last executing test programs:

25m37.643863229s ago: executing program 0 (id=824):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge_slave_1\x00', <r3=>0x0})
sendmsg$auto_ETHTOOL_MSG_FEATURES_GET(r1, &(0x7f0000003080)={0x0, 0xfffffffffffffdb2, &(0x7f0000003040)={&(0x7f0000002fc0)={0x20, r2, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004800}, 0x0)
mmap$auto(0x394, 0x3, 0xdf, 0x9b72, r0, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="a10100bfaa780ff4a7d2a27c784702fa7283622b0a94d2ddbd3dac7dc0", @ANYBLOB], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, 0x0, 0x7, 0x6, 0x0)
r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x40080, 0x0)
pread64$auto(r4, &(0x7f0000000080)='/proc/self/comm\x00', 0xec5d, 0x7f)
arch_prctl$auto_ARCH_GET_CPUID(0x1011, 0x7fffffff)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto_BPF_LINK_GET_NEXT_ID(0x1f, &(0x7f0000000100)=@token_create={0xaac, r4}, 0x774eceb8)

25m36.652830072s ago: executing program 0 (id=827):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
timer_create$auto(0x9, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0)
mmap$auto(0x2000, 0x80009, 0xb, 0x8000000008011, r2, 0x0)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0)
fcntl$auto_F_SETOWN(r0, 0x8, 0xffffffffffffffff)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000400), r1)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB='\x00', @ANYRES16=r5, @ANYBLOB="00042abd7000ffdbdf251e000000080027000100000008000100ffffff7f"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x4)
r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe)
write$auto(r4, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
timer_settime$auto(0x0, 0xd80, &(0x7f0000000040)={{0x40000000000026b, 0x4}, {0x0, 0x83}}, 0x0)
timer_gettime$auto(0x0, &(0x7f0000000080)={{0x5, 0x8}, {0x7f, 0x10000}})
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x325a42, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r6, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/rpc/auth.rpcsec.init/channel\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_VHOST_GET_FEATURES2(0xffffffffffffffff, 0x8008af00, &(0x7f0000000040)=0x1)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @link_local}, 0x6a)

25m35.126589476s ago: executing program 0 (id=832):
r0 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000003c0), 0x484000, 0x0)
process_madvise$auto_MADV_PAGEOUT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)="4748229960d26483a90859461d1795089b08ac29369c26ac84", 0x3}, 0x9, 0x15, 0x101)
readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040)="92c6166fbc2bdb2efe770000c31f918b3d57ce97807503ff718eb1d78ad95aaf335512f7abc08438fcf4a010d7e5f32c94f4d4cdfe91ea5e2934d206fd9936691e84c0bb7e785e2efd2a7013ccc79562e205000000d0616eccf214ec78e68312509572ae54926e27b8eacee417db0c9c4a129e0559629c60001e045209807d9d12574c15b356e74d43", 0xfdef}, 0x2)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mouse0\x00', 0x215b02, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x5)
sysfs$auto(0x2, 0x49, 0x0)
r1 = fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r1)
sendmsg$auto_NL80211_CMD_NEW_MPATH(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000400)=ANY=[@ANYBLOB="34c400", @ANYRES16=r3, @ANYBLOB="000829bd7000fedbdf2517000000f2004f000f405336e816571f9f78a61f87cabb838443afa3e5b288cb0c5a3be01cedd31139719caefe96cd613aadb28ea4d499421100d0c5df7e61fee96125f3d4134792e9d3a3833f950fed415fb866e706e3145578f5ab28dc5033617ad5b0b8db1cfb770b8044abd8cfcca96b49970a92fff1e0305efa0beab99a51d259ff25988d408c9f24e43fc886a29eb8d47a274ac7e4248863744e492b2190d6d66ca2773e7cbd9f410088a561fb129002c4727ef0f0a0c3e0f382ed4fab3b0fa0f39d06e045bb05b6020168518fbe8b4675867278664c50225eab61819c6fcaca28a155fe772b486cd4a7d9f89eef480258a58300002b12758039ebcda5ad03496f1bf2c41e1305460ae1aa1af5d2a8a005494f4229778a519199d8bc34db3f6cfe22102ff5e590b3377e8ffeececffedc81d8f613fbacbfbd611f8164bc53443829b2507ac7797c116ee264e07f24ff13530fabcbd42b4c923b4d740d8f1b395afe1393409bf4151b994a7cecb4b313cd28d7d22aaa1962df18a36781894d581d972acf6625445843918fd56eefbc0f1bab20e13f85d4ce06fd162efbee6133c13bd75b6074bf259206998eab5a17605a44e2f8698f2d3bb3a5033877503c537692a85fce325a509797082b6ca05e2e16ef484efa61c9e2a1cec7e68708c300eeefe2f81867e7c15920f92297a83cb85724312c0c459900a0a1b8aa1d818b1cb6a1d6a17fc3b639aececa9ff0dcaecb8041c6a28b99cf12eedc7cf0ceb916b56066dd4d19867ef6a7666d8af3711bc05a5dd94c323cc7fc6b2984cbf64707226e8a85dd16104721aa44082615af006352eab11f9a1fcb84874eb1187108c46bb6f5526de601d00529fee760797387425f95bae3e43de4bb7cf0315ecc3f2f03be371c15905651e8e93acd5bf48fa8578f271ecd7cd7f1a00205eda4e20eddb48eb3217a2937a0597f01e54b23d5e69db752a8360f3e360c984f2551864f000e2616099092ff33b78f899d64bac746646f42e39ba156fede22daf88e1b9a5c4c9470f146f880c17bc0158439efa524e638be2c6658bf53460b00b7bff0d8b85a3bcc786eee2fab695f90359bcf22c50701d6a302e687346ab63b8e8cbca24be491c3130d1839cf9fc872387ab95ca878c0b62fc385d6d5a8a7fc1738f89a8978731e2909dbfba287405d655896593907df2fa4a36989af03fbf5143cbd076e3cb5341b1570382a7d33e4693b18c5adb88e4e6e0776ff9f6bd877b2de206b948a41adeeb6276c16d49a3bc0302b5e182527b9e3cbd2f165d35d958e01942e31f8d246a08aeedbba5680713adcb8350e897052de7e1c64851456fe2d2e9611e989ee4356bd51a878b2f94cf2492ebf16d238d03f7c7fbb92ab3908c6f57251f215da84873bef42e6d43d129707a9b6bb3d8c1a55cf5de5a6e067be76c80b1b8c7046ad6d51f85f48d1e15528280a45cbb0c3baf9a4228322d3d0bfdc95e84a464b99aa26714530e7cc01ce66fb2d1ac062d3ea120d7ed22c615e8068cf837c6d9768a3ae483b6da82ec9a11eaed13542e09cb44a354f750c533908f782da2165ffa9a5d114771fb35dc2b68505195bc2ee7e8be6a6bf3f5b1949a0e537f42f8b1e2f6b9b879df5f636c235f2a65f4c2bfed82afa20f2ef5881fe1f07c677328086bfad86f9ec2a13001755cb93a0a49194d393563aaaaa6041953199abe58ca0c58ed2b0c47fec69af134e6e96921d64491fa9373afb3653e5a33aabce885db2d50944f5cfc2c1947bd5f664cb752ab9714cf951f403d0e2e8ea1ab78916877b39f0bd948ef70e4f15f24cf99a9de1a933d2eed36c803e6bd12116a6be670a53f1c6cd5b8c93563ab26d7e24975d3ebeb58e8d45d7c8441f1aa70a5c8285795754e3c5310a9e304dfc86e2ca4864a85296459519f6f79eb3a33f81511f87999f8ebd05232864eade5be37e94c6a5af2877d65cb8b7abab8a7989414341a7553064b19188fed07edf139b822b9e84aca84bc45f3f116e63ae9e22e96efb30e8b4af0d0124d61ca576a8df6377ae1fb03a5fa65450e0839b2e1ef53b92789b0ed156c8fea8c672c51794260e7ca27183453f03fcda37c41f483226c62c9ef226a7a5f70e6f6ea7020aee21636ad71ca072da8efd10d8b128a4e211640808e9b7138bc7ed8430dfbe27736a14f77fce2500eb8ccf2bb0e37c2296141f7b9fbc877b978729ac3514f8e1552e236fc56d8ddc8cc20639cb38260173cb246396f95f54894a15b9251aaf184c2d4e12064930b6d37f39848ef03520b5aafdaad553e128a933a2e71256406094f867a95b55435a5349a6a945ab87ceaf1bc0048d10fbeac221fcce0df893779c37f03c606c77b8045ec3af07d10ce02da3f441bf1af23400ff62977a8f0692783f4198402083c941635736644b18f8bfa1d6e641cf85bfd4058778d80036e8e0d58a30abc46dfd5fd2af956805cdee61450b3670d1fc9164aa9f74683dba460a78297c7bdb2e258fc0e12f524e0f94090d3929d219ad27328805f6fcf2d438cc47dcf7a8ad8b4bf71f1e182eeb3fffccb4f3c0dcfc6eea8fbe4d83ab9d5d2b35e472a60dbd10c08b30ce64976b68ee948fd9e1e8131052e5d1c7c60c9cdca1e76a2fefd8b1a2d091829c09cd060d97f266d4c7288db46aa78113c88b8d3f5b2302949848b70d24fb98171f6750b22181bbaf161065a935212095333cabe64a2c1d305761bbcfa1794f67d4864207ae1e969472c1e9b3dc9bd98fde3d482ef967106e3cb6677d88799619599f0932b9c1f990511fe9c0128646867f9b5f2974ec2e46ad9bf0f7fd8620ce3f24739aa0723218dbe80104d2bee16bae75d6e4d179f360a9cb1d7a3855b3d9b0d2dbec5878e3e714bd548fdd3280f5c74bf7c4a8736c74d7499253fcdd96e8f67a9810e32df7da4582b77ed214f5c7e49af3f2c425cb31a6325031adee8c988557bae59f520c0101a83454c6c799902d0ba976570007fab10e8895fad1d2f290872531beb34b7228d98fd52e987f06dce98b2d7102076e54854d9e9ff776bcc4ac07afd56f327e3444d022a4ac25444c245042174fb51b64739e323607276a607b62ad5a055080c740b11058fb8f089cff355a53db6ca89abbf290975bd56e0ece7278e49464bb4390978026cc2c8d2bafdf69d7b22992ebb66344235c2cffcc1b232dd880ac32c3be97ebba1f82fecc37c7fb26d8627e79385fb919217290638f72c702757e352fb4bd418b37b85b444fe96e5487ca7c2745312dd13089b76a1254e0845a4a52c6a6cf423802550fb0f6a170f1c8b8388619f0b4ceb4b48b2ffa58d2641920f1a2782ef1a6488df100b30200f0077b788cecd659d497a8b8f27b1b4d7f543931dcdaabbfc882e7c9ff835b5dfdf680432ac664dbdc3db69725b8198aea2605d83b40f4282e5e450a68620932e5b9d1e88be16590bde56a89ebb79d4ed6a72997038793f12807ceed66fd480494c425405988e391a1db9798c592fcdd4cbab023c118606d48286f9df99c0dcd9bf738fd03faadcc8bbed34be48c61f0fb93514fb3415f986553f1603c68016d49e5b0f3948f8e4954f98757850e3f7609bd7cd53062fc3c54f2a150ddabbe6c2e22e3baeb873235cb214111ea5d72a3304e281b9c110543a427b6f942b93bd9cca2a0e7feb79ebcc868c09434349141e333d18410872ec373a010630106df2a5c5789cabcbff267476a223ed3dc9f5a79e3ee8025e16ca38c658d7004ea4fc3b0ebd9107b6f2ea88d5f6bde4487944e8bf5d0d5d5e23546e0c1f5ab2219baeda0b557ac0a9b829216aae6ca5223479884e1bae390b0462c5847859795853de45ede91daa58c1d8ed2fb0a5f649c3f06c7e0365e19e96e022a20d2647250c07ddf542904a91eb70064bee53449f14bd32cde756d41d42d4268a0f32f7044ce7940a0aec5b3518385af8cbe51eb9f155b62aa768844559fd734d3f22456ba6883417666079132f383882a50b02f4014a30082de274b830758f1e7ae7cc1b9c75a5559e103d1ff5538afd117831475d7046a68d564a686a348dc4b578ccbfc2fb82a45a25abc604047e4f64083f283cde1afca9ca98f7a017daf0fb5767ebd3ae3e2345015d5670f4dd4061ce78269dac41e0b4eafc73aa166aae26f1cd4e5f89607442e56ffc69703fba55d25a58afc1ef6d1a6fa24298d38ea949bf77d54243790006a47c0671a2ab401007802a0d2bd4898006eb5513bd601bac4f9d2cffa3d0d482351148ec54a4fe0b8082c8bebba93d52c5455ad46d56ea9c94d964334219d0ec6f15ea774eb27d33adee70d8395106a47a24d4742ab9d6e7a255f33a3aa1f97ead01127e731a2cc7cc7b74397b54e019a371001a04bbbe7c85a5c2d1db09a398fe221f95f8317d53382f923bab2eda6a994553197ba8c914143eb15d320fa1b6c79f424cff84263a2dc9b0b723975972ae2bdb89c953a96471e3fa0ffec0483758820c1afccaee011afc3f1506b320a5ffc26eabab3659b0f6fa0ce33a766bef33d6765e769cf6b8693417637ebd9e8c83ede1e9a1ab41c186e2c74a5487680ac63ba1690d4930cd37fc41cbeae1b8e9090293d0aa680418115624274839921a87bcdd409c9357d990981770e8622de2df93359c5a61c458bea21d7799c6ffb8126ffe83f5d7055641b60dddbb91357f257b194c3dd32ad7ad06414f1d273b244fd3e5ad615a697cdeec19e4a6b8a55e604b98f3a11628530ef2877b1670967064345c712050a911c124b98004a8f0fa6c1b65f3bb8241b04a3d7b7acfb639c6c5cf5e8b737474af32ce2f06145cb60a3a0df83fbf4dc4487f997038eb3afeb9ecc15b13c24cf9b46666e5453f07ee2bac10b382aa1b44d6ce3698b5bb5c5231e31fb8c135a948d1e13d577d29e004c2399b40aaec3b526f8529f712e52317c3384af2e568f00f4a00ae1ea665513032a3bddbb943fd45873523d0f0090e27b9465f7387aeebcad29037f3d06828ed7c17fb67f3aa4bb949a7dff7a1d15ca51351dbfda5dc14b796b21651df6706e16f5a5507d1119f21c4ce17f95157bb97d9fb2cecbcf87de43257d7136c24a7a8410fa5e7a30e7d07b9190becbcb47a3adb70a838ec989f21a8d5d7b0422554c25cb6be08cac70bec3eea2558fb99d495600f5692b3a639b6ee9eba15b5cbd65bb4ea9a4388454a5c170526086aa80dda630b4d8b6c5aec1491c3f4d2eb8dcb53a12becdc5fcf80c97e5a2937c04ee39fec4dcba5abb3286e7d06607144e395c6ec773638346affbd5c10929a8a8ccb97cc617ce83f2f12767f3935e01aaa3f95c5ef13d4bb391154802dfbbd1d67ad8988b5afd8d78332ff60847439d6a42ab4277cb40a1ebe089bc0cd9d1b2d47d41821528d5ade90a104237ebe42765e70e8290132c49e501ed53d797a61a666cf11a7abfbbf151b426c58c010e2e3330fa4a0db8ffc9624fc96f5887cfe5ca6b7c230feede5843765569751317cd41fe15d196fa645924e5cf8e04af34f4908250cd5cbb542fea2cd612ef5f803138dce53badb29a3cf87d11063f5e00a33dc07fbaa88d047a5e3afc63a031f0aae224e6c3bafa4402d82833f23834b70e95b233cb8d6885dfcb079928aa313a93b693fdd0c07b3bf612ef4d8b8ba82db41fb1d5c8cbbd5c2aca8deaef02b4099afe743d5d1d95abca88df35af619a96dcc54a9f881874a27960832c6bbe71240fd2555d93599683283f2c708cd961d29f433f65c9746347640c806da7cfd251a440e4c9651bc9338461ae210894d75d1279976332173f3182c8e6068d6eb9820c7f79602b46586b4021361caa27c9000ecf15bc9eb004e16ab81efcf262c7c4d67859333d92b66e18fd0f0aefd7749d24d30c5f5aef56c4c22a705f3abf79cd2b650e994662bd387549dc3913045ee4a5bcf24a74fe6c7e59c4d6b03683b094c2edb84480b4f6f745622ea68e045f0dbbe295d29dde3e790d9cca42c15fb348e963d1e80f377df5224089cb77db0fb0f4210fe9fed639a66659be4e37772d037a71756d24726fe5e07f605f5b41633aa41bdc2a7e11f65c71794a2841eeaeb94fb98a84b246e63aaf617d1b020e41ed28fe0c44226013f14e5ab61450f2e07610d89fae2d3cd7f68e03f8562ea0f98afa610a518f8cea5d36759906249be2d8f7b672e3b223548af513ee3e195d2a9b58874801eb7643e5e373412c14f16b567a417a58245a00a6dd4b41daf9cc447a9953c9db5866685447131d4142dbbb9bf31bd19eef6e1ba0b9d407d426c255942398561913f62eae8a2960a1c524028d17e6a74c583dee35e0a99e3608be53a66f2e59db447f934f4abbc7982b911c1c4fba086779884297adf35c58577084a7e96bb49f44ba8b9def4f16acbac76b30f9c1164b97a170669ed36ac470414ae13015a176ea441b7bc3ff9d321e1cd902afd57865f924a9ad4c508695bd4f01ed46021accb605a70aa5c53338e5a3ccebed149d9c1a042da8419ff910a495d2be6879da98f2b11beee768e2aa84896eae677f2538a4d605ab3867bf22cfae32560b0c36d5ddfb783049ec8a712a6dadd4eb6b81f96c251ff3de00400c400e000d18004007f0008004500e000000108006300", @ANYRES32, @ANYBLOB="bf00ed00bf209aa739f89547f0d89c75317a322c449dd6496a000882c6305de2d6183e7180c6c57d98da0c2054efb275e07b5e6e8f7e802af20cfaa98dfaeadf3740d5cda303d0af1202bb586900a344638bb4a7774053bc73e25460a6ce116a9d06e05a1df91b4741debd2c54fb10027f12846e797af85ef0dbd94eb46c42d518d56a8fb956db4f60c2d12205b50ad465e05550e2967ab408d80a2bd6e91167f8df440b517a8f8f6ca539b8ee92033b2b006eca1c2877568b55a5c941bbe50008001a000020000000"], 0x1334}, 0x1, 0x0, 0x0, 0x8040}, 0x80)
close_range$auto(0x2, 0x8, 0x0)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r4)
ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d06, 0xe3, 0x100000007f}]})
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = io_uring_setup$auto(0x6, 0x0)
r6 = socket(0x2, 0x2, 0x1)
sendto$auto(r6, 0x0, 0xb, 0x800c, &(0x7f0000000000)=@xdp={0x2c, 0x3, 0x0, 0x1f}, 0x1)
syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@tipc=@id={0x1e, 0x3, 0x1, {0x4e21, 0x3}}, 0x6a)
r7 = getpid()
process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0x100000000ffb}, 0x200000000001, &(0x7f0000000240)={&(0x7f0000000040), 0x100000002}, 0x6, 0x8)
socket(0x1e, 0x4, 0x0)
setsockopt$auto(r6, 0x210f, 0x88, 0x0, 0x2)
close_range$auto(0x2, 0x8, 0x0)

25m34.828714888s ago: executing program 0 (id=833):
setresgid$auto(0x800, 0xee01, 0xffffffffffffffff)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
setfsuid$auto(0xee00)
setfsuid$auto(0xee01)
ioctl$auto(0x3, 0x4b34, 0x3)
setregid$auto(0xee01, 0x0)

25m34.627143126s ago: executing program 0 (id=835):
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x103281, 0x0)
mmap$auto(0x0, 0x20009, 0x9, 0xeb1, 0x401, 0x8000)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
write$auto(r0, 0x0, 0xc3)

25m34.390879942s ago: executing program 0 (id=836):
r0 = open(0x0, 0x121202, 0xcd)
socket(0xa, 0x5, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fstat$auto(0xffffffffffffffff, &(0x7f0000000140)={0x9, 0x4000000000ffc, 0x4020000000007, 0x939f, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x80000000000005, 0xc0f, 0x1, 0x7fd, 0x92b8, 0x7, 0x800, 0x7})
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
socket(0xf, 0x3, 0x3a)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
unshare$auto(0x40000080)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff)
r4 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r4, 0x5, 0x1, &(0x7f0000000000)='l2tp\x00', 0x7)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r2, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="00000300", @ANYRES16=r3, @ANYBLOB="09032abd7000fedbdf2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x48800}, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xa, 0xffffdfffffef0001, 0x40015)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f0000000940)={{@inferred, 0x342, 0xd, 0x6, "c839bab14d1212548fd4da54d56956cc9e8e0d47d085a8c3689fcc68be5410e600"}, 0x1, @bytes=@data_ptr=0x0, "a213722d36c81384a87a485117c469cef9981e8a0237986ae6ca3ae611e7e813211b8b6dfcb1ac96427f740d04e0e4edcee7f09888db8e0500000000000000a4be3738ea586f05b9f29af9b74efd20665991b0ebdb2cd8d6f01bb54275431be8bb0ccd7c680cc500073cf6e0fffe7319f2e6ae7d05fd890a7ea859e900915ea2"})
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)

25m19.313574828s ago: executing program 32 (id=836):
r0 = open(0x0, 0x121202, 0xcd)
socket(0xa, 0x5, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fstat$auto(0xffffffffffffffff, &(0x7f0000000140)={0x9, 0x4000000000ffc, 0x4020000000007, 0x939f, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x80000000000005, 0xc0f, 0x1, 0x7fd, 0x92b8, 0x7, 0x800, 0x7})
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r0, @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
socket(0xf, 0x3, 0x3a)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
fanotify_init$auto(0x65, 0x2)
pipe$auto(0x0)
dup2$auto(0x5, 0x4)
splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9)
unshare$auto(0x40000080)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff)
r4 = socket(0x2, 0x1, 0x106)
setsockopt$auto(r4, 0x5, 0x1, &(0x7f0000000000)='l2tp\x00', 0x7)
sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r2, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="00000300", @ANYRES16=r3, @ANYBLOB="09032abd7000fedbdf2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x48800}, 0x0)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xa, 0xffffdfffffef0001, 0x40015)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC0\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f0000000940)={{@inferred, 0x342, 0xd, 0x6, "c839bab14d1212548fd4da54d56956cc9e8e0d47d085a8c3689fcc68be5410e600"}, 0x1, @bytes=@data_ptr=0x0, "a213722d36c81384a87a485117c469cef9981e8a0237986ae6ca3ae611e7e813211b8b6dfcb1ac96427f740d04e0e4edcee7f09888db8e0500000000000000a4be3738ea586f05b9f29af9b74efd20665991b0ebdb2cd8d6f01bb54275431be8bb0ccd7c680cc500073cf6e0fffe7319f2e6ae7d05fd890a7ea859e900915ea2"})
openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)

9m7.560128265s ago: executing program 2 (id=3762):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/module/nvme/parameters/write_queues\x00', 0x8502, 0x0)
mmap$auto(0x1000000000000000, 0x4020009, 0xdf, 0x1000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0xa, 0x0)
r0 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@nfc={0x27, 0x0, 0x1, 0x3}, 0x6)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
write$auto(0x3, 0x0, 0x5c8)
r2 = socket(0x29, 0x800, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x4)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
fcntl$auto(r3, 0x402, 0x2)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40302, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x6, 0x80dc, 0xeb1, 0x401, 0x8006)
sendmsg$auto_TCP_METRICS_CMD_GET(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)

9m7.010227445s ago: executing program 2 (id=3766):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socket(0x2, 0x80805, 0x0)
capget$auto(0x0, 0xfffffffffffffffe)
getsockopt$auto(r0, 0x84, 0x22, 0x0, 0x0) (async)
getsockopt$auto(r0, 0x84, 0x22, 0x0, 0x0)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
execveat$auto(r1, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x3) (async)
execveat$auto(r1, &(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x3)
rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00')
rename$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='./file1\x00')

9m6.813203354s ago: executing program 2 (id=3767):
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/ext4/sda1/inode_readahead_blks\x00', 0x1ca142, 0x0)
sendfile$auto(r0, r0, 0x0, 0x7fff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48004}, 0x4050)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netlink\x00', 0x40080, 0x0)
pread64$auto(r1, 0x0, 0x566, 0x80000000)
r2 = getsockopt$auto(r1, 0x2, 0x6, &(0x7f0000000040)='\x00', &(0x7f00000000c0)=0x200)
ioctl$auto_VFIO_SET_IOMMU(r2, 0x3b66, 0x0)
r3 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(r3, 0x5, &(0x7f00000001c0)="775cb15666bc1f22ace2b5068e904651b860562442dba23c993387bebab429e19f903d1436840e7f73b0bd7e42285b7f414c8b4cf3c6497e382d01badaa6b6beea515d9409b59544118d7dce2ef6522f2090", 0x3)

9m6.606744427s ago: executing program 2 (id=3768):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x8504, 0x5, 0x7fc, 0x7fb, &(0x7f0000000080)})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, 0x0, 0x800)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0})
fanotify_init$auto(0x602, 0x1)
openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QSTATS_GET(0xffffffffffffffff, 0x0, 0x8000)
open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45)
openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bsg/0:0:0:0\x00', 0x40, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex_wake$auto(0x0, 0x5, 0x4, 0xa)
futex_wake$auto(&(0x7f0000000000)="facff2b53ab3522cb329b5a87bdbc091f5a6ad597f2789e870d64db4cf6503135f5a750abc973b65703b664991ab45d13445d9c4df1d25210345f44468854c9689b943d1c65073bf11fd0c98fb48f9f4d67c0908e7470167", 0xfffffffffffffff8, 0xfff, 0x7f)

9m5.584289772s ago: executing program 2 (id=3772):
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000)
sysfs$auto(0x2, 0xe, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x82000, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
ioctl$auto(0x3, 0x40505330, 0x38)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0)
select$auto(0x7, 0x0, &(0x7f0000000100)={[0x9, 0x5, 0x0, 0xfffffffffffffff6, 0x7, 0xfffffffffffdffff, 0xdffffffffffffff8, 0x2, 0x0, 0x10000005e58296f, 0x6, 0x7, 0x3, 0x200, 0x1, 0x9]}, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
mmap$auto(0xffffffffffffffff, 0x20005, 0x1ff, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x2020008, 0x2000000001, 0x210, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)

9m3.528235714s ago: executing program 2 (id=3777):
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0x9, 0x10, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x5}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0xa, 0x3, 0x6)
r1 = getsockopt$auto(r0, 0x40000000029, 0x4, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
semctl$auto(0xa, 0x2, 0x13, 0xde)
r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ieee80211/phy2/address_mask\x00', 0x88100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000)
setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r7}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r7}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x58, r4, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x81}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x7fffffff}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x3}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x77ce}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x40080)
recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x29, 0x2, 0x0)

8m48.181730828s ago: executing program 33 (id=3777):
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0x9, 0x10, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x5}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0xa, 0x3, 0x6)
r1 = getsockopt$auto(r0, 0x40000000029, 0x4, 0xfffffffffffffffe, 0x0)
mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
semctl$auto(0xa, 0x2, 0x13, 0xde)
r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/ieee80211/phy2/address_mask\x00', 0x88100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000)
setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x60, 0x0, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r7}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}}, @HSR_A_IFINDEX={0x8, 0x2, r7}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r1, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x58, r4, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x81}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x7fffffff}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x3}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x77ce}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000040}, 0x40080)
recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x29, 0x2, 0x0)

8m23.40831939s ago: executing program 3 (id=3873):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/crash_hotplug\x00', 0x8a080, 0x0)
mmap$auto(0xffffffffffffffff, 0x2020009, 0x1, 0x800000000000ebd, r0, 0x8000)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file1\x00', 0x161342, 0x130)
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x40800, 0x31)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x1)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r2, 0x0)
mmap$auto(0x6b27, 0xffffffffefff2c76, 0x400000005, 0x10, r0, 0x8)
socket(0xa, 0x3, 0x73)
getcwd$auto(&(0x7f00000003c0)=':%,^*#\')\x00', 0x8)
mmap$auto(0xfffffffffffffff9, 0x2000a, 0xe88, 0xeb2, r2, 0x8000)
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000440)='/dev/input/event0\x00', 0x668401, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x6, r1, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/reset\x00', 0x24a081, 0x0)
write$auto(r4, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x2}, 0xed7138c}, 0x2, 0x9)
finit_module$auto(r4, &(0x7f0000000140)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x40b)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8800, 0x0)
cachestat$auto(r5, &(0x7f0000000640)={0x8, 0x4000000000008}, 0x0, 0x0)
r6 = socket(0xa, 0x5, 0x84)
sendmsg$auto_NFC_CMD_DEP_LINK_UP(r6, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r3, @ANYRES16, @ANYRESHEX=r4], 0x24}}, 0x4040010)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000400)='/dev/video16\x00', 0x40241, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/nfs/parameters/nfs_mountpoint_expiry_timeout\x00', 0xa001, 0x0)
sendto$auto(r6, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16, @ANYBLOB="01002abd7000fbdbdf250200006714000180"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x24040004)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)

8m22.879597426s ago: executing program 3 (id=3876):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0xc08c5332, 0x38) (async)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x20802, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000840)={{@raw=0x8, 0x7, 0xba28, 0x0, "708c58271a7985a7704331f78af8d149fc53d81fd4a7553c2ff48b48a8a57689adcc1ca6d2cbfa93b50590c9", @raw=0x6}, 0x0, @bytes=@data_ptr=0x0, "fa491e08108961dd5708680f1134935851612a52d629535f54f3832490fc4e7f79daef312b3df3307044713a4801d409aefe3f932f78fc311771094e769c0095f94ee6d74f2517f34a0bbbf502bf3392ac4d93bde5f733ba936c0890312cf035bc44117db9b683eedc5e02a703fc82750d8d6ebac0c3019ef8e6c1eecea33a59"}) (async)
r1 = open(&(0x7f0000000800)='./file0\x00', 0x6041, 0x0) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (rerun: 32)
r2 = socket(0x15, 0x5, 0x0)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r2, 0x1, 0x46, 0x0, 0x94) (async)
r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r1)
sendmsg$auto_TIPC_NL_MON_SET(r1, &(0x7f0000000580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000100)={0x408, r3, 0x10, 0x70bd2c, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x3f4, 0x2, 0x0, 0x1, [@nested={0x27a, 0x25, 0x0, 0x1, [@generic="db38e1887e73dec88ccb98edd8fe879ad3013f8d0d9af61bc3ed429067835dcb66ae48f402e3728d35ac29afb920211f35a3973fba77abd1d545053948143ca082e81e6b087ef5fb07b64cdc229ce7d57679bfa102d4ada20acdb1fd790ffa4d6c0ad5b84083dc3cb4e8fde2b66668aba7f0f381718a1ef52b42cf28a6f1a60643c3107eccfd8f7dba726d90fb1b55c58ea8da5a18222d614d6d030cd93dd6e2bfe8a90d8119e012509d6dba51476e34c7707fba22e467c4c531913fadf4ef17761f58987968fc6b43ba1a6ed4068db8cd22544fb05273d497a94e71d16688f107590b5e7fb931dd31733f85faa31e5cef032614c9c9113e34b710", @generic="d253cd6879ceeac563a7e1ef864d05a7f61b5c56084fd75c217d21bf807075099c1172a104c92d4367025446d82df7bef3b8876d396b85f979a9cc1a2ca892586f8027e45b", @nested={0x4, 0xa3}, @typed={0x4, 0x8f}, @generic="dcbc7fa8d9dd293513a496b061aedf21ab84f8c297f06db4976edf073f76f2b8b685de9adb17d086f38b663c31547f51d639a22d53ed3150152c01d644b34971f5ac9b5f1652a0e2d40e1573319d1c8c55f887f410a4ef1cd51f5d4de9d4a52a368b24cd1f6532c517905c3ac17874282dfbc1cb650e3811f64af414988d1bc5f28250dcfe2aaadabab81a76a0ea6a67adb874e919082e70f3bdaa596a9a8ee91e3c07f1b2e64c5ffe7d3ce04a1db3dc9d7029f5412b54dc42cd1cf3bcb534bd186306e16667b5", @nested={0x4, 0x3a}, @generic="0f470f4dc17dd78d3a126f9e496f7a8552a38454ec67cbfd684f9ce531aa077328cc5f3af38dd0f9ca50376510fa2774113adb77c8c2fc400ec81b498c43d0f9ec235535fd33bf7946cff478faa50a7da360c11d98286195285c", @nested={0x4, 0x139}, @generic=':', @nested={0x4, 0xce}]}, @nested={0x4a, 0x6f, 0x0, 0x1, [@nested={0x4, 0x40}, @typed={0x4, 0x123}, @generic="5a5d08e7b8032b677fb8eb3e798dc9f58cf28463dbf030ee52a96dccdc69ff2b8cf848bec4f4b476cd2a5057c6f503f91a7f0d6077fba0d8ce55599df62a"]}, @generic="bdead43a352afbf608a25e3e9698965c3bf0fa4a6e02df6db3b734da3c4c3f173b96b04309db349555e53344a08b82869448649c337c3e3984681381b8b909b47905313a1ecad1c86bd0f70dae551753ad409a83eb562058863d6d1ba595d0bb4bedd15f0db3b0cde577cfabd34e32fb832dbb277700b3085ffef31eb349bd8d6ab0f197e1bd0db8332e3fde1a2b84", @generic="ac40854bdecd7bee5630b62ac2f6267dcaaef3657c6a5d287b5df9094f46376d3d624c970c8fec49b8e6a17912e4d9418aa60a36d2fac4e8ad28c44de96e23ea58aab956f28e6ccd7afa45a11e853a20a37a5f4856092cf3bc9f0e61065d32f591d1022223d84cd69af316ef9e6aae61d0450304e17d6a168f08dfc2a2edca7e6249626325bdc26eb1964f8ce38b71d47e160f6184304ab1e2"]}]}, 0x408}, 0x1, 0x0, 0x0, 0x4000054}, 0x400c041) (async, rerun: 64)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/status\x00', 0x0, 0x0) (rerun: 64)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)=""/37, 0x25)
fcntl$auto(0x8000000000000001, 0x24, 0x8)

8m21.887534019s ago: executing program 3 (id=3878):
r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/stat\x00', 0x8c40, 0x0)
read$auto_proc_single_file_operations_base(r0, &(0x7f0000000080)=""/119, 0x77)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000000)={0x23, 0x3, 0x8504, 0x5, 0x7fc, 0x7fb, &(0x7f0000000080)})
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, 0x0, 0x800)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000340), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, 0x0})
fanotify_init$auto(0x602, 0x1)
r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_QSTATS_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x1c00, 0x0, 0x80}, 0x8000)
r4 = open(0x0, 0x12ba7e, 0x45)
openat$auto_bsg_fops_bsg(0xffffffffffffff9c, 0x0, 0x40, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000)
madvise$auto(0x0, 0x200007, 0x19)
io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, <r5=>0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}})
syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex_wake$auto(0x0, 0x5, 0x4, 0xa)
futex_wake$auto(&(0x7f0000000000), 0xfffffffffffffff8, 0xfff, 0x7f)
r6 = pidfd_getfd$auto(r5, r3, 0x2e9edc0d)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4)
sendmsg$auto_NL80211_CMD_GET_SCAN(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)={0x4ac, r7, 0x102, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_PMKID={0xbd, 0x55, "13e1a4289eb497039320a56260f6acc3545975a8bf610a43fd65d01da5b759dd35bbe46c88759d66cbe0a01e2dda5b5f1ee36ed1db9f0912aa4f6725edf86eaeacc533824cd06537895c792ffcf5093210ea01954e7b64bf924f8ba034233cbb9e3a4d5ad3d43f9aa6fd84179968bf4d88a35ad56d56434bcd3f1c00da948c770629c178f60c7069a20857344e42723db874bbcf0c56064e796e8822e836a21782f66f6bfea19ba02e6cb7826fbde846053531db123b5a81c5"}, @NL80211_ATTR_FTM_RESPONDER={0x22c, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x18, 0x3, "8f17ee5fd3ce90dca4809f9a1a29f64e05be5bd8"}, @NL80211_FTM_RESP_ATTR_LCI={0x42, 0x2, "8457d30f055f4b475c840cd70c231ec4abc0f7cc1998df9e5cac2c08ef14dd896582156f0424731728a5d2316e3049ccc4fc615c2506f6e469dc496c4883"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x100, 0x3, "88174421326d4c4c58e6fbd4e67f7af65efa8412004540be1102ccf623388b1bb17ed174809e6f073c8c322e6e72d1d490ff117665443575a3132e978f0e4e83d83581e782566942613630d2e77a0ca272954172bd5c976d7253c1f58a97b4d35a47461f802c8708130a836308b3e1f81c0c62d18141f92e0714807f95dd358059a38462210c457723a5805e2a22d8d195f5fb6baa484416d6d81a63f3f776e6ba5325768076623f8f26aadb2b9df8cae7cb9834f49e8832e5899251513ae244cc666477d27c3391e7945fd0614af5291660d7629bc3289213ad7e0e92c1a4c6aa4f9dba2a076fb1fb46108ff81c1faeae43b515a34b6da909ba33b4"}, @NL80211_FTM_RESP_ATTR_LCI={0xc4, 0x2, "3c77e14b41c3f06a002b1d5126cd82f3e95ded099139db6ba9d4b6a30ec60f5c7cef9e389008ffe761af14f29efc56a7702917a10227e1ee92241b36252e05a8d0d7708733db7331d34ee8eb843fbca20a5d20bd352202545eac43da2a85e0661c11c76f42bcda79aeedf94661988dca92f0e66311648c397f5812e6f2e21ea1b04de5018b7e93b5b4a2d299d4bba6fe583761a6eb74a7bc19c6ea706174efcb68c1ed941255f3d9f4f7806e7d107ccb1c83f1e00447e75bf81d9ddbb13ea29b"}]}, @NL80211_ATTR_HE_OBSS_PD={0x11c, 0x117, 0x0, 0x1, [@NL80211_HE_OBSS_PD_ATTR_SR_CTRL={0x5, 0x6, 0x7}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0x72, 0x4, "1c61fe9e17ce8e4a91fa5f473bea9ef645ee678d7e1d78f84adbda39678c1afdd6ff8d9fc6b02a124615fcb40111ed88506ea38bc571393e0fc46784180798fbee224de60f2facec141d3f666291460a1a12814db9f50f56cc1313eb8374a595716afe3848b326ac764ec4024d8b"}, @NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET={0x5, 0x1, 0x3}, @NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET={0x5, 0x2, 0x4}, @NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP={0x8b, 0x4, "62a538bfe4749b84ded577a96d151b1ed73bdd273939240af267625285814489d09ce77914f7df6a024a315fed9f9d96bba8f229e676f2f39407f4835aa49fac2a44c2f155720a3d8e80afa0a30721a47aa494d38ce2f7b56289c5595a076616e8648bab53c8c4579c4c480af9f40eca4a63acff96f7bda1731ce68529f51621ed4159bd75ab09"}]}, @NL80211_ATTR_MAC_MASK={0x82, 0xd7, "fc41f1671b26f05ab2e533e20c1cc681f17114efdf052fffb0e7037c3c6526387af14d22dd2de094e8f5af76bb36f836dc16ac1b83db2bccfbeb84cc8dd5b7acb7707aa1152b7d17c9fe556f9c2dbfff5c4cb7b41c7762b1a5ad7b14476cb00fc841d0455a25927a18f1d647b06ac87e60ba91f77403e77083484620ee1f"}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x20000}]}, 0x4ac}, 0x1, 0x0, 0x0, 0x4008008}, 0x4)

8m13.399062431s ago: executing program 3 (id=3897):
rseq$auto(0x0, 0x48000, 0x0, 0x6)
madvise$auto(0x1, 0xffffffffffff0006, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x11, 0x80003, 0x200300)
mmap$auto(0x800000000, 0x7f, 0xcf8d, 0xeb1, 0xfffffffffffffffa, 0xbc1)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\xa5$\x03\xcb\x12\xfa\b\x1c\tk', 0x81)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
setresuid$auto(r2, r3, r2)
r4 = getuid()
sendmsg$auto_IPVS_CMD_SET_DEST(r1, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x1984, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x110, 0x3, 0x0, 0x1, [@generic="c66beb3f2a0e3790682f598737c232e0b0aa95309a31a08d8ea316e94de2a7acfc81958a2076ab2a88d4c48eb63a48b3764fb1501e1a344b5a0f79c9ee0b8746e0c5ce613f89434f22da6aa9f39ea73ec033176b0e6a68db079468ce68e1e2081337ebe3dfa73308ab0cf25ca7d042086e", @generic="546e22971cb1747508ab82f87e8c385e11bb4f363a10cf528951f12be11873d71ac66c2439bea20f8fdb3160e230653f372cb75df4ddc7bf2c082ed2652867e3ae6face10a07f21f101e35368ae7e8c22fcbca5f52b04c5a0e60d863c4dd8545a362d83b5268d1bc239e1ed960aeed91ef2395302eb4180f991111b8d399ecb7b960d5acf3f1a2a51356956dcd8c81a579ef7a", @typed={0x8, 0x54, 0x0, 0x0, @uid=r3}]}, @IPVS_CMD_ATTR_DAEMON={0x279, 0x3, 0x0, 0x1, [@generic="392cb7cdb8e721776f23824c45c93e30c188cbc4f4eb88e342af7d565158141da04c76a954eff8b8777c94f294a414e80cea8af83132fbe33b302bbedb9860b3bd6b8b88e9dc51f327d70ab7e6ed4a09595ff9bdf4fb3dd447ac75ad7ab5ecd665cd7a01e3b5faefc40dc693b011fc23f0d4a22326812d66e5edb29de7f2c4bdd1e5535c9807df832c5a8c88e435141b504938c475df78b82428ed0a52aac437b829cec6f50841eb0e991dd3ef9273d3a2fdec0783350f34cc28480f4024b4", @typed={0x4, 0x148}, @generic="6a38a29a0f57a48efaceec66175dc94f88861dc4ebbcd2b7820817b711d0a646d8ea060748cbd919481b516cb38ef98ff7f25c15cb422b5b00bb0e289f7078410607d9b3180469b99ccb4ff4be0e6b9abbd5a46e13e3e715b3959ff74ad397fc0597b5e13a398a1de2d63699a45985b1e1e67aeed0a2de92d09f3a3f6ac3f430a969ebc345fd4a111a6244166f27aaf922a1b1386bf44b25501e11557e0f65a62e6c4baeb0946d88431d764ff49a788e4b5a97351729e5dd85b1443551a03cb8245dcee3b524b97f67227cae7b622a3bf68dd9eb7010022b41d9932f4e3ef0e71f84452a703c", @typed={0x4, 0x89}, @nested={0xc5, 0x57, 0x0, 0x1, [@generic="4ce774fb7dce0e7ef82ea5977582d965782eef448babb88e95aab16626eeff8dba6b0d96bd857d1621a85a38726d62519d6a31fef67c1ae87e9beab73a78e0486dfbbaf6c120ff23c33cdc6de5520df63eaf8fff4eacf4551118cf9307123b1e999e8d2687e437b08503da28b717b050cb9350085886b4c21f47f99ba236919cef6988ce0bc8a470fe0b73822d5c6036a4aa6675b9349caf89dfae586b82ed66a624f4d88ed4cd7563ae932c06f3a416a09da84ce405d70f0af4098284", @nested={0x4, 0x149}]}]}, @IPVS_CMD_ATTR_DAEMON={0x167, 0x3, 0x0, 0x1, [@generic="0718e15771d9629bc66b849af04bcde6ade44ad8b7860de43b1556b59a8629df6b2b0d5a4cedc82bbefec49ed7f18aabdade8ed97f3aff5ab96bc33333ac5654c7f827d75a96622d43c1e7beba9ddb57a7a769b398c3e0406ee91f50bdc683c2acf9a557a25006b31b2edb705969d5d37966ca1ec42928a34f79a76ba6cb4992b0fe5ad3ea0d7a2a96c2d81df5a70596531df91c995b6c6ee11e1b8e2f0009567044a98ffcefc155a92000a11db798966c6a5074d72076ae4089939593a667", @typed={0x8, 0xdc, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x9c, 0x14f, 0x0, 0x0, @binary="4b491340265c798a0b098b2373c5bf36458f319da88651da28c62ebb3b71b46379ba646af3c4236b46a4dcc148f0dae2c1e1fc620f732bb50a1833439b87498a45c08d254c29b6c232d23468ea0c051c4ae243c3014936bd4cf46f2bd09be263a34c4a1e350c08b391b7633f1db48c9f977290200216627b0d475f49540812c4587eb77497a60deb5ad3e94347c8121f315608a396e737bf"}]}, @IPVS_CMD_ATTR_SERVICE={0x1a4, 0x1, 0x0, 0x1, [@nested={0x192, 0x52, 0x0, 0x1, [@typed={0xd, 0x150, 0x0, 0x0, @str='+$(,\'[-/\x00'}, @generic="080d1b1ce96b17ed2ec926a61e971c8e1b8e63f3bb21ca9462e66a5c56bb60657a0173de00a221275604ceea9a09ebdc6808962b74c3dea862cd06da94aa3c2b525c4f5ec0fa06b092eec2d3f9c89a5ffca6e2ee7419a2e2804ce37e5bb8aeff1bf1f506e32dac3a516d813146fc4e65ef3d5d99b41d922bc44dcff32566f8e2b1427b8cf34daa9ac0a602de4dba984950d5e8d9a2e6df0931f9463bda8febe627c62071fe741abfb2c514af3d823df290974007bad66993ef9fd123b7a3d830dc18a7bf658dbbcfa4aca0c954ac4d34870ca32a", @generic="eb1854caed38e7d0de4b843a995d2ff02a0a3fb2a23588d94158d08da47f477bb7b50527ffb4107fe1a9c900505ec57d9d449362768b6f7407f359cbe29fac181092866c77acd1b34b698be7ccc88e9b305f81ab9485f90ada0de5a83e279352208229eedc65c4a0aeb586fd3e310a17fca17f666247038c5b47e18b4f68166b4b5922eab2954f72ba609ec499870b850c32f52303f409f93792b1849c6e14c19008", @typed={0x8, 0x143, 0x0, 0x0, @pid=0xffffffffffffffff}]}, @typed={0xc, 0x7f, 0x0, 0x0, @u64=0x5}]}, @IPVS_CMD_ATTR_DAEMON={0x12d8, 0x3, 0x0, 0x1, [@typed={0x4, 0xe2}, @typed={0x8, 0xa9, 0x0, 0x0, @ipv4=@multicast1}, @nested={0xc0, 0x7a, 0x0, 0x1, [@typed={0x9d, 0xf5, 0x0, 0x0, @binary="bd0265d07628bf8d040d96accf71f72f784a0eec607c14965a442566cf9c8b1d2969ba47a210c0a88e495c672ed51f4cd179d3a307fa55c317ff5a2f127868fd981e61a65d491f508687da2a88aba0cb1097efb2195fb7128f91f528898d5899af115f6be3150a0063c7b7d8b45b8fa834050e9bf2e62180edeb7bd1188586abf368096a1526e5f6c6542a956766d8946862fd75bb80039915"}, @typed={0x8, 0x3b, 0x0, 0x0, @uid=r4}, @typed={0xc, 0x2d, 0x0, 0x0, @u64=0x4}, @typed={0x8, 0xf1, 0x0, 0x0, @ipv4=@remote}]}, @generic="b6139038e4fdce5ddcf388cd5f90f11c6b90709e3d259740999d1240a40c2c1ea45401d985335d4c8d5bd1c49aa4cf962660bf64239adb398e581e21c27f3407ebe46767ba47056124b0d34086458fa17ffff5bb82b3e449dbb9bbbcd0736ea2f99ae96cc8b0e311808d7a708e4562e82311d3eba8441640dec7331919c4fc26512ed7d6df28d8b3c1af7abb4bcf66597f2e105a6ca41deaabbc9bd4401440166aed608d9de878c1aa8de36e9dd78614eb30e197662f75f3b8672f92c32a8929cab605dc6dcbee34449d21d491951f81f775dafdfd461a30905b0d578200699e32d774ca2f7d59e1", @typed={0xfc, 0x13f, 0x0, 0x0, @binary="db486f09c482f24bc4a713e6a66c6998f930e62994b93f3e57870d8c9a4c6302f2449b92f763fe0dd99285151f609a6ad5cfd61cdd08b2d4d0ac25706ce50a81dd7358d0bd76b90377d8eea1f8871d71a6198c441194d577d5e7634ece8969678f363684d04f2de2e5bf33c55a6f3efe61cd469f2e6f23757c6de77ca783ba2e8bb7a48ac5b3fc5af355789d408f53bc8466477b1054eff3a71dd293d220a0ce065772e69f222b8e52a6148bbf4eca9c78950dd8314dcd5b7dce5e9c7e98c280d96e614c65b1883931b4d7e043fda84a94ff4ed79a16b14fe349b163545361a6a87e63dde75efcd8e6202715aa81033397ac58799c737118"}, @typed={0x8, 0xdf, 0x0, 0x0, @u32=0x9}, @generic="29a3ceb07974d9a9d7418bfb3e7c0ed2412d6292e39f4f3942d86d08d695e5fe40903b082e11b2b59ff5cc2fd790dfb509de0ed566a11b98edec6584294ec4119d6aeaf9a9b7f23ebf97f61c120704250676455edd6de4a0036277d019625fc14d645d931277581d8d72d7db9e55cb0d7c23f80ddf3c41b0c782a98b8cd0a95d3f61e90431e6977897ffc3ec9efefff476565fa0d5d32e76b173db24bd7739885b160cb897977363b2d4e248938bb50a4d4f5cdfe891ed0a9ecfeb70583768058b30bc80e2d9df22167e949dfaf216e8518eaa3f2c9ece2fca14e07002922b2a41ce8131248d611948a84c79a644badc6fd7b59603353748b12d98fd310fd873d0ebeb252df660a53c1198b294ee3662555919c269e1a46c6d02cbb4c6f581ea400d1b96d780c023cad8f8efff4c6fe2fb86aa6c98891f09389f5e6b62af04a9e58738ef191eb9ad49ab2fe93793f1bdece5daf4be2ba93e0367abddc27e719d1e365d6ef296ac23f88b70046a66c561b49200ef8a757666f71ff7edfbfff035e24cfa14eae8ee168174a71af871da2a3bb3bab9c2a89f9aef70ee64e4251b719b8fe3a3b16aa9a64b99d62af347e0a117914c9189e7c555497107a7a202cab46b1a95fb0e58b563860bb66718dbf1969142d5474696d63a156bf632dd8a45d26db8d62650818dc1d6e8e673422333fa30984167d147b9ef6ceebcd839f40e575405e58dc8510393c5808b347bcad2584c3f4d378adf7e9ad7f1e978f5919680f754a7f05d7f92f34fb7b32f0919562793be70f97d357d990aeaff0d99814fa379a8df23080cfb37611e6780e348e2071c490aa06c50bcf3bfe754ed3e02821a61bb96536897d581808f63ea59d051b2ca80c9400e42d0eefb66934799506406f2f09a2f013d2a155bc44ecf7ddab4fa13f12160b60681dc03e6f8d169bd83789425ad6470b4e75e32e68c006be94a22e8e0edc110960bad08c269f08d52082d0575245e08e10452c8204da6fd6d0f46d8642775384f087ce530974237c13930f87a46062ddd0e6e3ad8579530dd7ebc29cc58acf97ff73f35b20ca4ea7cab8e113d51d9ff44aa6bc44e365064effe5ba6b0e5ce1fb55ba162b0f1e46ce3d05d8909bf2f10690195196b8ee36b0c7ae80fa194d38f2baf5d072f27b6c1354397f514f09586de4fc5425764a552545dbf7b2e3ee2594054ac64fa1c988fbbbbb3f3076f3796cdf5f8055799e8db7464d8737a7e00340c0342834b4429dfdabb91c0e516a1c1cf669bc6f355939309325f8d9c5c32b9204763b4ba2fb07e81849a814be03a7e70b4ca8832cf2f645a7a705e6f1a6b901af3ebc5dec34f7fdc866859454fe058bdba043979c7d45653b4bdbf0664afd47f47fc71c00e49a5eda2f292d379125e27658af18c4a8fb312eb74e4b23308afcd78fede283d3cbb4c4e1a4c0d700a16a32542d90bdcffebcb1dc21f5ecedbc0c499f3ddccf5d8522ea46a753cacf327d418e2ac181709bf5d79619f5e5105c5e6a41700109d6b6db0dfe7a0e5c8e4541ced8645eea369d9f42f7430377cc1dd3fcebbb3fe2f9e9a60abb1c560bc06345cd3192cf02e9863611408f3403ff9171568cce9eed08e7a72f55c2c1b6adb80c70053f9377a4d4336024f5030de94d73e687086c501ee14e3adac076cc0643fb457a9821b3a12f96189a1e48bec4d8a3b6373b2dc1f0e32e775db2bf5c28202659c737a28c81d20d18f51e922865d2328abb56accc16024ba59a6ad5a3565ecff94a3c0c08f8c235ae7b6e3b3332f18df046970e95db34d368b809a9117a4bd962babe46a28a826056e37fa3ace81a121502e0543fb6952f4f9233844bdd7bcc51662142b72f34562747dce9db2e5423051fd12435a4fcbf98e72dbe5657ee3d454def058a5ce49ec6d08b4f991c1634b5c223852928ee6848341b282107c0587ab930aea4e938e99bc5162aa2fdcbb90fd35ca1dd49b7b33be9e12b2704f6319aa813878d23b9bf55a05fdc1eef9072f24088320ed3c8287cdf86440c665722603aac8eb6b534271a328db464f1aa49360bca39eb4caceb5157da853c3831a7f3369cb4bc5fa8396bfe955aaf5f78f06a820bfbe52a7f7dc624f36ffc4472d89c472a9bf5f556a5719e643098cee863462495def710e0ea8f56801c4edb29fccaa8c9b4019c20dc7a7e9f0b4fca7bfb081f189a8b9a885ad6ec77c4a1a263f5b2589a7cc1851bd07b1b92a9cf4915604c18822227418e0e754075048b0100ca8ba428a5cd30e62b66d72240fee144b5cd232062d95601a9706b9162503a865888e362d15527d590347a29f805dd1409f7b885f00c2a1c13203328e0e9d56b1d473aa4ee22794f8f5945dfc63b836360730ab92d6e340ec7addfbebc5a54316f4b56af6268ac731b2fbfe2fe001a3a541e2b7a9f78a05b4ed226889984d837678ad8dadd236182be2bd08bde84dda98834c1d589bda406c78f2ec04c08675be8f5aa157390b95ddfa2bb38015939b8595fa4a38aaad733817042153046ecba2dddde46598026a70974ad9f4ee1278ee03405c69bb4f4ba983a3d3deb237ff0d5b23fc1a51c5da7915fe58ea03a73d4fea109056682d3d0b16ad5e135f02e191eba78148b1ae9873c79e38ba8477c8f010112a2ce8102045ed3707033cb4abab7707b79d2fd6bc6689cf01f3e4a7a4c9b6b69379297fa47153277fe75c581a9657018fb4d2f3080336b0d2d041f4e08602d185eea932f28d8667704362e29c0a8be6210437a42c2d598391f47d87088e7317edbc88b5704cb4f3ae81405c072b50d5eca1f88b189e703f8513b874091474ad78ab826db24bea80d0bb2e37b0f3420484952ad77535c77ef0adf3ba8da4e397ddc245768e1cabf28ff3467b06c18940c236a3fef0e5dc3fe067a21e135f039a80831a63d11f8514f32cb7712df7226d0ba72eb5d2e2686cf87dd3a9c606b57be2ba6cf9bdb6dc653557ae4ad4c7135db94fb6bd979425fdf168a04e8815f4350571b9c0bc416830a0fda83717959a9dad6b45aa1de8ecd728bc00e3735b2d69915f57d85c69d5504c4b0e0be6ffef405e60927a3cab230c511cdbeeaf1e58e024b228ead3f0583d001a8052008840455be2c1b795a9fbf98c7f32772ef9ddbeec4e9998bfc4331299b7f725ed911da945030e050f749357932ede119da7a6d934ec64994d4ba2a3ce94b10e25dd871ffc5ad21665a7e0487d3374646eb824ed975a796ac3ef12c269b65236d1825a4d8e044c0ca74018aa2270f5ea2048a341eabac0a9b2de0745c878b426958b0d914753b9328fb3dd8ed2db799209b0443fc5a7826f224bd55471b9034967566056d31cc602d6b7e28fe54aeb49d06ac25e9564fd29f6ae994650f6d76cf166f2d89b9e742430548b41248e0f20251bd6f60668ba9053a18bbfb5daf300f1ce7f2984e224315171672d3a4ff34c5ad1107f96c78dcf8652598220b11fbc809ac6da28d661c05d9a8e90f884924942119a6b7143f2e2fc83e103fdc833dd22a601945b1c2555ff489335057e5f9cefa348b1236e82b277629b133ef087f8a7f5a9368d07df6c9d83fb75730f88919428af0d0da58dc5a4ec0f508cdf16106ff99e45f1cefea6971c72a4b6e63e5bc54599480916babd585c34c62b62cdfc15701d90e2e245d948231e8c5880ecbd3a0a39853cc9c06b7d7934ad4901122a864cb5c8d5ef7ef7a4eac9c502647490ee4bee3e191893541e82aa71822cc5f20b59ab84953962ee0fd3ee79aef314ebccf400735bb5014543b6697e6edcff3c184788e19e351e8c72bc0d843d8984b906a64a62e3f0dce2e72dd69c85e999c8136e2fcacf4c852564ab504beac0ffa7d274d0cb4ce2961e01c5cb2e8da0bca9dedcae47d7b6ee10cae95a09bffdaca7394f0f92f3b3f481bed599df801489469cdee3a611b5e9be5e9a6fed2f1ade361700d6cde9b6f1b35df5c1fb8ff361881ad56d0bf0cf5c226ea0e59cd0be5744094cb78b948b67be6bcb2e0c5cae0b2bede2efde4b181cc931ecb3c7f50a736ba4bc4a527c477c9224eac6ed21098f129bc22936e00fe026135ec2b2e1bd6680e2aa3a4c234f5a41e7b7ac327c549a461348987c4266253a94362ccce27816e63bae9a953e55e215cc1618b6f1631aaa77d98548c615e790f920443c59e86f09ed5c874d8920a440d847117f3e40d2eb0f67fd1d7faaf2b299c9bdbce771326933d5cdc52fcc767bd3fdf2a141c22cf00ec44d6b6ac106c7738c07efbc9dc1e1c4b5d3b5b0914742b155a910e3b2fe9e75b979937518e446f32603d42e7460e417ac5e7a6d9f846f11b81c8f9e4fd65ed1dddbfea34b764f4eeb85b980223ca49ab540df4fe2b259a550a3e264049c79ea0ae013a8bae16706ff01348abb4afacf3593124dcdcb942bcdfff1b77c021b614df2d7595cb41a161f5f3afca99b243a4acf37db6dd4851222ae4e92f7ced57a81f02b1b22f5f15e5a5c6318bbb05f8bac91a292fc237e97c9fc572fb0752b57593f7d78842e2a38eba37137de2155b5b05fc2118781650a2ece8d3d6c12f555a2255d3d0718492ba10d13e3b2d1c036fda5163612fe1134433b40e8ad633dc3de5a62fe91bb854ec176a09556adf9e40e38a8206b064a7ddc0b75cbbcdad9284d9671eace1eb9febfd9e699676c0444c01b5c8451facc73c9c288bdc83c735247772ec6f2c4e81a6103074f9ef7a9d3a1a927e13a6978151919135a3ccb1b8148fc17953df37c43005962e011abd6c9fa9dd4c69c3ba03c9fde82481402e6d9b2dca5c8368b292f9abb2f0c96b31a1c371bdc8d4b0f110fd81bef2d5e32b5f9a855bf0637904325f7be7f0de93cd722320c85b783e060bd8c66b81224e79e427b8bdcbaafc6556a4a90f161a31b19e8a1abbcc5f5175215ffd8c47ac6f1bc17dee73fd1f1ad94c3cce0af4ba3edf5a08fee48ac9749ff01d7d38a687ef9e509cf79e87c5b4d934761101eb8ff939fec5e7498b7e1a7879c67786804af0024d26a56ffbe08fc006ac219645e3ac5c736b09a20918f0ef601103e17276c537b6c41dd9a07770494963186aafaf0316f491f0ca6fb3d6e98e60d0244c97c8e056e200d13e8e801dd051c08d6b11b1e90d154feada9dc7fa5d2ec103d15deb0218f428e13ecabe22fc63f730df6a8f81a93382c49454da59ce14b2a597ee3f584f8f736bf27049a5dfc95929c116a03cc6a3a87a4a2b8913694c9da2384a96227e20245b53f98eae65fbec1f1745c1eb6d3d68ed8a98543f2236a3c486e64be7d67db790518790f2d727539d56e16ea2b06e615c2ada677c0b7721a72a61979677691bb0a6aa289a75a5d3bec4519de84919a710ce5a0d9e45c44b940ce2d2beaf82bdbed1de60cdf7340d8af472504b5d5312c68873f6e072f395057d070301b695b0dd727a9d939980e2322caf92c8a79115814ac058939d8d2716e575e2df54ea3810b38b6c3bd595dae989a76757314a6c92e7fef327fb91092d4928bf447de68c5e87bc8967e65acd3a9a581e3f4e2ab9f1364e77856f989c831d6321c4b610a66f33c0936c0fee55379f8758cc826a11e18f9917cb07716a9ecd9dd86841567511de29535d436ed2bba352f7f2c2280d60c517b3826863e400a057643f869b07c560e35af728dde9948de217fdab482b70750288a1f068e646634a0cce4d45ca61cfa3dea9cb776f2275ce3f19b998316728d4a034634c0164d102cb720001d762bbcabf5442eed361be3ea47138ca3e7a0e3343922de4b055376", @generic="94bc71fe5a34d432d30fe89bfbbd66d0ab58a4ba6e71a9da116b988b"]}]}, 0x1984}, 0x1, 0x0, 0x0, 0x2004c005}, 0x4040000)
fstatfs$auto(0xffffffffffffffff, 0x0)
unshare$auto(0x400)

8m6.932218404s ago: executing program 3 (id=3912):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x40)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='>'], 0x1ac}, 0x1, 0x8100000000000000, 0x0, 0x40855}, 0x8092)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x7, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x7, 0x1}, 0x5}, 0x3, 0x0)

8m4.158027416s ago: executing program 3 (id=3920):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xe, 0xffffffffffffffff, 0xebd, 0xfffffffffffffffa, 0xffffffffffffff00)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="54000001", @ANYRES16=r0, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x60301, 0x0)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4000}, 0x40010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x2000800)

7m49.041585976s ago: executing program 34 (id=3920):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xe, 0xffffffffffffffff, 0xebd, 0xfffffffffffffffa, 0xffffffffffffff00)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x8, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="54000001", @ANYRES16=r0, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084)
madvise$auto(0x0, 0x200007, 0x2)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x60301, 0x0)
mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000)
socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYRES32=r1, @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4000}, 0x40010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x2000800)

11.257647708s ago: executing program 1 (id=5547):
close_range$auto(0x2, 0x8, 0x0)
r0 = pipe$auto(&(0x7f0000000500)=<r1=>0xffffffffffffffff)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x4810)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/rndis_host/uevent\x00', 0x100000, 0x0)
pipe2$auto(&(0x7f0000000100)=r1, 0x1)
r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r2, &(0x7f0000000040)=""/73, 0x49)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
r4 = socket(0xa, 0x1, 0x84)
r5 = openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/free_buffer\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x65, 0x7, 0x800000be, r5, 0x8001)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000b80), r6)
sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYRES16=r0, @ANYRES16, @ANYRESHEX], 0x1c}, 0x1, 0x0, 0x0, 0x81}, 0x40040)
io_setup$auto(0x7ffe, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0)
ioctl$auto_FICLONE(r7, 0x40049409, r7)
unshare$auto(0x40000080)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'wlan1\x00'})
sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, 0x0, 0x4040080)
r8 = socket(0x80000000000000a, 0x2, 0x0)
getsockopt$auto(r8, 0x88, 0x69, 0x0, 0x0)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0xc, 0x4000000000df, 0x100000044eb2, 0x10006, 0x300000000000)
madvise$auto(0x1000, 0x400050, 0x9)
setsockopt$auto(r4, 0x0, 0x40, 0x0, 0x10000)

9.774542626s ago: executing program 6 (id=5556):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0x10, 0x3, 0x6)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x84)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x0)
r3 = openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
mmap$auto(0x0, 0xf, 0xe2, 0x9b72, r2, 0xb4)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x3c8082, 0x0)
openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/options/hex\x00', 0x121082, 0x0)
capget$auto(&(0x7f00000000c0)={0x0, 0xffffffffffffffff}, &(0x7f0000000140)={0x72c, 0x61a, 0x1})
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0)
read$auto(r4, 0x0, 0x1ff)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x710e}, 0x8)
read$auto_o2hb_debug_fops_heartbeat(r3, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f00000007c0)='ns/time\x00')

9.104509246s ago: executing program 6 (id=5558):
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009", 0x791)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x80000011, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
open(0x0, 0x10840, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r1)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0xfffffffe)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
socket(0xa, 0x5, 0x84)
close_range$auto(0x2, 0x8, 0x0)

7.897529955s ago: executing program 5 (id=5561):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x9e7, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x0)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bus/usb/036/001\x00', 0x10000, 0x0)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000)
ioctl$auto(0x3, 0x8108551b, 0x1)
ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/025/001\x00', 0x8901, 0x0)
syz_clone(0x20120011, 0x0, 0x0, 0x0, 0x0, 0x0)
msgsnd$auto(0x2770, 0x0, 0x8c, 0x6)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000240)="eb9c400964e12b144560")
close_range$auto(0x2, 0x8, 0x0)
r1 = io_uring_setup$auto(0x4, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x123002, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x10000, 0x2020005, 0x6, 0xeb1, 0xfffffffffffffffa, 0x7ffd)
syz_clone(0xc0004280, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x100, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
io_uring_setup$auto(0x59, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0xfffffffffffffffd, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0x8b5, 0x9, 0x2, 0x4000000000000d]}, 0x0)
ioctl$auto_SNDCTL_DSP_GETISPACE(r2, 0x8010500d, &(0x7f0000000180))
r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/timer_list\x00', 0x28000, 0x0)
pread64$auto(r3, 0x0, 0x0, 0x270)
read$auto_proc_mountinfo_operations_mnt_namespace(r1, &(0x7f0000000100)=""/57, 0x39)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/admmidi2\x00', 0x30880, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4040080}, 0x0)
getpid()

7.89446495s ago: executing program 6 (id=5562):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0)
listen$auto(0x3, 0x81)
r2 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fcntl$auto_F_NOTIFY(r2, 0x402, 0x9000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
fsopen$auto(0x0, 0x1)
prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
mmap$auto(0x2, 0xffffffbffffffffd, 0x4000000000df, 0x1c, r1, 0x300000000000)
socket(0x1d, 0x3, 0x1)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r5, 0x1, 0x70bd25, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

7.822250635s ago: executing program 1 (id=5563):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x1, 0xd, 0xfffffffffffffffb, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYRES64=0x0, @ANYRES16=r1, @ANYRESHEX=0x0], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x40870)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
write$auto(0x3, 0x0, 0x5c8)
mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0)
mremap$auto(0x0, 0x6, 0x2, 0x3, 0x7fffffffb000)
socket(0x2, 0x2, 0x0)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100f9020000fbdbdf250100000008000b00ac141420080001"], 0x24}, 0x1, 0x0, 0x0, 0x14}, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = socket(0x11, 0xa, 0x9)
socket(0xa, 0x2, 0x3b)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC0\x00', 0x880, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0)
socket(0xa, 0x2, 0x0)
openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000080), 0x840, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0x10, 0x2, 0x4)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x19, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r2, @ANYRES8], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x24000000)
write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef)

6.184422391s ago: executing program 1 (id=5566):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/fuse/parameters/max_user_bgreq\x00', 0xd2481, 0x0)
r0 = socket(0x15, 0x5, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
prctl$auto(0x1000000003b, 0x81, 0x4, 0x8000000000000000, 0xe22b)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x1c, 0x2, 0x8, 0x7fa, &(0x7f0000001800)})
mmap$auto(0xe, 0x20009, 0xdf, 0xeb1, r0, 0x8000)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
r4 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0xfff, 0xe8a, 0x1ff, 0xeb1, 0x8000000000000024, 0x4)
close_range$auto(0x2, 0x8, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x218042, 0x7d)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x2, 0x0)
sendmmsg$auto(r3, &(0x7f0000000280)={{0x0, 0x0, &(0x7f00000001c0)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0xb505}, 0x800}, 0x101, 0x4008)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
writev$auto(r5, &(0x7f0000000200)={0x0, 0xb}, 0x200000003)
write$auto(r4, 0x0, 0x5c8)
socket(0x2b, 0x1, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x2, 0x8, 0x0)

5.973297342s ago: executing program 5 (id=5567):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001180), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, r1, 0x1, 0x70bd2b, 0x25dfdc03, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x14, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x10, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0xc, 0x1, 0x0, 0x1, [@NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST={0x5}]}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40891}, 0x4)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/vrf/strict_mode\x00', 0x80202, 0x0)
sendfile$auto(r2, 0x3, 0x0, 0x400000000008)

5.932649658s ago: executing program 4 (id=5568):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) (fail_nth: 6)

4.889309634s ago: executing program 6 (id=5569):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000100)=""/4096, 0x1000)
setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000001ac0), r1)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), r1)
sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000014c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000005}, 0x40011)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
ioctl$auto_RTC_ALM_READ(r1, 0x80247008, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
ioctl$auto_SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, 0x0)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r2 = socket(0x1e, 0x1, 0x0)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001580), r0)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
execveat$auto(0xffffffffffffffff, 0x0, &(0x7f0000001480)=&(0x7f0000001200)='[\x00', 0x0, 0x80)
statx$auto(0xffffffffffffff9c, &(0x7f0000001240)=':,\x00', 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, <r4=>0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]})
wait4$auto(0x0, &(0x7f0000001380)=0x7, 0x6, &(0x7f00000013c0)={{0xc000000, 0x4}, {0x80000048, 0x7}, 0x55f, 0xa4ac, 0x12, 0x1, 0x2, 0x1, 0x100, 0x9, 0x45, 0x7, 0x6, 0xfffffffffffffeff, 0x81, 0x1b})
shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000001580)={{0x8, 0x0, r4, 0x7bf, 0x19, 0x7ff, 0x8001}, 0x3, 0x208000001, 0x3, 0x4, @raw=0xe74, @raw=0x101, 0xe645, 0x0, 0x0, &(0x7f0000001540)="65c8e2dc93f86ac11fb36326c1fbced2a465fc8969"})
sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x1000)
r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0)
ioctl$auto(r5, 0xc0045627, r2)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
write$auto(0xffffffffffffffff, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fcdbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500c862a41184f600000a00010000000000000000000a00010070b28a70c5dc0000080004000300000006000700ff00000008000400"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)

4.888724689s ago: executing program 4 (id=5570):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0)
listen$auto(0x3, 0x81)
r2 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fcntl$auto_F_NOTIFY(r2, 0x402, 0x9000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
fsopen$auto(0x0, 0x1)
prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
mmap$auto(0x2, 0xffffffbffffffffd, 0x4000000000df, 0x1c, r1, 0x300000000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r4, r4, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r6, 0x1, 0x70bd25, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

3.859124056s ago: executing program 5 (id=5571):
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009", 0x791)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x80000011, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
open(0x0, 0x10840, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0xfffffffe)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
socket(0xa, 0x5, 0x84)
close_range$auto(0x2, 0x8, 0x0)

3.777671363s ago: executing program 6 (id=5572):
socket$nl_generic(0x10, 0x3, 0x10) (async)
unshare$auto(0x40000080) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
prctl$auto(0x3, 0x1, 0x0, 0x1, 0x0) (async)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0) (async)
mmap$auto(0x0, 0xe983, 0xdf, 0x20000000000eb1, r0, 0x8000) (async)
process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, 0x0, 0xd, 0xd, 0x0)
process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffd8ef, &(0x7f0000000000)={&(0x7f00000000c0)="e8dba26e705740bdd643661c0b551a577d300290a30c728313928a912eefb7d3082d7ceda16b039f720001cccf0cf557c7736293f46fd44cdf27f4d6e928d43efcaca824d638fde32e921f12340088bcf21c5f385fe7ae6b0d565a24a9be5753c96cb4dfd466ad3b2a4d0b146b0d9ca6f21b3fa4ab7e6d5948ead98a7ee7529888f94308b9ee44e40fd3316df288a455f9e18ed7d56034ca89b962fbafc7ebba2c059f8b5e3aa57a64", 0x5}, 0x8, 0x4f, 0x0) (async)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x4044c1, 0x0) (async)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x404c8c4}, 0x40081)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb4, 0x401, 0x8000) (async)
socket(0x2b, 0x1, 0x1) (async)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x201) (async)
socket(0x26, 0x80000, 0x0)
shmctl$auto_SHM_UNLOCK(0x8, 0xc, &(0x7f0000000240)={{0x1, 0xee00, 0x0, 0x4, 0x1, 0x3, 0x94}, 0x3, 0x10, 0x6, 0x291, @raw=0x3ff, @raw=0x7, 0xd33, 0x0, &(0x7f0000000080)="1321b4fcc1dcb5bc2d68f96b52e85f3fd7e415f14f5ee525e4b67927bab46eff41bab5529940fe12952bf8b98d61e12864a71c24035c502a0027f50c5b1bc9939d6952b2b6307722728de762a2811bd9ca8bced9b5d1851416fa4ff327bfc1a963bf", 0x0}) (async)
timer_settime$auto(0x0, 0x5, &(0x7f00000000c0)={{0x8, 0x10004}, {0xd, 0x800000010}}, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$auto(0x3, 0xae41, r1) (async)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x18b800, 0x0)
ioctl$auto(0x3, 0xae41, r3) (async)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x3, 0x0, [{0x7f, 0x3, 0x4}]}) (async)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/personality\x00', 0x309002, 0x0) (async)
read$auto_proc_single_file_operations_base(r2, &(0x7f00000002c0)=""/90, 0x5a)
mmap$auto(0x0, 0x7, 0x80000000000006, 0x11, r1, 0x8000)

3.173617091s ago: executing program 4 (id=5573):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/pressure/memory\x00', 0x8f3b7a51b80ebd01, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/dvb_usb_dibusb_mc/new_id\x00', 0x80002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1)
write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=' \\x', 0x3)
close_range$auto(0x2, 0x8, 0x0)
pipe$auto(&(0x7f0000000500))
fcntl$auto(0x3, 0x4, 0xa553)
select$auto(0x5, &(0x7f0000000180)={[0x400020000008, 0xfffffffffffffffc, 0x6, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0x7, 0x2, 0x9, 0x2, 0xa657, 0x203, 0xd3, 0xfdfe]}, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x2, 0x765a, 0x0, 0x3, 0x3)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
ioctl$auto_TUNGETVNETBE2(0xffffffffffffffff, 0x800454df, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16b280, 0x0)

2.858913542s ago: executing program 5 (id=5574):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
write$auto_tty_fops_tty_io(r0, &(0x7f00000001c0)="352c8efa618c0bcf83a4ebdb27ec25906b0e1015b18c429fc1d7c523728754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1361fef8e0e23a77846b4e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c358cc121ffefc1e0f3a31c079ae368fd33dedc87d100f7f3eafc4e10d22e8e8d6c27ef8c0e1b12f18389c2473fbc695cbf8d352993273c0382ab671751b4d", 0xb9)

2.762844903s ago: executing program 4 (id=5575):
connect$auto(0x3, 0x0, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x88b02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
capset$auto(&(0x7f0000000040)={0x19980330}, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r1, 0x401070cd, 0x5)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000001, 0x0, 0x2000000000000003, 0x0, 0x24, 0x1}, 0x401}, 0x800, 0xa0000000)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000080)={0x5, 0xfffffffb, [0xfffffffd, 0x3ff, 0xc7, 0x80000001, 0x7]})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000001100), 0x129a4bf7bca8a7f9, 0x0)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003d40), 0xffffffffffffffff)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x6, 0x61c, 0x6)
madvise$auto(0x0, 0x200007, 0x19)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video7\x00', 0x8200, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000000)=""/133, 0x85)

2.636495425s ago: executing program 5 (id=5576):
connect$auto(0x3, 0x0, 0x58)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run\x00', 0x88b02, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
capset$auto(&(0x7f0000000040)={0x19980330}, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r1, 0x401070cd, 0x5)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000001, 0x0, 0x2000000000000003, 0x0, 0x24, 0x1}, 0x401}, 0x800, 0xa0000000)
r2 = socket(0xa, 0x5, 0x84)
sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000080)={0x5, 0xfffffffb, [0xfffffffd, 0x3ff, 0xc7, 0x80000001, 0x7]})
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000001100), 0x129a4bf7bca8a7f9, 0x0)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003d40), 0xffffffffffffffff)
madvise$auto(0x0, 0x2003f2, 0x15)
madvise$auto(0x6, 0x61c, 0x6)
madvise$auto(0x0, 0x200007, 0x19)
r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video7\x00', 0x8200, 0x0)
read$auto_v4l2_fops_v4l2_dev(r3, &(0x7f0000000000)=""/133, 0x85)

1.78833792s ago: executing program 6 (id=5577):
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
semctl$auto_GETNCNT(0x4, 0x7fff, 0xe, 0xfff)
lseek$auto(0xffffffffffffffff, 0x1ae, 0x2)
r1 = socket(0x2, 0x801, 0x106)
fsmount$auto(r1, 0x5, 0x0)
r2 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x1, 0x106)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
write$auto(0x3, 0x0, 0x1)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0x3, 0x541b, 0x38)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1)
sendmsg$auto_NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f00000004c0)={0x220, r4, 0x400, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_TWT_RESPONDER={0x4}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0xfffffff8}, @NL80211_ATTR_BSS_SELECT={0x1fd, 0xe3, 0x0, 0x1, [@generic="13282a658c36c3dfe52a7a62d1f20d64be958ec53c46ba69885700fb", @typed={0x8, 0x16, 0x0, 0x0, @binary="1551f6619036cb90f2caba7fe5fc6785a44cfd466381802a1e9ea457b223aa08e75c2aba568bf62b85e871fe0700bc263cc0ccb98d018284c9ef9f5558f67c9d5e658473b7c08c8f7b1d006951aa9336eb4d13ca8ce8452463f205b51c3c4934e6406fe80d47366fa74fe8b99d8d2fc7d377363d970e27d889d4841e4fec5b5a9859ebf838f3e612961cc50ccc9c3ae10c252f4271236dc84ea4506b644c12c027030b00b681882cc0e4e96c085edbb94479a3e575fac60f32e958e4b27871f6020a2f8954af549d"}, @generic="c640e93ddf48567e3ff109cfb8f8642de18e6a163c7b77a4594d3f6033db624619", @nested={0xb80c, 0x10b, 0x0, 0x1, [@nested={0x4, 0x106}, @nested={0x4, 0x18}, @nested={0x4, 0x8}, @generic="43ebc42ac935379a4c22434459cfa3f77e857f6beb935edf804e8267d2b4fe8ca277bf7a0032b1d2342eae54cba696b8367a6e801496690c0dd8f98a7da325b8f699afc4abd19fd91707e90963ba755bf526bbf80cfe779ec54e4c2955a073d2fa87f7873f7c7017f98985a14b95d2b16702441bcce8c499d8d1a426b30e8eb34a0921cd5fa25c43bd5f20b38edf27d9964b9edc021f30edd35ddf562a160b780de96b36b75a0ca3ea9f09c4a6e85265d4f4c2ed804a5e5b03a8acb416ae7594cb8988fd37efa1d1f1138ad7d8e682d5ea1b1f3f6f2685aa2e4a5e43a41f65435ee9fdd2a13dcbb6", @nested={0x4, 0xb2}, @nested={0x4, 0xf9}]}, @typed={0x4, 0x14d}, @nested={0x8, 0x1010, 0x0, 0x1, [@nested={0x4, 0xc1}]}, @generic="589f37ad83d0be6fa91daf0150c43a4ffbf4192158db0bf186ec41b202e70477604683e7b20b7461d68c8c67903fc5804864dc13d97f0da5940691479a5d3a189dad3e9566b4423e719b9320f5fca0beb55989ad948bec20187b1ee7ea5fef653923c2aacadf3aa45bedf82bff4e81f8021601db4e367d5537b5d8a08510fd5301d8e1a3dd1005ae29f697d880d0ff81806a44de138fafd852603d74d31a721feaed863f3fbda998"]}]}, 0x220}, 0x1, 0x0, 0x0, 0x4044080}, 0x0)
setsockopt$auto(r2, 0x0, 0x40, 0x0, 0x10000)
write$auto_tty_fops_tty_io(r0, &(0x7f00000001c0)="352c8efa618c0bcf83a4ebdb27ec25906b0e1015b18c429fc1d7c523728754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1361fef8e0e23a77846b4e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c358cc121ffefc1e0f3a31c079ae368fd33dedc87d100f7f3eafc4e10d22e8e8d6c27ef8c0e1b12f18389c2473fbc695cbf8d352993273c0382ab671751b4d", 0xb9)

1.230532795s ago: executing program 1 (id=5578):
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r0, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC<s\xbf\xf4\xf37o\xec\f\xf4\xde\x06\xb4x\xcep|\xa1\xd5\xc3r\x8d\xe5\xda#\f\xa7-\xaf@\xc3x\xa2\"h\xec\xa0\x9ay\'\x99\xca\x9a\xa6\xda6\xb3E\xe1-\x17I!J\xf0\xb7\xc9O\xe9f\x93~\xce\x0e\x8c\xfa\xe3\x89\xca\xf5\xa2\xd2t\x84\xf8`e\x16\xf49\x9aVBa~i\xb9s\x00\x00\x00\x00\x00\x00\x00\x00\n\x04>=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(0xffffffffffffffff, 0x1, 0x0)
clock_adjtime$auto(0x401, &(0x7f0000000080)={0xd, 0x0, 0x6, 0x9, 0x4, 0x3, 0x80000001, 0x0, 0x8, 0xd, 0x10001, {0x8, 0xf2}, 0xfffffffffffffb28, 0xe, 0x7fff80000000000, 0x0, 0x0, 0x1, 0xaf, 0xbf6, 0x3d9b, 0x0, 0xf1fa})
connect$auto(0x3, 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000b00), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fcdbdf51507149333cddbf8125040000000d001a800800010006000000"], 0x20}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff)

762.61714ms ago: executing program 1 (id=5579):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
preadv$auto(r0, &(0x7f0000000080)={&(0x7f0000000040)="17364ca2e7d23f46d3c67e2796d4a7c592de8c613e373a2e6b", 0x225a}, 0x1, 0x9, 0xfffffffffffffffb)
r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
readv$auto(r1, &(0x7f0000000240)={0x0, 0x101}, 0x9)
epoll_wait$auto(r0, 0x0, 0x5, 0x3)

631.450082ms ago: executing program 4 (id=5580):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) (fail_nth: 7)

527.700092ms ago: executing program 5 (id=5581):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/025/001\x00', 0x8901, 0x0)
ioctl$auto(r1, 0x5522, r1)
ioctl$auto(r1, 0x5521, 0xffffffffffffffff)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xffffffffffffff0a, 0x0, 0x1, 0x0, 0x0, 0x40080d1}, 0x48000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto_SO_REUSEPORT(r4, 0x1, 0xf, &(0x7f0000000780)='\x00', &(0x7f00000007c0)=0xd)
linkat$auto(r2, &(0x7f00000000c0)='&&\x00', 0xffffffffffffffff, &(0x7f0000000200)='&&\x00', 0x2)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
futex$auto(0x0, 0x4f549, 0xc, 0x0, 0x0, 0x404)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r5 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa)
write$auto(r5, 0x0, 0xfffffdf1)
linkat$auto(r5, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
fsetxattr$auto(r5, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1)
mprotect$auto(0x0, 0x8000000000000001, 0x8)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00')
prctl$auto(0x4, 0x1, 0x0, 0x9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84)

301.235831ms ago: executing program 1 (id=5582):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2c, 0x1, 0x0)
listen$auto(0x3, 0x81)
r2 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
fcntl$auto_F_NOTIFY(r2, 0x402, 0x9000)
r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0)
ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0)
mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2)
mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000)
fsopen$auto(0x0, 0x1)
prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
shutdown$auto(0x200000003, 0x2)
recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0)
madvise$auto(0x0, 0x2003f2, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(0x0, r1)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
sendfile$auto(r4, r4, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r6, 0x1, 0x70bd25, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004)

0s ago: executing program 4 (id=5583):
mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000840)="5142651f911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb12dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009", 0x791)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
syz_clone(0x80000011, 0x0, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130)
open(0x0, 0x10840, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0xfffffffe)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/zram0/reset\x00', 0xa001, 0x0)
write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9)
socket(0xa, 0x5, 0x84)
close_range$auto(0x2, 0x8, 0x0)

kernel console output (not intermixed with test programs):

ND, [L]=SOFTLOCKUP
[ 1739.441471][T28496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1739.441485][T28496] Call Trace:
[ 1739.441492][T28496]  <TASK>
[ 1739.441502][T28496]  dump_stack_lvl+0x100/0x190
[ 1739.441542][T28496]  should_fail_ex.cold+0x5/0xa
[ 1739.441570][T28496]  should_failslab+0xc2/0x120
[ 1739.441595][T28496]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1739.441631][T28496]  ? mas_alloc_nodes+0x280/0x390
[ 1739.441667][T28496]  mas_alloc_nodes+0x280/0x390
[ 1739.441699][T28496]  mas_preallocate+0x39c/0xf10
[ 1739.441739][T28496]  ? __pfx_mas_preallocate+0x10/0x10
[ 1739.441781][T28496]  ? vm_area_alloc+0x1f/0x160
[ 1739.441815][T28496]  ? lockdep_init_map_type+0x5c/0x250
[ 1739.441850][T28496]  __mmap_region+0x12b5/0x29e0
[ 1739.441889][T28496]  ? __pfx___mmap_region+0x10/0x10
[ 1739.441930][T28496]  ? set_next_entity+0x11e/0x9c0
[ 1739.441969][T28496]  ? __lock_acquire+0x4a5/0x2630
[ 1739.442006][T28496]  ? find_held_lock+0x2b/0x80
[ 1739.442039][T28496]  ? find_held_lock+0x2b/0x80
[ 1739.442060][T28496]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1739.442085][T28496]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1739.442122][T28496]  ? trace_sched_exit_tp+0x13a/0x180
[ 1739.442151][T28496]  ? __schedule+0x1000/0x6120
[ 1739.442217][T28496]  ? rcu_is_watching+0x12/0xc0
[ 1739.442253][T28496]  ? cap_capable+0x107/0x460
[ 1739.442297][T28496]  mmap_region+0x180/0x3e0
[ 1739.442338][T28496]  do_mmap+0xc63/0x12f0
[ 1739.442369][T28496]  ? __pfx_do_mmap+0x10/0x10
[ 1739.442395][T28496]  ? __pfx_down_write_killable+0x10/0x10
[ 1739.442439][T28496]  vm_mmap_pgoff+0x29e/0x470
[ 1739.442472][T28496]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1739.442501][T28496]  ? do_futex+0x192/0x350
[ 1739.442533][T28496]  ? __pfx_do_futex+0x10/0x10
[ 1739.442562][T28496]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1739.442599][T28496]  ksys_mmap_pgoff+0xe1/0x650
[ 1739.442625][T28496]  ? __x64_sys_futex+0x34f/0x4d0
[ 1739.442655][T28496]  ? __x64_sys_futex+0x358/0x4d0
[ 1739.442687][T28496]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1739.442713][T28496]  ? xfd_validate_state+0x129/0x190
[ 1739.442754][T28496]  __x64_sys_mmap+0x125/0x190
[ 1739.442793][T28496]  do_syscall_64+0x106/0xf80
[ 1739.442826][T28496]  ? clear_bhb_loop+0x40/0x90
[ 1739.442856][T28496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1739.442881][T28496] RIP: 0033:0x7f9a6179c799
[ 1739.442901][T28496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1739.442925][T28496] RSP: 002b:00007f9a5f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1739.442948][T28496] RAX: ffffffffffffffda RBX: 00007f9a61a16090 RCX: 00007f9a6179c799
[ 1739.442964][T28496] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[ 1739.442979][T28496] RBP: 00007f9a61832c99 R08: 0000000000000401 R09: 0000000000008000
[ 1739.442998][T28496] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1739.443013][T28496] R13: 00007f9a61a16128 R14: 00007f9a61a16090 R15: 00007fffc3b75718
[ 1739.443044][T28496]  </TASK>
[ 1740.582115][T28212] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow.
[ 1741.750669][T28211] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4881 with max blocks 4 with error 117
[ 1741.814849][T28211] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1741.814849][T28211] 
[ 1741.881363][T28211] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 9 with max blocks 8 with error 117
[ 1741.939119][T28211] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1741.939119][T28211] 
[ 1742.445698][T28516] can: request_module (can-proto-3) failed.
[ 1743.894158][T28546] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4880 with max blocks 1 with error 117
[ 1743.952712][T28539] netlink: 'syz.4.5057': attribute type 5 has an invalid length.
[ 1743.968739][T28539] netlink: 4158 bytes leftover after parsing attributes in process `syz.4.5057'.
[ 1744.222566][T28546] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1744.222566][T28546] 
[ 1744.571775][T28553] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5060'.
[ 1744.645133][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1744.651053][T28555] ptp ptp0: delete virtual clock ptp3
[ 1744.796181][T28555] ptp ptp0: delete virtual clock ptp2
[ 1744.858808][T28555] ptp ptp0: delete virtual clock ptp1
[ 1744.946229][T28555] ptp ptp0: only physical clock in use now
[ 1746.145230][T28585] netlink: 'syz.6.5066': attribute type 11 has an invalid length.
[ 1746.268397][T28585] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5066'.
[ 1746.308671][T28570] sd 0:0:1:0: PR command failed: 1026
[ 1746.343563][T28570] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1746.361736][T28585] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5066'.
[ 1746.372512][T28570] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1747.056447][T28212] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 903 with max blocks 19 with error 117
[ 1747.140948][T28212] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1747.140948][T28212] 
[ 1747.299815][T28579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1748.235189][T28608] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5070'.
[ 1748.333801][T28608] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5070'.
[ 1748.506994][T28612] netlink: 29 bytes leftover after parsing attributes in process `syz.5.5071'.
[ 1748.588632][T28214] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[ 1749.054379][T28622] device-mapper: ioctl: only supply one of name or uuid, cmd(16)
[ 1750.206830][T28651] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1750.355273][T28651] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1750.532815][T28651] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1750.630202][T28651] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1751.437943][   T30] audit: type=1800 audit(4294967379.629:29): pid=28665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5084" name="dbroot" dev="configfs" ino=411179 res=0 errno=0
[ 1751.774408][T28665] tipc: Started in network mode
[ 1751.800398][T28665] tipc: Node identity ffffffff, cluster identity 4711
[ 1751.913423][T28665] tipc: Node number set to 4294967295
[ 1752.232889][T28214] Bluetooth: hci2: command 0x0406 tx timeout
[ 1752.399040][T28214] Bluetooth: hci4: command 0x0406 tx timeout
[ 1752.557458][T28214] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1752.631536][T28214] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1754.986115][T28716] sd 0:0:1:0: PR command failed: 1026
[ 1755.011408][T28716] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1755.066706][T28716] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1757.365950][T28748] netlink: 'syz.5.5101': attribute type 11 has an invalid length.
[ 1757.422106][T28748] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5101'.
[ 1757.441974][T28748] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5101'.
[ 1757.777079][T28747] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1758.152892][T28771] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5107'.
[ 1758.214560][T28771] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5107'.
[ 1759.667229][T28799] FAULT_INJECTION: forcing a failure.
[ 1759.667229][T28799] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1759.748711][T28799] CPU: 0 UID: 0 PID: 28799 Comm: syz.4.5114 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1759.748757][T28799] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1759.748769][T28799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1759.748785][T28799] Call Trace:
[ 1759.748794][T28799]  <TASK>
[ 1759.748804][T28799]  dump_stack_lvl+0x100/0x190
[ 1759.748848][T28799]  should_fail_ex.cold+0x5/0xa
[ 1759.748879][T28799]  get_futex_key+0x1d2/0x1620
[ 1759.748913][T28799]  ? __pfx_get_futex_key+0x10/0x10
[ 1759.748944][T28799]  ? mt_find+0x687/0x8e0
[ 1759.748991][T28799]  futex_wait_setup+0x83/0x510
[ 1759.749038][T28799]  __futex_wait+0x19f/0x300
[ 1759.749080][T28799]  ? __pfx___futex_wait+0x10/0x10
[ 1759.749119][T28799]  ? fixup_exception+0x119/0xff0
[ 1759.749150][T28799]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1759.749193][T28799]  ? futex_hash+0x2c5/0x380
[ 1759.749232][T28799]  futex_wait+0xed/0x380
[ 1759.749271][T28799]  ? __pfx_futex_wait+0x10/0x10
[ 1759.749326][T28799]  do_futex+0x1ef/0x350
[ 1759.749360][T28799]  ? __pfx_do_futex+0x10/0x10
[ 1759.749394][T28799]  ? __sys_connect+0xe4/0x170
[ 1759.749431][T28799]  __x64_sys_futex+0x34f/0x4d0
[ 1759.749478][T28799]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1759.749523][T28799]  do_syscall_64+0x106/0xf80
[ 1759.749559][T28799]  ? clear_bhb_loop+0x40/0x90
[ 1759.749590][T28799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1759.749617][T28799] RIP: 0033:0x7f59d119c799
[ 1759.749639][T28799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1759.749664][T28799] RSP: 002b:00007f59d20cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1759.749688][T28799] RAX: ffffffffffffffda RBX: 00007f59d1415fa8 RCX: 00007f59d119c799
[ 1759.749706][T28799] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59d1415fa8
[ 1759.749722][T28799] RBP: 00007f59d1415fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1759.749738][T28799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1759.749753][T28799] R13: 00007f59d1416038 R14: 00007ffe464a68a0 R15: 00007ffe464a6988
[ 1759.749785][T28799]  </TASK>
[ 1760.645563][T28810] netlink: 'syz.4.5115': attribute type 11 has an invalid length.
[ 1760.672096][T28810] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5115'.
[ 1760.713903][T28810] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5115'.
[ 1761.153106][T28805] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1761.892632][T28827] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff81b10f9a (__mcheck_cpu_init_prepare_banks+0x18a/0x380)
[ 1761.908441][T28827] Call Trace:
[ 1761.911749][T28827]  <TASK>
[ 1761.914810][T28827]  ? __pfx___mcheck_cpu_init_prepare_banks+0x10/0x10
[ 1761.921542][T28827]  ? __pfx_debug_object_deactivate+0x10/0x10
[ 1761.927662][T28827]  mce_cpu_restart+0xd5/0x1f0
[ 1761.932376][T28827]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1761.937705][T28827]  smp_call_function_many_cond+0x11fc/0x1500
[ 1761.943712][T28827]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1761.949034][T28827]  ? mark_held_locks+0x40/0x70
[ 1761.953846][T28827]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1761.959698][T28827]  ? lockdep_hardirqs_on+0x78/0x100
[ 1761.964937][T28827]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1761.970791][T28827]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1761.977156][T28827]  ? __pfx___try_to_del_timer_sync+0x10/0x10
[ 1761.983179][T28827]  ? __timer_delete_sync+0x151/0x1c0
[ 1761.988499][T28827]  ? __pfx_mce_cpu_restart+0x10/0x10
[ 1761.993835][T28827]  on_each_cpu_cond_mask+0x40/0x90
[ 1761.998985][T28827]  set_bank+0x240/0x3a0
[ 1762.003182][T28827]  ? __pfx_set_bank+0x10/0x10
[ 1762.007916][T28827]  ? find_held_lock+0x2b/0x80
[ 1762.012627][T28827]  ? sysfs_file_kobj+0xe4/0x290
[ 1762.017509][T28827]  ? sysfs_file_kobj+0xe4/0x290
[ 1762.022387][T28827]  ? __pfx_set_bank+0x10/0x10
[ 1762.027101][T28827]  dev_attr_store+0x58/0x80
[ 1762.031736][T28827]  ? __pfx_dev_attr_store+0x10/0x10
[ 1762.037133][T28827]  sysfs_kf_write+0xf2/0x150
[ 1762.041776][T28827]  kernfs_fop_write_iter+0x3e0/0x5f0
[ 1762.047085][T28827]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1762.052320][T28827]  vfs_write+0x6ac/0x1070
[ 1762.056670][T28827]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1762.062590][T28827]  ? __pfx_vfs_write+0x10/0x10
[ 1762.067483][T28827]  ksys_write+0x12a/0x250
[ 1762.071830][T28827]  ? __pfx_ksys_write+0x10/0x10
[ 1762.076719][T28827]  do_syscall_64+0x106/0xf80
[ 1762.081343][T28827]  ? clear_bhb_loop+0x40/0x90
[ 1762.086057][T28827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1762.091996][T28827] RIP: 0033:0x7f59d119c799
[ 1762.096431][T28827] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1762.116062][T28827] RSP: 002b:00007f59d20ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1762.124511][T28827] RAX: ffffffffffffffda RBX: 00007f59d1416090 RCX: 00007f59d119c799
[ 1762.132514][T28827] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000004
[ 1762.140510][T28827] RBP: 00007f59d1232c99 R08: 0000000000000000 R09: 0000000000000000
[ 1762.148512][T28827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1762.156517][T28827] R13: 00007f59d1416128 R14: 00007f59d1416090 R15: 00007ffe464a6988
[ 1762.164537][T28827]  </TASK>
[ 1763.386534][T28831] vivid-007: =================  START STATUS  =================
[ 1763.471404][T28831] vivid-007: Generate PTS: true
[ 1763.476327][T28831] vivid-007: Generate SCR: true
[ 1763.574123][T28831] tpg source WxH: 320x240 (Y'CbCr)
[ 1763.579296][T28831] tpg field: 1
[ 1763.764533][T28831] tpg crop: (0,0)/320x240
[ 1763.860971][T28831] tpg compose: (0,0)/320x240
[ 1763.965352][T28831] tpg colorspace: 8
[ 1763.969381][T28831] tpg transfer function: 0/0
[ 1764.021517][T28831] tpg Y'CbCr encoding: 0/0
[ 1764.026011][T28831] tpg quantization: 0/0
[ 1764.091676][T28831] tpg RGB range: 0/2
[ 1764.111360][T28831] vivid-007: ==================  END STATUS  ==================
[ 1764.726598][T28843] FAULT_INJECTION: forcing a failure.
[ 1764.726598][T28843] name failslab, interval 1, probability 0, space 0, times 0
[ 1764.821575][T28843] CPU: 0 UID: 0 PID: 28843 Comm: syz.4.5121 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1764.821617][T28843] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1764.821628][T28843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1764.821642][T28843] Call Trace:
[ 1764.821651][T28843]  <TASK>
[ 1764.821660][T28843]  dump_stack_lvl+0x100/0x190
[ 1764.821702][T28843]  should_fail_ex.cold+0x5/0xa
[ 1764.821729][T28843]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1764.821763][T28843]  should_failslab+0xc2/0x120
[ 1764.821789][T28843]  __kmalloc_noprof+0xe0/0x850
[ 1764.821832][T28843]  tomoyo_realpath_from_path+0xb6/0x690
[ 1764.821871][T28843]  tomoyo_path_number_perm+0x23c/0x580
[ 1764.821897][T28843]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1764.821925][T28843]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1764.821980][T28843]  ? find_held_lock+0x2b/0x80
[ 1764.822002][T28843]  ? __fget_files+0x215/0x3d0
[ 1764.822023][T28843]  ? hook_file_ioctl_common+0x146/0x410
[ 1764.822057][T28843]  ? __fget_files+0x21f/0x3d0
[ 1764.822092][T28843]  security_file_ioctl+0xd3/0x230
[ 1764.822121][T28843]  __x64_sys_ioctl+0xb7/0x210
[ 1764.822158][T28843]  do_syscall_64+0x106/0xf80
[ 1764.822192][T28843]  ? clear_bhb_loop+0x40/0x90
[ 1764.822222][T28843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1764.822246][T28843] RIP: 0033:0x7f59d119c799
[ 1764.822266][T28843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1764.822289][T28843] RSP: 002b:00007f59d20cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1764.822312][T28843] RAX: ffffffffffffffda RBX: 00007f59d1415fa0 RCX: 00007f59d119c799
[ 1764.822328][T28843] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000003
[ 1764.822342][T28843] RBP: 00007f59d20cf090 R08: 0000000000000000 R09: 0000000000000000
[ 1764.822356][T28843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1764.822370][T28843] R13: 00007f59d1416038 R14: 00007f59d1415fa0 R15: 00007ffe464a6988
[ 1764.822401][T28843]  </TASK>
[ 1764.822411][T28843] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1765.838551][T28853] FAULT_INJECTION: forcing a failure.
[ 1765.838551][T28853] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1765.940664][T28853] CPU: 0 UID: 0 PID: 28853 Comm: syz.6.5120 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1765.940709][T28853] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1765.940724][T28853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1765.940740][T28853] Call Trace:
[ 1765.940749][T28853]  <TASK>
[ 1765.940759][T28853]  dump_stack_lvl+0x100/0x190
[ 1765.940803][T28853]  should_fail_ex.cold+0x5/0xa
[ 1765.940828][T28853]  ? __kernel_text_address+0xd/0x30
[ 1765.940870][T28853]  get_futex_key+0x1d2/0x1620
[ 1765.940906][T28853]  ? __pfx_get_futex_key+0x10/0x10
[ 1765.940938][T28853]  ? putname+0xb1/0x110
[ 1765.940966][T28853]  ? stack_trace_save+0x8e/0xc0
[ 1765.940990][T28853]  ? __pfx_stack_trace_save+0x10/0x10
[ 1765.941019][T28853]  futex_wait_setup+0x83/0x510
[ 1765.941066][T28853]  __futex_wait+0x19f/0x300
[ 1765.941114][T28853]  ? __pfx___futex_wait+0x10/0x10
[ 1765.941159][T28853]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1765.941202][T28853]  ? futex_hash+0x2c5/0x380
[ 1765.941241][T28853]  futex_wait+0xed/0x380
[ 1765.941280][T28853]  ? __pfx_futex_wait+0x10/0x10
[ 1765.941327][T28853]  ? putname+0xb1/0x110
[ 1765.941352][T28853]  ? kmem_cache_free+0x124/0x6a0
[ 1765.941386][T28853]  ? do_sys_openat2+0x1b4/0x1e0
[ 1765.941424][T28853]  do_futex+0x1ef/0x350
[ 1765.941458][T28853]  ? __pfx_do_futex+0x10/0x10
[ 1765.941489][T28853]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1765.941525][T28853]  ? __fget_files+0x21f/0x3d0
[ 1765.941552][T28853]  __x64_sys_futex+0x34f/0x4d0
[ 1765.941588][T28853]  ? __x64_sys_openat+0x12d/0x210
[ 1765.941622][T28853]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1765.941667][T28853]  do_syscall_64+0x106/0xf80
[ 1765.941703][T28853]  ? clear_bhb_loop+0x40/0x90
[ 1765.941734][T28853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1765.941761][T28853] RIP: 0033:0x7fb72e19c799
[ 1765.941782][T28853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1765.941808][T28853] RSP: 002b:00007fb72c3f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1765.941832][T28853] RAX: ffffffffffffffda RBX: 00007fb72e416098 RCX: 00007fb72e19c799
[ 1765.941850][T28853] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fb72e416098
[ 1765.941866][T28853] RBP: 00007fb72e416090 R08: 0000000000000000 R09: 0000000000000000
[ 1765.941882][T28853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1765.941897][T28853] R13: 00007fb72e416128 R14: 00007ffc63f5bc30 R15: 00007ffc63f5bd18
[ 1765.941929][T28853]  </TASK>
[ 1767.352732][T28864] FAULT_INJECTION: forcing a failure.
[ 1767.352732][T28864] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1767.402656][T28864] CPU: 0 UID: 0 PID: 28864 Comm: syz.5.5124 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1767.402701][T28864] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1767.402712][T28864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1767.402729][T28864] Call Trace:
[ 1767.402737][T28864]  <TASK>
[ 1767.402747][T28864]  dump_stack_lvl+0x100/0x190
[ 1767.402791][T28864]  should_fail_ex.cold+0x5/0xa
[ 1767.402820][T28864]  get_futex_key+0x1d2/0x1620
[ 1767.402855][T28864]  ? __pfx_get_futex_key+0x10/0x10
[ 1767.402895][T28864]  ? mt_find+0x687/0x8e0
[ 1767.402942][T28864]  futex_wait_setup+0x83/0x510
[ 1767.402990][T28864]  __futex_wait+0x19f/0x300
[ 1767.403032][T28864]  ? __pfx___futex_wait+0x10/0x10
[ 1767.403071][T28864]  ? fixup_exception+0x119/0xff0
[ 1767.403101][T28864]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1767.403145][T28864]  ? futex_hash+0x2c5/0x380
[ 1767.403184][T28864]  futex_wait+0xed/0x380
[ 1767.403224][T28864]  ? __pfx_futex_wait+0x10/0x10
[ 1767.403278][T28864]  do_futex+0x1ef/0x350
[ 1767.403312][T28864]  ? __pfx_do_futex+0x10/0x10
[ 1767.403347][T28864]  ? __sys_connect+0xe4/0x170
[ 1767.403383][T28864]  __x64_sys_futex+0x34f/0x4d0
[ 1767.403421][T28864]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1767.403466][T28864]  do_syscall_64+0x106/0xf80
[ 1767.403502][T28864]  ? clear_bhb_loop+0x40/0x90
[ 1767.403539][T28864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1767.403566][T28864] RIP: 0033:0x7f9a6179c799
[ 1767.403588][T28864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1767.403613][T28864] RSP: 002b:00007f9a625780e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1767.403637][T28864] RAX: ffffffffffffffda RBX: 00007f9a61a15fa8 RCX: 00007f9a6179c799
[ 1767.403655][T28864] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9a61a15fa8
[ 1767.403671][T28864] RBP: 00007f9a61a15fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1767.403687][T28864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1767.403702][T28864] R13: 00007f9a61a16038 R14: 00007fffc3b75630 R15: 00007fffc3b75718
[ 1767.403734][T28864]  </TASK>
[ 1767.817593][T28872] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5127'.
[ 1767.827761][T28872] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5127'.
[ 1768.446728][T28879] netlink: 'syz.5.5130': attribute type 11 has an invalid length.
[ 1768.485570][T28879] netlink: 'syz.5.5130': attribute type 11 has an invalid length.
[ 1768.521297][T28879] netlink: 'syz.5.5130': attribute type 11 has an invalid length.
[ 1770.397901][T28895] FAULT_INJECTION: forcing a failure.
[ 1770.397901][T28895] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1770.454103][T28895] CPU: 0 UID: 0 PID: 28895 Comm: syz.4.5134 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1770.454148][T28895] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1770.454160][T28895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1770.454176][T28895] Call Trace:
[ 1770.454185][T28895]  <TASK>
[ 1770.454195][T28895]  dump_stack_lvl+0x100/0x190
[ 1770.454239][T28895]  should_fail_ex.cold+0x5/0xa
[ 1770.454265][T28895]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1770.454297][T28895]  should_fail_alloc_page+0xeb/0x140
[ 1770.454327][T28895]  prepare_alloc_pages+0x1f0/0x5f0
[ 1770.454356][T28895]  ? __lock_acquire+0x4a5/0x2630
[ 1770.454393][T28895]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1770.454440][T28895]  ? lock_acquire+0x1cf/0x380
[ 1770.454473][T28895]  ? find_held_lock+0x2b/0x80
[ 1770.454495][T28895]  ? page_table_check_set+0x49a/0xa10
[ 1770.454519][T28895]  ? page_table_check_set+0x49a/0xa10
[ 1770.454546][T28895]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1770.454594][T28895]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1770.454619][T28895]  ? xas_move_index+0xae/0x110
[ 1770.454656][T28895]  ? xas_find+0x32c/0x8e0
[ 1770.454704][T28895]  ? find_held_lock+0x2b/0x80
[ 1770.454728][T28895]  ? find_held_lock+0x2b/0x80
[ 1770.454750][T28895]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1770.454796][T28895]  ? policy_nodemask+0xed/0x4f0
[ 1770.454825][T28895]  alloc_pages_mpol+0x1fb/0x550
[ 1770.454854][T28895]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1770.454889][T28895]  folio_alloc_mpol_noprof+0x36/0x340
[ 1770.454923][T28895]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1770.454955][T28895]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1770.454996][T28895]  do_anonymous_page+0xb3a/0x1fb0
[ 1770.455041][T28895]  __handle_mm_fault+0x1d42/0x2b60
[ 1770.455082][T28895]  ? reacquire_held_locks+0xce/0x1e0
[ 1770.455116][T28895]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1770.455157][T28895]  ? lock_vma_under_rcu+0x17c/0x590
[ 1770.455208][T28895]  handle_mm_fault+0x36d/0xa20
[ 1770.455249][T28895]  do_user_addr_fault+0x5a3/0x12f0
[ 1770.455300][T28895]  exc_page_fault+0x6f/0xd0
[ 1770.455336][T28895]  asm_exc_page_fault+0x26/0x30
[ 1770.455361][T28895] RIP: 0033:0x7f59d105df4b
[ 1770.455382][T28895] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1770.455408][T28895] RSP: 002b:00007f59d20cdfa0 EFLAGS: 00010206
[ 1770.455428][T28895] RAX: 0000000000000000 RBX: 00007f59d1415fa0 RCX: 0000000000000000
[ 1770.455444][T28895] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000001140
[ 1770.455461][T28895] RBP: 00007f59d1232c99 R08: 0000000000000000 R09: 0000000000000000
[ 1770.455477][T28895] R10: 0000200000001140 R11: 0000000000000000 R12: 0000000000000000
[ 1770.455493][T28895] R13: 00007f59d1416038 R14: 00007f59d1415fa0 R15: 00007ffe464a6988
[ 1770.455525][T28895]  </TASK>
[ 1770.455543][T28895] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1771.449952][T28900] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[ 1771.875487][T28906] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5139'.
[ 1771.946141][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1772.660777][T28532] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4888 with max blocks 5 with error 117
[ 1772.777842][T28532] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1772.777842][T28532] 
[ 1773.384544][T28927] FAULT_INJECTION: forcing a failure.
[ 1773.384544][T28927] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1773.466387][T28927] CPU: 0 UID: 0 PID: 28927 Comm: syz.1.5144 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1773.466448][T28927] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1773.466459][T28927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1773.466474][T28927] Call Trace:
[ 1773.466482][T28927]  <TASK>
[ 1773.466491][T28927]  dump_stack_lvl+0x100/0x190
[ 1773.466533][T28927]  should_fail_ex.cold+0x5/0xa
[ 1773.466558][T28927]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1773.466589][T28927]  should_fail_alloc_page+0xeb/0x140
[ 1773.466616][T28927]  prepare_alloc_pages+0x1f0/0x5f0
[ 1773.466644][T28927]  ? find_held_lock+0x2b/0x80
[ 1773.466676][T28927]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1773.466717][T28927]  ? up_write+0x290/0x4f0
[ 1773.466758][T28927]  ? process_measurement+0x1f4/0x2350
[ 1773.466862][T28927]  ? tomoyo_check_open_permission+0x1db/0x3c0
[ 1773.466890][T28927]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1773.466933][T28927]  ? __lock_acquire+0x4a5/0x2630
[ 1773.466970][T28927]  ? __lock_acquire+0x4a5/0x2630
[ 1773.467004][T28927]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1773.467048][T28927]  ? policy_nodemask+0xed/0x4f0
[ 1773.467075][T28927]  alloc_pages_mpol+0x1fb/0x550
[ 1773.467102][T28927]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1773.467128][T28927]  ? bpf_ksym_find+0x124/0x1c0
[ 1773.467163][T28927]  alloc_pages_noprof+0x131/0x390
[ 1773.467190][T28927]  __pmd_alloc+0x3b/0x950
[ 1773.467221][T28927]  __handle_mm_fault+0xa99/0x2b60
[ 1773.467258][T28927]  ? mt_find+0x45e/0x8e0
[ 1773.467296][T28927]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1773.467327][T28927]  ? __pfx_mt_find+0x10/0x10
[ 1773.467378][T28927]  ? find_vma+0xbf/0x140
[ 1773.467400][T28927]  ? __pfx_find_vma+0x10/0x10
[ 1773.467426][T28927]  handle_mm_fault+0x36d/0xa20
[ 1773.467464][T28927]  do_user_addr_fault+0x74c/0x12f0
[ 1773.467512][T28927]  exc_page_fault+0x6f/0xd0
[ 1773.467546][T28927]  asm_exc_page_fault+0x26/0x30
[ 1773.467570][T28927] RIP: 0010:rep_movs_alternative+0xf/0x90
[ 1773.467597][T28927] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66
[ 1773.467619][T28927] RSP: 0018:ffffc90002e97d30 EFLAGS: 00050202
[ 1773.467639][T28927] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004
[ 1773.467654][T28927] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90002e97da0
[ 1773.467674][T28927] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520005d2fb4
[ 1773.467690][T28927] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[ 1773.467704][T28927] R13: ffffc90002e97da0 R14: 0000000000000000 R15: 0000000000000000
[ 1773.467733][T28927]  _copy_from_user+0x98/0xd0
[ 1773.467763][T28927]  do_sock_getsockopt+0x30b/0x3d0
[ 1773.467790][T28927]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1773.467816][T28927]  ? 0xffffffffff600000
[ 1773.467845][T28927]  __sys_getsockopt+0x133/0x1d0
[ 1773.467879][T28927]  ? 0xffffffffff600000
[ 1773.467898][T28927]  ? __pfx_ksys_write+0x10/0x10
[ 1773.467924][T28927]  ? __x64_sys_getsockopt+0xbd/0x160
[ 1773.467956][T28927]  __x64_sys_getsockopt+0xbd/0x160
[ 1773.467989][T28927]  ? do_syscall_64+0x95/0xf80
[ 1773.468022][T28927]  ? lockdep_hardirqs_on+0x78/0x100
[ 1773.468055][T28927]  do_syscall_64+0x106/0xf80
[ 1773.468087][T28927]  ? clear_bhb_loop+0x40/0x90
[ 1773.468116][T28927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1773.468141][T28927] RIP: 0033:0x7fafa7b9c799
[ 1773.468159][T28927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1773.468181][T28927] RSP: 002b:00007fafa8b35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1773.468203][T28927] RAX: ffffffffffffffda RBX: 00007fafa7e15fa0 RCX: 00007fafa7b9c799
[ 1773.468219][T28927] RDX: 0000000000002720 RSI: 0000000000000114 RDI: 0000000000000003
[ 1773.468233][T28927] RBP: 00007fafa8b35090 R08: 0000000000000000 R09: 0000000000000000
[ 1773.468248][T28927] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001
[ 1773.468263][T28927] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1773.468283][T28927]  ? 0xffffffffff600000
[ 1773.468310][T28927]  </TASK>
[ 1774.428057][T28937] FAULT_INJECTION: forcing a failure.
[ 1774.428057][T28937] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1774.479334][T28937] CPU: 0 UID: 0 PID: 28937 Comm: syz.1.5147 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1774.479379][T28937] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1774.479391][T28937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1774.479407][T28937] Call Trace:
[ 1774.479422][T28937]  <TASK>
[ 1774.479433][T28937]  dump_stack_lvl+0x100/0x190
[ 1774.479477][T28937]  should_fail_ex.cold+0x5/0xa
[ 1774.479501][T28937]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1774.479533][T28937]  should_fail_alloc_page+0xeb/0x140
[ 1774.479563][T28937]  prepare_alloc_pages+0x1f0/0x5f0
[ 1774.479591][T28937]  ? __lock_acquire+0x4a5/0x2630
[ 1774.479628][T28937]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1774.479675][T28937]  ? lock_acquire+0x1cf/0x380
[ 1774.479707][T28937]  ? find_held_lock+0x2b/0x80
[ 1774.479731][T28937]  ? page_table_check_set+0x49a/0xa10
[ 1774.479755][T28937]  ? page_table_check_set+0x49a/0xa10
[ 1774.479782][T28937]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1774.479830][T28937]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1774.479855][T28937]  ? xas_move_index+0xae/0x110
[ 1774.479892][T28937]  ? xas_find+0x32c/0x8e0
[ 1774.479934][T28937]  ? find_held_lock+0x2b/0x80
[ 1774.479956][T28937]  ? find_held_lock+0x2b/0x80
[ 1774.479979][T28937]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1774.480024][T28937]  ? policy_nodemask+0xed/0x4f0
[ 1774.480053][T28937]  alloc_pages_mpol+0x1fb/0x550
[ 1774.480081][T28937]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1774.480116][T28937]  folio_alloc_mpol_noprof+0x36/0x340
[ 1774.480150][T28937]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1774.480182][T28937]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1774.480223][T28937]  do_anonymous_page+0xb3a/0x1fb0
[ 1774.480269][T28937]  __handle_mm_fault+0x1d42/0x2b60
[ 1774.480309][T28937]  ? reacquire_held_locks+0xce/0x1e0
[ 1774.480343][T28937]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1774.480383][T28937]  ? lock_vma_under_rcu+0x17c/0x590
[ 1774.480440][T28937]  handle_mm_fault+0x36d/0xa20
[ 1774.480481][T28937]  do_user_addr_fault+0x5a3/0x12f0
[ 1774.480532][T28937]  exc_page_fault+0x6f/0xd0
[ 1774.480568][T28937]  asm_exc_page_fault+0x26/0x30
[ 1774.480594][T28937] RIP: 0033:0x7fafa7a5df4b
[ 1774.480615][T28937] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1774.480641][T28937] RSP: 002b:00007fafa8b33fa0 EFLAGS: 00010206
[ 1774.480661][T28937] RAX: 0000000000000000 RBX: 00007fafa7e15fa0 RCX: 0000000000000000
[ 1774.480678][T28937] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000001140
[ 1774.480694][T28937] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1774.480711][T28937] R10: 0000200000001140 R11: 0000000000000000 R12: 0000000000000000
[ 1774.480727][T28937] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1774.480759][T28937]  </TASK>
[ 1774.480775][T28937] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1775.886847][T28955] netlink: 'syz.6.5150': attribute type 11 has an invalid length.
[ 1775.962602][T28955] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5150'.
[ 1776.047615][T28955] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5150'.
[ 1776.455367][T28944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1776.480689][T28966] netlink: 29 bytes leftover after parsing attributes in process `syz.5.5152'.
[ 1776.563764][T28214] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[ 1776.816221][T28976] FAULT_INJECTION: forcing a failure.
[ 1776.816221][T28976] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1776.915658][T28976] CPU: 0 UID: 0 PID: 28976 Comm: syz.6.5155 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1776.915706][T28976] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1776.915718][T28976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1776.915734][T28976] Call Trace:
[ 1776.915743][T28976]  <TASK>
[ 1776.915753][T28976]  dump_stack_lvl+0x100/0x190
[ 1776.915796][T28976]  should_fail_ex.cold+0x5/0xa
[ 1776.915821][T28976]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1776.915853][T28976]  should_fail_alloc_page+0xeb/0x140
[ 1776.915882][T28976]  prepare_alloc_pages+0x1f0/0x5f0
[ 1776.915911][T28976]  ? bpf_ksym_find+0x124/0x1c0
[ 1776.915945][T28976]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1776.915988][T28976]  ? __kernel_text_address+0xd/0x30
[ 1776.916026][T28976]  ? unwind_get_return_address+0x59/0xa0
[ 1776.916054][T28976]  ? arch_stack_walk+0xa6/0xf0
[ 1776.916099][T28976]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1776.916139][T28976]  ? stack_trace_save+0x8e/0xc0
[ 1776.916165][T28976]  ? __pfx_stack_trace_save+0x10/0x10
[ 1776.916200][T28976]  ? stack_depot_save_flags+0x27/0x9d0
[ 1776.916233][T28976]  ? mas_store_prealloc+0x893/0xfb0
[ 1776.916262][T28976]  ? kasan_save_stack+0x30/0x50
[ 1776.916302][T28976]  ? kasan_save_track+0x14/0x30
[ 1776.916341][T28976]  ? __kasan_slab_alloc+0x89/0x90
[ 1776.916364][T28976]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1776.916402][T28976]  ? __pmd_alloc+0xbf/0x950
[ 1776.916429][T28976]  ? __handle_mm_fault+0xa99/0x2b60
[ 1776.916462][T28976]  ? handle_mm_fault+0x36d/0xa20
[ 1776.916501][T28976]  ? __get_user_pages+0xf9c/0x34d0
[ 1776.916529][T28976]  ? populate_vma_page_range+0x267/0x3f0
[ 1776.916559][T28976]  ? __mm_populate+0x107/0x3a0
[ 1776.916587][T28976]  ? vm_mmap_pgoff+0x37f/0x470
[ 1776.916614][T28976]  ? ksys_mmap_pgoff+0xe1/0x650
[ 1776.916639][T28976]  ? __x64_sys_mmap+0x125/0x190
[ 1776.916678][T28976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1776.916724][T28976]  ? policy_nodemask+0xed/0x4f0
[ 1776.916752][T28976]  alloc_pages_mpol+0x1fb/0x550
[ 1776.916782][T28976]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1776.916817][T28976]  alloc_pages_noprof+0x131/0x390
[ 1776.916845][T28976]  pte_alloc_one+0x1c/0x3d0
[ 1776.916874][T28976]  __pte_alloc+0x6d/0x3e0
[ 1776.916899][T28976]  ? __pfx___pte_alloc+0x10/0x10
[ 1776.916927][T28976]  ? do_raw_spin_lock+0x128/0x260
[ 1776.916965][T28976]  ? find_held_lock+0x2b/0x80
[ 1776.916990][T28976]  do_anonymous_page+0x13cc/0x1fb0
[ 1776.917027][T28976]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1776.917066][T28976]  ? _raw_spin_unlock+0x28/0x50
[ 1776.917097][T28976]  ? __pmd_alloc+0x3fb/0x950
[ 1776.917129][T28976]  __handle_mm_fault+0x1d42/0x2b60
[ 1776.917169][T28976]  ? mt_find+0x45e/0x8e0
[ 1776.917216][T28976]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1776.917250][T28976]  ? __pfx_mt_find+0x10/0x10
[ 1776.917312][T28976]  handle_mm_fault+0x36d/0xa20
[ 1776.917354][T28976]  __get_user_pages+0xf9c/0x34d0
[ 1776.917394][T28976]  ? __pfx___get_user_pages+0x10/0x10
[ 1776.917431][T28976]  populate_vma_page_range+0x267/0x3f0
[ 1776.917465][T28976]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1776.917495][T28976]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1776.917524][T28976]  ? do_mmap+0x93f/0x12f0
[ 1776.917556][T28976]  __mm_populate+0x107/0x3a0
[ 1776.917587][T28976]  ? __pfx___mm_populate+0x10/0x10
[ 1776.917620][T28976]  ? up_write+0x290/0x4f0
[ 1776.917660][T28976]  vm_mmap_pgoff+0x37f/0x470
[ 1776.917695][T28976]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1776.917737][T28976]  ? do_futex+0x192/0x350
[ 1776.917771][T28976]  ? __pfx_do_futex+0x10/0x10
[ 1776.917810][T28976]  ksys_mmap_pgoff+0xe1/0x650
[ 1776.917837][T28976]  ? __x64_sys_futex+0x34f/0x4d0
[ 1776.917870][T28976]  ? __x64_sys_futex+0x358/0x4d0
[ 1776.917904][T28976]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1776.917933][T28976]  ? xfd_validate_state+0x129/0x190
[ 1776.917975][T28976]  __x64_sys_mmap+0x125/0x190
[ 1776.918017][T28976]  do_syscall_64+0x106/0xf80
[ 1776.918052][T28976]  ? clear_bhb_loop+0x40/0x90
[ 1776.918089][T28976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1776.918115][T28976] RIP: 0033:0x7fb72e19c799
[ 1776.918138][T28976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1776.918163][T28976] RSP: 002b:00007fb72ef8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1776.918193][T28976] RAX: ffffffffffffffda RBX: 00007fb72e415fa0 RCX: 00007fb72e19c799
[ 1776.918210][T28976] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[ 1776.918227][T28976] RBP: 00007fb72e232c99 R08: ffffffffffffffff R09: 0000000000008000
[ 1776.918243][T28976] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[ 1776.918259][T28976] R13: 00007fb72e416038 R14: 00007fb72e415fa0 R15: 00007ffc63f5bd18
[ 1776.918292][T28976]  </TASK>
[ 1778.543620][T28986] FAULT_INJECTION: forcing a failure.
[ 1778.543620][T28986] name failslab, interval 1, probability 0, space 0, times 0
[ 1778.581339][T28986] CPU: 0 UID: 0 PID: 28986 Comm: syz.6.5156 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1778.581381][T28986] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1778.581392][T28986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1778.581407][T28986] Call Trace:
[ 1778.581416][T28986]  <TASK>
[ 1778.581425][T28986]  dump_stack_lvl+0x100/0x190
[ 1778.581469][T28986]  should_fail_ex.cold+0x5/0xa
[ 1778.581498][T28986]  should_failslab+0xc2/0x120
[ 1778.581526][T28986]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1778.581563][T28986]  ? __pmd_alloc+0xbf/0x950
[ 1778.581596][T28986]  __pmd_alloc+0xbf/0x950
[ 1778.581626][T28986]  __handle_mm_fault+0xa99/0x2b60
[ 1778.581664][T28986]  ? mt_find+0x45e/0x8e0
[ 1778.581703][T28986]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1778.581734][T28986]  ? __pfx_mt_find+0x10/0x10
[ 1778.581785][T28986]  ? find_vma+0xbf/0x140
[ 1778.581808][T28986]  ? __pfx_find_vma+0x10/0x10
[ 1778.581833][T28986]  handle_mm_fault+0x36d/0xa20
[ 1778.581872][T28986]  do_user_addr_fault+0x74c/0x12f0
[ 1778.581921][T28986]  exc_page_fault+0x6f/0xd0
[ 1778.581955][T28986]  asm_exc_page_fault+0x26/0x30
[ 1778.581980][T28986] RIP: 0010:rep_movs_alternative+0xf/0x90
[ 1778.582007][T28986] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66
[ 1778.582030][T28986] RSP: 0018:ffffc90003aa7d30 EFLAGS: 00050202
[ 1778.582049][T28986] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004
[ 1778.582065][T28986] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003aa7da0
[ 1778.582080][T28986] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000754fb4
[ 1778.582095][T28986] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[ 1778.582109][T28986] R13: ffffc90003aa7da0 R14: 0000000000000000 R15: 0000000000000000
[ 1778.582138][T28986]  _copy_from_user+0x98/0xd0
[ 1778.582169][T28986]  do_sock_getsockopt+0x30b/0x3d0
[ 1778.582199][T28986]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1778.582225][T28986]  ? 0xffffffffff600000
[ 1778.582260][T28986]  __sys_getsockopt+0x133/0x1d0
[ 1778.582294][T28986]  ? 0xffffffffff600000
[ 1778.582312][T28986]  ? __pfx_ksys_write+0x10/0x10
[ 1778.582339][T28986]  ? __x64_sys_getsockopt+0xbd/0x160
[ 1778.582371][T28986]  __x64_sys_getsockopt+0xbd/0x160
[ 1778.582403][T28986]  ? do_syscall_64+0x95/0xf80
[ 1778.582436][T28986]  ? lockdep_hardirqs_on+0x78/0x100
[ 1778.582469][T28986]  do_syscall_64+0x106/0xf80
[ 1778.582502][T28986]  ? clear_bhb_loop+0x40/0x90
[ 1778.582531][T28986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1778.582556][T28986] RIP: 0033:0x7fb72e19c799
[ 1778.582574][T28986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1778.582597][T28986] RSP: 002b:00007fb72ef8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1778.582618][T28986] RAX: ffffffffffffffda RBX: 00007fb72e415fa0 RCX: 00007fb72e19c799
[ 1778.582634][T28986] RDX: 0000000000002720 RSI: 0000000000000114 RDI: 0000000000000003
[ 1778.582648][T28986] RBP: 00007fb72ef8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1778.582663][T28986] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001
[ 1778.582678][T28986] R13: 00007fb72e416038 R14: 00007fb72e415fa0 R15: 00007ffc63f5bd18
[ 1778.582698][T28986]  ? 0xffffffffff600000
[ 1778.582724][T28986]  </TASK>
[ 1781.332604][T29034] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5167'.
[ 1782.622637][T29054] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5175'.
[ 1782.694409][T29054] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5175'.
[ 1784.052396][T29090] netlink: 29 bytes leftover after parsing attributes in process `syz.1.5184'.
[ 1784.404445][T29099] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5186'.
[ 1784.449462][T29101] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5188'.
[ 1784.504507][T29101] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5188'.
[ 1785.414365][T29123] FAULT_INJECTION: forcing a failure.
[ 1785.414365][T29123] name failslab, interval 1, probability 0, space 0, times 0
[ 1785.486152][T29123] CPU: 0 UID: 0 PID: 29123 Comm: syz.6.5195 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1785.486193][T29123] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1785.486203][T29123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1785.486219][T29123] Call Trace:
[ 1785.486227][T29123]  <TASK>
[ 1785.486236][T29123]  dump_stack_lvl+0x100/0x190
[ 1785.486277][T29123]  should_fail_ex.cold+0x5/0xa
[ 1785.486304][T29123]  should_failslab+0xc2/0x120
[ 1785.486330][T29123]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1785.486363][T29123]  ? __vb2_init_fileio+0x18f/0x1000
[ 1785.486468][T29123]  ? trace_contention_end+0x140/0x180
[ 1785.486507][T29123]  __vb2_init_fileio+0x18f/0x1000
[ 1785.486533][T29123]  ? vb2_fop_read+0xe5/0x520
[ 1785.486554][T29123]  ? aa_file_perm+0x7f3/0x14d0
[ 1785.486597][T29123]  __vb2_perform_fileio+0x91e/0x1380
[ 1785.486631][T29123]  ? __pfx___vb2_perform_fileio+0x10/0x10
[ 1785.486658][T29123]  ? __pfx___might_resched+0x10/0x10
[ 1785.486709][T29123]  vb2_fop_read+0x211/0x520
[ 1785.486737][T29123]  v4l2_read+0x229/0x2c0
[ 1785.486814][T29123]  ? __pfx_v4l2_read+0x10/0x10
[ 1785.486852][T29123]  vfs_read+0x1e4/0xb30
[ 1785.486894][T29123]  ? __pfx_vfs_read+0x10/0x10
[ 1785.486930][T29123]  ? find_held_lock+0x2b/0x80
[ 1785.486952][T29123]  ? __fget_files+0x215/0x3d0
[ 1785.486974][T29123]  ? __fget_files+0x215/0x3d0
[ 1785.487001][T29123]  ? __fget_files+0x21f/0x3d0
[ 1785.487031][T29123]  ksys_read+0x12a/0x250
[ 1785.487053][T29123]  ? __pfx_ksys_read+0x10/0x10
[ 1785.487083][T29123]  do_syscall_64+0x106/0xf80
[ 1785.487116][T29123]  ? clear_bhb_loop+0x40/0x90
[ 1785.487146][T29123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1785.487171][T29123] RIP: 0033:0x7fb72e19c799
[ 1785.487191][T29123] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1785.487214][T29123] RSP: 002b:00007fb72ef8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1785.487237][T29123] RAX: ffffffffffffffda RBX: 00007fb72e415fa0 RCX: 00007fb72e19c799
[ 1785.487254][T29123] RDX: 0000000000000085 RSI: 0000200000000000 RDI: 0000000000000003
[ 1785.487268][T29123] RBP: 00007fb72ef8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1785.487283][T29123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1785.487298][T29123] R13: 00007fb72e416038 R14: 00007fb72e415fa0 R15: 00007ffc63f5bd18
[ 1785.487328][T29123]  </TASK>
[ 1786.367252][T29142] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5199'.
[ 1786.390434][T29142] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5199'.
[ 1788.413906][T29165] sd 0:0:1:0: PR command failed: 1026
[ 1788.501308][T29165] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1788.585148][T29165] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1792.160663][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.167144][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.773767][T29236] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5220'.
[ 1792.970032][T28205] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4889 with max blocks 1 with error 117
[ 1793.064856][T28205] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1793.064856][T28205] 
[ 1793.111028][T29239] FAULT_INJECTION: forcing a failure.
[ 1793.111028][T29239] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1793.203873][T29239] CPU: 0 UID: 0 PID: 29239 Comm: syz.5.5221 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1793.203919][T29239] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1793.203930][T29239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1793.203946][T29239] Call Trace:
[ 1793.203954][T29239]  <TASK>
[ 1793.203965][T29239]  dump_stack_lvl+0x100/0x190
[ 1793.204010][T29239]  should_fail_ex.cold+0x5/0xa
[ 1793.204039][T29239]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1793.204071][T29239]  should_fail_alloc_page+0xeb/0x140
[ 1793.204105][T29239]  prepare_alloc_pages+0x1f0/0x5f0
[ 1793.204134][T29239]  ? __lock_acquire+0x4a5/0x2630
[ 1793.204171][T29239]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1793.204218][T29239]  ? lock_acquire+0x1cf/0x380
[ 1793.204250][T29239]  ? find_held_lock+0x2b/0x80
[ 1793.204273][T29239]  ? page_table_check_set+0x49a/0xa10
[ 1793.204297][T29239]  ? page_table_check_set+0x49a/0xa10
[ 1793.204324][T29239]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1793.204372][T29239]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1793.204397][T29239]  ? xas_move_index+0xae/0x110
[ 1793.204434][T29239]  ? xas_find+0x32c/0x8e0
[ 1793.204475][T29239]  ? find_held_lock+0x2b/0x80
[ 1793.204497][T29239]  ? find_held_lock+0x2b/0x80
[ 1793.204520][T29239]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1793.204567][T29239]  ? policy_nodemask+0xed/0x4f0
[ 1793.204596][T29239]  alloc_pages_mpol+0x1fb/0x550
[ 1793.204624][T29239]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1793.204659][T29239]  folio_alloc_mpol_noprof+0x36/0x340
[ 1793.204692][T29239]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1793.204724][T29239]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1793.204765][T29239]  do_anonymous_page+0xb3a/0x1fb0
[ 1793.204810][T29239]  __handle_mm_fault+0x1d42/0x2b60
[ 1793.204851][T29239]  ? reacquire_held_locks+0xce/0x1e0
[ 1793.204886][T29239]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1793.204926][T29239]  ? lock_vma_under_rcu+0x17c/0x590
[ 1793.204977][T29239]  handle_mm_fault+0x36d/0xa20
[ 1793.205035][T29239]  do_user_addr_fault+0x5a3/0x12f0
[ 1793.205091][T29239]  exc_page_fault+0x6f/0xd0
[ 1793.205128][T29239]  asm_exc_page_fault+0x26/0x30
[ 1793.205154][T29239] RIP: 0033:0x7f9a6165df4b
[ 1793.205176][T29239] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1793.205201][T29239] RSP: 002b:00007f9a62576fa0 EFLAGS: 00010206
[ 1793.205221][T29239] RAX: 0000000000000000 RBX: 00007f9a61a15fa0 RCX: 0000000000000000
[ 1793.205238][T29239] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[ 1793.205254][T29239] RBP: 00007f9a61832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1793.205270][T29239] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1793.205286][T29239] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1793.205319][T29239]  </TASK>
[ 1793.205544][T29239] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1793.937696][T29245] CIFS: VFS: Invalid SecurityFlags: 
[ 1795.928718][T29280] binder: 29277:29280 unknown command 1869768547
[ 1795.959156][T29280] binder: 29277:29280 ioctl c0306201 0 returned -22
[ 1796.363972][T29287] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5234'.
[ 1796.384574][T29289] FAULT_INJECTION: forcing a failure.
[ 1796.384574][T29289] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1796.438498][T29289] CPU: 0 UID: 0 PID: 29289 Comm: syz.1.5235 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1796.438547][T29289] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1796.438558][T29289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1796.438574][T29289] Call Trace:
[ 1796.438583][T29289]  <TASK>
[ 1796.438593][T29289]  dump_stack_lvl+0x100/0x190
[ 1796.438636][T29289]  should_fail_ex.cold+0x5/0xa
[ 1796.438662][T29289]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1796.438694][T29289]  should_fail_alloc_page+0xeb/0x140
[ 1796.438723][T29289]  prepare_alloc_pages+0x1f0/0x5f0
[ 1796.438753][T29289]  ? __lock_acquire+0x4a5/0x2630
[ 1796.438788][T29289]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1796.438843][T29289]  ? lock_acquire+0x1cf/0x380
[ 1796.438877][T29289]  ? find_held_lock+0x2b/0x80
[ 1796.438900][T29289]  ? page_table_check_set+0x49a/0xa10
[ 1796.438925][T29289]  ? page_table_check_set+0x49a/0xa10
[ 1796.438952][T29289]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1796.439001][T29289]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1796.439027][T29289]  ? xas_move_index+0xae/0x110
[ 1796.439064][T29289]  ? xas_find+0x32c/0x8e0
[ 1796.439106][T29289]  ? find_held_lock+0x2b/0x80
[ 1796.439128][T29289]  ? find_held_lock+0x2b/0x80
[ 1796.439151][T29289]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1796.439196][T29289]  ? policy_nodemask+0xed/0x4f0
[ 1796.439225][T29289]  alloc_pages_mpol+0x1fb/0x550
[ 1796.439253][T29289]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1796.439288][T29289]  folio_alloc_mpol_noprof+0x36/0x340
[ 1796.439322][T29289]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1796.439354][T29289]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1796.439395][T29289]  do_anonymous_page+0xb3a/0x1fb0
[ 1796.439440][T29289]  __handle_mm_fault+0x1d42/0x2b60
[ 1796.439481][T29289]  ? reacquire_held_locks+0xce/0x1e0
[ 1796.439515][T29289]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1796.439556][T29289]  ? lock_vma_under_rcu+0x17c/0x590
[ 1796.439608][T29289]  handle_mm_fault+0x36d/0xa20
[ 1796.439649][T29289]  do_user_addr_fault+0x5a3/0x12f0
[ 1796.439700][T29289]  exc_page_fault+0x6f/0xd0
[ 1796.439735][T29289]  asm_exc_page_fault+0x26/0x30
[ 1796.439761][T29289] RIP: 0033:0x7fafa7a5df4b
[ 1796.439782][T29289] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1796.439808][T29289] RSP: 002b:00007fafa8b33fa0 EFLAGS: 00010206
[ 1796.439834][T29289] RAX: 0000000000000000 RBX: 00007fafa7e15fa0 RCX: 0000000000000000
[ 1796.439851][T29289] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[ 1796.439867][T29289] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1796.439884][T29289] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1796.439900][T29289] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1796.439932][T29289]  </TASK>
[ 1796.997498][T28212] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4891 with max blocks 1 with error 117
[ 1797.021306][T29289] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1797.041429][T28212] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1797.041429][T28212] 
[ 1797.191385][T28212] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4894 with max blocks 7 with error 117
[ 1797.298030][T28212] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1797.298030][T28212] 
[ 1797.969632][T29306] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5239'.
[ 1798.087728][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1798.448815][T29315] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5241'.
[ 1798.512502][T29317] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5242'.
[ 1798.577809][T29315] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5241'.
[ 1799.360929][T29332] FAULT_INJECTION: forcing a failure.
[ 1799.360929][T29332] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1799.435893][T29332] CPU: 0 UID: 0 PID: 29332 Comm: syz.1.5245 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1799.435938][T29332] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1799.435949][T29332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1799.435965][T29332] Call Trace:
[ 1799.435974][T29332]  <TASK>
[ 1799.435984][T29332]  dump_stack_lvl+0x100/0x190
[ 1799.436034][T29332]  should_fail_ex.cold+0x5/0xa
[ 1799.436059][T29332]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1799.436092][T29332]  should_fail_alloc_page+0xeb/0x140
[ 1799.436121][T29332]  prepare_alloc_pages+0x1f0/0x5f0
[ 1799.436150][T29332]  ? __lock_acquire+0x4a5/0x2630
[ 1799.436186][T29332]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1799.436233][T29332]  ? lock_acquire+0x1cf/0x380
[ 1799.436265][T29332]  ? find_held_lock+0x2b/0x80
[ 1799.436288][T29332]  ? page_table_check_set+0x49a/0xa10
[ 1799.436313][T29332]  ? page_table_check_set+0x49a/0xa10
[ 1799.436340][T29332]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1799.436388][T29332]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1799.436413][T29332]  ? xas_move_index+0xae/0x110
[ 1799.436451][T29332]  ? xas_find+0x32c/0x8e0
[ 1799.436492][T29332]  ? find_held_lock+0x2b/0x80
[ 1799.436515][T29332]  ? find_held_lock+0x2b/0x80
[ 1799.436537][T29332]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1799.436583][T29332]  ? policy_nodemask+0xed/0x4f0
[ 1799.436612][T29332]  alloc_pages_mpol+0x1fb/0x550
[ 1799.436640][T29332]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1799.436683][T29332]  folio_alloc_mpol_noprof+0x36/0x340
[ 1799.436717][T29332]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1799.436750][T29332]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1799.436790][T29332]  do_anonymous_page+0xb3a/0x1fb0
[ 1799.436836][T29332]  __handle_mm_fault+0x1d42/0x2b60
[ 1799.436877][T29332]  ? reacquire_held_locks+0xce/0x1e0
[ 1799.436912][T29332]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1799.436952][T29332]  ? lock_vma_under_rcu+0x17c/0x590
[ 1799.437004][T29332]  handle_mm_fault+0x36d/0xa20
[ 1799.437051][T29332]  do_user_addr_fault+0x5a3/0x12f0
[ 1799.437102][T29332]  exc_page_fault+0x6f/0xd0
[ 1799.437138][T29332]  asm_exc_page_fault+0x26/0x30
[ 1799.437164][T29332] RIP: 0033:0x7fafa7a5df4b
[ 1799.437185][T29332] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1799.437211][T29332] RSP: 002b:00007fafa8b33fa0 EFLAGS: 00010206
[ 1799.437232][T29332] RAX: 0000000000000000 RBX: 00007fafa7e15fa0 RCX: 0000000000000000
[ 1799.437248][T29332] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[ 1799.437264][T29332] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1799.437280][T29332] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1799.437296][T29332] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1799.437328][T29332]  </TASK>
[ 1799.437347][T29332] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1800.291610][T29348] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5248'.
[ 1800.331127][T29348] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5248'.
[ 1801.434981][T28205] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4902 with max blocks 1 with error 117
[ 1801.513852][T28205] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1801.513852][T28205] 
[ 1801.807578][T29372] bond0: invalid ARP target specified
[ 1802.712513][T29391] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5257'.
[ 1802.767227][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1803.413567][T29402] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5259'.
[ 1803.498965][T29402] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5259'.
[ 1804.024733][T29412] FAULT_INJECTION: forcing a failure.
[ 1804.024733][T29412] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1804.114980][T29412] CPU: 0 UID: 0 PID: 29412 Comm: syz.5.5262 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1804.115024][T29412] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1804.115035][T29412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1804.115051][T29412] Call Trace:
[ 1804.115060][T29412]  <TASK>
[ 1804.115070][T29412]  dump_stack_lvl+0x100/0x190
[ 1804.115112][T29412]  should_fail_ex.cold+0x5/0xa
[ 1804.115137][T29412]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1804.115169][T29412]  should_fail_alloc_page+0xeb/0x140
[ 1804.115208][T29412]  prepare_alloc_pages+0x1f0/0x5f0
[ 1804.115238][T29412]  ? __lock_acquire+0x4a5/0x2630
[ 1804.115284][T29412]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1804.115331][T29412]  ? lock_acquire+0x1cf/0x380
[ 1804.115365][T29412]  ? find_held_lock+0x2b/0x80
[ 1804.115388][T29412]  ? page_table_check_set+0x49a/0xa10
[ 1804.115413][T29412]  ? page_table_check_set+0x49a/0xa10
[ 1804.115440][T29412]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1804.115488][T29412]  ? __page_table_check_ptes_set+0x1b5/0x4e0
[ 1804.115513][T29412]  ? xas_move_index+0xae/0x110
[ 1804.115551][T29412]  ? xas_find+0x32c/0x8e0
[ 1804.115592][T29412]  ? find_held_lock+0x2b/0x80
[ 1804.115615][T29412]  ? find_held_lock+0x2b/0x80
[ 1804.115638][T29412]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1804.115684][T29412]  ? policy_nodemask+0xed/0x4f0
[ 1804.115713][T29412]  alloc_pages_mpol+0x1fb/0x550
[ 1804.115742][T29412]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1804.115777][T29412]  folio_alloc_mpol_noprof+0x36/0x340
[ 1804.115812][T29412]  vma_alloc_folio_noprof+0xed/0x1d0
[ 1804.115844][T29412]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1804.115884][T29412]  do_anonymous_page+0xb3a/0x1fb0
[ 1804.115932][T29412]  __handle_mm_fault+0x1d42/0x2b60
[ 1804.115973][T29412]  ? reacquire_held_locks+0xce/0x1e0
[ 1804.116006][T29412]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1804.116046][T29412]  ? lock_vma_under_rcu+0x17c/0x590
[ 1804.116098][T29412]  handle_mm_fault+0x36d/0xa20
[ 1804.116139][T29412]  do_user_addr_fault+0x5a3/0x12f0
[ 1804.116189][T29412]  exc_page_fault+0x6f/0xd0
[ 1804.116226][T29412]  asm_exc_page_fault+0x26/0x30
[ 1804.116260][T29412] RIP: 0033:0x7f9a6165df4b
[ 1804.116283][T29412] Code: 00 00 00 48 8d 3d 3d a7 1a 00 48 89 c1 31 c0 e8 9b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 71 a7 1a 00 48 89 34 24 48 8b 14 24 48 8b
[ 1804.116309][T29412] RSP: 002b:00007f9a62576fa0 EFLAGS: 00010206
[ 1804.116330][T29412] RAX: 0000000000000000 RBX: 00007f9a61a15fa0 RCX: 0000000000000000
[ 1804.116346][T29412] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000001140
[ 1804.116363][T29412] RBP: 00007f9a61832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1804.116379][T29412] R10: 0000200000001140 R11: 0000000000000000 R12: 0000000000000000
[ 1804.116394][T29412] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1804.116426][T29412]  </TASK>
[ 1804.116444][T29412] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 1805.365570][T29415] sd 0:0:1:0: PR command failed: 1026
[ 1805.371029][T29415] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1805.521643][T29415] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1805.584691][T29425] FAULT_INJECTION: forcing a failure.
[ 1805.584691][T29425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1805.642862][T29425] CPU: 0 UID: 0 PID: 29425 Comm: syz.1.5266 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1805.642905][T29425] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1805.642916][T29425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1805.642931][T29425] Call Trace:
[ 1805.642940][T29425]  <TASK>
[ 1805.642951][T29425]  dump_stack_lvl+0x100/0x190
[ 1805.642993][T29425]  should_fail_ex.cold+0x5/0xa
[ 1805.643021][T29425]  _copy_to_user+0x32/0xd0
[ 1805.643052][T29425]  simple_read_from_buffer+0xcb/0x170
[ 1805.643093][T29425]  proc_fail_nth_read+0x1af/0x230
[ 1805.643126][T29425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1805.643157][T29425]  ? rw_verify_area+0xce/0x6d0
[ 1805.643193][T29425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1805.643222][T29425]  vfs_read+0x1e4/0xb30
[ 1805.643273][T29425]  ? __pfx_vfs_read+0x10/0x10
[ 1805.643310][T29425]  ? __fget_files+0x215/0x3d0
[ 1805.643339][T29425]  ? __fget_files+0x21f/0x3d0
[ 1805.643369][T29425]  ksys_read+0x12a/0x250
[ 1805.643391][T29425]  ? __pfx_ksys_read+0x10/0x10
[ 1805.643411][T29425]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[ 1805.643443][T29425]  ? syscall_user_dispatch+0x76/0x130
[ 1805.643483][T29425]  do_syscall_64+0x106/0xf80
[ 1805.643517][T29425]  ? clear_bhb_loop+0x40/0x90
[ 1805.643546][T29425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1805.643571][T29425] RIP: 0033:0x7fafa7b5cfce
[ 1805.643591][T29425] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1805.643615][T29425] RSP: 002b:00007fafa8b34fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1805.643637][T29425] RAX: ffffffffffffffda RBX: 00007fafa8b356c0 RCX: 00007fafa7b5cfce
[ 1805.643653][T29425] RDX: 000000000000000f RSI: 00007fafa8b350a0 RDI: 0000000000000003
[ 1805.643668][T29425] RBP: 00007fafa8b35090 R08: 0000000000000000 R09: 0000000000000000
[ 1805.643683][T29425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1805.643697][T29425] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1805.643728][T29425]  </TASK>
[ 1806.642854][T29429] [U] ^\
[ 1806.883313][T29436] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5271'.
[ 1806.938326][T29436] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5271'.
[ 1807.407945][T29442] usbip-vudc usbip-vudc.0: gadget not bound
[ 1808.005519][T29442] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5273'.
[ 1808.900845][T29471] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5282'.
[ 1808.942012][T29471] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5282'.
[ 1810.215793][T29479] sd 0:0:1:0: PR command failed: 1026
[ 1810.318592][T29479] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1810.453357][T29479] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1811.611751][T29520] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5291'.
[ 1811.735378][T29521] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5291'.
[ 1812.357456][T29533] netlink: 29 bytes leftover after parsing attributes in process `syz.5.5293'.
[ 1812.442315][T28214] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[ 1814.270723][T29554] netlink: 'syz.6.5295': attribute type 11 has an invalid length.
[ 1814.582700][T29554] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5295'.
[ 1814.801000][T29554] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5295'.
[ 1815.102817][T29554] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1816.627170][T29600] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5303'.
[ 1816.703732][T29600] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5303'.
[ 1817.629500][T29620] netlink: 504 bytes leftover after parsing attributes in process `syz.4.5306'.
[ 1817.679971][T29620] block2mtd: device name too long
[ 1818.691395][T28217] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4908 with max blocks 1 with error 117
[ 1818.782724][T28217] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1818.782724][T28217] 
[ 1818.892307][T29601] sd 0:0:1:0: PR command failed: 1026
[ 1819.032071][T28217] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4913 with max blocks 1 with error 117
[ 1819.101277][T29601] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1819.108218][T29601] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1819.138746][T28217] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1819.138746][T28217] 
[ 1819.258448][T28217] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4915 with max blocks 2 with error 117
[ 1819.361300][T28217] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1819.361300][T28217] 
[ 1819.720808][T28217] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4918 with max blocks 1 with error 117
[ 1819.815922][T28217] EXT4-fs (sda1): This should not happen!! Data will be lost
[ 1819.815922][T28217] 
[ 1820.466911][T29665] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5313'.
[ 1820.588957][T29670] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5313'.
[ 1822.608123][T29709] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5324'.
[ 1822.682309][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1823.209621][T29716] raw_sendmsg: syz.5.5325 forgot to set AF_INET. Fix it!
[ 1824.044399][T29728] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5327'.
[ 1824.095207][T29728] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5327'.
[ 1824.587482][T29720] sd 0:0:1:0: PR command failed: 1026
[ 1824.651287][T29720] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1824.772152][T29720] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1826.281903][T29762] rnbd_client L202: map_device: Unknown parameter or missing value '7'
[ 1826.677875][T29766] can: request_module (can-proto-0) failed.
[ 1826.744276][T29775] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5338'.
[ 1826.798105][T28214] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1828.128488][T29785] CIFS: VFS: Invalid SecurityFlags: 
[ 1828.302221][T29765] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1828.345217][T29765] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1828.411466][T29765] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1828.434405][T29765] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1828.551616][T28214] Bluetooth: hci2: command 0x0406 tx timeout
[ 1828.861880][T29792] netlink: 'syz.1.5341': attribute type 11 has an invalid length.
[ 1828.861923][T29792] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5341'.
[ 1828.861940][T29792] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5341'.
[ 1829.487689][T29806] FAULT_INJECTION: forcing a failure.
[ 1829.487689][T29806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1829.566593][T29806] CPU: 0 UID: 0 PID: 29806 Comm: syz.6.5346 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1829.566635][T29806] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1829.566646][T29806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1829.566660][T29806] Call Trace:
[ 1829.566669][T29806]  <TASK>
[ 1829.566678][T29806]  dump_stack_lvl+0x100/0x190
[ 1829.566719][T29806]  should_fail_ex.cold+0x5/0xa
[ 1829.566747][T29806]  _copy_from_user+0x2e/0xd0
[ 1829.566776][T29806]  copy_msghdr_from_user+0x9f/0x4f0
[ 1829.566805][T29806]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1829.566838][T29806]  ? __pfx__kstrtoull+0x10/0x10
[ 1829.566878][T29806]  ___sys_sendmsg+0x106/0x1e0
[ 1829.566907][T29806]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1829.566946][T29806]  ? find_held_lock+0x2b/0x80
[ 1829.566987][T29806]  __sys_sendmmsg+0x205/0x430
[ 1829.567045][T29806]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1829.567089][T29806]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1829.567138][T29806]  ? fput+0x79/0x100
[ 1829.567166][T29806]  ? ksys_write+0x1ac/0x250
[ 1829.567188][T29806]  ? __pfx_ksys_write+0x10/0x10
[ 1829.567215][T29806]  __x64_sys_sendmmsg+0x9c/0x100
[ 1829.567250][T29806]  ? lockdep_hardirqs_on+0x78/0x100
[ 1829.567284][T29806]  do_syscall_64+0x106/0xf80
[ 1829.567317][T29806]  ? clear_bhb_loop+0x40/0x90
[ 1829.567347][T29806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1829.567372][T29806] RIP: 0033:0x7fb72e19c799
[ 1829.567391][T29806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1829.567415][T29806] RSP: 002b:00007fb72ef8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1829.567438][T29806] RAX: ffffffffffffffda RBX: 00007fb72e415fa0 RCX: 00007fb72e19c799
[ 1829.567455][T29806] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 1829.567470][T29806] RBP: 00007fb72ef8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1829.567485][T29806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1829.567500][T29806] R13: 00007fb72e416038 R14: 00007fb72e415fa0 R15: 00007ffc63f5bd18
[ 1829.567533][T29806]  </TASK>
[ 1830.005022][T29808] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5347'.
[ 1830.022025][T29808] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5347'.
[ 1830.167942][T29812] netlink: 29 bytes leftover after parsing attributes in process `syz.6.5349'.
[ 1830.289096][T28214] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260
[ 1830.423455][T29825] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5350'.
[ 1830.501225][T28214] Bluetooth: hci4: command 0x0406 tx timeout
[ 1830.507360][T28214] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1830.514174][T28214] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1831.851909][T29838] netlink: 146 bytes leftover after parsing attributes in process `syz.5.5355'.
[ 1832.504326][T29786] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1832.712467][T29840] sd 0:0:1:0: PR command failed: 1026
[ 1832.771017][T29850] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5358'.
[ 1832.798562][T29840] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1832.822443][T29851] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5358'.
[ 1832.945608][T29840] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1834.079139][T29871] netlink: 29 bytes leftover after parsing attributes in process `syz.4.5362'.
[ 1834.174953][T28207] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260
[ 1835.020421][   T30] audit: type=1326 audit(4294967463.209:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29879 comm="syz.5.5365" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9a6179c799 code=0x0
[ 1835.080930][T28207] Bluetooth: hci4: unexpected subevent 0x04 length: 122 > 11
[ 1835.658141][T29901] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5369'.
[ 1835.711480][T29901] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5369'.
[ 1835.751112][T29894] GUP no longer grows the stack in syz.1.5368 (29894): 14000-41000 (4000)
[ 1835.903972][T29894] CPU: 0 UID: 0 PID: 29894 Comm: syz.1.5368 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1835.904024][T29894] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1835.904036][T29894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1835.904052][T29894] Call Trace:
[ 1835.904061][T29894]  <TASK>
[ 1835.904071][T29894]  dump_stack_lvl+0x100/0x190
[ 1835.904115][T29894]  gup_vma_lookup.cold+0x83/0x96
[ 1835.904154][T29894]  __get_user_pages+0x241/0x34d0
[ 1835.904192][T29894]  ? down_read_killable+0x30e/0x4c0
[ 1835.904216][T29894]  ? __lock_acquire+0x4a5/0x2630
[ 1835.904249][T29894]  ? __pfx___get_user_pages+0x10/0x10
[ 1835.904286][T29894]  __gup_longterm_locked+0x87d/0x16f0
[ 1835.904325][T29894]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1835.904357][T29894]  ? try_get_folio+0x262/0x750
[ 1835.904382][T29894]  ? find_held_lock+0x2b/0x80
[ 1835.904406][T29894]  ? sanity_check_pinned_pages+0x5f6/0x1250
[ 1835.904441][T29894]  gup_fast_fallback+0x18c6/0x2460
[ 1835.904491][T29894]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1835.904521][T29894]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1835.904549][T29894]  ? is_bpf_text_address+0x94/0x1a0
[ 1835.904592][T29894]  ? __kernel_text_address+0xd/0x30
[ 1835.904630][T29894]  ? unwind_get_return_address+0x59/0xa0
[ 1835.904662][T29894]  pin_user_pages_fast+0xa7/0xf0
[ 1835.904692][T29894]  ? __pfx_pin_user_pages_fast+0x10/0x10
[ 1835.904730][T29894]  iov_iter_extract_pages+0xa0d/0x1ef0
[ 1835.904768][T29894]  ? __blkdev_direct_IO_simple+0x112/0x890
[ 1835.904897][T29894]  ? kasan_save_stack+0x3f/0x50
[ 1835.904937][T29894]  ? kasan_save_stack+0x30/0x50
[ 1835.904976][T29894]  ? kasan_save_track+0x14/0x30
[ 1835.905022][T29894]  ? __pfx_iov_iter_extract_pages+0x10/0x10
[ 1835.905052][T29894]  ? blkdev_direct_IO+0xc76/0x1fb0
[ 1835.905087][T29894]  ? blkdev_write_iter+0x703/0xd70
[ 1835.905122][T29894]  ? vfs_write+0x6ac/0x1070
[ 1835.905148][T29894]  ? __lock_acquire+0x4a5/0x2630
[ 1835.905187][T29894]  iov_iter_extract_bvecs+0x10e/0xf40
[ 1835.905224][T29894]  ? find_held_lock+0x2b/0x80
[ 1835.905247][T29894]  ? bio_associate_blkg_from_css+0x394/0x13f0
[ 1835.905310][T29894]  ? __pfx_iov_iter_extract_bvecs+0x10/0x10
[ 1835.905343][T29894]  ? bio_associate_blkg_from_css+0x550/0x13f0
[ 1835.905386][T29894]  bio_iov_iter_get_pages+0x26a/0x970
[ 1835.905442][T29894]  __blkdev_direct_IO_simple+0x3a7/0x890
[ 1835.905486][T29894]  ? __pfx___blkdev_direct_IO_simple+0x10/0x10
[ 1835.905549][T29894]  ? ktime_get_coarse_real_ts64_mg+0x249/0x300
[ 1835.905582][T29894]  ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300
[ 1835.905622][T29894]  blkdev_direct_IO+0xc76/0x1fb0
[ 1835.905672][T29894]  ? __pfx_blkdev_direct_IO+0x10/0x10
[ 1835.905709][T29894]  ? rcu_is_watching+0x12/0xc0
[ 1835.905749][T29894]  ? __mark_inode_dirty+0x55c/0x1790
[ 1835.905786][T29894]  ? filemap_check_errors+0xa9/0x150
[ 1835.905823][T29894]  blkdev_write_iter+0x703/0xd70
[ 1835.905867][T29894]  vfs_write+0x6ac/0x1070
[ 1835.905891][T29894]  ? __pfx_blkdev_write_iter+0x10/0x10
[ 1835.905931][T29894]  ? __pfx_vfs_write+0x10/0x10
[ 1835.905952][T29894]  ? find_held_lock+0x2b/0x80
[ 1835.906000][T29894]  ksys_write+0x12a/0x250
[ 1835.906024][T29894]  ? __pfx_ksys_write+0x10/0x10
[ 1835.906056][T29894]  do_syscall_64+0x106/0xf80
[ 1835.906092][T29894]  ? clear_bhb_loop+0x40/0x90
[ 1835.906124][T29894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1835.906151][T29894] RIP: 0033:0x7fafa7b9c799
[ 1835.906172][T29894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1835.906198][T29894] RSP: 002b:00007fafa8b14028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1835.906223][T29894] RAX: ffffffffffffffda RBX: 00007fafa7e16090 RCX: 00007fafa7b9c799
[ 1835.906241][T29894] RDX: 000000000010007c RSI: 0000000000000000 RDI: 0000000000000009
[ 1835.906257][T29894] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1835.906272][T29894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1835.906289][T29894] R13: 00007fafa7e16128 R14: 00007fafa7e16090 R15: 00007fffc3559468
[ 1835.906321][T29894]  </TASK>
[ 1837.854026][T29925] FAULT_INJECTION: forcing a failure.
[ 1837.854026][T29925] name failslab, interval 1, probability 0, space 0, times 0
[ 1837.887871][T29925] CPU: 0 UID: 0 PID: 29925 Comm: syz.5.5377 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1837.887915][T29925] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1837.887927][T29925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1837.887952][T29925] Call Trace:
[ 1837.887961][T29925]  <TASK>
[ 1837.887971][T29925]  dump_stack_lvl+0x100/0x190
[ 1837.888015][T29925]  should_fail_ex.cold+0x5/0xa
[ 1837.888044][T29925]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1837.888079][T29925]  should_failslab+0xc2/0x120
[ 1837.888106][T29925]  __kmalloc_noprof+0xe0/0x850
[ 1837.888152][T29925]  tomoyo_realpath_from_path+0xb6/0x690
[ 1837.888194][T29925]  tomoyo_check_open_permission+0x2af/0x3c0
[ 1837.888224][T29925]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1837.888253][T29925]  ? acct_on+0x189/0x9e0
[ 1837.888290][T29925]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.888342][T29925]  ? do_raw_spin_lock+0x128/0x260
[ 1837.888383][T29925]  ? path_get+0x61/0x80
[ 1837.888414][T29925]  tomoyo_file_open+0x6b/0x90
[ 1837.888454][T29925]  security_file_open+0xb5/0x1e0
[ 1837.888486][T29925]  do_dentry_open+0x5aa/0x1660
[ 1837.888515][T29925]  ? lockdep_init_map_type+0x5c/0x250
[ 1837.888554][T29925]  vfs_open+0x82/0x3f0
[ 1837.888589][T29925]  dentry_open+0x71/0xd0
[ 1837.888621][T29925]  acct_on+0x189/0x9e0
[ 1837.888663][T29925]  ? __pfx_acct_on+0x10/0x10
[ 1837.888702][T29925]  ? bpf_lsm_capable+0x9/0x10
[ 1837.888728][T29925]  ? security_capable+0x80/0x260
[ 1837.888772][T29925]  __x64_sys_acct+0x81/0x1e0
[ 1837.888809][T29925]  ? lockdep_hardirqs_on+0x78/0x100
[ 1837.888847][T29925]  do_syscall_64+0x106/0xf80
[ 1837.888882][T29925]  ? clear_bhb_loop+0x40/0x90
[ 1837.888913][T29925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.888940][T29925] RIP: 0033:0x7f9a6179c799
[ 1837.888966][T29925] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1837.888991][T29925] RSP: 002b:00007f9a62578028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[ 1837.889016][T29925] RAX: ffffffffffffffda RBX: 00007f9a61a15fa0 RCX: 00007f9a6179c799
[ 1837.889033][T29925] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[ 1837.889048][T29925] RBP: 00007f9a61832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1837.889064][T29925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1837.889080][T29925] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1837.889112][T29925]  </TASK>
[ 1837.889123][T29925] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1838.212103][T29930] netlink: 29 bytes leftover after parsing attributes in process `syz.1.5378'.
[ 1838.320138][T28207] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260
[ 1838.590072][T29939] netlink: 146 bytes leftover after parsing attributes in process `syz.6.5380'.
[ 1838.863494][T29942] warning: `syz.5.5377' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1840.026117][T29950] sd 0:0:1:0: PR command failed: 1026
[ 1840.062481][T29950] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1840.179652][T29950] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1840.555836][T29969] CIFS: VFS: Invalid SecurityFlags: 
[ 1841.560350][T29981] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5391'.
[ 1841.622887][T29981] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5391'.
[ 1842.282907][T29999] netlink: 29 bytes leftover after parsing attributes in process `syz.6.5396'.
[ 1842.343216][T28207] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260
[ 1843.928277][T30032] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5404'.
[ 1844.019794][T30032] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5404'.
[ 1846.732667][T30052] FAULT_INJECTION: forcing a failure.
[ 1846.732667][T30052] name failslab, interval 1, probability 0, space 0, times 0
[ 1846.773456][T30052] CPU: 0 UID: 0 PID: 30052 Comm: syz.4.5408 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1846.773499][T30052] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1846.773512][T30052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1846.773527][T30052] Call Trace:
[ 1846.773536][T30052]  <TASK>
[ 1846.773546][T30052]  dump_stack_lvl+0x100/0x190
[ 1846.773589][T30052]  should_fail_ex.cold+0x5/0xa
[ 1846.773618][T30052]  should_failslab+0xc2/0x120
[ 1846.773645][T30052]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1846.773685][T30052]  ? alloc_inode+0x183/0x250
[ 1846.773728][T30052]  ? find_inode_fast+0x1fa/0x910
[ 1846.773768][T30052]  alloc_inode+0x183/0x250
[ 1846.773802][T30052]  iget_locked+0x1d9/0x6d0
[ 1846.773844][T30052]  ? __pfx_iget_locked+0x10/0x10
[ 1846.773877][T30052]  ? kernfs_root+0xee/0x2a0
[ 1846.773914][T30052]  ? kernfs_root+0xee/0x2a0
[ 1846.773955][T30052]  kernfs_get_inode+0x46/0x470
[ 1846.773993][T30052]  kernfs_iop_lookup+0x1a7/0x2d0
[ 1846.774033][T30052]  __lookup_slow+0x251/0x460
[ 1846.774068][T30052]  ? __pfx___lookup_slow+0x10/0x10
[ 1846.774117][T30052]  ? __d_lookup+0x266/0x4a0
[ 1846.774160][T30052]  lookup_slow+0x50/0x70
[ 1846.774194][T30052]  link_path_walk+0x1377/0x1cc0
[ 1846.774243][T30052]  path_openat+0x1be/0x31a0
[ 1846.774268][T30052]  ? kasan_save_stack+0x3f/0x50
[ 1846.774312][T30052]  ? kasan_save_stack+0x30/0x50
[ 1846.774351][T30052]  ? kasan_save_track+0x14/0x30
[ 1846.774390][T30052]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[ 1846.774437][T30052]  ? __pfx_path_openat+0x10/0x10
[ 1846.774475][T30052]  do_file_open+0x20e/0x430
[ 1846.774504][T30052]  ? __pfx_do_file_open+0x10/0x10
[ 1846.774552][T30052]  ? alloc_fd+0x476/0x790
[ 1846.774580][T30052]  ? do_getname+0x191/0x390
[ 1846.774615][T30052]  do_sys_openat2+0x10d/0x1e0
[ 1846.774648][T30052]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1846.774694][T30052]  __x64_sys_openat+0x12d/0x210
[ 1846.774729][T30052]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1846.774775][T30052]  do_syscall_64+0x106/0xf80
[ 1846.774811][T30052]  ? clear_bhb_loop+0x40/0x90
[ 1846.774842][T30052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1846.774868][T30052] RIP: 0033:0x7f59d119c799
[ 1846.774889][T30052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1846.774914][T30052] RSP: 002b:00007f59d20ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1846.774938][T30052] RAX: ffffffffffffffda RBX: 00007f59d1416090 RCX: 00007f59d119c799
[ 1846.774955][T30052] RDX: 00000000001a1842 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1846.774971][T30052] RBP: 00007f59d1232c99 R08: 0000000000000000 R09: 0000000000000000
[ 1846.774987][T30052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1846.775003][T30052] R13: 00007f59d1416128 R14: 00007f59d1416090 R15: 00007ffe464a6988
[ 1846.775035][T30052]  </TASK>
[ 1847.395116][T30057] netlink: 'syz.6.5409': attribute type 11 has an invalid length.
[ 1847.413495][T30057] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5409'.
[ 1847.432776][T30057] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5409'.
[ 1847.864849][T30053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1848.614578][T30072] netlink: 29 bytes leftover after parsing attributes in process `syz.6.5412'.
[ 1848.663465][T28207] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260
[ 1848.707308][T30077] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5414'.
[ 1848.787410][T30077] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5414'.
[ 1851.394487][T30118] netlink: 146 bytes leftover after parsing attributes in process `syz.5.5422'.
[ 1852.180016][T30127] FAULT_INJECTION: forcing a failure.
[ 1852.180016][T30127] name failslab, interval 1, probability 0, space 0, times 0
[ 1852.252094][T30127] CPU: 0 UID: 0 PID: 30127 Comm: syz.5.5425 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1852.252143][T30127] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1852.252155][T30127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1852.252172][T30127] Call Trace:
[ 1852.252183][T30127]  <TASK>
[ 1852.252194][T30127]  dump_stack_lvl+0x100/0x190
[ 1852.252241][T30127]  should_fail_ex.cold+0x5/0xa
[ 1852.252276][T30127]  should_failslab+0xc2/0x120
[ 1852.252306][T30127]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1852.252351][T30127]  ? __alloc_skb+0x140/0x710
[ 1852.252390][T30127]  __alloc_skb+0x140/0x710
[ 1852.252420][T30127]  ? __alloc_skb+0x5b7/0x710
[ 1852.252451][T30127]  ? __pfx___alloc_skb+0x10/0x10
[ 1852.252483][T30127]  ? __pfx___might_resched+0x10/0x10
[ 1852.252519][T30127]  ? __lock_acquire+0x4a5/0x2630
[ 1852.252555][T30127]  netlink_alloc_large_skb+0x69/0x150
[ 1852.252597][T30127]  netlink_sendmsg+0x680/0xda0
[ 1852.252639][T30127]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.252676][T30127]  ? __import_iovec+0x1d2/0x640
[ 1852.252709][T30127]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1852.252752][T30127]  ____sys_sendmsg+0x9e1/0xb70
[ 1852.252776][T30127]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1852.252816][T30127]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1852.252844][T30127]  ? rcu_is_watching+0x12/0xc0
[ 1852.252887][T30127]  ? ___sys_sendmsg+0x19d/0x1e0
[ 1852.252912][T30127]  ? kfree+0x2ec/0x6b0
[ 1852.252946][T30127]  ___sys_sendmsg+0x190/0x1e0
[ 1852.252975][T30127]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1852.253027][T30127]  ? __pfx___might_resched+0x10/0x10
[ 1852.253068][T30127]  __sys_sendmmsg+0x205/0x430
[ 1852.253106][T30127]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1852.253154][T30127]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1852.253203][T30127]  ? fput+0x79/0x100
[ 1852.253231][T30127]  ? ksys_write+0x1ac/0x250
[ 1852.253252][T30127]  ? __pfx_ksys_write+0x10/0x10
[ 1852.253280][T30127]  __x64_sys_sendmmsg+0x9c/0x100
[ 1852.253313][T30127]  ? lockdep_hardirqs_on+0x78/0x100
[ 1852.253347][T30127]  do_syscall_64+0x106/0xf80
[ 1852.253380][T30127]  ? clear_bhb_loop+0x40/0x90
[ 1852.253409][T30127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1852.253434][T30127] RIP: 0033:0x7f9a6179c799
[ 1852.253454][T30127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1852.253477][T30127] RSP: 002b:00007f9a62578028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1852.253500][T30127] RAX: ffffffffffffffda RBX: 00007f9a61a15fa0 RCX: 00007f9a6179c799
[ 1852.253517][T30127] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[ 1852.253531][T30127] RBP: 00007f9a62578090 R08: 0000000000000000 R09: 0000000000000000
[ 1852.253546][T30127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1852.253561][T30127] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1852.253591][T30127]  </TASK>
[ 1852.748055][T30131] sd 0:0:1:0: PR command failed: 1026
[ 1852.754077][T30131] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1852.760916][T30131] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1853.045736][T30136] netlink: Setting conntrack mark requires 'commit' flag.
[ 1853.565663][T30154] CIFS: VFS: Invalid SecurityFlags: 
[ 1853.598578][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.605905][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1854.908000][T30158] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1854.915277][T30158] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1854.932390][T30158] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1854.978045][T30158] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1855.809611][T30168] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1855.847398][T30168] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1855.894190][T30168] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1855.936502][T30168] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1857.431496][T28207] Bluetooth: hci2: command 0x0406 tx timeout
[ 1857.847999][T30202] zswap: compressor  not available
[ 1857.914322][T28207] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1857.920417][T28207] Bluetooth: hci4: command 0x0406 tx timeout
[ 1857.952553][T30210] netlink: 146 bytes leftover after parsing attributes in process `syz.5.5441'.
[ 1857.991423][T30211] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1858.796233][T30224] FAULT_INJECTION: forcing a failure.
[ 1858.796233][T30224] name failslab, interval 1, probability 0, space 0, times 0
[ 1858.851400][T30224] CPU: 0 UID: 0 PID: 30224 Comm: syz.5.5446 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1858.851441][T30224] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1858.851458][T30224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1858.851472][T30224] Call Trace:
[ 1858.851481][T30224]  <TASK>
[ 1858.851491][T30224]  dump_stack_lvl+0x100/0x190
[ 1858.851538][T30224]  should_fail_ex.cold+0x5/0xa
[ 1858.851565][T30224]  should_failslab+0xc2/0x120
[ 1858.851591][T30224]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1858.851623][T30224]  ? alloc_pipe_info+0x10e/0x590
[ 1858.851648][T30224]  ? find_held_lock+0x2b/0x80
[ 1858.851675][T30224]  alloc_pipe_info+0x10e/0x590
[ 1858.851702][T30224]  splice_direct_to_actor+0x78f/0xa30
[ 1858.851729][T30224]  ? __lock_acquire+0x4a5/0x2630
[ 1858.851758][T30224]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1858.851783][T30224]  ? __pfx_aa_file_perm+0x10/0x10
[ 1858.851823][T30224]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1858.851856][T30224]  do_splice_direct+0x174/0x240
[ 1858.851881][T30224]  ? __pfx_do_splice_direct+0x10/0x10
[ 1858.851906][T30224]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1858.851952][T30224]  ? rw_verify_area+0xce/0x6d0
[ 1858.851991][T30224]  do_sendfile+0xadc/0xe20
[ 1858.852034][T30224]  ? __pfx_do_sendfile+0x10/0x10
[ 1858.852071][T30224]  ? __fget_files+0x21f/0x3d0
[ 1858.852101][T30224]  __x64_sys_sendfile64+0x1d8/0x220
[ 1858.852128][T30224]  ? ksys_write+0x1ac/0x250
[ 1858.852149][T30224]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1858.852186][T30224]  do_syscall_64+0x106/0xf80
[ 1858.852220][T30224]  ? clear_bhb_loop+0x40/0x90
[ 1858.852250][T30224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1858.852275][T30224] RIP: 0033:0x7f9a6179c799
[ 1858.852295][T30224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1858.852318][T30224] RSP: 002b:00007f9a62578028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1858.852340][T30224] RAX: ffffffffffffffda RBX: 00007f9a61a15fa0 RCX: 00007f9a6179c799
[ 1858.852357][T30224] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1858.852371][T30224] RBP: 00007f9a62578090 R08: 0000000000000000 R09: 0000000000000000
[ 1858.852385][T30224] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1858.852400][T30224] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1858.852433][T30224]  </TASK>
[ 1859.571688][T30230] syz.6.5448 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1859.624434][T30229] netlink: 'syz.5.5447': attribute type 11 has an invalid length.
[ 1859.648571][T30229] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5447'.
[ 1859.666777][T30229] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5447'.
[ 1860.237569][T30225] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1861.503780][T30244] sd 0:0:1:0: PR command failed: 1026
[ 1861.509440][T30244] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1861.726386][T30244] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1863.261910][T30283] netlink: 'syz.5.5458': attribute type 11 has an invalid length.
[ 1863.269790][T30283] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5458'.
[ 1863.502872][T30283] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5458'.
[ 1863.944394][T30278] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1866.448576][T30323] sd 0:0:1:0: PR command failed: 1026
[ 1866.523625][T30323] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1866.530414][T30323] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1867.224444][T30339] netlink: 'syz.6.5472': attribute type 11 has an invalid length.
[ 1867.397168][T30339] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5472'.
[ 1867.440696][T30348] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5473'.
[ 1867.594011][T30339] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5472'.
[ 1868.041255][T30336] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1869.127337][T30390] netlink: 146 bytes leftover after parsing attributes in process `syz.1.5477'.
[ 1869.686440][T30398] FAULT_INJECTION: forcing a failure.
[ 1869.686440][T30398] name failslab, interval 1, probability 0, space 0, times 0
[ 1869.686481][T30398] CPU: 0 UID: 0 PID: 30398 Comm: syz.1.5480 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1869.686520][T30398] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1869.686532][T30398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1869.686548][T30398] Call Trace:
[ 1869.686556][T30398]  <TASK>
[ 1869.686566][T30398]  dump_stack_lvl+0x100/0x190
[ 1869.686609][T30398]  should_fail_ex.cold+0x5/0xa
[ 1869.686638][T30398]  should_failslab+0xc2/0x120
[ 1869.686673][T30398]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1869.686707][T30398]  ? do_kimage_alloc_init+0x40/0x320
[ 1869.686738][T30398]  do_kimage_alloc_init+0x40/0x320
[ 1869.686764][T30398]  do_kexec_load+0x11b/0x810
[ 1869.686794][T30398]  ? __pfx_do_kexec_load+0x10/0x10
[ 1869.686825][T30398]  ? _copy_from_user+0x59/0xd0
[ 1869.686857][T30398]  __x64_sys_kexec_load+0x1bf/0x230
[ 1869.686888][T30398]  do_syscall_64+0x106/0xf80
[ 1869.686925][T30398]  ? clear_bhb_loop+0x40/0x90
[ 1869.686955][T30398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.686981][T30398] RIP: 0033:0x7fafa7b9c799
[ 1869.687002][T30398] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1869.687028][T30398] RSP: 002b:00007fafa8b35028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[ 1869.687052][T30398] RAX: ffffffffffffffda RBX: 00007fafa7e15fa0 RCX: 00007fafa7b9c799
[ 1869.687070][T30398] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000003
[ 1869.687086][T30398] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1869.687102][T30398] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[ 1869.687117][T30398] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1869.687149][T30398]  </TASK>
[ 1870.797043][T30421] FAULT_INJECTION: forcing a failure.
[ 1870.797043][T30421] name failslab, interval 1, probability 0, space 0, times 0
[ 1870.797083][T30421] CPU: 0 UID: 0 PID: 30421 Comm: syz.6.5486 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1870.797120][T30421] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1870.797130][T30421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1870.797145][T30421] Call Trace:
[ 1870.797153][T30421]  <TASK>
[ 1870.797162][T30421]  dump_stack_lvl+0x100/0x190
[ 1870.797212][T30421]  should_fail_ex.cold+0x5/0xa
[ 1870.797240][T30421]  ? copy_splice_read+0x1a3/0xb90
[ 1870.797262][T30421]  should_failslab+0xc2/0x120
[ 1870.797288][T30421]  __kmalloc_noprof+0xe0/0x850
[ 1870.797330][T30421]  copy_splice_read+0x1a3/0xb90
[ 1870.797360][T30421]  ? __pfx_copy_splice_read+0x10/0x10
[ 1870.797386][T30421]  ? look_up_lock_class+0x55/0x120
[ 1870.797426][T30421]  ? lockdep_init_map_type+0x5c/0x250
[ 1870.797459][T30421]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1870.797512][T30421]  ? __pfx_copy_splice_read+0x10/0x10
[ 1870.797535][T30421]  do_splice_read+0x285/0x370
[ 1870.797561][T30421]  splice_direct_to_actor+0x2a1/0xa30
[ 1870.797587][T30421]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1870.797616][T30421]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1870.797648][T30421]  do_splice_direct+0x174/0x240
[ 1870.797673][T30421]  ? __pfx_do_splice_direct+0x10/0x10
[ 1870.797698][T30421]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1870.797742][T30421]  ? rw_verify_area+0xce/0x6d0
[ 1870.797781][T30421]  do_sendfile+0xadc/0xe20
[ 1870.797823][T30421]  ? __pfx_do_sendfile+0x10/0x10
[ 1870.797860][T30421]  ? __fget_files+0x21f/0x3d0
[ 1870.797890][T30421]  __x64_sys_sendfile64+0x1d8/0x220
[ 1870.797917][T30421]  ? ksys_write+0x1ac/0x250
[ 1870.797938][T30421]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1870.797975][T30421]  do_syscall_64+0x106/0xf80
[ 1870.798007][T30421]  ? clear_bhb_loop+0x40/0x90
[ 1870.798037][T30421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1870.798062][T30421] RIP: 0033:0x7fb72e19c799
[ 1870.798081][T30421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1870.798105][T30421] RSP: 002b:00007fb72ef8b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1870.798127][T30421] RAX: ffffffffffffffda RBX: 00007fb72e415fa0 RCX: 00007fb72e19c799
[ 1870.798143][T30421] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1870.798157][T30421] RBP: 00007fb72ef8b090 R08: 0000000000000000 R09: 0000000000000000
[ 1870.798172][T30421] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1870.798187][T30421] R13: 00007fb72e416038 R14: 00007fb72e415fa0 R15: 00007ffc63f5bd18
[ 1870.798217][T30421]  </TASK>
[ 1872.010100][T30438] netlink: 'syz.5.5491': attribute type 11 has an invalid length.
[ 1872.010125][T30438] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5491'.
[ 1872.010143][T30438] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5491'.
[ 1872.401765][T30432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1873.241805][T30458] cougar: G6 mapped to F18
[ 1873.318834][T30464] FAULT_INJECTION: forcing a failure.
[ 1873.318834][T30464] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1873.459920][T30464] CPU: 0 UID: 0 PID: 30464 Comm: syz.1.5498 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1873.459963][T30464] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1873.459974][T30464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1873.459988][T30464] Call Trace:
[ 1873.459996][T30464]  <TASK>
[ 1873.460006][T30464]  dump_stack_lvl+0x100/0x190
[ 1873.460047][T30464]  should_fail_ex.cold+0x5/0xa
[ 1873.460071][T30464]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1873.460102][T30464]  should_fail_alloc_page+0xeb/0x140
[ 1873.460130][T30464]  prepare_alloc_pages+0x1f0/0x5f0
[ 1873.460157][T30464]  ? kernel_text_address+0x8d/0x100
[ 1873.460195][T30464]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1873.460242][T30464]  ? copy_splice_read+0x1a3/0xb90
[ 1873.460265][T30464]  ? stack_trace_save+0x8e/0xc0
[ 1873.460298][T30464]  ? __pfx_stack_trace_save+0x10/0x10
[ 1873.460324][T30464]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1873.460365][T30464]  ? copy_splice_read+0x1a3/0xb90
[ 1873.460386][T30464]  ? kasan_save_stack+0x3f/0x50
[ 1873.460421][T30464]  ? kasan_save_stack+0x30/0x50
[ 1873.460459][T30464]  ? kasan_save_track+0x14/0x30
[ 1873.460494][T30464]  ? __kasan_kmalloc+0xaa/0xb0
[ 1873.460529][T30464]  ? __kmalloc_noprof+0x301/0x850
[ 1873.460563][T30464]  ? copy_splice_read+0x1a3/0xb90
[ 1873.460585][T30464]  ? do_splice_read+0x285/0x370
[ 1873.460608][T30464]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1873.460649][T30464]  alloc_pages_bulk_noprof+0x782/0x1490
[ 1873.460697][T30464]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1873.460742][T30464]  ? __kmalloc_noprof+0x320/0x850
[ 1873.460783][T30464]  copy_splice_read+0x1e1/0xb90
[ 1873.460813][T30464]  ? __pfx_copy_splice_read+0x10/0x10
[ 1873.460838][T30464]  ? look_up_lock_class+0x55/0x120
[ 1873.460878][T30464]  ? lockdep_init_map_type+0x5c/0x250
[ 1873.460911][T30464]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1873.460951][T30464]  ? __pfx_copy_splice_read+0x10/0x10
[ 1873.460974][T30464]  do_splice_read+0x285/0x370
[ 1873.461000][T30464]  splice_direct_to_actor+0x2a1/0xa30
[ 1873.461027][T30464]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1873.461055][T30464]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1873.461088][T30464]  do_splice_direct+0x174/0x240
[ 1873.461113][T30464]  ? __pfx_do_splice_direct+0x10/0x10
[ 1873.461138][T30464]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1873.461182][T30464]  ? rw_verify_area+0xce/0x6d0
[ 1873.461220][T30464]  do_sendfile+0xadc/0xe20
[ 1873.461262][T30464]  ? __pfx_do_sendfile+0x10/0x10
[ 1873.461304][T30464]  ? __fget_files+0x21f/0x3d0
[ 1873.461334][T30464]  __x64_sys_sendfile64+0x1d8/0x220
[ 1873.461361][T30464]  ? ksys_write+0x1ac/0x250
[ 1873.461382][T30464]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1873.461419][T30464]  do_syscall_64+0x106/0xf80
[ 1873.461452][T30464]  ? clear_bhb_loop+0x40/0x90
[ 1873.461481][T30464]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1873.461506][T30464] RIP: 0033:0x7fafa7b9c799
[ 1873.461525][T30464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1873.461548][T30464] RSP: 002b:00007fafa8b35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1873.461571][T30464] RAX: ffffffffffffffda RBX: 00007fafa7e15fa0 RCX: 00007fafa7b9c799
[ 1873.461587][T30464] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 1873.461602][T30464] RBP: 00007fafa8b35090 R08: 0000000000000000 R09: 0000000000000000
[ 1873.461617][T30464] R10: 0000400000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1873.461632][T30464] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1873.461662][T30464]  </TASK>
[ 1874.710243][T30470] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5501'.
[ 1874.737884][T30470] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5501'.
[ 1874.888384][T30472] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5502'.
[ 1875.506935][T30477] FAULT_INJECTION: forcing a failure.
[ 1875.506935][T30477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1875.571403][T30477] CPU: 0 UID: 0 PID: 30477 Comm: syz.5.5504 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1875.571445][T30477] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1875.571456][T30477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1875.571470][T30477] Call Trace:
[ 1875.571478][T30477]  <TASK>
[ 1875.571488][T30477]  dump_stack_lvl+0x100/0x190
[ 1875.571529][T30477]  should_fail_ex.cold+0x5/0xa
[ 1875.571558][T30477]  _copy_from_user+0x2e/0xd0
[ 1875.571588][T30477]  copy_msghdr_from_user+0x9f/0x4f0
[ 1875.571617][T30477]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1875.571658][T30477]  ___sys_sendmsg+0x106/0x1e0
[ 1875.571686][T30477]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1875.571746][T30477]  __sys_sendmsg+0x170/0x220
[ 1875.571781][T30477]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1875.571834][T30477]  do_syscall_64+0x106/0xf80
[ 1875.571868][T30477]  ? clear_bhb_loop+0x40/0x90
[ 1875.571898][T30477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1875.571923][T30477] RIP: 0033:0x7f9a6179c799
[ 1875.571943][T30477] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1875.571965][T30477] RSP: 002b:00007f9a62578028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1875.571987][T30477] RAX: ffffffffffffffda RBX: 00007f9a61a15fa0 RCX: 00007f9a6179c799
[ 1875.572004][T30477] RDX: 0000000000000080 RSI: 0000200000000080 RDI: 0000000000000003
[ 1875.572019][T30477] RBP: 00007f9a62578090 R08: 0000000000000000 R09: 0000000000000000
[ 1875.572033][T30477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1875.572048][T30477] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1875.572078][T30477]  </TASK>
[ 1877.127857][T30495] sp0: Synchronizing with TNC
[ 1878.318388][T30493] sd 0:0:1:0: PR command failed: 1026
[ 1878.483939][T30493] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1878.490769][T30493] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1879.188028][T30523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5517'.
[ 1879.237632][T30526] openvswitch: netlink: ct_state flags aa1414ac unsupported
[ 1879.902572][T30531] FAULT_INJECTION: forcing a failure.
[ 1879.902572][T30531] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1880.026497][T30531] CPU: 0 UID: 0 PID: 30531 Comm: syz.4.5519 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1880.026551][T30531] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1880.026562][T30531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1880.026578][T30531] Call Trace:
[ 1880.026587][T30531]  <TASK>
[ 1880.026597][T30531]  dump_stack_lvl+0x100/0x190
[ 1880.026641][T30531]  should_fail_ex.cold+0x5/0xa
[ 1880.026670][T30531]  get_futex_key+0x1d2/0x1620
[ 1880.026705][T30531]  ? __pfx_get_futex_key+0x10/0x10
[ 1880.026746][T30531]  futex_wait_setup+0x83/0x510
[ 1880.026793][T30531]  __futex_wait+0x19f/0x300
[ 1880.026835][T30531]  ? __pfx___futex_wait+0x10/0x10
[ 1880.026879][T30531]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1880.026923][T30531]  ? futex_hash+0x2c5/0x380
[ 1880.026961][T30531]  futex_wait+0xed/0x380
[ 1880.027000][T30531]  ? __pfx_futex_wait+0x10/0x10
[ 1880.027046][T30531]  ? __might_fault+0xc5/0x140
[ 1880.027090][T30531]  do_futex+0x1ef/0x350
[ 1880.027124][T30531]  ? __pfx_do_futex+0x10/0x10
[ 1880.027158][T30531]  ? __sys_connect+0xe4/0x170
[ 1880.027195][T30531]  __x64_sys_futex+0x34f/0x4d0
[ 1880.027233][T30531]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1880.027278][T30531]  do_syscall_64+0x106/0xf80
[ 1880.027314][T30531]  ? clear_bhb_loop+0x40/0x90
[ 1880.027346][T30531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1880.027372][T30531] RIP: 0033:0x7f59d119c799
[ 1880.027393][T30531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1880.027418][T30531] RSP: 002b:00007f59d20cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1880.027444][T30531] RAX: ffffffffffffffda RBX: 00007f59d1415fa8 RCX: 00007f59d119c799
[ 1880.027462][T30531] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f59d1415fa8
[ 1880.027478][T30531] RBP: 00007f59d1415fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1880.027494][T30531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1880.027517][T30531] R13: 00007f59d1416038 R14: 00007ffe464a68a0 R15: 00007ffe464a6988
[ 1880.027549][T30531]  </TASK>
[ 1881.126884][T30211] Bluetooth: hci4: unexpected event 0x02 length: 726 > 260
[ 1882.842869][T30573] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input23
[ 1882.946631][T30575] CIFS: VFS: Invalid SecurityFlags: 
[ 1883.301737][T30583] netlink: 342 bytes leftover after parsing attributes in process `syz.5.5530'.
[ 1884.144792][T30211] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260
[ 1884.403017][T30604] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5536'.
[ 1884.510564][T30604] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5536'.
[ 1885.472016][T30614] Loading of unsigned module is rejected
[ 1886.837584][T30646] FAULT_INJECTION: forcing a failure.
[ 1886.837584][T30646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1886.961332][T30646] CPU: 0 UID: 0 PID: 30646 Comm: syz.5.5546 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1886.961374][T30646] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1886.961384][T30646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1886.961399][T30646] Call Trace:
[ 1886.961413][T30646]  <TASK>
[ 1886.961423][T30646]  dump_stack_lvl+0x100/0x190
[ 1886.961465][T30646]  should_fail_ex.cold+0x5/0xa
[ 1886.961494][T30646]  _copy_from_iter+0x1f4/0x1690
[ 1886.961527][T30646]  ? __asan_memset+0x23/0x50
[ 1886.961562][T30646]  ? __pfx__copy_from_iter+0x10/0x10
[ 1886.961589][T30646]  ? __pfx___alloc_skb+0x10/0x10
[ 1886.961633][T30646]  netlink_sendmsg+0x808/0xda0
[ 1886.961682][T30646]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1886.961718][T30646]  ? __import_iovec+0x1d2/0x640
[ 1886.961748][T30646]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1886.961792][T30646]  ____sys_sendmsg+0x9e1/0xb70
[ 1886.961816][T30646]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1886.961855][T30646]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1886.961893][T30646]  ___sys_sendmsg+0x190/0x1e0
[ 1886.961922][T30646]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1886.961982][T30646]  __sys_sendmsg+0x170/0x220
[ 1886.962017][T30646]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1886.962069][T30646]  do_syscall_64+0x106/0xf80
[ 1886.962104][T30646]  ? clear_bhb_loop+0x40/0x90
[ 1886.962134][T30646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1886.962159][T30646] RIP: 0033:0x7f9a6179c799
[ 1886.962179][T30646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1886.962204][T30646] RSP: 002b:00007f9a62578028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1886.962226][T30646] RAX: ffffffffffffffda RBX: 00007f9a61a15fa0 RCX: 00007f9a6179c799
[ 1886.962242][T30646] RDX: 0000000000000080 RSI: 0000200000000080 RDI: 0000000000000003
[ 1886.962257][T30646] RBP: 00007f9a62578090 R08: 0000000000000000 R09: 0000000000000000
[ 1886.962272][T30646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1886.962286][T30646] R13: 00007f9a61a16038 R14: 00007f9a61a15fa0 R15: 00007fffc3b75718
[ 1886.962316][T30646]  </TASK>
[ 1887.823692][T30657] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5550'.
[ 1888.146296][T30662] netlink: 74 bytes leftover after parsing attributes in process `syz.6.5552'.
[ 1889.149199][T30676] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5556'.
[ 1889.239352][T30676] netlink: 330 bytes leftover after parsing attributes in process `syz.6.5556'.
[ 1889.631722][T30683] FAULT_INJECTION: forcing a failure.
[ 1889.631722][T30683] name failslab, interval 1, probability 0, space 0, times 0
[ 1889.725906][T30683] CPU: 0 UID: 0 PID: 30683 Comm: syz.4.5557 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1889.725948][T30683] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1889.725959][T30683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1889.725974][T30683] Call Trace:
[ 1889.725982][T30683]  <TASK>
[ 1889.725991][T30683]  dump_stack_lvl+0x100/0x190
[ 1889.726033][T30683]  should_fail_ex.cold+0x5/0xa
[ 1889.726060][T30683]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1889.726089][T30683]  should_failslab+0xc2/0x120
[ 1889.726114][T30683]  __kmalloc_noprof+0xe0/0x850
[ 1889.726155][T30683]  ? lockdep_hardirqs_on+0x78/0x100
[ 1889.726196][T30683]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1889.726229][T30683]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1889.726258][T30683]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1889.726283][T30683]  ? genl_get_cmd+0x3ef/0x720
[ 1889.726313][T30683]  ? bpf_lsm_capable+0x9/0x10
[ 1889.726338][T30683]  ? security_capable+0x80/0x260
[ 1889.726376][T30683]  ? ns_capable+0xd2/0xf0
[ 1889.726402][T30683]  genl_rcv_msg+0x560/0x800
[ 1889.726431][T30683]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1889.726456][T30683]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1889.726566][T30683]  ? __pfx_nl80211_del_interface+0x10/0x10
[ 1889.726640][T30683]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1889.726681][T30683]  netlink_rcv_skb+0x159/0x420
[ 1889.726719][T30683]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1889.726745][T30683]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1889.726794][T30683]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1889.726834][T30683]  genl_rcv+0x28/0x40
[ 1889.726854][T30683]  netlink_unicast+0x5aa/0x870
[ 1889.726896][T30683]  ? __pfx_netlink_unicast+0x10/0x10
[ 1889.726946][T30683]  netlink_sendmsg+0x8b0/0xda0
[ 1889.726989][T30683]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1889.727024][T30683]  ? __import_iovec+0x1d2/0x640
[ 1889.727056][T30683]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1889.727099][T30683]  ____sys_sendmsg+0x9e1/0xb70
[ 1889.727123][T30683]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1889.727168][T30683]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1889.727206][T30683]  ___sys_sendmsg+0x190/0x1e0
[ 1889.727235][T30683]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1889.727297][T30683]  __sys_sendmsg+0x170/0x220
[ 1889.727332][T30683]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1889.727385][T30683]  do_syscall_64+0x106/0xf80
[ 1889.727418][T30683]  ? clear_bhb_loop+0x40/0x90
[ 1889.727448][T30683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1889.727473][T30683] RIP: 0033:0x7f59d119c799
[ 1889.727494][T30683] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1889.727518][T30683] RSP: 002b:00007f59d20ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1889.727540][T30683] RAX: ffffffffffffffda RBX: 00007f59d1416090 RCX: 00007f59d119c799
[ 1889.727556][T30683] RDX: 0000000000000080 RSI: 0000200000000080 RDI: 0000000000000003
[ 1889.727571][T30683] RBP: 00007f59d20ae090 R08: 0000000000000000 R09: 0000000000000000
[ 1889.727586][T30683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1889.727600][T30683] R13: 00007f59d1416128 R14: 00007f59d1416090 R15: 00007ffe464a6988
[ 1889.727631][T30683]  </TASK>
[ 1893.059100][T30738] FAULT_INJECTION: forcing a failure.
[ 1893.059100][T30738] name failslab, interval 1, probability 0, space 0, times 0
[ 1893.144415][T30738] CPU: 0 UID: 0 PID: 30738 Comm: syz.4.5568 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1893.144456][T30738] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1893.144468][T30738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1893.144482][T30738] Call Trace:
[ 1893.144490][T30738]  <TASK>
[ 1893.144499][T30738]  dump_stack_lvl+0x100/0x190
[ 1893.144541][T30738]  should_fail_ex.cold+0x5/0xa
[ 1893.144570][T30738]  should_failslab+0xc2/0x120
[ 1893.144595][T30738]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1893.144633][T30738]  ? __alloc_skb+0x140/0x710
[ 1893.144671][T30738]  __alloc_skb+0x140/0x710
[ 1893.144701][T30738]  ? __alloc_skb+0x5b7/0x710
[ 1893.144732][T30738]  ? __pfx___alloc_skb+0x10/0x10
[ 1893.144763][T30738]  ? genl_rcv_msg+0x4be/0x800
[ 1893.144795][T30738]  netlink_ack+0x117/0xb80
[ 1893.144840][T30738]  netlink_rcv_skb+0x333/0x420
[ 1893.144877][T30738]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1893.144904][T30738]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1893.144953][T30738]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1893.145000][T30738]  genl_rcv+0x28/0x40
[ 1893.145021][T30738]  netlink_unicast+0x5aa/0x870
[ 1893.145062][T30738]  ? __pfx_netlink_unicast+0x10/0x10
[ 1893.145110][T30738]  netlink_sendmsg+0x8b0/0xda0
[ 1893.145152][T30738]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1893.145188][T30738]  ? __import_iovec+0x1d2/0x640
[ 1893.145220][T30738]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1893.145264][T30738]  ____sys_sendmsg+0x9e1/0xb70
[ 1893.145288][T30738]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1893.145328][T30738]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1893.145366][T30738]  ___sys_sendmsg+0x190/0x1e0
[ 1893.145395][T30738]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1893.145458][T30738]  __sys_sendmsg+0x170/0x220
[ 1893.145494][T30738]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1893.145546][T30738]  do_syscall_64+0x106/0xf80
[ 1893.145589][T30738]  ? clear_bhb_loop+0x40/0x90
[ 1893.145619][T30738]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.145644][T30738] RIP: 0033:0x7f59d119c799
[ 1893.145663][T30738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1893.145688][T30738] RSP: 002b:00007f59d208d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1893.145710][T30738] RAX: ffffffffffffffda RBX: 00007f59d1416180 RCX: 00007f59d119c799
[ 1893.145727][T30738] RDX: 0000000000000080 RSI: 0000200000000080 RDI: 0000000000000004
[ 1893.145742][T30738] RBP: 00007f59d208d090 R08: 0000000000000000 R09: 0000000000000000
[ 1893.145757][T30738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1893.145772][T30738] R13: 00007f59d1416218 R14: 00007f59d1416180 R15: 00007ffe464a6988
[ 1893.145803][T30738]  </TASK>
[ 1894.744668][T30730] FAULT_INJECTION: forcing a failure.
[ 1894.744668][T30730] name failslab, interval 1, probability 0, space 0, times 0
[ 1895.007630][T30730] CPU: 0 UID: 0 PID: 30730 Comm: syz.1.5566 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1895.007675][T30730] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1895.007687][T30730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1895.007703][T30730] Call Trace:
[ 1895.007712][T30730]  <TASK>
[ 1895.007722][T30730]  dump_stack_lvl+0x100/0x190
[ 1895.007765][T30730]  should_fail_ex.cold+0x5/0xa
[ 1895.007795][T30730]  should_failslab+0xc2/0x120
[ 1895.007822][T30730]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1895.007862][T30730]  ? security_inode_alloc+0x3b/0x2c0
[ 1895.007888][T30730]  ? lockdep_init_map_type+0x5c/0x250
[ 1895.007926][T30730]  security_inode_alloc+0x3b/0x2c0
[ 1895.007995][T30730]  inode_init_always_gfp+0xced/0x1040
[ 1895.008026][T30730]  alloc_inode+0x8e/0x250
[ 1895.008060][T30730]  sock_alloc+0x44/0x280
[ 1895.008098][T30730]  ? security_socket_create+0x7f/0x250
[ 1895.008141][T30730]  __sock_create+0xc2/0x860
[ 1895.008169][T30730]  ? lockdep_init_map_type+0x5c/0x250
[ 1895.008206][T30730]  smc_create+0x163/0x290
[ 1895.008349][T30730]  __sock_create+0x339/0x860
[ 1895.008381][T30730]  __sys_socket+0x14d/0x260
[ 1895.008412][T30730]  ? __pfx___sys_socket+0x10/0x10
[ 1895.008449][T30730]  __x64_sys_socket+0x72/0xb0
[ 1895.008477][T30730]  ? lockdep_hardirqs_on+0x78/0x100
[ 1895.008514][T30730]  do_syscall_64+0x106/0xf80
[ 1895.008550][T30730]  ? clear_bhb_loop+0x40/0x90
[ 1895.008581][T30730]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1895.008608][T30730] RIP: 0033:0x7fafa7b9c799
[ 1895.008631][T30730] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1895.008657][T30730] RSP: 002b:00007fafa8b35028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[ 1895.008681][T30730] RAX: ffffffffffffffda RBX: 00007fafa7e15fa0 RCX: 00007fafa7b9c799
[ 1895.008703][T30730] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b
[ 1895.008719][T30730] RBP: 00007fafa7c32c99 R08: 0000000000000000 R09: 0000000000000000
[ 1895.008734][T30730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1895.008750][T30730] R13: 00007fafa7e16038 R14: 00007fafa7e15fa0 R15: 00007fffc3559468
[ 1895.008782][T30730]  </TASK>
[ 1895.008883][T30730] socket: no more sockets
[ 1895.285383][    T9] usb usb40-port2: attempt power cycle
[ 1895.936547][    T9] usb usb40-port2: unable to enumerate USB device
[ 1896.595880][T30775] sd 0:0:1:0: PR command failed: 1026
[ 1896.635591][T30775] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1896.695650][T30775] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1896.906217][T30777] sd 0:0:1:0: PR command failed: 1026
[ 1896.977079][T30777] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1897.077331][T30777] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1897.760368][T30791] FAULT_INJECTION: forcing a failure.
[ 1897.760368][T30791] name fail_futex, interval 1, probability 0, space 0, times 0
[ 1897.760413][T30791] CPU: 0 UID: 0 PID: 30791 Comm: syz.1.5578 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1897.760453][T30791] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1897.760464][T30791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1897.760481][T30791] Call Trace:
[ 1897.760489][T30791]  <TASK>
[ 1897.760499][T30791]  dump_stack_lvl+0x100/0x190
[ 1897.760545][T30791]  should_fail_ex.cold+0x5/0xa
[ 1897.760576][T30791]  get_futex_key+0x1d2/0x1620
[ 1897.760620][T30791]  ? __pfx_get_futex_key+0x10/0x10
[ 1897.760653][T30791]  ? trace_pid_list_is_set+0x11a/0x390
[ 1897.760693][T30791]  ? trace_pid_list_is_set+0x22c/0x390
[ 1897.760737][T30791]  futex_wait_setup+0x83/0x510
[ 1897.760785][T30791]  __futex_wait+0x19f/0x300
[ 1897.760827][T30791]  ? __pfx___futex_wait+0x10/0x10
[ 1897.760865][T30791]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1897.760901][T30791]  ? lockdep_hardirqs_on+0x78/0x100
[ 1897.760940][T30791]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1897.760984][T30791]  ? find_held_lock+0x2b/0x80
[ 1897.761009][T30791]  ? futex_wake+0x456/0x530
[ 1897.761054][T30791]  futex_wait+0xed/0x380
[ 1897.761094][T30791]  ? __pfx_futex_wait+0x10/0x10
[ 1897.761152][T30791]  do_futex+0x1ef/0x350
[ 1897.761186][T30791]  ? __pfx_do_futex+0x10/0x10
[ 1897.761217][T30791]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1897.761260][T30791]  __x64_sys_futex+0x34f/0x4d0
[ 1897.761298][T30791]  ? __pfx___x64_sys_futex+0x10/0x10
[ 1897.761342][T30791]  do_syscall_64+0x106/0xf80
[ 1897.761378][T30791]  ? clear_bhb_loop+0x40/0x90
[ 1897.761409][T30791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.761436][T30791] RIP: 0033:0x7fafa7b9c799
[ 1897.761456][T30791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1897.761482][T30791] RSP: 002b:00007fafa8b350e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1897.761505][T30791] RAX: ffffffffffffffda RBX: 00007fafa7e15fa8 RCX: 00007fafa7b9c799
[ 1897.761522][T30791] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fafa7e15fa8
[ 1897.761539][T30791] RBP: 00007fafa7e15fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1897.761555][T30791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1897.761570][T30791] R13: 00007fafa7e16038 R14: 00007fffc3559380 R15: 00007fffc3559468
[ 1897.761661][T30791]  </TASK>
[ 1898.285387][T30799] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5580'.
[ 1898.285450][T30799] FAULT_INJECTION: forcing a failure.
[ 1898.285450][T30799] name failslab, interval 1, probability 0, space 0, times 0
[ 1898.285484][T30799] CPU: 0 UID: 0 PID: 30799 Comm: syz.4.5580 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1898.285520][T30799] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1898.285531][T30799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1898.285546][T30799] Call Trace:
[ 1898.285555][T30799]  <TASK>
[ 1898.285571][T30799]  dump_stack_lvl+0x100/0x190
[ 1898.285612][T30799]  should_fail_ex.cold+0x5/0xa
[ 1898.285640][T30799]  should_failslab+0xc2/0x120
[ 1898.285667][T30799]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1898.285707][T30799]  ? __alloc_skb+0x140/0x710
[ 1898.285747][T30799]  __alloc_skb+0x140/0x710
[ 1898.285777][T30799]  ? __alloc_skb+0x5b7/0x710
[ 1898.285807][T30799]  ? __pfx___alloc_skb+0x10/0x10
[ 1898.285838][T30799]  ? genl_rcv_msg+0x4be/0x800
[ 1898.285870][T30799]  netlink_ack+0x117/0xb80
[ 1898.285915][T30799]  netlink_rcv_skb+0x333/0x420
[ 1898.285952][T30799]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1898.285978][T30799]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1898.286027][T30799]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1898.286067][T30799]  genl_rcv+0x28/0x40
[ 1898.286098][T30799]  netlink_unicast+0x5aa/0x870
[ 1898.286139][T30799]  ? __pfx_netlink_unicast+0x10/0x10
[ 1898.286193][T30799]  netlink_sendmsg+0x8b0/0xda0
[ 1898.286235][T30799]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1898.286271][T30799]  ? __import_iovec+0x1d2/0x640
[ 1898.286305][T30799]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1898.286349][T30799]  ____sys_sendmsg+0x9e1/0xb70
[ 1898.286373][T30799]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1898.286412][T30799]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1898.286451][T30799]  ___sys_sendmsg+0x190/0x1e0
[ 1898.286479][T30799]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1898.286540][T30799]  __sys_sendmsg+0x170/0x220
[ 1898.286575][T30799]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1898.286627][T30799]  do_syscall_64+0x106/0xf80
[ 1898.286662][T30799]  ? clear_bhb_loop+0x40/0x90
[ 1898.286692][T30799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1898.286716][T30799] RIP: 0033:0x7f59d119c799
[ 1898.286736][T30799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1898.286760][T30799] RSP: 002b:00007f59d20ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1898.286783][T30799] RAX: ffffffffffffffda RBX: 00007f59d1416090 RCX: 00007f59d119c799
[ 1898.286799][T30799] RDX: 0000000000000080 RSI: 0000200000000080 RDI: 0000000000000003
[ 1898.286814][T30799] RBP: 00007f59d20ae090 R08: 0000000000000000 R09: 0000000000000000
[ 1898.286829][T30799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1898.286843][T30799] R13: 00007f59d1416128 R14: 00007f59d1416090 R15: 00007ffe464a6988
[ 1898.286874][T30799]  </TASK>
[ 1900.306568][T30800] ==================================================================
[ 1900.306653][T30800] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60
[ 1900.306736][T30800] Read of size 26 at addr ffff888058411cea by task syz.5.5581/30800
[ 1900.306758][T30800] 
[ 1900.306772][T30800] CPU: 0 UID: 0 PID: 30800 Comm: syz.5.5581 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1900.306811][T30800] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1900.306822][T30800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1900.306839][T30800] Call Trace:
[ 1900.306847][T30800]  <TASK>
[ 1900.306856][T30800]  dump_stack_lvl+0x100/0x190
[ 1900.306894][T30800]  print_report+0x156/0x4c9
[ 1900.306931][T30800]  ? __virt_addr_valid+0x81/0x620
[ 1900.306964][T30800]  ? __phys_addr+0xe8/0x180
[ 1900.306996][T30800]  ? fbcon_prepare_logo+0x94e/0xc60
[ 1900.307021][T30800]  kasan_report+0xdf/0x1e0
[ 1900.307048][T30800]  ? fbcon_prepare_logo+0x94e/0xc60
[ 1900.307077][T30800]  kasan_check_range+0x10f/0x1e0
[ 1900.307109][T30800]  __asan_memcpy+0x23/0x60
[ 1900.307144][T30800]  fbcon_prepare_logo+0x94e/0xc60
[ 1900.307177][T30800]  fbcon_init+0x10a0/0x1820
[ 1900.307206][T30800]  visual_init+0x320/0x620
[ 1900.307237][T30800]  do_bind_con_driver.isra.0+0x636/0x9c0
[ 1900.307277][T30800]  store_bind+0x609/0x730
[ 1900.307313][T30800]  ? __pfx_store_bind+0x10/0x10
[ 1900.307345][T30800]  dev_attr_store+0x58/0x80
[ 1900.307374][T30800]  ? __pfx_dev_attr_store+0x10/0x10
[ 1900.307402][T30800]  sysfs_kf_write+0xf2/0x150
[ 1900.307445][T30800]  kernfs_fop_write_iter+0x3e0/0x5f0
[ 1900.307471][T30800]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1900.307503][T30800]  vfs_write+0x6ac/0x1070
[ 1900.307526][T30800]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1900.307555][T30800]  ? __pfx_vfs_write+0x10/0x10
[ 1900.307587][T30800]  ksys_write+0x12a/0x250
[ 1900.307610][T30800]  ? __pfx_ksys_write+0x10/0x10
[ 1900.307637][T30800]  do_syscall_64+0x106/0xf80
[ 1900.307673][T30800]  ? clear_bhb_loop+0x40/0x90
[ 1900.307702][T30800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1900.307732][T30800] RIP: 0033:0x7f9a6179c799
[ 1900.307753][T30800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1900.307778][T30800] RSP: 002b:00007f9a5f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1900.307803][T30800] RAX: ffffffffffffffda RBX: 00007f9a61a16090 RCX: 00007f9a6179c799
[ 1900.307821][T30800] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[ 1900.307837][T30800] RBP: 00007f9a61832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1900.307854][T30800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1900.307870][T30800] R13: 00007f9a61a16128 R14: 00007f9a61a16090 R15: 00007fffc3b75718
[ 1900.307897][T30800]  </TASK>
[ 1900.307906][T30800] 
[ 1900.307913][T30800] Allocated by task 30280:
[ 1900.307931][T30800]  kasan_save_stack+0x30/0x50
[ 1900.307970][T30800]  kasan_save_track+0x14/0x30
[ 1900.308008][T30800]  __kasan_kmalloc+0xaa/0xb0
[ 1900.308045][T30800]  __kmalloc_noprof+0x301/0x850
[ 1900.308082][T30800]  __register_sysctl_table+0xbe4/0x1650
[ 1900.308123][T30800]  neigh_sysctl_register+0x326/0x660
[ 1900.308157][T30800]  devinet_sysctl_register+0xb6/0x210
[ 1900.308197][T30800]  inetdev_init+0x2b8/0x570
[ 1900.308233][T30800]  inetdev_event+0x7fa/0x17f0
[ 1900.308270][T30800]  notifier_call_chain+0x99/0x420
[ 1900.308302][T30800]  call_netdevice_notifiers_info+0xbe/0x110
[ 1900.308344][T30800]  register_netdevice+0x16e6/0x2210
[ 1900.308380][T30800]  register_netdev+0x34/0x50
[ 1900.308416][T30800]  ip6_tnl_init_net+0x2ff/0x480
[ 1900.308493][T30800]  ops_init+0x1e2/0x5f0
[ 1900.308528][T30800]  setup_net+0x118/0x3a0
[ 1900.308562][T30800]  copy_net_ns+0x46f/0x7c0
[ 1900.308583][T30800]  create_new_namespaces+0x3ea/0xac0
[ 1900.308607][T30800]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1900.308633][T30800]  ksys_unshare+0x473/0xad0
[ 1900.308665][T30800]  __x64_sys_unshare+0x31/0x40
[ 1900.308699][T30800]  do_syscall_64+0x106/0xf80
[ 1900.308735][T30800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1900.308761][T30800] 
[ 1900.308767][T30800] Freed by task 15:
[ 1900.308779][T30800]  kasan_save_stack+0x30/0x50
[ 1900.308817][T30800]  kasan_save_track+0x14/0x30
[ 1900.308855][T30800]  kasan_save_free_info+0x3b/0x70
[ 1900.308885][T30800]  __kasan_slab_free+0x5f/0x80
[ 1900.308907][T30800]  __rcu_free_sheaf_prepare+0x5d/0x2f0
[ 1900.308936][T30800]  rcu_free_sheaf+0x1a/0xe0
[ 1900.308971][T30800]  rcu_core+0x5a2/0x10d0
[ 1900.309004][T30800]  handle_softirqs+0x1eb/0x9e0
[ 1900.309028][T30800]  run_ksoftirqd+0x38/0x60
[ 1900.309051][T30800]  smpboot_thread_fn+0x3d3/0xaa0
[ 1900.309079][T30800]  kthread+0x370/0x450
[ 1900.309110][T30800]  ret_from_fork+0x754/0xd80
[ 1900.309146][T30800]  ret_from_fork_asm+0x1a/0x30
[ 1900.309172][T30800] 
[ 1900.309178][T30800] The buggy address belongs to the object at ffff888058411c00
[ 1900.309178][T30800]  which belongs to the cache kmalloc-192 of size 192
[ 1900.309199][T30800] The buggy address is located 42 bytes to the right of
[ 1900.309199][T30800]  allocated 192-byte region [ffff888058411c00, ffff888058411cc0)
[ 1900.309226][T30800] 
[ 1900.309232][T30800] The buggy address belongs to the physical page:
[ 1900.309244][T30800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x58411
[ 1900.309270][T30800] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1900.309295][T30800] page_type: f5(slab)
[ 1900.309316][T30800] raw: 00fff00000000000 ffff88813fe3c3c0 dead000000000100 dead000000000122
[ 1900.309343][T30800] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 1900.309360][T30800] page dumped because: kasan: bad access detected
[ 1900.309377][T30800] page_owner tracks the page as allocated
[ 1900.309386][T30800] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12403, tgid 12398 (syz.4.1293), ts 505833211778, free_ts 502074683639
[ 1900.309431][T30800]  post_alloc_hook+0x153/0x170
[ 1900.309469][T30800]  get_page_from_freelist+0x111d/0x3140
[ 1900.309506][T30800]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[ 1900.309544][T30800]  new_slab+0xa6/0x6b0
[ 1900.309573][T30800]  refill_objects+0x26b/0x400
[ 1900.309606][T30800]  __pcs_replace_empty_main+0x1ab/0x660
[ 1900.309643][T30800]  __kmalloc_node_track_caller_noprof+0x694/0x850
[ 1900.309685][T30800]  kmemdup_noprof+0x29/0x60
[ 1900.309723][T30800]  neigh_parms_alloc+0x85/0x5e0
[ 1900.309758][T30800]  inetdev_init+0x13c/0x570
[ 1900.309795][T30800]  inetdev_event+0x7fa/0x17f0
[ 1900.309832][T30800]  notifier_call_chain+0x99/0x420
[ 1900.309863][T30800]  call_netdevice_notifiers_info+0xbe/0x110
[ 1900.309904][T30800]  register_netdevice+0x16e6/0x2210
[ 1900.309941][T30800]  register_netdev+0x34/0x50
[ 1900.309976][T30800]  vti6_init_net+0x2c7/0x440
[ 1900.310043][T30800] page last free pid 1616 tgid 1616 stack trace:
[ 1900.310057][T30800]  __free_frozen_pages+0x7e1/0x10d0
[ 1900.310087][T30800]  vfree.part.0+0x12b/0x9d0
[ 1900.310113][T30800]  delayed_vfree_work+0x8e/0xd0
[ 1900.310140][T30800]  process_one_work+0xa23/0x19a0
[ 1900.310175][T30800]  worker_thread+0x5ef/0xe50
[ 1900.310209][T30800]  kthread+0x370/0x450
[ 1900.310239][T30800]  ret_from_fork+0x754/0xd80
[ 1900.310275][T30800]  ret_from_fork_asm+0x1a/0x30
[ 1900.310300][T30800] 
[ 1900.310306][T30800] Memory state around the buggy address:
[ 1900.310319][T30800]  ffff888058411b80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc
[ 1900.310337][T30800]  ffff888058411c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1900.310361][T30800] >ffff888058411c80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[ 1900.310375][T30800]                                                           ^
[ 1900.310390][T30800]  ffff888058411d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1900.310409][T30800]  ffff888058411d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc
[ 1900.310424][T30800] ==================================================================
[ 1900.330251][T30800] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1900.330277][T30800] CPU: 0 UID: 0 PID: 30800 Comm: syz.5.5581 Tainted: G          I  L      syzkaller #0 PREEMPT(full) 
[ 1900.330318][T30800] Tainted: [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP
[ 1900.330331][T30800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1900.330347][T30800] Call Trace:
[ 1900.330357][T30800]  <TASK>
[ 1900.330368][T30800]  dump_stack_lvl+0x100/0x190
[ 1900.330411][T30800]  vpanic+0x552/0x970
[ 1900.330445][T30800]  ? __pfx_vpanic+0x10/0x10
[ 1900.330474][T30800]  ? fbcon_prepare_logo+0x94e/0xc60
[ 1900.330502][T30800]  panic+0xd1/0xe0
[ 1900.330526][T30800]  ? __pfx_panic+0x10/0x10
[ 1900.330551][T30800]  ? fbcon_prepare_logo+0x94e/0xc60
[ 1900.330578][T30800]  ? preempt_schedule_common+0x42/0xc0
[ 1900.330618][T30800]  check_panic_on_warn.cold+0x19/0x34
[ 1900.330646][T30800]  end_report.part.0+0x3a/0x90
[ 1900.330683][T30800]  kasan_report.cold+0xe/0x18
[ 1900.330719][T30800]  ? fbcon_prepare_logo+0x94e/0xc60
[ 1900.330749][T30800]  kasan_check_range+0x10f/0x1e0
[ 1900.330785][T30800]  __asan_memcpy+0x23/0x60
[ 1900.330821][T30800]  fbcon_prepare_logo+0x94e/0xc60
[ 1900.330854][T30800]  fbcon_init+0x10a0/0x1820
[ 1900.330884][T30800]  visual_init+0x320/0x620
[ 1900.330915][T30800]  do_bind_con_driver.isra.0+0x636/0x9c0
[ 1900.330954][T30800]  store_bind+0x609/0x730
[ 1900.330992][T30800]  ? __pfx_store_bind+0x10/0x10
[ 1900.331025][T30800]  dev_attr_store+0x58/0x80
[ 1900.331054][T30800]  ? __pfx_dev_attr_store+0x10/0x10
[ 1900.331083][T30800]  sysfs_kf_write+0xf2/0x150
[ 1900.331115][T30800]  kernfs_fop_write_iter+0x3e0/0x5f0
[ 1900.331142][T30800]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1900.331175][T30800]  vfs_write+0x6ac/0x1070
[ 1900.331198][T30800]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1900.331227][T30800]  ? __pfx_vfs_write+0x10/0x10
[ 1900.331259][T30800]  ksys_write+0x12a/0x250
[ 1900.331282][T30800]  ? __pfx_ksys_write+0x10/0x10
[ 1900.331309][T30800]  do_syscall_64+0x106/0xf80
[ 1900.331345][T30800]  ? clear_bhb_loop+0x40/0x90
[ 1900.331375][T30800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1900.331401][T30800] RIP: 0033:0x7f9a6179c799
[ 1900.331422][T30800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1900.331455][T30800] RSP: 002b:00007f9a5f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1900.331481][T30800] RAX: ffffffffffffffda RBX: 00007f9a61a16090 RCX: 00007f9a6179c799
[ 1900.331500][T30800] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003
[ 1900.331517][T30800] RBP: 00007f9a61832c99 R08: 0000000000000000 R09: 0000000000000000
[ 1900.331534][T30800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1900.331551][T30800] R13: 00007f9a61a16128 R14: 00007f9a61a16090 R15: 00007fffc3b75718
[ 1900.331577][T30800]  </TASK>
[ 1900.331651][T30800] Kernel Offset: disabled