@nested={0x4, 0x150}]}, @nested={0x103a, 0x142, 0x0, 0x1, [@generic="2746c1b4eb290f19d3d5d607ff6410f7d08bcfd9d890ad8962289d8ddd11e996cd17513b95b8d832c088304da8cb28bf2ed5efe150fbb84058b176381b954aa255709ab481c5e0906edd91cf3500400b03dbf23b3c55c5996a5bdd1e641ddf3f2206f56c0af27df14f5db12de88aad577d24ad6dd48df68cd9256da70f663cf3da6eff506c82a58100d79d837f0f507c941b0888c8b38aa774f541c16142f3544e09fcb307ba1bbb44cde8b872e5b9258800e979fd3427a1040bb7f8c2691963a18977702c494409220a634cda70cf245946b4cfb09f493744e56113e2d42bb76e52029db77c3329e18e9caff7cd0cc8aeb3507b88ea1c65c5307a318b3dc7d99d68e7c925c10b5ce18d269d095184415750421c33eebbabfc45c98cf3d94a081aa43c1301ac7362bfc8c6a9a86df7ac19db18a283bdec7cfd299bfb0fbcfe458e5a57e3e3ab8d095870f5c1769ad3a5f09517c738b43664a952ef7af977374b5449f9a9760ce228baec10ee6068cc58b020576cbddd5e44cfd608e354d76820740bc95e277fcb7e529f2835dbf9125449f99243eac1058c843d7750a20f38d0b1665e2e9ff85c7f10af86f4a9a9c48de65e0ab674201818e6ef4833387bcf31a214fcca065d3b692da7f76b0cf93ce6242db7c0ef7a4e8922c4ee65f31b4773b309173185f8e87c6d82f07e02522c96c475845c82a6b2567ea79f493163f087eb99367149fe9401e9e48433cae12ecf304585e8a60257547b72582f488f50efe468a549b12a90551ee43aa6602573f2ad543f8d5de4b5e2a2005f08978aded14f9ed509c63a37bbe92f836d893d665a9ddd56782b15eb6374327ec8e4e96afaecb24a02f148cd0a397f59eede096e07d72323d13a239644515779ed004afe996f015bec24950f1eccff24b1ae7d9696f563ec1a59e0bf232fc9d744ca259b68c4e4ae1308cb517369150cad50e31a3caca4a19b836591c6daedceea1189e9e794dbcb14a8f2116876981c31bde5d24c554f82d158fde9148e9b4f06d149ed1654237e234394fb4e61bf486e744497db8fbb91e0e4109f5c72af4452c0f6a77aa0c1298b169e62f7236660122eeb897888d41234a5719f980ca1dc479de445cf58a8b5b231eb0c795fdfbf339f17b3aa35993756e8fb61d53b7ff71c7b8bdce244b0f2f609910d97713faf57d6a4538c849f195df4e29ffceb63610faa501604c385a67b3a3672cdf19ad0881a692bc24b2fce7df1acf4ca4f030c4dc8291288ab1437247eae86550d1801215bf7f6177588a3dfaa10120d4868fb336dadc224f04c47cfc5e6ea1894258b4dde9ecb8cfedbace6c73f2ffbc659900624872e6f86a54e18a7668d4bb3ebdc2e52dee19907ec4788f20636e03e7f7b7108250646581faea950237c3cb3b7d02b00e49d3710e66668e54921808cd80fea7ead144942ede930d9408faf0bf8a3edfb85848dd8ab779dab2fb748e66c99988dfe1c2b8d859f1991e1dacd40040ce940d9ca69fc1069a52d80742e3e4e45b24ee78b67b34dcabd4ed077ce572cfefa6fa722a157c80c749dbce78b3f1088e1bbc62c3f26ba11625b89e389e06f972cf1d8204749486d4d7e928bee3f49c918176a59102af07880a8820212ae89aa6c723c1bc0ddeaa19408339029566d2198ac39c845b64a926a19e1ccfb3dcbd58471d408600146c573e5b14a5e4a13ee6f374998b83e48de9d2f9549697b20486f0f938e0693a976883c3eabdea32cd9dd785178519a63d96c1d022503e062302aee9fbbfbaa4439078a1046ac058bfb9b519b4c621bbefa6f3437bc8b96998560cd99eac1ede3896d966b076a9ddae3b476e46d1869a3bf1f8fbc972ee1039e577e604b727a0f57f8177bf56868900ade322df01f8d7a34ac3a28cfd5ee86bdb9f7e6c31a22442eafceed2cea7e9b7ebff11621c2628054231300b30af29f22b7cc443fb41439eeb7d4fb22f02bbdb6351036a879f0fefb9f388a0beacdfe7c6930cb148fa96246617b09573e92a6a625f84f1e6070cfe1ab2516cb016806c4f73d00c64de5cfa8874cb9deb75f9edb80d588d8cbe6a8c200a9577e3bf91b9b08d9630be3e70dc6d04a235f986d876d1099211b3a1acacef436c293b8f6a44e34d46f69edd93e42837d2f106d6bdb969ed8b1c3ac48f214feee7428dbd190d9da391d284a3ec8a5c1af643283e4269faae8fc0870663bfc31d324b7bb557a083692577d7404b12cb226c69dd6ad5c74a77c84a7a39129b9a71b93b7a91f39bb0bc2d0640005f4e319f55ca95baefd713b670b2f05080c7507f05d9d38e22189794575a4fa6dd91eff52cb489a778c38b0b6e96fcd3ab3537f98aec863f438a7f70fdaa0a48959a42820acb94a3913b1cb51bb32c7dd74209532f3d8af6b91a116cc1af075287c447e670da20a11f1e77fbe693fed07f63204103043be27f6cacc59f6d0211453f540923545bd85c233b372337436d45f8e6e524d360e2218f3e04db5e2f925bc5fd628c6ecea25173dfa6e9db51f376ba85c64492a4d3941600872e011c5f20e65f9b038d273eec0001123d2d567931d65d456f8ceaea32c96ae3d77029c1addc4396f7f025ae72e5781870aa818d8de1d49b54cc97e39de876246387f51e8ca3043b7623fbd341bd40ca70f3280bf00641851b2e73ff5345e3ed551cd1de9917a0b72f8c83a13c5d5ff5eb28e0e9e2df8aebce9f92a9d15e3b610015beadc91ac6afb8d1731f3ff16da25fff92e1fbd06df51ef82a7d0f6cca8b114d6540c0b23ee825edd564ae950922deedd52f67d9f577e1b1894a934a8b4c3fe1e5326f6ad06ff32216e7cdd2bdb03016fc0200ff32dcb9e2013bc012c647e87c21d991ac10978aa8bc8b5c83dec306b1552c8066785edf3c854f0ea0f7afa34eb9befe0f3f516420189ec14c135904aacf76db40e0f512e74cb8e89c8da742fb5bd755aedb0f8b6913b35113d2fd059b21d66e8d2fbfb0237f9fe35632cf1f1f882571a619b78c5ba345ad07c5f140ae4c744fcc91eb8e03d114e0df50e29cf5a704964c1137c8335cb6694de463bdec13459e5c34e2f29b31db41bfb6857dc2793c0cae01f745ac0a78611bc603ab7a5ed139638c7feb236376aae0ad9aa8a00ff2203d7fc3bfa4b31a5423233b4e11adf618212134c1f97c077d4639608d1e84b2b157cf123c7b68f20e1e55e9e33cb5807797646b5c89616a724d53bb5a3a6f91ac53813da84e859266dcd7d20b04f9f92b9b0f3fd5159f65956de0a0720e13ece0c85cf928ffed946d86acde33922f29221e4032659012880b7e11a2b616cc04b63f5a04496ecf98ec23c3b0de965891d03c940fd2ec4b35329f28ae4b252d7d9c6bffbc2e8ed5d113b30d1caa7102feeff77c6e4a313f376bad8ef3f26cfd7d5a9f679578a532bd14f1f18e0ff36ee8daf39180b4b32d9f8fc431cbe3d7adc111d1e32cd32849a4c0b9d837300f4ff71de13956b3dd9f9850e740399ba098db844d9f0293d706b523ebbb1e9dc0abfff871b28af223940650480078581fe0370db8e840b145aaa854dd3c14896e0867924c339db1df253a50498f560fa1da7e9b3e471d3cdf98916bdfefa3aafd1c5b721a489035c2cb950f3167e92f6055baab5a83252dba7a4e0aae90bf8e473d7bb6e6404ebab24a80eee8d2ecc018d49e94028e33648c87e06ac92e41c9b228cd03f90c03f65aaa8fbbb27bbc2d006fea4de0d41ea89f7797c911622f6f9051ade404cacef8a3ddd4820b62a06b5420010e1f58d08e52cff0837f0693aeb1d3d8ce4b947a8cb56e2b59a29944896bcac487b5f31ce9d8767ea362b1375705ae1c4e4191a35052c82d0af388f746b824b1ad2798c5b257233c9026e880e7d824d89826291d0664fbe79474de581434d5423c19a97ace5eea0d5444bbbe546b558e9332abeaebe320ec681b62b9d7029a050594438949bc478656265d3ad05e7313e227ae224090463382197a9843baff4c88e1ddf834f8ed2fb8227ca5facd567ddbdc9f452e99b1f784340f1dde1309eed386087cca13a4589f34d2b61975994c35f86deabcc5e6fa2dbe74887c2943c5208526a4528bed116c839476b116f99b854d10a92438050cf5b9c1d42d738d4276310df3ced6483b6b2ee9a6428a8d522f4e51ce70a0eadb7ea521ccaa7ac69a08185fede94c5e5a4f1d5377dae1fd9af11bb5d609250db91ddc00fc6c84733a784dfdb0322633dbe00810236859b714b92985d2f6e19e9eea1f2adaedd5458f780fbba1c2492200d98602de4b832db035cd9a6e3debee79c186009f95f22c7760866f7f032597e1a6405292b926f9a7e64efaf766d944a87da66fe8db792a0751712a420947456a2f4d381868ffaaf7be3b7cc02bd90f3d67c8aac4b5eb046436c42d509ac94216d4b058988be67aac3b0713ca4bef5e04922e9ad257f3f4347a7d059aba456752da1d622f859874c5df69156c772e10ec42c46cb3e706d1a4e608723e53ae760fab9669402b5aff3428b68fc8a6095727244e0ba9bf17191154bd81b64af8915594ace6eb8ec347ca83141c463893dc0a0cbad970783acc4b7bc53a5e6570bcd6ca7ffb609cbe32574f431cf664000ab5e752b87b77885ab524020a1435c6e2220de0b2d99cc1be13cb1c8a486730647bb372ca8c3a1647a56638ea8446a46a91dc72bd67a5341e7ab8f229bfd1cb52a2e52f37995aedd8a6df8f04ad5e9a05e4df563747b0f051c22d8a9e30b7053ed9eefd954c4d4e31e70167b63b2f05d6538223870f301b6997a6d2af0933bbb5ba32376a3f9b25fb80307e806d769375b42aff596b30db07d65c28af463af078e96c54b5a5da74e50da7bd515a55544dd91ebf7a67814d74bd71855da0d81595fa43bab447532549c2ba213349dc5a51f65bf6f4152f58534f09c2983e8c21f2bf0409356304c298685fb9b86ec215a5388d91318a9771d641988c7e6e967a8db2808c5428e419f0a8985d36dbccac3b65d4d0f8fb0604da7a0385c07ab5209250c73fbd6d44636bc62c2afa6384b59aa39906ea956e37a138c12c0ef3b9445d886ddd7f29ec187e86b8b6b26bd605a742ab05529ff301f291c05561fb8eed28e0040a31252d068fc9d1d92c6079d916086fe1dbe0df6afe77a4abd5e4270d8f97d982b31d015c82ca1e0651a23edbad5bfa84da235694cdd1df3b75e736cb4be35a8ad834d45ad26957767ab89d806a9836946d1e95856ca349248d8d236491b5a1b984205285b1ab719ed5e87a2a2c7aba9c43402dddc184c9ddfb8f393a5ef414f6d95c19138cddcc1f6d5283e374ccdc6638bb0b898877c175163f8ce301e80cfa5518917916bc5a1acad20d0c7a3958f9dc7f83d35e295f1815ece513c35fb3e07aa8022f163f27853c1b734676270dae1b3c208c3dfeda3861230750bf976e628752d03a832d0e0b7a7474762b17f8594e1be81e7fcdd9d5ad166bd0cb8e955380da284dc726a3ca7997b2710f36d0b6d3dde6db2a4ad65c2193a0ee54c97b2a7e15f7171064a09f301c9891af5c1a96fa68511fd74bcc47c6237d917e928b321e25013f4bad60d3d8c4714cb01b4981c29925262cfff3f5b721bdcc6a4995cbe0ba5cd76c7e1b0f6fac82f9b813d928b8b44bcc2d588e10a819a42fd45ea224dbee66196e02035a3b6222aeee89e37e520a2720e9e8f66b6598530cdce121821c033fe097303522cf7b93dacc10a77761d65616269841a7bb92e7a306cde41d313f94dda6085a9261f237471a2f56a805aa00557e2", @typed={0xc, 0xef, 0x0, 0x0, @u64=0x2}, @typed={0x8, 0x60, 0x0, 0x0, @u32=0x1}, @generic="8aba44c822235d8c7182b00a179b2a746a06f8e4e86df02c7caac74453eb844d1d66"]}]}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x5}, @NL802154_ATTR_SEC_LEVEL={0xf8, 0x2d, 0x0, 0x1, [@generic="85fe180af82e960e61a0d3999b0e680dfa690027ea39c3924d42997ddc20136f3c10c02c2df67b1aa3cb4157aa6efafb4fffed92056310ac3d4da3b61bcb0254b4f1129e0f396ba029191a69c45ba10ce864b6edfc2d6e5518bded38c48228333fb3d4d8941623d6e924914cba33664f98a416f6113f328bda503758e90a198ac93d064b2afe2d025906dda2b97b46c07c19827178025bd041dc16a375d6f0d66526fe646119b2c963b3f162ff41ebd9d333a4f5f1247abb232e1e068fe1cb99730b5f2cec234264a9496479da88e97eb62d626745e771d692b8", @generic="c060583f2163030ed969d85f", @generic="a3650b5f531ef4fe88fb8753e7bd"]}]}, 0x115c}, 0x1, 0x0, 0x0, 0x4c010}, 0x20048000) (async)
mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0)
read$auto(r2, 0x0, 0x4) (async)
write$auto(0x3, 0x0, 0xffef) (async, rerun: 32)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x4440, 0x0) (rerun: 32)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) (async)
r4 = socket(0x2, 0x3, 0xff)
setsockopt$auto(r4, 0xff, 0xa, 0x0, 0x7)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) (rerun: 64)
mq_unlink$auto(0x0) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async, rerun: 32)
prctl$auto(0x0, 0x1, 0x0, 0x9, 0x0) (async, rerun: 32)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/6/smp_affinity\x00', 0x40d81, 0x0) (async, rerun: 64)
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x355642, 0x0) (rerun: 64)
futex$auto(&(0x7f0000000000)=0x7, 0x9, 0x7, &(0x7f0000000040)={0xb, 0x401}, &(0x7f0000000080)=0x6f5, 0x3) (async, rerun: 64)
sendfile$auto(r0, r1, &(0x7f0000001280)=0xc063, 0xb) (async, rerun: 64)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0xffffffffffffffff, 0x4020aea5, 0x38)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.195' (ED25519) to the list of known hosts.
[   75.760292][ T5809] cgroup: Unknown subsys name 'net'
[   75.894898][ T5809] cgroup: Unknown subsys name 'cpuset'
[   75.903844][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   77.432768][ T5809] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   79.168059][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   79.176349][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   79.185748][ T5834] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   79.194357][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   79.194773][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   79.202555][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   79.210858][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   79.217281][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   79.224630][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   79.237725][ T5832] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   79.238780][ T5834] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   79.245285][ T5832] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   79.254494][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   79.259642][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   79.267192][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   79.285122][ T5834] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   79.300254][ T5834] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   79.313015][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   79.314071][ T5142] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   79.329904][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   79.852283][ T5820] chnl_net:caif_netlink_parms(): no params data found
[   79.904173][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   79.959606][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   80.067057][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   80.153318][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.161297][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.168642][ T5820] bridge_slave_0: entered allmulticast mode
[   80.176064][ T5820] bridge_slave_0: entered promiscuous mode
[   80.216009][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.223546][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.231032][ T5820] bridge_slave_1: entered allmulticast mode
[   80.238705][ T5820] bridge_slave_1: entered promiscuous mode
[   80.262561][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.269742][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.277132][ T5821] bridge_slave_0: entered allmulticast mode
[   80.284180][ T5821] bridge_slave_0: entered promiscuous mode
[   80.302825][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.310266][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.317549][ T5822] bridge_slave_0: entered allmulticast mode
[   80.324701][ T5822] bridge_slave_0: entered promiscuous mode
[   80.337944][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.345228][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.352470][ T5821] bridge_slave_1: entered allmulticast mode
[   80.359639][ T5821] bridge_slave_1: entered promiscuous mode
[   80.390153][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.398154][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.405780][ T5822] bridge_slave_1: entered allmulticast mode
[   80.413237][ T5822] bridge_slave_1: entered promiscuous mode
[   80.440387][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.474139][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.485983][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.519412][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.549890][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.560199][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.568118][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.576037][ T5823] bridge_slave_0: entered allmulticast mode
[   80.583151][ T5823] bridge_slave_0: entered promiscuous mode
[   80.611077][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.621376][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.628599][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.636166][ T5823] bridge_slave_1: entered allmulticast mode
[   80.643544][ T5823] bridge_slave_1: entered promiscuous mode
[   80.652763][ T5821] team0: Port device team_slave_0 added
[   80.661016][ T5820] team0: Port device team_slave_0 added
[   80.688981][ T5821] team0: Port device team_slave_1 added
[   80.697391][ T5820] team0: Port device team_slave_1 added
[   80.746833][ T5822] team0: Port device team_slave_0 added
[   80.758743][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   80.782981][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   80.804703][ T5822] team0: Port device team_slave_1 added
[   80.811494][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.818532][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.845228][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.867989][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0
[   80.875048][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.901606][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   80.925950][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.933027][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   80.959538][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   80.988178][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1
[   80.995617][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.023064][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.050494][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.057560][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.084306][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.097273][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.104560][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.130872][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.143739][ T5823] team0: Port device team_slave_0 added
[   81.167905][ T5823] team0: Port device team_slave_1 added
[   81.218524][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.225706][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.251925][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.279665][ T5821] hsr_slave_0: entered promiscuous mode
[   81.286186][ T5821] hsr_slave_1: entered promiscuous mode
[   81.318258][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.325368][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   81.352256][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.362313][   T51] Bluetooth: hci3: command tx timeout
[   81.363142][ T5834] Bluetooth: hci1: command tx timeout
[   81.368775][   T51] Bluetooth: hci0: command tx timeout
[   81.374755][ T5825] Bluetooth: hci2: command tx timeout
[   81.404468][ T5822] hsr_slave_0: entered promiscuous mode
[   81.411086][ T5822] hsr_slave_1: entered promiscuous mode
[   81.417689][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   81.423807][ T5822] Cannot create hsr debugfs directory
[   81.454138][ T5820] hsr_slave_0: entered promiscuous mode
[   81.460554][ T5820] hsr_slave_1: entered promiscuous mode
[   81.466914][ T5820] debugfs: 'hsr0' already exists in 'hsr'
[   81.472775][ T5820] Cannot create hsr debugfs directory
[   81.603238][ T5823] hsr_slave_0: entered promiscuous mode
[   81.609792][ T5823] hsr_slave_1: entered promiscuous mode
[   81.616427][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   81.622513][ T5823] Cannot create hsr debugfs directory
[   82.122951][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   82.137048][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   82.157126][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   82.168772][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   82.223264][ T5820] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   82.253647][ T5820] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   82.289649][ T5820] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   82.300233][ T5820] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   82.343972][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   82.355463][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   82.392504][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   82.415008][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   82.508363][ T5821] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   82.520007][ T5821] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   82.548267][ T5821] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   82.559004][ T5821] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   82.608604][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.669813][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   82.690093][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.697623][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.730522][   T88] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.737870][   T88] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.755279][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.827095][ T5820] 8021q: adding VLAN 0 to HW filter on device team0
[   82.864414][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.871873][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.898966][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.906119][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.922502][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.954571][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   82.999660][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   83.017657][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   83.035905][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.043156][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.097822][   T88] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.105378][   T88] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.117536][   T88] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.124990][   T88] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.137858][   T88] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.145190][   T88] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.407094][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.442816][ T5825] Bluetooth: hci2: command tx timeout
[   83.448267][ T5825] Bluetooth: hci1: command tx timeout
[   83.454442][ T5834] Bluetooth: hci0: command tx timeout
[   83.454461][   T51] Bluetooth: hci3: command tx timeout
[   83.544281][ T5822] veth0_vlan: entered promiscuous mode
[   83.594702][ T5822] veth1_vlan: entered promiscuous mode
[   83.678420][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.747651][ T5822] veth0_macvtap: entered promiscuous mode
[   83.765541][ T5822] veth1_macvtap: entered promiscuous mode
[   83.799795][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.822019][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.852449][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.860937][ T1016] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.875438][ T1016] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.886147][ T1016] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.906160][ T1016] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.929762][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.007233][ T5820] veth0_vlan: entered promiscuous mode
[   84.061026][ T5820] veth1_vlan: entered promiscuous mode
[   84.076698][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.097618][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.153725][ T5823] veth0_vlan: entered promiscuous mode
[   84.174240][ T5821] veth0_vlan: entered promiscuous mode
[   84.180548][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.189021][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.206865][ T5823] veth1_vlan: entered promiscuous mode
[   84.236666][ T5823] veth0_macvtap: entered promiscuous mode
[   84.259413][ T5820] veth0_macvtap: entered promiscuous mode
[   84.274574][ T5820] veth1_macvtap: entered promiscuous mode
[   84.291765][ T5821] veth1_vlan: entered promiscuous mode
[   84.326784][ T5823] veth1_macvtap: entered promiscuous mode
[   84.335183][ T5822] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   84.355664][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.384202][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.465344][ T1016] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.480230][ T5912] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   84.490408][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.512638][ T5821] veth0_macvtap: entered promiscuous mode
[   84.520062][ T1016] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.536514][ T1016] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.551719][ T1016] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.577121][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.586914][ T5821] veth1_macvtap: entered promiscuous mode
[   84.629640][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.644341][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.653355][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   84.678989][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.689790][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.767107][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.800513][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.815172][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.847079][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   84.866038][   T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.929135][   T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.954258][   T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.966360][   T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.044088][   T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.052123][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.052160][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.089732][   T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.204978][   T76] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.212973][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.220973][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.245515][   T76] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.364597][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.393775][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.524532][ T5142] Bluetooth: hci0: command tx timeout
[   85.530275][ T5142] Bluetooth: hci2: command tx timeout
[   85.531745][ T5825] Bluetooth: hci3: command tx timeout
[   85.535880][   T51] Bluetooth: hci1: command tx timeout
[   85.748735][ T5927] Zero length message leads to an empty skb
[   86.792618][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   86.889306][ T1702] cfg80211: failed to load regulatory.db
[   87.451275][ T5945] capability: warning: `syz.1.8' uses 32-bit capabilities (legacy support in use)
[   87.563663][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   87.601810][   T51] Bluetooth: hci0: command tx timeout
[   87.607319][ T5142] Bluetooth: hci3: command tx timeout
[   87.607391][ T5834] Bluetooth: hci1: command tx timeout
[   87.612857][ T5142] Bluetooth: hci2: command tx timeout
[   88.782665][ T5961] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   88.839757][ T5964] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.982964][ T5982] netlink: 28 bytes leftover after parsing attributes in process `syz.0.16'.
[   90.049485][ T5987] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.091253][ T5987] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   90.241525][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   90.489920][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   90.852287][ T5999] random: crng reseeded on system resumption
[   91.165477][ T5994] alloc_netdev: Unable to allocate device with zero queues
[   91.228588][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   91.441425][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   91.521601][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   91.613870][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.624018][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   91.874053][ T6015] FAULT_INJECTION: forcing a failure.
[   91.874053][ T6015] name failslab, interval 1, probability 0, space 0, times 1
[   91.889792][ T6015] CPU: 1 UID: 0 PID: 6015 Comm: syz.2.21 Not tainted syzkaller #0 PREEMPT(full) 
[   91.889816][ T6015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   91.889830][ T6015] Call Trace:
[   91.889835][ T6015]  <TASK>
[   91.889843][ T6015]  dump_stack_lvl+0x100/0x190
[   91.889874][ T6015]  should_fail_ex.cold+0x5/0xa
[   91.889892][ T6015]  should_failslab+0xc2/0x120
[   91.889916][ T6015]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[   91.889935][ T6015]  ? alloc_inode+0x183/0x250
[   91.889951][ T6015]  ? stashed_dentry_get+0x10a/0x2c0
[   91.889975][ T6015]  ? stashed_dentry_get+0x10a/0x2c0
[   91.889999][ T6015]  alloc_inode+0x183/0x250
[   91.890015][ T6015]  path_from_stashed+0x25b/0x750
[   91.890036][ T6015]  ? do_raw_spin_unlock+0x145/0x1e0
[   91.890059][ T6015]  ns_get_path+0x60/0x80
[   91.890081][ T6015]  proc_ns_get_link+0x121/0x230
[   91.890096][ T6015]  ? __pfx_proc_ns_get_link+0x10/0x10
[   91.890113][ T6015]  ? atime_needs_update+0x8b/0x6b0
[   91.890133][ T6015]  pick_link+0xd17/0x13c0
[   91.890151][ T6015]  ? __pfx_proc_ns_get_link+0x10/0x10
[   91.890168][ T6015]  step_into_slowpath+0x9ba/0xf90
[   91.890192][ T6015]  ? __pfx_step_into_slowpath+0x10/0x10
[   91.890210][ T6015]  ? find_held_lock+0x2b/0x80
[   91.890251][ T6015]  path_openat+0xf95/0x31a0
[   91.890280][ T6015]  ? __pfx_path_openat+0x10/0x10
[   91.890308][ T6015]  do_file_open+0x20e/0x430
[   91.890331][ T6015]  ? __pfx_do_file_open+0x10/0x10
[   91.890365][ T6015]  ? alloc_fd+0x476/0x790
[   91.890386][ T6015]  ? do_getname+0x191/0x390
[   91.890402][ T6015]  do_sys_openat2+0x10d/0x1e0
[   91.890419][ T6015]  ? __pfx_do_sys_openat2+0x10/0x10
[   91.890436][ T6015]  ? __fget_files+0x21f/0x3d0
[   91.890459][ T6015]  __x64_sys_openat+0x12d/0x210
[   91.890475][ T6015]  ? __pfx___x64_sys_openat+0x10/0x10
[   91.890498][ T6015]  do_syscall_64+0x106/0xf80
[   91.890514][ T6015]  ? clear_bhb_loop+0x40/0x90
[   91.890532][ T6015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.890547][ T6015] RIP: 0033:0x7f1606d5c84e
[   91.890562][ T6015] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   91.890576][ T6015] RSP: 002b:00007f1607cd7ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   91.890591][ T6015] RAX: ffffffffffffffda RBX: 00007f1607cd86c0 RCX: 00007f1606d5c84e
[   91.890601][ T6015] RDX: 0000000000000002 RSI: 00007f1607cd7f90 RDI: ffffffffffffff9c
[   91.890611][ T6015] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[   91.890620][ T6015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   91.890629][ T6015] R13: 00007f1607016128 R14: 00007f1607016090 R15: 00007ffc68526628
[   91.890648][ T6015]  </TASK>
[   92.775749][ T6001] netlink: 'syz.3.20': attribute type 1 has an invalid length.
[   93.062730][ T5142] Bluetooth: hci2: ACL packet for unknown connection handle 0
[   93.752774][ T6028] ubi0: attaching mtd0
[   93.838087][ T6028] ubi0: scanning is finished
[   93.872108][ T6028] ubi0: empty MTD device detected
[   94.176646][ T6038] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   94.466608][ T6028] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[   94.547792][ T6028] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[   94.613921][ T6028] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[   94.620937][ T6028] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[   94.699650][ T6028] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[   94.740515][ T6028] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[   94.791175][ T6028] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2630998222
[   94.854199][ T6028] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[   94.894356][ T6035] ubi0: detaching mtd0
[   94.898527][ T6045] ubi0: background thread "ubi_bgt0d" started, PID 6045
[   94.925732][ T6035] ubi0: mtd0 is detached
[   95.026637][ T6046] FAULT_INJECTION: forcing a failure.
[   95.026637][ T6046] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   95.081277][ T6046] CPU: 1 UID: 0 PID: 6046 Comm: syz.0.27 Not tainted syzkaller #0 PREEMPT(full) 
[   95.081309][ T6046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   95.081321][ T6046] Call Trace:
[   95.081329][ T6046]  <TASK>
[   95.081337][ T6046]  dump_stack_lvl+0x100/0x190
[   95.081377][ T6046]  should_fail_ex.cold+0x5/0xa
[   95.081402][ T6046]  ? prepare_alloc_pages+0x16d/0x5f0
[   95.081442][ T6046]  should_fail_alloc_page+0xeb/0x140
[   95.081479][ T6046]  prepare_alloc_pages+0x1f0/0x5f0
[   95.081523][ T6046]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[   95.081560][ T6046]  ? __lock_acquire+0x4a5/0x2630
[   95.081588][ T6046]  ? place_entity+0x2fa/0x400
[   95.081628][ T6046]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[   95.081660][ T6046]  ? __lock_acquire+0x4a5/0x2630
[   95.081688][ T6046]  ? finish_task_switch.isra.0+0x200/0xb80
[   95.081722][ T6046]  ? __lock_acquire+0x4a5/0x2630
[   95.081844][ T6046]  ? __lock_acquire+0x4a5/0x2630
[   95.081875][ T6046]  ? __sanitizer_cov_trace_switch+0x54/0x90
[   95.081915][ T6046]  ? policy_nodemask+0xed/0x4f0
[   95.081955][ T6046]  alloc_pages_mpol+0x1fb/0x550
[   95.081993][ T6046]  ? __pfx_alloc_pages_mpol+0x10/0x10
[   95.082039][ T6046]  folio_alloc_mpol_noprof+0x36/0x340
[   95.082067][ T6046]  vma_alloc_folio_noprof+0xed/0x1d0
[   95.082093][ T6046]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[   95.082117][ T6046]  ? rcu_read_unlock+0x2d/0xb0
[   95.082147][ T6046]  ? rcu_read_unlock+0x2d/0xb0
[   95.082177][ T6046]  ? __lock_acquire+0x4a5/0x2630
[   95.082210][ T6046]  do_wp_page+0x1eef/0x4f00
[   95.082260][ T6046]  ? __pfx_do_wp_page+0x10/0x10
[   95.082301][ T6046]  ? __pfx_do_raw_spin_lock+0x10/0x10
[   95.082345][ T6046]  __handle_mm_fault+0x1ac8/0x2b60
[   95.082381][ T6046]  ? reacquire_held_locks+0xce/0x1e0
[   95.082410][ T6046]  ? __pfx___handle_mm_fault+0x10/0x10
[   95.082443][ T6046]  ? lock_vma_under_rcu+0x17c/0x590
[   95.082491][ T6046]  handle_mm_fault+0x36d/0xa20
[   95.082529][ T6046]  do_user_addr_fault+0x5a3/0x12f0
[   95.082577][ T6046]  exc_page_fault+0x6f/0xd0
[   95.082606][ T6046]  asm_exc_page_fault+0x26/0x30
[   95.082632][ T6046] RIP: 0033:0x7fe42645077c
[   95.082654][ T6046] Code: 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00 49 89 34 c1 41 88 3c 00 31 c0 c3 66 90 41 38 3c 10 74 0b 41 88 3c 10 31 c0 <49> 89 34 d1 c3 b8 01 00 00 00 c3 66 0f 1f 84 00 00 00 00 00 48 83
[   95.082677][ T6046] RSP: 002b:00007ffdcf68cb98 EFLAGS: 00010246
[   95.082697][ T6046] RAX: 0000000000000000 RBX: ffffffff81c6733d RCX: ffffffff8b83b33d
[   95.082714][ T6046] RDX: 000000000000133d RSI: ffffffff81c6733d RDI: 0000000000000006
[   95.082729][ T6046] RBP: 0000000000000002 R08: 00007fe426800000 R09: 00007fe426802000
[   95.082745][ T6046] R10: 0000000081c67341 R11: 0000000000000006 R12: 00007fe426816128
[   95.082768][ T6046] R13: 0000000000000002 R14: ffffffff81c67e46 R15: 00007fe427345720
[   95.082785][ T6046]  ? kernel_clone+0x76/0x9a0
[   95.082814][ T6046]  ? copy_process+0x70ad/0x7a10
[   95.082844][ T6046]  ? mt_validate+0x101d/0x30b0
[   95.082871][ T6046]  ? copy_process+0x70ad/0x7a10
[   95.082903][ T6046]  </TASK>
[   95.083109][ T6046] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   95.721605][ T6054] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   95.769666][ T6062] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[   96.338742][ T5994] netdevsim netdevsim100: probe with driver netdevsim failed with error -12
[   97.518537][ T6083] FAULT_INJECTION: forcing a failure.
[   97.518537][ T6083] name failslab, interval 1, probability 0, space 0, times 0
[   97.821952][ T6083] CPU: 0 UID: 0 PID: 6083 Comm: syz.2.33 Not tainted syzkaller #0 PREEMPT(full) 
[   97.821990][ T6083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   97.822005][ T6083] Call Trace:
[   97.822014][ T6083]  <TASK>
[   97.822024][ T6083]  dump_stack_lvl+0x100/0x190
[   97.822067][ T6083]  should_fail_ex.cold+0x5/0xa
[   97.822094][ T6083]  should_failslab+0xc2/0x120
[   97.822133][ T6083]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[   97.822167][ T6083]  ? __d_alloc+0x34/0xa80
[   97.822203][ T6083]  ? __pfx_inode_set_ctime_to_ts+0x10/0x10
[   97.822244][ T6083]  ? lockdep_hardirqs_on+0x78/0x100
[   97.822274][ T6083]  __d_alloc+0x34/0xa80
[   97.822330][ T6083]  d_alloc+0x4a/0x1e0
[   97.822374][ T6083]  d_alloc_name+0x83/0xb0
[   97.822420][ T6083]  ? __pfx_d_alloc_name+0x10/0x10
[   97.822463][ T6083]  ? dput.part.0+0xdd/0x570
[   97.822495][ T6083]  simple_fill_super+0x4c3/0x680
[   97.822540][ T6083]  ? __pfx_nfsd_fill_super+0x10/0x10
[   97.822575][ T6083]  nfsd_fill_super+0x98/0x560
[   97.822604][ T6083]  ? __pfx_set_anon_super_fc+0x10/0x10
[   97.822638][ T6083]  ? __pfx_nfsd_fill_super+0x10/0x10
[   97.822671][ T6083]  get_tree_keyed+0x10e/0x1d0
[   97.822716][ T6083]  vfs_get_tree+0x92/0x320
[   97.822750][ T6083]  path_mount+0x7d0/0x23d0
[   97.822784][ T6083]  ? __pfx_path_mount+0x10/0x10
[   97.822808][ T6083]  ? lockdep_hardirqs_on+0x78/0x100
[   97.822841][ T6083]  ? putname+0xb1/0x110
[   97.822879][ T6083]  ? kmem_cache_free+0x124/0x6a0
[   97.822923][ T6083]  ? __x64_sys_mount+0x293/0x310
[   97.822947][ T6083]  __x64_sys_mount+0x293/0x310
[   97.822972][ T6083]  ? __pfx___x64_sys_mount+0x10/0x10
[   97.823010][ T6083]  do_syscall_64+0x106/0xf80
[   97.823038][ T6083]  ? clear_bhb_loop+0x40/0x90
[   97.823070][ T6083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.823099][ T6083] RIP: 0033:0x7f1606d9bf79
[   97.823123][ T6083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   97.823149][ T6083] RSP: 002b:00007f1607cb7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   97.823175][ T6083] RAX: ffffffffffffffda RBX: 00007f1607016180 RCX: 00007f1606d9bf79
[   97.823194][ T6083] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000
[   97.823213][ T6083] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[   97.823230][ T6083] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[   97.823246][ T6083] R13: 00007f1607016218 R14: 00007f1607016180 R15: 00007ffc68526628
[   97.823284][ T6083]  </TASK>
[   98.812047][ T6090] bcache: register_bcache() error : Not a bcache superblock (bad offset)
[   98.986648][ T6063] process 'syz.0.30' launched './file0' with NULL argv: empty string added
[  100.002291][ T6102] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  100.168810][ T6103] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.37: iget: checksum invalid
[  100.182166][ T6103] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  100.194259][ T6103] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.37: iget: checksum invalid
[  100.339756][ T6116] mmap: syz.0.39 (6116) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  100.432311][ T6103] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  100.443157][ T6103] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.37: iget: checksum invalid
[  100.516661][ T6103] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  100.534277][ T6103] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.37: iget: checksum invalid
[  100.561064][ T6103] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  100.769436][ T6103] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  100.882286][ T6103] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  102.173853][ T6152] FAULT_INJECTION: forcing a failure.
[  102.173853][ T6152] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  102.280788][ T6152] CPU: 0 UID: 0 PID: 6152 Comm: syz.0.44 Not tainted syzkaller #0 PREEMPT(full) 
[  102.280811][ T6152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  102.280821][ T6152] Call Trace:
[  102.280826][ T6152]  <TASK>
[  102.280832][ T6152]  dump_stack_lvl+0x100/0x190
[  102.280859][ T6152]  should_fail_ex.cold+0x5/0xa
[  102.280876][ T6152]  _copy_from_user+0x2e/0xd0
[  102.280892][ T6152]  do_pages_stat+0x194/0x7f0
[  102.280918][ T6152]  ? __pfx___futex_wait+0x10/0x10
[  102.280942][ T6152]  ? __pfx_do_pages_stat+0x10/0x10
[  102.280967][ T6152]  ? __lock_acquire+0x4a5/0x2630
[  102.280999][ T6152]  ? do_raw_spin_unlock+0x145/0x1e0
[  102.281022][ T6152]  kernel_move_pages+0xecf/0x13f0
[  102.281038][ T6152]  ? do_futex+0x192/0x350
[  102.281055][ T6152]  ? __pfx_do_futex+0x10/0x10
[  102.281072][ T6152]  ? __pfx_kernel_move_pages+0x10/0x10
[  102.281090][ T6152]  ? __x64_sys_futex+0x34f/0x4d0
[  102.281106][ T6152]  ? __x64_sys_futex+0x358/0x4d0
[  102.281143][ T6152]  ? xfd_validate_state+0x129/0x190
[  102.281182][ T6152]  __x64_sys_move_pages+0xe0/0x1c0
[  102.281208][ T6152]  ? do_syscall_64+0x95/0xf80
[  102.281235][ T6152]  ? lockdep_hardirqs_on+0x78/0x100
[  102.281255][ T6152]  do_syscall_64+0x106/0xf80
[  102.281270][ T6152]  ? clear_bhb_loop+0x40/0x90
[  102.281289][ T6152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  102.281305][ T6152] RIP: 0033:0x7fe42659bf79
[  102.281319][ T6152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  102.281333][ T6152] RSP: 002b:00007fe4274b2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  102.281348][ T6152] RAX: ffffffffffffffda RBX: 00007fe426816090 RCX: 00007fe42659bf79
[  102.281366][ T6152] RDX: 0000200000000180 RSI: 00000000000000a1 RDI: 0000000000000030
[  102.281375][ T6152] RBP: 00007fe4266327e0 R08: 0000200000000200 R09: 0000000000000000
[  102.281384][ T6152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  102.281393][ T6152] R13: 00007fe426816128 R14: 00007fe426816090 R15: 00007ffdcf68cb58
[  102.281413][ T6152]  </TASK>
[  102.533434][   T30] audit: type=1800 audit(1771078534.789:2): pid=6150 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.45" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  103.706961][ T6180] openvswitch: netlink: IP tunnel TTL not specified.
[  105.536872][ T5142] Bluetooth: hci1: unexpected subevent 0x04 length: 122 > 11
[  107.580484][ T6266] Invalid ELF header magic: != ELF
[  112.561670][ T6351] vhci_hcd vhci_hcd.2: invalid port number 16
[  112.575759][ T6351] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub
[  113.933561][ T6373] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff
[  115.275507][ T6376] netlink: 12 bytes leftover after parsing attributes in process `syz.1.75'.
[  115.427282][ T6376] i: entered promiscuous mode
[  116.769681][ T6407] ubi31: attaching mtd0
[  116.803635][ T6407] ubi31 error: validate_ec_hdr: bad VID header offset 64, expected 514
[  116.919825][ T6407] ubi31 error: validate_ec_hdr: bad EC header
[  116.946402][ T6407] Erase counter header dump:
[  116.952003][ T6409] netlink: 32 bytes leftover after parsing attributes in process `syz.3.81'.
[  116.963732][ T6407] 	magic          0x55424923
[  116.987033][ T6407] 	version        1
[  117.011445][ T6407] 	ec             1
[  117.026951][ T6407] 	vid_hdr_offset 64
[  117.035777][ T6407] 	data_offset    128
[  117.063646][ T6407] 	image_seq      -1663969074
[  117.091232][ T6407] 	hdr_crc        0xa522af17
[  117.101254][ T6407] erase counter header hexdump:
[  117.116722][ T6407] CPU: 0 UID: 0 PID: 6407 Comm: syz.3.81 Not tainted syzkaller #0 PREEMPT(full) 
[  117.116740][ T6407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  117.116749][ T6407] Call Trace:
[  117.116755][ T6407]  <TASK>
[  117.116762][ T6407]  dump_stack_lvl+0x100/0x190
[  117.116788][ T6407]  validate_ec_hdr+0x2d0/0x330
[  117.116814][ T6407]  ubi_io_read_ec_hdr+0x656/0x6d0
[  117.116833][ T6407]  ubi_attach+0x601/0x4d30
[  117.116859][ T6407]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  117.116876][ T6407]  ? ubi_msg+0x114/0x159
[  117.116897][ T6407]  ? __pfx_ubi_msg+0x10/0x10
[  117.116919][ T6407]  ? __pfx_ubi_attach+0x10/0x10
[  117.116936][ T6407]  ? lockdep_init_map_type+0x5c/0x250
[  117.116957][ T6407]  ? ubi_attach_mtd_dev+0x1353/0x32a0
[  117.116977][ T6407]  ? __vmalloc_node_noprof+0xad/0xf0
[  117.116992][ T6407]  ? ubi_attach_mtd_dev+0x1353/0x32a0
[  117.117013][ T6407]  ubi_attach_mtd_dev+0x139f/0x32a0
[  117.117042][ T6407]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  117.117065][ T6407]  ? __pfx_get_mtd_device+0x10/0x10
[  117.117085][ T6407]  ctrl_cdev_ioctl+0x36a/0x400
[  117.117105][ T6407]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  117.117130][ T6407]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  117.117151][ T6407]  __x64_sys_ioctl+0x18e/0x210
[  117.117172][ T6407]  do_syscall_64+0x106/0xf80
[  117.117198][ T6407]  ? clear_bhb_loop+0x40/0x90
[  117.117232][ T6407]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.117256][ T6407] RIP: 0033:0x7f0a4559bf79
[  117.117278][ T6407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  117.117297][ T6407] RSP: 002b:00007f0a46514028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  117.117312][ T6407] RAX: ffffffffffffffda RBX: 00007f0a45815fa0 RCX: 00007f0a4559bf79
[  117.117322][ T6407] RDX: 0000200000000000 RSI: 0000000040186f40 RDI: 0000000000000006
[  117.117332][ T6407] RBP: 00007f0a456327e0 R08: 0000000000000000 R09: 0000000000000000
[  117.117340][ T6407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  117.117349][ T6407] R13: 00007f0a45816038 R14: 00007f0a45815fa0 R15: 00007fff6438b838
[  117.117370][ T6407]  </TASK>
[  117.117384][ T6407] ubi31 error: ubi_io_read_ec_hdr: validation failed for PEB 0
[  117.638645][ T6407] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  117.944855][ T6418] netlink: 16 bytes leftover after parsing attributes in process `syz.3.82'.
[  118.450642][ T5142] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  118.450697][ T5142] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  118.467481][ T5142] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  118.467527][ T5142] Bluetooth: hci0: adv larger than maximum supported
[  118.475219][ T5142] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  118.483099][ T5142] Bluetooth: hci0: adv larger than maximum supported
[  118.490174][ T5142] Bluetooth: hci0: adv larger than maximum supported
[  118.497445][ T5142] Bluetooth: hci0: Malformed LE Event: 0x0d
[  119.934333][ T6448] Invalid ELF header magic: != ELF
[  121.484315][ T6457] mkiss: ax0: crc mode is auto.
[  121.678073][ T6478] netlink: 16 bytes leftover after parsing attributes in process `syz.0.94'.
[  122.058596][ T6487] zswap: compressor  not available
[  122.223605][ T6483] zswap: compressor  not available
[  123.417261][ T6515] netlink: 'syz.3.103': attribute type 11 has an invalid length.
[  123.723866][ T6517] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  123.730378][ T6517] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  123.812142][ T6517] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  123.848845][ T6517] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  123.858152][ T6517] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  123.916697][ T6517] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  123.943913][ T6517] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  123.960840][ T6517] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  123.974692][ T6517] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  123.991739][ T6517] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  124.015780][ T6517] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.057262][ T6517] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  124.471403][ T6526] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[  125.264569][ T6531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6
[  125.771890][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout
[  125.931277][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout
[  126.011611][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout
[  126.011732][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  127.876398][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  128.001339][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  128.082145][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.082341][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout
[  129.921532][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout
[  130.081265][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout
[  130.161525][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout
[  130.172912][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.001009][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  133.008784][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  135.181965][ T6702] vivid-007: =================  START STATUS  =================
[  135.203097][ T6702] vivid-007: Generate PTS: true
[  135.208247][ T6702] vivid-007: Generate SCR: true
[  135.219556][ T6702] tpg source WxH: 320x240 (Y'CbCr)
[  135.238695][ T6702] tpg field: 1
[  135.381795][ T6702] tpg crop: (0,0)/320x240
[  135.390020][ T6702] tpg compose: (0,0)/320x240
[  135.449229][ T6702] tpg colorspace: 8
[  135.466874][ T6702] tpg transfer function: 0/0
[  135.489903][ T6702] tpg Y'CbCr encoding: 0/0
[  135.543281][ T6702] tpg quantization: 0/0
[  135.576703][ T6702] tpg RGB range: 0/2
[  135.701247][ T6702] vivid-007: ==================  END STATUS  ==================
[  136.036308][ T6721] netlink: 'syz.2.148': attribute type 5 has an invalid length.
[  136.720036][ T6703] syz.1.144 uses obsolete (PF_INET,SOCK_PACKET)
[  140.657668][ T6789] netlink: 28 bytes leftover after parsing attributes in process `syz.3.164'.
[  140.672422][ T6789] veth1_macvtap: entered allmulticast mode
[  142.352136][ T6818] FAULT_INJECTION: forcing a failure.
[  142.352136][ T6818] name failslab, interval 1, probability 0, space 0, times 0
[  142.415632][ T6818] CPU: 0 UID: 0 PID: 6818 Comm: syz.1.168 Not tainted syzkaller #0 PREEMPT(full) 
[  142.415655][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  142.415665][ T6818] Call Trace:
[  142.415670][ T6818]  <TASK>
[  142.415677][ T6818]  dump_stack_lvl+0x100/0x190
[  142.415718][ T6818]  should_fail_ex.cold+0x5/0xa
[  142.415736][ T6818]  should_failslab+0xc2/0x120
[  142.415759][ T6818]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  142.415777][ T6818]  ? __proc_create+0x2cb/0x8c0
[  142.415798][ T6818]  __proc_create+0x2cb/0x8c0
[  142.415816][ T6818]  ? __pfx___proc_create+0x10/0x10
[  142.415836][ T6818]  ? _raw_write_unlock+0x28/0x50
[  142.415851][ T6818]  ? proc_register+0x559/0x8a0
[  142.415870][ T6818]  proc_create_reg+0x75/0x170
[  142.415892][ T6818]  proc_create_net_data+0x8e/0x1c0
[  142.415919][ T6818]  ? __pfx_proc_create_net_data+0x10/0x10
[  142.415951][ T6818]  ? net_generic+0xea/0x2a0
[  142.415993][ T6818]  nfs_fs_proc_net_init+0xf3/0x1e0
[  142.416033][ T6818]  nfs_net_init+0x130/0x340
[  142.416047][ T6818]  ? __pfx_nfs_net_init+0x10/0x10
[  142.416059][ T6818]  ops_init+0x1e2/0x5f0
[  142.416077][ T6818]  setup_net+0x118/0x3a0
[  142.416093][ T6818]  ? __pfx_setup_net+0x10/0x10
[  142.416108][ T6818]  ? lockdep_init_map_type+0x5c/0x250
[  142.416126][ T6818]  ? mutex_init_lockep+0x110/0x150
[  142.416147][ T6818]  copy_net_ns+0x46f/0x7c0
[  142.416166][ T6818]  create_new_namespaces+0x3ea/0xac0
[  142.416194][ T6818]  copy_namespaces+0x468/0x5e0
[  142.416209][ T6818]  copy_process+0x3226/0x7a10
[  142.416235][ T6818]  ? __pfx_copy_process+0x10/0x10
[  142.416251][ T6818]  ? find_held_lock+0x2b/0x80
[  142.416280][ T6818]  kernel_clone+0xfc/0x9a0
[  142.416294][ T6818]  ? __pfx_futex_wait+0x10/0x10
[  142.416315][ T6818]  ? __pfx_kernel_clone+0x10/0x10
[  142.416342][ T6818]  __do_sys_clone+0xd9/0x120
[  142.416358][ T6818]  ? __pfx___do_sys_clone+0x10/0x10
[  142.416374][ T6818]  ? __fget_files+0x21f/0x3d0
[  142.416408][ T6818]  do_syscall_64+0x106/0xf80
[  142.416423][ T6818]  ? clear_bhb_loop+0x40/0x90
[  142.416441][ T6818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.416456][ T6818] RIP: 0033:0x7f964e39bf79
[  142.416479][ T6818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.416494][ T6818] RSP: 002b:00007f964f1b3fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  142.416509][ T6818] RAX: ffffffffffffffda RBX: 00007f964e616090 RCX: 00007f964e39bf79
[  142.416518][ T6818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211
[  142.416527][ T6818] RBP: 00007f964e4327e0 R08: 0000000000000000 R09: 0000000000000000
[  142.416536][ T6818] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  142.416544][ T6818] R13: 00007f964e616128 R14: 00007f964e616090 R15: 00007ffddb878298
[  142.416564][ T6818]  </TASK>
[  142.713028][ T6821] FAULT_INJECTION: forcing a failure.
[  142.713028][ T6821] name failslab, interval 1, probability 0, space 0, times 0
[  142.727116][ T6821] CPU: 0 UID: 0 PID: 6821 Comm: syz.2.169 Not tainted syzkaller #0 PREEMPT(full) 
[  142.727139][ T6821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  142.727148][ T6821] Call Trace:
[  142.727154][ T6821]  <TASK>
[  142.727160][ T6821]  dump_stack_lvl+0x100/0x190
[  142.727187][ T6821]  should_fail_ex.cold+0x5/0xa
[  142.727205][ T6821]  ? security_inode_init_security+0x113/0x370
[  142.727223][ T6821]  should_failslab+0xc2/0x120
[  142.727245][ T6821]  __kmalloc_noprof+0xe0/0x850
[  142.727268][ T6821]  security_inode_init_security+0x113/0x370
[  142.727288][ T6821]  ? __pfx_shmem_initxattrs+0x10/0x10
[  142.727312][ T6821]  ? __pfx_security_inode_init_security+0x10/0x10
[  142.727336][ T6821]  shmem_mknod+0x229/0x3b0
[  142.727354][ T6821]  vfs_create+0x301/0x6c0
[  142.727373][ T6821]  filename_mknodat+0x2de/0x7f0
[  142.727398][ T6821]  ? __pfx_filename_mknodat+0x10/0x10
[  142.727419][ T6821]  ? strncpy_from_user+0x19d/0x2d0
[  142.727443][ T6821]  ? do_getname+0x191/0x390
[  142.727460][ T6821]  __x64_sys_mknod+0x8f/0xc0
[  142.727482][ T6821]  do_syscall_64+0x106/0xf80
[  142.727497][ T6821]  ? clear_bhb_loop+0x40/0x90
[  142.727525][ T6821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.727541][ T6821] RIP: 0033:0x7f1606d9bf79
[  142.727555][ T6821] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.727569][ T6821] RSP: 002b:00007f1607cd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  142.727584][ T6821] RAX: ffffffffffffffda RBX: 00007f1607016090 RCX: 00007f1606d9bf79
[  142.727594][ T6821] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  142.727602][ T6821] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[  142.727610][ T6821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  142.727618][ T6821] R13: 00007f1607016128 R14: 00007f1607016090 R15: 00007ffc68526628
[  142.727637][ T6821]  </TASK>
[  143.291656][ T6828] kvm: kvm [6825]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085)
[  143.512130][ T6826] KVM: debugfs: duplicate directory 6826-4
[  144.192663][ T6855] Console: switching to colour VGA+ 80x25
[  145.859160][ T6890] __vm_enough_memory: pid: 6890, comm: syz.2.183, bytes: 4398046511104 not enough memory for the allocation
[  146.070692][ T5142] Bluetooth: hci2: unexpected event for opcode 0x7c89
[  146.149278][ T5142] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  146.149316][ T5142] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  146.164784][ T5142] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  146.164832][ T5142] Bluetooth: hci2: adv larger than maximum supported
[  146.172585][ T5142] Bluetooth: hci2: Unknown advertising packet type: 0x5f
[  146.179316][ T5142] Bluetooth: hci2: adv larger than maximum supported
[  146.186448][ T5142] Bluetooth: hci2: Malformed LE Event: 0x0d
[  146.423044][ T6883] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.182: iget: checksum invalid
[  146.469009][ T6883] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  146.510534][ T6883] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.182: iget: checksum invalid
[  146.569162][ T6883] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  146.662210][ T6883] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.182: iget: checksum invalid
[  146.692633][ T6883] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  146.711416][ T6883] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.182: iget: checksum invalid
[  146.726503][ T6883] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  146.738620][ T6883] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  146.748773][ T6883] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  147.926027][ T6893] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  147.953170][ T6893] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  147.961093][ T6893] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  147.975462][ T6893] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  147.982601][ T6931] FAULT_INJECTION: forcing a failure.
[  147.982601][ T6931] name failslab, interval 1, probability 0, space 0, times 0
[  148.021449][ T6931] CPU: 0 UID: 0 PID: 6931 Comm: syz.3.192 Not tainted syzkaller #0 PREEMPT(full) 
[  148.021478][ T6931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  148.021488][ T6931] Call Trace:
[  148.021494][ T6931]  <TASK>
[  148.021501][ T6931]  dump_stack_lvl+0x100/0x190
[  148.021529][ T6931]  should_fail_ex.cold+0x5/0xa
[  148.021547][ T6931]  ? lsm_blob_alloc+0x68/0x90
[  148.021565][ T6931]  should_failslab+0xc2/0x120
[  148.021588][ T6931]  __kmalloc_noprof+0xe0/0x850
[  148.021606][ T6931]  ? trace_kmalloc+0x101/0x130
[  148.021631][ T6931]  lsm_blob_alloc+0x68/0x90
[  148.021649][ T6931]  security_sk_alloc+0x2d/0x290
[  148.021671][ T6931]  sk_prot_alloc+0x12a/0x2a0
[  148.021693][ T6931]  sk_alloc+0x36/0xe80
[  148.021717][ T6931]  __netlink_create+0x5e/0x2c0
[  148.021739][ T6931]  ? __wake_up+0x3f/0x60
[  148.021755][ T6931]  netlink_create+0x293/0x610
[  148.021769][ T6931]  ? __pfx_genl_bind+0x10/0x10
[  148.021785][ T6931]  ? __pfx_genl_unbind+0x10/0x10
[  148.021801][ T6931]  ? __pfx_genl_release+0x10/0x10
[  148.021821][ T6931]  __sock_create+0x339/0x860
[  148.021844][ T6931]  __sys_socket+0x14d/0x260
[  148.021863][ T6931]  ? exc_page_fault+0x6f/0xd0
[  148.021878][ T6931]  ? __pfx___sys_socket+0x10/0x10
[  148.021900][ T6931]  ? do_user_addr_fault+0x8d6/0x12f0
[  148.021924][ T6931]  __x64_sys_socket+0x72/0xb0
[  148.021944][ T6931]  ? lockdep_hardirqs_on+0x78/0x100
[  148.021960][ T6931]  do_syscall_64+0x106/0xf80
[  148.021975][ T6931]  ? clear_bhb_loop+0x40/0x90
[  148.021993][ T6931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.022008][ T6931] RIP: 0033:0x7f0a4559d807
[  148.022022][ T6931] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.022036][ T6931] RSP: 002b:00007f0a46512f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  148.022055][ T6931] RAX: ffffffffffffffda RBX: 00007f0a45815fa0 RCX: 00007f0a4559d807
[  148.022065][ T6931] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  148.022074][ T6931] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  148.022083][ T6931] R10: 0000200000000d80 R11: 0000000000000286 R12: 0000000000000000
[  148.022092][ T6931] R13: 00007f0a45816038 R14: 00007f0a45815fa0 R15: 00007fff6438b838
[  148.022112][ T6931]  </TASK>
[  148.314544][ T6935] netlink: 'syz.2.193': attribute type 1 has an invalid length.
[  148.561358][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout
[  148.578498][ T6937] phram: not enough arguments
[  150.009527][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout
[  150.015833][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout
[  150.021878][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout
[  150.754475][ T6988] futex_wake_op: syz.0.206 tries to shift op by -2048; fix this program
[  150.783904][ T6988] futex_wake_op: syz.0.206 tries to shift op by -2048; fix this program
[  153.003721][ T7033] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  153.057681][ T7033] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  153.082764][ T7033] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  153.090176][ T7033] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  154.811386][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  155.121256][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout
[  155.128290][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout
[  155.135702][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  155.208299][ T7091] ima: policy update failed
[  155.239853][   T30] audit: type=1802 audit(1771078587.479:3): pid=7091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.222" res=0 errno=0
[  155.437058][ T7080] Process accounting resumed
[  155.685688][   T51] Bluetooth: hci1: unknown advertising packet type: 0xea
[  158.671081][ T7162] FAULT_INJECTION: forcing a failure.
[  158.671081][ T7162] name failslab, interval 1, probability 0, space 0, times 0
[  158.769363][ T7162] CPU: 1 UID: 0 PID: 7162 Comm: syz.3.239 Not tainted syzkaller #0 PREEMPT(full) 
[  158.769401][ T7162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  158.769419][ T7162] Call Trace:
[  158.769429][ T7162]  <TASK>
[  158.769440][ T7162]  dump_stack_lvl+0x100/0x190
[  158.769486][ T7162]  should_fail_ex.cold+0x5/0xa
[  158.769519][ T7162]  should_failslab+0xc2/0x120
[  158.769566][ T7162]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  158.769601][ T7162]  ? security_inode_alloc+0x3b/0x2c0
[  158.769643][ T7162]  ? lockdep_init_map_type+0x5c/0x250
[  158.769684][ T7162]  security_inode_alloc+0x3b/0x2c0
[  158.769725][ T7162]  inode_init_always_gfp+0xced/0x1040
[  158.769769][ T7162]  alloc_inode+0x8e/0x250
[  158.769800][ T7162]  new_inode+0x22/0x1c0
[  158.769835][ T7162]  __debugfs_create_file+0x105/0x4f0
[  158.769873][ T7162]  debugfs_create_file_full+0x41/0x60
[  158.769909][ T7162]  kvm_dev_ioctl+0x16f1/0x1a80
[  158.769952][ T7162]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  158.769996][ T7162]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  158.770029][ T7162]  __x64_sys_ioctl+0x18e/0x210
[  158.770065][ T7162]  do_syscall_64+0x106/0xf80
[  158.770094][ T7162]  ? clear_bhb_loop+0x40/0x90
[  158.770129][ T7162]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.770167][ T7162] RIP: 0033:0x7f0a4559bf79
[  158.770192][ T7162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  158.770220][ T7162] RSP: 002b:00007f0a46514028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.770247][ T7162] RAX: ffffffffffffffda RBX: 00007f0a45815fa0 RCX: 00007f0a4559bf79
[  158.770265][ T7162] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002
[  158.770281][ T7162] RBP: 00007f0a456327e0 R08: 0000000000000000 R09: 0000000000000000
[  158.770297][ T7162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  158.770314][ T7162] R13: 00007f0a45816038 R14: 00007f0a45815fa0 R15: 00007fff6438b838
[  158.770353][ T7162]  </TASK>
[  158.974167][ T7162] debugfs: out of free dentries, can not create file 'invlpg'
[  159.516820][ T7152] kexec: Could not allocate control_code_buffer
[  159.576855][ T7177] netlink: 'syz.3.240': attribute type 1 has an invalid length.
[  159.723857][ T7180] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  160.366495][ T7201] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  162.208583][ T7248] random: crng reseeded on system resumption
[  162.955504][ T7254] FAULT_INJECTION: forcing a failure.
[  162.955504][ T7254] name failslab, interval 1, probability 0, space 0, times 0
[  162.968855][ T7254] CPU: 0 UID: 0 PID: 7254 Comm: syz.1.252 Not tainted syzkaller #0 PREEMPT(full) 
[  162.968878][ T7254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  162.968887][ T7254] Call Trace:
[  162.968892][ T7254]  <TASK>
[  162.968898][ T7254]  dump_stack_lvl+0x100/0x190
[  162.968924][ T7254]  should_fail_ex.cold+0x5/0xa
[  162.968942][ T7254]  should_failslab+0xc2/0x120
[  162.968964][ T7254]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  162.968982][ T7254]  ? alloc_empty_file+0x55/0x1c0
[  162.968997][ T7254]  ? __pfx_stack_trace_save+0x10/0x10
[  162.969023][ T7254]  alloc_empty_file+0x55/0x1c0
[  162.969038][ T7254]  path_openat+0xe8/0x31a0
[  162.969067][ T7254]  ? kasan_save_stack+0x3f/0x50
[  162.969086][ T7254]  ? kasan_save_stack+0x30/0x50
[  162.969104][ T7254]  ? kasan_save_track+0x14/0x30
[  162.969123][ T7254]  ? __kasan_slab_alloc+0x89/0x90
[  162.969142][ T7254]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  162.969160][ T7254]  ? do_getname+0x35/0x390
[  162.969173][ T7254]  ? do_sys_openat2+0xc5/0x1e0
[  162.969188][ T7254]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.969206][ T7254]  ? __pfx_path_openat+0x10/0x10
[  162.969233][ T7254]  do_file_open+0x20e/0x430
[  162.969255][ T7254]  ? __pfx_do_file_open+0x10/0x10
[  162.969289][ T7254]  ? alloc_fd+0x476/0x790
[  162.969311][ T7254]  ? do_getname+0x191/0x390
[  162.969327][ T7254]  do_sys_openat2+0x10d/0x1e0
[  162.969343][ T7254]  ? __pfx_do_sys_openat2+0x10/0x10
[  162.969360][ T7254]  ? __fget_files+0x21f/0x3d0
[  162.969383][ T7254]  __x64_sys_openat+0x12d/0x210
[  162.969399][ T7254]  ? __pfx___x64_sys_openat+0x10/0x10
[  162.969422][ T7254]  do_syscall_64+0x106/0xf80
[  162.969437][ T7254]  ? clear_bhb_loop+0x40/0x90
[  162.969455][ T7254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.969469][ T7254] RIP: 0033:0x7f964e39bf79
[  162.969483][ T7254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.969496][ T7254] RSP: 002b:00007f964f1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  162.969511][ T7254] RAX: ffffffffffffffda RBX: 00007f964e615fa0 RCX: 00007f964e39bf79
[  162.969521][ T7254] RDX: 0000000000080000 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  162.969530][ T7254] RBP: 00007f964e4327e0 R08: 0000000000000000 R09: 0000000000000000
[  162.969538][ T7254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.969546][ T7254] R13: 00007f964e616038 R14: 00007f964e615fa0 R15: 00007ffddb878298
[  162.969565][ T7254]  </TASK>
[  162.971244][   T51] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  163.219713][   T51] Bluetooth: hci0: unexpected subevent 0x06 length: 725 > 10
[  165.281244][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  166.922495][ T7308] program syz.2.262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.026199][ T7376] netlink: 28 bytes leftover after parsing attributes in process `syz.0.276'.
[  171.128257][ T7376] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.136117][ T7376] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.180239][ T7376] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.196940][ T7376] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.502493][ T7395] vivid-007: =================  START STATUS  =================
[  172.588239][ T7395] vivid-007: Generate PTS: true
[  172.616589][ T7395] vivid-007: Generate SCR: true
[  172.668622][ T7395] tpg source WxH: 320x240 (Y'CbCr)
[  172.685502][ T7395] tpg field: 1
[  172.699071][ T7395] tpg crop: (0,0)/320x240
[  172.784266][ T7395] tpg compose: (0,0)/320x240
[  172.843118][ T7395] tpg colorspace: 8
[  172.846978][ T7395] tpg transfer function: 0/0
[  172.972556][ T7395] tpg Y'CbCr encoding: 0/0
[  173.066800][ T7395] tpg quantization: 0/0
[  173.071093][ T7395] tpg RGB range: 0/2
[  173.179848][ T7395] vivid-007: ==================  END STATUS  ==================
[  173.478574][ T7413] FAULT_INJECTION: forcing a failure.
[  173.478574][ T7413] name failslab, interval 1, probability 0, space 0, times 0
[  173.531637][ T7413] CPU: 0 UID: 0 PID: 7413 Comm: syz.2.283 Not tainted syzkaller #0 PREEMPT(full) 
[  173.531661][ T7413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  173.531670][ T7413] Call Trace:
[  173.531676][ T7413]  <TASK>
[  173.531682][ T7413]  dump_stack_lvl+0x100/0x190
[  173.531710][ T7413]  should_fail_ex.cold+0x5/0xa
[  173.531727][ T7413]  should_failslab+0xc2/0x120
[  173.531749][ T7413]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  173.531768][ T7413]  ? create_new_namespaces+0x30/0xac0
[  173.531791][ T7413]  ? rcu_is_watching+0x12/0xc0
[  173.531814][ T7413]  create_new_namespaces+0x30/0xac0
[  173.531836][ T7413]  ? bpf_lsm_capable+0x9/0x10
[  173.531857][ T7413]  ? security_capable+0x80/0x260
[  173.531879][ T7413]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  173.531896][ T7413]  ksys_unshare+0x455/0xab0
[  173.531915][ T7413]  ? __pfx_ksys_unshare+0x10/0x10
[  173.531939][ T7413]  __x64_sys_unshare+0x31/0x40
[  173.531956][ T7413]  do_syscall_64+0x106/0xf80
[  173.531971][ T7413]  ? clear_bhb_loop+0x40/0x90
[  173.531989][ T7413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.532004][ T7413] RIP: 0033:0x7f1606d9bf79
[  173.532017][ T7413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.532032][ T7413] RSP: 002b:00007f1607cf9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  173.532046][ T7413] RAX: ffffffffffffffda RBX: 00007f1607015fa0 RCX: 00007f1606d9bf79
[  173.532056][ T7413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  173.532064][ T7413] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[  173.532072][ T7413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  173.532080][ T7413] R13: 00007f1607016038 R14: 00007f1607015fa0 R15: 00007ffc68526628
[  173.532099][ T7413]  </TASK>
[  174.459755][ T7425] __vm_enough_memory: pid: 7425, comm: syz.2.286, bytes: 4398046511104 not enough memory for the allocation
[  176.046826][ T7436] netlink: 12 bytes leftover after parsing attributes in process `syz.2.288'.
[  180.471821][ T7511] bridge0: port 3(team0) entered blocking state
[  180.501582][ T7511] bridge0: port 3(team0) entered disabled state
[  180.508073][ T7511] team0: entered allmulticast mode
[  180.565766][ T7511] team_slave_0: entered allmulticast mode
[  180.592434][ T7511] team_slave_1: entered allmulticast mode
[  180.626963][ T7511] team0: entered promiscuous mode
[  180.648308][ T7511] team_slave_0: entered promiscuous mode
[  180.692915][ T7511] team_slave_1: entered promiscuous mode
[  180.724186][ T7511] bridge0: port 3(team0) entered blocking state
[  180.731039][ T7511] bridge0: port 3(team0) entered forwarding state
[  181.820715][ T7538] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.311: iget: checksum invalid
[  181.878823][ T7538] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  181.983669][ T7538] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.311: iget: checksum invalid
[  182.073982][ T7538] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  182.151976][ T7538] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.311: iget: checksum invalid
[  182.251867][ T7538] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  182.268933][ T7538] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.311: iget: checksum invalid
[  182.331782][ T7538] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  182.341416][ T7538] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  182.386602][   T30] audit: type=1800 audit(1771078614.639:4): pid=7553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.316" name="features" dev="configfs" ino=16782 res=0 errno=0
[  182.468588][ T7538] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  187.340523][ T7657] loop6: detected capacity change from 0 to 4194304
[  188.265387][ T7677] zswap: compressor  not available
[  188.796377][ T7683] binder: 7682:7683 ioctl c018620c 0 returned -1
[  190.270551][ T7711] zswap: compressor Åz not available
[  190.795665][ T7733] netlink: 342 bytes leftover after parsing attributes in process `syz.0.351'.
[  191.500436][ T7753] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.768), cmd(4)
[  191.522882][ T7751] netlink: 266 bytes leftover after parsing attributes in process `syz.0.356'.
[  191.532286][ T7751] IPv6: NLM_F_CREATE should be specified when creating new route
[  191.780088][ T7757] netlink: 342 bytes leftover after parsing attributes in process `syz.0.357'.
[  191.793890][ T7757] IPv6: NLM_F_CREATE should be specified when creating new route
[  191.802432][ T7757] IPv6: Can't replace route, no match found
[  191.810410][ T7757] netlink: 342 bytes leftover after parsing attributes in process `syz.0.357'.
[  191.822194][ T7757] IPv6: Can't replace route, no match found
[  191.911722][ T7758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.357'.
[  193.864749][ T7792] netlink: 28 bytes leftover after parsing attributes in process `syz.0.364'.
[  194.407642][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.414063][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  194.433432][ T7804] random: crng reseeded on system resumption
[  195.606247][ T7831] futex_wake_op: syz.3.373 tries to shift op by -2048; fix this program
[  195.615177][ T7831] futex_wake_op: syz.3.373 tries to shift op by -2048; fix this program
[  195.638341][ T7831] 0x000000000001-0x000000020000 : ""
[  195.902550][ T7831] ftl_cs: FTL header corrupt!
[  196.966415][   T30] audit: type=1800 audit(1771078629.219:5): pid=7856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.378" name="dbroot" dev="configfs" ino=18318 res=0 errno=0
[  200.278380][ T7907] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  200.332388][ T7907] CIFS mount error: No usable UNC path provided in device string!
[  200.332388][ T7907] 
[  200.361402][ T7907] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  202.442318][ T7969] WARNING! power/level is deprecated; use power/control instead
[  202.725504][ T7979] random: crng reseeded on system resumption
[  205.794344][ T8033] binder_alloc: binder_alloc_mmap_handler: 8030 0-4001000 already mapped failed -16
[  205.872565][ T8033] binder_alloc: binder_alloc_mmap_handler: 8030 0-4001000 already mapped failed -16
[  206.076360][   T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  206.086070][   T51] Bluetooth: hci2: Invalid handle: 0x3a4a > 0x0eff
[  206.162310][ T8043] netlink: 4 bytes leftover after parsing attributes in process `syz.0.420'.
[  207.129169][ T8060] bond0: no command found in slaves file - use +ifname or -ifname
[  208.725621][ T8078] NFSD: Failed to start, no listeners configured.
[  211.519542][ T8126] netlink: 16 bytes leftover after parsing attributes in process `syz.3.438'.
[  213.740112][ T8167] netlink: 8 bytes leftover after parsing attributes in process `syz.2.446'.
[  214.153404][ T8178] netlink: 342 bytes leftover after parsing attributes in process `syz.0.451'.
[  214.172455][ T8175] random: crng reseeded on system resumption
[  214.181403][ T8178] IPv6: NLM_F_REPLACE set, but no existing node found!
[  215.629939][ T8201] usb usb3: usbfs: process 8201 (syz.2.456) did not claim interface 0 before use
[  216.731404][   T30] audit: type=1800 audit(1771078648.989:6): pid=8228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.462" name="dbroot" dev="configfs" ino=19430 res=0 errno=0
[  216.736105][ T8228] netlink: 12 bytes leftover after parsing attributes in process `syz.3.462'.
[  218.929901][ T8253] Invalid ELF header magic: != ELF
[  219.038055][ T8260] FAULT_INJECTION: forcing a failure.
[  219.038055][ T8260] name failslab, interval 1, probability 0, space 0, times 0
[  219.072343][ T8260] CPU: 0 UID: 0 PID: 8260 Comm: syz.3.468 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  219.072370][ T8260] Tainted: [L]=SOFTLOCKUP
[  219.072375][ T8260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  219.072384][ T8260] Call Trace:
[  219.072390][ T8260]  <TASK>
[  219.072397][ T8260]  dump_stack_lvl+0x100/0x190
[  219.072424][ T8260]  should_fail_ex.cold+0x5/0xa
[  219.072442][ T8260]  should_failslab+0xc2/0x120
[  219.072464][ T8260]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  219.072484][ T8260]  ? shmem_alloc_inode+0x25/0x50
[  219.072509][ T8260]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  219.072532][ T8260]  shmem_alloc_inode+0x25/0x50
[  219.072554][ T8260]  alloc_inode+0x68/0x250
[  219.072570][ T8260]  new_inode+0x22/0x1c0
[  219.072587][ T8260]  shmem_get_inode+0x197/0xf30
[  219.072603][ T8260]  ? __vm_enough_memory+0x184/0x390
[  219.072628][ T8260]  __shmem_file_setup+0x279/0x330
[  219.072645][ T8260]  shmem_zero_setup+0x93/0x1b0
[  219.072667][ T8260]  __mmap_region+0x20b5/0x2760
[  219.072688][ T8260]  ? __pfx___mmap_region+0x10/0x10
[  219.072732][ T8260]  ? finish_task_switch.isra.0+0x205/0xb80
[  219.072747][ T8260]  ? lockdep_hardirqs_on+0x78/0x100
[  219.072765][ T8260]  ? finish_task_switch.isra.0+0x205/0xb80
[  219.072816][ T8260]  ? rcu_is_watching+0x12/0xc0
[  219.072836][ T8260]  ? cap_capable+0x107/0x460
[  219.072863][ T8260]  mmap_region+0x180/0x3e0
[  219.072885][ T8260]  do_mmap+0xc63/0x12f0
[  219.072910][ T8260]  ? __pfx_do_mmap+0x10/0x10
[  219.072932][ T8260]  ? __pfx_down_write_killable+0x10/0x10
[  219.072950][ T8260]  ? rcu_read_lock_any_held+0x6a/0xa0
[  219.072975][ T8260]  vm_mmap_pgoff+0x29e/0x470
[  219.073000][ T8260]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  219.073026][ T8260]  ? __x64_sys_futex+0x34f/0x4d0
[  219.073043][ T8260]  ? __x64_sys_futex+0x358/0x4d0
[  219.073062][ T8260]  ksys_mmap_pgoff+0x7d/0x5b0
[  219.073086][ T8260]  __x64_sys_mmap+0x125/0x190
[  219.073115][ T8260]  do_syscall_64+0x106/0xf80
[  219.073131][ T8260]  ? clear_bhb_loop+0x40/0x90
[  219.073150][ T8260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.073165][ T8260] RIP: 0033:0x7f0a4559bf79
[  219.073180][ T8260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  219.073194][ T8260] RSP: 002b:00007f0a46514028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  219.073208][ T8260] RAX: ffffffffffffffda RBX: 00007f0a45815fa0 RCX: 00007f0a4559bf79
[  219.073218][ T8260] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  219.073228][ T8260] RBP: 00007f0a456327e0 R08: fffffffffffffffa R09: 0000000000008000
[  219.073237][ T8260] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  219.073246][ T8260] R13: 00007f0a45816038 R14: 00007f0a45815fa0 R15: 00007fff6438b838
[  219.073265][ T8260]  </TASK>
[  222.414933][ T8306] netlink: 'syz.2.479': attribute type 1 has an invalid length.
[  222.431351][ T8306] netlink: 33 bytes leftover after parsing attributes in process `syz.2.479'.
[  222.643446][ T8316] syz.1.480(8316): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  223.128615][ T8317] FAULT_INJECTION: forcing a failure.
[  223.128615][ T8317] name failslab, interval 1, probability 0, space 0, times 0
[  223.201612][ T8317] CPU: 1 UID: 0 PID: 8317 Comm: syz.2.479 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  223.201656][ T8317] Tainted: [L]=SOFTLOCKUP
[  223.201665][ T8317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  223.201679][ T8317] Call Trace:
[  223.201687][ T8317]  <TASK>
[  223.201697][ T8317]  dump_stack_lvl+0x100/0x190
[  223.201742][ T8317]  should_fail_ex.cold+0x5/0xa
[  223.201784][ T8317]  should_failslab+0xc2/0x120
[  223.201828][ T8317]  __kmalloc_cache_noprof+0x7a/0x6f0
[  223.201859][ T8317]  ? file_f_owner_allocate+0x84/0x130
[  223.201897][ T8317]  file_f_owner_allocate+0x84/0x130
[  223.201928][ T8317]  do_fcntl+0x1025/0x1670
[  223.201959][ T8317]  ? __pfx_do_fcntl+0x10/0x10
[  223.201986][ T8317]  ? __fget_files+0x215/0x3d0
[  223.202036][ T8317]  ? tomoyo_file_fcntl+0x6c/0xc0
[  223.202078][ T8317]  __x64_sys_fcntl+0x163/0x200
[  223.202112][ T8317]  do_syscall_64+0x106/0xf80
[  223.202141][ T8317]  ? clear_bhb_loop+0x40/0x90
[  223.202175][ T8317]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.202203][ T8317] RIP: 0033:0x7f1606d9bf79
[  223.202226][ T8317] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  223.202253][ T8317] RSP: 002b:00007f1607cd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  223.202280][ T8317] RAX: ffffffffffffffda RBX: 00007f1607016090 RCX: 00007f1606d9bf79
[  223.202298][ T8317] RDX: 0000000000000002 RSI: 000000000000000a RDI: 0000000000000005
[  223.202314][ T8317] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[  223.202331][ T8317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  223.202347][ T8317] R13: 00007f1607016128 R14: 00007f1607016090 R15: 00007ffc68526628
[  223.202384][ T8317]  </TASK>
[  223.977924][ T8341] netlink: 28 bytes leftover after parsing attributes in process `syz.1.487'.
[  225.658101][ T8371] blktrace: Concurrent blktraces are not allowed on loop2
[  228.052304][ T8404] netlink: zone id is out of range
[  228.057584][ T8404] netlink: zone id is out of range
[  228.062887][ T8404] netlink: zone id is out of range
[  228.068044][ T8404] netlink: zone id is out of range
[  228.126205][ T8404] netlink: zone id is out of range
[  228.177008][ T8404] netlink: zone id is out of range
[  228.201034][ T8404] netlink: zone id is out of range
[  228.206221][ T8404] netlink: zone id is out of range
[  228.211619][ T8404] netlink: zone id is out of range
[  228.297168][ T8404] netlink: zone id is out of range
[  229.096938][ T8426] netlink: 980 bytes leftover after parsing attributes in process `syz.2.501'.
[  229.645152][ T8442] ptp ptp0: new virtual clock ptp1
[  229.711110][ T8442] ptp ptp0: guarantee physical clock free running
[  229.730681][ T8445] ptp ptp0: delete virtual clock ptp1
[  229.789354][ T8445] ptp ptp0: only physical clock in use now
[  232.115958][ T8468] NFSD: Failed to start, no listeners configured.
[  236.640602][ T8558] netlink: 'syz.3.528': attribute type 1 has an invalid length.
[  237.388484][ T8583] FAULT_INJECTION: forcing a failure.
[  237.388484][ T8583] name failslab, interval 1, probability 0, space 0, times 0
[  237.446629][ T8583] CPU: 0 UID: 0 PID: 8583 Comm: syz.3.533 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.446661][ T8583] Tainted: [L]=SOFTLOCKUP
[  237.446666][ T8583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  237.446675][ T8583] Call Trace:
[  237.446681][ T8583]  <TASK>
[  237.446687][ T8583]  dump_stack_lvl+0x100/0x190
[  237.446713][ T8583]  should_fail_ex.cold+0x5/0xa
[  237.446731][ T8583]  ? lsm_blob_alloc+0x68/0x90
[  237.446748][ T8583]  should_failslab+0xc2/0x120
[  237.446771][ T8583]  __kmalloc_noprof+0xe0/0x850
[  237.446789][ T8583]  ? trace_kmalloc+0x101/0x130
[  237.446813][ T8583]  lsm_blob_alloc+0x68/0x90
[  237.446831][ T8583]  security_sk_alloc+0x2d/0x290
[  237.446853][ T8583]  sk_prot_alloc+0x12a/0x2a0
[  237.446874][ T8583]  sk_alloc+0x36/0xe80
[  237.446897][ T8583]  __netlink_create+0x5e/0x2c0
[  237.446920][ T8583]  ? __wake_up+0x3f/0x60
[  237.446936][ T8583]  netlink_create+0x293/0x610
[  237.446950][ T8583]  ? __pfx_genl_bind+0x10/0x10
[  237.446966][ T8583]  ? __pfx_genl_unbind+0x10/0x10
[  237.446982][ T8583]  ? __pfx_genl_release+0x10/0x10
[  237.447003][ T8583]  __sock_create+0x339/0x860
[  237.447026][ T8583]  __sys_socket+0x14d/0x260
[  237.447046][ T8583]  ? __pfx___sys_socket+0x10/0x10
[  237.447072][ T8583]  __x64_sys_socket+0x72/0xb0
[  237.447091][ T8583]  ? lockdep_hardirqs_on+0x78/0x100
[  237.447106][ T8583]  do_syscall_64+0x106/0xf80
[  237.447121][ T8583]  ? clear_bhb_loop+0x40/0x90
[  237.447139][ T8583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.447154][ T8583] RIP: 0033:0x7f0a4559bf79
[  237.447168][ T8583] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.447182][ T8583] RSP: 002b:00007f0a464f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  237.447196][ T8583] RAX: ffffffffffffffda RBX: 00007f0a45816090 RCX: 00007f0a4559bf79
[  237.447206][ T8583] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  237.447214][ T8583] RBP: 00007f0a456327e0 R08: 0000000000000000 R09: 0000000000000000
[  237.447222][ T8583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.447235][ T8583] R13: 00007f0a45816128 R14: 00007f0a45816090 R15: 00007fff6438b838
[  237.447254][ T8583]  </TASK>
[  238.695074][ T8606] netlink: 16 bytes leftover after parsing attributes in process `syz.0.539'.
[  241.217423][ T8660] net_ratelimit: 2278 callbacks suppressed
[  241.217446][ T8660] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  241.271919][ T8654] Invalid ELF header magic: != ELF
[  242.783154][ T8697] futex_wake_op: syz.3.558 tries to shift op by -2048; fix this program
[  244.891197][ T8717] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  244.925375][ T8702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8
[  245.045343][ T8717] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  245.112829][ T8717] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  245.118988][ T8717] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  246.062620][ T8740] FAULT_INJECTION: forcing a failure.
[  246.062620][ T8740] name fail_futex, interval 1, probability 0, space 0, times 1
[  246.152020][ T8740] CPU: 0 UID: 0 PID: 8740 Comm: syz.1.567 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  246.152060][ T8740] Tainted: [L]=SOFTLOCKUP
[  246.152068][ T8740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  246.152087][ T8740] Call Trace:
[  246.152095][ T8740]  <TASK>
[  246.152105][ T8740]  dump_stack_lvl+0x100/0x190
[  246.152145][ T8740]  should_fail_ex.cold+0x5/0xa
[  246.152176][ T8740]  get_futex_key+0x106f/0x1620
[  246.152208][ T8740]  ? __pfx_get_futex_key+0x10/0x10
[  246.152231][ T8740]  ? lock_acquire+0x1cf/0x380
[  246.152273][ T8740]  futex_wake+0xea/0x530
[  246.152310][ T8740]  ? __pfx_futex_wake+0x10/0x10
[  246.152344][ T8740]  ? exit_mm_release+0x19/0x30
[  246.152383][ T8740]  do_futex+0x32b/0x350
[  246.152413][ T8740]  ? __pfx_do_futex+0x10/0x10
[  246.152439][ T8740]  ? __might_fault+0xc5/0x140
[  246.152485][ T8740]  mm_release+0x24a/0x2f0
[  246.152509][ T8740]  do_exit+0x675/0x2a90
[  246.152542][ T8740]  ? __pfx_do_exit+0x10/0x10
[  246.152570][ T8740]  ? do_raw_spin_lock+0x128/0x260
[  246.152601][ T8740]  ? find_held_lock+0x2b/0x80
[  246.152632][ T8740]  ? get_signal+0x7e0/0x21e0
[  246.152658][ T8740]  do_group_exit+0xd5/0x2a0
[  246.152690][ T8740]  get_signal+0x1ec7/0x21e0
[  246.152728][ T8740]  ? __pfx_get_signal+0x10/0x10
[  246.152754][ T8740]  ? do_futex+0x192/0x350
[  246.152787][ T8740]  arch_do_signal_or_restart+0x91/0x770
[  246.152817][ T8740]  ? find_held_lock+0x2b/0x80
[  246.152852][ T8740]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  246.152892][ T8740]  ? __pfx___x64_sys_futex+0x10/0x10
[  246.152928][ T8740]  exit_to_user_mode_loop+0x86/0x4a0
[  246.152963][ T8740]  do_syscall_64+0x668/0xf80
[  246.152989][ T8740]  ? clear_bhb_loop+0x40/0x90
[  246.153021][ T8740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.153047][ T8740] RIP: 0033:0x7f964e39bf79
[  246.153068][ T8740] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  246.153091][ T8740] RSP: 002b:00007f964f1720e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  246.153122][ T8740] RAX: fffffffffffffe00 RBX: 00007f964e616278 RCX: 00007f964e39bf79
[  246.153139][ T8740] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f964e616278
[  246.153154][ T8740] RBP: 00007f964e616270 R08: 0000000000000000 R09: 0000000000000000
[  246.153169][ T8740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  246.153183][ T8740] R13: 00007f964e616308 R14: 00007ffddb8781b0 R15: 00007ffddb878298
[  246.153218][ T8740]  </TASK>
[  246.714878][   T51] Bluetooth: hci2: command 0x0c1a tx timeout
[  247.065978][   T30] audit: type=1807 audit(4294967316.379:7): UNKNOWN=òÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿÿòÿÿ
[  247.072765][   T30] audit: type=1802 audit(4294967316.389:8): pid=8753 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.570" res=0 errno=0
[  247.177572][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[  247.191513][   T51] Bluetooth: hci1: command 0x0c1a tx timeout
[  247.197561][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  247.220731][ T8751] ima: policy update failed
[  247.355831][   T30] audit: type=1802 audit(4294967316.539:9): pid=8751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.570" res=0 errno=0
[  249.870631][ T8786] FAULT_INJECTION: forcing a failure.
[  249.870631][ T8786] name failslab, interval 1, probability 0, space 0, times 0
[  249.918326][ T8786] CPU: 0 UID: 0 PID: 8786 Comm: syz.2.577 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  249.918370][ T8786] Tainted: [L]=SOFTLOCKUP
[  249.918380][ T8786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  249.918397][ T8786] Call Trace:
[  249.918406][ T8786]  <TASK>
[  249.918425][ T8786]  dump_stack_lvl+0x100/0x190
[  249.918470][ T8786]  should_fail_ex.cold+0x5/0xa
[  249.918504][ T8786]  should_failslab+0xc2/0x120
[  249.918548][ T8786]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  249.918584][ T8786]  ? __proc_create+0x2cb/0x8c0
[  249.918624][ T8786]  __proc_create+0x2cb/0x8c0
[  249.918659][ T8786]  ? __pfx___proc_create+0x10/0x10
[  249.918690][ T8786]  ? __lock_acquire+0x4a5/0x2630
[  249.918722][ T8786]  ? proc_register+0x559/0x8a0
[  249.918764][ T8786]  proc_create_reg+0x75/0x170
[  249.918802][ T8786]  proc_create_data+0x86/0x110
[  249.918837][ T8786]  ? __pfx_proc_create_data+0x10/0x10
[  249.918869][ T8786]  ? net_generic+0xea/0x2a0
[  249.918921][ T8786]  gss_svc_init_net+0x233/0x640
[  249.918962][ T8786]  ? __pfx_canbcm_pernet_init+0x10/0x10
[  249.918997][ T8786]  ? __pfx_rpcsec_gss_init_net+0x10/0x10
[  249.919027][ T8786]  ops_init+0x1e2/0x5f0
[  249.919072][ T8786]  setup_net+0x118/0x3a0
[  249.919106][ T8786]  ? __pfx_setup_net+0x10/0x10
[  249.919140][ T8786]  ? lockdep_init_map_type+0x5c/0x250
[  249.919179][ T8786]  ? mutex_init_lockep+0x110/0x150
[  249.919219][ T8786]  copy_net_ns+0x46f/0x7c0
[  249.919257][ T8786]  create_new_namespaces+0x3ea/0xac0
[  249.919311][ T8786]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  249.919342][ T8786]  ksys_unshare+0x455/0xab0
[  249.919379][ T8786]  ? __pfx_ksys_unshare+0x10/0x10
[  249.919433][ T8786]  __x64_sys_unshare+0x31/0x40
[  249.919466][ T8786]  do_syscall_64+0x106/0xf80
[  249.919507][ T8786]  ? clear_bhb_loop+0x40/0x90
[  249.919542][ T8786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.919571][ T8786] RIP: 0033:0x7f1606d9bf79
[  249.919594][ T8786] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  249.919620][ T8786] RSP: 002b:00007f1607cf9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  249.919648][ T8786] RAX: ffffffffffffffda RBX: 00007f1607015fa0 RCX: 00007f1606d9bf79
[  249.919667][ T8786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  249.919683][ T8786] RBP: 00007f1606e327e0 R08: 0000000000000000 R09: 0000000000000000
[  249.919700][ T8786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  249.919716][ T8786] R13: 00007f1607016038 R14: 00007f1607015fa0 R15: 00007ffc68526628
[  249.919754][ T8786]  </TASK>
[  251.875776][   T30] audit: type=1800 audit(4294967321.192:10): pid=8818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.584" name="features" dev="configfs" ino=23374 res=0 errno=0
[  252.281358][ T8822] can: request_module (can-proto-0) failed.
[  254.072934][ T5142] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  254.511626][ T8857] zswap: compressor  not available
[  255.033202][ T8860] NFSD: Failed to start, no listeners configured.
[  255.050295][ T8878] nvme_fabrics: missing parameter 'transport=%s'
[  255.082067][ T8878] nvme_fabrics: missing parameter 'nqn=%s'
[  255.859917][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.866388][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.108803][ T8881] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.596: iget: checksum invalid
[  256.140537][ T8881] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74
[  256.159660][ T8881] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.596: iget: checksum invalid
[  256.244489][ T8881] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74
[  256.283165][ T8881] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.596: iget: checksum invalid
[  256.318595][ T8881] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74
[  256.381323][ T8881] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.596: iget: checksum invalid
[  256.426448][ T8881] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74
[  256.457240][ T8881] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74
[  256.540457][ T8881] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  260.498352][ T8945] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137
[  260.557882][ T8945] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138
[  260.567200][ T8947] netlink: 17 bytes leftover after parsing attributes in process `syz.2.610'.
[  260.601754][ T8947] netlink: 'syz.2.610': attribute type 10 has an invalid length.
[  260.607611][ T8945] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum
[  261.025921][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  261.038284][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  261.050748][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  261.059047][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  261.092583][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  261.777427][ T8736] ------------[ cut here ]------------
[  261.783100][ T8736] ODEBUG: free active (active state 0) object: ffff888036ab5460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[  261.796308][ T8736] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#1: syz.1.567/8736
[  261.806952][ T8736] Modules linked in:
[  261.810887][ T8736] CPU: 1 UID: 0 PID: 8736 Comm: syz.1.567 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  261.823420][ T8736] Tainted: [L]=SOFTLOCKUP
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  261.827785][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  261.838936][ T8736] RIP: 0010:debug_print_object+0x19b/0x2a0
[  261.846024][ T8736] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 22 24 ea 0b 41 56 48 8b 14 dd e0 df 1a 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c c7 df 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  261.865835][ T8736] RSP: 0018:ffffc90003497708 EFLAGS: 00010246
[  261.871987][ T8736] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  261.879979][ T8736] RDX: ffffffff8c1adf20 RSI: ffffffff8c1adb40 RDI: ffffffff90e3bff0
[  261.888046][ T8736] RBP: 0000000000000001 R08: ffff888036ab5460 R09: ffffffff8bb2b840
[  261.896432][ T8736] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1adb40
[  261.904671][ T8736] R13: ffffffff8bb2b880 R14: ffffffff8a93f820 R15: ffffc90003497808
[  261.912977][ T8736] FS:  0000000000000000(0000) GS:ffff88812445f000(0000) knlGS:0000000000000000
[  261.923306][ T8736] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  261.930831][ T8736] CR2: 00007fd6bf39f000 CR3: 0000000072cb2000 CR4: 00000000003526f0
[  261.938940][ T8736] Call Trace:
[  261.942277][ T8736]  <TASK>
[  261.945227][ T8736]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  261.950733][ T8736]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  261.956671][ T8736]  debug_check_no_obj_freed+0x4da/0x630
[  261.962405][ T8736]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  261.968518][ T8736]  ? __page_table_check_zero+0x333/0x410
[  261.974320][ T8736]  ? __page_table_check_zero+0x338/0x410
[  261.980010][ T8736]  __free_frozen_pages+0x36b/0x10a0
[  261.985347][ T8736]  hci_release_dev+0x4ef/0x630
[  261.990330][ T8736]  ? __pfx_hci_release_dev+0x10/0x10
[  261.995926][ T8736]  ? device_release+0x69/0x240
[  262.000723][ T8736]  ? rcu_is_watching+0x12/0xc0
[  262.005621][ T8736]  ? device_release+0x69/0x240
[  262.010518][ T8736]  ? kfree+0x2ec/0x6b0
[  262.014679][ T8736]  bt_host_release+0x6a/0xb0
[  262.019303][ T8736]  ? __pfx_bt_host_release+0x10/0x10
[  262.025956][ T8736]  device_release+0xa4/0x240
[  262.030601][ T8736]  kobject_put+0x1f7/0x640
[  262.036042][ T8736]  put_device+0x1f/0x30
[  262.040339][ T8736]  vhci_release+0x185/0x230
[  262.044964][ T8736]  ? __pfx_vhci_release+0x10/0x10
[  262.050029][ T8736]  __fput+0x3ff/0xb40
[  262.054106][ T8736]  task_work_run+0x150/0x240
[  262.058754][ T8736]  ? __pfx_task_work_run+0x10/0x10
[  262.063978][ T8736]  do_exit+0x829/0x2a90
[  262.068175][ T8736]  ? __pfx___might_resched+0x10/0x10
[  262.073562][ T8736]  ? rcu_is_watching+0x12/0xc0
[  262.078460][ T8736]  ? __pfx_do_exit+0x10/0x10
[  262.083195][ T8736]  ? do_raw_spin_lock+0x128/0x260
[  262.088264][ T8736]  ? find_held_lock+0x2b/0x80
[  262.093266][ T8736]  ? get_signal+0x7e0/0x21e0
[  262.097883][ T8736]  do_group_exit+0xd5/0x2a0
[  262.102474][ T8736]  get_signal+0x1ec7/0x21e0
[  262.107014][ T8736]  ? __pfx_get_signal+0x10/0x10
[  262.111961][ T8736]  ? do_futex+0x192/0x350
[  262.116326][ T8736]  arch_do_signal_or_restart+0x91/0x770
[  262.121957][ T8736]  ? __pfx_kernel_move_pages+0x10/0x10
[  262.128885][ T8736]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  262.136214][ T8736]  ? xfd_validate_state+0x129/0x190
[  262.141547][ T8736]  exit_to_user_mode_loop+0x86/0x4a0
[  262.146872][ T8736]  do_syscall_64+0x668/0xf80
[  262.151717][ T8736]  ? clear_bhb_loop+0x40/0x90
[  262.156524][ T8736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.162502][ T8736] RIP: 0033:0x7f964e39bf79
[  262.166940][ T8736] Code: Unable to access opcode bytes at 0x7f964e39bf4f.
[  262.174206][ T8736] RSP: 002b:00007f964f1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  262.182670][ T8736] RAX: fffffffffffffff2 RBX: 00007f964e615fa0 RCX: 00007f964e39bf79
[  262.190632][ T8736] RDX: 0000000000000000 RSI: 0002000000000003 RDI: 0000000000000001
[  262.198837][ T8736] RBP: 00007f964e4327e0 R08: 0000000000000000 R09: 8000400000000000
[  262.206941][ T8736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.215713][ T8736] R13: 00007f964e616038 R14: 00007f964e615fa0 R15: 00007ffddb878298
[  262.223845][ T8736]  </TASK>
[  262.228245][ T8736] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  262.235557][ T8736] CPU: 1 UID: 0 PID: 8736 Comm: syz.1.567 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  262.246349][ T8736] Tainted: [L]=SOFTLOCKUP
[  262.250696][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  262.260941][ T8736] Call Trace:
[  262.264243][ T8736]  <TASK>
[  262.267202][ T8736]  dump_stack_lvl+0x100/0x190
[  262.271917][ T8736]  vpanic+0x552/0x970
[  262.275932][ T8736]  ? __pfx_vpanic+0x10/0x10
[  262.280566][ T8736]  panic+0xd1/0xe0
[  262.284311][ T8736]  ? __pfx_panic+0x10/0x10
[  262.288762][ T8736]  ? check_panic_on_warn+0x1f/0x90
[  262.293990][ T8736]  check_panic_on_warn.cold+0x19/0x34
[  262.299561][ T8736]  ? debug_print_object+0x18e/0x2a0
[  262.304790][ T8736]  __warn.cold+0x191/0x348
[  262.309248][ T8736]  __report_bug+0x296/0x3d0
[  262.313802][ T8736]  ? debug_print_object+0x18e/0x2a0
[  262.319043][ T8736]  ? __pfx___report_bug+0x10/0x10
[  262.324116][ T8736]  ? __lock_acquire+0x4a5/0x2630
[  262.329095][ T8736]  ? unwind_next_frame+0x3c8/0x1ea0
[  262.334327][ T8736]  report_bug_entry+0xe1/0x290
[  262.339128][ T8736]  ? debug_print_object+0x19b/0x2a0
[  262.344442][ T8736]  handle_bug+0x1c9/0x2a0
[  262.348801][ T8736]  exc_invalid_op+0x17/0x50
[  262.353415][ T8736]  asm_exc_invalid_op+0x1a/0x20
[  262.358271][ T8736] RIP: 0010:debug_print_object+0x19b/0x2a0
[  262.364091][ T8736] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 22 24 ea 0b 41 56 48 8b 14 dd e0 df 1a 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 3c c7 df 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  262.383880][ T8736] RSP: 0018:ffffc90003497708 EFLAGS: 00010246
[  262.390043][ T8736] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  262.398019][ T8736] RDX: ffffffff8c1adf20 RSI: ffffffff8c1adb40 RDI: ffffffff90e3bff0
[  262.406088][ T8736] RBP: 0000000000000001 R08: ffff888036ab5460 R09: ffffffff8bb2b840
[  262.414242][ T8736] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1adb40
[  262.422485][ T8736] R13: ffffffff8bb2b880 R14: ffffffff8a93f820 R15: ffffc90003497808
[  262.430552][ T8736]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  262.436055][ T8736]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  262.441622][ T8736]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  262.447452][ T8736]  debug_check_no_obj_freed+0x4da/0x630
[  262.453039][ T8736]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  262.459145][ T8736]  ? __page_table_check_zero+0x333/0x410
[  262.464818][ T8736]  ? __page_table_check_zero+0x338/0x410
[  262.470472][ T8736]  __free_frozen_pages+0x36b/0x10a0
[  262.475690][ T8736]  hci_release_dev+0x4ef/0x630
[  262.480627][ T8736]  ? __pfx_hci_release_dev+0x10/0x10
[  262.485935][ T8736]  ? device_release+0x69/0x240
[  262.490718][ T8736]  ? rcu_is_watching+0x12/0xc0
[  262.495497][ T8736]  ? device_release+0x69/0x240
[  262.500268][ T8736]  ? kfree+0x2ec/0x6b0
[  262.504430][ T8736]  bt_host_release+0x6a/0xb0
[  262.509162][ T8736]  ? __pfx_bt_host_release+0x10/0x10
[  262.514456][ T8736]  device_release+0xa4/0x240
[  262.519057][ T8736]  kobject_put+0x1f7/0x640
[  262.523581][ T8736]  put_device+0x1f/0x30
[  262.527750][ T8736]  vhci_release+0x185/0x230
[  262.532279][ T8736]  ? __pfx_vhci_release+0x10/0x10
[  262.537416][ T8736]  __fput+0x3ff/0xb40
[  262.541547][ T8736]  task_work_run+0x150/0x240
[  262.546162][ T8736]  ? __pfx_task_work_run+0x10/0x10
[  262.551293][ T8736]  do_exit+0x829/0x2a90
[  262.555633][ T8736]  ? __pfx___might_resched+0x10/0x10
[  262.560931][ T8736]  ? rcu_is_watching+0x12/0xc0
[  262.565723][ T8736]  ? __pfx_do_exit+0x10/0x10
[  262.570334][ T8736]  ? do_raw_spin_lock+0x128/0x260
[  262.575379][ T8736]  ? find_held_lock+0x2b/0x80
[  262.580080][ T8736]  ? get_signal+0x7e0/0x21e0
[  262.584680][ T8736]  do_group_exit+0xd5/0x2a0
[  262.589200][ T8736]  get_signal+0x1ec7/0x21e0
[  262.593734][ T8736]  ? __pfx_get_signal+0x10/0x10
[  262.598597][ T8736]  ? do_futex+0x192/0x350
[  262.602944][ T8736]  arch_do_signal_or_restart+0x91/0x770
[  262.608505][ T8736]  ? __pfx_kernel_move_pages+0x10/0x10
[  262.614145][ T8736]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  262.620318][ T8736]  ? xfd_validate_state+0x129/0x190
[  262.625619][ T8736]  exit_to_user_mode_loop+0x86/0x4a0
[  262.630918][ T8736]  do_syscall_64+0x668/0xf80
[  262.635602][ T8736]  ? clear_bhb_loop+0x40/0x90
[  262.640305][ T8736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.646370][ T8736] RIP: 0033:0x7f964e39bf79
[  262.650802][ T8736] Code: Unable to access opcode bytes at 0x7f964e39bf4f.
[  262.657832][ T8736] RSP: 002b:00007f964f1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  262.666350][ T8736] RAX: fffffffffffffff2 RBX: 00007f964e615fa0 RCX: 00007f964e39bf79
[  262.674415][ T8736] RDX: 0000000000000000 RSI: 0002000000000003 RDI: 0000000000000001
[  262.682403][ T8736] RBP: 00007f964e4327e0 R08: 0000000000000000 R09: 8000400000000000
[  262.690393][ T8736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  262.698397][ T8736] R13: 00007f964e616038 R14: 00007f964e615fa0 R15: 00007ffddb878298
[  262.706698][ T8736]  </TASK>
[  262.709868][ T8736] Kernel Offset: disabled
[  262.714297][ T8736] Rebooting in 86400 seconds..