last executing test programs:

2m48.864602527s ago: executing program 2 (id=2409):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
r2 = socket(0x10, 0x2, 0xc)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000f9dbdf25010000000600020001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1)
sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x0, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x54}, 0x8004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)={0x1d8, 0x0, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_FRAME={0x1c3, 0x33, "0c32666d6894b9af16b481d799fa011e1898bc1d66b299ee0501ce9577c3317c5664b9f0b4400a6a828668fd7edc1c5a349ba4ccfaab8f5eea898525b8efe3ce1e1fb952e433bfd45e38648ddc320bce6298974822eedebd13f0a3adcc6f5ac44657880142cd4cac724c7350da25dcb49cb3f23d3a34802fd37f1b19293efdb79043d0f759f8c3879d5d18e0f4fec2120ccdcaf3397a035964251d377ada4fbf92801093623090c66ab098ca31184649475729165847a7fa5bcea130feb134601af6cd66600c0346ec61d75e0233588fe1df301b3cbdc20a32ae5ddd362a4539af1caa2637d284c491b7355a2487ceba51b38645af481a53a325e01adc9cfea15784afaccfea8d05afebcec461910ff0b3efb8ac5f6ac30b56d793ce07a14064b80b51d51bc6b6e0ee7ac62243d1457ea91ddf820bda0e38c3de9d822988d65ea1d6e48c9dd41b5a6e34a3ab9b5c965a9fe6f8fbc522f4b694e0b36f855a5104517088c5c008d55a5a28ade32057965bd08100f884e9d60223feba549ba0325c1d924f303f3f02fd9782f933b478f94595cdfccb29c34aa0e0c548af6da33e79de5192331a6a96f5b57e5cf558b55b3aa7e661c0249c503194571a67f80724"}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x8001}, 0x80)
kexec_load$auto(0x0, 0x4, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_tgids\x00', 0x101002, 0x0)
fcntl$auto_F_WRLCK(r1, 0x9, 0x1)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
setxattrat$auto(0xffffffffffffffff, 0x0, 0xa, 0x0, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x74)

2m47.705026951s ago: executing program 2 (id=2414):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop15\x00', 0x6600, 0x0)
openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0xa, 0x5, 0x84)
socket(0x2, 0x2, 0x0)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
r2 = socket(0x10, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r2, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)={0x14, r3, 0x1, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x810)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ipvlan0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r5)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r7=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000440)={0x38, r6, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0xc, 0x1, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}, @NET_SHAPER_A_LEAVES={0x4}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r7}, @NET_SHAPER_A_PARENT={0xc, 0x9, 0x0, 0x1, [@NET_SHAPER_A_HANDLE_SCOPE={0x8, 0x1, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
sendmsg$auto_NETDEV_CMD_BIND_RX(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='\f]\x00\x00', @ANYRES16=r3, @ANYBLOB="100227bd7000fedbdf250d00000008000100", @ANYRES32=r4, @ANYBLOB="1c00028008000100018000000800030006000000080003000500000037fe028008000100010000000800010007000000080003000600000008000100e204000008000100dd0300000800030006000000080001000200000008000100", @ANYRES32=r7, @ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x20000091)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0xc8e03, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000240)=""/245, 0xf5)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r9 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r9, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x40106f52, r8)

2m47.262296403s ago: executing program 2 (id=2415):
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d7)
unshare$auto(0x20000080)
mmap$auto(0x2, 0x2, 0x80000000df, 0x14, 0x401, 0x8000)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x290040, 0x18c)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008)
mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(r0, 0x4058587a, &(0x7f0000001680)={{<r1=>r0, &(0x7f00000004c0), 0x8, &(0x7f00000014c0), 0x4, &(0x7f00000015c0)="c7f5dee8a1f01c579c5e98cd66bcbe019f389f6c6a2e80ce037150dd9601870de27815634a34206713078bdcf967aa26d9067e72a1c3b469c84a56244c22ab83210a81ccc8c4af2780e15c6b0f3d00944b6d30ab1262512dce0336fd9dcbb8faa207e9a57be8", &(0x7f0000000080)=0x1}, {[0x9, 0x1, 0xe, 0xfffffffd]}, 0x0, 0x3, &(0x7f0000001640)="6cf3e856fb09659fd3bf5e0d35863e18e72dbdc6a34d8593492f930a5a6423c74c6d54d0ee236819e2c76181fb95afc33cb3e13d4b7b703dc72ea3"})
write$auto_proc_clear_refs_operations_internal(r1, &(0x7f0000001700)="04d601c2dc2056ca0b1e9471a795fe467e4228d7bdcd6817a52c80a40550ac", 0x1f)
socket(0xa, 0x3, 0x3a)
r2 = getpid()
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x383280, 0x0)
sendmmsg$auto(r3, &(0x7f0000000440)={{&(0x7f00000014c0)="8161d68a757720236380801868803727d3d0ac0367398ff3d14d4ab2a71a04fe4b9973c23ee8269dfc1d94cf2f0a578999813475268001ce01aa418c6b003dced0d74e741c4be4b2a473dce673bd60060d5978afb2005b33d4bed8278a6e7606c6b2abe2b1064147032974ffe71a69b4d4853ff8e91b801764d6a3ab3a8370ac26fdc54f016eba2d0549a412007e85d67aec9d3012ce351886de45f61cad277f1ea0ea8bfe78a05b8ab8ec833711a597", 0xb04, &(0x7f0000000140)={&(0x7f0000001740)="95c947251ab30a3f95c5384c658ef507934ee0d4afa456629a98dfaf3082f940c4c6102883ba2ad42b9f9918d7c4bb2d894a22e74fa3c37f87c5ca4e7b3ff1bc94bc30e67f1ae9e17bbf185ed415339f89939af9f7b9070a309a750b951d4c47cf05926a6d64f5efde733a2d4193239d271a8905146dac7db506f61e8c01a2308fcbfb722a86043ac8fd03dbb3d4392c1ac9d7", 0xe1d}, 0x3, &(0x7f0000001800)="dfbe4656f4077abc6c60c794a1e0c9ab200d5c78928ff7db0ba743eb8c9d094abaf8f3ba71d347f5c94ce9b5a73e07a2d8e07b720e73cf0d8ce392df795d79c8d0cc89774c9ce6f0b5a673ddeb9fd5894206007e3e2eb1911bafa8a7546724b8362a272a095b2656457e89ff1fa8658f2783fbe8cd03d13edab2a7c6f62b3194bf6cbe2b808ac8416390a3c1a8226649ce171f7c2aa274c88c00bf37909351ec80e983b372c97c3e3330e1ac9a3a7907190bfb2d913afc175c10cd8bdcae123e1ae4c115869cbdc5c50dac0d8e65a9d0d30031d2b1d4ec2fd3f12738dab1058ccb987464e789de", 0xfd58, 0xe8}, 0x101}, 0x2, 0x0)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0)
socket(0x1e, 0x4, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000002c0)='7\x00\\\x88\x04|\x03_\x00\x98f\x01\x00\xb0\x0fe\xb2\xb1\x00\x05%\\\xa6!v\xf9;@\xcb\xa8\xc3\x9d\x00\x18T!\xe8\x06\x01#\x89T\x80lQ\x85\xb4\xcf\x8e~;f\xb6\xcd\xcc\xc8\x161B\xcc<\x89\xdd5\xbcFoq\xe4\xa8\xe2\x8b\xbe9\xbf\xa0\xfcj\xed\xca\xca\xaeW\x82S\x00?5\x13\xe1\xab2\\\xe0f}}\x96\xb3\xad\x92\xd3\x1e\xfa\xb9\xf4\xa8s\x8etg\xdc\xf1\xa4\xf67e\x841\'00\xc2\\\xac\"\x89\x16\xd4\x89/\x05\x00\x00\x00\x1e\x01\xb2\x1b\xdd\x01onx\xb7{.\xc6\x0e9\x00\x91M\x82G\x12\xf3\x93\x16\xf2f\x1e\xf0\xe0\"\x8d\x03F\x1c\xeav\xa5\x8f\x8ce\xb9\xac\x01d_\xc5\xbd\xc2\x91\xc3\x1f\x94\xbe\xe7\x1c\xe5i\x1dK\xa7 \x1d\xce\x1a\xdc\x14\x1a\xbf\x1f\xa5\vJQ\xb4\x1d\x9a\xfc4\xa5\xf8\x82\xf3\xecC7\xcb\xc5w\xbf\x9d5\xf9$\x1d|\xff\x00\x00\x00\x00\x01\xebj\x92e\xa3p\xc5\xc1\xe2Cq6\xad]+\x7f\xa7\x83m\xd6\xfd?\'\xc4\xf8\x93<\xfd$\x91\x17\xa8\xc5Kj\x820\x84219\xca\xb474|\xb3ge\x9bZ\"X\xf75\xc1\xce\xfd$\xe4CA\xae>\xc0\xc5x\xe5\x83_\'\xa4\xb4.\"\f\xb6\x15+\xd0\xb0t\a\xf7\xb6T\x9f\xdd\x9e\xbc\xbdL\x96f\x0f\x80\xbd\x0f \xc0,\x85wTl\x9ag\b\xe2\xda\b\xb2U', 0x81)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)
r4 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8, 0x800)
ustat$auto(0x801, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401c2, 0x2081, 0x3f, 0x7ffc, 0x1ffde, 0x8001, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3004, 0x9, 0x6, 0x10002, 0x80, 0x400, 0xa9, 0x7, 0x1ffc, 0x8203, 0x400, 0x2, 0x1, 0x0, 0x40, 0x5, 0x2, [0x7249, 0xa9f, 0x0, 0x1ff, 0x0, 0x180, 0x2, 0x0, 0x0, 0x1, 0xfc6a, 0x1000000, 0x10000, 0x40000000000, 0x0, 0x400000000000, 0x80000000000000, 0x0, 0xffffffffff7ffffc, 0x5, 0x0, 0x2, 0xfff, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x400000000000002, 0xfffffffffffffffc, 0x3, 0x1, 0x5, 0xfffffffffffffffc, 0x4]}, 0x1fe, 0x8)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2m46.395422484s ago: executing program 2 (id=2417):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/cpu.weight.nice\x00', 0xa001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/batadv_slave_0/accept_redirects\x00', 0xa0201, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e)
read$auto(0x3, 0x0, 0x21)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000118, 0x400, 0x9}]})

2m45.341796354s ago: executing program 2 (id=2423):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
getcwd$auto(0x0, 0x7)
r0 = socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
r1 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5)
r2 = prctl$auto(0x3e, 0x3, r1, 0x1, 0x80000000e7)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyp6\x00', 0xa0102, 0x0)
ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0)
read$auto(r3, 0x0, 0x6)
r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="010000800400fadbdf250f00000008000300", @ANYRES32=0x0, @ANYBLOB="0500330002000000"], 0x24}, 0x1, 0x0, 0x0, 0x4004060}, 0x8000)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'nr0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'pim6reg0\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000480)={'bond0\x00', <r9=>0x0})
sendmsg$auto_ETHTOOL_MSG_PHY_GET(r4, &(0x7f0000000440)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x68, 0x0, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PHY_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0)
read$auto_sc_seq_fops_netdebug(r4, &(0x7f0000000180)=""/143, 0x8f)
sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x400c040}, 0x10000040)
io_uring_setup$auto(0x6, 0x0)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x2404c800)

2m44.4162696s ago: executing program 2 (id=2427):
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/ipvlan0/enhanced_dad\x00', 0xc2002, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
mlock$auto(0xfbe8, 0x4)
syz_clone(0x8124400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket(0x2, 0x5, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000)
getcwd$auto(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
unshare$auto(0x40000080)
read$auto(0xffffffffffffffff, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x5}, 0x5)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe8c2f4fcd31add88, 0x0)
bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0xf42f)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0)
sendfile$auto(r0, r3, 0x0, 0x1)

2m41.332146328s ago: executing program 1 (id=2436):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"})
mmap$auto(0x0, 0xf, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getresgid$auto(0x0, 0x0, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000001680)='\v\x90\xd1\xda\xbc>1\x8ag\x14\x18\xbe\xdc\x00', 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x3a)
socket(0xa, 0x2, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x800, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x42082, 0x0)
write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0)
write$auto(r2, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = getsockopt$auto(0x6, 0x0, 0xc, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0xffffffffffff0006, 0xed9f)
read$auto_lowpan_control_fops_6lowpan(r3, &(0x7f0000000080)=""/20, 0x14)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
mmap$auto(0x1, 0x8d4, 0x6, 0x6f52, 0xffffffffffffffff, 0x8000)
sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

2m39.503703898s ago: executing program 1 (id=2441):
r0 = socket(0x26, 0xa, 0xb)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, 0x0)
connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x0, @empty}, 0x54)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000854)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
bpf$auto(0x7, 0x0, 0xa3)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000240)=0x810001)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
memfd_create$auto(0x0, 0xe)
socket(0xa, 0x801, 0x106)
shutdown$auto(0x200000003, 0x2)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x581000, 0x0)
readahead$auto(r3, 0xffffffffffffffff, 0x8)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/erspan0/queues/tx-0/byte_queue_limits/hold_time\x00', 0x2, 0x0)
socket(0x11, 0x80003, 0x300)
socket(0x1d, 0x2, 0x7)
socket(0x2, 0x1, 0x0)
socket(0x1d, 0x2, 0x7)
socket(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x1, 0x0)

2m39.131478184s ago: executing program 1 (id=2443):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/cpu.weight.nice\x00', 0xa001, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/batadv_slave_0/accept_redirects\x00', 0xa0201, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7)
write$auto_sg_fops_sg(r1, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e)
read$auto(0x3, 0x0, 0x21)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)

2m38.095163678s ago: executing program 1 (id=2448):
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d7)
unshare$auto(0x20000080)
mmap$auto(0x2, 0x2, 0x80000000df, 0x14, 0x401, 0x8000)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x290040, 0x18c)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008)
mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(r0, 0x4058587a, &(0x7f0000001680)={{<r1=>r0, &(0x7f00000004c0)="cbdf909ea92f1c081033239d3c3372dce501feac06436a2a83b80d46bf6d3775603f40d08983a53cbae52773fa89b1127c10dbba1d83bed2befa00680557f9d4b088632a71dc8132297e25f0b461ed7195fb163da93721a7bf7bb15f56d2d7fdcac3676e490778f5a1f21e89bde1f6c9eb5a829fe50151d58f887e7364c84c1b77a17219c6f434439f41595801a6811539b79e753834a32bafe6dc4e4d18ff43d8a95e871506939f083931da01f40f1021bceb143097d66d4fbba463e40edc0f908331c23e4375265699c80a3d4f9c9f40675f0369b509156bea7ad028f89cf8991f35fbc8ab5db06a5e17d827966dcfdf7a11518674d7d082ddf8b4e66997fd1679e81440b22c9df0a9ab1a4a3ef1e0416f3e0309425a59dafa5fbe0d867e7b324ff8f2da47ccd06bf26d55c7529c6e4c1e90627d8ecc386c7786b571e96e77f997833d75723eacff3f5dcf11e7d1a42721932b55c1100e61e07a420217a9516a4bf0013fe8638c5bcf3349d11dc8cf22b451d884853627718f79256398264348c0fa4a3e1eafc9777e96415b26740afca3e7c60686fd604418cd0809703b60dbed9e18243db20924d11ef9f0580d836bd1ea9d1ba38135837d23d456e236fc687c67e9e7b0197196b03564338a3e07554102e825b0da3f50a806aa33234e3dfe825a4f6fe723738d1b2304078e8f8641ae9bfa75a0a2463ebc026bbaf3055188358a7e6bb70e8ccded4d66d3163a943192882fb1a920a7aba738f24ddedb0923e6471c153606d8eb657643de7ce9d9631639151e2a2d7834abf96f06b79c1f28a1427249da7de69074abf2c1b78f47c420b68ae5f3fb11552af398a658e59c83b7c03d5a71c92042847db67674f38f5369f7f745aa13e6456815f2b60892290f6384da5c29c1f00d980274ae14aaa253237b18cdfdf06dc478e69c9955fa249360ce58a388b926de6a08826af7e1d15cf12a484f45e57185d63174ccc856d846d23f33a593992227a106e1b54cac2157ea1c4deb3885a9f914239a2d7fa5b6a8c75bc9dc5af37a80aa010851b53988f59df793841313d2596a69711c07d167309f36b1010940aa806f970460ca04260d7449bb1642255d4872513174b026cb176354c67327cf774173b27641ea7e1b7183e9b1d21f4b71c265369f3c7a7482f8981201c07cda98d64c84200673877b9a39f3c8e721aaffc38828925b58b4a6c0ad35f73d1290ebba00453ed69739270cc1bbca7fb4cba41ba1428b3cf4ef26de4c5bd23e127a7fd9b3bedd455277df479fc5026929622e68934d745e1d8ca43ad661f08b0ca9f0ad2148f8836af92146278b231ab3961a0758ad0a9914494c1c4df36930b2d24041b81f02919497788c97abc4b8dbbb0ab2a1c66a79db8ff4e252355b6b9b02fd2790567fc0a18aa25a908e614fd9ba37924eb30b788c16157594b51bd1361c38a478645ac92a8a3d381a3d5154823ec328a343eee796c76da3755d306b30b3bb0e7dd784bcb3b77b0c1a4b7a764e661f20481ee69990287d9dccd25999f592d98de6693d2dcb01b631949387a162c21855d9b73e130bc50fb024b75f7ff5ae78ed11eefca995ece53848dce7a05eba3b93f2f2931cb1a15c0d53ded100858db60992e4210825ce523c17617afc6c8bae2bd222c495e271a08089120fdce60ff2a213860e2bed6451c5f16147e3861dfe1aa1b9ef5169077cd90764e595e3d4d89e850f237f8ca39db514443914449918a956abd50b24bda7db107208ed7accc8a2b516757f247ee3185d6a02585c09c6760e2defd4bac61d0328e931e9090099a29bd01d02595d73079fdc0460b6a8a20ed5ed30231f02d110784ee3e5eda566642e84f93a94b81e58bfc34969f1d9adcf31180404616a5f4367e427d469c8e6ca22506f9cd3181d1a955f566cacc8ec43f7578645ff32315668469490e20d4288edde18091832d383fae0cda1a453f6ea3f4263accf6004488c0f500e70d6fbaf4569347d9bcd12dff605b0f14bf7501b4031219b7da8c7eb4e1921f6d70561faaff229381c5e0bd97351fa3187e6d37bcba5e167df9324fefae99f597471d7fe60df90868a91133e94d1e39a6087f079e1104b186fb381e911e7834c8fc373cb6734f12783030447a113dc314fa9345cf02974920cc8b8b97a4ef50f014db6e8bf06b05acedb0c448e4c03e5802307f24fa669314ca57ac0fb090cb733f6e95b2dd87ec5bb988f69bc3c07bfa0f758082b99fdd5ca899a708d1a2ee46bee003e26b1d8a58e04c4f0d1c834018fa15b357d2dc9fcb2e88db2cfb0308d88e46c64a75221b0cf3d6b4b94ba9a17cfa535e6ccdbc5afd085d549e12a4bfe555f6174c1c3ff17634b6c1e9407859e7490f744cd2b03c4a6186bdeb24f9ea583258436857e5fec9c33da5c7ed6ba84b9f05a3bb2ed0634fd2c0f3091d2d1f0dfffd4e46ac84e7754c5cb6ddae28afe13b004caf1f4fb4227e79e671c66d169271791825e021871e7c2ef994a8be4f0d73eee45ee2bc9d39823848d59b0efc341424b48e2fe5562f65d8eaa1bc1327c2cff6857a2ae571a614bb413a874e1e7b958c28c017225f6d5e95b8f05341e50514b9f400703e3a3826274a0dbc429818b689a0d1ea0182154ada1f8db90728bed32650e6b1585926bac07edd903b23d012843f6059b30225926f02d8ed411e6352bf34251d87541b3a14ee399779f88bc350a646ac5165967eedd950c2a943dd7032f938cc6c86181c38ed403bcdcee675b5a19953cc7d6ddc432003e09bb4b6e6f687b8d0bc35e1fcd8a42a212679d92fb78471acbf61f66d1af09105f747544d6e91327cd741ed8580e587c2bf0fad40f5f4a332571970f3ac6956dcc571d607733d2b3809e961aae", 0x8, &(0x7f00000014c0), 0x4, &(0x7f00000015c0)="c7f5dee8a1f01c579c5e98cd66bcbe019f389f6c6a2e80ce037150dd9601870de27815634a34206713078bdcf967aa26d9067e72a1c3b469c84a56244c22ab83210a81ccc8c4af2780e15c6b0f3d00944b6d30ab1262512dce0336fd9dcbb8faa207e9a57be8", &(0x7f0000000080)=0x1}, {[0x9, 0x1, 0xe, 0xfffffffd]}, 0x0, 0x3, &(0x7f0000001640)="6cf3e856fb09659fd3bf5e0d35863e18e72dbdc6a34d8593492f930a5a6423c74c6d54d0ee236819e2c76181fb95afc33cb3e13d4b7b703dc72ea3"})
write$auto_proc_clear_refs_operations_internal(r1, &(0x7f0000001700)="04d601c2dc2056ca0b1e9471a795fe467e4228d7bdcd6817a52c80a40550ac", 0x1f)
socket(0xa, 0x3, 0x3a)
r2 = getpid()
r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x383280, 0x0)
sendmmsg$auto(r3, &(0x7f0000000440)={{&(0x7f00000014c0)="8161d68a757720236380801868803727d3d0ac0367398ff3d14d4ab2a71a04fe4b9973c23ee8269dfc1d94cf2f0a578999813475268001ce01aa418c6b003dced0d74e741c4be4b2a473dce673bd60060d5978afb2005b33d4bed8278a6e7606c6b2abe2b1064147032974ffe71a69b4d4853ff8e91b801764d6a3ab3a8370ac26fdc54f016eba2d0549a412007e85d67aec9d3012ce351886de45f61cad277f1ea0ea8bfe78a05b8ab8ec833711a597", 0xb04, &(0x7f0000000140)={&(0x7f0000001740)="95c947251ab30a3f95c5384c658ef507934ee0d4afa456629a98dfaf3082f940c4c6102883ba2ad42b9f9918d7c4bb2d894a22e74fa3c37f87c5ca4e7b3ff1bc94bc30e67f1ae9e17bbf185ed415339f89939af9f7b9070a309a750b951d4c47cf05926a6d64f5efde733a2d4193239d271a8905146dac7db506f61e8c01a2308fcbfb722a86043ac8fd03dbb3d4392c1ac9d7", 0xe1d}, 0x3, &(0x7f0000001800)="dfbe4656f4077abc6c60c794a1e0c9ab200d5c78928ff7db0ba743eb8c9d094abaf8f3ba71d347f5c94ce9b5a73e07a2d8e07b720e73cf0d8ce392df795d79c8d0cc89774c9ce6f0b5a673ddeb9fd5894206007e3e2eb1911bafa8a7546724b8362a272a095b2656457e89ff1fa8658f2783fbe8cd03d13edab2a7c6f62b3194bf6cbe2b808ac8416390a3c1a8226649ce171f7c2aa274c88c00bf37909351ec80e983b372c97c3e3330e1ac9a3a7907190bfb2d913afc175c10cd8bdcae123e1ae4c115869cbdc5c50dac0d8e65a9d0d30031d2b1d4ec2fd3f12738dab1058ccb987464e789de", 0xfd58, 0xe8}, 0x101}, 0x2, 0x0)
process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0)
socket(0x1e, 0x4, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000002c0)='7\x00\\\x88\x04|\x03_\x00\x98f\x01\x00\xb0\x0fe\xb2\xb1\x00\x05%\\\xa6!v\xf9;@\xcb\xa8\xc3\x9d\x00\x18T!\xe8\x06\x01#\x89T\x80lQ\x85\xb4\xcf\x8e~;f\xb6\xcd\xcc\xc8\x161B\xcc<\x89\xdd5\xbcFoq\xe4\xa8\xe2\x8b\xbe9\xbf\xa0\xfcj\xed\xca\xca\xaeW\x82S\x00?5\x13\xe1\xab2\\\xe0f}}\x96\xb3\xad\x92\xd3\x1e\xfa\xb9\xf4\xa8s\x8etg\xdc\xf1\xa4\xf67e\x841\'00\xc2\\\xac\"\x89\x16\xd4\x89/\x05\x00\x00\x00\x1e\x01\xb2\x1b\xdd\x01onx\xb7{.\xc6\x0e9\x00\x91M\x82G\x12\xf3\x93\x16\xf2f\x1e\xf0\xe0\"\x8d\x03F\x1c\xeav\xa5\x8f\x8ce\xb9\xac\x01d_\xc5\xbd\xc2\x91\xc3\x1f\x94\xbe\xe7\x1c\xe5i\x1dK\xa7 \x1d\xce\x1a\xdc\x14\x1a\xbf\x1f\xa5\vJQ\xb4\x1d\x9a\xfc4\xa5\xf8\x82\xf3\xecC7\xcb\xc5w\xbf\x9d5\xf9$\x1d|\xff\x00\x00\x00\x00\x01\xebj\x92e\xa3p\xc5\xc1\xe2Cq6\xad]+\x7f\xa7\x83m\xd6\xfd?\'\xc4\xf8\x93<\xfd$\x91\x17\xa8\xc5Kj\x820\x84219\xca\xb474|\xb3ge\x9bZ\"X\xf75\xc1\xce\xfd$\xe4CA\xae>\xc0\xc5x\xe5\x83_\'\xa4\xb4.\"\f\xb6\x15+\xd0\xb0t\a\xf7\xb6T\x9f\xdd\x9e\xbc\xbdL\x96f\x0f\x80\xbd\x0f \xc0,\x85wTl\x9ag\b\xe2\xda\b\xb2U', 0x81)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)
r4 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8, 0x800)
ustat$auto(0x801, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401c2, 0x2081, 0x3f, 0x7ffc, 0x1ffde, 0x8001, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3004, 0x9, 0x6, 0x10002, 0x80, 0x400, 0xa9, 0x7, 0x1ffc, 0x8203, 0x400, 0x2, 0x1, 0x0, 0x40, 0x5, 0x2, [0x7249, 0xa9f, 0x0, 0x1ff, 0x0, 0x180, 0x2, 0x0, 0x0, 0x1, 0xfc6a, 0x1000000, 0x10000, 0x40000000000, 0x0, 0x400000000000, 0x80000000000000, 0x0, 0xffffffffff7ffffc, 0x5, 0x0, 0x2, 0xfff, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x400000000000002, 0xfffffffffffffffc, 0x3, 0x1, 0x5, 0xfffffffffffffffc, 0x4]}, 0x1fe, 0x8)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2m37.604090201s ago: executing program 1 (id=2451):
r0 = socket(0x22, 0x3, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = socket(0x2c, 0x3, 0x0)
r2 = getsockopt$auto(r1, 0x11b, 0x20100007, 0x0, 0x0)
r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000)
mlock2$auto(0x1, 0x8001, 0x0)
madvise$auto_MADV_GUARD_REMOVE(0x180000, 0xfff, 0x67)
read$auto_rng_chrdev_ops_core(r2, 0x0, 0xffffffffffffff6e)
ioctl$auto_RTC_IRQP_READ(r2, 0x8008700b, &(0x7f0000000380)=0x262e)
setsockopt$auto_SO_BINDTOIFINDEX(r3, 0x9, 0x3e, &(0x7f0000000040)='/dev/loop6\x00', 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/time_for_children\x00')
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0)
write$auto(r4, &(0x7f0000000040)='\x00', 0x9)
sendmsg$auto_NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x158, 0x0, 0x8, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_FRAME_MATCH={0x38, 0x5b, "f380b11cb82e0c226fe5dfa911e159e0f1ab38abd716d3f0afc78a4f3f3b635a48b9b196e6f2e506699ddf394979887847368b69"}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x8}, @NL80211_ATTR_IE_PROBE_RESP={0x104, 0x7f, "17a93a3ddc4248dfcdd39e5bbe9e8c8a4313bab94530d5ee4c42c50cfed0ac16ca4574e09563abb6e68865ff78b1ece3b8c96f5111516d2e4d56327067a5b8bee5b4de1b93e12d8943e5cbe4b84c4cb6cc59cf3e9c93766f1d3552d327789a6b91f20188cd12de7a11b3e974287f7e23973f5d41e8fceee928f0154adf035886fa6a12f1bef4b3ebba39391052c73cf0d56188c99d597f004e990909bf89261ac6c030e2c7475ef91b4ac431b085ed00616a87fee3f27f77345fce36384c0ba9f640b830f6d9451a42d9f964a288dd984995b2ee3bf19c3426ab93d0bf93de4e0b39819eca038a9874e273b017a5767cfaac3b101659d3f621b12fea4597c476"}]}, 0x158}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x16f622, 0x0)
pwrite64$auto(r3, &(0x7f00000003c0)='/prbc/sys/vm/compaction_proactiv\xddOZ-s\x00', 0xffffffff, 0x10)
write$auto(r5, 0x0, 0x10007c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
r7 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r7, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
setsockopt$auto(r6, 0x29, 0x39, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
bpf$auto(0x2612, &(0x7f0000000080)=@token_create={0x0, r0}, 0x5)

2m37.282690235s ago: executing program 1 (id=2452):
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto(r0, &(0x7f0000000080)=')\\?5Y', 0x1e0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x2, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdf0}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r1})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r3, 0x0, 0x1ff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(r4, r3, 0x3)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r6)
ioctl$auto_KVM_GET_MSRS(r5, 0x4008ae89, 0x0)
r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x46a42, 0x0)
writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)

2m22.177946468s ago: executing program 32 (id=2452):
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68)
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
write$auto(r0, &(0x7f0000000080)=')\\?5Y', 0x1e0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x2b, 0x1, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3ff, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x78, 0x0, 0x2, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdf0}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000040)={0x2, "f74d086d6600f5daa47fca1f1a0730a2f629350000000000000008600418af10", @inferred=r1})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0)
read$auto(r3, 0x0, 0x1ff)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(r4, r3, 0x3)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r6)
ioctl$auto_KVM_GET_MSRS(r5, 0x4008ae89, 0x0)
r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x46a42, 0x0)
writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x3)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/v4l-subdev5\x00', 0x280600, 0x0)

32.679992293s ago: executing program 3 (id=2867):
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x20000045}, 0x24000044)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000040), 0x424041, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
timer_create$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0)
write$auto(r0, &(0x7f0000002e80)='#[-#\x00', 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim0/trap_flow_action_cookie\x00', 0x121000, 0x0)
r1 = timerfd_create$auto(0x8, 0x800)
read$auto_ppp_device_fops_ppp_generic(r1, 0x0, 0x0)
r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
r3 = io_uring_setup$auto(0x86, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r3)
sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000841}, 0x4004004)
r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000200), r3)
sendmsg$auto_IEEE802154_LLSEC_GETPARAMS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, r4, 0x20, 0x70bd2b, 0x25dfdbfe, {}, [@IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x7}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xaaaba978e63e307e}, 0x40000)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x5c, r4, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@IEEE802154_ATTR_SRC_PAN_ID={0x6, 0xd, 0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x6}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x2b}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0x4}, @IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x2}, @IEEE802154_ATTR_SF_ORD={0x5, 0x18, 0x7}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x4}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xc}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000001}, 0x1)
sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x38, r4, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_NAME={0x14, 0x1, 'dvmrp0\x00'}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x4}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x4}]}, 0x38}}, 0x20000000)
r5 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r5, 0x80045006, &(0x7f0000000240))
ioctl$auto_USBDEVFS_CONTROL32(r5, 0xc0105500, &(0x7f0000000080)={0x8, 0x6, 0x6, 0x7, 0xdadb, 0x2, 0x7})
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(r5, &(0x7f00000005c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x6, 0x7}, @THERMAL_GENL_ATTR_CDEV_CUR_STATE={0x8, 0x10, 0x300}, @THERMAL_GENL_ATTR_TZ_CDEV_WEIGHT={0x8, 0xb, 0x8dca}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0xfffffff8}, @THERMAL_GENL_ATTR_TZ_TRIP_TEMP={0x8, 0x7, 0xffffffff}, @THERMAL_GENL_ATTR_TZ_TRIP_ID={0x8, 0x5, 0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x14}, 0x4000)
read$auto(0x3, 0x0, 0xfdef)

32.475252893s ago: executing program 3 (id=2868):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"})
mmap$auto(0x0, 0xf, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getresgid$auto(0x0, 0x0, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000001680)='\v\x90\xd1\xda\xbc>1\x8ag\x14\x18\xbe\xdc\x00', 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x3a)
socket(0xa, 0x2, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x800, 0x0)
shmctl$auto(0x0, 0x1, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x42082, 0x0)
write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0)
write$auto(r2, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = getsockopt$auto(0x6, 0x0, 0xc, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0xffffffffffff0006, 0xed9f)
read$auto_lowpan_control_fops_6lowpan(r3, &(0x7f0000000080)=""/20, 0x14)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
mmap$auto(0x1, 0x8d4, 0x6, 0x6f52, 0xffffffffffffffff, 0x8000)
sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

31.887592507s ago: executing program 3 (id=2870):
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nbd14/sched/write1_fifo_list\x00', 0x19be42, 0x0)
unshare$auto(0x8)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0)
listen$auto(0x3, 0x81)
socket(0x10, 0x5, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x108000)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
fsopen$auto(0x0, 0xfffffffc)
keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0xb)
madvise$auto(0xfffffffffffffffa, 0x9, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000000), r1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
sysfs$auto(0x2, 0x3c, 0x0)
r2 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r2, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040), 0x0)

30.897205718s ago: executing program 3 (id=2871):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop15\x00', 0x6600, 0x0)
openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0xc8e03, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x40106f52, r0)

30.69555232s ago: executing program 3 (id=2872):
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.controllers\x00', 0x2, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/4111, 0x100f)
r1 = gettid()
rt_sigqueueinfo$auto(r1, 0xe, &(0x7f0000000000)={@siginfo_0_0={0x76bb, 0x3, 0x4, @_sigfault={0x0}}})
r2 = clone$auto(0x5, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x100000000)
move_pages$auto(r2, 0x5, 0xfffffffffffffffe, 0x0, 0x0, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r3)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'})
mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffc10, 0xffffffffffffffff, 0x800008000)
r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
r5 = fcntl$auto(r4, 0x400, 0x1)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff)
fcntl$auto(0x3, 0x4, 0xa553)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0x8, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cpu.pressure\x00', 0x183142, 0x0)
sendfile$auto(r5, r6, 0x0, 0xc01)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
r7 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000f40), 0x2100, 0x0)
ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(r7, 0x80489439, &(0x7f0000000f80)=[{0x3ff, 0x2, 0x8000000000000000}, {0x5, 0x5, 0x2}, {0xa6, 0x1, 0x2}])
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)

30.446880935s ago: executing program 3 (id=2873):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/dri/vkms/internal_clients\x00', 0xa8201, 0x0)
openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(0x3, 0x0, 0x6)
lseek$auto(r0, 0x9, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r1 = io_uring_setup$auto(0x401, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
lseek$auto(0x3, 0x9, 0x7)
write$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffffff, 0x0, 0x0)
fallocate$auto(0xffffffffffffffff, 0x1, 0x820, 0xffffffffffffd914)
sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'netpci0\x00', <r3=>0x0})
msgctl$auto_IPC_SET(0xffffffff, 0x1, &(0x7f0000000340)={{0x74f6, 0xffffffffffffffff, <r4=>0x0, 0x8, 0x56a4, 0x5, 0x5}, &(0x7f0000000240)=0x5, 0x0, 0x2, 0x7, 0x927, 0x6, 0x1, 0x4f, 0x7, 0x0, @raw=0x8, @raw=0xd})
r5 = getuid()
keyctl$auto_KEY_REQKEY_DEFL_NO_CHANGE(0x7, 0xffffffffffffffff, r5, r4, 0x7fff)
r6 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto_PTRACE_SETREGSET(0x4205, r6, 0x2, 0x9193)
sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x1490, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x86, 0xbe, "a10f0906d6c6bf5195cbca86ca548f645c9c56883f1f80411df50de025511dd2ed70f96b50b704d94e3f1fcdb72a64f3e09f2c8c4a15c0037a75af962ca70927fe1276d627bf186c540b419793743574414adde82450ed4baac0c0d66faf084fc9da7d3e2073534fe28e72d38dbeb95a7663ecff59bbd40e149a44d0de7439ebfcdd"}, @NL80211_ATTR_MLO_TTLM_ULINK={0x17, 0x149, "f1ab863f1a853c4436d49c169d360fc7055f11"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x400}, @NL80211_ATTR_QOS_MAP={0x88, 0xc7, "bd9e53e0e006f3e09b6fa8fc4bd75c64f6d115f4937bf35ae548112682e9a462786a4f94eb702b93813217274b02d23f5a4833c11522ee696be5a8968300a3de11c604e7bcb3a4d7452345c0b583d97d087fa3426a91d74af081200bf1ba7c6b4501250a1abc986f95f41b1170097985c0039083331c785dde2d9dd33885a0ad10478350"}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_REG_RULES={0x133d, 0x22, 0x0, 0x1, [@typed={0x8, 0xb4, 0x0, 0x0, @uid=r5}, @nested={0x7c, 0x31, 0x0, 0x1, [@generic="b2bdf32110615734cc3a852a75e5c4e5713633199c93223a12b90a97b399d45a7e65dfb0316bc9eafa65c55660c9b44ea3b7bd91cd86b4faab40691ab738240853da1a6b5c7228a426540bf885b1449c5df48749c7ddbe9f945e8051819d7b870d94b61fb71ecb9ac45f0d0295fbecaeb3bfc1d6321e216d"]}, @nested={0x1010, 0x89, 0x0, 0x1, [@typed={0x7, 0x124, 0x0, 0x0, @str='(-\x00'}, @nested={0x4, 0x12d}, @generic="0826ad0b6a0ff6ac8dc4cbe4287810a9590a00584d06321b7a6d4d9f4cbc102cd0dd023bcd5d10525ef5c8d5f87dc767f3b51ef350bc9c0c8f4c2c52f8468ac493fbede077c5e95a73adfc9e8c435549f2abcbf0f64d5216f454f979ca644fab2703918796c901389927fa4c8b79fe787c66c837a5690018ae84360139b69c3f98a6c969f82c255f3f9f8bd7972e9ea6adfe84a0ac783788abecc10ef07d9eafc8f9e122befe699528160fb8bf263ea2eb28535e71bcafe356796aeee1655191bf5b546e25348c1438f59459a68f28db9d1fcc6f75b9f0dddac5af411ab9ca5194151fabc7c518d34ae484b4f8a16b6b02d15e44b93488a5f72fe0fa3e5516b76af6ec50a6215a3e1d436ae0194367c91dac09cc125c940d171473ae8dd57e2646b658fe47df1fc9903e6920e6db573aa0d2fde4b7fe3bbac873694d876e77cdf2dac2a41bd034729cd667d4b11618609fe90c204c4f7283c7a012943c1d233767ce132bd4bad163cbf94af703548400b5cbf9e8c42a09e3b657fd78922571303e65772a7030d56d7b263f4144498773743a8d4e5ee31736ef193d78f651404813e00247ff85d5126aca8883f8faa34a60c0dc0778f0d6fa0ddbd403d9d08795d7b862d888e6a173c8c8b09d087ef973ccd2155f06d9cd606fb75b7409d7fbf2c5978591c5d682a42c7e7d6dd2e83f7e4b3f5689c67efd3ddc9dbe9e1f5414940f28266a3d3ee5cd41552468430532d456ff546da128bfd6c52ad820ffd1623263e10b16cfa85881bbcad33484bff3a094f55d28e17d35900d3c734bea24cf48861e390abf5d16149e14ef7d91261715f63e2bfc46619c65d7be3d0ee8c81621864df5763042fbff4793853b0c4dc77d426826613106d54bd0199896b4148055deb706c646d57c68d87f2df6f5598d65e65c58c8e60c3d64b9a7783788cf0d1a6f621a0513473e8ae4ecb7cabb4c9b33f4ded1f995519bca67644353e748a6cb4df14873d17a286f2108275f7cd84803fc9fef074289ff50f8ffc9e954a4be921a953c0d8c2c390d00fa8ef2a2a77ea8f04a37310afd5e2e91ed8c6dea709807772d6215882f132553ec567ec45df700bc63869726ec213c46ab4306ce9597f230ab6e79a22e3df7cc5a847eaf28acff52305080cfbf8532466b0beeed4f1187b6b4a024edfa51807492f16bed5590d11ae563f23e48020e437f0e2dd2a8dd810be38ed21da1a0b9a8419e5652509134cd8f1908d3c5501313ba4113108b740d339b676e4151d0668a3a3a7f710b4f2027dc9bbec5829045dc41cdb4646c277f40a80174991b7fda3b207c2a4ea12fac047b83675486cb062bf780f4e8df840301070aa5b366b467c3b15c47a76c485b9747da0d9dda5ddfc71f81ba85ee09876874c95f3818f67a7637400e33db1833cca7e39af1a36228273d728544e2f09289f39237b7e010c8f8197085688ebbf8c85435db055e29210128ef304e4bf3ceb81f3c0f7ec860ea04f7494b85c70963c4460a7453708eacae27ce8d56ab1a7197d7c216575264b1b1c4d9ded62ccd5dc70c3e67a3ea372d1e333010bf01eaa0fa4050a0312415446368e75233057c34815f5030fadc7866e481619e28b583f515d8a5e8b02b460cdee7eec6d2042b080290c349eb76e1dda3fd8524a44153d53f61e65b1cdc962f59cbbe5edb7c821dbd6ba547d635805698782f65f264c2b5f9f9f2b3a950851399b0328c41af5cc66b27683bac89b285815c48105b28c126139e0e20e21a42365ef51577131253efe3c13db06c757db022ef6fc8dd40f68895e7adf7e2302d4614de082dd1df15e4705aec278853aa782d3c6d58cd0f5a08ea10c806552ece4b2928876c08974ff06da8267e987d1858eacde19df0445a23f9005396a08c7d8fa63c1a7135d5540abccf09cc13b581f59f3e32c34f6f34458a2a22c696b7108b1a75b1f46eb602a70481d8768c52605cf0a76fb5e7cbf8addfefd9f25e38d344c068ff11c6d4b5d525665975a8365e8c78ead6dc15e48ce1bda3b5b0433cf756709468727a34136ebba25325a31eeadaae67f89107b9fe8d004b3dc2e976ef299737cf81b584998f451301c578fa6399cedac34317b5bc8f62d395aa8c7cf03cbfbcdbba1caa48e902ae5cd3a2725f1e772caa79e43a919398e435d6cbeb4fb8d19e19bd690cedfa04184e027eae36593e95d3f00d55e217ec7a00a08e3dbb6e29898314c4166bf150c41d65e0b30e966aabe30c5a111eb76537085e978ff88f8f2adc1479087727cbdd9b453a03b5a4cd19c15e542667defd4e06c0ac247e790f0fc39b520a68fc9abf052825c0d911b309a500406184bac64091573fed3d645339f2f47df02ebcf3e9642c62ede4816c8ef656bde0464cade87db0c80ce80f5151c8ac08e24154eefb0a599b7b6a1589a0a5287465d50eae0b438449b8634e4296ba2c9684ed7fed517c389e61dcd4aaf9d5f737397aae67ebfbb2f1be064281bda0964843bebf20251c81206d5a933a45e17ffb7080884ae90978b038a1b8e9368a85f666584eff3e2c0c0b4c42e83001030c222bc2e7f3f6ccf85203c1cf0a7022159f691c4e3f55b6ac2a40c33cca729adf3c863c7e8f5ee5ff8023e96d8c7f22f61fae010279a2e874d414401a7efef3b9556f900c0f78d57e75684ac983d546933e6a0ad838ea758e13579cabb67c6790abac13520d62c55b56f40b033a3b75ad978f52f262edbf29d55745273235d7e239d81428bd478004b9e07c8bbe87002c2b11eb021cb6b491654902874d8414181c3d28cb7e10c2a110ac06848a3b9513df760cd98f8782d0d7aa1453f5b24ba1f78e31cc6fc644da7072a69d3daa0a9bcbec0ea015c061a3e84f4b7e2c5799b57ad4247b62d6d660bd18c3ca27a3b75cb40ede3b2a9e0fac979b135020e2c7913ef4f3599a3d001682fb76da1f0082b990bbbb08faf5bc44f2b69d8faacdb43aca5cf97e21d5ff42281a7d83f9a62cb689856f3f2dec328872df42619936f90631b0429ae6ae78b45f24cc11b897bc5dc6436995255e7a532cabc1885e56c554e92081f752398a03cccfc5c5343a912ca6169e63172ac8a60e658b75ae1d47d0bfb647b72a6b4b56b9cde7d5520e4a51ebb0ffdf06588cbb086e8549a480e6545293efe850227661b5e3c31296102067228439c28b8438e861eabdba8e303bd5756431d21920dec1bd150e688de8a7c992264b25b6d3f3a7c855f4122b3301c77c1239bb88927129b0d05f9dcff504a298bc2912776d2f72db282e4d6acdcc2cc1891d8d466e225965fbea55e6da0f5e152c74e1aa16759f775fcf21d3f5f7baf20a6a23f4f6a7ad02f9f81f4c4b64fc7d891b19a43e5620b083adb7c8da262727090db9293665e2c114982c9724bbef6c8aff41d813ba8400a20cfd12bca4de89892b5d8bf256cd57ee7bcbf9806b64bd056ec04c09e5b4448f0c9038ce19ceb2e3952ec2fc2a48c9f8d217f5d014677ec0b8c05a12df206bf9e765d445c8a0c07cbd0f57dbd702235237081eeb1424be5d6b28d3c6b18ab8518f798ffea1cb1336d6462450e08fdc6dedf8f504ddd365c75793bfd94ab319023c419e64cbe0a1a64f096c37d8ad8744e0b29a2b5f2dd9671455723c24d672b357ad21e40d20dfc088a823390f401ee2acb88800e1aba2cd63ac14c83efa03794edf08327c07ed47f8e3a8eff1e5111efc0cccde90c3a601aa7fe3559a90fd4e772477e601dfd0a1047ef07b9f1438744dd55b7f37db360545385838e3fd7ed464b90f5fb6fae460e3997ed8293d7f777c2cfd957534994491255348364983f57d2599adba36c1b68490954b4b0ecfc11205366485a3542123c21af4859c280c596b4deed64617c05b9f6fd2c63f44380a9ffd90a38fe42a11e36dd22e03aee4da965fe43ffd443f54be625dca7d597d17c3b3212a47e2b19aee71ecf7eff467e39b163dd49c89ad7f81fe0b2f038000d88f4fe8b5b790a1855561f9f2e01b0d8e85338080b2c0c9506577e99dd9ba35c5eebe414b30a51982132c5b21712adc9c3ae8c4d65610d3a07ccdf28afb0f11e2dbc8affc0f2e386cafb79c96b93b0530283fcda60cd5dfbc3312557e4b605deb47197c88999cfab47bec20ed7b3c66c2b8a227acf86553928ba67a9248f8682a4b941ebecc2659418eb0f477a19c4f984f21f54f683f0467851cfaf639437c14ca71fea938c0dcd029cfeb6cfc927c79dae05d8bacad61db4cf880d746b1c138f19009de43d0160233b22a57c7e151351d5ca16f2c180f889dd5c49f86f129b0d417cb48fd03b3ffa1c748120e0d660d4f92cdf0dc2b77df5ceb9b35c1e7c77ed86b2aa4525d416ed994de2b9bfc6766acd4188976344db1dd3139fb15325315ad7047a43e0f2bf2232c2973552b4aaf55ed5f0d5e667b60a7640debfdde17d4913ec6983c1e6767605618a5a3fe4c52804093909eb67d41d9e68f491efe1bb8cb549ffa8073ea342f6f372bf1feb80a0c2b279d685a24a2d8b5fb600c5de91f4bb983d34ec6c800a754e47595c24748327e1026ab131f3de97da2da89bf995b642eb2b8f669ea844bdbb78bf487baa18cb172de7adac55bc1a46e00a471e051d45a1739c2b1f29a3385dc7d561a157a47504603c2a3b4b0810cdc68d73e5d7e33b3d2d60971aa35dbe50b0e237b6f4f4a81d20209b4874495ed1356e1d01f6b44b3177144fe4e39fa5170385dcd4033ccc64271bb13b8e0ddac5a1d70d30707633d78a76da145301eaf5f3caafa0dea7591b044e97d64e95481f6a6cdd3420d637617a7ef10006ad1935bfce065c2b3eace136321e99de8666c851b26a3d6dba269f64a213f3bd3a3d3d96f642b8da0eb4bd451ba49c44fac180d10e626c3a7c84e76574281dd37cf34d66d8be8fa24080f8fdae3226645cd99dee085a7a52310e27a2054e480cef486145c158ef0c19b32d4bf8ed5261d96a05902eb517201bb08390b7a748f4147e192e93d0b3398f4fc060f9e15447e40ae172576be44610e660f122a1ce5426175847e0426d6ada029033a160dd83051d6dc45519f903ac0492a0ac2e685b01381590fe95e49fa4ca23fc31ea6da9b327a29b6e91e0532c3d5a58542d216ec93080421ffc209256305aca4bf7c29e306e34ee62ed3abe10140daad479d7d05b19c9305b333e192a03066f4d267f05d556dc91ce3a7e49a1f157366c06357777c449820188e0a83b0baf26d7e6ff11904ddcfefa2b7413a1132f01261e63ce77cd58b633b30d51994275cd5bebee2849bdc1fd44ca3bd8c63cea7cbf84a89c79be53f81ded1fa2563a47318d6d1265ab584cf335a3047bb153a2c5433780a558dcdcc4a00a45b7f2de2a5a1669e1667f643419e47262a7e5178cf55d66615ebd22424ade8bd0677df1f8cba264959cfc0034f0d3e9d813bdb52e2f9a30191240b0861d0cc0b411ceb3227a4e4874146558181fe80c9b01e5463db017511400e200ef87fd1ff994d8309d96729f68397f87070db5f5c403cd835dbb5156ab104c911f172619e22f663d443e461cfe112f2c4f375d5d39f2645b7a2aaf321a0eaaec5a626e924dab06161862e7979443523d76208f320956dc028625f0ec4a00fc8641979e9b0a1b7ccc177d990c5cf9068727c59367e3e398faccf4be6bf28b318f7d8ff3a0e56a85b7631c9b49633ef3321016625b5ad9c8e5aef945812a4c92d8ef4335ee8d13207e98ce79ef7c8b76d9adeb371c44b24cea33ae72343d6e59bcdb0cd87414a328ee152b2773cace385"]}, @nested={0x59, 0x113, 0x0, 0x1, [@generic="d460649c2f5f1c6daf1170cfc91f28c4640a4c213f0dfc24253ea11873c88927e76bbe09b361a41a5b737a16b98f80bd38346e3d1660a7b3921c03840e38e40d7cef7501360ae066dc70f2c2ee9a03daa5564311f1"]}, @generic="cae780f494", @generic="d41fcdebc9857bc050cebcd365d77c9045ef569d8506e7c8019065d73d27f961cafd45f9726dcd21db37a8a6f3174a484c9592a3f8a76fbf770dcb812dfc78308d1810de69f5a1a2b2d61c7e21e113bca71ea875bdcedcf22c0c0eb034cb421af42f385e5781c76e03492ba8a6fd7d97eba022e365f7fcedcddade448cf9fe1ae347dddf4c2a79f8a505c772c2baa1fc7044cdad0135ac4bfd000447c9c433e37b4eb345bacd7215b2c401cdd22407ba95e3eb7457990444e9da1eacf691af0bf17dbe3adfc9c6a43f2edbbecc6986b2e43332b31ceab049e12ca562", @nested={0x165, 0x99, 0x0, 0x1, [@nested={0x4, 0x76}, @nested={0x4, 0xa}, @typed={0x5, 0xe3, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x13b}, @generic="dde25d574e8fde3cdaa75e6e10bf84285d48ad0359be0b391e2f4e22e38b8c3c71b7e489abe76f8bf5773b8bd18f5820be4521724d032d3e56960ba094c353c0cb43c808fce081ce0ad744fd566c7041318797d4363a899df987b9e0d632a359f40dc07667478d57efa5ddd18cb39d6b46b70953349822806c8c1b765fb8ceb9e0699abadb0bc7ec282433ff61e130f03769cb2a589829eb429fa961ca27578e2f5cc65766a26715f25de381a23cb1918c47d44420cf3ca18cde1ab1e9e71614768b7d360ef42f66c0946f9c28868d0f2a13aa8a3aaa0e5ae79a0520", @generic="2c32cd48c1255c72a0df9544b8a5dd127cd70a168997635c4f32ea54074a37559555bde1d453080828597dc31f9daa60119a1616cc9464f085f06cc362f21ff86935d93723058fc8eba0fa9f40e5d1268f17170e289b9dc152ca83564156b80f4db40a19fe", @typed={0x8, 0x114, 0x0, 0x0, @pid=r6}, @nested={0x4, 0x7f}]}]}]}, 0x1490}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x100b03, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
sendfile$auto(r7, r7, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r8 = open(0x0, 0x1990c3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x40086602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0xef3, 0x0, 0xffff)
unshare$auto(0x40000080)

15.346218819s ago: executing program 33 (id=2873):
r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/dri/vkms/internal_clients\x00', 0xa8201, 0x0)
openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(0x3, 0x0, 0x6)
lseek$auto(r0, 0x9, 0x0)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
r1 = io_uring_setup$auto(0x401, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
lseek$auto(0x3, 0x9, 0x7)
write$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffffff, 0x0, 0x0)
fallocate$auto(0xffffffffffffffff, 0x1, 0x820, 0xffffffffffffd914)
sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, 0x0, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'netpci0\x00', <r3=>0x0})
msgctl$auto_IPC_SET(0xffffffff, 0x1, &(0x7f0000000340)={{0x74f6, 0xffffffffffffffff, <r4=>0x0, 0x8, 0x56a4, 0x5, 0x5}, &(0x7f0000000240)=0x5, 0x0, 0x2, 0x7, 0x927, 0x6, 0x1, 0x4f, 0x7, 0x0, @raw=0x8, @raw=0xd})
r5 = getuid()
keyctl$auto_KEY_REQKEY_DEFL_NO_CHANGE(0x7, 0xffffffffffffffff, r5, r4, 0x7fff)
r6 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto_PTRACE_SETREGSET(0x4205, r6, 0x2, 0x9193)
sendmsg$auto_NL80211_CMD_GET_KEY(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x1490, 0x0, 0x20, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x86, 0xbe, "a10f0906d6c6bf5195cbca86ca548f645c9c56883f1f80411df50de025511dd2ed70f96b50b704d94e3f1fcdb72a64f3e09f2c8c4a15c0037a75af962ca70927fe1276d627bf186c540b419793743574414adde82450ed4baac0c0d66faf084fc9da7d3e2073534fe28e72d38dbeb95a7663ecff59bbd40e149a44d0de7439ebfcdd"}, @NL80211_ATTR_MLO_TTLM_ULINK={0x17, 0x149, "f1ab863f1a853c4436d49c169d360fc7055f11"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x400}, @NL80211_ATTR_QOS_MAP={0x88, 0xc7, "bd9e53e0e006f3e09b6fa8fc4bd75c64f6d115f4937bf35ae548112682e9a462786a4f94eb702b93813217274b02d23f5a4833c11522ee696be5a8968300a3de11c604e7bcb3a4d7452345c0b583d97d087fa3426a91d74af081200bf1ba7c6b4501250a1abc986f95f41b1170097985c0039083331c785dde2d9dd33885a0ad10478350"}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_REG_RULES={0x133d, 0x22, 0x0, 0x1, [@typed={0x8, 0xb4, 0x0, 0x0, @uid=r5}, @nested={0x7c, 0x31, 0x0, 0x1, [@generic="b2bdf32110615734cc3a852a75e5c4e5713633199c93223a12b90a97b399d45a7e65dfb0316bc9eafa65c55660c9b44ea3b7bd91cd86b4faab40691ab738240853da1a6b5c7228a426540bf885b1449c5df48749c7ddbe9f945e8051819d7b870d94b61fb71ecb9ac45f0d0295fbecaeb3bfc1d6321e216d"]}, @nested={0x1010, 0x89, 0x0, 0x1, [@typed={0x7, 0x124, 0x0, 0x0, @str='(-\x00'}, @nested={0x4, 0x12d}, @generic="0826ad0b6a0ff6ac8dc4cbe4287810a9590a00584d06321b7a6d4d9f4cbc102cd0dd023bcd5d10525ef5c8d5f87dc767f3b51ef350bc9c0c8f4c2c52f8468ac493fbede077c5e95a73adfc9e8c435549f2abcbf0f64d5216f454f979ca644fab2703918796c901389927fa4c8b79fe787c66c837a5690018ae84360139b69c3f98a6c969f82c255f3f9f8bd7972e9ea6adfe84a0ac783788abecc10ef07d9eafc8f9e122befe699528160fb8bf263ea2eb28535e71bcafe356796aeee1655191bf5b546e25348c1438f59459a68f28db9d1fcc6f75b9f0dddac5af411ab9ca5194151fabc7c518d34ae484b4f8a16b6b02d15e44b93488a5f72fe0fa3e5516b76af6ec50a6215a3e1d436ae0194367c91dac09cc125c940d171473ae8dd57e2646b658fe47df1fc9903e6920e6db573aa0d2fde4b7fe3bbac873694d876e77cdf2dac2a41bd034729cd667d4b11618609fe90c204c4f7283c7a012943c1d233767ce132bd4bad163cbf94af703548400b5cbf9e8c42a09e3b657fd78922571303e65772a7030d56d7b263f4144498773743a8d4e5ee31736ef193d78f651404813e00247ff85d5126aca8883f8faa34a60c0dc0778f0d6fa0ddbd403d9d08795d7b862d888e6a173c8c8b09d087ef973ccd2155f06d9cd606fb75b7409d7fbf2c5978591c5d682a42c7e7d6dd2e83f7e4b3f5689c67efd3ddc9dbe9e1f5414940f28266a3d3ee5cd41552468430532d456ff546da128bfd6c52ad820ffd1623263e10b16cfa85881bbcad33484bff3a094f55d28e17d35900d3c734bea24cf48861e390abf5d16149e14ef7d91261715f63e2bfc46619c65d7be3d0ee8c81621864df5763042fbff4793853b0c4dc77d426826613106d54bd0199896b4148055deb706c646d57c68d87f2df6f5598d65e65c58c8e60c3d64b9a7783788cf0d1a6f621a0513473e8ae4ecb7cabb4c9b33f4ded1f995519bca67644353e748a6cb4df14873d17a286f2108275f7cd84803fc9fef074289ff50f8ffc9e954a4be921a953c0d8c2c390d00fa8ef2a2a77ea8f04a37310afd5e2e91ed8c6dea709807772d6215882f132553ec567ec45df700bc63869726ec213c46ab4306ce9597f230ab6e79a22e3df7cc5a847eaf28acff52305080cfbf8532466b0beeed4f1187b6b4a024edfa51807492f16bed5590d11ae563f23e48020e437f0e2dd2a8dd810be38ed21da1a0b9a8419e5652509134cd8f1908d3c5501313ba4113108b740d339b676e4151d0668a3a3a7f710b4f2027dc9bbec5829045dc41cdb4646c277f40a80174991b7fda3b207c2a4ea12fac047b83675486cb062bf780f4e8df840301070aa5b366b467c3b15c47a76c485b9747da0d9dda5ddfc71f81ba85ee09876874c95f3818f67a7637400e33db1833cca7e39af1a36228273d728544e2f09289f39237b7e010c8f8197085688ebbf8c85435db055e29210128ef304e4bf3ceb81f3c0f7ec860ea04f7494b85c70963c4460a7453708eacae27ce8d56ab1a7197d7c216575264b1b1c4d9ded62ccd5dc70c3e67a3ea372d1e333010bf01eaa0fa4050a0312415446368e75233057c34815f5030fadc7866e481619e28b583f515d8a5e8b02b460cdee7eec6d2042b080290c349eb76e1dda3fd8524a44153d53f61e65b1cdc962f59cbbe5edb7c821dbd6ba547d635805698782f65f264c2b5f9f9f2b3a950851399b0328c41af5cc66b27683bac89b285815c48105b28c126139e0e20e21a42365ef51577131253efe3c13db06c757db022ef6fc8dd40f68895e7adf7e2302d4614de082dd1df15e4705aec278853aa782d3c6d58cd0f5a08ea10c806552ece4b2928876c08974ff06da8267e987d1858eacde19df0445a23f9005396a08c7d8fa63c1a7135d5540abccf09cc13b581f59f3e32c34f6f34458a2a22c696b7108b1a75b1f46eb602a70481d8768c52605cf0a76fb5e7cbf8addfefd9f25e38d344c068ff11c6d4b5d525665975a8365e8c78ead6dc15e48ce1bda3b5b0433cf756709468727a34136ebba25325a31eeadaae67f89107b9fe8d004b3dc2e976ef299737cf81b584998f451301c578fa6399cedac34317b5bc8f62d395aa8c7cf03cbfbcdbba1caa48e902ae5cd3a2725f1e772caa79e43a919398e435d6cbeb4fb8d19e19bd690cedfa04184e027eae36593e95d3f00d55e217ec7a00a08e3dbb6e29898314c4166bf150c41d65e0b30e966aabe30c5a111eb76537085e978ff88f8f2adc1479087727cbdd9b453a03b5a4cd19c15e542667defd4e06c0ac247e790f0fc39b520a68fc9abf052825c0d911b309a500406184bac64091573fed3d645339f2f47df02ebcf3e9642c62ede4816c8ef656bde0464cade87db0c80ce80f5151c8ac08e24154eefb0a599b7b6a1589a0a5287465d50eae0b438449b8634e4296ba2c9684ed7fed517c389e61dcd4aaf9d5f737397aae67ebfbb2f1be064281bda0964843bebf20251c81206d5a933a45e17ffb7080884ae90978b038a1b8e9368a85f666584eff3e2c0c0b4c42e83001030c222bc2e7f3f6ccf85203c1cf0a7022159f691c4e3f55b6ac2a40c33cca729adf3c863c7e8f5ee5ff8023e96d8c7f22f61fae010279a2e874d414401a7efef3b9556f900c0f78d57e75684ac983d546933e6a0ad838ea758e13579cabb67c6790abac13520d62c55b56f40b033a3b75ad978f52f262edbf29d55745273235d7e239d81428bd478004b9e07c8bbe87002c2b11eb021cb6b491654902874d8414181c3d28cb7e10c2a110ac06848a3b9513df760cd98f8782d0d7aa1453f5b24ba1f78e31cc6fc644da7072a69d3daa0a9bcbec0ea015c061a3e84f4b7e2c5799b57ad4247b62d6d660bd18c3ca27a3b75cb40ede3b2a9e0fac979b135020e2c7913ef4f3599a3d001682fb76da1f0082b990bbbb08faf5bc44f2b69d8faacdb43aca5cf97e21d5ff42281a7d83f9a62cb689856f3f2dec328872df42619936f90631b0429ae6ae78b45f24cc11b897bc5dc6436995255e7a532cabc1885e56c554e92081f752398a03cccfc5c5343a912ca6169e63172ac8a60e658b75ae1d47d0bfb647b72a6b4b56b9cde7d5520e4a51ebb0ffdf06588cbb086e8549a480e6545293efe850227661b5e3c31296102067228439c28b8438e861eabdba8e303bd5756431d21920dec1bd150e688de8a7c992264b25b6d3f3a7c855f4122b3301c77c1239bb88927129b0d05f9dcff504a298bc2912776d2f72db282e4d6acdcc2cc1891d8d466e225965fbea55e6da0f5e152c74e1aa16759f775fcf21d3f5f7baf20a6a23f4f6a7ad02f9f81f4c4b64fc7d891b19a43e5620b083adb7c8da262727090db9293665e2c114982c9724bbef6c8aff41d813ba8400a20cfd12bca4de89892b5d8bf256cd57ee7bcbf9806b64bd056ec04c09e5b4448f0c9038ce19ceb2e3952ec2fc2a48c9f8d217f5d014677ec0b8c05a12df206bf9e765d445c8a0c07cbd0f57dbd702235237081eeb1424be5d6b28d3c6b18ab8518f798ffea1cb1336d6462450e08fdc6dedf8f504ddd365c75793bfd94ab319023c419e64cbe0a1a64f096c37d8ad8744e0b29a2b5f2dd9671455723c24d672b357ad21e40d20dfc088a823390f401ee2acb88800e1aba2cd63ac14c83efa03794edf08327c07ed47f8e3a8eff1e5111efc0cccde90c3a601aa7fe3559a90fd4e772477e601dfd0a1047ef07b9f1438744dd55b7f37db360545385838e3fd7ed464b90f5fb6fae460e3997ed8293d7f777c2cfd957534994491255348364983f57d2599adba36c1b68490954b4b0ecfc11205366485a3542123c21af4859c280c596b4deed64617c05b9f6fd2c63f44380a9ffd90a38fe42a11e36dd22e03aee4da965fe43ffd443f54be625dca7d597d17c3b3212a47e2b19aee71ecf7eff467e39b163dd49c89ad7f81fe0b2f038000d88f4fe8b5b790a1855561f9f2e01b0d8e85338080b2c0c9506577e99dd9ba35c5eebe414b30a51982132c5b21712adc9c3ae8c4d65610d3a07ccdf28afb0f11e2dbc8affc0f2e386cafb79c96b93b0530283fcda60cd5dfbc3312557e4b605deb47197c88999cfab47bec20ed7b3c66c2b8a227acf86553928ba67a9248f8682a4b941ebecc2659418eb0f477a19c4f984f21f54f683f0467851cfaf639437c14ca71fea938c0dcd029cfeb6cfc927c79dae05d8bacad61db4cf880d746b1c138f19009de43d0160233b22a57c7e151351d5ca16f2c180f889dd5c49f86f129b0d417cb48fd03b3ffa1c748120e0d660d4f92cdf0dc2b77df5ceb9b35c1e7c77ed86b2aa4525d416ed994de2b9bfc6766acd4188976344db1dd3139fb15325315ad7047a43e0f2bf2232c2973552b4aaf55ed5f0d5e667b60a7640debfdde17d4913ec6983c1e6767605618a5a3fe4c52804093909eb67d41d9e68f491efe1bb8cb549ffa8073ea342f6f372bf1feb80a0c2b279d685a24a2d8b5fb600c5de91f4bb983d34ec6c800a754e47595c24748327e1026ab131f3de97da2da89bf995b642eb2b8f669ea844bdbb78bf487baa18cb172de7adac55bc1a46e00a471e051d45a1739c2b1f29a3385dc7d561a157a47504603c2a3b4b0810cdc68d73e5d7e33b3d2d60971aa35dbe50b0e237b6f4f4a81d20209b4874495ed1356e1d01f6b44b3177144fe4e39fa5170385dcd4033ccc64271bb13b8e0ddac5a1d70d30707633d78a76da145301eaf5f3caafa0dea7591b044e97d64e95481f6a6cdd3420d637617a7ef10006ad1935bfce065c2b3eace136321e99de8666c851b26a3d6dba269f64a213f3bd3a3d3d96f642b8da0eb4bd451ba49c44fac180d10e626c3a7c84e76574281dd37cf34d66d8be8fa24080f8fdae3226645cd99dee085a7a52310e27a2054e480cef486145c158ef0c19b32d4bf8ed5261d96a05902eb517201bb08390b7a748f4147e192e93d0b3398f4fc060f9e15447e40ae172576be44610e660f122a1ce5426175847e0426d6ada029033a160dd83051d6dc45519f903ac0492a0ac2e685b01381590fe95e49fa4ca23fc31ea6da9b327a29b6e91e0532c3d5a58542d216ec93080421ffc209256305aca4bf7c29e306e34ee62ed3abe10140daad479d7d05b19c9305b333e192a03066f4d267f05d556dc91ce3a7e49a1f157366c06357777c449820188e0a83b0baf26d7e6ff11904ddcfefa2b7413a1132f01261e63ce77cd58b633b30d51994275cd5bebee2849bdc1fd44ca3bd8c63cea7cbf84a89c79be53f81ded1fa2563a47318d6d1265ab584cf335a3047bb153a2c5433780a558dcdcc4a00a45b7f2de2a5a1669e1667f643419e47262a7e5178cf55d66615ebd22424ade8bd0677df1f8cba264959cfc0034f0d3e9d813bdb52e2f9a30191240b0861d0cc0b411ceb3227a4e4874146558181fe80c9b01e5463db017511400e200ef87fd1ff994d8309d96729f68397f87070db5f5c403cd835dbb5156ab104c911f172619e22f663d443e461cfe112f2c4f375d5d39f2645b7a2aaf321a0eaaec5a626e924dab06161862e7979443523d76208f320956dc028625f0ec4a00fc8641979e9b0a1b7ccc177d990c5cf9068727c59367e3e398faccf4be6bf28b318f7d8ff3a0e56a85b7631c9b49633ef3321016625b5ad9c8e5aef945812a4c92d8ef4335ee8d13207e98ce79ef7c8b76d9adeb371c44b24cea33ae72343d6e59bcdb0cd87414a328ee152b2773cace385"]}, @nested={0x59, 0x113, 0x0, 0x1, [@generic="d460649c2f5f1c6daf1170cfc91f28c4640a4c213f0dfc24253ea11873c88927e76bbe09b361a41a5b737a16b98f80bd38346e3d1660a7b3921c03840e38e40d7cef7501360ae066dc70f2c2ee9a03daa5564311f1"]}, @generic="cae780f494", @generic="d41fcdebc9857bc050cebcd365d77c9045ef569d8506e7c8019065d73d27f961cafd45f9726dcd21db37a8a6f3174a484c9592a3f8a76fbf770dcb812dfc78308d1810de69f5a1a2b2d61c7e21e113bca71ea875bdcedcf22c0c0eb034cb421af42f385e5781c76e03492ba8a6fd7d97eba022e365f7fcedcddade448cf9fe1ae347dddf4c2a79f8a505c772c2baa1fc7044cdad0135ac4bfd000447c9c433e37b4eb345bacd7215b2c401cdd22407ba95e3eb7457990444e9da1eacf691af0bf17dbe3adfc9c6a43f2edbbecc6986b2e43332b31ceab049e12ca562", @nested={0x165, 0x99, 0x0, 0x1, [@nested={0x4, 0x76}, @nested={0x4, 0xa}, @typed={0x5, 0xe3, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x13b}, @generic="dde25d574e8fde3cdaa75e6e10bf84285d48ad0359be0b391e2f4e22e38b8c3c71b7e489abe76f8bf5773b8bd18f5820be4521724d032d3e56960ba094c353c0cb43c808fce081ce0ad744fd566c7041318797d4363a899df987b9e0d632a359f40dc07667478d57efa5ddd18cb39d6b46b70953349822806c8c1b765fb8ceb9e0699abadb0bc7ec282433ff61e130f03769cb2a589829eb429fa961ca27578e2f5cc65766a26715f25de381a23cb1918c47d44420cf3ca18cde1ab1e9e71614768b7d360ef42f66c0946f9c28868d0f2a13aa8a3aaa0e5ae79a0520", @generic="2c32cd48c1255c72a0df9544b8a5dd127cd70a168997635c4f32ea54074a37559555bde1d453080828597dc31f9daa60119a1616cc9464f085f06cc362f21ff86935d93723058fc8eba0fa9f40e5d1268f17170e289b9dc152ca83564156b80f4db40a19fe", @typed={0x8, 0x114, 0x0, 0x0, @pid=r6}, @nested={0x4, 0x7f}]}]}]}, 0x1490}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000040), 0x100b03, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0)
sendfile$auto(r7, r7, 0x0, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r8 = open(0x0, 0x1990c3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x40086602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0xef3, 0x0, 0xffff)
unshare$auto(0x40000080)

5.259112218s ago: executing program 0 (id=2930):
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x3ff, 0x0, 0xfffffffffffffffd, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0xc5, 0x7, 0x3000, 0x22, 0x1e, 0x400b, <r0=>0xffffffffffffffff, [], {0x6, 0x7, 0x8c48, 0x29c, 0x400, 0x80, 0x2, 0x6, 0x4}, {0x100, 0x1, 0x0, 0x2, 0x2, 0x24, 0xfe000000, 0xf2f1, 0x3}})
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = fcntl$auto_F_DUPFD_CLOEXEC(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
io_uring_register$auto_IORING_REGISTER_IOWQ_AFF(r1, 0x11, 0x0, 0x5c)
ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0)
r2 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0)
read$auto_lsm_ops_inode(r2, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x6, 0x10000001, 0x0, 0x8, 0x40000000000004)
mmap$auto(0x7, 0xd7f5, 0xdc, 0x9b72, 0x2, 0x8)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x2218e1, 0x0)
mmap$auto(0xfffffffffffffffd, 0x100002000a, 0xfffffffffffffffe, 0xeb1, 0xffffffffffffffff, 0x8001)
setsockopt$auto(r0, 0x10000007, 0x4, 0x0, 0x5)
mmap$auto(0x1000000004, 0x2, 0x7, 0x100000eb1, 0x40000000000a1, 0xa000)
setsockopt$auto(0xffffffffffffffff, 0x28, 0x2, 0x0, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r4)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000ffdbdf251400000008000300", @ANYRES32=0x0, @ANYBLOB="0800010006000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000c00}, 0x4000000)
close_range$auto(r3, 0x8, 0x3ff)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/loginuid\x00', 0x82840, 0x0)
mmap$auto(0xfffb, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
capset$auto(&(0x7f0000000100)={0x20080522}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyub\x00', 0x101840, 0x0)

3.935659285s ago: executing program 0 (id=2931):
write$auto(0xca, &(0x7f0000000100)='\x044\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\x02\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9\x03\x00F\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0xe)
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0xffff}, 0x5, 0x20000043)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0)
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x2000008, 0x2, 0x1, 0x9489, 0x1000000000000003, 0x15f4da06, 0x39, 0x3, 0xd6b4, 0x80000006, 0x7a142c64, 0x6d3c, 0x8, 0x80, 0xfb]}, 0x0)
fdatasync$auto(0xffffffffffffffff)
r1 = syz_clone(0x0, 0x0, 0x47, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x1d48, 0x0)
close_range$auto(0x2, 0x8, 0x0)
syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000280)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00', 0x3)
ptrace$auto_PTRACE_GETREGS(0xc, r1, 0x80000000, 0x1)
r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
connect$auto(r2, 0x0, 0xd)
pread64$auto(r2, 0x0, 0x101, 0x103)
read$auto_mon_fops_text_t_mon_text(r2, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
listen$auto(r3, 0x80)
kcmp$auto(r1, 0x0, 0x4, 0xffffffffffffffff, 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')

2.609340681s ago: executing program 0 (id=2932):
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_SE_IO(r1, &(0x7f0000000380)={&(0x7f0000000180), 0xc, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c010fda528c74585b432e5238c70000", @ANYRES16=r2, @ANYBLOB="000226bd7000fbdbdf251b00000005000b000e00000008000d0003000000e1001f0058c1cb779c1a653fad65719f086c09e3724f4c17031996ec70930df1968d935d3c6d344ff4189d18c8ac3626e23d9239dba08c4d3bf28e266b607f570d968de62293c7244857124985080d004eea91538834a87f744c65fdfb9630f01ddf35d9acae5484aaad8807bdb60db22e45fdc0d40da80fb1a6002fb0e5a89e8ae54a62bf8057ee408b4a3ab9c1c41c9839d2b16909f8a1894dde5bf3529952c3d972a5da2385a5785a08efdfee0ac2835b39d12a27fac051b9714f33f4d8d7b9b466a52b2de62a14c646bd03b92c3a345049d4436235649c370327113d43633300000005000c000400000005000f000300000005000f00040000000e0002006f76735f6d657465720000000b0014002a252e2324f8e400"], 0x13c}, 0x1, 0x0, 0x0, 0x804}, 0xc0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff)
sendmsg$auto_OVS_METER_CMD_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="d3c8090000020000000000000000040002000400047408000100f8ffffff04000600"], 0x28}}, 0x8080)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r0)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000140)='./file0\x00', 0xaa4c0, 0x40)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket(0x3, 0x1, 0x0)
r5 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f0000000000)={{0x3, 0x1000, 0x1, 0x2, 0x9faf}, "654c6dbc7a4d3098b281ed4f8207ed72d7e40000000000ebff0400000600"})
readv$auto(r5, &(0x7f0000000a80)={0x0, 0x100000ffff}, 0x1)
socket(0x2, 0x801, 0x106)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="130026bd70006b68e11636178b6608000300", @ANYRES8], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x40815)
socket(0x2, 0x1, 0x0)
r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0)
r9 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r8, 0x4b68, r9)

1.591403487s ago: executing program 0 (id=2933):
r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"})
ioctl$auto_SNDRV_TIMER_IOCTL_STATUS64(r0, 0x80605414, &(0x7f0000000000)={0x6, 0x3, 0x200, 0xba44, 0x2, 0xb, "e00026e8fdffdbcd2c02d3c293faa80c2f5336d79fc5b8202cb37f6b6d22c42432352deb58e78afdbae70400"})
mmap$auto(0x0, 0xf, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
getresgid$auto(0x0, 0x0, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000001680)='\v\x90\xd1\xda\xbc>1\x8ag\x14\x18\xbe\xdc\x00', 0x1)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x3a)
socket(0xa, 0x2, 0x0)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x800, 0x0)
shmctl$auto(0x0, 0x1, 0x0)
ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/003/001\x00', 0x42082, 0x0)
write$auto(0xca, &(0x7f0000000500)='\x04>\xce\v<\xe1\x00\x00\x01p!]\xcfR\xcc\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc1\x19HY\x9c\x97i\xec^\xbc\xb3`\x10+}\xd0\xfd\xf0\xa5\x0e\a\xabU\xb9\x93\xebq@1\x1a`pgQ\a\x87-\xa9\x03\x8eF\x138\x9a\xd7\x8c~w\x9a\x13\xe3\xa7\xc6k\xef1Tb\xf2\xc1FT|\xa1\xc3SD8\xc0bj\x11\xcc\b\"\xb3X\xae\xfapM\x97\xdc\x95\x13T\x7f\'K\x05\xe8\x9f\xf3=b\xa5\xbd1\xb1\xcb\xd8\x90\xd5\xdf\xd1\xd2\xd7_\b\xc0\x94', 0x7f)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0)
write$auto(r2, &(0x7f0000000400)='odev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = getsockopt$auto(0x6, 0x0, 0xc, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
madvise$auto(0x0, 0xffffffffffff0006, 0xed9f)
read$auto_lowpan_control_fops_6lowpan(r3, &(0x7f0000000080)=""/20, 0x14)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
mmap$auto(0x1, 0x8d4, 0x6, 0x6f52, 0xffffffffffffffff, 0x8000)

1.179220311s ago: executing program 0 (id=2934):
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x3ff, 0x0, 0xfffffffffffffffd, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0xc5, 0x7, 0x3000, 0x22, 0x1e, 0x400b, <r0=>0xffffffffffffffff, [], {0x6, 0x7, 0x8c48, 0x29c, 0x400, 0x80, 0x2, 0x6, 0x4}, {0x100, 0x1, 0x0, 0x2, 0x2, 0x24, 0xfe000000, 0xf2f1, 0x3}})
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = fcntl$auto_F_DUPFD_CLOEXEC(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
io_uring_register$auto_IORING_REGISTER_IOWQ_AFF(r1, 0x11, 0x0, 0x5c)
ioctl$auto_UBI_IOCDET(r1, 0x40046f41, 0x0)
r2 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0)
read$auto_lsm_ops_inode(r2, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x6, 0x10000001, 0x0, 0x8, 0x40000000000004)
mmap$auto(0x7, 0xd7f5, 0xdc, 0x9b72, 0x2, 0x8)
r3 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x2218e1, 0x0)
mmap$auto(0xfffffffffffffffd, 0x100002000a, 0xfffffffffffffffe, 0xeb1, 0xffffffffffffffff, 0x8001)
setsockopt$auto(r0, 0x10000007, 0x4, 0x0, 0x5)
mmap$auto(0x1000000004, 0x2, 0x7, 0x100000eb1, 0x40000000000a1, 0xa000)
setsockopt$auto(0xffffffffffffffff, 0x28, 0x2, &(0x7f0000000140)='\x04\x00', 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl802154(0x0, r4)
sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000ffdbdf251400000008000300", @ANYRES32=0x0, @ANYBLOB="0800010006000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000c00}, 0x4000000)
close_range$auto(r3, 0x8, 0x3ff)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/loginuid\x00', 0x82840, 0x0)
mmap$auto(0xfffb, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
capset$auto(&(0x7f0000000100)={0x20080522}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyub\x00', 0x101840, 0x0)

0s ago: executing program 0 (id=2935):
mmap$auto(0x0, 0x10000, 0xdf, 0x9b72, 0x2, 0x4)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/vicodec.0/modalias\x00', 0x40, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000380)=""/11, 0xb)
io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x2, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xc048aec8, r1)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x10000000008000)
setuid$auto(0xe)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r4 = socket(0x2, 0x2, 0x1)
setsockopt$auto(r4, 0x0, 0x80, 0x0, 0x78)
mmap$auto(0x20000000000, 0x7ff, 0xffb, 0x8000000008011, 0x3, 0x0)
ioctl$auto(0x3, 0x40106f52, r3)

kernel console output (not intermixed with test programs):

568.638062][T13906]  ? __pfx_ksys_unshare+0x10/0x10
[  568.638118][T13906]  __x64_sys_unshare+0x31/0x40
[  568.638157][T13906]  do_syscall_64+0x106/0xf80
[  568.638190][T13906]  ? clear_bhb_loop+0x40/0x90
[  568.638231][T13906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.638266][T13906] RIP: 0033:0x7f2988b9c629
[  568.638293][T13906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  568.638326][T13906] RSP: 002b:00007f2989a77028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  568.638357][T13906] RAX: ffffffffffffffda RBX: 00007f2988e15fa0 RCX: 00007f2988b9c629
[  568.638379][T13906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  568.638399][T13906] RBP: 00007f2988c32b39 R08: 0000000000000000 R09: 0000000000000000
[  568.638419][T13906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  568.638437][T13906] R13: 00007f2988e16038 R14: 00007f2988e15fa0 R15: 00007ffde9793098
[  568.638479][T13906]  </TASK>
[  568.638545][T13906] 8021q: can't create entry in proc filesystem!
[  569.418847][T13920] ima: policy update failed
[  569.427671][   T29] audit: type=1802 audit(1771957622.556:84): pid=13920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1957" res=0 errno=0
[  569.859924][T13936] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1958'.
[  570.663880][T13943] NFSD: Failed to start, no listeners configured.
[  571.206956][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  571.336566][T13947] zswap: compressor  not available
[  572.013405][T13973] netlink: 'syz.2.1967': attribute type 19 has an invalid length.
[  572.021480][T13973] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1967'.
[  572.641320][T13989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1971'.
[  572.691927][T13989] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1971'.
[  574.207399][T14003] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1974'.
[  575.030388][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  575.310520][ T5826] Bluetooth: hci0: unexpected event 0x34 length: 11 > 6
[  575.731627][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  577.082504][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  578.306646][T14044] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1985'.
[  578.332829][T14044] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1985'.
[  579.662700][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  581.890196][T14078] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1994'.
[  582.205716][ T5144] Bluetooth: hci2: Malformed LE Event: 0x0b
[  582.224558][T14082] ima: policy update failed
[  582.230978][   T29] audit: type=1802 audit(1771957635.350:85): pid=14082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1996" res=0 errno=0
[  583.825965][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  584.331188][T14118] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  584.915719][T14125] ima: policy update failed
[  584.924863][   T29] audit: type=1802 audit(1771957638.039:86): pid=14125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2006" res=0 errno=0
[  585.359997][   T29] audit: type=1800 audit(1771957638.478:87): pid=14134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2008" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  585.865624][T14144] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2010'.
[  586.242552][T14149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2021'.
[  586.269337][T14149] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2021'.
[  586.465715][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  587.590463][T14159] zswap: compressor  not available
[  587.656653][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  588.138516][T14172] zswap: compressor  not available
[  589.908407][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  590.183127][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  590.298411][T14212] smpboot: CPU 1 is now offline
[  591.002994][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  592.459755][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  592.619120][T14253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2038'.
[  592.660382][T14253] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2038'.
[  593.549255][T14264] ima: policy update failed
[  593.609405][   T29] audit: type=1802 audit(1771957646.714:88): pid=14264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2040" res=0 errno=0
[  595.514604][T14304] ima: policy update failed
[  595.548040][   T29] audit: type=1802 audit(1771957648.653:89): pid=14304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2051" res=0 errno=0
[  595.650469][T14310] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2053'.
[  595.684454][T14310] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2053'.
[  597.486838][T14338] random: crng reseeded on system resumption
[  598.245149][T14355] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2066'.
[  598.853978][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  599.702380][T14379] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2072'.
[  600.456178][T14399] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2079'.
[  600.721690][T14411] FAULT_INJECTION: forcing a failure.
[  600.721690][T14411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  600.769639][T14411] CPU: 0 UID: 0 PID: 14411 Comm: syz.0.2083 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.769677][T14411] Tainted: [L]=SOFTLOCKUP
[  600.769685][T14411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  600.769699][T14411] Call Trace:
[  600.769707][T14411]  <TASK>
[  600.769716][T14411]  dump_stack_lvl+0x100/0x190
[  600.769757][T14411]  should_fail_ex.cold+0x5/0xa
[  600.769784][T14411]  _copy_to_user+0x32/0xd0
[  600.769821][T14411]  simple_read_from_buffer+0xcb/0x170
[  600.769858][T14411]  proc_fail_nth_read+0x1af/0x230
[  600.769885][T14411]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  600.769913][T14411]  ? rw_verify_area+0xce/0x6d0
[  600.769943][T14411]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  600.769968][T14411]  vfs_read+0x1e4/0xb30
[  600.770006][T14411]  ? __pfx_vfs_read+0x10/0x10
[  600.770046][T14411]  ? __fget_files+0x215/0x3d0
[  600.770087][T14411]  ? __fget_files+0x21f/0x3d0
[  600.770129][T14411]  ksys_read+0x12a/0x250
[  600.770163][T14411]  ? __pfx_ksys_read+0x10/0x10
[  600.770206][T14411]  do_syscall_64+0x106/0xf80
[  600.770231][T14411]  ? clear_bhb_loop+0x40/0x90
[  600.770259][T14411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.770282][T14411] RIP: 0033:0x7f92d055cece
[  600.770301][T14411] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  600.770324][T14411] RSP: 002b:00007f92d14e7fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  600.770346][T14411] RAX: ffffffffffffffda RBX: 00007f92d14e86c0 RCX: 00007f92d055cece
[  600.770361][T14411] RDX: 000000000000000f RSI: 00007f92d14e80a0 RDI: 0000000000000004
[  600.770375][T14411] RBP: 00007f92d14e8090 R08: 0000000000000000 R09: 0000000000000000
[  600.770389][T14411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.770402][T14411] R13: 00007f92d0816038 R14: 00007f92d0815fa0 R15: 00007ffe9bdf5cc8
[  600.770432][T14411]  </TASK>
[  601.383897][T14417] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2084'.
[  602.362476][ T5144] Bluetooth: hci2: Malformed LE Event: 0x0b
[  602.822609][T14427] ima: policy update failed
[  602.900075][   T29] audit: type=1802 audit(1771957656.010:90): pid=14427 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2088" res=0 errno=0
[  603.517347][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  603.798742][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  606.196512][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  606.339960][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  607.542115][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  609.049364][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  609.656037][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  610.028425][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  610.595859][T14545] FAULT_INJECTION: forcing a failure.
[  610.595859][T14545] name failslab, interval 1, probability 0, space 0, times 0
[  610.655038][T14545] CPU: 0 UID: 0 PID: 14545 Comm: syz.3.2118 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  610.655077][T14545] Tainted: [L]=SOFTLOCKUP
[  610.655085][T14545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  610.655099][T14545] Call Trace:
[  610.655107][T14545]  <TASK>
[  610.655117][T14545]  dump_stack_lvl+0x100/0x190
[  610.655158][T14545]  should_fail_ex.cold+0x5/0xa
[  610.655185][T14545]  ? tomoyo_encode2+0xfb/0x3c0
[  610.655209][T14545]  should_failslab+0xc2/0x120
[  610.655232][T14545]  __kmalloc_noprof+0xe0/0x850
[  610.655265][T14545]  ? rcu_is_watching+0x12/0xc0
[  610.655306][T14545]  tomoyo_encode2+0xfb/0x3c0
[  610.655334][T14545]  tomoyo_encode+0x29/0x50
[  610.655357][T14545]  tomoyo_realpath_from_path+0x18c/0x690
[  610.655390][T14545]  tomoyo_check_open_permission+0x2af/0x3c0
[  610.655429][T14545]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  610.655495][T14545]  ? do_raw_spin_lock+0x128/0x260
[  610.655540][T14545]  ? path_get+0x61/0x80
[  610.655567][T14545]  tomoyo_file_open+0x6b/0x90
[  610.655597][T14545]  security_file_open+0xb5/0x1e0
[  610.655621][T14545]  do_dentry_open+0x5aa/0x1660
[  610.655662][T14545]  ? security_inode_permission+0xbf/0x250
[  610.655704][T14545]  vfs_open+0x82/0x3f0
[  610.655735][T14545]  path_openat+0x208c/0x31a0
[  610.655785][T14545]  ? __pfx_path_openat+0x10/0x10
[  610.655819][T14545]  do_file_open+0x20e/0x430
[  610.655843][T14545]  ? __pfx_do_file_open+0x10/0x10
[  610.655887][T14545]  ? alloc_fd+0x476/0x790
[  610.655929][T14545]  ? do_getname+0x191/0x390
[  610.655960][T14545]  do_sys_openat2+0x10d/0x1e0
[  610.655989][T14545]  ? __pfx_do_sys_openat2+0x10/0x10
[  610.656021][T14545]  ? __fget_files+0x21f/0x3d0
[  610.656064][T14545]  __x64_sys_openat+0x12d/0x210
[  610.656095][T14545]  ? __pfx___x64_sys_openat+0x10/0x10
[  610.656136][T14545]  do_syscall_64+0x106/0xf80
[  610.656162][T14545]  ? clear_bhb_loop+0x40/0x90
[  610.656191][T14545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  610.656216][T14545] RIP: 0033:0x7f6db2b9c629
[  610.656236][T14545] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  610.656260][T14545] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  610.656283][T14545] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  610.656299][T14545] RDX: 0000000000109c00 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  610.656314][T14545] RBP: 00007f6db2c32b39 R08: 0000000000000000 R09: 0000000000000000
[  610.656328][T14545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  610.656342][T14545] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  610.656373][T14545]  </TASK>
[  610.656399][T14545] ERROR: Out of memory at tomoyo_realpath_from_path.
[  612.034202][T14552] ima: policy update failed
[  612.219076][   T29] audit: type=1802 audit(1771957665.305:91): pid=14552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2119" res=0 errno=0
[  612.379954][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  612.854773][T14561] zswap: compressor  not available
[  613.169656][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  613.419066][T14570] zswap: compressor  not available
[  613.818698][T14587] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2127'.
[  614.672717][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  615.598372][T14619] ima: policy update failed
[  615.647629][T14624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2134'.
[  615.690261][   T29] audit: type=1802 audit(1771957668.783:92): pid=14619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2133" res=0 errno=0
[  615.741478][T14624] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2134'.
[  616.252667][T14639] smpboot: Booting Node 0 Processor 1 APIC 0x1
[  617.147757][T14660] sp0: Synchronizing with TNC
[  617.256583][T14672] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2142'.
[  617.488108][T14672] bond0: (slave bond_slave_1): Releasing backup interface
[  617.706868][T14683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2146'.
[  617.731533][T14678] ima: policy update failed
[  617.768246][   T29] audit: type=1802 audit(1771957670.862:93): pid=14678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2145" res=0 errno=0
[  618.527490][T14698] FAULT_INJECTION: forcing a failure.
[  618.527490][T14698] name failslab, interval 1, probability 0, space 0, times 0
[  618.557750][T14698] CPU: 1 UID: 0 PID: 14698 Comm: syz.3.2150 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  618.557802][T14698] Tainted: [L]=SOFTLOCKUP
[  618.557813][T14698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  618.557833][T14698] Call Trace:
[  618.557844][T14698]  <TASK>
[  618.557856][T14698]  dump_stack_lvl+0x100/0x190
[  618.557910][T14698]  should_fail_ex.cold+0x5/0xa
[  618.557949][T14698]  should_failslab+0xc2/0x120
[  618.557981][T14698]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  618.558028][T14698]  ? posix_lock_inode+0x427/0x2440
[  618.558083][T14698]  ? locks_get_lock_context+0x34f/0x640
[  618.558136][T14698]  posix_lock_inode+0x427/0x2440
[  618.558208][T14698]  ? __pfx_posix_lock_inode+0x10/0x10
[  618.558276][T14698]  vfs_lock_file+0xfb/0x150
[  618.558331][T14698]  fcntl_setlk+0x782/0xe40
[  618.558369][T14698]  ? __pfx_fcntl_setlk+0x10/0x10
[  618.558407][T14698]  ? __might_fault+0xc5/0x140
[  618.558450][T14698]  ? __might_fault+0xc5/0x140
[  618.558520][T14698]  do_fcntl+0xf39/0x1670
[  618.558562][T14698]  ? __pfx_do_fcntl+0x10/0x10
[  618.558599][T14698]  ? __fget_files+0x215/0x3d0
[  618.558666][T14698]  ? tomoyo_file_fcntl+0x6c/0xc0
[  618.558713][T14698]  __x64_sys_fcntl+0x163/0x200
[  618.558761][T14698]  do_syscall_64+0x106/0xf80
[  618.558797][T14698]  ? clear_bhb_loop+0x40/0x90
[  618.558840][T14698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.558874][T14698] RIP: 0033:0x7f6db2b9c629
[  618.558902][T14698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  618.558935][T14698] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  618.558969][T14698] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  618.558991][T14698] RDX: 0000000000001298 RSI: 0000000000000026 RDI: 0000000000000005
[  618.559012][T14698] RBP: 00007f6db2c32b39 R08: 0000000000000000 R09: 0000000000000000
[  618.559032][T14698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  618.559051][T14698] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  618.559095][T14698]  </TASK>
[  619.076162][T14713] FAULT_INJECTION: forcing a failure.
[  619.076162][T14713] name failslab, interval 1, probability 0, space 0, times 0
[  619.088818][T14707] zswap: compressor  not available
[  619.136447][T14713] CPU: 1 UID: 0 PID: 14713 Comm: syz.3.2154 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  619.136497][T14713] Tainted: [L]=SOFTLOCKUP
[  619.136509][T14713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  619.136527][T14713] Call Trace:
[  619.136538][T14713]  <TASK>
[  619.136549][T14713]  dump_stack_lvl+0x100/0x190
[  619.136602][T14713]  should_fail_ex.cold+0x5/0xa
[  619.136640][T14713]  ? tomoyo_realpath_from_path+0xb6/0x690
[  619.136674][T14713]  should_failslab+0xc2/0x120
[  619.136705][T14713]  __kmalloc_noprof+0xe0/0x850
[  619.136771][T14713]  tomoyo_realpath_from_path+0xb6/0x690
[  619.136816][T14713]  tomoyo_path_number_perm+0x23c/0x580
[  619.136865][T14713]  ? tomoyo_path_number_perm+0x22e/0x580
[  619.136917][T14713]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  619.137010][T14713]  ? find_held_lock+0x2b/0x80
[  619.137038][T14713]  ? __fget_files+0x215/0x3d0
[  619.137085][T14713]  ? hook_file_ioctl_common+0x146/0x410
[  619.137145][T14713]  ? __fget_files+0x21f/0x3d0
[  619.137201][T14713]  security_file_ioctl+0xd3/0x230
[  619.137253][T14713]  __x64_sys_ioctl+0xb7/0x210
[  619.137301][T14713]  do_syscall_64+0x106/0xf80
[  619.137335][T14713]  ? clear_bhb_loop+0x40/0x90
[  619.137375][T14713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.137409][T14713] RIP: 0033:0x7f6db2b9c629
[  619.137435][T14713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  619.137476][T14713] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  619.137507][T14713] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  619.137528][T14713] RDX: 0000000000000004 RSI: 0000000040106f52 RDI: 0000000000000003
[  619.137548][T14713] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  619.137566][T14713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  619.137585][T14713] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  619.137628][T14713]  </TASK>
[  619.342080][T14713] ERROR: Out of memory at tomoyo_realpath_from_path.
[  619.521982][T14723] FAULT_INJECTION: forcing a failure.
[  619.521982][T14723] name failslab, interval 1, probability 0, space 0, times 0
[  619.542351][T14723] CPU: 1 UID: 0 PID: 14723 Comm: syz.0.2157 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  619.542399][T14723] Tainted: [L]=SOFTLOCKUP
[  619.542411][T14723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  619.542429][T14723] Call Trace:
[  619.542440][T14723]  <TASK>
[  619.542451][T14723]  dump_stack_lvl+0x100/0x190
[  619.542506][T14723]  should_fail_ex.cold+0x5/0xa
[  619.542543][T14723]  ? tomoyo_realpath_from_path+0xb6/0x690
[  619.542576][T14723]  should_failslab+0xc2/0x120
[  619.542607][T14723]  __kmalloc_noprof+0xe0/0x850
[  619.542672][T14723]  tomoyo_realpath_from_path+0xb6/0x690
[  619.542716][T14723]  tomoyo_path_number_perm+0x23c/0x580
[  619.542762][T14723]  ? tomoyo_path_number_perm+0x22e/0x580
[  619.542814][T14723]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  619.542902][T14723]  ? find_held_lock+0x2b/0x80
[  619.542932][T14723]  ? __fget_files+0x215/0x3d0
[  619.542979][T14723]  ? hook_file_ioctl_common+0x146/0x410
[  619.543038][T14723]  ? __fget_files+0x21f/0x3d0
[  619.543093][T14723]  security_file_ioctl+0xd3/0x230
[  619.543145][T14723]  __x64_sys_ioctl+0xb7/0x210
[  619.543192][T14723]  do_syscall_64+0x106/0xf80
[  619.543226][T14723]  ? clear_bhb_loop+0x40/0x90
[  619.543266][T14723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.543299][T14723] RIP: 0033:0x7f92d059c629
[  619.543325][T14723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  619.543356][T14723] RSP: 002b:00007f92d14e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  619.543386][T14723] RAX: ffffffffffffffda RBX: 00007f92d0815fa0 RCX: 00007f92d059c629
[  619.543408][T14723] RDX: 0000000000000000 RSI: 00000000c080aebe RDI: 0000000000000004
[  619.543426][T14723] RBP: 00007f92d14e8090 R08: 0000000000000000 R09: 0000000000000000
[  619.543445][T14723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  619.543463][T14723] R13: 00007f92d0816038 R14: 00007f92d0815fa0 R15: 00007ffe9bdf5cc8
[  619.543506][T14723]  </TASK>
[  619.543582][T14723] ERROR: Out of memory at tomoyo_realpath_from_path.
[  619.770472][T14718] zswap: compressor  not available
[  620.122703][T14737] vivid-007: =================  START STATUS  =================
[  620.146347][T14737] vivid-007: Generate PTS: true
[  620.151320][T14737] vivid-007: Generate SCR: true
[  620.171124][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  620.176922][T14737] tpg source WxH: 320x240 (Y'CbCr)
[  620.182241][T14737] tpg field: 1
[  620.278360][T14737] tpg crop: (0,0)/320x240
[  620.343711][T14737] tpg compose: (0,0)/320x240
[  620.364271][T14737] tpg colorspace: 8
[  620.389194][T14737] tpg transfer function: 0/0
[  620.407859][T14737] tpg Y'CbCr encoding: 0/0
[  620.468794][T14737] tpg quantization: 0/0
[  620.506760][T14737] tpg RGB range: 0/2
[  620.538992][T14737] vivid-007: ==================  END STATUS  ==================
[  620.921255][T14759] FAULT_INJECTION: forcing a failure.
[  620.921255][T14759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  620.934748][T14759] CPU: 0 UID: 0 PID: 14759 Comm: syz.3.2162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  620.934796][T14759] Tainted: [L]=SOFTLOCKUP
[  620.934807][T14759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  620.934824][T14759] Call Trace:
[  620.934834][T14759]  <TASK>
[  620.934845][T14759]  dump_stack_lvl+0x100/0x190
[  620.934898][T14759]  should_fail_ex.cold+0x5/0xa
[  620.934935][T14759]  _copy_from_user+0x2e/0xd0
[  620.934988][T14759]  copy_msghdr_from_user+0x9f/0x4f0
[  620.935038][T14759]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  620.935106][T14759]  ___sys_sendmsg+0x106/0x1e0
[  620.935157][T14759]  ? __pfx____sys_sendmsg+0x10/0x10
[  620.935255][T14759]  __sys_sendmsg+0x170/0x220
[  620.935293][T14759]  ? __pfx___sys_sendmsg+0x10/0x10
[  620.935351][T14759]  do_syscall_64+0x106/0xf80
[  620.935383][T14759]  ? clear_bhb_loop+0x40/0x90
[  620.935423][T14759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.935456][T14759] RIP: 0033:0x7f6db2b9c629
[  620.935483][T14759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  620.935515][T14759] RSP: 002b:00007f6db3aaf028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  620.935547][T14759] RAX: ffffffffffffffda RBX: 00007f6db2e16270 RCX: 00007f6db2b9c629
[  620.935567][T14759] RDX: 0000000000000040 RSI: 0000200000000cc0 RDI: 0000000000000008
[  620.935593][T14759] RBP: 00007f6db3aaf090 R08: 0000000000000000 R09: 0000000000000000
[  620.935613][T14759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  620.935631][T14759] R13: 00007f6db2e16308 R14: 00007f6db2e16270 R15: 00007fff7f4d4818
[  620.935673][T14759]  </TASK>
[  621.502191][T14769] zswap: compressor  not available
[  621.586605][T14777] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2166'.
[  621.741171][T14780] netlink: 86 bytes leftover after parsing attributes in process `syz.2.2168'.
[  622.909686][T14797] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2173'.
[  624.046568][T14832] FAULT_INJECTION: forcing a failure.
[  624.046568][T14832] name failslab, interval 1, probability 0, space 0, times 0
[  624.060275][T14832] CPU: 1 UID: 0 PID: 14832 Comm: syz.1.2181 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  624.060339][T14832] Tainted: [L]=SOFTLOCKUP
[  624.060350][T14832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  624.060368][T14832] Call Trace:
[  624.060377][T14832]  <TASK>
[  624.060387][T14832]  dump_stack_lvl+0x100/0x190
[  624.060434][T14832]  should_fail_ex.cold+0x5/0xa
[  624.060467][T14832]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  624.060511][T14832]  should_failslab+0xc2/0x120
[  624.060539][T14832]  __kmalloc_noprof+0xe0/0x850
[  624.060579][T14832]  ? lockdep_hardirqs_on+0x78/0x100
[  624.060617][T14832]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[  624.060669][T14832]  genl_family_rcv_msg_doit+0xc7/0x300
[  624.060713][T14832]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  624.060754][T14832]  ? genl_get_cmd+0x3ef/0x720
[  624.060802][T14832]  ? bpf_lsm_capable+0x9/0x10
[  624.060829][T14832]  ? security_capable+0x80/0x260
[  624.060874][T14832]  genl_rcv_msg+0x560/0x800
[  624.060919][T14832]  ? __pfx_genl_rcv_msg+0x10/0x10
[  624.060961][T14832]  ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10
[  624.061025][T14832]  netlink_rcv_skb+0x159/0x420
[  624.061062][T14832]  ? __pfx_genl_rcv_msg+0x10/0x10
[  624.061106][T14832]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  624.061158][T14832]  ? netlink_deliver_tap+0x1ae/0xcc0
[  624.061198][T14832]  genl_rcv+0x28/0x40
[  624.061233][T14832]  netlink_unicast+0x5aa/0x870
[  624.061274][T14832]  ? __pfx_netlink_unicast+0x10/0x10
[  624.061333][T14832]  netlink_sendmsg+0x8b0/0xda0
[  624.061377][T14832]  ? __pfx_netlink_sendmsg+0x10/0x10
[  624.061411][T14832]  ? __import_iovec+0x1d2/0x640
[  624.061463][T14832]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  624.061508][T14832]  ____sys_sendmsg+0xa54/0xc30
[  624.061554][T14832]  ? __pfx_____sys_sendmsg+0x10/0x10
[  624.061614][T14832]  ___sys_sendmsg+0x190/0x1e0
[  624.061660][T14832]  ? __pfx____sys_sendmsg+0x10/0x10
[  624.061753][T14832]  __sys_sendmsg+0x170/0x220
[  624.061787][T14832]  ? __pfx___sys_sendmsg+0x10/0x10
[  624.061845][T14832]  do_syscall_64+0x106/0xf80
[  624.061877][T14832]  ? clear_bhb_loop+0x40/0x90
[  624.061915][T14832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.061945][T14832] RIP: 0033:0x7f2988b9c629
[  624.061969][T14832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  624.061999][T14832] RSP: 002b:00007f2989a77028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  624.062028][T14832] RAX: ffffffffffffffda RBX: 00007f2988e15fa0 RCX: 00007f2988b9c629
[  624.062048][T14832] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000004
[  624.062068][T14832] RBP: 00007f2989a77090 R08: 0000000000000000 R09: 0000000000000000
[  624.062086][T14832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  624.062102][T14832] R13: 00007f2988e16038 R14: 00007f2988e15fa0 R15: 00007ffde9793098
[  624.062141][T14832]  </TASK>
[  624.357423][T14832] NFSD: Failed to start, no listeners configured.
[  624.368153][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  624.777932][T14847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2185'.
[  624.810964][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  624.817785][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  624.859324][T14842] NFSD: Failed to start, no listeners configured.
[  625.319650][T14856] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2188'.
[  625.716655][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  625.878317][T14868] zswap: compressor  not available
[  626.060626][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  628.400025][T14904] zswap: compressor �„1ÐŽ¸ not available
[  628.816946][T14914] zswap: compressor  not available
[  629.378154][ T5826] Bluetooth: hci0: Malformed LE Event: 0x0b
[  629.594877][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  630.340061][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  630.486363][T14956] ima: policy update failed
[  630.544341][   T29] audit: type=1802 audit(1771957683.636:94): pid=14956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2212" res=0 errno=0
[  631.293116][ T5826] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  632.224480][T14996] FAULT_INJECTION: forcing a failure.
[  632.224480][T14996] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  632.254223][T14996] CPU: 1 UID: 0 PID: 14996 Comm: syz.1.2220 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  632.254296][T14996] Tainted: [L]=SOFTLOCKUP
[  632.254309][T14996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  632.254328][T14996] Call Trace:
[  632.254340][T14996]  <TASK>
[  632.254352][T14996]  dump_stack_lvl+0x100/0x190
[  632.254410][T14996]  should_fail_ex.cold+0x5/0xa
[  632.254443][T14996]  ? prepare_alloc_pages+0x16d/0x5f0
[  632.254484][T14996]  should_fail_alloc_page+0xeb/0x140
[  632.254520][T14996]  prepare_alloc_pages+0x1f0/0x5f0
[  632.254567][T14996]  ? arch_stack_walk+0xa6/0xf0
[  632.254604][T14996]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  632.254665][T14996]  ? stack_trace_save+0x8e/0xc0
[  632.254698][T14996]  ? __pfx_stack_trace_save+0x10/0x10
[  632.254732][T14996]  ? stack_depot_save_flags+0x27/0x9d0
[  632.254795][T14996]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  632.254857][T14996]  ? kasan_save_stack+0x3f/0x50
[  632.254905][T14996]  ? kasan_save_stack+0x30/0x50
[  632.254951][T14996]  ? __kasan_slab_alloc+0x89/0x90
[  632.255000][T14996]  ? __pmd_alloc+0xbf/0x9c0
[  632.255031][T14996]  ? move_page_tables+0x3224/0x4500
[  632.255073][T14996]  ? copy_vma_and_data+0x25c/0x7c0
[  632.255115][T14996]  ? move_vma+0x51b/0x1890
[  632.255155][T14996]  ? mremap_to+0x1b7/0x450
[  632.255195][T14996]  ? do_mremap+0xb76/0x2130
[  632.255237][T14996]  ? __do_sys_mremap+0x126/0x170
[  632.255280][T14996]  ? do_syscall_64+0x106/0xf80
[  632.255314][T14996]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.255365][T14996]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  632.255423][T14996]  ? policy_nodemask+0xed/0x4f0
[  632.255458][T14996]  alloc_pages_mpol+0x1fb/0x550
[  632.255491][T14996]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  632.255543][T14996]  alloc_pages_noprof+0x131/0x390
[  632.255579][T14996]  pte_alloc_one+0x1e/0x3e0
[  632.255618][T14996]  __pte_alloc+0x6d/0x3f0
[  632.255649][T14996]  ? __pfx___pte_alloc+0x10/0x10
[  632.255680][T14996]  ? _raw_spin_unlock+0x28/0x50
[  632.255731][T14996]  ? __pmd_alloc+0x6aa/0x9c0
[  632.255770][T14996]  move_page_tables+0x257e/0x4500
[  632.255818][T14996]  ? __pfx_copy_vma+0x10/0x10
[  632.255878][T14996]  ? __pfx_move_page_tables+0x10/0x10
[  632.255956][T14996]  copy_vma_and_data+0x25c/0x7c0
[  632.256006][T14996]  ? __pfx_copy_vma_and_data+0x10/0x10
[  632.256089][T14996]  ? __vma_start_write+0x17f/0x280
[  632.256130][T14996]  ? __pfx___vma_start_write+0x10/0x10
[  632.256190][T14996]  move_vma+0x51b/0x1890
[  632.256244][T14996]  ? __pfx_move_vma+0x10/0x10
[  632.256295][T14996]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  632.256338][T14996]  ? cap_mmap_addr+0x4b/0x120
[  632.256379][T14996]  ? bpf_lsm_mmap_addr+0x9/0x30
[  632.256429][T14996]  ? security_mmap_addr+0x71/0x1e0
[  632.256485][T14996]  ? __get_unmapped_area+0x255/0x3e0
[  632.256531][T14996]  ? vrm_set_new_addr+0x204/0x290
[  632.256580][T14996]  mremap_to+0x1b7/0x450
[  632.256628][T14996]  do_mremap+0xb76/0x2130
[  632.256693][T14996]  ? __pfx_do_mremap+0x10/0x10
[  632.256750][T14996]  ? ksys_write+0x190/0x250
[  632.256812][T14996]  __do_sys_mremap+0x126/0x170
[  632.256860][T14996]  ? __pfx___do_sys_mremap+0x10/0x10
[  632.256919][T14996]  ? __x64_sys_futex+0x34f/0x4d0
[  632.256989][T14996]  do_syscall_64+0x106/0xf80
[  632.257026][T14996]  ? clear_bhb_loop+0x40/0x90
[  632.257068][T14996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  632.257103][T14996] RIP: 0033:0x7f2988b9c629
[  632.257132][T14996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  632.257167][T14996] RSP: 002b:00007f2989a56028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  632.257202][T14996] RAX: ffffffffffffffda RBX: 00007f2988e16090 RCX: 00007f2988b9c629
[  632.257225][T14996] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000
[  632.257246][T14996] RBP: 00007f2988c32b39 R08: 0000000100000000 R09: 0000000000000000
[  632.257268][T14996] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  632.257290][T14996] R13: 00007f2988e16128 R14: 00007f2988e16090 R15: 00007ffde9793098
[  632.257345][T14996]  </TASK>
[  634.310915][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  634.517293][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  634.931259][T15049] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2234'.
[  635.624394][T15060] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2237'.
[  638.721377][T15091] ima: policy update failed
[  638.732826][   T29] audit: type=1802 audit(1771957691.822:95): pid=15091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2244" res=0 errno=0
[  639.428193][T15107] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2248'.
[  640.993096][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  641.852621][T15142] FAULT_INJECTION: forcing a failure.
[  641.852621][T15142] name failslab, interval 1, probability 0, space 0, times 0
[  641.868477][T15142] CPU: 0 UID: 0 PID: 15142 Comm: syz.2.2259 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  641.868535][T15142] Tainted: [L]=SOFTLOCKUP
[  641.868547][T15142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  641.868569][T15142] Call Trace:
[  641.868580][T15142]  <TASK>
[  641.868593][T15142]  dump_stack_lvl+0x100/0x190
[  641.868652][T15142]  should_fail_ex.cold+0x5/0xa
[  641.868693][T15142]  should_failslab+0xc2/0x120
[  641.868739][T15142]  __kmalloc_cache_noprof+0x7a/0x6f0
[  641.868782][T15142]  ? trace_pid_list_alloc+0x232/0x480
[  641.868843][T15142]  trace_pid_list_alloc+0x232/0x480
[  641.868900][T15142]  trace_pid_write+0x110/0x460
[  641.868954][T15142]  ? __pfx_trace_pid_write+0x10/0x10
[  641.869032][T15142]  event_pid_write.isra.0+0x1e4/0x800
[  641.869091][T15142]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  641.869160][T15142]  vfs_write+0x2aa/0x1070
[  641.869212][T15142]  ? __pfx_ftrace_event_npid_write+0x10/0x10
[  641.869271][T15142]  ? __pfx_vfs_write+0x10/0x10
[  641.869323][T15142]  ? __fget_files+0x215/0x3d0
[  641.869384][T15142]  ? __fget_files+0x21f/0x3d0
[  641.869449][T15142]  ksys_write+0x12a/0x250
[  641.869600][T15142]  ? __pfx_ksys_write+0x10/0x10
[  641.869656][T15142]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  641.869707][T15142]  ? syscall_user_dispatch+0x76/0x130
[  641.869770][T15142]  do_syscall_64+0x106/0xf80
[  641.869811][T15142]  ? clear_bhb_loop+0x40/0x90
[  641.869861][T15142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.869902][T15142] RIP: 0033:0x7ff5c139c629
[  641.869935][T15142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  641.869976][T15142] RSP: 002b:00007ff5c218a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  641.870026][T15142] RAX: ffffffffffffffda RBX: 00007ff5c1615fa0 RCX: 00007ff5c139c629
[  641.870052][T15142] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  641.870075][T15142] RBP: 00007ff5c1432b39 R08: 0000000000000000 R09: 0000000000000000
[  641.870097][T15142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  641.870120][T15142] R13: 00007ff5c1616038 R14: 00007ff5c1615fa0 R15: 00007ffc9ffb01f8
[  641.870172][T15142]  </TASK>
[  643.161002][T15165] FAULT_INJECTION: forcing a failure.
[  643.161002][T15165] name failslab, interval 1, probability 0, space 0, times 0
[  643.191091][T15165] CPU: 0 UID: 0 PID: 15165 Comm: syz.0.2261 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  643.191143][T15165] Tainted: [L]=SOFTLOCKUP
[  643.191155][T15165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  643.191174][T15165] Call Trace:
[  643.191184][T15165]  <TASK>
[  643.191196][T15165]  dump_stack_lvl+0x100/0x190
[  643.191249][T15165]  should_fail_ex.cold+0x5/0xa
[  643.191286][T15165]  should_failslab+0xc2/0x120
[  643.191317][T15165]  __kmalloc_cache_noprof+0x7a/0x6f0
[  643.191414][T15165]  ? alloc_mnt_ns+0xce/0x520
[  643.191637][T15165]  alloc_mnt_ns+0xce/0x520
[  643.191753][T15165]  copy_mnt_ns+0x220/0xc30
[  643.191849][T15165]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  643.191968][T15165]  ? create_new_namespaces+0x30/0xac0
[  643.192056][T15165]  ? rcu_is_watching+0x12/0xc0
[  643.192204][T15165]  create_new_namespaces+0xd3/0xac0
[  643.192291][T15165]  ? bpf_lsm_capable+0x9/0x10
[  643.192382][T15165]  ? security_capable+0x80/0x260
[  643.192503][T15165]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  643.192623][T15165]  ksys_unshare+0x455/0xab0
[  643.192734][T15165]  ? __pfx_ksys_unshare+0x10/0x10
[  643.192911][T15165]  __x64_sys_unshare+0x31/0x40
[  643.193043][T15165]  do_syscall_64+0x106/0xf80
[  643.193139][T15165]  ? clear_bhb_loop+0x40/0x90
[  643.193247][T15165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  643.193334][T15165] RIP: 0033:0x7f92d059c629
[  643.193406][T15165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  643.193491][T15165] RSP: 002b:00007f92d14c7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  643.193577][T15165] RAX: ffffffffffffffda RBX: 00007f92d0816090 RCX: 00007f92d059c629
[  643.193640][T15165] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000
[  643.193694][T15165] RBP: 00007f92d0632b39 R08: 0000000000000000 R09: 0000000000000000
[  643.193749][T15165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  643.193813][T15165] R13: 00007f92d0816128 R14: 00007f92d0816090 R15: 00007ffe9bdf5cc8
[  643.193933][T15165]  </TASK>
[  644.914996][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  645.151440][ T5144] Bluetooth: hci0: Malformed LE Event: 0x0b
[  645.615257][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  646.069135][T15203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2271'.
[  646.083694][T15203] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2271'.
[  648.643948][T15251] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[  649.605881][T15276] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2290'.
[  650.377739][   T29] audit: type=1800 audit(1771957703.456:96): pid=15297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2298" name="dbroot" dev="configfs" ino=67091 res=0 errno=0
[  651.397902][T15313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2302'.
[  651.411185][T15313] vlan1: entered promiscuous mode
[  651.419895][T15313] vlan1: entered allmulticast mode
[  651.427256][T15313] veth0_vlan: entered allmulticast mode
[  651.536237][T15323] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2304'.
[  651.993830][T15329] zswap: compressor  not available
[  652.336547][T15355] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2314'.
[  652.424969][T15348] zswap: compressor  not available
[  652.871145][T15371] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2316'.
[  653.424514][T15384] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2321'.
[  653.450251][T15384] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2321'.
[  653.727245][T15392] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2323'.
[  654.161700][T15401] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2325'.
[  654.282588][T15398] zswap: compressor  not available
[  654.455370][T15410] FAULT_INJECTION: forcing a failure.
[  654.455370][T15410] name failslab, interval 1, probability 0, space 0, times 0
[  654.509898][T15410] CPU: 0 UID: 0 PID: 15410 Comm: syz.3.2327 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  654.509956][T15410] Tainted: [L]=SOFTLOCKUP
[  654.509970][T15410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  654.509991][T15410] Call Trace:
[  654.510002][T15410]  <TASK>
[  654.510015][T15410]  dump_stack_lvl+0x100/0x190
[  654.510074][T15410]  should_fail_ex.cold+0x5/0xa
[  654.510114][T15410]  should_failslab+0xc2/0x120
[  654.510147][T15410]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  654.510197][T15410]  ? prepare_creds+0x2c/0x950
[  654.510256][T15410]  prepare_creds+0x2c/0x950
[  654.510310][T15410]  __sys_setregid+0x109/0x910
[  654.510369][T15410]  do_syscall_64+0x106/0xf80
[  654.510405][T15410]  ? clear_bhb_loop+0x40/0x90
[  654.510445][T15410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.510479][T15410] RIP: 0033:0x7f6db2b9c629
[  654.510505][T15410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  654.510539][T15410] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000072
[  654.510572][T15410] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  654.510594][T15410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  654.510613][T15410] RBP: 00007f6db2c32b39 R08: 0000000000000000 R09: 0000000000000000
[  654.510645][T15410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  654.510666][T15410] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  654.510709][T15410]  </TASK>
[  654.690560][T15414] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2328'.
[  656.205224][T15437] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2334'.
[  656.815259][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  657.392585][T15443] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2336'.
[  657.637198][T15445] zswap: compressor  not available
[  657.900684][T15451] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2338'.
[  658.009960][T15457] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2341'.
[  658.062551][T15457] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2341'.
[  658.094894][T15461] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2340'.
[  658.186425][ T5826] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  658.463224][T15467] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2343'.
[  658.495435][T15467] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2343'.
[  660.392665][T15488] zswap: compressor  not available
[  660.528400][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  660.610620][T15500] netlink: 228 bytes leftover after parsing attributes in process `syz.2.2351'.
[  663.096058][ T5144] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  663.123266][ T5144] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  663.144478][ T5144] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  663.169130][ T5144] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  663.184224][ T5144] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  663.779846][T15527] chnl_net:caif_netlink_parms(): no params data found
[  663.955983][T15534] zswap: compressor  not available
[  664.481362][T15527] bridge0: port 1(bridge_slave_0) entered blocking state
[  664.540210][T15527] bridge0: port 1(bridge_slave_0) entered disabled state
[  664.552885][T15527] bridge_slave_0: entered allmulticast mode
[  664.582025][T15527] bridge_slave_0: entered promiscuous mode
[  664.622008][T15527] bridge0: port 2(bridge_slave_1) entered blocking state
[  664.657990][T15527] bridge0: port 2(bridge_slave_1) entered disabled state
[  664.688139][T15527] bridge_slave_1: entered allmulticast mode
[  664.697422][T15527] bridge_slave_1: entered promiscuous mode
[  665.261562][ T5144] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  665.306573][ T5144] Bluetooth: hci4: command tx timeout
[  665.463155][T15527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  665.489722][T15527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  665.628092][T11099] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.883757][T11099] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  665.917926][T15527] team0: Port device team_slave_0 added
[  665.930388][T15572] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2366'.
[  665.952199][T15527] team0: Port device team_slave_1 added
[  666.169317][T11099] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.230200][T15527] batman_adv: batadv0: Adding interface: batadv_slave_0
[  666.238453][T15527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  666.305577][T15527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  666.323664][T15527] batman_adv: batadv0: Adding interface: batadv_slave_1
[  666.352693][T15527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  666.412942][T15527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  666.424872][T15577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2367'.
[  666.437063][T15577] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2367'.
[  666.670590][T11099] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  666.808303][T15527] hsr_slave_0: entered promiscuous mode
[  666.825571][T15527] hsr_slave_1: entered promiscuous mode
[  666.840895][T15527] debugfs: 'hsr0' already exists in 'hsr'
[  666.854686][T15527] Cannot create hsr debugfs directory
[  667.386187][ T5144] Bluetooth: hci4: command tx timeout
[  667.731225][T11099] gretap0: left allmulticast mode
[  667.749099][T11099] gretap0: left promiscuous mode
[  667.756915][T11099] bridge0: port 3(gretap0) entered disabled state
[  667.814541][T11099] bridge_slave_1: left allmulticast mode
[  667.820591][T11099] bridge_slave_1: left promiscuous mode
[  667.838156][T11099] bridge0: port 2(bridge_slave_1) entered disabled state
[  667.874726][T11099] bridge_slave_0: left allmulticast mode
[  667.897761][T11099] bridge_slave_0: left promiscuous mode
[  667.903620][T11099] bridge0: port 1(bridge_slave_0) entered disabled state
[  667.937381][T15601] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2371'.
[  668.139513][T15603] ima: policy update failed
[  668.229072][   T29] audit: type=1802 audit(1771957721.297:97): pid=15603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2372" res=0 errno=0
[  668.774838][T11099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  668.799215][T11099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  668.819478][T11099] bond0 (unregistering): Released all slaves
[  668.896107][T11099] ovs_: left promiscuous mode
[  669.467278][ T5144] Bluetooth: hci4: command tx timeout
[  669.736197][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  671.156312][T11099] hsr_slave_0: left promiscuous mode
[  671.228105][T11099] hsr_slave_1: left promiscuous mode
[  671.280302][T11099] veth1_macvtap: left promiscuous mode
[  671.419138][T15648] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2379'.
[  671.479731][T15656] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2380'.
[  671.548324][ T5144] Bluetooth: hci4: command tx timeout
[  671.920447][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  671.985463][T11099] team0 (unregistering): Port device team_slave_1 removed
[  672.011429][T11099] team0 (unregistering): Port device team_slave_0 removed
[  672.507873][T15527] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  672.549938][T15527] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  672.669984][T15648] bond0: (slave bond_slave_0): Releasing backup interface
[  672.716890][T15527] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  672.800753][T15527] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  673.178465][T15527] 8021q: adding VLAN 0 to HW filter on device bond0
[  673.270148][T15527] 8021q: adding VLAN 0 to HW filter on device team0
[  673.322824][T11115] bridge0: port 1(bridge_slave_0) entered blocking state
[  673.330073][T11115] bridge0: port 1(bridge_slave_0) entered forwarding state
[  673.350273][T15671] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2382'.
[  673.371495][T11115] bridge0: port 2(bridge_slave_1) entered blocking state
[  673.378714][T11115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  673.447378][T15527] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  673.468143][T15527] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  674.096618][T15527] 8021q: adding VLAN 0 to HW filter on device batadv0
[  674.450961][T15527] veth0_vlan: entered promiscuous mode
[  674.485175][T15527] veth1_vlan: entered promiscuous mode
[  674.590791][T15527] veth0_macvtap: entered promiscuous mode
[  674.649461][T15527] veth1_macvtap: entered promiscuous mode
[  674.743793][T15527] batman_adv: batadv0: Interface activated: batadv_slave_0
[  674.793428][T15527] batman_adv: batadv0: Interface activated: batadv_slave_1
[  674.831834][T11115] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  674.883508][T11115] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  674.919861][T11115] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  674.988465][T11115] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.311088][T11097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  675.318997][T11097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  675.422485][T11097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  675.431000][T11097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  675.544733][ T5826] Bluetooth: hci2: Malformed LE Event: 0x0b
[  675.968331][T15727] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2394'.
[  676.018285][T15727] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2394'.
[  676.058888][T15730] vivid-007: =================  START STATUS  =================
[  676.074648][T15730] vivid-007: Generate PTS: true
[  676.090501][T15730] vivid-007: Generate SCR: true
[  676.101446][T15730] tpg source WxH: 320x240 (Y'CbCr)
[  676.111127][T15730] tpg field: 1
[  676.124993][T15730] tpg crop: (0,0)/320x240
[  676.132754][T15730] tpg compose: (0,0)/320x240
[  676.137543][T15730] tpg colorspace: 8
[  676.148170][T15730] tpg transfer function: 0/0
[  676.177987][T15730] tpg Y'CbCr encoding: 0/0
[  676.202839][T15730] tpg quantization: 0/0
[  676.207163][T15730] tpg RGB range: 0/2
[  676.217002][T15730] vivid-007: ==================  END STATUS  ==================
[  676.738821][T15748] FAULT_INJECTION: forcing a failure.
[  676.738821][T15748] name failslab, interval 1, probability 0, space 0, times 0
[  676.836681][T15748] CPU: 0 UID: 0 PID: 15748 Comm: syz.2.2399 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  676.836818][T15748] Tainted: [L]=SOFTLOCKUP
[  676.836834][T15748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  676.836853][T15748] Call Trace:
[  676.836865][T15748]  <TASK>
[  676.836878][T15748]  dump_stack_lvl+0x100/0x190
[  676.836940][T15748]  should_fail_ex.cold+0x5/0xa
[  676.836978][T15748]  ? tomoyo_realpath_from_path+0xb6/0x690
[  676.837012][T15748]  should_failslab+0xc2/0x120
[  676.837048][T15748]  __kmalloc_noprof+0xe0/0x850
[  676.837103][T15748]  tomoyo_realpath_from_path+0xb6/0x690
[  676.837153][T15748]  tomoyo_path_number_perm+0x23c/0x580
[  676.837201][T15748]  ? tomoyo_path_number_perm+0x22e/0x580
[  676.837250][T15748]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  676.837340][T15748]  ? find_held_lock+0x2b/0x80
[  676.837369][T15748]  ? __fget_files+0x215/0x3d0
[  676.837451][T15748]  ? hook_file_ioctl_common+0x146/0x410
[  676.837510][T15748]  ? __fget_files+0x21f/0x3d0
[  676.837566][T15748]  security_file_ioctl+0xd3/0x230
[  676.837617][T15748]  __x64_sys_ioctl+0xb7/0x210
[  676.837665][T15748]  do_syscall_64+0x106/0xf80
[  676.837702][T15748]  ? clear_bhb_loop+0x40/0x90
[  676.837743][T15748]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.837776][T15748] RIP: 0033:0x7ff5c139c629
[  676.837803][T15748] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  676.837835][T15748] RSP: 002b:00007ff5bf5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  676.837865][T15748] RAX: ffffffffffffffda RBX: 00007ff5c1616090 RCX: 00007ff5c139c629
[  676.837886][T15748] RDX: 0000000000000004 RSI: 0000000040106f52 RDI: 0000000000000003
[  676.837906][T15748] RBP: 00007ff5bf5f6090 R08: 0000000000000000 R09: 0000000000000000
[  676.837925][T15748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.837944][T15748] R13: 00007ff5c1616128 R14: 00007ff5c1616090 R15: 00007ffc9ffb01f8
[  676.837992][T15748]  </TASK>
[  677.053873][T15748] ERROR: Out of memory at tomoyo_realpath_from_path.
[  677.242239][ T5144] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  677.253492][ T5144] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  677.262045][ T5144] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  677.270448][ T5144] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  677.281010][ T5144] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  677.647501][T15750] chnl_net:caif_netlink_parms(): no params data found
[  677.844764][T15761] NFSD: Failed to start, no listeners configured.
[  677.951174][T15750] bridge0: port 1(bridge_slave_0) entered blocking state
[  677.962898][T15750] bridge0: port 1(bridge_slave_0) entered disabled state
[  677.970227][T15750] bridge_slave_0: entered allmulticast mode
[  677.989782][T15750] bridge_slave_0: entered promiscuous mode
[  678.003292][T15750] bridge0: port 2(bridge_slave_1) entered blocking state
[  678.010722][T15750] bridge0: port 2(bridge_slave_1) entered disabled state
[  678.019196][T15750] bridge_slave_1: entered allmulticast mode
[  678.027313][T15750] bridge_slave_1: entered promiscuous mode
[  678.079261][   T48] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.205675][   T48] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.277017][T15750] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  678.340230][   T48] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.363961][ T5144] Bluetooth: hci0: Malformed LE Event: 0x0b
[  678.383687][T15750] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  678.535677][   T48] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  678.575435][T15750] team0: Port device team_slave_0 added
[  678.585515][T15750] team0: Port device team_slave_1 added
[  678.684743][T15750] batman_adv: batadv0: Adding interface: batadv_slave_0
[  678.695939][T15750] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  678.726129][T15750] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  678.759716][T15750] batman_adv: batadv0: Adding interface: batadv_slave_1
[  678.767556][T15750] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  678.796260][T15750] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  679.036144][T15750] hsr_slave_0: entered promiscuous mode
[  679.058720][T15750] hsr_slave_1: entered promiscuous mode
[  679.081584][T15750] debugfs: 'hsr0' already exists in 'hsr'
[  679.098672][T15750] Cannot create hsr debugfs directory
[  679.133853][   T48] gretap0: left allmulticast mode
[  679.138983][   T48] gretap0: left promiscuous mode
[  679.159086][   T48] bridge0: port 3(gretap0) entered disabled state
[  679.186771][T15787] NFSD: Failed to start, no listeners configured.
[  679.195273][   T48] bridge_slave_1: left allmulticast mode
[  679.200973][   T48] bridge_slave_1: left promiscuous mode
[  679.207395][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[  679.235248][   T48] bridge_slave_0: left allmulticast mode
[  679.240998][   T48] bridge_slave_0: left promiscuous mode
[  679.248139][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[  679.320771][T15790] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2409'.
[  679.331557][T15790] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2409'.
[  679.402201][ T5144] Bluetooth: hci1: command tx timeout
[  679.591312][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  679.607564][   T48] bond0 (unregistering): Released all slaves
[  679.617064][T15796] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2410'.
[  680.973506][   T48] hsr_slave_0: left promiscuous mode
[  681.000584][   T48] hsr_slave_1: left promiscuous mode
[  681.042595][   T48] veth1_macvtap: left promiscuous mode
[  681.069014][T15826] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2415'.
[  681.389246][   T48] team0 (unregistering): Port device team_slave_1 removed
[  681.422578][   T48] team0 (unregistering): Port device team_slave_0 removed
[  681.473335][ T5144] Bluetooth: hci1: command tx timeout
[  682.202923][T15750] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  682.264718][T15750] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  682.296214][T15750] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  682.335117][T15750] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  682.342412][T15844] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2419'.
[  682.361745][T15842] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2418'.
[  682.585735][T15750] 8021q: adding VLAN 0 to HW filter on device bond0
[  682.653281][T15750] 8021q: adding VLAN 0 to HW filter on device team0
[  682.728187][T11118] bridge0: port 1(bridge_slave_0) entered blocking state
[  682.735450][T11118] bridge0: port 1(bridge_slave_0) entered forwarding state
[  682.809221][T11115] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.816482][T11115] bridge0: port 2(bridge_slave_1) entered forwarding state
[  683.413591][T15881] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[  683.538445][ T5144] Bluetooth: hci4: Malformed LE Event: 0x0b
[  683.555422][ T5144] Bluetooth: hci1: command tx timeout
[  683.561261][T15868] serio: Serial port pty6
[  683.589535][T15750] 8021q: adding VLAN 0 to HW filter on device batadv0
[  683.755172][T15750] veth0_vlan: entered promiscuous mode
[  683.790899][T15750] veth1_vlan: entered promiscuous mode
[  683.889491][T15750] veth0_macvtap: entered promiscuous mode
[  683.911783][T15750] veth1_macvtap: entered promiscuous mode
[  683.997922][T15750] batman_adv: batadv0: Interface activated: batadv_slave_0
[  684.038642][T15750] batman_adv: batadv0: Interface activated: batadv_slave_1
[  684.076462][T11099] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  684.094447][T11099] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  684.127591][T11099] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  684.144465][T11099] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  684.397984][T11097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.406664][T11097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  684.558331][T15896] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2428'.
[  684.598897][T15896] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  684.606559][T15896] batman_adv: batadv0: Removing interface: batadv_slave_0
[  684.623119][T15896] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  684.645287][T15896] batman_adv: batadv0: Removing interface: batadv_slave_1
[  684.721909][T11118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.743151][T11118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  685.357617][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  685.647241][ T5144] Bluetooth: hci1: command tx timeout
[  685.695570][ T5826] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  685.710718][ T5826] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  685.722925][ T5826] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  685.732034][ T5826] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  685.742138][ T5826] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  685.768513][ T5144] Bluetooth: hci4: Malformed LE Event: 0x0b
[  686.292761][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  686.302216][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  686.472571][T15918] chnl_net:caif_netlink_parms(): no params data found
[  686.987235][T15918] bridge0: port 1(bridge_slave_0) entered blocking state
[  687.062917][T15918] bridge0: port 1(bridge_slave_0) entered disabled state
[  687.086424][T15918] bridge_slave_0: entered allmulticast mode
[  687.119375][T15918] bridge_slave_0: entered promiscuous mode
[  687.317375][T15918] bridge0: port 2(bridge_slave_1) entered blocking state
[  687.340888][T15918] bridge0: port 2(bridge_slave_1) entered disabled state
[  687.377605][T15918] bridge_slave_1: entered allmulticast mode
[  687.419971][T15918] bridge_slave_1: entered promiscuous mode
[  687.546792][ T5826] Bluetooth: hci4: Malformed LE Event: 0x0b
[  687.660968][T11097] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  687.800288][ T5826] Bluetooth: hci2: command tx timeout
[  687.853192][T15918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  687.870909][T15918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  688.004143][T11097] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  688.068756][T15918] team0: Port device team_slave_0 added
[  688.105508][T15918] team0: Port device team_slave_1 added
[  688.129323][T15946] zswap: compressor  not available
[  688.262990][T11097] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  688.303488][T15952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2438'.
[  688.334540][T15918] batman_adv: batadv0: Adding interface: batadv_slave_0
[  688.343286][T15954] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2439'.
[  688.345369][T15918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  688.380610][T15952] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2438'.
[  688.419914][T15918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  688.448434][T15918] batman_adv: batadv0: Adding interface: batadv_slave_1
[  688.455603][T15918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  688.560816][T15918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  688.728528][T11097] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  688.982618][T15918] hsr_slave_0: entered promiscuous mode
[  689.057474][T15968] netlink: 196 bytes leftover after parsing attributes in process `syz.3.2442'.
[  689.098266][T15918] hsr_slave_1: entered promiscuous mode
[  689.105129][T15918] debugfs: 'hsr0' already exists in 'hsr'
[  689.112985][T15918] Cannot create hsr debugfs directory
[  689.426831][T15973] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2444'.
[  689.514037][T11097] gretap0: left allmulticast mode
[  689.536872][T11097] gretap0: left promiscuous mode
[  689.551196][T11097] bridge0: port 3(gretap0) entered disabled state
[  689.576259][T11097] bridge_slave_1: left allmulticast mode
[  689.593022][T11097] bridge_slave_1: left promiscuous mode
[  689.607529][T11097] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.621814][T11097] bridge_slave_0: left allmulticast mode
[  689.632298][T11097] bridge_slave_0: left promiscuous mode
[  689.645570][T11097] bridge0: port 1(bridge_slave_0) entered disabled state
[  689.840399][T15980] zswap: compressor  not available
[  689.881003][ T5826] Bluetooth: hci2: command tx timeout
[  690.223974][T15995] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2448'.
[  690.281539][T11097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  690.313629][T11097] bond0 (unregistering): Released all slaves
[  690.404955][T15995] veth0_macvtap: left promiscuous mode
[  690.414295][T15995] macvtap0: entered promiscuous mode
[  690.425770][T15995] macvtap0: entered allmulticast mode
[  690.781202][T16002] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2449'.
[  690.940358][T16002] bond_slave_0: entered allmulticast mode
[  691.081624][T16014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2452'.
[  691.420926][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  691.603939][T11097] hsr_slave_0: left promiscuous mode
[  691.618691][T11097] hsr_slave_1: left promiscuous mode
[  691.646938][T11097] veth1_macvtap: left promiscuous mode
[  691.663371][T11097] veth1_vlan: left promiscuous mode
[  691.690519][T11097] veth0_vlan: left promiscuous mode
[  691.966609][ T5826] Bluetooth: hci2: command tx timeout
[  692.175738][T16032] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2454'.
[  692.559923][T11097] team0 (unregistering): Port device team_slave_1 removed
[  692.619993][T11097] team0 (unregistering): Port device team_slave_0 removed
[  693.114833][T16053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2459'.
[  693.371674][T16058] FAULT_INJECTION: forcing a failure.
[  693.371674][T16058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  693.395399][T16058] CPU: 1 UID: 0 PID: 16058 Comm: syz.3.2460 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  693.395450][T16058] Tainted: [L]=SOFTLOCKUP
[  693.395462][T16058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  693.395482][T16058] Call Trace:
[  693.395494][T16058]  <TASK>
[  693.395507][T16058]  dump_stack_lvl+0x100/0x190
[  693.395562][T16058]  should_fail_ex.cold+0x5/0xa
[  693.395601][T16058]  _copy_to_user+0x32/0xd0
[  693.395654][T16058]  simple_read_from_buffer+0xcb/0x170
[  693.395706][T16058]  proc_fail_nth_read+0x1af/0x230
[  693.395743][T16058]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  693.395781][T16058]  ? rw_verify_area+0xce/0x6d0
[  693.395823][T16058]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  693.395866][T16058]  vfs_read+0x1e4/0xb30
[  693.395920][T16058]  ? __pfx_vfs_read+0x10/0x10
[  693.395967][T16058]  ? __fget_files+0x215/0x3d0
[  693.396025][T16058]  ? __fget_files+0x21f/0x3d0
[  693.396086][T16058]  ksys_read+0x12a/0x250
[  693.396133][T16058]  ? __pfx_ksys_read+0x10/0x10
[  693.396191][T16058]  do_syscall_64+0x106/0xf80
[  693.396224][T16058]  ? clear_bhb_loop+0x40/0x90
[  693.396262][T16058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  693.396305][T16058] RIP: 0033:0x7f6db2b5cece
[  693.396332][T16058] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  693.396365][T16058] RSP: 002b:00007f6db3b11fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  693.396396][T16058] RAX: ffffffffffffffda RBX: 00007f6db3b126c0 RCX: 00007f6db2b5cece
[  693.396417][T16058] RDX: 000000000000000f RSI: 00007f6db3b120a0 RDI: 0000000000000004
[  693.396436][T16058] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  693.396456][T16058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  693.396474][T16058] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  693.396516][T16058]  </TASK>
[  694.055619][ T5826] Bluetooth: hci2: command tx timeout
[  696.241814][T16101] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2465'.
[  696.263567][T16094] ima: policy update failed
[  696.268362][   T29] audit: type=1802 audit(1771957749.323:98): pid=16094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2463" res=0 errno=0
[  696.757903][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  698.027047][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  698.436021][T16129] ima: policy update failed
[  698.440791][   T29] audit: type=1802 audit(1771957751.492:99): pid=16129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2473" res=0 errno=0
[  698.741516][T16138] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2475'.
[  698.757216][T16138] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2475'.
[  699.056081][ T5826] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  699.777303][T16144] Invalid ELF header magic: != ELF
[  702.023540][T16166] ima: policy update failed
[  702.029598][   T29] audit: type=1802 audit(1771957755.090:100): pid=16166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2482" res=0 errno=0
[  702.082187][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  702.675393][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  703.765616][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  703.899081][T16192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2490'.
[  703.912757][T16192] netlink: 13 bytes leftover after parsing attributes in process `syz.3.2490'.
[  704.129602][T16197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2491'.
[  704.142598][T16197] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2491'.
[  705.073261][T16213] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  706.171647][ T5144] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  706.183726][ T5144] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  706.192574][ T5144] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  706.218998][ T5144] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  706.227091][ T5144] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  706.671544][T16231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2499'.
[  706.702868][T16231] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2499'.
[  706.910249][T16226] chnl_net:caif_netlink_parms(): no params data found
[  707.012304][T16242] FAULT_INJECTION: forcing a failure.
[  707.012304][T16242] name failslab, interval 1, probability 0, space 0, times 0
[  707.031098][T16242] CPU: 1 UID: 0 PID: 16242 Comm: syz.3.2501 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  707.031149][T16242] Tainted: [L]=SOFTLOCKUP
[  707.031162][T16242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  707.031181][T16242] Call Trace:
[  707.031192][T16242]  <TASK>
[  707.031204][T16242]  dump_stack_lvl+0x100/0x190
[  707.031259][T16242]  should_fail_ex.cold+0x5/0xa
[  707.031296][T16242]  ? lsm_blob_alloc+0x68/0x90
[  707.031338][T16242]  should_failslab+0xc2/0x120
[  707.031369][T16242]  __kmalloc_noprof+0xe0/0x850
[  707.031415][T16242]  ? trace_kmem_cache_alloc+0xf3/0x120
[  707.031454][T16242]  lsm_blob_alloc+0x68/0x90
[  707.031491][T16242]  security_prepare_creds+0x2d/0x290
[  707.031528][T16242]  prepare_creds+0x5d6/0x950
[  707.031580][T16242]  copy_creds+0xa7/0xa50
[  707.031656][T16242]  copy_process+0x1029/0x7a10
[  707.031694][T16242]  ? __pfx__kstrtoull+0x10/0x10
[  707.031751][T16242]  ? __pfx_copy_process+0x10/0x10
[  707.031800][T16242]  ? _copy_from_user+0x59/0xd0
[  707.031855][T16242]  kernel_clone+0xfc/0x9a0
[  707.031891][T16242]  ? get_pid_task+0xfc/0x250
[  707.031932][T16242]  ? __pfx_kernel_clone+0x10/0x10
[  707.031979][T16242]  ? find_held_lock+0x2b/0x80
[  707.032022][T16242]  __do_sys_clone3+0x214/0x290
[  707.032068][T16242]  ? __pfx___do_sys_clone3+0x10/0x10
[  707.032106][T16242]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  707.032161][T16242]  ? __x64_sys_close_range+0x2d9/0x5d0
[  707.032228][T16242]  do_syscall_64+0x106/0xf80
[  707.032264][T16242]  ? clear_bhb_loop+0x40/0x90
[  707.032304][T16242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.032337][T16242] RIP: 0033:0x7f6db2b9c629
[  707.032365][T16242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  707.032398][T16242] RSP: 002b:00007f6db3b11ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  707.032431][T16242] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f6db2b9c629
[  707.032452][T16242] RDX: 00007f6db3b11f10 RSI: 0000000000000058 RDI: 00007f6db3b11f10
[  707.032473][T16242] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000058
[  707.032493][T16242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  707.032512][T16242] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  707.032554][T16242]  </TASK>
[  707.358678][T16226] bridge0: port 1(bridge_slave_0) entered blocking state
[  707.367293][T16226] bridge0: port 1(bridge_slave_0) entered disabled state
[  707.374879][T16226] bridge_slave_0: entered allmulticast mode
[  707.389547][T16226] bridge_slave_0: entered promiscuous mode
[  707.400307][T16226] bridge0: port 2(bridge_slave_1) entered blocking state
[  707.411014][T16226] bridge0: port 2(bridge_slave_1) entered disabled state
[  707.418720][T16226] bridge_slave_1: entered allmulticast mode
[  707.427612][T16226] bridge_slave_1: entered promiscuous mode
[  707.477333][T16226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  707.491072][T16226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  707.535824][T16226] team0: Port device team_slave_0 added
[  707.545284][T16226] team0: Port device team_slave_1 added
[  707.602270][T16251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2504'.
[  707.612779][T16226] batman_adv: batadv0: Adding interface: batadv_slave_0
[  707.620297][T16226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.647642][T16226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  707.660931][T16226] batman_adv: batadv0: Adding interface: batadv_slave_1
[  707.668181][T16226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  707.694158][T16226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  707.777314][T16226] hsr_slave_0: entered promiscuous mode
[  707.797406][T16226] hsr_slave_1: entered promiscuous mode
[  707.803908][T16226] debugfs: 'hsr0' already exists in 'hsr'
[  707.816469][T16226] Cannot create hsr debugfs directory
[  707.989308][T16260] ima: policy update failed
[  707.998494][   T29] audit: type=1802 audit(1771957761.057:101): pid=16260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2506" res=0 errno=0
[  708.295826][ T5144] Bluetooth: hci0: command tx timeout
[  708.388862][T16271] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2508'.
[  709.668318][T16285] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2512'.
[  709.907088][T16288] ima: policy update failed
[  709.934511][   T29] audit: type=1802 audit(1771958785.986:102): pid=16288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2513" res=0 errno=0
[  710.208235][T16296] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2515'.
[  710.369266][ T5144] Bluetooth: hci0: command tx timeout
[  710.610382][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  711.425029][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  711.874792][T16319] ima: policy update failed
[  711.897058][   T29] audit: type=1802 audit(1771958787.945:103): pid=16319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2520" res=0 errno=0
[  712.456769][ T5144] Bluetooth: hci0: command tx timeout
[  714.530020][ T5144] Bluetooth: hci0: command tx timeout
[  714.627060][T16351] FAULT_INJECTION: forcing a failure.
[  714.627060][T16351] name failslab, interval 1, probability 0, space 0, times 0
[  714.669736][T16351] CPU: 1 UID: 0 PID: 16351 Comm: syz.3.2528 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  714.669788][T16351] Tainted: [L]=SOFTLOCKUP
[  714.669801][T16351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  714.669821][T16351] Call Trace:
[  714.669832][T16351]  <TASK>
[  714.669845][T16351]  dump_stack_lvl+0x100/0x190
[  714.669905][T16351]  should_fail_ex.cold+0x5/0xa
[  714.669943][T16351]  ? tomoyo_realpath_from_path+0xb6/0x690
[  714.669978][T16351]  should_failslab+0xc2/0x120
[  714.670011][T16351]  __kmalloc_noprof+0xe0/0x850
[  714.670068][T16351]  tomoyo_realpath_from_path+0xb6/0x690
[  714.670114][T16351]  tomoyo_path_number_perm+0x23c/0x580
[  714.670163][T16351]  ? tomoyo_path_number_perm+0x22e/0x580
[  714.670215][T16351]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  714.670311][T16351]  ? find_held_lock+0x2b/0x80
[  714.670341][T16351]  ? __fget_files+0x215/0x3d0
[  714.670402][T16351]  ? hook_file_ioctl_common+0x146/0x410
[  714.670468][T16351]  ? __fget_files+0x21f/0x3d0
[  714.670525][T16351]  security_file_ioctl+0xd3/0x230
[  714.670578][T16351]  __x64_sys_ioctl+0xb7/0x210
[  714.670628][T16351]  do_syscall_64+0x106/0xf80
[  714.670664][T16351]  ? clear_bhb_loop+0x40/0x90
[  714.670705][T16351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.670740][T16351] RIP: 0033:0x7f6db2b9c629
[  714.670767][T16351] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  714.670801][T16351] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  714.670831][T16351] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  714.670854][T16351] RDX: 0000000000000003 RSI: 00000000c058560f RDI: 0000000000000003
[  714.670874][T16351] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  714.670894][T16351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.670914][T16351] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  714.670980][T16351]  </TASK>
[  714.671033][T16351] ERROR: Out of memory at tomoyo_realpath_from_path.
[  714.929676][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  715.669832][T16370] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2533'.
[  718.299224][   T29] audit: type=1800 audit(1771958794.342:104): pid=16400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2540" name="lu_gp_id" dev="configfs" ino=77861 res=0 errno=0
[  718.352106][T16400] kstrtoul() returned -22 for lu_gp_id
[  718.577268][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  721.306855][T16440] __vm_enough_memory: pid: 16440, comm: syz.3.2550, bytes: 4398046511104 not enough memory for the allocation
[  722.147849][T16452] FAULT_INJECTION: forcing a failure.
[  722.147849][T16452] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  722.180466][T16452] CPU: 0 UID: 0 PID: 16452 Comm: syz.3.2553 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  722.180518][T16452] Tainted: [L]=SOFTLOCKUP
[  722.180529][T16452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  722.180549][T16452] Call Trace:
[  722.180560][T16452]  <TASK>
[  722.180573][T16452]  dump_stack_lvl+0x100/0x190
[  722.180628][T16452]  should_fail_ex.cold+0x5/0xa
[  722.180665][T16452]  ? prepare_alloc_pages+0x16d/0x5f0
[  722.180709][T16452]  should_fail_alloc_page+0xeb/0x140
[  722.180744][T16452]  prepare_alloc_pages+0x1f0/0x5f0
[  722.180789][T16452]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  722.180847][T16452]  ? stack_trace_save+0x8e/0xc0
[  722.180883][T16452]  ? __pfx_stack_trace_save+0x10/0x10
[  722.180916][T16452]  ? stack_depot_save_flags+0x27/0x9d0
[  722.180971][T16452]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  722.181008][T16452]  ? kasan_save_stack+0x3f/0x50
[  722.181053][T16452]  ? kasan_save_stack+0x30/0x50
[  722.181100][T16452]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  722.181151][T16452]  ? __pmd_alloc+0xbf/0x9c0
[  722.181182][T16452]  ? __handle_mm_fault+0xa99/0x2b60
[  722.181218][T16452]  ? handle_mm_fault+0x36d/0xa20
[  722.181255][T16452]  ? exc_page_fault+0x6f/0xd0
[  722.181288][T16452]  ? rep_movs_alternative+0xf/0x90
[  722.181329][T16452]  ? _copy_from_user+0x98/0xd0
[  722.181375][T16452]  ? ____sys_sendmsg+0x1d1/0xc30
[  722.181416][T16452]  ? ___sys_sendmsg+0x190/0x1e0
[  722.181471][T16452]  ? __sys_sendmmsg+0x205/0x430
[  722.181510][T16452]  ? __x64_sys_sendmmsg+0x9c/0x100
[  722.181545][T16452]  ? do_syscall_64+0x106/0xf80
[  722.181583][T16452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.181634][T16452]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  722.181690][T16452]  ? policy_nodemask+0xed/0x4f0
[  722.181795][T16452]  alloc_pages_mpol+0x1fb/0x550
[  722.181838][T16452]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  722.181883][T16452]  alloc_pages_noprof+0x131/0x390
[  722.181918][T16452]  pte_alloc_one+0x1e/0x3e0
[  722.181954][T16452]  do_fault+0x8cc/0x1950
[  722.181990][T16452]  ? __pmd_alloc+0x6aa/0x9c0
[  722.182029][T16452]  __handle_mm_fault+0x180f/0x2b60
[  722.182084][T16452]  ? mt_find+0x45e/0x8e0
[  722.182126][T16452]  ? __pfx___handle_mm_fault+0x10/0x10
[  722.182172][T16452]  ? __pfx_mt_find+0x10/0x10
[  722.182240][T16452]  ? find_vma+0xbf/0x140
[  722.182290][T16452]  ? __pfx_find_vma+0x10/0x10
[  722.182344][T16452]  handle_mm_fault+0x36d/0xa20
[  722.182399][T16452]  do_user_addr_fault+0x74c/0x12f0
[  722.182465][T16452]  exc_page_fault+0x6f/0xd0
[  722.182513][T16452]  asm_exc_page_fault+0x26/0x30
[  722.182555][T16452] RIP: 0010:rep_movs_alternative+0xf/0x90
[  722.182603][T16452] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66
[  722.182642][T16452] RSP: 0018:ffffc900034e79b0 EFLAGS: 00050202
[  722.182670][T16452] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007
[  722.182691][T16452] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc900034e7a38
[  722.182712][T16452] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff5200069cf47
[  722.182732][T16452] R10: ffffc900034e7a3e R11: 0000000000000000 R12: 0000000000000000
[  722.182757][T16452] R13: ffffc900034e7a38 R14: 1ffff9200069cf41 R15: ffffc900034e7d6c
[  722.182800][T16452]  _copy_from_user+0x98/0xd0
[  722.182856][T16452]  ____sys_sendmsg+0x1d1/0xc30
[  722.182915][T16452]  ? __pfx_____sys_sendmsg+0x10/0x10
[  722.182972][T16452]  ? __pfx__kstrtoull+0x10/0x10
[  722.183021][T16452]  ___sys_sendmsg+0x190/0x1e0
[  722.183078][T16452]  ? __pfx____sys_sendmsg+0x10/0x10
[  722.183153][T16452]  ? find_held_lock+0x2b/0x80
[  722.183216][T16452]  __sys_sendmmsg+0x205/0x430
[  722.183261][T16452]  ? __pfx___sys_sendmmsg+0x10/0x10
[  722.183315][T16452]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  722.183374][T16452]  ? fput+0x79/0x100
[  722.183411][T16452]  ? ksys_write+0x1ac/0x250
[  722.183459][T16452]  ? __pfx_ksys_write+0x10/0x10
[  722.183517][T16452]  __x64_sys_sendmmsg+0x9c/0x100
[  722.183567][T16452]  ? lockdep_hardirqs_on+0x78/0x100
[  722.183603][T16452]  do_syscall_64+0x106/0xf80
[  722.183646][T16452]  ? clear_bhb_loop+0x40/0x90
[  722.183687][T16452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.183722][T16452] RIP: 0033:0x7f6db2b9c629
[  722.183751][T16452] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  722.183796][T16452] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  722.183829][T16452] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  722.183852][T16452] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000005
[  722.183873][T16452] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  722.183894][T16452] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[  722.183915][T16452] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  722.183960][T16452]  </TASK>
[  723.110086][T16457] FAULT_INJECTION: forcing a failure.
[  723.110086][T16457] name failslab, interval 1, probability 0, space 0, times 0
[  723.134742][T16457] CPU: 1 UID: 0 PID: 16457 Comm: syz.3.2556 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  723.134794][T16457] Tainted: [L]=SOFTLOCKUP
[  723.134805][T16457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  723.134825][T16457] Call Trace:
[  723.134836][T16457]  <TASK>
[  723.134849][T16457]  dump_stack_lvl+0x100/0x190
[  723.134903][T16457]  should_fail_ex.cold+0x5/0xa
[  723.134940][T16457]  ? tomoyo_realpath_from_path+0xb6/0x690
[  723.134975][T16457]  should_failslab+0xc2/0x120
[  723.135009][T16457]  __kmalloc_noprof+0xe0/0x850
[  723.135064][T16457]  tomoyo_realpath_from_path+0xb6/0x690
[  723.135109][T16457]  tomoyo_path_number_perm+0x23c/0x580
[  723.135157][T16457]  ? tomoyo_path_number_perm+0x22e/0x580
[  723.135211][T16457]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  723.135303][T16457]  ? find_held_lock+0x2b/0x80
[  723.135333][T16457]  ? __fget_files+0x215/0x3d0
[  723.135380][T16457]  ? hook_file_ioctl_common+0x146/0x410
[  723.135440][T16457]  ? __fget_files+0x21f/0x3d0
[  723.135496][T16457]  security_file_ioctl+0xd3/0x230
[  723.135547][T16457]  __x64_sys_ioctl+0xb7/0x210
[  723.135602][T16457]  do_syscall_64+0x106/0xf80
[  723.135638][T16457]  ? clear_bhb_loop+0x40/0x90
[  723.135680][T16457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  723.135714][T16457] RIP: 0033:0x7f6db2b9c629
[  723.135741][T16457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  723.135774][T16457] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  723.135807][T16457] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  723.135829][T16457] RDX: 0000000000000001 RSI: 0000000000004b31 RDI: 0000000000000003
[  723.135849][T16457] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  723.135868][T16457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  723.135888][T16457] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  723.135931][T16457]  </TASK>
[  723.135946][T16457] ERROR: Out of memory at tomoyo_realpath_from_path.
[  724.666004][T16470] zswap: compressor  not available
[  724.987805][T16476] FAULT_INJECTION: forcing a failure.
[  724.987805][T16476] name failslab, interval 1, probability 0, space 0, times 0
[  725.025488][T16476] CPU: 0 UID: 0 PID: 16476 Comm: syz.0.2561 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  725.025540][T16476] Tainted: [L]=SOFTLOCKUP
[  725.025551][T16476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  725.025568][T16476] Call Trace:
[  725.025577][T16476]  <TASK>
[  725.025587][T16476]  dump_stack_lvl+0x100/0x190
[  725.025628][T16476]  should_fail_ex.cold+0x5/0xa
[  725.025656][T16476]  should_failslab+0xc2/0x120
[  725.025680][T16476]  __kmalloc_cache_noprof+0x7a/0x6f0
[  725.025710][T16476]  ? single_open+0x4d/0x1d0
[  725.025744][T16476]  ? __pfx_snd_info_seq_show+0x10/0x10
[  725.025781][T16476]  single_open+0x4d/0x1d0
[  725.025812][T16476]  snd_info_text_entry_open+0x284/0x2f0
[  725.025849][T16476]  ? trace_kmem_cache_alloc+0xf3/0x120
[  725.025873][T16476]  ? __pfx_snd_info_text_entry_open+0x10/0x10
[  725.025910][T16476]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  725.025944][T16476]  ? proc_reg_open+0x23f/0x5f0
[  725.025980][T16476]  ? __pfx_snd_info_text_entry_open+0x10/0x10
[  725.026019][T16476]  proc_reg_open+0x2ab/0x5f0
[  725.026055][T16476]  do_dentry_open+0x6d8/0x1660
[  725.026093][T16476]  ? __pfx_proc_reg_open+0x10/0x10
[  725.026135][T16476]  vfs_open+0x82/0x3f0
[  725.026166][T16476]  path_openat+0x208c/0x31a0
[  725.026199][T16476]  ? __pfx_path_openat+0x10/0x10
[  725.026232][T16476]  do_file_open+0x20e/0x430
[  725.026257][T16476]  ? __pfx_do_file_open+0x10/0x10
[  725.026309][T16476]  ? alloc_fd+0x476/0x790
[  725.026352][T16476]  ? do_getname+0x191/0x390
[  725.026383][T16476]  do_sys_openat2+0x10d/0x1e0
[  725.026416][T16476]  ? __pfx_do_sys_openat2+0x10/0x10
[  725.026449][T16476]  ? __fget_files+0x21f/0x3d0
[  725.026492][T16476]  __x64_sys_openat+0x12d/0x210
[  725.026523][T16476]  ? __pfx___x64_sys_openat+0x10/0x10
[  725.026565][T16476]  do_syscall_64+0x106/0xf80
[  725.026591][T16476]  ? clear_bhb_loop+0x40/0x90
[  725.026621][T16476]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.026646][T16476] RIP: 0033:0x7ff76039c629
[  725.026667][T16476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  725.026691][T16476] RSP: 002b:00007ff7612bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  725.026715][T16476] RAX: ffffffffffffffda RBX: 00007ff760615fa0 RCX: 00007ff76039c629
[  725.026732][T16476] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  725.026748][T16476] RBP: 00007ff760432b39 R08: 0000000000000000 R09: 0000000000000000
[  725.026763][T16476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  725.026778][T16476] R13: 00007ff760616038 R14: 00007ff760615fa0 R15: 00007ffd0952e048
[  725.026810][T16476]  </TASK>
[  725.318929][T16476] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2561'.
[  725.328791][T16476] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2561'.
[  728.093243][T16515] Invalid ELF header magic: != ELF
[  729.054780][T16527] zswap: compressor û not available
[  730.817366][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  731.451671][T16572] FAULT_INJECTION: forcing a failure.
[  731.451671][T16572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  731.483928][T16572] CPU: 0 UID: 0 PID: 16572 Comm: syz.0.2587 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  731.483965][T16572] Tainted: [L]=SOFTLOCKUP
[  731.483974][T16572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  731.483988][T16572] Call Trace:
[  731.483996][T16572]  <TASK>
[  731.484006][T16572]  dump_stack_lvl+0x100/0x190
[  731.484045][T16572]  should_fail_ex.cold+0x5/0xa
[  731.484074][T16572]  _copy_to_user+0x32/0xd0
[  731.484113][T16572]  simple_read_from_buffer+0xcb/0x170
[  731.484151][T16572]  proc_fail_nth_read+0x1af/0x230
[  731.484179][T16572]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  731.484208][T16572]  ? rw_verify_area+0xce/0x6d0
[  731.484240][T16572]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  731.484267][T16572]  vfs_read+0x1e4/0xb30
[  731.484306][T16572]  ? __pfx_vfs_read+0x10/0x10
[  731.484341][T16572]  ? __fget_files+0x215/0x3d0
[  731.484404][T16572]  ? __fget_files+0x21f/0x3d0
[  731.484447][T16572]  ksys_read+0x12a/0x250
[  731.484483][T16572]  ? __pfx_ksys_read+0x10/0x10
[  731.484526][T16572]  do_syscall_64+0x106/0xf80
[  731.484552][T16572]  ? clear_bhb_loop+0x40/0x90
[  731.484581][T16572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  731.484605][T16572] RIP: 0033:0x7ff76035cece
[  731.484625][T16572] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  731.484649][T16572] RSP: 002b:00007ff7612bbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  731.484672][T16572] RAX: ffffffffffffffda RBX: 00007ff7612bc6c0 RCX: 00007ff76035cece
[  731.484688][T16572] RDX: 000000000000000f RSI: 00007ff7612bc0a0 RDI: 0000000000000005
[  731.484702][T16572] RBP: 00007ff7612bc090 R08: 0000000000000000 R09: 0000000000000000
[  731.484717][T16572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  731.484731][T16572] R13: 00007ff760616038 R14: 00007ff760615fa0 R15: 00007ffd0952e048
[  731.484761][T16572]  </TASK>
[  733.297820][T16598] vivid-007: =================  START STATUS  =================
[  733.306094][T16598] vivid-007: Generate PTS: true
[  733.311147][T16598] vivid-007: Generate SCR: true
[  733.316074][T16598] tpg source WxH: 320x240 (Y'CbCr)
[  733.322110][T16598] tpg field: 1
[  733.325542][T16598] tpg crop: (0,0)/320x240
[  733.330061][T16598] tpg compose: (0,0)/320x240
[  733.334706][T16598] tpg colorspace: 8
[  733.338642][T16598] tpg transfer function: 0/0
[  733.348490][T16598] tpg Y'CbCr encoding: 0/0
[  733.354446][T16598] tpg quantization: 0/0
[  733.358668][T16598] tpg RGB range: 0/2
[  733.363253][T16598] vivid-007: ==================  END STATUS  ==================
[  734.959547][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  735.443058][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  736.346868][T16656] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2613'.
[  736.576388][T16659] ima: policy update failed
[  736.590723][   T29] audit: type=1802 audit(1771958812.623:105): pid=16659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2614" res=0 errno=0
[  736.654010][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  736.859106][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  737.493952][T16685] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2621'.
[  737.602226][T16683] ima: policy update failed
[  737.607040][   T29] audit: type=1802 audit(1771958813.642:106): pid=16683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2622" res=0 errno=0
[  737.691062][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  738.294248][T16698] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2626'.
[  738.830603][T16711] ima: policy update failed
[  738.843524][   T29] audit: type=1802 audit(1771958814.890:107): pid=16711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2630" res=0 errno=0
[  739.260425][T16719] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2632'.
[  739.270804][T16719] veth0_macvtap: left promiscuous mode
[  739.278057][T16719] macvtap0: entered promiscuous mode
[  739.291366][T16719] macvtap0: entered allmulticast mode
[  739.432721][T16723] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15
[  740.616305][T16736] ima: policy update failed
[  740.631659][   T29] audit: type=1802 audit(1771958816.680:108): pid=16736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2637" res=0 errno=0
[  742.886523][T16760] NFSD: Failed to start, no listeners configured.
[  743.179369][T16765] zswap: compressor û not available
[  743.292746][T16762] Setting dangerous option i915.mitigations - tainting kernel
[  744.123554][T16780] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16
[  744.815841][T16794] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2650'.
[  744.975557][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  745.660503][T16804] NFSD: Failed to start, no listeners configured.
[  745.694519][T16803] Invalid ELF header magic: != ELF
[  745.717091][ T5826] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  745.730581][ T5826] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  745.741704][ T5826] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  745.752035][ T5826] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  745.764302][ T5826] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  746.316189][T16806] chnl_net:caif_netlink_parms(): no params data found
[  746.568382][T16806] bridge0: port 1(bridge_slave_0) entered blocking state
[  746.576783][T16806] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.585678][T16806] bridge_slave_0: entered allmulticast mode
[  746.593922][T16806] bridge_slave_0: entered promiscuous mode
[  746.604606][T16806] bridge0: port 2(bridge_slave_1) entered blocking state
[  746.611970][T16806] bridge0: port 2(bridge_slave_1) entered disabled state
[  746.619267][T16806] bridge_slave_1: entered allmulticast mode
[  746.629452][T16806] bridge_slave_1: entered promiscuous mode
[  746.710681][T16806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  746.725737][T16806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  746.808107][T16806] team0: Port device team_slave_0 added
[  746.837393][T16806] team0: Port device team_slave_1 added
[  746.947728][T16806] batman_adv: batadv0: Adding interface: batadv_slave_0
[  746.955443][T16806] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  747.001342][T16806] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  747.019397][T16806] batman_adv: batadv0: Adding interface: batadv_slave_1
[  747.026981][T16806] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  747.056721][T16806] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  747.204309][T16806] hsr_slave_0: entered promiscuous mode
[  747.212406][T16806] hsr_slave_1: entered promiscuous mode
[  747.232194][T16806] debugfs: 'hsr0' already exists in 'hsr'
[  747.238015][T16806] Cannot create hsr debugfs directory
[  747.747807][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  747.756311][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  747.831562][ T5826] Bluetooth: hci5: command tx timeout
[  748.329049][T16849] ima: policy update failed
[  748.341537][   T29] audit: type=1802 audit(1771958824.390:109): pid=16849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2661" res=0 errno=0
[  749.901523][ T5826] Bluetooth: hci5: command tx timeout
[  750.199075][T16875] ima: policy update failed
[  750.211835][   T29] audit: type=1802 audit(1771958826.260:110): pid=16875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2668" res=0 errno=0
[  751.517128][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  751.981454][ T5826] Bluetooth: hci5: command tx timeout
[  752.209241][T16898] ima: policy update failed
[  752.222263][   T29] audit: type=1802 audit(1771958828.270:111): pid=16898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2675" res=0 errno=0
[  752.394918][T16906] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2676'.
[  753.617882][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  754.061450][ T5826] Bluetooth: hci5: command tx timeout
[  755.331442][T16935] ima: policy update failed
[  755.372767][   T29] audit: type=1802 audit(1771958831.380:112): pid=16935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2684" res=0 errno=0
[  755.482230][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  756.843421][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  758.082782][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  760.211840][ T5826] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  760.491021][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  762.178528][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  762.913763][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  764.044796][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  765.008206][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  766.329759][ T5144] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  766.354475][ T5144] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  766.363222][ T5144] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  766.382493][ T5144] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  766.390494][ T5144] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  766.755091][T17084] chnl_net:caif_netlink_parms(): no params data found
[  766.947544][T17084] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.965391][T17084] bridge0: port 1(bridge_slave_0) entered disabled state
[  766.985775][T17084] bridge_slave_0: entered allmulticast mode
[  767.026298][T17084] bridge_slave_0: entered promiscuous mode
[  767.043946][T17084] bridge0: port 2(bridge_slave_1) entered blocking state
[  767.051079][T17084] bridge0: port 2(bridge_slave_1) entered disabled state
[  767.081594][T17084] bridge_slave_1: entered allmulticast mode
[  767.089070][T17084] bridge_slave_1: entered promiscuous mode
[  767.192675][T17084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  767.258184][T17084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  767.357952][T17084] team0: Port device team_slave_0 added
[  767.388297][T17084] team0: Port device team_slave_1 added
[  767.447697][T17084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  767.455610][T17084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  767.485956][T17084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  767.511478][T17084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  767.518586][T17084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  767.555436][T17084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  767.639173][T17111] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2731'.
[  767.697054][T17084] hsr_slave_0: entered promiscuous mode
[  767.716007][T17084] hsr_slave_1: entered promiscuous mode
[  767.732273][T17084] debugfs: 'hsr0' already exists in 'hsr'
[  767.738092][T17084] Cannot create hsr debugfs directory
[  768.024001][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  768.396913][T17120] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2733'.
[  768.463377][ T5826] Bluetooth: hci6: command tx timeout
[  768.534706][ T5826] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  768.712914][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  770.553496][ T5826] Bluetooth: hci6: command tx timeout
[  771.051787][ T5826] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  771.332766][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  771.958504][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  772.621377][ T5826] Bluetooth: hci6: command tx timeout
[  773.321320][ T5826] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  774.701349][ T5826] Bluetooth: hci6: command tx timeout
[  774.849076][T17190] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2746'.
[  775.134986][T17191] NFSD: Failed to start, no listeners configured.
[  776.331332][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  777.014096][T17211] netlink: 228 bytes leftover after parsing attributes in process `syz.3.2750'.
[  778.199414][T17225] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2756'.
[  779.720461][T17241] zswap: compressor û not available
[  780.238813][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  782.258251][ T5826] Bluetooth: hci3: Malformed LE Event: 0x0b
[  782.564047][ T5826] Bluetooth: hci1: Malformed LE Event: 0x0b
[  784.836726][T17313] zswap: compressor  not available
[  785.399856][T17307] Bluetooth: hci3: Malformed LE Event: 0x0b
[  785.671474][T17307] Bluetooth: hci4: command 0x0406 tx timeout
[  786.059618][T17337] zswap: compressor û not available
[  787.101638][ T5144] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[  787.653587][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  789.396994][T17375] zswap: compressor û not available
[  790.056016][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  790.916455][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  791.642827][T17396] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2796'.
[  791.877902][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  793.473059][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  794.431430][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  799.108292][T17307] Bluetooth: hci3: Malformed LE Event: 0x0b
[  800.271666][T17485] netlink: 'syz.3.2821': attribute type 9 has an invalid length.
[  800.292787][T17485] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2821'.
[  801.022035][T17307] Bluetooth: hci1: command 0x0406 tx timeout
[  801.694101][T17501] ima: policy update failed
[  801.699044][   T29] audit: type=1802 audit(1771958877.740:113): pid=17501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2824" res=0 errno=0
[  802.726591][T17513] FAULT_INJECTION: forcing a failure.
[  802.726591][T17513] name failslab, interval 1, probability 0, space 0, times 0
[  802.746179][T17513] CPU: 0 UID: 0 PID: 17513 Comm: syz.3.2828 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  802.746236][T17513] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  802.746246][T17513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  802.746261][T17513] Call Trace:
[  802.746270][T17513]  <TASK>
[  802.746280][T17513]  dump_stack_lvl+0x100/0x190
[  802.746322][T17513]  should_fail_ex.cold+0x5/0xa
[  802.746349][T17513]  ? tomoyo_realpath_from_path+0xb6/0x690
[  802.746375][T17513]  should_failslab+0xc2/0x120
[  802.746429][T17513]  __kmalloc_noprof+0xe0/0x850
[  802.746475][T17513]  tomoyo_realpath_from_path+0xb6/0x690
[  802.746508][T17513]  tomoyo_path_number_perm+0x23c/0x580
[  802.746543][T17513]  ? tomoyo_path_number_perm+0x22e/0x580
[  802.746580][T17513]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  802.746645][T17513]  ? find_held_lock+0x2b/0x80
[  802.746666][T17513]  ? __fget_files+0x215/0x3d0
[  802.746700][T17513]  ? hook_file_ioctl_common+0x146/0x410
[  802.746745][T17513]  ? __fget_files+0x21f/0x3d0
[  802.746786][T17513]  security_file_ioctl+0xd3/0x230
[  802.746824][T17513]  __x64_sys_ioctl+0xb7/0x210
[  802.746859][T17513]  do_syscall_64+0x106/0xf80
[  802.746886][T17513]  ? clear_bhb_loop+0x40/0x90
[  802.746915][T17513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  802.746940][T17513] RIP: 0033:0x7f6db2b9c629
[  802.746961][T17513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  802.746985][T17513] RSP: 002b:00007f6db3b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  802.747007][T17513] RAX: ffffffffffffffda RBX: 00007f6db2e15fa0 RCX: 00007f6db2b9c629
[  802.747023][T17513] RDX: 0000000000000004 RSI: 0000000040106f52 RDI: 0000000000000003
[  802.747037][T17513] RBP: 00007f6db3b12090 R08: 0000000000000000 R09: 0000000000000000
[  802.747052][T17513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  802.747066][T17513] R13: 00007f6db2e16038 R14: 00007f6db2e15fa0 R15: 00007fff7f4d4818
[  802.747096][T17513]  </TASK>
[  802.747106][T17513] ERROR: Out of memory at tomoyo_realpath_from_path.
[  803.731541][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  804.626186][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  805.742309][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  805.797276][T17307] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  805.820159][T17307] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  805.829235][T17307] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  805.837762][T17307] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  805.849839][T17307] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  806.932947][T17560] chnl_net:caif_netlink_parms(): no params data found
[  807.170659][T17560] bridge0: port 1(bridge_slave_0) entered blocking state
[  807.178480][T17560] bridge0: port 1(bridge_slave_0) entered disabled state
[  807.186112][T17560] bridge_slave_0: entered allmulticast mode
[  807.194260][T17560] bridge_slave_0: entered promiscuous mode
[  807.204070][T17560] bridge0: port 2(bridge_slave_1) entered blocking state
[  807.211445][T17560] bridge0: port 2(bridge_slave_1) entered disabled state
[  807.219037][T17560] bridge_slave_1: entered allmulticast mode
[  807.227723][T17560] bridge_slave_1: entered promiscuous mode
[  807.270744][T17560] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  807.284358][T17560] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  807.328419][T17560] team0: Port device team_slave_0 added
[  807.338632][T17560] team0: Port device team_slave_1 added
[  807.388139][T17560] batman_adv: batadv0: Adding interface: batadv_slave_0
[  807.401330][T17560] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  807.427991][T17560] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  807.442680][T17560] batman_adv: batadv0: Adding interface: batadv_slave_1
[  807.450417][T17560] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  807.476985][T17560] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  807.591669][T17560] hsr_slave_0: entered promiscuous mode
[  807.599378][T17560] hsr_slave_1: entered promiscuous mode
[  807.608158][T17560] debugfs: 'hsr0' already exists in 'hsr'
[  807.615864][T17560] Cannot create hsr debugfs directory
[  807.901756][ T5144] Bluetooth: hci7: command tx timeout
[  809.195284][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  809.216423][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  809.601683][T17601] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2850'.
[  809.765848][T17307] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  809.981591][T17307] Bluetooth: hci7: command tx timeout
[  811.267931][T17307] Bluetooth: hci2: command 0x0406 tx timeout
[  811.638674][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  812.061562][ T5144] Bluetooth: hci7: command tx timeout
[  812.727433][T17643] ima: policy update failed
[  812.734801][   T29] audit: type=1802 audit(1771958888.780:114): pid=17643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2860" res=0 errno=0
[  814.141468][ T5144] Bluetooth: hci7: command tx timeout
[  814.657597][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  815.570853][T17664] ima: policy update failed
[  815.591608][   T29] audit: type=1802 audit(1771958891.640:115): pid=17664 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2867" res=0 errno=0
[  815.840137][ T5144] Bluetooth: hci3: Malformed LE Event: 0x0b
[  817.843170][T17693] random: crng reseeded on system resumption
[  818.538776][T17701] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2875'.
[  818.723649][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  820.325447][T17724] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬
[  820.652156][T17730] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2883'.
[  822.778445][T17757] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2892'.
[  823.237843][T17765] FAULT_INJECTION: forcing a failure.
[  823.237843][T17765] name fail_futex, interval 1, probability 0, space 0, times 0
[  823.256184][T17765] CPU: 0 UID: 0 PID: 17765 Comm: syz.0.2895 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  823.256229][T17765] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  823.256239][T17765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  823.256264][T17765] Call Trace:
[  823.256274][T17765]  <TASK>
[  823.256285][T17765]  dump_stack_lvl+0x100/0x190
[  823.256328][T17765]  should_fail_ex.cold+0x5/0xa
[  823.256364][T17765]  get_futex_key+0x1d2/0x1620
[  823.256399][T17765]  ? __pfx_get_futex_key+0x10/0x10
[  823.256439][T17765]  futex_wake+0xea/0x530
[  823.256488][T17765]  ? __pfx_futex_wake+0x10/0x10
[  823.256529][T17765]  ? kasan_quarantine_put+0x104/0x240
[  823.256566][T17765]  ? lockdep_hardirqs_on+0x78/0x100
[  823.256599][T17765]  do_futex+0x32b/0x350
[  823.256641][T17765]  ? __pfx_do_futex+0x10/0x10
[  823.256674][T17765]  ? __do_sys_getcwd+0x504/0x960
[  823.256711][T17765]  __x64_sys_futex+0x34f/0x4d0
[  823.256747][T17765]  ? __pfx___x64_sys_futex+0x10/0x10
[  823.256791][T17765]  do_syscall_64+0x106/0xf80
[  823.256817][T17765]  ? clear_bhb_loop+0x40/0x90
[  823.256847][T17765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.256873][T17765] RIP: 0033:0x7ff76039c629
[  823.256899][T17765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  823.256934][T17765] RSP: 002b:00007ff7612bc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  823.256959][T17765] RAX: ffffffffffffffda RBX: 00007ff760615fa8 RCX: 00007ff76039c629
[  823.256976][T17765] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff760615fac
[  823.256991][T17765] RBP: 00007ff760615fa0 R08: 0000000000000000 R09: 0000000000000000
[  823.257007][T17765] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  823.257023][T17765] R13: 00007ff760616038 R14: 00007ffd0952df60 R15: 00007ffd0952e048
[  823.257062][T17765]  </TASK>
[  824.274536][T17774] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2897'.
[  826.688289][T17307] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  826.701025][T17307] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  826.714551][T17307] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  826.724114][T17307] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  826.733820][T17307] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  826.975411][T17796] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2903'.
[  827.011771][T17789] chnl_net:caif_netlink_parms(): no params data found
[  827.105948][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b
[  827.147162][T17789] bridge0: port 1(bridge_slave_0) entered blocking state
[  827.158770][T17789] bridge0: port 1(bridge_slave_0) entered disabled state
[  827.166488][T17789] bridge_slave_0: entered allmulticast mode
[  827.176953][T17789] bridge_slave_0: entered promiscuous mode
[  827.187562][T17789] bridge0: port 2(bridge_slave_1) entered blocking state
[  827.195448][T17789] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.204583][T17789] bridge_slave_1: entered allmulticast mode
[  827.213152][T17789] bridge_slave_1: entered promiscuous mode
[  827.254780][T17789] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  827.273210][T17789] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  827.349084][T17789] team0: Port device team_slave_0 added
[  827.363990][T17789] team0: Port device team_slave_1 added
[  827.415124][T17789] batman_adv: batadv0: Adding interface: batadv_slave_0
[  827.422997][T17789] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  827.454799][T17789] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  827.469258][T17789] batman_adv: batadv0: Adding interface: batadv_slave_1
[  827.476420][T17789] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  827.505641][T17789] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  827.585658][T17789] hsr_slave_0: entered promiscuous mode
[  827.594911][T17789] hsr_slave_1: entered promiscuous mode
[  827.602560][T17789] debugfs: 'hsr0' already exists in 'hsr'
[  827.608670][T17789] Cannot create hsr debugfs directory
[  827.763263][T17812] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2907'.
[  827.862904][ T5144] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  828.781710][ T5144] Bluetooth: hci8: command tx timeout
[  829.400982][T17826] FAULT_INJECTION: forcing a failure.
[  829.400982][T17826] name failslab, interval 1, probability 0, space 0, times 0
[  829.414278][T17826] CPU: 0 UID: 0 PID: 17826 Comm: syz.0.2910 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  829.414320][T17826] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  829.414329][T17826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  829.414345][T17826] Call Trace:
[  829.414353][T17826]  <TASK>
[  829.414364][T17826]  dump_stack_lvl+0x100/0x190
[  829.414437][T17826]  should_fail_ex.cold+0x5/0xa
[  829.414467][T17826]  should_failslab+0xc2/0x120
[  829.414490][T17826]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  829.414527][T17826]  ? __d_alloc+0x34/0xa80
[  829.414558][T17826]  __d_alloc+0x34/0xa80
[  829.414586][T17826]  d_alloc_pseudo+0x1c/0xc0
[  829.414619][T17826]  alloc_file_pseudo+0xcf/0x230
[  829.414650][T17826]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  829.414687][T17826]  __shmem_file_setup+0x221/0x490
[  829.414720][T17826]  ? __pfx___shmem_file_setup+0x10/0x10
[  829.414756][T17826]  ? vm_area_alloc+0x1f/0x160
[  829.414790][T17826]  shmem_zero_setup+0x96/0x1b0
[  829.414829][T17826]  __mmap_region+0x2198/0x29e0
[  829.414867][T17826]  ? __pfx___mmap_region+0x10/0x10
[  829.414917][T17826]  ? __lock_acquire+0x4a5/0x2630
[  829.414948][T17826]  ? find_held_lock+0x2b/0x80
[  829.414982][T17826]  ? find_held_lock+0x2b/0x80
[  829.415003][T17826]  ? finish_task_switch.isra.0+0x200/0xb80
[  829.415028][T17826]  ? finish_task_switch.isra.0+0x200/0xb80
[  829.415065][T17826]  ? trace_sched_exit_tp+0x13a/0x180
[  829.415094][T17826]  ? __schedule+0x1000/0x60e0
[  829.415162][T17826]  ? rcu_is_watching+0x12/0xc0
[  829.415200][T17826]  ? cap_capable+0x107/0x460
[  829.415236][T17826]  mmap_region+0x180/0x3e0
[  829.415286][T17826]  do_mmap+0xc63/0x12f0
[  829.415316][T17826]  ? __pfx_do_mmap+0x10/0x10
[  829.415341][T17826]  ? __pfx_down_write_killable+0x10/0x10
[  829.415381][T17826]  vm_mmap_pgoff+0x29e/0x470
[  829.415411][T17826]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  829.415439][T17826]  ? do_futex+0x192/0x350
[  829.415471][T17826]  ? __pfx_do_futex+0x10/0x10
[  829.415507][T17826]  ksys_mmap_pgoff+0xe1/0x650
[  829.415531][T17826]  ? __x64_sys_futex+0x34f/0x4d0
[  829.415561][T17826]  ? __x64_sys_futex+0x358/0x4d0
[  829.415593][T17826]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  829.415615][T17826]  ? fput+0x79/0x100
[  829.415639][T17826]  ? __pfx___x64_sys_futex+0x10/0x10
[  829.415670][T17826]  ? ksys_write+0x1ac/0x250
[  829.415706][T17826]  ? __pfx_ksys_write+0x10/0x10
[  829.415746][T17826]  __x64_sys_mmap+0x125/0x190
[  829.415785][T17826]  do_syscall_64+0x106/0xf80
[  829.415811][T17826]  ? clear_bhb_loop+0x40/0x90
[  829.415841][T17826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.415866][T17826] RIP: 0033:0x7ff76039c629
[  829.415888][T17826] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  829.415912][T17826] RSP: 002b:00007ff7612bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  829.415936][T17826] RAX: ffffffffffffffda RBX: 00007ff760615fa0 RCX: 00007ff76039c629
[  829.415953][T17826] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  829.415969][T17826] RBP: 00007ff760432b39 R08: ffffffffffffffff R09: 0000000000008000
[  829.415984][T17826] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  829.416000][T17826] R13: 00007ff760616038 R14: 00007ff760615fa0 R15: 00007ffd0952e048
[  829.416031][T17826]  </TASK>
[  830.863841][T17307] Bluetooth: hci8: command tx timeout
[  831.827506][T17307] Bluetooth: hci0: command 0x0406 tx timeout
[  832.128158][T17836] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2913'.
[  832.138695][T17836] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2913'.
[  832.941474][ T5144] Bluetooth: hci8: command tx timeout
[  833.027713][T17307] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  833.046503][T17307] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  833.057042][T17307] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  833.067422][T17307] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  833.078240][T17307] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  833.368007][T17843] chnl_net:caif_netlink_parms(): no params data found
[  833.567170][T17843] bridge0: port 1(bridge_slave_0) entered blocking state
[  833.574989][T17843] bridge0: port 1(bridge_slave_0) entered disabled state
[  833.583135][T17843] bridge_slave_0: entered allmulticast mode
[  833.593271][T17843] bridge_slave_0: entered promiscuous mode
[  833.603408][T17843] bridge0: port 2(bridge_slave_1) entered blocking state
[  833.611721][T17843] bridge0: port 2(bridge_slave_1) entered disabled state
[  833.620865][T17843] bridge_slave_1: entered allmulticast mode
[  833.630129][T17843] bridge_slave_1: entered promiscuous mode
[  833.683503][T17843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  833.698292][T17843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  833.747539][T17843] team0: Port device team_slave_0 added
[  833.756732][T17843] team0: Port device team_slave_1 added
[  833.794009][T17843] batman_adv: batadv0: Adding interface: batadv_slave_0
[  833.802350][T17843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  833.830116][T17843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  833.844707][T17843] batman_adv: batadv0: Adding interface: batadv_slave_1
[  833.852124][T17843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  833.878695][T17843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  833.936120][T17843] hsr_slave_0: entered promiscuous mode
[  833.944304][T17843] hsr_slave_1: entered promiscuous mode
[  833.951288][T17843] debugfs: 'hsr0' already exists in 'hsr'
[  833.957537][T17843] Cannot create hsr debugfs directory
[  834.594802][T17860] zswap: compressor û not available
[  835.021449][T17307] Bluetooth: hci8: command tx timeout
[  835.102545][T17307] Bluetooth: hci9: command tx timeout
[  835.620230][T17307] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  836.876477][T17307] Bluetooth: hci1: Malformed LE Event: 0x0b
[  837.183025][T17307] Bluetooth: hci9: command tx timeout
[  837.706311][T17894] netlink: 228 bytes leftover after parsing attributes in process `syz.0.2923'.
[  839.261490][T17307] Bluetooth: hci9: command tx timeout
[  840.136782][T17307] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  841.341490][T17307] Bluetooth: hci9: command tx timeout
[  844.212052][T17307] Bluetooth: hci1: unexpected event 0x34 length: 11 > 6
[  846.578061][T17307] Bluetooth: hci1: Malformed LE Event: 0x0b
[  848.221945][   T30] INFO: task syz-executor:15918 blocked for more than 143 seconds.
[  848.232825][   T30]       Tainted: G     U       L      syzkaller #0
[  848.239497][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  848.248762][   T30] task:syz-executor    state:D stack:24360 pid:15918 tgid:15918 ppid:1      task_flags:0x480140 flags:0x00080002
[  848.261017][   T30] Call Trace:
[  848.266400][   T30]  <TASK>
SYZFAIL: failed to send rpc
fd=3 want=48 sent=0 n=-1 (errno 32: Broken pipe)
[  848.271945][   T30]  __schedule+0xfee/0x60e0
[  848.276673][   T30]  ? __lock_acquire+0x4a5/0x2630
[  848.284773][   T30]  ? __pfx___schedule+0x10/0x10
[  848.289798][   T30]  ? find_held_lock+0x2b/0x80
[  848.295227][   T30]  ? schedule+0x2bf/0x390
[  848.299646][   T30]  schedule+0xdd/0x390
[  848.304860][   T30]  schedule_timeout+0x1b2/0x280
[  848.309821][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  848.315885][   T30]  ? mark_held_locks+0x40/0x70
[  848.320824][   T30]  __wait_for_common+0x2e7/0x4c0
[  848.326544][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  848.332994][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  848.338815][   T30]  remove_one+0x312/0x420
[  848.345703][   T30]  ? find_next_child+0x18f/0x280
[  848.350795][   T30]  __simple_recursive_removal+0x148/0x5c0
[  848.357760][   T30]  ? __pfx_remove_one+0x10/0x10
[  848.363274][   T30]  debugfs_remove+0x5d/0x80
[  848.367882][   T30]  nsim_dev_health_exit+0x3b/0xe0
[  848.373744][   T30]  nsim_dev_reload_destroy+0x144/0x4a0
[  848.379614][   T30]  nsim_drv_remove+0x52/0x1e0
[  848.386589][   T30]  ? __pfx_nsim_bus_remove+0x10/0x10
[  848.392366][   T30]  device_remove+0xcb/0x180
[  848.397004][   T30]  device_release_driver_internal+0x42e/0x600
[  848.403807][   T30]  bus_remove_device+0x22f/0x440
[  848.408849][   T30]  device_del+0x376/0x9b0
[  848.413913][   T30]  ? __pfx_device_del+0x10/0x10
[  848.418860][   T30]  ? __lock_acquire+0x4a5/0x2630
[  848.424409][   T30]  device_unregister+0x1d/0xe0
[  848.429898][   T30]  del_device_store+0x346/0x480
[  848.435600][   T30]  ? __pfx_del_device_store+0x10/0x10
[  848.441064][   T30]  ? find_held_lock+0x2b/0x80
[  848.446494][   T30]  ? sysfs_file_kobj+0xe4/0x290
[  848.454024][   T30]  ? sysfs_file_kobj+0xe4/0x290
[  848.459148][   T30]  ? __pfx_del_device_store+0x10/0x10
[  848.465737][   T30]  bus_attr_store+0x74/0xb0
[  848.470985][   T30]  ? __pfx_bus_attr_store+0x10/0x10
[  848.476868][   T30]  sysfs_kf_write+0xf2/0x150
[  848.482077][   T30]  kernfs_fop_write_iter+0x3e0/0x5f0
[  848.487791][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  848.493611][   T30]  vfs_write+0x6ac/0x1070
[  848.498132][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  848.505051][   T30]  ? __pfx_vfs_write+0x10/0x10
[  848.510316][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  848.516543][   T30]  ksys_write+0x12a/0x250
[  848.522191][   T30]  ? __pfx_ksys_write+0x10/0x10
[  848.527337][   T30]  do_syscall_64+0x106/0xf80
[  848.532633][   T30]  ? clear_bhb_loop+0x40/0x90
[  848.537485][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.548363][   T30] RIP: 0033:0x7fd5d2d5cece
[  848.553355][   T30] RSP: 002b:00007ffce80d1238 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  848.566673][   T30] RAX: ffffffffffffffda RBX: 000055555d15e500 RCX: 00007fd5d2d5cece
[  848.605442][   T30] RDX: 0000000000000001 RSI: 00007ffce80d12c0 RDI: 0000000000000005
[  848.649445][   T30] RBP: 00007fd5d2e3343f R08: 0000000000000000 R09: 0000000000000000
[  848.662175][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.670778][   T30] R13: 00007ffce80d12c0 R14: 00007fd5d3b44620 R15: 0000000000000003
[  848.701353][   T30]  </TASK>
[  848.713227][   T30] INFO: task syz.1.2452:16011 blocked for more than 143 seconds.
[  848.722535][   T30]       Tainted: G     U       L      syzkaller #0
[  848.730435][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  848.753283][   T30] task:syz.1.2452      state:D stack:28792 pid:16011 tgid:16010 ppid:15527  task_flags:0x400140 flags:0x00080002
[  848.765900][   T30] Call Trace:
[  848.769504][   T30]  <TASK>
[  848.773000][   T30]  __schedule+0xfee/0x60e0
[  848.777493][   T30]  ? __lock_acquire+0x4a5/0x2630
[  848.784794][   T30]  ? __pfx___schedule+0x10/0x10
[  848.789865][   T30]  ? find_held_lock+0x2b/0x80
[  848.795384][   T30]  ? schedule+0x2bf/0x390
[  848.799895][   T30]  schedule+0xdd/0x390
[  848.806299][   T30]  schedule_preempt_disabled+0x13/0x30
[  848.812373][   T30]  __mutex_lock+0xc9a/0x1b90
[  848.817148][   T30]  ? __pfx___alloc_skb+0x10/0x10
[  848.823058][   T30]  ? devlink_health_report+0x681/0xb50
[  848.828639][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  848.834438][   T30]  ? devlink_recover_notify.constprop.0+0x4d7/0x670
[  848.841551][   T30]  ? devlink_recover_notify.constprop.0+0x200/0x670
[  848.848445][   T30]  ? devlink_health_report+0x681/0xb50
[  848.854560][   T30]  devlink_health_report+0x681/0xb50
[  848.860071][   T30]  ? __pfx_devlink_health_report+0x10/0x10
[  848.867195][   T30]  ? _copy_from_user+0x59/0xd0
[  848.872524][   T30]  nsim_dev_health_break_write+0x166/0x210
[  848.881843][   T30]  ? __pfx_nsim_dev_health_break_write+0x10/0x10
[  848.888497][   T30]  full_proxy_write+0x135/0x1a0
[  848.894321][   T30]  vfs_write+0x2aa/0x1070
[  848.898927][   T30]  ? __pfx_full_proxy_write+0x10/0x10
[  848.906068][   T30]  ? __pfx_vfs_write+0x10/0x10
[  848.911032][   T30]  ? __fget_files+0x215/0x3d0
[  848.918854][   T30]  ? __fget_files+0x21f/0x3d0
[  848.924290][   T30]  ksys_write+0x12a/0x250
[  848.930291][   T30]  ? __pfx_ksys_write+0x10/0x10
[  848.936225][   T30]  do_syscall_64+0x106/0xf80
[  848.943300][   T30]  ? clear_bhb_loop+0x40/0x90
[  848.949522][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.957294][   T30] RIP: 0033:0x7f136519c629
[  848.962450][   T30] RSP: 002b:00007f1365ffa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  848.972304][   T30] RAX: ffffffffffffffda RBX: 00007f1365415fa0 RCX: 00007f136519c629
[  848.984143][   T30] RDX: 00000000000001e0 RSI: 0000200000000080 RDI: 0000000000000004
[  848.994865][   T30] RBP: 00007f1365232b39 R08: 0000000000000000 R09: 0000000000000000
[  849.005342][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  849.016715][   T30] R13: 00007f1365416038 R14: 00007f1365415fa0 R15: 00007fffb0ef2698
[  849.026264][   T30]  </TASK>
[  849.056632][   T30] 
[  849.056632][   T30] Showing all locks held in the system:
[  849.066623][   T30] 1 lock held by khungtaskd/30:
[  849.072393][   T30]  #0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  849.082991][   T30] 2 locks held by getty/5583:
[  849.087925][   T30]  #0: ffff8880352d10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  849.099201][   T30]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[  849.114359][   T30] 3 locks held by kworker/u8:21/11107:
[  849.120363][   T30]  #0: ffff88813fea4148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920
[  849.136773][   T30]  #1: ffffc9000969fd08 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920
[  849.148362][   T30]  #2: ffffffff90611f28 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  849.158759][   T30] 1 lock held by syz-executor/15741:
[  849.164844][   T30] 2 locks held by syz-executor/15750:
[  849.170372][   T30]  #0: ffffffff90611f28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  849.180521][   T30]  #1: ffffffff8e7f4e38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0
[  849.192953][   T30] 7 locks held by syz-executor/15918:
[  849.198797][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.211625][   T30]  #1: ffff88805c790488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.224447][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.235192][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.250430][   T30]  #4: ffff88805d06c0e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xaa/0x600
[  849.263021][   T30]  #5: ffff88805d06b250 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1e0
[  849.275025][   T30]  #6: ffff88805ccb1a70 (&sb->s_type->i_mutex_key#10/2){+.+.}-{4:4}, at: __simple_recursive_removal+0xe0/0x5c0
[  849.288791][   T30] 3 locks held by syz.1.2452/16011:
[  849.294535][   T30]  #0: ffff88803698fb38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380
[  849.304441][   T30]  #1: ffff8880202ca420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.314593][   T30]  #2: ffff88805d06b250 (&devlink->lock_key#4){+.+.}-{4:4}, at: devlink_health_report+0x681/0xb50
[  849.326237][   T30] 4 locks held by syz-executor/16226:
[  849.332126][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.345537][   T30]  #1: ffff888034424088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.360411][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.372479][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.383656][   T30] 4 locks held by syz-executor/16806:
[  849.389237][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.399824][   T30]  #1: ffff88805bc2f488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.411500][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.422987][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.436231][   T30] 4 locks held by syz-executor/17084:
[  849.442491][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.453102][   T30]  #1: ffff88805d0e7088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.469669][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.481347][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.493260][   T30] 4 locks held by syz-executor/17560:
[  849.499023][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.509593][   T30]  #1: ffff88807af57c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.520269][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.530719][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.541604][   T30] 2 locks held by syz.3.2873/17690:
[  849.546956][   T30]  #0: ffff8880202ca420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x9b1/0x31a0
[  849.556556][   T30]  #1: ffff88805ccb1a70 (&sb->s_type->i_mutex_key#18){++++}-{4:4}, at: path_openat+0xa16/0x31a0
[  849.568384][   T30] 4 locks held by syz-executor/17789:
[  849.574955][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.584789][   T30]  #1: ffff88805c72c888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.595107][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.606021][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.616976][   T30] 4 locks held by syz-executor/17843:
[  849.622725][   T30]  #0: ffff88803707e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  849.631920][   T30]  #1: ffff88805c70b888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0
[  849.642073][   T30]  #2: ffff888028fa9d28 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0
[  849.653163][   T30]  #3: ffffffff8fb6a748 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480
[  849.667937][   T30] 
[  849.670413][   T30] =============================================
[  849.670413][   T30] 
[  849.680543][   T30] NMI backtrace for cpu 0
[  849.680570][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  849.680622][   T30] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  849.680634][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  849.680653][   T30] Call Trace:
[  849.680662][   T30]  <TASK>
[  849.680674][   T30]  dump_stack_lvl+0x100/0x190
[  849.680725][   T30]  nmi_cpu_backtrace.cold+0x12d/0x151
[  849.680774][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  849.680818][   T30]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  849.680867][   T30]  sys_info+0x141/0x190
[  849.680904][   T30]  watchdog+0xd25/0x1050
[  849.680944][   T30]  ? __pfx_watchdog+0x10/0x10
[  849.680973][   T30]  ? __kthread_parkme+0x18c/0x230
[  849.681010][   T30]  ? kthread+0x13a/0x450
[  849.681047][   T30]  ? __pfx_watchdog+0x10/0x10
[  849.681072][   T30]  kthread+0x370/0x450
[  849.681108][   T30]  ? __pfx_kthread+0x10/0x10
[  849.681154][   T30]  ret_from_fork+0x754/0xd80
[  849.681207][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  849.681259][   T30]  ? __switch_to+0x7b4/0x1120
[  849.681292][   T30]  ? __pfx_kthread+0x10/0x10
[  849.681332][   T30]  ret_from_fork_asm+0x1a/0x30
[  849.681391][   T30]  </TASK>
[  849.807202][   T30] Sending NMI from CPU 0 to CPUs 1:
[  849.813604][    C1] NMI backtrace for cpu 1
[  849.813630][    C1] CPU: 1 UID: 0 PID: 11111 Comm: kworker/u8:24 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  849.813756][    C1] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  849.813768][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  849.813786][    C1] Workqueue: events_unbound cfg80211_wiphy_work
[  849.813825][    C1] RIP: 0010:__sanitizer_cov_trace_switch+0x16/0x90
[  849.813872][    C1] Code: 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 56 41 55 41 54 49 89 fc 55 48 89 f5 53 48 8b 46 08 <48> 83 f8 20 74 63 77 48 48 83 f8 08 74 63 41 be 03 00 00 00 48 83
[  849.813898][    C1] RSP: 0018:ffffc9000964f220 EFLAGS: 00000246
[  849.813918][    C1] RAX: 0000000000000020 RBX: ffffc9000964f650 RCX: ffffffff8addd1f4
[  849.813936][    C1] RDX: 1ffff920012c9ecb RSI: ffffffff8d175060 RDI: 0000000000000001
[  849.813954][    C1] RBP: ffffffff8d175060 R08: 1010101010100600 R09: 1010101010100600
[  849.813974][    C1] R10: 0002060101032418 R11: 120c968b84820801 R12: 0000000000000001
[  849.813994][    C1] R13: ffff88803613c600 R14: 0000000000000001 R15: ffff88803613c61c
[  849.814014][    C1] FS:  0000000000000000(0000) GS:ffff888124451000(0000) knlGS:0000000000000000
[  849.814043][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  849.814064][    C1] CR2: 0000560004c52ee8 CR3: 000000000e598000 CR4: 00000000003526f0
[  849.814084][    C1] Call Trace:
[  849.814095][    C1]  <TASK>
[  849.814110][    C1]  cfg80211_inform_single_bss_data+0x6db/0x1e20
[  849.814155][    C1]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  849.814209][    C1]  ? ieee802_11_parse_elems_full+0x177/0x3720
[  849.814261][    C1]  ? stack_trace_save+0x8e/0xc0
[  849.814295][    C1]  ? cfg80211_inform_bss_data+0x237/0x3a00
[  849.814339][    C1]  cfg80211_inform_bss_data+0x237/0x3a00
[  849.814375][    C1]  ? kasan_save_stack+0x3f/0x50
[  849.814465][    C1]  ? kasan_save_track+0x14/0x30
[  849.814512][    C1]  ? __kmalloc_noprof+0x301/0x850
[  849.814553][    C1]  ? ieee802_11_parse_elems_full+0x177/0x3720
[  849.814596][    C1]  ? ieee80211_ibss_rx_queued_mgmt+0xc8d/0x2f80
[  849.814635][    C1]  ? ieee80211_iface_work+0xbff/0x13d0
[  849.814677][    C1]  ? cfg80211_wiphy_work+0x446/0x5c0
[  849.814707][    C1]  ? process_one_work+0x9d7/0x1920
[  849.814744][    C1]  ? worker_thread+0x5da/0xe40
[  849.814792][    C1]  ? kthread+0x370/0x450
[  849.814826][    C1]  ? ret_from_fork+0x754/0xd80
[  849.814865][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  849.814896][    C1]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  849.814933][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  849.814977][    C1]  ? _ieee802_11_parse_elems_full+0x5cf/0x49e0
[  849.815044][    C1]  ? __lock_acquire+0x4a5/0x2630
[  849.815081][    C1]  ? ieee802_11_parse_elems_full+0xed5/0x3720
[  849.815128][    C1]  cfg80211_inform_bss_frame_data+0x247/0x790
[  849.815163][    C1]  ieee80211_bss_info_update+0x310/0xab0
[  849.815205][    C1]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  849.815249][    C1]  ? find_held_lock+0x2b/0x80
[  849.815271][    C1]  ? ieee80211_ibss_rx_queued_mgmt+0x18df/0x2f80
[  849.815310][    C1]  ? ieee80211_ibss_rx_queued_mgmt+0x18df/0x2f80
[  849.815354][    C1]  ieee80211_ibss_rx_queued_mgmt+0x1919/0x2f80
[  849.815394][    C1]  ? __pfx_ieee80211_sta_active_ibss+0x10/0x10
[  849.815517][    C1]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  849.815579][    C1]  ? rcu_is_watching+0x12/0xc0
[  849.815620][    C1]  ? trace_contention_end+0x140/0x180
[  849.815669][    C1]  ? kcov_remote_start+0x374/0x660
[  849.815718][    C1]  ieee80211_iface_work+0xbff/0x13d0
[  849.815767][    C1]  cfg80211_wiphy_work+0x446/0x5c0
[  849.815801][    C1]  process_one_work+0x9d7/0x1920
[  849.815847][    C1]  ? __pfx_process_one_work+0x10/0x10
[  849.815891][    C1]  ? __pfx_cfg80211_wiphy_work+0x10/0x10
[  849.815925][    C1]  worker_thread+0x5da/0xe40
[  849.815971][    C1]  ? kthread+0x13a/0x450
[  849.816003][    C1]  ? __pfx_worker_thread+0x10/0x10
[  849.816039][    C1]  kthread+0x370/0x450
[  849.816073][    C1]  ? __pfx_kthread+0x10/0x10
[  849.816108][    C1]  ret_from_fork+0x754/0xd80
[  849.816148][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  849.816189][    C1]  ? __switch_to+0x7b4/0x1120
[  849.816219][    C1]  ? __pfx_kthread+0x10/0x10
[  849.816253][    C1]  ret_from_fork_asm+0x1a/0x30
[  849.816292][    C1]  </TASK>
[  850.268457][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  850.275670][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  850.286943][   T30] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  850.292186][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  850.302634][   T30] Call Trace:
[  850.305948][   T30]  <TASK>
[  850.308999][   T30]  dump_stack_lvl+0x100/0x190
[  850.313766][   T30]  vpanic+0x552/0x970
[  850.317837][   T30]  ? __pfx_vpanic+0x10/0x10
[  850.322416][   T30]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  850.328844][   T30]  panic+0xd1/0xe0
[  850.332633][   T30]  ? __pfx_panic+0x10/0x10
[  850.337372][   T30]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  850.344456][   T30]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  850.351395][   T30]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  850.357884][   T30]  ? watchdog.cold+0x198/0x1ca
[  850.362788][   T30]  ? watchdog+0xd35/0x1050
[  850.367258][   T30]  watchdog.cold+0x1a9/0x1ca
[  850.372029][   T30]  ? __pfx_watchdog+0x10/0x10
[  850.376943][   T30]  ? __kthread_parkme+0x18c/0x230
[  850.382035][   T30]  ? kthread+0x13a/0x450
[  850.386535][   T30]  ? __pfx_watchdog+0x10/0x10
[  850.392244][   T30]  kthread+0x370/0x450
[  850.396370][   T30]  ? __pfx_kthread+0x10/0x10
[  850.401012][   T30]  ret_from_fork+0x754/0xd80
[  850.405836][   T30]  ? __pfx_ret_from_fork+0x10/0x10
[  850.411353][   T30]  ? __switch_to+0x7b4/0x1120
[  850.416183][   T30]  ? __pfx_kthread+0x10/0x10
[  850.420820][   T30]  ret_from_fork_asm+0x1a/0x30
[  850.425679][   T30]  </TASK>
[  850.429526][   T30] Kernel Offset: disabled
[  850.434316][   T30] Rebooting in 86400 seconds..