last executing test programs:

2m57.634188311s ago: executing program 3 (id=2203):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x8, 0x400008, 0xdf, 0xfffffffffffffffc, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x848000000015, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x6b)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55)
sendmsg$auto_NL80211_CMD_GET_MPATH(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x24184810)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
read$auto(r2, 0x0, 0x1000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x100082)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0)
write$auto(0x3, 0x0, 0xfdef)

2m56.460969696s ago: executing program 3 (id=2209):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth1_to_hsr\x00'})
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
bpf$auto(0x1, &(0x7f00000000c0)=@query={@target_fd=<r1=>r0, 0xfffffff7, 0x2, 0x4, 0xc6d, @prog_cnt=0x800, 0x0, 0x5, 0x0, 0x0, 0x9}, 0xf)
r2 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x204000000000df, 0xeb1, 0x401, 0x8000)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
bpf$auto_BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)=@link_detach={<r4=>r1}, 0x9)
io_uring_register$auto_IORING_REGISTER_FILE_ALLOC_RANGE(r4, 0x19, &(0x7f00000003c0)="5550a838e1cbac54301760c06f60b5723c38a7876781cf98e71d176ab319c7b3684413ec17db9255397c24477761bf09c0d3bcb9694957dd79ef34e2c3f8f59967ab881f747cf89560c49179d32d14aafbad2c870741a8219ea67d04276cc25512d2d3e4d4ed5a1e0d058c2de33a51b091bce17928e5919c7b5499b3576ef83241a01d39f6f9ac80dbdb6e4cb0a5787340a7bd7d867e909fea96fb8f2aa36aa09b905950591d4f65bdc0f24e55fe31d95d58e544a95a684b2fb790098a9dcae2ebbfbde67d131cc8515644ea1e582151e4d2b41cd5ed75dcef3ea18721bec759d7cdb22d799dcc57143dbae2aead92f1629697f893cea1ed5cd06be509af823cc40b4525e2fbd9479e3c8ca9564cc546b8c011c344aeb5d62ac51696322c22705ba9781012f3ba19976acc2217ec8fbd03082d3389fee34fe9f5d1c1d76f80df9112ef50292fccaf2e4ef72530203b800ab12941683ee786206e8dad472935fec26ebdfe11d0ca37a01aa791fb7f0974c6a30566b42a7458e037293e664220b1f16b4d9bab35c75f27f3f77614a075667ad1b73e62cbf3942fe03256e4f7df243b8361a405396699b00497bdc57b42097f6de0b4e2af8a015055ac67ce4eb836afc3e7fc90b7290d928c18268fc3b27a31cb1c146dbf85e77e3be2367773dc3003d01323767febaaef40cc4e3d92ae415cc8300e6f271e467da68b88014082bf3085a489f90017ca3de2c42ad83230a02eb2145d99073e9f362576a65f6c93604f57fe47654e180af3bc796c3bf2d23af2f49ca1e2f6274a0d5859a0f7b770f6e9e80adaf983bfb0fd5b57c00c0e2ed67bc72e06a36ea405e89181aa3af66390d1b2ea0a0d1493189e812efd0efc9b723769f5247fe168b154b7845aaac33271b9da901c414780aed4057fa09f264ce085ad25b7e50312414f5cd6ba6f0939dd1102f12cba5b615358c1590584f9a2dbd1680b68e5ad5a04402d09bf2a87d055db5251b5a23cce9707dd8390a11ffe49f3913d0fe12254a5622c3f709588f5f41b4f05130d1a3f60c3ed8792dcefe61dd7c14e99a1071fd641ebcff6f2a7324ad1b6198a2cbf8ddc066ff5e1863219df1815ca4ee4624c4782cdeb4fc8a3151c5feb999170b5cf8ff57b1095fe80be77320373d335db2a084895449a2b034baa07a521163eaf4e3b87c83a084d89a9d38c81e19ea99b711b806941606f8f4bf2e1c1ec10017db64241753bd7f7003c1c51e2752eb9c2ebbdddb4176029306df61caf7a081839fa001c21da9b473a803579e70e191a25976aa3a6c7560f2006def275fd4ee6b2b2418f468107daaa8a438f3b44596ba2e281c1e66ea12eb9f8654a8e671c39b0e5fa1ee8be053e33fc97f8e0b906df1695aecf301be9d3c1d1f0b5412de944a9827b9859a254100aee6fc6d38d67de00ae6f40f5436c8abc1322a1396553d207a0d0dad9a8957134b1b1b7b26bfb3ab6c0dd31b3d6c32f3f69c9a3ff115b060e70ded39af47b127b1d46e77bff0651f59d4ecad8b28708dbb1c1484626ea532085194814e3812cd944a87338b4913e5df5cce213503c48cf49d959310bda9ec165aefe45941993a02f79a5f51e8618401cec68b81b9a448a608c734f2adb7dd1ccdf7956215353fb6a5feab8505dfe4084085875c2d153b8306a1d83c1079cdad694c6fb66d4653ef681a5207ba1bc8bb79bd310f1bcfd3e3a5bf67945526dfeba8002f0e37d9dca2c2fcf3fb3e6fda2623ab2a34369c870a4b57288fdfb4d5fc46ab34ed0ba101fa1579ddaf812ec57ebd2d86f14115d4ae80072b8ff48c24054063099fbc7662c97e58baca24b012d0be0fde498d21c428a8c0409670d38084ec7bbb54478e22e895c5ae10ff37e5bb3d20a130a8903086f3996ed8f0c209156603b526a8e77eef9888296dfc8f172f7c704180ad5295e24165e8cc3e050cb39fc3cd7f4d76f62af61ef2380f03ceb08e77be9945cbca8bc8f643e878f3ce7d01168794d1a1b0202928fe7235fb6a8d91574bef14d569ea572050cce8f0c4d7b0bd0937e105bfc8cbdecfe216aa30df557fe075cd663b030d74292317d1e72cef9100ee8e8bc3a5a8b3e6ca8ff1559bb97351a510cad0bc148de4948cc20f8a27e5c8c3f8ba449a51e9c80a11720e4ca68107ba5e0db16fd94cc9b28dfc49f997a185a76eebbe78e773bb7116aeba4c215ed9f3a2a815e92e274f2c9dbfbe7272ac9bce9d60519da826dbd0f4623cdb71df7d69f173ab41e3e9e87cb549d00d64c2bad671b94f278360c24546e0dce0097567fbff54a8b119bc2e8eab2cf9242d2a0adad7c0adb10dbc8ca87fd9610a96bb0129a2316d82b5361017e86feaccadb826f65a7d7daefa40b6345d885d9359be91a0055f6cdc44ad8b6d276803cc2222957401d279b4718abb99d0dec02195d1e21cfc6e0a4d6e5eff8d9c02b08bbf39d9220ef769329d6cd611849bd3a5f36b12ca92c721cc6cedb684825d0e13834ee566da407186aac012fa6460da400fbf41f5e9243d4b3c3a15e883df2f7799064764f0b1ed197a2b5483ce56b7c3a6c8b0916742df64384f081097f68a524c506d01cd8f4ae8e612128d9c77e5e22dacd0c26b147aace4d0b6ab85da6e8386b6cc891af36dc0bbc18969ab7ab89d2afbb3fbfc5657cf3eaee0b6c17ae61d5303151472522e2719c486433ecdfdb7340b6397fcabf946714e42fd7c006e4d86420f48b7d519f35863571f5fce1b17fd5ee8df868af471485919a706569db3a71ed54a87844f05646e1b87ec4e97703c73a342d697c4bb2a6a46e99eed925fe553513f83f289006c5086fe816ab34f036dd31eedd9833228e1554f055318d4bc8b0ff46c42f74af56b5fec8fecda9f7acf2e0a4c343ad8b70b8d0beb39488b0d18e732fba8fd092a0c2c2c82b4be74e7897c04cb2bc4fa9da35e6c55b5839754b7a73f1d3ae878281f198801ed8233d59df57dccae3b5f66daa6af5f9bf20dc7f670c97cafaedc86acdac82d941705148e611a96cc53370d85841765f574503eb09312e7aadf4f32fa1007657bc7077c2d06c7bc884b4c4e58f11402fd407053cfd9f1084e39a17d5d1f476fb8ebd02d03bbf0bc5326fded30d00c592fdb8fdab8256a88d5b277d20a9e6087e346a7390f0ac49f304568b182fcc6b4e562c4aa474e8b038448c277a702c6c30ff8290ae68d0360f1754e368c687f6e6c3760f73a642d9c6b887d82df25a2d762f662834e2b1553c92f3bf880d8875493b8fcb200432fdcb5e8ac6362956ddaab5ade6cff25e390f5f65b582989b83f43406dbeb0ab8b0c346e525763b4e308395b870277723a064ef75565dea39be510011582cb04cfbe4e34e61f79c51b0029ec01bd19ec59fdb9faeb069c856ea74d0bb00b6bf351cc73d5dd626209527e1db91b18ff41fa65b71f078e4b0aa7fdefde1357d92ed456f761215e60e68d9be8df6e1d3482350572eb1e7223f8a511de4c6286e98cc6e42a13d2cf76aa8b8711bd067b9ea411b0e094e126c2c15feb6df099ba4e137d26cd675f3d37d62b84b29c96d00ddf3b270cdaca10caa47ec7215d7e7b1a2f34d88af4dda19d9bb84d897424bfe009fab890dcc0d69c863c0975269d816898b299a2ce83aa1418b4c5fc13f560654329c7a1710306aa5c344b6d0b4021be2eb9d62a0652bbef180b12f28253db91df99649f668743bcb2ca36111e0802027bde8d0d99fcb0c5cb3388cfbf7bd4b0c55103e926ebf1ac85a05448b4f92aa44ce802fab314e732c9182355c1e3398770ce8d817e6370b0de6f07f1b51dd2c03e6f354e3f3726a7d31c958023a3b14d46fb729256d7fc050036298df6a7548dfe0ed4a45f71cb5cfc163938e350e0e804138347612168438e1070fb61fbc70eb19bcc902fd7db36ca36dba2756cc6b115d0056209b5b82e5bd928d532e056a9fee77960ae581730021427a3017a72370aeb97ff88d21e7199f4e829095edce55a92c06b08bedb650d0e1f401c5fac9c3d27f2ef1b800696dacd9a28c0be4cbee056ae1073e8ba19711f4443961626aeb19fbb5b684cef146e86674a53898e3fbf6bf4ed1cf966695f9a2d2c83a1562d17dfa7ac39927d894d1fc741cc617c27e0a216fc958a5e970a505baf2711e85087ededf9461b3e60eb086b73c380a3e5027cf2ebe3c5d73593d6985378c795450a44be2c93a505ca43b83c9695a66ec61d0549b7887651c1101050159fa3b140e7fbb8cf8f560e50bba36344f8eecce449d0976914c3836195fc3e2a168afb09091752eb97be12e5eec816a9c5cd35f5856cd7769368269eabe7b1f8335024e8ef045a648f207c1fd523f2741588640efdff05abd24858b90d1106a53f84fd81071b73554c3f71acc4e87c0fe9d6adc00953f56a3e48b7dcc26f7036cfa0bc2bea075388ea94a36e88483091b2112055e39a2ab03909da8adcac0feb7f0379983a77fcc1bde385ec95590f53ba0509eeefb172763fe3a6864e031bdb373cc6cf41a843880fac34aacb55bd56ef48d0071a6e07e45c01fa567c0dfafdc79f12737e671c696337729a0fc9e7b66b8aca112397425829446ac10dcc87ec027a67341720fe70937a22d7616469050eba580e28fae67be47698d778eef9252822663da2c75205dc858461d09dfde347e94b29783e559212ce55e60274484a5d771a8cf107ff3e5e9f6d36c4c575a89f97de22f7b3a8a9d64a7d78361e5cd5d506706822813676dd3a8bd6c97e1c78a0f693af1cd3ab933d17664bd3a08ae17ca087b3901ec5ff2ff66703b5eb34b327265abb03637801d101c4b582bffb421c34483b417b99a392478b747fc4d5094a4bf8c42afad30570894882eaa4a92ba366913716d2908df6367a8153d83bdc8973ebb725ffc8c760c9b5b5ba0f99536d15f791a6c5b970213b1658dce3584e8755ded1ef73542952d990d2243cf66b57b1b7e1e0cb438bea96dda7e0c50e444d8e9247d62e1d83fae2013d37bd139026e70adffc16e43c8722d783dfe452bca5dc1778baa5a345dbb3bb283878e176aadd2e556e366af937289899ae3f1addf0cc3d37824abf77b4a0508d5724eb055c50e8c61ea083380fe4ab391b995345b491eaba38b9fa4b3a60ac21d307a822f39c0f9cb67fbf4351400d5503fa4a40beb2a61d1067856967468512eb77e378034c1f39bf5dc7f7225d11a9d9752400ca7043362a57277bfbeaf08895866a049e37ccffdf9e502f34f2361d7b66b482f24126aa9b0c3cded6ae134ce0d41f0b7d45afc5ce7988b35c14384dfdfaa15b649d6beb2bc175f279fbb5f304dcdec751f0fe0949ec35020ce8b6363b2380b07061a097a35331736f812d1bbafc904581145de3f029b61d303f9cdc92f51402e8f6fe154df3fb303e81795381cad21a5bc85f85dfc70f168d5e4dcae2102f4cf174ee41ecb08e844d91f99666361b2d4857f0545870bb52f1d787c1f1c029e9cfa46f11c1052c77ae98cc241814ce8b782acf8d819acfc6d0cec27cbfc0eae00c4ec577db1c01d201a7360fc95c34a7c7d93f97251fa5d3f8c48d59e85120831fe16f06fd5807ae419fc557b8364b09074ae865c760cdf4b687b1ca06a1ff0afb21e6e9c37b318d46ab4e09be0658213389f4c6b9510b5cc53db1c92825873621c7f0a329368b59b520d9bb0de93cbd9facc8bd56c575083a056035b7d9e619134ab518f42cf1b59b557ba0ead44f24170198b77a33e137a9ea0270f3f6d929c97cdb73e3b8e126e6f5e546ec3c487118d08894eb07741c7b54da4", 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x6, 0x6, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRESHEX=0x0, @ANYBLOB="0d566b3dd008e4edd9650200000000000008", @ANYRES16=r2, @ANYRES16=r0], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x200000c4)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000)
write$auto(r2, 0x0, 0x6)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'veth1_to_hsr\x00'}) (async)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) (async)
bpf$auto(0x1, &(0x7f00000000c0)=@query={@target_fd=r0, 0xfffffff7, 0x2, 0x4, 0xc6d, @prog_cnt=0x800, 0x0, 0x5, 0x0, 0x0, 0x9}, 0xf) (async)
openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x2, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x204000000000df, 0xeb1, 0x401, 0x8000) (async)
socket(0x10, 0x2, 0x0) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) (async)
bpf$auto_BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300)=@link_detach={r1}, 0x9) (async)
io_uring_register$auto_IORING_REGISTER_FILE_ALLOC_RANGE(r4, 0x19, &(0x7f00000003c0)="5550a838e1cbac54301760c06f60b5723c38a7876781cf98e71d176ab319c7b3684413ec17db9255397c24477761bf09c0d3bcb9694957dd79ef34e2c3f8f59967ab881f747cf89560c49179d32d14aafbad2c870741a8219ea67d04276cc25512d2d3e4d4ed5a1e0d058c2de33a51b091bce17928e5919c7b5499b3576ef83241a01d39f6f9ac80dbdb6e4cb0a5787340a7bd7d867e909fea96fb8f2aa36aa09b905950591d4f65bdc0f24e55fe31d95d58e544a95a684b2fb790098a9dcae2ebbfbde67d131cc8515644ea1e582151e4d2b41cd5ed75dcef3ea18721bec759d7cdb22d799dcc57143dbae2aead92f1629697f893cea1ed5cd06be509af823cc40b4525e2fbd9479e3c8ca9564cc546b8c011c344aeb5d62ac51696322c22705ba9781012f3ba19976acc2217ec8fbd03082d3389fee34fe9f5d1c1d76f80df9112ef50292fccaf2e4ef72530203b800ab12941683ee786206e8dad472935fec26ebdfe11d0ca37a01aa791fb7f0974c6a30566b42a7458e037293e664220b1f16b4d9bab35c75f27f3f77614a075667ad1b73e62cbf3942fe03256e4f7df243b8361a405396699b00497bdc57b42097f6de0b4e2af8a015055ac67ce4eb836afc3e7fc90b7290d928c18268fc3b27a31cb1c146dbf85e77e3be2367773dc3003d01323767febaaef40cc4e3d92ae415cc8300e6f271e467da68b88014082bf3085a489f90017ca3de2c42ad83230a02eb2145d99073e9f362576a65f6c93604f57fe47654e180af3bc796c3bf2d23af2f49ca1e2f6274a0d5859a0f7b770f6e9e80adaf983bfb0fd5b57c00c0e2ed67bc72e06a36ea405e89181aa3af66390d1b2ea0a0d1493189e812efd0efc9b723769f5247fe168b154b7845aaac33271b9da901c414780aed4057fa09f264ce085ad25b7e50312414f5cd6ba6f0939dd1102f12cba5b615358c1590584f9a2dbd1680b68e5ad5a04402d09bf2a87d055db5251b5a23cce9707dd8390a11ffe49f3913d0fe12254a5622c3f709588f5f41b4f05130d1a3f60c3ed8792dcefe61dd7c14e99a1071fd641ebcff6f2a7324ad1b6198a2cbf8ddc066ff5e1863219df1815ca4ee4624c4782cdeb4fc8a3151c5feb999170b5cf8ff57b1095fe80be77320373d335db2a084895449a2b034baa07a521163eaf4e3b87c83a084d89a9d38c81e19ea99b711b806941606f8f4bf2e1c1ec10017db64241753bd7f7003c1c51e2752eb9c2ebbdddb4176029306df61caf7a081839fa001c21da9b473a803579e70e191a25976aa3a6c7560f2006def275fd4ee6b2b2418f468107daaa8a438f3b44596ba2e281c1e66ea12eb9f8654a8e671c39b0e5fa1ee8be053e33fc97f8e0b906df1695aecf301be9d3c1d1f0b5412de944a9827b9859a254100aee6fc6d38d67de00ae6f40f5436c8abc1322a1396553d207a0d0dad9a8957134b1b1b7b26bfb3ab6c0dd31b3d6c32f3f69c9a3ff115b060e70ded39af47b127b1d46e77bff0651f59d4ecad8b28708dbb1c1484626ea532085194814e3812cd944a87338b4913e5df5cce213503c48cf49d959310bda9ec165aefe45941993a02f79a5f51e8618401cec68b81b9a448a608c734f2adb7dd1ccdf7956215353fb6a5feab8505dfe4084085875c2d153b8306a1d83c1079cdad694c6fb66d4653ef681a5207ba1bc8bb79bd310f1bcfd3e3a5bf67945526dfeba8002f0e37d9dca2c2fcf3fb3e6fda2623ab2a34369c870a4b57288fdfb4d5fc46ab34ed0ba101fa1579ddaf812ec57ebd2d86f14115d4ae80072b8ff48c24054063099fbc7662c97e58baca24b012d0be0fde498d21c428a8c0409670d38084ec7bbb54478e22e895c5ae10ff37e5bb3d20a130a8903086f3996ed8f0c209156603b526a8e77eef9888296dfc8f172f7c704180ad5295e24165e8cc3e050cb39fc3cd7f4d76f62af61ef2380f03ceb08e77be9945cbca8bc8f643e878f3ce7d01168794d1a1b0202928fe7235fb6a8d91574bef14d569ea572050cce8f0c4d7b0bd0937e105bfc8cbdecfe216aa30df557fe075cd663b030d74292317d1e72cef9100ee8e8bc3a5a8b3e6ca8ff1559bb97351a510cad0bc148de4948cc20f8a27e5c8c3f8ba449a51e9c80a11720e4ca68107ba5e0db16fd94cc9b28dfc49f997a185a76eebbe78e773bb7116aeba4c215ed9f3a2a815e92e274f2c9dbfbe7272ac9bce9d60519da826dbd0f4623cdb71df7d69f173ab41e3e9e87cb549d00d64c2bad671b94f278360c24546e0dce0097567fbff54a8b119bc2e8eab2cf9242d2a0adad7c0adb10dbc8ca87fd9610a96bb0129a2316d82b5361017e86feaccadb826f65a7d7daefa40b6345d885d9359be91a0055f6cdc44ad8b6d276803cc2222957401d279b4718abb99d0dec02195d1e21cfc6e0a4d6e5eff8d9c02b08bbf39d9220ef769329d6cd611849bd3a5f36b12ca92c721cc6cedb684825d0e13834ee566da407186aac012fa6460da400fbf41f5e9243d4b3c3a15e883df2f7799064764f0b1ed197a2b5483ce56b7c3a6c8b0916742df64384f081097f68a524c506d01cd8f4ae8e612128d9c77e5e22dacd0c26b147aace4d0b6ab85da6e8386b6cc891af36dc0bbc18969ab7ab89d2afbb3fbfc5657cf3eaee0b6c17ae61d5303151472522e2719c486433ecdfdb7340b6397fcabf946714e42fd7c006e4d86420f48b7d519f35863571f5fce1b17fd5ee8df868af471485919a706569db3a71ed54a87844f05646e1b87ec4e97703c73a342d697c4bb2a6a46e99eed925fe553513f83f289006c5086fe816ab34f036dd31eedd9833228e1554f055318d4bc8b0ff46c42f74af56b5fec8fecda9f7acf2e0a4c343ad8b70b8d0beb39488b0d18e732fba8fd092a0c2c2c82b4be74e7897c04cb2bc4fa9da35e6c55b5839754b7a73f1d3ae878281f198801ed8233d59df57dccae3b5f66daa6af5f9bf20dc7f670c97cafaedc86acdac82d941705148e611a96cc53370d85841765f574503eb09312e7aadf4f32fa1007657bc7077c2d06c7bc884b4c4e58f11402fd407053cfd9f1084e39a17d5d1f476fb8ebd02d03bbf0bc5326fded30d00c592fdb8fdab8256a88d5b277d20a9e6087e346a7390f0ac49f304568b182fcc6b4e562c4aa474e8b038448c277a702c6c30ff8290ae68d0360f1754e368c687f6e6c3760f73a642d9c6b887d82df25a2d762f662834e2b1553c92f3bf880d8875493b8fcb200432fdcb5e8ac6362956ddaab5ade6cff25e390f5f65b582989b83f43406dbeb0ab8b0c346e525763b4e308395b870277723a064ef75565dea39be510011582cb04cfbe4e34e61f79c51b0029ec01bd19ec59fdb9faeb069c856ea74d0bb00b6bf351cc73d5dd626209527e1db91b18ff41fa65b71f078e4b0aa7fdefde1357d92ed456f761215e60e68d9be8df6e1d3482350572eb1e7223f8a511de4c6286e98cc6e42a13d2cf76aa8b8711bd067b9ea411b0e094e126c2c15feb6df099ba4e137d26cd675f3d37d62b84b29c96d00ddf3b270cdaca10caa47ec7215d7e7b1a2f34d88af4dda19d9bb84d897424bfe009fab890dcc0d69c863c0975269d816898b299a2ce83aa1418b4c5fc13f560654329c7a1710306aa5c344b6d0b4021be2eb9d62a0652bbef180b12f28253db91df99649f668743bcb2ca36111e0802027bde8d0d99fcb0c5cb3388cfbf7bd4b0c55103e926ebf1ac85a05448b4f92aa44ce802fab314e732c9182355c1e3398770ce8d817e6370b0de6f07f1b51dd2c03e6f354e3f3726a7d31c958023a3b14d46fb729256d7fc050036298df6a7548dfe0ed4a45f71cb5cfc163938e350e0e804138347612168438e1070fb61fbc70eb19bcc902fd7db36ca36dba2756cc6b115d0056209b5b82e5bd928d532e056a9fee77960ae581730021427a3017a72370aeb97ff88d21e7199f4e829095edce55a92c06b08bedb650d0e1f401c5fac9c3d27f2ef1b800696dacd9a28c0be4cbee056ae1073e8ba19711f4443961626aeb19fbb5b684cef146e86674a53898e3fbf6bf4ed1cf966695f9a2d2c83a1562d17dfa7ac39927d894d1fc741cc617c27e0a216fc958a5e970a505baf2711e85087ededf9461b3e60eb086b73c380a3e5027cf2ebe3c5d73593d6985378c795450a44be2c93a505ca43b83c9695a66ec61d0549b7887651c1101050159fa3b140e7fbb8cf8f560e50bba36344f8eecce449d0976914c3836195fc3e2a168afb09091752eb97be12e5eec816a9c5cd35f5856cd7769368269eabe7b1f8335024e8ef045a648f207c1fd523f2741588640efdff05abd24858b90d1106a53f84fd81071b73554c3f71acc4e87c0fe9d6adc00953f56a3e48b7dcc26f7036cfa0bc2bea075388ea94a36e88483091b2112055e39a2ab03909da8adcac0feb7f0379983a77fcc1bde385ec95590f53ba0509eeefb172763fe3a6864e031bdb373cc6cf41a843880fac34aacb55bd56ef48d0071a6e07e45c01fa567c0dfafdc79f12737e671c696337729a0fc9e7b66b8aca112397425829446ac10dcc87ec027a67341720fe70937a22d7616469050eba580e28fae67be47698d778eef9252822663da2c75205dc858461d09dfde347e94b29783e559212ce55e60274484a5d771a8cf107ff3e5e9f6d36c4c575a89f97de22f7b3a8a9d64a7d78361e5cd5d506706822813676dd3a8bd6c97e1c78a0f693af1cd3ab933d17664bd3a08ae17ca087b3901ec5ff2ff66703b5eb34b327265abb03637801d101c4b582bffb421c34483b417b99a392478b747fc4d5094a4bf8c42afad30570894882eaa4a92ba366913716d2908df6367a8153d83bdc8973ebb725ffc8c760c9b5b5ba0f99536d15f791a6c5b970213b1658dce3584e8755ded1ef73542952d990d2243cf66b57b1b7e1e0cb438bea96dda7e0c50e444d8e9247d62e1d83fae2013d37bd139026e70adffc16e43c8722d783dfe452bca5dc1778baa5a345dbb3bb283878e176aadd2e556e366af937289899ae3f1addf0cc3d37824abf77b4a0508d5724eb055c50e8c61ea083380fe4ab391b995345b491eaba38b9fa4b3a60ac21d307a822f39c0f9cb67fbf4351400d5503fa4a40beb2a61d1067856967468512eb77e378034c1f39bf5dc7f7225d11a9d9752400ca7043362a57277bfbeaf08895866a049e37ccffdf9e502f34f2361d7b66b482f24126aa9b0c3cded6ae134ce0d41f0b7d45afc5ce7988b35c14384dfdfaa15b649d6beb2bc175f279fbb5f304dcdec751f0fe0949ec35020ce8b6363b2380b07061a097a35331736f812d1bbafc904581145de3f029b61d303f9cdc92f51402e8f6fe154df3fb303e81795381cad21a5bc85f85dfc70f168d5e4dcae2102f4cf174ee41ecb08e844d91f99666361b2d4857f0545870bb52f1d787c1f1c029e9cfa46f11c1052c77ae98cc241814ce8b782acf8d819acfc6d0cec27cbfc0eae00c4ec577db1c01d201a7360fc95c34a7c7d93f97251fa5d3f8c48d59e85120831fe16f06fd5807ae419fc557b8364b09074ae865c760cdf4b687b1ca06a1ff0afb21e6e9c37b318d46ab4e09be0658213389f4c6b9510b5cc53db1c92825873621c7f0a329368b59b520d9bb0de93cbd9facc8bd56c575083a056035b7d9e619134ab518f42cf1b59b557ba0ead44f24170198b77a33e137a9ea0270f3f6d929c97cdb73e3b8e126e6f5e546ec3c487118d08894eb07741c7b54da4", 0x0) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
recvmmsg$auto(r3, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x6, 0x6, 0x0) (async)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRESHEX=0x0, @ANYBLOB="0d566b3dd008e4edd9650200000000000008", @ANYRES16=r2, @ANYRES16=r0], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x200000c4) (async)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) (async)
write$auto(r2, 0x0, 0x6) (async)

2m56.187459132s ago: executing program 3 (id=2211):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x1, 0x20009, 0x8, 0xeb1, 0x7f, 0x8000)
rseq$auto(0x0, 0xfffffff5, 0x0, 0x5)
mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (fail_nth: 15)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card1/pcm1p/sub2/info\x00', 0xc0000, 0x0)
readv$auto(0x3, &(0x7f0000000600)={0x0, 0x4}, 0x1da)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
close_range$auto(r1, 0xffffffffffffffff, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x40401, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0x8, 0x38)
r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x60040, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x40, 0x0)
mmap$auto(0x0, 0x20009, 0x2006e, 0x18, 0x401, 0x8000)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0)
sendmsg$auto_CTRL_CMD_GETFAMILY(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=r3], 0x48}, 0x1, 0x0, 0x0, 0x4050}, 0x41)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x21, 0x2, 0x0)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)

2m55.194194169s ago: executing program 3 (id=2218):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
socket(0x1d, 0x2, 0x6)
r0 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000003a00)={0x34, 0x0, 0x201, 0x70bd2c, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1c, 0x1, 0x0, 0x1, [@nested={0x15, 0x139, 0x0, 0x1, [@nested={0x4, 0xeb}, @typed={0x8, 0x2d, 0x0, 0x0, @fd}, @generic="5ecb8698ec"]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x4000048)
socket(0xa, 0x3, 0x87)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0xe985, 0xdb, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x4)
r2 = socket(0x1d, 0x2, 0x7)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(r2, &(0x7f0000000000)=@can={0x1d, <r5=>r4}, 0x6a)
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18)
write$auto(0x3, 0x0, 0xffd8)

2m53.82706379s ago: executing program 3 (id=2221):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0]}, 0x1fe, 0x200c)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x20800, 0x0)
read$auto(r1, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

2m53.504865017s ago: executing program 3 (id=2226):
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000080)=<r0=>0xffffffffffffffff)
fsconfig$auto_HIDEPID_OFF(r0, 0xfffffffe, &(0x7f00000000c0)='ovs_flow\x00', &(0x7f0000000100)="a911b533", 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
write$auto(r1, &(0x7f00000001c0)='\x999\xdb\x17fF5%\x00', 0x800000004)

2m38.423291886s ago: executing program 32 (id=2226):
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000080)=<r0=>0xffffffffffffffff)
fsconfig$auto_HIDEPID_OFF(r0, 0xfffffffe, &(0x7f00000000c0)='ovs_flow\x00', &(0x7f0000000100)="a911b533", 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
write$auto(r1, &(0x7f00000001c0)='\x999\xdb\x17fF5%\x00', 0x800000004)

11.895858481s ago: executing program 4 (id=2918):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x6e642, 0x0)
mmap$auto(0x0, 0x20009, 0x1, 0xeb1, 0x405, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x39, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0xd, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x6, 0x7ff, 0x80, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x40068, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6]}, 0x1fe, 0xd)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/system/cpu/vulnerabilities/l1tf\x00', 0x0, 0x0)
read$auto(r2, &(0x7f0000000200)='\x00', 0xb)
r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x8002, 0x0)
openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0x6)
r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x50, r5, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x7}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x40}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x4}, @NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x2000000}]}, 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0)
sendmsg$auto_TIPC_NL_PEER_REMOVE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48840}, 0x8083)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}})
pwrite64$auto(0xc8, &(0x7f0000000200)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\x00^\x0fo\x97\xfc\x89\v\xea\xc2\x95\xafQ;C>\x15L\x90\xad\xa4\x1648W\t\x00\x00\x001\x00\x00\x00@X\xb9_\xdd\xa6\xa2E\xd8?\'\x8dg\x81h*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&%`_[\xde\x7f\xde8\xf7\xc1\x94\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\xee\xa9\x0eX\x01\xa3g\xba\x9cc\x90\xe3\xae\xa9\xde\x00\x00\x00B\xb4\xf2&\x00\xe2\xead\xd0\"\x16\x84v\n\xcdN\xb6\xa4\xe0\xb7e\x97 ?\xb5\xa1E=t\x96\xbd\xfd\xc5\xebn\xb7\n\xc2\xbc\xa2\xa8\x04#\x84\xa7R|\xed\x8f\x03\x01\x10wLT\vay\x12\xb63\x9e\a\x8e\xbd\x18y<\xb3\v\x14\x82\x97&\xfcm\x86\x10o\xdc\xf3x\xfd\x06\x87t\xb9$\x94,f\x9b0\xcd\xd3\r\xb1e\'\x19\xc1\xe7>*\xad\xa5+\xa8\x1c\x88\xa1\x0e[\x99\xb6LKZ\x9e\r\xd0r\xe2Ct\xc1\x99\x1b/\xc5P.aUdq\x97\x94\xb9\xa8qU\xae*g\x86\xc9\xa4\xe7\n\vh-v\"o.\xbf6\x13\tFK\x8e\xc6&&\x13\x81\x00\x8c7PS\x9c\xa3\xfb\x1d\xa9\x98\xd47\n\xa7\xd1\x10\xb3i\xd2\xa8\x18f\xb3K\x9b\x9b\x8c\xe8\x84\xa3,5-\xd6\xae\xbd\x1d\xf2o\x99\x02\x1azw9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\bl\x042\x935\x9e\xeeH\x87\xda\x10\x8f^1\x89L`\xf4[\x06\xf6\xc7\xd0#\xdb\xb1\\\xc3\xb1\xb8\xe8\xde2\xbb\xf8I\x9c\x17KI\x8c\f\x1d\xaa\xa0\xdb\xc7\x9e\x81\x90CTe\xfa\x8dq&\x17\x908\xc9T\xffm\x930\x1d\x91\xf8|t\xfd\x18\xd5\xb0\xcbH\xa7\xb6T\n\x11%\xba\x16o\r\xf6\x90k\xfb\a\xa1\x15\x0e\xe1\xce0Q\xd0\x00\xc1\x1a\x1f\xaa8\xfbo)rtYK\"c\xe2c\xbeM\x9bT\x05\xf3\xccC\x8c\x00\xdf\x8c\x1b+\xca\x80', 0x84, 0xe83)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x35}, 0x5, 0x0, 0x5, 0xe}, 0x5}, 0x2, 0x100)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
preadv2$auto(r6, &(0x7f0000000080)={0x0, 0x80000000}, 0x8001, 0xffffffffffffffff, 0x4, 0x2e)
r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x8, 0x5, 0x8)
keyctl$auto(0x11, 0xdfffffffffffffff, 0x69c9, 0x0, 0xbcd)
sendmsg$auto_TIPC_NL_LINK_GET(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000001480)=ANY=[@ANYBLOB="18050000", @ANYRES16=r7, @ANYBLOB="010326bd7000fedbdf25080000000800048004000180140207800c0005800800ef00", @ANYRES32=r6, @ANYBLOB="d11e00dcbf6b2241dc3b2adc63f47e194ba152f841832b0c682eddd5297ea85302644c1843635db58f5c3e36f989e4cb2b407490451bfba548776f685e7d00"/75, @ANYRES32=0xee00, @ANYBLOB="0800e800", @ANYRES32=0x0, @ANYBLOB="2929651e46ab1712b48d8f14af59ec70cb1125483d7c8dc690f59f1d07701880078480277d1481bb9c62f8488c28a6700d7ccb25feaa3e8c5b6ec41d690b2214991bc078a50236d564fb85bbe92984f373ae69bc0efc5deaaf924c4aeed13d9ddbb32cb3343ad063dd292ab06f66e3c04846f9089b16ad3f4b4c42b5ffed260b977424842832a5f2b11bda64388118ab98d0055641ee98be03e853d2cf15c3d5c905a228c8946a8f9af2d022e88a9feb2fa72e30d3008ed05de83a9ffc9ad3802f6603d808002600ffffffff27014480040069804500a400b3830f642c5f01ab42f3439964e5feef5cc5a0b0bd608e27a5ec1e1c10ce35c8069f590b30d2dec5244c12daa1ef054a1dea8a739064bfc253ffc04a8d1a5163bf0000000800de00", @ANYRES32=0x0, @ANYBLOB="0400d78008e0c3aafa2e0870d024b52d991727e187a0c073b4b99d00ca76ddecc7860ea6b23f5ae6d041c203d0b732d0f9a553de7053430c12de96252833ed2a74e0d940e7a71099781fb1a7898a888c985fbebae0b038fe396ed6139c6bb52907eb7d2151f8d0b70840c0e10afce4b3f332a1187e84147efc7549205b1aa36688727ccea0cd3d55a0070d6457d5769a50ab744e320d3d3e57e5c548e86ab11a9f585c99990e4e444f3faa070a5579231106247b766dc7504a8ec447d6f85bb314398e14dfd72c080010000900000000e60208807a00a1802f8d5034e18ad0d1cd5584d35db22380e96e2604627290086199dda374ea94a40ba487f582fc0e9408691b08abd396cfcff4b9f585ebfff1abe2874ed55d78707913c22b8294629b68dfda43ef2cbfdeb390bba938a0295f2481aaed91c2d85c6ebd8d520904f1560df459c066aab024a136cbe3ab000000c59d5b1cb90657868979e862a011c5374beb7c72f71bf5ea4e99d853c67beb4824af0df622644df18857dc41cfaf3c952bd6056aae94afee2fa710be874bc821ebc1a7eed30f6123a9af9dd0cb584cd08f0e5724b89b41038499b62880a61bc119472b3423f2186c6e80cb4604a4d21d6f706d56fa6abacf1a593dd7b08a6bf2f701df98ee56b81247d5bf938de2534932fba2c6422c569cce0bd2f09dcb8a945ea92d440cba07ed56b8109cfcc520121d53977d7d452bcede2ba82d8eff9b026a8391a9abd41f9acf71bb09e1efaef867bee7a407caaf702c671e3299a03e27fd8e1b3991a9bcc071145ab8b9fb28c7de911811e4b4010722623137cf65513b4df2c533a02f525219a7d1ad7076b165e12a60b896e170492a25a3e17c6a1ce421c6d68b482e5aacb6e9eca31f364e24edcf634cf40122d0fcf27738c71db76e642868745f272de17e949be733d614c9936bf56059f31400c300ff020000000000000000000000000001b000ac006531513049b92cfaed0954eb016b9dde9ca6d15c396f057e9f55f4ca26b74c4cf3239a1a4c09ef4c124525ada9f65023dedc5e1aa1b978935ca70d85f08426b3bc6664c6f23b1d824d5f7ea582c4d16089153fcd7aeea9743be9a0f9ceeeed60887166663e132ffd2310df34ea7aa4785c976aee5fd90edbc221914f2b52fab72a7ef76ca8375b872a8a57017854884f6f788a3ffadba9d70a757509bb688fca4a31abf99d27dee6e2831e904b0043009cc70d58b1229cf872d5a312a038f487f0c7618c24ff3e95eda8c2560ca9eabda2c46426914d9253a8e8f87e9e"], 0x518}, 0x1, 0x0, 0x0, 0x24000055}, 0x4)
sendmsg$auto_ETHTOOL_MSG_PHY_GET(0xffffffffffffffff, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000001140)=ANY=[@ANYRESOCT=r1, @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="72821ac28c5f0389c7fb0e8bb6d6f4312c75359908ab7e6299d450c01994a6274fb693afb2b6982cbf9030d4b3ed77bdadf3", @ANYRESOCT=r3, @ANYRES64=0x0, @ANYRESDEC=r0, @ANYRES64=r1], 0x20}}, 0x80)
r9 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r9, &(0x7f0000001040)={{0x0, 0x4e, &(0x7f0000000100)={0x0, 0xfc1}, 0x12, 0x0, 0x3ff, 0x704}, 0x800}, 0x2000029, 0x0)
r10 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
read$auto_rng_chrdev_ops_core(r10, &(0x7f0000000040)=""/4096, 0xfffffe82)

10.550557223s ago: executing program 4 (id=2926):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/lru_gen/min_ttl_ms\x00', 0x2ab42, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), r0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
pipe$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_setup$auto(0x100, 0x0)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0)

10.4415919s ago: executing program 0 (id=2927):
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x490000, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.6/usb22/22-0:1.0/ep_81/bmAttributes\x00', 0x1adb43, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/anycast6\x00', 0x121000, 0x0)
mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x15, 0x5, 0x0)
get_robust_list$auto(0x1, 0x0, 0x0)
r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x301002, 0x0)
ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSFLAGS(r2, 0x40047459, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_ADD_RXSC(r3, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)={0x20, r4, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyce\x00', 0x12ad41, 0x0)
r6 = socketpair$auto(0x57, 0x4, 0x0, 0x0)
ioctl$auto(r5, 0x541c, r6)
ioctl$auto_BTRFS_IOC_BALANCE_PROGRESS(r6, 0x84009422, &(0x7f0000000280)={0x7, 0x9, {0x7fffffffffffffff, @btrfs_balance_args_1_1={0x9, 0x10000}, 0x3, 0x0, 0x9, 0x7f, 0x9, 0x4, 0x9, @limit=0x6, 0x1, 0x81}, {0x6, @usage, 0x4, 0x3, 0x9, 0x20, 0x9, 0xabd4, 0x0, @btrfs_balance_args_9_1={0x9, 0x9}, 0x4, 0x7}, {0x1f62, @usage=0xfffffffffffffffe, 0x2, 0x80b, 0x4, 0xda720000000, 0x100000000, 0x3, 0xe0, @limit=0x3ff, 0x7, 0x3}, {0x3ff, 0x401, 0x6}})
rename$auto(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000000)='./file0/file0\x00')
sendfile$auto(r0, r0, 0x0, 0x4f64a1d2)

9.258186847s ago: executing program 0 (id=2933):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x7, 0x9, 0x80000006, 0x7, 0x8, 0x5, 0x5, 0x9, 0x2, 0x8, 0x1, 0xf, 0xffffffffffffffff, 0x9, 0x1, 0x5, 0x40010, 0x0, 0x0, 0x0, 0xef57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000000000000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff]}, 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket(0x2, 0xa, 0x1)
r2 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r1, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57699, 0x9b72, 0x2, 0x8000000000008000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
r5 = socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f00000001c0)=0x5)
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r5, 0xffffffff, &(0x7f0000000200)='/\x7f+\x00', &(0x7f00000002c0)="02ca0b6ff846abb95a1163a89c541397446d0b4cd8dd09b62afe76f57b188ab65f174fab9f86fdc44992832baa294bada1aef98da2eb13ac7b34003db767c5977894383aab82a8ae0351020f0aa7d0b6ce290d3585612b63c511ebb0560a68a6611c957fb23f94c2f3bacb8d3471856ad0b80e06b29ed7780a45c99b61025e2b05016b1f4b41f19cac3799eb39544eda22ffd714cfc02b57a798700d3f5950dc9e655afe9168c020962df820a815971b342ba7b3a510ae03da8b6cfef2986a7a833ed0f8c5ee194e2ca74f6b93675dac52874029403c4fa0d00e14cbd54abfa79f08f3e61e8d27e0bd913240", 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/0000:00:03.0/consistent_dma_mask_bits\x00', 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi19\x00', 0x490000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)=""/40, 0x28)
sendfile$auto(r4, r4, 0x0, 0x3)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/index\x00', 0x0, 0x0)
read$auto(r7, 0x0, 0x20)
write$auto(0x3, 0x0, 0xfdef)
io_uring_setup$auto(0x18, &(0x7f0000000380)={0x2, 0x1, 0x8, 0x5, 0x1ff, 0x4, r0, [0x1, 0x7, 0x9], {0x8, 0x2, 0x0, 0x24f4c3d6, 0x8, 0x0, 0x39d1, 0x5, 0x3ff}, {0x400, 0x1, 0x35b, 0xe, 0xe195, 0x3ff, 0x1, 0x1000}})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)

8.824812629s ago: executing program 4 (id=2935):
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r0, 0x29, 0x19, &(0x7f0000000040)='!\x00', 0x1ff)
write$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffffff, 0x0, 0x0)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
socket(0x10, 0x4, 0xffffffc0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd)
ioctl$auto_EVIOCGRAB(r2, 0x40044590, &(0x7f0000000000)=0x2)
write$auto(r2, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)
mmap$auto(0x800000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x4, 0x15)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r3)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r4, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0xc, 0x2, 'nl80211\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810)

7.060795106s ago: executing program 1 (id=2944):
r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socket(0x10, 0x2, 0x0)
prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff)
setresuid$auto(0x8, 0x8, 0x0)
openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/saved_tgids\x00', 0x0, 0x0)
close_range$auto(0x0, 0x5, 0x0)
inotify_init1$auto(0x3000000000000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/peer_notif_delay\x00', 0x0, 0x0)
read$auto(r3, 0x0, 0x20)
statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0x0, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x89, 0x800000000000000, 0x0, 0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x7, 0x7)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
pipe$auto(0x0)
r4 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
kexec_load$auto(0x5, 0x4, 0x0, 0x2)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prctl$auto(0x18, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x28, r0, 0x1, 0x70bd29, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x16, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800)

5.815127995s ago: executing program 1 (id=2946):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x8, 0x400008, 0xdf, 0xfffffffffffffffc, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket(0x848000000015, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x6b)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55)
sendmsg$auto_NL80211_CMD_GET_MPATH(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x24184810)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0))
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0)
read$auto(r2, 0x0, 0x1000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x100082)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
getpgrp(0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0)
write$auto(0x3, 0x0, 0xfdef)

5.058453332s ago: executing program 4 (id=2947):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x8, 0x400008, 0xdf, 0xfffffffffffffffc, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x6b)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55)
sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x24184810)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0))
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0)
read$auto(r1, 0x0, 0x1000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto(0x3, 0x0, 0x100082)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)
getpgrp(0xffffffffffffffff)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0)
write$auto(0x3, 0x0, 0xfdef)

4.752065607s ago: executing program 1 (id=2948):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/lru_gen/min_ttl_ms\x00', 0x2ab42, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x73)
sendto$auto(r1, 0x0, 0xfdef, 0xfe80, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'})
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), r0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
pipe$auto(0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = io_uring_setup$auto(0x100, 0x0)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x2, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0)
r4 = dup$auto(r3)
ioctl$auto_BINDER_THREAD_EXIT(r4, 0x40046208, 0x0)
r5 = ioctl$auto_TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000080)=0x1)
ioctl$auto_BTRFS_IOC_SEND(r4, 0x40489426, &(0x7f0000000180)={@inferred=r5, 0x10, &(0x7f00000000c0)=0x8, 0x2, 0x4e8, 0x75e, "cb5304aa279b7d5117fab093b9430b95d6d88c111f9e546c3c20f56b"})
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x181440, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r7)
ioctl$auto_KVM_CREATE_VM(r6, 0x4048aecb, 0x0)

4.263772539s ago: executing program 0 (id=2949):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x100000000000039, 0x0)
r0 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r0, 0x1, &(0x7f0000000000)='4\x93\x03\x00\x04\x00\x00', &(0x7f00000001c0), 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x14b942, 0x0)
pread64$auto(r2, 0x0, 0x10000000d, 0x5)
read$auto(r2, 0x0, 0xdd)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dmmidi2\x00', 0xc0000, 0x0)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1)
r4 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
shutdown$auto(r4, 0x40)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/debug_objects/stats\x00', 0x8000, 0x0)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d00000010001a80080001008703000004000480"], 0x54}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800)

4.158838694s ago: executing program 1 (id=2950):
r0 = inotify_init1$auto(0x3000000000000)
inotify_add_watch$auto(r0, 0x0, 0x1000e6e)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video54\x00', 0x42942, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x7111}, 0x8)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
fcntl$auto_F_SETFD(r2, 0x2, 0x200)
select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54e, 0x10000000000005, 0x1, 0x8fd6, 0x948b, 0x5, 0x3392, 0x4, 0x3, 0x3, 0xffffffff, 0x9, 0x3, 0x4, 0x4, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r5=>0x0})
setresgid$auto(0x0, 0xffffffffffffffff, 0x0)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
ioctl$auto(r6, 0x5428, 0xffffffffffffffff)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r5, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r5, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40040)
futimesat$auto(r3, &(0x7f0000000400)='./file0\x00', 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmsg$auto_NET_SHAPER_CMD_GET2(r7, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x600}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, 0x0, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r5}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r5}]}, 0x24}, 0x1, 0x0, 0x0, 0x200440c0}, 0x20000)

4.059455541s ago: executing program 2 (id=2951):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x28, 0x0, 0x2, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x21}, @NL80211_ATTR_FTM_RESPONDER={0xc, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0x8, 0x2, "141dbb9d"}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000040}, 0x4040000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0a000500c862a41184f600000a00010000000000000000000a00010070b28a70c5dc0000080004000300000006000700ff000000080004"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x10000)

4.002096535s ago: executing program 2 (id=2952):
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000040)=0x5)
read$auto(0xffffffffffffffff, 0x0, 0x800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
clone$auto(0x2, 0x81, 0x0, 0x0, 0x3)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x9}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x0, 0x2000000b752, 0x9}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})

3.69225889s ago: executing program 2 (id=2953):
mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
msgctl$auto_IPC_INFO(0xa6, 0x3, &(0x7f0000000100)={{0x7, 0x0, 0x0, 0x0, 0x3f7a8df9, 0x9, 0x8}, 0x0, 0x0, 0x3e, 0x7f, 0x7, 0x100000000, 0xffffffffffffffff, 0x2cc, 0x2, 0x0, @raw=0x80, @raw=0x80000001})
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
writev$auto(0x3, 0x0, 0x8009)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)

2.490746252s ago: executing program 0 (id=2954):
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x20008000)
r0 = io_uring_setup$auto(0x20, 0x0)
pwrite64$auto(r0, &(0x7f0000000000)='%/b:\a\x10)!&/#@}&**{]\'*\x00', 0x4, 0x1000)
io_uring_register$auto_IORING_REGISTER_IOWQ_AFF(r0, 0x11, &(0x7f0000000300), 0x1)

2.168427725s ago: executing program 2 (id=2955):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = io_uring_setup$auto(0x100, 0x0)
socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0)
close_range$auto(r0, 0x8000, 0x1000)
socket(0x2, 0x1, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x28201, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x7, 0x0)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
write$auto(0x3, 0x0, 0xffd8)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
recvmsg$auto(0x4, 0x0, 0x233f)
r4 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0)
getdents64$auto(r4, 0x0, 0x400)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
r6 = openat$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x81, 0x0)
ioctl$auto(0x3, 0x40a0ae49, r6)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(r3, 0x80045700, &(0x7f0000000040)=0x7)

2.084821476s ago: executing program 0 (id=2956):
ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f0000000000)={0x5, <r0=>0x0, 0xd08b, 0x3})
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7)
shmget$auto(0x8, 0x10565, 0x7ff)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/ext4/sda1/mb_groups\x00', 0x109180, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001980)=ANY=[@ANYBLOB="000428bd7000fddbdf2572000000d5074801df1af0ebe5aff861f90fef1cd29caf556101167b1ccb2741bde9cc96d71b7295da0b178f3145eaa4a00a4fa9fcb281c65c30c1430b48e6f91275f00ee96d06f7e6bd05c1af7b9c0ee013ca8dc3e82a4f7efb413a0b9cd35763b92ded7ee1b9336e0bc7d12d0f26083a168c6a2ee064b2d0f1ae837a4f045fc61d947670f450a56dcff9232275db4c9bdfa9497da2c52e0bf4761f0c22b4a637f951ae926928aa18a8b30cc0c74aecb71862892bac4bf26d65323f9a420a2b0a08b7ae78d2b6c8ab635ddc019192eecf0609683042ca1b7f925fb94234d9a499ac22ca7fb11491478430dfcd6d86fff6598161d76b7688b3af1608daa3de12cffc0dfbfc732073ffd2d967b6a291a471822d0b8c681a370cbb192ac9c7e8f7b2b4119a6549a60dfb08b96f50b9b4143460618f0747ce7330fd6cdc4f79bd47e9420972292f97e72501e07fbf574ddb144caf67a5105d344c669dfa56ee1fd9d0b3c98c72eb8c6c942f9aab5830f2c719947168f101b599369e682da9ba5d3c6019ed6c6c6c376e41e3357455077aa8c321e40f034c6f81eb69767672c53adbfe236c5a49a15ddea8a657a818a8e8ea921fdc11d6034e40ab2afc5e2919de79af646f82d79ca078372f3f1328b25e0718e7f64be83d58a4cbe12ffe3505307434554c96d7095051a6704101a23fb2baf5b81401da72b5213552a7cb54ee801d26f6efb25c3d20c03768e9ffb6b50546735f5d1b553f73d5f8c36a5aa5ab5a5d4e08b910e6f29a52e77d53e27c4827b5bc154c11e8f2625d0c5d8e15a138a0fd72c9458d72bd8be57afa648a003f5d909c0a7aa1062546407f019695df71228ee704c4fe870bca3c4f3d5183aa4f4f19e9bfcf9b282241ee6eabaab6777f72b0b1e52a498464978fa44e2d9a73935efe46b0c3e91fee32949f032740bd3b018c1eb330ce7d0a44553ff12a25f20ed41aefc8b12f4374f1dcdaeae16345ec004ba3bf0d5bf39037bd4b73fb2a6d5022198f3bcf9d623c4f706ae5b3ba632c112424ad5d673f38e3c673c50552731151cb53dd9ec9699d375b451d8f4e2457e5eab34766a66b031dcdcae85e67939edb373588801a5ea82f8d266aa78341c0e1104f2b0dd5ee0c081f3855a06bec389a29645871ea53b10e19e44737951756ecc062dedfccc3fd84aae13d3c5c8328379756f42b1cf8e9453e9491033f2ede522c8daa0577152799451358694c3771169411150f5066a243d6f869671a4a924602cdfa5a35e4cf303cf7271afb702c93a6101275319153d7c88c112b7d1331db47415023ec18b7d558967f82e7970b1616d8cd1bd5deda3f90bcddec801412e8a4ceb854241bcfe0850c7495399338b41ae01528fe5da8296d5cb4a0a5e4ca8c82327da83c0999ab91549f5a08c1ded5d54509bc60b3afbace2fea3c7817aeed4fefc038e86bc77be0029dc5a8f70d41770990583da9b943c9f7c646888171188a9ca40b58b7ff2066bc657dcf369fc8faf74576f61347b0d4016854d5701cacce7eb0ee48f3a302b5892649dad4c910e27976e0ba3f781fb9fc8908904b03455d8d45a6875a18a97da67e91b9f43424c58ceac55ab788fd91097db30ef891cf659dca25f64300f52b544b4be462724803171a0c4328472c3c9a863dbb331029066f55a0e8ef1c3852c3f19c2bbd71c17852bcf22a125ff854592c146258ba99fe1a9dcca3e1a9178ecd0d6096d0642bd1639d547d475dbe4e30b62a0db806e865000b5fac63f537cebc8a4f133843c9d333f566c82a3b2e4a947be01743c36af38975d7396bf804fabf5a102e86ebc9dc18a0f07b5c5ca355cae4000b95f759e53717ec4ccee0778f3cf3f1b3d8"], 0x7ec}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'pimreg0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r4=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010029bd7000fedbdf250400f600"], 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000012c0), r1)
sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000001300)={0xf4, 0x0, 0x800, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0xa}, @ETHTOOL_A_PAUSE_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x173b}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0xda}, @ETHTOOL_A_PAUSE_RX={0x5, 0x3, 0x5}, @ETHTOOL_A_PAUSE_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xf1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2000}]}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x8}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0xd9}, @ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}]}, 0xf4}}, 0x8000)
write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\x00\x00\x00\x00\x01_\x9e\x99:\x06F\x96\b\'\x02\xb0\x93l\xeb\x87\r\b\x87\x14\xf8e6\x9c%\xb6\x9a\\S\xa2(Q\xcc', 0x7f)
r5 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000003640)='/proc/self/numa_maps\x00', 0x40080, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
mbind$auto(0xfffffffffffffffe, 0x8, 0x4, 0x0, 0x6, 0x9a2)
lseek$auto(r5, 0x7ff, 0x1)
getcpu$auto(0x0, 0x0, 0x0)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
shmdt$auto(&(0x7f0000000000)='(\x00')
msgctl$auto_MSG_STAT_ANY(0xffff0000, 0xd, &(0x7f00000000c0)={{0x2, <r6=>0xffffffffffffffff, <r7=>r0, 0x7, 0x14d1, 0x2, 0xfff9}, &(0x7f0000000040)=0x7, &(0x7f0000000080)=0x5, 0x296, 0xc0000000, 0xed28, 0x10, 0xfffffffffffffffc, 0x8, 0x9, 0xdd, @inferred, @inferred=<r8=>0x0})
shmctl$auto_SHM_STAT_ANY(0x94, 0xf, &(0x7f0000001240)={{0x17, r6, r7, 0x814, 0x10000, 0x3279, 0x5}, 0x4, 0x6, 0x7ff, 0x1, @raw=0xaf8, @inferred=r8, 0x7, 0x0, &(0x7f0000000140)="51365d724757c1e96b0707606f15a5ebccc3df3c9b7f99c1b2505e6a96491605cd6257ce296172ac0bd5bcdaad087fda1a549e04c6975022b7f0df1f99eba5976220cc05c921b6945bce5664382e9b7abc39143923fb1f1e7fca860c46037b68cc5cca0264e6c15bda5f5dea2194b41a86c64afdec05f42610de202f1ae82590ecd570270c62071a8c44b15cf88005571264236460d0b5749f38d6650408985c8f9a350945849e737a0e50b6c6906df035c278d48cb31ab00efac53f6d25560a84bcf085735916847c07474add36449874cb2c7479064f5887d35e825e2fb980c667de4940f0baebae3979e7d6dbe0f1a52911f5d38d", &(0x7f0000000240)="d224046a515e89d28ffd7447789296f44575ec6abaec42251f3789d372d0f36f73bcbcc03d25280677e84e8c7ceef10967010e55e2ace43d4ba71ee87675ea4d7a9c8ef2b64466b48d32338d52bdf0f78e5fe2d0017e35e278f3736cd0800c6659d4b8ba56bf5d725df0fd96566a8a258bf02f69a6c02de980b6a894ecdb0d2291cbf69f782de40e06210191787a7399d8b2baddef423e2c4e2f82ebd2b7c8135bcd8658cdf2a611970a77a881291a43aacc6c87e56d1e733fcbf2d4255ce16072622ae20897b9f41140509299292e4569601f6466f6593a89846dc256e4ef411f5b3a38b7ea8864c5a349bc262aaab7affa5009bd0a13b91f92a34901c49a9e6e946fc5c42a60bc9432d661348b11936eae75ad4cb85c11ddce55c30a90e0a0102b1a585c0a0505afaf4d2f62ce291d9ffda881415ded12f772e8ca238dc9cb30242b982ccb9c33c1f89e79b1bebdff84a20a52da28de20faecd66beed36ce9b6790be0b742758619d666bbc39169786e613527cffcab29363c2d9816f02c3c76ea5ac5b3bdc5fb4bd884d1f55f8819f84ea6a3a7f707ff63a526c728c99c2a8ab8d153c995d9a04d1b354c0c894c23e1b231bf87686d634aab439aa4a1479a0d31d9b28b60d6eacf0acd57bbe6b7bbbfd04c4b76bcb13fba5b3d3d988e503e248a8f3a4d8b87460ffaac7a245dfe7c85d1b732b9bd429ac9e808a98cdb9f49ef866055115566a354559ce8cd9f3815adbe4a3655311b967e0c0762154f3b1f8d33eee2d3a3c2e1cdce54c91d21145da75776f78ea0a27ad1dc23c735b226b1f0fd8007b1fadeb47ad6bb28bade787704a90c01740cbd415dd3ee710774028f23880c5bb164fb6d1d6e344efd84c8b15ea2e4c5cdf96894bea3a9d98bb700dd342a21734cf802221284c9a98708fa933e85403d7197fa10a269c0fb47e0ac02b586415de80eac95319632798419c02b8a6c89d2d2fe775294c08706cc19efa6f89a6d887ee4daca5448429a052ec7d38b3d9a7f72b94957a0789eba32c9084987b570c5785bcbb861bcecb5b80c2829f0de677f7c8bb8d57592e57e32ed705a490b2a84255fced9a4409189d2a71e49165c0e45c330c8a66e4729c145aeffaa77d7a153cd0f252cd6ce9fa08c4395a57fad9854d92ddd4c653b90aaae0c6233b8e1902de21605681e1a9949f2e069d6ab41073d11c5b4fd471d1fbced557de60b746fd02cd4c85273333522fc1807703e983659130e75d93c73323fdede25d8dd78fb40cfd3ff18440cd20ca7b5d4a0dbddac62d13a0af995fa4fed3750d42ab86a1e6c080ecabb0940e271ba04df30a5c0d91c85c62ea6810702204df10276a5954c401547849128fa7b4b9735915e072ec13d842a0e100781e0598a316b3ebee6034d3c37b4942f254a9419bae200982d5918bc805a2e5d8784157e5537b2e2c1323015552b06f1abdff2077e10520d7acab1ed92c21985e8db352b1a422c7bf00e99a69a1a98b13c9ee4a7fd6abf7bc42318107f4ee088140c372fdd81ba2f0fe7e5e06073ed4611b5b508ad89e705701449ea24b1ce5026c32525912a595c0c97199378680852e306ec5c256a2aa555abc401486a475e7a964a72383895a42c7b09fcd6ef43a8913c5060f33ccc2f536f89e0724dd0f468d307becd66c59d5be55e5dafef85d050230acbb0c7d8d4c46b9279c64f278ef8b2e9e6bd9403b9b11c8a8080344b15b55600a515a26019895b1a3a7edc4334d1d307029813c58928a10e35874d2095d12b676184c5aac3fe2375e4364857feef219174c6bd9886d98a422668158cc49001092e3f80c11e6b94052e8da7c0c679b1ab0bf72409ed7a034995c85d1761c782e164f3eecd6a156f8152eff1bb104ff6d1aeaf47f175eb899b73db37af9c75cac44358067198978f64709936e9802c8fe7a27907d2f32ff539a9b9fd550fe2b096cd44da41b66a515b495b1fd64f7ca44c9b5bd0e20247a878d327754116fe1b238d07deb8433c815437da22547e393cea5dc327f4aec08052a0e6da6bea8db2c5e728a31207a599f62311ad36a3ef0d105f4897d34d439598664218c35bc31baf02ee2dd39cef0b2f98f55a70bf47f535decaed7fd914ca2bed3996214f06de7abdd739eea3358b73494080e21ae4be62b735af7e14e26b2c83aff25298e061db9654f6625860f50f08540f9694c7b14efa30b625576baca94db31ed0ba42c449e19c552b37aeb78773a4d9659842200c12d032acb46d63abb9078420e05ae4108c90b0df1fcf03451bce099537208b49197a0ae832cbc7a4b99c9f27945f1f9766b3cb144dbee0e2cc6cd3833dea17dbb110705531c404f8f563f4d012ee614c49061a4ca6255fb9f72208fd5522364b000ec10ec72a2262b4aac8696634ee4497e6ab2c65c2096b7651b42b91aeb3d7571282ff1e9fbe2c6f8b1a0019a9db6a36ca733d29f80797e1d18a773df20d8de83a83d20017f9080688390202fb9755281a971dd2499eab9e3a0a8b89220e9c48239cd74a8894e92238c550333eef8a127f0e83428074e5f3d2d7804a4aca47992a57b01475ea76903ca0244ceac756639c91cfafb385e62829f652a18e4ac7e1f562de54d9bdec0ec0c46f37c3aa8291d87af5abd7e248e2025e821002ec58d6492937b9a91129ae305ace253829b988993c2954c7d1f631615d66a0450b2a8e8bbcb88e500876ab2a83354bbfcc7ccf9fddda6ba04657e7e61e042009bf0ffb90f7903730c1d3942fd2a4731fe77aa306805aa5578e93fceb934896f61c91be9fb89e5b5afcb32574a7c40d4145811b3153386a70fa07888e62697cbef676c506ad7584d271dbbe5612a07659159b95c6f3c60f816b30e229dcb73b3ee6f4184f0f46dd539b3f9178a6f5193be8f6c5eb36a47ce47fb7fbcf6e6840404e4ed3aa535cc6d819db270b95324465facd36c7fdf49f1fa5836beaad5f6c411fa521511c6ae479de7320be4b45597f09079e1be30514e04c062c8fa2df54f52662b840568fd8160466f7d454f66371de82adcdac8297afb8197ebdc7ef95d68723ea3ebf949500711ea94f3117a9658eecc7e3b7f46746d77c1a84901b776cccde4d014c9248ce4cff5e6c06ff5f04194ba0ac70165f3b75dca29dc40ac5fe6800f4aeefb3266dfb48309b1228a8b58d824589b4055d3c3dc820f8f7e4af251df6918c8784fd6f68ef6b7d5f7557de0a3f7ce052549ae48b69fec65467c3aca415aa57d4bbf131e420daab9243eb2a837edbc37c7508e7bf129046a438a3cd123f0847eb55433a10ef4315d088121bab851946e77c55ce6ffaacb183d32552f3e208ba99fd0b9828ab0ba4edaf5a039748c0b86fefb483247cad2a4ad468671c512b3bf22e8ea8ca6f3ff2e0d61d438038e1c6c3990f4cfcf739cf559f412eb977ac047dc1f7822549561ee214d95c2debc07b0e6e471be79948a0a2d3a6f42c70e129c20ccd2533e63cdef4c7df21ee5db7c8f7f8692b162e01bdef17014b5def94c9e32ac07065240dfd6bea43efb8f19a31d7437af7632caa8d02b36db3e01c0d0242435565b3e9f2a32e42a47ba2ed966f66f32443c650d589827f7e17ed06d074708a845cb81f99d16bc787aa26481b2ab1791280c5e00b6ef4293907bb411e9362d8cf049be486370ab17ae84e2e715b8056c63d42997da67f4c460892708bc6bc6b4ec6aa2d50bf52f92d3aed88a8fb81a87f77c80ad4e85c28ee41f8b097d0ff4d424fc2b6f55420630f515ee13d62df6e120d60c53fad5b20176c9253e33523897128282303ce0299043bfbef3eaaf91ce19c069134037d4e56f9024e3cdce6f2e7268e075893e5fb53affbcb8bc52fd6ec1a2c5f75dfbe48bc0584a69e0e57cf0e6e910e0356b45389e0cd0abd414b7ada788ae3e2d5ec01c1ca13a23059c66c44eb150d7cdba5ac19fca0a8ffc4f6aa892de1cd6d82bfa5ae715aefeee201afc2714325bddc89e18397628db2418bd0c6fa395abd5edb31c6f0ab1bf60bddd8e60dc9f57c1e969cdec78a00cbd299bf140dcdbbdd7e1cb9d798dfe0baf9df7dc52e2cad16dc1bd72a51480e51de1a5750d930a8f4a52715a5d24f97df7cb672da6498a3b6672c485371c0d37413450735016152fc998dc3302291662928b722a923fda3db0f366d3bc2f1ab99cab17858e023d4d587a227ebf81d03aad7a804b50947113621b3d852ee41c307accb9b760ca23c32a2674e626f0027077df3be7eb6896b5255b5db8b3d3e666d62a7671c0a66cadd58f5f68142577a0f3a0242fd00c2e002c5eac65deeb5d31e3ec80d872b855dad1eaf4ba0466d81d2c1d0c4d0bc131eac61499ec79dcf11b7e6da6bdad99f44e3adf38b2de087f757956b4b412b1e475828481e207ee2464cce4e57d04a3a73827fd20450bfe397020e15ef25c8f6bf5f0bc0c0357985755020ec04c18c7f0237985b99ee18571983c2699eb308f9c979606daec0cc1a6bc291f6c8f3a044a312aa9065500eb3de67d6ec150cd0e6e88a074b07ac7f5002c2a97e7d60ebbc7a4a5a5b7d76cd327d725536003e020e73932781cf61d980c6ff2b80287c7e131cfa934aa11a4b9ed99306fa0eeb38c397905206779fc1513d89e6ec05ccdf7cc819ad76cc471d90219b90eb198f442e6a99e0f1fa317d3296250857e3df0392f6e47f1340bf603df2b00531af331632ddf0931902fb9c11f9470198bddefc1c89fe6baa06a34c446d1f0fb5e9da6be7a29a97007c6bfbeb4538a21046c4cb0f011c442a09e9332112a0123a9343e557b64f282beb01f067e35cf9b99f1c079564421eb16f328f68745752d0ae7504b13ddfc07adf3150a60a5a0e932f99ec63b6275591339f6ce711769f6adcd6bc95c1c2a9466f2dda0f7eb000960122d98cc366a6c1239f8b600afca22744ac8c99d357653286cebfdc845b8dad86d96eaa0318ba3d27a1b0716042b59e5b8c1422c98326db9d13da1f12edd90e2f104c8ac0311d16379930287b6640099528c98257d84f1ab18e38c92aeb4c0944fab21904f13c07ddf24f81dc6ecd0d0dec2715c8189858652e0123459e7ca0a7bcd652658058e27c72fbc318773abf167468676edfb4463543e1b2b2cfc776d2f44036c5fb908d81bfc275fa803be50e4686ac11c6060a87f89e0740516820c2bec84305d5ff73cc316f7239a52dbe895b302542c68bbd790d01a0205a32bdaa87154994ead34ba7c0b947fd9fc65ad45ab733bbdf6f73b2b281b234dfc5f73a271030184094ae972e1172128dc6efbcc91999ebcf2767f69c2501b02be9a7e9d02c8fd06cb3ff209f26d86047c42c608ed33724648569fef3bc1c33f2397e91fbd1b83474148c2bacc6b886e9d9ee1b00f63514c77d25c3b6ea33ea24e5be6981e544cdb234cc917fc1b63b80214d47460926ac2c730b68b773158008eef5898b00430f5c633972b0cddab74c988a8bdf7f6ee2b886cf813dc4394cff63408bf5f031811b55808e53d3034d43bbe0051623abcfa5ed8abffff2599a03d71ec511d87d9091da47cae73590b745821854d9f1a63398ee016e684368b93b3dea9d8678b923ad709261c5516ec02f101b98166fb8e42cea50b7a3abff80a0b00c1e9f6ab9500009795ce6d39353471a583b1f7ec780406c7faf8796f4ce0c46650cc35f7ddb0980969985059a5803fb981ced82696e91e69331714530326fdaf4c54cf1895f79f6b9086adacd93d35c15554e91927addbb83b905bb45698780da10f58cba9bbb89a0c54f17f4308d4c296a"})
socket$nl_generic(0x10, 0x3, 0x10)
rseq$auto(&(0x7f0000000200)={0xe, 0x402, 0xfb82, 0x3, 0xffffffff, 0xfffffffe}, 0x8000, 0x0, 0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0)
set_mempolicy$auto(0x3, 0x0, 0x9)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)

1.936971282s ago: executing program 4 (id=2957):
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r0, 0x29, 0x19, &(0x7f0000000040)='!\x00', 0x1ff)
write$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffffff, 0x0, 0x0)
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
socket(0x10, 0x4, 0xffffffc0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7)
r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd)
ioctl$auto_EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x2)
write$auto(r3, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001)
mmap$auto(0x800000000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x4, 0x15)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r4)
sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r5, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0xc, 0x2, 'nl80211\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810)

1.715474649s ago: executing program 1 (id=2958):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000040)={0x0, 0x0, 0x38, 0xffffff01, 0x7, 0x9, 0x80000006, 0x7, 0x8, 0x5, 0x5, 0x9, 0x2, 0x8, 0x1, 0xf, 0xffffffffffffffff, 0x9, 0x1, 0x5, 0x40010, 0x0, 0x0, 0x0, 0xef57, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2000000000000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff]}, 0x800, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r1 = socket(0x2, 0xa, 0x1)
r2 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r1, 0x10000}, 0x10)
mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r2, 0x8000)
mmap$auto(0x0, 0x9, 0x3ff57699, 0x9b72, 0x2, 0x8000000000008000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0)
r5 = socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f00000001c0)=0x5)
fsconfig$auto_JFFS2_COMPR_MODE_NONE(r5, 0xffffffff, &(0x7f0000000200)='/\x7f+\x00', &(0x7f00000002c0)="02ca0b6ff846abb95a1163a89c541397446d0b4cd8dd09b62afe76f57b188ab65f174fab9f86fdc44992832baa294bada1aef98da2eb13ac7b34003db767c5977894383aab82a8ae0351020f0aa7d0b6ce290d3585612b63c511ebb0560a68a6611c957fb23f94c2f3bacb8d3471856ad0b80e06b29ed7780a45c99b61025e2b05016b1f4b41f19cac3799eb39544eda22ffd714cfc02b57a798700d3f5950dc9e655afe9168c020962df820a815971b342ba7b3a510ae03da8b6cfef2986a7a833ed0f8c5ee194e2ca74f6b93675dac52874029403c4fa0d00e14cbd54abfa79f08f3e61e8d27e0bd913240", 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/0000:00:03.0/consistent_dma_mask_bits\x00', 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vbi19\x00', 0x490000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f00000000c0)=""/40, 0x28)
sendfile$auto(r4, r4, 0x0, 0x3)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/index\x00', 0x0, 0x0)
read$auto(r7, 0x0, 0x20)
write$auto(0x3, 0x0, 0xfdef)
io_uring_setup$auto(0x18, &(0x7f0000000380)={0x2, 0x1, 0x8, 0x5, 0x1ff, 0x4, r0, [0x1, 0x7, 0x9], {0x8, 0x2, 0x0, 0x24f4c3d6, 0x8, 0x0, 0x39d1, 0x5, 0x3ff}, {0x400, 0x1, 0x35b, 0xe, 0xe195, 0x3ff, 0x1, 0x1000}})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)

1.556366581s ago: executing program 2 (id=2959):
r0 = socket(0x10, 0x3, 0x6)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100", @ANYRES64=r1, @ANYRESOCT=r1, @ANYBLOB="6bd682d8df5018e250bfddaf49cddd1bee27ce02e934707bf6e16f8c8a2200567fcd891f5456db2f886e4f469112f2e041ecab87e8f7701a0900bdaebe7cea58aa701c5dff36cba01806f03532fb2a6ab635f98ff660d3a5d1db96334c302cfaccb47634e32ac0570c1f0eca41b6b294ccf33fe1222b3dcf024c7dd73a61d77c05d3568937a2b29e757538990fab35bf8b5d6ceaed606cff196928f014bb99601715c8ccb886a5c2bfd1929f64cb6e8280ceb1d8f5d6c38d5121abf57ea237125269e8a780715353804b8135dbbea3e56899e869269cbb7fdf83023dd34fb1f4e0342b76b733ef1b7235e1721bb97a05291d9497e1b7a781156d4dfc", @ANYRESHEX, @ANYRESOCT=r0, @ANYRESDEC=r0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4080}, 0x48d0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1)
socket(0x1e, 0x1, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/nbd13\x00', 0xc4000, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r4, 0x4018620d, 0x9)
setns$auto(r4, 0xfffffffe)
bind$auto(r2, &(0x7f0000000200)=@l2={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4, 0x1}, 0x200)
r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0)
ioctl$auto(r5, 0x4018620d, 0x9)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
socket(0x10, 0x2, 0x6)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
write$auto(0x3, 0x0, 0x800)
getpid()

1.230930745s ago: executing program 0 (id=2960):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x2, 0x1, 0x0)
setsockopt$auto(0x3, 0x0, 0x33, 0x0, 0x8)
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim2/new_port\x00', 0x183841, 0x0)
openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy9/hwsim/ps\x00', 0x1, 0x0)
writev$auto(r1, &(0x7f0000000100)={&(0x7f0000000000)="3472517ba627406abace9316e710d991c746f687463425a2d87292fac8088ccb1a4f4224db8d7eea0be97e0f7769ad3c5c08c9afd2f6813edd10f2298d1bb8d68fa1bbee48298185a27c7df5bf14cb42d3e04043dc196947726f5b9ef993a899bda3f124ae958b3877de0b77adf421d35c5680b32660a8ed0e1bf1f249b26355f969144b03769e506b05c884b9422f9175148e812940299918ca9aba7b963f36fedcd5a9328d81ce4ded63cf", 0x5}, 0x3)
socket(0xa, 0x3, 0x3a)
bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)=@task_fd_query={0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x0, 0x4, 0x3373, 0xffffffffffffffff, 0x4}, 0x8)
mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x0)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket(0x2b, 0x1, 0x1)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(r2, 0x2, &(0x7f00000000c0), 0x1)
getsockopt$auto(r1, 0xf, 0xe, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000180), 0xffffffffffffffff)
clone$auto(0x1ff00, 0x0, &(0x7f0000002040)=0x7, 0x0, 0x9)
read$auto(r0, 0x0, 0x800)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})

444.488595ms ago: executing program 2 (id=2961):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
ioctl$auto_SNAPSHOT_SET_SWAP_AREA(r1, 0x400c330d, &(0x7f0000000180)={0x100, 0x16fb087f})
read$auto(r0, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3)
r3 = socket(0x29, 0x2, 0x0)
shmctl$auto_SHM_LOCK(0x2, 0xb, &(0x7f0000000180)={{0x9, 0xee01, <r4=>0xee01, 0x333, 0x1, 0xdc66, 0xfff9}, 0xfffffff7, 0xffffffffffffffff, 0x1ff, 0xc74, @raw=0x3, @inferred=0xffffffffffffffff, 0x8, 0x0, &(0x7f0000000000)="09c04e28946ab0e4cd5082fae10a675ec32b84ba20aabbb841b77ef33ee185a126dc3ba1ba44875f0090fab7d2a99db586778cf5490a52cca1170d079835189006ea08ee0eede456bb91d67d8c5edfb2098f3f5944b31c39eac924cd279d0a87d8734ff86874ad780848ff51e756a1741eef586bcad6002be2f1eca1f961f5371e9305a1ce0b923b7ea29f783495b7b297f2ba17587662f7dae6f076c5177e4d0e3757670f64292c5008bd44c74a", &(0x7f00000000c0)="da5ba69b94446280be07cd93fdf0ca6006752f04fbacb5e09be993a00aa2cff6a87b4ff39250e83897d7cd5aa72ea6ba99fa9f67ad63c9a4f11a0dc2085e9abe87fc9adbd72b19ccf31f70d911bfa0400b5caf7673ffd1b8e1c77324b6db69f378c190171ee6d9e59ee63cd68ac117e624687e54ff51ad5754cf050f4063048ee1b3ec1ba6a68965ac"})
shmctl$auto(0x0, 0x1, &(0x7f00000003c0)={{0xfffffffc, 0xffffffffffffffff, r4, 0x0, 0x7, 0x6, 0xfffc}, 0x1000083b, 0xe8f, 0x200000000000002, 0xfffffffffffffffd, @raw=0x4, @raw=0x50, 0x5, 0x0, 0x0, 0x0})
mmap$auto(0x8, 0xb07a, 0x3, 0xf9, r3, 0x8000)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto_full_fops_mem(0xffffffffffffffff, &(0x7f0000000440)="a4ab8747e2f849d542dc2a65d69431fb4ff2794d312e7240590ba742a8a434d769a4dd871e6ae20b5f458a532ae1f8470c40f03b695e675d6a4cd8051a26259453b7dd0d44b051c59b6ec52b40c18e216ca7204bb10f95997a54ad43b4e997e3d47c40363a10e718fa8d06bf087cda3d9914b70f8bdb64ce3b741a4b8b2f708fc301028bc28d0f3268f64287a18826b2216407f48fa7eb91ca71707e5751", 0x9e)
r5 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
poll$auto(&(0x7f0000000180)={<r6=>r5, 0xfff7, 0x9816}, 0x7f, 0x9)
ioctl$auto_VHOST_SET_OWNER(r6, 0xaf01, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
r7 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0)
r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(r8, 0x40104d0e, 0xe)
write$auto(r7, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r9 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07)
pread64$auto(r9, 0x0, 0x8, 0xffff)

257.417316ms ago: executing program 1 (id=2962):
mmap$auto(0x0, 0x2000d, 0x3, 0xeb1, 0x404, 0x8000)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0)
socket(0x2b, 0x1, 0x1)
ioctl$auto_HPET_IRQFREQ(0xffffffffffffffff, 0x40086806, &(0x7f0000000080)=0x7fffffff)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptyt7\x00', 0x20001, 0x0)
ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000080)="8ce968f6d33e1d1a4f6a2f12f470f8cdb7dfeaf02768589362668247de44a359e8d9c13d4e52cc42ef43f1d4c965d3d505ad05f2c97a5541863adc5154e4028bdf351c0900000421cd3d73083f859a25a8b713916bb90e14883914f1b33ebd88ce433cff55ac")
mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000)
mmap$auto(0x0, 0x400404, 0xe3, 0x9b72, 0x2, 0x0)
madvise$auto(0x110d230000, 0x1, 0x9)
r1 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
read$auto(r1, 0x0, 0x80000000006)
r2 = signalfd$auto(r1, 0x0, 0x8)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_MPATH(r3, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000280)=ANY=[@ANYBLOB="79bfcd14000000855fe3e12598cbc747c12665f5daefd4a29eb0492724f43eb07ab907bababd30da1ad6bb1701c1a618ad86b118b0fce2a7a31027bcc9e4a4d7d6f781f6055b32525a185e51127f2a3196fc536e0abdee", @ANYRES16=r4, @ANYBLOB="01032dbd7000fbdbdf2515000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048094)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb3, 0x40000000000a5, 0x8000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYRES64=r3, @ANYRES16=r4, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014", @ANYBLOB="3852440fc1f8a566df9a0aaf6e978e7c6f90129a26336a3970a276035e756f59c430", @ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x400c05a)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1000000000000001, 0x4, 0x5, 0x7fff)
bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4)
ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001})
r5 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x0, 0x0)
ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r5, 0x4601, &(0x7f0000000080))
setgroups$auto(0x8, &(0x7f0000000000)=0x5)
setsockopt$auto_SO_SELECT_ERR_QUEUE(r1, 0x1, 0x2d, &(0x7f00000004c0)='\"!,\\][-\x00', 0x8)

0s ago: executing program 4 (id=2963):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0xa, 0x2, 0x88)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r2=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, r1, 0x4, 0x1ff, r0, @relative_id=0x13, 0xe600}, 0xf)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$auto(0x2, &(0x7f00000001c0)=@test={r0, 0x5, 0x8, 0x3, 0x3, 0x1bd8, 0x9, 0x8, 0x8, 0x2, 0x8, 0xffff, 0xbe8d, 0x2, 0x6}, 0x2b)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/mode\x00', 0x121102, 0x0)
read$auto(r3, &(0x7f0000000180)='!]\x00', 0x7fff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/miimon\x00', 0x143b42, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000031c0)='/sys/devices/pci0000:00/0000:00:03.0/virtio0/vendor\x00', 0x101000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/acpi/hotplug/force_remove\x00', 0x101000, 0x0)
read$auto(r4, &(0x7f0000000b40)='^+\x00', 0x4)
write$auto(0xffffffffffffffff, 0x0, 0x7ef)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
fcntl$auto(0x0, 0x407, 0x1)

kernel console output (not intermixed with test programs):

+0xee/0x2a0
[  628.286040][T15726]  kernfs_new_node+0x13c/0x1e0
[  628.286063][T15726]  __kernfs_create_file+0x53/0x350
[  628.286080][T15726]  sysfs_add_file_mode_ns+0x207/0x3c0
[  628.286102][T15726]  sysfs_create_file_ns+0x13d/0x1d0
[  628.286119][T15726]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  628.286138][T15726]  ? mark_held_locks+0x49/0x80
[  628.286160][T15726]  device_create_file+0xf2/0x1e0
[  628.286177][T15726]  device_add+0xa2b/0x1aa0
[  628.286200][T15726]  ? __pfx_device_add+0x10/0x10
[  628.286221][T15726]  ? __pfx_exact_lock+0x10/0x10
[  628.286240][T15726]  ? kobject_get+0xbb/0x150
[  628.286259][T15726]  cdev_device_add+0xc2/0x1e0
[  628.286278][T15726]  evdev_connect+0x3a4/0x4c0
[  628.286296][T15726]  input_attach_handler.isra.0+0x176/0x250
[  628.286313][T15726]  input_register_device+0xab9/0x1180
[  628.286332][T15726]  uinput_ioctl_handler.isra.0+0x1357/0x1df0
[  628.286355][T15726]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  628.286375][T15726]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[  628.286502][T15726]  ? find_held_lock+0x2b/0x80
[  628.286533][T15726]  ? __pfx_uinput_ioctl+0x10/0x10
[  628.286556][T15726]  __x64_sys_ioctl+0x18e/0x210
[  628.286580][T15726]  do_syscall_64+0xcd/0xfa0
[  628.286601][T15726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.286621][T15726] RIP: 0033:0x7f3107b8f6c9
[  628.286635][T15726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.286649][T15726] RSP: 002b:00007f31089ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  628.286664][T15726] RAX: ffffffffffffffda RBX: 00007f3107de5fa0 RCX: 00007f3107b8f6c9
[  628.286674][T15726] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000009
[  628.286683][T15726] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  628.286693][T15726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  628.286701][T15726] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  628.286722][T15726]  </TASK>
[  628.860623][T15726] input: failed to attach handler evdev to device input16, error: -12
[  629.227845][   T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  629.240280][   T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  629.250772][   T69] bond0 (unregistering): Released all slaves
[  629.409752][   T69] tipc: Left network mode
[  629.997750][   T69] hsr_slave_0: left promiscuous mode
[  630.082902][   T69] hsr_slave_1: left promiscuous mode
[  630.180840][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  630.284128][   T69] batman_adv: batadv0: Removing interface: batadv_slave_0
[  630.390934][   T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  630.497899][   T69] batman_adv: batadv0: Removing interface: batadv_slave_1
[  630.769582][   T69] veth1_macvtap: left promiscuous mode
[  630.849538][   T69] veth1_vlan: left promiscuous mode
[  630.854840][   T69] veth0_vlan: left promiscuous mode
[  632.999547][T15807] usb usb36: usbfs: process 15807 (syz.2.2383) did not claim interface 0 before use
[  633.478212][   T69] team0 (unregistering): Port device team_slave_1 removed
[  633.514563][T15756] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  633.616191][   T69] team0 (unregistering): Port device team_slave_0 removed
[  636.975579][T15850] FAULT_INJECTION: forcing a failure.
[  636.975579][T15850] name failslab, interval 1, probability 0, space 0, times 0
[  636.996367][T15850] CPU: 0 UID: 0 PID: 15850 Comm: syz.1.2389 Not tainted syzkaller #0 PREEMPT(full) 
[  636.996389][T15850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  636.996400][T15850] Call Trace:
[  636.996405][T15850]  <TASK>
[  636.996412][T15850]  dump_stack_lvl+0x16c/0x1f0
[  636.996433][T15850]  should_fail_ex+0x512/0x640
[  636.996456][T15850]  ? __kmalloc_noprof+0xca/0x880
[  636.996481][T15850]  should_failslab+0xc2/0x120
[  636.996501][T15850]  __kmalloc_noprof+0xdd/0x880
[  636.996522][T15850]  ? string_escape_mem+0x6c8/0xde0
[  636.996537][T15850]  ? kstrdup_quotable+0xc2/0x190
[  636.996554][T15850]  ? kstrdup_quotable+0xc2/0x190
[  636.996568][T15850]  kstrdup_quotable+0xc2/0x190
[  636.996583][T15850]  ? __pfx_kstrdup_quotable+0x10/0x10
[  636.996599][T15850]  ? get_cmdline+0x86/0x380
[  636.996620][T15850]  kstrdup_quotable_cmdline+0x127/0x210
[  636.996637][T15850]  __report_access+0x77/0x370
[  636.996653][T15850]  ? _raw_spin_unlock_irq+0x23/0x50
[  636.996670][T15850]  task_work_run+0x150/0x240
[  636.996693][T15850]  ? __pfx_task_work_run+0x10/0x10
[  636.996719][T15850]  exit_to_user_mode_loop+0xec/0x130
[  636.996741][T15850]  do_syscall_64+0x426/0xfa0
[  636.996759][T15850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.996773][T15850] RIP: 0033:0x7f3107b8f6c9
[  636.996806][T15850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.996821][T15850] RSP: 002b:00007f31089ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  636.996836][T15850] RAX: ffffffffffffffff RBX: 00007f3107de5fa0 RCX: 00007f3107b8f6c9
[  636.996847][T15850] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206
[  636.996856][T15850] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  636.996865][T15850] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000
[  636.996874][T15850] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  636.996894][T15850]  </TASK>
[  636.996910][T15850] ptrace attach of "./syz-executor exec"[12987] was attempted by "(null)"[15850]
[  637.588900][T15859] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2390'.
[  638.489003][T15875] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2394'.
[  638.608405][T15876] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2394'.
[  638.835189][T15884] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2396'.
[  639.128629][T15887] binder: 15881:15887 ioctl 4018620d 9 returned -22
[  639.237796][T15887] binder: 15881:15887 ioctl 4018620d 9 returned -22
[  641.008645][T15930] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17
[  641.219640][T15931] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  641.815654][T15948] Invalid ELF header magic: != ELF
[  644.766576][T16013] random: crng reseeded on system resumption
[  645.881377][T16032] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2423'.
[  645.967359][T16036] binder: 16031:16036 ioctl 4018620d 9 returned -22
[  645.994638][T16036] binder: 16031:16036 ioctl 4018620d 9 returned -22
[  646.140432][T16027] FAULT_INJECTION: forcing a failure.
[  646.140432][T16027] name failslab, interval 1, probability 0, space 0, times 0
[  646.348294][T16027] CPU: 0 UID: 0 PID: 16027 Comm: syz.0.2421 Not tainted syzkaller #0 PREEMPT(full) 
[  646.348317][T16027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  646.348327][T16027] Call Trace:
[  646.348332][T16027]  <TASK>
[  646.348338][T16027]  dump_stack_lvl+0x16c/0x1f0
[  646.348360][T16027]  should_fail_ex+0x512/0x640
[  646.348382][T16027]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  646.348399][T16027]  should_failslab+0xc2/0x120
[  646.348419][T16027]  kmem_cache_alloc_noprof+0x75/0x6e0
[  646.348434][T16027]  ? mas_preallocate+0xe6a/0x11f0
[  646.348455][T16027]  ? mas_preallocate+0xe6a/0x11f0
[  646.348471][T16027]  mas_preallocate+0xe6a/0x11f0
[  646.348492][T16027]  ? __pfx_mas_preallocate+0x10/0x10
[  646.348514][T16027]  ? __pfx_mas_prev+0x10/0x10
[  646.348536][T16027]  expand_downwards+0x314/0xeb0
[  646.348556][T16027]  ? __pfx_expand_downwards+0x10/0x10
[  646.348576][T16027]  ? __pfx_down_write+0x10/0x10
[  646.348600][T16027]  mmap_read_lock_maybe_expand+0x11e/0x3c0
[  646.348623][T16027]  get_arg_page+0xbb/0x310
[  646.348638][T16027]  ? __pfx_get_arg_page+0x10/0x10
[  646.348652][T16027]  ? __pfx___might_resched+0x10/0x10
[  646.348671][T16027]  copy_strings.isra.0+0x1cc/0x990
[  646.348691][T16027]  do_execveat_common.isra.0+0x397/0x610
[  646.348710][T16027]  __x64_sys_execve+0x8e/0xb0
[  646.348726][T16027]  do_syscall_64+0xcd/0xfa0
[  646.348744][T16027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.348758][T16027] RIP: 0033:0x7fd03b38f6c9
[  646.348771][T16027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  646.348785][T16027] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  646.348800][T16027] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  646.348810][T16027] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000000
[  646.348819][T16027] RBP: 00007fd03c2be090 R08: 0000000000000000 R09: 0000000000000000
[  646.348828][T16027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  646.348836][T16027] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  646.348856][T16027]  </TASK>
[  646.569651][    C0] vkms_vblank_simulate: vblank timer overrun
[  646.967886][T16052] FAULT_INJECTION: forcing a failure.
[  646.967886][T16052] name failslab, interval 1, probability 0, space 0, times 0
[  647.022523][T16052] CPU: 0 UID: 0 PID: 16052 Comm: syz.0.2427 Not tainted syzkaller #0 PREEMPT(full) 
[  647.022547][T16052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  647.022556][T16052] Call Trace:
[  647.022562][T16052]  <TASK>
[  647.022568][T16052]  dump_stack_lvl+0x16c/0x1f0
[  647.022590][T16052]  should_fail_ex+0x512/0x640
[  647.022613][T16052]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  647.022630][T16052]  should_failslab+0xc2/0x120
[  647.022650][T16052]  kmem_cache_alloc_noprof+0x75/0x6e0
[  647.022665][T16052]  ? skb_clone+0x190/0x3f0
[  647.022682][T16052]  ? skb_clone+0x190/0x3f0
[  647.022695][T16052]  skb_clone+0x190/0x3f0
[  647.022709][T16052]  netlink_broadcast_filtered+0xb76/0xf90
[  647.022732][T16052]  ? __pfx_netlink_broadcast_filtered+0x10/0x10
[  647.022746][T16052]  ? sprintf+0xcc/0x100
[  647.022767][T16052]  ? netlink_has_listeners+0x20f/0x430
[  647.022783][T16052]  netlink_broadcast+0x39/0x50
[  647.022799][T16052]  kobject_uevent_env+0xc6a/0x1870
[  647.022823][T16052]  ? queue_work_on+0x12a/0x1f0
[  647.022844][T16052]  ? bus_to_subsys+0x131/0x160
[  647.022862][T16052]  driver_bound+0x164/0x230
[  647.022881][T16052]  device_bind_driver+0x3a/0x70
[  647.022900][T16052]  mac80211_hwsim_new_radio+0x3e8/0x50b0
[  647.022925][T16052]  ? __asan_memset+0x23/0x50
[  647.022940][T16052]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  647.022961][T16052]  hwsim_new_radio_nl+0xba2/0x1330
[  647.022978][T16052]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  647.022999][T16052]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  647.023017][T16052]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  647.023047][T16052]  genl_family_rcv_msg_doit+0x209/0x2f0
[  647.023067][T16052]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  647.023093][T16052]  ? bpf_lsm_capable+0x9/0x10
[  647.023112][T16052]  ? security_capable+0x7e/0x260
[  647.023133][T16052]  ? ns_capable+0xd7/0x110
[  647.023150][T16052]  genl_rcv_msg+0x55c/0x800
[  647.023169][T16052]  ? __pfx_genl_rcv_msg+0x10/0x10
[  647.023187][T16052]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  647.023209][T16052]  netlink_rcv_skb+0x158/0x420
[  647.023224][T16052]  ? __pfx_genl_rcv_msg+0x10/0x10
[  647.023242][T16052]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  647.023265][T16052]  ? netlink_deliver_tap+0x1ae/0xd30
[  647.023281][T16052]  genl_rcv+0x28/0x40
[  647.023296][T16052]  netlink_unicast+0x5aa/0x870
[  647.023314][T16052]  ? __pfx_netlink_unicast+0x10/0x10
[  647.023336][T16052]  netlink_sendmsg+0x8c8/0xdd0
[  647.023354][T16052]  ? __pfx_netlink_sendmsg+0x10/0x10
[  647.023377][T16052]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  647.023402][T16052]  ____sys_sendmsg+0xa98/0xc70
[  647.023421][T16052]  ? copy_msghdr_from_user+0x10a/0x160
[  647.023435][T16052]  ? __pfx_____sys_sendmsg+0x10/0x10
[  647.023451][T16052]  ? preempt_schedule_thunk+0x16/0x30
[  647.023477][T16052]  ? try_to_wake_up+0xa67/0x1870
[  647.023495][T16052]  ___sys_sendmsg+0x134/0x1d0
[  647.023507][T16052]  ? find_held_lock+0x2b/0x80
[  647.023523][T16052]  ? __pfx____sys_sendmsg+0x10/0x10
[  647.023535][T16052]  ? __lock_acquire+0x622/0x1c90
[  647.023581][T16052]  __sys_sendmsg+0x16d/0x220
[  647.023595][T16052]  ? __pfx___sys_sendmsg+0x10/0x10
[  647.023608][T16052]  ? __x64_sys_futex+0x1e0/0x4c0
[  647.023640][T16052]  do_syscall_64+0xcd/0xfa0
[  647.023659][T16052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.023674][T16052] RIP: 0033:0x7fd03b38f6c9
[  647.023686][T16052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.023699][T16052] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  647.023714][T16052] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  647.023724][T16052] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006
[  647.023733][T16052] RBP: 00007fd03b411f91 R08: 0000000000000000 R09: 0000000000000000
[  647.023742][T16052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  647.023751][T16052] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  647.023771][T16052]  </TASK>
[  647.422176][    C0] vkms_vblank_simulate: vblank timer overrun
[  647.437551][T16055] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2428'.
[  648.918778][T16061] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  648.925299][T16061] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  648.971009][T16061] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  648.995098][T16061] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  649.064691][T16084] vhci_hcd: invalid port number 16
[  649.088206][T16084] vhci_hcd: invalid port number 16
[  649.199781][ T5840] Bluetooth: hci4: unexpected event for opcode 0xf100
[  649.260808][ T5923] usb usb38-port5: attempt power cycle
[  649.949934][ T5923] usb usb38-port5: unable to enumerate USB device
[  650.121894][T16101] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2438'.
[  650.382259][T16109] FAULT_INJECTION: forcing a failure.
[  650.382259][T16109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  650.553756][T16109] CPU: 0 UID: 0 PID: 16109 Comm: syz.0.2440 Not tainted syzkaller #0 PREEMPT(full) 
[  650.553779][T16109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  650.553789][T16109] Call Trace:
[  650.553803][T16109]  <TASK>
[  650.553809][T16109]  dump_stack_lvl+0x16c/0x1f0
[  650.553832][T16109]  should_fail_ex+0x512/0x640
[  650.553854][T16109]  ? page_copy_sane+0xcd/0x2d0
[  650.553876][T16109]  copy_folio_from_iter_atomic+0x36f/0x1ac0
[  650.553894][T16109]  ? timestamp_truncate+0x21e/0x2d0
[  650.553915][T16109]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  650.553929][T16109]  ? shmem_write_begin+0x176/0x300
[  650.553945][T16109]  ? __pfx_shmem_write_begin+0x10/0x10
[  650.553961][T16109]  ? balance_dirty_pages_ratelimited_flags+0x92/0x1260
[  650.553985][T16109]  generic_perform_write+0x221/0x900
[  650.554013][T16109]  ? __pfx_generic_perform_write+0x10/0x10
[  650.554037][T16109]  ? generic_update_time+0xcf/0xf0
[  650.554054][T16109]  ? mnt_put_write_access_file+0x45/0xf0
[  650.554070][T16109]  shmem_file_write_iter+0x10e/0x140
[  650.554089][T16109]  vfs_write+0x7d3/0x11d0
[  650.554106][T16109]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  650.554125][T16109]  ? __pfx___mutex_lock+0x10/0x10
[  650.554143][T16109]  ? __pfx_vfs_write+0x10/0x10
[  650.554171][T16109]  ksys_write+0x12a/0x250
[  650.554193][T16109]  ? __pfx_ksys_write+0x10/0x10
[  650.554214][T16109]  do_syscall_64+0xcd/0xfa0
[  650.554233][T16109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.554248][T16109] RIP: 0033:0x7fd03b38f6c9
[  650.554260][T16109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  650.554275][T16109] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  650.554289][T16109] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  650.554299][T16109] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  650.554309][T16109] RBP: 00007fd03c2be090 R08: 0000000000000000 R09: 0000000000000000
[  650.554318][T16109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  650.554326][T16109] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  650.554346][T16109]  </TASK>
[  651.052142][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout
[  651.061238][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  651.067239][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout
[  651.598335][T16133] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2445'.
[  653.085656][T16157] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  653.526707][T16159] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20
[  653.722046][T16168] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2453'.
[  654.848703][ T5828] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  654.989647][   T30] audit: type=1800 audit(4294967351.250:39): pid=16195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2458" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  655.623170][T16216] random: crng reseeded on system resumption
[  656.329840][T16224] random: crng reseeded on system resumption
[  656.868757][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  658.750016][T16261] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  658.756301][T16261] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  658.762748][T16261] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  658.779889][T16261] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  658.789810][T16261] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  660.148261][ T5828] Bluetooth: hci1: command 0x0c1a tx timeout
[  660.785999][T16311] FAULT_INJECTION: forcing a failure.
[  660.785999][T16311] name failslab, interval 1, probability 0, space 0, times 0
[  660.808329][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  660.814639][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  660.820925][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  660.849733][T16311] CPU: 0 UID: 0 PID: 16311 Comm: syz.1.2485 Not tainted syzkaller #0 PREEMPT(full) 
[  660.849755][T16311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  660.849764][T16311] Call Trace:
[  660.849769][T16311]  <TASK>
[  660.849776][T16311]  dump_stack_lvl+0x16c/0x1f0
[  660.849798][T16311]  should_fail_ex+0x512/0x640
[  660.849820][T16311]  ? __kmalloc_cache_noprof+0x5f/0x780
[  660.849845][T16311]  should_failslab+0xc2/0x120
[  660.849865][T16311]  __kmalloc_cache_noprof+0x72/0x780
[  660.849888][T16311]  ? rfkill_fop_open+0x1b6/0x750
[  660.849906][T16311]  ? rfkill_fop_open+0x1b6/0x750
[  660.849918][T16311]  rfkill_fop_open+0x1b6/0x750
[  660.849934][T16311]  ? __pfx_rfkill_fop_open+0x10/0x10
[  660.849948][T16311]  misc_open+0x26d/0x450
[  660.849970][T16311]  ? __pfx_misc_open+0x10/0x10
[  660.849990][T16311]  chrdev_open+0x234/0x6a0
[  660.850006][T16311]  ? __pfx_apparmor_file_open+0x10/0x10
[  660.850037][T16311]  ? __pfx_chrdev_open+0x10/0x10
[  660.850055][T16311]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  660.850076][T16311]  do_dentry_open+0x982/0x1530
[  660.850093][T16311]  ? __pfx_chrdev_open+0x10/0x10
[  660.850115][T16311]  vfs_open+0x82/0x3f0
[  660.850136][T16311]  path_openat+0x1de4/0x2cb0
[  660.850158][T16311]  ? __pfx_path_openat+0x10/0x10
[  660.850174][T16311]  ? __lock_acquire+0xb8a/0x1c90
[  660.850196][T16311]  do_filp_open+0x20b/0x470
[  660.850211][T16311]  ? __pfx_do_filp_open+0x10/0x10
[  660.850240][T16311]  ? alloc_fd+0x471/0x7d0
[  660.850259][T16311]  do_sys_openat2+0x11b/0x1d0
[  660.850280][T16311]  ? __pfx_do_sys_openat2+0x10/0x10
[  660.850311][T16311]  __x64_sys_openat+0x174/0x210
[  660.850331][T16311]  ? __pfx___x64_sys_openat+0x10/0x10
[  660.850359][T16311]  do_syscall_64+0xcd/0xfa0
[  660.850378][T16311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.850392][T16311] RIP: 0033:0x7f3107b8f6c9
[  660.850405][T16311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.850419][T16311] RSP: 002b:00007f31089ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  660.850433][T16311] RAX: ffffffffffffffda RBX: 00007f3107de5fa0 RCX: 00007f3107b8f6c9
[  660.850443][T16311] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  660.850453][T16311] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  660.850462][T16311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  660.850471][T16311] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  660.850492][T16311]  </TASK>
[  661.098512][    C0] vkms_vblank_simulate: vblank timer overrun
[  661.625407][T16321] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2488'.
[  661.787473][T16321] ipvlan1: entered allmulticast mode
[  661.793162][T16321] veth0_vlan: entered allmulticast mode
[  661.949579][T16316] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  661.968384][T16316] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  662.064831][T16316] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  662.168426][T16316] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  662.842615][ T5828] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  663.195765][T16358] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(2608.0.0), cmd(2)
[  663.727769][T16377] random: crng reseeded on system resumption
[  663.988288][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  663.994376][ T5828] Bluetooth: hci1: command 0x0c1a tx timeout
[  664.007546][T16387] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  664.049766][T16387] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  664.069718][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  664.228259][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  665.076586][ T5828] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  665.084333][ T5828] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  665.098373][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  665.098397][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  665.098408][ T5828] Workqueue: hci2 hci_rx_work
[  665.098430][ T5828] Call Trace:
[  665.098436][ T5828]  <TASK>
[  665.098442][ T5828]  dump_stack_lvl+0x16c/0x1f0
[  665.098463][ T5828]  sysfs_warn_dup+0x7f/0xa0
[  665.098483][ T5828]  sysfs_create_dir_ns+0x24b/0x2b0
[  665.098500][ T5828]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  665.098517][ T5828]  ? find_held_lock+0x2b/0x80
[  665.098535][ T5828]  ? do_raw_spin_unlock+0x172/0x230
[  665.098559][ T5828]  kobject_add_internal+0x2c4/0x9b0
[  665.098582][ T5828]  kobject_add+0x16e/0x240
[  665.098601][ T5828]  ? __pfx_kobject_add+0x10/0x10
[  665.098620][ T5828]  ? do_raw_spin_unlock+0x172/0x230
[  665.098642][ T5828]  ? kobject_put+0xab/0x5a0
[  665.098665][ T5828]  device_add+0x288/0x1aa0
[  665.098687][ T5828]  ? __pfx_dev_set_name+0x10/0x10
[  665.098702][ T5828]  ? __pfx_device_add+0x10/0x10
[  665.098723][ T5828]  ? mgmt_send_event_skb+0x2fb/0x460
[  665.098749][ T5828]  hci_conn_add_sysfs+0x17e/0x230
[  665.098768][ T5828]  le_conn_complete_evt+0x1260/0x2150
[  665.098789][ T5828]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  665.098804][ T5828]  ? bt_warn+0xe4/0x120
[  665.098815][ T5828]  ? __pfx_bt_warn+0x10/0x10
[  665.098833][ T5828]  hci_le_conn_complete_evt+0x23c/0x370
[  665.098852][ T5828]  hci_le_meta_evt+0x357/0x5e0
[  665.098868][ T5828]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  665.098885][ T5828]  hci_event_packet+0x685/0x11c0
[  665.098900][ T5828]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  665.098917][ T5828]  ? __pfx_hci_event_packet+0x10/0x10
[  665.098933][ T5828]  ? kcov_remote_start+0x3c9/0x6d0
[  665.098947][ T5828]  ? lockdep_hardirqs_on+0x7c/0x110
[  665.098969][ T5828]  hci_rx_work+0x2c5/0x16b0
[  665.098986][ T5828]  ? rcu_is_watching+0x12/0xc0
[  665.099004][ T5828]  process_one_work+0x9cf/0x1b70
[  665.099034][ T5828]  ? __pfx_process_one_work+0x10/0x10
[  665.099061][ T5828]  ? assign_work+0x1a0/0x250
[  665.099083][ T5828]  worker_thread+0x6c8/0xf10
[  665.099110][ T5828]  ? __kthread_parkme+0x19e/0x250
[  665.099128][ T5828]  ? __pfx_worker_thread+0x10/0x10
[  665.099149][ T5828]  kthread+0x3c5/0x780
[  665.099170][ T5828]  ? __pfx_kthread+0x10/0x10
[  665.099191][ T5828]  ? rcu_is_watching+0x12/0xc0
[  665.099205][ T5828]  ? __pfx_kthread+0x10/0x10
[  665.099226][ T5828]  ret_from_fork+0x675/0x7d0
[  665.099246][ T5828]  ? __pfx_kthread+0x10/0x10
[  665.099266][ T5828]  ret_from_fork_asm+0x1a/0x30
[  665.099296][ T5828]  </TASK>
[  665.099317][ T5828] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  665.408598][ T5828] Bluetooth: hci2: failed to register connection device
[  666.048456][T16426] random: crng reseeded on system resumption
[  666.074887][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  666.644289][T16441] netlink: 146 bytes leftover after parsing attributes in process `syz.1.2512'.
[  666.903735][ T5828] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  666.928911][T16449] FAULT_INJECTION: forcing a failure.
[  666.928911][T16449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  667.041054][T16449] CPU: 0 UID: 0 PID: 16449 Comm: syz.2.2514 Not tainted syzkaller #0 PREEMPT(full) 
[  667.041076][T16449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  667.041085][T16449] Call Trace:
[  667.041091][T16449]  <TASK>
[  667.041097][T16449]  dump_stack_lvl+0x16c/0x1f0
[  667.041119][T16449]  should_fail_ex+0x512/0x640
[  667.041144][T16449]  _copy_from_user+0x2e/0xd0
[  667.041168][T16449]  vmci_host_unlocked_ioctl+0xbdb/0x2040
[  667.041190][T16449]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  667.041209][T16449]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  667.041235][T16449]  ? do_vfs_ioctl+0x128/0x14f0
[  667.041257][T16449]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  667.041282][T16449]  ? find_held_lock+0x2b/0x80
[  667.041297][T16449]  ? hook_file_ioctl_common+0x145/0x410
[  667.041316][T16449]  ? __fget_files+0x20e/0x3c0
[  667.041333][T16449]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  667.041353][T16449]  __x64_sys_ioctl+0x18e/0x210
[  667.041375][T16449]  do_syscall_64+0xcd/0xfa0
[  667.041394][T16449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.041409][T16449] RIP: 0033:0x7fa47db8f6c9
[  667.041421][T16449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.041436][T16449] RSP: 002b:00007fa47ea38038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  667.041450][T16449] RAX: ffffffffffffffda RBX: 00007fa47dde6090 RCX: 00007fa47db8f6c9
[  667.041460][T16449] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000005
[  667.041468][T16449] RBP: 00007fa47ea38090 R08: 0000000000000000 R09: 0000000000000000
[  667.041477][T16449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  667.041486][T16449] R13: 00007fa47dde6128 R14: 00007fa47dde6090 R15: 00007fff5786dac8
[  667.041505][T16449]  </TASK>
[  668.157071][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  668.413801][T16459] ima: policy update failed
[  668.419082][   T30] audit: type=1802 audit(4294967364.680:40): pid=16459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2519" res=0 errno=0
[  668.583792][T16494] random: crng reseeded on system resumption
[  668.948821][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  669.215789][T16513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2528'.
[  669.632077][T16517] ptp ptp0: only physical clock in use now
[  669.820156][T16524] random: crng reseeded on system resumption
[  669.941812][T16528] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2532'.
[  670.792433][ T5828] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  672.458561][T16583] ima: policy update failed
[  672.466916][   T30] audit: type=1802 audit(4294967368.720:41): pid=16583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2544" res=0 errno=0
[  672.550982][T16586] random: crng reseeded on system resumption
[  672.701261][T16589] FAULT_INJECTION: forcing a failure.
[  672.701261][T16589] name failslab, interval 1, probability 0, space 0, times 0
[  672.741833][T16589] CPU: 0 UID: 0 PID: 16589 Comm: syz.2.2546 Not tainted syzkaller #0 PREEMPT(full) 
[  672.741856][T16589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  672.741866][T16589] Call Trace:
[  672.741871][T16589]  <TASK>
[  672.741878][T16589]  dump_stack_lvl+0x16c/0x1f0
[  672.741900][T16589]  should_fail_ex+0x512/0x640
[  672.741922][T16589]  ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0
[  672.741943][T16589]  should_failslab+0xc2/0x120
[  672.741964][T16589]  __kmalloc_node_track_caller_noprof+0xde/0x8a0
[  672.741982][T16589]  ? register_pidns_sysctls+0x4b/0x1b0
[  672.742007][T16589]  ? kmemdup_noprof+0x29/0x60
[  672.742021][T16589]  ? __pfx_set_is_seen+0x10/0x10
[  672.742037][T16589]  kmemdup_noprof+0x29/0x60
[  672.742053][T16589]  register_pidns_sysctls+0x4b/0x1b0
[  672.742073][T16589]  ? __ns_common_init+0x2a4/0x3b0
[  672.742090][T16589]  copy_pid_ns+0x548/0xca0
[  672.742107][T16589]  ? __ns_tree_add_raw+0x326/0x670
[  672.742123][T16589]  ? __pfx_copy_pid_ns+0x10/0x10
[  672.742138][T16589]  ? do_raw_spin_unlock+0x172/0x230
[  672.742170][T16589]  ? _raw_spin_unlock+0x28/0x50
[  672.742186][T16589]  ? __ns_tree_add_raw+0x326/0x670
[  672.742206][T16589]  ? copy_ipcs+0xb6/0x550
[  672.742229][T16589]  create_new_namespaces+0x2aa/0xa90
[  672.742250][T16589]  copy_namespaces+0x468/0x560
[  672.742267][T16589]  copy_process+0x2828/0x76a0
[  672.742293][T16589]  ? __pfx_copy_process+0x10/0x10
[  672.742314][T16589]  ? _copy_from_user+0x59/0xd0
[  672.742339][T16589]  kernel_clone+0xfc/0x930
[  672.742358][T16589]  ? __pfx_kernel_clone+0x10/0x10
[  672.742374][T16589]  ? futex_private_hash_put+0xd5/0x190
[  672.742397][T16589]  ? __pfx_futex_wake+0x10/0x10
[  672.742421][T16589]  __do_sys_clone3+0x212/0x290
[  672.742438][T16589]  ? __pfx___do_sys_clone3+0x10/0x10
[  672.742479][T16589]  do_syscall_64+0xcd/0xfa0
[  672.742497][T16589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.742512][T16589] RIP: 0033:0x7fa47db8f6c9
[  672.742525][T16589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  672.742539][T16589] RSP: 002b:00007fa47ea58f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  672.742553][T16589] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fa47db8f6c9
[  672.742563][T16589] RDX: 00007fa47ea58f20 RSI: 0000000000000058 RDI: 00007fa47ea58f20
[  672.742572][T16589] RBP: 00007fa47dc11f91 R08: 0000000000000000 R09: 0000000000000058
[  672.742581][T16589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  672.742590][T16589] R13: 00007fa47dde6038 R14: 00007fa47dde5fa0 R15: 00007fff5786dac8
[  672.742610][T16589]  </TASK>
[  673.323283][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  673.561772][T16600] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2548'.
[  673.609213][T16602] random: crng reseeded on system resumption
[  674.516019][T16630] openvswitch: netlink: VXLAN extension 64 out of range max 1
[  674.713765][T16635] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  675.421006][T16637] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  675.594646][T16657] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2560'.
[  675.731314][T12266] usb usb38-port5: attempt power cycle
[  676.388446][T12266] usb usb38-port5: unable to enumerate USB device
[  676.455511][T16671] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2563'.
[  676.487728][T16671] ipvlan1: entered allmulticast mode
[  676.514492][T16671] veth0_vlan: entered allmulticast mode
[  676.532611][T16673] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2564'.
[  676.666505][T16676] FAULT_INJECTION: forcing a failure.
[  676.666505][T16676] name failslab, interval 1, probability 0, space 0, times 0
[  676.693193][T16676] CPU: 0 UID: 0 PID: 16676 Comm: syz.1.2565 Not tainted syzkaller #0 PREEMPT(full) 
[  676.693217][T16676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  676.693227][T16676] Call Trace:
[  676.693233][T16676]  <TASK>
[  676.693239][T16676]  dump_stack_lvl+0x16c/0x1f0
[  676.693261][T16676]  should_fail_ex+0x512/0x640
[  676.693283][T16676]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  676.693301][T16676]  should_failslab+0xc2/0x120
[  676.693321][T16676]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  676.693338][T16676]  ? __d_alloc+0x32/0xae0
[  676.693358][T16676]  ? __d_alloc+0x32/0xae0
[  676.693373][T16676]  __d_alloc+0x32/0xae0
[  676.693390][T16676]  d_alloc_pseudo+0x1c/0xc0
[  676.693410][T16676]  alloc_file_pseudo+0xcf/0x230
[  676.693431][T16676]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  676.693452][T16676]  ? alloc_fd+0x471/0x7d0
[  676.693468][T16676]  sock_alloc_file+0x50/0x210
[  676.693485][T16676]  __sys_socket+0x1c0/0x260
[  676.693504][T16676]  ? __pfx___sys_socket+0x10/0x10
[  676.693522][T16676]  ? xfd_validate_state+0x61/0x180
[  676.693541][T16676]  ? __pfx_ksys_write+0x10/0x10
[  676.693560][T16676]  __x64_sys_socket+0x72/0xb0
[  676.693578][T16676]  ? lockdep_hardirqs_on+0x7c/0x110
[  676.693595][T16676]  do_syscall_64+0xcd/0xfa0
[  676.693612][T16676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.693627][T16676] RIP: 0033:0x7f3107b8f6c9
[  676.693639][T16676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.693653][T16676] RSP: 002b:00007f31089ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  676.693667][T16676] RAX: ffffffffffffffda RBX: 00007f3107de5fa0 RCX: 00007f3107b8f6c9
[  676.693676][T16676] RDX: 000000000000003b RSI: 0000000000000003 RDI: 000000000000000a
[  676.693685][T16676] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  676.693694][T16676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  676.693703][T16676] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  676.693722][T16676]  </TASK>
[  677.233429][T16682] ima: policy update failed
[  677.358535][   T30] audit: type=1802 audit(4294967373.490:42): pid=16682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2567" res=0 errno=0
[  677.727303][T16694] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2572'.
[  678.555130][T16709] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input25
[  678.859235][T16711] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  678.865412][T16711] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  678.876422][T16711] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  678.886585][T16711] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  678.900178][T16711] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  678.907564][T16711] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  678.913889][T16711] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  678.922245][T16711] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  680.183506][T16734] zswap: compressor  not available
[  680.403697][T16761] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2589'.
[  680.684905][T16766] FAULT_INJECTION: forcing a failure.
[  680.684905][T16766] name failslab, interval 1, probability 0, space 0, times 0
[  680.868143][ T5828] Bluetooth: hci1: command 0x0c1a tx timeout
[  680.913430][T16766] CPU: 0 UID: 0 PID: 16766 Comm: syz.0.2587 Not tainted syzkaller #0 PREEMPT(full) 
[  680.913453][T16766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  680.913462][T16766] Call Trace:
[  680.913468][T16766]  <TASK>
[  680.913474][T16766]  dump_stack_lvl+0x16c/0x1f0
[  680.913496][T16766]  should_fail_ex+0x512/0x640
[  680.913524][T16766]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  680.913542][T16766]  should_failslab+0xc2/0x120
[  680.913562][T16766]  kmem_cache_alloc_noprof+0x75/0x6e0
[  680.913577][T16766]  ? vm_area_dup+0x27/0x8d0
[  680.913602][T16766]  ? vm_area_dup+0x27/0x8d0
[  680.913622][T16766]  vm_area_dup+0x27/0x8d0
[  680.913645][T16766]  __split_vma+0x18e/0x1070
[  680.913670][T16766]  ? __pfx___split_vma+0x10/0x10
[  680.913691][T16766]  ? __pfx___might_resched+0x10/0x10
[  680.913706][T16766]  ? change_protection+0x1eb5/0x3f60
[  680.913731][T16766]  ? change_protection+0x4bd/0x3f60
[  680.913758][T16766]  vma_modify+0xee1/0x2030
[  680.913792][T16766]  ? __pfx_vma_modify+0x10/0x10
[  680.913819][T16766]  vma_modify_flags+0x212/0x2d0
[  680.913837][T16766]  ? __pfx_vma_modify_flags+0x10/0x10
[  680.913860][T16766]  ? may_expand_vm+0xe8/0x430
[  680.913882][T16766]  mprotect_fixup+0x1df/0xb40
[  680.913907][T16766]  ? __pfx_mprotect_fixup+0x10/0x10
[  680.913935][T16766]  do_mprotect_pkey+0x9bc/0xd40
[  680.913962][T16766]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  680.913985][T16766]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  680.914012][T16766]  ? __fget_files+0x20e/0x3c0
[  680.914034][T16766]  ? __pfx_ksys_write+0x10/0x10
[  680.914053][T16766]  __x64_sys_mprotect+0x78/0xc0
[  680.914075][T16766]  ? lockdep_hardirqs_on+0x7c/0x110
[  680.914091][T16766]  do_syscall_64+0xcd/0xfa0
[  680.914109][T16766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  680.914124][T16766] RIP: 0033:0x7fd03b38f6c9
[  680.914136][T16766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  680.914150][T16766] RSP: 002b:00007fd03c29d038 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  680.914165][T16766] RAX: ffffffffffffffda RBX: 00007fd03b5e6090 RCX: 00007fd03b38f6c9
[  680.914175][T16766] RDX: 0000000000000006 RSI: 0000000000806121 RDI: 0000000000000000
[  680.914184][T16766] RBP: 00007fd03c29d090 R08: 0000000000000000 R09: 0000000000000000
[  680.914193][T16766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  680.914202][T16766] R13: 00007fd03b5e6128 R14: 00007fd03b5e6090 R15: 00007ffcc4251c98
[  680.914221][T16766]  </TASK>
[  681.463599][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  681.473740][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  681.479832][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  681.594213][T16777] FAULT_INJECTION: forcing a failure.
[  681.594213][T16777] name failslab, interval 1, probability 0, space 0, times 0
[  681.608597][T16777] CPU: 0 UID: 0 PID: 16777 Comm: syz.2.2595 Not tainted syzkaller #0 PREEMPT(full) 
[  681.608617][T16777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  681.608627][T16777] Call Trace:
[  681.608632][T16777]  <TASK>
[  681.608638][T16777]  dump_stack_lvl+0x16c/0x1f0
[  681.608660][T16777]  should_fail_ex+0x512/0x640
[  681.608682][T16777]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  681.608699][T16777]  should_failslab+0xc2/0x120
[  681.608719][T16777]  kmem_cache_alloc_noprof+0x75/0x6e0
[  681.608733][T16777]  ? __anon_vma_prepare+0xae/0x5e0
[  681.608760][T16777]  ? __anon_vma_prepare+0xae/0x5e0
[  681.608781][T16777]  __anon_vma_prepare+0xae/0x5e0
[  681.608802][T16777]  ? do_raw_spin_lock+0x12c/0x2b0
[  681.608826][T16777]  __vmf_anon_prepare+0x11c/0x240
[  681.608847][T16777]  do_huge_pmd_anonymous_page+0x161/0x1f50
[  681.608863][T16777]  ? __pmd_alloc+0x64f/0x8b0
[  681.608883][T16777]  __handle_mm_fault+0x1cff/0x2aa0
[  681.608908][T16777]  ? mt_find+0x3e2/0xa20
[  681.608927][T16777]  ? __pfx___handle_mm_fault+0x10/0x10
[  681.608947][T16777]  ? __pfx_mt_find+0x10/0x10
[  681.608975][T16777]  ? find_vma+0xbf/0x140
[  681.608991][T16777]  ? __pfx_find_vma+0x10/0x10
[  681.609009][T16777]  handle_mm_fault+0x589/0xd10
[  681.609032][T16777]  ? __pkru_allows_pkey+0x21/0xb0
[  681.609055][T16777]  do_user_addr_fault+0x7a6/0x1370
[  681.609070][T16777]  ? rcu_is_watching+0x12/0xc0
[  681.609088][T16777]  exc_page_fault+0x64/0xc0
[  681.609105][T16777]  asm_exc_page_fault+0x26/0x30
[  681.609119][T16777] RIP: 0010:rep_movs_alternative+0xf/0x90
[  681.609141][T16777] Code: c4 10 e9 84 3c 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 3c 04 00 66 66
[  681.609155][T16777] RSP: 0018:ffffc9000438fda8 EFLAGS: 00050202
[  681.609167][T16777] RAX: 0000000000000001 RBX: 0000200000000300 RCX: 0000000000000001
[  681.609176][T16777] RDX: fffff52000871fc9 RSI: 0000200000000300 RDI: ffffc9000438fe40
[  681.609186][T16777] RBP: 0000000000000001 R08: 0000000000000001 R09: fffff52000871fc8
[  681.609194][T16777] R10: ffffc9000438fe40 R11: 0000000000000001 R12: 0000000000000000
[  681.609203][T16777] R13: ffffc9000438fe40 R14: 0000000000000001 R15: 0000000000000011
[  681.609222][T16777]  _copy_from_user+0x98/0xd0
[  681.609245][T16777]  __io_uring_register+0xef4/0x20d0
[  681.609267][T16777]  ? __pfx___io_uring_register+0x10/0x10
[  681.609288][T16777]  ? __fget_files+0x20e/0x3c0
[  681.609308][T16777]  __x64_sys_io_uring_register+0x169/0x280
[  681.609330][T16777]  do_syscall_64+0xcd/0xfa0
[  681.609348][T16777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.609362][T16777] RIP: 0033:0x7fa47db8f6c9
[  681.609373][T16777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.609387][T16777] RSP: 002b:00007fa47ea59038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  681.609400][T16777] RAX: ffffffffffffffda RBX: 00007fa47dde5fa0 RCX: 00007fa47db8f6c9
[  681.609409][T16777] RDX: 0000200000000300 RSI: 0000000000000011 RDI: 0000000000000003
[  681.609418][T16777] RBP: 00007fa47ea59090 R08: 0000000000000000 R09: 0000000000000000
[  681.609426][T16777] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  681.609435][T16777] R13: 00007fa47dde6038 R14: 00007fa47dde5fa0 R15: 00007fff5786dac8
[  681.609454][T16777]  </TASK>
[  682.948946][   T52] Bluetooth: hci1: command 0x0c1a tx timeout
[  683.508534][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  683.514659][   T52] Bluetooth: hci4: command 0x0c1a tx timeout
[  683.820109][T16792] FAULT_INJECTION: forcing a failure.
[  683.820109][T16792] name failslab, interval 1, probability 0, space 0, times 0
[  683.996438][T16792] CPU: 0 UID: 0 PID: 16792 Comm: syz.0.2600 Not tainted syzkaller #0 PREEMPT(full) 
[  683.996462][T16792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  683.996472][T16792] Call Trace:
[  683.996478][T16792]  <TASK>
[  683.996485][T16792]  dump_stack_lvl+0x16c/0x1f0
[  683.996507][T16792]  should_fail_ex+0x512/0x640
[  683.996530][T16792]  ? __kmalloc_noprof+0xca/0x880
[  683.996555][T16792]  should_failslab+0xc2/0x120
[  683.996575][T16792]  __kmalloc_noprof+0xdd/0x880
[  683.996597][T16792]  ? __register_sysctl_table+0xe8e/0x1900
[  683.996618][T16792]  ? __register_sysctl_table+0xea2/0x1900
[  683.996651][T16792]  ? __register_sysctl_table+0xea2/0x1900
[  683.996672][T16792]  __register_sysctl_table+0xea2/0x1900
[  683.996698][T16792]  ? __pfx___register_sysctl_table+0x10/0x10
[  683.996722][T16792]  ? __asan_memcpy+0x3c/0x60
[  683.996740][T16792]  setup_ipc_sysctls+0x1aa/0x300
[  683.996761][T16792]  copy_ipcs+0x3fe/0x550
[  683.996784][T16792]  create_new_namespaces+0x20a/0xa90
[  683.996801][T16792]  ? security_capable+0x7e/0x260
[  683.996822][T16792]  copy_namespaces+0x468/0x560
[  683.996839][T16792]  copy_process+0x2828/0x76a0
[  683.996864][T16792]  ? __pfx_copy_process+0x10/0x10
[  683.996885][T16792]  ? _copy_from_user+0x59/0xd0
[  683.996909][T16792]  kernel_clone+0xfc/0x930
[  683.996928][T16792]  ? __pfx_kernel_clone+0x10/0x10
[  683.996944][T16792]  ? futex_private_hash_put+0xd5/0x190
[  683.996965][T16792]  ? __pfx_futex_wait+0x10/0x10
[  683.996992][T16792]  __do_sys_clone3+0x212/0x290
[  683.997009][T16792]  ? __pfx___do_sys_clone3+0x10/0x10
[  683.997034][T16792]  ? find_held_lock+0x2b/0x80
[  683.997063][T16792]  do_syscall_64+0xcd/0xfa0
[  683.997081][T16792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.997096][T16792] RIP: 0033:0x7fd03b38f6c9
[  683.997108][T16792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.997122][T16792] RSP: 002b:00007fd03c2bdf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  683.997138][T16792] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fd03b38f6c9
[  683.997148][T16792] RDX: 00007fd03c2bdf20 RSI: 0000000000000058 RDI: 00007fd03c2bdf20
[  683.997157][T16792] RBP: 00007fd03b411f91 R08: 0000000000000000 R09: 0000000000000058
[  683.997166][T16792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  683.997174][T16792] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  683.997193][T16792]  </TASK>
[  684.239336][    C0] vkms_vblank_simulate: vblank timer overrun
[  684.246137][T16792] sysctl could not get directory: /kernel -12
[  684.974848][   T52] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  685.457378][T16819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000
[  685.500861][T16819] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  685.532420][T16819] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000
[  685.578148][T16819] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  685.588476][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  685.622717][T16819] page dumped because: unmovable page
[  685.671783][T16819] page_owner info is not present (never set?)
[  685.831243][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  685.837619][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  686.674251][T16844] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2615'.
[  686.700407][T16844] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2615'.
[  686.816994][T16847] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2616'.
[  687.165740][T16861] binder: 16851:16861 ioctl 4018620d 9 returned -22
[  687.194918][T16861] binder: 16851:16861 ioctl 4018620d 9 returned -22
[  687.274092][T16860] binder: 16859:16860 ioctl 4018620d 9 returned -22
[  687.299140][T16860] binder: 16859:16860 ioctl 4018620d 9 returned -22
[  687.668482][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  687.951721][   T52] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18
[  687.960992][T16875] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2622'.
[  688.401450][T16885] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2626'.
[  689.193524][T16889] zswap: compressor  not available
[  689.988620][   T52] Bluetooth: hci5: command 0x0c1a tx timeout
[  690.499033][T16930] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2633'.
[  690.704915][T16933] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2634'.
[  690.906501][T16935] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2635'.
[  691.243855][T16940] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  691.305105][T16940] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  691.909105][ T5923] usb usb38-port5: attempt power cycle
[  692.540050][ T5923] usb usb38-port5: unable to enumerate USB device
[  692.575894][T16964] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2641'.
[  692.604344][T16966] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2642'.
[  692.726329][T16964] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2641'.
[  693.460271][T16981] random: crng reseeded on system resumption
[  696.420345][T17039] binder: 17032:17039 ioctl 4018620d 9 returned -22
[  696.527302][T17039] binder: 17032:17039 ioctl 4018620d 9 returned -22
[  696.631903][ T4784] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.397603][ T5828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  697.414242][ T5828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  697.426723][ T5828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  697.437131][ T5828] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  697.444995][ T5828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  697.511228][ T4784] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.813165][ T4784] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.876233][ T5828] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  697.884235][ T5828] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[  697.893687][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  697.893710][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  697.893721][ T5828] Workqueue: hci2 hci_rx_work
[  697.893742][ T5828] Call Trace:
[  697.893748][ T5828]  <TASK>
[  697.893756][ T5828]  dump_stack_lvl+0x16c/0x1f0
[  697.893776][ T5828]  sysfs_warn_dup+0x7f/0xa0
[  697.893796][ T5828]  sysfs_create_dir_ns+0x24b/0x2b0
[  697.893814][ T5828]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  697.893830][ T5828]  ? find_held_lock+0x2b/0x80
[  697.893849][ T5828]  ? do_raw_spin_unlock+0x172/0x230
[  697.893873][ T5828]  kobject_add_internal+0x2c4/0x9b0
[  697.893895][ T5828]  kobject_add+0x16e/0x240
[  697.893914][ T5828]  ? __pfx_kobject_add+0x10/0x10
[  697.893933][ T5828]  ? do_raw_spin_unlock+0x172/0x230
[  697.893955][ T5828]  ? kobject_put+0xab/0x5a0
[  697.893978][ T5828]  device_add+0x288/0x1aa0
[  697.894001][ T5828]  ? __pfx_dev_set_name+0x10/0x10
[  697.894015][ T5828]  ? __pfx_device_add+0x10/0x10
[  697.894040][ T5828]  ? mgmt_send_event_skb+0x2fb/0x460
[  697.894060][ T5828]  hci_conn_add_sysfs+0x17e/0x230
[  697.894078][ T5828]  le_conn_complete_evt+0x1260/0x2150
[  697.894099][ T5828]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  697.894114][ T5828]  ? bt_warn+0xe4/0x120
[  697.894126][ T5828]  ? __pfx_bt_warn+0x10/0x10
[  697.894144][ T5828]  hci_le_conn_complete_evt+0x23c/0x370
[  697.894166][ T5828]  hci_le_meta_evt+0x357/0x5e0
[  697.894183][ T5828]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  697.894201][ T5828]  hci_event_packet+0x685/0x11c0
[  697.894216][ T5828]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  697.894233][ T5828]  ? __pfx_hci_event_packet+0x10/0x10
[  697.894249][ T5828]  ? kcov_remote_start+0x3c9/0x6d0
[  697.894263][ T5828]  ? lockdep_hardirqs_on+0x7c/0x110
[  697.894284][ T5828]  hci_rx_work+0x2c5/0x16b0
[  697.894301][ T5828]  ? rcu_is_watching+0x12/0xc0
[  697.894319][ T5828]  process_one_work+0x9cf/0x1b70
[  697.894348][ T5828]  ? __pfx_process_one_work+0x10/0x10
[  697.894375][ T5828]  ? assign_work+0x1a0/0x250
[  697.894397][ T5828]  worker_thread+0x6c8/0xf10
[  697.894425][ T5828]  ? __kthread_parkme+0x19e/0x250
[  697.894444][ T5828]  ? __pfx_worker_thread+0x10/0x10
[  697.894465][ T5828]  kthread+0x3c5/0x780
[  697.894485][ T5828]  ? __pfx_kthread+0x10/0x10
[  697.894507][ T5828]  ? rcu_is_watching+0x12/0xc0
[  697.894522][ T5828]  ? __pfx_kthread+0x10/0x10
[  697.894542][ T5828]  ret_from_fork+0x675/0x7d0
[  697.894563][ T5828]  ? __pfx_kthread+0x10/0x10
[  697.894583][ T5828]  ret_from_fork_asm+0x1a/0x30
[  697.894621][ T5828]  </TASK>
[  697.894704][ T5828] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  698.184744][ T5828] Bluetooth: hci2: failed to register connection device
[  698.376184][T17057] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  698.385918][T17057] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  698.397127][T17057] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  698.416908][T17057] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  698.423741][T17057] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  698.433943][T17057] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  698.441131][T17057] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  698.449134][ T4784] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.468567][T17057] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  698.485931][T17057] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  698.571556][T17071] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26
[  698.986366][T17077] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27
[  699.409046][ T4784] bridge_slave_1: left allmulticast mode
[  699.438739][ T4784] bridge_slave_1: left promiscuous mode
[  699.461374][ T4784] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.491472][ T4784] bridge_slave_0: left allmulticast mode
[  699.520080][ T4784] bridge_slave_0: left promiscuous mode
[  699.539129][ T4784] bridge0: port 1(bridge_slave_0) entered disabled state
[  699.668252][   T52] Bluetooth: hci2: command 0x0c1a tx timeout
[  700.272387][T17090] ima: policy update failed
[  700.307346][   T30] audit: type=1802 audit(4294967396.564:43): pid=17090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2667" res=0 errno=0
[  700.468254][   T52] Bluetooth: hci0: command 0x041b tx timeout
[  700.475561][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  700.481869][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  700.899474][ T4784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  700.920666][ T4784] bond0 (unregistering): Released all slaves
[  701.005670][T17096] debugfs: '!PjE�r��҄y�*�"�l-���y–��L̓���]' already exists in 'ieee80211'
[  701.211198][ T4784] tipc: Left network mode
[  701.522214][T17054] chnl_net:caif_netlink_parms(): no params data found
[  701.748127][T17106] Bluetooth: hci2: command 0x0c1a tx timeout
[  701.959890][T17117] FAULT_INJECTION: forcing a failure.
[  701.959890][T17117] name fail_futex, interval 1, probability 0, space 0, times 0
[  701.959918][T17117] CPU: 0 UID: 0 PID: 17117 Comm: syz.1.2671 Not tainted syzkaller #0 PREEMPT(full) 
[  701.959936][T17117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  701.959945][T17117] Call Trace:
[  701.959950][T17117]  <TASK>
[  701.959956][T17117]  dump_stack_lvl+0x16c/0x1f0
[  701.959987][T17117]  should_fail_ex+0x512/0x640
[  701.960012][T17117]  get_futex_key+0x1d0/0x1560
[  701.960034][T17117]  ? __pfx_get_futex_key+0x10/0x10
[  701.960059][T17117]  futex_wake+0xea/0x530
[  701.960082][T17117]  ? __pfx_futex_wake+0x10/0x10
[  701.960105][T17117]  ? __lock_acquire+0x622/0x1c90
[  701.960129][T17117]  do_futex+0x1e3/0x350
[  701.960148][T17117]  ? __pfx_do_futex+0x10/0x10
[  701.960167][T17117]  ? find_held_lock+0x2b/0x80
[  701.960185][T17117]  __x64_sys_futex+0x1e0/0x4c0
[  701.960206][T17117]  ? __pfx___x64_sys_futex+0x10/0x10
[  701.960226][T17117]  ? __pfx___x64_sys_pidfd_open+0x10/0x10
[  701.960253][T17117]  do_syscall_64+0xcd/0xfa0
[  701.960271][T17117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.960285][T17117] RIP: 0033:0x7f3107b8f6c9
[  701.960297][T17117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  701.960312][T17117] RSP: 002b:00007f31089ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  701.960326][T17117] RAX: ffffffffffffffda RBX: 00007f3107de5fa8 RCX: 00007f3107b8f6c9
[  701.960336][T17117] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3107de5fac
[  701.960345][T17117] RBP: 00007f3107de5fa0 R08: 00007f3108a00000 R09: 0000000000000000
[  701.960354][T17117] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000
[  701.960363][T17117] R13: 00007f3107de6038 R14: 00007fffddd75060 R15: 00007fffddd75148
[  701.960381][T17117]  </TASK>
[  702.078625][T17106] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  702.550242][ T5840] Bluetooth: hci0: command 0x041b tx timeout
[  702.550293][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout
[  703.012565][T17054] bridge0: port 1(bridge_slave_0) entered blocking state
[  703.012632][T17054] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.012772][T17054] bridge_slave_0: entered allmulticast mode
[  703.013795][T17054] bridge_slave_0: entered promiscuous mode
[  703.150701][T17054] bridge0: port 2(bridge_slave_1) entered blocking state
[  703.150774][T17054] bridge0: port 2(bridge_slave_1) entered disabled state
[  703.150918][T17054] bridge_slave_1: entered allmulticast mode
[  703.151976][T17054] bridge_slave_1: entered promiscuous mode
[  703.190713][ T4784] hsr_slave_0: left promiscuous mode
[  703.193961][ T4784] hsr_slave_1: left promiscuous mode
[  703.194435][ T4784] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  703.194451][ T4784] batman_adv: batadv0: Removing interface: batadv_slave_0
[  703.202390][ T4784] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  703.202411][ T4784] batman_adv: batadv0: Removing interface: batadv_slave_1
[  703.326300][ T4784] veth0_macvtap: left promiscuous mode
[  703.326531][ T4784] veth1_vlan: left promiscuous mode
[  703.334283][ T4784] veth0_vlan: left promiscuous mode
[  703.828401][T17106] Bluetooth: hci2: command 0x0c1a tx timeout
[  704.148140][T17106] Bluetooth: hci4: command 0x0c1a tx timeout
[  704.629144][T17106] Bluetooth: hci0: command 0x041b tx timeout
[  705.426322][T17133] tty tty12: ldisc open failed (-12), clearing slot 11
[  705.623968][ T4784] team0 (unregistering): Port device team_slave_1 removed
[  705.908513][T17106] Bluetooth: hci2: command 0x0c1a tx timeout
[  705.919421][ T4784] team0 (unregistering): Port device team_slave_0 removed
[  706.708268][T17106] Bluetooth: hci0: command 0x041b tx timeout
[  706.723241][T17154] FAULT_INJECTION: forcing a failure.
[  706.723241][T17154] name failslab, interval 1, probability 0, space 0, times 0
[  706.798404][T17154] CPU: 0 UID: 0 PID: 17154 Comm: syz.0.2678 Not tainted syzkaller #0 PREEMPT(full) 
[  706.798428][T17154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  706.798439][T17154] Call Trace:
[  706.798444][T17154]  <TASK>
[  706.798451][T17154]  dump_stack_lvl+0x16c/0x1f0
[  706.798472][T17154]  should_fail_ex+0x512/0x640
[  706.798494][T17154]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  706.798514][T17154]  should_failslab+0xc2/0x120
[  706.798533][T17154]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  706.798549][T17154]  ? __d_alloc+0x32/0xae0
[  706.798569][T17154]  ? __d_alloc+0x32/0xae0
[  706.798584][T17154]  __d_alloc+0x32/0xae0
[  706.798601][T17154]  d_alloc_pseudo+0x1c/0xc0
[  706.798621][T17154]  alloc_file_pseudo+0xcf/0x230
[  706.798643][T17154]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  706.798663][T17154]  ? alloc_fd+0x471/0x7d0
[  706.798679][T17154]  sock_alloc_file+0x50/0x210
[  706.798696][T17154]  __sys_socket+0x1c0/0x260
[  706.798723][T17154]  ? __pfx___sys_socket+0x10/0x10
[  706.798742][T17154]  ? xfd_validate_state+0x61/0x180
[  706.798767][T17154]  __x64_sys_socket+0x72/0xb0
[  706.798785][T17154]  ? lockdep_hardirqs_on+0x7c/0x110
[  706.798802][T17154]  do_syscall_64+0xcd/0xfa0
[  706.798820][T17154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  706.798834][T17154] RIP: 0033:0x7fd03b38f6c9
[  706.798847][T17154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  706.798861][T17154] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  706.798876][T17154] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  706.798886][T17154] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
[  706.798894][T17154] RBP: 00007fd03b411f91 R08: 0000000000000000 R09: 0000000000000000
[  706.798903][T17154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  706.798912][T17154] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  706.798931][T17154]  </TASK>
[  707.005428][    C0] vkms_vblank_simulate: vblank timer overrun
[  707.122308][T17160] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2679'.
[  707.536265][T17167] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  707.549442][T17166] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  707.555721][T17166] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  707.578298][T17166] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  707.591232][T17167] CPU: 0 UID: 0 PID: 17167 Comm: syz.0.2681 Not tainted syzkaller #0 PREEMPT(full) 
[  707.591255][T17167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  707.591265][T17167] Call Trace:
[  707.591271][T17167]  <TASK>
[  707.591278][T17167]  dump_stack_lvl+0x16c/0x1f0
[  707.591300][T17167]  sysfs_warn_dup+0x7f/0xa0
[  707.591320][T17167]  sysfs_do_create_link_sd+0x124/0x140
[  707.591339][T17167]  sysfs_create_link+0x61/0xc0
[  707.591357][T17167]  device_add+0x62c/0x1aa0
[  707.591382][T17167]  ? __pfx_device_add+0x10/0x10
[  707.591402][T17167]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  707.591427][T17167]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  707.591448][T17167]  wiphy_register+0x1eb0/0x2b20
[  707.591468][T17167]  ? netdev_run_todo+0x864/0x1320
[  707.591489][T17167]  ? __pfx_wiphy_register+0x10/0x10
[  707.591518][T17167]  ieee80211_register_hw+0x253d/0x4120
[  707.591546][T17167]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  707.591565][T17167]  ? __pfx___debug_object_init+0x10/0x10
[  707.591587][T17167]  ? find_held_lock+0x2b/0x80
[  707.591604][T17167]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  707.591628][T17167]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  707.591647][T17167]  ? __hrtimer_setup+0x176/0x280
[  707.591670][T17167]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  707.591697][T17167]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  707.591719][T17167]  hwsim_new_radio_nl+0xba2/0x1330
[  707.591737][T17167]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  707.591758][T17167]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  707.591777][T17167]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  707.591799][T17167]  genl_family_rcv_msg_doit+0x209/0x2f0
[  707.591828][T17167]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  707.591853][T17167]  ? bpf_lsm_capable+0x9/0x10
[  707.591872][T17167]  ? security_capable+0x7e/0x260
[  707.591893][T17167]  ? ns_capable+0xd7/0x110
[  707.591910][T17167]  genl_rcv_msg+0x55c/0x800
[  707.591930][T17167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  707.591948][T17167]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  707.591970][T17167]  netlink_rcv_skb+0x158/0x420
[  707.591985][T17167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  707.592003][T17167]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  707.592026][T17167]  ? netlink_deliver_tap+0x1ae/0xd30
[  707.592043][T17167]  genl_rcv+0x28/0x40
[  707.592058][T17167]  netlink_unicast+0x5aa/0x870
[  707.592076][T17167]  ? __pfx_netlink_unicast+0x10/0x10
[  707.592090][T17167]  ? __pfx___might_resched+0x10/0x10
[  707.592112][T17167]  netlink_sendmsg+0x8c8/0xdd0
[  707.592130][T17167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  707.592147][T17167]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  707.592172][T17167]  ____sys_sendmsg+0xa98/0xc70
[  707.592192][T17167]  ? copy_msghdr_from_user+0x10a/0x160
[  707.592205][T17167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  707.592225][T17167]  ? __page_table_check_ptes_set+0x1ae/0x420
[  707.592245][T17167]  ? do_pte_missing+0x8a3/0x3ba0
[  707.592270][T17167]  ___sys_sendmsg+0x134/0x1d0
[  707.592286][T17167]  ? __pfx____sys_sendmsg+0x10/0x10
[  707.592299][T17167]  ? __lock_acquire+0x622/0x1c90
[  707.592353][T17167]  __sys_sendmsg+0x16d/0x220
[  707.592368][T17167]  ? __pfx___sys_sendmsg+0x10/0x10
[  707.592383][T17167]  ? find_held_lock+0x2b/0x80
[  707.592403][T17167]  ? do_user_addr_fault+0x843/0x1370
[  707.592423][T17167]  do_syscall_64+0xcd/0xfa0
[  707.592442][T17167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.592457][T17167] RIP: 0033:0x7fd03b38f6c9
[  707.592472][T17167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.592486][T17167] RSP: 002b:00007fd03c29d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  707.592501][T17167] RAX: ffffffffffffffda RBX: 00007fd03b5e6090 RCX: 00007fd03b38f6c9
[  707.592512][T17167] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003
[  707.592521][T17167] RBP: 00007fd03b411f91 R08: 0000000000000000 R09: 0000000000000000
[  707.592531][T17167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  707.592540][T17167] R13: 00007fd03b5e6128 R14: 00007fd03b5e6090 R15: 00007ffcc4251c98
[  707.592561][T17167]  </TASK>
[  708.808494][ T5840] Bluetooth: hci0: command 0x041b tx timeout
[  708.873561][T17166] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  709.021810][T17054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  709.032610][T17166] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  709.060056][T17163] ima: policy update failed
[  709.065732][T17054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  709.078078][   T30] audit: type=1802 audit(4294967405.324:44): pid=17163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2681" res=0 errno=0
[  709.280309][T17054] team0: Port device team_slave_0 added
[  709.287920][T17054] team0: Port device team_slave_1 added
[  709.523936][T17179] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2685'.
[  709.585717][T17054] batman_adv: batadv0: Adding interface: batadv_slave_0
[  709.593842][ T5840] Bluetooth: hci4: command 0x0c1a tx timeout
[  709.599917][T17106] Bluetooth: hci2: command 0x0c1a tx timeout
[  709.715066][T17054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  710.037541][T17054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  710.095528][T17185] FAULT_INJECTION: forcing a failure.
[  710.095528][T17185] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  710.111045][T17185] CPU: 0 UID: 0 PID: 17185 Comm: syz.1.2687 Not tainted syzkaller #0 PREEMPT(full) 
[  710.111067][T17185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  710.111077][T17185] Call Trace:
[  710.111082][T17185]  <TASK>
[  710.111088][T17185]  dump_stack_lvl+0x16c/0x1f0
[  710.111110][T17185]  should_fail_ex+0x512/0x640
[  710.111135][T17185]  _copy_to_user+0x32/0xd0
[  710.111159][T17185]  simple_read_from_buffer+0xcb/0x170
[  710.111183][T17185]  proc_fail_nth_read+0x197/0x240
[  710.111200][T17185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  710.111217][T17185]  ? rw_verify_area+0xcf/0x6c0
[  710.111230][T17185]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  710.111245][T17185]  vfs_read+0x1e4/0xcf0
[  710.111262][T17185]  ? __pfx_aa_sk_perm+0x10/0x10
[  710.111277][T17185]  ? __pfx_vfs_read+0x10/0x10
[  710.111293][T17185]  ? rcu_is_watching+0x12/0xc0
[  710.111309][T17185]  ? kfree+0x252/0x6d0
[  710.111330][T17185]  ? aa_sock_opt_perm+0xfd/0x1c0
[  710.111351][T17185]  ? do_sock_setsockopt+0x101/0x1d0
[  710.111371][T17185]  ksys_read+0x12a/0x250
[  710.111386][T17185]  ? __pfx_ksys_read+0x10/0x10
[  710.111406][T17185]  do_syscall_64+0xcd/0xfa0
[  710.111424][T17185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  710.111439][T17185] RIP: 0033:0x7f3107b8e0dc
[  710.111451][T17185] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  710.111466][T17185] RSP: 002b:00007f31089ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  710.111480][T17185] RAX: ffffffffffffffda RBX: 00007f3107de5fa0 RCX: 00007f3107b8e0dc
[  710.111490][T17185] RDX: 000000000000000f RSI: 00007f31089ff0a0 RDI: 0000000000000004
[  710.111500][T17185] RBP: 00007f31089ff090 R08: 0000000000000000 R09: 0000000000000000
[  710.111508][T17185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  710.111517][T17185] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  710.111536][T17185]  </TASK>
[  710.392977][T17054] batman_adv: batadv0: Adding interface: batadv_slave_1
[  710.399999][T17054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  710.426492][T17054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  710.795712][T17054] hsr_slave_0: entered promiscuous mode
[  710.815155][T17192] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  710.825532][T17192] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  710.834498][T17192] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  710.841414][T17054] hsr_slave_1: entered promiscuous mode
[  710.847267][T17192] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  711.538423][T17221] netlink: 744 bytes leftover after parsing attributes in process `syz.1.2695'.
[  712.869905][T17106] Bluetooth: hci0: command 0x041b tx timeout
[  712.876094][ T5840] Bluetooth: hci5: command 0x0c1a tx timeout
[  712.882573][   T52] Bluetooth: hci4: command 0x0c1a tx timeout
[  712.889038][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  713.411184][T17227] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  713.437843][T17227] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  713.454600][T17227] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  713.471509][T17227] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  714.105434][T17054] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  714.159594][T17054] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  714.210934][T17054] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  714.416907][T17054] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  714.581528][T17233] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  714.948534][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  715.136114][T17274] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2706'.
[  715.272493][T17283] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2708'.
[  715.421733][T17054] 8021q: adding VLAN 0 to HW filter on device bond0
[  715.516996][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  715.524011][T17233] Bluetooth: hci5: command 0x0c1a tx timeout
[  715.533221][T17106] Bluetooth: hci4: command 0x0c1a tx timeout
[  715.544069][T17054] 8021q: adding VLAN 0 to HW filter on device team0
[  715.607187][   T69] bridge0: port 1(bridge_slave_0) entered blocking state
[  715.614343][   T69] bridge0: port 1(bridge_slave_0) entered forwarding state
[  715.694037][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[  715.701222][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[  716.097576][T17304] binder: 17294:17304 ioctl 4018620d 9 returned -22
[  716.205858][T17304] binder: 17294:17304 ioctl 4018620d 9 returned -22
[  716.723188][T17054] 8021q: adding VLAN 0 to HW filter on device batadv0
[  717.077631][T17322] netlink: 744 bytes leftover after parsing attributes in process `syz.1.2716'.
[  717.214279][T17054] veth0_vlan: entered promiscuous mode
[  717.314786][T17054] veth1_vlan: entered promiscuous mode
[  717.588739][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  717.633069][T17054] veth0_macvtap: entered promiscuous mode
[  717.719839][T17054] veth1_macvtap: entered promiscuous mode
[  717.729089][T17324] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  717.803979][T17324] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  717.875720][T17324] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  717.951879][T17054] batman_adv: batadv0: Interface activated: batadv_slave_0
[  717.978939][T17324] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  718.024282][T17324] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  718.083110][T17054] batman_adv: batadv0: Interface activated: batadv_slave_1
[  718.236097][ T4812] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  718.236173][ T4812] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  718.236201][ T4812] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  718.236228][ T4812] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  718.910785][T17355] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  719.069983][ T4812] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  719.110120][ T4812] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  719.192975][T17357] netlink: 744 bytes leftover after parsing attributes in process `syz.1.2726'.
[  719.403953][ T4812] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  719.533720][ T4812] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  719.750756][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  719.828193][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  719.961999][ T5828] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  719.989535][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  720.001514][T17370] FAULT_INJECTION: forcing a failure.
[  720.001514][T17370] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  720.016566][   T30] audit: type=1800 audit(4294967416.264:45): pid=17368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2729" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0
[  720.057594][T17370] CPU: 0 UID: 0 PID: 17370 Comm: syz.1.2730 Not tainted syzkaller #0 PREEMPT(full) 
[  720.057617][T17370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  720.057627][T17370] Call Trace:
[  720.057633][T17370]  <TASK>
[  720.057640][T17370]  dump_stack_lvl+0x16c/0x1f0
[  720.057663][T17370]  should_fail_ex+0x512/0x640
[  720.057689][T17370]  should_fail_alloc_page+0xe7/0x130
[  720.057711][T17370]  prepare_alloc_pages+0x3c2/0x610
[  720.057739][T17370]  ? rcu_is_watching+0x12/0xc0
[  720.057758][T17370]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  720.057776][T17370]  ? __lock_acquire+0xb8a/0x1c90
[  720.057802][T17370]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  720.057817][T17370]  ? do_raw_spin_lock+0x12c/0x2b0
[  720.057839][T17370]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  720.057860][T17370]  ? find_held_lock+0x2b/0x80
[  720.057880][T17370]  ? __lock_acquire+0xb8a/0x1c90
[  720.057898][T17370]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  720.057922][T17370]  ? policy_nodemask+0xea/0x4e0
[  720.057942][T17370]  alloc_pages_mpol+0x1fb/0x550
[  720.057961][T17370]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  720.057985][T17370]  folio_alloc_mpol_noprof+0x36/0x2f0
[  720.058012][T17370]  shmem_alloc_folio+0x135/0x160
[  720.058034][T17370]  shmem_alloc_and_add_folio+0x499/0xc20
[  720.058061][T17370]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[  720.058087][T17370]  ? shmem_allowable_huge_orders+0xd4/0x3f0
[  720.058107][T17370]  shmem_get_folio_gfp+0x67f/0x1610
[  720.058126][T17370]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  720.058141][T17370]  ? __pfx_timestamp_truncate+0x10/0x10
[  720.058161][T17370]  shmem_fault+0x1fe/0xa30
[  720.058176][T17370]  ? __pfx_shmem_fault+0x10/0x10
[  720.058193][T17370]  ? __pfx___up_read+0x10/0x10
[  720.058213][T17370]  ? inode_to_bdi+0x9e/0x160
[  720.058233][T17370]  ? __pfx_filemap_map_pages+0x10/0x10
[  720.058246][T17370]  __do_fault+0x10d/0x490
[  720.058262][T17370]  ? __pfx_filemap_map_pages+0x10/0x10
[  720.058274][T17370]  do_pte_missing+0x1a6/0x3ba0
[  720.058295][T17370]  ? find_held_lock+0x2b/0x80
[  720.058310][T17370]  ? __handle_mm_fault+0x1529/0x2aa0
[  720.058334][T17370]  __handle_mm_fault+0x1556/0x2aa0
[  720.058361][T17370]  ? __pfx___handle_mm_fault+0x10/0x10
[  720.058383][T17370]  ? __pte_offset_map_lock+0x174/0x310
[  720.058401][T17370]  ? find_held_lock+0x2b/0x80
[  720.058420][T17370]  ? follow_page_pte+0x5cf/0x1390
[  720.058442][T17370]  handle_mm_fault+0x589/0xd10
[  720.058467][T17370]  __get_user_pages+0x54e/0x3530
[  720.058492][T17370]  ? down_read_killable+0x220/0x4b0
[  720.058513][T17370]  ? __pfx___get_user_pages+0x10/0x10
[  720.058537][T17370]  faultin_page_range+0x338/0x940
[  720.058560][T17370]  madvise_do_behavior+0x34c/0x530
[  720.058583][T17370]  ? __pfx_madvise_do_behavior+0x10/0x10
[  720.058604][T17370]  ? down_read+0x13d/0x480
[  720.058631][T17370]  do_madvise+0x176/0x240
[  720.058650][T17370]  ? __pfx_do_madvise+0x10/0x10
[  720.058669][T17370]  ? do_futex+0x122/0x350
[  720.058700][T17370]  ? xfd_validate_state+0x61/0x180
[  720.058719][T17370]  ? __pfx_do_writev+0x10/0x10
[  720.058744][T17370]  __x64_sys_madvise+0xa9/0x110
[  720.058765][T17370]  ? lockdep_hardirqs_on+0x7c/0x110
[  720.058782][T17370]  do_syscall_64+0xcd/0xfa0
[  720.058801][T17370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.058817][T17370] RIP: 0033:0x7f3107b8f6c9
[  720.058831][T17370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.058845][T17370] RSP: 002b:00007f31089ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  720.058860][T17370] RAX: ffffffffffffffda RBX: 00007f3107de5fa0 RCX: 00007f3107b8f6c9
[  720.058870][T17370] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000
[  720.058879][T17370] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  720.058888][T17370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  720.058898][T17370] R13: 00007f3107de6038 R14: 00007f3107de5fa0 R15: 00007fffddd75148
[  720.058918][T17370]  </TASK>
[  720.444102][    C0] vkms_vblank_simulate: vblank timer overrun
[  720.948276][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  721.086712][   T30] audit: type=1326 audit(4294967417.344:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17373 comm="syz.4.2732" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc94c98f6c9 code=0x0
[  721.161721][T17376] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  721.715736][T17394] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2734'.
[  721.908629][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  722.218924][T17405] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2736'.
[  722.356916][T17405] ipvlan1: entered allmulticast mode
[  722.515544][T17405] veth0_vlan: entered allmulticast mode
[  722.856604][ T5828] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  723.030860][T17233] Bluetooth: hci0: command 0x041b tx timeout
[  723.657407][T17424] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2743'.
[  723.679232][T17424] ipvlan1: entered allmulticast mode
[  723.684547][T17424] veth0_vlan: entered allmulticast mode
[  724.402385][T17446] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2749'.
[  724.589148][T17451] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  724.617128][T17451] CPU: 0 UID: 0 PID: 17451 Comm: syz.1.2750 Not tainted syzkaller #0 PREEMPT(full) 
[  724.617152][T17451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  724.617161][T17451] Call Trace:
[  724.617167][T17451]  <TASK>
[  724.617174][T17451]  dump_stack_lvl+0x16c/0x1f0
[  724.617196][T17451]  sysfs_warn_dup+0x7f/0xa0
[  724.617216][T17451]  sysfs_do_create_link_sd+0x124/0x140
[  724.617237][T17451]  sysfs_create_link+0x61/0xc0
[  724.617255][T17451]  device_add+0x62c/0x1aa0
[  724.617281][T17451]  ? __pfx_device_add+0x10/0x10
[  724.617301][T17451]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  724.617327][T17451]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  724.617348][T17451]  wiphy_register+0x1eb0/0x2b20
[  724.617367][T17451]  ? netdev_run_todo+0x864/0x1320
[  724.617388][T17451]  ? __pfx_wiphy_register+0x10/0x10
[  724.617418][T17451]  ieee80211_register_hw+0x253d/0x4120
[  724.617446][T17451]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  724.617466][T17451]  ? __pfx___debug_object_init+0x10/0x10
[  724.617488][T17451]  ? find_held_lock+0x2b/0x80
[  724.617504][T17451]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  724.617527][T17451]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  724.617546][T17451]  ? __hrtimer_setup+0x176/0x280
[  724.617570][T17451]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  724.617601][T17451]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  724.617622][T17451]  hwsim_new_radio_nl+0xba2/0x1330
[  724.617645][T17451]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  724.617668][T17451]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  724.617688][T17451]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  724.617712][T17451]  genl_family_rcv_msg_doit+0x209/0x2f0
[  724.617732][T17451]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  724.617756][T17451]  ? bpf_lsm_capable+0x9/0x10
[  724.617775][T17451]  ? security_capable+0x7e/0x260
[  724.617796][T17451]  ? ns_capable+0xd7/0x110
[  724.617813][T17451]  genl_rcv_msg+0x55c/0x800
[  724.617833][T17451]  ? __pfx_genl_rcv_msg+0x10/0x10
[  724.617851][T17451]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  724.617872][T17451]  netlink_rcv_skb+0x158/0x420
[  724.617888][T17451]  ? __pfx_genl_rcv_msg+0x10/0x10
[  724.617906][T17451]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  724.617929][T17451]  ? netlink_deliver_tap+0x1ae/0xd30
[  724.617946][T17451]  genl_rcv+0x28/0x40
[  724.617961][T17451]  netlink_unicast+0x5aa/0x870
[  724.617978][T17451]  ? __pfx_netlink_unicast+0x10/0x10
[  724.617993][T17451]  ? __pfx___might_resched+0x10/0x10
[  724.618014][T17451]  netlink_sendmsg+0x8c8/0xdd0
[  724.618032][T17451]  ? __pfx_netlink_sendmsg+0x10/0x10
[  724.618050][T17451]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  724.618074][T17451]  ____sys_sendmsg+0xa98/0xc70
[  724.618093][T17451]  ? copy_msghdr_from_user+0x10a/0x160
[  724.618106][T17451]  ? __pfx_____sys_sendmsg+0x10/0x10
[  724.618122][T17451]  ? __page_table_check_ptes_set+0x1ae/0x420
[  724.618143][T17451]  ? do_pte_missing+0x8a3/0x3ba0
[  724.618168][T17451]  ___sys_sendmsg+0x134/0x1d0
[  724.618183][T17451]  ? __pfx____sys_sendmsg+0x10/0x10
[  724.618195][T17451]  ? __lock_acquire+0x622/0x1c90
[  724.618238][T17451]  __sys_sendmsg+0x16d/0x220
[  724.618252][T17451]  ? __pfx___sys_sendmsg+0x10/0x10
[  724.618266][T17451]  ? find_held_lock+0x2b/0x80
[  724.618285][T17451]  ? do_user_addr_fault+0x843/0x1370
[  724.618304][T17451]  do_syscall_64+0xcd/0xfa0
[  724.618323][T17451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  724.618339][T17451] RIP: 0033:0x7f3107b8f6c9
[  724.618352][T17451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  724.618366][T17451] RSP: 002b:00007f31089de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  724.618381][T17451] RAX: ffffffffffffffda RBX: 00007f3107de6090 RCX: 00007f3107b8f6c9
[  724.618390][T17451] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003
[  724.618400][T17451] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  724.618409][T17451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  724.618418][T17451] R13: 00007f3107de6128 R14: 00007f3107de6090 R15: 00007fffddd75148
[  724.618439][T17451]  </TASK>
[  725.621851][T17233] Bluetooth: hci4: command 0x0c1a tx timeout
[  725.874972][T17458] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2754'.
[  726.222508][T17447] ima: policy update failed
[  726.227141][   T30] audit: type=1802 audit(4294967422.484:47): pid=17447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2750" res=0 errno=0
[  726.337156][T17468] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  726.437927][T17472] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2758'.
[  726.494583][T17473] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29
[  726.688138][T17470] FAULT_INJECTION: forcing a failure.
[  726.688138][T17470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  726.994615][T17470] CPU: 0 UID: 0 PID: 17470 Comm: syz.4.2756 Not tainted syzkaller #0 PREEMPT(full) 
[  726.994638][T17470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  726.994647][T17470] Call Trace:
[  726.994652][T17470]  <TASK>
[  726.994658][T17470]  dump_stack_lvl+0x16c/0x1f0
[  726.994680][T17470]  should_fail_ex+0x512/0x640
[  726.994705][T17470]  _copy_from_user+0x2e/0xd0
[  726.994728][T17470]  copy_msghdr_from_user+0x98/0x160
[  726.994744][T17470]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  726.994761][T17470]  ? kfree+0x252/0x6d0
[  726.994783][T17470]  ? __lock_acquire+0x622/0x1c90
[  726.994806][T17470]  ___sys_recvmsg+0xdb/0x1a0
[  726.994820][T17470]  ? __pfx____sys_recvmsg+0x10/0x10
[  726.994843][T17470]  ? __pfx___might_resched+0x10/0x10
[  726.994862][T17470]  do_recvmmsg+0x2fe/0x750
[  726.994879][T17470]  ? __pfx_do_recvmmsg+0x10/0x10
[  726.994896][T17470]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  726.994930][T17470]  ? __fget_files+0x20e/0x3c0
[  726.994949][T17470]  __x64_sys_recvmmsg+0x22a/0x280
[  726.994965][T17470]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  726.994985][T17470]  do_syscall_64+0xcd/0xfa0
[  726.995003][T17470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.995018][T17470] RIP: 0033:0x7fc94c98f6c9
[  726.995030][T17470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.995044][T17470] RSP: 002b:00007fc94d8bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  726.995059][T17470] RAX: ffffffffffffffda RBX: 00007fc94cbe5fa0 RCX: 00007fc94c98f6c9
[  726.995068][T17470] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  726.995077][T17470] RBP: 00007fc94d8bd090 R08: 0000000000000000 R09: 0000000000000000
[  726.995086][T17470] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000002
[  726.995095][T17470] R13: 00007fc94cbe6038 R14: 00007fc94cbe5fa0 R15: 00007ffebf523e18
[  726.995114][T17470]  </TASK>
[  727.570857][T17492] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2763'.
[  727.611205][T17477] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  727.644680][T17477] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  727.683274][T17477] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  727.769199][T17477] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  727.821227][T17477] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  727.837555][T17477] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  727.912054][T17501] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2764'.
[  727.946978][T17499] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2765'.
[  728.118324][T17501] ipvlan1: entered allmulticast mode
[  728.123650][T17501] veth0_vlan: entered allmulticast mode
[  728.132858][T17505] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2768'.
[  728.145057][T17499] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2765'.
[  728.405909][T17508] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2769'.
[  728.547054][T17512] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30
[  728.716365][T17513] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31
[  728.776658][T17515] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32
[  728.794601][T17519] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2772'.
[  728.828268][T17519] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  728.838395][T17519] batman_adv: batadv0: Removing interface: batadv_slave_0
[  728.923225][T17519] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  728.932092][T17519] batman_adv: batadv0: Removing interface: batadv_slave_1
[  728.958417][T17233] Bluetooth: hci2: command 0x0c1a tx timeout
[  729.077056][T17527] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  729.311097][T17527] FAULT_INJECTION: forcing a failure.
[  729.311097][T17527] name failslab, interval 1, probability 0, space 0, times 0
[  729.375608][T17522] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33
[  729.388105][T12265] usb usb38-port5: attempt power cycle
[  729.486671][T17527] CPU: 0 UID: 0 PID: 17527 Comm: syz.4.2773 Not tainted syzkaller #0 PREEMPT(full) 
[  729.486695][T17527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  729.486705][T17527] Call Trace:
[  729.486711][T17527]  <TASK>
[  729.486718][T17527]  dump_stack_lvl+0x16c/0x1f0
[  729.486740][T17527]  should_fail_ex+0x512/0x640
[  729.486762][T17527]  ? __kmalloc_cache_noprof+0x5f/0x780
[  729.486788][T17527]  should_failslab+0xc2/0x120
[  729.486808][T17527]  __kmalloc_cache_noprof+0x72/0x780
[  729.486831][T17527]  ? rfkill_fop_open+0x1b6/0x750
[  729.486848][T17527]  ? rfkill_fop_open+0x1b6/0x750
[  729.486861][T17527]  rfkill_fop_open+0x1b6/0x750
[  729.486877][T17527]  ? __pfx_rfkill_fop_open+0x10/0x10
[  729.486891][T17527]  misc_open+0x26d/0x450
[  729.486913][T17527]  ? __pfx_misc_open+0x10/0x10
[  729.486933][T17527]  chrdev_open+0x234/0x6a0
[  729.486949][T17527]  ? __pfx_apparmor_file_open+0x10/0x10
[  729.486970][T17527]  ? __pfx_chrdev_open+0x10/0x10
[  729.486988][T17527]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  729.487028][T17527]  do_dentry_open+0x982/0x1530
[  729.487047][T17527]  ? __pfx_chrdev_open+0x10/0x10
[  729.487068][T17527]  vfs_open+0x82/0x3f0
[  729.487091][T17527]  path_openat+0x1de4/0x2cb0
[  729.487114][T17527]  ? __pfx_path_openat+0x10/0x10
[  729.487130][T17527]  ? __lock_acquire+0xb8a/0x1c90
[  729.487152][T17527]  do_filp_open+0x20b/0x470
[  729.487168][T17527]  ? __pfx_do_filp_open+0x10/0x10
[  729.487196][T17527]  ? alloc_fd+0x471/0x7d0
[  729.487216][T17527]  do_sys_openat2+0x11b/0x1d0
[  729.487236][T17527]  ? __pfx_do_sys_openat2+0x10/0x10
[  729.487263][T17527]  __x64_sys_openat+0x174/0x210
[  729.487290][T17527]  ? __pfx___x64_sys_openat+0x10/0x10
[  729.487320][T17527]  do_syscall_64+0xcd/0xfa0
[  729.487341][T17527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.487356][T17527] RIP: 0033:0x7fc94c98f6c9
[  729.487368][T17527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.487383][T17527] RSP: 002b:00007fc94d8bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  729.487397][T17527] RAX: ffffffffffffffda RBX: 00007fc94cbe5fa0 RCX: 00007fc94c98f6c9
[  729.487407][T17527] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  729.487416][T17527] RBP: 00007fc94ca11f91 R08: 0000000000000000 R09: 0000000000000000
[  729.487425][T17527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  729.487434][T17527] R13: 00007fc94cbe6038 R14: 00007fc94cbe5fa0 R15: 00007ffebf523e18
[  729.487454][T17527]  </TASK>
[  730.028487][T17233] Bluetooth: hci4: command 0x0c1a tx timeout
[  730.034547][T17233] Bluetooth: hci0: command 0x041b tx timeout
[  730.058107][T17233] Bluetooth: hci5: command 0x0c1a tx timeout
[  730.088261][T17538] netlink: 338 bytes leftover after parsing attributes in process `syz.4.2779'.
[  730.185564][T17539] FAULT_INJECTION: forcing a failure.
[  730.185564][T17539] name failslab, interval 1, probability 0, space 0, times 0
[  730.208176][T17539] CPU: 0 UID: 0 PID: 17539 Comm: syz.2.2778 Not tainted syzkaller #0 PREEMPT(full) 
[  730.208200][T17539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  730.208210][T17539] Call Trace:
[  730.208216][T17539]  <TASK>
[  730.208222][T17539]  dump_stack_lvl+0x16c/0x1f0
[  730.208245][T17539]  should_fail_ex+0x512/0x640
[  730.208266][T17539]  ? __kmalloc_cache_noprof+0x5f/0x780
[  730.208291][T17539]  should_failslab+0xc2/0x120
[  730.208311][T17539]  __kmalloc_cache_noprof+0x72/0x780
[  730.208335][T17539]  ? rfkill_fop_open+0x1b6/0x750
[  730.208352][T17539]  ? rfkill_fop_open+0x1b6/0x750
[  730.208364][T17539]  rfkill_fop_open+0x1b6/0x750
[  730.208381][T17539]  ? __pfx_rfkill_fop_open+0x10/0x10
[  730.208395][T17539]  misc_open+0x26d/0x450
[  730.208416][T17539]  ? __pfx_misc_open+0x10/0x10
[  730.208436][T17539]  chrdev_open+0x234/0x6a0
[  730.208453][T17539]  ? __pfx_apparmor_file_open+0x10/0x10
[  730.208474][T17539]  ? __pfx_chrdev_open+0x10/0x10
[  730.208491][T17539]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  730.208511][T17539]  do_dentry_open+0x982/0x1530
[  730.208528][T17539]  ? __pfx_chrdev_open+0x10/0x10
[  730.208548][T17539]  vfs_open+0x82/0x3f0
[  730.208571][T17539]  path_openat+0x1de4/0x2cb0
[  730.208594][T17539]  ? __pfx_path_openat+0x10/0x10
[  730.208610][T17539]  ? __lock_acquire+0xb8a/0x1c90
[  730.208632][T17539]  do_filp_open+0x20b/0x470
[  730.208647][T17539]  ? __pfx_do_filp_open+0x10/0x10
[  730.208676][T17539]  ? alloc_fd+0x471/0x7d0
[  730.208696][T17539]  do_sys_openat2+0x11b/0x1d0
[  730.208716][T17539]  ? __pfx_do_sys_openat2+0x10/0x10
[  730.208744][T17539]  __x64_sys_openat+0x174/0x210
[  730.208764][T17539]  ? __pfx___x64_sys_openat+0x10/0x10
[  730.208793][T17539]  do_syscall_64+0xcd/0xfa0
[  730.208811][T17539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.208826][T17539] RIP: 0033:0x7f0dfa38f6c9
[  730.208839][T17539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.208853][T17539] RSP: 002b:00007f0dfb2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  730.208867][T17539] RAX: ffffffffffffffda RBX: 00007f0dfa5e5fa0 RCX: 00007f0dfa38f6c9
[  730.208877][T17539] RDX: 0000000040000100 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  730.208886][T17539] RBP: 00007f0dfa411f91 R08: 0000000000000000 R09: 0000000000000000
[  730.208895][T17539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.208903][T17539] R13: 00007f0dfa5e6038 R14: 00007f0dfa5e5fa0 R15: 00007ffc894a8198
[  730.208923][T17539]  </TASK>
[  730.920826][T17542] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2780'.
[  730.941931][T17542] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2780'.
[  731.059478][T12265] usb usb38-port5: unable to enumerate USB device
[  731.352732][T17557] binder: 17548:17557 ioctl 4018620d 9 returned -22
[  731.444176][T17557] binder: 17548:17557 ioctl 4018620d 9 returned -22
[  732.069115][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  732.075163][T17233] Bluetooth: hci4: command 0x0c1a tx timeout
[  732.215380][T17567] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34
[  732.321387][T17571] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35
[  732.374068][T17562] dyndbg: bad flag-op ., at start of ./cgroup
[  732.538141][T17562] dyndbg: flags parse failed
[  733.408175][ T5828] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  733.531734][T17588] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2790'.
[  733.954758][T17599] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2795'.
[  734.406102][T17612] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2799'.
[  734.507714][T17616] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2800'.
[  735.428194][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  735.636250][T17637] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2805'.
[  735.659766][T17634] netlink: 744 bytes leftover after parsing attributes in process `syz.4.2804'.
[  735.925927][T17646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36
[  735.999665][T17646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37
[  736.128799][T17650] FAULT_INJECTION: forcing a failure.
[  736.128799][T17650] name failslab, interval 1, probability 0, space 0, times 0
[  736.163143][T17650] CPU: 0 UID: 0 PID: 17650 Comm: syz.2.2809 Not tainted syzkaller #0 PREEMPT(full) 
[  736.163165][T17650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  736.163175][T17650] Call Trace:
[  736.163181][T17650]  <TASK>
[  736.163187][T17650]  dump_stack_lvl+0x16c/0x1f0
[  736.163209][T17650]  should_fail_ex+0x512/0x640
[  736.163234][T17650]  should_failslab+0xc2/0x120
[  736.163255][T17650]  __kmalloc_noprof+0xdd/0x880
[  736.163278][T17650]  ? vmci_handle_arr_create+0x67/0x140
[  736.163299][T17650]  ? vmci_handle_arr_create+0x67/0x140
[  736.163316][T17650]  vmci_handle_arr_create+0x67/0x140
[  736.163333][T17650]  vmci_ctx_create+0x22a/0x740
[  736.163358][T17650]  vmci_host_unlocked_ioctl+0x1ad8/0x2040
[  736.163378][T17650]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  736.163397][T17650]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  736.163423][T17650]  ? do_vfs_ioctl+0x128/0x14f0
[  736.163445][T17650]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  736.163471][T17650]  ? find_held_lock+0x2b/0x80
[  736.163485][T17650]  ? hook_file_ioctl_common+0x145/0x410
[  736.163505][T17650]  ? __fget_files+0x20e/0x3c0
[  736.163522][T17650]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[  736.163542][T17650]  __x64_sys_ioctl+0x18e/0x210
[  736.163564][T17650]  do_syscall_64+0xcd/0xfa0
[  736.163583][T17650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  736.163598][T17650] RIP: 0033:0x7f0dfa38f6c9
[  736.163611][T17650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  736.163625][T17650] RSP: 002b:00007f0dfb286038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  736.163640][T17650] RAX: ffffffffffffffda RBX: 00007f0dfa5e6090 RCX: 00007f0dfa38f6c9
[  736.163650][T17650] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000005
[  736.163659][T17650] RBP: 00007f0dfb286090 R08: 0000000000000000 R09: 0000000000000000
[  736.163668][T17650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  736.163676][T17650] R13: 00007f0dfa5e6128 R14: 00007f0dfa5e6090 R15: 00007ffc894a8198
[  736.163695][T17650]  </TASK>
[  736.371953][    C0] vkms_vblank_simulate: vblank timer overrun
[  736.399810][T17652] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2810'.
[  738.123987][ T5828] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  738.477063][T17691] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2820'.
[  738.558869][T17692] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2818'.
[  738.733062][T17692] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2818'.
[  739.123979][T17703] queue_state_write: operation too long
[  739.223050][T17703] queue_state_write: use 'run', 'start' or 'kick'
[  739.565610][T17720] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38
[  740.148220][T17233] Bluetooth: hci0: command 0x041b tx timeout
[  740.559921][T17739] netlink: 'syz.2.2831': attribute type 11 has an invalid length.
[  740.740712][T17741] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2833'.
[  740.760880][T14689] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  740.918350][T17743] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2832'.
[  741.092358][T17743] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2832'.
[  741.271220][T14689] netdevsim netdevsim15 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  741.426538][T14689] netdevsim netdevsim15 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  741.690459][ T4812] netdevsim netdevsim15 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  741.710322][T17756] vivid-003: =================  START STATUS  =================
[  741.799200][T17756] vivid-003: Radio HW Seek Mode: Bounded
[  741.912185][T17756] vivid-003: Radio Programmable HW Seek: false
[  741.929699][T14689] netdevsim netdevsim15 eth4: set [1, 0] type 2 family 0 port 6081 - 0
[  742.099365][T17756] vivid-003: RDS Rx I/O Mode: Block I/O
[  742.203897][T17756] vivid-003: Generate RBDS Instead of RDS: false
[  742.316537][T17756] vivid-003: RDS Reception: true
[  742.326473][T17772] ptrace attach of "./syz-executor exec"[15479] was attempted by "./syz-executor exec"[17772]
[  742.428908][T17756] vivid-003: RDS Program Type: 0 inactive
[  742.572033][T17756] vivid-003: RDS PS Name:  inactive
[  742.674617][T17756] vivid-003: RDS Radio Text:  inactive
[  742.810975][T17756] vivid-003: RDS Traffic Announcement: false inactive
[  742.975408][T17756] vivid-003: RDS Traffic Program: false inactive
[  743.102086][T17756] vivid-003: RDS Music: false inactive
[  743.107593][T17756] vivid-003: ==================  END STATUS  ==================
[  743.887311][T17799] FAULT_INJECTION: forcing a failure.
[  743.887311][T17799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  743.951465][T17795] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  743.967241][T17795] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  743.987083][T17795] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  744.022757][T17795] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  744.035684][T17795] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  744.042277][T17799] CPU: 0 UID: 0 PID: 17799 Comm: syz.0.2847 Not tainted syzkaller #0 PREEMPT(full) 
[  744.042298][T17799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  744.042307][T17799] Call Trace:
[  744.042313][T17799]  <TASK>
[  744.042319][T17799]  dump_stack_lvl+0x16c/0x1f0
[  744.042341][T17799]  should_fail_ex+0x512/0x640
[  744.042366][T17799]  _copy_from_user+0x2e/0xd0
[  744.042389][T17799]  copy_msghdr_from_user+0x98/0x160
[  744.042405][T17799]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  744.042428][T17799]  ___sys_sendmsg+0xfe/0x1d0
[  744.042442][T17799]  ? __pfx____sys_sendmsg+0x10/0x10
[  744.042455][T17799]  ? __lock_acquire+0x622/0x1c90
[  744.042496][T17799]  __sys_sendmsg+0x16d/0x220
[  744.042510][T17799]  ? __pfx___sys_sendmsg+0x10/0x10
[  744.042536][T17799]  do_syscall_64+0xcd/0xfa0
[  744.042554][T17799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.042570][T17799] RIP: 0033:0x7fd03b38f6c9
[  744.042582][T17799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.042596][T17799] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  744.042610][T17799] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  744.042620][T17799] RDX: 0000000000000040 RSI: 00002000000110c0 RDI: 0000000000000003
[  744.042629][T17799] RBP: 00007fd03c2be090 R08: 0000000000000000 R09: 0000000000000000
[  744.042638][T17799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  744.042646][T17799] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  744.042665][T17799]  </TASK>
[  744.388296][T17795] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  744.744100][T17805] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2850'.
[  745.912403][T17233] Bluetooth: hci2: command 0x0c1a tx timeout
[  745.990655][T17233] Bluetooth: hci4: command 0x0c1a tx timeout
[  746.013938][T17825] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39
[  746.068453][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  746.074570][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  747.007219][T17847] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2860'.
[  747.276071][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  747.282507][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  747.322346][ T5828] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18
[  747.560989][T17866] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2868'.
[  747.915219][T17849] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  747.976868][T17849] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  748.043759][T17849] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  748.114886][T17849] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  748.145049][T17233] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  748.192121][T17849] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  748.247685][T17887] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2875'.
[  748.439225][T17893] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2877'.
[  748.858177][T17902] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2879'.
[  749.251884][T17911] FAULT_INJECTION: forcing a failure.
[  749.251884][T17911] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  749.402881][T17917] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2884'.
[  749.415435][T17911] CPU: 0 UID: 0 PID: 17911 Comm: syz.0.2881 Not tainted syzkaller #0 PREEMPT(full) 
[  749.415459][T17911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  749.415468][T17911] Call Trace:
[  749.415474][T17911]  <TASK>
[  749.415480][T17911]  dump_stack_lvl+0x16c/0x1f0
[  749.415503][T17911]  should_fail_ex+0x512/0x640
[  749.415528][T17911]  _copy_to_iter+0x29f/0x1710
[  749.415556][T17911]  ? __pfx__copy_to_iter+0x10/0x10
[  749.415578][T17911]  ? __pfx___mutex_lock+0x10/0x10
[  749.415596][T17911]  ? aa_file_perm+0x28f/0x12e0
[  749.415617][T17911]  ? aa_file_perm+0x29e/0x12e0
[  749.415635][T17911]  copy_page_to_iter+0x12a/0x1e0
[  749.415660][T17911]  anon_pipe_read+0x47e/0x1210
[  749.415680][T17911]  ? find_held_lock+0x2b/0x80
[  749.415696][T17911]  ? get_pid_task+0xfc/0x250
[  749.415717][T17911]  ? __pfx_anon_pipe_read+0x10/0x10
[  749.415735][T17911]  ? common_file_perm+0x1a9/0x340
[  749.415749][T17911]  ? bpf_lsm_file_permission+0x9/0x10
[  749.415766][T17911]  ? security_file_permission+0x71/0x210
[  749.415788][T17911]  ? rw_verify_area+0xcf/0x6c0
[  749.415804][T17911]  vfs_read+0xa98/0xcf0
[  749.415823][T17911]  ? __pfx_vfs_read+0x10/0x10
[  749.415836][T17911]  ? find_held_lock+0x2b/0x80
[  749.415862][T17911]  ksys_read+0x1f8/0x250
[  749.415877][T17911]  ? __pfx_ksys_read+0x10/0x10
[  749.415897][T17911]  do_syscall_64+0xcd/0xfa0
[  749.415916][T17911]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.415930][T17911] RIP: 0033:0x7fd03b38f6c9
[  749.415942][T17911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.415957][T17911] RSP: 002b:00007fd03c29d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  749.415972][T17911] RAX: ffffffffffffffda RBX: 00007fd03b5e6090 RCX: 00007fd03b38f6c9
[  749.415981][T17911] RDX: 0000000000001000 RSI: 0000200000000140 RDI: 0000000000000004
[  749.415991][T17911] RBP: 00007fd03c29d090 R08: 0000000000000000 R09: 0000000000000000
[  749.415999][T17911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  749.416008][T17911] R13: 00007fd03b5e6128 R14: 00007fd03b5e6090 R15: 00007ffcc4251c98
[  749.416027][T17911]  </TASK>
[  749.879761][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout
[  749.966055][T17919] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2885'.
[  749.976021][T17917] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2884'.
[  749.998360][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  750.068272][ T5828] Bluetooth: hci5: command 0x0c1a tx timeout
[  750.101964][T17919] binder: 17918:17919 ioctl 4018620d 9 returned -22
[  750.122485][T17919] binder: 17918:17919 ioctl 4018620d 9 returned -22
[  750.148721][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  750.722044][T17939] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2890'.
[  751.675216][T17956] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2894'.
[  752.070171][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  752.228185][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  752.784350][T17973] random: crng reseeded on system resumption
[  753.452666][T17980] debugfs: '!PjE�r��҄y�*�"�l-���y–��L̓���]' already exists in 'ieee80211'
[  753.492251][T17984] binder: 17979:17984 ioctl 4018620d 9 returned -22
[  753.653927][T17981] binder: 17979:17981 ioctl 4018620d 9 returned -22
[  753.819251][T18000] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2905'.
[  753.840048][T17997] netlink: 744 bytes leftover after parsing attributes in process `syz.4.2903'.
[  754.308366][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  755.219053][T18028] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2914'.
[  755.501496][T18034] Invalid ELF header magic: != ELF
[  755.616880][T18037] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  755.648151][T18037] CPU: 0 UID: 0 PID: 18037 Comm: syz.2.2915 Not tainted syzkaller #0 PREEMPT(full) 
[  755.648177][T18037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  755.648186][T18037] Call Trace:
[  755.648192][T18037]  <TASK>
[  755.648199][T18037]  dump_stack_lvl+0x16c/0x1f0
[  755.648221][T18037]  sysfs_warn_dup+0x7f/0xa0
[  755.648241][T18037]  sysfs_do_create_link_sd+0x124/0x140
[  755.648260][T18037]  sysfs_create_link+0x61/0xc0
[  755.648277][T18037]  device_add+0x62c/0x1aa0
[  755.648302][T18037]  ? __pfx_device_add+0x10/0x10
[  755.648322][T18037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  755.648347][T18037]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  755.648368][T18037]  wiphy_register+0x1eb0/0x2b20
[  755.648387][T18037]  ? netdev_run_todo+0x864/0x1320
[  755.648409][T18037]  ? __pfx_wiphy_register+0x10/0x10
[  755.648438][T18037]  ieee80211_register_hw+0x253d/0x4120
[  755.648465][T18037]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  755.648485][T18037]  ? __pfx___debug_object_init+0x10/0x10
[  755.648506][T18037]  ? find_held_lock+0x2b/0x80
[  755.648522][T18037]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  755.648545][T18037]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  755.648565][T18037]  ? __hrtimer_setup+0x176/0x280
[  755.648588][T18037]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  755.648615][T18037]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  755.648637][T18037]  hwsim_new_radio_nl+0xba2/0x1330
[  755.648654][T18037]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  755.648675][T18037]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  755.648694][T18037]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  755.648717][T18037]  genl_family_rcv_msg_doit+0x209/0x2f0
[  755.648736][T18037]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  755.648760][T18037]  ? bpf_lsm_capable+0x9/0x10
[  755.648779][T18037]  ? security_capable+0x7e/0x260
[  755.648799][T18037]  ? ns_capable+0xd7/0x110
[  755.648816][T18037]  genl_rcv_msg+0x55c/0x800
[  755.648836][T18037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  755.648853][T18037]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  755.648875][T18037]  netlink_rcv_skb+0x158/0x420
[  755.648891][T18037]  ? __pfx_genl_rcv_msg+0x10/0x10
[  755.648909][T18037]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  755.648933][T18037]  ? netlink_deliver_tap+0x1ae/0xd30
[  755.648950][T18037]  genl_rcv+0x28/0x40
[  755.648965][T18037]  netlink_unicast+0x5aa/0x870
[  755.648983][T18037]  ? __pfx_netlink_unicast+0x10/0x10
[  755.648997][T18037]  ? __pfx___might_resched+0x10/0x10
[  755.649019][T18037]  netlink_sendmsg+0x8c8/0xdd0
[  755.649038][T18037]  ? __pfx_netlink_sendmsg+0x10/0x10
[  755.649062][T18037]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  755.649088][T18037]  ____sys_sendmsg+0xa98/0xc70
[  755.649109][T18037]  ? copy_msghdr_from_user+0x10a/0x160
[  755.649123][T18037]  ? __pfx_____sys_sendmsg+0x10/0x10
[  755.649139][T18037]  ? __page_table_check_ptes_set+0x1ae/0x420
[  755.649159][T18037]  ? do_pte_missing+0x8a3/0x3ba0
[  755.649185][T18037]  ___sys_sendmsg+0x134/0x1d0
[  755.649200][T18037]  ? __pfx____sys_sendmsg+0x10/0x10
[  755.649212][T18037]  ? __lock_acquire+0x622/0x1c90
[  755.649255][T18037]  __sys_sendmsg+0x16d/0x220
[  755.649270][T18037]  ? __pfx___sys_sendmsg+0x10/0x10
[  755.649283][T18037]  ? find_held_lock+0x2b/0x80
[  755.649303][T18037]  ? do_user_addr_fault+0x843/0x1370
[  755.649322][T18037]  do_syscall_64+0xcd/0xfa0
[  755.649341][T18037]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.649355][T18037] RIP: 0033:0x7f0dfa38f6c9
[  755.649369][T18037] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.649384][T18037] RSP: 002b:00007f0dfb265038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  755.649398][T18037] RAX: ffffffffffffffda RBX: 00007f0dfa5e6180 RCX: 00007f0dfa38f6c9
[  755.649408][T18037] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003
[  755.649417][T18037] RBP: 00007f0dfa411f91 R08: 0000000000000000 R09: 0000000000000000
[  755.649426][T18037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  755.649436][T18037] R13: 00007f0dfa5e6218 R14: 00007f0dfa5e6180 R15: 00007ffc894a8198
[  755.649457][T18037]  </TASK>
[  756.669537][T18030] ima: policy update failed
[  756.688479][   T30] audit: type=1802 audit(4294967452.934:48): pid=18030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.2915" res=0 errno=0
[  757.009917][T18050] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2920'.
[  757.185969][T18050] binder: 18049:18050 ioctl 4018620d 9 returned -22
[  757.216901][T18050] binder: 18049:18050 ioctl 4018620d 9 returned -22
[  757.314996][T18060] netlink: 744 bytes leftover after parsing attributes in process `syz.4.2918'.
[  757.347497][T18062] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2922'.
[  757.873996][T18069] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2924'.
[  758.056345][T18070] tipc: Started in network mode
[  758.076241][T18070] tipc: Node identity ee00, cluster identity 4711
[  758.113776][T18070] tipc: Node number set to 60928
[  758.160361][T18073] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  758.167726][T18073] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  758.181469][T18073] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  758.286964][T18073] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  758.294975][T18073] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  758.994395][T18083] netlink: 'syz.1.2929': attribute type 1 has an invalid length.
[  759.331223][T18091] input: jJǸ-���9�%v����l��Q�	J86�� as /devices/virtual/input/input40
[  759.435309][T18096] Process accounting resumed
[  759.498779][T18091] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2930'.
[  759.682521][T18105] netlink: 744 bytes leftover after parsing attributes in process `syz.2.2934'.
[  760.197945][T18111] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41
[  760.228224][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  760.235606][T17233] Bluetooth: hci2: command 0x0c1a tx timeout
[  760.308123][ T5828] Bluetooth: hci0: command 0x041b tx timeout
[  760.314160][T17233] Bluetooth: hci5: command 0x0c1a tx timeout
[  760.645726][T18123] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2940'.
[  760.692204][T18116] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42
[  760.765280][T18127] FAULT_INJECTION: forcing a failure.
[  760.765280][T18127] name failslab, interval 1, probability 0, space 0, times 0
[  760.811483][T18127] CPU: 0 UID: 0 PID: 18127 Comm: syz.2.2941 Not tainted syzkaller #0 PREEMPT(full) 
[  760.811506][T18127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  760.811516][T18127] Call Trace:
[  760.811521][T18127]  <TASK>
[  760.811527][T18127]  dump_stack_lvl+0x16c/0x1f0
[  760.811550][T18127]  should_fail_ex+0x512/0x640
[  760.811571][T18127]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  760.811589][T18127]  should_failslab+0xc2/0x120
[  760.811609][T18127]  kmem_cache_alloc_node_noprof+0x78/0x770
[  760.811624][T18127]  ? __alloc_skb+0x2b2/0x380
[  760.811657][T18127]  ? __alloc_skb+0x2b2/0x380
[  760.811677][T18127]  __alloc_skb+0x2b2/0x380
[  760.811699][T18127]  ? __pfx___alloc_skb+0x10/0x10
[  760.811723][T18127]  ? find_held_lock+0x2b/0x80
[  760.811741][T18127]  alloc_skb_with_frags+0xe0/0x860
[  760.811762][T18127]  sock_alloc_send_pskb+0x7f9/0x980
[  760.811790][T18127]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  760.811817][T18127]  ? __local_bh_enable_ip+0xa4/0x120
[  760.811836][T18127]  j1939_sk_sendmsg+0x6bc/0x13d0
[  760.811859][T18127]  ? __pfx_aa_sk_perm+0x10/0x10
[  760.811877][T18127]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  760.811895][T18127]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  760.811919][T18127]  sock_write_iter+0x566/0x610
[  760.811938][T18127]  ? __pfx_sock_write_iter+0x10/0x10
[  760.811962][T18127]  ? bpf_lsm_file_permission+0x9/0x10
[  760.811979][T18127]  ? security_file_permission+0x71/0x210
[  760.811995][T18127]  ? rw_verify_area+0xcf/0x6c0
[  760.812010][T18127]  vfs_write+0x7d3/0x11d0
[  760.812026][T18127]  ? __pfx_sock_write_iter+0x10/0x10
[  760.812046][T18127]  ? __pfx_vfs_write+0x10/0x10
[  760.812059][T18127]  ? find_held_lock+0x2b/0x80
[  760.812085][T18127]  ksys_write+0x1f8/0x250
[  760.812101][T18127]  ? __pfx_ksys_write+0x10/0x10
[  760.812122][T18127]  do_syscall_64+0xcd/0xfa0
[  760.812140][T18127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.812155][T18127] RIP: 0033:0x7f0dfa38f6c9
[  760.812168][T18127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.812182][T18127] RSP: 002b:00007f0dfb2a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  760.812196][T18127] RAX: ffffffffffffffda RBX: 00007f0dfa5e5fa0 RCX: 00007f0dfa38f6c9
[  760.812206][T18127] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  760.812215][T18127] RBP: 00007f0dfb2a7090 R08: 0000000000000000 R09: 0000000000000000
[  760.812224][T18127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  760.812232][T18127] R13: 00007f0dfa5e6038 R14: 00007f0dfa5e5fa0 R15: 00007ffc894a8198
[  760.812252][T18127]  </TASK>
[  761.753779][T18135] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2944'.
[  761.830440][T18136] FAULT_INJECTION: forcing a failure.
[  761.830440][T18136] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.879025][T18136] CPU: 0 UID: 0 PID: 18136 Comm: syz.1.2944 Not tainted syzkaller #0 PREEMPT(full) 
[  761.879048][T18136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  761.879058][T18136] Call Trace:
[  761.879064][T18136]  <TASK>
[  761.879070][T18136]  dump_stack_lvl+0x16c/0x1f0
[  761.879091][T18136]  should_fail_ex+0x512/0x640
[  761.879123][T18136]  _copy_from_user+0x2e/0xd0
[  761.879147][T18136]  copy_msghdr_from_user+0x98/0x160
[  761.879163][T18136]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  761.879181][T18136]  ? __lock_acquire+0x622/0x1c90
[  761.879203][T18136]  ___sys_recvmsg+0xdb/0x1a0
[  761.879217][T18136]  ? __pfx____sys_recvmsg+0x10/0x10
[  761.879232][T18136]  ? find_held_lock+0x2b/0x80
[  761.879257][T18136]  do_recvmmsg+0x2fe/0x750
[  761.879274][T18136]  ? __pfx_do_recvmmsg+0x10/0x10
[  761.879288][T18136]  ? commit_creds+0x6e3/0x1040
[  761.879310][T18136]  ? do_futex+0x122/0x350
[  761.879336][T18136]  ? __x64_sys_futex+0x1e0/0x4c0
[  761.879357][T18136]  __x64_sys_recvmmsg+0x22a/0x280
[  761.879373][T18136]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  761.879393][T18136]  do_syscall_64+0xcd/0xfa0
[  761.879411][T18136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.879426][T18136] RIP: 0033:0x7f3107b8f6c9
[  761.879438][T18136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.879453][T18136] RSP: 002b:00007f31089de038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  761.879467][T18136] RAX: ffffffffffffffda RBX: 00007f3107de6090 RCX: 00007f3107b8f6c9
[  761.879477][T18136] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004
[  761.879486][T18136] RBP: 00007f3107c11f91 R08: 0000000000000000 R09: 0000000000000000
[  761.879494][T18136] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  761.879503][T18136] R13: 00007f3107de6128 R14: 00007f3107de6090 R15: 00007fffddd75148
[  761.879522][T18136]  </TASK>
[  762.329331][ T5828] Bluetooth: hci4: command 0x0c1a tx timeout
[  764.088496][T18159] binder: 18158:18159 ioctl 40489426 200000000180 returned -22
[  764.769173][T18171] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2950'.
[  764.890066][T18168] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  765.102525][T18168] CPU: 0 UID: 0 PID: 18168 Comm: syz.0.2949 Not tainted syzkaller #0 PREEMPT(full) 
[  765.102548][T18168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  765.102558][T18168] Call Trace:
[  765.102564][T18168]  <TASK>
[  765.102570][T18168]  dump_stack_lvl+0x16c/0x1f0
[  765.102592][T18168]  sysfs_warn_dup+0x7f/0xa0
[  765.102612][T18168]  sysfs_do_create_link_sd+0x124/0x140
[  765.102631][T18168]  sysfs_create_link+0x61/0xc0
[  765.102649][T18168]  device_add+0x62c/0x1aa0
[  765.102674][T18168]  ? __pfx_device_add+0x10/0x10
[  765.102695][T18168]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  765.102720][T18168]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  765.102742][T18168]  wiphy_register+0x1eb0/0x2b20
[  765.102761][T18168]  ? netdev_run_todo+0x864/0x1320
[  765.102782][T18168]  ? __pfx_wiphy_register+0x10/0x10
[  765.102812][T18168]  ieee80211_register_hw+0x253d/0x4120
[  765.102839][T18168]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  765.102858][T18168]  ? __pfx___debug_object_init+0x10/0x10
[  765.102880][T18168]  ? find_held_lock+0x2b/0x80
[  765.102896][T18168]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  765.102919][T18168]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  765.102938][T18168]  ? __hrtimer_setup+0x176/0x280
[  765.102961][T18168]  mac80211_hwsim_new_radio+0x32d8/0x50b0
[  765.102988][T18168]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  765.103009][T18168]  hwsim_new_radio_nl+0xba2/0x1330
[  765.103027][T18168]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  765.103048][T18168]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  765.103067][T18168]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  765.103090][T18168]  genl_family_rcv_msg_doit+0x209/0x2f0
[  765.103110][T18168]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  765.103134][T18168]  ? bpf_lsm_capable+0x9/0x10
[  765.103153][T18168]  ? security_capable+0x7e/0x260
[  765.103173][T18168]  ? ns_capable+0xd7/0x110
[  765.103190][T18168]  genl_rcv_msg+0x55c/0x800
[  765.103209][T18168]  ? __pfx_genl_rcv_msg+0x10/0x10
[  765.103227][T18168]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  765.103249][T18168]  netlink_rcv_skb+0x158/0x420
[  765.103264][T18168]  ? __pfx_genl_rcv_msg+0x10/0x10
[  765.103283][T18168]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  765.103306][T18168]  ? netlink_deliver_tap+0x1ae/0xd30
[  765.103323][T18168]  genl_rcv+0x28/0x40
[  765.103338][T18168]  netlink_unicast+0x5aa/0x870
[  765.103366][T18168]  ? __pfx_netlink_unicast+0x10/0x10
[  765.103382][T18168]  ? __pfx___might_resched+0x10/0x10
[  765.103405][T18168]  netlink_sendmsg+0x8c8/0xdd0
[  765.103428][T18168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  765.103446][T18168]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  765.103471][T18168]  ____sys_sendmsg+0xa98/0xc70
[  765.103490][T18168]  ? copy_msghdr_from_user+0x10a/0x160
[  765.103505][T18168]  ? __pfx_____sys_sendmsg+0x10/0x10
[  765.103527][T18168]  ? __pfx_futex_wake_mark+0x10/0x10
[  765.103552][T18168]  ___sys_sendmsg+0x134/0x1d0
[  765.103568][T18168]  ? __pfx____sys_sendmsg+0x10/0x10
[  765.103580][T18168]  ? __lock_acquire+0x622/0x1c90
[  765.103623][T18168]  __sys_sendmsg+0x16d/0x220
[  765.103637][T18168]  ? __pfx___sys_sendmsg+0x10/0x10
[  765.103651][T18168]  ? __x64_sys_futex+0x1e0/0x4c0
[  765.103682][T18168]  do_syscall_64+0xcd/0xfa0
[  765.103701][T18168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  765.103716][T18168] RIP: 0033:0x7fd03b38f6c9
[  765.103730][T18168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.103745][T18168] RSP: 002b:00007fd03c2be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  765.103760][T18168] RAX: ffffffffffffffda RBX: 00007fd03b5e5fa0 RCX: 00007fd03b38f6c9
[  765.103770][T18168] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000004
[  765.103779][T18168] RBP: 00007fd03b411f91 R08: 0000000000000000 R09: 0000000000000000
[  765.103788][T18168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  765.103797][T18168] R13: 00007fd03b5e6038 R14: 00007fd03b5e5fa0 R15: 00007ffcc4251c98
[  765.103818][T18168]  </TASK>
[  767.011164][ T5828] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18
[  767.122756][T18187] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43
[  767.243424][T18192] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2959'.
[  767.412981][T18192] binder: 18191:18192 ioctl 4018620d 9 returned -22
[  767.467565][T18192] binder: 18191:18192 ioctl 4018620d 9 returned -22
[  767.887499][T18194] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44
[  768.530451][ T4812] netdevsim netdevsim2 eth5: set [1, 0] type 2 family 0 port 6081 - 0
[  768.814844][T18212] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
[  768.826762][T18212] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  768.835169][T18212] CPU: 0 UID: 0 PID: 18212 Comm: syz.2.2961 Not tainted syzkaller #0 PREEMPT(full) 
[  768.844536][T18212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  768.854588][T18212] RIP: 0010:strcmp+0x39/0xb0
[  768.859178][T18212] Code: df 41 54 55 53 48 89 fb 48 83 ec 08 eb 08 40 84 ed 74 61 4c 89 e6 48 89 df 48 83 c3 01 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 28 38 d0 7f 04 84 c0 75 58 48 89 f0 48 89 f2 0f b6 6b
[  768.878777][T18212] RSP: 0018:ffffc900034b7960 EFLAGS: 00010246
[  768.884839][T18212] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffc9001126e000
[  768.892804][T18212] RDX: 0000000000000000 RSI: ffffffff8c203d20 RDI: 0000000000000000
[  768.900764][T18212] RBP: ffffffff8c202cc0 R08: 0000000000000001 R09: ffffed1004c80109
[  768.908719][T18212] R10: ffff88802640084f R11: 0000000000000001 R12: ffff88807b8f4000
[  768.916676][T18212] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000
[  768.924653][T18212] FS:  00007f0dfb2446c0(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000
[  768.933566][T18212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  768.940132][T18212] CR2: 0000200000800000 CR3: 000000003216a000 CR4: 00000000003526f0
[  768.948099][T18212] Call Trace:
[  768.951361][T18212]  <TASK>
[  768.954275][T18212]  zcomp_available_show+0x73/0x130
[  768.959372][T18212]  ? __pfx_comp_algorithm_show+0x10/0x10
[  768.965073][T18212]  comp_algorithm_show+0x98/0xd0
[  768.969996][T18212]  dev_attr_show+0x56/0xe0
[  768.974861][T18212]  ? __pfx_dev_attr_show+0x10/0x10
[  768.979964][T18212]  sysfs_kf_seq_show+0x216/0x3e0
[  768.984992][T18212]  seq_read_iter+0x50e/0x12d0
[  768.989684][T18212]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  768.995645][T18212]  kernfs_fop_read_iter+0x46c/0x610
[  769.000832][T18212]  copy_splice_read+0x618/0xc20
[  769.005674][T18212]  ? __pfx_copy_splice_read+0x10/0x10
[  769.011040][T18212]  ? __pfx___mutex_lock+0x10/0x10
[  769.016053][T18212]  ? __fget_files+0x204/0x3c0
[  769.020795][T18212]  ? __pfx_copy_splice_read+0x10/0x10
[  769.026164][T18212]  do_splice_read+0x285/0x370
[  769.030839][T18212]  splice_file_to_pipe+0x109/0x120
[  769.036050][T18212]  do_sendfile+0x400/0xe50
[  769.040478][T18212]  ? __pfx_do_sendfile+0x10/0x10
[  769.045434][T18212]  ? __x64_sys_futex+0x1e0/0x4c0
[  769.050366][T18212]  ? __x64_sys_futex+0x1e9/0x4c0
[  769.055292][T18212]  __x64_sys_sendfile64+0x1d8/0x220
[  769.060479][T18212]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  769.066188][T18212]  do_syscall_64+0xcd/0xfa0
[  769.070682][T18212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.076556][T18212] RIP: 0033:0x7f0dfa38f6c9
[  769.080953][T18212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.100545][T18212] RSP: 002b:00007f0dfb244038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  769.108944][T18212] RAX: ffffffffffffffda RBX: 00007f0dfa5e6270 RCX: 00007f0dfa38f6c9
[  769.116898][T18212] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001
[  769.124943][T18212] RBP: 00007f0dfa411f91 R08: 0000000000000000 R09: 0000000000000000
[  769.132901][T18212] R10: 0000040000000c07 R11: 0000000000000246 R12: 0000000000000000
[  769.140854][T18212] R13: 00007f0dfa5e6308 R14: 00007f0dfa5e6270 R15: 00007ffc894a8198
[  769.148816][T18212]  </TASK>
[  769.151837][T18212] Modules linked in:
[  769.156690][T18212] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  769.391498][T18212] RIP: 0010:strcmp+0x39/0xb0
[  769.396244][T18212] Code: df 41 54 55 53 48 89 fb 48 83 ec 08 eb 08 40 84 ed 74 61 4c 89 e6 48 89 df 48 83 c3 01 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 <42> 0f b6 04 28 38 d0 7f 04 84 c0 75 58 48 89 f0 48 89 f2 0f b6 6b
[  769.422619][T18212] RSP: 0018:ffffc900034b7960 EFLAGS: 00010246
[  769.429235][T18212] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffc9001126e000
[  769.439329][T18212] RDX: 0000000000000000 RSI: ffffffff8c203d20 RDI: 0000000000000000
[  769.458377][T18212] RBP: ffffffff8c202cc0 R08: 0000000000000001 R09: ffffed1004c80109
[  769.466399][T18212] R10: ffff88802640084f R11: 0000000000000001 R12: ffff88807b8f4000
[  769.475405][T18212] R13: dffffc0000000000 R14: dffffc0000000000 R15: 0000000000000000
[  769.483645][T18212] FS:  00007f0dfb2446c0(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000
[  769.502197][T18207] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  769.508387][T18207] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  769.515029][T18212] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  769.523636][T18207] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  769.533334][T18212] CR2: 00007f3107db4198 CR3: 000000003216a000 CR4: 00000000003526f0
[  769.541477][T18207] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  769.547583][T18212] Kernel panic - not syncing: Fatal exception
[  769.553683][T18212] Kernel Offset: disabled
[  769.557985][T18212] Rebooting in 86400 seconds..