last executing test programs:

22.877569155s ago: executing program 0 (id=441):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram8/events_poll_msecs\x00', 0x80302, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0x400800000e31, 0xffffffffffffffff, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
fcntl$auto_F_SETFL(r0, 0x4, 0x3)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x20044000)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010025"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff)
select$auto(0x32, &(0x7f00000000c0)={[0x40, 0x54, 0x1, 0xffffffff00000001, 0x7, 0x1000, 0x1, 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x81, 0xfa9]}, &(0x7f0000000140)={[0x100000000, 0x2, 0x9, 0x8, 0x7fffffffffffffff, 0xcfde, 0x3, 0x9, 0x80, 0x302, 0x1, 0xfffffffffffffffa, 0x9, 0xfffffffffffffa26, 0xf, 0x100]}, &(0x7f00000001c0)={[0x5, 0x10000, 0xffff, 0x9, 0x6, 0x1, 0x1, 0x4, 0x8, 0xfffffffffffffff9, 0x4, 0x7fff, 0x2, 0x0, 0x6, 0x6]}, &(0x7f0000000040)={0x367, 0x4})
mmap$auto(0x0, 0x4000e, 0x7, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/etherd/interfaces\x00', 0x70800, 0x0)
recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x4, 0x0, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0)
writev$auto(r2, &(0x7f0000000140)={0x0, 0x1}, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000380), r3)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_active_count\x00', 0x0, 0x0)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x80, 0x0)
r4 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000240)=0x200)
ioctl$auto_SNDCTL_TMR_STOP(r4, 0x5403, &(0x7f0000000280)="c0a5270da6604ee00c8656c556717eb0914634aa827de8f6c4e2a666276ebded5d98d6ccced7f726772406393c54d9dd3fbda57c0a32dc6e5083d39b38537a75ad355046670ac5d6f539338ce2ba8165cc9be17d2d0dc79b450d72b69ddb312a46c2fd75166226467faa7672d86f377faee5f1ed339337a3b1d70a2513f6c554462c46c853e92c26d66fbc1ff7f609ac97522fa294a977f74f804043852b356fbe737068eaeb10f9509f519bfb73ca2ef17a68778102d1a3358f3b188e49b81828cb9584ef34797eb12802234717ee698ce88bab8a07a9711adec3046502d3ec")
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)

22.238916679s ago: executing program 0 (id=443):
r0 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev$auto(r0, &(0x7f0000000bc0)={0x0, 0x81}, 0x3)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vivid.0/video4linux/swradio0/uevent\x00', 0x0, 0x0)
write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, &(0x7f0000000300)="a04f", 0x2)
unshare$auto(0x40000080)
mmap$auto(0x100000000000002, 0x2020009, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8007ffc)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
statx$auto(r1, 0x0, 0x401006, 0x4015, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
sendto$auto(0x3, 0x0, 0x3, 0x101, 0x0, 0x1c)
select$auto(0x6, 0x0, &(0x7f0000000200)={[0x40108, 0x800000000008, 0x8, 0x5, 0x1001, 0x1ff, 0xf, 0x1000, 0x1ec74ea7, 0x2, 0xced80000000001, 0x9, 0x3, 0x0, 0xfffffffffdfffffe, 0x7fffffff]}, 0x0, 0x0)
ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5)
r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0xa0080, 0x0)
read$auto_debugfs_full_proxy_file_operations_internal(r2, 0x0, 0x0)
unshare$auto(0x40000080)
openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x185101, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:05/wakeup/wakeup4/active_time_ms\x00', 0x290480, 0x0)
sendfile$auto(r3, r3, 0x0, 0x9)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x00', 0xc000000000002)
mmap$auto(0x0, 0xd, 0x7, 0xeb1, r4, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)

21.534736337s ago: executing program 0 (id=448):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c2342, 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x1, 0x0, 0x1)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/loop1/queue/zone_append_max_bytes\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x6)
write$auto(r0, 0x0, 0x1)
r2 = openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/clk/clk_dump\x00', 0x8440, 0x0)
getsockopt$auto_SO_MAX_PACING_RATE(r2, 0x0, 0x2f, &(0x7f00000002c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', &(0x7f0000000080)=0x10001)
write$auto(0xca, &(0x7f00000001c0)='\x04\x13\xac\x04\x00\x00\x00\x00\x00\x00\x00\x01\n\xdc\x10\x00\x00\xef\xab\xe1ME:\xab \x87|\xe0Z\x1b\x9eZ\xa8\xff\x92+\xc9\x9fs\xbf\xd8\f\x00\x00\x00\xa5V\b\xf1Ne\xc6l\xd0\xdd7\x96gf\xb2\xa0\xf2cN\x8b\x95\xeb\xf3(\x9eM-\xdc\x84N\xc3\tts%\xe9\xbf<\xf1\xdav\xe0n\x04\xb33\x97\xd5\xb4\x02\x94B\xbb\x995\x1e\xf7@\xd8\xca\x8d\a0 \xfa\x87V\xeb1\xe4M%\xdd\xfd\xf6\x8d\xb4\xc7\x9b\x9d\xf5\xd9^\xcdL@\x0f\xd4\x15F,\xc1\xd1i\xa4f/{\xfa\xd5\n\xe1\x95l[\x91\xbfX\xea2\x1b\x8a\x85\t\x00\x05m\x1e\x9b\xca\xfb\x81\x9d{\x19S\xff\xe4\xd2k\x1b/wJ&\x03+{\x84R\xa8\x92\xad\xec\x1b\xb1\xe9\xa7XUo\x93\xd5\xfb\x94\xc4\xdf\x8e\xdd\x97\xfc\x00\x13\xd6\x80g\x7fR;\x88\xf7bm\x8f\xb5\x89\x1a\xb63\x98\xaa\xcc\xbf\x94\xbf#u\xb9', 0x2b)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
set_mempolicy$auto(0x1, &(0x7f0000000080)=0x3, 0x21)
unshare$auto(0x40000080)
r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_NL802154_CMD_NEW_SEC_LEVEL(r3, &(0x7f0000000500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYRES32, @ANYBLOB="08000d00090000000200260005000000"], 0x44}, 0x1, 0x0, 0x0, 0x8090}, 0x40)
r5 = socket(0x10, 0x5, 0x101)
listen$auto(r5, 0x200005)
accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff)
openat$auto_output_bpc_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/Virtual-1/output_bpc\x00', 0x400, 0x0)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c0300000000000000a3677337f9eca9075f6bba441b", 0x45}, 0x5, 0x0, 0xc00000, 0x1}, 0x5}, 0x9, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x48003004}, 0xc, &(0x7f0000000600)={&(0x7f0000000800)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000228bd7000ffdbdf25010000000800270200000005001000c3a29199f697ad0004000000080003008e7b6c80d67e8cfe5edd6f303c5aa81a989db5dc94d6c3eaa47b77686098a50b363926d9350b0baaf21f3c4701ef1d81b988db7c88662c1ba626998c591ae758fc0680ed669ae6a50b46eb84b4476b5ccff623f30c074d2838c41e58aebb8f904c44810547ae47bdc376fa93ca6ccaee56b08c4b9ec46c9ef93d44fa1c66c9873f9c31eb72913f21906925a31623c3f9b5c5bab54704eb0470c933187865b8aba8711c1a9649ff195841d7f5c6ceb5da892e677162e952ab51083d9c5fbb6f858dd59eac15be142d2e46116dd834cc04bffc1935700c4d4d88b4cfebc171eccda7627a6cba84ce9f1a43bc09d9d0600ef5e34a4c66b5f0030f650ebf8c0e2f80b9efecd37d23d1690c946c31126b77be86dd4287a711b991178505b3b78e86bf1724523e1173b07b5a054aa3337ef465fde3ebe9d391e1d76e128fff54b9a50910329ee557749d15be1dc253eb", @ANYRES32, @ANYBLOB="0800010002000000080021000600000005001000da000000"], 0x54}, 0x1, 0x0, 0x0, 0x4040000}, 0x8c0)
request_key$auto_KEY_SPEC_GROUP_KEYRING(&(0x7f0000001700)='+(,\xb7%}+\'\x00', &(0x7f0000001740)='/sys/kernel/debug/clk/clk_dump\x00', &(0x7f0000001780)=')#\x00', 0xfffffffffffffffa)

20.527778408s ago: executing program 0 (id=451):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r0 = socket(0x18, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58)
mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000)
io_uring_setup$auto(0x100, 0x0)
move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x89fc, &(0x7f0000000000)={'ip_vti0\x00'})
prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x200)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
mmap$auto(0x0, 0x2000009, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8000)
r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0xc)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$auto(r3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x48, 0xe6d, 0x1f}]})
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
statmount$auto(&(0x7f0000000040)={0x2, @inferred=r0, 0x2ab, 0x8000000000000000, 0x9}, &(0x7f0000000480)={0x5ffc2f43, 0x4, 0x8000, 0xf, 0x8, 0x6, 0x15e, 0x8, 0x5, 0xffffffff, 0x3fb, 0x4688, 0x0, 0x6, 0x7, 0xffffffff, 0xfffffffffffffffa, 0x8, 0x6, 0x6, 0x2cf2, 0x0, 0x2, 0x8, 0x8001, 0x9, 0x5, 0xffffff53, 0x9, 0x3, 0x0, [0x2, 0xc5, 0x200, 0x0, 0x800, 0x10001, 0x3, 0x200, 0x7, 0x8, 0x8000000000000001, 0x800, 0x6, 0x0, 0x5, 0x9, 0x8, 0x40, 0x87, 0x800, 0x3, 0x5, 0x1, 0x1f0b, 0x200, 0x1ff, 0x9, 0x0, 0x2, 0x7, 0x3, 0x1, 0x6, 0x100, 0x0, 0x1, 0x7, 0x2000000000000, 0xd5, 0x2, 0x7ff, 0x5, 0x8], "548d8ea698997f834de0f18213dd3b52214026ce4187935c0c77717f3e44f3f00f1a8f2d30b91d4e80e45ab184bba619e17ef29993af7cb9867ed24679cb4ef88c32af5dc2f73167ae6f63fc2a3926a371b5af8acdaf5881a3972c5418df0d4c6dedc36d3d30a7933645bb6c5a2916129c175de29d2998e9c62bb62f118d5e402bee3547827d1f9c6fe9aee4b3cc5e0a69a26c11b53a819104732e5098cac7820c6787f3a0c4c15e"}, 0x9f, 0x7)
unshare$auto(0x40000080)
sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004)
futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0)
openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x333641, 0x0)

19.402632439s ago: executing program 0 (id=457):
socket(0x28, 0x1, 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x4b564d07, 0x400, 0xffffffffffffffff}]})
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc35d300", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdbdf250100000008000b002c010000e0002d80c500c880040054809ad9b167f7a912e0f4b130f09b4a0d4e9329190f6bfabf21e00d9e0e6dac1c274649f9dc5067b857d80112dfd2f69754f98e662a16991b088ed19efb3f07c4037a186f68a581c982e25681e7589713a70f11606ed0d33960b2fff7cee645ab0cb08c1b36800f9d8b6a9f3c9c32a40b207fcdaf8572559aad68b5e45adfc413283c7269638259c4c5f4d0a8fad3b0627b96b6c41167ff22a3974fb4ab87ecec6bcba509815b79516126a9d715f73231e386c4385343b5c5287304000a000000000800aa00ffffffff0c00278008002300ac141420"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c800}, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
socket(0x10, 0x2, 0x4)
socket(0x1f, 0x3, 0x85)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
futex_waitv$auto(&(0x7f0000000000)={0xf6e1, 0x7, 0x9}, 0xb74, 0x9, &(0x7f0000000140)={0xd, 0x4}, 0x6)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x1000, 0x800c000}, 0x4)

19.092603326s ago: executing program 0 (id=459):
r0 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_supply_map_fops_(r0, &(0x7f0000000080)=""/78, 0x4e) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0) (async)
socket(0x2, 0x1, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
ioctl$auto(r1, 0x92106402, r1) (async)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x40b00, 0x0) (async)
read$auto(0x3, 0x0, 0x80) (async)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=r4, @ANYBLOB="01032bbd700002dcdf25050000000c00010005000000000000000c0001000e00000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x1, 0x84) (async, rerun: 32)
socket(0x27, 0xa, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
r5 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
bpf$auto(0xb0, &(0x7f00000001c0)=@task_fd_query={0x0, r5, 0x801, 0x10009, 0x8000004f0f, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x7}, 0x6f3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x1}, 0x40000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async, rerun: 32)
ioctl$auto(0x3, 0x400454ca, 0x38) (async, rerun: 32)
sysfs$auto(0x2, 0x9, 0x0) (async)
write$auto(r2, 0x0, 0xfdf3)

6.611021914s ago: executing program 1 (id=496):
mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x4b48, 0x9)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0xa0001, 0x0)
r2 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
ioctl$auto_USB_RAW_IOCTL_EP_READ(r1, 0xc0085508, 0x0)
io_uring_setup$auto(0x20000000, &(0x7f0000000180)={0x58000000, 0x6, 0x1ff, 0x9, 0xffff, 0x40, r2, [0x5, 0xb26b, 0x202], {0x3, 0x2, 0xe00000, 0xfffffff9, 0x401, 0x8, 0x7, 0x3ff, 0x6}, {0x6, 0x9, 0xea2, 0x9, 0x9, 0x8, 0x5ac, 0x8, 0x5}})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
pread64$auto(r5, 0x0, 0x800003, 0x270)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/printk/uevent\x00', 0x721900, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000080)=""/64, 0x40)
mlockall$auto(0x7)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x202, 0x0)
ioctl$auto_SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x800, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0xfffffffffffffc11, 0x3, 0x401)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)

5.594898804s ago: executing program 2 (id=500):
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
mlockall$auto(0x800000000000005)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
syz_clone(0x20000011, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0)
r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4)
flock$auto(r0, 0x1)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40)
flock$auto(r1, 0x1)
flock$auto(r1, 0x2)
close_range$auto(0x2, 0x8, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mlockall$auto(0x800000000000005) (async)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async)
syz_clone(0x20000011, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async)
mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) (async)
open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) (async)
flock$auto(r0, 0x1) (async)
open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x40) (async)
flock$auto(r1, 0x1) (async)
flock$auto(r1, 0x2) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

5.575291811s ago: executing program 3 (id=501):
r0 = socket(0x10, 0x2, 0x0)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000ffdbdf6d0000000000000000000000001000000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x8091}, 0x40014)
unshare$auto(0x40000080)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0xffffffff, 0x810004, 0xffb, 0x8020000008013, 0x3, 0x8000)
r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0)
read$auto(r2, 0x0, 0x1f40)
mmap$auto(0x0, 0x4, 0x10000, 0x40eb3, 0x401, 0x0)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r3 = socket(0x2, 0x1, 0x0)
openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/gid_map\x00', 0xd8180, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
r4 = socket(0x2b, 0x1, 0x1)
r5 = socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0)
ioctl$auto(r4, 0x89a0, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmsg$auto_NL80211_CMD_GET_REG(r5, 0x0, 0x881)
unshare$auto(0x40000080)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/afs/cells\x00', 0x4a801, 0x0)
sendto$auto(0x3, 0x0, 0x100000000, 0x40000008, 0x0, 0x19)
lstat$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000440)={0x4, 0x8000000000000001, 0x21, 0x2, 0xffffffffffffffff, 0xee01, 0x0, 0x0, 0x9, 0xdae, 0x9, 0x1000, 0xffffffffffffffff, 0x7, 0x9, 0xff, 0x3})
unshare$auto(0x97)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0)

4.647748684s ago: executing program 1 (id=502):
socket(0xb, 0x80000, 0x400003)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0x2, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
ioctl$auto_UDF_GETVOLIDENT(r0, 0x80086c42, &(0x7f0000000000)=&(0x7f0000000180)="7e5bdb96b6601d6ac07feba47d7e00c9fda80f33068b536fc7a853dd73637a2f4c2f5beffc1b41fec97b991c4d82e6cf6292d86089041b6fcf19b2ecd2a6aa87310db9e6fdba916666e0bb1423e80a6f7275bd67f95dc1c3bcd238980d98b0c2c2e2b167e717daac443009b3686bc404a3d543db6f4ef2c25a81fbedebacc18ad6d9139c22986a9305bbae37d5f5c585ace227b394b787fda89d71c4a2a4051174d469f1fe0056dc27e0b14a265e36579e91ffc8e9cd24326948d4080ac6467012c3a7e3761471fd1de8388d7373")
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb)
ioctl$auto_SOUND_PCM_READ_CHANNELS(r0, 0x80045006, &(0x7f0000000240))
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0)
bind$auto(0xffffffffffffffff, 0x0, 0x6a)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x100102, 0x0)
write$auto(r2, 0x0, 0x3)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
close_range$auto(0x2, 0x8, 0x0)

4.511499315s ago: executing program 2 (id=503):
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
r2 = ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0)
ioctl$auto(r1, 0xae44, r0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xb, 0x4, 0x80)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2)
sendmsg$auto_NL80211_CMD_ASSOCIATE(r3, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x84, r4, 0x1, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_SAR_SPEC={0x68, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS={0x64, 0x2, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x39b}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x10000}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xb}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x3}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xffffffff}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xfffffffe}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xe8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xd}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x3}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x87}]}]}]}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x5}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x20000005)
unshare$auto(0x40000080)
r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0)
lseek$auto(r5, 0x7fd, 0x1)
mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0)
fadvise64$auto(r0, 0x0, 0xffffffff80000001, 0x8)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0)
futex_waitv$auto(&(0x7f0000000000)={0xb, 0x7ffffffff000, 0x6}, 0x1, 0x0, 0x0, 0x623d)
msgget$auto(0x0, 0x5)
openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x20602, 0x0)
msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4)
msgctl$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8)

4.266802032s ago: executing program 3 (id=504):
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) (async)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0)
ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) (async)
r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) (async)
read$auto(r1, 0x0, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x0, 0x0)
socket(0x22, 0x3, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x3d, 0x7, 0x64, 0x7}, 0x6b)
sendfile$auto(r0, r3, 0x0, 0x1000200) (async)
mmap$auto(0x0, 0x5, 0x4000, 0xeb1, r3, 0x8001)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
write$auto(r4, &(0x7f0000000100)='7\x00\\\xa0\x04\xdb\xc3\x8cnI\x9c\t\xbck\x17\xfe_9\xdf\v\x9d\xf7\xa9+n\xf19\x8ba\xe38\xf7u~\r\x91p\x90x\xd9y\xef\x06\xafs\x90\xf0\xf9\xc3\'r\xac\x8d\\\xccM\xe3\x05\x87\x8c\x1beu\xa6\xab\xb2}\xb6\xb8\xa1\xb4\x98\x0f\x9b(8\xb9\xcb\x88\x0e\x99\x81f&\xe4\xe1\xf1\xe0iS\x93\xea\xa1\xb8\xa6T\xf4G\xb0m\xe5!\xa3\xda\x83\xc1\b\xb3\xce\x1bq\x03\xf7\t\x8f', 0x81) (async)
select$auto(0x3, 0x0, &(0x7f0000000180)={[0x5, 0xc, 0x3, 0x1, 0x100, 0xfffffffffffffffc, 0x8, 0x2, 0x80000000, 0x4, 0x0, 0x2, 0x80, 0x7, 0x5, 0xbb]}, &(0x7f0000000280)={[0x2, 0x40, 0xb, 0x2, 0x4, 0xe, 0xeba0, 0xab, 0xfffffffffffffffe, 0x100000001, 0x422, 0x7, 0x7, 0x8, 0x0, 0xfffffffffffffffd]}, &(0x7f00000000c0)={0xea0d, 0x200}) (async)
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x2000, 0x0)
ioctl$auto_SNDCTL_MIDI_PRETIME(r5, 0xc0046d00, &(0x7f0000000280)="3c56e86300") (async)
openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x6, 0x0) (async)
socket(0x2, 0x801, 0x106) (async)
select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0)
r6 = socket(0x2, 0x1, 0x84)
setsockopt$auto(r6, 0x84, 0x15, 0x0, 0x1) (async)
r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) (async)
write$auto_console_fops_tty_io(r7, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef)

3.976421283s ago: executing program 32 (id=459):
r0 = openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$auto_supply_map_fops_(r0, &(0x7f0000000080)=""/78, 0x4e) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8000, 0x0) (async)
socket(0x2, 0x1, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0)
ioctl$auto(r1, 0x92106402, r1) (async)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace_pipe\x00', 0x40b00, 0x0) (async)
read$auto(0x3, 0x0, 0x80) (async)
r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async, rerun: 64)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 64)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=r4, @ANYBLOB="01032bbd700002dcdf25050000000c00010005000000000000000c0001000e00000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20008810}, 0x880)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x1, 0x84) (async, rerun: 32)
socket(0x27, 0xa, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28)
r5 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800)
openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) (async)
bpf$auto(0xb0, &(0x7f00000001c0)=@task_fd_query={0x0, r5, 0x801, 0x10009, 0x8000004f0f, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x7}, 0x6f3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x1}, 0x40000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async, rerun: 32)
ioctl$auto(0x3, 0x400454ca, 0x38) (async, rerun: 32)
sysfs$auto(0x2, 0x9, 0x0) (async)
write$auto(r2, 0x0, 0xfdf3)

3.953185337s ago: executing program 1 (id=506):
r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
preadv$auto(r0, &(0x7f0000000340)={&(0x7f0000000240)="ae04fbde61e41ab61444162057d1dbd6ff9956b1067a4d692013d28b8585285ab15a941276dfb496252fa679501c38fd2f335128c67a2ca0840b6053bd608f3c5ee0c6b801fe27f34e1bcb863b87ad0ec56deb874c470d03a9af590440408160372f86d3666eddfa74c6596b4b3309c585e41c4a8e2c431075177bede224e4f160ac4102c12aa6594b103ec3385aedf97c19e96151a43d69c5d634c3aa6ba147fe26c37f3326419cd2fffffdd63f55bad49f04b46dc53d92ecbe722aaa97752f1ce94ecc", 0x27}, 0x4, 0x10000, 0x8)
r1 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000440), 0x20201, 0x0)
ioctl$auto_I2C_RDWR(r1, 0x707, &(0x7f0000000180))
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0)
write$auto(r3, &(0x7f0000000000)='\"\x81=\xe2\xad\xff\xf1y\xb3\x1d]\n\xcf\xfa\xee@\"', 0x81)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc)
fallocate$auto(r4, 0x0, 0x7, 0x4cbd5d)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL802154_CMD_ABORT_SCAN(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r2, @ANYRES16=0x0, @ANYBLOB="000129bd7000fddbdf252400000006000900ff0f000008000d00184400000500290000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x40)
open(0x0, 0x64842, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0)
io_uring_setup$auto(0x1, 0x0)
fcntl$auto(0x3, 0x4, 0xa553)
write$auto(0x3, 0x0, 0xfdef)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r4, 0xc1105511, &(0x7f0000000480)={{@raw=0x6, 0x10000, 0x9, 0x6, "8d28fa6fd144933a3509462b5b0ddc8bef13ca3debcb00caa274aaac8c703f08bb75f1944055d35cbcf7ab4d", @raw=0x9}, 0xffffffff, 0x20000, 0x3, @raw=0x1, @reserved="6c0e560b3520ca51ecb1cca8cb2c2cdce8af439d40ff73173bc5664579f408d6caa9ad9e79d3cf720c7f55a04a3715638e8bdde140ca291eaf4372a1e130a0a56cc8c5c46d503a842017fbb7e6802917fc39b75ed32183fd924f08bd3a92737beae3bec91a2fe7aa871c46f64f74e24cae8a34002508c61cd8cf5ef3b3f34a95", "a89de3181a008b8907fc27809a9a3e838ed8db69278ef5b939561e9fb27ffe9f784d4ec052bc724bd8d28e57942d855393c09088871cc462b533efe519afc719"})
syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff)
r5 = getpid()
process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
prctl$auto(0xedd, 0x8, r5, 0x6, 0x8)
r6 = openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/error_log\x00', 0x83, 0x0)
sendmsg$auto_ILA_CMD_FLUSH(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x40008c4)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.0/detach\x00', 0x101001, 0x0)
bind$auto(r6, &(0x7f0000000380)=@generic={0x8, "a195e0fda31686811846382a3707"}, 0x6)
write$auto(r7, &(0x7f00000001c0)='0\x00\\\xa0\x04|\xaa6-$B\xc8\x12\xfa\b\x1c\xc7k', 0x40000000081)

3.856855808s ago: executing program 2 (id=507):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, r0, 0x0)
r1 = socket(0xa, 0x801, 0x84)
getsockopt$auto(r1, 0x84, 0x74, 0x0, &(0x7f0000000000)=0x8)
r2 = seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x2a, 0x0)
r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000080), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'ipvlan0\x00', <r4=>0x0})
sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r3, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_IFINDEX={0x8, 0x8, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x20008044)
socket(0x2, 0x2, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3)

3.575178381s ago: executing program 2 (id=508):
socket(0x28, 0x1, 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x4b564d07, 0x400, 0xffffffffffffffff}]})
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc35d300", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdbdf250100000008000b002c010000e0002d80c500c880040054809ad9b167f7a912e0f4b130f09b4a0d4e9329190f6bfabf21e00d9e0e6dac1c274649f9dc5067b857d80112dfd2f69754f98e662a16991b088ed19efb3f07c4037a186f68a581c982e25681e7589713a70f11606ed0d33960b2fff7cee645ab0cb08c1b36800f9d8b6a9f3c9c32a40b207fcdaf8572559aad68b5e45adfc413283c7269638259c4c5f4d0a8fad3b0627b96b6c41167ff22a3974fb4ab87ecec6bcba509815b79516126a9d715f73231e386c4385343b5c5287304000a000000000800aa00ffffffff0c00278008002300ac141420"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c800}, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x1000, 0x800c000}, 0x4)

3.508971498s ago: executing program 1 (id=509):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51)
r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
statx$auto(r2, 0x0, 0x401006, 0x4015, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c)
readv$auto(0x3, &(0x7f0000000600)={0x0, 0xfdf3}, 0x1da)
write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000024c0), 0x0)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptye6\x00', 0x64802, 0x0)
write$auto(0x3, 0x0, 0xfdf3)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r3 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/bluetooth/hci1/force_suspend\x00', 0x8200, 0x0)
recvfrom$auto(r3, 0x0, 0xa7a6, 0x70, 0x0, 0xfffffffffffffffd)
r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1)
sendmsg$auto_NL80211_CMD_DEL_MPATH(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4a6797b264e5a126e21dedbac05429047e66a2e7ce7b45642d9aad3778e884b9871a786c10a5ea37363b1226a1351206ab677d352eb75106321cba1a9d446625341cd4ed5c39a84c727adfd492b3c889f4410a3d38e29ef44120e92705ef7813dd8f9e8615194dc8f626fe59ea96a4", @ANYRES16=r4, @ANYBLOB="040028bd7000fedbdf25180000001f0002002f70726f632f7468726561642d73656c662f6661696c2d6e746800003a00ba00946b877fd1e6c6758ea14415119725bb1dd9eb847dcb10e5f25b0ebba9f21abe143209179a2323c5b765e0ccda31c6e96f0c1ea7bf3c000032005b00cb255fa5036abe9b5fffbb5f0ddfbe22d672b186685d2b9b728bb96c2e2ed5ad703eaaa73b62286ad716e867fca2000004003c000800c300a4090000060066004e220000"], 0xb8}, 0x1, 0x0, 0x0, 0x20040000}, 0x800)
openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0)
ioctl$auto_BTRFS_IOC_SCAN_DEV(r0, 0x50009404, &(0x7f0000000640)={@inferred=r2, "c90d5d9fc5e811331ac4fb9f206af9e42130f8b3cfc7944bcc47dea733f44b8488707e003dfd24b7c69c21a45abaa307748aa69dba15660f31fd4ffed1eb5ae8a660dd4a1e89bfa4b71105928dc200951173b71292c6849d29cd8e83109d5147d6d4e49ed8763eb10c86931482d68abe946195d8fb0f6ccea90ec82ec19237af44c68f3a83f58b8a8e5b0dd69d44d23c16f18cd07875133fcefea06bc3c6aa7a39437f51673869811972285cb88184150e1c987ab4789e47f9af90a96347f5135995e6b54b83b2a4d79668fb5347ea568b1df51094e40c27c38581e88ff64128852be9c72344806c43ad3cd795b645fd0586a56afda80313ed810e20c04531e3b8370b7a0abbf62b111f45c78086d2fd00a88a8e12c5950b8dd885db0d1f3816de035e2a5ec8f92fc691675f9a14131bd0a871db65fc96c3332a9bd51b1172dacf3765b21e0109f03344f98bd54fce951331495ab4b9f704b2eb0ef31572b5ac763c5f1a859478e75385885f8bf726b0333d41f9a075138224fca3f2748a395fba31bc1a5f44c04e484672c1d54a77649b91bacd5253063f0638ea2dcb3a766881c26e9c0a65981f43879a40665f3d8cacab0309607c157df8f38f81babb069d573061d09aa6b091c9c434c93e97e9db4abf93e7f66ee43d3464bf5b7b64d7f326a6b4303a14d702c88919227183e941aec251cecb4b1f7e49bf48e0b6f1f0cb57d0721263e01c8fc7d8c8529d035b51a17cec1667aedd7567814053a3a2642a41834a073e04f4626ef86cb41eb993c7309aad980f28019f4fb9e05c8e2925be9b9f16554aacc916de87e54b96b87d49d5a1f41b751ef5918d7e64c77863e598a371d10f42c6ec11c8ad8b2f5d0e57d7dd6ef02ee219e0442e312cbb54d77bae20b23e7ef7c52dda1e46a0fdad1792aeea61ce7630c554f14b974544ac30331dc478dbd95711f7bd500bcb77efcccf87db39d401638f02c2ecd10babddb8a613619149dc7f9e2e21038b071157447a9bffec085de006745aa091f2f55b75462da2daf916dc82f87398413a5da04da0eee4b3772da64e54a50168f4dde91bfd23842d13b80634cc38f1711b01613b07ffe8f04a278a0128163f57822c999216b4e7883137991953b40ccf7d949a8ef8f0483794deec4a2cb7e8efe1fbaa60e218f31a62d1dc9095444c8b907613d4262b44400a14fd4dc0b697eda7a690c79c3580e11cffd66c4a06b1d245e44e4a61e6412effe3d4d8d179ea4e89984e962535db3b994ef6dc49a6d59690c6d068f24c56928da47b8e886004ba1bbc0f20f261e64f13ed7839b6873645221a937bc6464f0ed390924e15aaa95fffe0eaa47845c43a545a96db775647753197a20468da51a28bea529221521ea77e7c9b91a335ccbb0668a1a054bca01353c840d3d9e2be5da84c6ae2c1feac836f059716b622b0534f82923e6e972d9ba95b3c26a7aacf883673351cb2c42b80f3d5bc68d85e2f4ac1e5cd3b93f1da7321c0c3836e60747a6f28a67e568718cb2bf8f871821f96fd68cff3c34df4410111527f94a190db44e82d1dfc0fdf04956c4767039f7dfbb7526df51add878f603f45a9eb193eb16cf783adb3e2b287f125e987b275a36a8b353ee7c83b3f725702a852e25e55d088d3a977f87b995fb6f31feff5278dec6de7d75144a467e7ea05b2758d69c703da6a890b6dcb43069a0c9b7e791469b8201d15567f5fde58348f5def417b55b4b4693674761fa6877331866e1eb2898c902182af7f6c3f98bfa42c932d408d969b32362ef592a054e657fff873f19e5b9a36ff5d62a0110a77fa5ed2679e915b8555b21195005a6939468714e33a083c1864b512633eb55033914a193704d84b38a7a2eb42953483cd687c360ab1103b6e914caa9ef1efc95329cb46986067d20d2a0e1e48694e5d36defb6e7cb825beeefdef61ea3400501f96ce826e03886e46dedd6f1d311ddf118dd9d7bfa001c6e3a4919c0067ee820485bf777fa2bedafe6a21881380232e5352ad0835fa5170325ab0390c3dc825f02c06f316216bcef781e52511fb3c548f91957a11c3eaa81fd941f656737c154b7f5ae5df5f5597b803f2ee28f94a2de2cddef3157757914e026013bd1cf53c173a01ee606a091b19349c1038df71fab47bb44c858f26ddaa88ab70e47dc8e57701eb7bbeba40ac2e2ac94d730c4a710958e5024aad62ccafdfeb8e88eb47d09ad0e98b7cbd8babc703b64833b65d5cceaf2ddcbd6cd19352a0494240ff3647d695a85010ec6f6ee3bafb2f6c9d9e733859c0e2fcba11ba2290bd4c8cdf97ea07921b21162787adf462330b13ae608043f553375bcd32d2302bac18030f0c9000d1505c4520157c360c4a0ff38880baadfd7d31fa9f39bb43ce5ee5d608c12440a6d242aac6d695585f78ac48eb415d9237940a93941c232165760002998a9c94d43a81934f7557a0a286f4d808fb6e3b34060d5b83c9e1cdf6ebbb29676ba12f8b20c0516a47df64f779588e577cab2f372af715ee567602f185e1b49fc75bff66f141b64d9200483494193c288363f2127f648f277261ca438149ad52657e006647267ea0611735e55462ad2e72bb01203e073e05491bcd4ab336b4734f1c01fa435b1d4b036cc689ce3fd5e0531c9fd58e1c41ae470aa5e2185dd07ea7156e972b28808e16960fd4a1534de748d0318ea6fe5b1f63a012aa74964ac9ff94128e0f8a3c33196a7ad217eeae3892d9f97d075a0d565b840d83b7e901e351d3e379431692617247e651eca64e2465f7033b144ffacf84c49347c162e1483c61f360ba030d1b026302fed593311f789c2a6dacfa22951659fb313f865cc78a00f3faac86b0195ec84cee7eff3b4c96bff4dd9455bba3db7a3a15308695567c6cd8362a401881bc4ef7e81697ddf1f457ec95e00204a0f6b1da892aeb8db83ecfe24cf85fc4e5bf2a65bd32a942f77f484cde5a5d9ed531af1995f9117fa26b8af6020f9f72472163506a5beb15256d0398b546c9ea4328aef572f9b3bc9ec5ca1e8a514cd7825b75346e2f8b6a1aefb16d539a76d5e35ac576fb632a3e94b7e3a01a1a22bbe7cb2ba3c9f2a84da726cd443f6bccf60dc76b0bc31557ede47f686fa2cd18477dc53e3f08b223879f568a2ca45b40d1a31c94d7a39d7885e50f6c891e5d2b76817d7927c653d41142c98056469815d040ee328eaf17d8a33db0796d7acaf21a37114d654640320edd8138fe712ca625ead5a197aad45407fc71d766c61f3e1b913933d9b2c27972d7b40ea46c40bdd435a5ddb36de81930688d882c271774527af79653607e02f389277903e85a53e28ec78c2150785b11ae98afd36c9facc7e6b596a793ee8768fb4e9ac120f9258dc9be2454d54c0f8add816d6a89f7fd177c4471e28a8b36db4001b7dc9defe0744ae325b9b5b8dcddd099f017b57a181636fa90abca5d1058b150b804df2258280503987556ffa61c9cc328c7889a8818fa798ef4da03ea3741011e3efdbf0ec68f876a20576682a22eb4c42158ccdccee73a2c6979f7ea60ceb540fb2f1cb94ad92290239c5d9e9e10d7db0f65d1d449eaab6805a59ec6113517a9f675d5d84976bc1ed01d2f421560b065b14188be089731bcf2835122796df475127b15190ea056cc7b9b14a3c1af38a76f5e704ed8d798a7dc88011a38a904b8f6d9213a0969d3f3c892e7dbca7e891a74b06e0a6d4157137b9f4fb3a8a76e8d8c68c25a4fa360f0acd71a84dee56726d0ec6112a64a17b60c6b6c29007e356e034b8cfc9d0d2d1efb0c7518ee1a0fe404d5fdb3c6347548e3ec5ffbd35c18e6cf711218ee48e61425a4dcdcb3c33c46ba147e94a049685303d04214cc899f5cde0e5284cc41a86f00ee8dc089fd0b1fa98f4996902204bcd950e2d09d92e02117bccea1bf28acb027cca3357f17b2565a1552d8a01505c5591644aa45c5dd1c1a7b32c7e11155b62c1afd8baa909e864cc38d1d550eb5fb278241b7e16bebdd0a0d825961242c095f90fcd70888da7e9370a68c9b8b197d93ce6f25e68b2f8eee0774418ec60a2757f461a557e9227232c0cb3c711bb6393a09c5f6b84cb7878ca05794f442e2eebe4ff457b01a7fd454aba6deec88d63aa36e508c5b93f30c9311a936484c28cb23f5849d918e0761951abfdf7695a4817f7a0f68a1159313cc5e28e0428dc096995b4770a96c0bec526e1ddafea4df8ea7142c45d8015efe67b4390c5d5e6dbd294fe0cdf24df70ae5d50c690110b28af98b2469008bb4e8bd9870bee17447be71912cc0a03682f7d792d4e5d8b9b8577b85dcfbe7d0cfb7357d6e7bdda3ae7a1c58bd604609eda5a4b5044bc25b9f4a902f0534cdacafdd830bd254acdd79d6528d05e3e595300d36d7e950419c509582577b5ca5bdc9d5adb029f066be1c3d19f06d0e35bd673ff4bfdcbd2b3a2f0fcdf5ba72db6e9219e7089815b22e3a86566a4bdb5769b269c9145f5f2c26fed4720f716ec4a58f914f69c5b47e425551d5b712123c933b626a035f820de0f40553250fbd469546fd3ab754c94849896c146755d9e72b3007c33b69962199a13c36e80ff01818fa985415c96d7d5f958b66c2980b2a3f282feac8c7e05775147a289678e14c27bbfa5572d1a9762f2fad976ea41383106fb9bdbb4c37f256bc2baad18c001db91c5269e9aac32ebfcddefc58628fbf24168acbb4110ec446f7b14b5e6d89eae665cbb4f63ad08c6acaa0391eef8e31d8cc586dcda26376b0995226355ea275c6b747c90479a979ed4c7861258cfb74581324eb0089ca066b8475535e9ab2d313da81ba2787becf80f05b29ca80650379f5dfdd7525ee236729610898212c474347bc764b6dc184582f5e656fe67af79f232302f6f6614097bfe82045ddf99e6b22296ade44ee4918084bf9b5cb67a6690779bd06f3c6e4fe82c376da5d0e269eb3bca81ad05ed80388608b2b40bf0a97ec4e44fbf3b5f6549938fab74ff39e1e4bbb4094fe0f2c7f403870ad330a70538951151451483f1bb0ae27a6d7462917233c17e69b8ec5b3ec5586f241366c29a56fc087c4a9680d4d75f3289d3a911e227d3f04c06f6d320320012b2b60d7e1f14ba1c05f3be13ff5c32c5d88f019e6c189f0dd8b83d7be6f0be452f6ffd9f8be8ed99ee952623145c8fe3e2174cb430f49a15a7b676eb5e5a0ce11bfe1bcc1b97e37bf724a196ecb818a2fff4e11b25778eaafc9d1cb9d3d7bef0d7b07c277517d94609bae5dd5edb1b5e0cc8c37c075d1d32be65c1f5cd4d8d88e5313b705ab17e9479c70287827d640b427a6d63983ef82561ba5f51e85d92dc1b5b578d8087cd00779fc84d7d8fb70fd99056499293cb80aaf71f74ba66ff00cca8b86d980b6bfa0160cf02084945e806a7aa0b750c3086ade9991c988c4157d80bf72591ee678817cbd2866ef233e95e2594e66c1fa848af44109fd99b4378b33c87ab94d0d4606e518e582ad2cb77a0d788793dc46bd736ad66a10ec8c31d0710b00889f7f453d157ed993e91adc715213b9f64a2778846217113010412060cee198e1cedafdb36940ad656731ff3b9aa9c8218c6d75718fffb4e40f04a07abd3026de0bc4458c13408264ef64b14eb0f1cd79bf1a820d09159caa4d4fd742db40e54be561d15df5edc7a3d22837734027279187663e70056cf119d451a1c1192b20cb186064a7443f0d1e808d714fedfcf9bf957ec83ec9fe55b4363e6b577791a487bc2b32ae6bf009b733c6b4cd0668f7a902"})
r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0)
write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
r6 = waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x3, 0x0)
prctl$auto(0x7, 0x3f7, r6, 0xffffffffffffffff, 0x6)
write$auto(0x3, 0x0, 0x100082)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x11)
ioctl$auto_LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xfffffffffffffffd)

3.495965382s ago: executing program 2 (id=510):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000001c0), r1)
sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r1, &(0x7f0000004b00)={0x0, 0x0, &(0x7f0000004ac0)={&(0x7f0000000080)={0x34, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_PLCA_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x80000000}]}]}, 0x34}}, 0x60000040)
r3 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r3, 0x29, 0x43, &(0x7f0000000040)='\xa1\x00', 0x4)
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0)
r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r4, 0x400454a4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000)
r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram0\x00', 0x67f00, 0x0)
preadv2$auto(r5, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x400, 0x2f)
mmap$auto(0x0, 0x4120008, 0x46, 0xeb1, 0x401, 0x8000)
r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0)
ioctl$auto(r6, 0x5609, r6)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x200, 0x0)
mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3)
pread64$auto(r0, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2a, 0x2, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
io_uring_setup$auto(0x406, 0x0)

3.264686709s ago: executing program 3 (id=511):
sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$auto(r1, &(0x7f0000000100)='\x01\x00\xa8a\xe0a\x1cJ4\x00\xaaN\xc8\xf9\x12\xeb\x00\xab`{U\x04\x88\xa8\x96\x82\x88\xa8\x11_\x89\x06\x06\xa7Y}`@\x1b\x00\x00\x00\x00\x00\x00\x00\x00\xd22z\x14z\xbf\xf94\x92mP\x87[\xa4p\x93\xd4\xe3\xe8Vhpy\xf6\xce\xbb\x8c\xb2\xc9>\xd9Y\x8d\xbe\x90\xbcu*\xc8\xdc\x0e]\x01\xd1\x9e\x0f\x05_\xfc\xb8\xeb\xd9\xb7\xa4\a\xae\xa5I\f7\x17\x91L}m\xea\r+\xecy\xe1\xe0D\x824\xfc[+\x0f\xe0\x11\xe8\x83\xc4\"\xcc&z\x8c@pC\xb2\xf6k\x14~iA?\x90Pnj\x82\xea\xf0\xfa\xe8\xe1\x81Q6\x11\xe4T\xd5\xf0\xb1\xc65tr\x8b\x83^\xa17uX<y\xed\xf2\xdf\xcb\xacd\xec\x8c\x8e\x1c\xe1o', 0x7138)

2.575398122s ago: executing program 3 (id=512):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
capset$auto(0x0, 0xfffffffffffffffe)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x80, 0x0)
socket(0xa, 0x5, 0x0)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0)
sendfile$auto(r1, r1, 0x0, 0x1)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0)
mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x7d48, 0x948b, 0x4, 0x15f4da0c, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x4, 0x5, 0x2, 0x1]}, 0x0)
r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x1}, 0x4, 0x966, 0x3, @inferred, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})

2.278192886s ago: executing program 2 (id=513):
unshare$auto(0x40000080)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x745100, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0)
r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}})
openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r3, 0x4, 0x7ff)
ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x7, 0x4)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r2, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="00dd89ce25e27fe500000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa)
epoll_wait$auto(r0, &(0x7f0000000100)={0x6, 0xfffffffffffffffd}, 0x7, 0x101)
ioctl$auto(0x3, 0x8905, 0x38)
madvise$auto(0x0, 0x2003f2, 0x15)
syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff)

1.744804201s ago: executing program 1 (id=514):
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40008000)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x4000001)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
socket(0xa, 0x1, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, <r1=>0xffffffffffffffff, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140), &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa98e25"})
fsconfig$auto(r0, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, r1)
write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b)
process_mrelease$auto(0xffffffffffffffff, 0xa)
mmap$auto(0x0, 0x40000b, 0xde, 0x9b72, 0xffffffffffffffff, 0x8000)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe)
write$auto(r2, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0)
mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x2800, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x5c902, 0x0)
socket(0x2, 0x4, 0x106)
mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r3, 0x8000)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x40080, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0)
write$auto(r4, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0)

1.416790725s ago: executing program 3 (id=515):
mmap$auto(0x0, 0x400008, 0xdf, 0x20000009b72, 0x2, 0x8000)
r0 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x3, 0x5f, 0x400}, 0x112c00000000, 0x865)
sendmsg$auto_ILA_CMD_FLUSH(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, 0x0, 0x20, 0x70bd27, 0x25dfdbfe, {}, [@ILA_ATTR_LOCATOR_MATCH={0xc, 0x3, 0x8}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x1}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0xf9}, @ILA_ATTR_CSUM_MODE={0x5, 0x7, 0xe0}, @ILA_ATTR_IDENT_TYPE={0x5, 0x8, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x1}, 0x0)
clone$auto(0x6, 0x7, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)

130.923413ms ago: executing program 3 (id=516):
r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4d", 0xfdef)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={0x48, r3, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_SCAN_SSIDS={0x2c, 0x2d, 0x0, 0x1, [@nested={0x19, 0xcf, 0x0, 0x1, [@typed={0x8, 0x4e, 0x0, 0x0, @u32=0x80}, @generic="54d80139de2728990e0c3ccdc8268c09b08c312ca4f13fb733"]}]}]}, 0x48}}, 0x4000000)
sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x40)

0s ago: executing program 1 (id=517):
socket(0x28, 0x1, 0x0)
r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r1)
ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x4b564d07, 0x400, 0xffffffffffffffff}]})
sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc35d300", @ANYRES16=0x0, @ANYBLOB="000227bd7000fbdbdf250100000008000b002c010000e0002d80c500c880040054809ad9b167f7a912e0f4b130f09b4a0d4e9329190f6bfabf21e00d9e0e6dac1c274649f9dc5067b857d80112dfd2f69754f98e662a16991b088ed19efb3f07c4037a186f68a581c982e25681e7589713a70f11606ed0d33960b2fff7cee645ab0cb08c1b36800f9d8b6a9f3c9c32a40b207fcdaf8572559aad68b5e45adfc413283c7269638259c4c5f4d0a8fad3b0627b96b6c41167ff22a3974fb4ab87ecec6bcba509815b79516126a9d715f73231e386c4385343b5c5287304000a000000000800aa00ffffffff0c00278008002300ac141420"], 0xfc}, 0x1, 0x0, 0x0, 0x2000c800}, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x1000, 0x800c000}, 0x4)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.212' (ED25519) to the list of known hosts.
[   82.459630][ T5812] cgroup: Unknown subsys name 'net'
[   82.587596][ T5812] cgroup: Unknown subsys name 'cpuset'
[   82.596008][ T5812] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.046591][ T5812] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   85.762806][ T5147] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   85.777486][ T5147] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   85.785541][ T5147] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   85.793938][ T5147] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   85.822830][ T5835] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   85.832259][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   85.840077][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   85.840723][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   85.848579][ T5837] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   85.861606][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   85.872102][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   85.872437][ T5837] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   85.881277][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   85.894363][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   85.895273][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   85.902109][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   85.923660][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   85.931844][ T5147] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   85.939599][ T5147] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   85.948666][ T5147] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.399866][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   86.441747][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   86.545841][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   86.688141][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.695449][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.702873][ T5828] bridge_slave_0: entered allmulticast mode
[   86.712775][ T5828] bridge_slave_0: entered promiscuous mode
[   86.746586][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.753724][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.761139][ T5828] bridge_slave_1: entered allmulticast mode
[   86.768526][ T5828] bridge_slave_1: entered promiscuous mode
[   86.776224][ T5829] chnl_net:caif_netlink_parms(): no params data found
[   86.787621][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.794762][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.801894][ T5827] bridge_slave_0: entered allmulticast mode
[   86.809073][ T5827] bridge_slave_0: entered promiscuous mode
[   86.817928][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.825179][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.832679][ T5827] bridge_slave_1: entered allmulticast mode
[   86.840520][ T5827] bridge_slave_1: entered promiscuous mode
[   86.963022][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.971577][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.979087][ T5823] bridge_slave_0: entered allmulticast mode
[   86.987902][ T5823] bridge_slave_0: entered promiscuous mode
[   86.999852][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.028881][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.038454][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.047017][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.054694][ T5823] bridge_slave_1: entered allmulticast mode
[   87.062501][ T5823] bridge_slave_1: entered promiscuous mode
[   87.087404][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.118300][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.166856][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.195326][ T5828] team0: Port device team_slave_0 added
[   87.213020][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.224470][ T5827] team0: Port device team_slave_0 added
[   87.242640][ T5828] team0: Port device team_slave_1 added
[   87.250004][ T5827] team0: Port device team_slave_1 added
[   87.309064][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.316411][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.323578][ T5829] bridge_slave_0: entered allmulticast mode
[   87.330985][ T5829] bridge_slave_0: entered promiscuous mode
[   87.359981][ T5823] team0: Port device team_slave_0 added
[   87.366265][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.373405][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.380906][ T5829] bridge_slave_1: entered allmulticast mode
[   87.389908][ T5829] bridge_slave_1: entered promiscuous mode
[   87.398003][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.405059][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.431415][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.443818][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.451452][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.477983][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.490744][ T5823] team0: Port device team_slave_1 added
[   87.527166][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.534233][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.561601][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.573688][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.580817][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.610912][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.660897][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.678772][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.689928][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.697076][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.724415][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.737480][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.744667][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   87.770844][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.851568][ T5829] team0: Port device team_slave_0 added
[   87.863660][ T5827] hsr_slave_0: entered promiscuous mode
[   87.870329][ T5827] hsr_slave_1: entered promiscuous mode
[   87.898405][ T5829] team0: Port device team_slave_1 added
[   87.910603][ T5828] hsr_slave_0: entered promiscuous mode
[   87.917160][ T5828] hsr_slave_1: entered promiscuous mode
[   87.923217][ T5828] debugfs: 'hsr0' already exists in 'hsr'
[   87.930146][ T5826] Bluetooth: hci1: command tx timeout
[   87.930158][ T5147] Bluetooth: hci0: command tx timeout
[   87.930470][ T5828] Cannot create hsr debugfs directory
[   87.974999][ T5823] hsr_slave_0: entered promiscuous mode
[   87.981232][ T5823] hsr_slave_1: entered promiscuous mode
[   87.987587][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   87.993315][ T5823] Cannot create hsr debugfs directory
[   88.005056][ T5826] Bluetooth: hci2: command tx timeout
[   88.005061][ T5147] Bluetooth: hci3: command tx timeout
[   88.013716][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.023348][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.049408][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.090498][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.097503][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   88.123552][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.270611][ T5829] hsr_slave_0: entered promiscuous mode
[   88.276972][ T5829] hsr_slave_1: entered promiscuous mode
[   88.282977][ T5829] debugfs: 'hsr0' already exists in 'hsr'
[   88.289025][ T5829] Cannot create hsr debugfs directory
[   88.631426][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   88.644479][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   88.665612][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   88.676698][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   88.726551][ T5828] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   88.738514][ T5828] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   88.755668][ T5828] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   88.776547][ T5828] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   88.875510][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   88.910591][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   88.921164][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   88.932285][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   89.014214][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.040454][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.048351][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.059770][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.070874][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.101252][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.137972][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   89.158633][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.165948][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.197500][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.204752][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.219887][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   89.247116][ T2964] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.254293][ T2964] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.275581][ T4858] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.282731][ T4858] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.376932][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.443962][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   89.517758][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.542147][ T4179] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.549377][ T4179] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.597990][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.605196][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.663446][ T5829] 8021q: adding VLAN 0 to HW filter on device team0
[   89.698609][ T4858] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.705804][ T4858] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.734715][ T1164] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.741821][ T1164] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.799345][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.830009][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.001568][ T5827] veth0_vlan: entered promiscuous mode
[   90.008345][ T5147] Bluetooth: hci0: command tx timeout
[   90.015227][ T5147] Bluetooth: hci1: command tx timeout
[   90.050726][ T5828] veth0_vlan: entered promiscuous mode
[   90.069356][ T5827] veth1_vlan: entered promiscuous mode
[   90.087946][ T5147] Bluetooth: hci3: command tx timeout
[   90.098229][ T5147] Bluetooth: hci2: command tx timeout
[   90.100095][ T5828] veth1_vlan: entered promiscuous mode
[   90.192265][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.230486][ T5827] veth0_macvtap: entered promiscuous mode
[   90.241919][ T5827] veth1_macvtap: entered promiscuous mode
[   90.279025][ T5828] veth0_macvtap: entered promiscuous mode
[   90.296620][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.326727][ T5828] veth1_macvtap: entered promiscuous mode
[   90.342309][ T5823] veth0_vlan: entered promiscuous mode
[   90.351349][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.360626][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.390296][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.400445][ T4858] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.412743][ T4858] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.433518][ T5823] veth1_vlan: entered promiscuous mode
[   90.441388][ T4858] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.450759][ T4858] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.465344][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.493230][ T1164] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.502517][ T1164] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.524091][ T1164] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.532869][ T1164] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.608943][ T5823] veth0_macvtap: entered promiscuous mode
[   90.647329][ T5823] veth1_macvtap: entered promiscuous mode
[   90.673868][ T5829] veth0_vlan: entered promiscuous mode
[   90.703489][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.705393][ T4179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.718397][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.726710][ T4179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.731659][ T5829] veth1_vlan: entered promiscuous mode
[   90.780243][ T4179] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.789682][ T4179] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.807332][ T4858] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.819349][ T4858] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.828554][ T4858] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.841945][ T4858] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.868293][ T4858] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.879838][ T4858] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.912684][ T5829] veth0_macvtap: entered promiscuous mode
[   90.929114][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.937984][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.955767][ T5829] veth1_macvtap: entered promiscuous mode
[   90.981397][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   91.022013][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.050219][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.089186][ T4179] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.133483][ T4858] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.152470][ T4179] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.173475][ T4179] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.175079][ T4858] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.251010][ T4179] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.271552][ T5917] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[   91.322075][ T4179] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.347645][ T4179] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.442980][ T5918] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   91.443136][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.504694][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.560401][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.580514][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.936363][  T797] cfg80211: failed to load regulatory.db
[   92.084700][ T5147] Bluetooth: hci1: command tx timeout
[   92.085826][ T5826] Bluetooth: hci0: command tx timeout
[   92.164441][ T5826] Bluetooth: hci2: command tx timeout
[   92.164941][ T5147] Bluetooth: hci3: command tx timeout
[   92.916251][ T5949] syz.3.7 (5949) used greatest stack depth: 18952 bytes left
[   93.449936][ T5964] mmap: syz.0.10 (5964) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   93.460708][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   93.484658][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.523022][ T5966] NFSD: Failed to start, no listeners configured.
[   94.164779][ T5147] Bluetooth: hci0: command tx timeout
[   94.170217][ T5147] Bluetooth: hci1: command tx timeout
[   94.244916][ T5826] Bluetooth: hci2: command tx timeout
[   94.250436][ T5147] Bluetooth: hci3: command tx timeout
[   94.386405][ T5974] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11'.
[   94.484452][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   94.487072][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.499413][ T5991] cgroup: fork rejected by pids controller in /syz0
[   95.624446][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.633049][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.641648][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.650233][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.713728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   95.722928][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.208387][ T6066] HfR: entered promiscuous mode
[   99.899745][ T6081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.22'.
[   99.925615][ T6081] vlan1: entered promiscuous mode
[   99.965308][ T6081] vlan1: entered allmulticast mode
[   99.982224][ T6081] veth0_vlan: entered allmulticast mode
[  102.966466][ T6139] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5
[  104.036215][ T6159] netlink: 326 bytes leftover after parsing attributes in process `syz.3.35'.
[  106.197254][ T6207] Zero length message leads to an empty skb
[  107.189922][ T6231] zram0: detected capacity change from 0 to 8
[  107.249773][ T6238] hub 3-0:1.0: USB hub found
[  107.272753][ T6238] hub 3-0:1.0: 1 port detected
[  107.331732][ T6238] usb usb3: authorized to connect
[  107.625395][ T6232] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}*	 »'
[  109.283839][ T6280] netlink: 20 bytes leftover after parsing attributes in process `syz.2.54'.
[  110.730500][ T6310] FAULT_INJECTION: forcing a failure.
[  110.730500][ T6310] name failslab, interval 1, probability 0, space 0, times 0
[  110.743299][ T6310] CPU: 1 UID: 0 PID: 6310 Comm: syz.2.57 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  110.743343][ T6310] Tainted: [L]=SOFTLOCKUP
[  110.743352][ T6310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  110.743375][ T6310] Call Trace:
[  110.743384][ T6310]  <TASK>
[  110.743394][ T6310]  dump_stack_lvl+0x100/0x190
[  110.743434][ T6310]  should_fail_ex.cold+0x5/0xa
[  110.743481][ T6310]  should_failslab+0xc2/0x120
[  110.743521][ T6310]  kmem_cache_alloc_noprof+0x83/0x780
[  110.743567][ T6310]  ? do_fcntl_add_lease+0x9d/0x550
[  110.743603][ T6310]  ? do_fcntl_add_lease+0x9d/0x550
[  110.743630][ T6310]  do_fcntl_add_lease+0x9d/0x550
[  110.743659][ T6310]  ? __pfx_do_fcntl_add_lease+0x10/0x10
[  110.743686][ T6310]  ? __pfx_futex_wait+0x10/0x10
[  110.743725][ T6310]  fcntl_setlease+0xfc/0x180
[  110.743753][ T6310]  ? __pfx_fcntl_setlease+0x10/0x10
[  110.743791][ T6310]  do_fcntl+0x1149/0x1670
[  110.743830][ T6310]  ? __pfx_do_fcntl+0x10/0x10
[  110.743866][ T6310]  ? __fget_files+0x215/0x3d0
[  110.743908][ T6310]  ? tomoyo_file_fcntl+0x6c/0xc0
[  110.743947][ T6310]  __x64_sys_fcntl+0x163/0x200
[  110.743990][ T6310]  do_syscall_64+0xc9/0xf80
[  110.744027][ T6310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  110.744054][ T6310] RIP: 0033:0x7f3c2bd9af79
[  110.744075][ T6310] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  110.744107][ T6310] RSP: 002b:00007f3c29ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  110.744137][ T6310] RAX: ffffffffffffffda RBX: 00007f3c2c016180 RCX: 00007f3c2bd9af79
[  110.744155][ T6310] RDX: 9ec0000000000000 RSI: 0000000000000400 RDI: 0000000000000003
[  110.744172][ T6310] RBP: 00007f3c2be316e0 R08: 0000000000000000 R09: 0000000000000000
[  110.744189][ T6310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  110.744205][ T6310] R13: 00007f3c2c016218 R14: 00007f3c2c016180 R15: 00007fffef2ac8e8
[  110.744243][ T6310]  </TASK>
[  111.536378][ T6326] hub 1-0:1.0: USB hub found
[  111.605272][ T6326] hub 1-0:1.0: 1 port detected
[  113.083435][ T6350] zswap: compressor  not available
[  114.592412][ T6343] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  116.068457][ T6411] netlink: 330 bytes leftover after parsing attributes in process `syz.2.72'.
[  117.253120][ T6435] Invalid ELF header magic: != ELF
[  118.001729][ T6449] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a000
[  118.024264][ T6449] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  118.032448][ T6449] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  118.067015][ T6449] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  118.094222][ T6449] page dumped because: unmovable page
[  118.149147][ T6449] page_owner tracks the page as allocated
[  118.161603][ T6449] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 5820, tgid 5820 (syz-executor), ts 85556657920, free_ts 82691159456
[  118.257894][ T6449]  post_alloc_hook+0x1e1/0x250
[  118.268847][ T6449]  get_page_from_freelist+0xe3d/0x2e10
[  118.280599][ T6449]  __alloc_frozen_pages_noprof+0x26c/0x2410
[  118.307155][ T6449]  alloc_pages_bulk_noprof+0x777/0x1500
[  118.435636][ T6449]  __kasan_populate_vmalloc+0xf0/0x210
[  118.441172][ T6449]  alloc_vmap_area+0x935/0x2a00
[  118.452932][ T6449]  __get_vm_area_node+0x1ca/0x330
[  118.458115][ T6449]  __vmalloc_node_range_noprof+0x213/0x1530
[  118.464012][ T6449]  vmalloc_user_noprof+0x9e/0xe0
[  118.470639][ T6449]  kcov_ioctl+0x4c/0x720
[  118.474945][ T6449]  __x64_sys_ioctl+0x18e/0x210
[  118.479766][ T6449]  do_syscall_64+0xc9/0xf80
[  118.488950][ T6449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.557106][ T6449] page last free pid 5812 tgid 5812 stack trace:
[  118.576871][ T6449]  __free_frozen_pages+0x822/0x1130
[  118.588111][ T6449]  __kasan_populate_vmalloc+0x164/0x210
[  118.593717][ T6449]  alloc_vmap_area+0x935/0x2a00
[  118.614029][ T6449]  __get_vm_area_node+0x1ca/0x330
[  118.629496][ T6449]  __vmalloc_node_range_noprof+0x213/0x1530
[  118.640746][ T6449]  vmalloc_user_noprof+0x9e/0xe0
[  118.664282][ T6449]  kcov_ioctl+0x4c/0x720
[  118.668570][ T6449]  __x64_sys_ioctl+0x18e/0x210
[  118.702442][ T6449]  do_syscall_64+0xc9/0xf80
[  118.717198][ T6449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  119.111691][   T30] audit: type=1800 audit(1770654179.264:2): pid=6463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.80" name="dbroot" dev="configfs" ino=9727 res=0 errno=0
[  119.485292][ T6476] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  119.523404][ T6476] vhci_hcd: not connected 4
[  119.552347][ T6478] Ignoring unsupported numa_zonelist_order value:  
[  119.709771][ T6476] netlink: 28 bytes leftover after parsing attributes in process `syz.0.83'.
[  120.031250][ T6492] syz.0.87 uses obsolete (PF_INET,SOCK_PACKET)
[  120.149571][ T6483] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  120.262150][ T6485] FAULT_INJECTION: forcing a failure.
[  120.262150][ T6485] name fail_futex, interval 1, probability 0, space 0, times 1
[  120.304223][ T6485] CPU: 0 UID: 0 PID: 6485 Comm: syz.1.85 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  120.304265][ T6485] Tainted: [L]=SOFTLOCKUP
[  120.304274][ T6485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  120.304286][ T6485] Call Trace:
[  120.304292][ T6485]  <TASK>
[  120.304297][ T6485]  dump_stack_lvl+0x100/0x190
[  120.304319][ T6485]  should_fail_ex.cold+0x5/0xa
[  120.304344][ T6485]  get_futex_key+0x1d2/0x1620
[  120.304376][ T6485]  ? __pfx_get_futex_key+0x10/0x10
[  120.304421][ T6485]  futex_wait_setup+0x81/0x500
[  120.304454][ T6485]  __futex_wait+0x19f/0x300
[  120.304470][ T6485]  ? __pfx___futex_wait+0x10/0x10
[  120.304486][ T6485]  ? __pfx_futex_wake_mark+0x10/0x10
[  120.304511][ T6485]  ? find_held_lock+0x2b/0x80
[  120.304525][ T6485]  ? futex_wake+0x456/0x530
[  120.304550][ T6485]  futex_wait+0xed/0x380
[  120.304563][ T6485]  ? __pfx_futex_wait+0x10/0x10
[  120.304581][ T6485]  ? putname+0xf5/0x1a0
[  120.304603][ T6485]  do_futex+0x1ef/0x350
[  120.304622][ T6485]  ? __pfx_do_futex+0x10/0x10
[  120.304646][ T6485]  ? find_held_lock+0x2b/0x80
[  120.304662][ T6485]  __x64_sys_futex+0x34f/0x4d0
[  120.304683][ T6485]  ? __x64_sys_open+0xfe/0x1d0
[  120.304703][ T6485]  ? __pfx___x64_sys_futex+0x10/0x10
[  120.304722][ T6485]  ? xfd_validate_state+0x129/0x190
[  120.304750][ T6485]  do_syscall_64+0xc9/0xf80
[  120.304769][ T6485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.304785][ T6485] RIP: 0033:0x7feee839af79
[  120.304801][ T6485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  120.304827][ T6485] RSP: 002b:00007feee65f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  120.304854][ T6485] RAX: ffffffffffffffda RBX: 00007feee8616098 RCX: 00007feee839af79
[  120.304868][ T6485] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feee8616098
[  120.304877][ T6485] RBP: 00007feee8616090 R08: 0000000000000000 R09: 0000000000000000
[  120.304893][ T6485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  120.304901][ T6485] R13: 00007feee8616128 R14: 00007ffc6e628c10 R15: 00007ffc6e628cf8
[  120.304921][ T6485]  </TASK>
[  123.425840][ T6562] netlink: 8 bytes leftover after parsing attributes in process `syz.3.98'.
[  123.560703][ T5147] Bluetooth: hci1: unexpected event 0x3e length: 720 > 260
[  123.785350][ T6571] FAULT_INJECTION: forcing a failure.
[  123.785350][ T6571] name failslab, interval 1, probability 0, space 0, times 0
[  123.847773][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.3.100 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  123.847814][ T6571] Tainted: [L]=SOFTLOCKUP
[  123.847823][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  123.847837][ T6571] Call Trace:
[  123.847845][ T6571]  <TASK>
[  123.847854][ T6571]  dump_stack_lvl+0x100/0x190
[  123.847903][ T6571]  should_fail_ex.cold+0x5/0xa
[  123.847945][ T6571]  should_failslab+0xc2/0x120
[  123.847981][ T6571]  __kmalloc_cache_noprof+0x80/0x810
[  123.848008][ T6571]  ? snd_seq_port_connect+0x61/0x560
[  123.848037][ T6571]  ? snd_seq_port_use_ptr+0x14d/0x1b0
[  123.848066][ T6571]  ? snd_seq_port_connect+0x61/0x560
[  123.848091][ T6571]  snd_seq_port_connect+0x61/0x560
[  123.848117][ T6571]  ? _raw_read_unlock+0x28/0x50
[  123.848144][ T6571]  ? check_subscription_permission.isra.0+0x146/0x240
[  123.848177][ T6571]  snd_seq_ioctl_subscribe_port+0x20d/0x4f0
[  123.848211][ T6571]  ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10
[  123.848255][ T6571]  call_seq_client_ctl+0xa3/0x130
[  123.848284][ T6571]  snd_seq_kernel_client_ctl+0x77/0xd0
[  123.848313][ T6571]  snd_seq_oss_midi_open+0x48b/0x6b0
[  123.848350][ T6571]  ? __pfx_snd_seq_oss_midi_open+0x10/0x10
[  123.848383][ T6571]  ? snd_seq_oss_midi_reset+0x11a/0x4c0
[  123.848417][ T6571]  ? __pfx___might_resched+0x10/0x10
[  123.848464][ T6571]  ? __mutex_lock+0x26a/0x1b90
[  123.848508][ T6571]  snd_seq_oss_synth_reset+0x439/0x8e0
[  123.848546][ T6571]  ? __pfx_snd_seq_oss_synth_reset+0x10/0x10
[  123.848583][ T6571]  ? __pfx___fsnotify_parent+0x10/0x10
[  123.848621][ T6571]  snd_seq_oss_reset+0x73/0x290
[  123.848650][ T6571]  ? __pfx_odev_release+0x10/0x10
[  123.848677][ T6571]  snd_seq_oss_release+0x7c/0x180
[  123.848706][ T6571]  ? __pfx_odev_release+0x10/0x10
[  123.848730][ T6571]  odev_release+0x56/0xa0
[  123.848754][ T6571]  __fput+0x3ff/0xb40
[  123.848797][ T6571]  task_work_run+0x150/0x240
[  123.848837][ T6571]  ? __pfx_task_work_run+0x10/0x10
[  123.848885][ T6571]  exit_to_user_mode_loop+0x100/0x4b0
[  123.848920][ T6571]  ? rcu_is_watching+0x12/0xc0
[  123.848948][ T6571]  do_syscall_64+0x4ea/0xf80
[  123.848982][ T6571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.849007][ T6571] RIP: 0033:0x7f8d5179af79
[  123.849031][ T6571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  123.849054][ T6571] RSP: 002b:00007f8d5267a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  123.849079][ T6571] RAX: 0000000000000000 RBX: 00007f8d51a15fa0 RCX: 00007f8d5179af79
[  123.849095][ T6571] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002
[  123.849109][ T6571] RBP: 00007f8d518316e0 R08: 0000000000000000 R09: 0000000000000000
[  123.849124][ T6571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.849139][ T6571] R13: 00007f8d51a16038 R14: 00007f8d51a15fa0 R15: 00007fffcd4e5b18
[  123.849176][ T6571]  </TASK>
[  127.073929][ T6640] FAULT_INJECTION: forcing a failure.
[  127.073929][ T6640] name failslab, interval 1, probability 0, space 0, times 0
[  127.106219][   T30] audit: type=1800 audit(1770654187.244:3): pid=6643 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.110" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0
[  127.173801][ T6640] CPU: 1 UID: 0 PID: 6640 Comm: syz.1.111 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  127.173827][ T6640] Tainted: [L]=SOFTLOCKUP
[  127.173831][ T6640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  127.173840][ T6640] Call Trace:
[  127.173845][ T6640]  <TASK>
[  127.173850][ T6640]  dump_stack_lvl+0x100/0x190
[  127.173878][ T6640]  should_fail_ex.cold+0x5/0xa
[  127.173901][ T6640]  should_failslab+0xc2/0x120
[  127.173920][ T6640]  __kmalloc_cache_noprof+0x80/0x810
[  127.173934][ T6640]  ? find_held_lock+0x2b/0x80
[  127.173947][ T6640]  ? alloc_fs_context+0x57/0xf50
[  127.173968][ T6640]  ? alloc_fs_context+0x57/0xf50
[  127.173984][ T6640]  alloc_fs_context+0x57/0xf50
[  127.174001][ T6640]  ? __get_fs_type+0x12c/0x170
[  127.174021][ T6640]  fs_context_for_submount+0x26/0xc0
[  127.174039][ T6640]  trace_automount+0x47/0xa0
[  127.174061][ T6640]  __traverse_mounts+0x1b9/0x8a0
[  127.174083][ T6640]  step_into_slowpath+0x76e/0xf50
[  127.174096][ T6640]  ? __d_lookup+0x25c/0x4a0
[  127.174116][ T6640]  ? __d_lookup+0x25c/0x4a0
[  127.174138][ T6640]  ? __pfx_step_into_slowpath+0x10/0x10
[  127.174159][ T6640]  ? __d_lookup+0x266/0x4a0
[  127.174182][ T6640]  ? lookup_fast+0x2da/0x600
[  127.174202][ T6640]  ? inode_permission+0x374/0x630
[  127.174242][ T6640]  link_path_walk+0xf28/0x1cc0
[  127.174279][ T6640]  path_openat+0x1be/0x3120
[  127.174306][ T6640]  ? getname_flags+0x93/0xf0
[  127.174329][ T6640]  ? do_sys_openat2+0xc5/0x220
[  127.174363][ T6640]  ? __x64_sys_openat+0x12d/0x210
[  127.174399][ T6640]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.174433][ T6640]  ? __pfx_path_openat+0x10/0x10
[  127.174476][ T6640]  do_filp_open+0x1f7/0x420
[  127.174508][ T6640]  ? __pfx_do_filp_open+0x10/0x10
[  127.174561][ T6640]  ? _raw_spin_unlock+0x28/0x50
[  127.174586][ T6640]  ? alloc_fd+0x476/0x790
[  127.174624][ T6640]  do_sys_openat2+0x12e/0x220
[  127.174660][ T6640]  ? __pfx_do_sys_openat2+0x10/0x10
[  127.174708][ T6640]  __x64_sys_openat+0x12d/0x210
[  127.174746][ T6640]  ? __pfx___x64_sys_openat+0x10/0x10
[  127.174779][ T6640]  ? xfd_validate_state+0x129/0x190
[  127.174827][ T6640]  do_syscall_64+0xc9/0xf80
[  127.174865][ T6640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.174890][ T6640] RIP: 0033:0x7feee839af79
[  127.174909][ T6640] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  127.174932][ T6640] RSP: 002b:00007feee918b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  127.174955][ T6640] RAX: ffffffffffffffda RBX: 00007feee8615fa0 RCX: 00007feee839af79
[  127.174971][ T6640] RDX: 0000000000100000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  127.174987][ T6640] RBP: 00007feee84316e0 R08: 0000000000000000 R09: 0000000000000000
[  127.175001][ T6640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  127.175015][ T6640] R13: 00007feee8616038 R14: 00007feee8615fa0 R15: 00007ffc6e628cf8
[  127.175049][ T6640]  </TASK>
[  127.619853][ T6645] process 'syz.2.108' launched './file0' with NULL argv: empty string added
[  129.476997][ T6689] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  129.486420][ T6689] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  129.543412][ T6689] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  129.634704][ T6689] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  129.649706][ T6689] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  129.763228][ T6689] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  129.856666][ T6689] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  129.864747][ T6689] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  130.042998][ T6689] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  130.142018][ T6689] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  130.169788][ T6689] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  130.208269][ T6689] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  130.476580][ T6719] CIFS: VFS: Invalid SecurityFlags: 
[  130.484487][   T30] audit: type=1326 audit(1770654190.634:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.1.121" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feee839af79 code=0x0
[  130.484840][ T6718] CIFS: VFS: Invalid SecurityFlags: 
[  130.511043][   T30] audit: type=1326 audit(1770654190.634:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6717 comm="syz.1.121" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feee839af79 code=0x0
[  130.614033][ T6722] bdi 43:448: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead.
[  130.875853][ T6728] netlink: 36 bytes leftover after parsing attributes in process `syz.3.124'.
[  131.414744][ T6745] netlink: 'syz.1.128': attribute type 9 has an invalid length.
[  131.444612][ T6745] netlink: 330 bytes leftover after parsing attributes in process `syz.1.128'.
[  131.532050][ T5147] Bluetooth: hci0: command 0x0c1a tx timeout
[  131.689809][ T5147] Bluetooth: hci1: command 0x0c1a tx timeout
[  131.934200][ T5147] Bluetooth: hci2: command 0x0c1a tx timeout
[  132.164937][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout
[  133.279711][ T6778] blktrace: Concurrent blktraces are not allowed on mtdblock0
[  133.605239][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout
[  133.769209][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout
[  134.004459][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  134.245044][ T5826] Bluetooth: hci3: command 0x0c1a tx timeout
[  134.332623][ T6804] blktrace: Concurrent blktraces are not allowed on mtdblock0
[  134.965373][ T5147] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  135.687904][ T5147] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.844344][ T5147] Bluetooth: hci1: command 0x0c1a tx timeout
[  136.104181][ T5147] Bluetooth: hci2: command 0x0c1a tx timeout
[  136.325776][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout
[  137.353116][ T6855] bridge0: port 3(team0) entered blocking state
[  137.359618][ T6855] bridge0: port 3(team0) entered disabled state
[  137.366322][ T6855] team0: entered allmulticast mode
[  137.371471][ T6855] team_slave_0: entered allmulticast mode
[  137.377375][ T6855] team_slave_1: entered allmulticast mode
[  137.388282][ T6855] team0: entered promiscuous mode
[  137.397766][ T6855] team_slave_0: entered promiscuous mode
[  137.417340][ T6855] team_slave_1: entered promiscuous mode
[  137.434666][ T6855] bridge0: port 3(team0) entered blocking state
[  137.441125][ T6855] bridge0: port 3(team0) entered forwarding state
[  137.871577][ T6864] blktrace: Concurrent blktraces are not allowed on mtdblock0
[  138.031323][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  138.038031][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  140.305675][ T6930] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  140.839309][ T6949] netlink: 330 bytes leftover after parsing attributes in process `syz.2.160'.
[  141.316474][ T6960] FAULT_INJECTION: forcing a failure.
[  141.316474][ T6960] name failslab, interval 1, probability 0, space 0, times 0
[  141.334758][ T6960] CPU: 1 UID: 0 PID: 6960 Comm: syz.2.162 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  141.334803][ T6960] Tainted: [L]=SOFTLOCKUP
[  141.334813][ T6960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  141.334828][ T6960] Call Trace:
[  141.334837][ T6960]  <TASK>
[  141.334847][ T6960]  dump_stack_lvl+0x100/0x190
[  141.334885][ T6960]  should_fail_ex.cold+0x5/0xa
[  141.334929][ T6960]  should_failslab+0xc2/0x120
[  141.334967][ T6960]  kmem_cache_alloc_noprof+0x83/0x780
[  141.335003][ T6960]  ? key_alloc+0xc0f/0x1310
[  141.335050][ T6960]  ? key_alloc+0xc0f/0x1310
[  141.335089][ T6960]  key_alloc+0xc0f/0x1310
[  141.335145][ T6960]  ? __pfx_key_alloc+0x10/0x10
[  141.335181][ T6960]  ? __asan_memcpy+0x3c/0x60
[  141.335218][ T6960]  keyring_alloc+0x44/0xc0
[  141.335242][ T6960]  keyctl_get_persistent+0x779/0x8b0
[  141.335260][ T6960]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  141.335277][ T6960]  ? __x64_sys_futex+0x34f/0x4d0
[  141.335298][ T6960]  ? __x64_sys_futex+0x358/0x4d0
[  141.335320][ T6960]  ? xfd_validate_state+0x129/0x190
[  141.335356][ T6960]  __do_sys_keyctl+0x3b2/0x5a0
[  141.335377][ T6960]  do_syscall_64+0xc9/0xf80
[  141.335397][ T6960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.335413][ T6960] RIP: 0033:0x7f3c2bd9af79
[  141.335431][ T6960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  141.335446][ T6960] RSP: 002b:00007f3c2cb98028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  141.335461][ T6960] RAX: ffffffffffffffda RBX: 00007f3c2c015fa0 RCX: 00007f3c2bd9af79
[  141.335471][ T6960] RDX: 7fffffffffffffff RSI: 000000000000ee00 RDI: 0000000000000016
[  141.335480][ T6960] RBP: 00007f3c2be316e0 R08: 000000000000000c R09: 0000000000000000
[  141.335488][ T6960] R10: 00000000000099a7 R11: 0000000000000246 R12: 0000000000000000
[  141.335497][ T6960] R13: 00007f3c2c016038 R14: 00007f3c2c015fa0 R15: 00007fffef2ac8e8
[  141.335517][ T6960]  </TASK>
[  141.800789][ T6969] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  142.139532][ T6974] ptp ptp0: only physical clock in use now
[  145.604236][ T5147] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  146.729919][ T7040] mkiss: ax0: crc mode is auto.
[  147.038365][ T7064] FAULT_INJECTION: forcing a failure.
[  147.038365][ T7064] name failslab, interval 1, probability 0, space 0, times 0
[  147.074275][ T7064] CPU: 1 UID: 0 PID: 7064 Comm: syz.3.183 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  147.074302][ T7064] Tainted: [L]=SOFTLOCKUP
[  147.074307][ T7064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  147.074316][ T7064] Call Trace:
[  147.074321][ T7064]  <TASK>
[  147.074327][ T7064]  dump_stack_lvl+0x100/0x190
[  147.074349][ T7064]  should_fail_ex.cold+0x5/0xa
[  147.074373][ T7064]  should_failslab+0xc2/0x120
[  147.074393][ T7064]  kmem_cache_alloc_noprof+0x83/0x780
[  147.074411][ T7064]  ? __proc_create+0xc2/0x8c0
[  147.074432][ T7064]  ? __proc_create+0x2cb/0x8c0
[  147.074456][ T7064]  ? __proc_create+0x2cb/0x8c0
[  147.074476][ T7064]  __proc_create+0x2cb/0x8c0
[  147.074499][ T7064]  ? __pfx___proc_create+0x10/0x10
[  147.074523][ T7064]  ? _raw_write_unlock+0x28/0x50
[  147.074538][ T7064]  ? proc_register+0x559/0x8a0
[  147.074553][ T7064]  proc_create_reg+0x75/0x170
[  147.074569][ T7064]  proc_create_seq_private+0x8e/0x180
[  147.074584][ T7064]  ? __pfx_proc_create_seq_private+0x10/0x10
[  147.074598][ T7064]  ? __pfx_proc_create_net_data+0x10/0x10
[  147.074611][ T7064]  ? __pfx_uevent_net_rcv+0x10/0x10
[  147.074634][ T7064]  ? __pfx_dev_proc_net_init+0x10/0x10
[  147.074653][ T7064]  dev_proc_net_init+0xac/0x230
[  147.074673][ T7064]  ops_init+0x1e2/0x5f0
[  147.074696][ T7064]  setup_net+0x118/0x3a0
[  147.074710][ T7064]  ? __pfx_setup_net+0x10/0x10
[  147.074722][ T7064]  ? lockdep_init_map_type+0x5c/0x250
[  147.074742][ T7064]  ? mutex_init_lockep+0x110/0x150
[  147.074765][ T7064]  copy_net_ns+0x46f/0x7c0
[  147.074781][ T7064]  create_new_namespaces+0x3ea/0xab0
[  147.074802][ T7064]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  147.074820][ T7064]  ksys_unshare+0x455/0xab0
[  147.074841][ T7064]  ? __pfx_ksys_unshare+0x10/0x10
[  147.074861][ T7064]  ? xfd_validate_state+0x129/0x190
[  147.074889][ T7064]  __x64_sys_unshare+0x31/0x40
[  147.074908][ T7064]  do_syscall_64+0xc9/0xf80
[  147.074926][ T7064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.074941][ T7064] RIP: 0033:0x7f8d5179af79
[  147.074953][ T7064] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  147.074967][ T7064] RSP: 002b:00007f8d52659028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  147.074981][ T7064] RAX: ffffffffffffffda RBX: 00007f8d51a16090 RCX: 00007f8d5179af79
[  147.074990][ T7064] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  147.074999][ T7064] RBP: 00007f8d518316e0 R08: 0000000000000000 R09: 0000000000000000
[  147.075007][ T7064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  147.075015][ T7064] R13: 00007f8d51a16128 R14: 00007f8d51a16090 R15: 00007fffcd4e5b18
[  147.075043][ T7064]  </TASK>
[  148.450681][ T7083] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030
[  148.913761][ T7102] FAULT_INJECTION: forcing a failure.
[  148.913761][ T7102] name failslab, interval 1, probability 0, space 0, times 0
[  148.962264][ T7102] CPU: 1 UID: 0 PID: 7102 Comm: syz.2.190 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  148.962312][ T7102] Tainted: [L]=SOFTLOCKUP
[  148.962322][ T7102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  148.962338][ T7102] Call Trace:
[  148.962347][ T7102]  <TASK>
[  148.962359][ T7102]  dump_stack_lvl+0x100/0x190
[  148.962400][ T7102]  should_fail_ex.cold+0x5/0xa
[  148.962447][ T7102]  should_failslab+0xc2/0x120
[  148.962488][ T7102]  kmem_cache_alloc_noprof+0x83/0x780
[  148.962526][ T7102]  ? vm_area_dup+0x27/0x8e0
[  148.962561][ T7102]  ? vm_area_dup+0x27/0x8e0
[  148.962589][ T7102]  vm_area_dup+0x27/0x8e0
[  148.962621][ T7102]  copy_vma+0x643/0xac0
[  148.962666][ T7102]  ? __pfx_copy_vma+0x10/0x10
[  148.962706][ T7102]  ? register_lock_class+0x40/0x560
[  148.962759][ T7102]  ? lock_acquire+0x17c/0x330
[  148.962797][ T7102]  copy_vma_and_data+0x1cf/0x7c0
[  148.962831][ T7102]  ? __pfx_copy_vma_and_data+0x10/0x10
[  148.962875][ T7102]  ? find_held_lock+0x2b/0x80
[  148.962900][ T7102]  ? move_vma+0x50c/0x1990
[  148.962926][ T7102]  ? move_vma+0x50c/0x1990
[  148.962962][ T7102]  move_vma+0x51e/0x1990
[  148.962998][ T7102]  ? __pfx_move_vma+0x10/0x10
[  148.963032][ T7102]  ? mm_get_unmapped_area_vmflags+0xd7/0x130
[  148.963072][ T7102]  ? cap_mmap_addr+0x4b/0x120
[  148.963103][ T7102]  ? bpf_lsm_mmap_addr+0x9/0x10
[  148.963138][ T7102]  ? security_mmap_addr+0x71/0x1e0
[  148.963176][ T7102]  ? __get_unmapped_area+0x255/0x3e0
[  148.963210][ T7102]  ? vrm_set_new_addr+0x204/0x290
[  148.963238][ T7102]  mremap_to+0x1b7/0x450
[  148.963263][ T7102]  do_mremap+0xb76/0x2130
[  148.963299][ T7102]  ? __pfx_do_mremap+0x10/0x10
[  148.963337][ T7102]  __do_sys_mremap+0x126/0x170
[  148.963362][ T7102]  ? __pfx___do_sys_mremap+0x10/0x10
[  148.963389][ T7102]  ? find_held_lock+0x2b/0x80
[  148.963413][ T7102]  ? __x64_sys_futex+0x34f/0x4d0
[  148.963462][ T7102]  do_syscall_64+0xc9/0xf80
[  148.963493][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.963517][ T7102] RIP: 0033:0x7f3c2bd9af79
[  148.963537][ T7102] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.963559][ T7102] RSP: 002b:00007f3c2cb98028 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  148.963580][ T7102] RAX: ffffffffffffffda RBX: 00007f3c2c015fa0 RCX: 00007f3c2bd9af79
[  148.963596][ T7102] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200001000000
[  148.963610][ T7102] RBP: 00007f3c2be316e0 R08: 0000000100000000 R09: 0000000000000000
[  148.963626][ T7102] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  148.963650][ T7102] R13: 00007f3c2c016038 R14: 00007f3c2c015fa0 R15: 00007fffef2ac8e8
[  148.963687][ T7102]  </TASK>
[  151.293414][ T7144] loop6: detected capacity change from 0 to 8192
[  153.505889][ T7163] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  153.534997][ T7163] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  153.563493][ T7163] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  153.582038][ T7163] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  153.602352][ T7163] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  154.046175][ T7169] netlink: 9 bytes leftover after parsing attributes in process `syz.1.202'.
[  154.964244][ T5147] Bluetooth: hci0: command 0x0c1a tx timeout
[  155.509178][ T7205] binder: 7201:7205 ioctl c0306201 0 returned -14
[  155.604465][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout
[  155.607601][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  155.611817][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout
[  157.685656][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout
[  158.179419][ T5147] Bluetooth: hci3: Malformed LE Event: 0x0b
[  160.014022][ T5147] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  161.180031][ T7312] netlink: 346 bytes leftover after parsing attributes in process `syz.1.229'.
[  161.471722][ T5831] Bluetooth: hci1: hcon ffff888034a2c000 sent 0 < count 256
[  162.058656][ T7334] FAULT_INJECTION: forcing a failure.
[  162.058656][ T7334] name failslab, interval 1, probability 0, space 0, times 0
[  162.072475][ T7334] CPU: 0 UID: 0 PID: 7334 Comm: syz.0.233 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  162.072519][ T7334] Tainted: [L]=SOFTLOCKUP
[  162.072537][ T7334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  162.072553][ T7334] Call Trace:
[  162.072562][ T7334]  <TASK>
[  162.072572][ T7334]  dump_stack_lvl+0x100/0x190
[  162.072612][ T7334]  should_fail_ex.cold+0x5/0xa
[  162.072659][ T7334]  should_failslab+0xc2/0x120
[  162.072699][ T7334]  __kmalloc_node_track_caller_noprof+0xf9/0x9d0
[  162.072738][ T7334]  ? __request_module+0x2d5/0x650
[  162.072784][ T7334]  ? kstrdup+0x51/0xe0
[  162.072816][ T7334]  kstrdup+0x51/0xe0
[  162.072852][ T7334]  __request_module+0x2d5/0x650
[  162.072893][ T7334]  ? __pfx___request_module+0x10/0x10
[  162.072951][ T7334]  ? find_held_lock+0x2b/0x80
[  162.072978][ T7334]  ? inet_create+0xa72/0x1060
[  162.073018][ T7334]  inet_create+0xd45/0x1060
[  162.073050][ T7334]  ? inet_create+0x94/0x1060
[  162.073088][ T7334]  __sock_create+0x339/0x860
[  162.073126][ T7334]  __sys_socket+0x14d/0x260
[  162.073153][ T7334]  ? __pfx_task_work_run+0x10/0x10
[  162.073192][ T7334]  ? __pfx___sys_socket+0x10/0x10
[  162.073221][ T7334]  ? xfd_validate_state+0x129/0x190
[  162.073270][ T7334]  __x64_sys_socket+0x72/0xb0
[  162.073298][ T7334]  ? lockdep_hardirqs_on+0x78/0x100
[  162.073330][ T7334]  do_syscall_64+0xc9/0xf80
[  162.073364][ T7334]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.073392][ T7334] RIP: 0033:0x7f177439af79
[  162.073414][ T7334] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.073441][ T7334] RSP: 002b:00007f1775263028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  162.073467][ T7334] RAX: ffffffffffffffda RBX: 00007f1774615fa0 RCX: 00007f177439af79
[  162.073485][ T7334] RDX: 000000000000000b RSI: 0000000000080000 RDI: 0000000000000002
[  162.073501][ T7334] RBP: 00007f17744316e0 R08: 0000000000000000 R09: 0000000000000000
[  162.073517][ T7334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.073541][ T7334] R13: 00007f1774616038 R14: 00007f1774615fa0 R15: 00007ffd3be80c58
[  162.073578][ T7334]  </TASK>
[  162.315186][ T7344] binder: 7338:7344 ioctl c0306201 0 returned -14
[  164.147396][ T7389] NFSD: Failed to start, no listeners configured.
[  165.275972][ T7416] binder: 7411:7416 ioctl c0306201 0 returned -14
[  165.599400][ T5831] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  165.599478][ T5831] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  165.623461][ T5831] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  165.623525][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.644391][ T5831] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  165.654660][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.661805][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.668631][ T5831] Bluetooth: hci2: Malformed LE Event: 0x0d
[  165.711820][ T5831] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260
[  165.711856][ T5831] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260
[  165.729388][ T5831] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  165.729422][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.744232][ T5831] Bluetooth: hci2: Unknown advertising packet type: 0x7f
[  165.784229][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.791317][ T5831] Bluetooth: hci2: adv larger than maximum supported
[  165.878487][ T5831] Bluetooth: hci2: Malformed LE Event: 0x0d
[  165.933618][ T7409] zswap: compressor  not available
[  166.558335][ T7432] __vm_enough_memory: pid: 7432, comm: syz.0.249, bytes: 4398046511104 not enough memory for the allocation
[  166.586136][ T7433] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  168.205980][ T7465] bridge0: port 3(veth1_macvtap) entered blocking state
[  168.237670][ T7465] bridge0: port 3(veth1_macvtap) entered disabled state
[  168.266630][ T7465] veth1_macvtap: entered allmulticast mode
[  168.278624][ T7468] zswap: compressor û not available
[  168.290276][ T7465] veth1_macvtap: left allmulticast mode
[  168.815326][ T7484] nbd: must specify at least one socket
[  170.489892][ T7503] FAULT_INJECTION: forcing a failure.
[  170.489892][ T7503] name fail_futex, interval 1, probability 0, space 0, times 0
[  170.524186][ T7503] CPU: 1 UID: 0 PID: 7503 Comm: syz.1.269 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  170.524224][ T7503] Tainted: [L]=SOFTLOCKUP
[  170.524232][ T7503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  170.524246][ T7503] Call Trace:
[  170.524253][ T7503]  <TASK>
[  170.524263][ T7503]  dump_stack_lvl+0x100/0x190
[  170.524296][ T7503]  should_fail_ex.cold+0x5/0xa
[  170.524341][ T7503]  get_futex_key+0x1d2/0x1620
[  170.524372][ T7503]  ? __pfx_get_futex_key+0x10/0x10
[  170.524399][ T7503]  ? do_mremap+0xa96/0x2130
[  170.524434][ T7503]  futex_wake+0xea/0x530
[  170.524472][ T7503]  ? __pfx_futex_wake+0x10/0x10
[  170.524519][ T7503]  do_futex+0x32b/0x350
[  170.524551][ T7503]  ? __pfx_do_futex+0x10/0x10
[  170.524579][ T7503]  ? __pfx___do_sys_mremap+0x10/0x10
[  170.524607][ T7503]  ? find_held_lock+0x2b/0x80
[  170.524634][ T7503]  __x64_sys_futex+0x34f/0x4d0
[  170.524667][ T7503]  ? __pfx___x64_sys_futex+0x10/0x10
[  170.524710][ T7503]  do_syscall_64+0xc9/0xf80
[  170.524741][ T7503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.524765][ T7503] RIP: 0033:0x7feee839af79
[  170.524785][ T7503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.524807][ T7503] RSP: 002b:00007feee918b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  170.524830][ T7503] RAX: ffffffffffffffda RBX: 00007feee8615fa8 RCX: 00007feee839af79
[  170.524845][ T7503] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feee8615fac
[  170.524859][ T7503] RBP: 00007feee8615fa0 R08: 0000000000000000 R09: 0000000000000000
[  170.524872][ T7503] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000000
[  170.524885][ T7503] R13: 00007feee8616038 R14: 00007ffc6e628c10 R15: 00007ffc6e628cf8
[  170.524916][ T7503]  </TASK>
[  170.913811][ T7503] FAULT_INJECTION: forcing a failure.
[  170.913811][ T7503] name fail_futex, interval 1, probability 0, space 0, times 0
[  170.936322][ T7503] CPU: 1 UID: 0 PID: 7503 Comm: syz.1.269 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  170.936351][ T7503] Tainted: [L]=SOFTLOCKUP
[  170.936356][ T7503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  170.936364][ T7503] Call Trace:
[  170.936370][ T7503]  <TASK>
[  170.936375][ T7503]  dump_stack_lvl+0x100/0x190
[  170.936396][ T7503]  should_fail_ex.cold+0x5/0xa
[  170.936415][ T7503]  ? arch_stack_walk+0xa6/0xf0
[  170.936432][ T7503]  get_futex_key+0x1d2/0x1620
[  170.936453][ T7503]  ? __pfx_get_futex_key+0x10/0x10
[  170.936469][ T7503]  ? stack_trace_save+0x8e/0xc0
[  170.936484][ T7503]  ? __pfx_stack_trace_save+0x10/0x10
[  170.936499][ T7503]  ? stack_depot_save_flags+0x27/0x9c0
[  170.936523][ T7503]  futex_wait_setup+0x81/0x500
[  170.936543][ T7503]  __futex_wait+0x19f/0x300
[  170.936558][ T7503]  ? __pfx___futex_wait+0x10/0x10
[  170.936573][ T7503]  ? __pfx_futex_wake_mark+0x10/0x10
[  170.936596][ T7503]  ? futex_hash+0x2c5/0x380
[  170.936618][ T7503]  futex_wait+0xed/0x380
[  170.936630][ T7503]  ? __pfx_futex_wait+0x10/0x10
[  170.936642][ T7503]  ? lockdep_hardirqs_on+0x78/0x100
[  170.936661][ T7503]  ? fd_install+0x223/0x580
[  170.936675][ T7503]  ? putname+0xf5/0x1a0
[  170.936696][ T7503]  do_futex+0x1ef/0x350
[  170.936714][ T7503]  ? __pfx_do_futex+0x10/0x10
[  170.936730][ T7503]  ? __pfx_do_sys_openat2+0x10/0x10
[  170.936765][ T7503]  __x64_sys_futex+0x34f/0x4d0
[  170.936798][ T7503]  ? __x64_sys_openat+0x12d/0x210
[  170.936830][ T7503]  ? __pfx___x64_sys_futex+0x10/0x10
[  170.936858][ T7503]  ? xfd_validate_state+0x129/0x190
[  170.936885][ T7503]  do_syscall_64+0xc9/0xf80
[  170.936903][ T7503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.936917][ T7503] RIP: 0033:0x7feee839af79
[  170.936929][ T7503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.936941][ T7503] RSP: 002b:00007feee918b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  170.936955][ T7503] RAX: ffffffffffffffda RBX: 00007feee8615fa8 RCX: 00007feee839af79
[  170.936964][ T7503] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feee8615fa8
[  170.936972][ T7503] RBP: 00007feee8615fa0 R08: 0000000000000000 R09: 0000000000000000
[  170.936980][ T7503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  170.936988][ T7503] R13: 00007feee8616038 R14: 00007ffc6e628c10 R15: 00007ffc6e628cf8
[  170.937005][ T7503]  </TASK>
[  172.329106][ T7552] netlink: 472 bytes leftover after parsing attributes in process `syz.1.277'.
[  172.664914][ T7568] FAULT_INJECTION: forcing a failure.
[  172.664914][ T7568] name failslab, interval 1, probability 0, space 0, times 0
[  172.784930][ T7568] CPU: 0 UID: 0 PID: 7568 Comm: syz.3.279 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  172.784970][ T7568] Tainted: [L]=SOFTLOCKUP
[  172.784979][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  172.784993][ T7568] Call Trace:
[  172.785002][ T7568]  <TASK>
[  172.785011][ T7568]  dump_stack_lvl+0x100/0x190
[  172.785047][ T7568]  should_fail_ex.cold+0x5/0xa
[  172.785088][ T7568]  should_failslab+0xc2/0x120
[  172.785122][ T7568]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  172.785147][ T7568]  __kmalloc_noprof+0xf6/0x9c0
[  172.785184][ T7568]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  172.785209][ T7568]  kernfs_fop_write_iter+0x26a/0x5f0
[  172.785240][ T7568]  vfs_write+0x6ac/0x1070
[  172.785270][ T7568]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  172.785300][ T7568]  ? __pfx_vfs_write+0x10/0x10
[  172.785325][ T7568]  ? find_held_lock+0x2b/0x80
[  172.785389][ T7568]  ksys_write+0x12a/0x250
[  172.785417][ T7568]  ? __pfx_ksys_write+0x10/0x10
[  172.785456][ T7568]  do_syscall_64+0xc9/0xf80
[  172.785490][ T7568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.785515][ T7568] RIP: 0033:0x7f8d5179af79
[  172.785535][ T7568] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.785558][ T7568] RSP: 002b:00007f8d5267a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  172.785582][ T7568] RAX: ffffffffffffffda RBX: 00007f8d51a15fa0 RCX: 00007f8d5179af79
[  172.785599][ T7568] RDX: 0000000000000081 RSI: 0000200000000000 RDI: 0000000000000003
[  172.785614][ T7568] RBP: 00007f8d5267a090 R08: 0000000000000000 R09: 0000000000000000
[  172.785629][ T7568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  172.785643][ T7568] R13: 00007f8d51a16038 R14: 00007f8d51a15fa0 R15: 00007fffcd4e5b18
[  172.785680][ T7568]  </TASK>
[  172.982539][ T7571] vhci_hcd: not connected 4
[  173.201013][ T7579] FAULT_INJECTION: forcing a failure.
[  173.201013][ T7579] name failslab, interval 1, probability 0, space 0, times 0
[  173.234334][ T7579] CPU: 1 UID: 0 PID: 7579 Comm: syz.0.281 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  173.234362][ T7579] Tainted: [L]=SOFTLOCKUP
[  173.234367][ T7579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  173.234376][ T7579] Call Trace:
[  173.234382][ T7579]  <TASK>
[  173.234388][ T7579]  dump_stack_lvl+0x100/0x190
[  173.234411][ T7579]  should_fail_ex.cold+0x5/0xa
[  173.234435][ T7579]  should_failslab+0xc2/0x120
[  173.234455][ T7579]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  173.234470][ T7579]  __kmalloc_noprof+0xf6/0x9c0
[  173.234483][ T7579]  ? iter_file_splice_write+0x1d3/0x10a0
[  173.234502][ T7579]  ? rcu_is_watching+0x12/0xc0
[  173.234516][ T7579]  ? iter_file_splice_write+0x1d3/0x10a0
[  173.234536][ T7579]  ? kernfs_fop_write_iter+0x26a/0x5f0
[  173.234549][ T7579]  kernfs_fop_write_iter+0x26a/0x5f0
[  173.234567][ T7579]  iter_file_splice_write+0x82b/0x10a0
[  173.234593][ T7579]  ? __pfx_iter_file_splice_write+0x10/0x10
[  173.234613][ T7579]  ? __pfx_copy_splice_read+0x10/0x10
[  173.234639][ T7579]  ? __pfx_iter_file_splice_write+0x10/0x10
[  173.234657][ T7579]  direct_splice_actor+0x192/0x6c0
[  173.234675][ T7579]  splice_direct_to_actor+0x345/0xa30
[  173.234693][ T7579]  ? __pfx_direct_splice_actor+0x10/0x10
[  173.234713][ T7579]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  173.234734][ T7579]  do_splice_direct+0x174/0x240
[  173.234750][ T7579]  ? __pfx_do_splice_direct+0x10/0x10
[  173.234765][ T7579]  ? common_file_perm+0x1ab/0x4f0
[  173.234786][ T7579]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  173.234805][ T7579]  ? rw_verify_area+0xce/0x6d0
[  173.234821][ T7579]  do_sendfile+0xadc/0xe20
[  173.234840][ T7579]  ? __pfx_do_sendfile+0x10/0x10
[  173.234856][ T7579]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  173.234881][ T7579]  __x64_sys_sendfile64+0x1d8/0x220
[  173.234900][ T7579]  ? xfd_validate_state+0x129/0x190
[  173.234921][ T7579]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  173.234940][ T7579]  ? rcu_is_watching+0x12/0xc0
[  173.234958][ T7579]  do_syscall_64+0xc9/0xf80
[  173.234977][ T7579]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.234991][ T7579] RIP: 0033:0x7f177439af79
[  173.235004][ T7579] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  173.235017][ T7579] RSP: 002b:00007f1775263028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  173.235032][ T7579] RAX: ffffffffffffffda RBX: 00007f1774615fa0 RCX: 00007f177439af79
[  173.235049][ T7579] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[  173.235058][ T7579] RBP: 00007f17744316e0 R08: 0000000000000000 R09: 0000000000000000
[  173.235066][ T7579] R10: 000000004f64a1d5 R11: 0000000000000246 R12: 0000000000000000
[  173.235075][ T7579] R13: 00007f1774616038 R14: 00007f1774615fa0 R15: 00007ffd3be80c58
[  173.235095][ T7579]  </TASK>
[  174.188373][ T7607] netlink: 16 bytes leftover after parsing attributes in process `syz.3.287'.
[  175.533331][ T7633] netlink: 'syz.0.292': attribute type 4 has an invalid length.
[  175.587817][ T7633] netlink: 314 bytes leftover after parsing attributes in process `syz.0.292'.
[  175.878639][ T5831] Bluetooth: hci1: hcon ffff888034a2c000 sent 0 < count 256
[  176.317899][ T7651] netlink: 342 bytes leftover after parsing attributes in process `syz.0.297'.
[  177.973376][ T5831] Bluetooth: hci1: hcon ffff888034a2c000 sent 0 < count 256
[  178.056146][ T7694] openvswitch: HfR: Dropping previously announced user features
[  178.403131][ T7701] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7
[  180.133286][ T7736] netlink: 28 bytes leftover after parsing attributes in process `syz.2.313'.
[  180.770372][ T7753] zswap: compressor û not available

syzkaller
syzkaller login: [  183.102748][ T7799] zswap: compressor û not available
[  183.262225][ T5831] Bluetooth: hci1: hcon ffff888034a2c000 sent 0 < count 256
[  183.628647][ T7823] random: crng reseeded on system resumption
[  184.485194][ T7842] binder: 7838:7842 ioctl c0306201 0 returned -14
[  186.058199][ T7868] input: jJǸ-�¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input8
[  186.091212][ T7871] zswap: compressor û not available
[  188.213665][ T7899] kexec: Could not allocate control_code_buffer
[  190.143676][ T7958] capability: warning: `syz.2.351' uses 32-bit capabilities (legacy support in use)
[  192.598831][ T7997] Invalid ELF header magic: != ELF
[  193.053264][ T7970] kexec: Could not allocate control_code_buffer
[  193.119394][ T8008] binder: 8007:8008 ioctl 80044940 10000000000402 returned -22
[  193.682008][ T8014] zswap: compressor  not available
[  194.090550][ T8032] binder: 8029:8032 ioctl c0306201 0 returned -14
[  196.635568][ T8071] vhci_hcd: not connected 4
[  196.930565][ T8075] zswap: compressor û not available
[  197.001358][ T8047] netlink: Conntrack attr has 4 unknown bytes
[  197.344843][ T8085] &#$@\]\-: entered promiscuous mode
[  199.468385][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  199.490428][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  200.647957][ T8135] vivid-009: =================  START STATUS  =================
[  200.686688][ T8135] vivid-009: Radio HW Seek Mode: Bounded
[  200.734286][ T8135] vivid-009: Radio Programmable HW Seek: false
[  200.769782][ T8135] vivid-009: RDS Rx I/O Mode: Block I/O
[  200.835942][ T8135] vivid-009: Generate RBDS Instead of RDS: false
[  200.842340][ T8135] vivid-009: RDS Reception: true
[  200.875388][ T8135] vivid-009: RDS Program Type: 0 inactive
[  200.919843][ T8135] vivid-009: RDS PS Name:  inactive
[  200.939694][ T8135] vivid-009: RDS Radio Text:  inactive
[  200.964333][ T8135] vivid-009: RDS Traffic Announcement: false inactive
[  200.986835][ T8135] vivid-009: RDS Traffic Program: false inactive
[  201.001039][ T8135] vivid-009: RDS Music: false inactive
[  201.018862][ T8139] binder: 8137:8139 ioctl c0306201 0 returned -14
[  201.029758][ T8135] vivid-009: ==================  END STATUS  ==================
[  201.969901][ T8149] netlink: 350 bytes leftover after parsing attributes in process `syz.1.387'.
[  202.932851][ T5877] Process accounting resumed
[  203.186398][ T8182] zswap: compressor û not available
[  206.975909][ T8271] futex_wake_op: syz.3.405 tries to shift op by -2048; fix this program
[  207.006455][ T8271] futex_wake_op: syz.3.405 tries to shift op by -2048; fix this program
[  207.184698][ T8271] 0x000000000001-0x000000020000 : ""
[  207.280653][ T8271] ftl_cs: FTL header corrupt!
[  207.670961][ T8290] futex_wake_op: syz.0.406 tries to shift op by -2048; fix this program
[  207.717306][ T8290] futex_wake_op: syz.0.406 tries to shift op by -2048; fix this program
[  208.283985][ T8312] binder: 8300:8312 ioctl c0306201 0 returned -14
[  209.215985][ T8328] FAULT_INJECTION: forcing a failure.
[  209.215985][ T8328] name fail_futex, interval 1, probability 0, space 0, times 0
[  209.266757][ T8328] CPU: 1 UID: 0 PID: 8328 Comm: syz.2.412 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  209.266784][ T8328] Tainted: [L]=SOFTLOCKUP
[  209.266789][ T8328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  209.266809][ T8328] Call Trace:
[  209.266815][ T8328]  <TASK>
[  209.266821][ T8328]  dump_stack_lvl+0x100/0x190
[  209.266845][ T8328]  should_fail_ex.cold+0x5/0xa
[  209.266867][ T8328]  ? get_pid_task+0xfc/0x250
[  209.266888][ T8328]  get_futex_key+0x1d2/0x1620
[  209.266909][ T8328]  ? __pfx_get_futex_key+0x10/0x10
[  209.266925][ T8328]  ? kfree+0x2a9/0x690
[  209.266946][ T8328]  futex_wake+0xea/0x530
[  209.266969][ T8328]  ? __pfx_futex_wake+0x10/0x10
[  209.266991][ T8328]  ? fdget_pos+0x2aa/0x380
[  209.267009][ T8328]  ? do_writev+0x214/0x340
[  209.267028][ T8328]  do_futex+0x32b/0x350
[  209.267048][ T8328]  ? __pfx_do_futex+0x10/0x10
[  209.267068][ T8328]  ? __fget_files+0x21f/0x3d0
[  209.267085][ T8328]  __x64_sys_futex+0x34f/0x4d0
[  209.267107][ T8328]  ? __pfx___x64_sys_futex+0x10/0x10
[  209.267127][ T8328]  ? __pfx_do_writev+0x10/0x10
[  209.267146][ T8328]  do_syscall_64+0xc9/0xf80
[  209.267166][ T8328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.267180][ T8328] RIP: 0033:0x7f3c2bd9af79
[  209.267193][ T8328] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  209.267206][ T8328] RSP: 002b:00007f3c2cb770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  209.267221][ T8328] RAX: ffffffffffffffda RBX: 00007f3c2c016098 RCX: 00007f3c2bd9af79
[  209.267230][ T8328] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3c2c01609c
[  209.267239][ T8328] RBP: 00007f3c2c016090 R08: 0000000000000000 R09: 0000000000000000
[  209.267247][ T8328] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000
[  209.267256][ T8328] R13: 00007f3c2c016128 R14: 00007fffef2ac800 R15: 00007fffef2ac8e8
[  209.267276][ T8328]  </TASK>
[  210.018976][ T8348] netlink: 4 bytes leftover after parsing attributes in process `syz.2.415'.
[  210.020558][ T8348] netlink: 25 bytes leftover after parsing attributes in process `syz.2.415'.
[  210.932017][ T8368] QAT: Device 5 not found
[  210.938749][ T8368] QAT: Invalid ioctl 1090556978
[  211.275550][ T8379] binder: 8375:8379 ioctl c0306201 0 returned -14
[  212.043455][ T8400] zswap: compressor û not available
[  214.350090][ T8452] netlink: 342 bytes leftover after parsing attributes in process `syz.0.441'.
[  214.497998][ T8445] FAULT_INJECTION: forcing a failure.
[  214.497998][ T8445] name failslab, interval 1, probability 0, space 0, times 0
[  214.517128][ T8445] CPU: 0 UID: 0 PID: 8445 Comm: syz.3.440 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  214.517177][ T8445] Tainted: [L]=SOFTLOCKUP
[  214.517187][ T8445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  214.517204][ T8445] Call Trace:
[  214.517213][ T8445]  <TASK>
[  214.517223][ T8445]  dump_stack_lvl+0x100/0x190
[  214.517263][ T8445]  should_fail_ex.cold+0x5/0xa
[  214.517310][ T8445]  should_failslab+0xc2/0x120
[  214.517350][ T8445]  ? __register_sysctl_table+0xbe4/0x1650
[  214.517394][ T8445]  __kmalloc_noprof+0xf6/0x9c0
[  214.517421][ T8445]  ? __register_sysctl_table+0xbc8/0x1650
[  214.517465][ T8445]  ? __register_sysctl_table+0xbc8/0x1650
[  214.517518][ T8445]  ? __register_sysctl_table+0xbe4/0x1650
[  214.517559][ T8445]  __register_sysctl_table+0xbe4/0x1650
[  214.517611][ T8445]  ? __pfx___register_sysctl_table+0x10/0x10
[  214.517654][ T8445]  ? register_pidns_sysctls+0x4b/0x1c0
[  214.517700][ T8445]  ? __asan_memcpy+0x3c/0x60
[  214.517732][ T8445]  register_pidns_sysctls+0x120/0x1c0
[  214.517772][ T8445]  ? __ns_common_init+0x295/0x4b0
[  214.517810][ T8445]  copy_pid_ns+0x67a/0x1090
[  214.517842][ T8445]  ? __memcg_slab_post_alloc_hook+0x473/0x880
[  214.517884][ T8445]  ? __pfx_copy_pid_ns+0x10/0x10
[  214.517925][ T8445]  ? copy_mnt_ns+0x10b/0xc40
[  214.517967][ T8445]  ? kmem_cache_alloc_noprof+0x2ff/0x780
[  214.518005][ T8445]  ? create_new_namespaces+0x30/0xab0
[  214.518044][ T8445]  create_new_namespaces+0x2aa/0xab0
[  214.518085][ T8445]  unshare_nsproxy_namespaces+0xc3/0x1f0
[  214.518121][ T8445]  ksys_unshare+0x455/0xab0
[  214.518164][ T8445]  ? __pfx_ksys_unshare+0x10/0x10
[  214.518207][ T8445]  ? xfd_validate_state+0x129/0x190
[  214.518261][ T8445]  __x64_sys_unshare+0x31/0x40
[  214.518300][ T8445]  do_syscall_64+0xc9/0xf80
[  214.518339][ T8445]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.518368][ T8445] RIP: 0033:0x7f8d5179af79
[  214.518391][ T8445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  214.518419][ T8445] RSP: 002b:00007f8d5267a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  214.518446][ T8445] RAX: ffffffffffffffda RBX: 00007f8d51a15fa0 RCX: 00007f8d5179af79
[  214.518464][ T8445] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[  214.518482][ T8445] RBP: 00007f8d518316e0 R08: 0000000000000000 R09: 0000000000000000
[  214.518499][ T8445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.518516][ T8445] R13: 00007f8d51a16038 R14: 00007f8d51a15fa0 R15: 00007fffcd4e5b18
[  214.518554][ T8445]  </TASK>
[  214.518566][ T8445] sysctl could not get directory: /kernel -12
[  216.047696][ T5831] Bluetooth: hci1: hcon ffff888034a2c000 sent 0 < count 256
[  216.816930][ T8512] futex_wake_op: syz.3.450 tries to shift op by -2048; fix this program
[  218.333376][ T8533] Process accounting resumed
[  222.262390][ T8624] Invalid ELF header magic: != ELF
[  223.095940][   T30] audit: type=1804 audit(1770654283.244:6): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.474" name="/newroot/124/file0" dev="tmpfs" ino=665 res=1 errno=0
[  223.150935][ T8642] zram0: detected capacity change from 8 to 0
[  223.160177][   T30] audit: type=1804 audit(1770654283.304:7): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.474" name="/newroot/124/file0" dev="tmpfs" ino=665 res=1 errno=0
[  225.470072][ T8679] netlink: 8 bytes leftover after parsing attributes in process `syz.3.482'.
[  226.746266][ T8687] FAULT_INJECTION: forcing a failure.
[  226.746266][ T8687] name fail_futex, interval 1, probability 0, space 0, times 0
[  226.770810][ T8687] CPU: 1 UID: 0 PID: 8687 Comm: syz.3.484 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  226.770834][ T8687] Tainted: [L]=SOFTLOCKUP
[  226.770839][ T8687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  226.770847][ T8687] Call Trace:
[  226.770852][ T8687]  <TASK>
[  226.770857][ T8687]  dump_stack_lvl+0x100/0x190
[  226.770878][ T8687]  should_fail_ex.cold+0x5/0xa
[  226.770900][ T8687]  get_futex_key+0x106f/0x1620
[  226.770920][ T8687]  ? __pfx_get_futex_key+0x10/0x10
[  226.770943][ T8687]  futex_wake+0xea/0x530
[  226.770966][ T8687]  ? __pfx_futex_wake+0x10/0x10
[  226.770986][ T8687]  ? exit_mm_release+0x19/0x30
[  226.771010][ T8687]  do_futex+0x32b/0x350
[  226.771028][ T8687]  ? __pfx_do_futex+0x10/0x10
[  226.771044][ T8687]  ? __might_fault+0xc5/0x140
[  226.771065][ T8687]  mm_release+0x24a/0x2f0
[  226.771081][ T8687]  do_exit+0x675/0x2a30
[  226.771103][ T8687]  ? __pfx_do_exit+0x10/0x10
[  226.771122][ T8687]  ? do_raw_spin_lock+0x128/0x260
[  226.771141][ T8687]  ? find_held_lock+0x2b/0x80
[  226.771154][ T8687]  ? get_signal+0x7e0/0x21e0
[  226.771172][ T8687]  do_group_exit+0xd5/0x2a0
[  226.771192][ T8687]  get_signal+0x1ec7/0x21e0
[  226.771211][ T8687]  ? fd_install+0x223/0x580
[  226.771228][ T8687]  ? __pfx_get_signal+0x10/0x10
[  226.771244][ T8687]  ? do_futex+0x192/0x350
[  226.771264][ T8687]  arch_do_signal_or_restart+0x91/0x770
[  226.771283][ T8687]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  226.771306][ T8687]  ? __pfx___x64_sys_futex+0x10/0x10
[  226.771323][ T8687]  ? xfd_validate_state+0x129/0x190
[  226.771347][ T8687]  exit_to_user_mode_loop+0x86/0x4b0
[  226.771365][ T8687]  ? rcu_is_watching+0x12/0xc0
[  226.771380][ T8687]  do_syscall_64+0x4ea/0xf80
[  226.771398][ T8687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.771412][ T8687] RIP: 0033:0x7f8d5179af79
[  226.771423][ T8687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  226.771436][ T8687] RSP: 002b:00007f8d526590e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  226.771450][ T8687] RAX: fffffffffffffe00 RBX: 00007f8d51a16098 RCX: 00007f8d5179af79
[  226.771458][ T8687] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8d51a16098
[  226.771467][ T8687] RBP: 00007f8d51a16090 R08: 0000000000000000 R09: 0000000000000000
[  226.771475][ T8687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  226.771482][ T8687] R13: 00007f8d51a16128 R14: 00007fffcd4e5a30 R15: 00007fffcd4e5b18
[  226.771500][ T8687]  </TASK>
[  227.736822][ T8696] FAULT_INJECTION: forcing a failure.
[  227.736822][ T8696] name fail_futex, interval 1, probability 0, space 0, times 0
[  227.750097][ T8696] CPU: 0 UID: 0 PID: 8696 Comm: syz.1.485 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  227.750131][ T8696] Tainted: [L]=SOFTLOCKUP
[  227.750139][ T8696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  227.750153][ T8696] Call Trace:
[  227.750162][ T8696]  <TASK>
[  227.750171][ T8696]  dump_stack_lvl+0x100/0x190
[  227.750204][ T8696]  should_fail_ex.cold+0x5/0xa
[  227.750241][ T8696]  get_futex_key+0x1d2/0x1620
[  227.750276][ T8696]  ? __pfx_get_futex_key+0x10/0x10
[  227.750303][ T8696]  ? futex_hash+0x2c5/0x380
[  227.750362][ T8696]  futex_wake+0xea/0x530
[  227.750385][ T8696]  ? __pfx_futex_wake+0x10/0x10
[  227.750413][ T8696]  do_futex+0x32b/0x350
[  227.750431][ T8696]  ? __pfx_do_futex+0x10/0x10
[  227.750454][ T8696]  __x64_sys_futex+0x34f/0x4d0
[  227.750473][ T8696]  ? fdget_pos+0x2c0/0x380
[  227.750489][ T8696]  ? __pfx___x64_sys_futex+0x10/0x10
[  227.750506][ T8696]  ? ksys_write+0x1ac/0x250
[  227.750521][ T8696]  ? __pfx_ksys_write+0x10/0x10
[  227.750541][ T8696]  do_syscall_64+0xc9/0xf80
[  227.750559][ T8696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.750574][ T8696] RIP: 0033:0x7feee839af79
[  227.750587][ T8696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  227.750600][ T8696] RSP: 002b:00007feee65f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  227.750613][ T8696] RAX: ffffffffffffffda RBX: 00007feee8616098 RCX: 00007feee839af79
[  227.750622][ T8696] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007feee861609c
[  227.750630][ T8696] RBP: 00007feee8616090 R08: 0000000000000000 R09: 0000000000000000
[  227.750638][ T8696] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
[  227.750646][ T8696] R13: 00007feee8616128 R14: 00007ffc6e628c10 R15: 00007ffc6e628cf8
[  227.750664][ T8696]  </TASK>
[  229.045599][ T8721] syz.3.492 (8721): /proc/8720/oom_adj is deprecated, please use /proc/8720/oom_score_adj instead.
[  230.112830][ T8743] binder: 8739:8743 ioctl c0306201 0 returned -14
[  230.411225][   T30] audit: type=1800 audit(1770654290.564:8): pid=8752 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.495" name="lu_gp_id" dev="configfs" ino=21338 res=0 errno=0
[  230.511773][ T8755] netlink: 8 bytes leftover after parsing attributes in process `syz.1.496'.
[  233.386766][ T5147] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  233.389108][ T5147] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  233.389809][ T5147] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  233.391845][ T5147] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  233.392518][ T5147] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  233.532283][ T8831] vhci_hcd: not connected 4
[  234.057707][ T8846] netlink: 350 bytes leftover after parsing attributes in process `syz.3.511'.
[  234.129479][ T8842] FAULT_INJECTION: forcing a failure.
[  234.129479][ T8842] name failslab, interval 1, probability 0, space 0, times 0
[  234.178458][ T8842] CPU: 1 UID: 0 PID: 8842 Comm: syz.1.509 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.178506][ T8842] Tainted: [L]=SOFTLOCKUP
[  234.178516][ T8842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  234.178532][ T8842] Call Trace:
[  234.178542][ T8842]  <TASK>
[  234.178553][ T8842]  dump_stack_lvl+0x100/0x190
[  234.178593][ T8842]  should_fail_ex.cold+0x5/0xa
[  234.178635][ T8842]  should_failslab+0xc2/0x120
[  234.178671][ T8842]  kmem_cache_alloc_node_noprof+0x8c/0x880
[  234.178715][ T8842]  ? __pfx_tcp_current_mss+0x10/0x10
[  234.178750][ T8842]  ? __alloc_skb+0x156/0x410
[  234.178794][ T8842]  ? __alloc_skb+0x156/0x410
[  234.178828][ T8842]  __alloc_skb+0x156/0x410
[  234.178865][ T8842]  ? __pfx___alloc_skb+0x10/0x10
[  234.178906][ T8842]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  234.178947][ T8842]  ? trace_sched_exit_tp+0xcd/0x100
[  234.178979][ T8842]  ? __schedule+0xf67/0x5fa0
[  234.179012][ T8842]  tcp_stream_alloc_skb+0x34/0x660
[  234.179045][ T8842]  tcp_sendmsg_locked+0x1299/0x4780
[  234.179093][ T8842]  ? aa_file_perm+0x268/0x1540
[  234.179122][ T8842]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  234.179156][ T8842]  ? do_raw_spin_lock+0x128/0x260
[  234.179197][ T8842]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  234.179245][ T8842]  ? __local_bh_enable_ip+0x9e/0x120
[  234.179284][ T8842]  tcp_sendmsg+0x2e/0x50
[  234.179310][ T8842]  ? __pfx_tcp_sendmsg+0x10/0x10
[  234.179338][ T8842]  inet_sendmsg+0xb9/0x140
[  234.179371][ T8842]  sock_write_iter+0x509/0x610
[  234.179400][ T8842]  ? __pfx_sock_write_iter+0x10/0x10
[  234.179438][ T8842]  ? bpf_lsm_file_permission+0x9/0x10
[  234.179473][ T8842]  ? security_file_permission+0x76/0x210
[  234.179524][ T8842]  ? rw_verify_area+0xce/0x6d0
[  234.179554][ T8842]  vfs_write+0x6ac/0x1070
[  234.179587][ T8842]  ? __pfx_sock_write_iter+0x10/0x10
[  234.179621][ T8842]  ? __pfx_vfs_write+0x10/0x10
[  234.179650][ T8842]  ? find_held_lock+0x2b/0x80
[  234.179710][ T8842]  ksys_write+0x1f8/0x250
[  234.179743][ T8842]  ? __pfx_ksys_write+0x10/0x10
[  234.179786][ T8842]  do_syscall_64+0xc9/0xf80
[  234.179825][ T8842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.179853][ T8842] RIP: 0033:0x7feee839af79
[  234.179876][ T8842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  234.179903][ T8842] RSP: 002b:00007feee65f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  234.179931][ T8842] RAX: ffffffffffffffda RBX: 00007feee8616090 RCX: 00007feee839af79
[  234.179950][ T8842] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003
[  234.179966][ T8842] RBP: 00007feee84316e0 R08: 0000000000000000 R09: 0000000000000000
[  234.179982][ T8842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  234.179999][ T8842] R13: 00007feee8616128 R14: 00007feee8616090 R15: 00007ffc6e628cf8
[  234.180038][ T8842]  </TASK>
[  235.202217][ T8830] chnl_net:caif_netlink_parms(): no params data found
[  235.444291][ T5831] Bluetooth: hci4: command tx timeout
[  236.026439][ T8830] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.046975][ T8830] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.070999][ T8830] bridge_slave_0: entered allmulticast mode
[  236.097376][ T8830] bridge_slave_0: entered promiscuous mode
[  236.134781][ T8830] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.186318][ T8830] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.195977][ T8830] bridge_slave_1: entered allmulticast mode
[  236.241669][ T8830] bridge_slave_1: entered promiscuous mode
[  236.532241][ T8830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  236.546293][ T8830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  236.667189][ T8830] team0: Port device team_slave_0 added
[  236.706292][ T8830] team0: Port device team_slave_1 added
[  237.242044][ T8881] ==================================================================
[  237.242066][ T8881] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910
[  237.242103][ T8881] Write of size 8 at addr ffffc90003cb9000 by task syz.3.516/8881
[  237.242127][ T8881] 
[  237.242144][ T8881] CPU: 1 UID: 0 PID: 8881 Comm: syz.3.516 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.242182][ T8881] Tainted: [L]=SOFTLOCKUP
[  237.242193][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  237.242210][ T8881] Call Trace:
[  237.242219][ T8881]  <TASK>
[  237.242229][ T8881]  dump_stack_lvl+0x100/0x190
[  237.242264][ T8881]  print_report+0x156/0x4c9
[  237.242301][ T8881]  ? queue_work_on+0x11b/0x1e0
[  237.242342][ T8881]  ? __virt_addr_valid+0x81/0x620
[  237.242384][ T8881]  ? sys_fillrect+0x174a/0x1910
[  237.242408][ T8881]  kasan_report+0xdf/0x1a0
[  237.242444][ T8881]  ? sys_fillrect+0x174a/0x1910
[  237.242471][ T8881]  sys_fillrect+0x174a/0x1910
[  237.242503][ T8881]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  237.242532][ T8881]  bit_clear+0x17d/0x220
[  237.242570][ T8881]  ? __pfx_bit_clear+0x10/0x10
[  237.242613][ T8881]  ? fb_get_color_depth+0x120/0x250
[  237.242649][ T8881]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  237.242684][ T8881]  __fbcon_clear+0x633/0x760
[  237.242717][ T8881]  ? __pfx_bit_clear+0x10/0x10
[  237.242757][ T8881]  fbcon_scroll+0x48b/0x650
[  237.242792][ T8881]  con_scroll+0x464/0x690
[  237.242833][ T8881]  do_con_write+0x6888/0x8550
[  237.242875][ T8881]  ? __schedule+0x18c0/0x5fa0
[  237.242913][ T8881]  ? __pfx_do_con_write+0x10/0x10
[  237.242963][ T8881]  con_write+0x23/0xb0
[  237.243005][ T8881]  n_tty_write+0x44f/0x12d0
[  237.243041][ T8881]  ? __pfx_n_tty_write+0x10/0x10
[  237.243072][ T8881]  ? __pfx_woken_wake_function+0x10/0x10
[  237.243117][ T8881]  ? file_tty_write.isra.0+0x64e/0x890
[  237.243159][ T8881]  ? __pfx_n_tty_write+0x10/0x10
[  237.243188][ T8881]  file_tty_write.isra.0+0x4d2/0x890
[  237.243234][ T8881]  redirected_tty_write+0xd4/0x120
[  237.243275][ T8881]  vfs_write+0x6ac/0x1070
[  237.243307][ T8881]  ? __pfx_redirected_tty_write+0x10/0x10
[  237.243350][ T8881]  ? __pfx_vfs_write+0x10/0x10
[  237.243379][ T8881]  ? find_held_lock+0x2b/0x80
[  237.243417][ T8881]  ksys_write+0x12a/0x250
[  237.243448][ T8881]  ? __pfx_ksys_write+0x10/0x10
[  237.243484][ T8881]  do_syscall_64+0xc9/0xf80
[  237.243519][ T8881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.243549][ T8881] RIP: 0033:0x7f8d5179af79
[  237.243570][ T8881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.243597][ T8881] RSP: 002b:00007f8d5267a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  237.243630][ T8881] RAX: ffffffffffffffda RBX: 00007f8d51a15fa0 RCX: 00007f8d5179af79
[  237.243649][ T8881] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003
[  237.243667][ T8881] RBP: 00007f8d518316e0 R08: 0000000000000000 R09: 0000000000000000
[  237.243685][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.243702][ T8881] R13: 00007f8d51a16038 R14: 00007f8d51a15fa0 R15: 00007fffcd4e5b18
[  237.243728][ T8881]  </TASK>
[  237.243737][ T8881] 
[  237.243744][ T8881] The buggy address belongs to a vmalloc virtual mapping
[  237.243763][ T8881] Memory state around the buggy address:
[  237.243777][ T8881]  ffffc90003cb8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  237.243795][ T8881]  ffffc90003cb8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  237.243815][ T8881] >ffffc90003cb9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  237.243830][ T8881]                    ^
[  237.243844][ T8881]  ffffc90003cb9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  237.243864][ T8881]  ffffc90003cb9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  237.243879][ T8881] ==================================================================
[  237.243900][ T8881] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  237.243920][ T8881] CPU: 1 UID: 0 PID: 8881 Comm: syz.3.516 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  237.243959][ T8881] Tainted: [L]=SOFTLOCKUP
[  237.243968][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  237.243981][ T8881] Call Trace:
[  237.243990][ T8881]  <TASK>
[  237.243999][ T8881]  dump_stack_lvl+0x100/0x190
[  237.244032][ T8881]  vpanic+0x20d/0x630
[  237.244056][ T8881]  panic+0xd1/0xd1
[  237.244078][ T8881]  ? __pfx_panic+0x10/0x10
[  237.244109][ T8881]  ? sys_fillrect+0x174a/0x1910
[  237.244136][ T8881]  check_panic_on_warn.cold+0x19/0x34
[  237.244163][ T8881]  end_report.part.0+0x3a/0x90
[  237.244197][ T8881]  kasan_report.cold+0xe/0x18
[  237.244230][ T8881]  ? sys_fillrect+0x174a/0x1910
[  237.244260][ T8881]  sys_fillrect+0x174a/0x1910
[  237.244291][ T8881]  drm_fbdev_shmem_defio_fillrect+0x22/0x140
[  237.244321][ T8881]  bit_clear+0x17d/0x220
[  237.244355][ T8881]  ? __pfx_bit_clear+0x10/0x10
[  237.244390][ T8881]  ? fb_get_color_depth+0x120/0x250
[  237.244419][ T8881]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  237.244452][ T8881]  __fbcon_clear+0x633/0x760
[  237.244482][ T8881]  ? __pfx_bit_clear+0x10/0x10
[  237.244524][ T8881]  fbcon_scroll+0x48b/0x650
[  237.244559][ T8881]  con_scroll+0x464/0x690
[  237.244597][ T8881]  do_con_write+0x6888/0x8550
[  237.244647][ T8881]  ? __schedule+0x18c0/0x5fa0
[  237.244683][ T8881]  ? __pfx_do_con_write+0x10/0x10
[  237.244730][ T8881]  con_write+0x23/0xb0
[  237.244768][ T8881]  n_tty_write+0x44f/0x12d0
[  237.244804][ T8881]  ? __pfx_n_tty_write+0x10/0x10
[  237.244831][ T8881]  ? __pfx_woken_wake_function+0x10/0x10
[  237.244875][ T8881]  ? file_tty_write.isra.0+0x64e/0x890
[  237.244917][ T8881]  ? __pfx_n_tty_write+0x10/0x10
[  237.244947][ T8881]  file_tty_write.isra.0+0x4d2/0x890
[  237.244992][ T8881]  redirected_tty_write+0xd4/0x120
[  237.245030][ T8881]  vfs_write+0x6ac/0x1070
[  237.245061][ T8881]  ? __pfx_redirected_tty_write+0x10/0x10
[  237.245106][ T8881]  ? __pfx_vfs_write+0x10/0x10
[  237.245134][ T8881]  ? find_held_lock+0x2b/0x80
[  237.245174][ T8881]  ksys_write+0x12a/0x250
[  237.245205][ T8881]  ? __pfx_ksys_write+0x10/0x10
[  237.245242][ T8881]  do_syscall_64+0xc9/0xf80
[  237.245277][ T8881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.245304][ T8881] RIP: 0033:0x7f8d5179af79
[  237.245325][ T8881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  237.245350][ T8881] RSP: 002b:00007f8d5267a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  237.245374][ T8881] RAX: ffffffffffffffda RBX: 00007f8d51a15fa0 RCX: 00007f8d5179af79
[  237.245393][ T8881] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003
[  237.245410][ T8881] RBP: 00007f8d518316e0 R08: 0000000000000000 R09: 0000000000000000
[  237.245425][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  237.245441][ T8881] R13: 00007f8d51a16038 R14: 00007f8d51a15fa0 R15: 00007fffcd4e5b18
[  237.245468][ T8881]  </TASK>
[  237.245808][ T8881] Kernel Offset: disabled