last executing test programs:

3m1.340221236s ago: executing program 3 (id=674):
openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0)
mmap$auto(0x8001, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0)
write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96)
madvise$auto(0xffffffff80000000, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0)
setitimer$auto_ITIMER_PROF(0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r1 = open(&(0x7f0000000080)='./file0\x00', 0x242000, 0xf9)
ppoll$auto(&(0x7f0000000180)={r1, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8)
open(&(0x7f0000000800)='./file0\x00', 0x1a3342, 0x24)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x80e42, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x5, 0x80, 0xd, 0x8000000008011, 0x3, 0xfffffffffffffdd5)
ioctl$auto_BLKGETSIZE(r1, 0x1260, 0x0)
sendfile$auto(0xffffffffffffffff, r2, 0x0, 0x5)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x63102, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0xa002, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
socket(0x29, 0x0, 0xc)
write$auto(0x1, 0x0, 0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x800, 0x0)

3m1.020528593s ago: executing program 3 (id=677):
openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x180, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64)
clone$auto(0x1, 0x40000000003e, 0x0, 0x0, 0x40000009) (async, rerun: 64)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
sysfs$auto(0x2, 0x19, 0x0) (async)
r1 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0)
getdents64$auto(r0, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) (async)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x101400, 0x0)
socket(0x2, 0x80002, 0x73) (async, rerun: 32)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose4/dormant\x00', 0xa0880, 0x0) (rerun: 32)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000080)=""/58, 0x3a) (async)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x26d1c3, 0x0) (async)
socket(0x80000000000000a, 0x2, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (rerun: 64)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) (async)
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
fchdir$auto(r3) (async)
r4 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x440400, 0x0)
ioctl$auto_FS_IOC_GETFSLABEL(r4, 0x81009431, &(0x7f0000000180)="348749886cdf9c874f10442682f34c7c747f6ae014c3ce25849f03e54ba500abebb63422dd16de8584f8ec448e78f125169c098574c4e01f162b7cb7c57a0fe7dfbd2127732e4096adc0671de3848fe0b6afcf1006e6f19d0d7d0f52228a08cdeb8eaf996615302546a2fe3aa5e11d56bd42b771cef6e1fee436135086a028be1ed6955c09227f71f69822304f696f0a4670c2b9ee22837f93dbce942a5ae6c5cc004fd64742485fa9e686469818f19ba8e9a9ca1b9b17f33d92d67b174913d6286914e311f4faa5e1cef6d24ef54ccaa3121cc05c7b415d7a15a16d1b22fa8e4749c003a6663a959106209cc3ae5211035ee0aa7612a69cfd7b181d19396158") (async)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0)

2m57.89008089s ago: executing program 3 (id=684):
close_range$auto(0x2, 0x8, 0x0)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
set_mempolicy$auto(0x3, &(0x7f0000000000)=0x7, 0x9)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4)
mmap$auto(0x4, 0x7, 0x3, 0x1d, 0xffffffffffffffff, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyr5\x00', 0x0, 0x0)
ioctl$auto_TIOCSWINSZ2(r2, 0x5414, 0x0)
sendmmsg$auto(r2, 0x0, 0x1, 0x0)
madvise$auto(0x0, 0x2003f0, 0x15)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)
readv$auto(0x3, &(0x7f0000003080)={&(0x7f0000003040), 0x4}, 0x5)

2m54.927421735s ago: executing program 3 (id=694):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x1cb602, 0x0) (async)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
r0 = socket(0x2, 0x801, 0x84)
getsockopt$auto(r0, 0x84, 0x6d, 0x0, &(0x7f00000002c0)=0x8) (async)
mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
sysfs$auto(0x8, 0x0, 0x8abd) (async, rerun: 32)
fsopen$auto(0x0, 0x1)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xb5f0, 0x7352, 0x36, 0x65f, 0x80000001, 0x7, 0x3, 0x2, 0x7, 0x7, 0x0, 0x4, 0xb4, 0x3, 0x9, 0x10003, 0x80, 0x8, 0x0, 0x7, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x5)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
socket(0x2, 0x801, 0x84) (async)
r1 = socket(0x2, 0x3, 0x1)
connect$auto(r1, &(0x7f0000000040)=@hci={0x1f, 0x4, 0x4}, 0x2)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) (async)
capget$auto(0x0, 0xfffffffffffffffe)
setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async)
socket(0x10, 0x2, 0x0) (async, rerun: 64)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x8, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x6, 0x0, 0x4, 0x2a17, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x33e, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0x81) (rerun: 64)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) (async, rerun: 32)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x50, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) (rerun: 32)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async, rerun: 64)
io_uring_setup$auto(0xffd, 0x0) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0)

2m47.370115099s ago: executing program 3 (id=718):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video0\x00', 0xa200, 0x0)
r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}})
io_uring_enter$auto(r0, 0x9, 0x820e, 0x8b, 0x0, 0x18)
sendmsg$auto(r0, &(0x7f0000000200)={&(0x7f0000000000)="53ecf8f394343f8d680f73a2fe2e2b476edcc66c27788cbfb851bbcdb646ebe4f37539a25cb62716b2268a7170f5c0895f878a98f43e803ce36b2f49482b4aa1afc8e86e334f135256adbbcfaabaac170f311a7ce1ab1a7dc7f1b59694f84a8190bf2f0911ebf6855cd0d5b92a12e834f095bbcceef3c8ceaac23a0431641bc2aeaed5d298e58883b867d430e5d8ec2c00df23743b5e8e7c173464e1ad995b764ea8aa2d997b5284cc307bc0cec11b", 0x6, &(0x7f0000000140)={&(0x7f00000000c0)="7b0a455b885b851b8f1e9932586d5f2282915f86f7bdafd93006887b10eb1f243dbb0ac1ad9a5f", 0x487}, 0x81, &(0x7f0000000180)="524c5714ac20fa3c43fda1db0767d6402970f72d16f715906bf3045b4ec57104239f74a7de62d8f5af1a08d072967dbd6bb83283dc26bf653bac074db9e1d0126e0762c564d5b7a3220497a218", 0xc, 0x7}, 0x0)

2m46.104762814s ago: executing program 3 (id=723):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
write$auto(r0, 0x0, 0x2)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b7c, 0x2, 0xa3f)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x2, 0x3, 0x100)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x0)
r2 = socket(0x10, 0x2, 0x4)
bpf$auto(0x6, &(0x7f00000001c0)=@test={r2, 0x10004, 0x0, 0x8, 0x106, 0x0, 0x0, 0xfff, 0x800, 0x9, 0x0, 0x4, 0x3, 0x2, 0xffff0000}, 0x1)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0xa6)

2m30.72200597s ago: executing program 32 (id=723):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
write$auto(r0, 0x0, 0x2)
getrlimit$auto(0x3, 0x0)
fdatasync$auto(r0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xe2, 0x9b7c, 0x2, 0xa3f)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x2, 0x3, 0x100)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x0)
r2 = socket(0x10, 0x2, 0x4)
bpf$auto(0x6, &(0x7f00000001c0)=@test={r2, 0x10004, 0x0, 0x8, 0x106, 0x0, 0x0, 0xfff, 0x800, 0x9, 0x0, 0x4, 0x3, 0x2, 0xffff0000}, 0x1)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0xa6)

51.990491992s ago: executing program 2 (id=1218):
mmap$auto(0x0, 0x400008, 0x8000, 0x9b72, 0xffffffffffffffff, 0xfffffffffffffffe)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x2a, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55)
openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x9, 0x3, 0x1, &(0x7f0000000040)=0x7)
socket(0xa, 0x801, 0x84)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x5df200, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0x4048aec9, r1)
mmap$auto(0x200000, 0x8, 0xdf, 0x29b72, 0x2, 0x8000)

51.480994146s ago: executing program 2 (id=1223):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO(0xffffffffffffffff, 0x80184132, &(0x7f0000000040)={0xa, 0x4ccc0000000, 0x3, 0x9})
mlock$auto(0xfff, 0xde7f)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$auto_percpu_stats_fops_(r0, &(0x7f0000000040)=""/202, 0xca)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x20000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x1, 0x0)
ioctl$auto_EVIOCGKEYCODE(r2, 0x80084504, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810)
sendmmsg$auto(r1, 0x0, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
r3 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000003400), 0x582, 0x0)
read$auto_check_wx_fops_(r3, &(0x7f0000000000)=""/113, 0x71)
shmctl$auto_SHM_STAT(0x6, 0xd, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyxb\x00', 0x200, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
munlock$auto(0xd, 0xe)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0)

50.5035776s ago: executing program 2 (id=1226):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO(0xffffffffffffffff, 0x80184132, &(0x7f0000000040)={0xa, 0x4ccc0000000, 0x3, 0x9})
mlock$auto(0xfff, 0xde7f)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$auto_percpu_stats_fops_(r0, &(0x7f0000000040)=""/202, 0xca)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x20000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x1, 0x0)
ioctl$auto_EVIOCGKEYCODE(r2, 0x80084504, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810)
sendmmsg$auto(r1, 0x0, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
r3 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000003400), 0x582, 0x0)
read$auto_check_wx_fops_(r3, &(0x7f0000000000)=""/113, 0x71)
shmctl$auto_SHM_STAT(0x6, 0xd, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x200, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
munlock$auto(0xd, 0xe)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0)

49.057960725s ago: executing program 2 (id=1229):
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee) (async)
mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) (async)
io_uring_setup$auto(0x5, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async, rerun: 32)
syz_clone3(&(0x7f00000002c0)={0x2000, &(0x7f0000000000), &(0x7f0000000080), 0x0, {0x1a}, 0x0, 0x0, &(0x7f0000000200)=""/185, 0x0}, 0x58) (async, rerun: 32)
mmap$auto(0x0, 0x2020004, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x1, 0x6)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) (async)
listen$auto(0x3, 0x81) (async)
timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x8) (async)
r0 = socket(0x2b, 0x1, 0x0) (async)
r1 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0x10, 0x0, 0x7f, 0xffff, <r2=>0xffffffffffffffff, 0x97, "b3be20a50af2baa925ab5ed7fbf10be2", 0x0, 0xffffffffffffffff, 0x2, 0x10, 0x1000, 0x100000000}, 0x10)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000) (async)
setreuid$auto(0xee01, 0x0) (async)
newfstatat$auto(r1, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)={0x2, 0x5e8e, 0x0, 0x8, <r3=>0x0, <r4=>0xee00, 0x0, 0x6, 0x6, 0x6100000000000000, 0xe0fc14e, 0x9, 0x4, 0x8000, 0x100000000, 0xe8, 0x6}, 0x3) (async, rerun: 32)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000400), 0x2b2640, 0x0) (rerun: 32)
ioctl$auto_EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000180)={<r5=>r4, 0x9e7e, 0x9, 0xff, 0x80000000, 0xffff})
keyctl$auto(0x3, r3, r3, r5, 0x9) (async)
accept$auto(0x3, 0x0, 0x0)

47.550043503s ago: executing program 2 (id=1232):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x2, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r0, 0x0)
umount2$auto(&(0x7f0000000040)='/proc/\x00\x18s/fs/bin\xe6mt_\xe9\xdf\xe2%\f\x16#9\x00\x00\x00\x00\x00\x00\xbe\xe6]\x01\x05\xac\xb4\x896\xd3\xe1|\x82\xa1\x7fB\x18|T\x9ev\x15\xdcEM*\t\x91\xbbb\xc9X\xee<\xc4T\xc2dRw\xb6*A\x97\xf6\xf8\xeb\a\xf9\x06\x13\xdf)0\xef\xec\x1c\xc4\xf3\x02\xdf\xeea\x95>O\xa5\x03', 0x8)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r1 = socket(0x10, 0x2, 0x4)
bind$auto(r1, &(0x7f0000000040)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x1}, 0xe)
bind$auto(r1, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbff}, 0x65)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
sendfile$auto(0x1, r2, 0x0, 0x3)
r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$auto_NFC_CMD_VENDOR(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000beeac61bf915d83f409cfbea0e5271d5fbc68bef0ff4a22ecd0f53272bf634b1d3cf716262c743770dbf8287942a3fcb345949f4f8d4787a280f7f70b1566827b846c340be0ed2e02ad638023f384bdb34a79c20bd287dda17400499f173eecba397364d69ac268360c4db27862a5fbab58a82bf56fbf7dafbe2286c64064df19564f68fc37a4df6a6252dd5c031db7d0f72c4661089ee280c5622385261ab178d36e11ff17d787ed0859a2c25b93db4c59d1c5a367e06cc242bd5266bad6aef7ac2809c634d226615085d0ce40708dd32c8a0d36edb468705556e1b718c", @ANYRES16=r3, @ANYBLOB="020026bd7000fcdbdf251d00000005000c0005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8840}, 0x40050)
r4 = socket(0x2, 0x1, 0x84)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
write$auto(r4, &(0x7f00000001c0)='nl80211\x00', 0x1fff8)
shutdown$auto(0x200000003, 0x2)
socket(0x2, 0x3, 0xa)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1e, 0x5, 0x9, 0x0)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0)
ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0)

46.312809634s ago: executing program 2 (id=1236):
r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x202883, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x40001, 0x0)
ioctl$auto_TIOCGWINSZ2(r1, 0x5413, &(0x7f0000000600))
ioctl$auto_TIOCEXCL2(r1, 0x540c, &(0x7f0000000040)="1e1750a04bee1d3e106c3647b6fe89b716e5d3d3b7dd6e2e0a992ecc5a98fa13be06ac05eb39c765ce23fc433eb3dca2bfee39903b56ed767f2918fbabffca77f4bdf60cbf20b07c")
mmap$auto(0x4000000000, 0x20006, 0xdbe, 0x13, r0, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5)
ioctl$auto(r2, 0x4028af03, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0xc08c5332, 0x38)
mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x100, 0x4020000000df, 0x13, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
socket(0x27, 0x2, 0x106)
connect$auto(0x3, 0x0, 0x54)
ioprio_set$auto(0x4, 0xffffffffffffffff, 0x1b)
socketpair$auto(0x8, 0x1, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7)

30.981598355s ago: executing program 33 (id=1236):
r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000), 0x202883, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x40001, 0x0)
ioctl$auto_TIOCGWINSZ2(r1, 0x5413, &(0x7f0000000600))
ioctl$auto_TIOCEXCL2(r1, 0x540c, &(0x7f0000000040)="1e1750a04bee1d3e106c3647b6fe89b716e5d3d3b7dd6e2e0a992ecc5a98fa13be06ac05eb39c765ce23fc433eb3dca2bfee39903b56ed767f2918fbabffca77f4bdf60cbf20b07c")
mmap$auto(0x4000000000, 0x20006, 0xdbe, 0x13, r0, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5)
ioctl$auto(r2, 0x4028af03, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(0x3, 0xc08c5332, 0x38)
mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2)
socket(0x29, 0x2, 0x0)
mmap$auto(0x0, 0x100, 0x4020000000df, 0x13, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000)
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
socket(0x27, 0x2, 0x106)
connect$auto(0x3, 0x0, 0x54)
ioprio_set$auto(0x4, 0xffffffffffffffff, 0x1b)
socketpair$auto(0x8, 0x1, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0)
futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7)

8.707495971s ago: executing program 1 (id=1364):
r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x0, 0x0)
ioctl$auto(r0, 0x64c6, 0xffffffffffffffff)
close_range$auto(0x2, r0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video12\x00', 0x900, 0x0)
read$auto_v4l2_fops_v4l2_dev(r1, 0x0, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x80000006, 0x1, 0x9, 0x7, 0x7, 0x8, 0x5, 0xffffffff, 0x2000000000210004, 0x0, 0x7, 0x5, 0x2, 0x7, 0xb3, 0x6, 0x8, 0x3, 0xa, 0x7, 0xbd, 0x0, 0x10000005, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x100000, 0x0, [0x99, 0x2, 0x0, 0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x80000000000000, 0xcd1, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffff5, 0x4, 0x0, 0xfdffffffffffff81, 0x7, 0x4, 0x0, 0x0, 0x200000000000000, 0x1d6, 0x200, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0x81)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyac\x00', 0x101000, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x5fffffd, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000380), 0x9, 0xa505}, 0x800}, 0x7, 0x4008)

8.46448296s ago: executing program 1 (id=1366):
statmount$auto(&(0x7f0000000000)={0x5, @raw=0xd7, 0x3, 0x1, 0x5}, 0x0, 0xe, 0xfffffff8)
r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_register$auto_IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000880)="bccbb96d9294c07b61dcd99d75d381dae5371dabd9311f70c2294199a919d70f2e98ca937801039e19b5ff7bae79c77514596983adc56d194c6ecaf0ba819283b4a6ef89d4ac4bead4c2dc340441385eb81f3a4a92475be6c34746f5648fc6a392d686dbee83a361e5e7bbc7fc28dcb7210b79e9a0e4b78bdb973eecec881b85e212b94e8fecd6c48d00a799cc3072e520108852ed3fc49f1162fd2c738e48f4c7cee06c8bf2", 0xa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendto$auto(0x3, 0x0, 0x79, 0x2, 0x0, 0x20)
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0)
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0})
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x940, 0x4001ffe0, 0xffffffff, 0x1, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x7, 0x10000003, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x400000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x6]}, 0x1fe, 0x85)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r5 = socket(0x10, 0x2, 0x0)
prctl$auto(0x35, 0x0, 0x8, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r6 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r6, 0x0, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (fail_nth: 1)
syz_genetlink_get_family_id$auto_ioam6(0x0, r5)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r5, 0x0, 0x20000840)

7.486012764s ago: executing program 1 (id=1367):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x10, 0x3, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004850}, 0x800)
openat$auto__dev_ioctl_fops_dev_ioctl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = bpf$auto_BPF_LINK_CREATE(0x1c, 0x0, 0x5)
mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
ioctl$auto_XFS_IOC_FD_TO_HANDLE(r0, 0xc038586a, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x1, &(0x7f00000001c0), 0x6, 0x0, 0x0})
madvise$auto(0x0, 0x20499d, 0x9)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0x29, 0x2, 0x0)
r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x101041, 0x0)
write$auto(r1, 0x0, 0x5)
acct$auto(&(0x7f0000000140)='/sys/kernel/debug/page_tables/current_user\x00')
r2 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x42000, 0x0)
read$auto_proc_pid_smaps_operations_internal(r2, &(0x7f00000002c0)=""/190, 0xfffffe39)
read$auto(0x3, 0x0, 0x7fffffff)
unshare$auto(0x20000080)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0x3, 0x8000000000012, 0xfffffffffffffffa, 0x8000)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
syz_open_procfs$namespace(0x0, &(0x7f0000000080))
madvise$auto(0x0, 0xffffffffffff0002, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff)

6.66013615s ago: executing program 0 (id=1369):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$auto(r0, 0x0, 0x25, 0x0, 0xc)
r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/pcmC1D1c\x00', 0x1, 0x0)
ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR642(r1, 0xc0884123, 0x0)
ioperm$auto(0x3b, 0xf99b, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffffb, 0x2, 0x8000)
r2 = io_uring_setup$auto(0x406, 0x0)
io_uring_enter$auto(r2, 0x4, 0x10000, 0x3, 0x0, 0xffffffffffffffff)
io_uring_enter$auto(r1, 0x5, 0x15f3, 0x14, 0x0, 0x9)
mmap$auto(0x1fffffd, 0x20009, 0x6, 0x11, 0xffffffffffffffff, 0x81)
unshare$auto(0x40000080)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/psaux\x00', 0x800, 0x0)
r4 = io_uring_setup$auto(0x59, 0x0)
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8003, 0x3, 0x1, 0x400000000948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001d, 0x7, 0x6d3e, 0x100000000, 0x26, 0x2]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xfc\x04\x00\x00)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
ioctl$auto(0x3, 0x2, 0x38)
mmap$auto(0x0, 0x2020009, 0x3, 0x15, 0xffffffffffffffff, 0x100000001)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0xae7f, 0xffffffffffff0015, 0x40001d)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
madvise$auto(0x0, 0x200007, 0x19)
ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0)

5.870020964s ago: executing program 5 (id=1370):
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/tcp6\x00', 0x40, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000000)=""/65, 0x41)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000004080)='/sys/kernel/debug/kvm/mmu_flooded\x00', 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x1c1000, 0x0)
read$auto(r1, 0x0, 0x9)
write$auto(0x3, 0x0, 0xffd8)
r2 = socket(0x2, 0x5, 0x0)
r3 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x10000, 0x0)
ioctl$auto_BTRFS_IOC_SUBVOL_SETFLAGS(r3, 0x4008941a, &(0x7f0000000280)=0x81b)
r4 = socket(0x2, 0x1, 0x0)
getsockopt$auto(r4, 0x6, 0x7, &(0x7f00000003c0)='/dev/ptys4\x00', &(0x7f0000000000)=0x6)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r5 = socketpair$auto(0x7, 0xf, 0x1, 0x0)
r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000300), r4)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000400)={0x3c8, r6, 0x800, 0x70bd28, 0x25dfdbff, {}, [@MACSEC_ATTR_SA_CONFIG={0x4}, @MACSEC_ATTR_RXSC_CONFIG={0x2d8, 0x2, 0x0, 0x1, [@nested={0x245, 0x106, 0x0, 0x1, [@generic="f1d947ed7bfba4f483b0562c0cd4cb91a9865d85796fd3676529931bb0266d74874c29ef0ae9dd042b043f337e61c35ba87b0dd2e54d6f0e363b9e1343a1c2ff6e354c", @generic="e31b974710aec3323ab3d5a29a3ce74c391f55357a632331860dc82ad5ae46bc07396c415f062254b7094e107e4abd8aa716675bfd58df2d1140534a3adaf74a42b9d05741fd008e44080d2055322fdb4b78883ad7ef8fa9597bf9bbc6d00c6c6c278bd4ebf9786f81408d4a086f35a9222d51076812ea273391af0f2394452e9e79acbe690fc1da3cd50ec4bceb338be5590078c27668d6eb9a93c330ba13402c42", @typed={0x8, 0x81, 0x0, 0x0, @u32=0x2}, @typed={0x8, 0x24, 0x0, 0x0, @fd=r4}, @nested={0x4, 0xa0}, @nested={0x4, 0x6}, @generic="964022db82d6d6c003a79fb89b4670f05ec1cd56522f68ace35dbb202f276f45e4a07d0f86fdab515b9f8be3ad765cca3c51fb7b02ba37097655b096ee8e5280187ebd449f3fbe35", @typed={0xee, 0x96, 0x0, 0x0, @binary="cd255a089b193990e80a521207eb4a437cf803b901adde82405a5637401dedc238da86c82e8a29e79ed7d0e5772f859f54d682e2b8342451f9e41a2a17a68f52ae8a12dc587d581bea0e56d993817924c76aca2121a98452b95ca4c6fd8963a78d2fd4ad17ddf8b761ac1bfd29b8c7c89f03ef74386818d01f1b89f39361914ca3ec3fbe775192f77dd1e1d5a8854c234e58336a24c32ac9bd00d2325ff05448d2406b99eb71a702fde3204fdc47247f4e58f7c72ce55214aacef9872ee05d5a5c955e143ddf7c363593fdfa50c6824964e8c4e685849de22d0bac5a530ffdec5c1012b9b86c973c53a0"}, @typed={0xc, 0x3a, 0x0, 0x0, @u64=0x2}]}, @typed={0xc, 0x75, 0x0, 0x0, @u64=0x10}, @typed={0x8, 0x134, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @typed={0x77, 0x6e, 0x0, 0x0, @binary="7fb317d2d9742cb85c1c5756d707ac45ffc5ed4c59e7f7543b5fa0add3f35c6757dd3e04ccddd1251f7a89b264fab0ee00d881aeea47ff2cee14dd87fb69b93c535be7a314188b2a4b28f8c1299a1445b9646dfdb9ca7814a971c90179be5f2cde17baf6467ca93bd336ae51fd4fafe255f336"}]}, @MACSEC_ATTR_SA_CONFIG={0xd6, 0x3, 0x0, 0x1, [@generic="f1e40bc87ab065a7587089a34d28ff4462bcb7e8f39d869eb8113b600b6c4cd3d9d5e24b15bd21241021e41730fa66cbf5b378338d4753ab3cb8ff3ebbeae62fcd8aae51b7b671785ab58eaf610f0af0244d7b5e1995cf15cd393a5de8e69f29032b60fa38d634ac2f0c7f78f707e038e431dca6d77ce90f29bb22068b4d4b8190c40787591a9a1caa2263c76ca0dd3acf6ab81ff2d50732a2b27ee47a252d9585c5a89db0ba72b3f0926e75f088b825056452a220bbfcd097d3d2fefcc90dba32f00bee9bb988700f2db618fc7c5ecc4e30"]}]}, 0x3c8}, 0x1, 0x0, 0x0, 0x40080c1}, 0x30000001)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r7)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000001640)={0x5c, r8, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@HWSIM_ATTR_CIPHER_SUPPORT={0x48, 0x18, "64cf89334997f033a12c5c6b926b3bd1e1ec44c5e82197d43214b8eb52d4252c1ea5600c540d3fb2fa617ce24b3b52bdb6fedf87fad8642509d91563fa939c6a6da422d4"}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20008044}, 0x40800)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_register$auto_IORING_UNREGISTER_EVENTFD(r5, 0x5, &(0x7f0000000140)="da7430113fcc55be54bc6415158eec2b7baf22c94a6c550ee08aa745fb69e3e0d2974d9fa62cec5b01f0c7e3e76b6e9e1b00eadbbf72e042787539a3b7ad575f73cbaf795424515c502f403a8e082bbfc9f04d460929405ec206598f1bf0f4f0e42145d594792bc603eb9054a80e63182979518d45b55b72679339184edddf8f4eddcae7a20503d6e81f0f30900ef9aaa537715038c83c866853cf2fd7da89c5b69a09b9daccf9bf6d5ba39a52e029602c44f6edd3b3e8418f430f5e32e8e99e498cdd690f2f6d25fa376930f94d61693bc1ae1deac981a21da6b5cca96d22729fd498053671b592c1a7f4", 0x7)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r9 = waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000000)={@_si_pad}, 0x9, &(0x7f0000000080)={{0x9, 0x8000}, {0x3, 0x1}, 0x2, 0x6, 0x6, 0x5, 0x3, 0x1, 0x9, 0x7d3, 0xc6df, 0x7f9f, 0x4, 0x100000000, 0x14602b72, 0x3})
getsid$auto(r9)
mmap$auto(0x5, 0x20009, 0x4000000000df, 0x17, 0x401, 0x8000)
unshare$auto(0x40000080)
memfd_create$auto(0x0, 0x1)

5.332271849s ago: executing program 0 (id=1372):
sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0xc01)
r0 = socket(0x2, 0x2, 0x1)
connect$auto(r0, &(0x7f00000000c0)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2f}}, 0x55)
connect$auto(r0, &(0x7f0000000000)=@l2tp={0x2, 0x0, @multicast2, 0x1}, 0x7f)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/asound/card1/pcm1p/info\x00', 0x92240, 0x0)
read$auto(r1, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xedKW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1\x1f\xf7uw\a\xd0\x83{_>/\xff', 0x100000001)
write$auto(r1, &(0x7f00000000c0)='\xc4\x1dR\x00\x003\x1bO\xbb\x98)\x7fTa1\xa3\xd0\x89\x1e\\\xff', 0x8587)
write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900)='\t', 0x1)
close_range$auto(0x2, 0x8, 0x0)
mq_open$auto(&(0x7f0000000080)='/dev/sg0\x00', 0x8, 0x8000, &(0x7f0000000100)={0x4, 0x3, 0x800, 0x9})
socket(0x2, 0x3, 0x6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0)
mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0)
readv$auto(r1, 0x0, 0x1)

4.51548231s ago: executing program 0 (id=1373):
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) (async)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0)
unshare$auto(0x40000080)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0) (async)
setresuid$auto(0xffffffffffffffff, 0x0, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) (async)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084)
madvise$auto(0x9, 0x1, 0xc3)
madvise$auto(0x0, 0x200007, 0x19) (async)
madvise$auto(0x0, 0x200007, 0x19)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000200), 0x880, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa142, 0x0)
open(0x0, 0x101840, 0x33903f3ada88772b)
sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, 0x0, 0xc050) (async)
sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, 0x0, 0xc050)
openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/tracing/current_tracer\x00', 0x2, 0x0)
r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r0, 0x0, 0x80000000)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x9}, 0x5)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d6389a9610, 0x0) (async)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d6389a9610, 0x0)
write$auto(0x3, 0x0, 0xffd8) (async)
write$auto(0x3, 0x0, 0xffd8)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (async)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
ioctl$auto(0xffffffffffffffff, 0x4b71, 0x1)

3.840121867s ago: executing program 5 (id=1375):
statmount$auto(&(0x7f0000000000)={0x5, @raw=0xd7, 0x3, 0x1, 0x5}, 0x0, 0xe, 0xfffffff8)
r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_register$auto_IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000880)="bccbb96d9294c07b61dcd99d75d381dae5371dabd9311f70c2294199a919d70f2e98ca937801039e19b5ff7bae79c77514596983adc56d194c6ecaf0ba819283b4a6ef89d4ac4bead4c2dc340441385eb81f3a4a92475be6c34746f5648fc6a392d686dbee83a361e5e7bbc7fc28dcb7210b79e9a0e4b78bdb973eecec881b85e212b94e8fecd6c48d00a799cc3072e520108852ed3fc49f1162fd2c738e48f4c7cee06c8bf2", 0xa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendto$auto(0x3, 0x0, 0x79, 0x2, 0x0, 0x20)
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0)
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0})
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x940, 0x4001ffe0, 0xffffffff, 0x1, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x7, 0x10000003, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x400000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x6]}, 0x1fe, 0x85)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r5 = socket(0x10, 0x2, 0x0)
prctl$auto(0x35, 0x0, 0x8, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r6 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r6, 0x0, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (fail_nth: 2)
syz_genetlink_get_family_id$auto_ioam6(0x0, r5)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r5, 0x0, 0x20000840)

2.514861433s ago: executing program 4 (id=1378):
r0 = socket(0x28, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x1, 0x0)
getsockopt$auto(r0, 0x0, 0x6, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
epoll_create$auto(0x1)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85)
madvise$auto(0x9, 0x2003f4, 0x4)
timerfd_create$auto(0x2, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0)
write$auto(r2, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
io_uring_setup$auto(0x7, 0x0)
setgroups$auto(0xff, &(0x7f0000000080)=0x3)

2.282879525s ago: executing program 4 (id=1379):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
ioctl$auto_SNDRV_PCM_IOCTL_CHANNEL_INFO(0xffffffffffffffff, 0x80184132, &(0x7f0000000040)={0xa, 0x4ccc0000000, 0x3, 0x9})
mlock$auto(0xfff, 0xde7f)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001)
r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
read$auto_percpu_stats_fops_(r0, &(0x7f0000000040)=""/202, 0xca)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x20000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x10, 0x2, 0x0)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x1, 0x0)
ioctl$auto_EVIOCGKEYCODE(r2, 0x80084504, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810)
sendmmsg$auto(r1, 0x0, 0x3, 0x0)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
r3 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000003400), 0x582, 0x0)
read$auto_check_wx_fops_(r3, &(0x7f0000000000)=""/113, 0x71)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/7/smp_affinity_list\x00', 0x129002, 0x0)
write$auto(r4, 0x0, 0xc)
shmctl$auto_SHM_STAT(0x6, 0xd, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyxb\x00', 0x200, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x1, 0x5)
madvise$auto(0x10000000000, 0xffffffffffff0005, 0x19)
munlock$auto(0x5, 0xe)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)

1.69802887s ago: executing program 5 (id=1380):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/packets_per_slave\x00', 0x182b02, 0x0)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/vrf/strict_mode\x00', 0x80202, 0x0)
sendfile$auto(r0, 0x3, 0x0, 0x400000000008)
write$auto(r0, &(0x7f0000000380)='\xf5\x80\xaa\x9f\v\x00\xeb)\x92\x12\b\x1c\xcfkjj\xe2\xf3\xc1\xeb\xd9\xa3QL\x7foZ\xb4\xca\xec\x81t\xed\xaeY\x1b\xfe\x86d5\xe9\xea\x1d\x1f\xe0\x9a\xf0\xd5_\a1H\xa4\x9c\x85\xeb#n\x1a\xb2\xb6\x9b\x9avV\xa9X\\e\xd34)\xf0\a\x16\xc3\aOECz\xae\xff\xe1\f\xc0%(;\xc8\xb2\xbc\t\x05(\xcf\xcc]\xd4a\x93\xac\xf3Y\x93Y0bVyru\rs\xd3\x00LN\x06\xf4\x84\xc6r<\x12\xc5\x84\xff\xc1\xdb/xx\xae\n\x00\x00\x00T\xdd\x1ca\xd633\x84\xe89\xcb](\xed\xffPG\xb2x\x1f\xef]r4!\"%>\xfb\xa3\\\xf0\x88u/\x86\xdc\x8b\x9cGtr&L`!&\x01\xfcH/\x8c\x9d\xe9%L`j\x93n2O\xd1\f\xee\x8c\xa7\x1d\x8e\xe1\x97\xd4=B\xd7\xbd\xcfS\xa0^\x93\xd1\xd4}j,\x81o\x1e\x9d\xa2\xbf\x9a.P^yB\xac\xea\xcfY\xef\xdb\x14\xd4\x99\xdb\xa4|@\xa3+|\xeb&\xdfn\xc7[\x94\xfb\x8a\x99;\'\x99\xad\x1eM\xc6@U\x84\xfa\xf2\v8\xa5\xafU\x1bP:\xb1N\xb0\t\x96\x8c\xf4r\x95*\x03D\xeb\xfb\xa9n\xc0\xec\xe3\xb5\xf03\x1e\xbd\xd5\xd21\x953_\x82YOwK\x91\x97\a\x16\xf9\xf5\xd0\x1e\xcdViG\x9b\xa7aw\xc3\x04\xc3~\xe42\x9c&\xbd\x8b\xc9\xb3\xde\xbd\xba\xec\xf5D\x91V-)\x1c^0\xb7l\xb1\xb0\xfd\xfdOi56!O\xf2G8#\x00\x00\x00\x00\x00\x00\x00\x00\v\x00\x00\x00', 0x1ff)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x60, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"57f475c61457e99f769f5235b668e09caf9941b9b26b2fb80cf70643d6ff9594", 0x3ff, 0x23, 0xc130, 0xd5e9, 0x401})
mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$auto(r1, 0x114, 0xa, 0x0, 0x4)
r2 = socket(0xa, 0x1, 0x84)
r3 = getpid()
process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
setsockopt$auto(r2, 0x0, 0x60, 0x0, 0x6f7250c4)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0)
ioctl$auto(r4, 0x401870cb, r4)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0)

1.473814785s ago: executing program 0 (id=1381):
mmap$auto(0x0, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2061, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
close_range$auto(0x2, 0x8, 0x0) (async)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
socket(0x11, 0x3, 0x2) (async)
openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x11, 0x2, 0x73) (async)
pipe2$auto(0x0, 0x0) (async)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) (async)
fanotify_init$auto(0x5, 0x0) (async)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) (async)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) (async)
ioctl$auto_TCFLSH2(r1, 0x540b, 0x0) (async)
write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) (async)
write$auto(r0, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async)
io_uring_setup$auto(0x6, 0x0)
r2 = socket(0x2, 0x801, 0x84)
getsockopt$auto(r2, 0x84, 0x76, 0x0, 0x0)
socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) (async)
socket(0xa, 0x3, 0x73) (async)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/downdelay\x00', 0x10b142, 0x0)
sendfile$auto(r3, r3, 0x0, 0x200) (async)
setsockopt$auto(0x400000000000003, 0x2a, 0x7, 0x0, 0x3)

1.464943363s ago: executing program 4 (id=1382):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x28, r1, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'veth1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0)

1.286830629s ago: executing program 5 (id=1383):
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

1.224683268s ago: executing program 4 (id=1384):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0)
close_range$auto(0x2, r0, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(r0, 0xae3f, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x4b564dff, 0x2, 0x6}]})
r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x81, 0x0)
ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(r2, 0x4004550a, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) (async)
close_range$auto(0x2, r0, 0x0) (async)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) (async)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$auto(r0, 0xae3f, r1) (async)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x4b564dff, 0x2, 0x6}]}) (async)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x81, 0x0) (async)
ioctl$auto_USB_RAW_IOCTL_VBUS_DRAW(r2, 0x4004550a, 0x0) (async)

1.038163117s ago: executing program 5 (id=1385):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = bpf$auto(0x4, &(0x7f0000000000)=@link_detach, 0x401)
flistxattr$auto(r0, &(0x7f00000000c0)='\x00', 0x0)
r1 = socket(0x29, 0x2, 0x0)
getsockopt$auto(r1, 0x119, 0x6, 0x0, 0x0)
r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card1\x00', 0x101002, 0x0)
ioctl$auto(r2, 0x9000643a, 0xc35)

977.572931ms ago: executing program 0 (id=1386):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
fanotify_init$auto(0x5, 0x0)
mmap$auto(0x0, 0x853, 0x2000000000000002, 0xeb1, 0xffffffffffffffff, 0x8000)
futimesat$auto(r0, 0x0, 0x0)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec27\x00', 0x80200, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000000040)=0x31)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r3 = socket(0xa, 0x3, 0x2f)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4839f3015398d3b61", @ANYRES32, @ANYRES32=r3], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSCOMPRESS(r2, 0x4010744d, &(0x7f00000001c0)={&(0x7f00000000c0)='\x18\x04\x8f~\xa7 \xcf\x1fg7\n\xd8\xbd\xd3&\xa7\xa6_\xaa\xe2;\xb5\x82\x9dA\x8f|\xf3\xd7\xc6X\xdf\xdaC\x9aoqM2\x10\xb1\xd1\xbd\xca0\x9f\xe7\x00\x00\x00\x00\x00\x00\x00\x00T\r\xbfZO\x7f\xbd\x91\xf2\xbd\xc6.\xa2*\xdb\xd7\f\xebM\xba\x15P\as\x82\x17\xa3\xf5\xf6\xcd\x19P&\x88*\xf9\xdd\xc3t[`\xf3h\xc0\"\xd2\xa5\x81\xd6l\xc2k|\rX]XP\xfe\xc9\xe3\xea\xa4P\x95!3\xce\x9f\x9f<\x1eI\xfd\x80\x1c\xf9~\x06\x1b{K\x04\x85\xfa\x14\xbf\t\xc0\xced?j\xb2\xf1~T\xb2i\n\x15\x0e\xf7G9\'}^B=\xfc\x11\xfa\x0f\x0fd4^`\xc2\xb0\xaf\\\x1duPu\x02\xce:`c\xb0\xd0\xde\x13\xb4\xe0\xfcn\x98%\x1d\xff(\xa3\x10d\x89', 0x8, 0x80})
socket$nl_generic(0x10, 0x3, 0x10)
getcwd$auto(0x0, 0xc0000000000000)
r5 = pidfd_open$auto(0x1, 0x0)
setns(r5, 0x60020000)
setsockopt$auto(r2, 0x40, 0x101, &(0x7f0000000200)='/dev/cec27\x00', 0x100)
mount$auto(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x23fff, 0x0)
r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r5)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000340)={&(0x7f0000000240), 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r6, 0x104, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48850}, 0x10)

965.21497ms ago: executing program 4 (id=1387):
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0)
ioctl$auto(r0, 0x401870cb, r0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0x4000000000000c8, 0x400454cc, 0x6f)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r1)
sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000280)={0x14, r2, 0x901, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40)
r3 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r4, 0x8008af83, r3)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x100, 0x0)

792.036464ms ago: executing program 1 (id=1388):
statmount$auto(&(0x7f0000000000)={0x5, @raw=0xd7, 0x3, 0x1, 0x5}, 0x0, 0xe, 0xfffffff8)
r0 = openat$auto_vrr_range_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_register$auto_IORING_UNREGISTER_PBUF_RING(r0, 0x17, &(0x7f0000000880)="bccbb96d9294c07b61dcd99d75d381dae5371dabd9311f70c2294199a919d70f2e98ca937801039e19b5ff7bae79c77514596983adc56d194c6ecaf0ba819283b4a6ef89d4ac4bead4c2dc340441385eb81f3a4a92475be6c34746f5648fc6a392d686dbee83a361e5e7bbc7fc28dcb7210b79e9a0e4b78bdb973eecec881b85e212b94e8fecd6c48d00a799cc3072e520108852ed3fc49f1162fd2c738e48f4c7cee06c8bf2", 0xa)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a)
sendto$auto(0x3, 0x0, 0x79, 0x2, 0x0, 0x20)
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0)
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0})
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x940, 0x4001ffe0, 0xffffffff, 0x1, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x7, 0x10000003, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x400000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x6]}, 0x1fe, 0x85)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
r5 = socket(0x10, 0x2, 0x0)
prctl$auto(0x35, 0x0, 0x8, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r6 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x80800, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r6, 0x0, 0x0)
sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
syz_genetlink_get_family_id$auto_ioam6(0x0, r5)
sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r5, 0x0, 0x20000840)

789.331844ms ago: executing program 5 (id=1389):
unshare$auto(0x40000080) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
close_range$auto(r0, r0, 0x7f) (async, rerun: 32)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async, rerun: 32)
socket(0x2, 0x5, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) (async, rerun: 32)
ioctl$auto(0x3, 0x8905, 0x38) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) (async)
madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async)
madvise$auto(0x0, 0x2003f2, 0x15) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)=ANY=[], 0x70}}, 0x24048084) (async)
madvise$auto(0x0, 0x200007, 0x19) (async, rerun: 32)
openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) (async, rerun: 32)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) (async, rerun: 64)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) (rerun: 64)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x00\x00\x00\x00\x00', 0x100000002, 0x100000001)

573.344975ms ago: executing program 4 (id=1390):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/neigh/wlan0/proxy_delay\x00', 0x103500, 0x0)
sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002d0008000700"/18, @ANYRES32, @ANYBLOB="0800080004"], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0) (async)
sendmsg$auto_GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002d0008000700"/18, @ANYRES32, @ANYBLOB="0800080004"], 0x24}, 0x1, 0x0, 0x0, 0x20000801}, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r1, 0x0) (async)
mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0) (async)
init_module$auto(0x0, 0xffff9, 0x0)
r2 = epoll_create$auto(0x4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
socket(0x2, 0x1, 0x106)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) (async)
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
openat$dir(0xffffffffffffff9c, 0x0, 0x8000, 0x70) (async)
r4 = openat$dir(0xffffffffffffff9c, 0x0, 0x8000, 0x70)
renameat2$auto(r4, 0x0, r4, 0x0, 0x5) (async)
renameat2$auto(r4, 0x0, r4, 0x0, 0x5)
ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r2, 0x4004550d, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x8002, 0x0, 0x2, 0x0, 0x0, 0x1}, 0xf}, 0x3, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0xe07, 0x8000000000000001, 0x80000001, 0x7, 0x6d3f, 0x9, 0x8, 0x4]}, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000440)={[0x10000000001ff, 0x4, 0xd, 0xffffffffffffffff, 0x3, 0x10, 0x2, 0x2, 0x4, 0x62, 0x80000026, 0x7, 0x6d3e, 0x8, 0xd, 0x40000000001]}, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x1a5d80, 0x0)
r5 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
select$auto(0xf, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r5, 0x0, 0x6, 0x0) (async)
wait4$auto(r5, 0x0, 0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={&(0x7f0000000080), 0x180}, 0x2, &(0x7f0000000340), 0x7, 0xa505}, 0x800}, 0x7, 0x6)

285.924521ms ago: executing program 0 (id=1391):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x6e642, 0x0) (async)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x6e642, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0xf429, 0xb)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x142, 0x0)
read$auto(r1, 0x0, 0x4)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:03/power/runtime_active_time\x00', 0x286a01, 0x0)
fgetxattr$auto(r3, &(0x7f00000004c0)='security.capability\x00\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd40\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\x96\xa3\xc0\xf29\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xa1Yi\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\x12\x8d\x84K\xf0\xd0\x0f\x13)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x8a\n\xe8\x1c\x88\xd4\xa5\x96!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f', 0x0, 0x0) (async)
fgetxattr$auto(r3, &(0x7f00000004c0)='security.capability\x00\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd40\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\x96\xa3\xc0\xf29\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xa1Yi\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\x12\x8d\x84K\xf0\xd0\x0f\x13)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x8a\n\xe8\x1c\x88\xd4\xa5\x96!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f', 0x0, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x518001, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15) (async)
ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
ioctl$auto(r4, 0x5522, 0xf15)
ioctl$auto(r4, 0x8108551b, r4)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
close_range$auto(0x2, 0x8, 0x0)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0xffffff8a)
write$auto(r0, &(0x7f00000002c0)='}\t\x00\x00/audio1\x005qG=\x15\xd2\xd8\x82\x15+\xffo\x10\xa2\x90\x11\x1f\xe8\xcf\x12\xecTI\x9d\xb0i\xf8\xac\xf5n\t\xce_R\xfe7\x19\xe7\xb2\xf3u\xf0\xd44|\xbf\xd7\xd0\xfd9K\x05\x11A\xe0nM?y\xa0/\xf2\x00\xec\xe4\xae\xbc\xcfp\t\x82\x14+\x94G\x9c\x83\x00\x85kf$I\xde\xcb\x0e', 0x100000a3d9)

238.90628ms ago: executing program 1 (id=1392):
madvise$auto_MADV_DODUMP(0x7, 0x3, 0x11)
madvise$auto_MADV_DODUMP(0x7, 0xf9, 0x11)
madvise$auto_MADV_DODUMP(0x672, 0x6085, 0x11)
madvise$auto_MADV_DODUMP(0x0, 0xfffffffffffffffe, 0x11)
madvise$auto_MADV_DODUMP(0x4, 0x82b6, 0x11)
madvise$auto_MADV_DODUMP(0x9, 0x3, 0x11)
madvise$auto_MADV_DODUMP(0x5b, 0x7, 0x11)
madvise$auto_MADV_DODUMP(0x7fffffff, 0x8000000000000001, 0x11)
madvise$auto_MADV_DODUMP(0x3, 0x3, 0x11)
ioctl$auto_IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000000)={0x2, 0x8, 0x8, 0xa})
madvise$auto_MADV_DODUMP(0x5, 0x10000, 0x11)
madvise$auto_MADV_DODUMP(0x36, 0x9, 0x11)
madvise$auto_MADV_DODUMP(0x0, 0x1, 0x11)
madvise$auto_MADV_DODUMP(0xff, 0x8, 0x11)
madvise$auto_MADV_DODUMP(0xe, 0x9, 0x11)
madvise$auto_MADV_DODUMP(0x1, 0x10001, 0x11)
r0 = openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/hwsim/dfs_simulate_radar\x00', 0x105002, 0x0)
shutdown$auto(r0, 0xfc5)
madvise$auto_MADV_DODUMP(0x3, 0x7, 0x11)
madvise$auto_MADV_DODUMP(0x5, 0x2, 0x11)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sr0\x00', 0x105d02, 0x0)
ioctl$auto_BLKREPORTZONE(r1, 0xc0101282, &(0x7f00000000c0)={0xfffffffffffffffc, 0x3, 0x80000000, [{0x7fffffffffffffff, 0x9, 0x3, 0x98, 0x1, 0x4, 0x4, "a81f10b8", 0x5, "f1556fc796e162e8bf0b8fda72873430805a89afc18667bc"}, {0xc000000000, 0x8001, 0x3, 0x6, 0x9, 0x1, 0x9, "9a122032", 0x8, "ae13fcd48b23e7c1ad9c13e9e551391755f66939d12e0ff0"}, {0x7, 0x2, 0x9, 0x2, 0x5, 0x5, 0x4, "832ce46e", 0x3, "a7f5f437ce5d7a48adf253cc3486cca3e5d9c72c05d24251"}, {0x983, 0x9, 0xe, 0x0, 0x8, 0x3, 0xdd, "1b42a9e8", 0x9, "5807567d99e6226ba64799e2c1d785a5e1e0555b48a2996d"}, {0x4, 0xffff, 0x401, 0x0, 0x69, 0x4, 0x5, "64def859", 0xffffffff, "2a651021bdb1d2538fc30fc173e3dd5f1883e40f2529bb1e"}, {0x5, 0x2, 0x3, 0x10, 0x1, 0x9, 0x4, "d48aebb8", 0xa, "e8749ca4e54ecb879f47605451c016ad608885730760f0e2"}, {0x1, 0x0, 0x3, 0x7, 0x1, 0x2, 0x5, "0acdf6d3", 0x2, "3711c4e246c478da7b9a995dc6b61d0febbbe5f43f367bee"}]})
madvise$auto_MADV_DODUMP(0x6a57a5b1, 0x7, 0x11)
madvise$auto_MADV_DODUMP(0x9, 0x3, 0x11)
madvise$auto_MADV_DODUMP(0x10, 0x100000001, 0x11)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bond0\x00', <r2=>0x0})
connect$auto(r1, &(0x7f0000000300)=@can={0x1d, r2}, 0xffffff47)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x42d00, 0x0)
ioctl$auto_SG_GET_TIMEOUT2(r3, 0x2202, &(0x7f0000000380)="d3b3f3bd8a46f6ee9675427845531a25bf315bdbcd865e478492eee2c7f19c521190fab4786736a8419cba3873c19321e3e120791c2d5cab1e4cebbdf4875122aa0b93541116330d7fe38526c9811c933bfbf2323afe8b0493bcb8c191412e915566f74417027df4e159e0bdcc208ea4c3ff4e8bc374e5d8b6aee10b57baca72c788b4a8500d3f19bdb9a1cbac1539682e64d3c0b6af8092d7879082de0461a531249ac7f338fe7ba249bcfa22f31cb7ba0e7dd7360ce9d7a83c58687c349b72b43205606635d9c1a9de837b2416eb5be386231e8a7935b88daf51d57bda2dd0b85f9983023558588b31762b916604716712e4107b2c06d07a8c8e63224dd7791cdda983025001e98bae1cbefa2429d597b3084e062ddf64b336a32476f1552df667a1418408d4a409491320bffefd250afadd49d23e1675972abb6bf8f73b8eb7578d567680913aa37804b1bc8d46b1b15425beba2137f1bf523714e9d9438f77185a0ab61f0db12e4edb8a4d2b2bd635c2aa25dccdeeaae783eb3f682ef9e0eaca9347b8ee38a913b21c01a0aef9664752736cca2fbcda9713b64011958ad60d13b39f4856f7e1e62847a62f3f8ce71839848aaad5fa2546a39b6af3e7776df249fd65992701ea1ba0a92de0b5e4ce30f24941707103d09447d8dc6e227ecf93f44b06644ff110342848ae9b32f83dbc73448ec338b04691596ffb19832c4359c2e54a045e9d73cb68c0150c4035d5f9b0a0f982fccdd999c481656dc850163887223cdfa992e5041297d01d1a3695bb2cbb21cf0769622c644e08557e0dd4bd1294ee0df8d04628ebbdfc7150ba11e1bcc0f735f366f8bd7fb25154eb431964a411af04b10fce6702ca7c6804fe03c1d3f42791146792431d31a27be97e3c662f76228c13763047a2bc5f01fb4fddc20b44af75149a56f6fe701189f1d1a471dba68482fe3d3bbe1c3980c22d28c5d10046ed9dd35b8a9d9fead9e75ed1e24e107d9c8c27c9db7e2660678b828b3a6c41d4c0da7fffb898fcac01e7aa28ac57e49b994eb08bc089351284f2a88bac3467b502b5e5e1c997c4aa27b3fdd82a61563a38c7c1b352904e5391ef363be752d6991b57ee3545b024d03d4aa8b3e908ff11072f5bbd76b81d40a67c5923349c5ba6adb61461209455e813ab4bebeef455afbd562760f493a390df6f5af075e7a2230f1b13c84bd3b74fe04949cad6ef8a40c34836ddf1a7da3dac767ec1dbcd6cf318dce415c3050b27416ebd31f46a6214793066b970db563df0a1790e883644794861a3880d5a030eb4573c8a06344f61ba30074f3dcefaaf2c9ecfa382f8969961a6baf0fd8df531235905bca0de2c0bfd0dab8489d979293705133406a4f8365a6a7bd2b15f6a66c8958462750500898caf1228136bb5fe4cafe1106ffeca5165c90b8a23d44076241a7c7e99c0e706fd58acc6c8f1de6ada663fe5f163e6e1e40ec1e7faf62cb9477866a32d304f3c334359d851e65a51b1f32e77e3dc51418279322b51be90faafc9fa29b728e8610afca8259549dd048446a488a76139e472f6066ef14d039ea9639b9d4a37ccec276db88793b494cd5b217e1fc3879084c2bf161077b6293fab74c794f963f0a9d2c16fc91ad69ddc445ba452ed212684e38199c9e5d5295f936faf4ecb9acb33874131eab1f918ff8004114e6bc3f54796ae96ff0dbd804c0418e2e807260a469e12b68857ff5872992858087e73d2549d12743dc7a70a1ca520834f9b361b1bc36de0ab19541cca67c4e56125804ab0fea149691e11dbc6873e8086824ba54fd364064748400dc038514242509a07d4a4d1b3376467dcb8523837223401e0826e0cd89d6521569444c904a0106e051016b24311714d925b395c1bdbcec877eb8f3204f3b587d115ec5754a65d1fdeea17efdd71bc5af304b7811fcee9fe9c72ab34aa59ff40a0948ddf9e82f020d1e84315a3fe37b884d21703d46827c39897b31e7c8dc894f7cfbb0598fb3154099d5fe723905e70beb0878f46934742d0e4da0be18d5d896509ceee5f24356ebdda4e9a097cbe6848f849c9cfe83df503b98fcd8b88a7e8fb2dc282d9bdb6741a232382287a8e632699e057594d73e1884c8503cbe5181ee4fabd1f2f0b86dfb0647c66f6ee051c62d021a44eec9675e204e005f1873819c1086557e1037e18e407f58e5403d53d71311a3e0ee3207da504e24f553d10dd9013bd656d3ec72d373aede9de89fdd0871e2ac92c79a611f792c029db567d264cdf0b1a6c8bda9919ddb49bbc27c7f5fef52f69d6ee674425dc42c4b6a5639bc4ce6af7671031d0e081806d1ba54f2bf9e80df383ccb33f5d042b9deef4e5910936c5467ab84479041b10e64ace4b598ea698b52e502319b6139a080cb9d93b7442f72b18eef5802643dae179d2da60270f6c698caa5c015ae54807229d305235a41ac8e89270cd79c678a6dd023fd027a7a28917d220a61eede4924c42502b3f6bf485aa466e99656bcd1eccb1ba427d786a6d6dfba6521237a5ae50a7e81e1ce2d533f2b9af8cbc78b37705ff45b865c5214740e92a895e8319ac17ac032db00b5973478c56f3d24217568d1de41afa363440b50975e248fba7cd95f7dd199aeee30f2b51faf0c1f6340a92fa6759edd41e8ba0efd67fe8ed41bbe20567d5b6374672ab27886e19caadf6fb1a0d3f531707a2199b1211534e8d580b81c6a6bf3eb11194943ab95073b76fae604178ed4292e1214980bc64944d15d9ff561c6e7bfded5c8b6f0203cd037879c913cd402cc416fa02ec91f2d278853b79137bf5b5ef0bec7cca2eea9efbeb055a55b5254da8ee30105609652de5f533a697369fe3ac3b84482729437ed40823aab30edcc7fb3b19f1883f7e4077aeac2a3a204b4c67ca91a269642c61d2af2b0e10301665aba41b30afb3454c463e00ace740e62848fa04f65e44ac81054226a50f2ac79063b3c0bb6edf3f5746e23ca63bc915b855644b3ce82546c5619ebb9b1440eabb9331fbc2c6dcf5a2fb2692ca132861522b008e1f07bb87de7b96bfb843d907d1765456cca42d73fb1903330cf89d53107d74e0e0c84a4c40386be208524dc5e907dd8b3ba6324b109c93c52b878d58f85dff6cfbe29999192f0a3da1f554119ee5d3dbc4d095de4692b91ddc64d79bab232b272bd2cd13723f942a8ba40c6402a973d7a0bc2733153beadfebeb5fecea9322a774895a2476132fc47eff25dc3899da8ba862dd3dde86e1c1fde62851d3f313290e71af825821f181878a622fb8b5f374eea4c4497568f44d5c6146d5312d94378cfe2979bef22341407c0fe889b25fcd259c7c319114528477d04e95bc160dfa2e55d44b0c761293f7e8b9417f25c25ff28efb5dec74b245a4b93022c0ee85ebaa4e8255a81a0125d78379ee829a6beab9a9653ea08b9342c2e5f3e56144bde1acbf766f8a52a6201726f3d48851327d55c31145f30ecd63c022ec3ca8f9332f852b68287f1b2f8d2d8474617684feee437bcb87dbd41210a576ac8c571190fa6332e95f8c3d8ed42b1cb8efa24d3dc6393d261ba0cb4a15f031644b15133e0812590c9bea84ea4a2163d9a27eccb46c2731eeee728bec2f1a9a6ea1da25f566fbab65ab4056ffaad4ca265415eaed1516a06481fbde5d6a94037f181fc3a26f3f1c8e6245606e4ea21186937d1f5da58d9563565fb325cad9771cf294c437a8f44ee0fb069938fd3886ad1690f72ffe836dd314c2bb223cce173405a84ab765c956bb5c2f9c9fc156d5d096ce650ab59a5e93cf9be71bad0d1869a1367d9f6248fd56e744e2b23951ecad8449140479508cfeceb56c8f4d5ce03cab29ec9d6f667b0ad7a691ca6878000da8cfdaf4f5f562210a24a6adf9a155e6c78d77131ef5fe02aa037194ca537f7e7d02ac675d9f91a6e5798f709acdc870c96c172e1e8f838966530cad53683ef64d53f39e79ae44a41d387e4a16d1afbbd1ff7e39b04ec1ca071e7cc98d246fac0d86ae01ba369089ac3dfa73dc0fac66d278401119e8e3b3d7c08f08e80fa16781c1929a422b674fa49d2f40593a02fd7126a0c7d22fe8bad96a8e78a4cafe53558b6f50df0ad18bbe81e75a35e360d78109a3213d7032f02c36b33ca9c73147edbb9cbea5098da030c524e9fb239caa01c3639d96b4c4d851c2bf295b2a1d00f254964ac4ffc52ee7fb9667290aa082699a560e33ce24d70b44c80086351522bcd0ec4b8ffe62d8f64b59d76e21a923ce9655c59f4378b7c92525cb847d1b446961f961ccc75b3ca33596b356b04765dfc2c08d141c1600303820af88c0c09df81a9f9584e1a0c87d7420706d76547b9f46862324a5166d2438670b779b45113155fe6c7c2b1a49a5dc318c6e04d0fb041e17a864ed20f015e9cbcf9ef9c89b091fb6074b560eff54a20ba5f91a73ec7d95ff9aad9b38023a29887961bc13a47c3edb0cef031dd72c6556be933f38a02e7a81d54b8a707dcc1481922f000ab4ec6bf6b938ded4b3ec0a941ed1ac464966b05e0bfdc297efe59133738c0da92f272121082b2c171a3705e78a02d3470f94b78b3e3f12dfc0348133939fafb7b71260c95591a1a13999c66605ce9d6a1bcb06875115e5b9bf0892ea1a2e43f23ff133a10b60fdd74853b041d3d99ce6bd7ae7005baac91e438086e7d005435dcbaef4c739dda01be4b69dc76d0b69fc6bc6e4b80efbffeb776f0f3f89e86e83fc4b793b7b1886c62191cae561adcd810d9ea9681d627a2ec44c1770fbe0ee824efeb0857448f593066aa45a659c67699208214ed497cedf755260505f0d3810c13f71347949f140563bb8739e4b1077e5a4fa778b5bb0ce25f5a92ee4e302eb4527dc7c3c0cdc141dbbc6885ea2db67dc2d2d7d0fa11c91ab747c137c2d7214c80af94ba03764123b8d14d18cae8e0b1b56c8e8f43713e6f184c67d8c5400269c9b04076a49119e9e411cdc6977ff8638c0b58207c5c492cd6f4d0310cdffe557d667c52d5aa286ea842d7be63dcaedf30255d138bf24d6290a13d99dfef69dd9111131c55a6ff8053e17ee10daa6c5c7660402fa07027726287f9d4da3218cb93cb230470c5ed8e2c3c8e7adab91915293a03edabf913e8f47b7966adfc811eb6e970a34e5beb7d2fae3cac7ac28536210be3e99915ef6c43f8b54e3265c0561aca7b6d2b538965dea73d1bdd562b3b007c594581e5f5f658ea3c4ea399121a93aa366f3b776fa740126369de9b4feef643e84e0292ccd2a06869527576a7771fce335c866af1be64e80210d96a05e915e0a94f83c6f674d64158e3348c232875931d5d7f855ea1356db8411cb8da155171dd953f5b98e6bb2c3ae0b6982b473a4b66fbbe69a787fd8036bd4bd14494c083473c3f0f1926b7bb7a108f4e7fa1514245efc65d63e0d2ff29ddb70450632919c5070d83a302d8672aa8dc0915dd7283059949ca83b11ed8f856ceb0e3d58bfc403452dc61de074ade215f09dd1838535ab9ed897d99140888b7007c6858cd26ff3b4fe03013858e2b3d00a0af40156d7f71c39ac42ad6106f8604c23c8cb4664b6b2d2a0af056c29fcb92c595efe294341addfe581f130740572b8ba9ec052a2c0c96ee63b468b7122168c6c02fca0e9b3cdd6bc3238cf61ec328fc1fc80924ab7cd9746246e469edf2f45a7619d039284ddea7dc6a206d8b3d944c0a7d782d0bd3088c67ae0bc85c06713b6d2c8319359e5300ad749313b2150e7d15fe2a121c610d77845ecfbeb809947d1dc534554d5aa28022d")
read$auto_dev_fops_plock(0xffffffffffffffff, &(0x7f0000001380)=""/76, 0x4c)

0s ago: executing program 1 (id=1393):
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)

kernel console output (not intermixed with test programs):

9348]  io_alloc_cache_init+0x38/0x170
[  240.124909][ T9348]  io_uring_setup.cold+0x3cd/0x1d09
[  240.124940][ T9348]  ? __pfx_io_uring_setup+0x10/0x10
[  240.124957][ T9348]  ? do_futex+0x192/0x350
[  240.124976][ T9348]  ? __pfx_do_futex+0x10/0x10
[  240.125002][ T9348]  ? xfd_validate_state+0x129/0x190
[  240.125026][ T9348]  __x64_sys_io_uring_setup+0xc2/0x170
[  240.125043][ T9348]  do_syscall_64+0x106/0xf80
[  240.125060][ T9348]  ? clear_bhb_loop+0x40/0x90
[  240.125077][ T9348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.125092][ T9348] RIP: 0033:0x7f05c9d9c799
[  240.125104][ T9348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  240.125117][ T9348] RSP: 002b:00007f05cac7c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  240.125131][ T9348] RAX: ffffffffffffffda RBX: 00007f05ca015fa0 RCX: 00007f05c9d9c799
[  240.125141][ T9348] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000001d48
[  240.125149][ T9348] RBP: 00007f05c9e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  240.125157][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.125165][ T9348] R13: 00007f05ca016038 R14: 00007f05ca015fa0 R15: 00007ffd912fd768
[  240.125183][ T9348]  </TASK>
[  242.210043][ T9430] futex_wake_op: syz.0.704 tries to shift op by -2048; fix this program
[  242.503709][ T5827] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  244.272614][ T9495] sd 0:0:1:0: PR command failed: 1026
[  244.335301][ T9497] netlink: 4 bytes leftover after parsing attributes in process `syz.1.715'.
[  244.375501][ T9495] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  244.413080][ T9495] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  244.455552][ T9497] loop6: detected capacity change from 0 to 8192
[  244.512600][ T9495] FAULT_INJECTION: forcing a failure.
[  244.512600][ T9495] name failslab, interval 1, probability 0, space 0, times 0
[  244.585499][ T9495] CPU: 0 UID: 0 PID: 9495 Comm: syz.1.715 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  244.585526][ T9495] Tainted: [L]=SOFTLOCKUP
[  244.585531][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  244.585545][ T9495] Call Trace:
[  244.585551][ T9495]  <TASK>
[  244.585559][ T9495]  dump_stack_lvl+0x100/0x190
[  244.585593][ T9495]  should_fail_ex.cold+0x5/0xa
[  244.585612][ T9495]  should_failslab+0xc2/0x120
[  244.585627][ T9495]  __kmalloc_cache_noprof+0x7a/0x6f0
[  244.585647][ T9495]  ? call_usermodehelper_setup+0xaf/0x360
[  244.585672][ T9495]  ? __pfx_free_modprobe_argv+0x10/0x10
[  244.585694][ T9495]  call_usermodehelper_setup+0xaf/0x360
[  244.585719][ T9495]  __request_module+0x3c7/0x6c0
[  244.585739][ T9495]  ? __pfx___request_module+0x10/0x10
[  244.585766][ T9495]  ? find_held_lock+0x2b/0x80
[  244.585779][ T9495]  ? inet_create+0xa72/0x1060
[  244.585805][ T9495]  inet_create+0xd45/0x1060
[  244.585826][ T9495]  ? inet_create+0x94/0x1060
[  244.585850][ T9495]  __sock_create+0x339/0x860
[  244.585876][ T9495]  __sys_socket+0x14d/0x260
[  244.585898][ T9495]  ? __pfx___sys_socket+0x10/0x10
[  244.585925][ T9495]  __x64_sys_socket+0x72/0xb0
[  244.585946][ T9495]  ? lockdep_hardirqs_on+0x78/0x100
[  244.585963][ T9495]  do_syscall_64+0x106/0xf80
[  244.585979][ T9495]  ? clear_bhb_loop+0x40/0x90
[  244.585996][ T9495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.586011][ T9495] RIP: 0033:0x7f05c9d9c799
[  244.586025][ T9495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  244.586038][ T9495] RSP: 002b:00007f05cac7c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  244.586056][ T9495] RAX: ffffffffffffffda RBX: 00007f05ca015fa0 RCX: 00007f05c9d9c799
[  244.586067][ T9495] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002
[  244.586075][ T9495] RBP: 00007f05c9e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  244.586084][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  244.586093][ T9495] R13: 00007f05ca016038 R14: 00007f05ca015fa0 R15: 00007ffd912fd768
[  244.586112][ T9495]  </TASK>
[  246.595015][ T9505] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  246.919249][ T9518] netlink: 16 bytes leftover after parsing attributes in process `syz.1.721'.
[  246.982078][ T9521] netlink: 16 bytes leftover after parsing attributes in process `syz.1.721'.
[  247.858607][ T9541] NFSD: Failed to start, no listeners configured.
[  247.914717][ T9542] nvme_fcloop: unknown parameter or missing value '7'
[  249.978163][ T9565] netlink: 342 bytes leftover after parsing attributes in process `syz.1.735'.
[  249.998622][ T9572] netlink: 'syz.2.738': attribute type 10 has an invalid length.
[  250.034898][ T9572] netlink: 330 bytes leftover after parsing attributes in process `syz.2.738'.
[  250.999823][ T9599] mmap: syz.1.743 (9599) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  252.924209][ T9608] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  253.279482][ T9619] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  253.304852][ T9619] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  253.340190][ T9619] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  253.359170][ T9619] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  253.566174][ T9641] netlink: 302 bytes leftover after parsing attributes in process `syz.2.753'.
[  255.168072][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout
[  255.326959][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  255.406979][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  255.413026][ T5827] Bluetooth: hci3: command 0x0c1a tx timeout
[  255.620033][ T9668] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  255.730591][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.737034][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.082880][ T9703] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  257.064835][ T9736] NFSD: Failed to start, no listeners configured.
[  257.698057][ T9746] netlink: 12 bytes leftover after parsing attributes in process `syz.1.774'.
[  257.757075][ T9746] unsupported nlmsg_type 40
[  261.154487][ T9814] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub
[  262.804145][ T5831] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  262.815912][ T5831] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  262.824076][ T5831] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  262.834057][ T5831] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  262.845524][ T5831] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  263.479865][ T9844] chnl_net:caif_netlink_parms(): no params data found
[  263.756105][ T9844] bridge0: port 1(bridge_slave_0) entered blocking state
[  263.795875][ T9844] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.831576][ T9844] bridge_slave_0: entered allmulticast mode
[  263.855689][ T9844] bridge_slave_0: entered promiscuous mode
[  263.910728][ T9844] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.931867][ T9842] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  263.951152][ T9844] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.990809][ T9844] bridge_slave_1: entered allmulticast mode
[  264.009739][ T9866] netlink: 'syz.1.802': attribute type 1 has an invalid length.
[  264.036965][ T9844] bridge_slave_1: entered promiscuous mode
[  264.150420][ T9844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.514294][ T9844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.926834][ T5827] Bluetooth: hci4: command tx timeout
[  265.341050][ T9844] team0: Port device team_slave_0 added
[  265.377587][ T9844] team0: Port device team_slave_1 added
[  265.491837][ T9844] batman_adv: batadv0: Adding interface: batadv_slave_0
[  265.528094][ T9844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  265.640463][ T9844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  265.690636][ T9844] batman_adv: batadv0: Adding interface: batadv_slave_1
[  265.725002][ T9844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  265.820076][ T9844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  266.112340][ T9844] hsr_slave_0: entered promiscuous mode
[  266.160120][ T9844] hsr_slave_1: entered promiscuous mode
[  266.207260][ T9844] debugfs: 'hsr0' already exists in 'hsr'
[  266.243806][ T9844] Cannot create hsr debugfs directory
[  266.457875][ T9895] sd 0:0:1:0: PR command failed: 1026
[  266.463294][ T9895] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  266.556859][ T9895] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  267.008186][ T5827] Bluetooth: hci4: command tx timeout
[  267.489919][ T9844] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  267.625407][ T9844] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  267.734807][ T9241] syz.3.677 (9241) used greatest stack depth: 18552 bytes left
[  267.821646][ T9844] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  267.938241][ T9844] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  268.173035][ T9921] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input12
[  268.815767][ T9444] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.087067][ T5827] Bluetooth: hci4: command tx timeout
[  269.198161][ T9444] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.313051][ T9844] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.491298][ T9444] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.638847][ T9844] 8021q: adding VLAN 0 to HW filter on device team0
[  269.699291][ T9444] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.807152][ T9442] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.814337][ T9442] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.081025][ T9442] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.088276][ T9442] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.880430][ T9444] gretap0: left allmulticast mode
[  270.885706][ T9444] gretap0: left promiscuous mode
[  270.945572][ T9444] bridge0: port 3(gretap0) entered disabled state
[  271.034763][ T9444] bridge_slave_1: left allmulticast mode
[  271.090821][ T9444] bridge_slave_1: left promiscuous mode
[  271.139200][ T9444] bridge0: port 2(bridge_slave_1) entered disabled state
[  271.174353][ T5827] Bluetooth: hci4: command tx timeout
[  271.184360][ T9444] bridge_slave_0: left allmulticast mode
[  271.216484][ T9444] bridge_slave_0: left promiscuous mode
[  271.254912][ T9444] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.790815][ T9444] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  271.827969][ T9444] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  271.870166][ T9444] bond0 (unregistering): Released all slaves
[  272.490552][ T9844] 8021q: adding VLAN 0 to HW filter on device batadv0
[  272.928315][ T9444] hsr_slave_0: left promiscuous mode
[  272.985452][ T9444] hsr_slave_1: left promiscuous mode
[  273.060352][ T9444] veth1_macvtap: left promiscuous mode
[  273.085269][ T9444] veth0_macvtap: left promiscuous mode
[  273.119498][ T9444] veth1_vlan: left promiscuous mode
[  273.150409][ T9444] veth0_vlan: left promiscuous mode
[  273.508563][ T5827] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  273.833691][ T9444] team0 (unregistering): Port device team_slave_1 removed
[  273.872667][ T9444] team0 (unregistering): Port device team_slave_0 removed
[  274.654665][ T9844] veth0_vlan: entered promiscuous mode
[  274.749123][ T9844] veth1_vlan: entered promiscuous mode
[  274.884991][ T9844] veth0_macvtap: entered promiscuous mode
[  274.945672][ T9844] veth1_macvtap: entered promiscuous mode
[  275.042016][ T9844] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.108867][ T9844] batman_adv: batadv0: Interface activated: batadv_slave_1
[  275.200465][ T9444] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  275.261262][ T9444] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  275.306699][ T9444] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  275.366401][T10057] netlink: 20 bytes leftover after parsing attributes in process `syz.1.826'.
[  275.691914][ T9444] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.299223][T10042] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  276.420627][ T9444] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.475140][ T9444] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.636831][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.677773][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.696961][T10135] FAULT_INJECTION: forcing a failure.
[  278.696961][T10135] name failslab, interval 1, probability 0, space 0, times 0
[  278.849545][T10135] CPU: 0 UID: 0 PID: 10135 Comm: syz.1.836 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  278.849572][T10135] Tainted: [L]=SOFTLOCKUP
[  278.849578][T10135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  278.849587][T10135] Call Trace:
[  278.849592][T10135]  <TASK>
[  278.849598][T10135]  dump_stack_lvl+0x100/0x190
[  278.849626][T10135]  should_fail_ex.cold+0x5/0xa
[  278.849644][T10135]  ? __register_sysctl_table+0xac/0x1650
[  278.849667][T10135]  should_failslab+0xc2/0x120
[  278.849682][T10135]  __kmalloc_noprof+0xe0/0x850
[  278.849707][T10135]  __register_sysctl_table+0xac/0x1650
[  278.849730][T10135]  ? is_module_address+0x5f/0xf0
[  278.849751][T10135]  ? __pfx___register_sysctl_table+0x10/0x10
[  278.849773][T10135]  ? is_module_address+0x69/0xf0
[  278.849790][T10135]  ? register_net_sysctl_sz+0x222/0x430
[  278.849811][T10135]  ? __asan_memcpy+0x3c/0x60
[  278.849832][T10135]  devinet_init_net+0x369/0x8d0
[  278.849854][T10135]  ? __pfx_devinet_init_net+0x10/0x10
[  278.849872][T10135]  ops_init+0x1e2/0x5f0
[  278.849893][T10135]  setup_net+0x118/0x3a0
[  278.849912][T10135]  ? __pfx_setup_net+0x10/0x10
[  278.849929][T10135]  ? lockdep_init_map_type+0x5c/0x250
[  278.849949][T10135]  ? mutex_init_lockep+0x110/0x150
[  278.849972][T10135]  copy_net_ns+0x46f/0x7c0
[  278.849993][T10135]  create_new_namespaces+0x3ea/0xac0
[  278.850013][T10135]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  278.850030][T10135]  ksys_unshare+0x473/0xad0
[  278.850049][T10135]  ? __pfx_ksys_unshare+0x10/0x10
[  278.850074][T10135]  __x64_sys_unshare+0x31/0x40
[  278.850091][T10135]  do_syscall_64+0x106/0xf80
[  278.850108][T10135]  ? clear_bhb_loop+0x40/0x90
[  278.850125][T10135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.850140][T10135] RIP: 0033:0x7f05c9d9c799
[  278.850153][T10135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  278.850167][T10135] RSP: 002b:00007f05cac5b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  278.850181][T10135] RAX: ffffffffffffffda RBX: 00007f05ca016090 RCX: 00007f05c9d9c799
[  278.850191][T10135] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  278.850199][T10135] RBP: 00007f05c9e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  278.850208][T10135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  278.850216][T10135] R13: 00007f05ca016128 R14: 00007f05ca016090 R15: 00007ffd912fd768
[  278.850235][T10135]  </TASK>
[  280.128584][T10171] sd 0:0:1:0: PR command failed: 1026
[  280.176781][T10171] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  280.230367][T10171] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  280.329997][T10174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.842'.
[  280.397854][T10171] FAULT_INJECTION: forcing a failure.
[  280.397854][T10171] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.487027][T10176] block nbd8: shutting down sockets
[  280.528622][T10171] CPU: 0 UID: 0 PID: 10171 Comm: syz.0.842 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  280.528649][T10171] Tainted: [L]=SOFTLOCKUP
[  280.528655][T10171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  280.528664][T10171] Call Trace:
[  280.528669][T10171]  <TASK>
[  280.528675][T10171]  dump_stack_lvl+0x100/0x190
[  280.528703][T10171]  should_fail_ex.cold+0x5/0xa
[  280.528721][T10171]  strncpy_from_user+0x3b/0x2d0
[  280.528746][T10171]  do_getname+0x78/0x390
[  280.528767][T10171]  do_sys_openat2+0xc5/0x1e0
[  280.528786][T10171]  ? __pfx_do_sys_openat2+0x10/0x10
[  280.528805][T10171]  ? __x64_sys_close_range+0x2d9/0x5d0
[  280.528825][T10171]  __x64_sys_openat+0x12d/0x210
[  280.528844][T10171]  ? __pfx___x64_sys_openat+0x10/0x10
[  280.528870][T10171]  do_syscall_64+0x106/0xf80
[  280.528886][T10171]  ? clear_bhb_loop+0x40/0x90
[  280.528904][T10171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.528918][T10171] RIP: 0033:0x7f934d59c799
[  280.528931][T10171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  280.528945][T10171] RSP: 002b:00007f934e3d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  280.528959][T10171] RAX: ffffffffffffffda RBX: 00007f934d815fa0 RCX: 00007f934d59c799
[  280.528969][T10171] RDX: 000000000014fa02 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  280.528978][T10171] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  280.528986][T10171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  280.528995][T10171] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  280.529014][T10171]  </TASK>
[  280.529464][T10179] netlink: 28 bytes leftover after parsing attributes in process `syz.4.844'.
[  281.548650][T10179] FAULT_INJECTION: forcing a failure.
[  281.548650][T10179] name failslab, interval 1, probability 0, space 0, times 0
[  281.568966][T10215] netlink: 28 bytes leftover after parsing attributes in process `syz.2.851'.
[  281.600687][T10212] netlink: 28 bytes leftover after parsing attributes in process `syz.2.851'.
[  281.620830][T10214] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub
[  281.636837][T10179] CPU: 0 UID: 0 PID: 10179 Comm: syz.4.844 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  281.636864][T10179] Tainted: [L]=SOFTLOCKUP
[  281.636869][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  281.636878][T10179] Call Trace:
[  281.636884][T10179]  <TASK>
[  281.636890][T10179]  dump_stack_lvl+0x100/0x190
[  281.636916][T10179]  should_fail_ex.cold+0x5/0xa
[  281.636950][T10179]  should_failslab+0xc2/0x120
[  281.636967][T10179]  __kmalloc_cache_noprof+0x7a/0x6f0
[  281.636986][T10179]  ? nsim_fib_event_nb+0x1a8/0xe40
[  281.637012][T10179]  nsim_fib_event_nb+0x1a8/0xe40
[  281.637036][T10179]  notifier_call_chain+0x99/0x420
[  281.637060][T10179]  atomic_notifier_call_chain+0x71/0x1c0
[  281.637080][T10179]  call_fib_notifiers+0x33/0x70
[  281.637105][T10179]  fib_notify_alias_delete+0x2b6/0x390
[  281.637124][T10179]  ? __pfx_fib_notify_alias_delete+0x10/0x10
[  281.637145][T10179]  ? lockdep_rtnl_is_held+0x26/0x40
[  281.637168][T10179]  ? fib_find_node+0x209/0x280
[  281.637181][T10179]  ? fib_find_alias+0x1f7/0x260
[  281.637206][T10179]  fib_table_delete+0x5b8/0x8e0
[  281.637228][T10179]  ? __pfx_fib_table_delete+0x10/0x10
[  281.637243][T10179]  ? find_held_lock+0x2b/0x80
[  281.637256][T10179]  ? fib_magic+0x1a7/0x5c0
[  281.637272][T10179]  ? fib_magic+0x1a7/0x5c0
[  281.637289][T10179]  ? fib_new_table+0xff/0x3e0
[  281.637308][T10179]  fib_magic+0x362/0x5c0
[  281.637327][T10179]  ? __pfx_fib_magic+0x10/0x10
[  281.637360][T10179]  fib_del_ifaddr+0xcdf/0x14d0
[  281.637382][T10179]  ? inetaddr_event+0xf3/0x150
[  281.637397][T10179]  ? __pfx_inetaddr_event+0x10/0x10
[  281.637413][T10179]  fib_inetaddr_event+0xb9/0x270
[  281.637435][T10179]  notifier_call_chain+0x99/0x420
[  281.637457][T10179]  blocking_notifier_call_chain+0x69/0xa0
[  281.637477][T10179]  __inet_del_ifa+0x3df/0xf40
[  281.637503][T10179]  inetdev_event+0x3e1/0x17f0
[  281.637523][T10179]  ? ib_netdevice_event+0xfc/0x330
[  281.637541][T10179]  ? __pfx_inetdev_event+0x10/0x10
[  281.637561][T10179]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  281.637587][T10179]  notifier_call_chain+0x99/0x420
[  281.637609][T10179]  call_netdevice_notifiers_info+0xbe/0x110
[  281.637633][T10179]  unregister_netdevice_many_notify+0x1208/0x2580
[  281.637660][T10179]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  281.637680][T10179]  ? unregister_netdevice_queue+0x22e/0x3c0
[  281.637699][T10179]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  281.637728][T10179]  rtnl_dellink+0x472/0xb40
[  281.637745][T10179]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  281.637762][T10179]  ? kasan_save_track+0x14/0x30
[  281.637783][T10179]  ? kasan_save_free_info+0x3b/0x70
[  281.637800][T10179]  ? __kasan_slab_free+0x5f/0x80
[  281.637821][T10179]  ? __pfx_rtnl_dellink+0x10/0x10
[  281.637840][T10179]  ? nlmon_xmit+0xa5/0xe0
[  281.637855][T10179]  ? dev_hard_start_xmit+0x121/0x7d0
[  281.637876][T10179]  ? __dev_queue_xmit+0x32c1/0x4800
[  281.637898][T10179]  ? netlink_sendmsg+0x8b0/0xda0
[  281.637916][T10179]  ? ____sys_sendmsg+0xa54/0xc30
[  281.637969][T10179]  ? __lock_acquire+0x4a5/0x2630
[  281.637989][T10179]  ? find_held_lock+0x2b/0x80
[  281.638009][T10179]  ? find_held_lock+0x2b/0x80
[  281.638021][T10179]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  281.638038][T10179]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  281.638056][T10179]  ? __pfx_rtnl_dellink+0x10/0x10
[  281.638072][T10179]  rtnetlink_rcv_msg+0x95e/0xe90
[  281.638092][T10179]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  281.638126][T10179]  ? ref_tracker_free+0x37e/0x6c0
[  281.638144][T10179]  netlink_rcv_skb+0x159/0x420
[  281.638163][T10179]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  281.638182][T10179]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  281.638207][T10179]  ? netlink_deliver_tap+0x1ae/0xcc0
[  281.638229][T10179]  netlink_unicast+0x5aa/0x870
[  281.638250][T10179]  ? __pfx_netlink_unicast+0x10/0x10
[  281.638276][T10179]  netlink_sendmsg+0x8b0/0xda0
[  281.638298][T10179]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.638315][T10179]  ? __import_iovec+0x1d2/0x640
[  281.638331][T10179]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  281.638354][T10179]  ____sys_sendmsg+0xa54/0xc30
[  281.638377][T10179]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.638400][T10179]  ? try_to_wake_up+0x644/0x1a80
[  281.638419][T10179]  ___sys_sendmsg+0x190/0x1e0
[  281.638442][T10179]  ? __pfx____sys_sendmsg+0x10/0x10
[  281.638463][T10179]  ? futex_private_hash_put+0x107/0x1c0
[  281.638503][T10179]  __sys_sendmsg+0x170/0x220
[  281.638520][T10179]  ? __pfx___sys_sendmsg+0x10/0x10
[  281.638537][T10179]  ? __x64_sys_futex+0x34f/0x4d0
[  281.638566][T10179]  do_syscall_64+0x106/0xf80
[  281.638587][T10179]  ? clear_bhb_loop+0x40/0x90
[  281.638605][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.638620][T10179] RIP: 0033:0x7fabc919c799
[  281.638635][T10179] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  281.638648][T10179] RSP: 002b:00007fabca0dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.638662][T10179] RAX: ffffffffffffffda RBX: 00007fabc9415fa0 RCX: 00007fabc919c799
[  281.638672][T10179] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000009
[  281.638680][T10179] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  281.638689][T10179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.638697][T10179] R13: 00007fabc9416038 R14: 00007fabc9415fa0 R15: 00007ffc15dc3b28
[  281.638716][T10179]  </TASK>
[  283.285798][T10219] FAULT_INJECTION: forcing a failure.
[  283.285798][T10219] name failslab, interval 1, probability 0, space 0, times 0
[  283.391538][T10219] CPU: 0 UID: 0 PID: 10219 Comm: syz.0.852 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  283.391565][T10219] Tainted: [L]=SOFTLOCKUP
[  283.391570][T10219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  283.391579][T10219] Call Trace:
[  283.391586][T10219]  <TASK>
[  283.391592][T10219]  dump_stack_lvl+0x100/0x190
[  283.391619][T10219]  should_fail_ex.cold+0x5/0xa
[  283.391637][T10219]  ? __netlink_kernel_create+0x181/0x750
[  283.391656][T10219]  should_failslab+0xc2/0x120
[  283.391672][T10219]  __kmalloc_noprof+0xe0/0x850
[  283.391698][T10219]  __netlink_kernel_create+0x181/0x750
[  283.391718][T10219]  ? __pfx___netlink_kernel_create+0x10/0x10
[  283.391744][T10219]  fib_net_init+0x26d/0x3f0
[  283.391761][T10219]  ? is_module_address+0x69/0xf0
[  283.391779][T10219]  ? __pfx_fib_net_init+0x10/0x10
[  283.391797][T10219]  ? timer_init_key+0x150/0x340
[  283.391821][T10219]  ? __pfx_nl_fib_input+0x10/0x10
[  283.391842][T10219]  ? devinet_init_net+0x56c/0x8d0
[  283.391864][T10219]  ? __pfx_fib_net_init+0x10/0x10
[  283.391881][T10219]  ops_init+0x1e2/0x5f0
[  283.391902][T10219]  setup_net+0x118/0x3a0
[  283.391920][T10219]  ? __pfx_setup_net+0x10/0x10
[  283.391937][T10219]  ? lockdep_init_map_type+0x5c/0x250
[  283.391956][T10219]  ? mutex_init_lockep+0x110/0x150
[  283.391978][T10219]  copy_net_ns+0x46f/0x7c0
[  283.391999][T10219]  create_new_namespaces+0x3ea/0xac0
[  283.392053][T10219]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  283.392072][T10219]  ksys_unshare+0x473/0xad0
[  283.392093][T10219]  ? __pfx_ksys_unshare+0x10/0x10
[  283.392119][T10219]  __x64_sys_unshare+0x31/0x40
[  283.392141][T10219]  do_syscall_64+0x106/0xf80
[  283.392158][T10219]  ? clear_bhb_loop+0x40/0x90
[  283.392175][T10219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.392191][T10219] RIP: 0033:0x7f934d59c799
[  283.392205][T10219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  283.392218][T10219] RSP: 002b:00007f934e3b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  283.392233][T10219] RAX: ffffffffffffffda RBX: 00007f934d816090 RCX: 00007f934d59c799
[  283.392242][T10219] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  283.392251][T10219] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  283.392259][T10219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  283.392268][T10219] R13: 00007f934d816128 R14: 00007f934d816090 R15: 00007ffdad62f238
[  283.392287][T10219]  </TASK>
[  283.689647][T10229] sd 0:0:1:0: PR command failed: 1026
[  283.695129][T10229] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  283.702582][T10229] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  283.713570][T10229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.854'.
[  283.724527][T10229] FAULT_INJECTION: forcing a failure.
[  283.724527][T10229] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.737737][T10229] CPU: 0 UID: 0 PID: 10229 Comm: syz.4.854 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  283.737764][T10229] Tainted: [L]=SOFTLOCKUP
[  283.737769][T10229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  283.737778][T10229] Call Trace:
[  283.737784][T10229]  <TASK>
[  283.737790][T10229]  dump_stack_lvl+0x100/0x190
[  283.737817][T10229]  should_fail_ex.cold+0x5/0xa
[  283.737836][T10229]  strncpy_from_user+0x3b/0x2d0
[  283.737862][T10229]  do_getname+0x78/0x390
[  283.737882][T10229]  do_sys_openat2+0xc5/0x1e0
[  283.737901][T10229]  ? __pfx_do_sys_openat2+0x10/0x10
[  283.737922][T10229]  ? __x64_sys_close_range+0x2d9/0x5d0
[  283.737942][T10229]  __x64_sys_openat+0x12d/0x210
[  283.737961][T10229]  ? __pfx___x64_sys_openat+0x10/0x10
[  283.737993][T10229]  do_syscall_64+0x106/0xf80
[  283.738011][T10229]  ? clear_bhb_loop+0x40/0x90
[  283.738030][T10229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.738046][T10229] RIP: 0033:0x7fabc919c799
[  283.738059][T10229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  283.738074][T10229] RSP: 002b:00007fabca0dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  283.738089][T10229] RAX: ffffffffffffffda RBX: 00007fabc9415fa0 RCX: 00007fabc919c799
[  283.738099][T10229] RDX: 000000000014fa02 RSI: 0000200000000200 RDI: ffffffffffffff9c
[  283.738112][T10229] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  283.738120][T10229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  283.738129][T10229] R13: 00007fabc9416038 R14: 00007fabc9415fa0 R15: 00007ffc15dc3b28
[  283.738148][T10229]  </TASK>
[  284.395029][T10248] FAULT_INJECTION: forcing a failure.
[  284.395029][T10248] name fail_futex, interval 1, probability 0, space 0, times 0
[  284.424808][T10248] CPU: 0 UID: 0 PID: 10248 Comm: syz.1.859 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  284.424835][T10248] Tainted: [L]=SOFTLOCKUP
[  284.424846][T10248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  284.424856][T10248] Call Trace:
[  284.424861][T10248]  <TASK>
[  284.424868][T10248]  dump_stack_lvl+0x100/0x190
[  284.424895][T10248]  should_fail_ex.cold+0x5/0xa
[  284.424913][T10248]  get_futex_key+0x1d2/0x1620
[  284.424933][T10248]  ? __pfx_get_futex_key+0x10/0x10
[  284.424950][T10248]  ? find_held_lock+0x2b/0x80
[  284.424963][T10248]  ? futex_wake+0x456/0x530
[  284.424989][T10248]  futex_wake+0xea/0x530
[  284.425012][T10248]  ? __pfx_futex_wake+0x10/0x10
[  284.425042][T10248]  do_futex+0x32b/0x350
[  284.425063][T10248]  ? __pfx_do_futex+0x10/0x10
[  284.425082][T10248]  ? cap_task_prctl+0x104/0xa50
[  284.425102][T10248]  ? __pfx_sched_core_share_pid+0x10/0x10
[  284.425120][T10248]  __x64_sys_futex+0x34f/0x4d0
[  284.425142][T10248]  ? __pfx___x64_sys_futex+0x10/0x10
[  284.425161][T10248]  ? __pfx___do_sys_prctl+0x10/0x10
[  284.425187][T10248]  do_syscall_64+0x106/0xf80
[  284.425204][T10248]  ? clear_bhb_loop+0x40/0x90
[  284.425221][T10248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.425237][T10248] RIP: 0033:0x7f05c9d9c799
[  284.425250][T10248] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  284.425264][T10248] RSP: 002b:00007f05cac7c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  284.425279][T10248] RAX: ffffffffffffffda RBX: 00007f05ca015fa8 RCX: 00007f05c9d9c799
[  284.425288][T10248] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f05ca015fac
[  284.425297][T10248] RBP: 00007f05ca015fa0 R08: 0000000000000000 R09: 0000000000000000
[  284.425306][T10248] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  284.425315][T10248] R13: 00007f05ca016038 R14: 00007ffd912fd680 R15: 00007ffd912fd768
[  284.425335][T10248]  </TASK>
[  284.866311][T10248] netlink: 4 bytes leftover after parsing attributes in process `syz.1.859'.
[  284.922714][T10260] netlink: 4 bytes leftover after parsing attributes in process `syz.1.859'.
[  286.643410][T10322] netlink: 342 bytes leftover after parsing attributes in process `syz.1.876'.
[  288.623730][   T30] audit: type=1800 audit(4294967297.020:18): pid=10369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.885" name="features" dev="configfs" ino=33338 res=0 errno=0
[  290.799160][T10420] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  290.889611][T10388] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  293.089987][T10468] netlink: 28 bytes leftover after parsing attributes in process `syz.0.898'.
[  293.160454][T10472] FAULT_INJECTION: forcing a failure.
[  293.160454][T10472] name failslab, interval 1, probability 0, space 0, times 0
[  293.341336][T10472] CPU: 0 UID: 0 PID: 10472 Comm: syz.0.898 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  293.341362][T10472] Tainted: [L]=SOFTLOCKUP
[  293.341368][T10472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  293.341377][T10472] Call Trace:
[  293.341382][T10472]  <TASK>
[  293.341389][T10472]  dump_stack_lvl+0x100/0x190
[  293.341416][T10472]  should_fail_ex.cold+0x5/0xa
[  293.341435][T10472]  should_failslab+0xc2/0x120
[  293.341450][T10472]  __kmalloc_cache_noprof+0x7a/0x6f0
[  293.341469][T10472]  ? watch_queue_init+0x45/0x170
[  293.341492][T10472]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  293.341517][T10472]  watch_queue_init+0x45/0x170
[  293.341540][T10472]  create_pipe_files+0x672/0x970
[  293.341557][T10472]  do_pipe2+0xbd/0x1e0
[  293.341571][T10472]  ? __pfx_do_pipe2+0x10/0x10
[  293.341585][T10472]  ? xfd_validate_state+0x129/0x190
[  293.341612][T10472]  __x64_sys_pipe2+0x54/0x80
[  293.341626][T10472]  do_syscall_64+0x106/0xf80
[  293.341643][T10472]  ? clear_bhb_loop+0x40/0x90
[  293.341661][T10472]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  293.341677][T10472] RIP: 0033:0x7f934d59c799
[  293.341689][T10472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  293.341704][T10472] RSP: 002b:00007f934e3b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[  293.341720][T10472] RAX: ffffffffffffffda RBX: 00007f934d816090 RCX: 00007f934d59c799
[  293.341730][T10472] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000
[  293.341739][T10472] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  293.341748][T10472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  293.341756][T10472] R13: 00007f934d816128 R14: 00007f934d816090 R15: 00007ffdad62f238
[  293.341775][T10472]  </TASK>
[  294.219119][T10485] Invalid ELF header magic: != ELF
[  296.575119][T10544] FAULT_INJECTION: forcing a failure.
[  296.575119][T10544] name failslab, interval 1, probability 0, space 0, times 0
[  296.842480][T10544] CPU: 0 UID: 0 PID: 10544 Comm: syz.1.913 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  296.842507][T10544] Tainted: [L]=SOFTLOCKUP
[  296.842513][T10544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  296.842522][T10544] Call Trace:
[  296.842527][T10544]  <TASK>
[  296.842533][T10544]  dump_stack_lvl+0x100/0x190
[  296.842560][T10544]  should_fail_ex.cold+0x5/0xa
[  296.842578][T10544]  ? aa_label_asxprint+0x75/0x130
[  296.842598][T10544]  should_failslab+0xc2/0x120
[  296.842614][T10544]  __kmalloc_noprof+0xe0/0x850
[  296.842636][T10544]  ? __pfx_vsnprintf+0x10/0x10
[  296.842654][T10544]  aa_label_asxprint+0x75/0x130
[  296.842676][T10544]  apparmor_lsmprop_to_secctx+0xb2/0x1a0
[  296.842701][T10544]  security_lsmprop_to_secctx+0x146/0x1a0
[  296.842724][T10544]  audit_log_subj_ctx+0x34f/0x460
[  296.842746][T10544]  ? map_id_range_up+0x2ce/0x3b0
[  296.842760][T10544]  ? __pfx_audit_log_subj_ctx+0x10/0x10
[  296.842782][T10544]  ? audit_log_format+0xe8/0x130
[  296.842801][T10544]  ? apparmor_current_getlsmprop_subj+0x107/0x3c0
[  296.842827][T10544]  audit_log_task_context+0x88/0xb0
[  296.842847][T10544]  ? __pfx_audit_log_task_context+0x10/0x10
[  296.842871][T10544]  audit_log_task+0x1b7/0x3a0
[  296.842887][T10544]  ? __pfx_audit_log_task+0x10/0x10
[  296.842902][T10544]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  296.842925][T10544]  audit_seccomp+0x79/0x190
[  296.842941][T10544]  ? exc_general_protection+0x12e/0x250
[  296.842964][T10544]  __secure_computing+0x26d/0x2c0
[  296.842984][T10544]  do_syscall_64+0x568/0xf80
[  296.843000][T10544]  ? clear_bhb_loop+0x40/0x90
[  296.843019][T10544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.843034][T10544] RIP: 0033:0x7f05c9d9c799
[  296.843047][T10544] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  296.843061][T10544] RSP: 002b:00007f05cac39a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  296.843076][T10544] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f05c9d9c799
[  296.843085][T10544] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000b
[  296.843093][T10544] RBP: 00007f05cac3a030 R08: 0000000000000000 R09: 000000000000000b
[  296.843102][T10544] R10: 0000000000000009 R11: 0000000000000246 R12: 000000000000dbfe
[  296.843111][T10544] R13: 00007f05ca016218 R14: 00007f05ca016180 R15: 00007ffd912fd768
[  296.843130][T10544]  </TASK>
[  296.843138][T10544] audit: error in audit_log_subj_ctx
[  297.123251][T10555] netlink: 330 bytes leftover after parsing attributes in process `syz.0.916'.
[  297.504585][   T30] audit: type=1326 audit(4294967304.970:19): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=10537 comm="syz.1.913" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f05c9d9c799 code=0x0
[  298.211654][T10588] delete_channel: no stack
[  298.262239][T10583] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078400500 pfn:0x78400
[  298.338676][T10592] netlink: 326 bytes leftover after parsing attributes in process `syz.4.923'.
[  298.430647][T10583] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff)
[  298.430712][T10583] page_type: f2(table)
[  298.430727][T10583] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000
[  298.430744][T10583] raw: ffff888078400500 0000000000000000 00000001f2000000 0000000000000000
[  298.430754][T10583] page dumped because: unmovable page
[  298.430766][T10583] page_owner tracks the page as allocated
[  298.430799][T10583] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 9839, tgid 9839 (syz-executor), ts 262671910808, free_ts 237289152476
[  298.430827][T10583]  post_alloc_hook+0x153/0x170
[  298.430857][T10583]  get_page_from_freelist+0x111d/0x3140
[  298.430878][T10583]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  298.430898][T10583]  alloc_pages_mpol+0x1fb/0x550
[  298.430912][T10583]  alloc_pages_noprof+0x131/0x390
[  298.430925][T10583]  __pte_alloc_kernel+0x24/0x690
[  298.430940][T10583]  vmap_small_pages_range_noflush+0x9d8/0xd50
[  298.430963][T10583]  __vmap_pages_range_noflush+0x601/0x660
[  298.430979][T10583]  __vmalloc_node_range_noprof+0x922/0x1530
[  298.430995][T10583]  vmalloc_user_noprof+0x9e/0xe0
[  298.431011][T10583]  kcov_ioctl+0x4c/0x720
[  298.431032][T10583]  __x64_sys_ioctl+0x18e/0x210
[  298.431051][T10583]  do_syscall_64+0x106/0xf80
[  298.431068][T10583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.431083][T10583] page last free pid 9268 tgid 9260 stack trace:
[  298.431092][T10583]  __free_frozen_pages+0x7e1/0x10d0
[  298.431109][T10583]  kimage_free+0x245/0x5a0
[  298.431122][T10583]  do_kexec_load+0x34c/0x810
[  298.431137][T10583]  __x64_sys_kexec_load+0x1bf/0x230
[  298.431152][T10583]  do_syscall_64+0x106/0xf80
[  298.431168][T10583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.475234][T10586] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078400500 pfn:0x78400
[  298.475259][T10586] flags: 0xfff00000000004(referenced|node=0|zone=1|lastcpupid=0x7ff)
[  298.475274][T10586] page_type: f2(table)
[  298.475287][T10586] raw: 00fff00000000004 0000000000000000 dead000000000122 0000000000000000
[  298.475301][T10586] raw: ffff888078400500 0000000000000000 00000001f2000000 0000000000000000
[  298.475310][T10586] page dumped because: unmovable page
[  298.475319][T10586] page_owner tracks the page as allocated
[  298.475326][T10586] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 9839, tgid 9839 (syz-executor), ts 262671910808, free_ts 237289152476
[  298.475350][T10586]  post_alloc_hook+0x153/0x170
[  298.475372][T10586]  get_page_from_freelist+0x111d/0x3140
[  298.475407][T10586]  __alloc_frozen_pages_noprof+0x27c/0x2ba0
[  298.475427][T10586]  alloc_pages_mpol+0x1fb/0x550
[  298.475442][T10586]  alloc_pages_noprof+0x131/0x390
[  298.475455][T10586]  __pte_alloc_kernel+0x24/0x690
[  298.475470][T10586]  vmap_small_pages_range_noflush+0x9d8/0xd50
[  298.475493][T10586]  __vmap_pages_range_noflush+0x601/0x660
[  298.475508][T10586]  __vmalloc_node_range_noprof+0x922/0x1530
[  298.475525][T10586]  vmalloc_user_noprof+0x9e/0xe0
[  298.475541][T10586]  kcov_ioctl+0x4c/0x720
[  298.475563][T10586]  __x64_sys_ioctl+0x18e/0x210
[  298.475581][T10586]  do_syscall_64+0x106/0xf80
[  298.475599][T10586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.475614][T10586] page last free pid 9268 tgid 9260 stack trace:
[  298.475623][T10586]  __free_frozen_pages+0x7e1/0x10d0
[  298.475639][T10586]  kimage_free+0x245/0x5a0
[  298.475652][T10586]  do_kexec_load+0x34c/0x810
[  298.475666][T10586]  __x64_sys_kexec_load+0x1bf/0x230
[  298.475681][T10586]  do_syscall_64+0x106/0xf80
[  298.475697][T10586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.074681][T10614] sd 0:0:1:0: PR command failed: 1026
[  299.074715][T10614] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  299.074743][T10614] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  299.780595][T10622] netlink: 342 bytes leftover after parsing attributes in process `syz.1.931'.
[  300.131636][T10633] netlink: 28 bytes leftover after parsing attributes in process `syz.1.934'.
[  300.166074][T10633] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.173385][T10633] bridge_slave_1 (unregistering): left allmulticast mode
[  300.173443][T10633] bridge_slave_1 (unregistering): left promiscuous mode
[  300.174511][T10633] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.726397][T10644] kexec: Could not allocate control_code_buffer
[  301.789170][T10677] netlink: 354 bytes leftover after parsing attributes in process `syz.2.942'.
[  302.080431][T10684] FAULT_INJECTION: forcing a failure.
[  302.080431][T10684] name failslab, interval 1, probability 0, space 0, times 0
[  302.146883][T10684] CPU: 0 UID: 0 PID: 10684 Comm: syz.0.944 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  302.146910][T10684] Tainted: [L]=SOFTLOCKUP
[  302.146916][T10684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  302.146924][T10684] Call Trace:
[  302.146930][T10684]  <TASK>
[  302.146936][T10684]  dump_stack_lvl+0x100/0x190
[  302.146962][T10684]  should_fail_ex.cold+0x5/0xa
[  302.146981][T10684]  should_failslab+0xc2/0x120
[  302.146996][T10684]  __kmalloc_cache_noprof+0x7a/0x6f0
[  302.147016][T10684]  ? usb_control_msg+0xbc/0x4a0
[  302.147031][T10684]  ? __pfx___mutex_lock+0x10/0x10
[  302.147053][T10684]  usb_control_msg+0xbc/0x4a0
[  302.147069][T10684]  ? __pfx_usb_control_msg+0x10/0x10
[  302.147089][T10684]  hub_ext_port_status+0x152/0x600
[  302.147119][T10684]  hub_activate+0x6d8/0x1d50
[  302.147139][T10684]  ? __pfx_hub_activate+0x10/0x10
[  302.147153][T10684]  ? find_held_lock+0x2b/0x80
[  302.147175][T10684]  ? usb_generic_driver_resume+0x70/0xa0
[  302.147190][T10684]  ? usb_generic_driver_resume+0x70/0xa0
[  302.147211][T10684]  hub_resume+0xb0/0x400
[  302.147226][T10684]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  302.147246][T10684]  ? __pfx_hub_resume+0x10/0x10
[  302.147261][T10684]  ? __pfx_hcd_bus_resume+0x10/0x10
[  302.147287][T10684]  usb_resume_interface.isra.0+0x2ce/0x3d0
[  302.147309][T10684]  usb_resume_both+0x237/0x9a0
[  302.147329][T10684]  ? __pfx_usb_resume_both+0x10/0x10
[  302.147346][T10684]  ? __rpm_callback+0x272/0x620
[  302.147366][T10684]  ? __pfx_usb_runtime_resume+0x10/0x10
[  302.147386][T10684]  ? rcu_is_watching+0x12/0xc0
[  302.147409][T10684]  ? __pfx_usb_runtime_resume+0x10/0x10
[  302.147430][T10684]  __rpm_callback+0xc8/0x620
[  302.147448][T10684]  ? read_tsc+0x9/0x20
[  302.147463][T10684]  ? ktime_get_mono_fast_ns+0x1be/0x3c0
[  302.147479][T10684]  ? __pfx_usb_runtime_resume+0x10/0x10
[  302.147500][T10684]  rpm_callback+0x16a/0x1b0
[  302.147518][T10684]  ? __pfx_usb_runtime_resume+0x10/0x10
[  302.147540][T10684]  rpm_resume+0xd3e/0x1350
[  302.147564][T10684]  ? __pfx_rpm_resume+0x10/0x10
[  302.147581][T10684]  ? do_raw_spin_lock+0x128/0x260
[  302.147611][T10684]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  302.147634][T10684]  ? _raw_spin_lock_irqsave+0x52/0x60
[  302.147654][T10684]  __pm_runtime_resume+0xb6/0x170
[  302.147676][T10684]  usb_autoresume_device+0x23/0xe0
[  302.147698][T10684]  usbdev_open+0x228/0x870
[  302.147720][T10684]  ? do_raw_spin_lock+0x128/0x260
[  302.147740][T10684]  ? __pfx_usbdev_open+0x10/0x10
[  302.147759][T10684]  ? chrdev_open+0x589/0x6a0
[  302.147774][T10684]  ? chrdev_open+0x589/0x6a0
[  302.147791][T10684]  ? __pfx_usbdev_open+0x10/0x10
[  302.147811][T10684]  chrdev_open+0x234/0x6a0
[  302.147826][T10684]  ? __pfx_chrdev_open+0x10/0x10
[  302.147841][T10684]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  302.147860][T10684]  do_dentry_open+0x6d8/0x1660
[  302.147874][T10684]  ? __pfx_chrdev_open+0x10/0x10
[  302.147893][T10684]  vfs_open+0x82/0x3f0
[  302.147912][T10684]  path_openat+0x208c/0x31a0
[  302.147934][T10684]  ? __pfx_path_openat+0x10/0x10
[  302.147956][T10684]  do_file_open+0x20e/0x430
[  302.147972][T10684]  ? __pfx_do_file_open+0x10/0x10
[  302.148001][T10684]  ? alloc_fd+0x476/0x790
[  302.148017][T10684]  ? do_getname+0x191/0x390
[  302.148036][T10684]  do_sys_openat2+0x10d/0x1e0
[  302.148054][T10684]  ? __pfx_do_sys_openat2+0x10/0x10
[  302.148074][T10684]  ? __fget_files+0x21f/0x3d0
[  302.148091][T10684]  __x64_sys_openat+0x12d/0x210
[  302.148110][T10684]  ? __pfx___x64_sys_openat+0x10/0x10
[  302.148137][T10684]  do_syscall_64+0x106/0xf80
[  302.148153][T10684]  ? clear_bhb_loop+0x40/0x90
[  302.148176][T10684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.148192][T10684] RIP: 0033:0x7f934d59c799
[  302.148206][T10684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  302.148220][T10684] RSP: 002b:00007f934e3d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  302.148235][T10684] RAX: ffffffffffffffda RBX: 00007f934d815fa0 RCX: 00007f934d59c799
[  302.148245][T10684] RDX: 0000000000000100 RSI: 00002000000001c0 RDI: ffffffffffffff9c
[  302.148255][T10684] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  302.148265][T10684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  302.148274][T10684] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  302.148294][T10684]  </TASK>
[  302.148306][T10684] hub 4-0:1.0: hub_ext_port_status failed (err = -12)
[  303.940832][T10724] netlink: 330 bytes leftover after parsing attributes in process `syz.0.952'.
[  305.569383][T10733] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  306.941278][T10791] zswap: compressor  not available
[  308.181633][T10827] bond0: no command found in slaves file - use +ifname or -ifname
[  309.396122][T10851] FAULT_INJECTION: forcing a failure.
[  309.396122][T10851] name failslab, interval 1, probability 0, space 0, times 0
[  309.625086][T10851] CPU: 0 UID: 0 PID: 10851 Comm: syz.4.974 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  309.625114][T10851] Tainted: [L]=SOFTLOCKUP
[  309.625120][T10851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  309.625129][T10851] Call Trace:
[  309.625134][T10851]  <TASK>
[  309.625141][T10851]  dump_stack_lvl+0x100/0x190
[  309.625168][T10851]  should_fail_ex.cold+0x5/0xa
[  309.625186][T10851]  ? security_inode_init_security+0x113/0x370
[  309.625206][T10851]  should_failslab+0xc2/0x120
[  309.625221][T10851]  __kmalloc_noprof+0xe0/0x850
[  309.625247][T10851]  security_inode_init_security+0x113/0x370
[  309.625266][T10851]  ? __pfx_shmem_initxattrs+0x10/0x10
[  309.625284][T10851]  ? __pfx_security_inode_init_security+0x10/0x10
[  309.625305][T10851]  ? make_vfsgid+0xf1/0x140
[  309.625326][T10851]  shmem_mknod+0x2bf/0x470
[  309.625346][T10851]  ? __pfx_shmem_mknod+0x10/0x10
[  309.625376][T10851]  vfs_create+0x301/0x6c0
[  309.625401][T10851]  filename_mknodat+0x2de/0x7f0
[  309.625421][T10851]  ? __pfx_filename_mknodat+0x10/0x10
[  309.625436][T10851]  ? strncpy_from_user+0x19d/0x2d0
[  309.625461][T10851]  ? do_getname+0x191/0x390
[  309.625480][T10851]  __x64_sys_mknod+0x8f/0xc0
[  309.625496][T10851]  do_syscall_64+0x106/0xf80
[  309.625513][T10851]  ? clear_bhb_loop+0x40/0x90
[  309.625531][T10851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.625552][T10851] RIP: 0033:0x7fabc919c799
[  309.625566][T10851] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.625581][T10851] RSP: 002b:00007fabca0bc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  309.625597][T10851] RAX: ffffffffffffffda RBX: 00007fabc9416090 RCX: 00007fabc919c799
[  309.625607][T10851] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000
[  309.625616][T10851] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  309.625625][T10851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.625634][T10851] R13: 00007fabc9416128 R14: 00007fabc9416090 R15: 00007ffc15dc3b28
[  309.625654][T10851]  </TASK>
[  312.274892][T10897] ptrace attach of "./syz-executor exec"[5821] was attempted by "Y^Zݻ�!mo��l��M�r?�;��a�Ou�<\x0aƟU���T�xO˃�3�qb�D�T)h9�A��Eڬ?\x0a�\x0c� άM�$���|��v�R����\x0bM�j�&��/Y$k�G�\x0a�Kd!�P���4\x0cY� ]��z��>�:��oZ�HW[���`���lw�cIT�6�r5�R׎����G��P����s�D�Ȣ#3g��N^���i���\x1b���\x0a��J���l=C&�HW~f�g0��G�8�͔��W��U��}�̬m�B/�٭���Oc��
`\x0a.\x0b�����?$���b�<�� �QLl\x0a����1~��{YSj�a\x0d�),�ؒ�$�w.�)$����xW��[!0#iG�Lg��%F��Q��F�ަ�$���iᨁvN�w��/������g��M�˓a9�G�ff�� �y�[��A��*0�\x1bOf<���;��\x0c+4K�n�R7
������>q�H!������j\x22<�}�5�DW��6ͽ���L|L���E\x07�\x0a�\x1b\x0a�}u 1�Y����7d�5���+���!u���tǩ�S�gw�>#\x1bl ���oHLs����^#��#�+��F�O��\x07�1��o__6�n9?0�UI�
��3L��n�-�;��%�!e2[�@�CV=�6�s��2l�e:��/?B�G؊.�0Vy�S�m�+\x0a�}�?P�I
Ƹ��\x5c��Rzm��o'\x1bR�w��
\x5c�]�euVG�����bb�\x22�>����o{6f\x0a��X���\x0d���sG<���,Yu�!|w�N���<vU���WI��s���H�rj��������
�,��J{ �\x1b\x07�����~�(��J�1���\x5cP�K/��R��� K}�P��Q�:|nh��xI�t��
�`��5��&����'.��8MckbX:�y{
[  313.384661][T10913] netlink: 330 bytes leftover after parsing attributes in process `syz.4.991'.
[  314.701831][T10939] netlink: 8 bytes leftover after parsing attributes in process `syz.4.997'.
[  315.141383][T10946] FAULT_INJECTION: forcing a failure.
[  315.141383][T10946] name fail_futex, interval 1, probability 0, space 0, times 0
[  315.210985][T10946] CPU: 0 UID: 0 PID: 10946 Comm: syz.4.999 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  315.211010][T10946] Tainted: [L]=SOFTLOCKUP
[  315.211015][T10946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  315.211024][T10946] Call Trace:
[  315.211029][T10946]  <TASK>
[  315.211035][T10946]  dump_stack_lvl+0x100/0x190
[  315.211061][T10946]  should_fail_ex.cold+0x5/0xa
[  315.211077][T10946]  get_futex_key+0x1d2/0x1620
[  315.211097][T10946]  ? __pfx_get_futex_key+0x10/0x10
[  315.211120][T10946]  futex_wait_setup+0x81/0x500
[  315.211146][T10946]  __futex_wait+0x19f/0x300
[  315.211168][T10946]  ? __pfx___futex_wait+0x10/0x10
[  315.211192][T10946]  ? __pfx_futex_wake_mark+0x10/0x10
[  315.211215][T10946]  ? futex_hash+0x2c5/0x380
[  315.211236][T10946]  futex_wait+0xed/0x380
[  315.211257][T10946]  ? __pfx_futex_wait+0x10/0x10
[  315.211291][T10946]  do_futex+0x1ef/0x350
[  315.211339][T10946]  ? __pfx_do_futex+0x10/0x10
[  315.211356][T10946]  ? __pfx_do_sys_openat2+0x10/0x10
[  315.211374][T10946]  ? __pfx_do_sendfile+0x10/0x10
[  315.211397][T10946]  __x64_sys_futex+0x34f/0x4d0
[  315.211418][T10946]  ? __pfx___x64_sys_futex+0x10/0x10
[  315.211443][T10946]  do_syscall_64+0x106/0xf80
[  315.211459][T10946]  ? clear_bhb_loop+0x40/0x90
[  315.211477][T10946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.211491][T10946] RIP: 0033:0x7fabc919c799
[  315.211505][T10946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  315.211518][T10946] RSP: 002b:00007fabca0dd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  315.211532][T10946] RAX: ffffffffffffffda RBX: 00007fabc9415fa8 RCX: 00007fabc919c799
[  315.211541][T10946] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fabc9415fa8
[  315.211550][T10946] RBP: 00007fabc9415fa0 R08: 0000000000000000 R09: 0000000000000000
[  315.211558][T10946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  315.211566][T10946] R13: 00007fabc9416038 R14: 00007ffc15dc3a40 R15: 00007ffc15dc3b28
[  315.211584][T10946]  </TASK>
[  315.897747][T10962] netlink: 'syz.0.1003': attribute type 11 has an invalid length.
[  315.922884][T10962] netlink: 'syz.0.1003': attribute type 11 has an invalid length.
[  315.941501][T10962] netlink: 'syz.0.1003': attribute type 11 has an invalid length.
[  316.015787][T10963] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1003'.
[  317.036156][T10996] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1011'.
[  317.177474][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.198343][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.304786][T11002] netlink: 86 bytes leftover after parsing attributes in process `syz.4.1012'.
[  317.367174][T11002] Lens A: =================  START STATUS  =================
[  317.409966][T11002] Lens A: Focus, Absolute: 0
[  317.414798][T11002] Lens A: ==================  END STATUS  ==================
[  318.241052][T11018] ecryptfs_miscdev_write: Invalid packet size [125]
[  321.196070][T11071] FAULT_INJECTION: forcing a failure.
[  321.196070][T11071] name failslab, interval 1, probability 0, space 0, times 0
[  321.371049][T11071] CPU: 0 UID: 0 PID: 11071 Comm: syz.4.1027 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  321.371078][T11071] Tainted: [L]=SOFTLOCKUP
[  321.371083][T11071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  321.371093][T11071] Call Trace:
[  321.371098][T11071]  <TASK>
[  321.371104][T11071]  dump_stack_lvl+0x100/0x190
[  321.371131][T11071]  should_fail_ex.cold+0x5/0xa
[  321.371149][T11071]  ? memcg_list_lru_alloc+0x4ec/0x740
[  321.371170][T11071]  should_failslab+0xc2/0x120
[  321.371186][T11071]  __kmalloc_noprof+0xe0/0x850
[  321.371207][T11071]  ? ipcget+0xee/0xf50
[  321.371225][T11071]  memcg_list_lru_alloc+0x4ec/0x740
[  321.371251][T11071]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[  321.371271][T11071]  ? rcu_read_unlock+0x17/0x60
[  321.371292][T11071]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  321.371315][T11071]  __memcg_slab_post_alloc_hook+0x12f/0x9a0
[  321.371336][T11071]  ? kasan_save_track+0x14/0x30
[  321.371359][T11071]  kmem_cache_alloc_lru_noprof+0x592/0x6e0
[  321.371380][T11071]  ? hugetlbfs_alloc_inode+0x8c/0x1d0
[  321.371407][T11071]  hugetlbfs_alloc_inode+0x8c/0x1d0
[  321.371430][T11071]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  321.371453][T11071]  alloc_inode+0x68/0x250
[  321.371472][T11071]  new_inode+0x22/0x1c0
[  321.371501][T11071]  hugetlbfs_get_inode+0x313/0x750
[  321.371520][T11071]  hugetlb_file_setup+0x3cc/0x5b0
[  321.371537][T11071]  newseg+0xabb/0xed0
[  321.371556][T11071]  ? __pfx_newseg+0x10/0x10
[  321.371571][T11071]  ? down_write+0x146/0x1f0
[  321.371592][T11071]  ? ksys_write+0x190/0x250
[  321.371613][T11071]  ? ksys_write+0x190/0x250
[  321.371638][T11071]  ipcget+0xee/0xf50
[  321.371653][T11071]  ? do_futex+0x192/0x350
[  321.371672][T11071]  ? __pfx_do_futex+0x10/0x10
[  321.371693][T11071]  ? __pfx_ipcget+0x10/0x10
[  321.371709][T11071]  ? __x64_sys_futex+0x34f/0x4d0
[  321.371726][T11071]  ? __x64_sys_futex+0x358/0x4d0
[  321.371747][T11071]  __x64_sys_shmget+0x13b/0x1b0
[  321.371763][T11071]  ? __pfx___x64_sys_shmget+0x10/0x10
[  321.371788][T11071]  do_syscall_64+0x106/0xf80
[  321.371804][T11071]  ? clear_bhb_loop+0x40/0x90
[  321.371823][T11071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.371838][T11071] RIP: 0033:0x7fabc919c799
[  321.371852][T11071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  321.371867][T11071] RSP: 002b:00007fabca059028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  321.371882][T11071] RAX: ffffffffffffffda RBX: 00007fabc9416360 RCX: 00007fabc919c799
[  321.371891][T11071] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000
[  321.371901][T11071] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  321.371910][T11071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  321.371919][T11071] R13: 00007fabc94163f8 R14: 00007fabc9416360 R15: 00007ffc15dc3b28
[  321.371939][T11071]  </TASK>

syzkaller
syzkaller login: [  324.290242][ T5831] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  325.626709][T11138] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1045'.
[  326.596093][T11161] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1050'.
[  327.195209][T11155] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  327.248126][T11155] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  327.295957][T11155] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  327.323581][T11155] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  327.511100][T11155] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  327.561573][T11155] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  327.634010][T11155] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  328.606699][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  329.174535][ T5831] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  329.175519][T11211] binder: 11210:11211 ioctl c0306201 200000000040 returned -14
[  329.232125][T11212] binder: 11210:11212 ioctl c0306201 200000000040 returned -14
[  329.327911][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  329.335843][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  329.567032][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout
[  331.406922][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  331.646860][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout
[  333.726726][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout
[  336.570368][   T30] audit: type=1800 audit(4294967344.970:20): pid=11346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1085" name="members" dev="configfs" ino=38730 res=0 errno=0
[  337.218263][T11375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1091'.
[  337.598505][T11380] vhci_hcd vhci_hcd.2: SetHubDepth req not supported for USB 2.0 roothub
[  338.861062][T11404] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.323712][T11424] netlink: 'syz.2.1104': attribute type 4 has an invalid length.
[  339.439582][T11432] capability: warning: `syz.2.1104' uses deprecated v2 capabilities in a way that may be insecure
[  339.492157][T11424] netlink: 'syz.2.1104': attribute type 1 has an invalid length.
[  339.786205][T11443] FAULT_INJECTION: forcing a failure.
[  339.786205][T11443] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.887041][T11443] CPU: 0 UID: 0 PID: 11443 Comm: syz.1.1111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  339.887069][T11443] Tainted: [L]=SOFTLOCKUP
[  339.887074][T11443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  339.887085][T11443] Call Trace:
[  339.887090][T11443]  <TASK>
[  339.887096][T11443]  dump_stack_lvl+0x100/0x190
[  339.887124][T11443]  should_fail_ex.cold+0x5/0xa
[  339.887142][T11443]  _copy_from_user+0x2e/0xd0
[  339.887167][T11443]  copy_mount_options+0x76/0x190
[  339.887189][T11443]  __x64_sys_mount+0x1ab/0x310
[  339.887207][T11443]  ? __pfx___x64_sys_mount+0x10/0x10
[  339.887229][T11443]  do_syscall_64+0x106/0xf80
[  339.887246][T11443]  ? clear_bhb_loop+0x40/0x90
[  339.887264][T11443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.887279][T11443] RIP: 0033:0x7f05c9d9c799
[  339.887293][T11443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  339.887307][T11443] RSP: 002b:00007f05cac5b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  339.887322][T11443] RAX: ffffffffffffffda RBX: 00007f05ca016090 RCX: 00007f05c9d9c799
[  339.887331][T11443] RDX: 0000200000000240 RSI: 0000000000000000 RDI: 0000200000000180
[  339.887341][T11443] RBP: 00007f05c9e32bd9 R08: 0000200000000280 R09: 0000000000000000
[  339.887350][T11443] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  339.887358][T11443] R13: 00007f05ca016128 R14: 00007f05ca016090 R15: 00007ffd912fd768
[  339.887377][T11443]  </TASK>
[  341.739771][T11483] FAULT_INJECTION: forcing a failure.
[  341.739771][T11483] name failslab, interval 1, probability 0, space 0, times 0
[  341.801455][T11483] CPU: 0 UID: 0 PID: 11483 Comm: syz.0.1120 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  341.801482][T11483] Tainted: [L]=SOFTLOCKUP
[  341.801487][T11483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  341.801497][T11483] Call Trace:
[  341.801502][T11483]  <TASK>
[  341.801509][T11483]  dump_stack_lvl+0x100/0x190
[  341.801605][T11483]  should_fail_ex.cold+0x5/0xa
[  341.801633][T11483]  should_failslab+0xc2/0x120
[  341.801649][T11483]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  341.801671][T11483]  ? alloc_empty_file+0x55/0x1c0
[  341.801689][T11483]  ? __pfx_stack_trace_save+0x10/0x10
[  341.801707][T11483]  alloc_empty_file+0x55/0x1c0
[  341.801725][T11483]  path_openat+0xe8/0x31a0
[  341.801738][T11483]  ? kasan_save_stack+0x3f/0x50
[  341.801759][T11483]  ? kasan_save_stack+0x30/0x50
[  341.801779][T11483]  ? kasan_save_track+0x14/0x30
[  341.801799][T11483]  ? __kasan_slab_alloc+0x89/0x90
[  341.801816][T11483]  ? kmem_cache_alloc_noprof+0x241/0x6e0
[  341.801842][T11483]  ? do_getname+0x35/0x390
[  341.801858][T11483]  ? do_sys_openat2+0xc5/0x1e0
[  341.801877][T11483]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.801895][T11483]  ? __pfx_path_openat+0x10/0x10
[  341.801921][T11483]  do_file_open+0x20e/0x430
[  341.801940][T11483]  ? __pfx_do_file_open+0x10/0x10
[  341.801971][T11483]  ? alloc_fd+0x476/0x790
[  341.801987][T11483]  ? do_getname+0x191/0x390
[  341.802009][T11483]  do_sys_openat2+0x10d/0x1e0
[  341.802027][T11483]  ? __pfx_do_sys_openat2+0x10/0x10
[  341.802052][T11483]  __x64_sys_openat+0x12d/0x210
[  341.802072][T11483]  ? __pfx___x64_sys_openat+0x10/0x10
[  341.802098][T11483]  do_syscall_64+0x106/0xf80
[  341.802114][T11483]  ? clear_bhb_loop+0x40/0x90
[  341.802132][T11483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.802147][T11483] RIP: 0033:0x7f934d59c799
[  341.802162][T11483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  341.802177][T11483] RSP: 002b:00007f934e3d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  341.802193][T11483] RAX: ffffffffffffffda RBX: 00007f934d815fa0 RCX: 00007f934d59c799
[  341.802204][T11483] RDX: 00000000000c0000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  341.802214][T11483] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  341.802223][T11483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  341.802232][T11483] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  341.802252][T11483]  </TASK>
[  343.080997][T11497] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1123'.
[  343.112059][T11501] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1125'.
[  343.139890][T11501] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1125'.
[  343.349626][T11512] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14
[  343.384966][T11497] zswap: compressor  not available
[  343.583536][T11510] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1126'.
[  343.762430][T11514] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1126'.
[  343.832645][T11513] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15
[  344.308632][T11526] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16
[  344.542949][T11531] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17
[  345.848498][T11555] sd 0:0:1:0: PR command failed: 1026
[  345.875108][T11555] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  345.909840][T11555] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  345.991939][T11538] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  346.020561][   T30] audit: type=1800 audit(4294967354.420:21): pid=11558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1137" name="discovery_nqn" dev="configfs" ino=39795 res=0 errno=0
[  346.139141][T11560] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1138'.
[  346.476213][T11575] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_tx_wq": -EINTR
[  346.795462][T11591] netlink: 'syz.1.1143': attribute type 23 has an invalid length.
[  346.881856][T11589] FAULT_INJECTION: forcing a failure.
[  346.881856][T11589] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  347.069928][T11589] CPU: 0 UID: 0 PID: 11589 Comm: syz.4.1142 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  347.069953][T11589] Tainted: [L]=SOFTLOCKUP
[  347.069958][T11589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  347.069967][T11589] Call Trace:
[  347.069972][T11589]  <TASK>
[  347.069979][T11589]  dump_stack_lvl+0x100/0x190
[  347.070012][T11589]  should_fail_ex.cold+0x5/0xa
[  347.070026][T11589]  ? prepare_alloc_pages+0x16d/0x5f0
[  347.070044][T11589]  should_fail_alloc_page+0xeb/0x140
[  347.070060][T11589]  prepare_alloc_pages+0x1f0/0x5f0
[  347.070079][T11589]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  347.070103][T11589]  ? __lock_acquire+0x4a5/0x2630
[  347.070125][T11589]  ? __lock_acquire+0x4a5/0x2630
[  347.070143][T11589]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  347.070171][T11589]  ? find_held_lock+0x2b/0x80
[  347.070184][T11589]  ? is_bpf_text_address+0x8a/0x1a0
[  347.070205][T11589]  ? is_bpf_text_address+0x8a/0x1a0
[  347.070225][T11589]  ? bpf_ksym_find+0x124/0x1c0
[  347.070241][T11589]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  347.070256][T11589]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  347.070283][T11589]  ? policy_nodemask+0xed/0x4f0
[  347.070299][T11589]  alloc_pages_mpol+0x1fb/0x550
[  347.070314][T11589]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  347.070334][T11589]  folio_alloc_mpol_noprof+0x36/0x340
[  347.070352][T11589]  shmem_alloc_folio+0x135/0x160
[  347.070371][T11589]  shmem_alloc_and_add_folio+0x371/0xd40
[  347.070396][T11589]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  347.070418][T11589]  ? shmem_allowable_huge_orders+0x2bd/0x400
[  347.070443][T11589]  shmem_get_folio_gfp+0x6ab/0x1900
[  347.070468][T11589]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  347.070494][T11589]  shmem_fault+0x1f9/0xa20
[  347.070516][T11589]  ? __pfx_shmem_fault+0x10/0x10
[  347.070534][T11589]  ? trace_kmem_cache_alloc+0xf3/0x120
[  347.070550][T11589]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  347.070570][T11589]  ? ptlock_alloc+0x1f/0x70
[  347.070589][T11589]  ? lockdep_init_map_type+0x5c/0x250
[  347.070607][T11589]  ? __raw_spin_lock_init+0x3a/0x110
[  347.070630][T11589]  ? __pfx_filemap_map_pages+0x10/0x10
[  347.070650][T11589]  __do_fault+0x10d/0x550
[  347.070673][T11589]  ? __pfx_filemap_map_pages+0x10/0x10
[  347.070692][T11589]  do_fault+0x2db/0x1950
[  347.070708][T11589]  ? __pmd_alloc+0x6aa/0x9c0
[  347.070724][T11589]  __handle_mm_fault+0x180f/0x2b60
[  347.070747][T11589]  ? reacquire_held_locks+0xce/0x1e0
[  347.070764][T11589]  ? __pfx___handle_mm_fault+0x10/0x10
[  347.070786][T11589]  ? lock_vma_under_rcu+0x17c/0x590
[  347.070815][T11589]  handle_mm_fault+0x36d/0xa20
[  347.070837][T11589]  do_user_addr_fault+0x5a3/0x12f0
[  347.070866][T11589]  exc_page_fault+0x6f/0xd0
[  347.070898][T11589]  asm_exc_page_fault+0x26/0x30
[  347.070913][T11589] RIP: 0033:0x7fabc905909f
[  347.070925][T11589] Code: 00 00 eb c2 0f 1f 80 00 00 00 00 53 48 89 fb 48 85 ff 74 47 80 3d 54 c6 ee 00 00 75 1e 80 3d 1f 90 3b 00 00 75 55 48 8b 43 18 <48> c7 00 00 00 00 00 c6 43 48 00 5b c3 0f 1f 40 00 8b 3b 31 d2 31
[  347.070939][T11589] RSP: 002b:00007fabca07a040 EFLAGS: 00010246
[  347.070950][T11589] RAX: 0000000000000000 RBX: 00007fabc9416308 RCX: 00007fabc923449c
[  347.070963][T11589] RDX: 00000000000149d5 RSI: 0000000000000000 RDI: 00007fabc9416308
[  347.070971][T11589] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  347.070979][T11589] R10: 00007fabca0de000 R11: 0000000000000001 R12: 0000000000000000
[  347.070987][T11589] R13: 00007fabc9416308 R14: 00007fabc9416270 R15: 00007ffc15dc3b28
[  347.071013][T11589]  </TASK>
[  348.013911][T11599] netlink: 220 bytes leftover after parsing attributes in process `syz.1.1144'.
[  349.577927][T11605] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  349.618392][T11625] vivid-007: =================  START STATUS  =================
[  349.677042][T11625] vivid-007: Generate PTS: true
[  349.681922][T11625] vivid-007: Generate SCR: true
[  349.708346][T11631] QAT: failed to copy from user cfg_data.
[  349.715242][T11625] tpg source WxH: 320x240 (Y'CbCr)
[  349.738182][T11625] tpg field: 1
[  349.741573][T11625] tpg crop: (0,0)/320x240
[  349.777515][T11625] tpg compose: (0,0)/320x240
[  349.807010][T11625] tpg colorspace: 8
[  349.823049][T11625] tpg transfer function: 0/0
[  349.847387][T11625] tpg Y'CbCr encoding: 0/0
[  349.851826][T11625] tpg quantization: 0/0
[  349.855962][T11625] tpg RGB range: 0/2
[  349.894332][T11625] vivid-007: ==================  END STATUS  ==================
[  351.706133][T11679] binder: 11676:11679 ioctl c018620c 0 returned -1
[  352.355919][T11668] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  352.510328][T11697] netlink: 'syz.1.1170': attribute type 27 has an invalid length.
[  352.557615][T11697] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1170'.
[  354.318944][T11736] FAULT_INJECTION: forcing a failure.
[  354.318944][T11736] name failslab, interval 1, probability 0, space 0, times 0
[  354.373750][T11737] syz.2.1177 (11737): attempted to duplicate a private mapping with mremap.  This is not supported.
[  354.396232][T11736] CPU: 0 UID: 0 PID: 11736 Comm: syz.1.1179 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  354.396257][T11736] Tainted: [L]=SOFTLOCKUP
[  354.396262][T11736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  354.396271][T11736] Call Trace:
[  354.396276][T11736]  <TASK>
[  354.396281][T11736]  dump_stack_lvl+0x100/0x190
[  354.396308][T11736]  should_fail_ex.cold+0x5/0xa
[  354.396326][T11736]  should_failslab+0xc2/0x120
[  354.396341][T11736]  __kvmalloc_node_noprof+0xfa/0xa00
[  354.396363][T11736]  ? seq_read_iter+0x819/0x1270
[  354.396393][T11736]  seq_read_iter+0x819/0x1270
[  354.396415][T11736]  ? aa_file_perm+0x7f3/0x14d0
[  354.396437][T11736]  seq_read+0x33b/0x4c0
[  354.396457][T11736]  ? __pfx_seq_read+0x10/0x10
[  354.396492][T11736]  full_proxy_read+0x135/0x1a0
[  354.396509][T11736]  ? __pfx_full_proxy_read+0x10/0x10
[  354.396526][T11736]  vfs_read+0x1e4/0xb30
[  354.396550][T11736]  ? __pfx_vfs_read+0x10/0x10
[  354.396571][T11736]  ? __fget_files+0x215/0x3d0
[  354.396589][T11736]  ? __fget_files+0x21f/0x3d0
[  354.396607][T11736]  ksys_read+0x12a/0x250
[  354.396627][T11736]  ? __pfx_ksys_read+0x10/0x10
[  354.396661][T11736]  do_syscall_64+0x106/0xf80
[  354.396678][T11736]  ? clear_bhb_loop+0x40/0x90
[  354.396696][T11736]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.396710][T11736] RIP: 0033:0x7f05c9d9c799
[  354.396723][T11736] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  354.396737][T11736] RSP: 002b:00007f05cac7c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  354.396752][T11736] RAX: ffffffffffffffda RBX: 00007f05ca015fa0 RCX: 00007f05c9d9c799
[  354.396761][T11736] RDX: 0000000000000071 RSI: 0000200000000000 RDI: 0000000000000006
[  354.396769][T11736] RBP: 00007f05cac7c090 R08: 0000000000000000 R09: 0000000000000000
[  354.396777][T11736] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.396785][T11736] R13: 00007f05ca016038 R14: 00007f05ca015fa0 R15: 00007ffd912fd768
[  354.396805][T11736]  </TASK>
[  355.396766][T11749] sd 0:0:1:0: PR command failed: 1026
[  355.412787][T11749] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  355.442410][T11749] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  356.122523][T11768] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1187'.
[  356.727778][T11796] sd 0:0:1:0: PR command failed: 1026
[  356.759701][T11796] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  356.766425][T11796] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  356.969067][T11806] FAULT_INJECTION: forcing a failure.
[  356.969067][T11806] name failslab, interval 1, probability 0, space 0, times 0
[  357.039324][T11806] CPU: 0 UID: 0 PID: 11806 Comm: syz.0.1197 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  357.039350][T11806] Tainted: [L]=SOFTLOCKUP
[  357.039355][T11806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  357.039364][T11806] Call Trace:
[  357.039370][T11806]  <TASK>
[  357.039381][T11806]  dump_stack_lvl+0x100/0x190
[  357.039412][T11806]  should_fail_ex.cold+0x5/0xa
[  357.039429][T11806]  ? tomoyo_realpath_from_path+0xb6/0x690
[  357.039445][T11806]  should_failslab+0xc2/0x120
[  357.039460][T11806]  __kmalloc_noprof+0xe0/0x850
[  357.039484][T11806]  tomoyo_realpath_from_path+0xb6/0x690
[  357.039504][T11806]  tomoyo_path_number_perm+0x23c/0x580
[  357.039526][T11806]  ? tomoyo_path_number_perm+0x22e/0x580
[  357.039548][T11806]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  357.039589][T11806]  ? find_held_lock+0x2b/0x80
[  357.039601][T11806]  ? __fget_files+0x215/0x3d0
[  357.039613][T11806]  ? hook_file_ioctl_common+0x146/0x410
[  357.039639][T11806]  ? __fget_files+0x21f/0x3d0
[  357.039655][T11806]  security_file_ioctl+0xd3/0x230
[  357.039678][T11806]  __x64_sys_ioctl+0xb7/0x210
[  357.039700][T11806]  do_syscall_64+0x106/0xf80
[  357.039716][T11806]  ? clear_bhb_loop+0x40/0x90
[  357.039734][T11806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.039747][T11806] RIP: 0033:0x7f934d59c799
[  357.039760][T11806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  357.039774][T11806] RSP: 002b:00007f934e3d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  357.039789][T11806] RAX: ffffffffffffffda RBX: 00007f934d815fa0 RCX: 00007f934d59c799
[  357.039798][T11806] RDX: 0000000000000003 RSI: 00000000401870cb RDI: 0000000000000003
[  357.039806][T11806] RBP: 00007f934e3d8090 R08: 0000000000000000 R09: 0000000000000000
[  357.039814][T11806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.039822][T11806] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  357.039841][T11806]  </TASK>
[  357.039848][T11806] ERROR: Out of memory at tomoyo_realpath_from_path.
[  357.946711][T11806] sd 0:0:1:0: PR command failed: 1026
[  357.964876][T11806] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  358.005385][T11806] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  358.478504][T11836] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1204'.
[  358.664868][T11843] sd 0:0:1:0: PR command failed: 1026
[  358.681392][T11843] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  358.706736][T11843] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  358.952357][T11850] sd 0:0:1:0: PR command failed: 1026
[  358.985889][T11850] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  359.030893][T11850] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  359.218314][T11855] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1209'.
[  359.288722][T11855] hsr_slave_0: left promiscuous mode
[  359.377150][T11855] hsr_slave_1: left promiscuous mode
[  359.549113][T11815] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  360.345279][T11874] Invalid ELF header magic: != ELF
[  360.782564][T11883] sd 0:0:1:0: PR command failed: 1026
[  360.845221][T11883] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  360.899499][T11883] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  361.336371][T11892] sd 0:0:1:0: PR command failed: 1026
[  361.346491][T11892] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  361.403568][T11892] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  362.960604][   T30] audit: type=1800 audit(4294967371.359:22): pid=11920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1227" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  365.148506][T11958] FAULT_INJECTION: forcing a failure.
[  365.148506][T11958] name failslab, interval 1, probability 0, space 0, times 0
[  365.341252][T11958] CPU: 0 UID: 0 PID: 11958 Comm: syz.1.1231 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.341301][T11958] Tainted: [L]=SOFTLOCKUP
[  365.341312][T11958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  365.341332][T11958] Call Trace:
[  365.341341][T11958]  <TASK>
[  365.341358][T11958]  dump_stack_lvl+0x100/0x190
[  365.341386][T11958]  should_fail_ex.cold+0x5/0xa
[  365.341405][T11958]  should_failslab+0xc2/0x120
[  365.341422][T11958]  __kmalloc_cache_noprof+0x7a/0x6f0
[  365.341440][T11958]  ? percpu_ref_init+0xec/0x3f0
[  365.341462][T11958]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  365.341482][T11958]  percpu_ref_init+0xec/0x3f0
[  365.341503][T11958]  io_uring_setup.cold+0x23b/0x1d09
[  365.341526][T11958]  ? __pfx_io_uring_setup+0x10/0x10
[  365.341545][T11958]  ? do_futex+0x192/0x350
[  365.341564][T11958]  ? __pfx_do_futex+0x10/0x10
[  365.341591][T11958]  ? xfd_validate_state+0x129/0x190
[  365.341618][T11958]  __x64_sys_io_uring_setup+0xc2/0x170
[  365.341636][T11958]  do_syscall_64+0x106/0xf80
[  365.341653][T11958]  ? clear_bhb_loop+0x40/0x90
[  365.341671][T11958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.341687][T11958] RIP: 0033:0x7f05c9d9c799
[  365.341701][T11958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  365.341716][T11958] RSP: 002b:00007f05cac5b028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  365.341730][T11958] RAX: ffffffffffffffda RBX: 00007f05ca016090 RCX: 00007f05c9d9c799
[  365.341740][T11958] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000d
[  365.341748][T11958] RBP: 00007f05c9e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  365.341757][T11958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.341766][T11958] R13: 00007f05ca016128 R14: 00007f05ca016090 R15: 00007ffd912fd768
[  365.341786][T11958]  </TASK>
[  366.193317][T11971] Invalid ELF header magic: != ELF
[  366.346513][T11958] vivid-013: =================  START STATUS  =================
[  366.377645][T11958] vivid-013: Test Pattern: 75% Colorbar
[  366.383477][T11958] vivid-013: Fill Percentage of Frame: 100
[  366.436512][T11958] vivid-013: Horizontal Movement: No Movement
[  366.459412][T11958] vivid-013: Vertical Movement: No Movement
[  366.488043][T11958] vivid-013: OSD Text Mode: All
[  366.514098][T11958] vivid-013: Show Border: false
[  366.592913][T11958] vivid-013: Show Square: false
[  366.650649][T11958] vivid-013: Sensor Flipped Horizontally: false
[  366.744935][T11958] vivid-013: Sensor Flipped Vertically: false
[  366.773606][T11958] vivid-013: Insert SAV Code in Image: false
[  366.856746][T11958] vivid-013: Insert EAV Code in Image: false
[  366.874068][T11958] vivid-013: Insert Video Guard Band: false
[  366.976711][T11958] vivid-013: Reduced Framerate: false
[  367.025041][T11958] vivid-013: HDMI 013-0 Is Connected To: Test Pattern Generator
[  367.122336][T11958] vivid-013: S-Video 013-0 Is Connected To: Test Pattern Generator
[  367.236781][T11958] vivid-013: Enable Capture Cropping: true
[  367.262168][T11982] device-mapper: ioctl: Unable to rename non-existent device,  to uuid �
[  367.286649][T11958] vivid-013: Enable Capture Composing: true
[  367.337165][T11958] vivid-013: Enable Capture Scaler: true
[  367.342829][T11958] vivid-013: Timestamp Source: End of Frame
[  367.424407][T11958] vivid-013: Colorspace: sRGB
[  367.465854][T11958] vivid-013: Transfer Function: Default
[  367.494520][T11958] vivid-013: Y'CbCr Encoding: Default
[  367.585846][T11958] vivid-013: HSV Encoding: Hue 0-179
[  367.624833][T11958] vivid-013: Quantization: Default
[  367.676149][T11958] vivid-013: Apply Alpha To Red Only: false
[  367.744296][T11958] vivid-013: Standard Aspect Ratio: 4x3
[  367.782437][T11958] vivid-013: DV Timings Signal Mode: Current DV Timings inactive
[  367.854918][T11958] vivid-013: DV Timings: 640x480p59 inactive
[  367.931721][T11958] vivid-013: DV Timings Aspect Ratio: Source Width x Height
[  367.991505][T11958] vivid-013: Maximum EDID Blocks: 2
[  368.045806][T11958] vivid-013: Limited RGB Range (16-235): false
[  368.107141][T11958] vivid-013: Rx RGB Quantization Range: Automatic
[  368.178100][T11958] vivid-013: Power Present: 0x00000001
[  368.239475][T11958] tpg source WxH: 320x240 (Y'CbCr)
[  368.280398][T11958] tpg field: 1
[  368.317746][T11958] tpg crop: (0,0)/320x240
[  368.373933][T11958] tpg compose: (0,0)/320x240
[  368.418555][T11958] tpg colorspace: 8
[  368.448259][T11958] tpg transfer function: 0/0
[  368.498392][T11958] tpg Y'CbCr encoding: 0/0
[  368.562350][T11958] tpg quantization: 0/0
[  368.598896][T11958] tpg RGB range: 0/2
[  368.658567][T11958] vivid-013: ==================  END STATUS  ==================
[  369.051470][T12015] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1244'.
[  369.217511][ T5831] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  369.237123][ T5827] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  369.245507][ T5827] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:0'
[  369.255809][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: kworker/u9:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  369.255836][ T5827] Tainted: [L]=SOFTLOCKUP
[  369.255841][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  369.255859][ T5827] Workqueue: hci1 hci_rx_work
[  369.255878][ T5827] Call Trace:
[  369.255885][ T5827]  <TASK>
[  369.255892][ T5827]  dump_stack_lvl+0x100/0x190
[  369.255917][ T5827]  sysfs_warn_dup.cold+0x1c/0x28
[  369.255938][ T5827]  sysfs_create_dir_ns+0x24b/0x2b0
[  369.255966][ T5827]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  369.255986][ T5827]  ? find_held_lock+0x2b/0x80
[  369.255999][ T5827]  ? kobject_add_internal+0x25f/0x930
[  369.256021][ T5827]  ? kobject_add_internal+0x25f/0x930
[  369.256042][ T5827]  ? do_raw_spin_unlock+0x145/0x1e0
[  369.256065][ T5827]  kobject_add_internal+0x2c8/0x930
[  369.256092][ T5827]  kobject_add+0x16a/0x1e0
[  369.256113][ T5827]  ? __pfx_kobject_add+0x10/0x10
[  369.256139][ T5827]  ? class_to_subsys+0x10f/0x150
[  369.256159][ T5827]  ? kobject_put+0xb9/0x640
[  369.256177][ T5827]  ? _raw_spin_unlock+0x28/0x50
[  369.256198][ T5827]  device_add+0x294/0x1950
[  369.256221][ T5827]  ? __pfx_dev_set_name+0x10/0x10
[  369.256238][ T5827]  ? __pfx_device_add+0x10/0x10
[  369.256260][ T5827]  ? mgmt_send_event_skb+0x2fb/0x460
[  369.256285][ T5827]  hci_conn_add_sysfs+0x1a3/0x260
[  369.256303][ T5827]  le_conn_complete_evt+0x11cb/0x1f40
[  369.256334][ T5827]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  369.256356][ T5827]  ? __pfx_bt_warn+0x10/0x10
[  369.256377][ T5827]  hci_le_conn_complete_evt+0x23c/0x3a0
[  369.256393][ T5827]  ? skb_pull_data+0x15f/0x1e0
[  369.256418][ T5827]  hci_le_meta_evt+0x34a/0x5f0
[  369.256433][ T5827]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  369.256451][ T5827]  hci_event_packet+0x682/0x11c0
[  369.256466][ T5827]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  369.256482][ T5827]  ? __pfx_hci_event_packet+0x10/0x10
[  369.256499][ T5827]  ? kcov_remote_start+0x374/0x660
[  369.256512][ T5827]  ? lockdep_hardirqs_on+0x78/0x100
[  369.256534][ T5827]  hci_rx_work+0x451/0xfc0
[  369.256552][ T5827]  process_one_work+0x9d7/0x1920
[  369.256584][ T5827]  ? __pfx_process_one_work+0x10/0x10
[  369.256610][ T5827]  ? __pfx_hci_rx_work+0x10/0x10
[  369.256626][ T5827]  worker_thread+0x5da/0xe40
[  369.256653][ T5827]  ? kthread+0x13a/0x450
[  369.256671][ T5827]  ? __pfx_worker_thread+0x10/0x10
[  369.256689][ T5827]  kthread+0x370/0x450
[  369.256707][ T5827]  ? __pfx_kthread+0x10/0x10
[  369.256727][ T5827]  ret_from_fork+0x754/0xd80
[  369.256750][ T5827]  ? __pfx_ret_from_fork+0x10/0x10
[  369.256772][ T5827]  ? __switch_to+0x7b4/0x1120
[  369.256788][ T5827]  ? __pfx_kthread+0x10/0x10
[  369.256807][ T5827]  ret_from_fork_asm+0x1a/0x30
[  369.256833][ T5827]  </TASK>
[  369.806090][ T5827] kobject: kobject_add_internal failed for hci1:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  369.821288][ T5827] Bluetooth: hci1: failed to register connection device
[  370.007991][T12031] FAULT_INJECTION: forcing a failure.
[  370.007991][T12031] name failslab, interval 1, probability 0, space 0, times 0
[  370.087897][T12031] CPU: 0 UID: 0 PID: 12031 Comm: syz.0.1248 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  370.087925][T12031] Tainted: [L]=SOFTLOCKUP
[  370.087930][T12031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  370.087940][T12031] Call Trace:
[  370.087946][T12031]  <TASK>
[  370.087952][T12031]  dump_stack_lvl+0x100/0x190
[  370.087981][T12031]  should_fail_ex.cold+0x5/0xa
[  370.087999][T12031]  ? tomoyo_encode2+0xfb/0x3c0
[  370.088015][T12031]  should_failslab+0xc2/0x120
[  370.088030][T12031]  __kmalloc_noprof+0xe0/0x850
[  370.088051][T12031]  ? d_absolute_path+0x136/0x1b0
[  370.088074][T12031]  tomoyo_encode2+0xfb/0x3c0
[  370.088092][T12031]  tomoyo_encode+0x29/0x50
[  370.088107][T12031]  tomoyo_realpath_from_path+0x18c/0x690
[  370.088128][T12031]  tomoyo_path_number_perm+0x23c/0x580
[  370.088150][T12031]  ? tomoyo_path_number_perm+0x22e/0x580
[  370.088173][T12031]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  370.088196][T12031]  ? rcu_read_unlock+0x17/0x60
[  370.088224][T12031]  ? do_raw_spin_lock+0x128/0x260
[  370.088257][T12031]  ? find_held_lock+0x2b/0x80
[  370.088271][T12031]  ? __pfx_d_add+0x10/0x10
[  370.088289][T12031]  ? d_alloc+0x176/0x1e0
[  370.088305][T12031]  ? current_check_access_path+0x281/0x460
[  370.088323][T12031]  ? __pfx_current_check_access_path+0x10/0x10
[  370.088341][T12031]  ? simple_lookup+0x105/0x1d0
[  370.088366][T12031]  tomoyo_path_mknod+0x164/0x190
[  370.088385][T12031]  ? __pfx_tomoyo_path_mknod+0x10/0x10
[  370.088404][T12031]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  370.088431][T12031]  security_path_mknod+0x161/0x300
[  370.088449][T12031]  filename_mknodat+0x241/0x7f0
[  370.088468][T12031]  ? __pfx_filename_mknodat+0x10/0x10
[  370.088483][T12031]  ? strncpy_from_user+0x19d/0x2d0
[  370.088508][T12031]  ? do_getname+0x191/0x390
[  370.088527][T12031]  __x64_sys_mknod+0x8f/0xc0
[  370.088543][T12031]  do_syscall_64+0x106/0xf80
[  370.088560][T12031]  ? clear_bhb_loop+0x40/0x90
[  370.088579][T12031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.088595][T12031] RIP: 0033:0x7f934d59c799
[  370.088609][T12031] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  370.088623][T12031] RSP: 002b:00007f934e3b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  370.088638][T12031] RAX: ffffffffffffffda RBX: 00007f934d816090 RCX: 00007f934d59c799
[  370.088648][T12031] RDX: 0000000000000007 RSI: 00000000000000cb RDI: 0000200000000180
[  370.088658][T12031] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  370.088667][T12031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  370.088676][T12031] R13: 00007f934d816128 R14: 00007f934d816090 R15: 00007ffdad62f238
[  370.088696][T12031]  </TASK>
[  370.088724][T12031] ERROR: Out of memory at tomoyo_realpath_from_path.
[  371.011180][T12036] FAULT_INJECTION: forcing a failure.
[  371.011180][T12036] name failslab, interval 1, probability 0, space 0, times 0
[  371.066720][T12036] CPU: 0 UID: 0 PID: 12036 Comm: syz.4.1249 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  371.066745][T12036] Tainted: [L]=SOFTLOCKUP
[  371.066750][T12036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  371.066759][T12036] Call Trace:
[  371.066765][T12036]  <TASK>
[  371.066771][T12036]  dump_stack_lvl+0x100/0x190
[  371.066797][T12036]  should_fail_ex.cold+0x5/0xa
[  371.066814][T12036]  should_failslab+0xc2/0x120
[  371.066835][T12036]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  371.066857][T12036]  ? __alloc_skb+0x140/0x710
[  371.066880][T12036]  __alloc_skb+0x140/0x710
[  371.066894][T12036]  ? __alloc_skb+0x5b7/0x710
[  371.066909][T12036]  ? __pfx___alloc_skb+0x10/0x10
[  371.066926][T12036]  ? sk_page_frag_refill+0x6c/0x340
[  371.066951][T12036]  kcm_sendmsg+0x1036/0x32e0
[  371.066979][T12036]  ? __pfx_kcm_sendmsg+0x10/0x10
[  371.066996][T12036]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  371.067023][T12036]  sock_sendmsg+0x3a1/0x430
[  371.067046][T12036]  ? __pfx_sock_sendmsg+0x10/0x10
[  371.067084][T12036]  splice_to_socket+0xb4c/0x11b0
[  371.067102][T12036]  ? touch_atime+0xa5/0x7a0
[  371.067131][T12036]  ? __pfx_splice_to_socket+0x10/0x10
[  371.067168][T12036]  ? trace_kmalloc+0x101/0x130
[  371.067183][T12036]  ? lockdep_init_map_type+0x5c/0x250
[  371.067203][T12036]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  371.067226][T12036]  ? __pfx_splice_to_socket+0x10/0x10
[  371.067241][T12036]  direct_splice_actor+0x192/0x6c0
[  371.067267][T12036]  splice_direct_to_actor+0x345/0xa30
[  371.067292][T12036]  ? __pfx_direct_splice_actor+0x10/0x10
[  371.067319][T12036]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  371.067348][T12036]  do_splice_direct+0x174/0x240
[  371.067363][T12036]  ? __pfx_do_splice_direct+0x10/0x10
[  371.067386][T12036]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  371.067410][T12036]  ? bpf_lsm_file_permission+0x9/0x10
[  371.067431][T12036]  ? security_file_permission+0x76/0x210
[  371.067447][T12036]  ? rw_verify_area+0xce/0x6d0
[  371.067469][T12036]  do_sendfile+0xadc/0xe20
[  371.067493][T12036]  ? __pfx_do_sendfile+0x10/0x10
[  371.067514][T12036]  ? __sys_sendmsg+0x18f/0x220
[  371.067532][T12036]  ? __x64_sys_futex+0x34f/0x4d0
[  371.067550][T12036]  ? __x64_sys_futex+0x358/0x4d0
[  371.067570][T12036]  __x64_sys_sendfile64+0x1d8/0x220
[  371.067587][T12036]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  371.067609][T12036]  do_syscall_64+0x106/0xf80
[  371.067626][T12036]  ? clear_bhb_loop+0x40/0x90
[  371.067648][T12036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.067664][T12036] RIP: 0033:0x7fabc919c799
[  371.067677][T12036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  371.067691][T12036] RSP: 002b:00007fabca0dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  371.067706][T12036] RAX: ffffffffffffffda RBX: 00007fabc9415fa0 RCX: 00007fabc919c799
[  371.067716][T12036] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001
[  371.067724][T12036] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  371.067733][T12036] R10: 000000007ffff011 R11: 0000000000000246 R12: 0000000000000000
[  371.067742][T12036] R13: 00007fabc9416038 R14: 00007fabc9415fa0 R15: 00007ffc15dc3b28
[  371.067761][T12036]  </TASK>
[  371.747176][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  371.940697][T12029] random: crng reseeded on system resumption
[  373.261414][T12061] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1254'.
[  373.819763][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  374.166434][T12085] zswap: compressor � not available
[  374.559473][T12082] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  374.591354][T12082] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  374.607118][T12082] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  374.648475][T12082] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  374.654624][T12082] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  375.494270][T12091] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  375.966699][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout
[  376.034551][   T30] audit: type=1326 audit(4294967384.429:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12126 comm="syz.0.1270" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f934d59c799 code=0x0
[  376.334805][T12146] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1271'.
[  376.606881][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  376.656143][T12134] FAULT_INJECTION: forcing a failure.
[  376.656143][T12134] name failslab, interval 1, probability 0, space 0, times 0
[  376.687975][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout
[  376.693997][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout
[  376.806713][T12134] CPU: 0 UID: 0 PID: 12134 Comm: syz.1.1269 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  376.806740][T12134] Tainted: [L]=SOFTLOCKUP
[  376.806746][T12134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  376.806756][T12134] Call Trace:
[  376.806761][T12134]  <TASK>
[  376.806768][T12134]  dump_stack_lvl+0x100/0x190
[  376.806794][T12134]  should_fail_ex.cold+0x5/0xa
[  376.806813][T12134]  should_failslab+0xc2/0x120
[  376.806829][T12134]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  376.806850][T12134]  ? shmem_alloc_inode+0x25/0x50
[  376.806869][T12134]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  376.806886][T12134]  shmem_alloc_inode+0x25/0x50
[  376.806902][T12134]  alloc_inode+0x68/0x250
[  376.806921][T12134]  new_inode+0x22/0x1c0
[  376.806941][T12134]  shmem_get_inode+0x212/0x1040
[  376.806962][T12134]  ? __pfx_shmem_get_inode+0x10/0x10
[  376.806979][T12134]  ? rcu_is_watching+0x12/0xc0
[  376.806999][T12134]  ? percpu_counter_add_batch+0xb9/0x230
[  376.807028][T12134]  __shmem_file_setup+0x3ac/0x490
[  376.807048][T12134]  ? __pfx___shmem_file_setup+0x10/0x10
[  376.807071][T12134]  ? vm_area_alloc+0x1f/0x160
[  376.807097][T12134]  shmem_zero_setup+0x96/0x1b0
[  376.807121][T12134]  __mmap_region+0x2198/0x29e0
[  376.807145][T12134]  ? __pfx___mmap_region+0x10/0x10
[  376.807171][T12134]  ? set_next_entity+0x11b/0x9c0
[  376.807196][T12134]  ? __lock_acquire+0x4a5/0x2630
[  376.807213][T12134]  ? find_held_lock+0x2b/0x80
[  376.807234][T12134]  ? find_held_lock+0x2b/0x80
[  376.807247][T12134]  ? finish_task_switch.isra.0+0x200/0xb80
[  376.807263][T12134]  ? finish_task_switch.isra.0+0x200/0xb80
[  376.807293][T12134]  ? trace_sched_exit_tp+0x13a/0x180
[  376.807311][T12134]  ? __schedule+0x1000/0x60e0
[  376.807352][T12134]  ? rcu_is_watching+0x12/0xc0
[  376.807379][T12134]  mmap_region+0x180/0x3e0
[  376.807403][T12134]  do_mmap+0xc63/0x12f0
[  376.807423][T12134]  ? __pfx_do_mmap+0x10/0x10
[  376.807438][T12134]  ? __pfx_down_write_killable+0x10/0x10
[  376.807462][T12134]  vm_mmap_pgoff+0x29e/0x470
[  376.807481][T12134]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  376.807498][T12134]  ? do_futex+0x192/0x350
[  376.807517][T12134]  ? __pfx_do_futex+0x10/0x10
[  376.807539][T12134]  ksys_mmap_pgoff+0xe1/0x650
[  376.807554][T12134]  ? __x64_sys_futex+0x34f/0x4d0
[  376.807571][T12134]  ? __x64_sys_futex+0x358/0x4d0
[  376.807590][T12134]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  376.807605][T12134]  ? xfd_validate_state+0x129/0x190
[  376.807629][T12134]  __x64_sys_mmap+0x125/0x190
[  376.807652][T12134]  do_syscall_64+0x106/0xf80
[  376.807669][T12134]  ? clear_bhb_loop+0x40/0x90
[  376.807686][T12134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.807701][T12134] RIP: 0033:0x7f05c9d9c799
[  376.807715][T12134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  376.807729][T12134] RSP: 002b:00007f05cac19028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  376.807744][T12134] RAX: ffffffffffffffda RBX: 00007f05ca016270 RCX: 00007f05c9d9c799
[  376.807755][T12134] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  376.807764][T12134] RBP: 00007f05c9e32bd9 R08: 0000000000000401 R09: 0000000000008000
[  376.807773][T12134] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  376.807783][T12134] R13: 00007f05ca016308 R14: 00007f05ca016270 R15: 00007ffd912fd768
[  376.807803][T12134]  </TASK>
[  378.646390][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.656838][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  378.690953][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout
[  378.777180][T12176] HfR: entered promiscuous mode
[  380.245945][T12181] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  380.675724][T12201] zswap: compressor � not available
[  380.698289][T12203] Setting dangerous option i915.mitigations - tainting kernel
[  380.908175][T12217] ubi0: attaching mtd0
[  380.968619][T12217] ubi0: scanning is finished
[  380.973266][T12217] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  381.386627][T12217] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  381.562572][T12229] __vm_enough_memory: pid: 12229, comm: syz.0.1288, bytes: 4398046511104 not enough memory for the allocation
[  382.078554][T12232] sd 0:0:1:0: PR command failed: 1026
[  382.102877][T12232] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  382.157989][T12232] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  382.494375][ T5831] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  382.507226][ T5831] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  382.519234][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  382.536550][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  382.544064][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  383.401498][T12265] FAULT_INJECTION: forcing a failure.
[  383.401498][T12265] name failslab, interval 1, probability 0, space 0, times 0
[  383.421118][T12270] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1296'.
[  383.484907][T12265] CPU: 0 UID: 0 PID: 12265 Comm: syz.0.1303 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  383.484933][T12265] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  383.484939][T12265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  383.484949][T12265] Call Trace:
[  383.484954][T12265]  <TASK>
[  383.484960][T12265]  dump_stack_lvl+0x100/0x190
[  383.484987][T12265]  should_fail_ex.cold+0x5/0xa
[  383.485006][T12265]  should_failslab+0xc2/0x120
[  383.485022][T12265]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  383.485043][T12265]  ? security_file_alloc+0x34/0x2c0
[  383.485058][T12265]  ? trace_kmem_cache_alloc+0xf3/0x120
[  383.485077][T12265]  security_file_alloc+0x34/0x2c0
[  383.485092][T12265]  init_file+0x95/0x480
[  383.485109][T12265]  alloc_empty_file+0x73/0x1c0
[  383.485127][T12265]  dentry_open+0x46/0xd0
[  383.485145][T12265]  acct_on+0x189/0x9e0
[  383.485167][T12265]  ? __pfx_acct_on+0x10/0x10
[  383.485188][T12265]  ? bpf_lsm_capable+0x9/0x10
[  383.485202][T12265]  ? security_capable+0x80/0x260
[  383.485224][T12265]  __x64_sys_acct+0x81/0x1e0
[  383.485244][T12265]  ? lockdep_hardirqs_on+0x78/0x100
[  383.485261][T12265]  do_syscall_64+0x106/0xf80
[  383.485277][T12265]  ? clear_bhb_loop+0x40/0x90
[  383.485295][T12265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.485311][T12265] RIP: 0033:0x7f934d59c799
[  383.485324][T12265] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  383.485339][T12265] RSP: 002b:00007f934e3d8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  383.485353][T12265] RAX: ffffffffffffffda RBX: 00007f934d815fa0 RCX: 00007f934d59c799
[  383.485363][T12265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  383.485372][T12265] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  383.485381][T12265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  383.485389][T12265] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  383.485409][T12265]  </TASK>
[  383.992070][ T6758] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.337666][ T6758] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.389175][T12249] chnl_net:caif_netlink_parms(): no params data found
[  384.547734][ T6758] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.578182][T12285] TCP: TCP_TX_DELAY enabled
[  384.606872][ T5827] Bluetooth: hci3: command tx timeout
[  384.664755][T12286] netlink: 'syz.0.1298': attribute type 23 has an invalid length.
[  384.795877][ T6758] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.846818][ T5831] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  384.949694][T12249] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.990865][T12249] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.045819][T12249] bridge_slave_0: entered allmulticast mode
[  385.085564][T12249] bridge_slave_0: entered promiscuous mode
[  385.094886][T12252] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  385.129724][T12249] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.160334][T12249] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.196829][T12249] bridge_slave_1: entered allmulticast mode
[  385.238770][T12249] bridge_slave_1: entered promiscuous mode
[  385.385324][T12249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.447761][T12249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.652578][T12249] team0: Port device team_slave_0 added
[  385.778246][T12249] team0: Port device team_slave_1 added
[  385.819762][T12321] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1305'.
[  385.968985][T12249] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.975946][T12249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.157547][T12249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.265072][T12321] bond0: left allmulticast mode
[  386.334869][T12321] bond_slave_0: left allmulticast mode
[  386.370384][T12321] bond_slave_1: left allmulticast mode
[  386.400072][T12321] bond0: left promiscuous mode
[  386.427212][T12321] bond_slave_0: left promiscuous mode
[  386.475187][T12321] bond_slave_1: left promiscuous mode
[  386.518291][T12321] bridge0: port 3(bond0) entered disabled state
[  386.566239][T12321] bridge_slave_0: left allmulticast mode
[  386.592560][T12321] bridge_slave_0: left promiscuous mode
[  386.623709][T12321] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.687782][ T5831] Bluetooth: hci3: command tx timeout
[  386.720009][T12249] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.738436][T12249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  386.796030][T12249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.839137][ T6758] bridge_slave_0: left allmulticast mode
[  386.845095][ T6758] bridge_slave_0: left promiscuous mode
[  386.863563][ T6758] bridge0: port 1(bridge_slave_0) entered disabled state
[  387.065160][ T6758] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  387.084478][ T6758] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  387.104827][ T6758] bond0 (unregistering): Released all slaves
[  387.174040][ T6758] ovs_: left promiscuous mode
[  387.318669][ T6758] tipc: Left network mode
[  387.346182][T12249] hsr_slave_0: entered promiscuous mode
[  387.357504][T12249] hsr_slave_1: entered promiscuous mode
[  387.375964][T12249] debugfs: 'hsr0' already exists in 'hsr'
[  387.382105][T12249] Cannot create hsr debugfs directory
[  387.783548][ T6758] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  387.814923][ T6758] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.858753][ T6758] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  387.896685][ T6758] batman_adv: batadv0: Removing interface: batadv_slave_1
[  387.967601][ T6758] veth1_macvtap: left promiscuous mode
[  387.973099][ T6758] veth0_macvtap: left promiscuous mode
[  388.009137][ T6758] veth1_vlan: left promiscuous mode
[  388.027398][ T6758] veth0_vlan: left promiscuous mode
[  388.472396][T12368] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint
[  388.777590][ T5831] Bluetooth: hci3: command tx timeout
[  389.559595][T12382] netlink: 'syz.1.1313': attribute type 1 has an invalid length.
[  389.624303][T12382] misc userio: Invalid payload size
[  389.800127][T12249] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  389.904574][T12249] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  389.994233][T12249] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  390.091787][T12249] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  390.654102][T12386] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  390.822024][T12249] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.847801][ T5831] Bluetooth: hci3: command tx timeout
[  390.994736][T12249] 8021q: adding VLAN 0 to HW filter on device team0
[  391.104795][ T6791] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.111957][ T6791] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.180829][ T6791] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.188006][ T6791] bridge0: port 2(bridge_slave_1) entered forwarding state
[  392.326518][T12249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  392.504111][T12462] FAULT_INJECTION: forcing a failure.
[  392.504111][T12462] name failslab, interval 1, probability 0, space 0, times 0
[  392.571918][T12462] CPU: 0 UID: 0 PID: 12462 Comm: syz.1.1328 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  392.571948][T12462] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  392.571954][T12462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  392.571963][T12462] Call Trace:
[  392.571968][T12462]  <TASK>
[  392.571975][T12462]  dump_stack_lvl+0x100/0x190
[  392.572001][T12462]  should_fail_ex.cold+0x5/0xa
[  392.572019][T12462]  ? tomoyo_realpath_from_path+0xb6/0x690
[  392.572036][T12462]  should_failslab+0xc2/0x120
[  392.572052][T12462]  __kmalloc_noprof+0xe0/0x850
[  392.572078][T12462]  tomoyo_realpath_from_path+0xb6/0x690
[  392.572099][T12462]  tomoyo_check_open_permission+0x2af/0x3c0
[  392.572123][T12462]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  392.572165][T12462]  ? do_raw_spin_lock+0x128/0x260
[  392.572188][T12462]  ? path_get+0x61/0x80
[  392.572205][T12462]  tomoyo_file_open+0x6b/0x90
[  392.572225][T12462]  security_file_open+0xb5/0x1e0
[  392.572240][T12462]  do_dentry_open+0x5aa/0x1660
[  392.572256][T12462]  ? security_inode_permission+0xbf/0x250
[  392.572282][T12462]  vfs_open+0x82/0x3f0
[  392.572302][T12462]  path_openat+0x208c/0x31a0
[  392.572323][T12462]  ? __pfx_path_openat+0x10/0x10
[  392.572345][T12462]  do_file_open+0x20e/0x430
[  392.572361][T12462]  ? __pfx_do_file_open+0x10/0x10
[  392.572389][T12462]  ? alloc_fd+0x476/0x790
[  392.572405][T12462]  ? do_getname+0x191/0x390
[  392.572425][T12462]  do_sys_openat2+0x10d/0x1e0
[  392.572443][T12462]  ? __pfx_do_sys_openat2+0x10/0x10
[  392.572468][T12462]  __x64_sys_openat+0x12d/0x210
[  392.572487][T12462]  ? __pfx___x64_sys_openat+0x10/0x10
[  392.572513][T12462]  do_syscall_64+0x106/0xf80
[  392.572530][T12462]  ? clear_bhb_loop+0x40/0x90
[  392.572548][T12462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.572563][T12462] RIP: 0033:0x7f05c9d9c799
[  392.572577][T12462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  392.572592][T12462] RSP: 002b:00007f05cac5b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  392.572607][T12462] RAX: ffffffffffffffda RBX: 00007f05ca016090 RCX: 00007f05c9d9c799
[  392.572616][T12462] RDX: 0000000000101901 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[  392.572626][T12462] RBP: 00007f05c9e32bd9 R08: 0000000000000000 R09: 0000000000000000
[  392.572634][T12462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.572644][T12462] R13: 00007f05ca016128 R14: 00007f05ca016090 R15: 00007ffd912fd768
[  392.572664][T12462]  </TASK>
[  392.572953][T12462] ERROR: Out of memory at tomoyo_realpath_from_path.
[  393.067902][T12467] FAULT_INJECTION: forcing a failure.
[  393.067902][T12467] name failslab, interval 1, probability 0, space 0, times 0
[  393.107983][T12467] CPU: 0 UID: 0 PID: 12467 Comm: syz.4.1321 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  393.108012][T12467] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  393.108018][T12467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  393.108028][T12467] Call Trace:
[  393.108033][T12467]  <TASK>
[  393.108040][T12467]  dump_stack_lvl+0x100/0x190
[  393.108068][T12467]  should_fail_ex.cold+0x5/0xa
[  393.108086][T12467]  should_failslab+0xc2/0x120
[  393.108101][T12467]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  393.108124][T12467]  ? shmem_alloc_inode+0x25/0x50
[  393.108141][T12467]  ? __lock_acquire+0x4a5/0x2630
[  393.108159][T12467]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  393.108176][T12467]  shmem_alloc_inode+0x25/0x50
[  393.108192][T12467]  alloc_inode+0x68/0x250
[  393.108211][T12467]  new_inode+0x22/0x1c0
[  393.108231][T12467]  shmem_get_inode+0x212/0x1040
[  393.108253][T12467]  ? __pfx_shmem_get_inode+0x10/0x10
[  393.108270][T12467]  ? rcu_is_watching+0x12/0xc0
[  393.108291][T12467]  ? percpu_counter_add_batch+0xb9/0x230
[  393.108326][T12467]  __shmem_file_setup+0x3ac/0x490
[  393.108347][T12467]  ? __pfx___shmem_file_setup+0x10/0x10
[  393.108374][T12467]  ? vm_area_alloc+0x1f/0x160
[  393.108398][T12467]  shmem_zero_setup+0x96/0x1b0
[  393.108422][T12467]  __mmap_region+0x2198/0x29e0
[  393.108453][T12467]  ? __pfx___mmap_region+0x10/0x10
[  393.108478][T12467]  ? set_next_entity+0x11b/0x9c0
[  393.108504][T12467]  ? __lock_acquire+0x4a5/0x2630
[  393.108521][T12467]  ? find_held_lock+0x2b/0x80
[  393.108542][T12467]  ? find_held_lock+0x2b/0x80
[  393.108555][T12467]  ? finish_task_switch.isra.0+0x200/0xb80
[  393.108570][T12467]  ? finish_task_switch.isra.0+0x200/0xb80
[  393.108594][T12467]  ? trace_sched_exit_tp+0x13a/0x180
[  393.108610][T12467]  ? __schedule+0x1000/0x60e0
[  393.108651][T12467]  ? rcu_is_watching+0x12/0xc0
[  393.108677][T12467]  mmap_region+0x180/0x3e0
[  393.108701][T12467]  do_mmap+0xc63/0x12f0
[  393.108721][T12467]  ? __pfx_do_mmap+0x10/0x10
[  393.108737][T12467]  ? __pfx_down_write_killable+0x10/0x10
[  393.108771][T12467]  vm_mmap_pgoff+0x29e/0x470
[  393.108791][T12467]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  393.108809][T12467]  ? do_futex+0x192/0x350
[  393.108829][T12467]  ? __pfx_do_futex+0x10/0x10
[  393.108853][T12467]  ksys_mmap_pgoff+0xe1/0x650
[  393.108870][T12467]  ? __x64_sys_futex+0x34f/0x4d0
[  393.108887][T12467]  ? __x64_sys_futex+0x358/0x4d0
[  393.108906][T12467]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  393.108921][T12467]  ? xfd_validate_state+0x129/0x190
[  393.108945][T12467]  __x64_sys_mmap+0x125/0x190
[  393.108968][T12467]  do_syscall_64+0x106/0xf80
[  393.108985][T12467]  ? clear_bhb_loop+0x40/0x90
[  393.109002][T12467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.109017][T12467] RIP: 0033:0x7fabc919c799
[  393.109031][T12467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  393.109046][T12467] RSP: 002b:00007fabca07a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  393.109062][T12467] RAX: ffffffffffffffda RBX: 00007fabc9416270 RCX: 00007fabc919c799
[  393.109072][T12467] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000
[  393.109082][T12467] RBP: 00007fabc9232bd9 R08: 0000000000000401 R09: 0000000000008000
[  393.109091][T12467] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  393.109100][T12467] R13: 00007fabc9416308 R14: 00007fabc9416270 R15: 00007ffc15dc3b28
[  393.109119][T12467]  </TASK>
[  394.709227][T12249] veth0_vlan: entered promiscuous mode
[  394.814908][T12249] veth1_vlan: entered promiscuous mode
[  394.898147][T12249] veth0_macvtap: entered promiscuous mode
[  394.941382][T12249] veth1_macvtap: entered promiscuous mode
[  394.993673][T12249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  395.041394][T12249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  395.092914][ T6758] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  395.132461][ T6758] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.187410][ T6758] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.196318][ T6758] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.521781][  T127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.546315][  T127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.719755][ T6791] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.772822][ T6791] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  397.204838][T12554] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1332'.
[  398.708651][T12586] Invalid ELF header magic: != ELF
[  399.047885][T12591] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  399.175651][T12596] ovs_: entered promiscuous mode
[  400.501590][T12627] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1346'.
[  401.060627][T12637] zswap: compressor  not available
[  401.871560][T12658] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1354'.
[  401.902833][T12658] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  401.959082][T12658] batman_adv: batadv0: Removing interface: batadv_slave_0
[  402.243999][T12663] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1355'.
[  402.681815][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1358'.
[  402.818803][T12667] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input18
[  404.497363][T12706] netlink: 'syz.1.1364': attribute type 33 has an invalid length.
[  404.541788][T12708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1363'.
[  404.787935][T12723] FAULT_INJECTION: forcing a failure.
[  404.787935][T12723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.866670][T12723] CPU: 0 UID: 0 PID: 12723 Comm: syz.1.1366 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  404.866697][T12723] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  404.866709][T12723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  404.866718][T12723] Call Trace:
[  404.866723][T12723]  <TASK>
[  404.866729][T12723]  dump_stack_lvl+0x100/0x190
[  404.866755][T12723]  should_fail_ex.cold+0x5/0xa
[  404.866772][T12723]  _copy_from_user+0x2e/0xd0
[  404.866796][T12723]  copy_msghdr_from_user+0x9f/0x4f0
[  404.866819][T12723]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  404.866844][T12723]  ? __pfx__kstrtoull+0x10/0x10
[  404.866864][T12723]  ___sys_sendmsg+0x106/0x1e0
[  404.866887][T12723]  ? __pfx____sys_sendmsg+0x10/0x10
[  404.866916][T12723]  ? find_held_lock+0x2b/0x80
[  404.866941][T12723]  __sys_sendmmsg+0x205/0x430
[  404.866960][T12723]  ? __pfx___sys_sendmmsg+0x10/0x10
[  404.866983][T12723]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  404.867009][T12723]  ? fput+0x79/0x100
[  404.867025][T12723]  ? ksys_write+0x1ac/0x250
[  404.867051][T12723]  ? __pfx_ksys_write+0x10/0x10
[  404.867076][T12723]  __x64_sys_sendmmsg+0x9c/0x100
[  404.867092][T12723]  ? lockdep_hardirqs_on+0x78/0x100
[  404.867109][T12723]  do_syscall_64+0x106/0xf80
[  404.867125][T12723]  ? clear_bhb_loop+0x40/0x90
[  404.867143][T12723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.867157][T12723] RIP: 0033:0x7f05c9d9c799
[  404.867170][T12723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  404.867183][T12723] RSP: 002b:00007f05cac5b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  404.867198][T12723] RAX: ffffffffffffffda RBX: 00007f05ca016090 RCX: 00007f05c9d9c799
[  404.867207][T12723] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000008
[  404.867215][T12723] RBP: 00007f05cac5b090 R08: 0000000000000000 R09: 0000000000000000
[  404.867224][T12723] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[  404.867232][T12723] R13: 00007f05ca016128 R14: 00007f05ca016090 R15: 00007ffd912fd768
[  404.867251][T12723]  </TASK>
[  406.738095][T12755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1368'.
[  409.067306][T12799] FAULT_INJECTION: forcing a failure.
[  409.067306][T12799] name failslab, interval 1, probability 0, space 0, times 0
[  409.241338][T12799] CPU: 0 UID: 0 PID: 12799 Comm: syz.0.1373 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  409.241365][T12799] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  409.241371][T12799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  409.241379][T12799] Call Trace:
[  409.241384][T12799]  <TASK>
[  409.241390][T12799]  dump_stack_lvl+0x100/0x190
[  409.241416][T12799]  should_fail_ex.cold+0x5/0xa
[  409.241433][T12799]  should_failslab+0xc2/0x120
[  409.241448][T12799]  __kmalloc_cache_noprof+0x7a/0x6f0
[  409.241466][T12799]  ? ring_buffer_read_start+0x149/0x460
[  409.241491][T12799]  ring_buffer_read_start+0x149/0x460
[  409.241511][T12799]  ? __pfx_ring_buffer_read_start+0x10/0x10
[  409.241531][T12799]  ? lockdep_init_map_type+0x5c/0x250
[  409.241551][T12799]  ? ring_buffer_overruns+0x14e/0x1a0
[  409.241570][T12799]  tracing_open+0x9cd/0xef0
[  409.241590][T12799]  do_dentry_open+0x6d8/0x1660
[  409.241603][T12799]  ? __pfx_tracing_open+0x10/0x10
[  409.241624][T12799]  vfs_open+0x82/0x3f0
[  409.241644][T12799]  path_openat+0x208c/0x31a0
[  409.241665][T12799]  ? __pfx_path_openat+0x10/0x10
[  409.241685][T12799]  do_file_open+0x20e/0x430
[  409.241701][T12799]  ? __pfx_do_file_open+0x10/0x10
[  409.241728][T12799]  ? alloc_fd+0x476/0x790
[  409.241744][T12799]  ? do_getname+0x191/0x390
[  409.241763][T12799]  do_sys_openat2+0x10d/0x1e0
[  409.241780][T12799]  ? __pfx_do_sys_openat2+0x10/0x10
[  409.241800][T12799]  ? __fget_files+0x21f/0x3d0
[  409.241816][T12799]  __x64_sys_openat+0x12d/0x210
[  409.241835][T12799]  ? __pfx___x64_sys_openat+0x10/0x10
[  409.241861][T12799]  do_syscall_64+0x106/0xf80
[  409.241877][T12799]  ? clear_bhb_loop+0x40/0x90
[  409.241895][T12799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  409.241910][T12799] RIP: 0033:0x7f934d59c799
[  409.241923][T12799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  409.241936][T12799] RSP: 002b:00007f934e396028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  409.241950][T12799] RAX: ffffffffffffffda RBX: 00007f934d816180 RCX: 00007f934d59c799
[  409.241960][T12799] RDX: 1a6b75d6389a9610 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  409.241969][T12799] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  409.241977][T12799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  409.241986][T12799] R13: 00007f934d816218 R14: 00007f934d816180 R15: 00007ffdad62f238
[  409.242005][T12799]  </TASK>
[  410.111009][T12821] FAULT_INJECTION: forcing a failure.
[  410.111009][T12821] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.144627][T12821] CPU: 0 UID: 0 PID: 12821 Comm: syz.5.1375 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  410.144654][T12821] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  410.144659][T12821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  410.144668][T12821] Call Trace:
[  410.144674][T12821]  <TASK>
[  410.144680][T12821]  dump_stack_lvl+0x100/0x190
[  410.144706][T12821]  should_fail_ex.cold+0x5/0xa
[  410.144723][T12821]  _copy_from_user+0x2e/0xd0
[  410.144748][T12821]  ____sys_sendmsg+0x1d1/0xc30
[  410.144772][T12821]  ? __pfx_____sys_sendmsg+0x10/0x10
[  410.144795][T12821]  ? __pfx__kstrtoull+0x10/0x10
[  410.144815][T12821]  ___sys_sendmsg+0x190/0x1e0
[  410.144838][T12821]  ? __pfx____sys_sendmsg+0x10/0x10
[  410.144867][T12821]  ? find_held_lock+0x2b/0x80
[  410.144892][T12821]  __sys_sendmmsg+0x205/0x430
[  410.144912][T12821]  ? __pfx___sys_sendmmsg+0x10/0x10
[  410.144935][T12821]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  410.144962][T12821]  ? fput+0x79/0x100
[  410.144978][T12821]  ? ksys_write+0x1ac/0x250
[  410.144999][T12821]  ? __pfx_ksys_write+0x10/0x10
[  410.145024][T12821]  __x64_sys_sendmmsg+0x9c/0x100
[  410.145059][T12821]  ? lockdep_hardirqs_on+0x78/0x100
[  410.145076][T12821]  do_syscall_64+0x106/0xf80
[  410.145092][T12821]  ? clear_bhb_loop+0x40/0x90
[  410.145110][T12821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.145124][T12821] RIP: 0033:0x7f54f4b9c799
[  410.145137][T12821] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  410.145151][T12821] RSP: 002b:00007f54f5a30028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  410.145166][T12821] RAX: ffffffffffffffda RBX: 00007f54f4e16360 RCX: 00007f54f4b9c799
[  410.145175][T12821] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000008
[  410.145183][T12821] RBP: 00007f54f5a30090 R08: 0000000000000000 R09: 0000000000000000
[  410.145192][T12821] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001
[  410.145201][T12821] R13: 00007f54f4e163f8 R14: 00007f54f4e16360 R15: 00007ffd51ac3c08
[  410.145219][T12821]  </TASK>
[  410.465023][T12823] Invalid ELF header magic: != ELF
[  410.581700][T12828] FAULT_INJECTION: forcing a failure.
[  410.581700][T12828] name failslab, interval 1, probability 0, space 0, times 0
[  410.602292][T12828] CPU: 0 UID: 0 PID: 12828 Comm: syz.4.1378 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  410.602324][T12828] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  410.602331][T12828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  410.602340][T12828] Call Trace:
[  410.602345][T12828]  <TASK>
[  410.602352][T12828]  dump_stack_lvl+0x100/0x190
[  410.602378][T12828]  should_fail_ex.cold+0x5/0xa
[  410.602396][T12828]  should_failslab+0xc2/0x120
[  410.602411][T12828]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  410.602433][T12828]  ? do_getname+0x35/0x390
[  410.602455][T12828]  do_getname+0x35/0x390
[  410.602475][T12828]  do_sys_openat2+0xc5/0x1e0
[  410.602494][T12828]  ? __pfx_do_sys_openat2+0x10/0x10
[  410.602518][T12828]  __x64_sys_openat+0x12d/0x210
[  410.602537][T12828]  ? __pfx___x64_sys_openat+0x10/0x10
[  410.602563][T12828]  do_syscall_64+0x106/0xf80
[  410.602580][T12828]  ? clear_bhb_loop+0x40/0x90
[  410.602597][T12828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.602612][T12828] RIP: 0033:0x7fabc919c799
[  410.602625][T12828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  410.602640][T12828] RSP: 002b:00007fabca0dd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  410.602654][T12828] RAX: ffffffffffffffda RBX: 00007fabc9415fa0 RCX: 00007fabc919c799
[  410.602668][T12828] RDX: 000000000000a001 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  410.602677][T12828] RBP: 00007fabc9232bd9 R08: 0000000000000000 R09: 0000000000000000
[  410.602686][T12828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  410.602694][T12828] R13: 00007fabc9416038 R14: 00007fabc9415fa0 R15: 00007ffc15dc3b28
[  410.602714][T12828]  </TASK>
[  411.176296][T12830] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  411.541438][T12834] sd 0:0:1:0: PR command failed: 1026
[  411.578806][T12834] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  411.585525][T12834] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  411.916073][T12844] bond0: Unable to set down delay as MII monitoring is disabled
[  412.252188][T12865] sd 0:0:1:0: PR command failed: 1026
[  412.324379][T12865] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  412.396853][T12865] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  412.534479][T12879] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1388'.
[  412.685863][T12881] Invalid ELF header magic: != ELF
[  412.743083][T12882] Invalid ELF header magic: != ELF
[  413.151000][T12129] ------------[ cut here ]------------
[  413.156691][T12129] ODEBUG: free active (active state 0) object: ffff8880334a1460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0
[  413.169703][    C0] ------------[ cut here ]------------
[  413.169742][    C0] workqueue: cannot queue hci_devcd_timeout on wq hci0
[  413.169771][    C0] WARNING: kernel/workqueue.c:2270 at __queue_work+0xd08/0x1150, CPU#0: syz.0.1270/12129
[  413.169805][    C0] Modules linked in:
[  413.169847][    C0] CPU: 0 UID: 0 PID: 12129 Comm: syz.0.1270 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  413.169870][    C0] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  413.169876][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  413.169886][    C0] RIP: 0010:__queue_work+0xd0c/0x1150
[  413.169922][    C0] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d d8 5c 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 95 a6 38 00 90 0f 0b 90 e9 b2 f5
[  413.169938][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010046
[  413.169951][    C0] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff11006694286
[  413.169962][    C0] RDX: ffff88807e95a978 RSI: ffffffff8a961f40 RDI: ffffffff90dcb0d0
[  413.169972][    C0] RBP: ffff8880334a1418 R08: 0000000000000005 R09: 0000000000000000
[  413.169982][    C0] R10: 0000000000000100 R11: 0000000000000001 R12: ffff88807e95a800
[  413.169992][    C0] R13: 1ffff92000000f8f R14: ffffffff81cf6510 R15: 0000000000000001
[  413.170002][    C0] FS:  0000000000000000(0000) GS:ffff88812434c000(0000) knlGS:0000000000000000
[  413.170017][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  413.170032][    C0] CR2: 00007f05cab4da08 CR3: 0000000059564000 CR4: 00000000003526f0
[  413.170045][    C0] Call Trace:
[  413.170050][    C0]  <IRQ>
[  413.170062][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  413.170086][    C0]  call_timer_fn+0x19a/0x670
[  413.170103][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  413.170121][    C0]  ? __run_timers+0x560/0xb30
[  413.170137][    C0]  ? __run_timers+0x560/0xb30
[  413.170162][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  413.170191][    C0]  __run_timers+0x570/0xb30
[  413.170212][    C0]  ? __pfx___run_timers+0x10/0x10
[  413.170236][    C0]  ? _raw_spin_lock_irq+0x45/0x50
[  413.170256][    C0]  run_timer_base+0x114/0x190
[  413.170272][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  413.170292][    C0]  run_timer_softirq+0x1a/0x50
[  413.170308][    C0]  handle_softirqs+0x1eb/0x9e0
[  413.170328][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  413.170347][    C0]  __irq_exit_rcu+0xef/0x150
[  413.170363][    C0]  irq_exit_rcu+0x9/0x30
[  413.170378][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  413.170396][    C0]  </IRQ>
[  413.170401][    C0]  <TASK>
[  413.170407][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  413.170425][    C0] RIP: 0010:console_flush_one_record+0xac3/0xe50
[  413.170451][    C0] Code: 00 e8 81 18 29 00 9c 5d 81 e5 00 02 00 00 31 ff 48 89 ee e8 2f 16 21 00 48 85 ed 0f 85 d7 01 00 00 e8 41 1b 21 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 38 00 0f 85 64 03 00 00 48 8b 0c 24 48 8b 6b
[  413.170466][    C0] RSP: 0018:ffffc90004a4f238 EFLAGS: 00000293
[  413.170478][    C0] RAX: ffffffff8f5158b8 RBX: ffffffff8f515860 RCX: ffffffff81e6df51
[  413.170489][    C0] RDX: ffff888026c3bc80 RSI: ffffffff81e6df5f RDI: ffff888026c3bc80
[  413.170499][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  413.170508][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000153e
[  413.170518][    C0] R13: ffffffff8f5158b8 R14: ffffc90004a4f2b8 R15: dffffc0000000000
[  413.170533][    C0]  ? console_flush_one_record+0xab1/0xe50
[  413.170558][    C0]  ? console_flush_one_record+0xabf/0xe50
[  413.170585][    C0]  ? console_flush_one_record+0xabf/0xe50
[  413.170613][    C0]  ? __pfx_console_flush_one_record+0x10/0x10
[  413.170643][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  413.170662][    C0]  console_unlock+0x103/0x260
[  413.170686][    C0]  ? __pfx_console_unlock+0x10/0x10
[  413.170714][    C0]  ? __report_bug.cold+0x7b/0x137
[  413.170739][    C0]  vprintk_emit+0x407/0x6b0
[  413.170765][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  413.170788][    C0]  ? __lock_acquire+0x4a5/0x2630
[  413.170807][    C0]  ? is_bpf_text_address+0x94/0x1a0
[  413.170832][    C0]  ? __report_bug.cold+0x5/0x137
[  413.170855][    C0]  __report_bug.cold+0x7b/0x137
[  413.170875][    C0]  ? debug_print_object+0x18e/0x2a0
[  413.170898][    C0]  ? __pfx___report_bug+0x10/0x10
[  413.170927][    C0]  ? unwind_next_frame+0x3c8/0x1ea0
[  413.170946][    C0]  report_bug_entry+0xe1/0x290
[  413.170962][    C0]  ? debug_print_object+0x19b/0x2a0
[  413.170982][    C0]  handle_bug+0x1c9/0x2a0
[  413.171003][    C0]  exc_invalid_op+0x17/0x50
[  413.171024][    C0]  asm_exc_invalid_op+0x1a/0x20
[  413.171039][    C0] RIP: 0010:debug_print_object+0x19b/0x2a0
[  413.171059][    C0] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 62 be e8 0b 41 56 48 8b 14 dd e0 05 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 61 de 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  413.171074][    C0] RSP: 0018:ffffc90004a4f708 EFLAGS: 00010246
[  413.171086][    C0] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  413.171096][    C0] RDX: ffffffff8c1b0520 RSI: ffffffff8c1b0140 RDI: ffffffff90e440f0
[  413.171106][    C0] RBP: 0000000000000001 R08: ffff8880334a1460 R09: ffffffff8bb2b800
[  413.171116][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b0140
[  413.171126][    C0] R13: ffffffff8bb2b840 R14: ffffffff8a961f40 R15: ffffc90004a4f808
[  413.171137][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.171171][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.171195][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  413.171215][    C0]  debug_check_no_obj_freed+0x4da/0x630
[  413.171243][    C0]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  413.171266][    C0]  ? __page_table_check_zero+0x333/0x410
[  413.171285][    C0]  ? __page_table_check_zero+0x338/0x410
[  413.171304][    C0]  __free_frozen_pages+0x392/0x10d0
[  413.171329][    C0]  hci_release_dev+0x4ef/0x630
[  413.171354][    C0]  ? __pfx_hci_release_dev+0x10/0x10
[  413.171377][    C0]  ? device_release+0x69/0x240
[  413.171394][    C0]  ? rcu_is_watching+0x12/0xc0
[  413.171417][    C0]  ? device_release+0x69/0x240
[  413.171432][    C0]  ? kfree+0x2ec/0x6b0
[  413.171454][    C0]  bt_host_release+0x6a/0xb0
[  413.171471][    C0]  ? __pfx_bt_host_release+0x10/0x10
[  413.171488][    C0]  device_release+0xa4/0x240
[  413.171506][    C0]  kobject_put+0x1f7/0x640
[  413.171529][    C0]  put_device+0x1f/0x30
[  413.171545][    C0]  vhci_release+0x185/0x230
[  413.171571][    C0]  ? __pfx_vhci_release+0x10/0x10
[  413.171596][    C0]  __fput+0x3ff/0xb40
[  413.171618][    C0]  task_work_run+0x150/0x240
[  413.171641][    C0]  ? __pfx_task_work_run+0x10/0x10
[  413.171668][    C0]  do_exit+0x829/0x2aa0
[  413.171692][    C0]  ? __pfx_do_exit+0x10/0x10
[  413.171711][    C0]  ? cgroup_update_frozen_flag+0x107/0x210
[  413.171735][    C0]  ? find_held_lock+0x2b/0x80
[  413.171748][    C0]  ? get_signal+0x184f/0x21e0
[  413.171767][    C0]  do_group_exit+0xd5/0x2a0
[  413.171789][    C0]  get_signal+0x1ec7/0x21e0
[  413.171810][    C0]  ? __asan_memset+0x23/0x50
[  413.171838][    C0]  ? __pfx_get_signal+0x10/0x10
[  413.171855][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  413.171878][    C0]  arch_do_signal_or_restart+0x91/0x770
[  413.171904][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  413.171928][    C0]  ? __x64_sys_clock_nanosleep+0x347/0x480
[  413.171959][    C0]  exit_to_user_mode_loop+0x86/0x4a0
[  413.171981][    C0]  do_syscall_64+0x668/0xf80
[  413.171999][    C0]  ? clear_bhb_loop+0x40/0x90
[  413.172018][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.172033][    C0] RIP: 0033:0x7f934d55cfce
[  413.172046][    C0] Code: Unable to access opcode bytes at 0x7f934d55cfa4.
[  413.172054][    C0] RSP: 002b:00007f934e3d7f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  413.172076][    C0] RAX: fffffffffffffdfc RBX: 00007f934e3d86c0 RCX: 00007f934d55cfce
[  413.172087][    C0] RDX: 00007f934e3d7fb0 RSI: 0000000000000000 RDI: 0000000000000000
[  413.172096][    C0] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  413.172106][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  413.172115][    C0] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  413.172136][    C0]  </TASK>
[  413.172152][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  413.172164][    C0] CPU: 0 UID: 0 PID: 12129 Comm: syz.0.1270 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  413.172187][    C0] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  413.172193][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  413.172202][    C0] Call Trace:
[  413.172207][    C0]  <IRQ>
[  413.172213][    C0]  dump_stack_lvl+0x100/0x190
[  413.172236][    C0]  vpanic+0x552/0x970
[  413.172251][    C0]  ? __pfx_vpanic+0x10/0x10
[  413.172276][    C0]  panic+0xd1/0xe0
[  413.172290][    C0]  ? __pfx_panic+0x10/0x10
[  413.172311][    C0]  ? check_panic_on_warn+0x1f/0x90
[  413.172334][    C0]  check_panic_on_warn.cold+0x19/0x34
[  413.172351][    C0]  ? __queue_work+0xd08/0x1150
[  413.172372][    C0]  __warn.cold+0x191/0x348
[  413.172390][    C0]  __report_bug+0x296/0x3d0
[  413.172405][    C0]  ? __queue_work+0xd08/0x1150
[  413.172428][    C0]  ? __pfx___report_bug+0x10/0x10
[  413.172444][    C0]  ? save_trace+0x212/0x360
[  413.172457][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.172485][    C0]  ? lockdep_unlock+0x5a/0xc0
[  413.172499][    C0]  ? mark_lock+0x402/0xa20
[  413.172516][    C0]  ? do_raw_spin_unlock+0x145/0x1e0
[  413.172542][    C0]  report_bug_entry+0xe1/0x290
[  413.172558][    C0]  ? __queue_work+0xd0c/0x1150
[  413.172580][    C0]  handle_bug+0x1c9/0x2a0
[  413.172604][    C0]  exc_invalid_op+0x17/0x50
[  413.172625][    C0]  asm_exc_invalid_op+0x1a/0x20
[  413.172640][    C0] RIP: 0010:__queue_work+0xd0c/0x1150
[  413.172662][    C0] Code: 00 00 00 fc ff df 49 8d 94 24 78 01 00 00 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 04 04 00 00 48 8d 3d d8 5c 0d 0f 48 8b 75 18 <67> 48 0f b9 3a e9 2a f7 ff ff e8 95 a6 38 00 90 0f 0b 90 e9 b2 f5
[  413.172677][    C0] RSP: 0018:ffffc90000007be8 EFLAGS: 00010046
[  413.172689][    C0] RAX: dffffc0000000000 RBX: 0000000000000100 RCX: 1ffff11006694286
[  413.172699][    C0] RDX: ffff88807e95a978 RSI: ffffffff8a961f40 RDI: ffffffff90dcb0d0
[  413.172709][    C0] RBP: ffff8880334a1418 R08: 0000000000000005 R09: 0000000000000000
[  413.172719][    C0] R10: 0000000000000100 R11: 0000000000000001 R12: ffff88807e95a800
[  413.172729][    C0] R13: 1ffff92000000f8f R14: ffffffff81cf6510 R15: 0000000000000001
[  413.172739][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  413.172767][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.172795][    C0]  ? __queue_work+0xcda/0x1150
[  413.172821][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  413.172844][    C0]  call_timer_fn+0x19a/0x670
[  413.172860][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  413.172878][    C0]  ? __run_timers+0x560/0xb30
[  413.172894][    C0]  ? __run_timers+0x560/0xb30
[  413.172919][    C0]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  413.172942][    C0]  __run_timers+0x570/0xb30
[  413.172963][    C0]  ? __pfx___run_timers+0x10/0x10
[  413.172988][    C0]  ? _raw_spin_lock_irq+0x45/0x50
[  413.173006][    C0]  run_timer_base+0x114/0x190
[  413.173023][    C0]  ? __pfx_run_timer_base+0x10/0x10
[  413.173042][    C0]  run_timer_softirq+0x1a/0x50
[  413.173058][    C0]  handle_softirqs+0x1eb/0x9e0
[  413.173077][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  413.173097][    C0]  __irq_exit_rcu+0xef/0x150
[  413.173112][    C0]  irq_exit_rcu+0x9/0x30
[  413.173127][    C0]  sysvec_apic_timer_interrupt+0xa3/0xc0
[  413.173144][    C0]  </IRQ>
[  413.173150][    C0]  <TASK>
[  413.173155][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  413.173173][    C0] RIP: 0010:console_flush_one_record+0xac3/0xe50
[  413.173198][    C0] Code: 00 e8 81 18 29 00 9c 5d 81 e5 00 02 00 00 31 ff 48 89 ee e8 2f 16 21 00 48 85 ed 0f 85 d7 01 00 00 e8 41 1b 21 00 fb 4c 89 e8 <48> c1 e8 03 42 80 3c 38 00 0f 85 64 03 00 00 48 8b 0c 24 48 8b 6b
[  413.173213][    C0] RSP: 0018:ffffc90004a4f238 EFLAGS: 00000293
[  413.173224][    C0] RAX: ffffffff8f5158b8 RBX: ffffffff8f515860 RCX: ffffffff81e6df51
[  413.173235][    C0] RDX: ffff888026c3bc80 RSI: ffffffff81e6df5f RDI: ffff888026c3bc80
[  413.173245][    C0] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  413.173254][    C0] R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000153e
[  413.173263][    C0] R13: ffffffff8f5158b8 R14: ffffc90004a4f2b8 R15: dffffc0000000000
[  413.173279][    C0]  ? console_flush_one_record+0xab1/0xe50
[  413.173303][    C0]  ? console_flush_one_record+0xabf/0xe50
[  413.173330][    C0]  ? console_flush_one_record+0xabf/0xe50
[  413.173361][    C0]  ? __pfx_console_flush_one_record+0x10/0x10
[  413.173391][    C0]  ? is_printk_cpu_sync_owner+0x32/0x40
[  413.173410][    C0]  console_unlock+0x103/0x260
[  413.173434][    C0]  ? __pfx_console_unlock+0x10/0x10
[  413.173462][    C0]  ? __report_bug.cold+0x7b/0x137
[  413.173486][    C0]  vprintk_emit+0x407/0x6b0
[  413.173511][    C0]  ? __pfx_vprintk_emit+0x10/0x10
[  413.173535][    C0]  ? __lock_acquire+0x4a5/0x2630
[  413.173553][    C0]  ? is_bpf_text_address+0x94/0x1a0
[  413.173576][    C0]  ? __report_bug.cold+0x5/0x137
[  413.173600][    C0]  __report_bug.cold+0x7b/0x137
[  413.173620][    C0]  ? debug_print_object+0x18e/0x2a0
[  413.173641][    C0]  ? __pfx___report_bug+0x10/0x10
[  413.173664][    C0]  ? unwind_next_frame+0x3c8/0x1ea0
[  413.173682][    C0]  report_bug_entry+0xe1/0x290
[  413.173699][    C0]  ? debug_print_object+0x19b/0x2a0
[  413.173718][    C0]  handle_bug+0x1c9/0x2a0
[  413.173739][    C0]  exc_invalid_op+0x17/0x50
[  413.173760][    C0]  asm_exc_invalid_op+0x1a/0x20
[  413.173775][    C0] RIP: 0010:debug_print_object+0x19b/0x2a0
[  413.173795][    C0] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d 62 be e8 0b 41 56 48 8b 14 dd e0 05 1b 8c 4c 89 e6 <67> 48 0f b9 3a 58 83 05 4c 61 de 0b 01 48 83 c4 18 5b 5d 41 5c 41
[  413.173810][    C0] RSP: 0018:ffffc90004a4f708 EFLAGS: 00010246
[  413.173821][    C0] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000
[  413.173831][    C0] RDX: ffffffff8c1b0520 RSI: ffffffff8c1b0140 RDI: ffffffff90e440f0
[  413.173841][    C0] RBP: 0000000000000001 R08: ffff8880334a1460 R09: ffffffff8bb2b800
[  413.173851][    C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8c1b0140
[  413.173861][    C0] R13: ffffffff8bb2b840 R14: ffffffff8a961f40 R15: ffffc90004a4f808
[  413.173872][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.173914][    C0]  ? __pfx_hci_devcd_timeout+0x10/0x10
[  413.173942][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  413.173961][    C0]  debug_check_no_obj_freed+0x4da/0x630
[  413.173989][    C0]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  413.174012][    C0]  ? __page_table_check_zero+0x333/0x410
[  413.174031][    C0]  ? __page_table_check_zero+0x338/0x410
[  413.174049][    C0]  __free_frozen_pages+0x392/0x10d0
[  413.174073][    C0]  hci_release_dev+0x4ef/0x630
[  413.174097][    C0]  ? __pfx_hci_release_dev+0x10/0x10
[  413.174120][    C0]  ? device_release+0x69/0x240
[  413.174136][    C0]  ? rcu_is_watching+0x12/0xc0
[  413.174159][    C0]  ? device_release+0x69/0x240
[  413.174174][    C0]  ? kfree+0x2ec/0x6b0
[  413.174194][    C0]  bt_host_release+0x6a/0xb0
[  413.174211][    C0]  ? __pfx_bt_host_release+0x10/0x10
[  413.174228][    C0]  device_release+0xa4/0x240
[  413.174246][    C0]  kobject_put+0x1f7/0x640
[  413.174273][    C0]  put_device+0x1f/0x30
[  413.174290][    C0]  vhci_release+0x185/0x230
[  413.174314][    C0]  ? __pfx_vhci_release+0x10/0x10
[  413.174339][    C0]  __fput+0x3ff/0xb40
[  413.174364][    C0]  task_work_run+0x150/0x240
[  413.174393][    C0]  ? __pfx_task_work_run+0x10/0x10
[  413.174420][    C0]  do_exit+0x829/0x2aa0
[  413.174443][    C0]  ? __pfx_do_exit+0x10/0x10
[  413.174462][    C0]  ? cgroup_update_frozen_flag+0x107/0x210
[  413.174484][    C0]  ? find_held_lock+0x2b/0x80
[  413.174498][    C0]  ? get_signal+0x184f/0x21e0
[  413.174515][    C0]  do_group_exit+0xd5/0x2a0
[  413.174537][    C0]  get_signal+0x1ec7/0x21e0
[  413.174553][    C0]  ? __asan_memset+0x23/0x50
[  413.174579][    C0]  ? __pfx_get_signal+0x10/0x10
[  413.174597][    C0]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  413.174620][    C0]  arch_do_signal_or_restart+0x91/0x770
[  413.174640][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  413.174664][    C0]  ? __x64_sys_clock_nanosleep+0x347/0x480
[  413.174694][    C0]  exit_to_user_mode_loop+0x86/0x4a0
[  413.174716][    C0]  do_syscall_64+0x668/0xf80
[  413.174734][    C0]  ? clear_bhb_loop+0x40/0x90
[  413.174753][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.174768][    C0] RIP: 0033:0x7f934d55cfce
[  413.174780][    C0] Code: Unable to access opcode bytes at 0x7f934d55cfa4.
[  413.174787][    C0] RSP: 002b:00007f934e3d7f58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  413.174802][    C0] RAX: fffffffffffffdfc RBX: 00007f934e3d86c0 RCX: 00007f934d55cfce
[  413.174813][    C0] RDX: 00007f934e3d7fb0 RSI: 0000000000000000 RDI: 0000000000000000
[  413.174822][    C0] RBP: 00007f934d632bd9 R08: 0000000000000000 R09: 0000000000000000
[  413.174832][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  413.174841][    C0] R13: 00007f934d816038 R14: 00007f934d815fa0 R15: 00007ffdad62f238
[  413.174861][    C0]  </TASK>
[  413.174927][    C0] Kernel Offset: disabled