last executing test programs:

15m46.612931033s ago: executing program 2 (id=4682):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
socket(0x2, 0x2, 0x0)
open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x160)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
socketpair$auto(0x1, 0x2, 0x7fd, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
setsockopt$auto(0x3, 0x0, 0xa, 0x0, 0x10000)

15m45.776765381s ago: executing program 2 (id=4684):
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, 0x0, 0x20000010)
syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58)
readv$auto(0x3, 0x0, 0x7)
get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1)
socket(0x5, 0x4, 0x1)
r0 = open(0x0, 0x800, 0x140)
getdents$auto(r0, 0x0, 0x18)

15m45.277179992s ago: executing program 2 (id=4689):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a8", 0x163)
r1 = socket(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000003b40)={'xfrm0\x00', <r2=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r2], 0x1ac}}, 0x40001)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4040044}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x60, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000080), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

15m45.022745993s ago: executing program 2 (id=4691):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

15m44.586521665s ago: executing program 2 (id=4692):
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, <r0=>0x5f, 0x0, 0x3}, 0x6f3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xffffeffe, 0x2)
pipe$auto(0x0)
socket(0xa, 0x3, 0xff)
pipe$auto(0x0)
bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff}, 0xd)
bpf$auto(0x2, &(0x7f0000000080)=@bpf_attr_3={0x5, 0x0, 0x702955be, 0x40000, 0x4, 0x5, 0x80, 0xe4, 0xfffff800, "0566c8ee7c78a925488276d7697a12bd", 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x9, 0x4, 0x7, 0x10001, 0x0, 0x8001, @attach_prog_fd, 0x7e, 0x4, 0x1, 0x5, 0x3}, 0x5)

15m43.814093957s ago: executing program 2 (id=4697):
socket(0x11, 0x80003, 0x300)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)

15m43.464440522s ago: executing program 32 (id=4697):
socket(0x11, 0x80003, 0x300)
socket(0x11, 0x80003, 0x300)
r0 = socket(0x10, 0x2, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb)

15m36.409678388s ago: executing program 1 (id=4733):
mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="00000000b6"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80002, 0x73)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

15m35.534201173s ago: executing program 1 (id=4735):
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, 0x0, 0x505100, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
sysfs$auto(0x2, 0x1e, 0x0)
ioctl$auto_TUNSETVNETLE2(r0, 0x400454dc, 0x0)
write$auto(0x3, 0x0, 0xfdf3)

15m34.971807808s ago: executing program 1 (id=4739):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x12b742, 0x0)
ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, 0x0)
io_uring_setup$auto(0xc, 0x0)
read$auto(0x3, 0x0, 0x80)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/008/001\x00', 0x204080, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/default_smp_affinity\x00', 0x40000, 0x0)

15m34.558019636s ago: executing program 1 (id=4742):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
mkdir$auto(0x0, 0x353)

15m34.26040074s ago: executing program 1 (id=4744):
mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)

15m33.670203314s ago: executing program 1 (id=4749):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r0 = socket(0x29, 0x5, 0x0)
write$auto(0x3, 0x0, 0x100082)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r0, 0x0, 0x2004081)
write$auto(0x3, 0x0, 0x1e)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)

15m33.237200814s ago: executing program 33 (id=4749):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
r0 = socket(0x29, 0x5, 0x0)
write$auto(0x3, 0x0, 0x100082)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REQ_SET_REG(r0, 0x0, 0x2004081)
write$auto(0x3, 0x0, 0x1e)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)

15m9.954042537s ago: executing program 4 (id=4922):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x9000aea4, &(0x7f0000000040)={0x7})

15m9.549724146s ago: executing program 4 (id=4925):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x5, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000083, 0x402}]})

15m9.260006854s ago: executing program 4 (id=4927):
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@inferred, 0x85, 0x3, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x8}, 0x0, @integer=@value=[0xedc, 0x1, 0x80, 0x2, 0xfffffffffffffff9, 0x7, 0x10001, 0x9, 0x200, 0x8, 0x40df, 0x9, 0x6, 0xfffffffffffffffc, 0x200, 0x88, 0x7, 0xffffffffffffb42b, 0x9b1, 0x4, 0x5, 0x1, 0x53, 0x0, 0xbbd, 0x8, 0x4, 0xfff, 0x7, 0x9, 0x3, 0x5, 0x0, 0x6, 0x6, 0x7fffffffffffffff, 0xd4, 0x8, 0xfcf, 0x304, 0x696, 0x3c, 0x3, 0x80000000, 0x5, 0x351, 0xad, 0x1000, 0x3ff, 0x50, 0x4, 0x3, 0xf1, 0x1, 0x8, 0xfffffffffffffff5, 0x2, 0x8000000000000000, 0x2, 0xffff, 0xa, 0xfffffffffffffffe, 0x7f, 0xfffffffffffffff4, 0x4, 0x574, 0x2, 0x2, 0x0, 0x80, 0x9, 0xa8, 0x3, 0x9, 0x0, 0x2, 0x3, 0xd96d, 0x8, 0xba, 0x5, 0xfffffffffffff85f, 0x100000001, 0x1, 0x4, 0x2e, 0x7, 0x1000, 0x7d, 0xe30, 0xc907, 0x2, 0x2, 0x0, 0xe5, 0x3ff, 0x0, 0x7f, 0xffffffff, 0x3f7e476d, 0xb, 0x5, 0xd95a, 0xa, 0x81, 0xce73, 0x9, 0x19a, 0xa, 0x26, 0xfffffffffffffffd, 0xffffffffffffffff, 0xffffffff, 0x4, 0x101, 0x8, 0x1, 0x0, 0x7, 0xd, 0xffffffff, 0x7fffffff, 0x4, 0x9, 0x0, 0x10000000ffff, 0x1, 0x9], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"})
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40100, 0x0)
pread64$auto(r1, 0x0, 0x10001, 0x830)
writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3)

15m9.081083399s ago: executing program 4 (id=4929):
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000084, 0x400, 0x718c1257}]})

15m8.825712781s ago: executing program 4 (id=4933):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r0 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e)
ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0)
rename$auto(&(0x7f0000000480)='./file0\x00', 0x0)

15m8.695212695s ago: executing program 4 (id=4936):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
read$auto(0x3, 0x0, 0x7fffffff)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x1a1000, 0x0)
unshare$auto(0x40000080)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
getsockopt$auto_SO_TYPE(0xffffffffffffffff, 0x4, 0x3, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', &(0x7f0000000140)=0x30000000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x1)

14m53.531538255s ago: executing program 34 (id=4936):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
read$auto(0x3, 0x0, 0x7fffffff)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x1a1000, 0x0)
unshare$auto(0x40000080)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4400ae8f, &(0x7f00000000c0)={0xdd})
getsockopt$auto_SO_TYPE(0xffffffffffffffff, 0x4, 0x3, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', &(0x7f0000000140)=0x30000000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x0, 0xfffffffffffefffd, 0x1)

2m4.559989091s ago: executing program 5 (id=8979):
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x0, 0x0)
pread64$auto(r0, 0x0, 0x101, 0x103)
read$auto_mon_fops_text_t_mon_text(r0, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x1e, 0x1, 0x0)
getsockname$auto(r1, &(0x7f0000000000), &(0x7f0000000040)=0x3)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
write$auto(0xffffffffffffffff, 0x0, 0x1a)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xa, 0x5, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0)
open(&(0x7f0000000040)='./file1\x00', 0x165840, 0x151)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(r2, &(0x7f00000001c0)={{0x0, 0x1aa, 0x0, 0x6, 0x0, 0x0, 0x1002}, 0x5}, 0x2, 0x100)
bpf$auto(0xf7fff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfaae, 0x468, 0x9, 0x2, 0x8, 0x3, 0x4, 0x1ff, 0x5, 0xb5, 0x4, 0x806, 0xd9ee}, 0xa3)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1)

2m3.685211786s ago: executing program 5 (id=8984):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
readv$auto(r0, &(0x7f0000000240)={0x0, 0x4}, 0x6)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r2, 0xc0185500, 0x0)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202202, 0x0)
bind$auto(r1, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, 0x0, 0x68)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000300)=0x8)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000080)={{@raw=0x4, 0x7ff, 0xa, 0xb, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb"}, 0xfffffffc, 0xfffffffe, 0x2, @raw=0x31c7bc85, @reserved="d780cd0831772d961e41c9b82e8c2128a971977a24ac5032bc22427a602d8942581523a8e3a9454770bef7a15b6003815128a7f0cd875625eb2debb4d3c53710fe55ac5de3dfd7f697605139b00044e092aa6a6472fcf8e962c0061ba4458be4651a644f1873aee4dfe7fbadb980718f5ba5c440ba162cea3377e140abd2db9f", "18a817f26a5c7f8773b2dbc01ac4bd5359eeadc8357752b72fa176254d8797cdffd02539e383a07983eeddcd24b626f54ad9d763dcdc91a4af8b7c848ceb55a7"})

2m2.696697502s ago: executing program 5 (id=8989):
r0 = socket(0x2, 0x0, 0x0)
setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000080)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone3(&(0x7f0000000340)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0)
read$auto(r1, 0x0, 0x39b8)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0)
syz_genetlink_get_family_id$auto_mac802154_hwsim(0x0, 0xffffffffffffffff)
r2 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, 0x0, 0x200, 0x0)
fanotify_mark$auto(r2, 0x72d, 0x2, 0xffffffffffffffff, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x0, 0x0)
openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
read$auto(r0, 0x0, 0x2)

1m59.84064457s ago: executing program 5 (id=8997):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
r0 = openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy12/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x21880, 0x0)
getsockopt$auto_SO_MEMINFO(r0, 0x8, 0x37, &(0x7f0000000040)='\x00', &(0x7f00000001c0)=0x1)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2000007, 0x3, 0xeb4, r0, 0x8000)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x48, 0x400, 0x1f}]})
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004)
futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0)
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa})
ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0)
writev$auto(r2, &(0x7f0000000340)={0x0, 0x500000}, 0x9)

1m58.866377961s ago: executing program 5 (id=9002):
socket(0xa, 0x1, 0x84)
connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
madvise$auto(0x0, 0x2000040080000004, 0xe)
read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000e80)=""/206, 0xe2)
mmap$auto(0x5, 0x4020009, 0x6, 0xeb4, 0x401, 0xdb)
ioctl$auto(0xffffffffffffffff, 0x90006441, 0xc35)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000)
r1 = getpgid(0x0)
rt_tgsigqueueinfo$auto(0xffffffffffffffff, r1, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r1, 0x0, 0x401, 0x5, 0x3}}})
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40)
execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000500)='\xac\x00', 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
write$auto(0xca, &(0x7f0000000000)='\x04>\x01\x01\x00\x00\x00\x01\x00\xb6', 0x7f)
syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r3=>0x0})
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00'})
sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES32=r3, @ANYBLOB="0c00018008"], 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0xc050)

1m56.960969595s ago: executing program 5 (id=9006):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket(0x2, 0x5, 0x0)
listen$auto(0x3, 0x81)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/sctp/eps\x00', 0x280, 0x0)
pread64$auto(r0, 0x0, 0x5, 0x8d)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r2, 0x4b65, 0x1)

1m41.775273235s ago: executing program 35 (id=9006):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
socket(0x2, 0x5, 0x0)
listen$auto(0x3, 0x81)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/sctp/eps\x00', 0x280, 0x0)
pread64$auto(r0, 0x0, 0x5, 0x8d)
r1 = socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
recvmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r2, 0x4b65, 0x1)

1m9.458446038s ago: executing program 0 (id=9129):
mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/irq/6/smp_affinity_list\x00', 0xe0182, 0x0)
readv$auto(r0, &(0x7f0000000140)={0x0, 0x8}, 0x200000000080003)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/pagetypeinfo\x00', 0x109040, 0x0)
ioctl$auto_FS_IOC_RESVSP(r1, 0x40305828, 0x4)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/rose8/address\x00', 0x752502, 0x0)
arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/kexec_load_limit_panic\x00', 0x101202, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)

1m7.895073665s ago: executing program 0 (id=9133):
r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r1 = io_uring_setup$auto(0x5, 0x0)
mknod$auto(0x0, 0x1081, 0x9)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/netfs/volumes\x00', 0x40080, 0x0)
pread64$auto(r2, 0x0, 0x8100000041, 0x413e)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
open(&(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x880c2, 0x95)
close_range$auto(0x2, r1, 0x0)
socket(0x2, 0x80000, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x4, 0x0)
get_robust_list$auto(0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r3)
sendmsg$auto_TIPC_NL_NET_SET(r3, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000040)={0x20, r4, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x2)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14)
sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000340)={0x2c, r0, 0x1, 0x70bd2a, 0x25dfdc01, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x80000)

1m6.986538514s ago: executing program 0 (id=9137):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0xa, 0x2, 0x0)
connect$auto(0xffffffffffffffff, 0x0, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/mem\x00', 0x20401, 0x0)
write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80000)
syz_clone3(0x0, 0x0)
madvise$auto(0x1ffff000, 0x7, 0x100000000)
sysfs$auto(0x2, 0x20, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x261c2, 0x84)
ioperm$auto(0x7, 0x6, 0x2)

1m5.837837253s ago: executing program 0 (id=9141):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000a17, 0x401, 0x200000000000000)
mmap$auto(0xfffffffffffffffa, 0x1, 0xdf, 0xeb1, 0x401, 0x8003)
rseq$auto(0x0, 0x1a, 0xffff, 0x0)
mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x800, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0)
syz_genetlink_get_family_id$auto_nfc(0x0, r1)
sendmsg$auto_NFC_CMD_DISABLE_SE(r0, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x5, 0x0)
socket(0x11, 0x3, 0x9)

1m4.709734743s ago: executing program 0 (id=9144):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x2, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0)
sendfile$auto(r3, r3, 0x0, 0x6)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0)
read$auto(r4, 0x0, 0x8000)
pwrite64$auto(r4, &(0x7f0000000040)='/dev/net/tun\x00', 0x2, 0x1000000002)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x4a083, 0x0)
ioctl$auto_BLKRRPART(r5, 0x125f, 0x0)

57.292202037s ago: executing program 0 (id=9155):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x2480, 0x0)
syz_clone(0x4000, &(0x7f00000002c0)="f03f0b0be4f2597d8b11ed14dfa636bad65cae9c0d21", 0x16, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio1/rate\x00', 0x2, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x2a02c0, 0x0)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r3 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r3}, 0x6f4)
write$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r1, r4, 0x0, 0x1)

41.983225595s ago: executing program 36 (id=9155):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x2480, 0x0)
syz_clone(0x4000, &(0x7f00000002c0)="f03f0b0be4f2597d8b11ed14dfa636bad65cae9c0d21", 0x16, 0x0, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/i8042/serio1/rate\x00', 0x2, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x2a02c0, 0x0)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r3 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0)
bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x0, 0x80000001, r3}, 0x6f4)
write$auto(0xffffffffffffffff, 0x0, 0x6)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r1, r4, 0x0, 0x1)

40.939974874s ago: executing program 7 (id=9187):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg1\x00', 0x180443, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0)
socket(0x10, 0x2, 0x14)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
eventfd$auto(0x3)
pipe$auto(0x0)
socketpair$auto(0x1e, 0x1, 0x4, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r0, 0x404c4701, 0x0)

40.277010648s ago: executing program 7 (id=9191):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x180483, 0x0)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0)
openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x9, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
eventfd$auto(0x3)
eventfd$auto(0x3)
pipe$auto(0x0)
socketpair$auto(0x1e, 0x1, 0x4, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0)
ioctl$auto_TCFLSH2(r0, 0x40204706, 0x0)

39.699353723s ago: executing program 7 (id=9192):
syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
getsockopt$auto_SO_RCVTIMEO_NEW(0xffffffffffffffff, 0x6f547d3b, 0x42, &(0x7f0000000100)='@\x00', &(0x7f0000000140)=0x5)
socket(0x15, 0x5, 0x7)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
madvise$auto(0x110c230000, 0x1, 0x9)
getrandom$auto(0x0, 0x3, 0x80000001)
statmount$auto(0x0, &(0x7f0000000180)={0x9, 0xfffffffe, 0x44f, 0xa, 0x10, 0x1007181, 0x0, 0x62, 0x7, 0x800, 0x0, 0x26, 0x4, 0x200003fffffe, 0xfffffffffffffff5, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x862, 0xf, 0x22002, 0x200, 0x0, 0x62f, 0x6, 0x0, 0x0, 0x0, 0xb626, [0xfffffffffffffffe, 0xffffffffffff04ef, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9e, 0x0, 0xa7, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x40, 0x81, 0x8a0, 0xb, 0x81, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100002, 0x0, 0x3ff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4000000000000]}, 0x800000000000b, 0xbc)
ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd0c, &(0x7f00000001c0))
getdents64$auto(0xffffffffffffffff, &(0x7f0000000000)={0xa55, 0x3, 0x4, 0x63, "7b8fad86ef4179e8c22b06762de13475b3cc10975cd1aa1d"}, 0x1)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa)
clone$auto(0x1, 0x40000000003e, 0x0, 0x0, 0x40000009)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x2)
getdents64$auto(r0, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8)
msync$auto(0x110c230000, 0x200001, 0x6)

36.924226745s ago: executing program 7 (id=9196):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000a17, 0x401, 0x200000000000000)
mmap$auto(0xfffffffffffffffa, 0x1, 0xdf, 0xeb1, 0x401, 0x8003)
rseq$auto(0x0, 0x1a, 0xffff, 0x0)
mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x800, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x802, 0x0)
syz_genetlink_get_family_id$auto_nfc(0x0, r1)
sendmsg$auto_NFC_CMD_DISABLE_SE(r0, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x80002, 0x73)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
socket(0x2, 0x5, 0x0)
socket(0x11, 0x3, 0x9)

35.164277113s ago: executing program 7 (id=9199):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f0000000300)="632d1bfe595046ab5c40bd6163307acb6501baef", 0x14)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0x2003f2, 0x15)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084)
shmdt$auto(&(0x7f00000001c0)='\x00')
madvise$auto(0x0, 0x200007, 0x19)
statmount$auto(0x0, &(0x7f0000000440)={0xc, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065f, 0x1ffdb, 0x40007, 0x40000000007f, 0x20000005, 0x8, 0x3, 0x6, 0x1, 0xb4, 0x7, 0x6, 0x2, 0x1, 0xfff, 0xfffffff7, 0xb78, 0xc, 0x203, 0x1, 0x84, 0x2, 0x0, 0x5, 0x0, 0x0, [0x67c, 0x0, 0x0, 0x40000000000, 0x1, 0x7, 0xfffffffffffffffc, 0x0, 0x8, 0x10000003, 0x0, 0x401, 0x0, 0x0, 0x7, 0x0, 0x81, 0x9e, 0x0, 0x0, 0x10, 0x1, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x0, 0x251, 0x3, 0x0, 0x0, 0x9, 0x6, 0xfffffffffffff7cb, 0x0, 0x400000000000002, 0x0, 0x0, 0x0, 0x8000000, 0x8, 0x0, 0x6]}, 0x1fe, 0x408)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x181c01, 0x0)
listmount$auto(0x0, 0xffffffffffffffff, 0x3, 0x1)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]})
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8e40, 0x0)
ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
socket(0x1d, 0x1, 0x7fff)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, 0x0, 0x100000a3d9)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, 0x0)
setitimer$auto(0x4, &(0x7f0000000000)={{0x1ff, 0x10001}, {0x200000000004, 0x6}}, 0x0)

33.07044275s ago: executing program 7 (id=9204):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
readv$auto(r0, &(0x7f0000000240)={0x0, 0x4}, 0x6)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202202, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, 0x0, 0x68)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000300)=0x8)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000080)={{@raw=0x4, 0x7ff, 0xa, 0xb, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb"}, 0xfffffffc, 0xfffffffe, 0x2, @raw=0x31c7bc85, @reserved="d780cd0831772d961e41c9b82e8c2128a971977a24ac5032bc22427a602d8942581523a8e3a9454770bef7a15b6003815128a7f0cd875625eb2debb4d3c53710fe55ac5de3dfd7f697605139b00044e092aa6a6472fcf8e962c0061ba4458be4651a644f1873aee4dfe7fbadb980718f5ba5c440ba162cea3377e140abd2db9f", "18a817f26a5c7f8773b2dbc01ac4bd5359eeadc8357752b72fa176254d8797cdffd02539e383a07983eeddcd24b626f54ad9d763dcdc91a4af8b7c848ceb55a7"})

17.822250978s ago: executing program 37 (id=9204):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
readv$auto(r0, &(0x7f0000000240)={0x0, 0x4}, 0x6)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, 0x0)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/ati_remote2/parameters/channel_mask\x00', 0x1e1842, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202202, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, 0x0, 0x68)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000300)=0x8)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000080)={{@raw=0x4, 0x7ff, 0xa, 0xb, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb"}, 0xfffffffc, 0xfffffffe, 0x2, @raw=0x31c7bc85, @reserved="d780cd0831772d961e41c9b82e8c2128a971977a24ac5032bc22427a602d8942581523a8e3a9454770bef7a15b6003815128a7f0cd875625eb2debb4d3c53710fe55ac5de3dfd7f697605139b00044e092aa6a6472fcf8e962c0061ba4458be4651a644f1873aee4dfe7fbadb980718f5ba5c440ba162cea3377e140abd2db9f", "18a817f26a5c7f8773b2dbc01ac4bd5359eeadc8357752b72fa176254d8797cdffd02539e383a07983eeddcd24b626f54ad9d763dcdc91a4af8b7c848ceb55a7"})

16.708329371s ago: executing program 8 (id=9234):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
readv$auto(r0, &(0x7f0000000240)={0x0, 0x4}, 0x6)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/040/001\x00', 0x802, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r2, 0xc0185500, 0x0)
unshare$auto(0x40000080)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x202202, 0x0)
bind$auto(r1, 0x0, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, 0x0, 0x68)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000300)=0x8)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000080)={{@raw=0x4, 0x7ff, 0xa, 0xb, "26d718b7d3ee69350e4ede7079dcb0c24c8aa1e3c7ee2e00308b8a7d74b0a707f7045e6d035b196ca83379bb"}, 0xfffffffc, 0xfffffffe, 0x2, @raw=0x31c7bc85, @reserved="d780cd0831772d961e41c9b82e8c2128a971977a24ac5032bc22427a602d8942581523a8e3a9454770bef7a15b6003815128a7f0cd875625eb2debb4d3c53710fe55ac5de3dfd7f697605139b00044e092aa6a6472fcf8e962c0061ba4458be4651a644f1873aee4dfe7fbadb980718f5ba5c440ba162cea3377e140abd2db9f", "18a817f26a5c7f8773b2dbc01ac4bd5359eeadc8357752b72fa176254d8797cdffd02539e383a07983eeddcd24b626f54ad9d763dcdc91a4af8b7c848ceb55a7"})

13.445839977s ago: executing program 8 (id=9238):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
select$auto(0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x7, 0x0)
close_range$auto(0x0, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000)
futex$auto(&(0x7f0000000080)=0xfffffffa, 0xc, 0x1, 0x0, 0x0, 0xfffffffa)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x240007, 0x19)
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x1, 0x0)
sysfs$auto(0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'macvtap0\x00'})

11.362028149s ago: executing program 8 (id=9239):
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$auto_KVM_GET_MSRS(r1, 0x4068aea3, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
timer_create$auto(0x803, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0)
memfd_secret$auto(0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20100, 0x0)
preadv2$auto(r2, &(0x7f0000000200)={0x0, 0x80000000009}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0)
ioctl$auto(0x3, 0x402c542d, r3)
write$auto(0x3, 0x0, 0xfffffdef)

8.761549117s ago: executing program 8 (id=9242):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2, 0x3, 0xa)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000180)=@in={0x2, 0x4e20, @broadcast}, 0x1a)
mlockall$auto(0x7)
write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000000)="11fac598fd55155661037b61efd9839121e60b8fdd7bb985f5bedc99", 0x1c)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0)
pwrite64$auto(r1, 0x0, 0x0, 0x2000000000040007)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
tgkill$auto(0x0, 0x0, 0x11)
readv$auto(0x3, 0x0, 0x7)

6.109546894s ago: executing program 8 (id=9247):
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d})
ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
ioctl$auto_RNDRESEEDCRNG2(r0, 0x5207, 0x99)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
unshare$auto(0x40000080)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
mmap$auto(0x1002, 0xc, 0x4, 0x200000eb0, 0x401, 0x1)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
select$auto(0x1000000d, 0x0, 0x0, 0x0, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0)
getpid()
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408)
write$auto(r1, 0x0, 0xfffffdf1)
linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000)
mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862)
utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0)
mprotect$auto(0x0, 0x8000000000000001, 0x8)

5.86326985s ago: executing program 9 (id=9231):
socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop15\x00', 0x6600, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
socket(0xa, 0x5, 0x84)
socket(0x2, 0x2, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
pipe$auto(0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0)
openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0)
socketpair$auto(0x800001, 0x2, 0x615e, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
open(0x0, 0x22240, 0x55)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0xc8e03, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0)
ioctl$auto(0x3, 0x80106f53, r0)

5.662232682s ago: executing program 6 (id=9249):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
readv$auto(r0, 0x0, 0x5)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto(0xffffffffffffffff, 0xc01070ce, 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x4000000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x6)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0)
io_uring_setup$auto(0x6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xde, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

5.400589722s ago: executing program 9 (id=9250):
r0 = socket(0x2, 0x1, 0x106)
select$auto(0x32, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x2, 0x1, 0x106)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
set_mempolicy$auto(0x2, 0x0, 0x4)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d)
mmap$auto(0x800000, 0x20000a00006, 0x100, 0x91, 0xffffffffffffffff, 0x2ffffffffffe)
r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r3, 0x80085502, 0x0)
mmap$auto(0x0, 0x400008, 0x0, 0x9b72, 0x2, 0x8000)
syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000580), r2)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r1, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0xc0}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x840}, 0x1)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r4 = socket(0x2, 0x1, 0x106)
bind$auto(r4, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
connect$auto(r0, &(0x7f0000000000)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55)

4.545723126s ago: executing program 3 (id=9251):
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, r0, 0x0)
r2 = socket(0x10, 0x2, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r3)
read$auto(r3, &(0x7f0000000000)='\x00', 0x91e2)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk\x00', 0xda25b84c77eeb07c, 0x0)
fanotify_init$auto(0x65, 0x2)
socket(0x22, 0x3, 0x0)
socket(0xa, 0x5, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth1_macvtap/ioam6_id_wide\x00', 0x169002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050)
write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef)

4.339557552s ago: executing program 9 (id=9252):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x11, 0x800, 0x800000d)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x450481, 0x0)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x5b020f7d7a84fe6e)
unshare$auto(0x40000080)
socket(0x2, 0x3, 0x100)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r0)
sendmsg$auto_NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="74bec700", @ANYRES16=0x0, @ANYBLOB="000429bd7000fedbdf2554000000050060000000000005001d00dd00000043032a00266588d8804fd89fe7ad92e487f3faa62c3b57331a027d1dfe7b53c02b0ccaeb2ebefde8b1cbc734e5ac5dd332a51da438234e7d570d2bd6ece31410a98c9515fa4ec838636e5f856bb42188e12283079c2799890c0492d7e95e19075904042cbb86ecf69e27efb03ee2e1310ced4e34f6803332bdef77c1c17ba4c5a62f116584ee2e2c1083bf380c23e592b553feee95e9b0e62bb86034b8bbda7662ffba2c30a8434235b37166c06725819d63578bfe042da2e673b32efae8f303f495986c17a9d195da728f784a54607b3bd483c2cee60c2f88238aa1bc3bd9a0db24f3ad1c4df92262b4832474466b401a98eeef3badb53a6f446eb48ce32afe1fe8f9579a37ed9403aa5f9e3e111fd342d23a12c1e0a97ed7c0cdbf7dd8fa8a66053202f3a9d75afbb8e9c6300aea72b209c0e6b13b3b5865f5299c65d060ea3f294f5b9d793f944d4842aa7ad4ac3802eba33f08ce17cd840991f76c2d4f94437245f967e137075649e9c14b17990601c29ac91218251b46cf88c1b4a6394bf31a323256ab9504240f4378682244ad977af34f21c833ae032684d4bc5d0e3f46803862e9daa9972e13db5f3ab727540d34a4791583f203b5c2393095cb01e03e78560cdc34d17aa13a122fb82cec8d033ac3966c17d43f84b4b586d3baa456f4c97e577da851537725de8b2d142d9dcd653fbc7fbfbb5bdd347e2ae5070069f7c49fff8905b36f36415e4eefb4fe5a3c7beea0df89d859088818d9012638d2e9cc6f45d594f9c62fc6c1e8cc48a08ba551772bf11a28c1254426ee77f96efa92d189e412419d2dd63b993dac239638f43dc41c04aa5ffaff1b56fc1a4f75dcafb3a7c9a490a7981d5da978a5ff12d6883e187234bf14510ad366e83d9fd8c413ccadc9881000d7e60e046e6e11796bf110be6a55a429ed124fe52f5c7c33ed3a2d8fed9eea00961c63abf089dde5ef61c987d48a8364b69cc1ebc5be53bf805811605fff027a912aa573781377fc0ecd8cad4c8c0f668e6a18fbd3ab5cf193bd14a047859a44e4c243edc1a9b94c59aaf2b813402e8f7c0cd7599646078a909c88927064c202f00f4f9b3f920b899ecc4f509e03b6a799e3ea6f5937e3b7f2efd4e8064ab11fb2cc9701632e61a274a76d8e3d2ce1c381e9ba677e24a5e87bb098fe0004000b000500c200d2000000"], 0x374}, 0x1, 0x0, 0x0, 0x40001}, 0x4008040)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x40006, 0x1000000000000e2, 0x9372, 0xffffffffffffffff, 0x10000027ffc)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2)
mmap$auto(0x0, 0x400009, 0x200, 0x9b72, 0x2, 0x6)
pread64$auto(r2, 0x0, 0x201, 0xc000)
syz_clone3(&(0x7f0000000700)={0x100, &(0x7f0000000080), &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000280), {0x1}, &(0x7f0000000640), 0x0, &(0x7f0000000680)=""/38, &(0x7f00000006c0)=[0x0], 0x1}, 0x58)
capget$auto(&(0x7f0000000780)={0x1, r3}, &(0x7f00000007c0)={0x58, 0x6, 0x8})
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x400053, 0x9)

4.301089068s ago: executing program 6 (id=9253):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0x2c, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0)
dup$auto(r0)
socket(0x2, 0x801, 0x106)
socket(0xa, 0x2, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_ratio\x00', 0x202, 0x0)
socket(0xa, 0x2, 0x3a)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0)
ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0)

4.021516054s ago: executing program 3 (id=9254):
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
pipe2$auto(0x0, 0x80)
r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2c00, 0x0)
ioctl$auto_EVIOCSMASK(r1, 0x40104593, &(0x7f0000000080)={0x2, 0x80000000, 0x7f})
close_range$auto(0x2, 0x8, 0x0)
openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2242, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x191000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0x10001, 0x400000000003, 0x3, 0xffffffffffffffff, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0)
getpid()
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
unshare$auto(0x40000080)
r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/driver/nvram\x00', 0xa502, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f00000001c0)=""/213, 0xd5)

3.739795194s ago: executing program 6 (id=9255):
r0 = socket(0x2a, 0x2, 0x1)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55)
io_uring_setup$auto(0x1, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
connect$auto(0x3, &(0x7f0000000000)=@qipcrtr={0x2a, 0x0, 0x1}, 0x54)
socket(0x1e, 0x0, 0xfffffeff)
mmap$auto(0x0, 0x6, 0x4, 0x40eb2, 0xffffffffffffffff, 0x308000000000)
write$auto(0x3, 0x0, 0xfffffdef)
socket(0xa, 0x801, 0x106)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmallocinfo\x00', 0x0, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
write$auto(0x1, 0x0, 0x80000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x3, 0x800, 0x6)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
sendto$auto(0x3, 0x0, 0x3f, 0x101, 0x0, 0x1c)
ioctl$auto(0x3, 0x541b, 0x38)
r2 = fcntl$auto(0x0, 0x407, 0x0)
mmap$auto(0x0, 0xe983, 0x3, 0xcb1, r2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)

2.31824615s ago: executing program 3 (id=9256):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x9, 0x5, 0x7f)
socket(0x2, 0x3, 0x2)
madvise$auto(0x400, 0x8, 0xffff)
socket(0xa, 0x5, 0x0)
socket(0x11, 0x80003, 0x1d12)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="000829bd70db"], 0x18}, 0x1, 0x0, 0x0, 0x24000}, 0x20000800)
sendmsg$auto_NL80211_CMD_NEW_KEY(r0, &(0x7f0000000200)={&(0x7f0000000180), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004040}, 0x20008000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/misc/hw_random/rng_quality\x00', 0x8a801, 0x0)
write$auto(r2, &(0x7f0000000000)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r3 = socket(0x2, 0x1, 0x0)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x6, 0x20000000)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0)
r5 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r5, 0x29, 0x3e, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(0xffffffffffffffff, 0x0, 0x10001)
close_range$auto(0x2, 0x8, 0x0)

2.297143953s ago: executing program 6 (id=9257):
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x5, 0x0)
openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40041, 0x0)
open(&(0x7f0000000040)='./file1\x00', 0x165840, 0x151)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptycf\x00', 0x800, 0x0)
openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0x1d, 0x2, 0x7)
socket(0x2, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
open(&(0x7f0000000100)='.\x00', 0x0, 0x44c)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x1aa, 0x0, 0x6, 0x0, 0x5, 0x1001}, 0x5}, 0x2, 0x100)
bpf$auto(0x9, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x71c, 0xfaae, 0x468, 0x2, 0x8000000000000001, 0x80, 0x7, 0x1, 0x1fc, 0xff, 0xb5, 0x4, 0x40004, 0xd9ee}, 0xe3)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x200)

2.039765946s ago: executing program 8 (id=9258):
msync$auto(0x200000, 0x2000000005, 0x6)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa)
unshare$auto(0x40000080)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000)
r1 = socket(0x2, 0x3, 0xa)
getsockopt$auto(r1, 0x0, 0x30, 0x0, &(0x7f0000000040)=0xdbb)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x7ffc)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, r0)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084)
madvise$auto(0x0, 0x200007, 0x19)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7f, 0x9, 0x0)
mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0)

1.792820035s ago: executing program 6 (id=9259):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000001cc0)='/sys/kernel/tracing/trace\x00', 0x200c0, 0x0)
read$auto(r2, 0x0, 0x20)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6)
mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000)
getdents$auto(0xffffffffffffffff, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$auto(r3, 0x10f, 0x80, 0x0, 0x14)
gettid()
shmctl$auto_SHM_INFO(0x3, 0xe, &(0x7f00000002c0)={{0x7, 0x0, 0xee01, 0x1, 0x9, 0x5, 0x5}, 0x6, 0x6, 0x100020000000000, 0x1000, @inferred, @inferred, 0x9, 0x0, &(0x7f0000000180)="617e2de2c8e3786856f6f335dc392090faed578f6af6f7238e01fa8256b96b5ad4973254e7800e71537cf4b3cbe1aa7d6f7a01f808c4d31f30da71b1e00dbdfeb5ac5637421219707150472255bcf0c1fb1f43f4833b3d6fdd9d9b73de340aa67a145b7bffbea4158004657e2563f037fe08358e338e9b5ba86b0c319515c34dd82e2516b9f06071d76a5dde3d850de754682b0cd5e970af2f365c9d5f12ec48d8893738959c47bd6acc9616ef03ea90fc3ab6d422008eea4f6b55691045bf", 0x0})

1.701632159s ago: executing program 3 (id=9260):
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
r1 = openat$auto_regulator_summary_fops_(0xffffffffffffff9c, &(0x7f0000001680), 0x40, 0x0)
read$auto_regulator_summary_fops_(r1, &(0x7f00000016c0)=""/213, 0xd5)
setsockopt$auto(r0, 0xe4, 0x6, 0x0, 0x4)
r2 = open(0x0, 0x14927f, 0x0)
select$auto(0x9, 0x0, 0x0, &(0x7f0000000140)={[0x9, 0x5, 0xb, 0xa63f, 0x7fffffff, 0x6, 0x9, 0x5f, 0x7d2ee4e8, 0x6a7, 0x1, 0x5, 0x2, 0x0, 0x7, 0x5]}, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0))
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2400, 0x0)
syz_genetlink_get_family_id$auto_seg6(0x0, r2)
sendmsg$auto_SEG6_CMD_SETHMAC(0xffffffffffffffff, 0x0, 0x80)
mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_L2TP_CMD_SESSION_MODIFY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x40000010)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000000)=0x9000c)
sendmsg$auto_L2TP_CMD_SESSION_CREATE(r3, 0x0, 0x400c04c)
bpf$auto(0xff, 0x0, 0x3fc)
mmap$auto(0x0, 0x400008, 0xdf, 0x1b, 0x2, 0x40000000008000)
mprotect$auto(0x0, 0x806121, 0x6)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x440c0)

1.636605959s ago: executing program 9 (id=9261):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nl80211(0x0, r2)
syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2})
r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x1028, r4, 0x1b, 0x70bd26, 0x25dfdbfb, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x1c, 0x0, 0x0, @fd}]}]}, @OVS_PACKET_ATTR_ACTIONS={0xffc, 0x3, 0x0, 0x1, [@generic="45167eab3bed37f707641200007240faae86ada13ca8aa30", @generic="156e8582b5d971b7c8ea9f7358ba002fe4a4098f863958bc4bb878296de239f6121744f3d53f7f8bd7cd58b7bde427ceb080fb6e6649513522a0828ab0ebb333b1d7a3e7a5c55969a954c82f9bc305b98445030a6f031d39ec216adeb1a27f67ddd8d532dd065c0c86f5b4cb2a0735253894289a91b1cb6a6ec1dfa4a23b0fe054cb5befc1b69371606fecfb00fade361ac34892dee50761a1091fcd12acf561d943c93a46bc4eddacdc91c156b4ef15f785f1c1ccce8f260349c08fd8e37ca42e2ef5fff7a9549e904c884595943ba9d2bb4cb86ab17e6f321b81e3b2c3cd21d942623532d1f6a5fe2e3b2236ec6e70a899ed956440cd2b36727066a67f3c8de04903170894c1e19f2770a70a33ad4079ce7c1a8c0b80078ed60e4d5039f6bc67369960445f6c1ad2bd1bb7c3a346b0b54424dbd9126eeb7a968c0f1d1f563ded17ff3a9daa1e408355856a8c39f421f1b9394f6fa5737bc3520e0f5f04bd82b90ae2b98264bdfa40215aa8fbebcff062c37d2556c50a65b61c0260e2e274e66ee1dbee0a9779fc977287dd8bf24aacf1f42cb8fe939acac8072af52a98abfd7cb6659c8e34057b0ad55a43c2c30ccca28ff90c94eb6aaedb805c1b5c93c0da6497b15469d41838447e9ea24fd0110b7954e694bb5c6848573de8034de0c65df91919d14e42903f552850ee90b8266d33cd77c6fd3ea529b7457bae2f72bd5768e2d9e4e619574a1ab7e0800a37e810e3b2e7c2c62bb63f126ff76c750ec3bdb2e7a07993aa8ea4e708be8e8145404bfc13db878a605fe6d3298c1000156a269b74953d21f0911a2768cd84168231563e5f57f9e92358c07d2cffb5cb98dc0a8f763bee29e05d3c6563c567ca5f34a227c39969f2da2108b3b84bc78b34e2e208a6b75365d650e2330ed4bf4509b024666a4f42385ccd9b9d1afd37c93f25fc8395dcd17d57fc431f9136c5b92f5130427fc0d59fac6df29d74b30be5422ae9a578c2d613f0f8f1a38f4b862292b8f96e8d324206343f86fa232341de5eb065d7d544a84a4fcdc9b84438e8fd2c16e02141acf7b656a4314974f5639b861affb0fc08bd824b1b52054906d2621f88b5dc5aa4a6b2763f5a94da46b96486dc173fd9b2de6b1ac9478b9ab48c01b0b79579ff9f0b2b1119c1c068ec71514e67198d5e480d5881055e150f4cc3fc6f8512c0890afa7dee1bc78c97ce7404530f12a04277608eab05f7e7edd30ae978d955d80b91c8faaae8eb1273b016a0c01c9cd8c023dec85ff5f3c6ce700e6bd1e597262d829166d3c2ca78bf1ef2de9b479e3b65a5edec569c50f022858a71bd6017b5bce54b77f1d3bf952ea096ca77b20b3b253843395da7ae13f71daef6b5338dad239d199b1d56ae0da6f02d68967827da4a7b3cda7f31d7f98201ae33290ba25a038d433be41995d0e23a6381a92a929786dd3a2bbcd1ae06a4b7b826a752bc8faa099ca9ecfaf7d26264636523f9ed4c8eae0d7acbaf83d9337d96897592556c256d6e3ad4632184749d016dc70db1af92d1ee4dbc516fe910577c2977bb9ae70525464cfdaabda391bd7b36bac6eef59a6df013d539357f6d18d8abec63f3c488043d8b44ea1767de5a4918ac358b3d79852473894ecff4d101315be10b19b0b347ad3e2846c81d53de7124d5f8810cbc6aa381f8ede9324644357410f286fe935f8e1044171a7df0d850224ec7f08ef1ab0e2cd42e38235b956bf5ff19daced58e2b1d5b665a665ebfa8e3d8973b33647602efeb0089bde265353719bbdf922a8db498a71bcef1f7b9cbee59258e3736d50a9a3828392607a8f393d3da6d11585b7de699ae6f23baaf9dfb5190f73551801d8da2de9e861de887f61e1c687a7ed1b542ba51a9a7fc745cf43ada692ab1cdb8bd089d1b65bc5d9b2e84a72ef35b8a8844f2ed9be4df73f20243766c97efc3a7926750b007aa631f9bbe6fa34899402067522fcd0fc5267c5f8804a2cc77666f57548b75b11b6b5bf9d042af8add84b1358d4b0f38e0425380c3fb9978f9c19f2f44865bd86916dbe1aae8b80a16b6e8929cbf7a8101bb4888832392c875f4ed39163cfe0750fac1c8fba4a0fc1fb9a6b814bf40acd371362b129bf29bf2b3578b124e2c29d76d2a7ac870be69b6f6dcd6b1b67849dbd444d17eb8f64437177a0b35f80cf177812b894f70da4b1c814cfc6df8be67c79d736b46de16924a9b95da8e47c1674069a6522ede3d1ad36a1c3be350eb44764b511e6e46f6b3f6bbab3473914b2ca9aba785ffdc346cb8f4099dd69d6efe9f20de4558163eb5d096b54416a0f43f9c989a9955000617a18c6d948d5f22126b0ec94395abbc32f7a6bbeb16d608018d5bb0f1f1dd70c839e5a144bb760fe94f1dd8220781f1415bcbd26d86fc3520905d6bcb3b5de29f9d3f0d9dda0229ec95e54d95a898dd527807c9bdcbd23fe899da6735eb77e71acdb27f32232da3dd6199136efe87e11a82432c3007e4b411ae05cd17372c4ba6e2a0f27fd1db6c80084991ff72497d7ad35977d4c49be9bf8d104954c305b68aa4c627bf224f75fccac7a379503fffccf72bad202aa61b1afd3293728520adeb2176b8f140e8ae2026e84c7fea6a12a291d659083b6d0eceaaac826bd94dd82141aa545250428342e5749a00aa8e146b42c38f41c510c476a693b3b220c52896114e7c4ff285c4aeee3993ec2a4c365797be190f722be540fbf304e85ffd263a03ace9753dc07d0575e950eacc5a082195f2a2a9e1d6dccc46eb4b5dc936744dcbe310c45b21e014938360af42a8f5d26245d275ee8a09d450b5800b054be17792986f1bec99e2040f163aef398d435e813d0ad4bd99dfbf49bc93e3b0ae11bf9e3379b97b171d945402859112d1a5446882cf37062cb3d597e42a3ce82a549430bceb14943e1deb7ad698cd7756cd2c7e91ff3efb2157c6f78b909f1df13c1e859de4c2e06b53ef8c335ea60d77bb9f9f7801cb406d12868e506214f0a8d3c8996dad0bbeb4b7e9a2ee7e0123d0921038bbb58a4a5c34fac411fde97185d931ec8ebffd3a83778c1419fef99136577331a7280b97b3ec0417958cc1ca686709c1b4f9fd605e705c8c4d11722e56b11cf5aee15c0788ec27b01d6e50c701c7c0159f8f794750d47bec2530a37408eb45e38127266550607cad2e1db5af48bf965ecfda5fd4109d75e219f815b7c17dd81e4e8386f2f59b6f60bf082bcda9557d442381c64acd832fdc21df9b64a2ef6d8a70a100b5b037adf2bfcdc1eff57042847620a9392f1949bbe479d2d4c67dcc9bf979b7e7d327b7c6e20b84445f719adffec4236b9fffb9600bfa8f26ff0bbe61b2ceeca6947c01f55a4a96d3591e9e3f92f8d3a6acee1bcf2050d55e6d22a722114271a7a87344faeb434206da5a36d6607ad8d9bf59fec2688b4e297051d15d9aafeaa3559d75bea88c831a3e2178eaea9869f345d413ed6314762bdd0bf8e01bbc356a6e2d1b090eb8eac00777f2c74a00319f8bcbd29b4a1e18dedc6c0a84a5e154890cc67b0fa0d750689c9efd9360d11aac29fe4fb5401a4702e59f575578df4d8bba519868e6015813ddfb818407c3c04670fa1058b1aad486d5caeb6fe6cd639c269aca1a287fa8d1d8efbb519b34fd2196c5cb31526f106ae4c7d38857eb0e34420369ff3bf07e1eb63d0f650a156651c9d836cd00d1441288bef3d7e9d281bd4b5e4876f4eeaa3d37beaaf2db6b4903c429d1047beb5d67789e87210fc9feff5a8285fff95c3800b20152630e25d7b0c494ee1a92b8bb98d406d9c8d69e76f93186518a5307a840658ed76f425c9055f74529a81d4e9afbd5dec0f1ecb5d8d706cb62635078041effa6a4668d277be92157cf0a8710dcba5218afad7dd44b8ed48590e49934909eb80d599843a21bd70198da950e9a6887c010d0a4bc6b68cd992d16e44102e5b06aef610c4f753facfc16dde5795830aec5faf12f6664cb493397ab2ec60172d64d96e08bff5f15b371a286ef4bcbf3b1bd1dd33d79c2994d821272fa4e081e582a7b25a263b7c01fd1b7e582f851a7409c8e5b5de991075cec3939f5d52c9eed6806031759af1c4f407a3b6a558f534d2da5491a93db21fa3b721b91d13cda52d8bb23fd41b8022d18a43d6979cb31fe7d7e9d4cddc60daad77b5ad02516fd1b0a6fe5d78cfa0a15f8eae65c84e22da84b24f0893d2e0324d2f93a83f3b322f31a741d52e9bf5c85c5229a83b325d67141a6c8b5a8fecf245d6651bb4ec917b61589ef102855ae0be7d248f86fe85d00ef8a6bf3482d4671757657822191b4a7a839fbbb3d255faea2ac1a7af9b82dc2bb62d07dc884e0add91820ec9e64193825b7c23c30970456150633f64ddfe04e42581a856c53e92179ecb127c79c348f50bbb1330e936ec24cd2c8b314960a04f882d19d81b0437a706920cb845065853c1d136221aad87856fd92ea9faab274b85376e9e4bc4c43e90a9463e9fe612c3ce9f7e44f91fdb8c006a36d00e1a7bf19ab437ae950ec453181a3795af8eae73c8de3a8624317d7830d495ba16a2885dafe46cfaa0eb755744061da4b2e206566f616ccf58732c74ea3fdb56f501b9a92a1952c1ce7bfb6074b2194dfec258873930ad6db80ae94b84b81e4740a62ebbdef51c6ae9f4edf91385c9b001828c38fc6f9ad50d9833db69f1e74d1bb8d8a85692ae87115fd667a05106bf2fdd62d6860c95da5446d0105a922a7fc7a1f6c51d5653f107b25d8dca5ebcc2add7d995c9bf15e27882beab95481bfc13023f4a0215f6d9e776108f063b70ab5f94674f45a8e2013c15d3f914d4f9a24b5ff2a802e4c79c7edf30b0f022b58eb1180000b99df7549f96fbde670fae02edcaf1f4a0f2670a7e9df80cb3300f1751f3ad13b3f4ea631a96fbefd17049ccb0138867597ebcd396a9f0310bc031f874058918bdd15a07fc75df8d0afaab66a9e7b4d0bb010aaa717816d396934cff24aa3f455b59ed6e51f15d85a45b49b6010eba20710e0e79de92a8610121ca7fb71256d5aa2c7dec0b8b447ca7895e17d2ec174e7805036db54fd5536f1231228f3afa7fea3bc13a8cd9bc2881488c390c96f17d33116725c7468ca6857647071133134f540e58e94be860daa249e5ab488dd6d23c78f398c6ef9a16010d7a35176d7cb2d9cdc9d93fe2503b40bddb0c2e3bc01d7c4d756a4f36f3657b13aedfe3eed25e1426a7d10cb43081242f97838cc60c358261e4bc8331be9a99897c27c636cffdafb43350315ab2b5293e71587802333540cddd0577424e0281de388ec308774a488fa0d7711e2f601a2a6a2c93ab410e401c7fa5ccb0a4703651293b5cccab8360295603ba4cf4274ddd734b19909bd9f98308726d264465afebf0f934af72730ebb8432bb4c0ae93596ebd1124f6006ba17271ec780e29872b52e1109d94276afd4c45bd0e1b4cf933a69262438d424994d0d8fa6783a30da9a968b0b651e2abdd08f1f20a082016e93cd97bd3feee244706942de39e174607bf9e73dc4b6d341c74df120fabb0407f85a85fdf005d3557844db390649f09c476d0ae99102562a1217d9a12f575e07a5936681eaa3ffa47817af836a31faefd0f2455b665bc5f498446d3f41dd43d2b5859f29f570c213a69e2ac651e9c8e0a9e9c0fcdf5178de22df191b4b4b62e77b8083eeb5a07a2f102c1fa6a1df2f92cfb92b44a3abfaac37610f4cc89f1b7fd45417065eb14c85d"]}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x1028}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r5, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d33697", 0x2e1)
ioctl$auto_SNDCTL_SEQ_SYNC(r5, 0x5101, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/cards\x00', 0x2, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x7fffffff, 0xffffffffffffffff, 0x10c)
mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000)

1.175971998s ago: executing program 3 (id=9262):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2008000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000002880), 0xffffffffffffffff)
sendmsg$auto_L2TP_CMD_TUNNEL_GET(r1, 0x0, 0x0)
connect$auto(0x4, 0x0, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28001)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0x40047452, &(0x7f0000000000)=0x65ab)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/i8042/serio1/resolution\x00', 0x183902, 0x0)
write$auto(r2, 0x0, 0x4)
r3 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/oom_score_adj\x00', 0x24200, 0x0)
prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x22, 0x2, 0x4)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r4, &(0x7f0000000000)='//\xf2\x00', 0x80000000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r5 = prctl$auto_PR_SCHED_CORE_CREATE(0x6, 0x1, r0, 0x6, 0x4)
fcntl$auto_F_GETFL(r5, 0x3, 0xff)
io_uring_register$auto(r3, 0x2, &(0x7f0000000040)="355c35e57be570774523abaf8d8dfbf6bf3b9a95953fe9d1ec8d5a0dccdf84a1cfe468881cd5254c35bf0b2359eecfa1c4eb19758aa36a7cc227adf2b7a5d4a46a8d1eae1166a039e1575fc579af6a994c7002f8c5c88fbee2141326d55ed057b23ab5491dbee082a0ef14dbcb8a1e14bb95ee6322a6c2f47240392906570d2c788248a0c19503ed946acfe058e8d970a4382c4af44ee456f933a05092adb87324b248b52c", 0x198)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY(0xffffffffffffffff, 0x0, 0x40880)

1.112203633s ago: executing program 6 (id=9263):
sched_get_priority_max$auto_SCHED_IDLE(0x5)
socket(0x2, 0x3, 0xa)
write$auto(0xca, &(0x7f0000000300)='\x00', 0x10)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)={0x20, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@HWSIM_ATTR_IFTYPE_SUPPORT={0x8, 0x17, 0x8}, @HWSIM_ATTR_SUPPORT_P2P_DEVICE={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0)
mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0xe8)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffdcb, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x200040c4}, 0x440c5)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x4, 0x7, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x10001, 0x7, 0x8001, 0x7ffffff8, 0x5, 0x7, 0x5, 0x61, 0x103})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

0s ago: executing program 3 (id=9264):
unshare$auto(0x40000080)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
socket(0x2b, 0x1, 0x0)
listen$auto(0x3, 0x81)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000)
socket(0x10, 0x2, 0x0)
r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0)
ioctl$auto(r1, 0x5646, r1)
statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x9, 0x1, 0x3ff, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0xffffffff, 0x6, 0x4, 0xb0, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1000000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x7, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7]}, 0x202, 0xd)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0)
capset$auto(0x0, 0x0)
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

0 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1156.157472][T28770] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1156.157507][T28770] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1156.157530][T28770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1156.157551][T28770] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1156.157571][T28770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1156.157592][T28770] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1156.157638][T28770]  </TASK>
[ 1156.812313][ T5835] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9
[ 1157.543571][T28788] FAULT_INJECTION: forcing a failure.
[ 1157.543571][T28788] name failslab, interval 1, probability 0, space 0, times 0
[ 1157.600567][T28788] CPU: 0 UID: 0 PID: 28788 Comm: syz.5.7834 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1157.600609][T28788] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1157.600619][T28788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1157.600634][T28788] Call Trace:
[ 1157.600643][T28788]  <TASK>
[ 1157.600653][T28788]  dump_stack_lvl+0x100/0x190
[ 1157.600694][T28788]  should_fail_ex.cold+0x5/0xa
[ 1157.600722][T28788]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1157.600765][T28788]  should_failslab+0xc2/0x120
[ 1157.600790][T28788]  __kmalloc_noprof+0xe0/0x850
[ 1157.600825][T28788]  ? rcu_is_watching+0x12/0xc0
[ 1157.600867][T28788]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1157.600909][T28788]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1157.600947][T28788]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1157.600981][T28788]  ? genl_get_cmd+0x3ef/0x720
[ 1157.601021][T28788]  ? bpf_lsm_capable+0x9/0x10
[ 1157.601045][T28788]  ? security_capable+0x80/0x260
[ 1157.601078][T28788]  ? ns_capable+0xd2/0xf0
[ 1157.601103][T28788]  genl_rcv_msg+0x560/0x800
[ 1157.601140][T28788]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1157.601175][T28788]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1157.601219][T28788]  netlink_rcv_skb+0x159/0x420
[ 1157.601249][T28788]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1157.601285][T28788]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1157.601327][T28788]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1157.601360][T28788]  genl_rcv+0x28/0x40
[ 1157.601411][T28788]  netlink_unicast+0x5aa/0x870
[ 1157.601471][T28788]  ? __pfx_netlink_unicast+0x10/0x10
[ 1157.601533][T28788]  netlink_sendmsg+0x8b0/0xda0
[ 1157.601582][T28788]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1157.601622][T28788]  ? __import_iovec+0x1d2/0x640
[ 1157.601679][T28788]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1157.601734][T28788]  ____sys_sendmsg+0xa54/0xc30
[ 1157.601777][T28788]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1157.601817][T28788]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1157.601858][T28788]  ___sys_sendmsg+0x190/0x1e0
[ 1157.601895][T28788]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1157.601963][T28788]  __sys_sendmsg+0x170/0x220
[ 1157.601990][T28788]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1157.602017][T28788]  ? __x64_sys_futex+0x34f/0x4d0
[ 1157.602065][T28788]  do_syscall_64+0x106/0xf80
[ 1157.602090][T28788]  ? clear_bhb_loop+0x40/0x90
[ 1157.602119][T28788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1157.602144][T28788] RIP: 0033:0x7f7fc319c629
[ 1157.602164][T28788] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1157.602188][T28788] RSP: 002b:00007f7fc40b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1157.602211][T28788] RAX: ffffffffffffffda RBX: 00007f7fc3415fa0 RCX: 00007f7fc319c629
[ 1157.602227][T28788] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[ 1157.602241][T28788] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1157.602256][T28788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1157.602270][T28788] R13: 00007f7fc3416038 R14: 00007f7fc3415fa0 R15: 00007ffdfc7b8ce8
[ 1157.602300][T28788]  </TASK>
[ 1158.154651][T28777] kexec: Could not allocate control_code_buffer
[ 1158.305059][ T5835] Bluetooth: hci5: Malformed Event: 0x02
[ 1159.818735][T28834] random: crng reseeded on system resumption
[ 1160.794291][T28852] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[ 1161.380442][T28870] netlink: 186 bytes leftover after parsing attributes in process `syz.6.7857'.
[ 1161.393397][T28870] netlink: 186 bytes leftover after parsing attributes in process `syz.6.7857'.
[ 1162.916002][T28896] futex_wake_op: syz.0.7871 tries to shift op by -2048; fix this program
[ 1162.976552][T28896] futex_wake_op: syz.0.7871 tries to shift op by -2048; fix this program
[ 1163.043435][T28901] netlink: 'syz.3.7865': attribute type 4 has an invalid length.
[ 1163.090066][T28901] netlink: 'syz.3.7865': attribute type 32 has an invalid length.
[ 1163.119359][T28901] netlink: 46 bytes leftover after parsing attributes in process `syz.3.7865'.
[ 1163.170660][T28895] mkiss: ax0: crc mode is auto.
[ 1164.143656][   T30] audit: type=1326 audit(4294967407.377:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28914 comm="syz.0.7869" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4429f9c629 code=0x0
[ 1164.905406][T28935] random: crng reseeded on system resumption
[ 1168.613400][T29006] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7896'.
[ 1168.634999][T28996] FAULT_INJECTION: forcing a failure.
[ 1168.634999][T28996] name failslab, interval 1, probability 0, space 0, times 0
[ 1168.684510][T29006] bridge_slave_1: left allmulticast mode
[ 1168.691335][T29006] bridge_slave_1: left promiscuous mode
[ 1168.714063][T28996] CPU: 0 UID: 0 PID: 28996 Comm: syz.0.7893 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1168.714120][T28996] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1168.714134][T28996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1168.714153][T28996] Call Trace:
[ 1168.714165][T28996]  <TASK>
[ 1168.714178][T28996]  dump_stack_lvl+0x100/0x190
[ 1168.714235][T28996]  should_fail_ex.cold+0x5/0xa
[ 1168.714282][T28996]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1168.714333][T28996]  should_failslab+0xc2/0x120
[ 1168.714366][T28996]  __kmalloc_noprof+0xe0/0x850
[ 1168.714408][T28996]  ? rcu_is_watching+0x12/0xc0
[ 1168.714457][T28996]  genl_family_rcv_msg_attrs_parse.isra.0+0xc2/0x280
[ 1168.714506][T28996]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1168.714550][T28996]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1168.714590][T28996]  ? genl_get_cmd+0x3ef/0x720
[ 1168.714634][T28996]  ? bpf_lsm_capable+0x9/0x10
[ 1168.714661][T28996]  ? security_capable+0x80/0x260
[ 1168.714698][T28996]  ? ns_capable+0xd2/0xf0
[ 1168.714727][T28996]  genl_rcv_msg+0x560/0x800
[ 1168.714807][T28996]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1168.714849][T28996]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1168.714919][T28996]  netlink_rcv_skb+0x159/0x420
[ 1168.714956][T28996]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1168.715006][T28996]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1168.715057][T28996]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1168.715096][T28996]  genl_rcv+0x28/0x40
[ 1168.715132][T28996]  netlink_unicast+0x5aa/0x870
[ 1168.715174][T28996]  ? __pfx_netlink_unicast+0x10/0x10
[ 1168.715224][T28996]  netlink_sendmsg+0x8b0/0xda0
[ 1168.715267][T28996]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1168.715301][T28996]  ? __import_iovec+0x1d2/0x640
[ 1168.715359][T28996]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1168.715403][T28996]  ____sys_sendmsg+0xa54/0xc30
[ 1168.715448][T28996]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1168.715505][T28996]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1168.715557][T28996]  ___sys_sendmsg+0x190/0x1e0
[ 1168.715603][T28996]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1168.715692][T28996]  __sys_sendmsg+0x170/0x220
[ 1168.715727][T28996]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1168.715760][T28996]  ? __x64_sys_futex+0x34f/0x4d0
[ 1168.715818][T28996]  do_syscall_64+0x106/0xf80
[ 1168.715851][T28996]  ? clear_bhb_loop+0x40/0x90
[ 1168.715886][T28996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1168.715917][T28996] RIP: 0033:0x7f4429f9c629
[ 1168.715943][T28996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1168.715973][T28996] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1168.716009][T28996] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1168.716028][T28996] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007
[ 1168.716047][T28996] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1168.716071][T28996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1168.716091][T28996] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1168.716129][T28996]  </TASK>
[ 1168.735887][T29006] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1169.112501][T29006] bridge_slave_0: left allmulticast mode
[ 1169.119710][T29006] bridge_slave_0: left promiscuous mode
[ 1169.134477][T29006] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1169.793837][T29023] futex_wake_op: syz.3.7902 tries to shift op by -2048; fix this program
[ 1169.854344][T29023] futex_wake_op: syz.3.7902 tries to shift op by -2048; fix this program
[ 1170.435993][T29031] netlink: 330 bytes leftover after parsing attributes in process `syz.5.7905'.
[ 1170.539409][T29033] FAULT_INJECTION: forcing a failure.
[ 1170.539409][T29033] name failslab, interval 1, probability 0, space 0, times 0
[ 1170.617547][T29033] CPU: 0 UID: 0 PID: 29033 Comm: syz.0.7906 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1170.617592][T29033] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1170.617602][T29033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1170.617617][T29033] Call Trace:
[ 1170.617626][T29033]  <TASK>
[ 1170.617636][T29033]  dump_stack_lvl+0x100/0x190
[ 1170.617677][T29033]  should_fail_ex.cold+0x5/0xa
[ 1170.617706][T29033]  ? process_preds+0x4c2/0x1d90
[ 1170.617741][T29033]  should_failslab+0xc2/0x120
[ 1170.617765][T29033]  __kmalloc_noprof+0xe0/0x850
[ 1170.617806][T29033]  process_preds+0x4c2/0x1d90
[ 1170.617865][T29033]  ? create_filter_start.constprop.0+0x134/0x310
[ 1170.617909][T29033]  create_filter+0x140/0x210
[ 1170.617947][T29033]  ? __pfx_create_filter+0x10/0x10
[ 1170.617986][T29033]  ? find_held_lock+0x2b/0x80
[ 1170.618013][T29033]  apply_event_filter+0x220/0x500
[ 1170.618052][T29033]  ? __pfx_apply_event_filter+0x10/0x10
[ 1170.618099][T29033]  event_filter_write+0x16d/0x290
[ 1170.618129][T29033]  vfs_write+0x2aa/0x1070
[ 1170.618167][T29033]  ? __pfx_event_filter_write+0x10/0x10
[ 1170.618198][T29033]  ? __pfx_vfs_write+0x10/0x10
[ 1170.618234][T29033]  ? __fget_files+0x215/0x3d0
[ 1170.618278][T29033]  ? __fget_files+0x21f/0x3d0
[ 1170.618333][T29033]  ksys_write+0x12a/0x250
[ 1170.618370][T29033]  ? __pfx_ksys_write+0x10/0x10
[ 1170.618417][T29033]  do_syscall_64+0x106/0xf80
[ 1170.618443][T29033]  ? clear_bhb_loop+0x40/0x90
[ 1170.618473][T29033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.618498][T29033] RIP: 0033:0x7f4429f9c629
[ 1170.618518][T29033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1170.618542][T29033] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1170.618566][T29033] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1170.618583][T29033] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003
[ 1170.618599][T29033] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1170.618615][T29033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1170.618630][T29033] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1170.618662][T29033]  </TASK>
[ 1171.179284][T29039] input: f�
 as /devices/virtual/input/input21
[ 1172.175306][ T5835] Bluetooth: hci4: unexpected subevent 0x03 length: 253 > 9
[ 1173.287958][T29069] FAULT_INJECTION: forcing a failure.
[ 1173.287958][T29069] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1173.353143][T29069] CPU: 0 UID: 0 PID: 29069 Comm: syz.3.7918 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1173.353204][T29069] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1173.353218][T29069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1173.353239][T29069] Call Trace:
[ 1173.353252][T29069]  <TASK>
[ 1173.353266][T29069]  dump_stack_lvl+0x100/0x190
[ 1173.353336][T29069]  should_fail_ex.cold+0x5/0xa
[ 1173.353371][T29069]  ? prepare_alloc_pages+0x16d/0x5f0
[ 1173.353413][T29069]  should_fail_alloc_page+0xeb/0x140
[ 1173.353449][T29069]  prepare_alloc_pages+0x1f0/0x5f0
[ 1173.353485][T29069]  ? rcu_is_watching+0x12/0xc0
[ 1173.353543][T29069]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[ 1173.353592][T29069]  ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0
[ 1173.353644][T29069]  ? __pfx_css_rstat_updated+0x10/0x10
[ 1173.353697][T29069]  ? find_held_lock+0x2b/0x80
[ 1173.353735][T29069]  ? rcu_read_unlock+0x17/0x60
[ 1173.353769][T29069]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1173.353817][T29069]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1173.353866][T29069]  ? page_counter_charge+0x1d2/0x240
[ 1173.353911][T29069]  ? rcu_is_watching+0x12/0xc0
[ 1173.353965][T29069]  ? trace_mm_page_alloc+0x17a/0x1d0
[ 1173.354017][T29069]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1173.354078][T29069]  ? policy_nodemask+0xed/0x4f0
[ 1173.354115][T29069]  alloc_pages_mpol+0x1fb/0x550
[ 1173.354151][T29069]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1173.354186][T29069]  ? do_raw_spin_lock+0x128/0x260
[ 1173.354255][T29069]  ? find_held_lock+0x2b/0x80
[ 1173.354285][T29069]  ? __pud_alloc+0x575/0x760
[ 1173.354325][T29069]  alloc_pages_noprof+0x131/0x390
[ 1173.354361][T29069]  __pmd_alloc+0x3b/0x9c0
[ 1173.354395][T29069]  ? __pud_alloc+0x57a/0x760
[ 1173.354433][T29069]  walk_to_pmd+0x3a3/0x4c0
[ 1173.354476][T29069]  get_locked_pte+0x25/0xc0
[ 1173.354515][T29069]  map_ldt_struct+0x3c1/0xa70
[ 1173.354559][T29069]  ? __pfx_map_ldt_struct+0x10/0x10
[ 1173.354593][T29069]  ? alloc_pages_noprof+0x233/0x390
[ 1173.354632][T29069]  write_ldt+0x6d3/0xd40
[ 1173.354681][T29069]  ? __pfx_write_ldt+0x10/0x10
[ 1173.354724][T29069]  ? xfd_validate_state+0x129/0x190
[ 1173.354786][T29069]  __x64_sys_modify_ldt+0xb1/0x170
[ 1173.354822][T29069]  do_syscall_64+0x106/0xf80
[ 1173.354858][T29069]  ? clear_bhb_loop+0x40/0x90
[ 1173.354901][T29069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1173.354937][T29069] RIP: 0033:0x7faf9579c629
[ 1173.354965][T29069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1173.354999][T29069] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[ 1173.355033][T29069] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1173.355056][T29069] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001
[ 1173.355076][T29069] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1173.355097][T29069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1173.355117][T29069] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1173.355160][T29069]  </TASK>
[ 1174.324508][   T30] audit: type=1800 audit(4294967417.547:39): pid=29069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7918" name="trace_marker" dev="tracefs" ino=3889 res=0 errno=0
[ 1174.892540][T29085] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7923'.
[ 1174.937101][T29086] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input22
[ 1175.044901][ T5835] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1175.300115][T29097] FAULT_INJECTION: forcing a failure.
[ 1175.300115][T29097] name failslab, interval 1, probability 0, space 0, times 0
[ 1175.346266][T29097] CPU: 1 UID: 0 PID: 29097 Comm: syz.5.7927 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1175.346326][T29097] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1175.346340][T29097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1175.346361][T29097] Call Trace:
[ 1175.346373][T29097]  <TASK>
[ 1175.346386][T29097]  dump_stack_lvl+0x100/0x190
[ 1175.346442][T29097]  should_fail_ex.cold+0x5/0xa
[ 1175.346481][T29097]  should_failslab+0xc2/0x120
[ 1175.346527][T29097]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1175.346573][T29097]  ? __kernfs_new_node+0xd2/0x960
[ 1175.346624][T29097]  __kernfs_new_node+0xd2/0x960
[ 1175.346673][T29097]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1175.346728][T29097]  ? find_held_lock+0x2b/0x80
[ 1175.346757][T29097]  ? kernfs_root+0xee/0x2a0
[ 1175.346798][T29097]  ? kernfs_root+0xee/0x2a0
[ 1175.346852][T29097]  kernfs_new_node+0x11b/0x1a0
[ 1175.346907][T29097]  __kernfs_create_file+0x53/0x350
[ 1175.346947][T29097]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1175.347009][T29097]  internal_create_group+0x593/0xf40
[ 1175.347079][T29097]  ? __pfx_internal_create_group+0x10/0x10
[ 1175.347140][T29097]  sysfs_slab_add+0x1a4/0x1f0
[ 1175.347193][T29097]  do_kmem_cache_create+0x472/0x540
[ 1175.347261][T29097]  __kmem_cache_create_args+0x386/0x420
[ 1175.347312][T29097]  mon_text_open+0x333/0x510
[ 1175.347356][T29097]  ? __pfx_mon_text_open+0x10/0x10
[ 1175.347402][T29097]  ? __pfx_mon_text_ctor+0x10/0x10
[ 1175.347443][T29097]  ? find_held_lock+0x2b/0x80
[ 1175.347473][T29097]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1175.347513][T29097]  ? lockdown_is_locked_down+0x3d/0x140
[ 1175.347551][T29097]  ? bpf_lsm_locked_down+0x9/0x10
[ 1175.347586][T29097]  ? __pfx_mon_text_open+0x10/0x10
[ 1175.347628][T29097]  full_proxy_open_regular+0x1b6/0x370
[ 1175.347674][T29097]  do_dentry_open+0x6d8/0x1660
[ 1175.347726][T29097]  ? __pfx_full_proxy_open_regular+0x10/0x10
[ 1175.347781][T29097]  vfs_open+0x82/0x3f0
[ 1175.347825][T29097]  path_openat+0x208c/0x31a0
[ 1175.347871][T29097]  ? __pfx_path_openat+0x10/0x10
[ 1175.347918][T29097]  do_file_open+0x20e/0x430
[ 1175.347953][T29097]  ? __pfx_do_file_open+0x10/0x10
[ 1175.348015][T29097]  ? alloc_fd+0x476/0x790
[ 1175.348071][T29097]  ? do_getname+0x191/0x390
[ 1175.348113][T29097]  do_sys_openat2+0x10d/0x1e0
[ 1175.348154][T29097]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1175.348198][T29097]  ? __sys_sendmsg+0x18f/0x220
[ 1175.348255][T29097]  __x64_sys_openat+0x12d/0x210
[ 1175.348299][T29097]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1175.348358][T29097]  do_syscall_64+0x106/0xf80
[ 1175.348393][T29097]  ? clear_bhb_loop+0x40/0x90
[ 1175.348434][T29097]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1175.348468][T29097] RIP: 0033:0x7f7fc319c629
[ 1175.348498][T29097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1175.348530][T29097] RSP: 002b:00007f7fc40b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1175.348563][T29097] RAX: ffffffffffffffda RBX: 00007f7fc3415fa0 RCX: 00007f7fc319c629
[ 1175.348585][T29097] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c
[ 1175.348607][T29097] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1175.348628][T29097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1175.348647][T29097] R13: 00007f7fc3416038 R14: 00007f7fc3415fa0 R15: 00007ffdfc7b8ce8
[ 1175.348691][T29097]  </TASK>
[ 1175.350106][T29097] SLUB: Unable to add cache mon_text_ffff888025638800 to sysfs
[ 1175.996325][T29106] netlink: 'syz.3.7929': attribute type 5 has an invalid length.
[ 1176.007230][T29106] netlink: 'syz.3.7929': attribute type 1 has an invalid length.
[ 1176.024115][T29106] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7929'.
[ 1176.075366][T29108] netlink: 'syz.3.7929': attribute type 5 has an invalid length.
[ 1176.212391][T29108] netlink: 'syz.3.7929': attribute type 1 has an invalid length.
[ 1176.253269][T29108] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7929'.
[ 1176.582366][T29110] tipc: Withdrawal distribution failure
[ 1176.834275][T29126] FAULT_INJECTION: forcing a failure.
[ 1176.834275][T29126] name failslab, interval 1, probability 0, space 0, times 0
[ 1176.886255][T29126] CPU: 0 UID: 0 PID: 29126 Comm: syz.5.7934 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1176.886314][T29126] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1176.886335][T29126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1176.886356][T29126] Call Trace:
[ 1176.886367][T29126]  <TASK>
[ 1176.886380][T29126]  dump_stack_lvl+0x100/0x190
[ 1176.886437][T29126]  should_fail_ex.cold+0x5/0xa
[ 1176.886477][T29126]  should_failslab+0xc2/0x120
[ 1176.886510][T29126]  __kmalloc_cache_node_noprof+0x7d/0x770
[ 1176.886581][T29126]  ? __alloc_workqueue+0x711/0x1880
[ 1176.886618][T29126]  ? lockdep_init_map_type+0x5c/0x250
[ 1176.886672][T29126]  __alloc_workqueue+0x711/0x1880
[ 1176.886718][T29126]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1176.886760][T29126]  alloc_workqueue_noprof+0xd2/0x200
[ 1176.886801][T29126]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[ 1176.886855][T29126]  ? __pfx___debug_object_init+0x10/0x10
[ 1176.886912][T29126]  nci_register_device+0x511/0xb80
[ 1176.886990][T29126]  ? __pfx_nci_register_device+0x10/0x10
[ 1176.887048][T29126]  ? lockdep_init_map_type+0x5c/0x250
[ 1176.887100][T29126]  virtual_ncidev_open+0x141/0x220
[ 1176.887137][T29126]  ? __pfx_virtual_ncidev_open+0x10/0x10
[ 1176.887172][T29126]  misc_open+0x26d/0x450
[ 1176.887225][T29126]  ? __pfx_misc_open+0x10/0x10
[ 1176.887281][T29126]  chrdev_open+0x234/0x6a0
[ 1176.887313][T29126]  ? __pfx_apparmor_file_open+0x10/0x10
[ 1176.887367][T29126]  ? __pfx_chrdev_open+0x10/0x10
[ 1176.887402][T29126]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[ 1176.887467][T29126]  do_dentry_open+0x6d8/0x1660
[ 1176.887520][T29126]  ? __pfx_chrdev_open+0x10/0x10
[ 1176.887563][T29126]  vfs_open+0x82/0x3f0
[ 1176.887609][T29126]  path_openat+0x208c/0x31a0
[ 1176.887657][T29126]  ? __pfx_path_openat+0x10/0x10
[ 1176.887708][T29126]  do_file_open+0x20e/0x430
[ 1176.887746][T29126]  ? __pfx_do_file_open+0x10/0x10
[ 1176.887814][T29126]  ? alloc_fd+0x476/0x790
[ 1176.887874][T29126]  ? do_getname+0x191/0x390
[ 1176.887919][T29126]  do_sys_openat2+0x10d/0x1e0
[ 1176.887963][T29126]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1176.888022][T29126]  __x64_sys_openat+0x12d/0x210
[ 1176.888068][T29126]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1176.888127][T29126]  do_syscall_64+0x106/0xf80
[ 1176.888165][T29126]  ? clear_bhb_loop+0x40/0x90
[ 1176.888219][T29126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.888254][T29126] RIP: 0033:0x7f7fc319c629
[ 1176.888283][T29126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1176.888323][T29126] RSP: 002b:00007f7fc40b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1176.888357][T29126] RAX: ffffffffffffffda RBX: 00007f7fc3415fa0 RCX: 00007f7fc319c629
[ 1176.888379][T29126] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1176.888400][T29126] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1176.888421][T29126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1176.888441][T29126] R13: 00007f7fc3416038 R14: 00007f7fc3415fa0 R15: 00007ffdfc7b8ce8
[ 1176.888485][T29126]  </TASK>
[ 1177.767460][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.775485][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1178.891964][T29160] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7942'.
[ 1178.982764][T29160] hsr_slave_0 (unregistering): left promiscuous mode
[ 1179.192450][T29163] netlink: 13 bytes leftover after parsing attributes in process `syz.3.7943'.
[ 1179.571694][T29167] zswap: compressor  not available
[ 1180.837908][T29197] netlink: 16 bytes leftover after parsing attributes in process `syz.5.7954'.
[ 1181.157993][T29204] sp0: Synchronizing with TNC
[ 1182.177954][T29221] netlink: 330 bytes leftover after parsing attributes in process `syz.6.7961'.
[ 1182.240214][T29224] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7962'.
[ 1182.317399][T29225] netlink: 226 bytes leftover after parsing attributes in process `syz.5.7963'.
[ 1186.983204][T29275] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7978'.
[ 1187.016542][T29275] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7978'.
[ 1188.817532][T29299] [U]  
[ 1188.820956][T29299] [U] 
[ 1188.824234][T29299] [U] 
[ 1188.827507][T29299] [U] 
[ 1188.888956][T29299] [U] 
[ 1188.892314][T29299] [U] 
[ 1188.895591][T29299] [U] 
[ 1188.898853][T29299] [U] 
[ 1189.039495][T29299] [U] 
[ 1189.042830][T29299] [U] 
[ 1189.046113][T29299] [U] 
[ 1189.049418][T29299] [U] 
[ 1189.088924][T29299] [U] 
[ 1189.092185][T29299] [U] 
[ 1189.095415][T29299] [U] 
[ 1189.098650][T29299] [U] 
[ 1189.192586][T29299] [U] 
[ 1189.195909][T29299] [U] 
[ 1189.199191][T29299] [U] 
[ 1189.202488][T29299] [U] 
[ 1189.264454][T29299] [U] 
[ 1189.267801][T29299] [U] 
[ 1189.271120][T29299] [U] 
[ 1189.274390][T29299] [U] 
[ 1189.334922][T29299] [U] 
[ 1189.338256][T29299] [U] 
[ 1189.341566][T29299] [U] 
[ 1189.344849][T29299] [U] 
[ 1189.418479][T29299] [U] 
[ 1189.421798][T29299] [U] 
[ 1189.425069][T29299] [U] 
[ 1189.428343][T29299] [U] 
[ 1189.476908][T29299] [U] 
[ 1189.480237][T29299] [U] 
[ 1189.483516][T29299] [U] 
[ 1189.486839][T29299] [U] 
[ 1189.521645][T29299] [U] 
[ 1189.524990][T29299] [U] 
[ 1189.528268][T29299] [U] 
[ 1189.531540][T29299] [U] 
[ 1189.632764][T29299] [U] 
[ 1189.636103][T29299] [U] 
[ 1189.639378][T29299] [U] 
[ 1189.642649][T29299] [U] 
[ 1189.901173][T29299] [U] 
[ 1190.634995][ T5835] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9
[ 1193.454409][T29351] netlink: 13 bytes leftover after parsing attributes in process `syz.5.7999'.
[ 1194.887958][T29366] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8002'.
[ 1194.954799][T29366] netlink: 'syz.5.8002': attribute type 1 has an invalid length.
[ 1195.047118][T29366] netlink: 13 bytes leftover after parsing attributes in process `syz.5.8002'.
[ 1195.401398][T29368] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8011'.
[ 1195.449731][T29368] netlink: 'syz.5.8011': attribute type 1 has an invalid length.
[ 1195.478632][T29368] netlink: 13 bytes leftover after parsing attributes in process `syz.5.8011'.
[ 1196.131673][T29374] zswap: compressor  not available
[ 1196.442290][T29383] zswap: compressor  not available
[ 1196.893565][T29397] futex_wake_op: syz.6.8009 tries to shift op by -2048; fix this program
[ 1196.938405][T29397] futex_wake_op: syz.6.8009 tries to shift op by -2048; fix this program
[ 1198.188236][T29415] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff
[ 1198.369682][T29415] FAULT_INJECTION: forcing a failure.
[ 1198.369682][T29415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1198.435335][T29415] CPU: 0 UID: 0 PID: 29415 Comm: syz.5.8015 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1198.435390][T29415] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1198.435404][T29415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1198.435425][T29415] Call Trace:
[ 1198.435436][T29415]  <TASK>
[ 1198.435450][T29415]  dump_stack_lvl+0x100/0x190
[ 1198.435508][T29415]  should_fail_ex.cold+0x5/0xa
[ 1198.435548][T29415]  _copy_from_iter+0x1f4/0x1690
[ 1198.435613][T29415]  ? __pfx__copy_from_iter+0x10/0x10
[ 1198.435675][T29415]  ? __pfx___might_resched+0x10/0x10
[ 1198.435735][T29415]  file_tty_write.isra.0+0x45b/0x890
[ 1198.435788][T29415]  redirected_tty_write+0xd4/0x120
[ 1198.435830][T29415]  vfs_write+0x6ac/0x1070
[ 1198.435883][T29415]  ? __pfx_redirected_tty_write+0x10/0x10
[ 1198.435929][T29415]  ? __pfx_vfs_write+0x10/0x10
[ 1198.435978][T29415]  ? find_held_lock+0x2b/0x80
[ 1198.436037][T29415]  ksys_write+0x12a/0x250
[ 1198.436088][T29415]  ? __pfx_ksys_write+0x10/0x10
[ 1198.436152][T29415]  do_syscall_64+0x106/0xf80
[ 1198.436194][T29415]  ? clear_bhb_loop+0x40/0x90
[ 1198.436236][T29415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1198.436271][T29415] RIP: 0033:0x7f7fc319c629
[ 1198.436307][T29415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1198.436341][T29415] RSP: 002b:00007f7fc40b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1198.436374][T29415] RAX: ffffffffffffffda RBX: 00007f7fc3415fa0 RCX: 00007f7fc319c629
[ 1198.436397][T29415] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008
[ 1198.436419][T29415] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1198.436439][T29415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1198.436459][T29415] R13: 00007f7fc3416038 R14: 00007f7fc3415fa0 R15: 00007ffdfc7b8ce8
[ 1198.436504][T29415]  </TASK>
[ 1199.113644][T29424] netlink: 330 bytes leftover after parsing attributes in process `syz.0.8017'.
[ 1200.357651][T29438] ubi31: attaching mtd0
[ 1200.416062][T29438] ubi31: scanning is finished
[ 1200.448693][T29438] ubi31 error: ubi_read_volume_table: the layout volume was not found
[ 1200.850519][T29409] delete_channel: no stack
[ 1200.988012][T29438] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1201.971890][T29457] netlink: 86 bytes leftover after parsing attributes in process `syz.6.8025'.
[ 1202.308131][T29460] [U] 
[ 1202.311629][T29460] [U] 
[ 1202.314868][T29460] [U] 
[ 1202.318111][T29460] [U] 
[ 1202.384779][T29460] [U] 
[ 1202.388113][T29460] [U] 
[ 1202.391418][T29460] [U] 
[ 1202.394685][T29460] [U] 
[ 1202.428033][T29460] [U] 
[ 1202.431342][T29460] [U] 
[ 1202.434648][T29460] [U] 
[ 1202.438035][T29460] [U] 
[ 1202.462501][T29460] [U] 
[ 1202.465772][T29460] [U] 
[ 1202.469009][T29460] [U] 
[ 1202.472248][T29460] [U] 
[ 1202.614640][T29460] [U] 
[ 1202.617967][T29460] [U] 
[ 1202.621309][T29460] [U] 
[ 1202.624602][T29460] [U] 
[ 1202.636608][T29460] [U] 
[ 1202.639937][T29460] [U] 
[ 1202.643190][T29460] [U] 
[ 1202.646424][T29460] [U] 
[ 1202.690742][T29460] [U] 
[ 1202.694049][T29460] [U] 
[ 1202.697330][T29460] [U] 
[ 1202.700606][T29460] [U] 
[ 1202.772647][T29460] [U] 
[ 1202.775955][T29460] [U] 
[ 1202.779228][T29460] [U] 
[ 1202.782503][T29460] [U] 
[ 1202.786244][T29460] [U] 
[ 1202.789535][T29460] [U] 
[ 1202.792872][T29460] [U] 
[ 1202.796145][T29460] [U] 
[ 1202.805009][T29460] [U] 
[ 1202.808340][T29460] [U] 
[ 1202.811615][T29460] [U] 
[ 1202.814897][T29460] [U] 
[ 1202.918456][T29460] [U] 
[ 1202.921764][T29460] [U] 
[ 1202.925040][T29460] [U] 
[ 1202.928315][T29460] [U] 
[ 1202.987442][T29460] [U] 
[ 1202.990760][T29460] [U] 
[ 1202.994036][T29460] [U] 
[ 1202.997315][T29460] [U] 
[ 1203.060400][T29460] [U] 
[ 1203.063719][T29460] [U] 
[ 1203.067008][T29460] [U] 
[ 1203.070280][T29460] [U] 
[ 1203.099108][T29460] [U] 
[ 1203.102440][T29460] [U] 
[ 1203.105727][T29460] [U] 
[ 1203.109004][T29460] [U] 
[ 1203.139062][T29460] [U] 
[ 1203.142351][T29460] [U] 
[ 1203.145615][T29460] [U] 
[ 1203.148846][T29460] [U] 
[ 1203.214358][T29460] [U] 
[ 1203.217681][T29460] [U] 
[ 1203.220970][T29460] [U] 
[ 1203.224247][T29460] [U] 
[ 1203.234431][T29460] [U] 
[ 1203.237724][T29460] [U] 
[ 1203.241003][T29460] [U] 
[ 1203.244273][T29460] [U] 
[ 1203.295524][T29460] [U] 
[ 1203.298835][T29460] [U] 
[ 1203.302097][T29460] [U] 
[ 1203.305360][T29460] [U] 
[ 1203.398714][T29460] [U] 
[ 1207.377667][T29530] FAULT_INJECTION: forcing a failure.
[ 1207.377667][T29530] name failslab, interval 1, probability 0, space 0, times 0
[ 1207.446844][T29530] CPU: 0 UID: 0 PID: 29530 Comm: syz.5.8039 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1207.446905][T29530] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1207.446919][T29530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1207.446940][T29530] Call Trace:
[ 1207.446951][T29530]  <TASK>
[ 1207.446965][T29530]  dump_stack_lvl+0x100/0x190
[ 1207.447021][T29530]  should_fail_ex.cold+0x5/0xa
[ 1207.447060][T29530]  should_failslab+0xc2/0x120
[ 1207.447094][T29530]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[ 1207.447144][T29530]  ? blk_alloc_queue+0x31/0x790
[ 1207.447177][T29530]  ? rcu_is_watching+0x12/0xc0
[ 1207.447233][T29530]  blk_alloc_queue+0x31/0x790
[ 1207.447264][T29530]  ? __kmalloc_node_noprof+0x324/0x850
[ 1207.447315][T29530]  blk_mq_alloc_queue+0x174/0x290
[ 1207.447360][T29530]  ? __pfx_blk_mq_alloc_queue+0x10/0x10
[ 1207.447426][T29530]  ? blk_mq_alloc_tag_set+0xdc0/0x1260
[ 1207.447479][T29530]  __blk_mq_alloc_disk+0x29/0x120
[ 1207.447524][T29530]  loop_add+0x498/0xb60
[ 1207.447557][T29530]  ? __pfx_loop_add+0x10/0x10
[ 1207.447618][T29530]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1207.447680][T29530]  loop_control_ioctl+0xae/0x620
[ 1207.447718][T29530]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1207.447754][T29530]  ? xfd_validate_state+0x129/0x190
[ 1207.447816][T29530]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1207.447855][T29530]  __x64_sys_ioctl+0x18e/0x210
[ 1207.447905][T29530]  do_syscall_64+0x106/0xf80
[ 1207.447940][T29530]  ? clear_bhb_loop+0x40/0x90
[ 1207.447982][T29530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.448017][T29530] RIP: 0033:0x7f7fc319c629
[ 1207.448045][T29530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1207.448078][T29530] RSP: 002b:00007f7fc40b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1207.448113][T29530] RAX: ffffffffffffffda RBX: 00007f7fc3415fa0 RCX: 00007f7fc319c629
[ 1207.448136][T29530] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002
[ 1207.448158][T29530] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1207.448178][T29530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1207.448198][T29530] R13: 00007f7fc3416038 R14: 00007f7fc3415fa0 R15: 00007ffdfc7b8ce8
[ 1207.448239][T29530]  </TASK>
[ 1208.000554][T29532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8041'.
[ 1208.188488][T29545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8042'.
[ 1208.239725][T29545] netlink: 354 bytes leftover after parsing attributes in process `syz.3.8042'.
[ 1211.379291][T29592] random: crng reseeded on system resumption
[ 1211.660073][T29604] FAULT_INJECTION: forcing a failure.
[ 1211.660073][T29604] name failslab, interval 1, probability 0, space 0, times 0
[ 1211.696161][T29604] CPU: 0 UID: 0 PID: 29604 Comm: syz.3.8059 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1211.696218][T29604] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1211.696233][T29604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1211.696253][T29604] Call Trace:
[ 1211.696265][T29604]  <TASK>
[ 1211.696278][T29604]  dump_stack_lvl+0x100/0x190
[ 1211.696332][T29604]  should_fail_ex.cold+0x5/0xa
[ 1211.696372][T29604]  should_failslab+0xc2/0x120
[ 1211.696407][T29604]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1211.696448][T29604]  ? alloc_super+0x52/0xd20
[ 1211.696513][T29604]  alloc_super+0x52/0xd20
[ 1211.696564][T29604]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 1211.696604][T29604]  sget_fc+0x117/0xc70
[ 1211.696651][T29604]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 1211.696698][T29604]  ? __pfx_mqueue_fill_super+0x10/0x10
[ 1211.696738][T29604]  get_tree_nodev+0x28/0x190
[ 1211.696789][T29604]  mqueue_get_tree+0xf1/0x130
[ 1211.696830][T29604]  vfs_get_tree+0x92/0x320
[ 1211.696872][T29604]  fc_mount_longterm+0x1a/0x270
[ 1211.696919][T29604]  mq_init_ns+0x482/0x820
[ 1211.696970][T29604]  copy_ipcs+0x3dd/0x7e0
[ 1211.697020][T29604]  create_new_namespaces+0x20a/0xac0
[ 1211.697056][T29604]  ? security_capable+0x80/0x260
[ 1211.697103][T29604]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1211.697143][T29604]  ksys_unshare+0x455/0xab0
[ 1211.697186][T29604]  ? __pfx_ksys_unshare+0x10/0x10
[ 1211.697244][T29604]  __x64_sys_unshare+0x31/0x40
[ 1211.697287][T29604]  do_syscall_64+0x106/0xf80
[ 1211.697322][T29604]  ? clear_bhb_loop+0x40/0x90
[ 1211.697364][T29604]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1211.697398][T29604] RIP: 0033:0x7faf9579c629
[ 1211.697425][T29604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1211.697460][T29604] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1211.697501][T29604] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1211.697522][T29604] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[ 1211.697542][T29604] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1211.697562][T29604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1211.697581][T29604] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1211.697623][T29604]  </TASK>
[ 1212.416014][T29603] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8058'.
[ 1213.900113][T29629] sg_write: data in/out 262169/4198358 bytes for SCSI command 0x0-- guessing data in;
[ 1213.900113][T29629]    program syz.0.8070 not setting count and/or reply_len properly
[ 1213.981316][T29629] program syz.0.8070 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1214.844707][T29646] netlink: 246 bytes leftover after parsing attributes in process `syz.5.8074'.
[ 1218.075367][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[ 1218.075409][ T5835] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260
[ 1218.093818][ T5835] Bluetooth: hci3: Unknown advertising packet type: 0x7f
[ 1218.093858][ T5835] Bluetooth: hci3: adv larger than maximum supported
[ 1218.102635][ T5835] Bluetooth: hci3: adv larger than maximum supported
[ 1218.113077][ T5835] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1219.885717][T29715] netlink: 330 bytes leftover after parsing attributes in process `syz.6.8092'.
[ 1220.026312][T29715] �: renamed from bond_slave_0 (while UP)
[ 1220.202196][T29715] netlink: 330 bytes leftover after parsing attributes in process `syz.6.8092'.
[ 1221.322021][T29727] netlink: 342 bytes leftover after parsing attributes in process `syz.3.8097'.
[ 1222.158075][T29742] netlink: 'syz.0.8102': attribute type 4 has an invalid length.
[ 1222.204149][T29742] netlink: 'syz.0.8102': attribute type 5 has an invalid length.
[ 1222.244251][T29742] netlink: 10 bytes leftover after parsing attributes in process `syz.0.8102'.
[ 1223.947310][T29764] FAULT_INJECTION: forcing a failure.
[ 1223.947310][T29764] name failslab, interval 1, probability 0, space 0, times 0
[ 1223.963288][T29764] CPU: 1 UID: 0 PID: 29764 Comm: syz.0.8108 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1223.963342][T29764] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1223.963355][T29764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1223.963375][T29764] Call Trace:
[ 1223.963387][T29764]  <TASK>
[ 1223.963399][T29764]  dump_stack_lvl+0x100/0x190
[ 1223.963454][T29764]  should_fail_ex.cold+0x5/0xa
[ 1223.963493][T29764]  should_failslab+0xc2/0x120
[ 1223.963525][T29764]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1223.963567][T29764]  ? mqueue_init_fs_context+0x4b/0x690
[ 1223.963622][T29764]  mqueue_init_fs_context+0x4b/0x690
[ 1223.963691][T29764]  alloc_fs_context+0x60c/0xf40
[ 1223.963736][T29764]  mq_init_ns+0x16e/0x820
[ 1223.963786][T29764]  copy_ipcs+0x3dd/0x7e0
[ 1223.963837][T29764]  create_new_namespaces+0x20a/0xac0
[ 1223.963874][T29764]  ? security_capable+0x80/0x260
[ 1223.963922][T29764]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1223.963967][T29764]  ksys_unshare+0x455/0xab0
[ 1223.964027][T29764]  ? __pfx_ksys_unshare+0x10/0x10
[ 1223.964082][T29764]  __x64_sys_unshare+0x31/0x40
[ 1223.964123][T29764]  do_syscall_64+0x106/0xf80
[ 1223.964158][T29764]  ? clear_bhb_loop+0x40/0x90
[ 1223.964200][T29764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.964244][T29764] RIP: 0033:0x7f4429f9c629
[ 1223.964272][T29764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1223.964306][T29764] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1223.964339][T29764] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1223.964361][T29764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000
[ 1223.964382][T29764] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1223.964403][T29764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1223.964422][T29764] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1223.964465][T29764]  </TASK>
[ 1226.664648][T29794] netlink: 306 bytes leftover after parsing attributes in process `syz.0.8117'.
[ 1227.263762][T29802] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.329527][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.355737][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.457872][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.517676][T29806] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8121'.
[ 1227.570878][T29806] netlink: 'syz.3.8121': attribute type 1 has an invalid length.
[ 1227.598039][T29806] netlink: 'syz.3.8121': attribute type 6 has an invalid length.
[ 1227.740354][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.763797][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.864388][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1227.924150][T29803] netlink: 62 bytes leftover after parsing attributes in process `syz.6.8120'.
[ 1229.166933][ T5835] Bluetooth: hci5: unexpected event 0x02 length: 726 > 260
[ 1229.531430][T29834] netlink: 'syz.6.8130': attribute type 4 has an invalid length.
[ 1229.609014][T29834] netlink: 'syz.6.8130': attribute type 5 has an invalid length.
[ 1234.325175][T29896] FAULT_INJECTION: forcing a failure.
[ 1234.325175][T29896] name failslab, interval 1, probability 0, space 0, times 0
[ 1234.341348][T29896] CPU: 1 UID: 0 PID: 29896 Comm: syz.3.8148 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1234.341403][T29896] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1234.341416][T29896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1234.341438][T29896] Call Trace:
[ 1234.341450][T29896]  <TASK>
[ 1234.341464][T29896]  dump_stack_lvl+0x100/0x190
[ 1234.341526][T29896]  should_fail_ex.cold+0x5/0xa
[ 1234.341574][T29896]  should_failslab+0xc2/0x120
[ 1234.341608][T29896]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1234.341650][T29896]  ? alloc_netdev_mqs+0xe01/0x14f0
[ 1234.341699][T29896]  alloc_netdev_mqs+0xe01/0x14f0
[ 1234.341746][T29896]  ppp_ioctl+0x906/0x2800
[ 1234.341787][T29896]  ? find_held_lock+0x2b/0x80
[ 1234.341820][T29896]  ? __pfx_ppp_ioctl+0x10/0x10
[ 1234.341865][T29896]  ? __fget_files+0x21f/0x3d0
[ 1234.341923][T29896]  ? __pfx_ppp_ioctl+0x10/0x10
[ 1234.341961][T29896]  __x64_sys_ioctl+0x18e/0x210
[ 1234.342010][T29896]  do_syscall_64+0x106/0xf80
[ 1234.342046][T29896]  ? clear_bhb_loop+0x40/0x90
[ 1234.342087][T29896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1234.342140][T29896] RIP: 0033:0x7faf9579c629
[ 1234.342188][T29896] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1234.342229][T29896] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1234.342264][T29896] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1234.342287][T29896] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000008
[ 1234.342308][T29896] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1234.342328][T29896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1234.342348][T29896] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1234.342392][T29896]  </TASK>
[ 1235.324610][T29907] netlink: 'syz.3.8150': attribute type 29 has an invalid length.
[ 1235.344145][T29907] netlink: 'syz.3.8150': attribute type 30 has an invalid length.
[ 1235.353591][T29907] netlink: 'syz.3.8150': attribute type 31 has an invalid length.
[ 1235.408735][T29907] netlink: 'syz.3.8150': attribute type 32 has an invalid length.
[ 1235.446398][T29907] netlink: 'syz.3.8150': attribute type 33 has an invalid length.
[ 1235.479585][T29907] netlink: 'syz.3.8150': attribute type 35 has an invalid length.
[ 1235.494410][T29907] netlink: 'syz.3.8150': attribute type 37 has an invalid length.
[ 1235.534216][T29907] __nla_validate_parse: 22 callbacks suppressed
[ 1235.534242][T29907] netlink: 18 bytes leftover after parsing attributes in process `syz.3.8150'.
[ 1237.765433][ T5835] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1238.689153][T29943] FAULT_INJECTION: forcing a failure.
[ 1238.689153][T29943] name failslab, interval 1, probability 0, space 0, times 0
[ 1238.757654][T29943] CPU: 0 UID: 0 PID: 29943 Comm: syz.3.8156 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1238.757713][T29943] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1238.757727][T29943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1238.757749][T29943] Call Trace:
[ 1238.757760][T29943]  <TASK>
[ 1238.757775][T29943]  dump_stack_lvl+0x100/0x190
[ 1238.757831][T29943]  should_fail_ex.cold+0x5/0xa
[ 1238.757871][T29943]  should_failslab+0xc2/0x120
[ 1238.757906][T29943]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 1238.757961][T29943]  ? kstrdup_const+0x63/0x80
[ 1238.758010][T29943]  ? __pfx_string+0x10/0x10
[ 1238.758070][T29943]  kstrdup+0x51/0xe0
[ 1238.758124][T29943]  kstrdup_const+0x63/0x80
[ 1238.758175][T29943]  __kernfs_new_node+0x9b/0x960
[ 1238.758237][T29943]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1238.758296][T29943]  ? find_held_lock+0x2b/0x80
[ 1238.758329][T29943]  ? kernfs_root+0xee/0x2a0
[ 1238.758373][T29943]  ? kernfs_root+0xee/0x2a0
[ 1238.758427][T29943]  kernfs_new_node+0x11b/0x1a0
[ 1238.758485][T29943]  __kernfs_create_file+0x53/0x350
[ 1238.758527][T29943]  cgroup_addrm_files+0x4d8/0xb90
[ 1238.758599][T29943]  ? __pfx_cgroup_addrm_files+0x10/0x10
[ 1238.758677][T29943]  ? idr_replace+0xfa/0x170
[ 1238.758715][T29943]  ? __pfx_idr_replace+0x10/0x10
[ 1238.758759][T29943]  css_populate_dir+0x161/0x590
[ 1238.758806][T29943]  cgroup_apply_control_enable+0x40a/0xbd0
[ 1238.758875][T29943]  cgroup_mkdir+0x57f/0x1330
[ 1238.758935][T29943]  ? __pfx_cgroup_mkdir+0x10/0x10
[ 1238.758992][T29943]  kernfs_iop_mkdir+0x111/0x190
[ 1238.759041][T29943]  ? bpf_lsm_inode_mkdir+0x9/0x10
[ 1238.759091][T29943]  vfs_mkdir+0x361/0x850
[ 1238.759142][T29943]  filename_mkdirat+0x48b/0x5e0
[ 1238.759182][T29943]  ? __pfx_filename_mkdirat+0x10/0x10
[ 1238.759235][T29943]  ? strncpy_from_user+0x19d/0x2d0
[ 1238.759293][T29943]  ? do_getname+0x191/0x390
[ 1238.759338][T29943]  __x64_sys_mkdir+0x6b/0x90
[ 1238.759375][T29943]  do_syscall_64+0x106/0xf80
[ 1238.759411][T29943]  ? clear_bhb_loop+0x40/0x90
[ 1238.759454][T29943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.759490][T29943] RIP: 0033:0x7faf9579c629
[ 1238.759519][T29943] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1238.759555][T29943] RSP: 002b:00007faf9670e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[ 1238.759589][T29943] RAX: ffffffffffffffda RBX: 00007faf95a16090 RCX: 00007faf9579c629
[ 1238.759612][T29943] RDX: 0000000000000000 RSI: 000000000000009f RDI: 0000200000000040
[ 1238.759633][T29943] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1238.759654][T29943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1238.759674][T29943] R13: 00007faf95a16128 R14: 00007faf95a16090 R15: 00007fff768c38b8
[ 1238.759719][T29943]  </TASK>
[ 1239.094529][T29943] cgroup: cgroup_addrm_files: failed to add bfq.idle_time, err=-12
[ 1239.230013][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.237718][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1242.447309][T29990] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input24
[ 1243.125354][T30000] netlink: 25 bytes leftover after parsing attributes in process `syz.5.8167'.
[ 1243.137373][T29994] netlink: 342 bytes leftover after parsing attributes in process `syz.3.8165'.
[ 1243.485886][T29999] FAULT_INJECTION: forcing a failure.
[ 1243.485886][T29999] name failslab, interval 1, probability 0, space 0, times 0
[ 1243.534175][T29999] CPU: 1 UID: 0 PID: 29999 Comm: syz.0.8166 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1243.534235][T29999] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1243.534249][T29999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1243.534270][T29999] Call Trace:
[ 1243.534282][T29999]  <TASK>
[ 1243.534295][T29999]  dump_stack_lvl+0x100/0x190
[ 1243.534353][T29999]  should_fail_ex.cold+0x5/0xa
[ 1243.534394][T29999]  should_failslab+0xc2/0x120
[ 1243.534428][T29999]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 1243.534482][T29999]  ? kasprintf+0xc7/0x100
[ 1243.534524][T29999]  kvasprintf+0xbc/0x150
[ 1243.534580][T29999]  ? __pfx_kvasprintf+0x10/0x10
[ 1243.534639][T29999]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1243.534674][T29999]  ? lockdep_hardirqs_on+0x78/0x100
[ 1243.534712][T29999]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1243.534762][T29999]  kasprintf+0xc7/0x100
[ 1243.534793][T29999]  ? __pfx_kasprintf+0x10/0x10
[ 1243.534871][T29999]  ieee80211_alloc_led_names+0x86/0x420
[ 1243.534921][T29999]  ieee80211_alloc_hw_nm+0x1934/0x22a0
[ 1243.534974][T29999]  mac80211_hwsim_new_radio+0x1e1/0x57d0
[ 1243.535040][T29999]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1243.535100][T29999]  ? __nla_validate_parse+0x1e7/0x28b0
[ 1243.535143][T29999]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1243.535204][T29999]  hwsim_new_radio_nl+0xc1f/0x1340
[ 1243.535253][T29999]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1243.535312][T29999]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280
[ 1243.535364][T29999]  ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280
[ 1243.535424][T29999]  genl_family_rcv_msg_doit+0x214/0x300
[ 1243.535478][T29999]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1243.535528][T29999]  ? genl_get_cmd+0x3ef/0x720
[ 1243.535584][T29999]  ? bpf_lsm_capable+0x9/0x10
[ 1243.535617][T29999]  ? security_capable+0x80/0x260
[ 1243.535661][T29999]  ? ns_capable+0xd2/0xf0
[ 1243.535698][T29999]  genl_rcv_msg+0x560/0x800
[ 1243.535758][T29999]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1243.535808][T29999]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1243.535872][T29999]  netlink_rcv_skb+0x159/0x420
[ 1243.535916][T29999]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1243.535967][T29999]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1243.536027][T29999]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1243.536074][T29999]  genl_rcv+0x28/0x40
[ 1243.536114][T29999]  netlink_unicast+0x5aa/0x870
[ 1243.536162][T29999]  ? __pfx_netlink_unicast+0x10/0x10
[ 1243.536218][T29999]  netlink_sendmsg+0x8b0/0xda0
[ 1243.536264][T29999]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1243.536303][T29999]  ? __import_iovec+0x1d2/0x640
[ 1243.536359][T29999]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[ 1243.536412][T29999]  ____sys_sendmsg+0xa54/0xc30
[ 1243.536465][T29999]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1243.536523][T29999]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1243.536583][T29999]  ___sys_sendmsg+0x190/0x1e0
[ 1243.536636][T29999]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1243.536734][T29999]  __sys_sendmsg+0x170/0x220
[ 1243.536784][T29999]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1243.536821][T29999]  ? __x64_sys_futex+0x34f/0x4d0
[ 1243.536890][T29999]  do_syscall_64+0x106/0xf80
[ 1243.536927][T29999]  ? clear_bhb_loop+0x40/0x90
[ 1243.536979][T29999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1243.537012][T29999] RIP: 0033:0x7f4429f9c629
[ 1243.537038][T29999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1243.537070][T29999] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1243.537102][T29999] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1243.537123][T29999] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[ 1243.537144][T29999] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1243.537165][T29999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1243.537185][T29999] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1243.537228][T29999]  </TASK>
[ 1244.526907][T30011] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8171'.
[ 1245.043453][T30021] netlink: 186 bytes leftover after parsing attributes in process `syz.3.8175'.
[ 1245.745970][T30035] netlink: 'syz.6.8179': attribute type 1 has an invalid length.
[ 1245.787366][T30035] netlink: 306 bytes leftover after parsing attributes in process `syz.6.8179'.
[ 1245.957991][T30040] FAULT_INJECTION: forcing a failure.
[ 1245.957991][T30040] name failslab, interval 1, probability 0, space 0, times 0
[ 1246.104833][T30040] CPU: 0 UID: 0 PID: 30040 Comm: syz.5.8181 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1246.104893][T30040] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1246.104906][T30040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1246.104928][T30040] Call Trace:
[ 1246.104940][T30040]  <TASK>
[ 1246.104953][T30040]  dump_stack_lvl+0x100/0x190
[ 1246.105010][T30040]  should_fail_ex.cold+0x5/0xa
[ 1246.105051][T30040]  should_failslab+0xc2/0x120
[ 1246.105085][T30040]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1246.105139][T30040]  ? tracing_log_err+0x4c1/0x6d0
[ 1246.105199][T30040]  tracing_log_err+0x4c1/0x6d0
[ 1246.105256][T30040]  append_filter_err+0x399/0x620
[ 1246.105313][T30040]  apply_subsystem_event_filter+0x73d/0x17d0
[ 1246.105385][T30040]  ? __pfx_apply_subsystem_event_filter+0x10/0x10
[ 1246.105446][T30040]  ? _copy_from_user+0x59/0xd0
[ 1246.105503][T30040]  ? __pfx_subsystem_filter_write+0x10/0x10
[ 1246.105562][T30040]  subsystem_filter_write+0x95/0x120
[ 1246.105617][T30040]  vfs_writev+0x5ea/0xe10
[ 1246.105664][T30040]  ? rcu_is_watching+0x12/0xc0
[ 1246.105725][T30040]  ? __pfx_vfs_writev+0x10/0x10
[ 1246.105770][T30040]  ? fdget_pos+0x2aa/0x380
[ 1246.105834][T30040]  ? __fget_files+0x21f/0x3d0
[ 1246.105897][T30040]  ? do_writev+0x13e/0x340
[ 1246.105942][T30040]  do_writev+0x13e/0x340
[ 1246.105991][T30040]  ? __pfx_do_writev+0x10/0x10
[ 1246.106053][T30040]  do_syscall_64+0x106/0xf80
[ 1246.106089][T30040]  ? clear_bhb_loop+0x40/0x90
[ 1246.106131][T30040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1246.106185][T30040] RIP: 0033:0x7f7fc319c629
[ 1246.106213][T30040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1246.106249][T30040] RSP: 002b:00007f7fc4093028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1246.106283][T30040] RAX: ffffffffffffffda RBX: 00007f7fc3416090 RCX: 00007f7fc319c629
[ 1246.106306][T30040] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000006
[ 1246.106327][T30040] RBP: 00007f7fc3232b39 R08: 0000000000000000 R09: 0000000000000000
[ 1246.106349][T30040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1246.106369][T30040] R13: 00007f7fc3416128 R14: 00007f7fc3416090 R15: 00007ffdfc7b8ce8
[ 1246.106415][T30040]  </TASK>
[ 1248.547376][T30077] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8191'.
[ 1248.586226][T30077] netlink: 17 bytes leftover after parsing attributes in process `syz.6.8191'.
[ 1248.609433][T30070] [U] ^\
[ 1249.213534][T30085] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[ 1253.050610][T30132] netlink: 'syz.3.8206': attribute type 10 has an invalid length.
[ 1253.092328][T30132] netlink: 330 bytes leftover after parsing attributes in process `syz.3.8206'.
[ 1253.729191][T30144] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8211'.
[ 1253.762345][T30144] i: entered promiscuous mode
[ 1253.841194][T30144] HfR: entered promiscuous mode
[ 1254.275611][T30152] FAULT_INJECTION: forcing a failure.
[ 1254.275611][T30152] name failslab, interval 1, probability 0, space 0, times 0
[ 1254.334501][T30152] CPU: 0 UID: 0 PID: 30152 Comm: syz.3.8213 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1254.334557][T30152] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1254.334570][T30152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1254.334600][T30152] Call Trace:
[ 1254.334611][T30152]  <TASK>
[ 1254.334624][T30152]  dump_stack_lvl+0x100/0x190
[ 1254.334681][T30152]  should_fail_ex.cold+0x5/0xa
[ 1254.334719][T30152]  should_failslab+0xc2/0x120
[ 1254.334751][T30152]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1254.334799][T30152]  ? __kernfs_new_node+0xd2/0x960
[ 1254.334852][T30152]  __kernfs_new_node+0xd2/0x960
[ 1254.334921][T30152]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1254.334988][T30152]  ? find_held_lock+0x2b/0x80
[ 1254.335017][T30152]  ? kernfs_root+0xee/0x2a0
[ 1254.335076][T30152]  ? kernfs_root+0xee/0x2a0
[ 1254.335130][T30152]  kernfs_new_node+0x11b/0x1a0
[ 1254.335188][T30152]  __kernfs_create_file+0x53/0x350
[ 1254.335230][T30152]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1254.335294][T30152]  internal_create_group+0x593/0xf40
[ 1254.335351][T30152]  ? __pfx_internal_create_group+0x10/0x10
[ 1254.335405][T30152]  ? kernfs_create_link+0x1bd/0x240
[ 1254.335446][T30152]  internal_create_groups+0x9d/0x150
[ 1254.335496][T30152]  device_add+0xf5b/0x1950
[ 1254.335571][T30152]  ? __pfx_device_add+0x10/0x10
[ 1254.335636][T30152]  ? lockdep_init_map_type+0x5c/0x250
[ 1254.335680][T30152]  ? __init_waitqueue_head+0xca/0x150
[ 1254.335739][T30152]  wakeup_source_device_create+0x243/0x2e0
[ 1254.335801][T30152]  wakeup_source_sysfs_add+0x1c/0x90
[ 1254.335852][T30152]  wakeup_source_register+0x154/0x3e0
[ 1254.335899][T30152]  device_wakeup_enable+0xce/0x2e0
[ 1254.335948][T30152]  device_set_wakeup_enable+0xfb/0x120
[ 1254.335997][T30152]  usb_hcd_submit_urb+0x770/0x2150
[ 1254.336060][T30152]  usb_submit_urb+0x8aa/0x1910
[ 1254.336122][T30152]  ? __init_swait_queue_head+0xca/0x150
[ 1254.336179][T30152]  usbfs_start_wait_urb+0x127/0x3d0
[ 1254.336231][T30152]  ? __pfx_usbfs_start_wait_urb+0x10/0x10
[ 1254.336303][T30152]  do_proc_control+0x7e1/0xe50
[ 1254.336361][T30152]  ? __pfx_do_proc_control+0x10/0x10
[ 1254.336425][T30152]  usbdev_ioctl+0x1a28/0x3aa0
[ 1254.336484][T30152]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1254.336548][T30152]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1254.336620][T30152]  ? do_vfs_ioctl+0x226/0x13e0
[ 1254.336685][T30152]  ? find_held_lock+0x2b/0x80
[ 1254.336715][T30152]  ? __fget_files+0x215/0x3d0
[ 1254.336766][T30152]  ? hook_file_ioctl_common+0x146/0x410
[ 1254.336829][T30152]  ? __fget_files+0x21f/0x3d0
[ 1254.336886][T30152]  ? __pfx_usbdev_ioctl+0x10/0x10
[ 1254.336938][T30152]  __x64_sys_ioctl+0x18e/0x210
[ 1254.336987][T30152]  do_syscall_64+0x106/0xf80
[ 1254.337025][T30152]  ? clear_bhb_loop+0x40/0x90
[ 1254.337068][T30152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.337105][T30152] RIP: 0033:0x7faf9579c629
[ 1254.337135][T30152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1254.337171][T30152] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1254.337207][T30152] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1254.337231][T30152] RDX: 0000200000000000 RSI: 00000000c0185500 RDI: 0000000000000008
[ 1254.337253][T30152] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1254.337274][T30152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1254.337294][T30152] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1254.337338][T30152]  </TASK>
[ 1255.016515][ T5835] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5
[ 1259.909967][T30201] futex_wake_op: syz.5.8228 tries to shift op by -2048; fix this program
[ 1259.954313][T30201] futex_wake_op: syz.5.8228 tries to shift op by -2048; fix this program
[ 1259.995384][T30201] 0x000000000001-0x000000020000 : ""
[ 1260.045397][T30201] ftl_cs: FTL header corrupt!
[ 1260.494259][T30210] serio: Serial port ttyS0
[ 1261.150407][T30217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8230'.
[ 1261.280930][T30217] netlink: 'syz.3.8230': attribute type 1 has an invalid length.
[ 1261.355196][T30217] netlink: 'syz.3.8230': attribute type 6 has an invalid length.
[ 1269.051017][T30292] FAULT_INJECTION: forcing a failure.
[ 1269.051017][T30292] name failslab, interval 1, probability 0, space 0, times 0
[ 1269.239916][T30292] CPU: 0 UID: 0 PID: 30292 Comm: syz.3.8250 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1269.239971][T30292] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1269.239981][T30292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1269.239996][T30292] Call Trace:
[ 1269.240006][T30292]  <TASK>
[ 1269.240016][T30292]  dump_stack_lvl+0x100/0x190
[ 1269.240056][T30292]  should_fail_ex.cold+0x5/0xa
[ 1269.240085][T30292]  should_failslab+0xc2/0x120
[ 1269.240109][T30292]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1269.240144][T30292]  ? vm_area_dup+0x27/0x8e0
[ 1269.240180][T30292]  vm_area_dup+0x27/0x8e0
[ 1269.240212][T30292]  __split_vma+0x18c/0xd90
[ 1269.240248][T30292]  ? __pfx___split_vma+0x10/0x10
[ 1269.240278][T30292]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1269.240310][T30292]  ? lockdep_hardirqs_on+0x78/0x100
[ 1269.240352][T30292]  vma_modify+0x1121/0x2250
[ 1269.240392][T30292]  ? __pfx_vma_modify+0x10/0x10
[ 1269.240432][T30292]  vma_modify_flags+0x257/0x3d0
[ 1269.240468][T30292]  ? __pfx_vma_modify_flags+0x10/0x10
[ 1269.240514][T30292]  ? mtree_range_walk+0x6ce/0xcd0
[ 1269.240563][T30292]  mlock_fixup+0x302/0xf00
[ 1269.240599][T30292]  ? __pfx_mlock_fixup+0x10/0x10
[ 1269.240652][T30292]  apply_vma_lock_flags+0x256/0x370
[ 1269.240687][T30292]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[ 1269.240720][T30292]  ? __pfx___might_resched+0x10/0x10
[ 1269.240761][T30292]  ? __pfx_down_write_killable+0x10/0x10
[ 1269.240794][T30292]  ? do_futex+0x192/0x350
[ 1269.240826][T30292]  do_mlock+0x261/0x7f0
[ 1269.240864][T30292]  ? __pfx_do_mlock+0x10/0x10
[ 1269.240894][T30292]  ? __x64_sys_futex+0x34f/0x4d0
[ 1269.240924][T30292]  ? __x64_sys_futex+0x358/0x4d0
[ 1269.240955][T30292]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1269.240978][T30292]  ? xfd_validate_state+0x129/0x190
[ 1269.241020][T30292]  __x64_sys_mlock+0x59/0x80
[ 1269.241053][T30292]  do_syscall_64+0x106/0xf80
[ 1269.241079][T30292]  ? clear_bhb_loop+0x40/0x90
[ 1269.241107][T30292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.241132][T30292] RIP: 0033:0x7faf9579c629
[ 1269.241152][T30292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1269.241176][T30292] RSP: 002b:00007faf9672f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[ 1269.241198][T30292] RAX: ffffffffffffffda RBX: 00007faf95a15fa0 RCX: 00007faf9579c629
[ 1269.241215][T30292] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8
[ 1269.241229][T30292] RBP: 00007faf95832b39 R08: 0000000000000000 R09: 0000000000000000
[ 1269.241244][T30292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1269.241259][T30292] R13: 00007faf95a16038 R14: 00007faf95a15fa0 R15: 00007fff768c38b8
[ 1269.241290][T30292]  </TASK>
[ 1270.244124][ T5835] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1273.560917][T30328] Line length is too long: Should be less than 4094
[ 1276.772772][T30359] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8265'.
[ 1276.806951][T30359] netlink: 354 bytes leftover after parsing attributes in process `syz.6.8265'.
[ 1278.572885][T30373] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1280.603824][T30392] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8273'.
[ 1280.633780][T30390] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967104 (549755789312 ns) > initial count (26496 ns). Using initial count to start timer.
[ 1281.652173][T30407] netlink: 'syz.3.8279': attribute type 4 has an invalid length.
[ 1281.661786][T30407] netlink: 'syz.3.8279': attribute type 5 has an invalid length.
[ 1281.675455][T30407] netlink: 10 bytes leftover after parsing attributes in process `syz.3.8279'.
[ 1282.192213][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.223031][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.250004][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.274560][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.332490][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.422529][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.477000][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.547227][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.589953][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.643221][T30415] Dead loop on virtual device ip6_vti0, fix it urgently!
[ 1282.917756][T30423] Loading of unsigned module is rejected
[ 1283.139895][T30426] netlink: 25 bytes leftover after parsing attributes in process `syz.6.8285'.
[ 1285.052564][T30445] netlink: 186 bytes leftover after parsing attributes in process `syz.6.8289'.
[ 1285.104458][T30442] can: request_module (can-proto-5) failed.
[ 1287.970414][T30476] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1288.111954][T30476] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1288.188644][T30485] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8298'.
[ 1288.190883][T30476] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1288.457576][T30476] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1288.735522][T30476] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1288.829551][T30476] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1289.000255][T30476] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1290.006912][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[ 1290.164479][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1290.244059][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1290.381295][T30502] input: f�
 as /devices/virtual/input/input26
[ 1290.804087][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[ 1292.026807][T30520] futex_wake_op: syz.0.8307 tries to shift op by -2048; fix this program
[ 1292.094554][T30520] futex_wake_op: syz.0.8307 tries to shift op by -2048; fix this program
[ 1292.326758][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1292.884024][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[ 1293.134387][T30537] netlink: 504 bytes leftover after parsing attributes in process `syz.6.8312'.
[ 1293.240027][T30537] netlink: 350 bytes leftover after parsing attributes in process `syz.6.8312'.
[ 1293.852155][T30543] Loading of unsigned module is rejected
[ 1294.964267][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[ 1295.762146][T30576] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8323'.
[ 1295.819313][T30576] bridge_slave_1: left allmulticast mode
[ 1295.846948][T30576] bridge_slave_1: left promiscuous mode
[ 1295.904685][T30576] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1295.982186][T30576] bridge_slave_0: left allmulticast mode
[ 1296.051521][T30576] bridge_slave_0: left promiscuous mode
[ 1296.092039][T30576] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1298.159908][T30609] FAULT_INJECTION: forcing a failure.
[ 1298.159908][T30609] name failslab, interval 1, probability 0, space 0, times 0
[ 1298.254293][T30609] CPU: 0 UID: 0 PID: 30609 Comm: syz.0.8332 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1298.254346][T30609] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1298.254359][T30609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1298.254378][T30609] Call Trace:
[ 1298.254389][T30609]  <TASK>
[ 1298.254401][T30609]  dump_stack_lvl+0x100/0x190
[ 1298.254456][T30609]  should_fail_ex.cold+0x5/0xa
[ 1298.254493][T30609]  should_failslab+0xc2/0x120
[ 1298.254524][T30609]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[ 1298.254573][T30609]  ? sctp_sysctl_net_register+0x30/0x200
[ 1298.254616][T30609]  ? __pfx_sctp_defaults_init+0x10/0x10
[ 1298.254652][T30609]  kmemdup_noprof+0x29/0x60
[ 1298.254699][T30609]  sctp_sysctl_net_register+0x30/0x200
[ 1298.254736][T30609]  ? __pfx_sctp_defaults_init+0x10/0x10
[ 1298.254771][T30609]  sctp_defaults_init+0x6d2/0xd90
[ 1298.254807][T30609]  ? __pfx_sctp_defaults_init+0x10/0x10
[ 1298.254843][T30609]  ops_init+0x1e2/0x5f0
[ 1298.254883][T30609]  setup_net+0x118/0x3a0
[ 1298.254922][T30609]  ? __pfx_setup_net+0x10/0x10
[ 1298.254957][T30609]  ? lockdep_init_map_type+0x5c/0x250
[ 1298.254999][T30609]  ? mutex_init_lockep+0x110/0x150
[ 1298.255047][T30609]  copy_net_ns+0x46f/0x7c0
[ 1298.255091][T30609]  create_new_namespaces+0x3ea/0xac0
[ 1298.255132][T30609]  unshare_nsproxy_namespaces+0xc3/0x1f0
[ 1298.255196][T30609]  ksys_unshare+0x455/0xab0
[ 1298.255242][T30609]  ? __pfx_ksys_unshare+0x10/0x10
[ 1298.255300][T30609]  __x64_sys_unshare+0x31/0x40
[ 1298.255342][T30609]  do_syscall_64+0x106/0xf80
[ 1298.255378][T30609]  ? clear_bhb_loop+0x40/0x90
[ 1298.255419][T30609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1298.255454][T30609] RIP: 0033:0x7f4429f9c629
[ 1298.255483][T30609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1298.255517][T30609] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[ 1298.255550][T30609] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1298.255573][T30609] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[ 1298.255594][T30609] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1298.255613][T30609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1298.255632][T30609] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1298.255673][T30609]  </TASK>
[ 1299.360327][T30638] Loading of unsigned module is rejected
[ 1300.558471][T30656] netlink: 330 bytes leftover after parsing attributes in process `syz.5.8343'.
[ 1300.647362][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.660710][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.692945][T30653] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8342'.
[ 1300.855553][T30658] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8342'.
[ 1301.575397][T30672] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.8346'.
[ 1302.940043][T30690] : Can't lookup blockdev
[ 1303.289550][T30696] vcan0: tx drop: invalid sa for name 0x00000000000000fd
[ 1303.698468][T30704] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8353'.
[ 1303.843565][T30699] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8353'.
[ 1304.129050][T30707] netlink: 330 bytes leftover after parsing attributes in process `syz.3.8356'.
[ 1310.822815][T30794] netlink: 5 bytes leftover after parsing attributes in process `syz.0.8378'.
[ 1310.904432][T30794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8378'.
[ 1313.352363][T30822] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8392'.
[ 1319.087814][T30888] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8402'.
[ 1319.354341][T30888] veth1_macvtap: left promiscuous mode
[ 1320.347150][T30891] netlink: 206 bytes leftover after parsing attributes in process `syz.5.8403'.
[ 1321.408380][T30919] netlink: 186 bytes leftover after parsing attributes in process `syz.0.8409'.
[ 1321.994542][T30932] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8414'.
[ 1326.881481][T31001] netlink: 'syz.3.8434': attribute type 3 has an invalid length.
[ 1326.911596][T31001] netlink: 306 bytes leftover after parsing attributes in process `syz.3.8434'.
[ 1330.878470][T31049] tipc: Withdrawal distribution failure
[ 1331.614612][T31070] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8453'.
[ 1331.635677][T31057] netlink: 206 bytes leftover after parsing attributes in process `syz.3.8450'.
[ 1331.707314][T31070] bridge_slave_1 (unregistering): left allmulticast mode
[ 1331.769730][T31070] bridge_slave_1 (unregistering): left promiscuous mode
[ 1331.841964][T31070] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1332.124869][T31072] netlink: 50 bytes leftover after parsing attributes in process `syz.6.8455'.
[ 1333.064827][T31086] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1333.122869][T31084] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8460'.
[ 1334.985291][T31110] netlink: 186 bytes leftover after parsing attributes in process `syz.0.8467'.
[ 1335.385001][T31115] FAULT_INJECTION: forcing a failure.
[ 1335.385001][T31115] name failslab, interval 1, probability 0, space 0, times 0
[ 1335.447065][T31115] CPU: 1 UID: 0 PID: 31115 Comm: syz.0.8469 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1335.447124][T31115] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1335.447137][T31115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1335.447157][T31115] Call Trace:
[ 1335.447168][T31115]  <TASK>
[ 1335.447182][T31115]  dump_stack_lvl+0x100/0x190
[ 1335.447238][T31115]  should_fail_ex.cold+0x5/0xa
[ 1335.447280][T31115]  should_failslab+0xc2/0x120
[ 1335.447313][T31115]  __kmalloc_cache_noprof+0x7a/0x6f0
[ 1335.447355][T31115]  ? watch_queue_init+0x45/0x170
[ 1335.447403][T31115]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1335.447461][T31115]  watch_queue_init+0x45/0x170
[ 1335.447513][T31115]  create_pipe_files+0x672/0x970
[ 1335.447551][T31115]  do_pipe2+0xbd/0x1e0
[ 1335.447582][T31115]  ? __pfx_do_pipe2+0x10/0x10
[ 1335.447613][T31115]  ? xfd_validate_state+0x129/0x190
[ 1335.447674][T31115]  __x64_sys_pipe2+0x54/0x80
[ 1335.447708][T31115]  do_syscall_64+0x106/0xf80
[ 1335.447747][T31115]  ? clear_bhb_loop+0x40/0x90
[ 1335.447790][T31115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.447825][T31115] RIP: 0033:0x7f4429f9c629
[ 1335.447866][T31115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1335.447912][T31115] RSP: 002b:00007f442aed0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125
[ 1335.447945][T31115] RAX: ffffffffffffffda RBX: 00007f442a215fa0 RCX: 00007f4429f9c629
[ 1335.447969][T31115] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000
[ 1335.447990][T31115] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1335.448010][T31115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1335.448029][T31115] R13: 00007f442a216038 R14: 00007f442a215fa0 R15: 00007fff235f7be8
[ 1335.448071][T31115]  </TASK>
[ 1337.877999][T31134] kexec: Could not allocate control_code_buffer
[ 1337.890165][T31151] netlink: 62 bytes leftover after parsing attributes in process `syz.0.8477'.
[ 1341.284120][T19143] Bluetooth: hci1: command 0x1003 tx timeout
[ 1341.294008][ T5835] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1341.439275][T31200] HSR: entered promiscuous mode
[ 1341.776461][T31195] syz.5.8486(31195): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[ 1342.062582][T31216] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8492'.
[ 1343.711962][T31219] delete_channel: no stack
[ 1350.569913][T31307] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8514'.
[ 1350.869321][T31307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1350.898515][T31309] netlink: 'syz.0.8515': attribute type 4 has an invalid length.
[ 1350.967776][T31309] netlink: 314 bytes leftover after parsing attributes in process `syz.0.8515'.
[ 1351.114983][T31307] bridge_slave_1 (unregistering): left allmulticast mode
[ 1351.305706][T31307] bridge_slave_1 (unregistering): left promiscuous mode
[ 1351.307334][T31313] netlink: 354 bytes leftover after parsing attributes in process `syz.0.8516'.
[ 1351.478171][T31307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1355.621860][ T5835] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1357.059359][T31373] random: crng reseeded on system resumption
[ 1358.745183][T31389] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8533'.
[ 1359.101555][T31392] block2mtd: Using custom MTD label '' for dev 
[ 1359.144167][T31392] block2mtd: error: cannot open device 
[ 1362.089580][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.097280][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1365.242036][T31464] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8553'.
[ 1365.276680][T31464] netlink: 354 bytes leftover after parsing attributes in process `syz.5.8553'.
[ 1366.723679][T31459] delete_channel: no stack
[ 1367.615165][T31491] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma?
[ 1369.295200][T31520] netlink: 5 bytes leftover after parsing attributes in process `syz.6.8568'.
[ 1369.396828][T31493] kexec: Could not allocate control_code_buffer
[ 1370.149565][T31531] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8572'.
[ 1373.134059][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ca37800: rx timeout, send abort
[ 1373.152322][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88802ca37800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1375.153467][T31581] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1375.244462][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ca36c00: rx timeout, send abort
[ 1375.717852][T31594] device-mapper: ioctl: Unable to rename non-existent device,  to uuid �
[ 1375.754511][    C1] vcan0: j1939_tp_rxtimer: 0xffff88802ca36c00: abort rx timeout. Force session deactivation
[ 1376.547168][T31602] Loading of unsigned module is rejected
[ 1378.021287][T31617] kAFS: Invalid Command on /proc/fs/afs/cells file
[ 1381.646224][T31656] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8600'.
[ 1382.534296][T31658] tipc: Started in network mode
[ 1382.544951][T31658] tipc: Node identity ee00, cluster identity 4711
[ 1382.552742][T31658] tipc: Node number set to 60928
[ 1383.048657][T31670] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8605'.
[ 1385.364606][ T5835] Bluetooth: hci1: command 0x1003 tx timeout
[ 1385.367927][T19143] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1386.593541][T31717] netlink: 17 bytes leftover after parsing attributes in process `syz.6.8620'.
[ 1387.717074][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880367b9000: rx timeout, send abort
[ 1388.227052][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880367b9000: abort rx timeout. Force session deactivation
[ 1388.426996][T31735] netlink: 30 bytes leftover after parsing attributes in process `syz.5.8626'.
[ 1389.103637][T31750] netlink: 98 bytes leftover after parsing attributes in process `syz.3.8630'.
[ 1390.979928][T31775] netlink: 25 bytes leftover after parsing attributes in process `syz.3.8636'.
[ 1395.864715][T31841] netlink: 98 bytes leftover after parsing attributes in process `syz.5.8651'.
[ 1397.140952][T31853] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8654'.
[ 1398.521723][T19143] Bluetooth: hci3: ACL packet for unknown connection handle 0
[ 1400.672566][T31916] Loading of unsigned module is rejected
[ 1401.414687][T31925] binder: 31922:31925 ioctl c0306201 0 returned -14
[ 1403.342681][T31947] ptrace attach of "./syz-executor exec"[19130] was attempted by "���i�_�'���S�ZN���s��>拠��4���φ㎈��k+3�W�fn\x0d�M}�q߷)C\x09W�[ �eY�9�Ý���\x0a&��[����nۙ�C�\x5cH��&j�(4-\x5c\x09��ǟ�k�kP�` ,��+N]�Grs�a���\x0bՑ
~�W�]s��S�a�}�SUo�sIqaN�Z�0.3�'����m�C�.��^6Ct��S�X~��4�F�[c�\x1b�/#Js]R\x0a�D%G��$�{<\x07�4Cg�w^���Ǧ�fhR��S8�E\x0b7Ci�\x0b�mW�nC�.�VsO/�y��m�ك�0����W\x0d:ԭ��{L��1>[�3.���'�����e����j8m��3K�_�V�@NۜT�A:�D��\x5c�����X�!���đ�oU�\x0d�B��yC*�^�Av>�?���b���>�����i=�f0ΜH��rځ綨9Cf\x0b;�(�}��o*�n�q7�4tB^Q�~x!��ꁢ>e�9lP�j pd!(F+,o5%:�0h��7�VVҚ����z
z\x0a `w���vs����M��§�\x0b4S#�5���uY��8��AÙ�:�����j_�ur���EVz�@�PR\x1b�R�,�㾏H�1M\x22YbV?l+P��#d����H��!���@I\x1b&�]��ε��?b[5[�\x0a{>�L�
�֋qp����|\x0c�VF��e������,�ihd�q�9M�qHq��/�(����!�o�E�]d�`���N_}+�E���9s'i�d�q��6�����_U70
�s\x0d��i���,H��1֏��ׁn������VB�q=Mw\x0b��ӫ����#s�63� ���\x0b\x0b ��w ��Z�=�6}38�ň�~���Dٕ/�΍K�1'W�y*-���,e�Bf�)�Gp��CK�i��\x
[ 1407.547852][T32006] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8695'.
[ 1408.021568][T32013] netlink: 17 bytes leftover after parsing attributes in process `syz.6.8697'.
[ 1409.387246][T32039] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8705'.
[ 1411.624523][T32068] FAULT_INJECTION: forcing a failure.
[ 1411.624523][T32068] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.652062][T32068] CPU: 0 UID: 0 PID: 32068 Comm: syz.0.8711 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1411.652119][T32068] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1411.652133][T32068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1411.652158][T32068] Call Trace:
[ 1411.652169][T32068]  <TASK>
[ 1411.652183][T32068]  dump_stack_lvl+0x100/0x190
[ 1411.652259][T32068]  should_fail_ex.cold+0x5/0xa
[ 1411.652297][T32068]  ? sk_prot_alloc+0x10b/0x2a0
[ 1411.652340][T32068]  should_failslab+0xc2/0x120
[ 1411.652371][T32068]  __kmalloc_noprof+0xe0/0x850
[ 1411.652429][T32068]  sk_prot_alloc+0x10b/0x2a0
[ 1411.652479][T32068]  sk_alloc+0x36/0xe80
[ 1411.652526][T32068]  __netlink_create+0x5e/0x2c0
[ 1411.652558][T32068]  ? __wake_up+0x3f/0x60
[ 1411.652597][T32068]  netlink_create+0x293/0x610
[ 1411.652632][T32068]  ? __pfx_genl_bind+0x10/0x10
[ 1411.652674][T32068]  ? __pfx_genl_unbind+0x10/0x10
[ 1411.652724][T32068]  ? __pfx_genl_release+0x10/0x10
[ 1411.652775][T32068]  __sock_create+0x339/0x860
[ 1411.652829][T32068]  __sys_socket+0x14d/0x260
[ 1411.652877][T32068]  ? exc_page_fault+0x6f/0xd0
[ 1411.652914][T32068]  ? __pfx___sys_socket+0x10/0x10
[ 1411.652969][T32068]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1411.653031][T32068]  __x64_sys_socket+0x72/0xb0
[ 1411.653080][T32068]  ? lockdep_hardirqs_on+0x78/0x100
[ 1411.653118][T32068]  do_syscall_64+0x106/0xf80
[ 1411.653154][T32068]  ? clear_bhb_loop+0x40/0x90
[ 1411.653196][T32068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.653231][T32068] RIP: 0033:0x7f4429f9dec7
[ 1411.653271][T32068] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1411.653307][T32068] RSP: 002b:00007f442ae6bf98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[ 1411.653345][T32068] RAX: ffffffffffffffda RBX: 00007f442a216270 RCX: 00007f4429f9dec7
[ 1411.653369][T32068] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[ 1411.653389][T32068] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[ 1411.653410][T32068] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000
[ 1411.653430][T32068] R13: 00007f442a216308 R14: 00007f442a216270 R15: 00007fff235f7be8
[ 1411.653473][T32068]  </TASK>
[ 1417.182533][T32146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8732'.
[ 1417.246230][T32152] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8732'.
[ 1418.047346][T32164] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8737'.
[ 1418.098922][T32164] netlink: 354 bytes leftover after parsing attributes in process `syz.0.8737'.
[ 1419.940512][T32195] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8747'.
[ 1423.466889][T32243] netlink: 'syz.6.8758': attribute type 2 has an invalid length.
[ 1423.534514][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.542701][T32243] netlink: 5 bytes leftover after parsing attributes in process `syz.6.8758'.
[ 1423.544122][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1426.552504][T32282] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8775'.
[ 1428.629727][T32296] Loading of unsigned module is rejected
[ 1442.199515][T32459] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8801'.
[ 1444.230375][T32470] zswap: compressor  not available
[ 1444.249755][T32475] netlink: 326 bytes leftover after parsing attributes in process `syz.6.8806'.
[ 1444.855427][T19143] Bluetooth: hci5: ACL packet too small
[ 1451.464748][T32557] zswap: compressor  not available
[ 1454.566538][T32594] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8832'.
[ 1454.645367][T32594] netlink: 354 bytes leftover after parsing attributes in process `syz.5.8832'.
[ 1455.239826][T32610] netlink: 24 bytes leftover after parsing attributes in process `syz.6.8836'.
[ 1456.295148][T32619] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8838'.
[ 1456.327551][T32626] netlink: 28 bytes leftover after parsing attributes in process `syz.5.8841'.
[ 1456.361551][T32620] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8838'.
[ 1456.607449][T32624] futex_wake_op: syz.3.8840 tries to shift op by -1; fix this program
[ 1457.811169][T32648] netlink: 24 bytes leftover after parsing attributes in process `syz.5.8846'.
[ 1458.177927][T32654] Falling back ldisc for pty155.
[ 1459.210693][T32669] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8853'.
[ 1461.627509][T32692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8859'.
[ 1462.934780][T32713] netlink: 28 bytes leftover after parsing attributes in process `syz.6.8865'.
[ 1466.776212][T32740] HfR: entered promiscuous mode
[ 1466.788604][T32740] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8874'.
[ 1466.807817][T32740] HfR: left promiscuous mode
[ 1467.752436][T32761] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8876'.
[ 1471.147413][  T327] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8887'.
[ 1473.489547][  T363] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8894'.
[ 1474.568652][  T387] serio: Serial port ttyS0
[ 1474.792563][  T385] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1476.713580][  T418] sd 0:0:1:0: PR command failed: 1026
[ 1476.741726][  T418] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[ 1476.750390][  T418] sd 0:0:1:0: Add. Sense: Invalid command operation code
[ 1476.847542][  T418] can0: slcan on ttyS2.
[ 1477.225397][  T417] can0 (unregistered): slcan off ttyS2.
[ 1478.475291][  T452] Process accounting resumed
[ 1479.986607][  T478] serio: Serial port ttyS0
[ 1480.110198][  T479] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1480.852726][  T490] netlink: 25 bytes leftover after parsing attributes in process `syz.0.8915'.
[ 1481.167057][  T493] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8919'.
[ 1481.195731][  T493] netlink: 13 bytes leftover after parsing attributes in process `syz.0.8919'.
[ 1481.542305][  T503] can0: slcan on ttyS2.
[ 1481.814617][  T506] can0 (unregistered): slcan off ttyS2.
[ 1482.126994][  T515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8922'.
[ 1482.231932][  T521] netlink: 354 bytes leftover after parsing attributes in process `syz.3.8922'.
[ 1484.278206][  T569] futex_wake_op: syz.0.8931 tries to shift op by -2048; fix this program
[ 1484.293673][  T569] futex_wake_op: syz.0.8931 tries to shift op by -2048; fix this program
[ 1484.494127][  T573] 0x000000000001-0x000000020000 : ""
[ 1484.606352][  T573] ftl_cs: FTL header corrupt!
[ 1484.969941][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.987809][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1487.938902][  T621] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[ 1489.481845][   T30] audit: type=1326 audit(2147483726.580:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=657 comm="syz.0.8949" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4429f9c629 code=0x0
[ 1492.229430][  T683] netlink: 'syz.6.8955': attribute type 4 has an invalid length.
[ 1493.695217][  T710] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8962'.
[ 1493.708207][  T710] netlink: 354 bytes leftover after parsing attributes in process `syz.3.8962'.
[ 1494.034131][  T716] netlink: 4 bytes leftover after parsing attributes in process `syz.6.8964'.
[ 1494.052369][  T716] netlink: 13 bytes leftover after parsing attributes in process `syz.6.8964'.
[ 1498.124247][  T791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8981'.
[ 1504.070727][  T351] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[ 1504.080669][  T351] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[ 1504.103951][  T351] CPU: 0 UID: 0 PID: 351 Comm: kworker/u11:1 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1504.104014][  T351] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1504.104028][  T351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1504.104053][  T351] Workqueue: hci4 hci_rx_work
[ 1504.104110][  T351] Call Trace:
[ 1504.104121][  T351]  <TASK>
[ 1504.104135][  T351]  dump_stack_lvl+0x100/0x190
[ 1504.104186][  T351]  sysfs_warn_dup.cold+0x1c/0x28
[ 1504.104236][  T351]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1504.104285][  T351]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1504.104329][  T351]  ? find_held_lock+0x2b/0x80
[ 1504.104363][  T351]  ? kobject_add_internal+0x25f/0x930
[ 1504.104408][  T351]  ? kobject_add_internal+0x25f/0x930
[ 1504.104458][  T351]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1504.104512][  T351]  kobject_add_internal+0x2c8/0x930
[ 1504.104565][  T351]  kobject_add+0x16a/0x1e0
[ 1504.104610][  T351]  ? __pfx_kobject_add+0x10/0x10
[ 1504.104653][  T351]  ? class_to_subsys+0x10f/0x150
[ 1504.104714][  T351]  ? kobject_put+0xb9/0x640
[ 1504.104754][  T351]  ? _raw_spin_unlock+0x28/0x50
[ 1504.104822][  T351]  device_add+0x294/0x1950
[ 1504.104875][  T351]  ? __pfx_dev_set_name+0x10/0x10
[ 1504.104912][  T351]  ? __pfx_device_add+0x10/0x10
[ 1504.104973][  T351]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1504.105038][  T351]  hci_conn_add_sysfs+0x1a3/0x260
[ 1504.105079][  T351]  le_conn_complete_evt+0x11cb/0x1f40
[ 1504.105145][  T351]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1504.105197][  T351]  ? __pfx_bt_warn+0x10/0x10
[ 1504.105246][  T351]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1504.105303][  T351]  ? skb_pull_data+0x15f/0x1e0
[ 1504.105356][  T351]  hci_le_meta_evt+0x34a/0x5f0
[ 1504.105403][  T351]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1504.105460][  T351]  hci_event_packet+0x682/0x11c0
[ 1504.105512][  T351]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1504.105547][  T351]  ? __pfx_hci_event_packet+0x10/0x10
[ 1504.105603][  T351]  ? kcov_remote_start+0x374/0x660
[ 1504.105654][  T351]  ? lockdep_hardirqs_on+0x78/0x100
[ 1504.105699][  T351]  hci_rx_work+0x451/0xfc0
[ 1504.105760][  T351]  process_one_work+0x9d7/0x1920
[ 1504.105824][  T351]  ? __pfx_process_one_work+0x10/0x10
[ 1504.105883][  T351]  ? __pfx_hci_rx_work+0x10/0x10
[ 1504.105938][  T351]  worker_thread+0x5da/0xe40
[ 1504.106005][  T351]  ? __pfx_worker_thread+0x10/0x10
[ 1504.106056][  T351]  ? kthread+0x13a/0x450
[ 1504.106097][  T351]  ? __pfx_worker_thread+0x10/0x10
[ 1504.106142][  T351]  kthread+0x370/0x450
[ 1504.106183][  T351]  ? __pfx_kthread+0x10/0x10
[ 1504.106229][  T351]  ret_from_fork+0x754/0xd80
[ 1504.106280][  T351]  ? __pfx_ret_from_fork+0x10/0x10
[ 1504.106333][  T351]  ? __switch_to+0x7b4/0x1120
[ 1504.106369][  T351]  ? __pfx_kthread+0x10/0x10
[ 1504.106415][  T351]  ret_from_fork_asm+0x1a/0x30
[ 1504.106471][  T351]  </TASK>
[ 1504.112910][  T351] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1504.468868][  T351] Bluetooth: hci4: failed to register connection device
[ 1505.792408][  T902] serio: Serial port ttyS0
[ 1509.113926][  T959] smpboot: CPU 1 is now offline
[ 1510.887181][  T953] Process accounting paused
[ 1511.089071][  T886] Bluetooth: hci3: unexpected event 0x34 length: 11 > 6
[ 1515.964608][ T1032] binder: BINDER_SET_CONTEXT_MGR already set
[ 1516.032252][ T1032] binder: 1030:1032 ioctl 4018620d 9 returned -16
[ 1516.159547][ T1039] serio: Serial port ttyS0
[ 1519.672206][ T1085] netlink: 330 bytes leftover after parsing attributes in process `syz.3.9039'.
[ 1519.856715][ T1085] ��\�: renamed from lo (while UP)
[ 1521.297028][  T341] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1521.319370][  T341] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1521.331760][  T341] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1521.344403][  T341] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1521.354646][  T341] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1522.006965][ T1120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.9048'.
[ 1522.095626][ T1120] netlink: 'syz.0.9048': attribute type 1 has an invalid length.
[ 1522.145084][ T1120] netlink: 342 bytes leftover after parsing attributes in process `syz.0.9048'.
[ 1522.348677][ T1106] chnl_net:caif_netlink_parms(): no params data found
[ 1522.827719][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1522.877593][ T1106] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1522.896940][ T1130] Loading of unsigned module is rejected
[ 1522.914567][ T1106] bridge_slave_0: entered allmulticast mode
[ 1522.961630][ T1106] bridge_slave_0: entered promiscuous mode
[ 1523.002045][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1523.046351][ T1106] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1523.068700][ T1138] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9050'.
[ 1523.093448][ T1106] bridge_slave_1: entered allmulticast mode
[ 1523.125195][ T1138] netlink: 'syz.6.9050': attribute type 1 has an invalid length.
[ 1523.136257][ T1106] bridge_slave_1: entered promiscuous mode
[ 1523.170224][ T1138] netlink: 'syz.6.9050': attribute type 6 has an invalid length.
[ 1523.283731][ T1106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1523.346108][ T1106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1523.453943][  T341] Bluetooth: hci1: command tx timeout
[ 1523.548401][ T1106] team0: Port device team_slave_0 added
[ 1523.624490][ T1106] team0: Port device team_slave_1 added
[ 1523.924501][ T1106] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1523.975624][ T1106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1524.111808][ T1106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1524.248417][ T1106] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1524.288658][ T1106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1524.398907][ T1106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1524.674957][ T1106] hsr_slave_0: entered promiscuous mode
[ 1524.693230][ T1106] hsr_slave_1: entered promiscuous mode
[ 1524.707601][ T1106] debugfs: 'hsr0' already exists in 'hsr'
[ 1524.733637][ T1106] Cannot create hsr debugfs directory
[ 1525.258834][ T1155] serio: Serial port ttyS0
[ 1525.534579][  T341] Bluetooth: hci1: command tx timeout
[ 1525.658980][ T1162] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9055'.
[ 1525.707853][ T1106] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1525.734956][ T1163] netlink: 'syz.3.9055': attribute type 1 has an invalid length.
[ 1525.801371][ T1163] netlink: 51505 bytes leftover after parsing attributes in process `syz.3.9055'.
[ 1525.826706][ T1106] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1525.877545][ T1106] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1525.920284][ T1106] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1526.271392][ T1106] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1526.359533][ T1106] 8021q: adding VLAN 0 to HW filter on device team0
[ 1526.395729][  T344] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1526.404304][  T344] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1526.441842][  T344] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1526.450449][  T344] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1527.292300][ T1106] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1527.617349][  T341] Bluetooth: hci1: command tx timeout
[ 1528.392043][ T1106] veth0_vlan: entered promiscuous mode
[ 1528.464362][ T1106] veth1_vlan: entered promiscuous mode
[ 1528.710942][ T1106] veth0_macvtap: entered promiscuous mode
[ 1528.783883][ T1106] veth1_macvtap: entered promiscuous mode
[ 1528.891120][ T1106] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1528.967109][ T1106] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1529.084117][  T344] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.190647][  T344] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.263930][  T344] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.331572][  T344] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1529.463689][  T354] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.517496][  T354] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1529.651743][ T1228] device-mapper: ioctl: device name cannot contain '/'
[ 1529.665770][  T354] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1529.699734][  T341] Bluetooth: hci1: command tx timeout
[ 1529.743117][  T354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1533.539582][ T1281] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[ 1536.010874][ T1324] tipc: Started in network mode
[ 1536.091433][ T1324] tipc: Node identity ee00, cluster identity 4711
[ 1536.099158][ T1324] tipc: Node number set to 60928
[ 1537.022864][ T1347] netlink: 504 bytes leftover after parsing attributes in process `syz.6.9083'.
[ 1537.677375][ T1358] zswap: compressor � not available
[ 1537.961170][ T1369] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9089'.
[ 1538.365592][ T1368] random: crng reseeded on system resumption
[ 1539.974907][ T1399] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000)
[ 1540.065546][ T1381] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[ 1540.731192][   T30] audit: type=1804 audit(2147503144.818:41): pid=1407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.9096" name="/newroot/2223/file0" dev="tmpfs" ino=11459 res=1 errno=0
[ 1540.885755][   T30] audit: type=1804 audit(2147503144.858:42): pid=1409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.9096" name="/newroot/2223/file0" dev="tmpfs" ino=11459 res=1 errno=0
[ 1541.604304][ T1402] Process accounting resumed
[ 1543.177472][ T1448] serio: Serial port ttyS0
[ 1543.300585][ T1450] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1545.232390][ T1471] netlink: 4 bytes leftover after parsing attributes in process `syz.6.9110'.
[ 1546.438806][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.452365][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.686266][ T1484] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0
[ 1548.647637][ T1917] usb usb38-port5: attempt power cycle
[ 1548.925979][   T30] audit: type=1800 audit(2147504176.000:43): pid=1509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.9119" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[ 1549.287052][ T1917] usb usb38-port5: unable to enumerate USB device
[ 1549.987769][ T1524] serio: Serial port ttyS0
[ 1550.091311][ T1525] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1551.189719][ T1542] bridge0: port 2(gretap0) entered blocking state
[ 1551.211463][ T1542] bridge0: port 2(gretap0) entered disabled state
[ 1551.244597][ T1542] gretap0: entered allmulticast mode
[ 1551.268208][ T1542] FAULT_INJECTION: forcing a failure.
[ 1551.268208][ T1542] name failslab, interval 1, probability 0, space 0, times 0
[ 1551.317933][ T1542] CPU: 0 UID: 0 PID: 1542 Comm: syz.0.9126 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1551.317974][ T1542] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1551.317983][ T1542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1551.317999][ T1542] Call Trace:
[ 1551.318007][ T1542]  <TASK>
[ 1551.318016][ T1542]  dump_stack_lvl+0x100/0x190
[ 1551.318058][ T1542]  should_fail_ex.cold+0x5/0xa
[ 1551.318086][ T1542]  should_failslab+0xc2/0x120
[ 1551.318109][ T1542]  kmem_cache_alloc_noprof+0x7b/0x6e0
[ 1551.318142][ T1542]  ? __kernfs_new_node+0xd2/0x960
[ 1551.318179][ T1542]  __kernfs_new_node+0xd2/0x960
[ 1551.318214][ T1542]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1551.318252][ T1542]  ? find_held_lock+0x2b/0x80
[ 1551.318274][ T1542]  ? kernfs_root+0xee/0x2a0
[ 1551.318303][ T1542]  ? kernfs_root+0xee/0x2a0
[ 1551.318339][ T1542]  kernfs_new_node+0x11b/0x1a0
[ 1551.318379][ T1542]  __kernfs_create_file+0x53/0x350
[ 1551.318407][ T1542]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1551.318443][ T1542]  sysfs_create_file_ns+0x145/0x1e0
[ 1551.318472][ T1542]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[ 1551.318501][ T1542]  ? kernfs_create_link+0x1bd/0x240
[ 1551.318526][ T1542]  ? kernfs_put+0x3f/0x60
[ 1551.318557][ T1542]  ? sysfs_do_create_link_sd+0xbb/0x140
[ 1551.318592][ T1542]  br_sysfs_addif+0xe4/0x210
[ 1551.318623][ T1542]  br_add_if+0x701/0x1b40
[ 1551.318648][ T1542]  ? security_capable+0x80/0x260
[ 1551.318685][ T1542]  add_del_if+0x114/0x160
[ 1551.318711][ T1542]  br_dev_siocdevprivate+0x8ac/0x1650
[ 1551.318739][ T1542]  ? __pfx_br_dev_siocdevprivate+0x10/0x10
[ 1551.318776][ T1542]  ? lock_acquire+0x1cf/0x380
[ 1551.318821][ T1542]  ? netdev_name_node_lookup+0x107/0x150
[ 1551.318860][ T1542]  ? __mutex_lock+0x26a/0x1b90
[ 1551.318891][ T1542]  dev_ifsioc+0xc1e/0x1e90
[ 1551.318917][ T1542]  ? __pfx_dev_ifsioc+0x10/0x10
[ 1551.318939][ T1542]  ? __pfx___mutex_lock+0x10/0x10
[ 1551.318976][ T1542]  ? dev_load+0x8e/0x240
[ 1551.318995][ T1542]  ? dev_load+0x8e/0x240
[ 1551.319023][ T1542]  dev_ioctl+0x70e/0x1070
[ 1551.319048][ T1542]  sock_ioctl+0x494/0x6b0
[ 1551.319084][ T1542]  ? __pfx_sock_ioctl+0x10/0x10
[ 1551.319117][ T1542]  ? hook_file_ioctl_common+0x146/0x410
[ 1551.319160][ T1542]  ? __fget_files+0x21f/0x3d0
[ 1551.319200][ T1542]  ? __pfx_sock_ioctl+0x10/0x10
[ 1551.319236][ T1542]  __x64_sys_ioctl+0x18e/0x210
[ 1551.319271][ T1542]  do_syscall_64+0x106/0xf80
[ 1551.319296][ T1542]  ? clear_bhb_loop+0x40/0x90
[ 1551.319326][ T1542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1551.319350][ T1542] RIP: 0033:0x7f4429f9c629
[ 1551.319372][ T1542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1551.319395][ T1542] RSP: 002b:00007f442aeaf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1551.319418][ T1542] RAX: ffffffffffffffda RBX: 00007f442a216090 RCX: 00007f4429f9c629
[ 1551.319434][ T1542] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000007
[ 1551.319449][ T1542] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1551.319465][ T1542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1551.319479][ T1542] R13: 00007f442a216128 R14: 00007f442a216090 R15: 00007fff235f7be8
[ 1551.319510][ T1542]  </TASK>
[ 1551.324699][ T1542] gretap0: left allmulticast mode
[ 1555.011980][ T1581] serio: Serial port ttyS0
[ 1555.121630][ T1579] tipc: Started in network mode
[ 1555.166255][ T1579] tipc: Node identity ee00, cluster identity 4711
[ 1555.201123][ T1579] tipc: Node number set to 60928
[ 1558.460923][ T1632] FAULT_INJECTION: forcing a failure.
[ 1558.460923][ T1632] name (null), interval 1, probability 0, space 0, times 1
[ 1558.582986][ T1632] CPU: 0 UID: 0 PID: 1632 Comm: syz.0.9144 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1558.583028][ T1632] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1558.583037][ T1632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1558.583053][ T1632] Call Trace:
[ 1558.583061][ T1632]  <TASK>
[ 1558.583070][ T1632]  dump_stack_lvl+0x100/0x190
[ 1558.583111][ T1632]  should_fail_ex.cold+0x5/0xa
[ 1558.583139][ T1632]  null_queue_rq+0x24d/0xfb0
[ 1558.583184][ T1632]  null_queue_rqs+0xe9/0x2f0
[ 1558.583216][ T1632]  ? __pfx_null_queue_rqs+0x10/0x10
[ 1558.583255][ T1632]  __blk_mq_flush_list+0x9a/0xc0
[ 1558.583291][ T1632]  blk_mq_dispatch_queue_requests+0x184/0x7c0
[ 1558.583324][ T1632]  blk_mq_flush_plug_list+0x1f2/0x600
[ 1558.583352][ T1632]  ? trace_block_plug+0x6e/0x240
[ 1558.583385][ T1632]  ? blk_add_rq_to_plug+0x30a/0x540
[ 1558.583413][ T1632]  ? __pfx_wbt_track+0x10/0x10
[ 1558.583450][ T1632]  ? __pfx_blk_mq_flush_plug_list+0x10/0x10
[ 1558.583479][ T1632]  ? blk_mq_submit_bio+0x9aa/0x2bf0
[ 1558.583513][ T1632]  __blk_flush_plug+0x2c4/0x4b0
[ 1558.583542][ T1632]  ? __pfx___blk_flush_plug+0x10/0x10
[ 1558.583579][ T1632]  ? blkdev_ioctl+0x43b/0x6f0
[ 1558.583601][ T1632]  ? __x64_sys_ioctl+0x18e/0x210
[ 1558.583636][ T1632]  __submit_bio+0x584/0x6c0
[ 1558.583661][ T1632]  ? __pfx___submit_bio+0x10/0x10
[ 1558.583697][ T1632]  ? submit_bio_noacct_nocheck+0x562/0xc10
[ 1558.583721][ T1632]  submit_bio_noacct_nocheck+0x562/0xc10
[ 1558.583750][ T1632]  ? __pfx_submit_bio_noacct_nocheck+0x10/0x10
[ 1558.583778][ T1632]  ? __pfx___might_resched+0x10/0x10
[ 1558.583810][ T1632]  ? bio_alloc_bioset+0x309/0x850
[ 1558.583841][ T1632]  ? create_empty_buffers+0x424/0x660
[ 1558.583872][ T1632]  submit_bio_noacct+0xd17/0x2010
[ 1558.583902][ T1632]  submit_bh_wbc+0x59c/0x770
[ 1558.583928][ T1632]  block_read_full_folio+0x4c8/0x8e0
[ 1558.583959][ T1632]  ? __pfx_blkdev_get_block+0x10/0x10
[ 1558.583990][ T1632]  ? __pfx_blkdev_read_folio+0x10/0x10
[ 1558.584013][ T1632]  filemap_read_folio+0xfc/0x3b0
[ 1558.584127][ T1632]  ? __pfx_filemap_read_folio+0x10/0x10
[ 1558.584174][ T1632]  do_read_cache_folio+0x2d7/0x6b0
[ 1558.584208][ T1632]  ? __pfx_blkdev_read_folio+0x10/0x10
[ 1558.584238][ T1632]  read_part_sector+0xd1/0x370
[ 1558.584263][ T1632]  adfspart_check_ICS+0x93/0x910
[ 1558.584287][ T1632]  ? snprintf+0xc7/0x100
[ 1558.584309][ T1632]  ? __pfx_snprintf+0x10/0x10
[ 1558.584330][ T1632]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1558.584353][ T1632]  ? __pfx_adfspart_check_ICS+0x10/0x10
[ 1558.584384][ T1632]  ? __pfx_adfspart_check_ICS+0x10/0x10
[ 1558.584410][ T1632]  bdev_disk_changed+0x7f8/0xc80
[ 1558.584459][ T1632]  ? __pfx_bdev_disk_changed+0x10/0x10
[ 1558.584498][ T1632]  ? file_init_path+0x48e/0x670
[ 1558.584530][ T1632]  blkdev_get_whole+0x187/0x290
[ 1558.584553][ T1632]  bdev_open+0x2c7/0xe40
[ 1558.584582][ T1632]  bdev_file_open_by_dev+0x179/0x210
[ 1558.584609][ T1632]  disk_scan_partitions+0x1ef/0x320
[ 1558.584645][ T1632]  blkdev_common_ioctl+0x12a1/0x2ba0
[ 1558.584676][ T1632]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[ 1558.584709][ T1632]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1558.584751][ T1632]  ? do_vfs_ioctl+0x226/0x13e0
[ 1558.584782][ T1632]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1558.584822][ T1632]  ? find_held_lock+0x2b/0x80
[ 1558.584843][ T1632]  ? __fget_files+0x215/0x3d0
[ 1558.584883][ T1632]  blkdev_ioctl+0x43b/0x6f0
[ 1558.584908][ T1632]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1558.584938][ T1632]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1558.584985][ T1632]  __x64_sys_ioctl+0x18e/0x210
[ 1558.585021][ T1632]  do_syscall_64+0x106/0xf80
[ 1558.585046][ T1632]  ? clear_bhb_loop+0x40/0x90
[ 1558.585077][ T1632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1558.585102][ T1632] RIP: 0033:0x7f4429f9c629
[ 1558.585123][ T1632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1558.585148][ T1632] RSP: 002b:00007f442aeaf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1558.585179][ T1632] RAX: ffffffffffffffda RBX: 00007f442a216090 RCX: 00007f4429f9c629
[ 1558.585196][ T1632] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000009
[ 1558.585211][ T1632] RBP: 00007f442a032b39 R08: 0000000000000000 R09: 0000000000000000
[ 1558.585226][ T1632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1558.585241][ T1632] R13: 00007f442a216128 R14: 00007f442a216090 R15: 00007fff235f7be8
[ 1558.585272][ T1632]  </TASK>
[ 1563.156446][T25849] usb usb38-port5: attempt power cycle
[ 1563.783732][T25849] usb usb38-port5: unable to enumerate USB device
[ 1564.213167][ T1679] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9153'.
[ 1564.253610][ T1679] netlink: 354 bytes leftover after parsing attributes in process `syz.7.9153'.
[ 1565.034145][ T2617] null_blk: rq ffff888027e42100 timed out
[ 1565.049463][ T2617] timeout error, dev nullb0, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[ 1565.062860][ T2617] Buffer I/O error on dev nullb0, logical block 0, async page read
[ 1565.084075][ T1632]  nullb0: unable to read partition table
[ 1567.586408][ T1721] Loading of unsigned module is rejected
[ 1568.209804][ T1727] serio: Serial port ttyS0
[ 1568.304242][ T1730] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1572.692140][ T1754] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[ 1574.836925][ T1781] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9175'.
[ 1575.000970][ T1783] Loading of unsigned module is rejected
[ 1575.274116][ T1788] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9176'.
[ 1575.347569][ T1788] veth0_macvtap: left promiscuous mode
[ 1575.455054][ T1788] macvtap0: entered promiscuous mode
[ 1575.477200][ T1788] macvtap0: entered allmulticast mode
[ 1579.108101][ T1820] FAULT_INJECTION: forcing a failure.
[ 1579.108101][ T1820] name failslab, interval 1, probability 0, space 0, times 0
[ 1579.168222][ T1820] CPU: 0 UID: 0 PID: 1820 Comm: syz.7.9182 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1579.168265][ T1820] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1579.168275][ T1820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1579.168290][ T1820] Call Trace:
[ 1579.168298][ T1820]  <TASK>
[ 1579.168308][ T1820]  dump_stack_lvl+0x100/0x190
[ 1579.168350][ T1820]  should_fail_ex.cold+0x5/0xa
[ 1579.168379][ T1820]  should_failslab+0xc2/0x120
[ 1579.168403][ T1820]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[ 1579.168443][ T1820]  ? __d_alloc+0x34/0xa80
[ 1579.168474][ T1820]  __d_alloc+0x34/0xa80
[ 1579.168502][ T1820]  d_alloc_pseudo+0x1c/0xc0
[ 1579.168536][ T1820]  alloc_file_pseudo+0xcf/0x230
[ 1579.168566][ T1820]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1579.168604][ T1820]  __shmem_file_setup+0x221/0x490
[ 1579.168637][ T1820]  ? __pfx___shmem_file_setup+0x10/0x10
[ 1579.168674][ T1820]  ? vm_area_alloc+0x1f/0x160
[ 1579.168713][ T1820]  shmem_zero_setup+0x96/0x1b0
[ 1579.168752][ T1820]  __mmap_region+0x2198/0x29e0
[ 1579.168791][ T1820]  ? __pfx___mmap_region+0x10/0x10
[ 1579.168826][ T1820]  ? __lock_acquire+0x4a5/0x2630
[ 1579.168859][ T1820]  ? set_next_entity+0x11b/0x9c0
[ 1579.168899][ T1820]  ? __lock_acquire+0x4a5/0x2630
[ 1579.168928][ T1820]  ? find_held_lock+0x2b/0x80
[ 1579.168967][ T1820]  ? find_held_lock+0x2b/0x80
[ 1579.168988][ T1820]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1579.169013][ T1820]  ? finish_task_switch.isra.0+0x200/0xb80
[ 1579.169050][ T1820]  ? trace_sched_exit_tp+0x13a/0x180
[ 1579.169079][ T1820]  ? __schedule+0x1000/0x60e0
[ 1579.169139][ T1820]  ? rcu_is_watching+0x12/0xc0
[ 1579.169175][ T1820]  ? cap_capable+0x107/0x460
[ 1579.169212][ T1820]  mmap_region+0x180/0x3e0
[ 1579.169252][ T1820]  do_mmap+0xc63/0x12f0
[ 1579.169282][ T1820]  ? __pfx_do_mmap+0x10/0x10
[ 1579.169307][ T1820]  ? __pfx_down_write_killable+0x10/0x10
[ 1579.169348][ T1820]  vm_mmap_pgoff+0x29e/0x470
[ 1579.169379][ T1820]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1579.169407][ T1820]  ? do_futex+0x192/0x350
[ 1579.169438][ T1820]  ? __pfx_do_futex+0x10/0x10
[ 1579.169475][ T1820]  ksys_mmap_pgoff+0xe1/0x650
[ 1579.169498][ T1820]  ? __x64_sys_futex+0x34f/0x4d0
[ 1579.169529][ T1820]  ? __x64_sys_futex+0x358/0x4d0
[ 1579.169561][ T1820]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[ 1579.169587][ T1820]  ? xfd_validate_state+0x129/0x190
[ 1579.169628][ T1820]  __x64_sys_mmap+0x125/0x190
[ 1579.169667][ T1820]  do_syscall_64+0x106/0xf80
[ 1579.169693][ T1820]  ? clear_bhb_loop+0x40/0x90
[ 1579.169729][ T1820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1579.169754][ T1820] RIP: 0033:0x7f1bee59c629
[ 1579.169776][ T1820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1579.169801][ T1820] RSP: 002b:00007f1bef454028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1579.169825][ T1820] RAX: ffffffffffffffda RBX: 00007f1bee815fa0 RCX: 00007f1bee59c629
[ 1579.169841][ T1820] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[ 1579.169857][ T1820] RBP: 00007f1bee632b39 R08: fffffffffffffffa R09: 0000000000008000
[ 1579.169873][ T1820] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[ 1579.169889][ T1820] R13: 00007f1bee816038 R14: 00007f1bee815fa0 R15: 00007ffd87e58378
[ 1579.169920][ T1820]  </TASK>
[ 1579.813869][ T1824] net_ratelimit: 1 callbacks suppressed
[ 1579.813890][ T1824] openvswitch: netlink: Key type 261 is out of range max 32
[ 1580.660345][ T5824] Process accounting paused
[ 1581.207832][  T886] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1581.228217][  T886] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1581.237858][  T886] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1581.247424][  T886] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1581.256806][  T886] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1582.110371][ T1838] chnl_net:caif_netlink_parms(): no params data found
[ 1582.505942][ T1838] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1582.552702][ T1838] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1582.587726][ T1838] bridge_slave_0: entered allmulticast mode
[ 1582.636616][ T1838] bridge_slave_0: entered promiscuous mode
[ 1582.673396][ T1838] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1582.725736][ T1838] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1582.765889][ T1838] bridge_slave_1: entered allmulticast mode
[ 1582.805745][ T1838] bridge_slave_1: entered promiscuous mode
[ 1582.949908][ T1838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1583.019738][ T1838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1583.205707][ T1838] team0: Port device team_slave_0 added
[ 1583.246039][ T1838] team0: Port device team_slave_1 added
[ 1583.323707][  T886] Bluetooth: hci2: command tx timeout
[ 1583.368004][ T1838] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1583.416476][ T1838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1583.551397][ T1838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1583.637024][ T1838] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1583.679943][ T1838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1583.812883][ T1877] serio: Serial port ttyS0
[ 1583.833153][ T1838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1583.928597][ T1876] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1584.059321][ T1838] hsr_slave_0: entered promiscuous mode
[ 1584.075572][ T1838] hsr_slave_1: entered promiscuous mode
[ 1584.097263][ T1838] debugfs: 'hsr0' already exists in 'hsr'
[ 1584.112920][ T1838] Cannot create hsr debugfs directory
[ 1584.687120][ T1838] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1584.759666][ T1838] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1584.804968][ T1838] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1584.853688][ T1838] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1585.403400][  T886] Bluetooth: hci2: command tx timeout
[ 1585.481260][ T1838] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1585.710647][ T1838] 8021q: adding VLAN 0 to HW filter on device team0
[ 1585.795867][  T345] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1585.804468][  T345] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1585.883754][  T345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1585.892343][  T345] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1586.083935][ T1838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1586.969457][ T1838] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1587.473649][ T1924] bridge0: port 2(gretap0) entered blocking state
[ 1587.483008][  T886] Bluetooth: hci2: command tx timeout
[ 1587.587125][ T1924] bridge0: port 2(gretap0) entered disabled state
[ 1587.669513][ T1924] gretap0: entered allmulticast mode
[ 1587.748075][ T1924] gretap0: entered promiscuous mode
[ 1587.818997][ T1924] bridge0: port 2(gretap0) entered blocking state
[ 1587.826899][ T1924] bridge0: port 2(gretap0) entered forwarding state
[ 1588.525395][   T30] audit: type=1804 audit(2147504215.599:44): pid=1932 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.9200" name="/newroot/574/file0" dev="tmpfs" ino=3020 res=1 errno=0
[ 1588.662541][   T30] audit: type=1804 audit(2147504215.639:45): pid=1936 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.9200" name="/newroot/574/file0" dev="tmpfs" ino=3020 res=1 errno=0
[ 1588.797394][ T1838] veth0_vlan: entered promiscuous mode
[ 1588.983636][ T1838] veth1_vlan: entered promiscuous mode
[ 1589.119656][ T1838] veth0_macvtap: entered promiscuous mode
[ 1589.195960][ T1838] veth1_macvtap: entered promiscuous mode
[ 1589.339853][ T1838] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1589.396861][ T1838] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1589.530961][  T344] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1589.563158][  T886] Bluetooth: hci2: command tx timeout
[ 1589.595505][  T344] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1589.696770][  T344] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1589.745606][  T344] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1589.852942][ T1953] serio: Serial port ttyS0
[ 1590.122623][  T371] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1590.193101][  T371] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1590.639544][  T344] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1590.684904][  T344] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1591.191386][ T1962] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[ 1592.465797][ T1963] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31
[ 1600.765596][ T2048] netlink: 25 bytes leftover after parsing attributes in process `syz.3.9222'.
[ 1605.050579][ T2091] misc userio: Invalid payload size
[ 1605.100867][ T2093] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9232'.
[ 1605.116157][ T2093] netlink: 54041 bytes leftover after parsing attributes in process `syz.8.9232'.
[ 1605.317306][  T341] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1605.321419][  T341] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1605.324962][  T341] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1605.326802][  T341] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1605.333473][  T341] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1606.108400][ T2094] chnl_net:caif_netlink_parms(): no params data found
[ 1606.182163][ T2103] serio: Serial port ttyS0
[ 1606.285414][ T2104] vhci_hcd vhci_hcd.3: default hub control req: 0000 v0000 i0000 l0
[ 1606.874380][ T2094] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1606.920282][ T2094] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1606.972115][ T2094] bridge_slave_0: entered allmulticast mode
[ 1607.024019][ T2094] bridge_slave_0: entered promiscuous mode
[ 1607.130255][ T2094] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1607.167654][ T2094] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1607.213061][ T2094] bridge_slave_1: entered allmulticast mode
[ 1607.261551][ T2094] bridge_slave_1: entered promiscuous mode
[ 1607.403970][  T341] Bluetooth: hci6: command tx timeout
[ 1607.810027][ T2094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1607.890579][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.900095][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.065787][ T2094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1608.590171][ T2094] team0: Port device team_slave_0 added
[ 1608.634359][ T2094] team0: Port device team_slave_1 added
[ 1608.726318][ T2117] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12)
[ 1608.811264][ T2094] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1608.850764][ T2094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1608.995352][ T2094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1609.075165][ T2094] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1609.135230][ T2094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1609.273462][ T2094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1609.484083][  T341] Bluetooth: hci6: command tx timeout
[ 1609.534172][ T2094] hsr_slave_0: entered promiscuous mode
[ 1609.579610][ T2094] hsr_slave_1: entered promiscuous mode
[ 1609.625619][ T2094] debugfs: 'hsr0' already exists in 'hsr'
[ 1609.669068][ T2094] Cannot create hsr debugfs directory
[ 1610.765444][ T2094] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1610.867486][ T2094] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1611.010684][ T2094] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1611.069474][ T2094] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1611.563418][  T341] Bluetooth: hci6: command tx timeout
[ 1611.630791][ T2094] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1611.747299][ T2094] 8021q: adding VLAN 0 to HW filter on device team0
[ 1611.951336][  T388] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1611.959946][  T388] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1612.298633][  T345] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1612.307179][  T345] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1612.593468][ T2144] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[ 1612.622384][ T2094] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1612.704605][ T2094] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1613.643906][  T341] Bluetooth: hci6: command tx timeout
[ 1614.066182][ T2094] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1614.812234][ T2169] netlink: 25 bytes leftover after parsing attributes in process `syz.6.9244'.
[ 1615.067757][ T2094] veth0_vlan: entered promiscuous mode
[ 1615.149884][ T2094] veth1_vlan: entered promiscuous mode
[ 1615.280244][ T2094] veth0_macvtap: entered promiscuous mode
[ 1615.353916][ T2094] veth1_macvtap: entered promiscuous mode
[ 1615.473145][ T2094] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1615.527956][ T2094] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1615.617579][ T2177] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.670692][ T2177] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.729869][ T2177] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1615.855659][ T2177] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1616.152012][  T345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1616.211239][  T345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1616.366664][  T345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1616.413445][  T345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1616.462298][ T2180] futex_wake_op: syz.6.9246 tries to shift op by -2048; fix this program
[ 1616.583451][ T2181] netlink: 354 bytes leftover after parsing attributes in process `syz.6.9246'.
[ 1618.179982][ T2205] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9251'.
[ 1618.295366][ T2205] netlink: 'syz.3.9251': attribute type 1 has an invalid length.
[ 1618.337343][ T2205] netlink: 5 bytes leftover after parsing attributes in process `syz.3.9251'.
[ 1619.422527][ T2211] warning: `syz.9.9252' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[ 1620.546784][  T341] Bluetooth: hci5: unexpected event 0x12 length: 440 > 8
[ 1622.604091][   T31] INFO: task kworker/u8:7:343 blocked for more than 143 seconds.
[ 1622.624323][   T31]       Tainted: G     U       L      syzkaller #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1622.666844][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1622.754839][   T31] task:kworker/u8:7    state:D stack:22656 pid:343   tgid:343   ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1622.866932][   T31] Workqueue: netns cleanup_net
[ 1622.926272][   T31] Call Trace:
[ 1622.947176][   T31]  <TASK>
[ 1622.981544][   T31]  __schedule+0xfee/0x60e0
[ 1623.016204][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1623.065548][   T31]  ? __pfx___schedule+0x10/0x10
[ 1623.133498][   T31]  ? find_held_lock+0x2b/0x80
[ 1623.139198][   T31]  ? schedule+0x2bf/0x390
[ 1623.199966][   T31]  schedule+0xdd/0x390
[ 1623.262779][   T31]  schedule_timeout+0x1b2/0x280
[ 1623.328265][ T2274] vivid-007: =================  START STATUS  =================
[ 1623.350231][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1623.415585][   T31]  ? mark_held_locks+0x40/0x70
[ 1623.483312][   T31]  __wait_for_common+0x2e7/0x4c0
[ 1623.561322][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1623.569869][ T2274] vivid-007: Generate PTS: true
[ 1623.600501][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1623.664239][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1623.725211][   T31]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[ 1623.764276][ T2274] vivid-007: Generate SCR: true
[ 1623.796268][   T31]  __flush_workqueue+0x3f7/0x1200
[ 1623.802366][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1623.922805][   T31]  ? __lock_acquire+0x4a5/0x2630
[ 1623.929055][   T31]  ? __pfx___flush_workqueue+0x10/0x10
[ 1623.948341][ T2274] tpg source WxH: 320x240 (Y'CbCr)
[ 1624.102784][   T31]  ? reacquire_held_locks+0xce/0x1e0
[ 1624.109269][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1624.195976][   T31]  ? __pfx_sock_def_readable+0x10/0x10
[ 1624.202583][   T31]  rds_tcp_listen_stop+0x104/0x160
[ 1624.222877][ T2274] tpg field: 1
[ 1624.226960][ T2274] tpg crop: (0,0)/320x240
[ 1624.232419][ T2274] tpg compose: (0,0)/320x240
[ 1624.303888][   T31]  rds_tcp_exit_net+0xe0/0x870
[ 1624.309691][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1624.392855][   T31]  ? __pfx___might_resched+0x10/0x10
[ 1624.399259][   T31]  ? __pfx_rds_tcp_exit_net+0x10/0x10
[ 1624.463937][ T2274] tpg colorspace: 8
[ 1624.468538][ T2274] tpg transfer function: 0/0
[ 1624.482955][   T31]  ops_undo_list+0x2ee/0xab0
[ 1624.488510][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 1624.543091][ T2274] tpg Y'CbCr encoding: 0/0
[ 1624.548868][ T2274] tpg quantization: 0/0
[ 1624.563131][   T31]  ? cleanup_net+0x332/0x920
[ 1624.568652][   T31]  ? idr_destroy+0x62/0x2e0
[ 1624.612853][ T2274] tpg RGB range: 0/2
[ 1624.617549][ T2274] vivid-007: ==================  END STATUS  ==================
[ 1624.645390][   T31]  cleanup_net+0x499/0x920
[ 1624.678017][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1624.702796][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1624.708580][   T31]  process_one_work+0x9d7/0x1920
[ 1624.780383][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1624.822754][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 1624.865282][   T31]  worker_thread+0x5da/0xe40
[ 1624.870844][   T31]  ? kthread+0x13a/0x450
[ 1624.915836][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1624.922017][   T31]  kthread+0x370/0x450
[ 1624.963074][   T31]  ? __pfx_kthread+0x10/0x10
[ 1624.968667][   T31]  ret_from_fork+0x754/0xd80
[ 1625.001519][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1625.033150][   T31]  ? __switch_to+0x7b4/0x1120
[ 1625.038810][   T31]  ? __pfx_kthread+0x10/0x10
[ 1625.062948][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1625.068710][   T31]  </TASK>
[ 1625.188680][   T31] 
[ 1625.188680][   T31] Showing all locks held in the system:
[ 1625.261182][   T31] 1 lock held by khungtaskd/31:
[ 1625.340203][   T31]  #0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[ 1625.414386][   T31] 3 locks held by kworker/u8:7/343:
[ 1625.420651][   T31]  #0: ffff88801c6ae948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920
[ 1625.497191][   T31]  #1: ffffc900035e7d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920
[ 1625.552843][   T31]  #2: ffffffff905f95d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[ 1625.604197][   T31] 1 lock held by syz.6.8622/31755:
[ 1625.611346][   T31] 1 lock held by syz.5.9006/903:
[ 1625.686882][   T31]  #0: ffffffff905f95d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1625.740046][   T31] 1 lock held by syz.0.9155/1698:
[ 1625.785528][   T31]  #0: ffffffff905f95d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1625.842869][   T31] 5 locks held by syz-executor/1838:
[ 1625.849237][   T31]  #0: ffff888062cdcec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0
[ 1625.934305][   T31]  #1: ffff888062cdc0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240
[ 1625.984511][   T31]  #2: ffffffff908a9f28 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280
[ 1626.044723][   T31]  #3: ffff88805a41baf8 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x770
[ 1626.080386][   T31]  #4: ffffffff8e7f4e38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0
[ 1626.125174][   T31] 1 lock held by syz.7.9204/1954:
[ 1626.131247][   T31]  #0: ffffffff905f95d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0
[ 1626.150662][   T31] 2 locks held by syz-executor/2094:
[ 1626.166804][   T31]  #0: ffffffff90611f28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1626.178180][   T31]  #1: ffffffff8e7f4e38 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[ 1626.191993][   T31] 1 lock held by syz.3.9264/2274:
[ 1626.198272][   T31]  #0: ffffffff90611f28 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[ 1626.240749][   T31] 
[ 1626.256643][   T31] =============================================
[ 1626.256643][   T31] 
[ 1626.290047][   T31] NMI backtrace for cpu 0
[ 1626.290068][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1626.290104][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1626.290113][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1626.290127][   T31] Call Trace:
[ 1626.290135][   T31]  <TASK>
[ 1626.290144][   T31]  dump_stack_lvl+0x100/0x190
[ 1626.290184][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[ 1626.290223][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1626.290258][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[ 1626.290297][   T31]  sys_info+0x141/0x190
[ 1626.290325][   T31]  watchdog+0xd25/0x1050
[ 1626.290355][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1626.290378][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1626.290406][   T31]  ? kthread+0x13a/0x450
[ 1626.290434][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1626.290454][   T31]  kthread+0x370/0x450
[ 1626.290482][   T31]  ? __pfx_kthread+0x10/0x10
[ 1626.290514][   T31]  ret_from_fork+0x754/0xd80
[ 1626.290549][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1626.290592][   T31]  ? __switch_to+0x7b4/0x1120
[ 1626.290618][   T31]  ? __pfx_kthread+0x10/0x10
[ 1626.290650][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1626.290688][   T31]  </TASK>
[ 1626.655520][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1626.663784][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[ 1626.676592][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[ 1626.682829][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1626.694887][   T31] Call Trace:
[ 1626.698813][   T31]  <TASK>
[ 1626.702341][   T31]  dump_stack_lvl+0x100/0x190
[ 1626.707962][   T31]  vpanic+0x552/0x970
[ 1626.712865][   T31]  ? __pfx_vpanic+0x10/0x10
[ 1626.718287][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[ 1626.725704][   T31]  panic+0xd1/0xe0
[ 1626.730171][   T31]  ? __pfx_panic+0x10/0x10
[ 1626.735471][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[ 1626.743181][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[ 1626.750575][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[ 1626.757965][   T31]  ? watchdog.cold+0x198/0x1ca
[ 1626.763671][   T31]  ? watchdog+0xd35/0x1050
[ 1626.768965][   T31]  watchdog.cold+0x1a9/0x1ca
[ 1626.774495][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1626.780109][   T31]  ? __kthread_parkme+0x18c/0x230
[ 1626.786151][   T31]  ? kthread+0x13a/0x450
[ 1626.791247][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1626.796851][   T31]  kthread+0x370/0x450
[ 1626.801730][   T31]  ? __pfx_kthread+0x10/0x10
[ 1626.807238][   T31]  ret_from_fork+0x754/0xd80
[ 1626.812755][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1626.818900][   T31]  ? __switch_to+0x7b4/0x1120
[ 1626.824513][   T31]  ? __pfx_kthread+0x10/0x10
[ 1626.830054][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1626.835804][   T31]  </TASK>
[ 1626.839497][   T31] Kernel Offset: disabled
[ 1626.844687][   T31] Rebooting in 86400 seconds..