last executing test programs:

3m43.163440263s ago: executing program 2 (id=1299):
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x20742, 0x0)
write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
getrlimit$auto(0x9, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
shmctl$auto(0x691, 0x3, 0x0)
setsockopt$auto(0x3, 0x0, 0x32, 0x0, 0x4)
r1 = openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000003540)='/proc/thread-self/setgroups\x00', 0x2, 0x0)
writev$auto(r1, &(0x7f0000003600)={0x0, 0x2}, 0x8)

3m42.954915856s ago: executing program 2 (id=1300):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/firmware/acpi/interrupts/gpe07\x00', 0x2a201, 0x0)
write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x66)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
listen$auto(0x3, 0x83)
r1 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x2, 0x1a00)
read$auto(r1, 0x0, 0x0)

3m41.906733186s ago: executing program 2 (id=1306):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2)
mprotect$auto(0x0, 0x806121, 0x6)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3c, 0x3ff, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x2, 0x9, 0x4, 0xb2, 0x9, 0x0, 0xfffd, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1, 0x6, 0x4, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffe, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x5, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2000000ffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x5]}, 0x202, 0x2000000d)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x8100)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_GINFO(r3, 0xc0f85403, 0x0)
fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000)

3m40.508772156s ago: executing program 2 (id=1310):
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_ETHTOOL_MSG_EEE_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0x400, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x40804)
socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x1f)

3m39.483692372s ago: executing program 2 (id=1316):
timer_getoverrun$auto(0x40)
mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000)
r0 = io_uring_setup$auto(0x999, 0x0)
ustat$auto(0x801, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x15, 0x6, 0x100000)
socket(0x2, 0x1, 0x0)
r1 = socket(0x11, 0x2, 0x6)
sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f00000003c0), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001040), r0)
sendmsg$auto_NL80211_CMD_GET_SCAN(r1, &(0x7f00000011c0)={&(0x7f0000000000), 0xc, &(0x7f0000001180)={&(0x7f0000001080)={0xc4, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x1}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0xd}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x1}, @NL80211_ATTR_WIPHY_SELF_MANAGED_REG={0x4}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0xf0}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x5}, @NL80211_ATTR_PMK={0x14, 0xfe, "a4acd70dcc40ea8b16d314261d2af133"}, @NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x56, 0xbe, "212b572247234d1f9df41e4bd66f0de11384b9ba17537fb15c1ad72a7ca5e27b6e50bd95c8e8e9a33370b658bd27956d545d5d99d1563302315f3dbc81ca51f6ff730f5014072e4ae787fa51ee58f77559d2"}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_vlan\x00'}]}, 0xc4}, 0x1, 0x0, 0x0, 0x24000002}, 0x4004800)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x1a2)
socket(0x2, 0x1, 0x106)
socket(0x2, 0x1, 0x106)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x1, @empty}, 0x6a)
r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000001200)='/dev/dsp\x00', 0x90000, 0x0)
recvmmsg$auto(r3, &(0x7f0000002440)={{&(0x7f0000001240)="2dfb9f25217aa2e461468f4765644e5e5eb65d3f7f877ad7891495e45a5056dfb11e97794d86c83cb07234cea69bd18f1fac396dc5bef69ebc4856d35e2a749fff23d0a8a2a17de42f4011993676b1316d8190a84f86709cce9c909652ccd55b91695e8a995fdc8f69b5832b2d26ce41cb4e2216e0ca447c7d4a3ce6ee15ba85fe4fb14f5947c8224f256cd3c1800b8db47e094a799ffdac72137f32130d38ccaf0a85d7063f1ccbf428583cf770acc4e0735a", 0x40, &(0x7f0000000080)={&(0x7f0000001300)="18cd380ce782b6cd530143a7ee1fa7a8eacc52e13fdfcd2f418b1cce88a0a785e696da68057c50cb9e0870d961ce816b7f695b2f05622199a7db990f0c49091789a058b125d099e8e676bc446ada267845c8d7068f4cd708b1c3eba974d51e48342eb492b08ce5a0847b8a6c944c4b7095864d80e8ab2825c0078589359af10d1e306e677504621afb759204e6c6a3f7e77b94d8ec78b6acf991aac2b63a65a87ec10bf10c24dd14a5915e2e75bb84a38f99342b9e2c38c1df40aa6ede19eb4f068697b067f5282dd057ace5e63f0877dccff57b040c851c4d4570e14b", 0x5}, 0x4000000a, &(0x7f0000001440)="af5448386e65e13d8bf1769c77aae410d90c3a2082cd0414043cecaf6b8a2e8e1be373ac5e4f56054b391f5a383ea5fef0a120e09c0d6b7e18f7ad6565f89ae583c03c78e960cb232ac81148b8c31119b487aca44917273e9314d6b08d62fcf3efdadecb6e4a068ae1db9657253520aef015c1a3cb652b14d13d3d31d84fc29c4b9e50853124e48f5540fe066e7c4e517f76d5e520fccf2e6e55d738af7394051716b9cdd53bb9429dc6cdb1f1775d54956af3b05a3ef31b279aa88f771299314fdef2f152fda0c9f7dd20c24f4ba4658f7c1a73c35916d5fa6f4b53c31779be8a1bf11ca3adbf862195a543ead4bbe7246f14f43bb99e32eb7cce184badae26993174b0f2e46305f6182c84f93596c4064c23e5c805b7ae13e783dffa014344ed6875f0a3adfb2be246083ad1826af9d39860bde8443e6bc0d0386f0b8897edc613f0464d6fceeb89a5ab2c6eb0713ae22f334ff81b73d85cf7781bce8fc95035807cd5fc860f98ea58f5490a0657c13baa05733567271f581ae87edadb0274af34bdafc3730e15e0231e7d11a67f0427676dd826d8aacb252fa80482bf48ec59f04f37b3a2684f97ca84dd9ad10c3ce0b025c616df5343e2f578f3818b5f44cb52ae5d8a80b739e4ffa038dc4f1a4af43b8766c77146d5f7ab6fd04e34ec29e119e9aebf0ecaab5b47ef33ffec3c39c50fa526b794baddb790fc1a484cefb65cb773fabbdfb085ad8055ba900159a8b744f42bea578ce1c6010a38a9d7493b55647a98a04da847474713210b33c3238598d754098ffd01b179f76f30fab03b507f7d46fdf0bb1b3ab54b3c7c90a4e53236f43c73dbb4b6ab8d0e3872ac46218f2b68a1b4d958fec9d293efc5b2a0a25d70a0fea2009a14d4d70761d3389573a5af5664c28b6d7258777521bd7fdaf315d01459bc2ef1260c8e898475ab8b02c563e05638f1fcd493377861c794d8fc740694994fdbe0fb646d7a114097c4fb16be7c94101c69351f794c9d28a23950598df67ac3b5948876223079889fec66e944c0b98bac019b15f6b1de4d9d866c9fb7fe09ab8f3c3901337f9fa693f153507fdc7b6271d757a48541ee91a5a085205067cd38aefad81f5610cccd2932a986aa3547298b2084bfe6c359844d3dd9b770d83df2b722a2b6939ad63885f14e3f76b47a01c9161f9657bde144ece1d5aa6473b8009b23a79708cd96e92ab73d16a7e6e720d7e0aacfd712076d09714c6eb21030a76c886ce54cb28ef109f78e0bd36144ac9d2c7d5adc12d9e33e32680b056c3fa800f72e4291e780a9556ca007061762c98b1a7bccb8baf734e7e56e31f8b2d871acc958cc0c5246f191e50e7cf0db901f5e73cb5459b78518975800a51c31b2fc373bc24f07f726792b16e984163cb9edd1ca75ab949f421f07a313ce561de692357726cbbefa349d9589df5cefeeb2ab14ded40386101a70b3cfd2047645f35ab5b5b94d1d78c379f1ea6cd7cfaef14defe7dfd7c08fec1ce87427e50d10fdb86f60182f2fb6128e71761ff2a11f984cbc637ee9a5c699c375bfb75de59d6c0fbca7cdaf9372062d33a23e8c1d5f2e97b120d128ecc35d9843d36f820bd2d13fadb9a6acd910bbdeb744c6b1e94bb17d4fb3d0b3f86ebec1b42d7d26e2276bd3a99eddf6514c43d3947982e7894c6a30641c32e48ece63114d3a9fd6fc428b3d7d42c508daf02da47b087499999967b2caaa932b60fc18f99233427f1dee7e91ba7248a35bbb8bbead0bfeaffc80f43e6aa99439c428b5a6531f2cb99970f9e8def7d704351915edab096877aead56d88e0a0a5e431fc2c97692fee6f0893d8e8c1043427d9850b135afe690800a560fc4ead43399bba165b34243f9cd4971a6e2785d020839178b084e5e6ca6c79ca9b90b750ee10d04af14dd16d6f1aacb2789f564b269456d2db5c90f373a60ffdee6144c52f08104acceb8c38ef3eb98dd92893f2738b99187cbed5a19b752fc5c6031788c703395091c90fc378a273d69a0f269634ecfa743b3026cf4db5c2935e9c93535b432902fb46923e75b414c05530cb33bb125b88ec88b5046bde363621d28119c1be15e3615c87727aaca40d33a3690e0ddeeed22f0203e15e1619b1cbe37cc24b5359fc9f01617031c3b29f53598ec252145d20a12f42632d1fb3985025ac48fbf2c4efcd3193b602a871f02a2e7d617b1891153ae850eeec181a99c0158649cf903b0e80a355503c232078d4a8639db2bc034cd7b9cc65a36873642715824f2a14a591f2f1c1cb5898d59d120e0d6330916ab9939f43906c5a356df065df8eac283b521fc87cd857c2dbbb493a06169cbb4fbf5963a90923ce53988c47260ffb724d679fcf3d2672ab40a6bbc7861a74383c106803b839d562273f9cc1fdc0e2ae8931c036a605291476be5dcb778c8a7ba60c4d2f2f541478ad9fd252434a0fe0fbdfc62370d5c198e22101bc4d5ebadd6c0167bdc7960725b4890860aea894e9bafa24f6e46213c4c3544ba9c2e1e70f908334273fda050866b8e11687c7af384571f44b1ca22755c38b6c7c7629e80edd1c90548b3d5fa9139e9ad36123614c982a387f0042cdd4013630e49fbbf5884c15ef408e55183b6707137dec0fe04e06688eca85660ca306f153a495c590bb63804289793cb62e065e7db2a3e1a53cbdf212b37da2a900331e3ef499f76821334ead0e3184e90d23d809f67d3fa246d19ae38d9345edcad8c1b0022746939cfb0dec85a5f782fc65dc477318742b44733d6e397117448214afcee30d14554981548e512a19bb2902552f9280a6949ab672e7d9581e92ce0676c87654c6c5a909789e9bc51c5ae15ea82429451451e42e0dca778130387afc5e982ef6e3859f5df62a5bc62217e66811f0df0d1e3500128bd9c655b59e19c8cbf9ac5a32e9fab131fab95f88706d8be56dfd9647d80df24e6917c6f5da03b6574203e16ef2502ec73c4c605e68d785cd19bdb6eb1f4f74db1750b0c028dadaca6092404e244d6ea797d13da275b03b5726ffed91c865ab30c1e64f8bd5281e307cfb242efa3641f8da73a269cac399f333b53e6997933fc3f2025e6da8197608707d943ffbb593a954afe346ae513f0fe74251416b393eedffbe40fe90588977da54d6590585fe16cca1d9ed7179f005159e71b94c809b912cfb3981ec96e45b9f25b91d61d45a1fd690d28bdce65682cdee76504913009937cbc247b7ab981a6fba33b95c9e04860182a166a26faa891085efe9921ec12e2cd060ef369ea4b5ed686b8799eb0c5fab092a7a3e3bb9ab1e3cf65a23d5da87557b8f1111629e9da1bb4c4125441f69fc30bdde1b9e8cbeb7f0bc7658bd4a43ce10be74132c2bd176dcaf9dfaafd2a902573ab5c88f93bbd0e869ef8679bf62f2b48354f8394ba7d3ad29d5a095723b854d139f34f8c6b903de1e956b92608a67dac6603dcbf9dae7d37133f1d3b92f04705776a91f1089866c8d748e022e2263da05ffe9a55292a47d17e20ccec9817778eb072c96b7073a8e367b85c37810da4a5482eda4982f09bf95d9ea7fdf38af6e70128f107eee420c656b64337f3d9d79d6b056b5b81694e53519fd3410fd1eedb355341d77ef8d882e5f0dcfcb72cf8299e5e8b70f797c2d9a452313735f8f56fa2c1848f3c4586e1f0022405df4290317bd3834b282117303cc032d5e69131a97ea02600ab2b6e6cfae254341e9d17d60f64917ed14edbee44215b6a374af8442d65a7b4e1cb073fad4ae0d2bac6f680cc8df914b8d683b2b43ea47abba2c423d03c2842eb9a569f501e392d3eb535c42ed92eb4018cce54d10e58a599cd6d8292f47b38913989ebe808366bed07fb530804173d9812bc6baa1c1fca9b5f3918c7ba0250c7982920ed047a80f8b67c704c02f3ac733f25ebd30b1d7bc52847ca41f568797dbe438292d7d2a43d14b0dcc282c0528ef6bd64c5110f7dcd3ed80b0851185b59f58e63690432c2210ab6fec43bdbd85523463e123e50be68814a9601b6fe8cc1517edd6d6c5ceb4904ac8d8d6c2fc9482ea018b70d47c6024850b9ef4a39ec7707097d34cdf03c68624e5524f859a7a7a6cfaa01c3c39d9536c72e41355f390fdaacda87650d6d4d045007379650f313b851bfb84bfaa5cd6b599d23b04993c69ca5e954f29c4cf0135bb535e665111c064f1ab1a5602fcc01c012a6e8c2faa0809796b95ce3fde27bd854c4c5b7394fff0382ca920560fb127aa6b091fe52fba7985b6311b715fac7a76f684b4fbccd016bc77bf65b9e384c88b5639b8f5e3db1200e428c31262242d5aecd1eb50527faf557c1b0136494851a27465374c9eaf5be95aca533f1a40bdf370aa2a64186a0c60d8336f0cbda989966708ea64b4bfe06aef66e76d2cb0d2793c5db00817d5c4adc7c156a50753fecadb67f731ead69f5f6cefa453b9fdae6bcbe5aa5ba55c55a5a1c080e000e573e83a965d0d7a08029b59adec07aca8d60668dcca657d1d1b3502db89c43664274f3c9bb268c399a9941c2dd50dae85e9cd470a7fb71b5decce1a987c783dd22bcd9565be7113d8b7349fd06d97fcde4d7d077376693487b6fdbb715c71a47dabf05ba6c7a9804563eb0cdab65c027f1934734a9a6b6297e594c9a078c73b8beea77ab908d3a5624a1bbe5b42399546e10b78f925090ea0c05f21c9a32cbf38fc567a24956463fb1e6de5ff71b006c8fd8222c5d900ddba66069b1cb70cf51dd23a6f20cf36edaafc1b411feb6e8825608e569633b198b71e9dab914ea3bfb13d769882d557d3fc0deddb34eb9a864251cae3077d102156bcdba08dd77127978e6ee0dd7b6feb0e429c35f4fca2f0ac55502be843e26fbe6be3bf3eb9d29fc1524611d8b5967a84faf21bd89a3e64812d0015ff8856ebbd9b2504f09a3532238178b1ea9937278bf5b00ae9ac330e62c77e0d1af038fb80d35740dc1a46fb594131805d771766df555f640c582141f98e2f79c0a608d515616f7fcc750332b808eb7f77d3d6c52cf67ae3e36537c861374205e11a2aa41a53f526046e4f09b1581b79f518cf01182a2bf4f00981447cbe48a2d5982a6464233b17065581613e73689b32bb08bb47301c47a69e16a96f84d8bf242c9c07046763caa6d9def350a0c6c81f8c278caac802c67eb3a0d7dd0c1a4873d337c783517a08dc6b34e2d7e4d6202a540bbf8d40079603bcf1c1d58b0f091b4193c9e77f1adfa501aa5c8a32cc59165d08a240294b5aa69bd683623a9e93c1e0cd6c4f32b2b3728d9192534c08681d21732d7b0d0814b9544432e08f4d6e6c364e838d31a7808bd9ad28724b02046a287a30fe1c2cf53ce3b6efd16fba0e5ab2e4248214682afdd08e957938cabb3c3979927ea98d8d44da23991c855ff5ef2eff34b1fb0103506b9319e42ecca7b4522e035b4ef3d583ac5b2d573e5f8ee06e5d56b805d5ad4161ae0ef06d19ff7a7f287fd84f3015cd6257f08a62f6b3259e144b60ec09bcb07dc99298170f91c807c20e511025cf1ce07f25d46c19bfed188ad84d09e9dc79ab72e9d433864eede84722d5f137797a8c71fde06a17ac093b21b61583db145d00b20f941ffa2fd8422f3ec602b03acb0389cfcd0899529cc7e5bfb0edc4eca95a4b87b0d8d3117919c4c97a3d0df79f0d13d3f42e3f1fe52d52d9ea56bd85fc3a8bebb14f602ad9dc214cd619779c7d3eda597dc276ea584c88289ce1db6baf0f737842177192b3f13d792f843040c53c350fc2795eba438315373da3be8e277a1c471a95473a8", 0x5, 0x7}, 0x101}, 0x1bb, 0x8, &(0x7f0000002480)={0x7fe1, 0x8})
listen$auto(0x3, 0x83)
close_range$auto(0x2, 0x8, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a)
mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
madvise$auto(0x4000000000002, 0x4, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

3m39.145088084s ago: executing program 2 (id=1318):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setgroups$auto(0xc00000000, 0xfffffffffffffffc)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x800}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x93b}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x90)

3m24.113106562s ago: executing program 32 (id=1318):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
setgroups$auto(0xc00000000, 0xfffffffffffffffc)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x800}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x93b}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x90)

2m43.311549706s ago: executing program 0 (id=1519):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/kexec_crash_loaded\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000240)=""/140, 0x8c)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000300)='/dev/adsp1\x00', 0x2, 0x0)
r1 = prctl$auto(0x23, 0x9, 0x2008, 0x0, 0x0)
ioctl$auto_OSS_ALSAEMULVER2(r1, 0x80044df9, &(0x7f0000000380)="9d1762cbb7829f8d3fb18591b084d80d92343101f817b4a6e9a9877102c77979621afb68e30cd1a743be112689b11bd27219201d82d566ff59d1b9f5e0eb4dc8e2f56ac8a0bc5866")
landlock_restrict_self$auto(r0, 0xfffffffe)
mmap$auto(0xc8, 0xe2, 0x0, 0xeb1, r0, 0x2)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48010}, 0x20004800)
io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3)
mbind$auto(0xffffff3f, 0x100000004, 0x100000000, 0x0, 0x6, 0x2)
syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
gettid()
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x119280, 0x0)
getpid()
ioctl$auto_MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop6\x00', 0x101202, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r2, 0x4c08, 0x0)
mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x20000006, 0x9, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x104, 0x9, 0x7f], {0x2, 0xb, 0x3034, 0xe, 0x4, 0x5, 0x2, 0xfffffff9, 0xf08a2b5}, {0x4000, 0x8, 0x9, 0x0, 0x0, 0xeca8, 0xd5, 0x836, 0x8}})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='_\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)

2m41.47394135s ago: executing program 0 (id=1527):
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
pwrite64$auto(0xffffffffffffffff, &(0x7f0000000140)='-$!\x00\xfa\xef\t\xa4\xe9\xb2r\x8cQ \xa6\xb7v\x93\xb6\b\xba\xfe\x1e\xab\xe7KC6z\x1a\xf0\x83~\xcd\x9a\x83\b\xb6\xb2\xd6PR\xbe\xec\xea\t\xde.\xc6%\x16\xc8\\\xb2\xe86\xe1\x84k\xa8\x02\xcb\xc9 \x1flY\xcb\xfa\xd9\xe0\xb8\x93\x12\xbc\xcf\xc2\'\x90\x9d\x1c\xb0\x1d\xb8\x80\xb4V\x9c\xf6J\xe8\"\xef@\xcd t\xe8\xe9Ip\xa74\x82\xb0\x9a\xecj\x9f\x8f\x9a\xe22\x8e\xce1\x9d\x0fW\xe7\xfb\"[\x17\x83\xfc}\xc7\xab\x93\xe4\x1ekP1\x01\bB\xbf*a\x93\xbd\xa7\xc8', 0x5, 0x4)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090)
fsopen$auto(0x0, 0x9)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
read$auto(r0, 0x0, 0x20)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x2)
r2 = socket(0xa, 0x2, 0x0)
copy_file_range$auto(r1, &(0x7f0000000040)=0x1fc0000000000, r2, &(0x7f0000000080)=0x5, 0x1, 0x400)
mq_open$auto(&(0x7f0000000140)='\x00', 0x2, 0x2, &(0x7f0000000180)={0x8, 0x101, 0x1076edef, 0x7})
mmap$auto(0x104000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

2m39.744440316s ago: executing program 0 (id=1536):
semctl$auto_GETZCNT(0x5, 0x8bd, 0xf, 0x133e)
mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
r1 = epoll_create$auto(0x3e)
epoll_ctl$auto(r1, 0x1, r0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0)
close_range$auto(0x2, 0xffffffffffffffff, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r3 = socket(0xa, 0x3, 0x3)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0xa, 0x1, 0x6)
socket(0x11, 0x80003, 0x300)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x3, 0x2)
socket(0x2, 0x3, 0x104)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socketpair$auto(0x3, 0x5, 0x7, 0x0)
setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb)
bind$auto(r3, 0x0, 0x6f)
connect$auto(0x3, 0x0, 0x55)

2m38.73704917s ago: executing program 0 (id=1542):
r0 = wait4$auto(0xffffffffffffffff, &(0x7f0000000080)=0xe15b, 0x3, &(0x7f00000000c0)={{0xfffffffffffffffa, 0x9}, {0x8, 0x2}, 0x1, 0x5ff6, 0x7, 0x32bd, 0x6, 0x6, 0x6, 0x6, 0x0, 0x2, 0x3, 0xe7, 0x4, 0x4})
prctl$auto_PR_SET_MM_ENV_START(0x6, 0xa, r0, 0x7fffffff, 0x7)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c7300436b6, 0x0)
r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000180), 0x4000, 0x0)
write$auto(r1, 0x0, 0xb)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000008"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x890)
bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0)
r3 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f00000002c0), 0x40042, 0x0)
pread64$auto(r3, &(0x7f0000000000)='/sy\x00\x80\x00\x00\x00\x00\x00\x00/de`ug/kfence/\x00\x00\x00\x00cts\x00', 0x1000000008, 0x800)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi17\x00', 0xaa57600f966c513, 0x0)

2m38.211341781s ago: executing program 0 (id=1544):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r0 = io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x1, 0x9, 0x210001, 0xc, 0xc05, <r1=>0xffffffffffffffff, [0x7fd, 0x1001, 0x3], {0x9, 0x3, 0x6, 0x0, 0x4, 0x895, 0x3fdc, 0x6, 0x5}, {0x2, 0x1d11, 0x54ed, 0x0, 0x101, 0xff, 0xa, 0xa, 0xb}})
socket(0x2, 0x1, 0x106) (async)
r2 = socket(0x2, 0x1, 0x106)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x2a524f85ff7a2854, 0x0) (async)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x2a524f85ff7a2854, 0x0)
getsockopt$auto(r2, 0x11c, 0x1, 0xfffffffffffffffe, 0xfffffffffffffffd) (async)
r3 = getsockopt$auto(r2, 0x11c, 0x1, 0xfffffffffffffffe, 0xfffffffffffffffd)
sendmsg$auto_NL802154_CMD_SET_CHANNEL(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="000329bd7000fedbdf250900000008000c000100008008000300", @ANYRES32, @ANYBLOB="08002c000001000008001d"], 0x3c}, 0x1, 0x0, 0x0, 0x20000828}, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0xa, 0x2, 0x0)
setsockopt$auto_SO_WIFI_STATUS(r4, 0x0, 0x29, 0x0, 0x3ff)
open(0x0, 0x22040, 0x75) (async)
open(0x0, 0x22040, 0x75)
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x0)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="7f000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040840}, 0x24004000)
r5 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0)
ioctl$auto_FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r0, 0xc0406619, &(0x7f0000000040)={{0x6}, 0x7ff})
write$auto_fuse_dev_operations_fuse_i(r5, 0x0, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x3}, 0x3ef3}, 0x3, 0x0)
shmctl$auto_SHM_STAT_ANY(0x4, 0xf, &(0x7f0000000400)={{0x5, <r6=>0xffffffffffffffff, 0x0, 0x8001, 0x8, 0xf, 0x3}, 0xe3fc, 0x2, 0x10001, 0x0, @raw=0x6, @raw=0x7, 0x7fff, 0x0, &(0x7f0000000300)="6552c068df34f555951acdfe011934ec7cb0fd7a30fada3a91270ae463f6746d5d17a4e061e8b78f0925cbbcb29e26590acf799510e794094f5e", &(0x7f0000000380)="32b550568df3551254575a3f5829347a9cc609c07190b70d4d6d203c5ad8b9852da70ac19718869524ec10600db49a3e19c833d767639e96ef6f49c1493c8be92a1f3d5b1cc19d3b86aa4d7744f74c018d717529355798aa7d4c1be91750b15bbe696affff2de4481a428b5e143e6fc8e6f4246ee585479f651104"})
r7 = waitid$auto_P_PIDFD(0x3, r3, &(0x7f0000000480)={@siginfo_0_0={0x4, 0x9, 0x2, @_timer={0xffffffffffffffff, 0x8, @sival_int=0x1, 0x100}}}, 0x4, &(0x7f0000000500)={{0xfffffffffffffc00, 0x1}, {0x7, 0x5}, 0xffffffff, 0xb5, 0x7fffffff, 0x7aa6, 0x1ffd30d0, 0xa6, 0xe80, 0x4, 0xb, 0x1, 0x6, 0x9, 0x46, 0x8000000000000001})
sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(r4, &(0x7f0000000a80)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000a40)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="800400006cd9c4912811ad42cb6c5288758a41ea5ad2f666c660ea08dddedaa85a1da8a074abb00fc1bf9cf06676d33c779c2eba4a89eca2509b1461a4da71c7929d808b1bc69728778023f5bb45bac6cffaf386051bf242eed8121288a644b1fdc0ffe92b361ca647c48dcf8a972eda57fd7cd17a7b384d64d2cf9f5e05b7e4591c70d56a4e92141c632911f9d5ba55906da3781409d8b5e0b2dac305e7f98e3f0f86570a26fd4aa619970506279874ad837b222025e72c720afd9f86dbe652a585372fe782ec1fd404086f0133b971153b82530f517f83045c441415724bbf13a69f67b00bb3beec7b8a19cffb7c7c8488caf12718121c11f66e", @ANYRES16=0x0, @ANYBLOB="100026bd7000fbdbdf2504000000080001000d0000006404088008002200", @ANYRES32=r6, @ANYBLOB="ca008f80a53b17632a0c5a06ddb4dfb0a2eabf559e991e8867debca039434a06e6cd66f4a1eff92a88de3c69d9fc00bfdb409a31f82a7e59b6a70fa38d9947a8315689222225de5cc178e10a6e7152b4c3fcf630470a6b63327eab9422e7c243df81b569d146b6c203f0b9d7c1f304ae8b510b70f07b3ec1da0bb349409c7ea9f64cc01e2f367762f9636bf0e9d53bb2117b6e93602760d01f99e185ff1840cbc265df365bb546b9b4479bb50d759df17cf20e3c35ed96ce7ab3770b123ff04e4c820400108004002a80000014001e00ff010000000000000000000000000001c200d9807b9e6dcba834879663686544bf278c3ae72e99754a62e081dcb08ed67252b30046c66411d88654e331f9853db6db8c9905c2b8ea48dec997ecd8524859f2d42997e794046d26ed8775b9c53fae004d8124eb7f2c89a0d5ff3f58b5a2699686cb06eb1de36122acf64a75eca50ced3e583467b41d87363cbb304f8d54843ab06334819349a9dc09b15a30d6ef329cc6c3fde6f7d79d5b134c9e4071fb481f4725c9002ff75d26ca9c5eb52c58c80a3107a7953b92624195bd9c4904007b8000000c0044000104000000000000a8006a00cb0b55430bf2de0fa5ff069bc8f3ca3a2d25c47e691f3195a99fc618261615e9947586a5946baf7f027074f8c82f38ace470685ffec606fb342f714e8324ba839f6aa03c9e9d4ec95d1ca02a443d12669f4afc7e18889230ba02f675b1567413a9b248c9971abc9b629b7e323dd5565cea624b5b6dfa0065a5bf0593c83727ed4556444dfe7d372bd741ef9f6cc59158fbc54db9515152a185bc90291889054d3b109d1a1800b68008007300", @ANYRES32, @ANYBLOB="0c0099006d020000000000000c002b000300000000000000d90101800400e080c38c20cc1cd118b910721b2d04b8affbdcb34b5711810a5c53f19bfd455e60ef1f49d574622cf75d72ca2f4d29ce414a79251cf3ed670704652642b3ea1bd609d946ec837bf3c7abbc0f878ce89fc59beef675b98c6ac004ce71215d418bf8a0e3c4d696ce35d215bc418f8daf9bf280f741fffb55f9d1aba1fe9071f9aec4d23fbf8c32f9edc161ad725026d820fe8c54a97e8a413566d1d66adf4fa87eb2d68e087c125695ebd1744e2b05a88af2cb18e2c373b3b8655d2d90a9305bdaa1b203b8d43c739bf2dd5a68c32bf65138a1c9bc578accd0847782b033b76a0e308be8d60295b2f5647d3a81a363f584f00173d6261e4e07080ddb3308dcb6d852d060e0e68d84cda6b14cf5050a4cc90cac67f1e6d148b16e99e6c9636edc54a5be7c5fb81645eeb63330bae1a83ff04e5cf17ab6bae1783275ea743b2d81e0e8837174727fe0fe4db300dc709fc7abfb6d72db17d50350881bddd0f492a3aa94f57b55545d8b3ffb97e6dbabab29358d639daef54ce7fe51b616334407a100f9b274f31d290a57866ef8d1f774cace73eefe807d117be44cdcf16376be4c56b2c61eb58573783875b4dbcdc0064407480b7304001d8014008400fc02000000000000000000000000000008000b00", @ANYRES32=r7, @ANYBLOB='\x00\x00\x00'], 0x480}, 0x1, 0x0, 0x0, 0x1}, 0x20040044)

2m37.927590743s ago: executing program 0 (id=1546):
r0 = socket(0x2c, 0x80003, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44040}, 0x4000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = syz_clone(0x20008000, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0x8, 0xd, 0x6, @_rt={r1, 0x0, @sival_ptr=0x0}}})
r2 = socket(0x11, 0x3, 0x9)
pwrite64$auto(0xc8, &(0x7f0000000200)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\x00^\x0fo\x97\xfc\x89\v\xea\xc2\x95\xafQ;C>\x15L\x90\xad\xa4\x1648W\t\x00\x00\x001\x00\x00\x00@X\xb9_\xdd\xa6\xa2E\xd8?\'\x8dg\x81h*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&%`_[\xde\x7f\xde8\xf7\xc1\x94\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\xee\xa9\x0eX\x01\xa3g\xba\x9cc\x90\xe3\xae\xa9\xde\x00\x00\x00B\xb4\xf2&\x00\xe2\xead\xd0\"\x16\x84v\n\xcdN\xb6\xa4\xe0\xb7e\x97 ?\xb5\xa1E=t\x96\xbd\xfd\xc5\xebn\xb7\n\xc2\xbc\xa2\xa8\x04#\x84\xa7R|\xed\x8f\x03\x01\x10wLT\vay\x12\xb63\x9e\a\x8e\xbd\x18y<\xb3\v\x14\x82\x97&\xfcm\x86\x10o\xdc\xf3x\xfd\x06\x87t\xb9$\x94,f\x9b0\xcd\xd3\r\xb1e\'\x19\xc1\xe7>*\xad\xa5+\xa8\x1c\x88\xa1\x0e[\x99\xb6LKZ\x9e\r\xd0r\xe2Ct\xc1\x99\x1b/\xc5P.aUdq\x97\x94\xb9\xa8qU\xae*g\x86\xc9\xa4\xe7\n\vh-v\"o.\xbf6\x13\tFK\x8e\xc6&&\x13\x81\x00\x8c7PS\x9c\xa3\xfb\x1d\xa9\x98\xd47\n\xa7\xd1\x10\xb3i\xd2\xa8\x18f\xb3K\x9b\x9b\x8c\xe8\x84\xa3,5-\xd6\xae\xbd\x1d\xf2o\x99\x02\x1azw9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\bl\x042\x935\x9e\xeeH\x87\xda\x10\x8f^1\x89L`\xf4[\x06\xf6\xc7\xd0#\xdb\xb1\\\xc3\xb1\xb8\xe8\xde2\xbb\xf8I\x9c\x17KI\x8c\f\x1d\xaa\xa0\xdb\xc7\x9e\x81\x90CTe\xfa\x8dq&\x17\x908\xc9T\xffm\x930\x1d\x91\xf8|t\xfd\x18\xd5\xb0\xcbH\xa7\xb6T\n\x11%\xba\x16o\r\xf6\x90k\xfb\a\xa1\x15\x0e\xe1\xce0Q\xd0\x00\xc1\x1a\x1f\xaa8\xfbo)rtYK\"c\xe2c\xbeM\x9bT\x05\xf3\xccC\x8c\x00\xdf\x8c\x1b+\xca\x80', 0x84, 0xe83)
sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x35}, 0x5, 0x0, 0x5, 0xe}, 0x5}, 0x2, 0x100)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_restrict_self$auto(r5, 0x8)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r7 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r7, 0x6, 0x0, 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7)
prctl$auto_PR_SET_SECCOMP(0x16, 0x9, 0x15f, 0x8, 0x1)
epoll_create1$auto(0x0)
r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000000c0), 0x402040, 0x0)

2m22.909743519s ago: executing program 33 (id=1546):
r0 = socket(0x2c, 0x80003, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44040}, 0x4000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = syz_clone(0x20008000, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0x8, 0xd, 0x6, @_rt={r1, 0x0, @sival_ptr=0x0}}})
r2 = socket(0x11, 0x3, 0x9)
pwrite64$auto(0xc8, &(0x7f0000000200)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\x00^\x0fo\x97\xfc\x89\v\xea\xc2\x95\xafQ;C>\x15L\x90\xad\xa4\x1648W\t\x00\x00\x001\x00\x00\x00@X\xb9_\xdd\xa6\xa2E\xd8?\'\x8dg\x81h*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&%`_[\xde\x7f\xde8\xf7\xc1\x94\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\xee\xa9\x0eX\x01\xa3g\xba\x9cc\x90\xe3\xae\xa9\xde\x00\x00\x00B\xb4\xf2&\x00\xe2\xead\xd0\"\x16\x84v\n\xcdN\xb6\xa4\xe0\xb7e\x97 ?\xb5\xa1E=t\x96\xbd\xfd\xc5\xebn\xb7\n\xc2\xbc\xa2\xa8\x04#\x84\xa7R|\xed\x8f\x03\x01\x10wLT\vay\x12\xb63\x9e\a\x8e\xbd\x18y<\xb3\v\x14\x82\x97&\xfcm\x86\x10o\xdc\xf3x\xfd\x06\x87t\xb9$\x94,f\x9b0\xcd\xd3\r\xb1e\'\x19\xc1\xe7>*\xad\xa5+\xa8\x1c\x88\xa1\x0e[\x99\xb6LKZ\x9e\r\xd0r\xe2Ct\xc1\x99\x1b/\xc5P.aUdq\x97\x94\xb9\xa8qU\xae*g\x86\xc9\xa4\xe7\n\vh-v\"o.\xbf6\x13\tFK\x8e\xc6&&\x13\x81\x00\x8c7PS\x9c\xa3\xfb\x1d\xa9\x98\xd47\n\xa7\xd1\x10\xb3i\xd2\xa8\x18f\xb3K\x9b\x9b\x8c\xe8\x84\xa3,5-\xd6\xae\xbd\x1d\xf2o\x99\x02\x1azw9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\bl\x042\x935\x9e\xeeH\x87\xda\x10\x8f^1\x89L`\xf4[\x06\xf6\xc7\xd0#\xdb\xb1\\\xc3\xb1\xb8\xe8\xde2\xbb\xf8I\x9c\x17KI\x8c\f\x1d\xaa\xa0\xdb\xc7\x9e\x81\x90CTe\xfa\x8dq&\x17\x908\xc9T\xffm\x930\x1d\x91\xf8|t\xfd\x18\xd5\xb0\xcbH\xa7\xb6T\n\x11%\xba\x16o\r\xf6\x90k\xfb\a\xa1\x15\x0e\xe1\xce0Q\xd0\x00\xc1\x1a\x1f\xaa8\xfbo)rtYK\"c\xe2c\xbeM\x9bT\x05\xf3\xccC\x8c\x00\xdf\x8c\x1b+\xca\x80', 0x84, 0xe83)
sendmmsg$auto(r2, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x35}, 0x5, 0x0, 0x5, 0xe}, 0x5}, 0x2, 0x100)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_restrict_self$auto(r5, 0x8)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r7 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r7, 0x6, 0x0, 0x0, 0x0)
read$auto(r6, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7)
prctl$auto_PR_SET_SECCOMP(0x16, 0x9, 0x15f, 0x8, 0x1)
epoll_create1$auto(0x0)
r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000000c0), 0x402040, 0x0)

1m47.11468664s ago: executing program 5 (id=1766):
seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000000040)="065c139f249cbc7d4728e16ce91631d54b20895f55c50c665a6bb437d2552e9d889b595c6cebe22df206764cebefc5c411bf71030acb3d628464fbbd2cb6596430c44c5e1dcb80fe41658c6dca84a58c07f2752143ee2fc0bd4f8da115faac8693d4f6ce278992329378870d2094628dbf9ccbe0c09104b6f57123dfbd38626deb284b702fff90b09892533904c5813502701e0d1523")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x4, 0x8, [{0xffffffffffffffff, 0x0, 0x0, 0x8000000ba1}, {0xffffffffffffffff, 0x0, 0x400, 0x1b72decf}, {0xffffffffffffffff, 0x0, 0x3, 0x3}]})
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))

1m46.831481738s ago: executing program 5 (id=1769):
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x2c201, 0x0)
r2 = setfsuid$auto(0xee00)
r3 = setfsuid$auto(0xee01)
setresuid$auto(r2, r3, r2)
ioctl$auto_IOC_PR_RESERVE(r1, 0x401070c9, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00'})
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
r4 = socket(0x10, 0x2, 0x4)
write$auto(r4, &(0x7f0000000000)='-\x00', 0x2fb)
r5 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000080))
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
fchdir$auto(r6)
open(&(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x103040, 0xd1)
mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
semop$auto(0x100, 0x0, 0x7)
r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r7, 0xc4c85512, 0x0)
mmap$auto(0x1, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_posix_clock_file_operations_posix_clock(r5, 0x43403d05, 0x0)

1m46.418361566s ago: executing program 5 (id=1772):
mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) (async)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xfffffca1}, 0x1, 0x0, 0x0, 0x24004891}, 0x20000800)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) (async, rerun: 32)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
write$auto(r1, 0x0, 0xfffffdef)
syz_clone(0x11, 0x0, 0x700, 0x0, 0x0, 0x0) (async)
io_uring_setup$auto(0x6, 0x0) (async)
setsockopt$auto_SO_TYPE(r0, 0x9c, 0x3, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0xfff) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
r2 = socket(0x11, 0x3, 0x9)
capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800}) (async)
sendmmsg$auto(r2, &(0x7f0000000100)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000080)={&(0x7f0000000040)='f', 0x69}, 0x1, &(0x7f0000000200), 0x8, 0x3}, 0x6}, 0x2, 0x100) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async)
socket(0x2, 0x3, 0x2) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async, rerun: 32)
socket(0x11, 0x1, 0x84) (async, rerun: 32)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r3, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000fc0)={0x18, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) (async)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
r5 = socket(0xa, 0x1, 0x84)
io_uring_setup$auto(0x401, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
getsockopt$auto(r5, 0x84, 0x82, 0x0, 0x0)

1m44.04684336s ago: executing program 5 (id=1777):
seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000000040)="065c139f249cbc7d4728e16ce91631d54b20895f55c50c665a6bb437d2552e9d889b595c6cebe22df206764cebefc5c411bf71030acb3d628464fbbd2cb6596430c44c5e1dcb80fe41658c6dca84a58c07f2752143ee2fc0bd4f8da115faac8693d4f6ce278992329378870d2094628dbf9ccbe0c09104b6f57123dfbd38626deb284b702fff90b09892533904c5813502701e0d1523")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'})
r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x4, 0x8, [{0xffffffffffffffff, 0x0, 0x0, 0x8000000ba1}, {0xffffffffffffffff, 0x0, 0x400, 0x1b72decf}, {0xffffffffffffffff, 0x0, 0x3, 0x3}]})
ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000080))

1m43.660522264s ago: executing program 5 (id=1780):
r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0)
ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={0x0, 0x5, 0x8000})
pread64$auto(r0, 0x0, 0x7ff, 0xd)

1m42.503481954s ago: executing program 5 (id=1783):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2c, 0x80003, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44040}, 0x4000)
r1 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x80, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0xf42f)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x3, &(0x7f00000000c0)={0x0, 0x9}, 0x6, 0x0, 0x5, 0x8b8}, 0x2}, 0x5, 0x311)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f00000000c0)={0xa1, 0x0, 0xa, 0xac, 0xfff8, 0xfffffffe, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_restrict_self$auto(r7, 0x8)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r9 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r9, 0x6, 0x0, 0x0, 0x0)
read$auto(r8, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7)

1m27.458704079s ago: executing program 34 (id=1783):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2c, 0x80003, 0x0)
sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44040}, 0x4000)
r1 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x80, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3)
bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0xf42f)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x3, &(0x7f00000000c0)={0x0, 0x9}, 0x6, 0x0, 0x5, 0x8b8}, 0x2}, 0x5, 0x311)
r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f00000000c0)={0xa1, 0x0, 0xa, 0xac, 0xfff8, 0xfffffffe, 0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x1c, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x1c}}, 0x4000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_restrict_self$auto(r7, 0x8)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r9 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r9, 0x6, 0x0, 0x0, 0x0)
read$auto(r8, 0x0, 0x20)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7)

17.981504041s ago: executing program 3 (id=2127):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/firmware/acpi/interrupts/gpe07\x00', 0x2a201, 0x0)
write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x1, 0x0, 0x10000000000000, 0x2}, 0x895}, 0x3, 0x0)
r1 = getpid()
sendmsg$auto_TIPC_NL_PEER_REMOVE(0xffffffffffffffff, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0xc004}, 0x40)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
ustat$auto(0xfffffffc, &(0x7f00000000c0)={0x65d, 0x81, "63a355d2c646", "ba866032ad6f"})
bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7)
ioctl$auto_BTRFS_IOC_SEND_32(r0, 0x40449426, &(0x7f0000000000)={@inferred=r0, 0xc9ad, 0x6, 0x101, 0x1, 0xa80, "ebed5cae344b31b99bea0efd03f18cef2a20112d063b01a304f9281c"})
r2 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x2, 0x1a00)
read$auto(r2, 0x0, 0x0)

17.913690672s ago: executing program 3 (id=2128):
socket(0xa, 0x801, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
move_pages$auto(0x0, 0x5, 0xfffffffffffffffe, &(0x7f0000003380)=0x4c0, 0x0, 0x2)
madvise$auto(0x5, 0x4, 0xc)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x448402, 0x0)
r2 = socket(0x2, 0x5, 0x1000000)
getsockname$auto(r0, &(0x7f0000000080)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x1}, &(0x7f0000000100)=0x100005)
read$auto(r1, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80, 0x0)
r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/dynamic_debug/control\x00', 0x20000, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000e80)=""/206, 0xce)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/pci/drivers/pata_sch/new_id\x00', 0x10000, 0x0)
socket(0x2, 0x80002, 0x73)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004045}, 0x20000004)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x490340, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
prctl$auto_PR_SET_MM_ARG_START(0xec, 0x8, 0x0, 0x300000000000, 0x3)
write$auto(r0, 0x0, 0x8)
close_range$auto(0x2, 0x8, 0x8000005)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
socket(0x1a, 0x1, 0x7)

17.00593661s ago: executing program 3 (id=2132):
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x8c53, 0x0, 0x5, 0x0})
r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0)
ioctl$auto_SNAPSHOT_FREE(r1, 0x3305, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000001080)='/dev/sda\x00', 0x4001, 0x0)
ioctl$auto_BLKTRACESTART(r3, 0x1274, 0x0)
sendfile$auto(r2, r2, 0x0, 0x3)
ioctl$auto_TIOCMGET(r2, 0x5415, &(0x7f0000000040)="726c94995de04b3c363483cc5de8d7b46de6c572201ae74c29eef1a8c02fc1f2eac412fba5d4bd9034b8f89fa23cbabcf491716cb01e35c713e8dd065cfa406fd583010894cf246551d992d6d2f3ca0d5bb1c8eeb77909f16c8d731797461fa22fa0b237f92796cf61dae061e7a9ae59b12e142a472304769b9b3350eac7fd2f2328562372d9d2f21a124db43c7127a022e1d35fde61bd0bdd0d674f9b5b97772c64640710321fb26f06013854d25cd5a18a9f8db233825d70f46194ccc13881bd74969571519018613ea97aa3c83beabaa373897815b024a804cc83b6247d98b1d4b492fb831739e047e6473b936581e8981ce6d3c50c4ca11f1ea1b64c7b201326be6d868d7ff2ac4d3568cf903d6a8b44aa5fe2d0c4d464eb51d2a14c1f17627c918bc157f4130d380fbf7b99e41b553b815ba102e9ab52dee82b9fffb700a21b50b9db10ca6f6d695cd0b4a3989fae238816ec9330db118609abc092504359e0344e8a8c4fdf5fe3a68b2cd88e0dec8a7f11b73cd825957d7ae3dba041a5d505605a2dbade1853c1e54c4c9ea4d2be93934c31fe57e1340a0f2d90c5c42eeafb1add43a629829bf6fa9851bb70c910e66a0a4cd99a774214a3529c5b715f0482f0ae39b8b5a75ba5a94c270b65ed066b459ad2a92a3446497606441a82485cf6dccfaaef668b96c90d5f5528bc135d949c514a311b2cddfbde8b7f85fbfdcae27b75ca37bb0555d15dd46c6eadbca5771d499e705781d9333eaed9e25e3f94e736989a1101cd0801417cea6b9a792e309c1e840e638cd4ac0e9dde84ba58cedbbb0aaea3c5b9afd72aa4d7249c13bc2ea70a8fa53f16b19f7fbc8c7ff30a0b42bde5f637d0670f945266949747bd2a1e53556972d878cd508b67baedca78d1fe8625e674cd0cde8d1c1d1f955c3637477211786382f10030c841468d0d7955c09b281b5564a9bac6e1e1215bd31fe0b3e9d2574c98950f0e0d92de715da069c21d6331e3a9fb5222768bfb4bb5238e19ac38d23e2e51438ef69313243a89165c8eb874a49c454694feb2776bbba5292f55bb3167fb4399fd19a8baed9fe977c29cac836ae38b33df33325edb5a9d876a702ea94c952cf9b6662996a5ef6a313b0c8f9a2f89b9c083ade17614cc18e20770afad4b35aad1d584f8a067034c4ee3c298a19c4843d3baf449314406a3f1ebc18fd0bbf067d8ce79e1f15245af3a7b9c2e970f97eb64e7074e4ccae97f4fb6a19fb6ba0b35526166f3b3b3aea93abbaa15ac5e86e6b1dd0f07019f0920b3535a2728cf2020ebc6b9bc1dd695fe5187004d2143d2ef5b5c017ce4df2cbb9dddd687bc4c31752fc472a174729f2c001401745ea62cf779b6993a6a6c7e4a2ae9d4d5a00a093e78cd05512b3df08a28ef73daf2b057821328da4332b7f7f91ca9a9bfb6cc86d05056c28f783b9aa5a1440d98615bea963994956b642bb6afd0e1cce9861ee125a0d731d08ed03b5f1f7819aae65ef3f0d2a2038d34fc92f5d676d6df39c563d0033689f1fcf95c290ebed71a9f13d7cb74de34da205d7b61e0ea340dc9bdc8263eb24673ce2c41d0866c608bc68cc0453835a3e64f9f0feb2758c43b9fef90711fa295e130ab097d66864e3cb0b888133694de515e4e2cdcd9d6da2f2310ea5b93bf7aee8cbcf7d7fb6f5d08cbed88d0f8166b91e1baea522df89190f2615a848eda198efbd8e938fe5bc3cdbf8cb34009812b0638bb30c94b53696ae7371ff947051e542735e45049b00eba4a6d17e7cc95eb24e7887327d19a00ec3d74a257b3db6a20d03f314cbab8d1c5151a7541973138e3eb4c5a7a588a1765e5faf1faa4472673dcc2cb2072ee45fecc2f19344816622c1b43f3c978ccb0ebe915b0377fc93517b26e85a952642f4b84d60baa6401e9015db79f8659637a08829a5770c98e87efc7c047f2237d97b877ad49fc0572e4a44e29cac83af79b09d75cb8b9fb9f5f398b3f0a412733e75f6a28a851f4cc830cf5fdc3ec85d635fc87e66359e8bb8c7fb9629a7bc09c6f7bcb6c53be168708ab329260e8c3bdfe2ec4bb54619e71f75de3266a24ceca26289f8a4dbe6b96296558e55739ee9ffa7988cac106a27075dfb9e6646a85f56916c86e1dd0d7570c20f3315598a3a3d736896b8e02ae855208fb7d87c4aed2e722301063fdb4b4584e00fdfbcf2a91408d114690a4060ad2ac558a795a8f5aff750b11f16ab13e8290df5b0cf50946c3e508d66e92014d678e6a0ccd1bb8eca7a39c4097c35f590c67cfa968a152fc24e5170aa75b002690613cf85d41cb66fcdb646c3191045ef9ec1a7e7017d4f0661ed659d3e9d3374373758988ea4154a18168cb4d8a5bff2c93351e35e0b8fe132125cdf8ab877ebe7f055227d2ab5cf1d5105fb2d7381d95addd34c47b66f5a93839949292705cfad7d87362e6552348c5ba84008d97425847fcf312917d9305c51730fb6c6001775a116262bec03ddcab3110ddf79a80c1d32de6c33e415f248d26b3c9b190514598ddeb09510701aca323123c8618191733c3e6d0b4bd3f62da838a95f2d8cd435427ea35f92aed5eff19c5879a2631100a678553c5aef8c4e7ad2b0b396fcf93a9c6c4ac55a518010e531fbd3a28ed724f16dd339fb6b9d8e5183e984a9fc97adda700f6225a24c13a008c4c3f8c380a7cae9772b5cce2cbe2d65566d6d82bd2d6aee59fe20519ee334ef08d1bff36635fb6685301b6f23f8b971902cc549116df02bac78845e74997f730775dad717f1c37a5d880362565737067cf7c65c00c5d6e2427e7f8fdad20e68290980555014800a23c9ddef12d2021723efc2cf67be386063439c464f36feec081ef39e40d6c57d54ee794f53a6492946ac6b227ff7a36c76183dab0dbf0f97972df3898fd782b3dd4cc0e052f705e7873dbf81077fb5a2d0b9e7fe4680164d048018801339c397f2324992567e7c9dacb290a9b11c9f1ccf0d8bb170e8d55cbfce3907cf087db1c5c4ff87d4e8b79e1216bc07af66ecc9da2e2719edb08f67c3c4dfff7187adaa3d021b39ab1d380903152495ee5600627f2020fcb58d7f4c7bf17155abcb131badba929c9fff609bc838f6967c4cd6b84840bed5e95dbcb2edc622660f9e5886a5c19846acc60a29e8b78843ed3bc1494e6a4e63301c9dfa1f8d4da5fac27dcde3cfbd75e1c847ab96c64cf48c876d2888c7ef2807396ec6ffd99fb598ab001bce6ed37d886183de66c086ef76413bf7ea7f94486cb4ac3456ca2e448d5dcaffa42c77883e914848c0ce33c3270d6ec8e242af057cae9f45f050a1d505773ee6cbe883284aa8031603ca802005b44fe9b3de36175d098f8a7d266aacc6f3eb0b40a3138e0a434401f7c8c35d615cd73e46d6351a420729db5683a85d7aeb9549c525f22d4785e938b6e141a424c4064109cfa0f129acb98082a588359694de65aeca0fbd4b2050300002fe7a8048276dd1080c12ad85316c6f7ab7cdcb6daab9f243bc4c643ae1a64787c2ca13ea1e67f8cb63d46a4cdeceedd18b18eba8153874ab286b215d71e4677d1ffad355a0c7bc14215c5916a7507d56c9a33a87fdf258a4370310b0aafef3b512b12388c6bc8442cd4806f7d49b5431979ed139bb897fedd1ea9f93bb192c1d162f0a54301d6e23bc526a4cf97142511383e7b7078292c021c1d78ec5c325c31019833de7a23a583ed25f39841b250758d0f6db3194c83d2d99bda632d626e858ea947a6061138e5e113d09eaeb3ffb424324e400b48b07b6980147fea1090604afcd208e65f3ad1438bd5dd2edb8cf7164ede85bf8834361f76f964a6643235f394225a19d632a7b8096108d0ffe391abd72fdf9ed22d09fd10b551353832b726724a82774d8296d99fcf392a56b17874441c1944b6a04051ef19255e1e40267696efc0a945895a7edf8a099ede5d8c2cbb5f6715e724ea0b15bc9b26f9973ed35e011304633178a1060dd7388c5161b225f7c1f7c7e2c896a1e0111cd42dc8584ca927309f3ce5101f73d9dca9669c300e1781213dd1ba99e1ab1e880379f45a01b44ef905a71e828fb4645b5acc578b8b49359a6110dd5b733d317eadbbbe6df1232c32c145c858a4e69da8990552cd6386f6a048d9b068cb27542abb963be795083ace2f73a0d3346a09def01baeb1a270c174a4e76c55ed0c073e6b848ff77293dc21fc6c96acf00ef10b78cadc0263d3d30f23086a875c3ea2274d8b1867c0a5a3c40c367eae1e8353079d72b78fd42b9f1fc9ada46a52fe62c4996bcbbac0848029e1b0af52ebbbb22d8976c480e0e3d51a96e6842e31e48d099f0d4535303ed5452568e615e368d2611da4141a8a38acb3289ef53ee4b4283bb1087d03f0c7dd40847d200f3a6fcd00faeddf5612cefdaf7a51c29826f6921f547b6649666924fde27fe6802b4b20265d6f132802819373834817508e99635397acf869c317b4fedf8de55dcaf186e6c2c735ac818ddbc4319f647251df972f6a6a674373a687cc83849fd70d9abe694fcccf7963058164fa328fbe4b20c73c3a221c46e481eae41a27d59149864db98ee1119f6426ac29a5ce463186533c547afe5886490ad9e54708ea7e58faed552602b04bb601b0eb75889fffc29d6e6398febdb462dd12fe5a9bf0303f302d3e5191821a994544095d18d0264c4f621660bf6a59a33afdac4d3d9e8e9039b58cec30b91c6510dca7732f66f6cb359e0a94d5cb86650db0fa35be78950e1edf7fec297cc21f0a0b94e1c4ce10285fcdeb4121637546d3774338d4d0a1222f95707de1a722a8cd7e0c21cd8bfc3cc77219bd9c4371291686f7a4fbe91e5e65d2f0a5f85f1e61840e7be0a823863edc0e5b148a1f8155a9bd7b0017af83e52bbc4196069b765bf5c7c59e3d1e80822c23c2e24427d12eb1ff860b18b51e72b07c220892ada7901a1c4cf5f78248cf7a05fb754d4f03c291586e6f6d26ea1723fcd559cdcbbb0d40aa22bef871b5a5ac25a8eb62e94553f1cfe05e155bd36acc7c5e7f46af5f252352b6e6c6f0de3c466e98c2e189f5ad76664076f4c4c0343e5bdbe13cc1cd2d764920b5b8c5fbcd32610318059879c208d4e8ddf1dd84791e3d3c7d4c65a0b2042c7aa7da29ca9471e379ebb8e43d47a033ed449017bacbda8d566105a143591cee0d2abc030186b039357ec216d8607d12a47408e36f640f2890bed2b7ceaad5caae969a3aced386a083f822fb50e53fc593f900b75ef50bdd0848f3e13250535838ccc2afd67a784a10bcfd5002df80f2aa4585bd49cca2528032f56c2952c22582ce236943b7d60313ce01fc71bf4418fbd9da554d3a5661c8c2aaf9d0919e558a0dd3df78caaf536640c1103f61950c2ea65dd07f5064167475badc4d4bd555ca12edd4a6f33208b7809c8d94e00f086cdebc583a648a00fc7ad480ee1b5aa00b0fbc264a147192d5d93ac30ad7065b91299f361df5ba878805c8504f7a72f449707cf19f21e782d63a3a00c87dc4038615980b68fac1af340a6dd27e828ba9910514b663092df0ee15cb5f447e56c83c4bc84b933a3c3d266637df7be83d2585d3dafeafa5031abc668a581cdb5acf006d0e3048ecb2058dad75e51b5af1d3a657c811dfbdc3f61e29ac692806c797900d9d64d20510e8c7f2631ff8cf5e8c1478d181fa113ebc101d76679540d9b9c97eb841c7a989c6a80c2d1f5df5cec0f8a3fc61932a48b17553e22c4f794f1955a1bd57c5a386f0ea6ddc376c34295aaa6bc4de")
socketpair$auto(0x5, 0xffff, 0xc, &(0x7f0000001040)=0xfffffff9)

16.48723348s ago: executing program 3 (id=2137):
close_range$auto(0x2, 0x8, 0x0)
set_mempolicy$auto(0xc005, 0x0, 0x3)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
r1 = socket(0x2, 0x1, 0x106)
bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd)
shutdown$auto(0x200000003, 0x2)
r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x40)
r4 = fanotify_init$auto(0x5, 0x0)
creat$auto(&(0x7f0000000000)='./file0\x00', 0x3ff)
fanotify_mark$auto(r4, 0x205, 0xa, 0x4, 0x0)
read$auto(0x3, 0x0, 0x87f)
close_range$auto(0x2, 0x8, 0x0)
fadvise64$auto(r3, 0x8, 0x400000000000006, 0x4)
ioctl$auto(0x3, 0x541b, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r5=>0x0})
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mincore$auto(0x1000, 0x8001, 0x0)
bpf$auto(0xffffff80, &(0x7f0000000040)=@link_create={@map_fd=r2, @target_ifindex=r5, 0x7b, 0x8, @tcx={@relative_id=0x5, 0x4}}, 0x91c7)

16.118813775s ago: executing program 3 (id=2139):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
r0 = socket(0x1d, 0x2, 0x6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptytd\x00', 0x800, 0x0)
openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/tracing/set_event_pid\x00', 0xc0802, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101c40, 0x0)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r1, 0x541c, r2)
r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000000c0), r0)
sendmsg$auto_NL802154_CMD_DISASSOCIATE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x2, 0x70bd27, 0x25dfdbff, {}, [@NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x3}, @NL802154_ATTR_WPAN_PHY_NAME={0x5, 0x2, '\x00'}]}, 0x24}}, 0x1)

15.730049545s ago: executing program 3 (id=2143):
r0 = open(0x0, 0x4242, 0xe1d2b27bdc14aabc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r1)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000050c0)={0x0, 0x5c1e, &(0x7f0000005080)={&(0x7f0000002a80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010025bd0500fbdbdf2d06000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010027ffff00fbdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@NFSD_A_SERVER_SCOPE={0x11, 0x4, '*^+\xb0*{(+l}-\xc9\x00'}, @NFSD_A_SERVER_SCOPE={0x6, 0x4, '?\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x9}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xab09}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x80)
sysfs$auto(0x2, 0x1c, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
r5 = ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
write$auto_tracing_cpumask_fops_trace(r5, &(0x7f00000000c0)="2b3d23478b", 0x5)
ioctl$auto_FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000100)="0ff1cb9a5e4c89f26556696cdbf24adc9356d02cb0a2bd4a6c2c37232649e1e0d1cc0211d6f181df17ae10077562ba8a74f9c2687680b8c4a0b92a02a1d1aa336c329cdf887e99bba4d288dbeffa75261336e5d061cdba147b12530d491506571aec2ce7193bcbdf0ddf0000becc3e81c186a2220f3282dd98698e7d20e0d5803c2cf6c03c848cc2a86b3c088b32fd77256585567eaec133956a19f694cb4a8716d25c343540fd4b9c99a9739c85f5f4")

8.558344274s ago: executing program 6 (id=2173):
mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x22, 0x2, 0x1)
socket(0x10, 0x3, 0x6)
socket(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
socket(0x11, 0x3, 0x2)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x48002, 0x0)
r0 = socket(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, 0x0, 0x50)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

8.451732943s ago: executing program 6 (id=2174):
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
write$auto(0xffffffffffffffff, 0x0, 0xc8)
syz_clone(0x80000000, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)

8.206369589s ago: executing program 6 (id=2175):
set_mempolicy$auto(0x3, &(0x7f0000000040)=0x7, 0x0)
r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000880)='/proc/thread-self/numa_maps\x00', 0x28100, 0x0)
r1 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x8081, 0x0)
fsconfig$auto(0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0)
writev$auto(r1, &(0x7f0000000140)={0x0, 0x6}, 0x101)
write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
pipe2$auto(0x0, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_ehash_entries\x00', 0x40100, 0x0)
read$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0)
r3 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
write$auto(r3, 0x0, 0x5)
r4 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
r5 = pidfd_open$auto(0x1, 0x0)
setrlimit$auto(0x6, &(0x7f0000000140)={0x0, 0x6})
syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0xa7)
read$auto_vhci_fops_hci_vhci(r4, &(0x7f0000000d40)=""/16, 0x10)
set_mempolicy$auto(0xb97, &(0x7f0000000000)=0xe, 0x5b74f1ca)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
pread64$auto(r0, &(0x7f00000008c0)='\x00', 0x10001, 0x3)

7.80948175s ago: executing program 1 (id=2177):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c09, 0x0)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x1, 0x84)
r2 = timerfd_create$auto_CLOCK_REALTIME(0x0, 0x35c)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000100), r2)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x200002, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000fbdbdf250700000004000600060001000600f228"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0xc0d0)
personality$auto(0x40004010410ffc)
sendmsg$auto_SMC_NETLINK_DISABLE_HS_LIMITATION(r1, &(0x7f00000006c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB="a8000000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fcdbdf2512000000f09b5d1215cacfc937c05f47696355385b3c78d786cd866a1cbd9f2e8461bccc09c1cb42ee7f82dbfd6b11217625633e619fdc8eb75aa94ded4b793cce2767b9a55ba75189a0475da9ce3a698ec56f8238b9c06fd4b60fd8e45c0284d6c8a782409b63e0df50eeb54a6c25277bf18b303d17c95ed2c8138a43ed3ed37b2e6297aa4677fe366f3badd0f1488e6c0a26ece95accac62fa340000"], 0xa8}, 0x1, 0x0, 0x0, 0x8004}, 0x40000)
prctl$auto_PR_SYS_DISPATCH_ON(0x5, 0x1, 0x0, 0x0, 0x7fff)
shmctl$auto_IPC_SET(0x80, 0x1, &(0x7f00000002c0)={{0x4, 0xee00, 0xee00, 0x8, 0xfffffffb, 0x9, 0x1}, 0x7fff, 0x6, 0x9, 0x1, @raw=0x7, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000180)="ee8b0939bd31656f6821cfe01d11ed2ce18def57a7f783f5c925d37b79478d4893ca56182a79139b36bb56b038f3333b4e189f3c66c946a254890f5e1f118344508d56438a6916cfd4f317ee2408eea275f44fec2d831768f65224e4bad9f7c726a2ad4578eea07968fb790e291064bdcf4c412c2c51", &(0x7f0000000200)="59b770f643ded4e2e2b38021fe0c2252ee43969810de8f3552703c459acb9d9926e0df9d3746f5d2ec01ef9618c62a6104e6e43690f2b4ad2d83dfdb6e8e3bf91497aeb379b63dbe407f449e6328f24da43a4230e4ebc5b4c2d34eee3ee652cdcc690e127765f1b6c47acabcb437f075c55452b2f2b79692850f0771d517fe91f858df51240546cfb5848149b9a6cb3b803fd61933a7ef9552e50d9bcd85f3f6c8f40d1fb1dbd56cf6368d"})
sendmsg$auto_OVS_VPORT_CMD_NEW(r2, &(0x7f00000028c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000002880)={&(0x7f0000004f40)=ANY=[@ANYBLOB="e0240000", @ANYRES16=r3, @ANYBLOB, @ANYRES32=r4, @ANYBLOB="080071000000000008001c00", @ANYRES32=r1, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="14002200fe8000000000000000000000000000bb0c005c800400d20004006f800000311304803db1555c2b1c2b5cda5b88374c029dae3c5b0be535cc816f6a44b0b9355ed5867105f7539766a9d8f12263bc8bf4498d2a5abf30be5818d302ddfdf896fe2b189065a166aece2c40952b2f9e579bfa418da72c4e4ec23e1196c95de492c0e9d5eab4d018f28328ea27e434d7f721101d92c8c526c63d00530e2551fc18f420d8b9815f9d694dfb3e41edf962d4b2175ad0907f2a00a428008cc10867c33c3ad51607610168d81a877e09f71362456dc4089a8db9825c65c526aed8912108003980040074805410148045002e0036821cab63a9be29a7fca742336cdb7346fac2452ad4e57e14a42b1a3af2f4918b4420e0e24715bc9b2fa3157f0e8476ca28882ed12e8d712f3238ba5d370e37f1000000041052001de43e47365a7cd64412fc2845661756a62a502b01cfda0f7c84b245136b0cef5cd4f2e5bbdd9125f69fcd59d5108690d367ff48e95cf316c8c1cc54471582b9d911d0a32c5db19317617d5ed9ae3f44cf2255969ce60531ce758a04fc59625afab3747bc1e72a17710e2c6556843073d6b5f81c1bf338e0f2e68987282d87337cfbdde726b0a2e01dd0e9f31c07fa04d93117129c5092cb1f4fcd7331811faf835229529d4101dce757339302d99eb9a5d76e37ee264bf1d4a91667529a3f3fc47bd3a901a634273f77d19b5a2191e362e970b795160269967d9a7d3e1eaccd89536bc28d27c0045d14989e8f8e3794db88f7d56ffe5bdeb5db8bef2b537aed0bd336eca04d549cc191b8da873e412b375236ae847bf44873dd39dd08e29e5d4c7816521b97e7a03add88982a49fbfea3090175c5964c1f60f0b4640889893dcd92a77f8c87bf1c081666079777fa6e7e8ed4a4f21a9c98e5e52de66ceb25a53586e7cf60599b3c21443ade57af4c19f18d38848333bc411602068445a8a836b9a56a7c9d65addfac2e66c85d41602e22114dc3f4c27d27d41399dd003bb9d6d945284d9f417be31b7c5b7720c7eb9bfed174ad79e09bb45ca439e4645ed474dc0441a3e86ffee72a751f3f5f3c98c32e20984b8eb15e94a811c4f9784e0e9619e6966aa269b35c6de3dba024a614b664119a939af0fb7c0034c0c1035500d3b4fad7e1ba978d63a0931ec80f5995b170277e9a965f76fc9969d4ec4662b28826f99860826afa09ec9ef873cffc732aa16c58f999315482d0ddf308a7aec0c5262c37d3a453087c5198ab119b16c07b9107b1d3d51c26ffe69f070b38e31f1752bdd50afe6ff1e0aae20e724d8342cbcf85b1e89f3a6817c1d38a4e49639ea8eee373f3611459b3e1e35bdb95cc387c9db9ee54d8917b75a17983aedde0fb3a40f3b57920a65595885171728c407f88f92fdcc434a5724958a58057d18321e64f734c3694a3f70cc38909906894d1aa29d5215d962150f1ceb3fc486de76f14be0b08bffc30927b659104e0017353e7c830f832ba3534d3ab3a570d21445697088d6437d49ccce3d333c8c39aa20fa6aa2331c6080589620db7fb71634e985a2c43d08040ca86b6736a042f0ed746147196b02d7784d39087871c36927ccafd7d0d2fe6205a35b197697c8297de439c4d1e02a7d20032bd57dd88d6641603cc4ec8f4522029b9e7919f798e497a0f566a896b5986f3b764bee4c01654ece08e44e6d7cd8086dba3f54a6cb498446242b2f059398aad33b9a3954863641f09060e45387adb98ad848b07801a26d74f7ac81498a894bd3e3b7bb638dd5eb1e5b50ee0ff3c1dd0e2948d9384d7071e9d137387f7d06a51e50e0fc90e4f3811ca8b509451bfc24301fd1f357c5a8acd1692260bcefd817958668ffe6f041bba492d2df07e98743518504f06b278d40de054697c3bdd186f5129870d172c216f16ebaaebc61a3606edb3d72df65aadfb11c77ac48e5f319f5f2fc737637c7d1c6e5ffa080053962be14074622840dda7322e0e17a1c9d71cd635e6582b80d897b1f8972500bd3e5f64d25176a5972ff9c774f3cd628ab197265251668bbff1fb03355003eaeec481fda303b6588f13c81682fb9ddf71fed409ac81e8531363580a896fe9c3fd8c932985524ea6e37a259a9b0dc0180e97029894239213b9fe46efa1379e1f9717859de91d89298561a17db53ac0c99e7786e7a36817e1cd3ba5c78bf6e67b59e4c305c6f26ba5a31b708d68443ee92a503eb9a276a2e3593a85085686db85efa3d70fe1b70070fb459b43435c09b5b23de77f71f6d05e84fbf6f42fc7b6b3cf80107c14b2919d80c0f31940c0cc495d3b87f8bb66d47564411d10d0d282848a90c31bc4c0cc1765efd104368ff33abb89cbfe8c7acc704a84333f3abc734f7565a3ffa969ae1cc522e83e5c1bc8ec08c2c7c1728a4ce708e5c853f3b7c44da354384e99bc55959997371075cb013162739712842b1fecea0bddc5938f2a8300cb3386a115fd6beaf2a6f558a7719195febe518162da250af97ef1e9640112393850ea29339c215d330d9d5a2ba3f8a68bceea5bcddd9f7e714230c19b128e4a255229ddedd4cb7a129de7797b501f0606187da85b3ace0ac225779cad7db9c4c3fec244aaf6bd0a318900d16b1f831aace2128a97f0decfad2b5052245c46d2821f7b0c057aa866a2980968b6bf861d21661e8bddc0e0d5918b7e6ad5128b0ca13c8417f0e22eff3157b036dca1800504e82aabc22fd1331f39fe31270e8baff1a21c4d932d4444586488a8b7f75067e5b6cc87b681da3d3439d3e847e2e2220fb07b999f81a69404f78fceb846237f43b46716d120d213b605960a7dcc55c78d54d887e65360ca913e0cd4ab31f45a1ca2696cf9417e4381a49f8c7da82ed0f56291a2f707715504c1f2e5b6c78cc4d05ea33b8fbf5c12593742ed5d1591bc278872ee11256db24688c42b5e7b838c1f2fffaac541e82ed21c2656633f4eac99309dcff7021e492f5cc0845cc68b50c75b92e6d7bdafbc50212b386f8bb69ba04acc3014c17540702ae08b13eefbbd596ac3e324e747e30b6a24004e32186be1262c10f68363fb461ff4c3a8be3ddb4a5adffabad43c698539ae3612619124dc14c9e2ab332b16ce627d5a3bdcc1c9967014121ef2b1403b4c93505e6ac7d17862cb7e1854019b314e7a94b4913f1ea9076be16d14e5e8b214c762513dd1b3435f7827e2e986c2e4ba3c26feb888de938be15253569de5fed078c948fba65afe1c4bd21a1606a02bc000bb556ab0f198b7d41befde10561d57b5aaa9046ae0fc1ef860912558f34a69ad0eef8e770554390c9e0dfe1079900c1b5456e27b4fbfa5d015a8302bdad5c874cec8f4d54c6beab200aa1c0c18c7214524866f00c3a1b185c583f91be3caed7b56db6831416a8aa59a0eb43fe782a1ec7c9da13820108347b1b7f0615a81f3e3a0516e381f835ecf884bc58e2520bdbca141618300d90d9f89f178de6ef3860b1955967c3e06ef9f61d28a02d8411fb4a1b781af43e8117d198cc65854d945b44a0fe488e93796eea93ff8299327b0b84fa7409de15b2e1f5bc49c14163f624ba304d142d69c6d0a3b57b41ca5fce2ec633589677981afd97580989bf64a87792fc098638c11caa40254f5533bdaffa8489d378cbfa11350739c9673144dad266ef0cd83ae956435c98064390ff9e1742bdb445604592cc0f3f16ec8a2b79de1c7854a3d98f12911ca562674ad7e7455f276f7c4caaffc8da9081b7111d9ba06fbec1234d12244ed1484df0c741b0ddbd96c6d2558cadd79b7c07b67856f46cc4bf7212d584f0f2d0df2a01f3476a84a47df9f1bd250212ec68a690fbd82e1421968cdb24a5b6bf37747a1342e8f1fbe7aa40c321c88d31fb32247ca730222aac890b23e08aeacf4a201d4aa64befd46037d284f690f64a7e42ca2f46fb31b73610de41be73b3a29da2f01069a50ed985e0596f51fea6650b66e83caeb087a3d2740f652fdea95c1f76831d8d742ded7d79a886adbefdc49bc565590858a54945dd9dd5636c70df5bd88817e2529150f77abc281c70e0d8c17b206261ec9360872e36323ea903b7f134a8f53c7732f6629c32ca43cb53dfb2ce05cc7a06d7e2faa5c27e95c8183187c8818728f698e64b00057f331f01aa47e3addd356dec81bca67e3727992d67b86b5d0f4f8928b9b222e7370edfd2024d63d1d7af4fceb77133cb4eb86bc0221d8e29781d7dec706c989689153fce03177706285fe1c0b7699e3d64d9ca72e6d2d68612f4c15ef9e4869c8d34e8bf55dac92622e2b58a29e9772b547d3c8deecf2aabac8142c6fbdb5c291e4f5f5dbc41a520e70fa205b07eef581d4fc0f8ac72240715b0c0abd1cf5a8ef3a3b0f68af4ebec186b11cf728e7bb2271a272dd8588b580e8b83543a33b9d76beb265e668ba5a9d98be8875b81448ed981e351848e4cbcfac2301b5993dfb4bdda49a6ab0fface5859d4eec5f27c226b9b506594050213498a19f16c6cde2e9e78b70d1f7b513fc2dc03c8ffc557d8305889525e425e373eccd3752f3f70fbee8cba552ca6df57e73ac957353216d6b0b62160fea7afdb1caf96951deed0a007e9a824aac2af454a85b91e5c3f2dbbd39b398eaf5b6577dd6a00bf7e4e206082f187920e52da9cfe79e93e13a96699621225db9024f4db196a5d3a3e97d368d8797f4f6a4775bb9784af56f89268275db4061e9520bbc873dff19dfd6acfa279e5dcf2f3eea6a0be55e2fb585aca7e7f7e8e8040ab022682544af62faa50f0b8c810719c2b22ba9ef9bd3a9a5b120b95efaed8ec098bb6038e9ac20d4bdaa3e0d838485ceb76796bbb49d3eddd9334e48c73a5c62183184bcc8", @ANYRES32, @ANYBLOB="198a641734d1f44f9aed0f779cc2b2ed9551d4c625802f2fafc39653761255a329213315d8b3d7135c805522d713f54d84e688099c00ba4e4b1398c9f775e82a4de6d462cfa9affc9bd92bbb933ee8cd8f8dcd2096d669cddd52e8fa0d8bb702d6f691893315f3257507d641575a4e4f08e7a958a9bfaf03a13a4f9f60e9d40e48ad0926f8a0f34cc2d3bb36014ea3e5c4cb384167d36ca263ac2adc09ff269ae71b53a238a5634678c6e771207327d44f4b3655d01b949c3877a8fdb52eb2e9286494ae45945a8a957372cccbf6a2412ea6506f98d8beb6dcdbc737e243a7c42c4144340d27ebe801edf8570df69dfddb3471d6a4b9f586387accbc72b91a07456ad97534a665bb1a361b649afdf3333bb90f69a39d6262508a0600c794244677b9f3d4a0bd4f943686e2eadfb77ed3f3103b3676dbe74ad3c68b14021ec2ab525cd208f2554b9ddadd323d6058fe4dd9190bbede278877f893613ff4514cd56e305a3405c3f1198f28909eda5e7e5f76711047ad216c47175d17012b618f6836bfc4701e8a92b085e9de019534a38a978484f1e4db563ef5a25a0663aa5831a459f7794295a25cae2a1361687b4487aa9268489108bc450ff6423ffe27e219acf39f160ce362a34b895721b6932410c3acc3d269b65343fcdec36ed4b2324be9da85fc5cbe1bfc7edd50d5f18f91c88a89e40319a7ce65eb5c4ef6bdb5bbbb45392b1ac2bc1137679c4803009de8650f81b84b40a633dc108e0e8a69c00c10cb7896a53e7faabc00186554a00000080001000d000000080009"], 0x24e0}, 0x1, 0x0, 0x0, 0x8040}, 0x40000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
unshare$auto(0x1000004000007c)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
readv$auto(r4, &(0x7f0000000380)={&(0x7f0000000400)="7e1f4e356e82302a5f74ff6757bd418dcc42af182217098014da1ca02dbcc296918dc67d80e5b2cee13b91cece97e6ea91e50710efdd484592360b1fe282de1dcced91106d3450d58749367c58fa52f263b02ce8c281835142b73b2cf855e53d884273ab0a47c2131d81f3e3507fedf5be7eaff6cad22b0594c96decdbd9ac88e4233a4d352d4e08509a92b239bef6fe9423902f2b5ba4da54f471e728821ad2c84ba77b72d68ee0e3caf4246394801517d636eb8084bb"}, 0xfffffffffffffff7)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r7 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x81, 0x8000000000001, 0xa}, 0xb, 0x0)
landlock_restrict_self$auto(r7, 0x8)
write$auto(0xffffffffffffffff, 0x0, 0xc8)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_DEL_SEC_DEV(r8, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80862058}, 0xc, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000006e8d529be22536b4650f0b24282ea2060b32d22ca3d076c9ddce8956e881ef76dd6f51539cc51b53b9590d715a9836267c0ac87edc601f8d46351a44ffd197cda093fa563bd045a3f962949b6e733d1c0000000000000000", @ANYRES16=r9, @ANYBLOB="000327bd7000fddbdf251b00000005000f000800000008000d007f00000008000100400000000f0002002f6465762f6c6f6f7036000006000a0002000000"], 0x44}, 0x1, 0x0, 0x0, 0x20000080}, 0x48840)
syz_clone(0x80000000, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)

7.504689528s ago: executing program 1 (id=2179):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0)
lseek$auto(0x3, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x1d, 0x2, 0x7)
getsockopt$auto(r0, 0x6b, 0x4, 0xfffffffffffffffe, 0x0)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0xa0880, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r1, 0x5509, 0x0)
r2 = getpgid(0xffffffffffffffff)
r3 = prctl$auto(0x1000000003b, 0xfffffffffffffffe, r2, 0x1, 0x7)
r4 = epoll_create$auto(0x2)
sendto$auto(0xffffffffffffffff, &(0x7f00000000c0)="1f9e07721c59ddfa156bff1533c8b0950317d8e6a8922a077a01e28958fc49183828be271e523f3420496abdfdc5ec0d661081540b5ae02dc467165abf8aaa687b5e8c4f5a685d57f42b0b4160462d171fa904e76237f7d74670a7b98321ea4985d2406dce526653587879c4581c1414a116f8d53ffa1d9837548f17", 0x0, 0xffe, &(0x7f0000000180)=@hci={0x1f, 0x2, 0x3}, 0x6)
epoll_pwait$auto(r4, 0x0, 0x9, 0x1, 0x0, 0x8)
io_uring_register$auto_IORING_REGISTER_FILES(r3, 0x2, &(0x7f00000011c0)="5e86ab09f2de520f04ab34e9fb419d0a0f2eaae9f2684009ae0566f24740f14885b14b56bc1a8441a427679919f1472cd40bb886cb58cdc07cae501fd2aaf071d8d3244991d06a1ceb95b340659e9bb29062aeb8e7c2de11b1faa486102e7ef86d51cecaab6c4566af8096e0210d411d81dbd6b3816518141aedc59d54bb3a1ff71b34a17762a2d3a980811c9cdc56a72a0e0047a90f8501fe2051e44515a1ff5c6699c6c0a20c4f5ac21c785c63a35103b2b825cdaafba60fcb44077393bc23918033a497f1672967c1dd8e15ef61e8f75d28103160ae38d27fe99cabdfd39b5de938849084af8cb6840ba26a43bb9006aa11c773dee73785", 0x8001)
r5 = openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80100, 0x0)
read$auto_dmaengine_summary_fops_(r5, &(0x7f00000001c0)=""/4096, 0x1000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) (async)
lseek$auto(0x3, 0x8, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) (async)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb1, 0x401, 0x8000) (async)
socket(0x1d, 0x2, 0x7) (async)
getsockopt$auto(r0, 0x6b, 0x4, 0xfffffffffffffffe, 0x0) (async)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0xa0880, 0x0) (async)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r1, 0x5509, 0x0) (async)
getpgid(0xffffffffffffffff) (async)
prctl$auto(0x1000000003b, 0xfffffffffffffffe, r2, 0x1, 0x7) (async)
epoll_create$auto(0x2) (async)
sendto$auto(0xffffffffffffffff, &(0x7f00000000c0)="1f9e07721c59ddfa156bff1533c8b0950317d8e6a8922a077a01e28958fc49183828be271e523f3420496abdfdc5ec0d661081540b5ae02dc467165abf8aaa687b5e8c4f5a685d57f42b0b4160462d171fa904e76237f7d74670a7b98321ea4985d2406dce526653587879c4581c1414a116f8d53ffa1d9837548f17", 0x0, 0xffe, &(0x7f0000000180)=@hci={0x1f, 0x2, 0x3}, 0x6) (async)
epoll_pwait$auto(r4, 0x0, 0x9, 0x1, 0x0, 0x8) (async)
io_uring_register$auto_IORING_REGISTER_FILES(r3, 0x2, &(0x7f00000011c0)="5e86ab09f2de520f04ab34e9fb419d0a0f2eaae9f2684009ae0566f24740f14885b14b56bc1a8441a427679919f1472cd40bb886cb58cdc07cae501fd2aaf071d8d3244991d06a1ceb95b340659e9bb29062aeb8e7c2de11b1faa486102e7ef86d51cecaab6c4566af8096e0210d411d81dbd6b3816518141aedc59d54bb3a1ff71b34a17762a2d3a980811c9cdc56a72a0e0047a90f8501fe2051e44515a1ff5c6699c6c0a20c4f5ac21c785c63a35103b2b825cdaafba60fcb44077393bc23918033a497f1672967c1dd8e15ef61e8f75d28103160ae38d27fe99cabdfd39b5de938849084af8cb6840ba26a43bb9006aa11c773dee73785", 0x8001) (async)
openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x80100, 0x0) (async)
read$auto_dmaengine_summary_fops_(r5, &(0x7f00000001c0)=""/4096, 0x1000) (async)

7.099360544s ago: executing program 1 (id=2180):
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000800df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x0, 0x300, 0x70bd28, 0x25dfdbff, {}, [@THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000041}, 0x24000008)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311)

6.813067381s ago: executing program 1 (id=2181):
getpgid$auto(0x0)
mlockall$auto(0x2)
mmap$auto(0x0, 0x2020009, 0x6, 0x800000000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
tee$auto(r0, r0, 0x1, 0x5)
shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0xfffffffb)

4.596558216s ago: executing program 6 (id=2184):
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x401, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4241, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000)
r0 = io_uring_setup$auto(0x7, 0x0)
io_uring_register$auto(r0, 0x8, &(0x7f0000001100), 0x3)
openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0)
ioctl$auto(0x3, 0x80004508, 0x10000000000402)
pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3)
msgrcv$auto(0x0, 0x0, 0x4bf, 0x1, 0xed)
close_range$auto(0x2, 0xa, 0x0)

3.548673789s ago: executing program 6 (id=2187):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0)
sendfile$auto(r0, r0, 0x0, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, &(0x7f0000000040))
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/loginuid\x00', 0x309c02, 0x0)

3.28430615s ago: executing program 1 (id=2188):
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
r0 = socket(0xa, 0x2, 0x73)
mmap$auto(0xfffffffffffffc, 0xd8f0, 0x7, 0xeb1, r0, 0xbf47)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
unshare$auto(0x40000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x4020005, 0xe3, 0xeb1, 0x401, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0)
r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x44601, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
unshare$auto(0x20000)
unshare$auto(0x20000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/mac80211_hwsim/hwsim0/net/wlan0/flags\x00', 0x189082, 0x0)
sendfile$auto(r2, r2, 0x0, 0x1)
r3 = gettid()
r4 = pidfd_open$auto(r3, 0x0)
r5 = waitid$auto_P_PIDFD(0x3, r4, &(0x7f00000001c0)={@siginfo_0_0={0x7, 0x401, 0xa2, @_sigchld={r3, 0x0, 0x2, 0x2d, 0x652c}}}, 0x5, &(0x7f0000000240)={{0xc4d, 0xffffffffffffff37}, {0x34, 0x2}, 0x5, 0x1, 0x8, 0x6, 0x4, 0x6, 0xf, 0x6, 0xf, 0x7f, 0x6, 0x5e97, 0xd, 0x5})
prctl$auto_PR_SET_MM_ARG_START(0x7, 0x8, r5, 0x3, 0x6)
r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/profile\x00', 0x40802, 0x0)
read$auto(r6, 0x0, 0xb4d3)
open(0x0, 0x161342, 0x130)
unshare$auto(0xfffffffffffffffd)
r7 = open(0x0, 0x602981, 0x1)
mmap$auto(0x0, 0x1, 0xfd5, 0x12, r7, 0x0)

2.875961813s ago: executing program 6 (id=2190):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
map_shadow_stack$auto(0x40, 0x7, 0x1ff)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ppoll$auto(&(0x7f0000000000)={<r1=>r0, 0x4, 0xc14}, 0x2, 0x0, 0x0, 0x8)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r1, &(0x7f0000000280)=""/278, 0x116)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe)

2.619794981s ago: executing program 4 (id=2191):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0)
sendfile$auto(r0, r0, 0x0, 0x5)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_setup$auto(0xffff, &(0x7f0000000580))
io_setup$auto(0xa, &(0x7f0000000040))
openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/loginuid\x00', 0x309c02, 0x0)

1.99493164s ago: executing program 4 (id=2192):
mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x4000000a, 0x10001, 0x10, 0x2, 0x4, 0xffffffffffffffff, 0xa, "2af0e63f00", 0x0, <r0=>0xffffffffffffffff, 0x955b, 0x8, 0x7, 0x5}, 0x10) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x6, 0x1, '.\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x300, 0x0, 0x801}, 0x0)
bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000040)=@query={@target_fd=r0, 0x5, 0x1, 0x8, 0x7, @prog_cnt=0x8, 0x0, 0x8000000000000000, 0x6, 0x4, 0x8}, 0x0) (async)
setreuid$auto(0x0, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x15, 0x5, 0x0) (async)
write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOI\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0fu\xa8)T\xb5k~\x92d\xd1a\x8c\x84\xac\xa0\x0e\xbcc\x81\x82\xf4v5F\xf7\xce2k\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06', 0xa) (async)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) (async)
landlock_create_ruleset$auto(&(0x7f0000000000)={0x9, 0x402, 0x101}, 0x6, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0)
ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000140))
ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000000))
ioctl$auto_TIOCSTI2(r4, 0x5412, &(0x7f0000000100)="15") (async)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:03/id\x00', 0x0, 0x0)
readv$auto(r5, &(0x7f0000006080)={&(0x7f0000000040), 0xba41}, 0x8) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0xa, 0x3, 0x100)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0xa, 0x801, 0x84)
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0xa, 0x801, 0x84)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)

1.775364431s ago: executing program 4 (id=2193):
migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x301, 0x0)
ustat$auto(0x801, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x48040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000000c0), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x40000403c6f2b, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x6f29, 0x0)
io_uring_setup$auto(0x5, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1adf82, 0x0)
ioctl$auto(0x3, 0x80286f4e, r2)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
r3 = open(0x0, 0x101800, 0xbf)
r4 = socket(0x2, 0x3, 0x100)
splice$auto(r3, 0x0, r4, 0x0, 0x7fffffffffffffff, 0x9)

1.393854584s ago: executing program 4 (id=2194):
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000140), 0x88800, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000b00)={'veth0_to_bridge\x00'})
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4880}, 0x2c050)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
landlock_create_ruleset$auto(&(0x7f0000000000)={0xdaa0, 0x1, 0x9}, 0x9, 0x0)
landlock_restrict_self$auto(r3, 0x0)
symlink$auto(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = socket(0x8, 0x2, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x24, 0x0, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x20}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfd, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sysvipc/msg\x00', 0x420200, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
semctl$auto(0x205, 0x9, 0x0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8955, 0x0)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
landlock_create_ruleset$auto(&(0x7f0000000280)={0x9, 0x1, 0xc6}, 0x6b1, 0xffffffff)
openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x7, 0x0)

1.121180575s ago: executing program 4 (id=2195):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0xa, 0x801, 0x84)
r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$auto_VHOST_GET_BACKEND_FEATURES(r0, 0x8008af26, &(0x7f00000000c0)=0x5)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
listen$auto(0xffffffffffffffff, 0x100006)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x39, 0x7, 0x4, 0x8, 0x5)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x5, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)

521.994934ms ago: executing program 4 (id=2196):
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
bpf$auto(0x6, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2)
mprotect$auto(0x0, 0x806121, 0x6)
r0 = io_uring_setup$auto(0x5, 0x0)
close_range$auto(0x2, r0, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0)
r1 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3c, 0x10000, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x2, 0x9, 0x4, 0xb2, 0x9, 0x0, 0xfffd, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1, 0x6, 0x4, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffe, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x5, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2000000ffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x5]}, 0x202, 0x2000000d)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0)
unshare$auto(0x40000080)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto_SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, 0x0)

454.662811ms ago: executing program 35 (id=2143):
r0 = open(0x0, 0x4242, 0xe1d2b27bdc14aabc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r1)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f00000050c0)={0x0, 0x5c1e, &(0x7f0000005080)={&(0x7f0000002a80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010025bd0500fbdbdf2d06000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="010027ffff00fbdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0xeda47ee5ad433e65}, 0x20000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, r2, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@NFSD_A_SERVER_SCOPE={0x11, 0x4, '*^+\xb0*{(+l}-\xc9\x00'}, @NFSD_A_SERVER_SCOPE={0x6, 0x4, '?\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x9}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xab09}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x80)
sysfs$auto(0x2, 0x1c, 0x0)
r3 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0)
r5 = ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x68)
write$auto_tracing_cpumask_fops_trace(r5, &(0x7f00000000c0)="2b3d23478b", 0x5)
ioctl$auto_FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000100)="0ff1cb9a5e4c89f26556696cdbf24adc9356d02cb0a2bd4a6c2c37232649e1e0d1cc0211d6f181df17ae10077562ba8a74f9c2687680b8c4a0b92a02a1d1aa336c329cdf887e99bba4d288dbeffa75261336e5d061cdba147b12530d491506571aec2ce7193bcbdf0ddf0000becc3e81c186a2220f3282dd98698e7d20e0d5803c2cf6c03c848cc2a86b3c088b32fd77256585567eaec133956a19f694cb4a8716d25c343540fd4b9c99a9739c85f5f4")

0s ago: executing program 1 (id=2198):
r0 = ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000000)=0x2)
bind$auto(r0, &(0x7f0000000040)=@phonet={0x23, 0x3, 0x3, 0x4}, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$auto_SO_BUSY_POLL_BUDGET(r0, 0x7, 0x46, &(0x7f0000000080)='[\x00', 0xfffffff8)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x2, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyzd\x00', 0x0, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x802, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x63742, 0x0)
setresuid$auto(0x8, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x620000, 0x0)
ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0)

kernel console output (not intermixed with test programs):

validate_state+0x129/0x190
[  401.975332][T11088]  ? __pfx_loop_control_ioctl+0x10/0x10
[  401.975363][T11088]  __x64_sys_ioctl+0x18e/0x210
[  401.975392][T11088]  do_syscall_64+0x106/0xf80
[  401.975411][T11088]  ? clear_bhb_loop+0x40/0x90
[  401.975433][T11088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.975452][T11088] RIP: 0033:0x7f021419c819
[  401.975468][T11088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  401.975486][T11088] RSP: 002b:00007f0215020028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  401.975504][T11088] RAX: ffffffffffffffda RBX: 00007f0214415fa0 RCX: 00007f021419c819
[  401.975515][T11088] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002
[  401.975526][T11088] RBP: 00007f0214232c91 R08: 0000000000000000 R09: 0000000000000000
[  401.975536][T11088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  401.975547][T11088] R13: 00007f0214416038 R14: 00007f0214415fa0 R15: 00007fff532d31e8
[  401.975569][T11088]  </TASK>
[  402.564868][T11104] FAULT_INJECTION: forcing a failure.
[  402.564868][T11104] name failslab, interval 1, probability 0, space 0, times 0
[  402.596204][T11104] CPU: 0 UID: 0 PID: 11104 Comm: syz.1.1410 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  402.596238][T11104] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  402.596245][T11104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  402.596256][T11104] Call Trace:
[  402.596262][T11104]  <TASK>
[  402.596270][T11104]  dump_stack_lvl+0x100/0x190
[  402.596306][T11104]  should_fail_ex.cold+0x5/0xa
[  402.596330][T11104]  should_failslab+0xc2/0x120
[  402.596351][T11104]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  402.596380][T11104]  ? mpol_new+0x11b/0x2d0
[  402.596396][T11104]  ? find_held_lock+0x2b/0x80
[  402.596414][T11104]  ? get_pid_task+0xfc/0x250
[  402.596441][T11104]  mpol_new+0x11b/0x2d0
[  402.596459][T11104]  do_mbind+0x210/0xfd0
[  402.596490][T11104]  ? __pfx_do_mbind+0x10/0x10
[  402.596513][T11104]  ? find_held_lock+0x2b/0x80
[  402.596530][T11104]  ? ksys_write+0x190/0x250
[  402.596547][T11104]  ? ksys_write+0x190/0x250
[  402.596574][T11104]  ? __pfx_get_nodes+0x10/0x10
[  402.596592][T11104]  ? __fget_files+0x21f/0x3d0
[  402.596614][T11104]  kernel_mbind+0x1b7/0x200
[  402.596641][T11104]  ? __pfx_kernel_mbind+0x10/0x10
[  402.596672][T11104]  do_syscall_64+0x106/0xf80
[  402.596691][T11104]  ? clear_bhb_loop+0x40/0x90
[  402.596714][T11104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.596734][T11104] RIP: 0033:0x7fbb3e59c819
[  402.596750][T11104] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  402.596767][T11104] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  402.596785][T11104] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  402.596797][T11104] RDX: 0000000000000001 RSI: 0000000000800097 RDI: 00000000001c0000
[  402.596808][T11104] RBP: 00007fbb3f43c090 R08: 0000000000000003 R09: 0000000000000001
[  402.596818][T11104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.596829][T11104] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  402.596851][T11104]  </TASK>
[  403.197592][T11059] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  403.242066][T11059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.321357][T10951] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  403.321380][T10951] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.600812][T11120] netlink: 306 bytes leftover after parsing attributes in process `syz.0.1413'.
[  403.755857][T11129] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1367'.
[  404.248458][T11135] nbd: illegal input index 37139
[  404.673763][T11142] FAULT_INJECTION: forcing a failure.
[  404.673763][T11142] name failslab, interval 1, probability 0, space 0, times 0
[  404.753521][T11142] CPU: 0 UID: 0 PID: 11142 Comm: syz.1.1416 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  404.753557][T11142] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  404.753565][T11142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  404.753577][T11142] Call Trace:
[  404.753583][T11142]  <TASK>
[  404.753591][T11142]  dump_stack_lvl+0x100/0x190
[  404.753633][T11142]  should_fail_ex.cold+0x5/0xa
[  404.753657][T11142]  should_failslab+0xc2/0x120
[  404.753679][T11142]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  404.753710][T11142]  ? alloc_inode+0x68/0x250
[  404.753736][T11142]  ? start_dirop+0x79/0xb0
[  404.753755][T11142]  ? __pfx_rpc_alloc_inode+0x10/0x10
[  404.753782][T11142]  alloc_inode+0x68/0x250
[  404.753808][T11142]  new_inode+0x22/0x1c0
[  404.753832][T11142]  ? dput.part.0+0xdd/0x570
[  404.753861][T11142]  rpc_new_dir+0x96/0x420
[  404.753889][T11142]  rpc_fill_super+0x344/0x4f0
[  404.753918][T11142]  ? __pfx_rpc_fill_super+0x10/0x10
[  404.753945][T11142]  get_tree_keyed+0x10e/0x1d0
[  404.753977][T11142]  vfs_get_tree+0x92/0x320
[  404.754006][T11142]  vfs_cmd_create+0xd7/0x2a0
[  404.754033][T11142]  __do_sys_fsconfig+0x55a/0xcb0
[  404.754061][T11142]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  404.754098][T11142]  do_syscall_64+0x106/0xf80
[  404.754117][T11142]  ? clear_bhb_loop+0x40/0x90
[  404.754150][T11142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.754172][T11142] RIP: 0033:0x7fbb3e59c819
[  404.754190][T11142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  404.754209][T11142] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  404.754227][T11142] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  404.754240][T11142] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[  404.754250][T11142] RBP: 00007fbb3e632c91 R08: 0000000000000000 R09: 0000000000000000
[  404.754261][T11142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  404.754271][T11142] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  404.754295][T11142]  </TASK>
[  406.126445][T11158] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  406.182509][T11158] FAULT_INJECTION: forcing a failure.
[  406.182509][T11158] name failslab, interval 1, probability 0, space 0, times 0
[  406.288664][T11163] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1422'.
[  406.329950][T11158] CPU: 0 UID: 0 PID: 11158 Comm: syz.4.1422 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  406.329984][T11158] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  406.329991][T11158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  406.330003][T11158] Call Trace:
[  406.330009][T11158]  <TASK>
[  406.330016][T11158]  dump_stack_lvl+0x100/0x190
[  406.330050][T11158]  should_fail_ex.cold+0x5/0xa
[  406.330074][T11158]  should_failslab+0xc2/0x120
[  406.330096][T11158]  __kmalloc_cache_noprof+0x7a/0x6f0
[  406.330123][T11158]  ? trace_pid_list_alloc+0x2fe/0x480
[  406.330156][T11158]  trace_pid_list_alloc+0x2fe/0x480
[  406.330189][T11158]  trace_pid_write+0x110/0x460
[  406.330219][T11158]  ? __pfx_trace_pid_write+0x10/0x10
[  406.330262][T11158]  event_pid_write.isra.0+0x1e4/0x800
[  406.330282][T11158]  ? __pfx_event_pid_write.isra.0+0x10/0x10
[  406.330308][T11158]  vfs_write+0x2aa/0x1070
[  406.330327][T11158]  ? __pfx_ftrace_event_npid_write+0x10/0x10
[  406.330355][T11158]  ? __pfx_vfs_write+0x10/0x10
[  406.330372][T11158]  ? __fget_files+0x215/0x3d0
[  406.330395][T11158]  ? __fget_files+0x21f/0x3d0
[  406.330420][T11158]  ksys_write+0x12a/0x250
[  406.330438][T11158]  ? __pfx_ksys_write+0x10/0x10
[  406.330462][T11158]  do_syscall_64+0x106/0xf80
[  406.330481][T11158]  ? clear_bhb_loop+0x40/0x90
[  406.330505][T11158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.330525][T11158] RIP: 0033:0x7f2be459c819
[  406.330541][T11158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  406.330558][T11158] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  406.330576][T11158] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  406.330587][T11158] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  406.330598][T11158] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  406.330608][T11158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  406.330618][T11158] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  406.330642][T11158]  </TASK>
[  407.257124][T11175] vivid-007: =================  START STATUS  =================
[  407.313136][T11177] QAT: Device 252 not found
[  407.350533][T11177] FAULT_INJECTION: forcing a failure.
[  407.350533][T11177] name failslab, interval 1, probability 0, space 0, times 0
[  407.368412][T11175] vivid-007: Generate PTS: true
[  407.448531][T11177] CPU: 0 UID: 0 PID: 11177 Comm: syz.3.1426 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  407.448565][T11177] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  407.448572][T11177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  407.448583][T11177] Call Trace:
[  407.448589][T11177]  <TASK>
[  407.448596][T11177]  dump_stack_lvl+0x100/0x190
[  407.448630][T11177]  should_fail_ex.cold+0x5/0xa
[  407.448652][T11177]  ? tomoyo_realpath_from_path+0xb6/0x690
[  407.448680][T11177]  should_failslab+0xc2/0x120
[  407.448701][T11177]  __kmalloc_noprof+0xe0/0x850
[  407.448735][T11177]  tomoyo_realpath_from_path+0xb6/0x690
[  407.448773][T11177]  tomoyo_path_number_perm+0x23c/0x580
[  407.448795][T11177]  ? tomoyo_path_number_perm+0x22e/0x580
[  407.448820][T11177]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  407.448866][T11177]  ? find_held_lock+0x2b/0x80
[  407.448884][T11177]  ? __fget_files+0x215/0x3d0
[  407.448902][T11177]  ? hook_file_ioctl_common+0x146/0x410
[  407.448930][T11177]  ? __fget_files+0x21f/0x3d0
[  407.448953][T11177]  security_file_ioctl+0xd3/0x230
[  407.448978][T11177]  __x64_sys_ioctl+0xb7/0x210
[  407.449008][T11177]  do_syscall_64+0x106/0xf80
[  407.449027][T11177]  ? clear_bhb_loop+0x40/0x90
[  407.449056][T11177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  407.449075][T11177] RIP: 0033:0x7fa14a19c819
[  407.449091][T11177] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  407.449108][T11177] RSP: 002b:00007fa14af85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  407.449127][T11177] RAX: ffffffffffffffda RBX: 00007fa14a415fa0 RCX: 00007fa14a19c819
[  407.449139][T11177] RDX: 0000000000000000 RSI: 00000000000007aa RDI: 000000000000000a
[  407.449150][T11177] RBP: 00007fa14af85090 R08: 0000000000000000 R09: 0000000000000000
[  407.449160][T11177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  407.449170][T11177] R13: 00007fa14a416038 R14: 00007fa14a415fa0 R15: 00007ffca359e1e8
[  407.449193][T11177]  </TASK>
[  407.449225][T11177] ERROR: Out of memory at tomoyo_realpath_from_path.
[  407.676350][T11175] vivid-007: Generate SCR: true
[  407.741788][T11175] tpg source WxH: 320x240 (Y'CbCr)
[  407.746981][T11175] tpg field: 1
[  407.890455][T11175] tpg crop: (0,0)/320x240
[  407.991523][T11175] tpg compose: (0,0)/320x240
[  407.996729][T11175] tpg colorspace: 8
[  408.037873][T11175] tpg transfer function: 0/0
[  408.058622][T11175] tpg Y'CbCr encoding: 0/0
[  408.089209][T11175] tpg quantization: 0/0
[  408.094517][T11175] tpg RGB range: 0/2
[  408.123874][T11175] vivid-007: ==================  END STATUS  ==================
[  414.205393][T11284] FAULT_INJECTION: forcing a failure.
[  414.205393][T11284] name fail_futex, interval 1, probability 0, space 0, times 0
[  414.333655][T11284] CPU: 0 UID: 0 PID: 11284 Comm: syz.0.1456 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  414.333690][T11284] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  414.333698][T11284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  414.333710][T11284] Call Trace:
[  414.333717][T11284]  <TASK>
[  414.333726][T11284]  dump_stack_lvl+0x100/0x190
[  414.333760][T11284]  should_fail_ex.cold+0x5/0xa
[  414.333782][T11284]  get_futex_key+0x1d2/0x1620
[  414.333812][T11284]  ? __pfx_get_futex_key+0x10/0x10
[  414.333837][T11284]  ? kasan_quarantine_put+0x104/0x240
[  414.333868][T11284]  ? lockdep_hardirqs_on+0x78/0x100
[  414.333892][T11284]  futex_wake+0xea/0x530
[  414.333920][T11284]  ? find_held_lock+0x2b/0x80
[  414.333939][T11284]  ? __pfx_futex_wake+0x10/0x10
[  414.333973][T11284]  ? ksys_write+0x190/0x250
[  414.333996][T11284]  ? ksys_write+0x190/0x250
[  414.334025][T11284]  do_futex+0x32b/0x350
[  414.334051][T11284]  ? __pfx_do_futex+0x10/0x10
[  414.334082][T11284]  __x64_sys_futex+0x34f/0x4d0
[  414.334111][T11284]  ? __pfx___x64_sys_futex+0x10/0x10
[  414.334145][T11284]  do_syscall_64+0x106/0xf80
[  414.334181][T11284]  ? clear_bhb_loop+0x40/0x90
[  414.334204][T11284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.334245][T11284] RIP: 0033:0x7f021419c819
[  414.334262][T11284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  414.334279][T11284] RSP: 002b:00007f02150200e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  414.334298][T11284] RAX: ffffffffffffffda RBX: 00007f0214415fa8 RCX: 00007f021419c819
[  414.334310][T11284] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0214415fac
[  414.334322][T11284] RBP: 00007f0214415fa0 R08: 0000000000000000 R09: 0000000000000000
[  414.334333][T11284] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000
[  414.334345][T11284] R13: 00007f0214416038 R14: 00007fff532d3100 R15: 00007fff532d31e8
[  414.334367][T11284]  </TASK>
[  415.366727][T11302] FAULT_INJECTION: forcing a failure.
[  415.366727][T11302] name failslab, interval 1, probability 0, space 0, times 0
[  415.388914][T11239] Process accounting resumed
[  415.460552][T11302] CPU: 0 UID: 0 PID: 11302 Comm: syz.1.1461 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  415.460589][T11302] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  415.460596][T11302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  415.460609][T11302] Call Trace:
[  415.460615][T11302]  <TASK>
[  415.460622][T11302]  dump_stack_lvl+0x100/0x190
[  415.460655][T11302]  should_fail_ex.cold+0x5/0xa
[  415.460678][T11302]  should_failslab+0xc2/0x120
[  415.460700][T11302]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  415.460730][T11302]  ? __anon_vma_prepare+0x344/0x5e0
[  415.460762][T11302]  __anon_vma_prepare+0x344/0x5e0
[  415.460792][T11302]  __vmf_anon_prepare+0x11f/0x250
[  415.460817][T11302]  do_anonymous_page+0x552/0x1fb0
[  415.460845][T11302]  ? __handle_mm_fault+0x17aa/0x2b60
[  415.460876][T11302]  __handle_mm_fault+0x1d48/0x2b60
[  415.460909][T11302]  ? __pfx___handle_mm_fault+0x10/0x10
[  415.460938][T11302]  ? pte_offset_map_lock+0x174/0x320
[  415.460959][T11302]  ? find_held_lock+0x2b/0x80
[  415.460985][T11302]  ? follow_page_pte+0x5b3/0x1400
[  415.461012][T11302]  handle_mm_fault+0x36d/0xa20
[  415.461043][T11302]  __get_user_pages+0xf9c/0x34d0
[  415.461073][T11302]  ? __pfx___get_user_pages+0x10/0x10
[  415.461102][T11302]  populate_vma_page_range+0x267/0x3f0
[  415.461128][T11302]  ? __pfx_populate_vma_page_range+0x10/0x10
[  415.461152][T11302]  ? __pfx_find_vma_intersection+0x10/0x10
[  415.461175][T11302]  ? do_mmap+0x93f/0x12f0
[  415.461199][T11302]  __mm_populate+0x107/0x3a0
[  415.461236][T11302]  ? __pfx___mm_populate+0x10/0x10
[  415.461264][T11302]  ? up_write+0x290/0x4f0
[  415.461295][T11302]  vm_mmap_pgoff+0x37f/0x470
[  415.461321][T11302]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  415.461345][T11302]  ? do_futex+0x192/0x350
[  415.461370][T11302]  ? __pfx_do_futex+0x10/0x10
[  415.461400][T11302]  ksys_mmap_pgoff+0xe1/0x650
[  415.461421][T11302]  ? __x64_sys_futex+0x34f/0x4d0
[  415.461445][T11302]  ? __x64_sys_futex+0x358/0x4d0
[  415.461470][T11302]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  415.461492][T11302]  ? xfd_validate_state+0x129/0x190
[  415.461523][T11302]  __x64_sys_mmap+0x125/0x190
[  415.461554][T11302]  do_syscall_64+0x106/0xf80
[  415.461573][T11302]  ? clear_bhb_loop+0x40/0x90
[  415.461596][T11302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.461615][T11302] RIP: 0033:0x7fbb3e59c819
[  415.461632][T11302] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  415.461650][T11302] RSP: 002b:00007fbb3f41b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  415.461669][T11302] RAX: ffffffffffffffda RBX: 00007fbb3e816090 RCX: 00007fbb3e59c819
[  415.461680][T11302] RDX: 00000000000000db RSI: 000000000000000a RDI: 0000000000000000
[  415.461691][T11302] RBP: 00007fbb3e632c91 R08: 0000000000000005 R09: 0000000000008000
[  415.461702][T11302] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  415.461712][T11302] R13: 00007fbb3e816128 R14: 00007fbb3e816090 R15: 00007ffc30191588
[  415.461736][T11302]  </TASK>
[  418.212780][T11343] netlink: 'syz.3.1473': attribute type 8 has an invalid length.
[  418.425119][T11345] FAULT_INJECTION: forcing a failure.
[  418.425119][T11345] name failslab, interval 1, probability 0, space 0, times 0
[  418.468907][T11345] CPU: 0 UID: 0 PID: 11345 Comm: syz.1.1474 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  418.468942][T11345] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  418.468949][T11345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  418.468960][T11345] Call Trace:
[  418.468967][T11345]  <TASK>
[  418.468974][T11345]  dump_stack_lvl+0x100/0x190
[  418.469021][T11345]  should_fail_ex.cold+0x5/0xa
[  418.469043][T11345]  should_failslab+0xc2/0x120
[  418.469066][T11345]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  418.469095][T11345]  ? vm_area_alloc+0x1f/0x160
[  418.469120][T11345]  ? vma_merge_new_range+0x38b/0xa30
[  418.469151][T11345]  vm_area_alloc+0x1f/0x160
[  418.469178][T11345]  __mmap_region+0x10cc/0x29e0
[  418.469209][T11345]  ? __pfx___mmap_region+0x10/0x10
[  418.469272][T11345]  ? lockdep_hardirqs_on+0x78/0x100
[  418.469292][T11345]  ? finish_task_switch.isra.0+0x205/0xb80
[  418.469313][T11345]  ? rcu_is_watching+0x12/0xc0
[  418.469367][T11345]  ? rcu_is_watching+0x12/0xc0
[  418.469395][T11345]  ? cap_capable+0x107/0x460
[  418.469418][T11345]  mmap_region+0x180/0x3e0
[  418.469451][T11345]  do_mmap+0xc63/0x12f0
[  418.469476][T11345]  ? __pfx_do_mmap+0x10/0x10
[  418.469497][T11345]  ? __pfx_down_write_killable+0x10/0x10
[  418.469524][T11345]  vm_mmap_pgoff+0x29e/0x470
[  418.469550][T11345]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  418.469573][T11345]  ? do_futex+0x192/0x350
[  418.469598][T11345]  ? __pfx_do_futex+0x10/0x10
[  418.469623][T11345]  ? fd_install+0x223/0x580
[  418.469644][T11345]  ksys_mmap_pgoff+0xe1/0x650
[  418.469664][T11345]  ? __x64_sys_futex+0x34f/0x4d0
[  418.469688][T11345]  ? __x64_sys_futex+0x358/0x4d0
[  418.469713][T11345]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  418.469733][T11345]  ? xfd_validate_state+0x129/0x190
[  418.469764][T11345]  __x64_sys_mmap+0x125/0x190
[  418.469795][T11345]  do_syscall_64+0x106/0xf80
[  418.469813][T11345]  ? clear_bhb_loop+0x40/0x90
[  418.469835][T11345]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.469853][T11345] RIP: 0033:0x7fbb3e59c819
[  418.469869][T11345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  418.469887][T11345] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  418.469905][T11345] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  418.469921][T11345] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000
[  418.469931][T11345] RBP: 00007fbb3e632c91 R08: 0000000000000002 R09: 0000000000008000
[  418.469942][T11345] R10: 00000000000000f1 R11: 0000000000000246 R12: 0000000000000000
[  418.469953][T11345] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  418.469977][T11345]  </TASK>
[  419.048875][T11348] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4)
[  419.801604][T11366] FAULT_INJECTION: forcing a failure.
[  419.801604][T11366] name failslab, interval 1, probability 0, space 0, times 0
[  419.870966][T11366] CPU: 0 UID: 0 PID: 11366 Comm: syz.1.1480 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  419.871006][T11366] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  419.871013][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  419.871024][T11366] Call Trace:
[  419.871030][T11366]  <TASK>
[  419.871038][T11366]  dump_stack_lvl+0x100/0x190
[  419.871071][T11366]  should_fail_ex.cold+0x5/0xa
[  419.871094][T11366]  ? tomoyo_supervisor+0x65d/0x1340
[  419.871112][T11366]  should_failslab+0xc2/0x120
[  419.871132][T11366]  __kmalloc_noprof+0xe0/0x850
[  419.871167][T11366]  tomoyo_supervisor+0x65d/0x1340
[  419.871189][T11366]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  419.871222][T11366]  ? tomoyo_check_path_acl+0x141/0x210
[  419.871246][T11366]  ? tomoyo_check_acl+0x1f7/0x410
[  419.871269][T11366]  tomoyo_path_permission+0x270/0x3b0
[  419.871294][T11366]  tomoyo_check_open_permission+0x34d/0x3c0
[  419.871318][T11366]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  419.871364][T11366]  ? do_raw_spin_lock+0x128/0x260
[  419.871394][T11366]  ? path_get+0x61/0x80
[  419.871417][T11366]  tomoyo_file_open+0x6b/0x90
[  419.871436][T11366]  security_file_open+0xb5/0x1e0
[  419.871463][T11366]  do_dentry_open+0x5aa/0x1660
[  419.871484][T11366]  ? security_inode_permission+0xbf/0x250
[  419.871511][T11366]  vfs_open+0x82/0x3f0
[  419.871538][T11366]  path_openat+0x208c/0x31a0
[  419.871566][T11366]  ? __pfx_path_openat+0x10/0x10
[  419.871595][T11366]  do_file_open+0x20e/0x430
[  419.871616][T11366]  ? __pfx_do_file_open+0x10/0x10
[  419.871653][T11366]  ? alloc_fd+0x476/0x790
[  419.871674][T11366]  ? do_getname+0x191/0x390
[  419.871700][T11366]  do_sys_openat2+0x10d/0x1e0
[  419.871726][T11366]  ? __pfx_do_sys_openat2+0x10/0x10
[  419.871760][T11366]  __x64_sys_openat+0x12d/0x210
[  419.871787][T11366]  ? __pfx___x64_sys_openat+0x10/0x10
[  419.871821][T11366]  do_syscall_64+0x106/0xf80
[  419.871841][T11366]  ? clear_bhb_loop+0x40/0x90
[  419.871864][T11366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.871882][T11366] RIP: 0033:0x7fbb3e59c819
[  419.871905][T11366] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  419.871923][T11366] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  419.871941][T11366] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  419.871953][T11366] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  419.871964][T11366] RBP: 00007fbb3e632c91 R08: 0000000000000000 R09: 0000000000000000
[  419.871974][T11366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  419.871986][T11366] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  419.872010][T11366]  </TASK>
[  424.326603][T11399] FAULT_INJECTION: forcing a failure.
[  424.326603][T11399] name failslab, interval 1, probability 0, space 0, times 0
[  424.326650][T11399] CPU: 0 UID: 0 PID: 11399 Comm: syz.4.1490 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  424.326677][T11399] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  424.326684][T11399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  424.326695][T11399] Call Trace:
[  424.326701][T11399]  <TASK>
[  424.326708][T11399]  dump_stack_lvl+0x100/0x190
[  424.326743][T11399]  should_fail_ex.cold+0x5/0xa
[  424.326765][T11399]  ? tomoyo_realpath_from_path+0xb6/0x690
[  424.326793][T11399]  should_failslab+0xc2/0x120
[  424.326814][T11399]  __kmalloc_noprof+0xe0/0x850
[  424.326848][T11399]  tomoyo_realpath_from_path+0xb6/0x690
[  424.326881][T11399]  tomoyo_path_number_perm+0x23c/0x580
[  424.326904][T11399]  ? tomoyo_path_number_perm+0x22e/0x580
[  424.326928][T11399]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  424.326954][T11399]  ? lock_acquire+0x1cf/0x380
[  424.326997][T11399]  ? find_held_lock+0x2b/0x80
[  424.327015][T11399]  ? __fget_files+0x215/0x3d0
[  424.327032][T11399]  ? hook_file_ioctl_common+0x146/0x410
[  424.327061][T11399]  ? __fget_files+0x21f/0x3d0
[  424.327083][T11399]  security_file_ioctl+0xd3/0x230
[  424.327108][T11399]  __x64_sys_ioctl+0xb7/0x210
[  424.327151][T11399]  do_syscall_64+0x106/0xf80
[  424.327170][T11399]  ? clear_bhb_loop+0x40/0x90
[  424.327193][T11399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.327212][T11399] RIP: 0033:0x7f2be459c819
[  424.327234][T11399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  424.327252][T11399] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  424.327270][T11399] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  424.327282][T11399] RDX: 0000200000000040 RSI: 0000000000005419 RDI: 0000000000000003
[  424.327293][T11399] RBP: 00007f2be27f6090 R08: 0000000000000000 R09: 0000000000000000
[  424.327308][T11399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  424.327319][T11399] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  424.327342][T11399]  </TASK>
[  424.349692][T11399] ERROR: Out of memory at tomoyo_realpath_from_path.
[  424.956391][T11406] FAULT_INJECTION: forcing a failure.
[  424.956391][T11406] name failslab, interval 1, probability 0, space 0, times 0
[  424.956428][T11406] CPU: 0 UID: 0 PID: 11406 Comm: syz.1.1492 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  424.956457][T11406] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  424.956464][T11406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  424.956474][T11406] Call Trace:
[  424.956480][T11406]  <TASK>
[  424.956487][T11406]  dump_stack_lvl+0x100/0x190
[  424.956518][T11406]  should_fail_ex.cold+0x5/0xa
[  424.956540][T11406]  should_failslab+0xc2/0x120
[  424.956562][T11406]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  424.956592][T11406]  ? alloc_inode+0x183/0x250
[  424.956617][T11406]  ? alloc_fd+0x476/0x790
[  424.956644][T11406]  alloc_inode+0x183/0x250
[  424.956670][T11406]  alloc_anon_inode+0x2a/0x3e0
[  424.956691][T11406]  anon_inode_make_secure_inode+0x2f/0x140
[  424.956718][T11406]  __do_sys_memfd_secret+0xd7/0x3d0
[  424.956740][T11406]  do_syscall_64+0x106/0xf80
[  424.956758][T11406]  ? clear_bhb_loop+0x40/0x90
[  424.956781][T11406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.956800][T11406] RIP: 0033:0x7fbb3e59c819
[  424.956816][T11406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  424.956834][T11406] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf
[  424.956853][T11406] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  424.956865][T11406] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  424.956875][T11406] RBP: 00007fbb3e632c91 R08: 0000000000000000 R09: 0000000000000000
[  424.956895][T11406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  424.956906][T11406] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  424.956930][T11406]  </TASK>
[  426.413102][T11419] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1496'.
[  428.752042][T11463] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1507'.
[  428.937138][T11463] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.053291][T11463] bridge_slave_1 (unregistering): left allmulticast mode
[  429.088306][T11463] bridge_slave_1 (unregistering): left promiscuous mode
[  429.114768][T11463] bridge0: port 2(bridge_slave_1) entered disabled state
[  429.652550][T11476] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1513'.
[  429.738731][T11476] IPv6: NLM_F_CREATE should be specified when creating new route
[  432.280142][T11511] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead.
[  432.779083][T11506] futex_wake_op: syz.4.1520 tries to shift op by -2048; fix this program
[  433.359465][T11525] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3)
[  433.654938][T11527] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1526'.
[  433.716044][T11530] FAULT_INJECTION: forcing a failure.
[  433.716044][T11530] name fail_futex, interval 1, probability 0, space 0, times 0
[  433.846569][T11530] CPU: 0 UID: 0 PID: 11530 Comm: syz.0.1527 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  433.846605][T11530] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  433.846612][T11530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  433.846624][T11530] Call Trace:
[  433.846631][T11530]  <TASK>
[  433.846638][T11530]  dump_stack_lvl+0x100/0x190
[  433.846670][T11530]  should_fail_ex.cold+0x5/0xa
[  433.846692][T11530]  get_futex_key+0x1d2/0x1620
[  433.846720][T11530]  ? __pfx_get_futex_key+0x10/0x10
[  433.846742][T11530]  ? __pfx_stack_trace_save+0x10/0x10
[  433.846762][T11530]  ? stack_depot_save_flags+0x27/0x9d0
[  433.846790][T11530]  ? __lock_acquire+0x4a5/0x2630
[  433.846818][T11530]  futex_wait_setup+0x83/0x510
[  433.846854][T11530]  __futex_wait+0x19f/0x300
[  433.846884][T11530]  ? __pfx___futex_wait+0x10/0x10
[  433.846917][T11530]  ? __pfx_futex_wake_mark+0x10/0x10
[  433.846949][T11530]  ? futex_hash+0x2c5/0x380
[  433.846978][T11530]  futex_wait+0xed/0x380
[  433.847007][T11530]  ? __pfx_futex_wait+0x10/0x10
[  433.847052][T11530]  ? do_getname+0x191/0x390
[  433.847081][T11530]  do_futex+0x1ef/0x350
[  433.847106][T11530]  ? __pfx_do_futex+0x10/0x10
[  433.847137][T11530]  __x64_sys_futex+0x34f/0x4d0
[  433.847164][T11530]  ? __pfx___x64_sys_mq_open+0x10/0x10
[  433.847185][T11530]  ? __pfx___x64_sys_futex+0x10/0x10
[  433.847220][T11530]  do_syscall_64+0x106/0xf80
[  433.847239][T11530]  ? clear_bhb_loop+0x40/0x90
[  433.847261][T11530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.847280][T11530] RIP: 0033:0x7f021419c819
[  433.847295][T11530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  433.847312][T11530] RSP: 002b:00007f02150200e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  433.847330][T11530] RAX: ffffffffffffffda RBX: 00007f0214415fa8 RCX: 00007f021419c819
[  433.847342][T11530] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0214415fa8
[  433.847353][T11530] RBP: 00007f0214415fa0 R08: 0000000000000000 R09: 0000000000000000
[  433.847363][T11530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  433.847374][T11530] R13: 00007f0214416038 R14: 00007fff532d3100 R15: 00007fff532d31e8
[  433.847397][T11530]  </TASK>
[  434.754363][T11541] mkiss: ax0: crc mode is auto.
[  436.527988][T11574] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1542'.
[  439.917438][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  439.928306][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  444.164966][T11697] FAULT_INJECTION: forcing a failure.
[  444.164966][T11697] name failslab, interval 1, probability 0, space 0, times 0
[  444.214698][T11697] CPU: 0 UID: 0 PID: 11697 Comm: syz.4.1578 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  444.214739][T11697] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  444.214746][T11697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  444.214762][T11697] Call Trace:
[  444.214769][T11697]  <TASK>
[  444.214777][T11697]  dump_stack_lvl+0x100/0x190
[  444.214812][T11697]  should_fail_ex.cold+0x5/0xa
[  444.214835][T11697]  ? __seq_open_private+0x22/0xd0
[  444.214864][T11697]  should_failslab+0xc2/0x120
[  444.214885][T11697]  __kmalloc_noprof+0xe0/0x850
[  444.214919][T11697]  ? __pfx_stats_fop_open+0x10/0x10
[  444.214944][T11697]  __seq_open_private+0x22/0xd0
[  444.214973][T11697]  sc_common_open+0x6b/0x200
[  444.214999][T11697]  full_proxy_open_regular+0x1b6/0x370
[  444.215023][T11697]  do_dentry_open+0x6d8/0x1660
[  444.215042][T11697]  ? __pfx_full_proxy_open_regular+0x10/0x10
[  444.215067][T11697]  vfs_open+0x82/0x3f0
[  444.215093][T11697]  path_openat+0x208c/0x31a0
[  444.215121][T11697]  ? __pfx_path_openat+0x10/0x10
[  444.215150][T11697]  do_file_open+0x20e/0x430
[  444.215172][T11697]  ? __pfx_do_file_open+0x10/0x10
[  444.215209][T11697]  ? alloc_fd+0x476/0x790
[  444.215229][T11697]  ? do_getname+0x191/0x390
[  444.215255][T11697]  do_sys_openat2+0x10d/0x1e0
[  444.215281][T11697]  ? __pfx_do_sys_openat2+0x10/0x10
[  444.215308][T11697]  ? __fget_files+0x21f/0x3d0
[  444.215331][T11697]  __x64_sys_openat+0x12d/0x210
[  444.215357][T11697]  ? __pfx___x64_sys_openat+0x10/0x10
[  444.215392][T11697]  do_syscall_64+0x106/0xf80
[  444.215411][T11697]  ? clear_bhb_loop+0x40/0x90
[  444.215434][T11697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.215452][T11697] RIP: 0033:0x7f2be459c819
[  444.215468][T11697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  444.215485][T11697] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  444.215503][T11697] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  444.215515][T11697] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c
[  444.215544][T11697] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  444.215554][T11697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  444.215565][T11697] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  444.215588][T11697]  </TASK>
[  445.486129][T11693] Process accounting paused
[  446.565099][T11724] netlink: 'syz.1.1587': attribute type 3 has an invalid length.
[  446.585857][T11724] netlink: 4116 bytes leftover after parsing attributes in process `syz.1.1587'.
[  448.077905][T10947] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  448.368291][T11751] FAULT_INJECTION: forcing a failure.
[  448.368291][T11751] name fail_futex, interval 1, probability 0, space 0, times 0
[  448.453163][T11751] CPU: 0 UID: 0 PID: 11751 Comm: syz.1.1593 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  448.453198][T11751] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  448.453205][T11751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  448.453215][T11751] Call Trace:
[  448.453222][T11751]  <TASK>
[  448.453230][T11751]  dump_stack_lvl+0x100/0x190
[  448.453263][T11751]  should_fail_ex.cold+0x5/0xa
[  448.453286][T11751]  get_futex_key+0x1d2/0x1620
[  448.453312][T11751]  ? __pfx_get_futex_key+0x10/0x10
[  448.453335][T11751]  ? find_held_lock+0x2b/0x80
[  448.453353][T11751]  ? futex_wake+0x456/0x530
[  448.453386][T11751]  futex_wake+0xea/0x530
[  448.453416][T11751]  ? __pfx_futex_wake+0x10/0x10
[  448.453454][T11751]  do_futex+0x32b/0x350
[  448.453479][T11751]  ? __pfx_do_futex+0x10/0x10
[  448.453509][T11751]  __x64_sys_futex+0x34f/0x4d0
[  448.453536][T11751]  ? fdget_pos+0x2c0/0x380
[  448.453557][T11751]  ? __pfx___x64_sys_futex+0x10/0x10
[  448.453581][T11751]  ? ksys_write+0x1ac/0x250
[  448.453598][T11751]  ? __pfx_ksys_write+0x10/0x10
[  448.453622][T11751]  do_syscall_64+0x106/0xf80
[  448.453641][T11751]  ? clear_bhb_loop+0x40/0x90
[  448.453663][T11751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.453681][T11751] RIP: 0033:0x7fbb3e59c819
[  448.453697][T11751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  448.453725][T11751] RSP: 002b:00007fbb3f43c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  448.453744][T11751] RAX: ffffffffffffffda RBX: 00007fbb3e815fa8 RCX: 00007fbb3e59c819
[  448.453756][T11751] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbb3e815fac
[  448.453767][T11751] RBP: 00007fbb3e815fa0 R08: 0000000000000000 R09: 0000000000000000
[  448.453778][T11751] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  448.453789][T11751] R13: 00007fbb3e816038 R14: 00007ffc301914a0 R15: 00007ffc30191588
[  448.453812][T11751]  </TASK>
[  449.931839][T11776] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  449.931839][T11776] The task syz.3.1600 (11776) triggered the difference, watch for misbehavior.
[  451.596953][T11791] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1604'.
[  451.792959][T11793] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1605'.
[  451.836820][T11793] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1605'.
[  452.683228][T11806] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  452.697084][T11806] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  452.707076][T11806] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  452.719314][T11806] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  452.733068][T11806] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  453.109673][T11815] FAULT_INJECTION: forcing a failure.
[  453.109673][T11815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  453.160127][T11814] random: crng reseeded on system resumption
[  453.212925][T11815] CPU: 0 UID: 0 PID: 11815 Comm: syz.3.1609 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  453.212960][T11815] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  453.212970][T11815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  453.212981][T11815] Call Trace:
[  453.212987][T11815]  <TASK>
[  453.212994][T11815]  dump_stack_lvl+0x100/0x190
[  453.213031][T11815]  should_fail_ex.cold+0x5/0xa
[  453.213053][T11815]  _copy_from_user+0x2e/0xd0
[  453.213079][T11815]  __sys_bpf+0x243/0x4b90
[  453.213104][T11815]  ? __pfx___sys_bpf+0x10/0x10
[  453.213125][T11815]  ? proc_fail_nth_write+0x9f/0x220
[  453.213150][T11815]  ? find_held_lock+0x2b/0x80
[  453.213173][T11815]  ? find_held_lock+0x2b/0x80
[  453.213190][T11815]  ? ksys_write+0x190/0x250
[  453.213213][T11815]  ? __mutex_unlock_slowpath+0x15c/0x790
[  453.213235][T11815]  ? __fget_files+0x215/0x3d0
[  453.213265][T11815]  ? fput+0x79/0x100
[  453.213287][T11815]  ? ksys_write+0x1ac/0x250
[  453.213305][T11815]  ? __pfx_ksys_write+0x10/0x10
[  453.213326][T11815]  __x64_sys_bpf+0x7b/0xc0
[  453.213349][T11815]  ? lockdep_hardirqs_on+0x78/0x100
[  453.213368][T11815]  do_syscall_64+0x106/0xf80
[  453.213387][T11815]  ? clear_bhb_loop+0x40/0x90
[  453.213409][T11815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.213428][T11815] RIP: 0033:0x7fa14a19c819
[  453.213444][T11815] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  453.213463][T11815] RSP: 002b:00007fa14af85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  453.213481][T11815] RAX: ffffffffffffffda RBX: 00007fa14a415fa0 RCX: 00007fa14a19c819
[  453.213493][T11815] RDX: 0000000000000171 RSI: 0000200000000000 RDI: 0000000000000006
[  453.213504][T11815] RBP: 00007fa14af85090 R08: 0000000000000000 R09: 0000000000000000
[  453.213514][T11815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  453.213525][T11815] R13: 00007fa14a416038 R14: 00007fa14a415fa0 R15: 00007ffca359e1e8
[  453.213547][T11815]  </TASK>
[  453.461528][T11814] Restarting kernel threads ...
[  453.467085][T11814] Done restarting kernel threads.
[  454.439991][T11806] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  454.603538][T11828] FAULT_INJECTION: forcing a failure.
[  454.603538][T11828] name fail_futex, interval 1, probability 0, space 0, times 0
[  454.683536][T11805] chnl_net:caif_netlink_parms(): no params data found
[  454.790683][T11806] Bluetooth: hci5: command tx timeout
[  454.817744][T11828] CPU: 0 UID: 0 PID: 11828 Comm: syz.3.1613 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  454.817777][T11828] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  454.817784][T11828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  454.817795][T11828] Call Trace:
[  454.817809][T11828]  <TASK>
[  454.817816][T11828]  dump_stack_lvl+0x100/0x190
[  454.817856][T11828]  should_fail_ex.cold+0x5/0xa
[  454.817874][T11828]  ? rcu_is_watching+0x12/0xc0
[  454.817906][T11828]  get_futex_key+0x295/0x1620
[  454.817932][T11828]  ? __pfx_get_futex_key+0x10/0x10
[  454.817954][T11828]  ? lock_acquire+0x1cf/0x380
[  454.817985][T11828]  futex_wake+0xea/0x530
[  454.818016][T11828]  ? __pfx_futex_wake+0x10/0x10
[  454.818046][T11828]  ? exit_mm_release+0x19/0x30
[  454.818075][T11828]  do_futex+0x32b/0x350
[  454.818101][T11828]  ? __pfx_do_futex+0x10/0x10
[  454.818124][T11828]  ? __might_fault+0xc5/0x140
[  454.818158][T11828]  mm_release+0x24a/0x2f0
[  454.818179][T11828]  do_exit+0x704/0x2b60
[  454.818207][T11828]  ? __pfx_do_exit+0x10/0x10
[  454.818232][T11828]  ? do_raw_spin_lock+0x128/0x260
[  454.818260][T11828]  ? find_held_lock+0x2b/0x80
[  454.818277][T11828]  ? get_signal+0x7e0/0x21e0
[  454.818299][T11828]  do_group_exit+0xd5/0x2a0
[  454.818327][T11828]  get_signal+0x1ec7/0x21e0
[  454.818355][T11828]  ? __pfx_get_signal+0x10/0x10
[  454.818376][T11828]  ? do_futex+0x192/0x350
[  454.818404][T11828]  arch_do_signal_or_restart+0x91/0x770
[  454.818429][T11828]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  454.818459][T11828]  ? __pfx___x64_sys_futex+0x10/0x10
[  454.818490][T11828]  exit_to_user_mode_loop+0x86/0x4a0
[  454.818517][T11828]  do_syscall_64+0x668/0xf80
[  454.818536][T11828]  ? clear_bhb_loop+0x40/0x90
[  454.818558][T11828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.818577][T11828] RIP: 0033:0x7fa14a19c819
[  454.818592][T11828] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  454.818610][T11828] RSP: 002b:00007fa14af850e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  454.818627][T11828] RAX: fffffffffffffe00 RBX: 00007fa14a415fa8 RCX: 00007fa14a19c819
[  454.818639][T11828] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa14a415fa8
[  454.818650][T11828] RBP: 00007fa14a415fa0 R08: 0000000000000000 R09: 0000000000000000
[  454.818660][T11828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  454.818671][T11828] R13: 00007fa14a416038 R14: 00007ffca359e100 R15: 00007ffca359e1e8
[  454.818692][T11828]  </TASK>
[  455.705875][T11805] bridge0: port 1(bridge_slave_0) entered blocking state
[  455.734558][T11805] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.763669][T11805] bridge_slave_0: entered allmulticast mode
[  455.815609][T11805] bridge_slave_0: entered promiscuous mode
[  455.947390][T11805] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.009148][T11805] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.042382][T11805] bridge_slave_1: entered allmulticast mode
[  456.079063][T11805] bridge_slave_1: entered promiscuous mode
[  456.279780][T11805] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.324044][T11805] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.443268][T11805] team0: Port device team_slave_0 added
[  456.498883][T11805] team0: Port device team_slave_1 added
[  456.692496][T11805] batman_adv: batadv0: Adding interface: batadv_slave_0
[  456.742266][T11805] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  456.829850][T11805] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  456.855669][T11806] Bluetooth: hci5: command tx timeout
[  456.882227][T11864] FAULT_INJECTION: forcing a failure.
[  456.882227][T11864] name failslab, interval 1, probability 0, space 0, times 0
[  456.907345][T11805] batman_adv: batadv0: Adding interface: batadv_slave_1
[  456.928044][T11864] CPU: 0 UID: 0 PID: 11864 Comm: syz.4.1623 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  456.928078][T11864] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  456.928085][T11864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  456.928096][T11864] Call Trace:
[  456.928102][T11864]  <TASK>
[  456.928109][T11864]  dump_stack_lvl+0x100/0x190
[  456.928144][T11864]  should_fail_ex.cold+0x5/0xa
[  456.928167][T11864]  ? __register_sysctl_table+0xac/0x1650
[  456.928187][T11864]  should_failslab+0xc2/0x120
[  456.928208][T11864]  __kmalloc_noprof+0xe0/0x850
[  456.928242][T11864]  __register_sysctl_table+0xac/0x1650
[  456.928261][T11864]  ? is_module_address+0x5f/0xf0
[  456.928290][T11864]  ? __pfx___register_sysctl_table+0x10/0x10
[  456.928309][T11864]  ? is_module_address+0x69/0xf0
[  456.928332][T11864]  ? register_net_sysctl_sz+0x222/0x430
[  456.928360][T11864]  __devinet_sysctl_register+0x1b9/0x360
[  456.928388][T11864]  ? trace_kmalloc+0x101/0x130
[  456.928409][T11864]  ? __pfx___devinet_sysctl_register+0x10/0x10
[  456.928435][T11864]  ? __asan_memcpy+0x3c/0x60
[  456.928464][T11864]  devinet_init_net+0x334/0x8d0
[  456.928485][T11864]  ? __pfx_devinet_init_net+0x10/0x10
[  456.928506][T11864]  ops_init+0x1e2/0x5f0
[  456.928527][T11864]  setup_net+0x118/0x3a0
[  456.928547][T11864]  ? __pfx_setup_net+0x10/0x10
[  456.928564][T11864]  ? lockdep_init_map_type+0x5c/0x250
[  456.928598][T11864]  ? mutex_init_lockep+0x110/0x150
[  456.928627][T11864]  copy_net_ns+0x46f/0x7c0
[  456.928650][T11864]  create_new_namespaces+0x3ea/0xac0
[  456.928675][T11864]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  456.928698][T11864]  ksys_unshare+0x473/0xad0
[  456.928724][T11864]  ? __pfx_ksys_unshare+0x10/0x10
[  456.928757][T11864]  __x64_sys_unshare+0x31/0x40
[  456.928780][T11864]  do_syscall_64+0x106/0xf80
[  456.928799][T11864]  ? clear_bhb_loop+0x40/0x90
[  456.928821][T11864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.928840][T11864] RIP: 0033:0x7f2be459c819
[  456.928855][T11864] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  456.928872][T11864] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  456.928890][T11864] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  456.928901][T11864] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  456.928913][T11864] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  456.928923][T11864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  456.928933][T11864] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  456.928956][T11864]  </TASK>
[  456.931374][T11805] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  457.450124][T11872] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1626'.
[  457.985264][T11805] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  458.277560][T11805] hsr_slave_0: entered promiscuous mode
[  458.299578][T11805] hsr_slave_1: entered promiscuous mode
[  458.324472][T11805] debugfs: 'hsr0' already exists in 'hsr'
[  458.354093][T11805] Cannot create hsr debugfs directory
[  458.925244][T11806] Bluetooth: hci5: command tx timeout
[  460.016453][T11805] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  460.103614][T11805] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  460.160701][T11805] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  460.257202][T11805] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  460.634666][T11918] can0: slcan on ttyS2.
[  460.746471][T11906] can0 (unregistered): slcan off ttyS2.
[  460.871424][T11805] 8021q: adding VLAN 0 to HW filter on device bond0
[  460.993427][T11806] Bluetooth: hci5: command tx timeout
[  461.063938][T11805] 8021q: adding VLAN 0 to HW filter on device team0
[  461.119253][T10946] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.127552][T10946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  461.222860][T10946] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.230704][T10946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  461.721201][T11805] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  462.878306][T11805] 8021q: adding VLAN 0 to HW filter on device batadv0
[  464.369487][T11805] veth0_vlan: entered promiscuous mode
[  464.489394][T11805] veth1_vlan: entered promiscuous mode
[  464.631364][T11805] veth0_macvtap: entered promiscuous mode
[  464.705992][T11805] veth1_macvtap: entered promiscuous mode
[  464.791134][T11805] batman_adv: batadv0: Interface activated: batadv_slave_0
[  464.894052][T11805] batman_adv: batadv0: Interface activated: batadv_slave_1
[  464.997125][T10946] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  465.041687][T10946] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  465.096771][T10946] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  465.126838][T10946] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  465.464140][T11059] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  465.530129][T11059] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  465.545084][T11996] Process accounting resumed
[  465.675568][T11017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  465.731555][T11017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  466.852480][T12044] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1656'.
[  467.444706][T12056] netlink: 'syz.5.1660': attribute type 8 has an invalid length.
[  468.773250][T12080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1665'.
[  469.634542][T12103] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  470.778921][T11806] Bluetooth: hci5: unexpected event 0x1d length: 6 > 5
[  471.549172][T12136] binder: 12134:12136 ioctl c0306201 2000000000c0 returned -14
[  472.747651][T12155] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1686'.
[  472.811117][T12155] ipvlan1: entered promiscuous mode
[  472.816851][T12155] ipvlan1: entered allmulticast mode
[  472.871686][T12155] veth0_vlan: entered allmulticast mode
[  473.082522][T11806] Bluetooth: hci0: ACL packet for unknown connection handle 0
[  474.408830][T12187] random: crng reseeded on system resumption
[  474.498220][T12187] Restarting kernel threads ...
[  474.528918][T12187] Done restarting kernel threads.
[  474.595963][T12190] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1695'.
[  474.892615][T11806] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  475.384869][T12199] Process accounting resumed
[  475.884261][T12218] random: crng reseeded on system resumption
[  476.083090][T12218] Restarting kernel threads ...
[  476.102552][T12218] Done restarting kernel threads.
[  476.365582][T11806] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  477.677258][T12261] FAULT_INJECTION: forcing a failure.
[  477.677258][T12261] name failslab, interval 1, probability 0, space 0, times 0
[  477.729207][T12261] CPU: 0 UID: 0 PID: 12261 Comm: syz.3.1716 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  477.729241][T12261] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  477.729248][T12261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  477.729259][T12261] Call Trace:
[  477.729267][T12261]  <TASK>
[  477.729276][T12261]  dump_stack_lvl+0x100/0x190
[  477.729309][T12261]  should_fail_ex.cold+0x5/0xa
[  477.729333][T12261]  should_failslab+0xc2/0x120
[  477.729355][T12261]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  477.729391][T12261]  ? __pmd_alloc+0xbf/0x950
[  477.729419][T12261]  __pmd_alloc+0xbf/0x950
[  477.729444][T12261]  __handle_mm_fault+0xa9e/0x2b60
[  477.729475][T12261]  ? mt_find+0x45e/0x8e0
[  477.729497][T12261]  ? __pfx___handle_mm_fault+0x10/0x10
[  477.729523][T12261]  ? __pfx_mt_find+0x10/0x10
[  477.729556][T12261]  ? find_vma+0xbf/0x140
[  477.729575][T12261]  ? __pfx_find_vma+0x10/0x10
[  477.729596][T12261]  handle_mm_fault+0x36d/0xa20
[  477.729632][T12261]  do_user_addr_fault+0x74c/0x12f0
[  477.729659][T12261]  exc_page_fault+0x6f/0xd0
[  477.729679][T12261]  asm_exc_page_fault+0x26/0x30
[  477.729698][T12261] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  477.729725][T12261] Code: 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 cf 93 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  477.729743][T12261] RSP: 0018:ffffc90004e57b98 EFLAGS: 00050206
[  477.729759][T12261] RAX: 0000000000000001 RBX: ffff88802b89c000 RCX: 0000000000001000
[  477.729771][T12261] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88802b89c000
[  477.729782][T12261] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed10057139ff
[  477.729792][T12261] R10: ffff88802b89cfff R11: 0000000000000000 R12: ffffc90004e57d80
[  477.729803][T12261] R13: 0000000000000000 R14: 0000000000001000 R15: 0000000000000000
[  477.729826][T12261]  _copy_from_iter+0x355/0x1690
[  477.729858][T12261]  ? __pfx__copy_from_iter+0x10/0x10
[  477.729882][T12261]  ? rcu_is_watching+0x12/0xc0
[  477.729912][T12261]  ? trace_kmalloc+0x101/0x130
[  477.729932][T12261]  ? __kasan_kmalloc+0xaa/0xb0
[  477.729950][T12261]  ? __kmalloc_noprof+0x320/0x850
[  477.729984][T12261]  kernfs_fop_write_iter+0x186/0x5f0
[  477.730010][T12261]  vfs_write+0x6ac/0x1070
[  477.730029][T12261]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  477.730053][T12261]  ? __pfx_vfs_write+0x10/0x10
[  477.730086][T12261]  ksys_write+0x12a/0x250
[  477.730104][T12261]  ? __pfx_ksys_write+0x10/0x10
[  477.730129][T12261]  do_syscall_64+0x106/0xf80
[  477.730148][T12261]  ? clear_bhb_loop+0x40/0x90
[  477.730170][T12261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.730190][T12261] RIP: 0033:0x7fa14a19c819
[  477.730205][T12261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  477.730222][T12261] RSP: 002b:00007fa14af85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  477.730243][T12261] RAX: ffffffffffffffda RBX: 00007fa14a415fa0 RCX: 00007fa14a19c819
[  477.730254][T12261] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003
[  477.730264][T12261] RBP: 00007fa14af85090 R08: 0000000000000000 R09: 0000000000000000
[  477.730275][T12261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.730286][T12261] R13: 00007fa14a416038 R14: 00007fa14a415fa0 R15: 00007ffca359e1e8
[  477.730310][T12261]  </TASK>
[  478.218571][T12263] random: crng reseeded on system resumption
[  478.232266][T12263] Restarting kernel threads ...
[  478.238999][T12263] Done restarting kernel threads.
[  480.211426][T12287] FAULT_INJECTION: forcing a failure.
[  480.211426][T12287] name failslab, interval 1, probability 0, space 0, times 0
[  480.363623][T12287] CPU: 0 UID: 0 PID: 12287 Comm: syz.5.1723 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  480.363657][T12287] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  480.363664][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  480.363674][T12287] Call Trace:
[  480.363680][T12287]  <TASK>
[  480.363687][T12287]  dump_stack_lvl+0x100/0x190
[  480.363722][T12287]  should_fail_ex.cold+0x5/0xa
[  480.363745][T12287]  should_failslab+0xc2/0x120
[  480.363767][T12287]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  480.363818][T12287]  ? alloc_inode+0x68/0x250
[  480.363850][T12287]  ? simple_start_creating+0xb0/0x110
[  480.363868][T12287]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  480.363892][T12287]  alloc_inode+0x68/0x250
[  480.363918][T12287]  new_inode+0x22/0x1c0
[  480.363946][T12287]  __debugfs_create_file+0x105/0x4f0
[  480.363971][T12287]  debugfs_create_file_full+0x41/0x60
[  480.363996][T12287]  ref_tracker_dir_debugfs+0x19e/0x2e0
[  480.364024][T12287]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  480.364055][T12287]  ? find_held_lock+0x2b/0x80
[  480.364099][T12287]  ? lockdep_init_map_type+0x5c/0x250
[  480.364128][T12287]  preinit_net.part.0+0x437/0x8f0
[  480.364149][T12287]  copy_net_ns+0x339/0x7c0
[  480.364173][T12287]  create_new_namespaces+0x3ea/0xac0
[  480.364199][T12287]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  480.364227][T12287]  ksys_unshare+0x473/0xad0
[  480.364253][T12287]  ? __pfx_ksys_unshare+0x10/0x10
[  480.364277][T12287]  ? ksys_write+0x1ac/0x250
[  480.364304][T12287]  __x64_sys_unshare+0x31/0x40
[  480.364329][T12287]  do_syscall_64+0x106/0xf80
[  480.364347][T12287]  ? clear_bhb_loop+0x40/0x90
[  480.364370][T12287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.364390][T12287] RIP: 0033:0x7f36e0d9c819
[  480.364411][T12287] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  480.364430][T12287] RSP: 002b:00007f36e1d28028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  480.364448][T12287] RAX: ffffffffffffffda RBX: 00007f36e1015fa0 RCX: 00007f36e0d9c819
[  480.364460][T12287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  480.364470][T12287] RBP: 00007f36e1d28090 R08: 0000000000000000 R09: 0000000000000000
[  480.364481][T12287] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  480.364492][T12287] R13: 00007f36e1016038 R14: 00007f36e1015fa0 R15: 00007ffd1ca5b6f8
[  480.364514][T12287]  </TASK>
[  480.364521][T12287] debugfs: out of free dentries, can not create file 'net_notrefcnt@ffff888054c4a978'
[  480.844322][T11806] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  480.903100][T12298] random: crng reseeded on system resumption
[  480.930427][T12298] Restarting kernel threads ...
[  480.961951][T12298] Done restarting kernel threads.
[  482.586056][T11806] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5
[  482.729650][T12336] FAULT_INJECTION: forcing a failure.
[  482.729650][T12336] name failslab, interval 1, probability 0, space 0, times 0
[  482.848054][T12336] CPU: 0 UID: 0 PID: 12336 Comm: syz.5.1737 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  482.848088][T12336] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  482.848096][T12336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  482.848107][T12336] Call Trace:
[  482.848113][T12336]  <TASK>
[  482.848120][T12336]  dump_stack_lvl+0x100/0x190
[  482.848153][T12336]  should_fail_ex.cold+0x5/0xa
[  482.848177][T12336]  should_failslab+0xc2/0x120
[  482.848198][T12336]  kmem_cache_alloc_lru_noprof+0x80/0x6e0
[  482.848227][T12336]  ? sock_alloc_inode+0x25/0x1c0
[  482.848251][T12336]  ? __pfx_sock_alloc_inode+0x10/0x10
[  482.848273][T12336]  sock_alloc_inode+0x25/0x1c0
[  482.848294][T12336]  alloc_inode+0x68/0x250
[  482.848320][T12336]  sock_alloc+0x44/0x280
[  482.848337][T12336]  ? security_socket_create+0x7f/0x250
[  482.848368][T12336]  __sock_create+0xc2/0x860
[  482.848395][T12336]  __sys_socket+0x14d/0x260
[  482.848420][T12336]  ? __pfx___sys_socket+0x10/0x10
[  482.848452][T12336]  __x64_sys_socket+0x72/0xb0
[  482.848476][T12336]  ? lockdep_hardirqs_on+0x78/0x100
[  482.848501][T12336]  do_syscall_64+0x106/0xf80
[  482.848519][T12336]  ? clear_bhb_loop+0x40/0x90
[  482.848541][T12336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.848559][T12336] RIP: 0033:0x7f36e0d9c819
[  482.848575][T12336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.848593][T12336] RSP: 002b:00007f36e1d28028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  482.848612][T12336] RAX: ffffffffffffffda RBX: 00007f36e1015fa0 RCX: 00007f36e0d9c819
[  482.848624][T12336] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a
[  482.848635][T12336] RBP: 00007f36e0e32c91 R08: 0000000000000000 R09: 0000000000000000
[  482.848645][T12336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.848656][T12336] R13: 00007f36e1016038 R14: 00007f36e1015fa0 R15: 00007ffd1ca5b6f8
[  482.848679][T12336]  </TASK>
[  483.420528][T12344] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1739'.
[  483.932591][T12350] FAULT_INJECTION: forcing a failure.
[  483.932591][T12350] name failslab, interval 1, probability 0, space 0, times 0
[  484.023281][T12350] CPU: 0 UID: 0 PID: 12350 Comm: syz.3.1741 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  484.023322][T12350] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  484.023328][T12350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  484.023339][T12350] Call Trace:
[  484.023345][T12350]  <TASK>
[  484.023352][T12350]  dump_stack_lvl+0x100/0x190
[  484.023387][T12350]  should_fail_ex.cold+0x5/0xa
[  484.023414][T12350]  should_failslab+0xc2/0x120
[  484.023435][T12350]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  484.023465][T12350]  ? taskstats_exit+0x650/0xbd0
[  484.023487][T12350]  taskstats_exit+0x650/0xbd0
[  484.023505][T12350]  ? __pfx_acct_update_integrals+0x10/0x10
[  484.023525][T12350]  ? __pfx_taskstats_exit+0x10/0x10
[  484.023544][T12350]  ? rcu_read_lock_any_held+0x6a/0xa0
[  484.023563][T12350]  ? exit_signals+0x395/0xaf0
[  484.023586][T12350]  do_exit+0x659/0x2b60
[  484.023614][T12350]  ? __pfx_do_exit+0x10/0x10
[  484.023639][T12350]  ? do_raw_spin_lock+0x128/0x260
[  484.023666][T12350]  ? find_held_lock+0x2b/0x80
[  484.023684][T12350]  ? get_signal+0x7e0/0x21e0
[  484.023711][T12350]  do_group_exit+0xd5/0x2a0
[  484.023738][T12350]  get_signal+0x1ec7/0x21e0
[  484.023766][T12350]  ? __pfx_get_signal+0x10/0x10
[  484.023787][T12350]  ? do_futex+0x192/0x350
[  484.023816][T12350]  arch_do_signal_or_restart+0x91/0x770
[  484.023841][T12350]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  484.023871][T12350]  ? __pfx___x64_sys_futex+0x10/0x10
[  484.023905][T12350]  exit_to_user_mode_loop+0x86/0x4a0
[  484.023933][T12350]  do_syscall_64+0x668/0xf80
[  484.023952][T12350]  ? clear_bhb_loop+0x40/0x90
[  484.023974][T12350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.023994][T12350] RIP: 0033:0x7fa14a19c819
[  484.024009][T12350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  484.024027][T12350] RSP: 002b:00007fa14af850e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  484.024046][T12350] RAX: fffffffffffffe00 RBX: 00007fa14a415fa8 RCX: 00007fa14a19c819
[  484.024057][T12350] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa14a415fa8
[  484.024068][T12350] RBP: 00007fa14a415fa0 R08: 0000000000000000 R09: 0000000000000000
[  484.024078][T12350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  484.024089][T12350] R13: 00007fa14a416038 R14: 00007ffca359e100 R15: 00007ffca359e1e8
[  484.024111][T12350]  </TASK>
[  484.340380][T12336] socket: no more sockets
[  484.588881][T12365] program syz.5.1746 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  484.662935][T12367] netlink: 'syz.1.1747': attribute type 8 has an invalid length.
[  485.006098][T12376] random: crng reseeded on system resumption
[  486.553920][T12405] netlink: 'syz.4.1757': attribute type 8 has an invalid length.
[  487.037980][T12410] random: crng reseeded on system resumption
[  487.093049][T12410] Restarting kernel threads ...
[  487.120968][T12410] Done restarting kernel threads.
[  487.227533][T12415] nbd: socks must be embedded in a SOCK_ITEM attr
[  487.262451][T12415] block nbd0: shutting down sockets
[  487.393677][T12418] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1762'.
[  487.440780][T12418] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1762'.
[  487.482830][T12421] netlink: 'syz.5.1763': attribute type 11 has an invalid length.
[  487.528854][T12421] netlink: 'syz.5.1763': attribute type 11 has an invalid length.
[  487.586000][T12421] netlink: 'syz.5.1763': attribute type 11 has an invalid length.
[  488.133078][T11806] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  488.349528][T12438] sd 0:0:1:0: PR command failed: 1026
[  488.424384][T12438] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  488.464581][T12438] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  490.017681][T12467] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1774'.
[  490.085071][T12467] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1774'.
[  492.192420][T12496] zswap: compressor  not available
[  494.546537][T12544] program syz.1.1794 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  495.001548][T12546] zswap: compressor  not available
[  495.326255][T12557] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1796'.
[  495.391348][T12557] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1796'.
[  496.922978][T12561] Process accounting paused
[  497.680288][T12593] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1807'.
[  498.634719][T12609] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1811'.
[  499.564533][T12619] QAT: Device 252 not found
[  500.553057][T12628] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  501.035195][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.041511][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  501.762468][T12645] FAULT_INJECTION: forcing a failure.
[  501.762468][T12645] name failslab, interval 1, probability 0, space 0, times 0
[  501.825361][T12645] CPU: 0 UID: 0 PID: 12645 Comm: syz.4.1823 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  501.825394][T12645] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  501.825401][T12645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  501.825411][T12645] Call Trace:
[  501.825418][T12645]  <TASK>
[  501.825428][T12645]  dump_stack_lvl+0x100/0x190
[  501.825463][T12645]  should_fail_ex.cold+0x5/0xa
[  501.825486][T12645]  should_failslab+0xc2/0x120
[  501.825509][T12645]  __kmalloc_cache_noprof+0x7a/0x6f0
[  501.825536][T12645]  ? shrinker_alloc+0xf5/0xbc0
[  501.825559][T12645]  shrinker_alloc+0xf5/0xbc0
[  501.825580][T12645]  ? mark_held_locks+0x40/0x70
[  501.825604][T12645]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  501.825637][T12645]  ? rcu_is_watching+0x12/0xc0
[  501.825667][T12645]  ? __pfx_shrinker_alloc+0x10/0x10
[  501.825689][T12645]  ? lockdep_init_map_type+0x5c/0x250
[  501.825715][T12645]  ? lockdep_init_map_type+0x5c/0x250
[  501.825741][T12645]  ? __raw_spin_lock_init+0x3a/0x110
[  501.825769][T12645]  ? __init_rwsem+0x12d/0x1b0
[  501.825801][T12645]  alloc_super+0x7c7/0xd20
[  501.825833][T12645]  ? __pfx_test_keyed_super+0x10/0x10
[  501.825859][T12645]  sget_fc+0x117/0xc70
[  501.825888][T12645]  ? __pfx_set_anon_super_fc+0x10/0x10
[  501.825917][T12645]  ? __pfx_rpc_fill_super+0x10/0x10
[  501.825946][T12645]  get_tree_keyed+0x59/0x1d0
[  501.825977][T12645]  vfs_get_tree+0x92/0x320
[  501.826004][T12645]  vfs_cmd_create+0xd7/0x2a0
[  501.826031][T12645]  __do_sys_fsconfig+0x55a/0xcb0
[  501.826058][T12645]  ? __pfx___do_sys_fsconfig+0x10/0x10
[  501.826083][T12645]  ? fput+0x79/0x100
[  501.826114][T12645]  do_syscall_64+0x106/0xf80
[  501.826133][T12645]  ? clear_bhb_loop+0x40/0x90
[  501.826163][T12645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.826182][T12645] RIP: 0033:0x7f2be459c819
[  501.826198][T12645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  501.826216][T12645] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  501.826235][T12645] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  501.826248][T12645] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000005
[  501.826259][T12645] RBP: 00007f2be27f6090 R08: 0000000000000000 R09: 0000000000000000
[  501.826269][T12645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.826280][T12645] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  501.826303][T12645]  </TASK>
[  503.399195][T12660] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1826'.
[  504.404859][T12676] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1830'.
[  505.855162][T12700] Process accounting paused
[  507.132635][T12711] random: crng reseeded on system resumption
[  507.180044][T12711] Restarting kernel threads ...
[  507.203302][T12711] Done restarting kernel threads.
[  507.748803][T12721] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1845'.
[  507.802612][T12723] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1845'.
[  507.909154][T12715] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1841'.
[  508.046394][T11806] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  508.062362][T12715] ipvlan1: left promiscuous mode
[  508.095345][T10947] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  508.109338][T10947] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  508.118707][T10947] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  508.127491][T10947] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  508.135454][T10947] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  508.290556][T12733] random: crng reseeded on system resumption
[  508.301728][T12715] ipvlan1: left allmulticast mode
[  508.369514][T12715] veth0_vlan: left allmulticast mode
[  509.168132][T12748] Process accounting resumed
[  509.380106][T10947] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  509.515050][T12727] chnl_net:caif_netlink_parms(): no params data found
[  509.612897][T12760] netlink: 'syz.1.1852': attribute type 9 has an invalid length.
[  509.682647][T12760] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1852'.
[  509.992100][T12727] bridge0: port 1(bridge_slave_0) entered blocking state
[  510.027393][T12727] bridge0: port 1(bridge_slave_0) entered disabled state
[  510.087295][T12727] bridge_slave_0: entered allmulticast mode
[  510.152055][T12727] bridge_slave_0: entered promiscuous mode
[  510.167444][T12727] bridge0: port 2(bridge_slave_1) entered blocking state
[  510.182997][T10947] Bluetooth: hci6: command tx timeout
[  510.228358][T12727] bridge0: port 2(bridge_slave_1) entered disabled state
[  510.265694][T12727] bridge_slave_1: entered allmulticast mode
[  510.278654][T12770] random: crng reseeded on system resumption
[  510.303561][T12727] bridge_slave_1: entered promiscuous mode
[  510.347324][T12770] Restarting kernel threads ...
[  510.373301][T12770] Done restarting kernel threads.
[  510.429621][T12727] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  510.519247][T12727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  510.734266][T12727] team0: Port device team_slave_0 added
[  510.742525][T12727] team0: Port device team_slave_1 added
[  510.939698][T12727] batman_adv: batadv0: Adding interface: batadv_slave_0
[  511.000143][T12727] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  511.120796][T12781] FAULT_INJECTION: forcing a failure.
[  511.120796][T12781] name failslab, interval 1, probability 0, space 0, times 0
[  511.182991][T12727] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  511.206087][T12781] CPU: 0 UID: 0 PID: 12781 Comm: syz.4.1858 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  511.206124][T12781] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  511.206131][T12781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  511.206143][T12781] Call Trace:
[  511.206149][T12781]  <TASK>
[  511.206157][T12781]  dump_stack_lvl+0x100/0x190
[  511.206191][T12781]  should_fail_ex.cold+0x5/0xa
[  511.206214][T12781]  ? tomoyo_supervisor+0x65d/0x1340
[  511.206231][T12781]  should_failslab+0xc2/0x120
[  511.206252][T12781]  __kmalloc_noprof+0xe0/0x850
[  511.206285][T12781]  tomoyo_supervisor+0x65d/0x1340
[  511.206307][T12781]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  511.206339][T12781]  ? tomoyo_check_path_acl+0x141/0x210
[  511.206362][T12781]  ? tomoyo_check_acl+0x1f7/0x410
[  511.206385][T12781]  tomoyo_path_permission+0x270/0x3b0
[  511.206410][T12781]  tomoyo_check_open_permission+0x34d/0x3c0
[  511.206438][T12781]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  511.206483][T12781]  ? do_raw_spin_lock+0x128/0x260
[  511.206513][T12781]  ? path_get+0x61/0x80
[  511.206537][T12781]  tomoyo_file_open+0x6b/0x90
[  511.206556][T12781]  security_file_open+0xb5/0x1e0
[  511.206582][T12781]  do_dentry_open+0x5aa/0x1660
[  511.206603][T12781]  ? security_inode_permission+0xbf/0x250
[  511.206630][T12781]  vfs_open+0x82/0x3f0
[  511.206656][T12781]  path_openat+0x208c/0x31a0
[  511.206683][T12781]  ? __pfx_path_openat+0x10/0x10
[  511.206711][T12781]  do_file_open+0x20e/0x430
[  511.206733][T12781]  ? __pfx_do_file_open+0x10/0x10
[  511.206769][T12781]  ? alloc_fd+0x476/0x790
[  511.206790][T12781]  ? do_getname+0x191/0x390
[  511.206816][T12781]  do_sys_openat2+0x10d/0x1e0
[  511.206841][T12781]  ? __pfx_do_sys_openat2+0x10/0x10
[  511.206875][T12781]  __x64_sys_openat+0x12d/0x210
[  511.206905][T12781]  ? __pfx___x64_sys_openat+0x10/0x10
[  511.206939][T12781]  do_syscall_64+0x106/0xf80
[  511.206958][T12781]  ? clear_bhb_loop+0x40/0x90
[  511.206982][T12781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.207001][T12781] RIP: 0033:0x7f2be459c819
[  511.207017][T12781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  511.207035][T12781] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  511.207062][T12781] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  511.207074][T12781] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  511.207085][T12781] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  511.207096][T12781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  511.207106][T12781] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  511.207129][T12781]  </TASK>
[  511.799549][T12727] batman_adv: batadv0: Adding interface: batadv_slave_1
[  511.806644][T12727] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  511.942389][T12784] random: crng reseeded on system resumption
[  511.954469][T12727] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  512.276244][T10965] Bluetooth: hci6: command tx timeout
[  512.491089][T12727] hsr_slave_0: entered promiscuous mode
[  512.508544][T12727] hsr_slave_1: entered promiscuous mode
[  512.530188][T12727] debugfs: 'hsr0' already exists in 'hsr'
[  512.561829][T12727] Cannot create hsr debugfs directory
[  513.346418][T12804] FAULT_INJECTION: forcing a failure.
[  513.346418][T12804] name failslab, interval 1, probability 0, space 0, times 0
[  513.425195][T12804] CPU: 0 UID: 0 PID: 12804 Comm: syz.1.1864 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  513.425232][T12804] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  513.425239][T12804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  513.425249][T12804] Call Trace:
[  513.425255][T12804]  <TASK>
[  513.425263][T12804]  dump_stack_lvl+0x100/0x190
[  513.425301][T12804]  should_fail_ex.cold+0x5/0xa
[  513.425323][T12804]  should_failslab+0xc2/0x120
[  513.425346][T12804]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  513.425375][T12804]  ? vm_area_alloc+0x1f/0x160
[  513.425399][T12804]  ? vma_merge_new_range+0x38b/0xa30
[  513.425431][T12804]  vm_area_alloc+0x1f/0x160
[  513.425456][T12804]  __mmap_region+0x10cc/0x29e0
[  513.425491][T12804]  ? __pfx___mmap_region+0x10/0x10
[  513.425526][T12804]  ? set_next_entity+0x11e/0x9c0
[  513.425557][T12804]  ? __lock_acquire+0x4a5/0x2630
[  513.425581][T12804]  ? find_held_lock+0x2b/0x80
[  513.425608][T12804]  ? find_held_lock+0x2b/0x80
[  513.425624][T12804]  ? finish_task_switch.isra.0+0x200/0xb80
[  513.425645][T12804]  ? finish_task_switch.isra.0+0x200/0xb80
[  513.425673][T12804]  ? trace_sched_exit_tp+0x13a/0x180
[  513.425696][T12804]  ? __schedule+0x1000/0x6120
[  513.425753][T12804]  ? rcu_is_watching+0x12/0xc0
[  513.425783][T12804]  ? cap_capable+0x107/0x460
[  513.425808][T12804]  mmap_region+0x180/0x3e0
[  513.425843][T12804]  do_mmap+0xc63/0x12f0
[  513.425869][T12804]  ? __pfx_do_mmap+0x10/0x10
[  513.425891][T12804]  ? __pfx_down_write_killable+0x10/0x10
[  513.425919][T12804]  vm_mmap_pgoff+0x29e/0x470
[  513.425947][T12804]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  513.425971][T12804]  ? do_futex+0x192/0x350
[  513.425997][T12804]  ? __pfx_do_futex+0x10/0x10
[  513.426020][T12804]  ? __pfx_do_sys_openat2+0x10/0x10
[  513.426058][T12804]  ksys_mmap_pgoff+0xe1/0x650
[  513.426079][T12804]  ? __x64_sys_futex+0x34f/0x4d0
[  513.426102][T12804]  ? __x64_sys_futex+0x358/0x4d0
[  513.426130][T12804]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  513.426154][T12804]  ? xfd_validate_state+0x129/0x190
[  513.426197][T12804]  __x64_sys_mmap+0x125/0x190
[  513.426228][T12804]  do_syscall_64+0x106/0xf80
[  513.426247][T12804]  ? clear_bhb_loop+0x40/0x90
[  513.426270][T12804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.426294][T12804] RIP: 0033:0x7fbb3e59c819
[  513.426312][T12804] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  513.426331][T12804] RSP: 002b:00007fbb3f43c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  513.426349][T12804] RAX: ffffffffffffffda RBX: 00007fbb3e815fa0 RCX: 00007fbb3e59c819
[  513.426362][T12804] RDX: 000000000000005f RSI: 0000000000400008 RDI: 0000000000000000
[  513.426373][T12804] RBP: 00007fbb3e632c91 R08: 0000000000000002 R09: 0000000000008000
[  513.426383][T12804] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  513.426394][T12804] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  513.426416][T12804]  </TASK>
[  513.768249][T12727] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  513.908008][T12727] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  514.006594][T10965] Bluetooth: hci4: command 0x0406 tx timeout
[  514.084771][T12727] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  514.097108][T12727] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  514.315321][T10947] Bluetooth: hci6: command tx timeout
[  514.340275][T12727] 8021q: adding VLAN 0 to HW filter on device bond0
[  514.382940][T12727] 8021q: adding VLAN 0 to HW filter on device team0
[  514.412724][T10946] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.420386][T10946] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.472930][T10946] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.480646][T10946] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.062153][T12835] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1870'.
[  515.176681][T12727] 8021q: adding VLAN 0 to HW filter on device batadv0
[  515.741062][T12838] FAULT_INJECTION: forcing a failure.
[  515.741062][T12838] name fail_futex, interval 1, probability 0, space 0, times 0
[  515.888442][T12838] CPU: 0 UID: 0 PID: 12838 Comm: syz.1.1871 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  515.888476][T12838] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  515.888484][T12838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  515.888495][T12838] Call Trace:
[  515.888501][T12838]  <TASK>
[  515.888507][T12838]  dump_stack_lvl+0x100/0x190
[  515.888540][T12838]  should_fail_ex.cold+0x5/0xa
[  515.888563][T12838]  get_futex_key+0x1d2/0x1620
[  515.888589][T12838]  ? __pfx_get_futex_key+0x10/0x10
[  515.888616][T12838]  ? kasan_quarantine_put+0x104/0x240
[  515.888645][T12838]  ? lockdep_hardirqs_on+0x78/0x100
[  515.888668][T12838]  futex_wake+0xea/0x530
[  515.888697][T12838]  ? find_held_lock+0x2b/0x80
[  515.888715][T12838]  ? __pfx_futex_wake+0x10/0x10
[  515.888746][T12838]  ? ksys_write+0x190/0x250
[  515.888764][T12838]  ? ksys_write+0x190/0x250
[  515.888785][T12838]  do_futex+0x32b/0x350
[  515.888813][T12838]  ? __pfx_do_futex+0x10/0x10
[  515.888843][T12838]  __x64_sys_futex+0x34f/0x4d0
[  515.888871][T12838]  ? __pfx___x64_sys_futex+0x10/0x10
[  515.888904][T12838]  do_syscall_64+0x106/0xf80
[  515.888922][T12838]  ? clear_bhb_loop+0x40/0x90
[  515.888944][T12838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.888963][T12838] RIP: 0033:0x7fbb3e59c819
[  515.888977][T12838] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  515.888995][T12838] RSP: 002b:00007fbb3f43c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  515.889022][T12838] RAX: ffffffffffffffda RBX: 00007fbb3e815fa8 RCX: 00007fbb3e59c819
[  515.889034][T12838] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fbb3e815fac
[  515.889044][T12838] RBP: 00007fbb3e815fa0 R08: 0000000000000000 R09: 0000000000000000
[  515.889055][T12838] R10: 0000000000000081 R11: 0000000000000246 R12: 0000000000000000
[  515.889065][T12838] R13: 00007fbb3e816038 R14: 00007ffc301914a0 R15: 00007ffc30191588
[  515.889087][T12838]  </TASK>
[  516.443943][T10947] Bluetooth: hci6: command tx timeout
[  516.706798][T10965] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  516.706830][T10965] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  516.723809][T10965] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  516.723876][T10965] Bluetooth: hci0: Malformed LE Event: 0x0d
[  516.944133][T12727] veth0_vlan: entered promiscuous mode
[  516.990109][T12727] veth1_vlan: entered promiscuous mode
[  517.093999][T12727] veth0_macvtap: entered promiscuous mode
[  517.170490][T12727] veth1_macvtap: entered promiscuous mode
[  517.265529][T12727] batman_adv: batadv0: Interface activated: batadv_slave_0
[  517.360662][T12727] batman_adv: batadv0: Interface activated: batadv_slave_1
[  517.417816][T10960] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  517.523130][T10960] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  517.585482][T10960] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  517.732151][T10960] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  518.127564][T10960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  518.184850][T10960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  518.343788][T10946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  518.383493][T10946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  518.714606][T12878] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  518.761276][T12869] zswap: compressor  not available
[  518.866704][T12882] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1844'.
[  519.392925][T12893] FAULT_INJECTION: forcing a failure.
[  519.392925][T12893] name failslab, interval 1, probability 0, space 0, times 0
[  519.472633][T12893] CPU: 0 UID: 0 PID: 12893 Comm: syz.4.1880 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  519.472668][T12893] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  519.472676][T12893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  519.472687][T12893] Call Trace:
[  519.472693][T12893]  <TASK>
[  519.472700][T12893]  dump_stack_lvl+0x100/0x190
[  519.472732][T12893]  should_fail_ex.cold+0x5/0xa
[  519.472755][T12893]  should_failslab+0xc2/0x120
[  519.472777][T12893]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  519.472806][T12893]  ? __anon_vma_prepare+0x344/0x5e0
[  519.472837][T12893]  __anon_vma_prepare+0x344/0x5e0
[  519.472866][T12893]  __vmf_anon_prepare+0x11f/0x250
[  519.472891][T12893]  do_anonymous_page+0x552/0x1fb0
[  519.472918][T12893]  ? __handle_mm_fault+0x17aa/0x2b60
[  519.472948][T12893]  __handle_mm_fault+0x1d48/0x2b60
[  519.472981][T12893]  ? __pfx___handle_mm_fault+0x10/0x10
[  519.473008][T12893]  ? pte_offset_map_lock+0x174/0x320
[  519.473028][T12893]  ? find_held_lock+0x2b/0x80
[  519.473078][T12893]  ? follow_page_pte+0x5b3/0x1400
[  519.473105][T12893]  handle_mm_fault+0x36d/0xa20
[  519.473146][T12893]  __get_user_pages+0xf9c/0x34d0
[  519.473177][T12893]  ? __pfx___get_user_pages+0x10/0x10
[  519.473205][T12893]  populate_vma_page_range+0x267/0x3f0
[  519.473255][T12893]  ? __pfx_populate_vma_page_range+0x10/0x10
[  519.473294][T12893]  ? __pfx_find_vma_intersection+0x10/0x10
[  519.473322][T12893]  ? do_mmap+0x93f/0x12f0
[  519.473346][T12893]  __mm_populate+0x107/0x3a0
[  519.473376][T12893]  ? __pfx___mm_populate+0x10/0x10
[  519.473401][T12893]  ? up_write+0x290/0x4f0
[  519.473430][T12893]  vm_mmap_pgoff+0x37f/0x470
[  519.473455][T12893]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  519.473478][T12893]  ? do_futex+0x192/0x350
[  519.473503][T12893]  ? __pfx_do_futex+0x10/0x10
[  519.473531][T12893]  ksys_mmap_pgoff+0xe1/0x650
[  519.473552][T12893]  ? __x64_sys_futex+0x34f/0x4d0
[  519.473575][T12893]  ? __x64_sys_futex+0x358/0x4d0
[  519.473611][T12893]  ? __pfx_ksys_mmap_pgoff+0x10/0x10
[  519.473633][T12893]  ? xfd_validate_state+0x129/0x190
[  519.473665][T12893]  __x64_sys_mmap+0x125/0x190
[  519.473696][T12893]  do_syscall_64+0x106/0xf80
[  519.473715][T12893]  ? clear_bhb_loop+0x40/0x90
[  519.473737][T12893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.473755][T12893] RIP: 0033:0x7f2be459c819
[  519.473771][T12893] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  519.473788][T12893] RSP: 002b:00007f2be27d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  519.473807][T12893] RAX: ffffffffffffffda RBX: 00007f2be4816090 RCX: 00007f2be459c819
[  519.473819][T12893] RDX: 00000000000000db RSI: 000000000000000a RDI: 0000000000000000
[  519.473829][T12893] RBP: 00007f2be4632c91 R08: 0000000000000005 R09: 0000000000008000
[  519.473840][T12893] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000
[  519.473851][T12893] R13: 00007f2be4816128 R14: 00007f2be4816090 R15: 00007ffe59a50768
[  519.473875][T12893]  </TASK>
[  520.088924][T12897] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1882'.
[  520.311005][T10947] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  521.944905][T12942] FAULT_INJECTION: forcing a failure.
[  521.944905][T12942] name failslab, interval 1, probability 0, space 0, times 0
[  522.074882][T12942] CPU: 0 UID: 0 PID: 12942 Comm: syz.4.1891 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  522.074919][T12942] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  522.074925][T12942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  522.074945][T12942] Call Trace:
[  522.074952][T12942]  <TASK>
[  522.074959][T12942]  dump_stack_lvl+0x100/0x190
[  522.074993][T12942]  should_fail_ex.cold+0x5/0xa
[  522.075015][T12942]  ? tomoyo_encode2+0xfb/0x3c0
[  522.075041][T12942]  should_failslab+0xc2/0x120
[  522.075062][T12942]  __kmalloc_noprof+0xe0/0x850
[  522.075094][T12942]  ? d_absolute_path+0x136/0x1b0
[  522.075125][T12942]  tomoyo_encode2+0xfb/0x3c0
[  522.075154][T12942]  tomoyo_encode+0x29/0x50
[  522.075180][T12942]  tomoyo_realpath_from_path+0x18c/0x690
[  522.075215][T12942]  tomoyo_path_number_perm+0x23c/0x580
[  522.075238][T12942]  ? tomoyo_path_number_perm+0x22e/0x580
[  522.075262][T12942]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  522.075313][T12942]  ? find_held_lock+0x2b/0x80
[  522.075331][T12942]  ? __fget_files+0x215/0x3d0
[  522.075348][T12942]  ? hook_file_ioctl_common+0x146/0x410
[  522.075383][T12942]  ? __fget_files+0x21f/0x3d0
[  522.075405][T12942]  security_file_ioctl+0xd3/0x230
[  522.075430][T12942]  __x64_sys_ioctl+0xb7/0x210
[  522.075461][T12942]  do_syscall_64+0x106/0xf80
[  522.075480][T12942]  ? clear_bhb_loop+0x40/0x90
[  522.075503][T12942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.075522][T12942] RIP: 0033:0x7f2be459c819
[  522.075539][T12942] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  522.075557][T12942] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  522.075575][T12942] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  522.075587][T12942] RDX: 0000200000000040 RSI: 0000000000005419 RDI: 0000000000000003
[  522.075597][T12942] RBP: 00007f2be27f6090 R08: 0000000000000000 R09: 0000000000000000
[  522.075608][T12942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.075618][T12942] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  522.075641][T12942]  </TASK>
[  522.539869][T12942] ERROR: Out of memory at tomoyo_realpath_from_path.
[  524.640567][T10947] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  525.070370][T12983] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1900'.
[  525.607530][T12988] random: crng reseeded on system resumption
[  525.976507][T12995] binder: 12994:12995 ioctl c0306201 2000000000c0 returned -14
[  526.093524][T12999] usb usb24: usbfs: process 12999 (syz.3.1903) did not claim interface 0 before use
[  526.164271][T12999] binder: 12994:12999 ioctl c1105517 200000000200 returned -22
[  526.834190][T13008] Process accounting resumed
[  527.151335][T13018] random: crng reseeded on system resumption
[  527.206006][T13018] Restarting kernel threads ...
[  527.233536][T13018] Done restarting kernel threads.
[  527.361880][T10947] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  527.950467][T13036] FAULT_INJECTION: forcing a failure.
[  527.950467][T13036] name failslab, interval 1, probability 0, space 0, times 0
[  528.066820][T13032] nbd: socks must be embedded in a SOCK_ITEM attr
[  528.128761][T13032] block nbd0: shutting down sockets
[  528.170810][T13036] CPU: 0 UID: 0 PID: 13036 Comm: syz.1.1915 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  528.170847][T13036] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  528.170854][T13036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  528.170864][T13036] Call Trace:
[  528.170871][T13036]  <TASK>
[  528.170878][T13036]  dump_stack_lvl+0x100/0x190
[  528.170926][T13036]  should_fail_ex.cold+0x5/0xa
[  528.170948][T13036]  should_failslab+0xc2/0x120
[  528.170970][T13036]  __kmalloc_cache_noprof+0x7a/0x6f0
[  528.170996][T13036]  ? sctp_endpoint_new+0xfc/0xb20
[  528.171017][T13036]  ? __debug_object_init+0x2de/0x3d0
[  528.171040][T13036]  sctp_endpoint_new+0xfc/0xb20
[  528.171062][T13036]  ? __pfx_sctp_endpoint_new+0x10/0x10
[  528.171084][T13036]  ? lockdep_init_map_type+0x5c/0x250
[  528.171111][T13036]  ? lockdep_init_map_type+0x5c/0x250
[  528.171136][T13036]  ? lockdep_init_map_type+0x5c/0x250
[  528.171165][T13036]  sctp_init_sock+0xe2b/0x1300
[  528.171184][T13036]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  528.171204][T13036]  sctp_v6_init_sock+0x16/0x70
[  528.171222][T13036]  ? __pfx_sctp_v6_init_sock+0x10/0x10
[  528.171241][T13036]  inet6_create+0xb21/0x12b0
[  528.171261][T13036]  ? inet6_create+0x7f/0x12b0
[  528.171280][T13036]  __sock_create+0x339/0x860
[  528.171309][T13036]  __sys_socket+0x14d/0x260
[  528.171334][T13036]  ? __pfx___sys_socket+0x10/0x10
[  528.171364][T13036]  __x64_sys_socket+0x72/0xb0
[  528.171387][T13036]  ? lockdep_hardirqs_on+0x78/0x100
[  528.171407][T13036]  do_syscall_64+0x106/0xf80
[  528.171425][T13036]  ? clear_bhb_loop+0x40/0x90
[  528.171447][T13036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.171466][T13036] RIP: 0033:0x7fbb3e59c819
[  528.171482][T13036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  528.171500][T13036] RSP: 002b:00007fbb3f41b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  528.171518][T13036] RAX: ffffffffffffffda RBX: 00007fbb3e816090 RCX: 00007fbb3e59c819
[  528.171530][T13036] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a
[  528.171541][T13036] RBP: 00007fbb3e632c91 R08: 0000000000000000 R09: 0000000000000000
[  528.171552][T13036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  528.171562][T13036] R13: 00007fbb3e816128 R14: 00007fbb3e816090 R15: 00007ffc30191588
[  528.171583][T13036]  </TASK>
[  529.403756][T13048] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1918'.
[  530.723793][T13062] random: crng reseeded on system resumption
[  530.811802][T13062] Restarting kernel threads ...
[  530.843154][T13062] Done restarting kernel threads.
[  532.683526][T13094] random: crng reseeded on system resumption
[  532.752954][T13094] Restarting kernel threads ...
[  532.800075][T13094] Done restarting kernel threads.
[  534.489345][T13128] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1941'.
[  535.216263][T13134] random: crng reseeded on system resumption
[  535.298140][T13134] Restarting kernel threads ...
[  535.360420][T13134] Done restarting kernel threads.
[  536.754753][T13102] Process accounting resumed
[  536.929916][T13166] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1950'.
[  537.655119][T13170] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  540.017087][T13217] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1957'.
[  540.646390][T13206] Process accounting paused
[  541.043533][T13230] random: crng reseeded on system resumption
[  542.849790][T13264] random: crng reseeded on system resumption
[  542.891219][T13264] Restarting kernel threads ...
[  542.916272][T13264] Done restarting kernel threads.
[  544.118781][T13272] Process accounting resumed
[  545.046136][T13298] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1979'.
[  547.798017][T13340] random: crng reseeded on system resumption
[  548.343825][T10947] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  550.091384][T13383] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2004'.
[  551.900994][T13405] FAULT_INJECTION: forcing a failure.
[  551.900994][T13405] name failslab, interval 1, probability 0, space 0, times 0
[  552.036177][T13405] CPU: 0 UID: 0 PID: 13405 Comm: syz.1.2009 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  552.036211][T13405] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  552.036218][T13405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  552.036229][T13405] Call Trace:
[  552.036235][T13405]  <TASK>
[  552.036242][T13405]  dump_stack_lvl+0x100/0x190
[  552.036276][T13405]  should_fail_ex.cold+0x5/0xa
[  552.036299][T13405]  should_failslab+0xc2/0x120
[  552.036321][T13405]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  552.036351][T13405]  ? ptlock_alloc+0x1f/0x70
[  552.036381][T13405]  ? __pfx_filemap_map_pages+0x10/0x10
[  552.036410][T13405]  ptlock_alloc+0x1f/0x70
[  552.036436][T13405]  pte_alloc_one+0x82/0x3d0
[  552.036458][T13405]  __do_fault+0x359/0x550
[  552.036479][T13405]  ? __pfx_filemap_map_pages+0x10/0x10
[  552.036507][T13405]  do_fault+0x2db/0x18e0
[  552.036530][T13405]  ? __pmd_alloc+0x3fb/0x950
[  552.036555][T13405]  __handle_mm_fault+0x1815/0x2b60
[  552.036591][T13405]  ? mt_find+0x45e/0x8e0
[  552.036614][T13405]  ? __pfx___handle_mm_fault+0x10/0x10
[  552.036639][T13405]  ? __pfx_mt_find+0x10/0x10
[  552.036673][T13405]  ? find_vma+0xbf/0x140
[  552.036691][T13405]  ? __pfx_find_vma+0x10/0x10
[  552.036712][T13405]  handle_mm_fault+0x36d/0xa20
[  552.036744][T13405]  do_user_addr_fault+0x74c/0x12f0
[  552.036769][T13405]  exc_page_fault+0x6f/0xd0
[  552.036789][T13405]  asm_exc_page_fault+0x26/0x30
[  552.036807][T13405] RIP: 0010:filldir+0x1cd/0x650
[  552.036835][T13405] Code: c5 7a ff 4c 89 e6 4c 89 f7 e8 2f bf 7a ff 48 83 7c 24 28 00 0f 85 78 02 00 00 e8 fe c4 7a ff 0f 01 cb 0f ae e8 48 8b 44 24 08 <49> 89 46 08 e8 ea c4 7a ff 4c 8b 74 24 30 48 8b 44 24 10 49 89 06
[  552.036853][T13405] RSP: 0018:ffffc90003377c98 EFLAGS: 00050293
[  552.036868][T13405] RAX: 0000000000000000 RBX: ffffc90003377e60 RCX: ffffffff828d7e31
[  552.036880][T13405] RDX: ffff8880282a9e80 RSI: ffffffff828d7e42 RDI: ffff8880282a9e80
[  552.036891][T13405] RBP: ffffffff8bc90f40 R08: 0000000000000006 R09: 0000000000000000
[  552.036901][T13405] R10: 0000000000000018 R11: 0000000000000000 R12: 0000000000000018
[  552.036918][T13405] R13: ffffc90003377e84 R14: 0000000000000000 R15: 0000000000000001
[  552.036935][T13405]  ? filldir+0x1b1/0x650
[  552.036961][T13405]  ? filldir+0x1c2/0x650
[  552.036992][T13405]  ? filldir+0x1c2/0x650
[  552.037025][T13405]  ? __pfx_filldir+0x10/0x10
[  552.037051][T13405]  proc_readdir_de+0x21e/0x6f0
[  552.037077][T13405]  proc_readdir+0xf7/0x140
[  552.037098][T13405]  proc_root_readdir+0x5e/0xd0
[  552.037117][T13405]  iterate_dir+0x296/0xae0
[  552.037149][T13405]  __x64_sys_getdents+0x13b/0x2b0
[  552.037184][T13405]  ? __pfx___x64_sys_getdents+0x10/0x10
[  552.037213][T13405]  ? fput+0x79/0x100
[  552.037235][T13405]  ? __pfx_filldir+0x10/0x10
[  552.037271][T13405]  do_syscall_64+0x106/0xf80
[  552.037290][T13405]  ? clear_bhb_loop+0x40/0x90
[  552.037312][T13405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.037331][T13405] RIP: 0033:0x7fbb3e59c819
[  552.037346][T13405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  552.037363][T13405] RSP: 002b:00007fbb3f41b028 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  552.037380][T13405] RAX: ffffffffffffffda RBX: 00007fbb3e816090 RCX: 00007fbb3e59c819
[  552.037391][T13405] RDX: 0000000000000401 RSI: 0000000000000000 RDI: 0000000000000003
[  552.037402][T13405] RBP: 00007fbb3f41b090 R08: 0000000000000000 R09: 0000000000000000
[  552.037412][T13405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.037423][T13405] R13: 00007fbb3e816128 R14: 00007fbb3e816090 R15: 00007ffc30191588
[  552.037447][T13405]  </TASK>
[  553.016514][T13404] Process accounting resumed
[  553.266935][T13419] Invalid ELF header magic: != ELF
[  556.463367][T13500] FAULT_INJECTION: forcing a failure.
[  556.463367][T13500] name failslab, interval 1, probability 0, space 0, times 0
[  556.606641][T13500] CPU: 0 UID: 0 PID: 13500 Comm: syz.3.2025 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  556.606674][T13500] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  556.606681][T13500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  556.606700][T13500] Call Trace:
[  556.606706][T13500]  <TASK>
[  556.606713][T13500]  dump_stack_lvl+0x100/0x190
[  556.606747][T13500]  should_fail_ex.cold+0x5/0xa
[  556.606770][T13500]  should_failslab+0xc2/0x120
[  556.606792][T13500]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  556.606821][T13500]  ? mas_alloc_nodes+0x280/0x390
[  556.606854][T13500]  mas_alloc_nodes+0x280/0x390
[  556.606886][T13500]  mas_preallocate+0x39c/0xf10
[  556.606906][T13500]  ? __memcg_slab_post_alloc_hook+0x4a0/0x990
[  556.606933][T13500]  ? __pfx_mas_preallocate+0x10/0x10
[  556.606961][T13500]  ? anon_vma_name+0x5a/0x250
[  556.606988][T13500]  __split_vma+0x33d/0xd90
[  556.607019][T13500]  ? __pfx___split_vma+0x10/0x10
[  556.607052][T13500]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  556.607077][T13500]  vma_modify+0x1121/0x2250
[  556.607108][T13500]  ? __lock_acquire+0x4a5/0x2630
[  556.607133][T13500]  ? __pfx_vma_modify+0x10/0x10
[  556.607166][T13500]  vma_modify_flags+0x257/0x3d0
[  556.607195][T13500]  ? __pfx_vma_modify_flags+0x10/0x10
[  556.607238][T13500]  ? may_expand_vm+0xf3/0x250
[  556.607263][T13500]  mprotect_fixup+0x209/0xb70
[  556.607294][T13500]  ? __pfx_mprotect_fixup+0x10/0x10
[  556.607322][T13500]  ? __pfx_mas_prev+0x10/0x10
[  556.607348][T13500]  do_mprotect_pkey+0x9e1/0xe70
[  556.607382][T13500]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  556.607410][T13500]  ? __mutex_unlock_slowpath+0x15c/0x790
[  556.607438][T13500]  ? __fget_files+0x21f/0x3d0
[  556.607464][T13500]  ? __pfx_ksys_write+0x10/0x10
[  556.607487][T13500]  __x64_sys_mprotect+0x78/0xc0
[  556.607513][T13500]  ? lockdep_hardirqs_on+0x78/0x100
[  556.607532][T13500]  do_syscall_64+0x106/0xf80
[  556.607551][T13500]  ? clear_bhb_loop+0x40/0x90
[  556.607574][T13500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.607593][T13500] RIP: 0033:0x7fa14a19c819
[  556.607609][T13500] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  556.607626][T13500] RSP: 002b:00007fa1483f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[  556.607644][T13500] RAX: ffffffffffffffda RBX: 00007fa14a416090 RCX: 00007fa14a19c819
[  556.607656][T13500] RDX: 0000000000000006 RSI: 0000000000806121 RDI: 0000200000000000
[  556.607672][T13500] RBP: 00007fa1483f6090 R08: 0000000000000000 R09: 0000000000000000
[  556.607682][T13500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.607698][T13500] R13: 00007fa14a416128 R14: 00007fa14a416090 R15: 00007ffca359e1e8
[  556.607721][T13500]  </TASK>
[  558.023506][T13516] ubi0: attaching mtd0
[  558.059981][T13516] ubi0: scanning is finished
[  558.089767][T13516] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  558.407759][T13516] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  558.829767][T13536] FAULT_INJECTION: forcing a failure.
[  558.829767][T13536] name failslab, interval 1, probability 0, space 0, times 0
[  558.944062][T13536] CPU: 0 UID: 0 PID: 13536 Comm: syz.4.2033 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  558.944096][T13536] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  558.944103][T13536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  558.944113][T13536] Call Trace:
[  558.944120][T13536]  <TASK>
[  558.944127][T13536]  dump_stack_lvl+0x100/0x190
[  558.944161][T13536]  should_fail_ex.cold+0x5/0xa
[  558.944184][T13536]  should_failslab+0xc2/0x120
[  558.944205][T13536]  __kmalloc_cache_noprof+0x7a/0x6f0
[  558.944232][T13536]  ? can_pernet_init+0x11c/0x370
[  558.944264][T13536]  ? __pfx_can_pernet_init+0x10/0x10
[  558.944294][T13536]  can_pernet_init+0x11c/0x370
[  558.944324][T13536]  ? __pfx_can_pernet_init+0x10/0x10
[  558.944352][T13536]  ops_init+0x1e2/0x5f0
[  558.944373][T13536]  setup_net+0x118/0x3a0
[  558.944393][T13536]  ? __pfx_setup_net+0x10/0x10
[  558.944412][T13536]  ? lockdep_init_map_type+0x5c/0x250
[  558.944438][T13536]  ? mutex_init_lockep+0x110/0x150
[  558.944468][T13536]  copy_net_ns+0x46f/0x7c0
[  558.944491][T13536]  create_new_namespaces+0x3ea/0xac0
[  558.944516][T13536]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  558.944539][T13536]  ksys_unshare+0x473/0xad0
[  558.944565][T13536]  ? __pfx_ksys_unshare+0x10/0x10
[  558.944597][T13536]  __x64_sys_unshare+0x31/0x40
[  558.944622][T13536]  do_syscall_64+0x106/0xf80
[  558.944641][T13536]  ? clear_bhb_loop+0x40/0x90
[  558.944664][T13536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  558.944682][T13536] RIP: 0033:0x7f2be459c819
[  558.944699][T13536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  558.944716][T13536] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  558.944734][T13536] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  558.944746][T13536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  558.944757][T13536] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  558.944768][T13536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  558.944779][T13536] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  558.944802][T13536]  </TASK>
[  560.301359][T13551] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2037'.
[  560.433001][T13559] FAULT_INJECTION: forcing a failure.
[  560.433001][T13559] name failslab, interval 1, probability 0, space 0, times 0
[  560.520104][T13559] CPU: 0 UID: 0 PID: 13559 Comm: syz.6.2040 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  560.520139][T13559] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  560.520147][T13559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  560.520158][T13559] Call Trace:
[  560.520165][T13559]  <TASK>
[  560.520173][T13559]  dump_stack_lvl+0x100/0x190
[  560.520208][T13559]  should_fail_ex.cold+0x5/0xa
[  560.520231][T13559]  should_failslab+0xc2/0x120
[  560.520253][T13559]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  560.520285][T13559]  ? copy_process+0x48b/0x7a40
[  560.520307][T13559]  ? rcu_is_watching+0x12/0xc0
[  560.520341][T13559]  copy_process+0x48b/0x7a40
[  560.520363][T13559]  ? __lock_acquire+0x4a5/0x2630
[  560.520398][T13559]  ? __pfx_copy_process+0x10/0x10
[  560.520421][T13559]  ? find_held_lock+0x2b/0x80
[  560.520449][T13559]  kernel_clone+0xfc/0x9a0
[  560.520470][T13559]  ? find_held_lock+0x2b/0x80
[  560.520490][T13559]  ? __pfx_kernel_clone+0x10/0x10
[  560.520525][T13559]  __do_sys_clone+0xd9/0x120
[  560.520549][T13559]  ? __pfx___do_sys_clone+0x10/0x10
[  560.520581][T13559]  ? ksys_write+0x1ac/0x250
[  560.520600][T13559]  ? __pfx_ksys_write+0x10/0x10
[  560.520625][T13559]  do_syscall_64+0x106/0xf80
[  560.520645][T13559]  ? clear_bhb_loop+0x40/0x90
[  560.520668][T13559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.520688][T13559] RIP: 0033:0x7f4bd199c819
[  560.520704][T13559] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  560.520723][T13559] RSP: 002b:00007f4bd292bfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  560.520742][T13559] RAX: ffffffffffffffda RBX: 00007f4bd1c15fa0 RCX: 00007f4bd199c819
[  560.520755][T13559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001002000
[  560.520766][T13559] RBP: 00007f4bd292c090 R08: 0000000000000000 R09: 0000000000000000
[  560.520786][T13559] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  560.520797][T13559] R13: 00007f4bd1c16038 R14: 00007f4bd1c15fa0 R15: 00007ffc369a8ae8
[  560.520820][T13559]  </TASK>
[  561.538532][T13579] vivid-007: =================  START STATUS  =================
[  561.578010][T13579] vivid-007: Generate PTS: true
[  561.605285][T13579] vivid-007: Generate SCR: true
[  561.648020][T13579] tpg source WxH: 320x240 (Y'CbCr)
[  561.681651][T13579] tpg field: 1
[  561.685059][T13579] tpg crop: (0,0)/320x240
[  561.714603][T13579] tpg compose: (0,0)/320x240
[  561.732694][T13579] tpg colorspace: 8
[  561.750667][T13579] tpg transfer function: 0/0
[  561.789952][T13579] tpg Y'CbCr encoding: 0/0
[  561.802328][T13579] tpg quantization: 0/0
[  561.812383][T13579] tpg RGB range: 0/2
[  561.831644][T13579] vivid-007: ==================  END STATUS  ==================
[  561.965508][T13590] netlink: 252 bytes leftover after parsing attributes in process `syz.6.2047'.
[  562.159094][T10741] NFSD: Failed to start, no listeners configured.
[  562.176540][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  562.182872][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.198726][T10947] Bluetooth: hci4: unexpected event 0x1d length: 6 > 5
[  563.679823][T13628] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd12
[  565.108387][T10947] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5
[  565.574697][T13656] kexec: Could not allocate control_code_buffer
[  567.003228][T13695] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2076'.
[  567.202141][T13704] vivid-007: =================  START STATUS  =================
[  567.233185][T13704] vivid-007: Generate PTS: true
[  567.239407][T13704] vivid-007: Generate SCR: true
[  567.285974][T13704] tpg source WxH: 320x240 (Y'CbCr)
[  567.312864][T13704] tpg field: 1
[  567.316471][T13704] tpg crop: (0,0)/320x240
[  567.351467][T13704] tpg compose: (0,0)/320x240
[  567.376601][T13704] tpg colorspace: 8
[  567.394428][T13704] tpg transfer function: 0/0
[  567.419034][T13704] tpg Y'CbCr encoding: 0/0
[  567.443286][T13704] tpg quantization: 0/0
[  567.466874][T13704] tpg RGB range: 0/2
[  567.484664][T13704] vivid-007: ==================  END STATUS  ==================
[  568.034545][T13713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2079'.
[  568.500656][T13725] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2084'.
[  570.072437][T13756] FAULT_INJECTION: forcing a failure.
[  570.072437][T13756] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.254362][T13756] CPU: 0 UID: 0 PID: 13756 Comm: syz.6.2091 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  570.254396][T13756] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  570.254404][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  570.254415][T13756] Call Trace:
[  570.254422][T13756]  <TASK>
[  570.254429][T13756]  dump_stack_lvl+0x100/0x190
[  570.254464][T13756]  should_fail_ex.cold+0x5/0xa
[  570.254487][T13756]  _copy_from_user+0x2e/0xd0
[  570.254514][T13756]  kstrtouint_from_user+0xd6/0x1d0
[  570.254546][T13756]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  570.254577][T13756]  ? __lock_acquire+0x4a5/0x2630
[  570.254605][T13756]  ? lock_acquire+0x1cf/0x380
[  570.254635][T13756]  proc_fail_nth_write+0x83/0x220
[  570.254660][T13756]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  570.254692][T13756]  vfs_write+0x2aa/0x1070
[  570.254712][T13756]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  570.254746][T13756]  ? __pfx_vfs_write+0x10/0x10
[  570.254764][T13756]  ? __fget_files+0x215/0x3d0
[  570.254788][T13756]  ? __fget_files+0x21f/0x3d0
[  570.254813][T13756]  ksys_write+0x12a/0x250
[  570.254832][T13756]  ? __pfx_ksys_write+0x10/0x10
[  570.254850][T13756]  ? __pfx___x64_sys_shmat+0x10/0x10
[  570.254885][T13756]  do_syscall_64+0x106/0xf80
[  570.254905][T13756]  ? clear_bhb_loop+0x40/0x90
[  570.254929][T13756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.254948][T13756] RIP: 0033:0x7f4bd195d04e
[  570.254964][T13756] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  570.254983][T13756] RSP: 002b:00007f4bd28e9fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  570.255002][T13756] RAX: ffffffffffffffda RBX: 00007f4bd28ea6c0 RCX: 00007f4bd195d04e
[  570.255015][T13756] RDX: 0000000000000001 RSI: 00007f4bd28ea0a0 RDI: 0000000000000003
[  570.255026][T13756] RBP: 00007f4bd28ea090 R08: 0000000000000000 R09: 0000000000000000
[  570.255037][T13756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.255048][T13756] R13: 00007f4bd1c16218 R14: 00007f4bd1c16180 R15: 00007ffc369a8ae8
[  570.255071][T13756]  </TASK>
[  570.539978][T13758] FAULT_INJECTION: forcing a failure.
[  570.539978][T13758] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.553189][T13758] CPU: 0 UID: 0 PID: 13758 Comm: syz.1.2094 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  570.553224][T13758] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  570.553232][T13758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  570.553243][T13758] Call Trace:
[  570.553253][T13758]  <TASK>
[  570.553261][T13758]  dump_stack_lvl+0x100/0x190
[  570.553295][T13758]  should_fail_ex.cold+0x5/0xa
[  570.553318][T13758]  _copy_to_user+0x32/0xd0
[  570.553346][T13758]  simple_read_from_buffer+0xcb/0x170
[  570.553379][T13758]  proc_fail_nth_read+0x1af/0x230
[  570.553406][T13758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  570.553433][T13758]  ? rw_verify_area+0xce/0x6d0
[  570.553461][T13758]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  570.553486][T13758]  vfs_read+0x1e4/0xb30
[  570.553507][T13758]  ? __pfx_vfs_read+0x10/0x10
[  570.553525][T13758]  ? __fget_files+0x215/0x3d0
[  570.553565][T13758]  ? __fget_files+0x21f/0x3d0
[  570.553590][T13758]  ksys_read+0x12a/0x250
[  570.553608][T13758]  ? __pfx_ksys_read+0x10/0x10
[  570.553633][T13758]  do_syscall_64+0x106/0xf80
[  570.553654][T13758]  ? clear_bhb_loop+0x40/0x90
[  570.553677][T13758]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.553697][T13758] RIP: 0033:0x7fbb3e55d04e
[  570.553714][T13758] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  570.553733][T13758] RSP: 002b:00007fbb3f43bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  570.553752][T13758] RAX: ffffffffffffffda RBX: 00007fbb3f43c6c0 RCX: 00007fbb3e55d04e
[  570.553764][T13758] RDX: 000000000000000f RSI: 00007fbb3f43c0a0 RDI: 0000000000000003
[  570.553775][T13758] RBP: 00007fbb3f43c090 R08: 0000000000000000 R09: 0000000000000000
[  570.553786][T13758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.553797][T13758] R13: 00007fbb3e816038 R14: 00007fbb3e815fa0 R15: 00007ffc30191588
[  570.553821][T13758]  </TASK>
[  570.967956][T13757] Process accounting resumed
[  571.659731][T13776] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2100'.
[  571.806841][T13783] FAULT_INJECTION: forcing a failure.
[  571.806841][T13783] name fail_futex, interval 1, probability 0, space 0, times 0
[  571.885808][T13783] CPU: 0 UID: 0 PID: 13783 Comm: syz.6.2103 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  571.885848][T13783] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  571.885855][T13783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  571.885866][T13783] Call Trace:
[  571.885873][T13783]  <TASK>
[  571.885881][T13783]  dump_stack_lvl+0x100/0x190
[  571.885915][T13783]  should_fail_ex.cold+0x5/0xa
[  571.885939][T13783]  get_futex_key+0x295/0x1620
[  571.885965][T13783]  ? __pfx_get_futex_key+0x10/0x10
[  571.885988][T13783]  ? lock_acquire+0x1cf/0x380
[  571.886020][T13783]  futex_wake+0xea/0x530
[  571.886052][T13783]  ? __pfx_futex_wake+0x10/0x10
[  571.886081][T13783]  ? exit_mm_release+0x19/0x30
[  571.886112][T13783]  do_futex+0x32b/0x350
[  571.886138][T13783]  ? __pfx_do_futex+0x10/0x10
[  571.886162][T13783]  ? __might_fault+0xc5/0x140
[  571.886197][T13783]  mm_release+0x24a/0x2f0
[  571.886217][T13783]  do_exit+0x704/0x2b60
[  571.886247][T13783]  ? __pfx_do_exit+0x10/0x10
[  571.886272][T13783]  ? do_raw_spin_lock+0x128/0x260
[  571.886300][T13783]  ? find_held_lock+0x2b/0x80
[  571.886318][T13783]  ? get_signal+0x7e0/0x21e0
[  571.886340][T13783]  do_group_exit+0xd5/0x2a0
[  571.886369][T13783]  get_signal+0x1ec7/0x21e0
[  571.886397][T13783]  ? __pfx_get_signal+0x10/0x10
[  571.886419][T13783]  ? do_futex+0x192/0x350
[  571.886446][T13783]  arch_do_signal_or_restart+0x91/0x770
[  571.886472][T13783]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  571.886503][T13783]  ? __pfx___x64_sys_futex+0x10/0x10
[  571.886545][T13783]  exit_to_user_mode_loop+0x86/0x4a0
[  571.886574][T13783]  do_syscall_64+0x668/0xf80
[  571.886594][T13783]  ? clear_bhb_loop+0x40/0x90
[  571.886617][T13783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.886636][T13783] RIP: 0033:0x7f4bd199c819
[  571.886653][T13783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  571.886672][T13783] RSP: 002b:00007f4bd292c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  571.886690][T13783] RAX: fffffffffffffe00 RBX: 00007f4bd1c15fa8 RCX: 00007f4bd199c819
[  571.886702][T13783] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4bd1c15fa8
[  571.886714][T13783] RBP: 00007f4bd1c15fa0 R08: 0000000000000000 R09: 0000000000000000
[  571.886725][T13783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  571.886736][T13783] R13: 00007f4bd1c16038 R14: 00007ffc369a8a00 R15: 00007ffc369a8ae8
[  571.886759][T13783]  </TASK>
[  572.490313][T13789] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2104'.
[  572.519313][T13789] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2104'.
[  574.158651][T13822] Process accounting paused
[  574.486731][T11806] Bluetooth: hci5: command 0x0406 tx timeout
[  574.586526][T13833] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2115'.
[  574.608038][T13833] netlink: 252 bytes leftover after parsing attributes in process `syz.3.2115'.
[  576.196903][T13869] FAULT_INJECTION: forcing a failure.
[  576.196903][T13869] name failslab, interval 1, probability 0, space 0, times 0
[  576.329842][T13872] FAULT_INJECTION: forcing a failure.
[  576.329842][T13872] name failslab, interval 1, probability 0, space 0, times 0
[  576.366376][T13869] CPU: 0 UID: 0 PID: 13869 Comm: syz.1.2122 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  576.366410][T13869] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  576.366417][T13869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  576.366429][T13869] Call Trace:
[  576.366436][T13869]  <TASK>
[  576.366443][T13869]  dump_stack_lvl+0x100/0x190
[  576.366476][T13869]  should_fail_ex.cold+0x5/0xa
[  576.366498][T13869]  should_failslab+0xc2/0x120
[  576.366528][T13869]  __kvmalloc_node_noprof+0xfa/0xa00
[  576.366546][T13869]  ? v4l2_ctrl_new+0x4a6/0x23a0
[  576.366566][T13869]  ? register_lock_class+0x40/0x560
[  576.366597][T13869]  v4l2_ctrl_new+0x4a6/0x23a0
[  576.366626][T13869]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[  576.366647][T13869]  ? lock_acquire+0x1cf/0x380
[  576.366675][T13869]  ? rcu_is_watching+0x12/0xc0
[  576.366708][T13869]  v4l2_ctrl_new_std+0x1bb/0x290
[  576.366735][T13869]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[  576.366761][T13869]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  576.366786][T13869]  ? __asan_memset+0x23/0x50
[  576.366813][T13869]  ? __asan_memcpy+0x3c/0x60
[  576.366840][T13869]  ? find_ref+0x209/0x420
[  576.366861][T13869]  handler_new_ref+0x82f/0xc60
[  576.366887][T13869]  v4l2_ctrl_new+0xe67/0x23a0
[  576.366915][T13869]  ? __pfx_v4l2_ctrl_new+0x10/0x10
[  576.366946][T13869]  v4l2_ctrl_new_std+0x1bb/0x290
[  576.366973][T13869]  ? __pfx_v4l2_ctrl_new_std+0x10/0x10
[  576.366997][T13869]  ? trace_kmalloc+0x101/0x130
[  576.367016][T13869]  ? __kasan_kmalloc+0xaa/0xb0
[  576.367035][T13869]  ? v4l2_ctrl_handler_init_class+0x201/0x350
[  576.367056][T13869]  ? lockdep_set_lock_cmp_fn+0x60/0xe0
[  576.367083][T13869]  ? media_request_object_init+0x105/0x180
[  576.367106][T13869]  vim2m_open+0x140/0x830
[  576.367138][T13869]  v4l2_open+0x1d2/0x490
[  576.367158][T13869]  ? __pfx_v4l2_open+0x10/0x10
[  576.367179][T13869]  chrdev_open+0x234/0x6a0
[  576.367199][T13869]  ? __pfx_apparmor_file_open+0x10/0x10
[  576.367221][T13869]  ? __pfx_chrdev_open+0x10/0x10
[  576.367242][T13869]  ? fsnotify_open_perm_and_set_mode+0x17a/0xa80
[  576.367268][T13869]  do_dentry_open+0x6d8/0x1660
[  576.367288][T13869]  ? __pfx_chrdev_open+0x10/0x10
[  576.367313][T13869]  vfs_open+0x82/0x3f0
[  576.367340][T13869]  path_openat+0x208c/0x31a0
[  576.367368][T13869]  ? __pfx_path_openat+0x10/0x10
[  576.367402][T13869]  do_file_open+0x20e/0x430
[  576.367425][T13869]  ? __pfx_do_file_open+0x10/0x10
[  576.367462][T13869]  ? alloc_fd+0x476/0x790
[  576.367484][T13869]  ? do_getname+0x191/0x390
[  576.367517][T13869]  do_sys_openat2+0x10d/0x1e0
[  576.367543][T13869]  ? __pfx_do_sys_openat2+0x10/0x10
[  576.367578][T13869]  __x64_sys_openat+0x12d/0x210
[  576.367604][T13869]  ? __pfx___x64_sys_openat+0x10/0x10
[  576.367640][T13869]  do_syscall_64+0x106/0xf80
[  576.367659][T13869]  ? clear_bhb_loop+0x40/0x90
[  576.367683][T13869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.367702][T13869] RIP: 0033:0x7fbb3e59c819
[  576.367718][T13869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  576.367735][T13869] RSP: 002b:00007fbb3f41b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  576.367754][T13869] RAX: ffffffffffffffda RBX: 00007fbb3e816090 RCX: 00007fbb3e59c819
[  576.367766][T13869] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  576.367778][T13869] RBP: 00007fbb3e632c91 R08: 0000000000000000 R09: 0000000000000000
[  576.367790][T13869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  576.367801][T13869] R13: 00007fbb3e816128 R14: 00007fbb3e816090 R15: 00007ffc30191588
[  576.367826][T13869]  </TASK>
[  576.773946][T13872] CPU: 0 UID: 0 PID: 13872 Comm: syz.4.2124 Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  576.773986][T13872] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  576.773993][T13872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  576.774005][T13872] Call Trace:
[  576.774012][T13872]  <TASK>
[  576.774019][T13872]  dump_stack_lvl+0x100/0x190
[  576.774053][T13872]  should_fail_ex.cold+0x5/0xa
[  576.774075][T13872]  ? video_usercopy+0x145/0x14d0
[  576.774094][T13872]  should_failslab+0xc2/0x120
[  576.774116][T13872]  __kmalloc_noprof+0xe0/0x850
[  576.774149][T13872]  video_usercopy+0x145/0x14d0
[  576.774169][T13872]  ? __pfx___video_do_ioctl+0x10/0x10
[  576.774191][T13872]  ? __pfx_video_usercopy+0x10/0x10
[  576.774233][T13872]  ? __fget_files+0x21f/0x3d0
[  576.774255][T13872]  v4l2_ioctl+0x1bd/0x250
[  576.774292][T13872]  ? __pfx_v4l2_ioctl+0x10/0x10
[  576.774314][T13872]  __x64_sys_ioctl+0x18e/0x210
[  576.774344][T13872]  do_syscall_64+0x106/0xf80
[  576.774363][T13872]  ? clear_bhb_loop+0x40/0x90
[  576.774386][T13872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.774405][T13872] RIP: 0033:0x7f2be459c819
[  576.774422][T13872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  576.774443][T13872] RSP: 002b:00007f2be27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  576.774462][T13872] RAX: ffffffffffffffda RBX: 00007f2be4815fa0 RCX: 00007f2be459c819
[  576.774474][T13872] RDX: 0000000000000005 RSI: 0000000080885659 RDI: 0000000000000005
[  576.774485][T13872] RBP: 00007f2be4632c91 R08: 0000000000000000 R09: 0000000000000000
[  576.774496][T13872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  576.774506][T13872] R13: 00007f2be4816038 R14: 00007f2be4815fa0 R15: 00007ffe59a50768
[  576.774530][T13872]  </TASK>
[  577.645945][T13888] ubi0: attaching mtd0
[  577.679435][T13888] ubi0: scanning is finished
[  577.710672][T13888] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  577.935168][T13888] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  578.275282][T13898] random: crng reseeded on system resumption
[  578.321184][T13893] Restarting kernel threads ...
[  578.355968][T13893] Done restarting kernel threads.
[  578.593309][T13902] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2135'.
[  578.672565][T13909] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  578.679567][T13909] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  579.772716][T13934] netlink: 330 bytes leftover after parsing attributes in process `syz.6.2144'.
[  579.829863][T13934] mac80211_hwsim hwsim22 ›: renamed from wlan0 (while UP)
[  580.604216][T13951] netlink: 206 bytes leftover after parsing attributes in process `syz.4.2150'.
[  581.285472][T13962] bond0: option packets_per_slave: invalid value (cover enable write trace failed, mode=0)
[  581.380576][T13962] bond0: option packets_per_slave: allowed values 0 - 65535
[  581.426610][T13962] bond0: option packets_per_slave: invalid value ( (errno 9))
[  581.454809][T13962] bond0: option packets_per_slave: allowed values 0 - 65535
[  582.239820][T13952] kexec: Could not allocate control_code_buffer
[  582.494469][T13984] random: crng reseeded on system resumption
[  582.542531][T13984] Restarting kernel threads ...
[  582.552168][T13984] Done restarting kernel threads.
[  583.343449][T13981] Process accounting paused
[  584.019455][    T9] Process accounting resumed
[  584.093181][T14001] Process accounting resumed
[  584.218332][T14015] openvswitch: netlink: Flow actions attr not present in new flow.
[  586.093020][T14041] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2171'.
[  587.450196][T14063] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2178'.
[  587.484831][T14063] ipvlan1: entered promiscuous mode
[  587.500474][T14063] ipvlan1: entered allmulticast mode
[  587.532324][T14063] veth0_vlan: entered allmulticast mode
[  590.081043][T10947] Bluetooth: hci7: Opcode 0x0c03 failed: -110
[  592.259848][T14116] random: crng reseeded on system resumption
[  592.296177][T14116] Restarting kernel threads ...
[  592.317790][T14116] Done restarting kernel threads.
[  594.844839][T14144] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2196'.
[  594.874396][T14144] ipvlan1: left promiscuous mode
[  594.891948][T14144] ipvlan1: left allmulticast mode
[  594.916176][T14144] veth0_vlan: left allmulticast mode
[  594.973142][T11806] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  594.983945][T11806] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  594.995499][T11806] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  595.003108][T11806] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  595.012631][T11806] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  595.254481][   T31] INFO: task syz.0.1546:11590 blocked for more than 143 seconds.
[  595.265861][   T31]       Tainted: G     U       L      syzkaller #0
[  595.272538][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  595.351406][   T31] task:syz.0.1546      state:D stack:26200 pid:11590 tgid:11588 ppid:5830   task_flags:0x400140 flags:0x00080002
[  595.463247][   T31] Call Trace:
[  595.466784][   T31]  <TASK>
[  595.469922][   T31]  __schedule+0xfee/0x6120
[  595.582657][   T31]  ? __lock_acquire+0x4a5/0x2630
[  595.630810][   T31]  ? kasan_save_stack+0x30/0x50
[  595.691741][   T31]  ? __pfx___schedule+0x10/0x10
[  595.696797][   T31]  ? find_held_lock+0x2b/0x80
[  595.739758][   T31]  ? schedule+0x2bf/0x390
[  595.762722][   T31]  schedule+0xdd/0x390
[  595.767095][   T31]  schedule_preempt_disabled+0x13/0x30
[  595.807015][   T31]  __mutex_lock+0xc9a/0x1b90
[  595.831093][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  595.855663][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  595.860740][   T31]  ? net_generic+0xea/0x2a0
[  595.899525][   T31]  ? net_generic+0xea/0x2a0
[  595.919167][   T31]  ? nfsd_nl_threads_set_doit+0x6c1/0xc00
[  595.930741][   T31]  nfsd_nl_threads_set_doit+0x6c1/0xc00
[  595.936465][   T31]  genl_family_rcv_msg_doit+0x214/0x300
[  595.973427][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  595.979630][   T31]  ? genl_get_cmd+0x3ef/0x720
[  596.013599][   T31]  ? bpf_lsm_capable+0x9/0x10
[  596.018385][   T31]  ? security_capable+0x80/0x260
[  596.041667][   T31]  genl_rcv_msg+0x560/0x800
[  596.046284][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  596.077717][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[  596.106462][   T31]  netlink_rcv_skb+0x159/0x420
[  596.119600][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[  596.124782][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  596.149461][   T31]  ? netlink_deliver_tap+0x1ae/0xcc0
[  596.154824][   T31]  genl_rcv+0x28/0x40
[  596.158834][   T31]  netlink_unicast+0x5aa/0x870
[  596.179331][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[  596.184793][   T31]  netlink_sendmsg+0x8b0/0xda0
[  596.201999][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  596.207356][   T31]  ? __import_iovec+0x1d2/0x640
[  596.219306][   T31]  ? aa_sock_msg_perm.isra.0+0x100/0x1b0
[  596.225179][   T31]  ____sys_sendmsg+0x9e1/0xb70
[  596.248945][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[  596.254435][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[  596.269389][   T31]  ? __pfx_futex_wake_mark+0x10/0x10
[  596.279514][   T31]  ___sys_sendmsg+0x190/0x1e0
[  596.284292][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[  596.298992][   T31]  __sys_sendmsg+0x170/0x220
[  596.303660][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[  596.328550][   T31]  ? __x64_sys_futex+0x34f/0x4d0
[  596.334066][   T31]  do_syscall_64+0x106/0xf80
[  596.345725][   T31]  ? clear_bhb_loop+0x40/0x90
[  596.351096][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  596.357060][   T31] RIP: 0033:0x7f021419c819
[  596.361994][   T31] RSP: 002b:00007f0215020028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  596.372770][   T31] RAX: ffffffffffffffda RBX: 00007f0214415fa0 RCX: 00007f021419c819
[  596.381695][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000005
[  596.390557][   T31] RBP: 00007f0214232c91 R08: 0000000000000000 R09: 0000000000000000
[  596.399020][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  596.407295][   T31] R13: 00007f0214416038 R14: 00007f0214415fa0 R15: 00007fff532d31e8
[  596.416015][   T31]  </TASK>
[  596.538121][   T31] 
[  596.538121][   T31] Showing all locks held in the system:
[  596.545889][   T31] 3 locks held by kworker/0:0/9:
[  596.626958][   T31]  #0: ffff8880b843b360 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2c/0x140
[  596.716980][   T31]  #1: ffff88806a98e008 (&____s->seqcount#18){--.-}-{0:0}, at: trace_ignore_this_task+0xbc/0x100
[  596.776517][   T31]  #2: ffff8880b843b360 (&rq->__lock){-.-.}-{2:2}, at: finish_task_switch.isra.0+0x14a/0xb80
[  596.829894][   T31] 1 lock held by khungtaskd/31:
[  596.835235][   T31]  #0: ffffffff8e7e7760 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184
[  596.935943][   T31] 2 locks held by getty/6034:
[  596.985664][   T31]  #0: ffff8880385210a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  597.055295][   T31]  #1: ffffc9000362b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500
[  597.089235][T11806] Bluetooth: hci7: command tx timeout
[  597.106685][   T31] 2 locks held by syz.2.1318/10741:
[  597.112118][   T31]  #0: ffffffff906c33f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  597.187756][   T31]  #1: ffffffff8ec58e28 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  597.241560][   T31] 5 locks held by kworker/u10:4/11017:
[  597.255106][   T31]  #0: ffff88801c6b6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1310/0x19a0
[  597.277727][   T31]  #1: ffffc90005407d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x988/0x19a0
[  597.289718][   T31]  #2: ffffffff905fe850 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920
[  597.299375][   T31]  #3: ffffffff906170a8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0
[  597.308871][   T31]  #4: ffffffff8e7f32b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0
[  597.319503][   T31] 2 locks held by syz.0.1546/11590:
[  597.328258][   T31]  #0: ffffffff906c33f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  597.336719][   T31]  #1: ffffffff8ec58e28 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  597.347058][   T31] 3 locks held by syz.4.1636/11922:
[  597.352646][   T31]  #0: ffff88807bb80ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0
[  597.362931][   T31]  #1: ffff88807bb800c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240
[  597.373614][   T31]  #2: ffffffff908b0388 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280
[  597.385610][   T31] 2 locks held by syz.5.1783/12511:
[  597.392142][   T31]  #0: ffffffff906c33f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  597.400952][   T31]  #1: ffffffff8ec58e28 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00
[  597.411671][   T31] 1 lock held by syz.1.1867/12821:
[  597.417450][   T31]  #0: ffffffff906170a8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220
[  597.427424][   T31] 2 locks held by syz.3.2143/13921:
[  597.435688][   T31]  #0: ffffffff906c33f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  597.444380][   T31]  #1: ffffffff8ec58e28 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1a80
[  597.455447][   T31] 2 locks held by syz.3.2143/13924:
[  597.460788][   T31]  #0: ffffffff906c33f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  597.469594][   T31]  #1: ffffffff8ec58e28 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1a80
[  597.480891][   T31] 5 locks held by syz.6.2168/14028:
[  597.487273][   T31]  #0: ffff888050c6cec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0
[  597.498870][   T31]  #1: ffff888050c6c0c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240
[  597.508973][   T31]  #2: ffffffff908b0388 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280
[  597.519520][   T31]  #3: ffff888054c15300 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x95/0x710
[  597.529956][   T31]  #4: ffffffff8e7f32b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0
[  597.540385][   T31] 3 locks held by syz-executor/14146:
[  597.549024][   T31]  #0: ffff888012a54ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0
[  597.559430][   T31]  #1: ffff888012a540c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240
[  597.569520][   T31]  #2: ffffffff908b0388 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280
[  597.619989][   T31] 
[  597.642511][   T31] =============================================
[  597.642511][   T31] 
[  597.650955][   T31] NMI backtrace for cpu 0
[  597.650976][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  597.651004][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  597.651012][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  597.651023][   T31] Call Trace:
[  597.651030][   T31]  <TASK>
[  597.651038][   T31]  dump_stack_lvl+0x100/0x190
[  597.651073][   T31]  nmi_cpu_backtrace.cold+0x12d/0x151
[  597.651105][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  597.651135][   T31]  nmi_trigger_cpumask_backtrace+0x1d7/0x230
[  597.651165][   T31]  sys_info+0x141/0x190
[  597.651188][   T31]  watchdog+0xd25/0x1050
[  597.651213][   T31]  ? __pfx_watchdog+0x10/0x10
[  597.651233][   T31]  ? __kthread_parkme+0x18c/0x230
[  597.651257][   T31]  ? kthread+0x13a/0x450
[  597.651281][   T31]  ? __pfx_watchdog+0x10/0x10
[  597.651305][   T31]  kthread+0x370/0x450
[  597.651329][   T31]  ? __pfx_kthread+0x10/0x10
[  597.651356][   T31]  ret_from_fork+0x754/0xd80
[  597.651386][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  597.651416][   T31]  ? __switch_to+0x7b4/0x1120
[  597.651438][   T31]  ? __pfx_kthread+0x10/0x10
[  597.651464][   T31]  ret_from_fork_asm+0x1a/0x30
[  597.651495][   T31]  </TASK>
[  597.973059][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  597.980234][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U       L      syzkaller #0 PREEMPT(full) 
[  597.991336][   T31] Tainted: [U]=USER, [L]=SOFTLOCKUP
[  597.997008][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  598.007575][   T31] Call Trace:
[  598.011483][   T31]  <TASK>
[  598.014684][   T31]  dump_stack_lvl+0x100/0x190
[  598.019699][   T31]  vpanic+0x552/0x970
[  598.024586][   T31]  ? __pfx_vpanic+0x10/0x10
[  598.029346][   T31]  ? nmi_trigger_cpumask_backtrace+0x182/0x230
[  598.036941][   T31]  panic+0xd1/0xe0
[  598.041060][   T31]  ? __pfx_panic+0x10/0x10
[  598.045861][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b5/0x230
[  598.052639][   T31]  ? nmi_trigger_cpumask_backtrace+0x1f6/0x230
[  598.059295][   T31]  ? nmi_trigger_cpumask_backtrace+0x200/0x230
[  598.065583][   T31]  ? watchdog.cold+0x198/0x1ca
[  598.071298][   T31]  ? watchdog+0xd35/0x1050
[  598.076033][   T31]  watchdog.cold+0x1a9/0x1ca
[  598.081034][   T31]  ? __pfx_watchdog+0x10/0x10
[  598.085931][   T31]  ? __kthread_parkme+0x18c/0x230
[  598.091174][   T31]  ? kthread+0x13a/0x450
[  598.095437][   T31]  ? __pfx_watchdog+0x10/0x10
[  598.100138][   T31]  kthread+0x370/0x450
[  598.104224][   T31]  ? __pfx_kthread+0x10/0x10
[  598.108855][   T31]  ret_from_fork+0x754/0xd80
[  598.113644][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  598.118876][   T31]  ? __switch_to+0x7b4/0x1120
[  598.123578][   T31]  ? __pfx_kthread+0x10/0x10
[  598.128201][   T31]  ret_from_fork_asm+0x1a/0x30
[  598.133027][   T31]  </TASK>
[  598.136144][   T31] Kernel Offset: disabled
[  598.140502][   T31] Rebooting in 86400 seconds..