last executing test programs:

8m30.173956012s ago: executing program 0 (id=105):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01002dbd0900fedbdf257e"], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0)
sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1ffc}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x122c, r2, 0x400, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x105, 0x7f, "8837e2b3db3d9e5f406a9b4c7f8b4db3e32db6617cd579bcc5ef313b91b7f2c8dda2038995755e0e7bb573479cf8cfa37b2a4720328eb959191c3b8920b6e4668f09cce0bd7aa5ad8a5fa72fe80ba2e2f378055fa27ae61eb32bd920cb46905fd88cb0f8e26931629bf74cd70e04384bd9d3e41cd805bbebc347c6a98c3becd1da6070ddb5db01a8f3218ce611c3882da018a8beb0419c8aa518005fbbbadd598395f87edb26ca9ed841c68e34eaf8d73c3f52f2c73fecb98674942368acd0e061cfed35e0c9ce047a065c068e14cf8d065c15facf725229988535e5ef8ca0185ab8edc24e79b0ce807d59e701612160afd246379eb67bc8e7a3e0c694d5bc0501"}, @NL80211_ATTR_CQM={0x1020, 0x5e, 0x0, 0x1, [@nested={0x1014, 0x2e, 0x0, 0x1, [@nested={0x4, 0x112}, @generic="3b7bb7bf3907d514bdb2c1ed840303b0ea20acd45b306adb10bc0c675caefc2b61dca4c034ab2aa01b0b14464316fd84ae71d1787e4ce7620ce0b578e1a16ed22bd812add6d5e5ecc293ac318f6bcb247ee5a5343c452501f493ada8925d16afe4b6261d5697bb1b3bb65a6ebc2a7ba8fb36612f0a875cb1a5de674d59c504e99082048cfdd0950a1e734b45f2a57b1babe473ec012d1206ffb573276a47b0d30f0454a65263b75c788c1b209968f97ac3b97acc2d3ceceef9af00890bcad19759306e1d8d7280d869e925f55f2974a33c6b3976f328aabb0b8947bbca3c4d73d9176e9b325a6f9a0e8a3a1f3680166611b804bc9d4be9cc0ee8dd2bece683773cd65fb7fff75d18ce224fa33ca5f65a8634f3b9cabb9bb836dd56f32162af23927c1ba504584379440b50cc5c5db4c88f9a3b8d59806dadc39231047bd3e8c6d0a96359af6000c3a0ab40f5e27deeee5e798bf6db8c3662c23c4f7221c0a75ddc71ad83d740cfbb7653a1285e06a4b3a8b45aa1479db7eea9f40f748bf8b39b5fe09df138d6681a2b4a8cf2ac00f4edf43364f804032f37850592ff71cbc646613b444c79b225f57031180e1eb61fbfd848502e79367f90613377de685f1285b5af8b552c9d19a1cafb57f4ab97b0e25ae15d0e36363130190673cb0e5f88305d19c5bd0beca686e2d5281ffc90cb815dd2efabdb854c36dafb44c094cba37e13e298668b8a81ca95dded573249ec128c0c64661415f12d8a204ce829728be6e7274c4e71b77dea31e7acd7717a4ab185b3dcca774b90e12fc0d4386f3c23499d4c9f3c0b5778d36187bf211817d1c7622e6dc8c921d0db4068a8f6588f3f296a1638c5fdb0a0f3158429d4752470917e884509b3411cdf7782bbfed75a3106904c748e4d723ed2fabe3a538a887c620d30581b3d203974fae1c26d941bd220c507e03bcdeaeff2cb3137216b3df0452b077081929eb31a881dd9aa6b35660375fe65a6c53552ba46bca23409e4080dbc17df96dd894ebf7f3248b0b9af8140655e6e5bdfcc4050a3654c6670897b3414d106c7ea1ef3a53b55fc9267ac63da86b278410e93e1c5c2f61bde298e4566388eaec5a277797b799567f82103e04542fa2af2d894ed5a17b016ab129e16c752209d40761c73887479a27613beed24c8f44f0f25e6e59e6c69e00ab885a33502a2083d88f52387bb3eb3ac079c8f0e9ec2e66dbf27399efe900ce59b4feac55e5ecf02809968d7d16b784a362548020d992d4a61f7bb60ebc84f175b8c22c0a0cbd9ce0eba1f01652bc2b626734f4d0c708a087b3ee3da203bd6a5eb8209319951febbc7034cb22e1ba358e1139acdb6d98a47c161592a6e2a4637b010e90eb7cf9fad447d23fbaf56302d2cbc7f67ed5a08176c45a37a090c24f4b1ae9c7673ca56735e0f04c5553665bd3237cfdd70591d7f79101363d654641b49866c3c22d6e0f2788e2443f839d5843e3c14fb16c3e3da63bc194376d0891290d1e53a279f09612909c507618a7b240b9bcf74e118dda82d1da2565e9c989e06df404af6b8a02b94721dc099b12a74d65c04b6179a0894c809bfb965a996e5f5f3ae1b1b0228fa82b154c4bf4b7936582736d1ecabac41bafe839abe7d42e9c581d6ceb6ea63a595f1d8ea21bf00be537fd6c00c4007e525878e8188254ddbcdf73ab27c793853294c1a2443c9312f352aab7447d116fb6b68f7613658ef197d52a51855fce33e89dd41d1ac29281e92e216795a2c5eed1f82501db9e9a9bbb6a91f8d9845754637a6ba9e5bcc79b80f83ce627d5405235d4e01cff78c57d1fa237cfae5e0daaf1e2d2b9c81b0fed051af89e13a877da528cb486aff9b6dde684649d112f659c064b27b9975bf8143c111124a9895fae82d6959696dadf1ecae87cfe445e8dfc7c621c3deab5b2eff4b6ab9c7fd6ff9aebe7637dfb6b58f54031bc33c44c660ab0c4185384ecca2b7e8d539f01645f5018f700c6b74d6f68bd56eef88f189eb235e2d87f81360f456a7b2a69fc306f9888c7b90455401cab944f6b5d863157d90da490e4ac03cd254775c06d97462e7f87a63eb18b44fafcd7f1fef0ad216d49795d43fc8cdafa3263fc655b3b283464435443e2c99fb4084aab5a2b64434fa6ca73f83b6497ca0cf2f06f62bfe224df0841b80dbda3271653a19b467b37b0fcc27aa0030eb9be439e595f032d46f289b11785799c6c8e8afe03abd41b0da35c1234bc6f7c130c99a9be8ae372b1b0dc606082d85a59ab332f15e888614ee0859f8312faf9fd36a24237d65403d636859d8da84993210767885b7a6dc9ddd62723ce2b930198c39cd901717daff28a0c4682585fc08d7df3289ce1060901fa61e0b54776df6f0fb0226a5e3d0a0ce3219400083e594acfffa35e8fd9d5763318efba93b2af67f76a01548accc736ba9459a990374f35621c848257721dc9d5d69a9cf27aa642e8608f4b5f0dcb57f588e95196ffd46109868a815940c9d1629db360e2f5fec9aba93038175aff64c1920f435c00cdc97576dc76ab872a53775773c9e3fc3a40b62a78fe68dfc39ca777b351e0c3788dbb5628c8aae462fb7aeb279524a04c2efe67a91f6b3186d0ec75443736980e16aec8043bb75467da061456cc0a788511f52c3b6c0c106da191266a7f901273bf6a56547a0784a20171386860376064a31e0c7270f99e1641a838a3d854db9cb876aa214dae829d059e80576e4befbbb8a1ba1449b18a8f58a08d48865bde51ae8dca989f68928b88096f93a03de2f41c3ac4b65efaffa0d5112ef043289f2e085d37abcd985f192d417b5871fd15140950d0a9d81168e67d19fecd9b63b9c815bb95c77e33ee265a1a2b6bb1c11825e3a67401a4eb55812979fb556c7538461b753ff8ab859d8c474dcf36a037f8048aeebcec9ce432dd48c2ff0db28b7f31354d9e2c67ff160120d620d5074e7dae62b01f428e13d60ca75fce4f6b87ee4000373912f34adf74c687b6f93c72ab3fd813a1c8639e67368ca91e660ed9b81bbc3848ddc6b287582e9e63a10a82aedc220308afb37d24dba49b324ffde9c3dce32e0c102e45149bb99dca6d6047d0eea9521068ac2111445de1fef0da36963966ebc0dffcc212d97fde40106b8145cb8850c0026ef36c68c20d96fd4be9d113fb83b32020bcc4dd76fc44fd2be62a27e19536391d4b38519339880db0d1bda291fc797d8ade1a6ae0ef0ab415123328c7c5de0015ab4dfb198bae2b73f02a62f5d349d2817eb0cbb43259a5f92f14a03d85869483785cc446eba768d6d7773d66a7634f441ef1fcb32f6d9bf02d31c219a5cce97b75ba6e06b9bf726bf722deb7e94aa09bdedda76f35032f226186b7ebb977612a5e3a44465886fa554d4064a54ef02863eab8caade42ce859fb1408c1e6b14746a67613ffa651c581cdfb2c87782bc14aa7e010468fb2d7749e25f2cb5ac72b7b5fdbf5882ed1f1a40855f79d71564c1ff088eb4a6238cafb52cbb83e93273cdc1d2fc47aa648bfa08df50535deb53a09f3957de9fa75f724ac5e742208062429bec30685afa01d420782d29e9bb683e7afd83de02390f649a09d66544c10c33f156d731b7e27810fe363e1a6925e7d68a836d5f4892f4e6966e4369dba8998dd812f95ecd332acce885d1d0d6521542cd2818a15c2442965fbeb708e47414b50acf56f16a1fd08ffb9f5477dbf6d4b1d699c147822257143841d06752bfaef8bf15007215a9a7fa46aa7922d1ba212f6c7da8192159f27325d41db43623b8d0c96c8019dace1df63d93c5946600329366cb7a6ea207b59140f7c6deca6cab9e510a4877014cf2e5f62ee3629f46dca665ad4927d4f181e744f382e1b3f39c9ea8737059468d84794b36e87f07770fdef63654e52ee4743424f5a27184e7e78b73ecf3a091c4a73d0f88931a22e1824793e5a7ca4401d006522e63c24aef462a4f8f4362fdf147b3cefe9f452151c1d8551feed515b8e831255befc327694cd60c510f8d38b766b383a7aefba50eaba55926e968221d06e82e8a04eb233ae4e9f653414c3adcff4fb23ae8d7d07b4dc297b07d64e1156021b32d2bd0d5bbf72e66b54a5a0265da9616de712e9cefe8c6e4cbd14397af093aeb90ae517a3b0358b439c216d398e75fea98ab872a6a18fac0e937b20fb48e20c959b55ff13498e9ef0cabe60a992d74036ee244727475688c2c813bc8333f19fd61ac9ef91559818a09f1aeb04496d5bb4a3ed7d0b679da4a341e4f9c1412242a8bc306ea1beb7a4658754e4b4a3d9113d7bd19f440fb910974f05c9cbf3bf1206eb448c794993744523e2ab7641b108bb1a83ad8afb14632dd44ea8689a1fce08a818878951f82aa51679839a1b2f01076af4daf7a09eb10642faf359829b1786beacf7b08504792898e446323f126615bb3eda78b785fe77a31448549419a58899f2c99dcae3e186ee134475a265f58f14795f5bd9282b1d31592ecf74b71055a484dd6367dc0d8dd2a9f77c27bf1bfbd6184a48f7dd181cdda1e3b152e461ea2a18ffc3f2022ca17dba1d2df4389bf1dd09156c6e66e83b0542d0861ae66b6d4d53404216d357d8c9e97e56f2d86c377847e591b45c5ff32221208a2b7bbaad8ff74fb89864346ca4df81db90b4fb8ef2029061caf5145c0c6175500db7d88d9b688859fdf4d9c51ecf1a88fa4311f03d1538ea33bffe48e7a121b394c60040e925c2d744d59b9a3378a770b03ec32c90989ff877316b8ff37957cadd5d7e6b2e8333496057cd70305c174dcd638390c850cb0fe50e32d3a53d346332a4455c41efeddedb6c8ee2adc2f35ccfd0f98f7cec17e5ab5035e0744f7ec308b4cbb48b46efe41949fd3c1614d4a53abcf18b356ed5b82dcd6e6c2464cbc7dabaa7cc3a985bf88787424c21914fb3b65e081067a720b4a01b7d3487bbdb73201f6b6ebeea54c4ef44c24ce0a5693e3f7c54427027224ece851004ed03647eeaa191771c9ffb95c73f9fec149f6abef02a154566029de1383462d7e7d5cacacdad4a86e4f125e9e069e5ef0a6d1b18374dfeb6a1e29fcfb076b7a1d8db425e8a8a293cba2ca69e725c508d63d2a57b20f07aa42e56212a74f978dd7f3d39f8a2f2e78f6cff4a4eb01b96e2e4d82e0b93fe9afa3ccdc7430270ff1c85fa180b0cdf7a7ee544ca14a3595366b640b386144b5f5fdfef6ae8e33e9a5321462b9d6c9dd991a8046569edc6055c59f7d989f219cc26a9563e9082da403037096e67305243a0382d1f5abc96e607506a970aea30c0530b1501038e760ee55079f5e3cd5bd6a2033134fba881a26b57dc317dd925ae8fe80e362ded0a6203961f74edf54fc1f8c75d9a9a1adc02f2aed47f8c3df69d778f66d8e372df4c6d8e0840bd9362143f5e55d69ff364e5d081f4f3cf0359af279ffa5d8440d8a4fb31eaf3260e92ab4c19f234b693085f818b57224536f6c1a1749fbe6aead24f72be945cd0e6eb9e0aab7e0ec99eb9662dbd0108daad9e81e991fd610543d477a3546a382bc36c8c3652b527c537ec361ddba083125e1ecfa7841e3efdd491a23b17e804584c249c388592c6bfbe8ed8dddbc8b6dbcc2fca6a3a37fcecab4945f8c5a1b2b6d77074eaa9dcafaef8504a808c4e573bdac3e30bf0f33d0458ff6a8b3484cdd9af2f9d0242e8f3ec700d58aca853c6c5b4c6db538e2b26d04bee7216bac69f4a3294da29c6d7f25f77ea4678187ab4bf9ae6db07579d05b857794827677a9c5a36d5c2d80fdb6f507ab51b7e0ec", @nested={0x4, 0xe}, @nested={0x4, 0x68}, @nested={0x4, 0xcf}]}, @typed={0x5, 0xee, 0x0, 0x0, @str='\x00'}]}, @NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "e640229435d0b0c20f41d496f46fe01814df377cbc677f82566d"}, @NL80211_ATTR_MLO_TTLM_DLINK={0x9f, 0x148, "372006f827f69c2232e18f284e84bef8e1ee92e0f1d9c875b89d43abcb15a252f160dcd532548c6d8ba9eb6cd4ba9375c480b05b159deb3bf27697486ad08322c3ac0e3bd56a5626ab1a8711fb21fe76cd08aa459540b4532c840cb17d05dbc6620cbf80ae214fe8f6cf1bdc1e72b0a6079e2d3e133538e687357f38504a6413acc0e84509153fecb838005687529b81a7d8186e1f501de8703347"}, @NL80211_ATTR_FILS_ERP_RRK={0xe, 0xfc, "1fe75868af738cdfd10e"}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x5256}, @NL80211_ATTR_KEY_SEQ={0x14, 0xa, "ddbf139dddb41598cfea06c4812ac474"}]}, 0x122c}, 0x1, 0x0, 0x0, 0x4010}, 0x4000800)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0)
pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
poll$auto(&(0x7f0000000240)={r0, 0x3, 0x9}, 0x3, 0x8)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timer_create$auto(0x9, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, 0x0)
timer_gettime$auto(0x0, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = socket(0xa, 0x801, 0x100)
setsockopt$auto(r4, 0x6, 0x2, 0x0, 0xfb3)

8m28.009642178s ago: executing program 0 (id=108):
bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)=@bpf_attr_1={0xffffffffffffffff, 0x0, @next_key=0x2a2b, 0xc39}, 0xb1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x2009, 0x0, 0x9, 0x5}, 0x1}, 0x6, 0x0)
setsockopt$auto(0x3, 0x6, 0x17, 0x0, 0xd)

8m27.498084807s ago: executing program 0 (id=111):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', <r3=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x20, r0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x80) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-0/xps_cpus\x00', 0x10b062, 0x0)
mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) (async)
sysfs$auto(0x2, 0x41, 0x0)
fsconfig$auto_SHMEM_HUGE_NEVER(0xffffffffffffffff, 0x5, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0)
r4 = socket(0x2, 0x80002, 0x73)
connect$auto(0x3, 0x0, 0x54) (async)
sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000800}, 0x24048040) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYRESDEC=r3, @ANYRES32=r4, @ANYRES8=r2, @ANYRES16=r1], 0x4238}, 0x1, 0x0, 0x0, 0x4c098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', <r6=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r6, @ANYBLOB="0a0005000180c200000e00000a07000000000000000e00000a000100000000000000000008000200", @ANYRES32=r6], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40)
close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32)
socket(0x2, 0x3, 0x100) (async, rerun: 32)
socket(0x10, 0x2, 0x0) (async)
mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) (async)
io_uring_setup$auto(0x1, 0x0) (async)
semctl$auto(0x8, 0x8002, 0x7, 0x5) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2102, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x202000, 0x0) (async)
ioctl$auto(0x3, 0x40045542, 0xb551) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) (async)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/midi2\x00', 0x201, 0x0) (async)
read$auto(0xffffffffffffffff, 0x0, 0x2a52)

8m26.943374002s ago: executing program 0 (id=112):
r0 = socket(0xa, 0x1, 0x84)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
io_uring_setup$auto(0x401, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$auto(r0, 0x84, 0x80, 0x0, 0x0)
r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000140)={{0x4, 0x3, 0x1ff, 0xffffff7f, 0x2}, "0dd7fd001768a257c57ca5e9ca630700"})

8m26.099098027s ago: executing program 0 (id=113):
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x1, 0x0)
writev$auto(r0, 0x0, 0x8)

8m25.646288481s ago: executing program 0 (id=114):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0xffffffffffffffff, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20005, 0xa, 0x200eb1, 0x401, 0x8000)
sysinfo$auto(&(0x7f0000000080)={0x1, [0xa3e, 0x5, 0x101], 0xc50, 0xb36, 0x6, 0x3ff, 0x74, 0x5, 0x2, 0x0, 0x12000000, 0x3, 0x5})
socket(0xa, 0x2, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x2000080, 0x3d, 0x0, 0x0)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2442, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r1, 0x400454ca, r1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x2, 0x1)
msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x80000001, 0x9, 0x8, 0xffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @raw})
setresgid$auto(0xffffffffffffffff, 0xffffffffffffffff, r2)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x67}, 0x6a)
r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x2228c1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bdi/250:0/power/runtime_active_time\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/122, 0x7a)
writev$auto(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x800}, 0x101)
fsmount$auto(r3, 0x6000, 0x1)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r6=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a)

8m10.368158586s ago: executing program 32 (id=114):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0xffffffffffffffff, 0x300000000000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20005, 0xa, 0x200eb1, 0x401, 0x8000)
sysinfo$auto(&(0x7f0000000080)={0x1, [0xa3e, 0x5, 0x101], 0xc50, 0xb36, 0x6, 0x3ff, 0x74, 0x5, 0x2, 0x0, 0x12000000, 0x3, 0x5})
socket(0xa, 0x2, 0x0)
r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x2000080, 0x3d, 0x0, 0x0)
r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2442, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000)
ioctl$auto(r1, 0x400454ca, r1)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)
io_uring_setup$auto(0x6, 0x0)
socket(0x2, 0x2, 0x1)
msgctl$auto_MSG_INFO(0x5, 0xc, &(0x7f0000000280)={{0x9, 0xffffffffffffffff, <r2=>0xffffffffffffffff, 0x2, 0x287f, 0x2, 0x3}, 0x0, 0x0, 0x80000001, 0x9, 0x8, 0xffffffff, 0xfffffffffffffffe, 0x7fff, 0xfc2, 0x27f, @inferred=0xffffffffffffffff, @raw})
setresgid$auto(0xffffffffffffffff, 0xffffffffffffffff, r2)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
bind$auto(0x3, &(0x7f0000000040)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x67}, 0x6a)
r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/kernel/debug/lru_gen\x00', 0x2228c1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/bdi/250:0/power/runtime_active_time\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000140)=""/122, 0x7a)
writev$auto(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x800}, 0x101)
fsmount$auto(r3, 0x6000, 0x1)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket(0x1d, 0x2, 0x7)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r6=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r6}, 0x6a)

8.10608734s ago: executing program 4 (id=1306):
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xff7fffffffff0001, 0x15)
close_range$auto(r0, 0x8, 0x0)
brk$auto(0x40008000)
syslog$auto(0x10000, &(0x7f0000000180)='/dev/snapshot\x00', 0xc0)
r3 = fanotify_init$auto(0x5, 0x2000000000002)
r4 = open(&(0x7f0000000000)='.\x00', 0xc00, 0x409)
fanotify_mark$auto(r3, 0x9, 0x9, r4, 0x0)
ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda)
move_pages$auto(0x0, 0x5, &(0x7f0000000380)=&(0x7f0000000280), &(0x7f00000003c0)=0x1, 0x0, 0x2)
r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x28000, 0x0)
pread64$auto(r5, 0x0, 0x800003, 0x270)
mlockall$auto(0x7)
r6 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0)
personality$auto(0xfffff032)
ppoll$auto(&(0x7f0000001ac0)={r6, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x408000000}, &(0x7f00000002c0)={0x10000}, 0x8)
mprotect$auto(0x110c230000, 0xa588, 0x6)
mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0)
move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2)
msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, 0x0, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x8, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x80, @raw=0x9})
r7 = syz_open_procfs$namespace(0x0, &(0x7f0000000040))
r8 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0)
ioprio_set$auto_IOPRIO_WHO_PGRP(0x2, r8, 0x8)
fcntl$auto(r7, 0x402, 0x0)

7.179483955s ago: executing program 2 (id=1308):
waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_int=0x7, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055})
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(r0, 0x0, 0x10000, 0x2, 0x0)
sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
msgctl$auto_IPC_STAT(0x0, 0x2, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23)
read$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffffff, &(0x7f0000000180)=""/18, 0x12)
mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x44eb1, 0x602, 0x300000000000)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff)
r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0)
writev$auto(r1, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3)
mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x3, 0x3b)
socket(0xa, 0x3, 0x3b)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
wait4$auto(0xffffffffffffffff, 0x0, 0xf, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
rseq$auto(&(0x7f0000000580)={0x80000003, 0x85, 0x5, 0x10000004, 0x7, 0x2006, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c3363896a57a05ba0582cc612c6c0be4bcb4cc54d282dd40c93638ba34c4a0435c32a206e808194584d8c359d418662d1b62befded304de132a0b0000007b56117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b7d579a024ba093ddcd43976aec815bc84744b8972a5e11e8a6aab89c7b85947f39013596d459641aa7e6b89b73387ec5fa2d"}, 0x6, 0x6, 0xc80e)

7.022242005s ago: executing program 1 (id=1309):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x6, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x48003)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0)
ioctl$auto(r0, 0x4b31, 0x1)
r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
r2 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r2, 0x29, 0x43, &(0x7f0000000040)='\xa1\x00', 0x4)
openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0)
r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r3, 0x400454a4, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram0\x00', 0x67f00, 0x0)
preadv2$auto(r4, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x400, 0x2f)
mmap$auto(0x0, 0x4120008, 0x46, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0)
ioctl$auto(r5, 0x5609, r5)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
pread64$auto(r1, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2a, 0x2, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
close_range$auto(0x0, 0x5, 0x0)
pipe$auto(0x0)
r6 = pipe$auto(0x0)
tee$auto(0x2000000000000, 0x3, 0x402, 0xd)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r6, &(0x7f0000000040)=""/90, 0x5a)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

6.544902419s ago: executing program 3 (id=1311):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop13\x00', 0x420000, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
madvise$auto(0x40000000200000, 0x78c0000000000000, 0x811)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = socket(0x11, 0x3, 0x9)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9)
syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff)
sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x0)
unshare$auto(0x40000080)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r2)
ioprio_set$auto(0x3, 0x0, 0x4b34)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f00000006c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="84040000", @ANYRES16=0x0, @ANYBLOB="00022bbd7000fcdbdf2509000000cb00098008005000", @ANYRES32=r1, @ANYBLOB="718d5759563b63ed8d515ae485ff9082de9ca108a1883bca847a0d442f703226c295acf9e8e69b8abc33e0b7cd11cf11ca0bb6ce59fd8bae48bef230fb3817670ce7f640c2f9cb1fbcc813d411fd607ba5a7ebacffba7f3236811cd02a1286b3973b93bd31df4b3423edb938f6dce925da0202eefed178cee62db16fa880689c09e318ad10df84d6c8982b348d2c9dac44b750656522f6af23600d3a6316f0751d6d819802a04d2005aea430672b89b983bd1e023762c4ef04dbbe6f1c3dd30008000100", @ANYRES32=0x0, @ANYBLOB="940303800800b100ac1414bb31fdf0d60c51cf9f23946e290fd40596830eab3bd6e0693559a788f207bba3138dc416c52e9a68192ffd3da9cd4028ffb2a1760291fef8d86f7477a35a28e60faa937f4107256a7a7d6ec1e50de8bbf7edf11883acb6cb30017107de6bb4169ee23d3b575e6b637b86516a8e05809b2d6017efd4a863dbb4ceaf6920f6ce971331a2422e86436ab1c2ced975331894d1b27e368d2c027a5d90adcd72c7ae5b3e6e1d95bc5052a391bb369d34fa07136e9559527a156fa5eac8f811be8876c43522996be85148bca82062f44d47f85c64e11f5d1b8ac98fdb2e69100a5f5eaf47963611da1e56ee62773694499022be396b085812f394dee7f41ec853a565cdb5b718d5133a0796ecd8d15d08002a8004001e80b07747f8d0775b0c67797a16080696b0106127c09ec3f1e253c3123a5dc277fbab5b389e1f1bcb4d097ede8f0d9b7dee116dbd3bd067f91ac0ce3025d30587e9b02bf8b7e9d1c6daa948a2fd8bfe2b43af385a00fed9c828f923bb2f5f016d30b43b7aff27ccdb139adbec5db9a1903ae8ae051acbd7521a48b2234070a94efab9b7e0a6a800ba9f140cefdde14f4d48d51bd392c3c8e1f1c93578dd41e85fd28a065e9dc30b8590f84ad00b8e2ab85094aed6d9b3548716dffba77ce824a7eb45b2af9c07fc16572f9f61b1e8d3658f374cacae48b9b29a81d6e27ca3bf6a98daf008009e00ac1414bb5a3517472d0c2db4ca881fddfa9f20056921df89ef3d697e56e69589ea5012fc11e4ae4a957afddf993be1089d5494ab500f9c459178d4f2c93426199232b3876c7c25c91c6b52a8bdf03f154672b5cffa78c3f4ba3e65d3ce55fb1e64aee81e0e447e3e36a32c0ac6e6775fe5bca34cc810727c6f907aed4dbfd114e231d7e788f3d8b0ed7969bdcb133026988c9668660233ce059dc032bc20ff2552980b3f3622dd6a350774a97d59fc22cafa51536e3ae84dfc4c53d096853b323eff48eae6915459075856411fb54b72fd9f276ce16df4b1e2adc6ae8beb623bdd01427d28e03d2c92b27830a7ab898c6ef5ee09df46860e8173249c84cc6b5596dbf2e45fef9c75af6c3900227d6114ecf7edd50de853de950fbbdcee6d4e3e3db31bb3064b701f1b0d672b3871cf9ceb0ce75985836f9286b1132b7f4dfbe5be731e45cc5b08a930ce967a565b73b12fd46623676800ed8fa0c72e461b5f31c46fa302f8186e4f2cde9a076d53b7e9350d741d2ba9999a0a2a38f85d862fb8791c7ca048624eb1afbb1f28e0757d08000100", @ANYRES32=0x0, @ANYBLOB="d2968c3b56fcc3a9185ed8f81f3d4e0fa95e3bda839863b8cdf3aeab225838c9aad3aa289980a2e6d3a2636cac02bad11fa8ee8f6a96feae0b7fa36ce62bf3a240ed0f6c1d0e2c84a61a249a456eb747822855ad03baa931652ae2b46299209f049a9737e3e872454b3ca0d0504b2c16c5c0efef39"], 0x484}, 0x1, 0x0, 0x0, 0x841}, 0x4000840)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
madvise$auto(0x5, 0xa6d, 0x1)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2)
close_range$auto(r4, 0x8, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
setreuid$auto(0x9, 0x1)
syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff)
getpriority$auto(0x2, 0x9)
read$auto(0xffffffffffffffff, 0x0, 0x58b22256)

6.024915405s ago: executing program 1 (id=1312):
mmap$auto(0x0, 0x20009, 0xdf, 0x16, 0x40000000000a5, 0x8000)
r0 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000080), 0x20480, 0x0)
read$auto_mISDN_fops_timerdev(r0, 0x0, 0x0)
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0xa, 0x1, 0x84)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x100000000000001c, 0x280000000000, 0x63, 0x0, 0x0, 0x0, 0x2, 0x4, 0x80000008041000a, 0x40000402, 0x10000, 0x8, 0xffffffff80000000, 0xe0, 0x6, 0x240000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r2 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
getsockopt$auto(r1, 0x0, 0x53, 0x0, 0x0)
socket(0x2, 0x3, 0x6)
r3 = socket(0x2, 0x1, 0x0)
bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a)
sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
write$auto(0x3, 0x0, 0x100085)

5.87292217s ago: executing program 2 (id=1313):
write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000)
r0 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x100, 0x83, 0x20000101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x30, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x30}}, 0x4000)
io_uring_register$auto(r0, 0x18, 0x0, 0x9)
r3 = prctl$auto(0x1003e, 0x1, 0x0, 0x20000000000b, 0x4)
write$auto_fops_init_pkru_pkeys(r0, &(0x7f00000004c0)="1b7341c892fcd71902989e7dbb10e368bab81c68cd6f1342bf34714e9c44debd7da5974eade7725d414db2b992caa19594523bc304c3b278d78f66413af289eb9cf08e2321fa46602c656a836de2796319aeeb3185eac39f754fe561b00155f72cf80693dc3f538f6c5fc8d130e4bc51d6246d9c47b4efab4b751eef846a568dbb281633a46451b3f7c804f81a3e5530529fd347857931908012323eb4b3009bac3f299b01ad8d8923a54424de83", 0xae)
read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0)
mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r3, 0x300000000000)
getsockopt$auto_SO_RCVTIMEO_NEW(r3, 0x8, 0x42, &(0x7f0000000000)='^{\x00', 0x0)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r4 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r4, 0x107, 0x12, 0x0, 0x4)
bind$auto(0x3, &(0x7f0000000040)=@in={0x11, 0x3, @empty}, 0x6a)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MM_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, r5, 0x301, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894)
unshare$auto(0x40000080)
openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock$auto(0xfbea, 0x7fffffffffffffff)

5.388581158s ago: executing program 1 (id=1314):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setattr$auto(r0, 0x0, 0x7b)
r1 = getpgid(0x0)
prlimit64$auto(r1, 0x4, 0x0, 0x0)
r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408)
getdents$auto(r2, 0x0, 0x400018)
syz_clone3(&(0x7f0000000400)={0x226090954a703d52, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x35}, &(0x7f0000000100), 0x0, &(0x7f0000000200)=""/8, &(0x7f0000000240)=[0x0, 0x0, 0x0, r0, r1], 0x5, {r2}}, 0x58)
mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0xe983, 0x10000, 0xeb1, 0x401, 0x80000000)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x100000000000028, 0x0)
r3 = fsopen$auto(0x0, 0x1)
mmap$auto(0x0, 0x202000c, 0x32, 0xeb1, 0xffffffffffffffff, 0x8000)
r4 = socket(0x2c, 0x3, 0x0)
getsockopt$auto(r4, 0x11b, 0x20100007, 0x0, 0x0)
r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cec29\x00', 0x80, 0x0)
ioctl$auto_CEC_ADAP_G_CAPS(r5, 0xc04c6100, &(0x7f0000000180)={"277218c178af9e4660783d6a64eba2e1ebe8bbe2623e391d110a60faba43b40a", "428523ecd76dcdf440e48b85b3a8ca5e803d2962214568a2aab04cdc2dc0a879", 0x4, 0x7, 0x6})
fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0)
r6 = socket(0x22, 0x2, 0x1)
fstat$auto(r6, 0x0)
r7 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80040, 0x0)
ioctl$auto(r7, 0x3b81, 0x38)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
ioctl$auto(r8, 0x2, 0x9)
ioctl$auto(r8, 0x400c4d00, r8)

5.02197815s ago: executing program 3 (id=1315):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
mmap$auto(0x0, 0x9, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000)
socket(0x2, 0x2, 0x88)
bind$auto(0x3, 0x0, 0x6a)
connect$auto(0x3, 0x0, 0x55)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xd551)
modify_ldt$auto(0x1, 0x0, 0x10)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x100000000}, 0x6, 0x0)
r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/190, 0xbe)

4.89420267s ago: executing program 4 (id=1316):
r0 = set_tid_address$auto(0x0)
ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r0)
memfd_secret$auto(0x0)
mmap$auto(0x0, 0x4, 0x857, 0xeb1, 0x401, 0x5)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0)
ioctl$auto(0x3, 0x80045438, 0x38)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
sigaltstack$auto(0x0, 0x0)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0xec6, 0x5, 0xeb2, 0x8, 0x1008000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x7ffffffff000}, 0x1)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket(0x1d, 0x3, 0x1)
r2 = socket(0x26, 0x1, 0xfffffffc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_batadv\x00', <r3=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a)
setsockopt$auto(r1, 0xffffffff, 0x400005, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = gettid()
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4)
kill$auto(r4, 0x11)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x3, 0x200000], {0x6, 0x6, 0x1, 0x1ff, 0x100, 0x83, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x876c5, 0x8, 0x100000000}})

4.375542953s ago: executing program 2 (id=1317):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram3\x00', 0x54b602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000140)="dc67b93a326473ddcf6630a2577c4d5984db7f944c09f00b71eb3c3b7c4e09c332964606452f16f2b8bb30bf16c6c5a0893ea32450")
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/virt_wifi0/router_solicitations\x00', 0x101202, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='./cgroup.net/blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0xc0a82, 0x0)
r0 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x0, 0x0)
ioctl$auto_XFS_IOC_GETPARENTS(r0, 0xc028583e, &(0x7f0000000100)={{[0xc, 0x8000, 0x6a, 0x9]}, 0x200, 0x6, 0x8, 0x0, 0xe})
msgctl$auto_IPC_INFO(0x6, 0x3, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty37\x00', 0x800, 0x0)
ioctl$auto(r1, 0x560a, r1)

4.227242927s ago: executing program 1 (id=1318):
mmap$auto(0x0, 0x400008, 0x3, 0x400009b72, 0x2, 0x8000)
open(0x0, 0x22240, 0x55)
socket(0x2, 0x3, 0xa)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, 0x0, 0x100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r0 = socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54)
write$auto(0x3, 0x0, 0x34000)
accept$auto(0x3, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0)
write$auto(r1, 0x0, 0x81)
r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)=';')
socket(0xa, 0x1, 0x100)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', 0x0, 0x1000005, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_DEL_INTERFACE(r3, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x34, r5, 0x20, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x5}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7}, @NL80211_ATTR_TXQ_QUANTUM={0x8, 0x10c, 0x2d}, @NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004000}, 0x4c000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
close_range$auto(0x2, r0, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000080004000900000008000200", @ANYRES32=0x0, @ANYBLOB="06000000804a88dd"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)

3.234485246s ago: executing program 2 (id=1319):
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x202101, 0x0)
mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000)
r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/pagemap\x00', 0x80240, 0x0)
ioctl$auto_PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000000)={0x60, 0x2, 0x100000000100000, 0x100000, 0x100000000000006, 0xfffffffffffffffe, 0x0, 0x0, 0x87, 0x2c, 0x4, 0x3})
mmap$auto(0x0, 0x7c5, 0xdf, 0xeb1, r1, 0x8000)
r2 = socket(0xa, 0x3, 0x3a)
close$auto(r2)
io_uring_setup$auto(0x6, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0)
read$auto(r4, 0x0, 0x4b)
socket$nl_generic(0x10, 0x3, 0x10)
write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram10/queue/discard_max_hw_bytes\x00', 0x68e00, 0x0)
r5 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_UI_DEV_SETUP(r5, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa})
ioctl$auto_UI_DEV_CREATE(r5, 0x5501, 0x0)
writev$auto(r5, &(0x7f0000000340)={0x0, 0xda7e}, 0x9)
r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
ioctl$auto_USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f0000000180)={0x2, 0x2, 0x4a47, 0x81, 0x9f, 0x8, 0x0})
io_uring_register$auto(r2, 0x8, 0x0, 0x0)
r7 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
writev$auto(r7, &(0x7f0000000180)={&(0x7f00000000c0)="aa3f486c05a7fa03a25975729918f0e145172b6354d6564afe3fb4442bb5b246e8b28a734d7182e730774acf228896ebb51dd2da5648d4aa790f92b99b044a77b31acb45a0909ae31eaf56412089eecf2bf95477def308a5e63f6427d4ffefba64a4ebf0d04adf3e839309544f05e1d14f9889a75cc1081fab8512b5403b17e2c5521a86ffcddb5d558aa6ff605f", 0xff}, 0x2)
r8 = open(0x0, 0x0, 0x408)
getdents$auto(r8, 0x0, 0x400018)
sendfile$auto(0x3, 0x3, 0x0, 0x400000000006)
preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e)

3.150117873s ago: executing program 3 (id=1320):
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mincore$auto(0x1000, 0x8001, 0x0)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = fcntl$auto(0x8000000000000001, 0x26, 0x8)
ioctl$auto_SOUND_MIXER_WRITE_RECSRC2(r0, 0xc0044dff, &(0x7f0000000000)="7b7ae4795a010324ad31396722fb6bbb0257b1b70e92093dc1cdd07d5522e010811a01074e0d48eb7e19ab2070b9707300d35c047c39773060b73b7126122370131cd62c783bc34129aee52fc00903409ef622f2a46b47ff5b003a8b019da67de24ba0747b9c3e639871ded2f2a2b856c10f7f0b86d9ed2412d2afba108ad3948b3440e8b03bc8f8d8f19dcca2adb23ae8838e8688a1ea28bc5627a2e33d2a6153a245235ea862bef3510cf9e8f706e17a4ca1e5a9a7e843555ac62ee001265d323aae155de69291d3aac6938f48bcd85d39bde4e1f3df9b2102e998ebb457")
mmap$auto(0x0, 0x20009, 0x10000000000e3, 0xeb2, 0x401, 0x8000)
mincore$auto(0xb, 0x3ff, &(0x7f0000000100)='*:!@\x00')
fcntl$auto(0x8000000000000001, 0x25, 0x8)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x400080, 0x0)

3.092220694s ago: executing program 4 (id=1321):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x10000000}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0xa}, 0x7}, 0x3, 0x2)
keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6})
socket(0x2, 0x1, 0x0)
ioctl$auto(0x3, 0xae41, r0)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dmmidi2\x00', 0x123000, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vivid.0/video4linux/vbi23/dev\x00', 0x4000, 0x0)
read$auto(r2, 0x0, 0x20)
r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0)
ioctl$auto(r3, 0x800064ba, 0x1e6)
openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x200100, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x440, 0x0)

2.859689857s ago: executing program 3 (id=1322):
mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty12\x00', 0x800, 0x0)
ioctl$auto(r0, 0x4b48, 0x9)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x6, 0x2, 0x40eb1, 0x602, 0x300000000000)
r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0xa0001, 0x0)
r2 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
ioctl$auto_USB_RAW_IOCTL_EP_READ(r1, 0xc0085508, 0x0)
io_uring_setup$auto(0x20000000, &(0x7f0000000180)={0x58000000, 0x6, 0x200, 0x9, 0x5b662f24, 0x9, r2, [0x5, 0xb26b, 0x2], {0x3, 0x6, 0xe00000, 0xfffffff9, 0x401, 0x8, 0x7, 0x8, 0x6}, {0x6, 0x9, 0xea2, 0x9, 0x6, 0x8, 0x80000000, 0xff, 0x5}})
r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(r3, 0x8, 0x0)
r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0)
pread64$auto(r6, 0x0, 0x800003, 0x270)
mlockall$auto(0x7)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x202, 0x0)
ioctl$auto_SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x200080, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
pipe$auto(0x0)

2.741773668s ago: executing program 4 (id=1323):
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000))
mmap$auto(0x1, 0x400007, 0x800000000000df, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x430402, 0x0)
sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800)
timer_create$auto(0x9, 0x0, 0x0)
read$auto(0x3, 0x0, 0x8080)
socket(0xa, 0x0, 0x100)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000300)={{0x4, 0xee00, 0xee00, 0x4, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8, 0x400001, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000200)="4f0d6995e943b6bc1919e836e1a6e889b4881e233d3b51e0054c9e474be535fd29da000000f3c9e325633c9f7bfbfa3ce81f0b5a7d2d0d46db253573d2c55c8a9f98f17e8c43b8ebb957ad4896af74269f4d2f1c4d", &(0x7f0000000280)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa98e25"})
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0)
ioctl$auto(0x3, 0x40086203, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0)
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000)
r1 = prctl$auto(0x3e, 0x1, 0x0, 0xcc5, 0x0)
utimensat$auto(r1, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38)
dup2$auto(r1, r1)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000002140)=""/4106, 0xfffffffffffffd1b)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0)
socket(0x2, 0x2, 0x0)
setsockopt$auto(0x3, 0x0, 0x0, 0x0, 0x1d2b)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/43:160/read_ahead_kb\x00', 0x60187, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendfile$auto(r2, 0x3, 0x0, 0x6)
select$auto(0x6, &(0x7f0000000380)={[0x5, 0x4, 0x4, 0xa, 0x3f, 0x9, 0xffffffffffffffff, 0x3, 0x1000000000d, 0x1, 0x100000000000000, 0x7fffffffffffffff, 0xfffffffffffffe8f, 0x2, 0x40000000000005, 0xfffffffffffffff5]}, &(0x7f0000000100)={[0x8, 0x31, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xf94, 0xc, 0x0, 0x7, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x6, 0x8, 0x5, 0x8, 0x10, 0x200000000000005, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x202, 0x401})

2.355728231s ago: executing program 1 (id=1324):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/workqueue/nf_ft_offload_del/nice\x00', 0x4aaa2, 0x0)
pwrite64$auto(r0, &(0x7f0000000140)='-h\xd2i>\xcef1\xdeF\t\x85^!D\n\xf4~\xc8\xdc\xa5\x94\xc5K=\xaa!\xd9-evO+\xdd\xce!\x8cE\x04\t\xf8\x00\f\xe6\xba\n\xfe\xc5?\a\xa7\x1b\x0e\x13\xa8\xba\x10\xd9\x9b\f\xc9\xc8~\xfb\xd8\x92\x10\x8d\x93f\x836/\xee\xf5\x10\xf3rk\xc1^$\x91\x84\xe3\xa8{+ui\xa7O*\xdd=\xfdr\xb9\t\x005\x00\x00\xbf\x1feX*J\xeb\xf6\xc4\n\xce\xf0\xf4\xc4\xce\xc2=I\\8,\xf4\x9a\x17\xc3t;E\x146\xc3!\x9e\x05\x05\x84\x1f\xe4\x06', 0x80080005, 0x1000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
umount2$auto(0x0, 0x5345)

1.825705531s ago: executing program 2 (id=1325):
mmap$auto(0x800000, 0x202000b, 0x4, 0x15, 0xfffffffffffffffa, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0xa, 0x3, 0x3b)
mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
sysfs$auto(0x2, 0x23, 0x0)
r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0)
write$auto(r0, 0x0, 0x3)
connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e24, @loopback}, 0x58)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
select$auto(0x2, 0x0, 0x0, &(0x7f0000000100)={[0xff, 0x5, 0xe, 0x8, 0x1, 0x80, 0x0, 0x8, 0x7, 0x64c, 0x6, 0x1ff, 0xfffffffffffffff8, 0xffffffffffffffff, 0x1ff, 0x6]}, 0x0)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x88)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sysfs$auto(0x2, 0xe, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x4, 0x9)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000)
shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9852e4e248e519e6e2d25bc83b3fb9ec16cbc5fe503b9662d19861c9bb377749418140efde7024c7215d323a6c79c5be94bc04ed0d9afbb9c9574ff829522a54b91ef7bcef85e226564639c87b944203a6814a00eea8134d42bc137511ab276827b7ee17d85c2722c34b6d9cd3c095bd1094df859fd44defb05f086d48e42b8cfe4f20b057126cfb78738004716a5e21149cc372c89149624db4102", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8b"})
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nullb0/queue/virt_boundary_mask\x00', 0x101000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000003c0)=""/251, 0xfb)
socket(0xb, 0xa, 0xd9)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
r2 = socket(0xa, 0x1, 0x84)
bind$auto(r2, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)

1.753670245s ago: executing program 4 (id=1326):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000013c0), 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$auto_netdev(&(0x7f00000013c0), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='P'], 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0) (async)
sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='P'], 0x50}, 0x1, 0x0, 0x0, 0x4048081}, 0x0)
sendmsg$auto_TIPC_NL_PEER_REMOVE(0xffffffffffffffff, 0x0, 0x8083)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
rt_sigqueueinfo$auto(0x0, 0xffff7b6f, 0x0) (async)
rt_sigqueueinfo$auto(0x0, 0xffff7b6f, 0x0)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/sub0/status\x00', 0x0, 0x0)
read$auto(r0, 0x0, 0x5)
syz_open_procfs$namespace(0x0, 0x0) (async)
syz_open_procfs$namespace(0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22040, 0x75)
socket(0xa, 0x3, 0x87)
connect$auto(0x3, &(0x7f0000000140)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x3)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
socket(0x2, 0x1, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d91, 0x4, 0x4}, 0x77, 0x2, 0x0, 0x62bd)
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x6) (async)
socket(0xa, 0x3, 0x6)
socket(0xa, 0x801, 0x106) (async)
socket(0xa, 0x801, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)

1.400327634s ago: executing program 4 (id=1327):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x400008, 0x5, 0x9b72, 0x2, 0x6)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
ioctl$auto_BTRFS_IOC_ENCODED_WRITE(0xffffffffffffffff, 0x40809440, &(0x7f00000001c0)={&(0x7f0000000180)={&(0x7f00000000c0)="5691d235658d72bdb0333a3ba7fa86e2902fcd7228383c11ee6e7d7dbacc1f795702a0a885a906b97113e45f1ca72f6b376f64cc1c2727e9a315bb10c001021d1cef1c39587cbd8ed3e803bf597924de41373471739c1136ebcc0c19315c0ed87febd0588a45d36e9957feaffac6742ba0736f6b3c652fae0f10a53ab9be75f409242c41e054da548b2f8e", 0x12000}, 0x0, 0x3ff, 0x3, 0x7, 0x400, 0x4, 0x80, 0x1, "821a3a97733fed7f473f5a5233f7b0847cd59e02a03b7816268efe0b2767955b93486a90a75195c2b0ed21c42ef1ce2556998d8da5ad4b2a266ad9bfe08bfee7"})
r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000380), r0)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(r0, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x44, r1, 0x8, 0x70bd2b, 0x25dfdbfe, {}, [@IOAM6_ATTR_NS_DATA={0x8, 0x2, 0x10}, @IOAM6_ATTR_NS_DATA={0x8, 0x2, 0x6}, @IOAM6_ATTR_NS_DATA_WIDE={0xc, 0x3, 0xff}, @IOAM6_ATTR_NS_DATA={0x8, 0x2, 0xffff0001}, @IOAM6_ATTR_NS_DATA_WIDE={0xc, 0x3, 0x5}]}, 0x44}}, 0x44851)
sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xc834, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0x8000000000000000, 0x15)
pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000)
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0)
ioctl$auto(0x3, 0x80108907, 0x38)
prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40)
setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2)
write$auto(0x3, 0x0, 0xfffffdef)
madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66)
r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0)
sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x20, r2, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x18, 0x0, 0x0, @uid=0xee00}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800)

820.379804ms ago: executing program 1 (id=1328):
r0 = open(&(0x7f0000000140)='./file0\x00', 0xce7c0, 0x122)
chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba)
writev$auto(r0, &(0x7f0000000000)={&(0x7f0000001200)="f23da39cc0107cb68840a4e3c66748fe14c2a4be33aaf3b402e34b9e4e79b1eb2d0c88ad7b380657a129ed57d9e71835228d893d45be03026f57ed3045075646db6a214fca811426ef583c483d16c60f83baa686bf1a3c876c27b17cda0affbf83a8bdcec723ca183960ee87d64c8b283d8d590ffda64f52d31d3446ab0a2db2ce049e0e88fdf98589ddf128a272900ffa4a013f5f3905c7bd7bcdc6ed2dded458acaef4c43c4a4979e6b6a144a955ede2c60c5b401b3a167d426e3d4597c7cf6ddfa5", 0xfffffffffffffffd}, 0x6)
write$auto_proc_setgroups_operations_base(0xffffffffffffffff, &(0x7f0000000180)="d2e80904bc764086f602166499c9cb1715a7685777f8388c6b6668f47c61b900b234785ff321c6b87a1e92810565e765de7d1c346574ba207b7c5344d77f64d0fe8c20c076bb0c55b129e56844c9de8959c813ec210a2dc5234ad49fd57ef88ce2e0caf01aa4fbb26c3cfc8378e03ab8b369dd11b78e58b9e389d2e7341d9b7a3d84f87ccdcc807aa24b54572c3453bc9298e4f71a631bd2feec2b8262e583275bded89c9bb2fb91e37ae522af70a7397e89820f4427a1508ed00103efe48946e531e40f626b80e85443ade868494823391d3900de", 0xd5)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/midiC2D0\x00', 0x8001, 0x0)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='-\x00', 0x2fb)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000400), r2)
unshare$auto(0x40000080)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000001100)=@task_fd_query={0x0, r1, 0xd, 0x7, 0xfffffffffffffffd, 0x601, r0, 0x0, 0x4800}, 0x51)
read$auto(0xffffffffffffffff, 0x0, 0x1f40)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2061, 0x0)
write$auto(r5, 0x0, 0x80)
listen$auto(r0, 0x80)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x10001ffffffff, 0x2003f2, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28400, 0x0)
r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0)
ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/sound/seq/uevent\x00', 0x8500, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f00000000c0)=""/4096, 0x1000)
r8 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0)
pread64$auto(r8, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001)
sendmsg$auto_IPVS_CMD_ZERO(r2, &(0x7f0000002900)={0x0, 0x0, &(0x7f00000028c0)={&(0x7f00000010c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="006200000000000000a352218800001a0000"], 0x14}, 0x1, 0x0, 0x0, 0x20040050}, 0x0)
chown$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

309.088449ms ago: executing program 2 (id=1329):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0) (async)
setresuid$auto(0x0, 0x0, 0x0) (async, rerun: 64)
stat$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0x9, 0x2, 0xc, 0x3ff, 0xffffffffffffffff, <r1=>0x0, 0x0, 0x0, 0xfffffffffffffff8, 0xfffffffffffffffa, 0x0, 0x200, 0x9, 0x7d3, 0x81, 0x6, 0xfffffffffffffffb}) (rerun: 64)
fchown$auto(r0, 0x0, r1) (async)
io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3)
sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 64)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) (rerun: 64)
ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0)
ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) (async, rerun: 64)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) (async, rerun: 64)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) (async)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20) (async)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x48041, 0x0)
write$auto(r5, 0x0, 0x6) (async)
unshare$auto(0x40000080) (async)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000000)="b2", 0x1)
r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0)
sendfile$auto(r2, r7, 0x0, 0x1) (async)
syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff)
setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9) (async)
socket(0x10, 0x80002, 0x0)
bind$auto(r3, &(0x7f0000000140)=@generic={0x1a, "9300000004000000000000000091"}, 0x6a)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vgem/driver_override\x00', 0x0, 0x0)
syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) (async)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x20008000)

298.99234ms ago: executing program 3 (id=1330):
mmap$auto(0x0, 0x4020009, 0x4, 0xeb1, 0x401, 0x8000)
socket(0x1e, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
socket(0x840000000002, 0x3, 0xff)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x22, 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
socket(0x2, 0x2, 0x1)
socket(0xa, 0x5, 0x0)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
r0 = socket(0x28, 0x1, 0x0)
getsockopt$auto(r0, 0x28, 0x6, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
eventfd$auto(0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001400038010000c800c00058008000600", @ANYRES32=0x0, @ANYBLOB="12000100"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0xc800)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', <r3=>0x0})
sendmsg$auto_NET_SHAPER_CMD_GROUP(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="120000204b621f704607a7fa6609b9c7c7e06f69caf7efcc1db32de319d336a2384b24722c1434e52cdb2ed0143bb9ff7328f7bd54674014a9e887cd772877160a8c6adc3b647e6c7f63561b362826639e864021bee0daeac3bf8125b8ae088291ccac47c153e2585adbc23f7c6f362473f85387531a69554bbddef1843e1a05b1dfb11f7fe4e510a1bad7b05037810a2197c85672b56b96fceda5d03ace7c22904f14e44cbe56637dde09f566947a9d2b92df956c68770de76d2cadeaf9bdd8903f7eb666dd862e1dab85562e0481804ba242f76dc5b84cc540c36b948a6b7681720d84e15ef1eea7488dbf159e187dd0c714a174f8a2ddda95ed99aa1c008d8888cf892af8dcc7100e85ba3ec804715be0ce279b4d23ba7f60362904aec5f7b590ef48938fa782a7842c22d9cd5282a7459ed54929496cc9b32c59cbe0aaf3f8f9a4183c45519baaee164f60c61667792b1c59fa2864178fde67c9a3b58dda5ed04771b9de06f56ba89b483d3ecaeb88883fa508da7088a6ce36a5e7aba23392b440448d7a8d661c07fcff16f97717e9142e2d1d2badab6a9f67accbb877ae8693d951661a58079c5caf1e762468d21d66436771088721e20b", @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf25040000000400018008000a800400018008000800", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x14)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810)
sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3ce922e8", @ANYRES16=0x0, @ANYBLOB="01002cbd7000fbdbdf250a"], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

0s ago: executing program 3 (id=1331):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
io_uring_setup$auto(0x9, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0)
read$auto(0x3, 0x0, 0x80)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
io_uring_setup$auto(0x6, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
shmget$auto(0x0, 0x200000005, 0x7d)
r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0)
ppoll$auto(&(0x7f0000000000)={<r2=>r1, 0x40}, 0x2, 0x0, 0x0, 0x8)
read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, &(0x7f0000000200)=""/238, 0xee)
ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc)
socketpair$auto(0x5, 0x9, 0x80, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x20001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0)
write$auto_ocfs2_control_fops_stack_user(r3, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
unshare$auto(0x40000080)
unshare$auto(0x40000080)
clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5)

kernel console output (not intermixed with test programs):

: 0000000000000101
[  388.844484][ T9381] RAX: ffffffffffffffda RBX: 00007f43793e5fa0 RCX: 00007f437918f7c9
[  388.844497][ T9381] RDX: 0000000000048002 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  388.844508][ T9381] RBP: 00007f4379213f91 R08: 0000000000000000 R09: 0000000000000000
[  388.844519][ T9381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  388.844530][ T9381] R13: 00007f43793e6038 R14: 00007f43793e5fa0 R15: 00007ffd505cc698
[  388.844554][ T9381]  </TASK>
[  389.191686][ T9387] netlink: 346 bytes leftover after parsing attributes in process `syz.4.705'.
[  389.514524][ T9395] futex_wake_op: syz.3.706 tries to shift op by -2048; fix this program
[  389.552927][ T9395] futex_wake_op: syz.3.706 tries to shift op by -2048; fix this program
[  389.614826][ T9397] 0x000000000001-0x000000020000 : ""
[  389.742018][ T9397] ftl_cs: FTL header corrupt!
[  390.610683][ T9406] netlink: 342 bytes leftover after parsing attributes in process `syz.1.708'.
[  390.708546][ T9406] IPv6: NLM_F_CREATE should be specified when creating new route
[  390.779580][ T9406] IPv6: Can't replace route, no match found
[  391.627419][ T9404] netlink: 16 bytes leftover after parsing attributes in process `syz.4.707'.
[  391.797361][ T9404] bond0: entered promiscuous mode
[  391.802629][ T9404] bond_slave_0: entered promiscuous mode
[  392.054295][ T9404] bond_slave_1: entered promiscuous mode
[  392.131455][ T9404] bond0: entered allmulticast mode
[  392.190996][ T9404] bond_slave_0: entered allmulticast mode
[  392.249063][ T9404] bond_slave_1: entered allmulticast mode
[  393.972034][ T9443] netlink: zone id is out of range
[  394.002577][ T9443] netlink: zone id is out of range
[  394.030134][ T9443] netlink: zone id is out of range
[  395.721877][ T9477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  395.887292][ T9477] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  396.077563][ T9477] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  396.202714][ T9477] page_type: f5(slab)
[  396.285028][ T9477] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  396.394234][ T9477] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  396.436335][ T9488] netlink: 28 bytes leftover after parsing attributes in process `syz.3.728'.
[  396.480816][ T9477] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  396.540708][ T9477] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  396.603892][ T9477] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  396.671849][ T9477] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  396.809310][ T9477] page dumped because: unmovable page
[  396.860844][ T9477] page_owner tracks the page as allocated
[  396.923882][ T9477] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  396.994088][ T9500] netlink: 8 bytes leftover after parsing attributes in process `syz.3.731'.
[  397.123754][ T9477]  post_alloc_hook+0x1af/0x220
[  397.177489][ T9477]  get_page_from_freelist+0xd0b/0x31a0
[  397.232117][ T9477]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  397.272772][ T9477]  alloc_pages_mpol+0x1fb/0x550
[  397.313906][ T9477]  new_slab+0x2c3/0x430
[  397.353627][ T9477]  ___slab_alloc+0xe18/0x1c90
[  397.387768][ T9477]  __slab_alloc.constprop.0+0x63/0x110
[  397.427605][ T9477]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  397.467048][ T9477]  shmem_alloc_inode+0x25/0x50
[  397.487317][ T9477]  alloc_inode+0x64/0x240
[  397.502632][ T9477]  new_inode+0x22/0x1c0
[  397.514087][ T9477]  shmem_get_inode+0x19a/0xfb0
[  397.527582][ T9477]  shmem_symlink+0xf4/0x960
[  397.538042][ T9477]  vfs_symlink+0x4b5/0x800
[  397.552783][ T9477]  do_symlinkat+0x353/0x4b0
[  397.573058][ T9477]  __x64_sys_symlink+0x75/0x90
[  397.593310][ T9477] page last free pid 1 tgid 1 stack trace:
[  397.617853][ T9477]  __free_frozen_pages+0x7df/0x1170
[  397.643853][ T9477]  free_contig_range+0x183/0x4a0
[  397.668342][ T9477]  destroy_args+0xb95/0x14e0
[  397.688793][ T9477]  debug_vm_pgtable+0x2220/0x38d0
[  397.713945][ T9477]  do_one_initcall+0x123/0x680
[  397.747114][ T9477]  kernel_init_freeable+0x5c8/0x920
[  397.769881][ T9477]  kernel_init+0x1c/0x2b0
[  397.789040][ T9477]  ret_from_fork+0x983/0xb10
[  397.809650][ T9477]  ret_from_fork_asm+0x1a/0x30
[  398.458979][ T9516] netlink: 4 bytes leftover after parsing attributes in process `syz.4.735'.
[  398.878961][ T9525] FAULT_INJECTION: forcing a failure.
[  398.878961][ T9525] name failslab, interval 1, probability 0, space 0, times 0
[  399.351705][ T9525] CPU: 1 UID: 0 PID: 9525 Comm: syz.2.733 Not tainted syzkaller #0 PREEMPT(full) 
[  399.351734][ T9525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  399.351746][ T9525] Call Trace:
[  399.351753][ T9525]  <TASK>
[  399.351760][ T9525]  dump_stack_lvl+0x16c/0x1f0
[  399.351795][ T9525]  should_fail_ex+0x512/0x640
[  399.351817][ T9525]  ? kmem_cache_alloc_noprof+0x62/0x770
[  399.351843][ T9525]  should_failslab+0xc2/0x120
[  399.351872][ T9525]  kmem_cache_alloc_noprof+0x83/0x770
[  399.351895][ T9525]  ? ptlock_alloc+0x1f/0x70
[  399.351919][ T9525]  ? ptlock_alloc+0x1f/0x70
[  399.351937][ T9525]  ptlock_alloc+0x1f/0x70
[  399.351956][ T9525]  pte_alloc_one+0x84/0x3d0
[  399.351984][ T9525]  do_fault+0x8b8/0x1ad0
[  399.352012][ T9525]  ? __pfx_filemap_map_pages+0x10/0x10
[  399.352034][ T9525]  ? __pmd_alloc+0x6aa/0x9c0
[  399.352064][ T9525]  __handle_mm_fault+0x1919/0x2bb0
[  399.352094][ T9525]  ? __pfx___handle_mm_fault+0x10/0x10
[  399.352126][ T9525]  ? find_vma+0xbf/0x140
[  399.352166][ T9525]  ? __pfx_find_vma+0x10/0x10
[  399.352193][ T9525]  handle_mm_fault+0x3fe/0xad0
[  399.352217][ T9525]  do_user_addr_fault+0x7a6/0x1370
[  399.352340][ T9525]  ? rcu_is_watching+0x12/0xc0
[  399.352371][ T9525]  exc_page_fault+0x64/0xc0
[  399.352401][ T9525]  asm_exc_page_fault+0x26/0x30
[  399.352419][ T9525] RIP: 0010:rep_movs_alternative+0x30/0x90
[  399.352444][ T9525] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  399.352463][ T9525] RSP: 0018:ffffc9000486fda0 EFLAGS: 00050216
[  399.352478][ T9525] RAX: 0000000000000001 RBX: 0000000000001298 RCX: 0000000000000020
[  399.352490][ T9525] RDX: fffff5200090dfcc RSI: 0000000000001298 RDI: ffffc9000486fe40
[  399.352501][ T9525] RBP: 0000000000000020 R08: 0000000000000001 R09: fffff5200090dfcb
[  399.352512][ T9525] R10: ffffc9000486fe5f R11: ffff88802cb24830 R12: 0000000000000000
[  399.352523][ T9525] R13: ffffc9000486fe40 R14: ffffc9000486fe40 R15: dffffc0000000000
[  399.352546][ T9525]  _copy_from_user+0x98/0xd0
[  399.352568][ T9525]  do_fcntl+0x410/0x1660
[  399.352590][ T9525]  ? __pfx_do_fcntl+0x10/0x10
[  399.352617][ T9525]  ? tomoyo_file_fcntl+0x6c/0xc0
[  399.352649][ T9525]  __x64_sys_fcntl+0x163/0x200
[  399.352672][ T9525]  do_syscall_64+0xcd/0xf80
[  399.352703][ T9525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.352721][ T9525] RIP: 0033:0x7f5cde58f7c9
[  399.352736][ T9525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.352753][ T9525] RSP: 002b:00007f5cdbff2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  399.352770][ T9525] RAX: ffffffffffffffda RBX: 00007f5cde7e6360 RCX: 00007f5cde58f7c9
[  399.352782][ T9525] RDX: 0000000000001298 RSI: 0000000000000026 RDI: 000000000000000b
[  399.352792][ T9525] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  399.352803][ T9525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  399.352813][ T9525] R13: 00007f5cde7e63f8 R14: 00007f5cde7e6360 R15: 00007ffeb337f2c8
[  399.352837][ T9525]  </TASK>
[  401.273160][ T5837] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  401.664050][ T9544] zswap: compressor  not available
[  401.710453][ T9546] could not allocate digest TFM handle 
[  403.370727][ T9578] FAULT_INJECTION: forcing a failure.
[  403.370727][ T9578] name failslab, interval 1, probability 0, space 0, times 0
[  403.523287][ T9578] CPU: 1 UID: 0 PID: 9578 Comm: syz.3.744 Not tainted syzkaller #0 PREEMPT(full) 
[  403.523314][ T9578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  403.523324][ T9578] Call Trace:
[  403.523331][ T9578]  <TASK>
[  403.523338][ T9578]  dump_stack_lvl+0x16c/0x1f0
[  403.523372][ T9578]  should_fail_ex+0x512/0x640
[  403.523394][ T9578]  ? __kmalloc_noprof+0xca/0x910
[  403.523417][ T9578]  should_failslab+0xc2/0x120
[  403.523446][ T9578]  __kmalloc_noprof+0xeb/0x910
[  403.523466][ T9578]  ? kernfs_fop_write_iter+0x237/0x570
[  403.523498][ T9578]  ? kernfs_fop_write_iter+0x237/0x570
[  403.523525][ T9578]  kernfs_fop_write_iter+0x237/0x570
[  403.523556][ T9578]  vfs_write+0x7d3/0x11d0
[  403.523583][ T9578]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  403.523614][ T9578]  ? __pfx_vfs_write+0x10/0x10
[  403.523654][ T9578]  ksys_write+0x12a/0x250
[  403.523680][ T9578]  ? __pfx_ksys_write+0x10/0x10
[  403.523713][ T9578]  do_syscall_64+0xcd/0xf80
[  403.523744][ T9578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.523763][ T9578] RIP: 0033:0x7fd44878f7c9
[  403.523778][ T9578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  403.523797][ T9578] RSP: 002b:00007fd4496c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  403.523814][ T9578] RAX: ffffffffffffffda RBX: 00007fd4489e6180 RCX: 00007fd44878f7c9
[  403.523830][ T9578] RDX: 000000000000cd04 RSI: 0000200000000140 RDI: 0000000000000004
[  403.523841][ T9578] RBP: 00007fd4496c3090 R08: 0000000000000000 R09: 0000000000000000
[  403.523852][ T9578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  403.523862][ T9578] R13: 00007fd4489e6218 R14: 00007fd4489e6180 R15: 00007fff99a625c8
[  403.523886][ T9578]  </TASK>
[  406.856869][ T9617] futex_wake_op: syz.3.755 tries to shift op by -2048; fix this program
[  406.884860][ T9617] futex_wake_op: syz.3.755 tries to shift op by -2048; fix this program
[  406.937873][ T9621] 0x000000000001-0x000000020000 : ""
[  406.978764][ T9621] ftl_cs: FTL header corrupt!
[  407.479553][ T9628] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  407.581989][ T9628] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  407.728484][ T9628] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  407.907575][ T9628] page_type: f5(slab)
[  407.991519][ T9628] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  408.129358][ T9628] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  408.260329][ T9628] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  408.467522][ T9628] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  408.574711][ T9628] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  408.689781][ T9628] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  408.860126][ T9628] page dumped because: unmovable page
[  408.899968][ T9628] page_owner tracks the page as allocated
[  408.942545][ T9628] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  409.095660][ T9628]  post_alloc_hook+0x1af/0x220
[  409.140233][ T9628]  get_page_from_freelist+0xd0b/0x31a0
[  409.181009][ T9628]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  409.240440][ T9628]  alloc_pages_mpol+0x1fb/0x550
[  409.319286][ T9628]  new_slab+0x2c3/0x430
[  409.339897][ T9628]  ___slab_alloc+0xe18/0x1c90
[  409.375564][ T9628]  __slab_alloc.constprop.0+0x63/0x110
[  409.436277][ T9628]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  409.510594][ T9628]  shmem_alloc_inode+0x25/0x50
[  409.515801][ T9628]  alloc_inode+0x64/0x240
[  409.609566][ T9628]  new_inode+0x22/0x1c0
[  409.637048][ T9628]  shmem_get_inode+0x19a/0xfb0
[  409.670376][ T9628]  shmem_symlink+0xf4/0x960
[  409.715923][ T9628]  vfs_symlink+0x4b5/0x800
[  409.749471][ T9628]  do_symlinkat+0x353/0x4b0
[  409.774011][ T9628]  __x64_sys_symlink+0x75/0x90
[  409.825249][ T9628] page last free pid 1 tgid 1 stack trace:
[  409.853851][ T9628]  __free_frozen_pages+0x7df/0x1170
[  409.891784][ T9628]  free_contig_range+0x183/0x4a0
[  409.964149][ T9628]  destroy_args+0xb95/0x14e0
[  409.969047][ T9628]  debug_vm_pgtable+0x2220/0x38d0
[  410.035539][ T9628]  do_one_initcall+0x123/0x680
[  410.055813][ T9628]  kernel_init_freeable+0x5c8/0x920
[  410.079430][ T9628]  kernel_init+0x1c/0x2b0
[  410.126655][ T9628]  ret_from_fork+0x983/0xb10
[  410.146911][ T9628]  ret_from_fork_asm+0x1a/0x30
[  410.816245][ T9669] cgroup: fork rejected by pids controller in /syz2
[  413.294465][ T9715] nfsd: Unknown parameter '^B�-kvm'
[  413.844608][ T9744] zswap: compressor  not available
[  415.421342][ T9765] [U] ^\
[  415.802722][ T9769] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18
[  419.009292][ T9890] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'.
[  423.202964][ T9939] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  423.242956][ T9939] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  423.314625][ T9939] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  423.352746][ T9939] page_type: f5(slab)
[  423.373754][ T9939] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  423.417032][ T9939] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  423.434544][ T9924] sctp: [Deprecated]: syz.2.796 (pid 9924) Use of struct sctp_assoc_value in delayed_ack socket option.
[  423.434544][ T9924] Use struct sctp_sack_info instead
[  423.494155][ T9939] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  423.549417][ T9939] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  423.623844][ T9939] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  423.772152][ T9939] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  423.970263][ T9939] page dumped because: unmovable page
[  424.029495][ T9939] page_owner tracks the page as allocated
[  424.081591][ T9939] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  424.181670][ T9954] FAULT_INJECTION: forcing a failure.
[  424.181670][ T9954] name failslab, interval 1, probability 0, space 0, times 0
[  424.214870][ T9939]  post_alloc_hook+0x1af/0x220
[  424.224980][ T9939]  get_page_from_freelist+0xd0b/0x31a0
[  424.259557][ T9954] CPU: 1 UID: 0 PID: 9954 Comm: syz.4.801 Not tainted syzkaller #0 PREEMPT(full) 
[  424.259585][ T9954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.259597][ T9954] Call Trace:
[  424.259603][ T9954]  <TASK>
[  424.259611][ T9954]  dump_stack_lvl+0x16c/0x1f0
[  424.259645][ T9954]  should_fail_ex+0x512/0x640
[  424.259667][ T9954]  ? __kmalloc_cache_noprof+0x5f/0x800
[  424.259692][ T9954]  should_failslab+0xc2/0x120
[  424.259722][ T9954]  __kmalloc_cache_noprof+0x80/0x800
[  424.259742][ T9954]  ? __lock_acquire+0x436/0x2890
[  424.259760][ T9954]  ? tty_open+0x13e/0xf90
[  424.259792][ T9954]  ? tty_open+0x13e/0xf90
[  424.259819][ T9954]  ? __pfx_tty_open+0x10/0x10
[  424.259860][ T9954]  tty_open+0x13e/0xf90
[  424.259892][ T9954]  ? __pfx_tty_open+0x10/0x10
[  424.259920][ T9954]  ? chrdev_open+0x10b/0x6a0
[  424.259953][ T9954]  ? __pfx_tty_open+0x10/0x10
[  424.259982][ T9954]  chrdev_open+0x234/0x6a0
[  424.260011][ T9954]  ? __pfx_apparmor_file_open+0x10/0x10
[  424.260031][ T9954]  ? __pfx_chrdev_open+0x10/0x10
[  424.260061][ T9954]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  424.260095][ T9954]  do_dentry_open+0x748/0x1590
[  424.260122][ T9954]  ? __pfx_chrdev_open+0x10/0x10
[  424.260156][ T9954]  vfs_open+0x82/0x3f0
[  424.260178][ T9954]  path_openat+0x2078/0x3140
[  424.260213][ T9954]  ? __pfx_path_openat+0x10/0x10
[  424.260249][ T9954]  do_filp_open+0x20b/0x470
[  424.260278][ T9954]  ? __pfx_do_filp_open+0x10/0x10
[  424.260321][ T9954]  ? alloc_fd+0x471/0x7d0
[  424.260355][ T9954]  do_sys_openat2+0x121/0x290
[  424.260375][ T9954]  ? __pfx_do_sys_openat2+0x10/0x10
[  424.260405][ T9954]  __x64_sys_openat+0x174/0x210
[  424.260427][ T9954]  ? __pfx___x64_sys_openat+0x10/0x10
[  424.260458][ T9954]  do_syscall_64+0xcd/0xf80
[  424.260488][ T9954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.260509][ T9954] RIP: 0033:0x7f182d98f7c9
[  424.260524][ T9954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.260543][ T9954] RSP: 002b:00007f182e8bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  424.260561][ T9954] RAX: ffffffffffffffda RBX: 00007f182dbe5fa0 RCX: 00007f182d98f7c9
[  424.260573][ T9954] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  424.260585][ T9954] RBP: 00007f182da13f91 R08: 0000000000000000 R09: 0000000000000000
[  424.260596][ T9954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  424.260606][ T9954] R13: 00007f182dbe6038 R14: 00007f182dbe5fa0 R15: 00007ffd597f5378
[  424.260630][ T9954]  </TASK>
[  424.543292][ T9939]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  424.551609][ T9939]  alloc_pages_mpol+0x1fb/0x550
[  424.557444][ T9939]  new_slab+0x2c3/0x430
[  424.562191][ T9939]  ___slab_alloc+0xe18/0x1c90
[  424.567671][ T9939]  __slab_alloc.constprop.0+0x63/0x110
[  424.574019][ T9939]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  424.580525][ T9939]  shmem_alloc_inode+0x25/0x50
[  424.585747][ T9939]  alloc_inode+0x64/0x240
[  424.590402][ T9939]  new_inode+0x22/0x1c0
[  424.594962][ T9939]  shmem_get_inode+0x19a/0xfb0
[  424.600127][ T9939]  shmem_symlink+0xf4/0x960
[  424.604871][ T9939]  vfs_symlink+0x4b5/0x800
[  424.609811][ T9939]  do_symlinkat+0x353/0x4b0
[  424.614507][ T9939]  __x64_sys_symlink+0x75/0x90
[  424.619867][ T9939] page last free pid 1 tgid 1 stack trace:
[  424.626291][ T9939]  __free_frozen_pages+0x7df/0x1170
[  424.632255][ T9939]  free_contig_range+0x183/0x4a0
[  424.637442][ T9939]  destroy_args+0xb95/0x14e0
[  424.642478][ T9939]  debug_vm_pgtable+0x2220/0x38d0
[  424.647769][ T9939]  do_one_initcall+0x123/0x680
[  424.654059][ T9939]  kernel_init_freeable+0x5c8/0x920
[  424.660239][ T9939]  kernel_init+0x1c/0x2b0
[  424.665244][ T9939]  ret_from_fork+0x983/0xb10
[  424.670148][ T9939]  ret_from_fork_asm+0x1a/0x30
[  425.137250][ T9951] Console: switching to colour VGA+ 80x25
[  426.656387][ T9986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  426.733725][ T9986] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  426.787687][ T9986] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  426.837324][ T9986] page_type: f5(slab)
[  426.892605][ T9986] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  427.033978][ T9986] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  427.419468][ T9986] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  427.587763][ T9986] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  427.732859][ T9986] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  427.855639][ T9986] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  428.061546][ T9986] page dumped because: unmovable page
[  428.067018][ T9986] page_owner tracks the page as allocated
[  428.295359][ T9986] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  428.469458][ T9986]  post_alloc_hook+0x1af/0x220
[  428.510777][ T9986]  get_page_from_freelist+0xd0b/0x31a0
[  428.537043][ T9986]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  428.561738][ T9986]  alloc_pages_mpol+0x1fb/0x550
[  428.608541][ T9986]  new_slab+0x2c3/0x430
[  428.624647][ T9986]  ___slab_alloc+0xe18/0x1c90
[  428.648539][ T9986]  __slab_alloc.constprop.0+0x63/0x110
[  428.669479][ T9986]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  428.689477][ T9986]  shmem_alloc_inode+0x25/0x50
[  428.722369][ T9986]  alloc_inode+0x64/0x240
[  428.742846][ T9986]  new_inode+0x22/0x1c0
[  428.762269][ T9986]  shmem_get_inode+0x19a/0xfb0
[  428.790728][ T9986]  shmem_symlink+0xf4/0x960
[  428.795567][ T9986]  vfs_symlink+0x4b5/0x800
[  428.828043][ T9986]  do_symlinkat+0x353/0x4b0
[  428.838161][ T9986]  __x64_sys_symlink+0x75/0x90
[  429.015985][ T9986] page last free pid 1 tgid 1 stack trace:
[  429.113461][ T9986]  __free_frozen_pages+0x7df/0x1170
[  429.196868][ T9986]  free_contig_range+0x183/0x4a0
[  429.204126][ T9986]  destroy_args+0xb95/0x14e0
[  429.215368][ T9986]  debug_vm_pgtable+0x2220/0x38d0
[  429.282376][ T9986]  do_one_initcall+0x123/0x680
[  429.301256][ T9986]  kernel_init_freeable+0x5c8/0x920
[  429.307649][ T9986]  kernel_init+0x1c/0x2b0
[  429.382253][ T9986]  ret_from_fork+0x983/0xb10
[  429.387358][ T9986]  ret_from_fork_asm+0x1a/0x30
[  434.782623][T10051] futex_wake_op: syz.4.822 tries to shift op by -2048; fix this program
[  434.855004][T10051] futex_wake_op: syz.4.822 tries to shift op by -2048; fix this program
[  435.169865][T10051] 0x000000000001-0x000000020000 : ""
[  435.221101][T10051] ftl_cs: FTL header corrupt!
[  436.384306][    C1] hrtimer: interrupt took 1734159 ns
[  437.051588][T10084] zswap: compressor  not available
[  437.174104][T10092] netlink: 74 bytes leftover after parsing attributes in process `syz.2.828'.
[  438.860071][T10129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  438.980494][T10129] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  439.162154][T10129] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  439.266625][T10128] zswap: compressor ,0 not available
[  439.361126][T10129] page_type: f5(slab)
[  439.433023][T10129] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  439.759655][T10129] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  440.183180][T10129] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  440.275172][T10129] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  440.370092][T10129] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  440.577477][T10129] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  440.633494][T10129] page dumped because: unmovable page
[  440.660442][T10129] page_owner tracks the page as allocated
[  440.696313][T10129] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  440.847462][T10129]  post_alloc_hook+0x1af/0x220
[  440.927622][T10129]  get_page_from_freelist+0xd0b/0x31a0
[  440.980494][T10129]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  441.044514][T10129]  alloc_pages_mpol+0x1fb/0x550
[  441.106441][T10129]  new_slab+0x2c3/0x430
[  441.159265][T10129]  ___slab_alloc+0xe18/0x1c90
[  441.205816][T10129]  __slab_alloc.constprop.0+0x63/0x110
[  441.274422][T10129]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  441.300137][T10129]  shmem_alloc_inode+0x25/0x50
[  441.337540][T10129]  alloc_inode+0x64/0x240
[  441.371065][T10129]  new_inode+0x22/0x1c0
[  441.375827][T10129]  shmem_get_inode+0x19a/0xfb0
[  441.441512][T10129]  shmem_symlink+0xf4/0x960
[  441.487902][T10129]  vfs_symlink+0x4b5/0x800
[  441.495866][T10146] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied.
[  441.519422][T10129]  do_symlinkat+0x353/0x4b0
[  441.550094][T10129]  __x64_sys_symlink+0x75/0x90
[  441.588351][T10129] page last free pid 1 tgid 1 stack trace:
[  441.638226][T10129]  __free_frozen_pages+0x7df/0x1170
[  441.671800][T10129]  free_contig_range+0x183/0x4a0
[  441.703919][T10129]  destroy_args+0xb95/0x14e0
[  441.725241][T10129]  debug_vm_pgtable+0x2220/0x38d0
[  441.766416][T10129]  do_one_initcall+0x123/0x680
[  441.791706][T10129]  kernel_init_freeable+0x5c8/0x920
[  441.839476][T10129]  kernel_init+0x1c/0x2b0
[  441.865453][T10129]  ret_from_fork+0x983/0xb10
[  441.900414][T10129]  ret_from_fork_asm+0x1a/0x30
[  444.280511][T10162] netlink: 28 bytes leftover after parsing attributes in process `syz.4.843'.
[  444.378837][   T30] audit: type=1326 audit(1768024776.933:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10168 comm="syz.2.842" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5cde58f7c9 code=0x0
[  445.261422][T10153] kexec: Could not allocate control_code_buffer
[  445.630550][T10184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.849'.
[  445.752588][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  445.759694][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  456.927731][ T5837] Bluetooth: hci4: unexpected event 0x3d length: 726 > 14
[  457.327669][T10319] netlink: 28 bytes leftover after parsing attributes in process `syz.1.878'.
[  457.971022][T10319] team0: Port device team_slave_0 removed
[  458.504365][T10332] netlink: 8 bytes leftover after parsing attributes in process `syz.4.881'.
[  459.240795][T10326] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  459.439409][T10326] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  459.629612][T10326] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  459.638426][T10326] page_type: f5(slab)
[  459.840531][T10326] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  459.971709][T10332] ieee80211 phy21: Failed to add default virtual iface
[  460.011832][T10326] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  460.291811][T10326] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  460.454176][T10326] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  460.670701][T10326] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  460.835215][T10326] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  462.020492][T10326] page dumped because: unmovable page
[  462.302653][T10326] page_owner tracks the page as allocated
[  462.402340][T10326] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  462.491715][T10376] openvswitch: netlink: Duplicate or invalid key (type 0).
[  462.650983][T10326]  post_alloc_hook+0x1af/0x220
[  462.699735][T10326]  get_page_from_freelist+0xd0b/0x31a0
[  462.721306][T10377] netlink: 'syz.4.888': attribute type 11 has an invalid length.
[  462.759811][T10377] netlink: 'syz.4.888': attribute type 11 has an invalid length.
[  462.771506][T10326]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  462.777971][T10326]  alloc_pages_mpol+0x1fb/0x550
[  462.858847][T10326]  new_slab+0x2c3/0x430
[  462.888683][T10326]  ___slab_alloc+0xe18/0x1c90
[  462.924230][T10326]  __slab_alloc.constprop.0+0x63/0x110
[  462.974076][T10326]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  463.018570][T10326]  shmem_alloc_inode+0x25/0x50
[  463.061632][T10326]  alloc_inode+0x64/0x240
[  463.093762][T10326]  new_inode+0x22/0x1c0
[  463.117753][T10326]  shmem_get_inode+0x19a/0xfb0
[  463.160088][T10326]  shmem_symlink+0xf4/0x960
[  463.198493][T10326]  vfs_symlink+0x4b5/0x800
[  463.228167][T10326]  do_symlinkat+0x353/0x4b0
[  463.264649][T10326]  __x64_sys_symlink+0x75/0x90
[  463.302415][T10326] page last free pid 1 tgid 1 stack trace:
[  463.354127][T10326]  __free_frozen_pages+0x7df/0x1170
[  463.394683][T10326]  free_contig_range+0x183/0x4a0
[  463.436134][T10326]  destroy_args+0xb95/0x14e0
[  463.477596][T10326]  debug_vm_pgtable+0x2220/0x38d0
[  463.516868][T10326]  do_one_initcall+0x123/0x680
[  463.547224][T10326]  kernel_init_freeable+0x5c8/0x920
[  463.595082][T10326]  kernel_init+0x1c/0x2b0
[  463.624307][T10326]  ret_from_fork+0x983/0xb10
[  463.660800][T10326]  ret_from_fork_asm+0x1a/0x30
[  465.778804][T10400] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  465.875123][T10400] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  465.935838][T10400] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  465.962812][T10400] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  465.969095][T10400] CPU0 is offline.
[  467.109781][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  467.911987][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  467.989385][ T5148] Bluetooth: hci3: command 0x0c1a tx timeout
[  467.998471][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  470.536792][T10435] FAULT_INJECTION: forcing a failure.
[  470.536792][T10435] name failslab, interval 1, probability 0, space 0, times 0
[  472.290263][T10441] FAULT_INJECTION: forcing a failure.
[  472.290263][T10441] name failslab, interval 1, probability 0, space 0, times 0
[  472.624440][T10435] CPU: 1 UID: 0 PID: 10435 Comm: syz.2.899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  472.624472][T10435] Tainted: [L]=SOFTLOCKUP
[  472.624479][T10435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  472.624490][T10435] Call Trace:
[  472.624497][T10435]  <TASK>
[  472.624504][T10435]  dump_stack_lvl+0x16c/0x1f0
[  472.624541][T10435]  should_fail_ex+0x512/0x640
[  472.624568][T10435]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  472.624595][T10435]  should_failslab+0xc2/0x120
[  472.624627][T10435]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  472.624652][T10435]  ? __d_alloc+0x35/0xa80
[  472.624672][T10435]  ? __d_alloc+0x35/0xa80
[  472.624687][T10435]  ? trace_kmem_cache_alloc+0x28/0xb0
[  472.624715][T10435]  __d_alloc+0x35/0xa80
[  472.624730][T10435]  ? __pfx_map_id_range_down+0x10/0x10
[  472.624761][T10435]  d_alloc_pseudo+0x1c/0xc0
[  472.624784][T10435]  alloc_file_pseudo+0xcf/0x230
[  472.624805][T10435]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  472.624832][T10435]  sock_alloc_file+0x50/0x210
[  472.624860][T10435]  do_accept+0x240/0x530
[  472.624880][T10435]  ? 0xffffffff81000000
[  472.624893][T10435]  ? do_raw_spin_lock+0x12c/0x2b0
[  472.624916][T10435]  ? __pfx_do_accept+0x10/0x10
[  472.624949][T10435]  ? 0xffffffff81000000
[  472.624961][T10435]  __sys_accept4_file+0xcd/0x210
[  472.624982][T10435]  ? __pfx___sys_accept4_file+0x10/0x10
[  472.625018][T10435]  ? 0xffffffff81000000
[  472.625031][T10435]  __x64_sys_accept+0xb0/0x140
[  472.625054][T10435]  do_syscall_64+0xcd/0xf80
[  472.625086][T10435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  472.625106][T10435] RIP: 0033:0x7f5cde58f7c9
[  472.625121][T10435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  472.625139][T10435] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  472.625158][T10435] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  472.625170][T10435] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003
[  472.625181][T10435] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  472.625192][T10435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  472.625203][T10435] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  472.625221][T10435]  ? 0xffffffff81000000
[  472.625238][T10435]  </TASK>
[  473.149055][T10441] CPU: 1 UID: 0 PID: 10441 Comm: syz.2.899 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  473.149089][T10441] Tainted: [L]=SOFTLOCKUP
[  473.149096][T10441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  473.149107][T10441] Call Trace:
[  473.149114][T10441]  <TASK>
[  473.149121][T10441]  dump_stack_lvl+0x16c/0x1f0
[  473.149160][T10441]  should_fail_ex+0x512/0x640
[  473.149182][T10441]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  473.149208][T10441]  should_failslab+0xc2/0x120
[  473.149237][T10441]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  473.149262][T10441]  ? shmem_alloc_inode+0x25/0x50
[  473.149299][T10441]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  473.149324][T10441]  ? shmem_alloc_inode+0x25/0x50
[  473.149348][T10441]  shmem_alloc_inode+0x25/0x50
[  473.149373][T10441]  alloc_inode+0x64/0x240
[  473.149394][T10441]  new_inode+0x22/0x1c0
[  473.149418][T10441]  shmem_get_inode+0x19a/0xfb0
[  473.149448][T10441]  ? __vm_enough_memory+0x184/0x3f0
[  473.149480][T10441]  __shmem_file_setup+0x290/0x350
[  473.149512][T10441]  shmem_zero_setup+0x93/0x1b0
[  473.149539][T10441]  __mmap_region+0x2271/0x2a00
[  473.149563][T10441]  ? __lock_acquire+0x436/0x2890
[  473.149580][T10441]  ? __pfx___mmap_region+0x10/0x10
[  473.149618][T10441]  ? lock_acquire+0x179/0x330
[  473.149645][T10441]  ? finish_task_switch.isra.0+0x207/0xbd0
[  473.149714][T10441]  ? rcu_is_watching+0x12/0xc0
[  473.149746][T10441]  mmap_region+0x1ab/0x3f0
[  473.149770][T10441]  ? __get_unmapped_area+0x267/0x3f0
[  473.149801][T10441]  do_mmap+0xa3e/0x1210
[  473.149841][T10441]  ? __pfx_do_mmap+0x10/0x10
[  473.149870][T10441]  ? __pfx_down_write_killable+0x10/0x10
[  473.149896][T10441]  vm_mmap_pgoff+0x29e/0x470
[  473.149927][T10441]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  473.149955][T10441]  ? find_held_lock+0x2b/0x80
[  473.149983][T10441]  ? __x64_sys_futex+0x1e0/0x4c0
[  473.150004][T10441]  ? __x64_sys_futex+0x1e9/0x4c0
[  473.150029][T10441]  ksys_mmap_pgoff+0x7d/0x5c0
[  473.150055][T10441]  ? xfd_validate_state+0x61/0x180
[  473.150076][T10441]  __x64_sys_mmap+0x125/0x190
[  473.150097][T10441]  do_syscall_64+0xcd/0xf80
[  473.150128][T10441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.150147][T10441] RIP: 0033:0x7f5cde58f7c9
[  473.150163][T10441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.150181][T10441] RSP: 002b:00007f5cdf397038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  473.150200][T10441] RAX: ffffffffffffffda RBX: 00007f5cde7e6090 RCX: 00007f5cde58f7c9
[  473.150212][T10441] RDX: 00000000000000e2 RSI: 0000000000000008 RDI: 0000000000000000
[  473.150223][T10441] RBP: 00007f5cde613f91 R08: 00000000000069a5 R09: a800000000000000
[  473.150234][T10441] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  473.150245][T10441] R13: 00007f5cde7e6128 R14: 00007f5cde7e6090 R15: 00007ffeb337f2c8
[  473.150268][T10441]  </TASK>
[  474.231839][T10452] netlink: 4 bytes leftover after parsing attributes in process `syz.3.902'.
[  474.573746][T10456] block nbd0: NBD_DISCONNECT
[  475.819323][T10466] sd 0:0:1:0: PR command failed: 1026
[  475.965048][T10466] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  476.189630][T10466] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  481.006183][T10499] tipc: Started in network mode
[  481.122710][T10499] tipc: Node identity ffffffff, cluster identity 4711
[  481.217998][T10499] tipc: Node number set to 4294967295
[  481.321044][ T5837] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260
[  481.321073][ T5837] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5
[  482.240517][T10529] netlink: 4 bytes leftover after parsing attributes in process `syz.2.917'.
[  483.154668][T10533] netlink: 16 bytes leftover after parsing attributes in process `syz.4.916'.
[  485.815627][T10545] FAULT_INJECTION: forcing a failure.
[  485.815627][T10545] name failslab, interval 1, probability 0, space 0, times 0
[  485.910200][T10545] CPU: 1 UID: 0 PID: 10545 Comm: syz.4.919 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  485.910232][T10545] Tainted: [L]=SOFTLOCKUP
[  485.910239][T10545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  485.910250][T10545] Call Trace:
[  485.910256][T10545]  <TASK>
[  485.910263][T10545]  dump_stack_lvl+0x16c/0x1f0
[  485.910298][T10545]  should_fail_ex+0x512/0x640
[  485.910329][T10545]  ? __kmalloc_cache_noprof+0x5f/0x800
[  485.910354][T10545]  should_failslab+0xc2/0x120
[  485.910384][T10545]  __kmalloc_cache_noprof+0x80/0x800
[  485.910405][T10545]  ? _raw_read_unlock_irqrestore+0x3b/0x80
[  485.910435][T10545]  ? snd_pcm_attach_substream+0x441/0xd60
[  485.910465][T10545]  ? snd_pcm_attach_substream+0x441/0xd60
[  485.910490][T10545]  snd_pcm_attach_substream+0x441/0xd60
[  485.910520][T10545]  snd_pcm_open_substream+0x8d/0x1820
[  485.910546][T10545]  ? __pfx_snd_pcm_open_substream+0x10/0x10
[  485.910577][T10545]  snd_pcm_oss_open+0x735/0x1400
[  485.910603][T10545]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  485.910623][T10545]  ? __lock_acquire+0x436/0x2890
[  485.910641][T10545]  ? __pfx_default_wake_function+0x10/0x10
[  485.910669][T10545]  ? __lock_acquire+0x436/0x2890
[  485.910692][T10545]  ? do_raw_spin_lock+0x12c/0x2b0
[  485.910715][T10545]  ? soundcore_open+0x35a/0x580
[  485.910745][T10545]  ? __pfx_snd_pcm_oss_open+0x10/0x10
[  485.910765][T10545]  soundcore_open+0x40c/0x580
[  485.910799][T10545]  ? __pfx_soundcore_open+0x10/0x10
[  485.910828][T10545]  chrdev_open+0x234/0x6a0
[  485.910857][T10545]  ? __pfx_apparmor_file_open+0x10/0x10
[  485.910877][T10545]  ? __pfx_chrdev_open+0x10/0x10
[  485.910907][T10545]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  485.910942][T10545]  do_dentry_open+0x748/0x1590
[  485.910969][T10545]  ? __pfx_chrdev_open+0x10/0x10
[  485.911004][T10545]  vfs_open+0x82/0x3f0
[  485.911027][T10545]  path_openat+0x2078/0x3140
[  485.911082][T10545]  ? __pfx_path_openat+0x10/0x10
[  485.911119][T10545]  do_filp_open+0x20b/0x470
[  485.911148][T10545]  ? __pfx_do_filp_open+0x10/0x10
[  485.911192][T10545]  ? alloc_fd+0x471/0x7d0
[  485.911227][T10545]  do_sys_openat2+0x121/0x290
[  485.911248][T10545]  ? __pfx_do_sys_openat2+0x10/0x10
[  485.911277][T10545]  __x64_sys_openat+0x174/0x210
[  485.911299][T10545]  ? __pfx___x64_sys_openat+0x10/0x10
[  485.911336][T10545]  do_syscall_64+0xcd/0xf80
[  485.911367][T10545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.911387][T10545] RIP: 0033:0x7f182d98f7c9
[  485.911403][T10545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  485.911421][T10545] RSP: 002b:00007f182e87a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  485.911440][T10545] RAX: ffffffffffffffda RBX: 00007f182dbe6180 RCX: 00007f182d98f7c9
[  485.911453][T10545] RDX: 0000000000020342 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  485.911468][T10545] RBP: 00007f182da13f91 R08: 0000000000000000 R09: 0000000000000000
[  485.911480][T10545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  485.911491][T10545] R13: 00007f182dbe6218 R14: 00007f182dbe6180 R15: 00007ffd597f5378
[  485.911515][T10545]  </TASK>
[  490.463510][T10561] can: request_module (can-proto-0) failed.
[  490.763624][   T30] audit: type=1800 audit(1768024823.323:12): pid=10574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.924" name="dbroot" dev="configfs" ino=31967 res=0 errno=0
[  492.029707][T10584] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21
[  498.030241][T10612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  498.481599][T10612] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  498.658580][T10596] FAULT_INJECTION: forcing a failure.
[  498.658580][T10596] name failslab, interval 1, probability 0, space 0, times 0
[  498.846536][T10621] 
[  498.856577][T10612] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  498.897826][T10596] CPU: 1 UID: 0 PID: 10596 Comm: syz.3.931 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.897858][T10596] Tainted: [L]=SOFTLOCKUP
[  498.897865][T10596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  498.897877][T10596] Call Trace:
[  498.897884][T10596]  <TASK>
[  498.897891][T10596]  dump_stack_lvl+0x16c/0x1f0
[  498.897937][T10596]  should_fail_ex+0x512/0x640
[  498.897959][T10596]  ? kmem_cache_alloc_noprof+0x62/0x770
[  498.897985][T10596]  should_failslab+0xc2/0x120
[  498.898015][T10596]  kmem_cache_alloc_noprof+0x83/0x770
[  498.898037][T10596]  ? do_sys_openat2+0x121/0x290
[  498.898058][T10596]  ? __x64_sys_openat+0x174/0x210
[  498.898079][T10596]  ? fuse_request_alloc+0x22/0x200
[  498.898103][T10596]  ? fuse_request_alloc+0x22/0x200
[  498.898121][T10596]  fuse_request_alloc+0x22/0x200
[  498.898141][T10596]  fuse_get_req+0x748/0xff0
[  498.898167][T10596]  ? __pfx_fuse_get_req+0x10/0x10
[  498.898200][T10596]  fuse_simple_background+0x464/0x5f0
[  498.898221][T10596]  ? kasan_save_track+0x14/0x30
[  498.898248][T10596]  cuse_channel_open+0x561/0x7f0
[  498.898275][T10596]  ? __pfx_cuse_channel_open+0x10/0x10
[  498.898304][T10596]  misc_open+0x26d/0x450
[  498.898326][T10596]  ? __pfx_misc_open+0x10/0x10
[  498.898347][T10596]  chrdev_open+0x234/0x6a0
[  498.898375][T10596]  ? __pfx_apparmor_file_open+0x10/0x10
[  498.898395][T10596]  ? __pfx_chrdev_open+0x10/0x10
[  498.898425][T10596]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  498.898460][T10596]  do_dentry_open+0x748/0x1590
[  498.898487][T10596]  ? __pfx_chrdev_open+0x10/0x10
[  498.898521][T10596]  vfs_open+0x82/0x3f0
[  498.898544][T10596]  path_openat+0x2078/0x3140
[  498.898579][T10596]  ? __pfx_path_openat+0x10/0x10
[  498.898615][T10596]  do_filp_open+0x20b/0x470
[  498.898644][T10596]  ? __pfx_do_filp_open+0x10/0x10
[  498.898688][T10596]  ? alloc_fd+0x471/0x7d0
[  498.898734][T10596]  do_sys_openat2+0x121/0x290
[  498.898755][T10596]  ? __pfx_do_sys_openat2+0x10/0x10
[  498.898790][T10596]  __x64_sys_openat+0x174/0x210
[  498.898816][T10596]  ? __pfx___x64_sys_openat+0x10/0x10
[  498.898846][T10596]  do_syscall_64+0xcd/0xf80
[  498.898877][T10596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  498.898897][T10596] RIP: 0033:0x7fd44878f7c9
[  498.898914][T10596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  498.898940][T10596] RSP: 002b:00007fd449705038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  498.898958][T10596] RAX: ffffffffffffffda RBX: 00007fd4489e5fa0 RCX: 00007fd44878f7c9
[  498.898973][T10596] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  498.898984][T10596] RBP: 00007fd448813f91 R08: 0000000000000000 R09: 0000000000000000
[  498.898995][T10596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  498.899005][T10596] R13: 00007fd4489e6038 R14: 00007fd4489e5fa0 R15: 00007fff99a625c8
[  498.899030][T10596]  </TASK>
[  499.590648][T10612] page_type: f5(slab)
[  499.594909][T10612] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  499.607143][T10624] cougar: G6 mapped to space
[  499.779246][T10612] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  499.788467][T10612] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  499.986357][T10612] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  500.054825][T10612] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  500.112956][T10612] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  500.161721][T10612] page dumped because: unmovable page
[  500.199386][T10612] page_owner tracks the page as allocated
[  500.205247][T10612] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  500.350042][T10612]  post_alloc_hook+0x1af/0x220
[  500.350076][T10612]  get_page_from_freelist+0xd0b/0x31a0
[  500.350099][T10612]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  500.350121][T10612]  alloc_pages_mpol+0x1fb/0x550
[  500.350158][T10612]  new_slab+0x2c3/0x430
[  500.350239][T10612]  ___slab_alloc+0xe18/0x1c90
[  500.350260][T10612]  __slab_alloc.constprop.0+0x63/0x110
[  500.350280][T10612]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  500.350303][T10612]  shmem_alloc_inode+0x25/0x50
[  500.350328][T10612]  alloc_inode+0x64/0x240
[  500.350359][T10612]  new_inode+0x22/0x1c0
[  500.350378][T10612]  shmem_get_inode+0x19a/0xfb0
[  500.350406][T10612]  shmem_symlink+0xf4/0x960
[  500.350426][T10612]  vfs_symlink+0x4b5/0x800
[  500.350447][T10612]  do_symlinkat+0x353/0x4b0
[  500.350463][T10612]  __x64_sys_symlink+0x75/0x90
[  500.350480][T10612] page last free pid 1 tgid 1 stack trace:
[  500.350493][T10612]  __free_frozen_pages+0x7df/0x1170
[  500.350511][T10612]  free_contig_range+0x183/0x4a0
[  500.350528][T10612]  destroy_args+0xb95/0x14e0
[  500.350546][T10612]  debug_vm_pgtable+0x2220/0x38d0
[  500.350563][T10612]  do_one_initcall+0x123/0x680
[  500.350589][T10612]  kernel_init_freeable+0x5c8/0x920
[  500.350609][T10612]  kernel_init+0x1c/0x2b0
[  500.350631][T10612]  ret_from_fork+0x983/0xb10
[  500.350648][T10612]  ret_from_fork_asm+0x1a/0x30
[  502.151328][T10648] netlink: 334 bytes leftover after parsing attributes in process `syz.2.942'.
[  502.264860][T10644] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  502.377589][T10645] netlink: 146 bytes leftover after parsing attributes in process `syz.1.941'.
[  502.884438][T10654] netlink: 4 bytes leftover after parsing attributes in process `syz.4.945'.
[  503.526549][T10668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  503.635445][T10668] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  503.788060][T10668] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  503.902967][T10668] page_type: f5(slab)
[  504.013223][T10668] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  504.164235][T10668] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  504.182924][T10671] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  504.300569][T10671] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  504.363335][T10668] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  504.390395][T10671] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  504.434082][T10671] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  504.519716][T10668] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  504.533350][T10671] CPU0 is offline.
[  504.890138][T10690] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22
[  504.921044][T10668] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  505.374690][T10668] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  505.579958][T10668] page dumped because: unmovable page
[  505.585862][T10668] page_owner tracks the page as allocated
[  505.779840][T10668] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  505.825910][T10703] FAULT_INJECTION: forcing a failure.
[  505.825910][T10703] name failslab, interval 1, probability 0, space 0, times 0
[  505.991743][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  506.001758][T10705] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  506.038623][T10668]  post_alloc_hook+0x1af/0x220
[  506.069125][T10703] CPU: 1 UID: 0 PID: 10703 Comm: syz.2.955 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  506.069158][T10703] Tainted: [L]=SOFTLOCKUP
[  506.069164][T10703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  506.069175][T10703] Call Trace:
[  506.069182][T10703]  <TASK>
[  506.069190][T10703]  dump_stack_lvl+0x16c/0x1f0
[  506.069224][T10703]  should_fail_ex+0x512/0x640
[  506.069247][T10703]  ? __kmalloc_cache_noprof+0x5f/0x800
[  506.069272][T10703]  should_failslab+0xc2/0x120
[  506.069301][T10703]  __kmalloc_cache_noprof+0x80/0x800
[  506.069322][T10703]  ? ima_add_digest_entry+0x52/0x540
[  506.069357][T10703]  ? ima_add_digest_entry+0x52/0x540
[  506.069387][T10703]  ima_add_digest_entry+0x52/0x540
[  506.069420][T10703]  ima_add_template_entry+0x478/0x870
[  506.069453][T10703]  ? ima_alloc_init_template+0x19d/0x720
[  506.069474][T10703]  ? __pfx_ima_add_template_entry+0x10/0x10
[  506.069506][T10703]  ? ima_alloc_init_template+0x536/0x720
[  506.069532][T10703]  ima_add_violation+0x17f/0x3d0
[  506.069554][T10703]  ? __pfx_ima_add_violation+0x10/0x10
[  506.069574][T10703]  ? ima_d_path+0x12b/0x2a0
[  506.069594][T10703]  ? __pfx_ima_d_path+0x10/0x10
[  506.069619][T10703]  ? lockdep_init_map_type+0x5c/0x270
[  506.069639][T10703]  ? ima_inode_get+0x39d/0x580
[  506.069659][T10703]  process_measurement+0x16d7/0x22d0
[  506.069697][T10703]  ? __pfx_process_measurement+0x10/0x10
[  506.069729][T10703]  ? trace_contention_end+0xdd/0x110
[  506.069749][T10703]  ? __mutex_lock+0x27b/0x1ca0
[  506.069767][T10703]  ? find_held_lock+0x2b/0x80
[  506.069792][T10703]  ? tracing_check_open_get_tr.part.0+0xdc/0x190
[  506.069843][T10703]  ? tracing_check_open_get_tr.part.0+0xe1/0x190
[  506.069869][T10703]  ? inode_to_bdi+0x9e/0x160
[  506.069897][T10703]  ima_file_check+0xc7/0x110
[  506.069915][T10703]  ? __pfx_ima_file_check+0x10/0x10
[  506.069938][T10703]  security_file_post_open+0x8e/0x210
[  506.069963][T10703]  path_openat+0xe5f/0x3140
[  506.069999][T10703]  ? __pfx_path_openat+0x10/0x10
[  506.070036][T10703]  do_filp_open+0x20b/0x470
[  506.070072][T10703]  ? __pfx_do_filp_open+0x10/0x10
[  506.070117][T10703]  ? alloc_fd+0x471/0x7d0
[  506.070151][T10703]  do_sys_openat2+0x121/0x290
[  506.070173][T10703]  ? __pfx_do_sys_openat2+0x10/0x10
[  506.070203][T10703]  __x64_sys_openat+0x174/0x210
[  506.070225][T10703]  ? __pfx___x64_sys_openat+0x10/0x10
[  506.070257][T10703]  do_syscall_64+0xcd/0xf80
[  506.070289][T10703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.070308][T10703] RIP: 0033:0x7f5cde58f7c9
[  506.070323][T10703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  506.070341][T10703] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  506.070359][T10703] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  506.070371][T10703] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  506.070383][T10703] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  506.070394][T10703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  506.070404][T10703] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  506.070428][T10703]  </TASK>
[  506.759228][T10668]  get_page_from_freelist+0xd0b/0x31a0
[  506.779204][T10668]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  506.799211][T10668]  alloc_pages_mpol+0x1fb/0x550
[  506.804822][T10668]  new_slab+0x2c3/0x430
[  506.869247][T10668]  ___slab_alloc+0xe18/0x1c90
[  506.874523][T10668]  __slab_alloc.constprop.0+0x63/0x110
[  506.899198][T10668]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  506.914866][ T5837] Bluetooth: hci2: command 0x0c1a tx timeout
[  506.921594][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  506.942702][ T5148] Bluetooth: hci3: command 0x0c1a tx timeout
[  506.983834][T10668]  shmem_alloc_inode+0x25/0x50
[  506.993998][T10668]  alloc_inode+0x64/0x240
[  506.998858][T10668]  new_inode+0x22/0x1c0
[  507.039998][T10668]  shmem_get_inode+0x19a/0xfb0
[  507.059633][T10668]  shmem_symlink+0xf4/0x960
[  507.076665][T10668]  vfs_symlink+0x4b5/0x800
[  507.101217][T10668]  do_symlinkat+0x353/0x4b0
[  507.130529][T10668]  __x64_sys_symlink+0x75/0x90
[  507.159957][T10668] page last free pid 1 tgid 1 stack trace:
[  507.182968][T10668]  __free_frozen_pages+0x7df/0x1170
[  507.204831][T10668]  free_contig_range+0x183/0x4a0
[  507.237363][T10668]  destroy_args+0xb95/0x14e0
[  507.259552][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  507.266227][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  507.278126][T10668]  debug_vm_pgtable+0x2220/0x38d0
[  507.309707][T10668]  do_one_initcall+0x123/0x680
[  507.350317][T10668]  kernel_init_freeable+0x5c8/0x920
[  507.366139][T10668]  kernel_init+0x1c/0x2b0
[  507.376415][T10668]  ret_from_fork+0x983/0xb10
[  507.394455][T10668]  ret_from_fork_asm+0x1a/0x30
[  507.652194][T10705] CPU: 1 UID: 0 PID: 10705 Comm: syz.2.955 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  507.652227][T10705] Tainted: [L]=SOFTLOCKUP
[  507.652233][T10705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  507.652244][T10705] Call Trace:
[  507.652251][T10705]  <TASK>
[  507.652258][T10705]  dump_stack_lvl+0x16c/0x1f0
[  507.652292][T10705]  sysfs_warn_dup+0x7f/0xa0
[  507.652315][T10705]  sysfs_do_create_link_sd+0x124/0x140
[  507.652340][T10705]  sysfs_create_link+0x61/0xc0
[  507.652362][T10705]  device_add+0x652/0x1980
[  507.652393][T10705]  ? __pfx_device_add+0x10/0x10
[  507.652425][T10705]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  507.652455][T10705]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  507.652489][T10705]  wiphy_register+0x1ea1/0x2cc0
[  507.652508][T10705]  ? __rtnl_unlock+0x68/0xf0
[  507.652539][T10705]  ? net_rx_action+0x170/0xfa0
[  507.652566][T10705]  ? __pfx_wiphy_register+0x10/0x10
[  507.652586][T10705]  ? __asan_memset+0x23/0x50
[  507.652616][T10705]  ? ieee80211_init_rate_ctrl_alg+0x125/0x680
[  507.652651][T10705]  ieee80211_register_hw+0x2bb2/0x4160
[  507.652679][T10705]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  507.652699][T10705]  ? __pfx___debug_object_init+0x10/0x10
[  507.652734][T10705]  ? find_held_lock+0x2b/0x80
[  507.652759][T10705]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  507.652788][T10705]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  507.652817][T10705]  ? __hrtimer_setup+0x176/0x280
[  507.652843][T10705]  mac80211_hwsim_new_radio+0x3323/0x5150
[  507.652887][T10705]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  507.652917][T10705]  hwsim_new_radio_nl+0xba2/0x1330
[  507.652942][T10705]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  507.652972][T10705]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  507.652995][T10705]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  507.653020][T10705]  genl_family_rcv_msg_doit+0x209/0x2f0
[  507.653042][T10705]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  507.653062][T10705]  ? genl_get_cmd+0x194/0x580
[  507.653097][T10705]  ? bpf_lsm_capable+0x9/0x10
[  507.653123][T10705]  ? security_capable+0x7e/0x260
[  507.653155][T10705]  ? ns_capable+0xd7/0x110
[  507.653182][T10705]  genl_rcv_msg+0x55c/0x800
[  507.653203][T10705]  ? __pfx_genl_rcv_msg+0x10/0x10
[  507.653223][T10705]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  507.653254][T10705]  netlink_rcv_skb+0x158/0x420
[  507.653282][T10705]  ? __pfx_genl_rcv_msg+0x10/0x10
[  507.653302][T10705]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  507.653347][T10705]  ? netlink_deliver_tap+0x1ae/0xd30
[  507.653378][T10705]  genl_rcv+0x28/0x40
[  507.653399][T10705]  netlink_unicast+0x5aa/0x870
[  507.653432][T10705]  ? __pfx_netlink_unicast+0x10/0x10
[  507.653461][T10705]  ? __pfx___might_resched+0x10/0x10
[  507.653493][T10705]  ? __lock_acquire+0x436/0x2890
[  507.653517][T10705]  netlink_sendmsg+0x8c8/0xdd0
[  507.653550][T10705]  ? __pfx_netlink_sendmsg+0x10/0x10
[  507.653582][T10705]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  507.653620][T10705]  ____sys_sendmsg+0xa5d/0xc30
[  507.653639][T10705]  ? copy_msghdr_from_user+0x10a/0x160
[  507.653665][T10705]  ? __pfx_____sys_sendmsg+0x10/0x10
[  507.653682][T10705]  ? preempt_schedule_thunk+0x16/0x30
[  507.653705][T10705]  ? try_to_wake_up+0xa67/0x1860
[  507.653735][T10705]  ___sys_sendmsg+0x134/0x1d0
[  507.653761][T10705]  ? __pfx____sys_sendmsg+0x10/0x10
[  507.653786][T10705]  ? futex_private_hash_put+0x160/0x1b0
[  507.653833][T10705]  __sys_sendmsg+0x16d/0x220
[  507.653865][T10705]  ? __pfx___sys_sendmsg+0x10/0x10
[  507.653890][T10705]  ? __x64_sys_futex+0x1e0/0x4c0
[  507.653925][T10705]  do_syscall_64+0xcd/0xf80
[  507.653957][T10705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.653976][T10705] RIP: 0033:0x7f5cde58f7c9
[  507.653993][T10705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  507.654011][T10705] RSP: 002b:00007f5cdf397038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  507.654030][T10705] RAX: ffffffffffffffda RBX: 00007f5cde7e6090 RCX: 00007f5cde58f7c9
[  507.654042][T10705] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000007
[  507.654052][T10705] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  507.654063][T10705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.654074][T10705] R13: 00007f5cde7e6128 R14: 00007f5cde7e6090 R15: 00007ffeb337f2c8
[  507.654098][T10705]  </TASK>
[  509.032104][T10711] FAULT_INJECTION: forcing a failure.
[  509.032104][T10711] name failslab, interval 1, probability 0, space 0, times 0
[  509.183479][T10711] CPU: 1 UID: 0 PID: 10711 Comm: syz.4.957 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  509.183513][T10711] Tainted: [L]=SOFTLOCKUP
[  509.183519][T10711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  509.183530][T10711] Call Trace:
[  509.183537][T10711]  <TASK>
[  509.183545][T10711]  dump_stack_lvl+0x16c/0x1f0
[  509.183580][T10711]  should_fail_ex+0x512/0x640
[  509.183605][T10711]  should_failslab+0xc2/0x120
[  509.183635][T10711]  kmem_cache_alloc_node_noprof+0x86/0x800
[  509.183659][T10711]  ? __alloc_skb+0x156/0x410
[  509.183685][T10711]  ? __alloc_skb+0x156/0x410
[  509.183706][T10711]  __alloc_skb+0x156/0x410
[  509.183726][T10711]  ? __alloc_skb+0x35d/0x410
[  509.183747][T10711]  ? __pfx___alloc_skb+0x10/0x10
[  509.183771][T10711]  ? __lock_acquire+0x436/0x2890
[  509.183793][T10711]  __pskb_copy_fclone+0xef/0xb50
[  509.183828][T10711]  tipc_clone_to_loopback+0xe6/0x4b0
[  509.183856][T10711]  ? tipc_node_xmit+0x1ea/0xfc0
[  509.183887][T10711]  tipc_node_xmit+0xd2b/0xfc0
[  509.183912][T10711]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.183935][T10711]  ? __pfx_tipc_node_xmit+0x10/0x10
[  509.183975][T10711]  ? tipc_node_distr_xmit+0x177/0x3c0
[  509.184002][T10711]  tipc_node_distr_xmit+0x177/0x3c0
[  509.184040][T10711]  ? __pfx_tipc_node_distr_xmit+0x10/0x10
[  509.184073][T10711]  ? kfree+0x2f8/0x6e0
[  509.184091][T10711]  ? tipc_group_delete+0x2c1/0x490
[  509.184124][T10711]  tipc_group_delete+0x2e9/0x490
[  509.184150][T10711]  ? task_work_run+0x150/0x240
[  509.184169][T10711]  ? exit_to_user_mode_loop+0xfb/0x540
[  509.184190][T10711]  ? do_syscall_64+0x4ee/0xf80
[  509.184222][T10711]  ? __pfx_tipc_group_delete+0x10/0x10
[  509.184255][T10711]  ? __tipc_shutdown+0x729/0xee0
[  509.184283][T10711]  tipc_sk_leave+0x10e/0x1c0
[  509.184313][T10711]  ? __pfx_tipc_sk_leave+0x10/0x10
[  509.184342][T10711]  ? __pfx_woken_wake_function+0x10/0x10
[  509.184367][T10711]  ? tipc_sk_filtering+0x420/0x520
[  509.184391][T10711]  tipc_release+0x126/0x1650
[  509.184417][T10711]  ? down_write+0x14d/0x200
[  509.184435][T10711]  ? __pfx_down_write+0x10/0x10
[  509.184456][T10711]  ? __pfx_locks_remove_file+0x10/0x10
[  509.184483][T10711]  ? kmem_cache_free+0x171/0x770
[  509.184509][T10711]  __sock_release+0xb3/0x270
[  509.184536][T10711]  ? __pfx_sock_close+0x10/0x10
[  509.184561][T10711]  sock_close+0x1c/0x30
[  509.184585][T10711]  __fput+0x402/0xb70
[  509.184605][T10711]  ? _raw_spin_unlock_irq+0x23/0x50
[  509.184634][T10711]  task_work_run+0x150/0x240
[  509.184656][T10711]  ? __pfx_task_work_run+0x10/0x10
[  509.184674][T10711]  ? __do_sys_close_range+0x278/0x730
[  509.184709][T10711]  exit_to_user_mode_loop+0xfb/0x540
[  509.184735][T10711]  do_syscall_64+0x4ee/0xf80
[  509.184766][T10711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.184785][T10711] RIP: 0033:0x7f182d98f7c9
[  509.184801][T10711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  509.184820][T10711] RSP: 002b:00007f182e8bc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  509.184838][T10711] RAX: 0000000000000000 RBX: 00007f182dbe5fa0 RCX: 00007f182d98f7c9
[  509.184850][T10711] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002
[  509.184861][T10711] RBP: 00007f182da13f91 R08: 0000000000000000 R09: 0000000000000000
[  509.184871][T10711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  509.184882][T10711] R13: 00007f182dbe6038 R14: 00007f182dbe5fa0 R15: 00007ffd597f5378
[  509.184906][T10711]  </TASK>
[  510.827910][T10703] ima: OUT OF MEMORY ERROR creating queue entry
[  510.862673][   T30] audit: type=1804 audit(1768024843.423:13): pid=10703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.955" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=92 res=0 errno=0
[  510.962323][T10728] UHID_CREATE from different security context by process 871 (syz.4.960), this is not allowed.
[  510.998940][   T30] audit: type=1804 audit(1768024843.453:14): pid=10703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.955" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=92 res=0 errno=0
[  511.257649][T10724] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4)
[  511.828930][T10735] netlink: 222 bytes leftover after parsing attributes in process `syz.2.962'.
[  514.421720][T10760] FAULT_INJECTION: forcing a failure.
[  514.421720][T10760] name failslab, interval 1, probability 0, space 0, times 0
[  514.459955][T10756] netlink: 4 bytes leftover after parsing attributes in process `syz.4.967'.
[  514.700339][T10760] CPU: 1 UID: 0 PID: 10760 Comm: syz.2.968 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  514.700373][T10760] Tainted: [L]=SOFTLOCKUP
[  514.700380][T10760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  514.700390][T10760] Call Trace:
[  514.700397][T10760]  <TASK>
[  514.700404][T10760]  dump_stack_lvl+0x16c/0x1f0
[  514.700439][T10760]  should_fail_ex+0x512/0x640
[  514.700461][T10760]  ? __kmalloc_cache_noprof+0x5f/0x800
[  514.700486][T10760]  should_failslab+0xc2/0x120
[  514.700516][T10760]  __kmalloc_cache_noprof+0x80/0x800
[  514.700538][T10760]  ? create_filter_start.constprop.0+0x103/0x300
[  514.700564][T10760]  ? __asan_memcpy+0x3c/0x60
[  514.700588][T10760]  ? create_filter_start.constprop.0+0x103/0x300
[  514.700614][T10760]  create_filter_start.constprop.0+0x103/0x300
[  514.700643][T10760]  create_filter+0xb5/0x210
[  514.700669][T10760]  ? __pfx_create_filter+0x10/0x10
[  514.700705][T10760]  ? find_held_lock+0x2b/0x80
[  514.700733][T10760]  apply_event_filter+0x220/0x500
[  514.700759][T10760]  ? __pfx_apply_event_filter+0x10/0x10
[  514.700791][T10760]  ? __pfx_event_filter_write+0x10/0x10
[  514.700808][T10760]  event_filter_write+0x16d/0x290
[  514.700827][T10760]  vfs_writev+0x5df/0xde0
[  514.700859][T10760]  ? __pfx_vfs_writev+0x10/0x10
[  514.700884][T10760]  ? fdget_pos+0x2a2/0x370
[  514.700928][T10760]  ? __fget_files+0x20e/0x3c0
[  514.700961][T10760]  ? do_writev+0x132/0x340
[  514.700984][T10760]  do_writev+0x132/0x340
[  514.701009][T10760]  ? __pfx_do_writev+0x10/0x10
[  514.701040][T10760]  do_syscall_64+0xcd/0xf80
[  514.701071][T10760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  514.701091][T10760] RIP: 0033:0x7f5cde58f7c9
[  514.701106][T10760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  514.701124][T10760] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  514.701142][T10760] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  514.701154][T10760] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003
[  514.701165][T10760] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  514.701175][T10760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  514.701186][T10760] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  514.701209][T10760]  </TASK>
[  515.226904][T10765] netlink: 354 bytes leftover after parsing attributes in process `syz.4.967'.
[  520.875641][T10815] hub 1-0:1.0: USB hub found
[  520.948496][T10815] hub 1-0:1.0: 1 port detected
[  523.046067][T10837] netlink: 8 bytes leftover after parsing attributes in process `syz.1.983'.
[  525.160107][T10862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  525.770095][T10862] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  525.779082][T10862] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  526.187724][T10862] page_type: f5(slab)
[  526.212935][T10862] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  526.366138][T10862] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  526.841477][T10862] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  526.949662][T10862] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  526.959008][T10862] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  527.270417][T10862] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  527.389375][T10862] page dumped because: unmovable page
[  527.565776][T10862] page_owner tracks the page as allocated
[  527.767515][T10862] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  527.969376][T10862]  post_alloc_hook+0x1af/0x220
[  528.199214][T10862]  get_page_from_freelist+0xd0b/0x31a0
[  528.394037][T10862]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  528.546857][T10862]  alloc_pages_mpol+0x1fb/0x550
[  528.849241][T10862]  new_slab+0x2c3/0x430
[  528.956339][T10862]  ___slab_alloc+0xe18/0x1c90
[  528.984718][T10862]  __slab_alloc.constprop.0+0x63/0x110
[  529.183859][T10862]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  529.307737][T10862]  shmem_alloc_inode+0x25/0x50
[  529.521491][T10862]  alloc_inode+0x64/0x240
[  529.681780][T10862]  new_inode+0x22/0x1c0
[  529.709248][T10862]  shmem_get_inode+0x19a/0xfb0
[  529.745033][T10862]  shmem_symlink+0xf4/0x960
[  529.988052][T10862]  vfs_symlink+0x4b5/0x800
[  530.007379][T10862]  do_symlinkat+0x353/0x4b0
[  530.039454][T10862]  __x64_sys_symlink+0x75/0x90
[  530.109309][T10862] page last free pid 1 tgid 1 stack trace:
[  530.159441][T10862]  __free_frozen_pages+0x7df/0x1170
[  530.369358][T10862]  free_contig_range+0x183/0x4a0
[  530.377804][T10862]  destroy_args+0xb95/0x14e0
[  530.566598][T10862]  debug_vm_pgtable+0x2220/0x38d0
[  530.620077][T10862]  do_one_initcall+0x123/0x680
[  530.640492][T10862]  kernel_init_freeable+0x5c8/0x920
[  530.679093][T10862]  kernel_init+0x1c/0x2b0
[  530.701126][T10862]  ret_from_fork+0x983/0xb10
[  530.744418][T10862]  ret_from_fork_asm+0x1a/0x30
[  531.121681][T10894] dyndbg: expected <4096 bytes into control
[  531.216654][T10894] dyndbg: bad flag-op /, at start of /%*^[
[  531.256115][T10908] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE�r��҄y�*�"�l-���y–��L̓���]'
[  531.321433][T10908] CPU: 1 UID: 0 PID: 10908 Comm: syz.3.990 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  531.321465][T10908] Tainted: [L]=SOFTLOCKUP
[  531.321472][T10908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  531.321483][T10908] Call Trace:
[  531.321489][T10908]  <TASK>
[  531.321496][T10908]  dump_stack_lvl+0x16c/0x1f0
[  531.321531][T10908]  sysfs_warn_dup+0x7f/0xa0
[  531.321560][T10908]  sysfs_do_create_link_sd+0x124/0x140
[  531.321584][T10908]  sysfs_create_link+0x61/0xc0
[  531.321605][T10908]  device_add+0x652/0x1980
[  531.321637][T10908]  ? __pfx_device_add+0x10/0x10
[  531.321662][T10908]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  531.321694][T10908]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  531.321729][T10908]  wiphy_register+0x1ea1/0x2cc0
[  531.321747][T10908]  ? __rtnl_unlock+0x68/0xf0
[  531.321777][T10908]  ? net_rx_action+0x170/0xfa0
[  531.321804][T10908]  ? __pfx_wiphy_register+0x10/0x10
[  531.321823][T10908]  ? __asan_memset+0x23/0x50
[  531.321853][T10908]  ? ieee80211_init_rate_ctrl_alg+0x125/0x680
[  531.321888][T10908]  ieee80211_register_hw+0x2bb2/0x4160
[  531.321916][T10908]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  531.321935][T10908]  ? __pfx___debug_object_init+0x10/0x10
[  531.321970][T10908]  ? find_held_lock+0x2b/0x80
[  531.321995][T10908]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  531.322024][T10908]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  531.322052][T10908]  ? __hrtimer_setup+0x176/0x280
[  531.322078][T10908]  mac80211_hwsim_new_radio+0x3323/0x5150
[  531.322114][T10908]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  531.322139][T10908]  ? __asan_memcpy+0x3c/0x60
[  531.322164][T10908]  hwsim_new_radio_nl+0xba2/0x1330
[  531.322190][T10908]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  531.322219][T10908]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  531.322240][T10908]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  531.322269][T10908]  genl_family_rcv_msg_doit+0x209/0x2f0
[  531.322290][T10908]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  531.322310][T10908]  ? genl_get_cmd+0x194/0x580
[  531.322345][T10908]  ? bpf_lsm_capable+0x9/0x10
[  531.322370][T10908]  ? security_capable+0x7e/0x260
[  531.322401][T10908]  ? ns_capable+0xd7/0x110
[  531.322428][T10908]  genl_rcv_msg+0x55c/0x800
[  531.322450][T10908]  ? __pfx_genl_rcv_msg+0x10/0x10
[  531.322469][T10908]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  531.322500][T10908]  netlink_rcv_skb+0x158/0x420
[  531.322529][T10908]  ? __pfx_genl_rcv_msg+0x10/0x10
[  531.322554][T10908]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  531.322593][T10908]  ? netlink_deliver_tap+0x1ae/0xd30
[  531.322623][T10908]  genl_rcv+0x28/0x40
[  531.322638][T10908]  netlink_unicast+0x5aa/0x870
[  531.322670][T10908]  ? __pfx_netlink_unicast+0x10/0x10
[  531.322698][T10908]  ? __pfx___might_resched+0x10/0x10
[  531.322724][T10908]  ? __lock_acquire+0x436/0x2890
[  531.322748][T10908]  netlink_sendmsg+0x8c8/0xdd0
[  531.322781][T10908]  ? __pfx_netlink_sendmsg+0x10/0x10
[  531.322813][T10908]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  531.322849][T10908]  ____sys_sendmsg+0xa5d/0xc30
[  531.322868][T10908]  ? copy_msghdr_from_user+0x10a/0x160
[  531.322894][T10908]  ? __pfx_____sys_sendmsg+0x10/0x10
[  531.322917][T10908]  ? __pfx_futex_wake_mark+0x10/0x10
[  531.322946][T10908]  ___sys_sendmsg+0x134/0x1d0
[  531.322974][T10908]  ? __pfx____sys_sendmsg+0x10/0x10
[  531.322999][T10908]  ? futex_private_hash_put+0x160/0x1b0
[  531.323046][T10908]  __sys_sendmsg+0x16d/0x220
[  531.323072][T10908]  ? __pfx___sys_sendmsg+0x10/0x10
[  531.323097][T10908]  ? __x64_sys_futex+0x1e0/0x4c0
[  531.323133][T10908]  do_syscall_64+0xcd/0xf80
[  531.323164][T10908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.323184][T10908] RIP: 0033:0x7fd44878f7c9
[  531.323200][T10908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.323219][T10908] RSP: 002b:00007fd449705038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  531.323237][T10908] RAX: ffffffffffffffda RBX: 00007fd4489e5fa0 RCX: 00007fd44878f7c9
[  531.323249][T10908] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003
[  531.323259][T10908] RBP: 00007fd448813f91 R08: 0000000000000000 R09: 0000000000000000
[  531.323270][T10908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  531.323281][T10908] R13: 00007fd4489e6038 R14: 00007fd4489e5fa0 R15: 00007fff99a625c8
[  531.323305][T10908]  </TASK>
[  531.857922][T10894] dyndbg: flags parse failed
[  537.161193][T10955] FAULT_INJECTION: forcing a failure.
[  537.161193][T10955] name failslab, interval 1, probability 0, space 0, times 0
[  537.221139][T10955] CPU: 1 UID: 0 PID: 10955 Comm: syz.2.999 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  537.221171][T10955] Tainted: [L]=SOFTLOCKUP
[  537.221177][T10955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  537.221187][T10955] Call Trace:
[  537.221194][T10955]  <TASK>
[  537.221201][T10955]  dump_stack_lvl+0x16c/0x1f0
[  537.221235][T10955]  should_fail_ex+0x512/0x640
[  537.221256][T10955]  ? kmem_cache_alloc_node_noprof+0x65/0x800
[  537.221282][T10955]  should_failslab+0xc2/0x120
[  537.221314][T10955]  kmem_cache_alloc_node_noprof+0x86/0x800
[  537.221338][T10955]  ? __alloc_skb+0x156/0x410
[  537.221364][T10955]  ? __alloc_skb+0x156/0x410
[  537.221384][T10955]  __alloc_skb+0x156/0x410
[  537.221404][T10955]  ? __alloc_skb+0x35d/0x410
[  537.221424][T10955]  ? __pfx___alloc_skb+0x10/0x10
[  537.221446][T10955]  ? netlink_autobind.isra.0+0x158/0x370
[  537.221481][T10955]  netlink_alloc_large_skb+0x69/0x140
[  537.221511][T10955]  netlink_sendmsg+0x698/0xdd0
[  537.221690][T10955]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.221725][T10955]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  537.221761][T10955]  ____sys_sendmsg+0xa5d/0xc30
[  537.221780][T10955]  ? copy_msghdr_from_user+0x10a/0x160
[  537.221806][T10955]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.221833][T10955]  ___sys_sendmsg+0x134/0x1d0
[  537.221860][T10955]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.221909][T10955]  __sys_sendmsg+0x16d/0x220
[  537.221936][T10955]  ? __pfx___sys_sendmsg+0x10/0x10
[  537.221974][T10955]  do_syscall_64+0xcd/0xf80
[  537.222006][T10955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.222027][T10955] RIP: 0033:0x7f5cde58f7c9
[  537.222044][T10955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.222062][T10955] RSP: 002b:00007f5cdf397038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  537.222081][T10955] RAX: ffffffffffffffda RBX: 00007f5cde7e6090 RCX: 00007f5cde58f7c9
[  537.222093][T10955] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003
[  537.222104][T10955] RBP: 00007f5cdf397090 R08: 0000000000000000 R09: 0000000000000000
[  537.222115][T10955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.222125][T10955] R13: 00007f5cde7e6128 R14: 00007f5cde7e6090 R15: 00007ffeb337f2c8
[  537.222154][T10955]  </TASK>
[  541.054304][T10989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000
[  541.240346][T10989] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  541.419172][T10989] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  541.645380][T10989] page_type: f5(slab)
[  541.872954][T10989] raw: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  542.671387][T10989] raw: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  542.961372][T10989] head: 00fff00000000040 ffff88801cec5140 0000000000000000 0000000000000001
[  543.045942][T10989] head: 0000000000000000 0000000000130013 00000000f5000000 0000000000000000
[  543.176126][T10989] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff
[  543.244965][T10989] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  543.305225][T10989] page dumped because: unmovable page
[  543.417119][T10989] page_owner tracks the page as allocated
[  543.623676][T10989] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5200, tgid 5200 (udevd), ts 66443454953, free_ts 39393534515
[  543.934853][T10989]  post_alloc_hook+0x1af/0x220
[  543.958296][T10989]  get_page_from_freelist+0xd0b/0x31a0
[  543.974922][T10989]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  543.992306][T10989]  alloc_pages_mpol+0x1fb/0x550
[  544.004836][T10989]  new_slab+0x2c3/0x430
[  544.015574][T10989]  ___slab_alloc+0xe18/0x1c90
[  544.036452][T10989]  __slab_alloc.constprop.0+0x63/0x110
[  544.073818][T10989]  kmem_cache_alloc_lru_noprof+0x451/0x770
[  544.120960][T10989]  shmem_alloc_inode+0x25/0x50
[  544.133108][T10989]  alloc_inode+0x64/0x240
[  544.143873][T10989]  new_inode+0x22/0x1c0
[  544.159173][T10989]  shmem_get_inode+0x19a/0xfb0
[  544.170724][T10989]  shmem_symlink+0xf4/0x960
[  544.181741][T10989]  vfs_symlink+0x4b5/0x800
[  544.192078][T10989]  do_symlinkat+0x353/0x4b0
[  544.204706][T10989]  __x64_sys_symlink+0x75/0x90
[  544.217776][T10989] page last free pid 1 tgid 1 stack trace:
[  544.235781][T10989]  __free_frozen_pages+0x7df/0x1170
[  544.246800][T10989]  free_contig_range+0x183/0x4a0
[  544.264711][T10989]  destroy_args+0xb95/0x14e0
[  544.276357][T10989]  debug_vm_pgtable+0x2220/0x38d0
[  544.293345][T10989]  do_one_initcall+0x123/0x680
[  544.306641][T10989]  kernel_init_freeable+0x5c8/0x920
[  544.322759][T10989]  kernel_init+0x1c/0x2b0
[  544.333769][T10989]  ret_from_fork+0x983/0xb10
[  544.344120][T10989]  ret_from_fork_asm+0x1a/0x30
[  544.736190][T11028] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1015'.
[  545.083636][T11035] FAULT_INJECTION: forcing a failure.
[  545.083636][T11035] name failslab, interval 1, probability 0, space 0, times 0
[  545.195879][T11035] CPU: 1 UID: 0 PID: 11035 Comm: syz.4.1017 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  545.195915][T11035] Tainted: [L]=SOFTLOCKUP
[  545.195922][T11035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  545.195933][T11035] Call Trace:
[  545.195940][T11035]  <TASK>
[  545.195947][T11035]  dump_stack_lvl+0x16c/0x1f0
[  545.195981][T11035]  should_fail_ex+0x512/0x640
[  545.196002][T11035]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  545.196027][T11035]  should_failslab+0xc2/0x120
[  545.196057][T11035]  kmem_cache_alloc_noprof+0x83/0x770
[  545.196079][T11035]  ? skb_clone+0x190/0x3f0
[  545.196108][T11035]  ? skb_clone+0x190/0x3f0
[  545.196131][T11035]  skb_clone+0x190/0x3f0
[  545.196157][T11035]  netlink_deliver_tap+0xabd/0xd30
[  545.196188][T11035]  netlink_unicast+0x64c/0x870
[  545.196220][T11035]  ? __pfx_netlink_unicast+0x10/0x10
[  545.196256][T11035]  netlink_sendmsg+0x8c8/0xdd0
[  545.196287][T11035]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.196318][T11035]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  545.196354][T11035]  ____sys_sendmsg+0xa5d/0xc30
[  545.196373][T11035]  ? copy_msghdr_from_user+0x10a/0x160
[  545.196398][T11035]  ? __pfx_____sys_sendmsg+0x10/0x10
[  545.196426][T11035]  ___sys_sendmsg+0x134/0x1d0
[  545.196452][T11035]  ? __pfx____sys_sendmsg+0x10/0x10
[  545.196503][T11035]  __sys_sendmsg+0x16d/0x220
[  545.196528][T11035]  ? __pfx___sys_sendmsg+0x10/0x10
[  545.196568][T11035]  do_syscall_64+0xcd/0xf80
[  545.196598][T11035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.196618][T11035] RIP: 0033:0x7f182d98f7c9
[  545.196639][T11035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.196657][T11035] RSP: 002b:00007f182e89b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  545.196675][T11035] RAX: ffffffffffffffda RBX: 00007f182dbe6090 RCX: 00007f182d98f7c9
[  545.196687][T11035] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003
[  545.196698][T11035] RBP: 00007f182e89b090 R08: 0000000000000000 R09: 0000000000000000
[  545.196712][T11035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  545.196723][T11035] R13: 00007f182dbe6128 R14: 00007f182dbe6090 R15: 00007ffd597f5378
[  545.196746][T11035]  </TASK>
[  546.804573][T11031] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1016'.
[  546.923313][T11031] vlan1: entered promiscuous mode
[  546.960062][T11031] vlan1: entered allmulticast mode
[  546.965485][T11031] veth0_vlan: entered allmulticast mode
[  555.179392][T11136] syz.4.1036: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1
[  555.371607][T11136] CPU: 1 UID: 0 PID: 11136 Comm: syz.4.1036 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  555.371639][T11136] Tainted: [L]=SOFTLOCKUP
[  555.371646][T11136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  555.371656][T11136] Call Trace:
[  555.371662][T11136]  <TASK>
[  555.371669][T11136]  dump_stack_lvl+0x16c/0x1f0
[  555.371703][T11136]  warn_alloc+0x248/0x3a0
[  555.371727][T11136]  ? __pfx_warn_alloc+0x10/0x10
[  555.371751][T11136]  ? __lock_acquire+0x436/0x2890
[  555.371779][T11136]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  555.371798][T11136]  __vmalloc_node_range_noprof+0x12c2/0x16b0
[  555.371818][T11136]  ? __pfx___might_resched+0x10/0x10
[  555.371845][T11136]  ? rcu_is_watching+0x12/0xc0
[  555.371874][T11136]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  555.371892][T11136]  ? find_held_lock+0x2b/0x80
[  555.371919][T11136]  ? dvb_dvr_do_ioctl+0x7e/0x290
[  555.371937][T11136]  ? tomoyo_path_number_perm+0x295/0x580
[  555.371961][T11136]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  555.371979][T11136]  ? __pfx___mutex_lock+0x10/0x10
[  555.371997][T11136]  ? tomoyo_path_number_perm+0x18d/0x580
[  555.372020][T11136]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  555.372046][T11136]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  555.372064][T11136]  __vmalloc_node_noprof+0xad/0xf0
[  555.372082][T11136]  ? dvb_dvr_do_ioctl+0x15d/0x290
[  555.372103][T11136]  dvb_dvr_do_ioctl+0x15d/0x290
[  555.372125][T11136]  dvb_usercopy+0x167/0x340
[  555.372142][T11136]  ? __pfx_dvb_dvr_do_ioctl+0x10/0x10
[  555.372161][T11136]  ? __pfx_dvb_usercopy+0x10/0x10
[  555.372187][T11136]  ? __fget_files+0x20e/0x3c0
[  555.372225][T11136]  dvb_dvr_ioctl+0x29/0x40
[  555.372242][T11136]  ? __pfx_dvb_dvr_ioctl+0x10/0x10
[  555.372260][T11136]  __x64_sys_ioctl+0x18e/0x210
[  555.372284][T11136]  do_syscall_64+0xcd/0xf80
[  555.372315][T11136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.372335][T11136] RIP: 0033:0x7f182d98f7c9
[  555.372350][T11136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.372368][T11136] RSP: 002b:00007f182e89b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  555.372386][T11136] RAX: ffffffffffffffda RBX: 00007f182dbe6090 RCX: 00007f182d98f7c9
[  555.372398][T11136] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000003
[  555.372409][T11136] RBP: 00007f182da13f91 R08: 0000000000000000 R09: 0000000000000000
[  555.372420][T11136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  555.372430][T11136] R13: 00007f182dbe6128 R14: 00007f182dbe6090 R15: 00007ffd597f5378
[  555.372454][T11136]  </TASK>
[  555.372477][T11136] Mem-Info:
[  556.080765][T11143] FAULT_INJECTION: forcing a failure.
[  556.080765][T11143] name failslab, interval 1, probability 0, space 0, times 0
[  556.094267][T11143] CPU: 1 UID: 0 PID: 11143 Comm: syz.3.1037 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  556.094298][T11143] Tainted: [L]=SOFTLOCKUP
[  556.094304][T11143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  556.094315][T11143] Call Trace:
[  556.094321][T11143]  <TASK>
[  556.094328][T11143]  dump_stack_lvl+0x16c/0x1f0
[  556.094361][T11143]  should_fail_ex+0x512/0x640
[  556.094386][T11143]  should_failslab+0xc2/0x120
[  556.094415][T11143]  kmem_cache_alloc_noprof+0x83/0x770
[  556.094436][T11143]  ? lock_acquire+0x179/0x330
[  556.094453][T11143]  ? skb_clone+0x190/0x3f0
[  556.094482][T11143]  ? skb_clone+0x190/0x3f0
[  556.094504][T11143]  skb_clone+0x190/0x3f0
[  556.094529][T11143]  dev_queue_xmit_nit+0x25b/0xac0
[  556.094563][T11143]  dev_hard_start_xmit+0x56b/0x6e0
[  556.094588][T11143]  __dev_queue_xmit+0x6d7/0x46b0
[  556.094617][T11143]  ? __pfx___dev_queue_xmit+0x10/0x10
[  556.094651][T11143]  ? __asan_memcpy+0x3c/0x60
[  556.094674][T11143]  ? __asan_memcpy+0x3c/0x60
[  556.094696][T11143]  ? __skb_clone+0x570/0x760
[  556.094730][T11143]  netlink_deliver_tap+0xa87/0xd30
[  556.094762][T11143]  netlink_unicast+0x64c/0x870
[  556.094793][T11143]  ? __pfx_netlink_unicast+0x10/0x10
[  556.094828][T11143]  netlink_sendmsg+0x8c8/0xdd0
[  556.094859][T11143]  ? __pfx_netlink_sendmsg+0x10/0x10
[  556.094890][T11143]  ? aa_sock_msg_perm.constprop.0+0x100/0x1b0
[  556.094931][T11143]  ____sys_sendmsg+0xa5d/0xc30
[  556.094949][T11143]  ? copy_msghdr_from_user+0x10a/0x160
[  556.094974][T11143]  ? __pfx_____sys_sendmsg+0x10/0x10
[  556.095001][T11143]  ___sys_sendmsg+0x134/0x1d0
[  556.095027][T11143]  ? __pfx____sys_sendmsg+0x10/0x10
[  556.095077][T11143]  __sys_sendmsg+0x16d/0x220
[  556.095102][T11143]  ? __pfx___sys_sendmsg+0x10/0x10
[  556.095140][T11143]  do_syscall_64+0xcd/0xf80
[  556.095171][T11143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.095190][T11143] RIP: 0033:0x7fd44878f7c9
[  556.095214][T11143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.095232][T11143] RSP: 002b:00007fd4496e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  556.095250][T11143] RAX: ffffffffffffffda RBX: 00007fd4489e6090 RCX: 00007fd44878f7c9
[  556.095262][T11143] RDX: 0000000000000080 RSI: 0000200000000040 RDI: 0000000000000003
[  556.095273][T11143] RBP: 00007fd4496e4090 R08: 0000000000000000 R09: 0000000000000000
[  556.095283][T11143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.095294][T11143] R13: 00007fd4489e6128 R14: 00007fd4489e6090 R15: 00007fff99a625c8
[  556.095319][T11143]  </TASK>
[  558.409242][T11136] active_anon:3432 inactive_anon:101751 isolated_anon:0
[  558.409242][T11136]  active_file:22952 inactive_file:37660 isolated_file:0
[  558.409242][T11136]  unevictable:768 dirty:632 writeback:0
[  558.409242][T11136]  slab_reclaimable:11766 slab_unreclaimable:94294
[  558.409242][T11136]  mapped:61663 shmem:96785 pagetables:1412
[  558.409242][T11136]  sec_pagetables:0 bounce:0
[  558.409242][T11136]  kernel_misc_reclaimable:0
[  558.409242][T11136]  free:1229400 free_pcp:3690 free_cma:0
[  558.604637][T11158] zswap: compressor � not available
[  559.137642][T11136] Node 0 active_anon:13828kB inactive_anon:412752kB active_file:91792kB inactive_file:150508kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:186336kB dirty:2496kB writeback:0kB shmem:391196kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12384kB pagetables:5592kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  559.402776][T11176] Invalid ELF header magic: != ELF
[  559.489367][T11136] Node 1 active_anon:0kB inactive_anon:0kB active_file:64kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:60kB dirty:60kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  559.744614][T11136] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  559.994938][T11136] lowmem_reserve[]: 0 2481 2483 2483 2483
[  560.126982][T11136] Node 0 DMA32 free:975876kB boost:0kB min:34332kB low:42912kB high:51492kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13952kB inactive_anon:340340kB active_file:93100kB inactive_file:149208kB unevictable:1536kB writepending:2516kB zspages:4kB present:3129332kB managed:2541012kB mlocked:0kB bounce:0kB free_pcp:97476kB local_pcp:97476kB free_cma:0kB
[  560.439396][T11136] lowmem_reserve[]: 0 0 1 1 1
[  560.491855][T11136] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  560.790966][T11136] lowmem_reserve[]: 0 0 0 0 0
[  560.801242][T11136] Node 1 Normal free:3914248kB boost:0kB min:55548kB low:69432kB high:83316kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:64kB inactive_file:132kB unevictable:1536kB writepending:60kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  561.102654][T11136] lowmem_reserve[]: 0 0 0 0 0
[  561.107762][T11136] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  561.283792][T11136] Node 0 DMA32: 5043*4kB (UME) 3256*8kB (UM) 1462*16kB (UME) 344*32kB (UME) 351*64kB (UM) 113*128kB (UM) 241*256kB (UME) 57*512kB (UM) 69*1024kB (UME) 15*2048kB (UM) 188*4096kB (UM) = 1079852kB
[  561.493263][T11136] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  561.574792][T11136] Node 1 Normal: 174*4kB (UME) 62*8kB (UME) 44*16kB (UME) 237*32kB (UME) 94*64kB (UME) 35*128kB (UE) 12*256kB (UM) 6*512kB (UME) 3*1024kB (UM) 5*2048kB (UME) 946*4096kB (M) = 3914248kB
[  561.731494][T11136] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  561.817796][T11136] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  561.959578][T11136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  562.036418][T11136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  562.047351][T11193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1045'.
[  562.129201][T11136] 87805 total pagecache pages
[  562.189687][T11136] 9 pages in swap cache
[  562.233486][T11136] Free swap  = 124996kB
[  562.237973][T11136] Total swap = 124996kB
[  562.342819][T11136] 2097051 pages RAM
[  562.347097][T11136] 0 pages HighMem/MovableOnly
[  562.425501][T11136] 429772 pages reserved
[  562.475956][T11136] 0 pages cma reserved
[  563.585375][T11216] zswap: compressor  not available
[  566.285944][T11260] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1059'.
[  566.353464][T11260] veth1_macvtap: left promiscuous mode
[  567.406772][T11286] FAULT_INJECTION: forcing a failure.
[  567.406772][T11286] name failslab, interval 1, probability 0, space 0, times 0
[  567.456146][T11286] CPU: 1 UID: 0 PID: 11286 Comm: syz.2.1067 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  567.456180][T11286] Tainted: [L]=SOFTLOCKUP
[  567.456187][T11286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  567.456198][T11286] Call Trace:
[  567.456205][T11286]  <TASK>
[  567.456213][T11286]  dump_stack_lvl+0x16c/0x1f0
[  567.456248][T11286]  should_fail_ex+0x512/0x640
[  567.456270][T11286]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  567.456297][T11286]  should_failslab+0xc2/0x120
[  567.456326][T11286]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  567.456349][T11286]  ? __d_lookup+0x25c/0x4a0
[  567.456372][T11286]  ? __d_alloc+0x35/0xa80
[  567.456392][T11286]  ? __d_alloc+0x35/0xa80
[  567.456406][T11286]  __d_alloc+0x35/0xa80
[  567.456425][T11286]  d_alloc+0x4a/0x1e0
[  567.456443][T11286]  lookup_one_qstr_excl+0x175/0x250
[  567.456467][T11286]  start_dirop+0x59/0xb0
[  567.456493][T11286]  simple_start_creating+0xf4/0x100
[  567.456519][T11286]  ? __pfx_simple_start_creating+0x10/0x10
[  567.456544][T11286]  ? do_raw_spin_unlock+0x172/0x230
[  567.456568][T11286]  ? simple_pin_fs+0xa3/0x190
[  567.456592][T11286]  debugfs_start_creating.part.0+0x86/0x1c0
[  567.456625][T11286]  __debugfs_create_file+0xb3/0x530
[  567.456647][T11286]  debugfs_create_file_full+0x41/0x60
[  567.456668][T11286]  ref_tracker_dir_debugfs+0x19d/0x2f0
[  567.456692][T11286]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  567.456734][T11286]  ? lockdep_init_map_type+0x5c/0x270
[  567.456757][T11286]  preinit_net.part.0+0x24e/0x8f0
[  567.456785][T11286]  copy_net_ns+0x4cd/0x7c0
[  567.456816][T11286]  create_new_namespaces+0x3ea/0xab0
[  567.456847][T11286]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  567.456875][T11286]  ksys_unshare+0x45b/0xa40
[  567.456905][T11286]  ? __pfx_ksys_unshare+0x10/0x10
[  567.456936][T11286]  ? xfd_validate_state+0x61/0x180
[  567.456963][T11286]  __x64_sys_unshare+0x31/0x40
[  567.456992][T11286]  do_syscall_64+0xcd/0xf80
[  567.457023][T11286]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.457051][T11286] RIP: 0033:0x7f5cde58f7c9
[  567.457068][T11286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.457087][T11286] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  567.457106][T11286] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  567.457118][T11286] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  567.457130][T11286] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  567.457146][T11286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  567.457158][T11286] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  567.457183][T11286]  </TASK>
[  568.634789][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  568.642683][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  569.254938][T11284] FAULT_INJECTION: forcing a failure.
[  569.254938][T11284] name failslab, interval 1, probability 0, space 0, times 0
[  569.333616][T11284] CPU: 1 UID: 0 PID: 11284 Comm: syz.3.1066 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  569.333650][T11284] Tainted: [L]=SOFTLOCKUP
[  569.333657][T11284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  569.333668][T11284] Call Trace:
[  569.333675][T11284]  <TASK>
[  569.333683][T11284]  dump_stack_lvl+0x16c/0x1f0
[  569.333718][T11284]  should_fail_ex+0x512/0x640
[  569.333740][T11284]  ? fs_reclaim_acquire+0xae/0x150
[  569.333773][T11284]  should_failslab+0xc2/0x120
[  569.333802][T11284]  kmem_cache_alloc_noprof+0x83/0x770
[  569.333825][T11284]  ? __pfx_map_id_range_down+0x10/0x10
[  569.333852][T11284]  ? security_inode_alloc+0x3b/0x2b0
[  569.333876][T11284]  ? security_inode_alloc+0x3b/0x2b0
[  569.333895][T11284]  security_inode_alloc+0x3b/0x2b0
[  569.333917][T11284]  inode_init_always_gfp+0xced/0x1040
[  569.333949][T11284]  alloc_inode+0x86/0x240
[  569.333970][T11284]  path_from_stashed+0x25b/0x750
[  569.334000][T11284]  ? do_raw_read_unlock+0x44/0xe0
[  569.334026][T11284]  ns_get_path+0x60/0x80
[  569.334056][T11284]  proc_ns_get_link+0x121/0x230
[  569.334078][T11284]  ? __pfx_proc_ns_get_link+0x10/0x10
[  569.334101][T11284]  ? atime_needs_update+0x8b/0x710
[  569.334126][T11284]  pick_link+0xc96/0x13b0
[  569.334148][T11284]  ? __pfx_proc_ns_get_link+0x10/0x10
[  569.334172][T11284]  step_into_slowpath+0x6c6/0xf50
[  569.334201][T11284]  ? __pfx_step_into_slowpath+0x10/0x10
[  569.334227][T11284]  ? find_held_lock+0x2b/0x80
[  569.334258][T11284]  path_openat+0x10db/0x3140
[  569.334293][T11284]  ? __pfx_path_openat+0x10/0x10
[  569.334340][T11284]  do_filp_open+0x20b/0x470
[  569.334369][T11284]  ? __pfx_do_filp_open+0x10/0x10
[  569.334414][T11284]  ? alloc_fd+0x471/0x7d0
[  569.334448][T11284]  do_sys_openat2+0x121/0x290
[  569.334469][T11284]  ? __pfx_do_sys_openat2+0x10/0x10
[  569.334498][T11284]  __x64_sys_openat+0x174/0x210
[  569.334521][T11284]  ? __pfx___x64_sys_openat+0x10/0x10
[  569.334551][T11284]  do_syscall_64+0xcd/0xf80
[  569.334583][T11284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.334611][T11284] RIP: 0033:0x7fd44878e010
[  569.334627][T11284] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  569.334646][T11284] RSP: 002b:00007fd449704f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  569.334665][T11284] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd44878e010
[  569.334677][T11284] RDX: 0000000000000002 RSI: 00007fd449704fa0 RDI: 00000000ffffff9c
[  569.334689][T11284] RBP: 00007fd449704fa0 R08: 0000000000000000 R09: 0000000000000000
[  569.334700][T11284] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  569.334711][T11284] R13: 00007fd4489e6038 R14: 00007fd4489e5fa0 R15: 00007fff99a625c8
[  569.334734][T11284]  </TASK>
[  570.697480][T11322] random: crng reseeded on system resumption
[  570.925934][T11323] hub 1-0:1.0: USB hub found
[  570.937348][T11323] hub 1-0:1.0: 1 port detected
[  571.257590][T11333] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1077'.
[  573.341781][T11363] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 6 with max blocks 1 with error 117
[  573.493152][T11363] EXT4-fs (sda1): This should not happen!! Data will be lost
[  573.493152][T11363] 
[  574.067974][T11367] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1084'.
[  578.552911][   T62] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 6 with max blocks 1 with error 117
[  578.657723][   T62] EXT4-fs (sda1): This should not happen!! Data will be lost
[  578.657723][   T62] 
[  582.844494][T11509] bridge0: port 5(veth1_macvtap) entered blocking state
[  582.973883][T11509] bridge0: port 5(veth1_macvtap) entered disabled state
[  583.106594][T11509] veth1_macvtap: entered allmulticast mode
[  583.231580][T11509] veth1_macvtap: left allmulticast mode
[  583.501109][T11521] syz.4.1105 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  585.633428][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058c99400: rx timeout, send abort
[  585.644201][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888058c99400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session.
[  586.711827][T11561] bond0: option packets_per_slave: invalid value (X�n�p�)
[  586.785351][T11561] bond0: option packets_per_slave: allowed values 0 - 65535
[  588.221770][T11592] could not allocate digest TFM handle 
[  590.326646][T11622] mkiss: ax0: crc mode is auto.
[  591.646669][T11650] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  591.680807][T11650] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  591.710964][T11650] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  591.730036][T11650] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  591.759671][T11650] CPU0 is offline.
[  592.664728][T11684] FAULT_INJECTION: forcing a failure.
[  592.664728][T11684] name failslab, interval 1, probability 0, space 0, times 0
[  592.730299][T11684] CPU: 1 UID: 0 PID: 11684 Comm: syz.3.1131 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  592.730331][T11684] Tainted: [L]=SOFTLOCKUP
[  592.730337][T11684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  592.730348][T11684] Call Trace:
[  592.730353][T11684]  <TASK>
[  592.730360][T11684]  dump_stack_lvl+0x16c/0x1f0
[  592.730394][T11684]  should_fail_ex+0x512/0x640
[  592.730414][T11684]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  592.730440][T11684]  should_failslab+0xc2/0x120
[  592.730469][T11684]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  592.730493][T11684]  ? alloc_inode+0x64/0x240
[  592.730516][T11684]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  592.730546][T11684]  ? alloc_inode+0x64/0x240
[  592.730564][T11684]  alloc_inode+0x64/0x240
[  592.730584][T11684]  new_inode+0x22/0x1c0
[  592.730606][T11684]  __debugfs_create_file+0x105/0x530
[  592.730627][T11684]  debugfs_create_file_full+0x41/0x60
[  592.730648][T11684]  ref_tracker_dir_debugfs+0x19d/0x2f0
[  592.730671][T11684]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  592.730713][T11684]  ? lockdep_init_map_type+0x5c/0x270
[  592.730736][T11684]  preinit_net.part.0+0x24e/0x8f0
[  592.730768][T11684]  copy_net_ns+0x4cd/0x7c0
[  592.730798][T11684]  create_new_namespaces+0x3ea/0xab0
[  592.730830][T11684]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  592.730857][T11684]  ksys_unshare+0x45b/0xa40
[  592.730887][T11684]  ? __pfx_ksys_unshare+0x10/0x10
[  592.730917][T11684]  ? xfd_validate_state+0x61/0x180
[  592.730941][T11684]  __x64_sys_unshare+0x31/0x40
[  592.730977][T11684]  do_syscall_64+0xcd/0xf80
[  592.731009][T11684]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.731028][T11684] RIP: 0033:0x7fd44878f7c9
[  592.731043][T11684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  592.731061][T11684] RSP: 002b:00007fd4496e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  592.731078][T11684] RAX: ffffffffffffffda RBX: 00007fd4489e6090 RCX: 00007fd44878f7c9
[  592.731090][T11684] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  592.731101][T11684] RBP: 00007fd448813f91 R08: 0000000000000000 R09: 0000000000000000
[  592.731111][T11684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  592.731122][T11684] R13: 00007fd4489e6128 R14: 00007fd4489e6090 R15: 00007fff99a625c8
[  592.731145][T11684]  </TASK>
[  592.731152][T11684] debugfs: out of free dentries, can not create file 'net_refcnt@ffff88807ddf27d8'
[  593.194549][ T5148] Bluetooth: hci1: command 0x0c1a tx timeout
[  593.806235][ T5148] Bluetooth: hci4: command 0x0406 tx timeout
[  593.814414][ T5148] Bluetooth: hci2: command 0x0c1a tx timeout
[  593.821742][ T5843] Bluetooth: hci3: command 0x0c1a tx timeout
[  595.493239][T11708] netlink: 226 bytes leftover after parsing attributes in process `syz.1.1134'.
[  595.524789][T11708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1134'.
[  595.595627][T11708] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  595.694250][ T5837] Bluetooth: hci2: Unable to find connection for big 0xd2
[  596.133655][T11729] binder: 11727:11729 ioctl 4018620d 9 returned -22
[  596.712023][T11747] usbcore.quirks: string doesn't fit in 127 chars.
[  598.582360][T11761] Invalid ELF header magic: != ELF
[  598.758136][T11760] delete_channel: no stack
[  600.398834][T11787] FAULT_INJECTION: forcing a failure.
[  600.398834][T11787] name fail_futex, interval 1, probability 0, space 0, times 0
[  600.540730][T11787] CPU: 1 UID: 0 PID: 11787 Comm: syz.3.1149 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.540763][T11787] Tainted: [L]=SOFTLOCKUP
[  600.540770][T11787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  600.540781][T11787] Call Trace:
[  600.540787][T11787]  <TASK>
[  600.540795][T11787]  dump_stack_lvl+0x16c/0x1f0
[  600.540829][T11787]  should_fail_ex+0x512/0x640
[  600.540855][T11787]  get_futex_key+0x1d0/0x15f0
[  600.540877][T11787]  ? stack_trace_save+0x8e/0xc0
[  600.540907][T11787]  ? __pfx_get_futex_key+0x10/0x10
[  600.540929][T11787]  ? stack_depot_save_flags+0x29/0x9b0
[  600.540950][T11787]  ? __lock_acquire+0x436/0x2890
[  600.540972][T11787]  futex_wait_setup+0x9d/0x570
[  600.541004][T11787]  __futex_wait+0x193/0x2f0
[  600.541030][T11787]  ? __pfx___futex_wait+0x10/0x10
[  600.541058][T11787]  ? __pfx_futex_wake_mark+0x10/0x10
[  600.541087][T11787]  ? futex_hash+0x2c5/0x380
[  600.541108][T11787]  ? futex_private_hash_put+0x160/0x1b0
[  600.541128][T11787]  futex_wait+0xe8/0x380
[  600.541153][T11787]  ? __pfx_futex_wait+0x10/0x10
[  600.541186][T11787]  ? getname_flags.part.0+0x24c/0x550
[  600.541206][T11787]  ? getname_flags.part.0+0x1c5/0x550
[  600.541228][T11787]  do_futex+0x229/0x350
[  600.541249][T11787]  ? __pfx_do_futex+0x10/0x10
[  600.541272][T11787]  ? find_held_lock+0x2b/0x80
[  600.541298][T11787]  __x64_sys_futex+0x1e0/0x4c0
[  600.541321][T11787]  ? __x64_sys_openat+0x174/0x210
[  600.541342][T11787]  ? __pfx___x64_sys_futex+0x10/0x10
[  600.541371][T11787]  do_syscall_64+0xcd/0xf80
[  600.541402][T11787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.541421][T11787] RIP: 0033:0x7fd44878f7c9
[  600.541436][T11787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  600.541454][T11787] RSP: 002b:00007fd4496e40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  600.541472][T11787] RAX: ffffffffffffffda RBX: 00007fd4489e6098 RCX: 00007fd44878f7c9
[  600.541484][T11787] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd4489e6098
[  600.541494][T11787] RBP: 00007fd4489e6090 R08: 0000000000000000 R09: 0000000000000000
[  600.541505][T11787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  600.541515][T11787] R13: 00007fd4489e6128 R14: 00007fff99a624e0 R15: 00007fff99a625c8
[  600.541538][T11787]  </TASK>
[  602.054600][T11807] FAULT_INJECTION: forcing a failure.
[  602.054600][T11807] name failslab, interval 1, probability 0, space 0, times 0
[  602.132634][T11807] CPU: 1 UID: 0 PID: 11807 Comm: syz.3.1153 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  602.132668][T11807] Tainted: [L]=SOFTLOCKUP
[  602.132674][T11807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  602.132684][T11807] Call Trace:
[  602.132690][T11807]  <TASK>
[  602.132697][T11807]  dump_stack_lvl+0x16c/0x1f0
[  602.132732][T11807]  should_fail_ex+0x512/0x640
[  602.132755][T11807]  ? fs_reclaim_acquire+0xae/0x150
[  602.132786][T11807]  should_failslab+0xc2/0x120
[  602.132820][T11807]  __kmalloc_noprof+0xeb/0x910
[  602.132842][T11807]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  602.132873][T11807]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  602.132899][T11807]  tomoyo_realpath_from_path+0xc2/0x6e0
[  602.132931][T11807]  tomoyo_check_open_permission+0x2ab/0x3c0
[  602.132955][T11807]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  602.132999][T11807]  ? do_raw_spin_lock+0x12c/0x2b0
[  602.133027][T11807]  tomoyo_file_open+0x6b/0x90
[  602.133057][T11807]  security_file_open+0x84/0x1e0
[  602.133082][T11807]  do_dentry_open+0x597/0x1590
[  602.133112][T11807]  ? security_inode_permission+0xbf/0x260
[  602.133138][T11807]  vfs_open+0x82/0x3f0
[  602.133161][T11807]  path_openat+0x2078/0x3140
[  602.133195][T11807]  ? __pfx_path_openat+0x10/0x10
[  602.133232][T11807]  do_filp_open+0x20b/0x470
[  602.133261][T11807]  ? __pfx_do_filp_open+0x10/0x10
[  602.133306][T11807]  ? alloc_fd+0x471/0x7d0
[  602.133340][T11807]  do_sys_openat2+0x121/0x290
[  602.133361][T11807]  ? __pfx_do_sys_openat2+0x10/0x10
[  602.133390][T11807]  __x64_sys_openat+0x174/0x210
[  602.133412][T11807]  ? __pfx___x64_sys_openat+0x10/0x10
[  602.133443][T11807]  do_syscall_64+0xcd/0xf80
[  602.133474][T11807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.133494][T11807] RIP: 0033:0x7fd44878f7c9
[  602.133509][T11807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  602.133528][T11807] RSP: 002b:00007fd4496e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  602.133553][T11807] RAX: ffffffffffffffda RBX: 00007fd4489e6090 RCX: 00007fd44878f7c9
[  602.133565][T11807] RDX: 0000000000028401 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  602.133576][T11807] RBP: 00007fd448813f91 R08: 0000000000000000 R09: 0000000000000000
[  602.133587][T11807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  602.133598][T11807] R13: 00007fd4489e6128 R14: 00007fd4489e6090 R15: 00007fff99a625c8
[  602.133628][T11807]  </TASK>
[  602.133650][T11807] ERROR: Out of memory at tomoyo_realpath_from_path.
[  603.238560][ T5837] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18
[  603.425932][T11831] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations!
[  604.043941][T11839] zswap: compressor  not available
[  604.917543][T11857] zswap: compressor  not available
[  605.275944][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  605.475049][T11867] wlan1: mtu less than device minimum
[  605.526934][   T30] audit: type=1806 audit(1768024938.083:15): xattr="" res=-22
[  607.351647][ T5837] Bluetooth: hci4: command 0x0406 tx timeout
[  609.029973][ T3543] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 6 with max blocks 4 with error 117
[  609.053478][T11929] binder: BINDER_SET_CONTEXT_MGR already set
[  609.109992][ T3543] EXT4-fs (sda1): This should not happen!! Data will be lost
[  609.109992][ T3543] 
[  609.217856][T11929] binder: 11921:11929 ioctl 4018620d 9 returned -16
[  612.944536][T11989] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1190'.
[  613.032521][T11989] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1190'.
[  614.367719][T12014] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet.
[  615.697585][   T30] audit: type=1800 audit(1768024948.253:16): pid=12031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1199" name="dbroot" dev="configfs" ino=39332 res=0 errno=0
[  615.813468][T12033] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1200'.
[  616.036908][T11696] Bluetooth: hci2: unexpected event 0x20 length: 123 > 7
[  616.102566][T12033] bond0: (slave bond_slave_0): Releasing backup interface
[  616.178030][T12033] bond_slave_0 (unregistering): left promiscuous mode
[  616.205089][T12033] bond_slave_0 (unregistering): left allmulticast mode
[  617.260305][T12065] Invalid ELF header magic: != ELF
[  617.538277][T12070] cifs: Unknown parameter 'T.�����żc[���$⁍��)��U�ÑnE�-ʙ�l���-��	�-�_������5Z�o��m��fwY�h�*/�xD
lݩ���g�kǐA����7���9���X�a/f�_�AR������xM	�v��p��$^;��q�3���n���-
6��+e�k�����<�k�c�)n.�eM��Na��t��SM��1,'
[  617.670063][T12070] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  617.898961][T12070] CIFS mount error: No usable UNC path provided in device string!
[  617.898961][T12070] 
[  618.023095][T12070] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  619.959976][T11696] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13
[  619.989965][T12102] zswap: compressor  not available
[  623.181358][T12159] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1225'.
[  623.659849][T12165] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1227'.
[  623.708123][T12168] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1228'.
[  623.772829][T12168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  623.814289][T12168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  623.884233][T12168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  623.936537][T12168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  624.237937][T12175] FAULT_INJECTION: forcing a failure.
[  624.237937][T12175] name failslab, interval 1, probability 0, space 0, times 0
[  624.299217][T12175] CPU: 1 UID: 0 PID: 12175 Comm: syz.2.1230 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  624.299257][T12175] Tainted: [L]=SOFTLOCKUP
[  624.299264][T12175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  624.299275][T12175] Call Trace:
[  624.299282][T12175]  <TASK>
[  624.299289][T12175]  dump_stack_lvl+0x16c/0x1f0
[  624.299323][T12175]  should_fail_ex+0x512/0x640
[  624.299345][T12175]  ? __kmalloc_noprof+0xca/0x910
[  624.299368][T12175]  should_failslab+0xc2/0x120
[  624.299407][T12175]  __kmalloc_noprof+0xeb/0x910
[  624.299428][T12175]  ? sk_prot_alloc+0x1a8/0x2a0
[  624.299461][T12175]  ? sk_prot_alloc+0x1a8/0x2a0
[  624.299489][T12175]  sk_prot_alloc+0x1a8/0x2a0
[  624.299524][T12175]  sk_alloc+0x36/0xe30
[  624.299549][T12175]  __netlink_create+0x5e/0x2c0
[  624.299572][T12175]  ? __wake_up+0x3f/0x60
[  624.299600][T12175]  netlink_create+0x39e/0x620
[  624.299624][T12175]  ? __pfx_genl_bind+0x10/0x10
[  624.299640][T12175]  ? __pfx_genl_unbind+0x10/0x10
[  624.299667][T12175]  ? __pfx_genl_release+0x10/0x10
[  624.299692][T12175]  __sock_create+0x339/0x8a0
[  624.299715][T12175]  __sys_socket+0x14d/0x260
[  624.299734][T12175]  ? __pfx___sys_socket+0x10/0x10
[  624.299753][T12175]  ? xfd_validate_state+0x61/0x180
[  624.299769][T12175]  ? __pfx___do_sys_prctl+0x10/0x10
[  624.299798][T12175]  __x64_sys_socket+0x72/0xb0
[  624.299817][T12175]  ? lockdep_hardirqs_on+0x7c/0x110
[  624.299847][T12175]  do_syscall_64+0xcd/0xf80
[  624.299879][T12175]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  624.299898][T12175] RIP: 0033:0x7f5cde58f7c9
[  624.299914][T12175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.299932][T12175] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  624.299950][T12175] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  624.299962][T12175] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  624.299973][T12175] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  624.299983][T12175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  624.299994][T12175] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  624.300017][T12175]  </TASK>
[  625.166375][T11696] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  625.883258][T12198] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1236'.
[  626.115392][T12202] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1236'.
[  626.229034][T12198] HfR: entered promiscuous mode
[  627.526138][T12213] hub 8-0:1.0: USB hub found
[  627.572540][T12213] hub 8-0:1.0: 1 port detected
[  627.813974][T12224] kvm: user requested TSC rate below hardware speed
[  629.056815][T12240] FAULT_INJECTION: forcing a failure.
[  629.056815][T12240] name failslab, interval 1, probability 0, space 0, times 0
[  629.105773][T12240] CPU: 1 UID: 0 PID: 12240 Comm: syz.2.1247 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  629.105807][T12240] Tainted: [L]=SOFTLOCKUP
[  629.105814][T12240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  629.105826][T12240] Call Trace:
[  629.105833][T12240]  <TASK>
[  629.105841][T12240]  dump_stack_lvl+0x16c/0x1f0
[  629.105874][T12240]  should_fail_ex+0x512/0x640
[  629.105897][T12240]  ? __kmalloc_cache_noprof+0x5f/0x800
[  629.105921][T12240]  should_failslab+0xc2/0x120
[  629.105950][T12240]  __kmalloc_cache_noprof+0x80/0x800
[  629.105971][T12240]  ? seq_create_client1+0x4d/0x630
[  629.106003][T12240]  ? seq_create_client1+0x4d/0x630
[  629.106029][T12240]  ? __pfx_snd_seq_open+0x10/0x10
[  629.106055][T12240]  seq_create_client1+0x4d/0x630
[  629.106085][T12240]  ? __pfx_snd_seq_open+0x10/0x10
[  629.106112][T12240]  snd_seq_open+0x59/0x590
[  629.106139][T12240]  ? __pfx_snd_seq_open+0x10/0x10
[  629.106165][T12240]  snd_open+0x22d/0x4c0
[  629.106182][T12240]  ? __pfx_snd_open+0x10/0x10
[  629.106199][T12240]  chrdev_open+0x234/0x6a0
[  629.106228][T12240]  ? __pfx_apparmor_file_open+0x10/0x10
[  629.106248][T12240]  ? __pfx_chrdev_open+0x10/0x10
[  629.106286][T12240]  ? fsnotify_open_perm_and_set_mode+0x17c/0xa60
[  629.106327][T12240]  do_dentry_open+0x748/0x1590
[  629.106354][T12240]  ? __pfx_chrdev_open+0x10/0x10
[  629.106388][T12240]  vfs_open+0x82/0x3f0
[  629.106411][T12240]  path_openat+0x2078/0x3140
[  629.106446][T12240]  ? __pfx_path_openat+0x10/0x10
[  629.106483][T12240]  do_filp_open+0x20b/0x470
[  629.106511][T12240]  ? __pfx_do_filp_open+0x10/0x10
[  629.106555][T12240]  ? alloc_fd+0x471/0x7d0
[  629.106589][T12240]  do_sys_openat2+0x121/0x290
[  629.106609][T12240]  ? __pfx_do_sys_openat2+0x10/0x10
[  629.106639][T12240]  __x64_sys_openat+0x174/0x210
[  629.106661][T12240]  ? __pfx___x64_sys_openat+0x10/0x10
[  629.106691][T12240]  do_syscall_64+0xcd/0xf80
[  629.106723][T12240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.106747][T12240] RIP: 0033:0x7f5cde58f7c9
[  629.106763][T12240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.106781][T12240] RSP: 002b:00007f5cdf3b8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  629.106799][T12240] RAX: ffffffffffffffda RBX: 00007f5cde7e5fa0 RCX: 00007f5cde58f7c9
[  629.106811][T12240] RDX: 00000000001e3800 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  629.106822][T12240] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  629.106833][T12240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  629.106844][T12240] R13: 00007f5cde7e6038 R14: 00007f5cde7e5fa0 R15: 00007ffeb337f2c8
[  629.106868][T12240]  </TASK>
[  630.089116][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  630.095974][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  631.502014][T12261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1252'.
[  631.519949][T12244] kexec: Could not allocate control_code_buffer
[  631.558028][T12258] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1252'.
[  633.150906][T12287] FAULT_INJECTION: forcing a failure.
[  633.150906][T12287] name failslab, interval 1, probability 0, space 0, times 0
[  633.309364][T12287] CPU: 1 UID: 0 PID: 12287 Comm: syz.3.1258 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  633.309398][T12287] Tainted: [L]=SOFTLOCKUP
[  633.309405][T12287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  633.309416][T12287] Call Trace:
[  633.309423][T12287]  <TASK>
[  633.309431][T12287]  dump_stack_lvl+0x16c/0x1f0
[  633.309465][T12287]  should_fail_ex+0x512/0x640
[  633.309487][T12287]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  633.309515][T12287]  should_failslab+0xc2/0x120
[  633.309544][T12287]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  633.309568][T12287]  ? shmem_alloc_inode+0x25/0x50
[  633.309599][T12287]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  633.309624][T12287]  ? shmem_alloc_inode+0x25/0x50
[  633.309648][T12287]  shmem_alloc_inode+0x25/0x50
[  633.309674][T12287]  alloc_inode+0x64/0x240
[  633.309695][T12287]  new_inode+0x22/0x1c0
[  633.309717][T12287]  shmem_get_inode+0x19a/0xfb0
[  633.309749][T12287]  __shmem_file_setup+0x108/0x350
[  633.309777][T12287]  ? vm_area_alloc+0x1f/0x160
[  633.309798][T12287]  shmem_zero_setup+0x93/0x1b0
[  633.309822][T12287]  __mmap_region+0x2271/0x2a00
[  633.309847][T12287]  ? __lock_acquire+0x436/0x2890
[  633.309865][T12287]  ? __pfx___mmap_region+0x10/0x10
[  633.309893][T12287]  ? lock_acquire+0x179/0x330
[  633.309919][T12287]  ? finish_task_switch.isra.0+0x207/0xbd0
[  633.309985][T12287]  ? rcu_is_watching+0x12/0xc0
[  633.310017][T12287]  mmap_region+0x1ab/0x3f0
[  633.310043][T12287]  do_mmap+0xa3e/0x1210
[  633.310075][T12287]  ? __pfx_do_mmap+0x10/0x10
[  633.310102][T12287]  ? __pfx_down_write_killable+0x10/0x10
[  633.310127][T12287]  vm_mmap_pgoff+0x29e/0x470
[  633.310157][T12287]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  633.310189][T12287]  ? __x64_sys_futex+0x1e0/0x4c0
[  633.310209][T12287]  ? __x64_sys_futex+0x1e9/0x4c0
[  633.310234][T12287]  ksys_mmap_pgoff+0x7d/0x5c0
[  633.310266][T12287]  ? xfd_validate_state+0x61/0x180
[  633.310283][T12287]  ? __pfx_ksys_write+0x10/0x10
[  633.310314][T12287]  __x64_sys_mmap+0x125/0x190
[  633.310335][T12287]  do_syscall_64+0xcd/0xf80
[  633.310367][T12287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.310386][T12287] RIP: 0033:0x7fd44878f7c9
[  633.310402][T12287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  633.310420][T12287] RSP: 002b:00007fd449705038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  633.310438][T12287] RAX: ffffffffffffffda RBX: 00007fd4489e5fa0 RCX: 00007fd44878f7c9
[  633.310450][T12287] RDX: 0100001000000004 RSI: 0000000000000061 RDI: 0000000000000000
[  633.310461][T12287] RBP: 00007fd448813f91 R08: 0000000000000400 R09: 0000000000008000
[  633.310472][T12287] R10: 000000000000fa31 R11: 0000000000000246 R12: 0000000000000000
[  633.310482][T12287] R13: 00007fd4489e6038 R14: 00007fd4489e5fa0 R15: 00007fff99a625c8
[  633.310506][T12287]  </TASK>
[  633.783692][T12291] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1258'.
[  633.792892][T12291] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  638.711040][T12353] kafs: addr_prefs: Invalid Command
[  639.991998][   T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 3 with max blocks 2 with error 117
[  640.070739][   T13] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.070739][   T13] 
[  640.156872][   T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 1291 with max blocks 65 with error 117
[  640.263099][   T13] EXT4-fs (sda1): This should not happen!! Data will be lost
[  640.263099][   T13] 
[  640.800064][T12398] Invalid ELF header magic: != ELF
[  641.114720][T12404] openvswitch: netlink: Key type 261 is out of range max 32
[  642.701925][T12426] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1289'.
[  643.386781][T12435] WARNING! power/level is deprecated; use power/control instead
[  644.049816][T12448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1292'.
[  645.590856][T12480] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint
[  647.027332][T12501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1303'.
[  647.581738][T12506] FAULT_INJECTION: forcing a failure.
[  647.581738][T12506] name failslab, interval 1, probability 0, space 0, times 0
[  647.661404][T12506] CPU: 1 UID: 0 PID: 12506 Comm: syz.1.1304 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  647.661438][T12506] Tainted: [L]=SOFTLOCKUP
[  647.661445][T12506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  647.661456][T12506] Call Trace:
[  647.661465][T12506]  <TASK>
[  647.661473][T12506]  dump_stack_lvl+0x16c/0x1f0
[  647.661509][T12506]  should_fail_ex+0x512/0x640
[  647.661531][T12506]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[  647.661559][T12506]  should_failslab+0xc2/0x120
[  647.661601][T12506]  kmem_cache_alloc_lru_noprof+0x87/0x770
[  647.661628][T12506]  ? dquot_alloc_inode+0x51b/0xb90
[  647.661650][T12506]  ? __dquot_initialize+0x299/0xd50
[  647.661671][T12506]  ? __d_alloc+0x35/0xa80
[  647.661692][T12506]  ? __d_alloc+0x35/0xa80
[  647.661708][T12506]  __d_alloc+0x35/0xa80
[  647.661727][T12506]  d_alloc_pseudo+0x1c/0xc0
[  647.661750][T12506]  alloc_file_pseudo+0xcf/0x230
[  647.661772][T12506]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  647.661799][T12506]  __shmem_file_setup+0x1a8/0x350
[  647.661832][T12506]  shmem_zero_setup+0x93/0x1b0
[  647.661856][T12506]  __mmap_region+0x2271/0x2a00
[  647.661880][T12506]  ? __lock_acquire+0x436/0x2890
[  647.661899][T12506]  ? __pfx___mmap_region+0x10/0x10
[  647.661928][T12506]  ? lock_acquire+0x179/0x330
[  647.661953][T12506]  ? finish_task_switch.isra.0+0x207/0xbd0
[  647.662020][T12506]  ? rcu_is_watching+0x12/0xc0
[  647.662052][T12506]  mmap_region+0x1ab/0x3f0
[  647.662075][T12506]  ? __get_unmapped_area+0x267/0x3f0
[  647.662116][T12506]  do_mmap+0xa3e/0x1210
[  647.662148][T12506]  ? __pfx_do_mmap+0x10/0x10
[  647.662177][T12506]  ? __pfx_down_write_killable+0x10/0x10
[  647.662202][T12506]  vm_mmap_pgoff+0x29e/0x470
[  647.662233][T12506]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  647.662266][T12506]  ? __x64_sys_futex+0x1e0/0x4c0
[  647.662287][T12506]  ? __x64_sys_futex+0x1e9/0x4c0
[  647.662311][T12506]  ksys_mmap_pgoff+0x7d/0x5c0
[  647.662340][T12506]  ? xfd_validate_state+0x61/0x180
[  647.662357][T12506]  ? __pfx_ksys_write+0x10/0x10
[  647.662394][T12506]  __x64_sys_mmap+0x125/0x190
[  647.662417][T12506]  do_syscall_64+0xcd/0xf80
[  647.662449][T12506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.662469][T12506] RIP: 0033:0x7f437918f7c9
[  647.662487][T12506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.662505][T12506] RSP: 002b:00007f4379ff2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  647.662525][T12506] RAX: ffffffffffffffda RBX: 00007f43793e5fa0 RCX: 00007f437918f7c9
[  647.662537][T12506] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000
[  647.662548][T12506] RBP: 00007f4379213f91 R08: fffffffffffffffa R09: 0000000000008000
[  647.662559][T12506] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000
[  647.662569][T12506] R13: 00007f43793e6038 R14: 00007f43793e5fa0 R15: 00007ffd505cc698
[  647.662592][T12506]  </TASK>
[  648.456562][T12510] netlink: 'syz.3.1305': attribute type 21 has an invalid length.
[  648.479210][T12510] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1305'.
[  648.653387][T12514] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1306'.
[  649.458669][T12506] zram: Added device: zram1
[  650.760755][T12543] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1312'.
[  653.159014][T12569] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  653.201953][T12569] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  653.235153][T12569] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  653.245364][T12569] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  653.279682][T12569] CPU0 is offline.
[  653.397161][T12565] kexec: Could not allocate control_code_buffer
[  653.619521][T12579] input: jJǸ-���9�%v���J86�� as /devices/virtual/input/input27
[  653.807818][T12579] usb usb24: usbfs: process 12579 (syz.2.1319) did not claim interface 0 before use
[  653.943981][T12586] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1322'.
[  654.470140][T11696] Bluetooth: hci1: command 0x0c1a tx timeout
[  655.169229][   T30] audit: type=1804 audit(1768024987.723:17): pid=12607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1325" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=7 res=1 errno=0
[  655.269329][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout
[  655.275565][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  655.282766][T11696] Bluetooth: hci4: command 0x0406 tx timeout
[  656.811071][T12625] ==================================================================
[  656.811087][T12625] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70
[  656.811115][T12625] Read of size 46 at addr ffff888026070bde by task syz.2.1329/12625
[  656.811131][T12625] 
[  656.811143][T12625] CPU: 1 UID: 0 PID: 12625 Comm: syz.2.1329 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  656.811169][T12625] Tainted: [L]=SOFTLOCKUP
[  656.811176][T12625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  656.811186][T12625] Call Trace:
[  656.811192][T12625]  <TASK>
[  656.811199][T12625]  dump_stack_lvl+0x116/0x1f0
[  656.811229][T12625]  print_report+0xcd/0x630
[  656.811257][T12625]  ? __virt_addr_valid+0x81/0x610
[  656.811285][T12625]  ? __phys_addr+0xe8/0x180
[  656.811312][T12625]  ? fbcon_prepare_logo+0xa03/0xc70
[  656.811332][T12625]  kasan_report+0xe0/0x110
[  656.811358][T12625]  ? fbcon_prepare_logo+0xa03/0xc70
[  656.811380][T12625]  kasan_check_range+0x100/0x1b0
[  656.811399][T12625]  __asan_memcpy+0x23/0x60
[  656.811421][T12625]  fbcon_prepare_logo+0xa03/0xc70
[  656.811444][T12625]  fbcon_init+0xda0/0x1930
[  656.811463][T12625]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  656.811486][T12625]  visual_init+0x320/0x620
[  656.811507][T12625]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  656.811535][T12625]  store_bind+0x61d/0x760
[  656.811560][T12625]  ? sysfs_file_kobj+0xe4/0x290
[  656.811578][T12625]  ? __pfx_store_bind+0x10/0x10
[  656.811601][T12625]  dev_attr_store+0x58/0x80
[  656.811626][T12625]  ? __pfx_dev_attr_store+0x10/0x10
[  656.811650][T12625]  sysfs_kf_write+0xf2/0x150
[  656.811667][T12625]  kernfs_fop_write_iter+0x3af/0x570
[  656.811694][T12625]  ? __pfx_sysfs_kf_write+0x10/0x10
[  656.811713][T12625]  iter_file_splice_write+0xa24/0x12b0
[  656.811747][T12625]  ? __pfx_iter_file_splice_write+0x10/0x10
[  656.811777][T12625]  ? __pfx_copy_splice_read+0x10/0x10
[  656.811807][T12625]  ? __pfx_iter_file_splice_write+0x10/0x10
[  656.811836][T12625]  direct_splice_actor+0x192/0x6c0
[  656.811864][T12625]  splice_direct_to_actor+0x345/0xa30
[  656.811891][T12625]  ? __pfx_direct_splice_actor+0x10/0x10
[  656.811921][T12625]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  656.811957][T12625]  do_splice_direct+0x174/0x240
[  656.811984][T12625]  ? __pfx_do_splice_direct+0x10/0x10
[  656.812011][T12625]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  656.812039][T12625]  ? rw_verify_area+0xcf/0x6c0
[  656.812063][T12625]  do_sendfile+0xb06/0xe50
[  656.812088][T12625]  ? __pfx_do_sendfile+0x10/0x10
[  656.812114][T12625]  ? __x64_sys_futex+0x1e0/0x4c0
[  656.812135][T12625]  ? __x64_sys_futex+0x1e9/0x4c0
[  656.812156][T12625]  __x64_sys_sendfile64+0x1d8/0x220
[  656.812174][T12625]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  656.812195][T12625]  do_syscall_64+0xcd/0xf80
[  656.812224][T12625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.812243][T12625] RIP: 0033:0x7f5cde58f7c9
[  656.812258][T12625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.812276][T12625] RSP: 002b:00007f5cdf376038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  656.812294][T12625] RAX: ffffffffffffffda RBX: 00007f5cde7e6180 RCX: 00007f5cde58f7c9
[  656.812306][T12625] RDX: 0000000000000000 RSI: 0000000000000049 RDI: 0000000000000004
[  656.812317][T12625] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  656.812327][T12625] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  656.812338][T12625] R13: 00007f5cde7e6218 R14: 00007f5cde7e6180 R15: 00007ffeb337f2c8
[  656.812355][T12625]  </TASK>
[  656.812361][T12625] 
[  656.812365][T12625] Allocated by task 12625:
[  656.812374][T12625]  kasan_save_stack+0x33/0x60
[  656.812398][T12625]  kasan_save_track+0x14/0x30
[  656.812420][T12625]  __kasan_kmalloc+0xaa/0xb0
[  656.812442][T12625]  __kmalloc_noprof+0x33d/0x910
[  656.812460][T12625]  vc_do_resize+0x1de/0x10e0
[  656.812481][T12625]  fbcon_init+0xd7c/0x1930
[  656.812498][T12625]  visual_init+0x320/0x620
[  656.812515][T12625]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  656.812539][T12625]  store_bind+0x61d/0x760
[  656.812560][T12625]  dev_attr_store+0x58/0x80
[  656.812582][T12625]  sysfs_kf_write+0xf2/0x150
[  656.812597][T12625]  kernfs_fop_write_iter+0x3af/0x570
[  656.812622][T12625]  iter_file_splice_write+0xa24/0x12b0
[  656.812648][T12625]  direct_splice_actor+0x192/0x6c0
[  656.812673][T12625]  splice_direct_to_actor+0x345/0xa30
[  656.812698][T12625]  do_splice_direct+0x174/0x240
[  656.812722][T12625]  do_sendfile+0xb06/0xe50
[  656.812744][T12625]  __x64_sys_sendfile64+0x1d8/0x220
[  656.812759][T12625]  do_syscall_64+0xcd/0xf80
[  656.812785][T12625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.812802][T12625] 
[  656.812806][T12625] The buggy address belongs to the object at ffff888026070800
[  656.812806][T12625]  which belongs to the cache kmalloc-512 of size 512
[  656.812820][T12625] The buggy address is located 714 bytes to the right of
[  656.812820][T12625]  allocated 276-byte region [ffff888026070800, ffff888026070914)
[  656.812838][T12625] 
[  656.812843][T12625] The buggy address belongs to the physical page:
[  656.812851][T12625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x26070
[  656.812867][T12625] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  656.812881][T12625] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  656.812897][T12625] page_type: f5(slab)
[  656.812913][T12625] raw: 00fff00000000040 ffff88813ff26c80 0000000000000000 dead000000000001
[  656.812929][T12625] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  656.812952][T12625] head: 00fff00000000040 ffff88813ff26c80 0000000000000000 dead000000000001
[  656.812968][T12625] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  656.812985][T12625] head: 00fff00000000002 ffffea0000981c01 00000000ffffffff 00000000ffffffff
[  656.813001][T12625] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  656.813011][T12625] page dumped because: kasan: bad access detected
[  656.813020][T12625] page_owner tracks the page as allocated
[  656.813026][T12625] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 1, tgid 1 (swapper/0), ts 14983078986, free_ts 0
[  656.813055][T12625]  post_alloc_hook+0x1af/0x220
[  656.813073][T12625]  get_page_from_freelist+0xd0b/0x31a0
[  656.813093][T12625]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  656.813114][T12625]  new_slab+0xaf/0x430
[  656.813130][T12625]  ___slab_alloc+0xe18/0x1c90
[  656.813147][T12625]  __slab_alloc.constprop.0+0x63/0x110
[  656.813165][T12625]  __kmalloc_node_noprof+0x4d8/0x930
[  656.813188][T12625]  blk_alloc_flush_queue+0x11e/0x2d0
[  656.813222][T12625]  blk_mq_alloc_and_init_hctx+0x2db/0x1010
[  656.813239][T12625]  __blk_mq_realloc_hw_ctxs+0x4ad/0x800
[  656.813256][T12625]  blk_mq_init_allocated_queue+0x329/0x13d0
[  656.813280][T12625]  blk_mq_alloc_queue+0x1bb/0x280
[  656.813303][T12625]  __blk_mq_alloc_disk+0x29/0x120
[  656.813326][T12625]  nbd_dev_add+0x492/0xbb0
[  656.813347][T12625]  nbd_init+0x181/0x320
[  656.813369][T12625]  do_one_initcall+0x123/0x680
[  656.813393][T12625] page_owner free stack trace missing
[  656.813399][T12625] 
[  656.813403][T12625] Memory state around the buggy address:
[  656.813412][T12625]  ffff888026070a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  656.813425][T12625]  ffff888026070b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  656.813438][T12625] >ffff888026070b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  656.813448][T12625]                                                     ^
[  656.813458][T12625]  ffff888026070c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  656.813471][T12625]  ffff888026070c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  656.813481][T12625] ==================================================================
[  656.893324][T12625] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  656.893347][T12625] CPU: 1 UID: 0 PID: 12625 Comm: syz.2.1329 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  656.893376][T12625] Tainted: [L]=SOFTLOCKUP
[  656.893383][T12625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  656.893394][T12625] Call Trace:
[  656.893401][T12625]  <TASK>
[  656.893409][T12625]  dump_stack_lvl+0x3d/0x1f0
[  656.893442][T12625]  vpanic+0x640/0x6f0
[  656.893462][T12625]  panic+0xca/0xd0
[  656.893479][T12625]  ? __pfx_panic+0x10/0x10
[  656.893496][T12625]  ? fbcon_prepare_logo+0xa03/0xc70
[  656.893517][T12625]  ? preempt_schedule_common+0x44/0xc0
[  656.893545][T12625]  ? preempt_schedule_thunk+0x16/0x30
[  656.893564][T12625]  ? check_panic_on_warn+0x1f/0xb0
[  656.893583][T12625]  check_panic_on_warn+0xab/0xb0
[  656.893603][T12625]  end_report+0x107/0x160
[  656.893631][T12625]  kasan_report+0xee/0x110
[  656.893658][T12625]  ? fbcon_prepare_logo+0xa03/0xc70
[  656.893680][T12625]  kasan_check_range+0x100/0x1b0
[  656.893699][T12625]  __asan_memcpy+0x23/0x60
[  656.893721][T12625]  fbcon_prepare_logo+0xa03/0xc70
[  656.893745][T12625]  fbcon_init+0xda0/0x1930
[  656.893765][T12625]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  656.893789][T12625]  visual_init+0x320/0x620
[  656.893810][T12625]  do_bind_con_driver.isra.0+0x57a/0xbf0
[  656.893839][T12625]  store_bind+0x61d/0x760
[  656.893864][T12625]  ? sysfs_file_kobj+0xe4/0x290
[  656.893882][T12625]  ? __pfx_store_bind+0x10/0x10
[  656.893906][T12625]  dev_attr_store+0x58/0x80
[  656.893931][T12625]  ? __pfx_dev_attr_store+0x10/0x10
[  656.893964][T12625]  sysfs_kf_write+0xf2/0x150
[  656.893982][T12625]  kernfs_fop_write_iter+0x3af/0x570
[  656.894010][T12625]  ? __pfx_sysfs_kf_write+0x10/0x10
[  656.894028][T12625]  iter_file_splice_write+0xa24/0x12b0
[  656.894062][T12625]  ? __pfx_iter_file_splice_write+0x10/0x10
[  656.894092][T12625]  ? __pfx_copy_splice_read+0x10/0x10
[  656.894124][T12625]  ? __pfx_iter_file_splice_write+0x10/0x10
[  656.894153][T12625]  direct_splice_actor+0x192/0x6c0
[  656.894181][T12625]  splice_direct_to_actor+0x345/0xa30
[  656.894209][T12625]  ? __pfx_direct_splice_actor+0x10/0x10
[  656.894239][T12625]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  656.894269][T12625]  do_splice_direct+0x174/0x240
[  656.894296][T12625]  ? __pfx_do_splice_direct+0x10/0x10
[  656.894323][T12625]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  656.894351][T12625]  ? rw_verify_area+0xcf/0x6c0
[  656.894375][T12625]  do_sendfile+0xb06/0xe50
[  656.894401][T12625]  ? __pfx_do_sendfile+0x10/0x10
[  656.894427][T12625]  ? __x64_sys_futex+0x1e0/0x4c0
[  656.894448][T12625]  ? __x64_sys_futex+0x1e9/0x4c0
[  656.894470][T12625]  __x64_sys_sendfile64+0x1d8/0x220
[  656.894488][T12625]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  656.894509][T12625]  do_syscall_64+0xcd/0xf80
[  656.894539][T12625]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.894558][T12625] RIP: 0033:0x7f5cde58f7c9
[  656.894574][T12625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.894592][T12625] RSP: 002b:00007f5cdf376038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  656.894611][T12625] RAX: ffffffffffffffda RBX: 00007f5cde7e6180 RCX: 00007f5cde58f7c9
[  656.894623][T12625] RDX: 0000000000000000 RSI: 0000000000000049 RDI: 0000000000000004
[  656.894635][T12625] RBP: 00007f5cde613f91 R08: 0000000000000000 R09: 0000000000000000
[  656.894646][T12625] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000
[  656.894657][T12625] R13: 00007f5cde7e6218 R14: 00007f5cde7e6180 R15: 00007ffeb337f2c8
[  656.894674][T12625]  </TASK>
[  656.894738][T12625] Kernel Offset: disabled